Age | Commit message (Collapse) | Author | Files | Lines |
|
When adding arbitrary aces to an nt_ace_list we need to make sure we
are not actually adding a duplicate.
add_or_replace_ace() takes care of doing the right thing.
|
|
Guenther
|
|
the system one is broken.
|
|
|
|
|
|
|
|
smbd to
access a freed structure.
Jeremy.
|
|
This optimizes non-recursive notifys. For non-recursive notifies we can use a
per-directory file-id indexed notify record. This matters for the Windows
Explorer and IIS cases which do not use recursive notifies. In these cases, we
do not have to shuffle around the whole notify record on every change.
For the cluster case, this improves correctness of the notifies, ctdb only
distributes the tdb seqnum once a second, so we can lose notifies.
|
|
|
|
What a difference a name makes... :-). Just because something is missnamed
SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN,
don't automatically use it for a security check in _samr_OpenDomain().
Jeremy.
|
|
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
|
|
This removes calls to push_*_allocate() and pull_*_allocate(), as well
as convert_string_allocate, as they are not in the common API
To allow transition to a common charcnv in future, provide Samba4-like
strupper functions in source3/lib/charcnv.c
(the actual implementation remains distinct, but the API is now shared)
Andrew Bartlett
|
|
This renames push_string in Samba3 into push_string_base and
push_string_check for the two different use cases.
This should allow push_string to be imported from Samba4, using it's
calling conventions.
|
|
|
|
The second r/o opener of a file is supposed to get a level2 oplock. The first
opener due to the protection in process_oplock_break_message() has been forced
to break to no oplock. The second opener according to locking.tdb gets a level2
oplock. Further down in open_file_ntcreate we try to set this level2 oplock in
the kernel, and the non-clustered Linux kernel disallows this. The rules for
the kernel leases are a bit baroque, but the attempt to do the SETLEASE
correctly fails and we end up with no oplock for any client.
In the clustered case however the linux kernel on the second opening node has
not seen the open fd of the first node, it is only the cluster fs that has this
information. If the cluster fs does not have the very same notion of leases as
the local kernel has, we can end up with a WRLCK style kernel lease for the
second opener where locking.tdb only indicates a level2 oplock. Getting a
kernel oplock break signal with just a level2 oplock in locking.tdb is
something smbd is not prepared for. For example after sending out the break in
response to the kernel signal we set a timeout, waiting for a reply.
More work needs to be done to make level2 kernel oplocks real for us. This
patch addresses a real problem we have right now without them.
|
|
This is fun -- XP still does this :-)
netbios retarget : foo = 192.168.234.10:1139
and if you connect to port 139 name foo, XP will happily do SMB over 1139
|
|
|
|
|
|
|
|
|
|
|
|
|
|
parameter "msdfs root = yes"
This was broken by the refactoring around create_file().
MSDFS pathname processing must be done FIRST.
MSDFS pathnames containing IPv6 addresses can
be confused with NTFS stream names (they contain
":" characters.
Jeremy.
|
|
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This removes all oplock dependence on locking.tdb
|
|
|
|
handle_trans() can talloc_free "conn" if the client requests
close_on_completion. "state" is a talloc_child of conn, so it will be gone when
we later free state->data et al.
|
|
|
|
|
|
if "hide dot files" is set. Thanks to Barry Kelly <bkelly.ie@gmail.com>
for pointing this one out.
Jeremy.
|
|
This fixes a "defined but not used" compile warning.
|
|
sbuf as invalid (if not already read via stat()). Still trying
to find the build farm RAW-STREAM errors and it's happening
in a openX call....
Jeremy.
|
|
|
|
We keep the seqnum/mid mapping in the smb_request structure.
This also moves one global variable into the
smbd_server_connection struct.
metze
|
|
too.
Otherwise we'll confuse the client signing engine, when we reply an error to each transs2.
metze
|
|
Looks like the pathname parsing for POSIX paths got
broken when the code for doing Windows streams parsing got added.
Jeremy.
|
|
metze
|
|
This code path can't really happen anymore, because
launchd support was removed with commit e5a951325a6cac8567af3a66de6d2df577508ae4.
But it's confusing to have that code there...
metze
|
|
|
|
|
|
|
|
Jeremy.
|
|
[MS-SMB] 3.3.5.1 Receiving Any Message says that the seqnum
is incremented by only for ntcancel requests for any other
request it's by incremented by 2, even if it doesn't expect
a response.
metze
|
|
Confirmed by reporters.
Jeremy.
|
|
This eliminates the last direct caller of create_file_unixpath
|
|
if admin user.
Jeremy.
|
|
Jeremy
|
|
We need to store the "force group" uid separately from the
conn->server_info token as we need to apply it separately also.
Volker PLEASE CHECK !
Jeremy.
|
|
Why?? :-)
Another one of the little micro-optimizations that I just came across: If you
allocate a variable in a sub-block like the "fstring sharename" in
write_file(), gcc even with -O3 will allocate this variable unconditionally on
the stack at the beginning of the routine. So with eliminating this fstring we
cut 256 bytes of stack in a very hot code path writing to a file. It might make
us a bit more cache-friendly.
This would probably not be worth a second look if it involved larger code
changes, but this one was just too simple to let it pass :-)
|