summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2010-10-21Add code to implement SeSecurityPrivilege in net rpc rights, and in theJeremy Allison2-21/+18
open and get/set NT security descriptor code. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 21 00:15:57 UTC 2010 on sn-devel-104
2010-10-20Make getpwnam_alloc() static to lib/username.c, and ensure all username ↵Jeremy Allison2-2/+2
lookups go through Get_Pwnam_alloc(), which is the correct wrapper function. We were using it *some* of the time anyway, so this just makes us properly consistent. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
2010-10-20s3: Add some DEBUGVolker Lendecke1-0/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Oct 20 11:58:20 UTC 2010 on sn-devel-104
2010-10-20s3: Cope with EINTR in smbd_[un]lock_socketVolker Lendecke1-2/+10
2010-10-19Add deadtime detection for SMB2. Correctly update lastused timestamp across ↵Jeremy Allison2-30/+76
all active tcons. Should fix dfree cache not updating bug.
2010-10-19Add SMB2 paths to smbd/conn.c. Except for conn_idle_all(), to be cleaned up ↵Jeremy Allison1-32/+105
next.
2010-10-19Copyright/whitespace/comment cleanup in preparation for adding SMB2 paths.Jeremy Allison1-20/+27
2010-10-19Move tcons.num_open from smb1 to sconn->num_tcons_open as this is needed for ↵Jeremy Allison4-7/+11
SMB2 also.
2010-10-15Add make_default_filesystem_acl() function to be used in following change to ↵Jeremy Allison1-0/+110
acl_xattr and acl_tdb module.
2010-10-15Fix handling of "NULL" DACL. Map to u/g/w - rwx.Jeremy Allison1-23/+33
Jeremy.
2010-10-15Fix "force unknown ACL user" to strip out foreign SIDs from POSIX ACLs if ↵Jeremy Allison1-0/+8
they can't be mapped.
2010-10-15Fix bug #7734 - When creating files with "inherit ACLs" set to true, we ↵Jeremy Allison1-1/+1
neglect to apply appropriate create masks. Jeremy.
2010-10-15Fix bug #7733 - Invalid client DOS attributes on create can cause incorrect ↵Jeremy Allison1-0/+9
unix mode_t to be generated. It turns out a client can send an NTCreateX call for a new file, but specify FILE_ATTRIBUTE_DIRECTORY in the attribute list. Windows silently strips this, but we don't - causing the unix_mode() function to go through the "mode bits for new directory" codepath, instead of the "mode bits for new file" codepath. Jeremy.
2010-10-14s3: Remove smbd_server_conn from construct_replyVolker Lendecke1-4/+6
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Oct 14 12:35:07 UTC 2010 on sn-devel-104
2010-10-14s3: Lift smbd_server_conn from receive_smb_tallocVolker Lendecke1-10/+9
2010-10-14s3: Lift smbd_server_conn from receive_smb_raw_tallocVolker Lendecke1-8/+10
2010-10-14s3: Lift smbd_server_conn from receive_smb_raw_talloc_partial_readVolker Lendecke1-10/+10
2010-10-14s3: Remove some explicit smbd_server_conn refs in process_smb()Volker Lendecke1-2/+2
2010-10-14s3: Rename "conn" to the more used "sconn" in process_smb()Volker Lendecke1-7/+7
2010-10-14s3-auth Use security_token_debug() from common codeAndrew Bartlett1-1/+2
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett15-1/+15
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-11Canonicalize incoming and outgoing ACLs.Jeremy Allison1-4/+55
Jeremy.
2010-10-11Make the posix ACL module cope with a NULL incoming DACL and aJeremy Allison1-0/+31
missing owner/group. Jeremy.
2010-10-08s3: Hang the isilon kernel oplocks off the NULL contextVolker Lendecke1-1/+2
All I see is a fd_event that does not need a special destructor. Tim, Steven, I've added the #error as well for you to remove after review. Thanks, Volker Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 20:48:11 UTC 2010 on sn-devel-104
2010-10-08s3: Hang the irix kernel oplocks off the NULL ctxVolker Lendecke1-1/+1
Just a fd_event to be cleaned up. The pipe is closed implicitly.
2010-10-08s3: Hang the linux kernel oplocks off the NULL ctxVolker Lendecke1-1/+1
The destructor that is called removes the signal handler. But at process exit the signal handling is lost anyway.
2010-10-08s3: Call printer_list_parent_init in the parentVolker Lendecke1-0/+5
Simo, please check!
2010-10-08Move talloc_enable_null_tracking() to the s3 daemonsVolker Lendecke1-1/+7
2010-10-08s3: Fix input check in is_encrypted_packetVolker Lendecke1-1/+3
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 07:40:52 UTC 2010 on sn-devel-104
2010-10-08Fix bug 7716 - acl_xattr and acl_tdb modules don't store unmodified copies ↵Jeremy Allison1-1/+13
of security descriptors. As pointed out by an OEM, the code within smbd/posix_acl.c, even though passed a const pointer to a security descriptor, still modifies the ACE entries within it (which are not const pointers). This means ACLs stored in the extended attribute by the acl_xattr module have already been modified by the POSIX acl layer, and are not the original intent of storing the "unmodified" ACL from the client. Use dup_sec_desc to make a copy of the incoming ACL on talloc_tos() - that is what is then modified inside smbd/posix_acl.c, leaving the original ACL to be correctly stored in the xattr. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 8 00:37:53 UTC 2010 on sn-devel-104
2010-10-07s3: Fix the async echo responder for netbios keepalivesVolker Lendecke1-10/+23
This fixes a crash in the echo responder when the client started to send the NetBIOS-Level 0x85-style keepalive packets. We did not correctly check the packet length, so the code writing the signing seqnum overwrote memory after the malloc'ed area for the 4 byte keepalive packet. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 7 19:47:35 UTC 2010 on sn-devel-104
2010-10-06Fix crash in SMB2 rename found by gentest. We must always have an lcompJeremy Allison1-1/+1
in the destination struct for a rename, so set the flag appropriately. Jeremy.
2010-10-06s3: Make the write end of the echo responder pipe non-blockingVolker Lendecke1-0/+1
Without this, we can get a writable pipe end, but the writev call on the pipe will block. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Oct 6 13:57:30 UTC 2010 on sn-devel-104
2010-10-06Fix crash in SMB2 rename found by gentest. We must always have an lcompJeremy Allison1-1/+1
in the destination struct for a rename, so set the flag appropriately. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 6 00:29:51 UTC 2010 on sn-devel-104
2010-10-05s3: Stop using the write cache after an oplock breakVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Oct 5 10:09:38 UTC 2010 on sn-devel-104
2010-10-03s3: Remove smbd_server_conn from msg_force_tdisVolker Lendecke1-1/+7
2010-10-03s3: Remove smbd_server_conn from process_blocking_lock_cancel_messageVolker Lendecke1-1/+7
2010-10-03s3: Remove smbd_server_conn from smb1 receive_unlock_msgVolker Lendecke1-1/+9
2010-10-03s3: Remove smbd_server_conn from msg_file_was_renamedVolker Lendecke1-1/+8
2010-10-03s3: Remove smbd_server_conn from validate_my_share_entriesVolker Lendecke1-3/+5
2010-10-03s3: Remove smbd_server_conn from msg_close_fileVolker Lendecke1-1/+8
2010-10-03s3: Remove smbd_server_conn from smb2 receive_unlock_msgVolker Lendecke1-1/+9
2010-10-03s3: Remove smbd_server_conn from process_kernel_oplock_breakVolker Lendecke1-2/+8
2010-10-03s3: Remove smbd_server_conn from process_oplock_break_messageVolker Lendecke1-3/+8
2010-10-03s3: Remove smbd_server_conn from process_oplock_async_level2_break_messageVolker Lendecke1-2/+8
2010-10-03s3: Lift smbd_server_conn from initial_break_processingVolker Lendecke1-5/+9
2010-10-03s3: Add msg_ctx_to_sconnVolker Lendecke2-0/+15
2010-10-03s3: I thought I had compiled this....Volker Lendecke1-1/+1
2010-10-03s3: Attempt to fix the IRIX buildVolker Lendecke1-1/+1
2010-10-03s3: Attempt to fix a ton of warnings on the build farmVolker Lendecke1-0/+1