summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2012-10-05Simplify ensure_canon_entry_valid by splitting out the _get codepath.Jeremy Allison1-3/+86
2012-10-04Remove all uses of ↵Jeremy Allison2-20/+10
lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode and replace with the normal masks. Now these parameters can be removed.
2012-10-04Revert "When creating a new file/directory, we need to obey the create ↵Jeremy Allison1-15/+0
mask/directory mask parameters." This reverts commit c251a6b0442abc13bc8be4ff8de324c1d7706a78. Remove this as we're planning to remove the security mask, directory security mask parameters and only use create mask/directory mask.
2012-10-04s3fs-smbd: Make sure the registry is set up before we init printing.Andreas Schneider1-4/+4
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Oct 4 12:06:29 CEST 2012 on sn-devel-104
2012-10-03Revert "Fix bug #9222 - smbd ignores the "server signing = no" setting for ↵Jeremy Allison2-12/+4
SMB2." This reverts commit dfd3c31a3f9eea96854b2d22574856368e86b245. As Metze pointed out: From MS-SMB2 section 2.2.4: SMB2_NEGOTIATE_SIGNING_ENABLED When set, indicates that security signatures are enabled on the server. The server MUST set this bit, and the client MUST return STATUS_INVALID_NETWORK_RESPONSE if the flag is missing. I'll submit a documentation bug to fix #9222 that way.
2012-10-03Fix bug #9214 - Bad user supplied SMB2 credit value can cause smbd to call ↵Jeremy Allison1-1/+6
smb_panic. Terminate the connection cleanly instead.
2012-10-03Fix bug #9222 - smbd ignores the "server signing = no" setting for SMB2.Jeremy Allison2-4/+12
Still sign if client request is signed, just don't negotiate it in negprot or sessionsetup. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Oct 3 00:59:42 CEST 2012 on sn-devel-104
2012-10-02When creating a new file/directory, we need to obey the create ↵Jeremy Allison1-0/+15
mask/directory mask parameters. Currently we call FSET_NT_ACL to inherit any ACLs on create. However FSET_NT_ACL uses the security mask/directory security mask parameters instead of the create mask/directory mask parameters. Swap them temporarily when creating to ensure the correct masks are applied. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 2 22:27:17 CEST 2012 on sn-devel-104
2012-10-02When setting a non-default ACL, don't forget to apply masks to SMB_ACL_USER ↵Jeremy Allison1-0/+10
and SMB_ACL_GROUP entries.
2012-10-02Only apply masks on non-default ACL entries when setting the ACL.Jeremy Allison1-9/+19
2012-10-02Use is_default_acl variable in canonicalise_acl().Jeremy Allison1-2/+3
2012-10-02Reformat spacing to be even.Jeremy Allison1-7/+8
2012-10-01s3: make recursive_rmdir function non-staticBjörn Baumbach2-4/+7
2012-09-29s3: Fix opening a file under kernel oplocksVolker Lendecke1-0/+79
With the prior code we assumed that we do not have kernel oplocks around when we open a file because we handled samba-internal oplock breaks before the open attempt. Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sat Sep 29 19:29:36 CEST 2012 on sn-devel-104
2012-09-29s3: Remove a SMB_ASSERTVolker Lendecke1-2/+0
With the simplified logic this became unnecessary
2012-09-29s3: Close the now opened file descriptor in error pathsVolker Lendecke1-0/+3
2012-09-29s3: No code change, just re-indentVolker Lendecke1-188/+187
Look at this with "git diff -b" if you don't believe me :-)
2012-09-29s3: Remove share mode handling before we open the fileVolker Lendecke1-204/+1
This is a significant behaviour change: We do not open the file under the share mode lock anymore. This might lead to more open calls in case of oplock breaks or sharing violations, but those are slow error paths and as such might be not too performance sensitive. The benefit of this patch is a significant reduction of complexity of open_file_ntcreate()
2012-09-29s3: Fix fcb_or_dos_open after logic changeVolker Lendecke1-1/+2
With the new behaviour, we call fcb_or_dos_open after open_file(). It is open_file() that sets up the fsp so that fcb_or_dos_open can find it in the list of fsps. Avoid finding the fsp we are just setting up.
2012-09-29s3: Copy share mode handling from before to after open_fileVolker Lendecke1-17/+124
This is a 1:1 copy&paste of the oplock/sharemode code that we do before an existing file is opened. It is a prerequiste for a patch that removes all of that handling before we open the file.
2012-09-27s3: For read-only shares, filter out write bits from conn->access_maskVolker Lendecke1-0/+7
Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 27 02:51:42 CEST 2012 on sn-devel-104
2012-09-27s3: Fix rejecting mkdir on read-only sharesVolker Lendecke1-1/+1
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-09-26s3: Slightly simplify open_file()Volker Lendecke1-1/+2
The "else" is not necessary. In the if-branch we just returned. Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Sep 26 18:08:03 CEST 2012 on sn-devel-104
2012-09-26s3: Slightly simplify calculate_open_access_flagsVolker Lendecke1-9/+10
2012-09-26s3: Slightly simplify calculate_open_access_flagsVolker Lendecke1-13/+17
2012-09-26s3-smbd: Don't segfault if user specified ports out for range.Andreas Schneider1-7/+9
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Sep 26 16:28:44 CEST 2012 on sn-devel-104
2012-09-26s3:smb2_create: don't take 'state->te' as indication for "was_deferred" (bug ↵Stefan Metzmacher1-1/+4
#9196) We always set state->te = NULL of TALLOC_FREE(state->te), before calling smbd_smb2_request_dispatch(), so open_was_deferred_smb2() always returned false, while dispatching it again. But it's remove_deferred_open_message_smb2_internal() which should reset this state. In developer mode validate_my_share_entries() did call smb_panic() before. metze
2012-09-26s3: Factor out calculate_open_access_flagsVolker Lendecke1-15/+31
Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Sep 26 00:22:56 CEST 2012 on sn-devel-104
2012-09-25s3: Slightly simplify smbd_smb2_request_process_negprotVolker Lendecke1-5/+3
Remove a nested if-statement
2012-09-25s3: Fix some blank line endingsVolker Lendecke1-6/+6
2012-09-25s3: Fix a typoVolker Lendecke1-1/+1
2012-09-25pysmbd: Fix cut&paste errorsVolker Lendecke1-2/+3
2012-09-25s3: Slightly simplify is_stat_openVolker Lendecke1-3/+2
The "access_bits" clause is redundant. is_stat_open says that exactly at least one of the stat_open_bits must be set and none else. Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Sep 25 20:05:06 CEST 2012 on sn-devel-104
2012-09-25s3: Make is_stat_open() a bit more readableVolker Lendecke1-4/+7
2012-09-25s3: Fix indentation of if-expressionsVolker Lendecke1-2/+3
To me this makes open_file_ntcreate a little easier to understand Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Sep 25 10:08:15 CEST 2012 on sn-devel-104
2012-09-25Fix bug #9189 - SMB2 Create doesn't return correct MAX ACCESS access mask in ↵Jeremy Allison1-0/+7
blob. If we aren't already granted DELETE access, check if we have DELETE_CHILD in the containing directory.
2012-09-23s3:printing only do printing_subsystem_update when printing is enabledChristian Ambach1-1/+4
no point in calling this if printing was disabled and no spoolss service was started this hurts CTDB clusters as the smbds on the cluster nodes will fight for the single record in the TDB This fixes Bug 9197 - Disabling printing still makes smbd create and access printer_list.tdb
2012-09-22s3:smbd:smb2: initialize variable in vfs_default_durable_reconnect()Michael Adam1-1/+1
Found by Ambi's state-of-the-art compiler!
2012-09-22s3:smbd: remove struct member smbd_smb2_request.cancelled - it was only writtenMichael Adam6-8/+0
2012-09-22s3:smb2_lock: let smbd_smb2_create_cancel() trigger NT_STATUS_CANCELEDStefan Metzmacher1-14/+2
Instead of violating the tevent_req layers. metze
2012-09-22s3:smb2_lock: smbd_smb2_notify_recv() can already return NT_STATUS_CANCELEDStefan Metzmacher1-18/+0
That's why we can remove the code that violates the tevent_req layers. metze
2012-09-22s3:smb2_notify: make use of tevent_req_defer_callback() instead of custom ↵Stefan Metzmacher1-34/+1
tevent_immediate metze
2012-09-22s3:smb2_notify: don't call tevent_req_done() from smbd_smb2_notify_cancel()Stefan Metzmacher1-2/+1
smbd_notify_cancel_by_smbreq() will already trigger this via smbd_smb2_notify_reply() and smbd_smb2_notify_reply_trigger(). metze
2012-09-22s3:smb2_lock: let smbd_smb2_lock_cancel() trigger NT_STATUS_CANCELEDStefan Metzmacher1-26/+3
Instead of violating the tevent_req layers. metze
2012-09-22s3:smb2_server: avoid segfault in smbd_smb2_request_pending_queue()Stefan Metzmacher1-2/+6
Because we should not call smbd_smb2_request_error() on an request that is still running. If the subreq implementes a cancel function, this should take care of triggering smbd_smb2_request_error. metze Signed-off-by: Michael Adam <obnox@samba.org>
2012-09-22s3:smbd:smb2: simplify smbd_smb2_request_validate() and ↵Michael Adam2-51/+3
smbd_smb2_request_dispatch() removes unnneccary checks/assignments for compound_related and next_status and duplicate setting of error status. And remove (now) unused next_status from struct smbd_smb2_request. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2012-09-22s3:smbd:smb2: add check for session_status for compound requestsMichael Adam1-3/+3
2012-09-22s3:smb2_server: do the req->next_status check before the signing checksStefan Metzmacher1-15/+15
Windows 2012 returns NT_STATUS_INVALID_PARAMETER to the smb2.compound.invalid1 test if that uses signing (instead of NT_STATUS_ACCESS_DENIED). metze
2012-09-22s3:smb2_server: reset req->last_session_id and req->last_tid after using itStefan Metzmacher1-0/+4
If we can find a valid session or tcon we'll set it after the lookup, but it need to make sure to reset it if we don't find the session. This fixes a problem where a compound unrelated request between related requests doesn't reset the session. If we have 3 requests in a compound chain, request 3 should never use the id's cached from request 1. It should only every inherit handles from request 2. metze
2012-09-22s3: Compound requests should continue processing.Ira Cooper1-3/+2
This patch addresses #9173. Signed-off-by: Michael Adam <obnox@samba.org>