summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2010-10-19Copyright/whitespace/comment cleanup in preparation for adding SMB2 paths.Jeremy Allison1-20/+27
2010-10-19Move tcons.num_open from smb1 to sconn->num_tcons_open as this is needed for ↵Jeremy Allison4-7/+11
SMB2 also.
2010-10-15Add make_default_filesystem_acl() function to be used in following change to ↵Jeremy Allison1-0/+110
acl_xattr and acl_tdb module.
2010-10-15Fix handling of "NULL" DACL. Map to u/g/w - rwx.Jeremy Allison1-23/+33
Jeremy.
2010-10-15Fix "force unknown ACL user" to strip out foreign SIDs from POSIX ACLs if ↵Jeremy Allison1-0/+8
they can't be mapped.
2010-10-15Fix bug #7734 - When creating files with "inherit ACLs" set to true, we ↵Jeremy Allison1-1/+1
neglect to apply appropriate create masks. Jeremy.
2010-10-15Fix bug #7733 - Invalid client DOS attributes on create can cause incorrect ↵Jeremy Allison1-0/+9
unix mode_t to be generated. It turns out a client can send an NTCreateX call for a new file, but specify FILE_ATTRIBUTE_DIRECTORY in the attribute list. Windows silently strips this, but we don't - causing the unix_mode() function to go through the "mode bits for new directory" codepath, instead of the "mode bits for new file" codepath. Jeremy.
2010-10-14s3: Remove smbd_server_conn from construct_replyVolker Lendecke1-4/+6
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Oct 14 12:35:07 UTC 2010 on sn-devel-104
2010-10-14s3: Lift smbd_server_conn from receive_smb_tallocVolker Lendecke1-10/+9
2010-10-14s3: Lift smbd_server_conn from receive_smb_raw_tallocVolker Lendecke1-8/+10
2010-10-14s3: Lift smbd_server_conn from receive_smb_raw_talloc_partial_readVolker Lendecke1-10/+10
2010-10-14s3: Remove some explicit smbd_server_conn refs in process_smb()Volker Lendecke1-2/+2
2010-10-14s3: Rename "conn" to the more used "sconn" in process_smb()Volker Lendecke1-7/+7
2010-10-14s3-auth Use security_token_debug() from common codeAndrew Bartlett1-1/+2
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett15-1/+15
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-11Canonicalize incoming and outgoing ACLs.Jeremy Allison1-4/+55
Jeremy.
2010-10-11Make the posix ACL module cope with a NULL incoming DACL and aJeremy Allison1-0/+31
missing owner/group. Jeremy.
2010-10-08s3: Hang the isilon kernel oplocks off the NULL contextVolker Lendecke1-1/+2
All I see is a fd_event that does not need a special destructor. Tim, Steven, I've added the #error as well for you to remove after review. Thanks, Volker Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 20:48:11 UTC 2010 on sn-devel-104
2010-10-08s3: Hang the irix kernel oplocks off the NULL ctxVolker Lendecke1-1/+1
Just a fd_event to be cleaned up. The pipe is closed implicitly.
2010-10-08s3: Hang the linux kernel oplocks off the NULL ctxVolker Lendecke1-1/+1
The destructor that is called removes the signal handler. But at process exit the signal handling is lost anyway.
2010-10-08s3: Call printer_list_parent_init in the parentVolker Lendecke1-0/+5
Simo, please check!
2010-10-08Move talloc_enable_null_tracking() to the s3 daemonsVolker Lendecke1-1/+7
2010-10-08s3: Fix input check in is_encrypted_packetVolker Lendecke1-1/+3
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 07:40:52 UTC 2010 on sn-devel-104
2010-10-08Fix bug 7716 - acl_xattr and acl_tdb modules don't store unmodified copies ↵Jeremy Allison1-1/+13
of security descriptors. As pointed out by an OEM, the code within smbd/posix_acl.c, even though passed a const pointer to a security descriptor, still modifies the ACE entries within it (which are not const pointers). This means ACLs stored in the extended attribute by the acl_xattr module have already been modified by the POSIX acl layer, and are not the original intent of storing the "unmodified" ACL from the client. Use dup_sec_desc to make a copy of the incoming ACL on talloc_tos() - that is what is then modified inside smbd/posix_acl.c, leaving the original ACL to be correctly stored in the xattr. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 8 00:37:53 UTC 2010 on sn-devel-104
2010-10-07s3: Fix the async echo responder for netbios keepalivesVolker Lendecke1-10/+23
This fixes a crash in the echo responder when the client started to send the NetBIOS-Level 0x85-style keepalive packets. We did not correctly check the packet length, so the code writing the signing seqnum overwrote memory after the malloc'ed area for the 4 byte keepalive packet. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 7 19:47:35 UTC 2010 on sn-devel-104
2010-10-06Fix crash in SMB2 rename found by gentest. We must always have an lcompJeremy Allison1-1/+1
in the destination struct for a rename, so set the flag appropriately. Jeremy.
2010-10-06s3: Make the write end of the echo responder pipe non-blockingVolker Lendecke1-0/+1
Without this, we can get a writable pipe end, but the writev call on the pipe will block. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Oct 6 13:57:30 UTC 2010 on sn-devel-104
2010-10-06Fix crash in SMB2 rename found by gentest. We must always have an lcompJeremy Allison1-1/+1
in the destination struct for a rename, so set the flag appropriately. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 6 00:29:51 UTC 2010 on sn-devel-104
2010-10-05s3: Stop using the write cache after an oplock breakVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Oct 5 10:09:38 UTC 2010 on sn-devel-104
2010-10-03s3: Remove smbd_server_conn from msg_force_tdisVolker Lendecke1-1/+7
2010-10-03s3: Remove smbd_server_conn from process_blocking_lock_cancel_messageVolker Lendecke1-1/+7
2010-10-03s3: Remove smbd_server_conn from smb1 receive_unlock_msgVolker Lendecke1-1/+9
2010-10-03s3: Remove smbd_server_conn from msg_file_was_renamedVolker Lendecke1-1/+8
2010-10-03s3: Remove smbd_server_conn from validate_my_share_entriesVolker Lendecke1-3/+5
2010-10-03s3: Remove smbd_server_conn from msg_close_fileVolker Lendecke1-1/+8
2010-10-03s3: Remove smbd_server_conn from smb2 receive_unlock_msgVolker Lendecke1-1/+9
2010-10-03s3: Remove smbd_server_conn from process_kernel_oplock_breakVolker Lendecke1-2/+8
2010-10-03s3: Remove smbd_server_conn from process_oplock_break_messageVolker Lendecke1-3/+8
2010-10-03s3: Remove smbd_server_conn from process_oplock_async_level2_break_messageVolker Lendecke1-2/+8
2010-10-03s3: Lift smbd_server_conn from initial_break_processingVolker Lendecke1-5/+9
2010-10-03s3: Add msg_ctx_to_sconnVolker Lendecke2-0/+15
2010-10-03s3: I thought I had compiled this....Volker Lendecke1-1/+1
2010-10-03s3: Attempt to fix the IRIX buildVolker Lendecke1-1/+1
2010-10-03s3: Attempt to fix a ton of warnings on the build farmVolker Lendecke1-0/+1
2010-10-03s3: Remove talloc_autofree_context() from dmapi.cVolker Lendecke1-2/+1
This is a place where an explicit dmapi_destroy_session would be needed. But we don't use a destructor for this.
2010-10-01s3:smbd: Increase unsupported IOCTL debug message to 2Steven Danneman1-2/+4
Even printing once per connection, level 0 was too spammy with Windows clients frequently sending FSCTL_GET_OBJECT_ID which is unsupported.
2010-10-01s3:events: Call all ready fd event handlers on each iteration of the main loopSteven Danneman1-19/+16
Previously, only one fd handler was being called per main message loop in all smbd child processes. In the case where multiple fds are available for reading the fd corresponding to the event closest to the beginning of the event list would be run. Obviously this is arbitrary and could cause unfairness. Usually, the first event fd is the network socket, meaning heavy load of client requests can starve out other fd events such as oplock or notify upcalls from the kernel. In this patch, I have changed the behavior of run_events() to unset any fd that it has already called a handler function, as well as decrement the number of fds that were returned from select(). This allows the caller of run_events() to iterate it, until all available fds have been handled. I then changed the main loop in smbd child processes to iterate run_events(). This way, all available fds are handled on each wake of select, while still checking for timed or signalled events between each handler function call. I also added an explicit check for EINTR from select(), which previously was masked by the fact that run_events() would handle any signal event before the return code was checked. This required a signature change to run_events() but all other callers should have no change in their behavior. I also fixed a bug in run_events() where it could be called with a selrtn value of -1, doing unecessary looping through the fd_event list when no fds were available. Also, remove the temporary echo handler hack, as all fds should be treated fairly now.
2010-10-01samba: share select wrappers.Günther Deschner1-0/+1
Guenther
2010-09-28s3: Attempt to fix bug 7518Volker Lendecke1-6/+6
If select returns -1, we can't rely on the fd sets. The current code might loop endlessly because when putting an invalid fd (the closed socket?) on the read set, a select implementation might choose not to touch it but directly return with EINVAL. Thus run_events will see the socket readable, which leads to a "return true", and thus a NT_STATUS_RETRY -> same game again. We should never get into this situation, but to me the logfiles given in bug 7518 do not reveal enough information to understand how this can happen.
2010-09-28s3: Increase the debuglevel for connection termination msgsVolker Lendecke1-2/+2