summaryrefslogtreecommitdiff
path: root/source3/smbd/process.c
AgeCommit message (Collapse)AuthorFilesLines
2000-08-02Started to canonicalize our handling of uid -> sid code in order toJeremy Allison1-2/+1
get ready and fix se_access_check(). Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid() functions that look via winbind first the fall back on local lookup. All Samba should use these rather than trying to call winbindd code directly. Added NT_USER_TOKEN struct in user_struct, contains list of NT sids associated with this user. se_access_check() should use this (cached) value rather than attempting to do the same thing itself when given a uid/gid pair. More work needs to be done to preserve these things accross security context changes (especially with the tricky pipe problem) but I'm beginning to see how this will be done..... probably by registering a new vuid for an authenticated RPC pipe and not treating the pipe calls specially. More thoughts needed - but we're almost there... Jeremy. (This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
2000-07-27Ok - this is a *BIG* change - but it fixes the problems with static stringsJeremy Allison1-0/+1
in the RPC code. This change was prompted by trying to save a long (>256) character comment in the printer properties page. The new system associates a TALLOC_CTX with the pipe struct, and frees the pool on return of a complete PDU. A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx code, and is freed in the main loop. This code works with insure, and seems to be free of memory leaks and crashes (so far) but there are probably the occasional problem with code that uses UNISTRxx structs on the stack and expects them to contain storage without doing a init_unistrXX(). This means that rpcclient will probably be horribly broken. A TALLOC_CTX also needed associating with the struct cli_state also, to make the prs_xx code there work. The main interface change is the addition of a TALLOC_CTX to the prs_init calls - used for dynamic allocation in the prs_XXX calls. Now this is in place it should make dynamic allocation of all RPC memory on unmarshall *much* easier to fix. Jeremy. (This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
2000-06-14allow the notify implementation to choose the select timeout changeAndrew Tridgell1-11/+11
(This used to be commit b1441d9622609af5ef598c5e1e1f5af438dc0731)
2000-06-12totally rewrote the async signal, notification and oplock notificationAndrew Tridgell1-133/+120
handling in Samba. This was needed due to several limitations and races in the previous code - as a side effect the new code is much cleaner :) in summary: - changed sys_select() to avoid a signal/select race condition. It is a rare race but once we have signals doing notification and oplocks it is important. - changed our main processing loop to take advantage of the new sys_select semantics - split the notify code into implementaion dependent and general parts. Added the following structure that defines an implementation: struct cnotify_fns { void * (*register_notify)(connection_struct *conn, char *path, uint32 flags); BOOL (*check_notify)(connection_struct *conn, uint16 vuid, char *path, uint32 flags, void *data, time_t t); void (*remove_notify)(void *data); }; then I wrote two implementations, one using hash/poll (like our old code) and the other using the new Linux kernel change notify. It should be easy to add other change notify implementations by creating a sructure of the above type. - fixed a bug in change notify where we were returning the wrong error code. - rewrote the core change notify code to be much simpler - moved to real-time signals for leases and change notify Amazingly, it all seems to work. I was very surprised! (This used to be commit 44766c39e0027c762bee8b33b12c621c109a3267)
2000-06-11Linux kernel oplocks now seem to work, but need a _lot_ of testingAndrew Tridgell1-51/+56
I had to modify sys_select() to not loop on EINTR. I added a wrapper called sys_select_intr() which gives the old behaviour. (This used to be commit b28cc4163bc2faaa80c5782fc02c8f03c410cdeb)
2000-06-03moved secrets fns into secrets.cAndrew Tridgell1-1/+1
(This used to be commit f890bcf06786e7c63bf76fad2fd46d287a99a270)
2000-05-28debug output to /tmp.Luke Leighton1-1/+1
(This used to be commit f9077e50cba5c7c3e6cf7739888120d8cc757c7c)
2000-05-27prs_give_memory in wrong place, also poss. was losing mem.Luke Leighton1-0/+27
(This used to be commit 9805e17cd0ce427c329a8b5a8318d5f75227e283)
2000-05-15passdb/secrets.c: Fix typo in comment.Jeremy Allison1-5/+0
rpc_server/srv_pipe.c: Use accessor functions rather than diddling with structure internals directly. smbd/process.c: smbd/reply.c: Remove READ_PREDICTION #ifdefs. Jeremy. (This used to be commit eba825ff030a175bd271caa6f543379dfdbbd646)
2000-05-10check for sighup on each packet - otherwise it can take a _long_ timeAndrew Tridgell1-0/+12
to reload services (This used to be commit 0fb4ba4e037f25b8b75bcae0ecb1d9b43f0f9e5f)
2000-05-10more merging voodooAndrew Tridgell1-0/+3
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic - this isn't permanent, it should go after another few merge steps have been done (This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
2000-05-08added secrets.tdb and changed storage of trust account password to useAndrew Tridgell1-10/+1
it (This used to be commit 88ad00b82acc4636ab57dfe710af08ea85b82ff1)
2000-05-02split the username in the vuser structure into a separateAndrew Tridgell1-1/+1
userdom_struct. As the name implies this also contains a domain (unused at the moment). This will be important shortly, as operation in appliance mode needs the domain to be always carried with the username. (This used to be commit ee8546342d5be90e730372b985710d764564b124)
2000-05-02Added sys_fork() and sys_getpid() functions to stop the overheadJeremy Allison1-1/+1
of doing a system call every time we want to just get our pid. Jeremy. (This used to be commit 148628b616b5c29ba6340d65fc3ddbcabba6e67a)
2000-04-30 - added some error checkingAndrew Tridgell1-8/+0
- removed the VTP hook in smbd (This used to be commit 09355fcd50e6c9c0c81e5f70ab9b7ff88aa897bf)
2000-04-27Ok - this is more subtle than it looks :-).Jeremy Allison1-1/+1
When a file is being closed, once it passes the fnum and tid tests then the locking context should be ignored when removing all locks. This is what is done in the brl close case, but when you have outstanding POSIX locks, then you cannot remove all the brl locks in one go, you have to get the lock list and call do_unlock individually. As this uses global_smbpid as the locking context, you need to make sure that this is set correctly for the specific lock being removed. I now do this by storing the smbpid in each entry in the unlock list returned from the query call. I removed the smbpid from fsp (not needed) and things seem ok (even with the stupid smbpid tricks that smbtorture plays :-). Jeremy. (This used to be commit 6baa96bb466915cc17e8cbad50254d6bd47b967b)
2000-04-27Fixed subtle unlocking bug when a file is closed. We need to store theJeremy Allison1-1/+1
smbpid used when a file was opened in the files_struct. Else we use the wrong global_smbpid when we are closing the file and trying to remove the brl locks - this causes the brl locks to be left when the file is closed as the samba_context check fails. Jeremy. (This used to be commit 2746e5602e493e5b022764b4b839eb4d2f14363b)
2000-04-15Log file check patch from Mattias Gronlund <Mattias.Gronlund@sa.erisoft.se>.Jeremy Allison1-0/+6
Modified to do checks in timeout processing not in main loop. This (IMHO) is the correct place as (a) we are already root, and (b) it is guarenteed to be called every 200 smb requests. Jeremy. (This used to be commit c3794fd29fdc4e5a0dbd725cdc24fe210934caf2)
2000-04-11finally got sick of the "extern int Client" code and the stupidAndrew Tridgell1-15/+11
assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
2000-03-08dded Microsoft Dfs services.Shirish Kalele1-2/+4
* added a new msdfs/ directory under source/ * added msdfs sources under this directory. * modified configure setup to add a --with-msdfs configure time option Modified Files: Makefile.in acconfig.h configure configure.in include/config.h.in include/includes.h include/proto.h include/smb.h include/smb_macros.h param/loadparm.c smbd/negprot.c smbd/nttrans.c smbd/process.c smbd/reply.c smbd/server.c smbd/trans2.c Added Files: include/msdfs.h msdfs/README msdfs/msdfs.c msdfs/msdfs_tdb.c msdfs/parse_dfs_map.c ---------------------------------------------------------------------- (This used to be commit 4684b4a188b54493dbe7f0de2909a8d3c5c3ebf9)
2000-01-25First set of speed improvements from Ying Chen <ying@almaden.ibm.com>.Jeremy Allison1-2/+0
Inline several commonly used functions as macros. Jeremy. (This used to be commit fc0219c7cc4b83e6db17d5b3be70d74fd7971089)
2000-01-14some more work on the byte range lockingAndrew Tridgell1-2/+7
note the ugly global_smbpid - I hope that won't bethere for long, I just didn't want to do two lots of major surgery at the one time. Using global_smbpid avoids the big change of getting rid of our inbuf/outbuf interface to reply routines. I'll do that once the locking stuff passes all tests. (This used to be commit f8bebf91abcaa5bda3ec8701f9242f220da8943a)
2000-01-05implemented talloc() as described on samba-technical. This fixes theAndrew Tridgell1-0/+3
lp_string() bug properly. we still need to add lp_talloc_free() calls in all the main event loops, I've only put it in smbd and nmbd thus far. (This used to be commit aa7f81552540f5dca2c146f5edd805611d5b390f)
1999-12-21Fix from tulipant-gergely@dbrt.hu for returning incorrect error codeJeremy Allison1-1/+1
on user auth fail. Jeremy. (This used to be commit 886ad59d798175f037ea9249dcefa78660e4992a)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-203/+298
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-01sys_select added one more argument (read, write selectors).Luke Leighton1-1/+1
(This used to be commit e4d92ff9dfc51735e6932748f66a7c20b2c1cb6a)
1999-11-15- added DCE/RPC "fault" PDU support.Luke Leighton1-1/+1
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be re-enabled but to be replaced with a better mechanism. - added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is sending DCE/RPC over SMBwrite not SMBwriteX. (This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
1999-09-12- initialising mach_passwd_file locks to zero (prev. uninit.)Luke Leighton1-1/+0
- cleanup - #defined report to sprintf as it's #defined to another function in other uses of cmd_lsarpc.c (This used to be commit 8fb2ff247a2fe0ec5ce0c232d8a3da9774f7e6ae)
1999-09-08bertl <bs@niggard.org> patch for making samba listen on port 445, just likeLuke Leighton1-0/+28
nt 5 does. cool! (This used to be commit 727e1421b2c0f8c72c428776593498103304082b)
1999-07-12Jean-Francois Micouleau's rewritten DFS patch, originally written byLuke Leighton1-1/+1
Nigel Williams. despite the data format being *exactly* the same as NT's, this still doesn't work yet. more work needed. (This used to be commit 270981960bb5aab52d2f8e494827101ece6729c4)
1999-04-08Mainly BDC-related changes.Matthew Chapman1-1/+5
* Added SEC_CHAN_BDC * Propagate sec_chan into the various functions which change trust account passwords, so they can be used for domain control and inter-domain trusts. (This used to be commit ca540c21f78b4bc8ca36ac3d5af2b8f67cf716c3)
1999-04-01Ken McDonell from SGI was interested in adding some profilingAndrew Tridgell1-0/+4
capabilities to Samba so that Samba could talk to the SGI PCP (Performance Co-Pilot) apps. This change adds a profiling shared memory area and uses it to count two fairly trivial things, the number of uid switches and the number of SMB packets processes. To add more just edit include/profile.h and then increment it at the right place. I've also added a -P switch to smbstatus to dump the profile area. (This used to be commit ef3d61a80ad0b87c196a63ef2bd4fe8fc3863bd0)
1998-10-16trust passwordLuke Leighton1-3/+3
(This used to be commit fa86770d56fd4a3e280ee4f5685e29dee2a713fb)
1998-10-15rpcclient interactive login (with trust account changing if you are root)Luke Leighton1-1/+1
cli_session_setup handles null sessions correctly (This used to be commit 60c0f22a4e84703467006dfe1971384a6294a9aa)
1998-10-07dce/rpcLuke Leighton1-1/+1
(This used to be commit 34afa638f6f7bb145ec094510ac58f7a22dfc3aa)
1998-09-23First cut at kernel oplocks. This should have no effect unless runninJeremy Allison1-8/+151
on a machine that supports them in autoconf. Move various functions out of lib/util.c into smbd/process.c and smbd/oplock.c where they belong. Jeremy. (This used to be commit c3c5e13f85c97939746070132dad941e79c546fb)
1998-09-17configure configure.in: Added checks for statvfs64. Last bit of 64 bit ↵Jeremy Allison1-2/+2
widening (I hope :-). include/config.h.in: Added #undef STAT_STATVFS64. include/includes.h: Added SMB_STRUCT_STATVFS type, Changed SMB_BIG_INTEGER to SMB_BIG_UINT and SMB_BIG_INT types. include/smb.h: Added flag defines from CIFS spec. lib/debug.c: Fixed one more mode_t issue. lib/system.c: Added sys_statvfs wrapper. lib/util.c: Changed trim_string to use size_t. param/loadparm.c: Moved "blocking locks" into locking section. Alphabetised locking options. Question - shuld we do this for all options ? passdb/ldap.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/nispass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/smbpass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. smbd/dfree.c: Changed to use 64 bit types if available. Moved to use unsigned types. smbd/dosmode.c: Fixed one more mode_t issue. smbd/negprot.c: Changed literals to be FLAG_ #defines. smbd/nttrans.c: Removed dead code. smbd/open.c: Changed disk_free call. smbd/process.c: Changed literals to be FLAG_ #defines. smbd/reply.c: Changed disk_free call. smbd/trans2.c: Fixed but in SMB_QUERY_FS_VOLUME_INFO call. Was using UNICODE - should use ascii. tests/summary.c: Added STAT_STATVFS64 check. Jeremy. (This used to be commit c512b1b91fb7f2a7a93b9033a33e06d966daadb4)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-157/+129
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-08-27This is the stat cache code - seems to work fine (needs heavyJeremy Allison1-0/+4
NetBench testing though.... :-). Attempts to efficiently reduce the number of stat() calls Samba does. Jeremy. (This used to be commit d0e48a2d8072c3e77a57ac6a2fb5044c05f03b41)
1998-08-20Turning on blocking locking code. NB. Blocking lock requests that are notJeremy Allison1-41/+31
the head of an SMB request (ie. are part of a chain) will not be queued - this will be fixed when we move to the new chain code. In practice, this doesn't seem to cause much of a problem (in my admittedly limited testing) bug a debug level zero message will be placed in the log when this happens to help determine how real the problem is. smbd/locking.c: New debug messages. smbd/blocking.c: New blocking code - handles SMBlock, SMBlockread and SMBlockingX smbd/chgpasswd.c: Fix for master fd leak. smbd/files.c: Tidyup comment. smbd/nttrans.c: Added fnum to debug message. smbd/process.c: Made chain_reply() use construct_reply_common(). Added blocking lock queue processing into idle loop. smbd/reply.c: Added queue pushes for SMBlock, SMBlockread and SMBlockingX. Jeremy. (This used to be commit e1dd03ecda0bc6d7eaa31070c83774bb5679fd1b)
1998-08-17removed some of the rough edges from the splitupAndrew Tridgell1-0/+5
(This used to be commit 722312c326d54849e2552327fcd88ac77257ad2c)
1998-08-17move soem variables from server.c that don't belong there.Andrew Tridgell1-1/+17
(This used to be commit f92475aa3cb3ade576c39c02c7996c949c42082a)
1998-08-17this completes the splitup of server.c.Andrew Tridgell1-0/+810
the splitup was done with an axe, not a scalpel, so there are some rough edges. I mostly wanted to get the general form right with fine tuning of what goes where to come later. Still, this is better than what we had before where server.c was a general repository for anything that didn't fit elsewhere. (This used to be commit a6d194886a4a5f7507fa37289ff96c1be56f14a6)