Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
|
|
metze
|
|
smbd_check_open_rights()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jul 11 22:45:01 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
metze
|
|
I think we should reject invalid access early,
before we might create new files.
Also smbd_check_open_rights() is only called if the file existed.
metze
|
|
metze
|
|
metze
|
|
to their only user and make them static. Add comments.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jul 8 21:01:40 CEST 2011 on sn-devel-104
|
|
change_to_root_user()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jul 8 13:45:46 CEST 2011 on sn-devel-104
|
|
This is handled by a common header and a .c file that is included into
both loadparm.c files.
In the process, _lp functions were renamed to lp__ to allow the common
function definition declarations to be used by source3 and source4
(which have different macro definitions).
The only parameter to change type is 'strict_locking' which was a
bool, and is now an int, to accommodate the 'Auto' value from source3.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jul 8 12:35:56 CEST 2011 on sn-devel-104
|
|
|
|
Move the num_requests field out of the smb1 struct into the generic
struct smbd_server_connection struct. Use it to count SMB2 requests
as well as SMB1 and ensure that check_log_size() is called every 50
SMB2 requests.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jul 8 01:14:53 CEST 2011 on sn-devel-104
|
|
For all requests which don't operate on a tcon, we should call
change_to_root_user(), to match the SMB1 behavior.
For SMB1 we do the following operations without AS_USER:
/* 0x70 */ { "SMBtcon",reply_tcon,0},
/* 0x71 */ { "SMBtdis",reply_tdis,DO_CHDIR},
/* 0x72 */ { "SMBnegprot",reply_negprot,0},
/* 0x73 */ { "SMBsesssetupX",reply_sesssetup_and_X,0},
/* 0x74 */ { "SMBulogoffX",reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
/* 0x75 */ { "SMBtconX",reply_tcon_and_X,0},
...
/* 0x2b */ { "SMBecho",reply_echo,0},
...
/* 0xa4 */ { "SMBntcancel",reply_ntcancel, 0 },
For SMB2tdis we still call smbd_smb2_request_check_tcon()
as close_cnum() calls change_to_root_user() when needed.
metze
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
use the correct alias instead of FD directly
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Tue Jul 5 19:51:42 CEST 2011 on sn-devel-104
|
|
We can't allow open with access that has been denied via the share
security descriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jul 5 16:21:54 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
when smbd tries to clean up locks after a premature end of a smb2
connection, lock_db has already been freed and so it crashes
this patch changes the order in which items are freed so that
lock_db is still around when it is needed
Jeremy, Metze, please check
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Mon Jul 4 20:00:26 CEST 2011 on sn-devel-104
|
|
smb2_tcon request
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jul 4 17:34:13 CEST 2011 on sn-devel-104
|
|
This is not strictly needed in the fork process model, but we hopefully
support other models in future.
metze
|
|
This allows libauth not to depend on smbd_base.
Andrew Bartlett
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
when CTDB is unhealthy, log a message and exit cleanly
instead of creating a core file
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Thu Jun 30 13:18:12 CEST 2011 on sn-devel-104
|
|
Pass in the correct vector to the signing algorithm in an async
response - we must start with vector[1] which has the SMB2_HDR_BODY
length, not vector[0] which is the 4 byte packet length. Also
note we're passing in 2 vectors not 3.
Metze please review.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jun 29 20:09:21 CEST 2011 on sn-devel-104
|
|
This defines a common table format, so we can in future define a
common table.
Andrew Bartlett
|
|
Caused by referencing an uninitialized variable in the
duplicated struct smbd_smb2_request when sending a signed
intermediate reply.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jun 29 04:37:28 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Jun 28 10:43:26 CEST 2011 on sn-devel-104
|
|
needed (bug #8260)
This should fix DCERPC responses with fragments larger than 1024 bytes.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jun 24 11:25:36 CEST 2011 on sn-devel-104
|
|
Move lp_acl_check_permissions() into can_delete_file_in_directory()
where it makes sense. Remove ACL check when requesting DELETE_ACCESS
when lp_acl_check_permissions is false.
Thanks to John Janosik @ IBM for noticing this.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jun 24 01:18:11 CEST 2011 on sn-devel-104
|
|
The only users I can find of this on the internet involve confused
users, and our own documentation recommends never setting this. Don't
confuse our users any longer.
Andrew Bartlett
|
|
The become_root() and similar 'smbd' functions that are used widely in
Samba libraries had 'dummy' copies in dummysmbd.c and dummyroot.c.
These have been replaced by a runtime plugin mechanim, which ensures
that standlone binaries still do nothing, while in smbd the correct
function is used.
This avoids having these as duplicate symbols in the smbd binary,
which can cause unpredictable behaviour.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
My previous patches fixed up all direct TDB callers, but there are a
few utility functions and the db_context functions which are still
using the old -1 / 0 return codes.
It's clearer to fix up all the callers of these too, so everywhere is
consistent: non-zero means an error.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
This is a helper for the common case of opening a tdb with a logging
function, but it doesn't do all the work, since TDB1 and TDB2's log
functions are different types.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
The typedef is TDB2 compatible, the struct isn't.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
TDB2 returns a negative error number on failure. This is compatible
if we always check for < 0 instead of == -1.
Also, there's no tdb_traverse_read in TDB2: we don't try to make
traverse reliable any more, so there are no write locks anyway.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
We change all the headers and wscript files to use tdb_compat; this
means we have one place to decide whether to use TDB1 or TDB2.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Rather than tdb's internal one.
|