summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2009-05-18s3: Always allocate memory in dptr_ReadDirNameAravind Srinivasan2-17/+44
This is a follow up to 69d61453df6019caef4e7960fa78c6a3c51f3d2a to adjust the API to allow the lower layers allocate memory. Now the memory can explicitly be freed rather than relying on talloc_tos(). Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-05-18s3 sendfile: Fix two bugs in sendfileTim Prouty1-3/+4
These were found interally via code inspection. 1) fake_sendfile was incorrectly writing zeros over real data on a short read. 2) sendfile_short_send was doing 4 byte writes instead of 1024 byte writes due to an incorrect sizeof usage. Jermey, Vl please check
2009-05-18Move down the become_root()/unbecome_root() calls into the VFS modulesVolker Lendecke1-6/+0
The aio_fork module does not need this, as it does not communicate via signals but with pipes. Watching a strace log with those become_root() calls in aio.c is absolutely awful, and it does affect performance.
2009-05-18Add "file_walk_table" to do stuff with all open filesVolker Lendecke1-0/+22
2009-05-14Make us pass SHORTNAME-TEST.Jeremy Allison1-3/+17
Jeremy
2009-05-14Remove one use of mangle_is_8_3(), not needed.Jeremy Allison1-4/+2
Jeremy.
2009-05-14Fix a type-punned warningVolker Lendecke1-1/+1
2009-05-12s3 onefs: Self-contend level2 oplocks on BRLZack Kirsch1-1/+0
2009-05-12s3: Fix strict locking with chained readsTim Prouty1-22/+24
Move the strict lock/unlock code down a level for reads to avoid calling chain_reply before the unlock.
2009-05-11Fix warning about unused label with no sendfile.Jeremy Allison1-1/+2
Jeremy.
2009-05-09Pass also sername to check password scriptSimo Sorce1-4/+12
2009-05-09Do not call SMB_VFS_GET_REAL_FILENAME if the name is mangledVolker Lendecke1-6/+11
The GPFS get_real_file name does not know about mangled names. Tim, if onefs does not either, you need this bugfix :-) In case onefs does 8.3 names, we need to pass the mangled flag down to SMB_VFS_GET_REAL_FILENAME to give GPFS a chance say ENOTSUPP and do the fallback.
2009-05-08s3: Fix chained sesssetupAndX/tconn messagesTim Prouty1-0/+7
A sesssetupAndX chained with a tconn will not correctly set the TID in the response header. I'm seeing an XP client send this chained sesssetup/tconn when samba has security = share. Samba's current behavior is to return a TID of 0 in the smb header rather than the actual TID. This patch also updates the UID in the header as well.
2009-05-08Fix bug #6330 - DFS doesn't work on AIX. Jeremy.Jeremy Allison1-0/+4
2009-05-08Expand the comment explaining why user_in_group_sid isJeremy Allison1-1/+6
not reliable for winbindd users from foreign domains. Jeremy.
2009-05-08s3:smbd: fix posix acls when setting an ACL without explicit ACE for the ↵Stefan Metzmacher1-3/+18
owner (bug#2346) The problem of bug #2346 remains for users exported by winbindd, because create_token_from_username() just fakes the token when the user is not in the local sam domain. This causes user_in_group_sid() to give totally wrong results. In uid_entry_in_group() we need to check if we already have the full unix token in the current_user struct. If so we should use the current_user unix token, instead of doing a very complex user_in_group_sid() which doesn't give reliable results anyway. metze
2009-05-08s3:smbd: fix the fix for mapped IPv4 address handling in release_ip().Michael Adam1-2/+2
It was too late... Thanks Metze for noticing. Michael
2009-05-08s3: make release_ip() call (ctdb) cope with IPv4 mapped addressesMichael Adam1-1/+8
Michael
2009-05-08s3-samr: disable check for ACB_DISABLED in check_oem_password().Günther Deschner1-1/+4
It is a bad idea to just tell everyone that an account is disabled without really having checked the password first. Found by torture test. Guenther
2009-05-08s3-samr: rework check_oem_password() to take a struct samu, not to return one.Günther Deschner1-39/+27
Guenther
2009-05-06s3-printing: simplify print_queue helper functions and return WERROR.Günther Deschner1-10/+7
Guenther
2009-05-05s3: Fix trans2 path to use case-insensitive stat optimizationtprouty2-6/+51
Often times before creating a file, a client will first query to see if it already exists. Since some systems have a case-insensitive stat that is called from unix_convert, we can definitively return STATUS_NO_SUCH_FILE to the client without scanning the whole directory. This code path is taken from trans2querypathinfo, but trans2findfirst still does a full directory scan even though the get_real_filename (the case-insensitive stat vfs call) can prevent this. This patch adds the get_real_filename call to the trans2find* path, and also changes the vfs_default behavior for SMB_VFS_GET_REAL_FILENAME. Previously, in the absence of a get_real_filename implementation, we would fallback to the full directory scan. The default behavior now returns -1 and sets errno to EOPNOTSUPP. This allows SMB_VFS_GET_REALFILENAME to be called from trans2* and unix_convert.
2009-05-05Fix bug 6302: Give the VFS a chance to read from 0-byte filesVolker Lendecke1-8/+9
2009-05-04Fix bug #6315 smbd crashes doing vfs_full_audit on IPC$ close event.Jeremy Allison1-3/+44
The underlying problem is that once SMBulogoff is called, all server_info contexts associated with the vuid should become invalid, even if that's the context being currently used by the connection struct (tid). When the SMBtdis comes in it doesn't need a valid vuid value, but the code called inside vfs_full_audit always assumes that there is one (and hence a valid conn->server_info pointer) available. This is actually a bug inside the vfs_full_audit and other code inside Samba, which should only indirect conn->server_info on calls which require AS_USER to be set in our process table. I could fix all these issues, but there's no guarentee that someone might not add more code that fails this assumption, as it's a hard assumption to break (it's usually true). So what I've done is to ensure that on SMBulogoff the previously used conn->server_info struct is kept around to be used for print debugging purposes (it won't be used to change to an invalid user context, as such calls need AS_USER set). This isn't strictly correct, as there's no association with the (now invalid) context being freed and the call that causes conn->server_info to be indirected, but it's good enough for most cases. The hard part was to ensure that once a valid context is used again (via new sessionsetupX calls, or new calls on a still valid vuid on this tid) that we don't leak memory by simply replacing the stored conn->server_info pointer. We would never actually leak the memory (as all conn->server_info pointers are talloc children of conn), but with the previous patch a malicious client could cause many server_info structs to be talloced by the right combination of SMB calls. This new patch introduces free_conn_server_info_if_unused(), which protects against the above. Jeremy.
2009-05-04Increase debug level of "create_connection_server_info failed" messageVolker Lendecke1-1/+1
I don't think we should unconditionally send every refused connection attempt to a share to syslog, that's where all debug level 0 messages end up.
2009-05-04s3-printing: Fix driver upload for Xerox 4110 PS printer driver.Günther Deschner1-0/+2
We need to allow to set filesystem capabilities from the default vfs in create_conn_struct() in order to find mixed-case filenames. Thanks Volker! This one was hard to find, so a little longer explanation: When a Windows client tries to upload e.g. the Xerox 4110 PS driver, the client first uploads the driver files to the [print$] share. Some of them (in this case the Windows Postscript drivers) are with uppercase filenames while some of them (like the PPD file) are in lowercase. After the driver upload the client issues the spoolss_AddPrinterDriverEx() call with level 6. There the client tries to add the PPD file with an uppercase filename (while having stored it in lowercase on the server). The internal spoolss add driver functions then could not find the appropriate filename while trying to move them to the version subdirectory (in this case W32X86/3) and fails then entire spoolss_AddPrinterDriverEx() call. With this fix, the convert_unix_name() name finds the correct file and the spoolss_AddPrinterDriverEx() succeeds. Guenther
2009-04-30Fix notify_onelevel: notify is not necessarily enabledVolker Lendecke1-0/+4
Thanks to Günther Deschner! Volker
2009-04-29s3:vfs: untangle logic for loading and probing modules in vfs_init_custom()Michael Adam1-11/+23
This is to be able to provide more specific error messages. Michael
2009-04-29s3:smbd/service: switch load_registry_service/shares to use loadparm routinesMichael Adam1-70/+3
instead of reading the registry directly with tdb and activating the configure options by hand. This eliminates the need for repeating checks done in loadparm. For instance it disables registry shares without path in the server as is the case with text based shares. Michael
2009-04-23Revert "Do not use the file system GET_REAL_FILENAME for mangled names"Volker Lendecke1-23/+7
This reverts commit b5b6ecb58aeba196c28370cde21a0826f81d8da6.
2009-04-22Fix profile acls in some corner casesSimo Sorce1-3/+18
Always add back the real original owner of the directory in the ACE List after we steal its ACE for the Administrators group.
2009-04-22Avoid duplicate acesSimo Sorce1-7/+48
When adding arbitrary aces to an nt_ace_list we need to make sure we are not actually adding a duplicate. add_or_replace_ace() takes care of doing the right thing.
2009-04-21s3-secdesc: use SEC_FLAG_SYSTEM_SECURITY instead of SEC_RIGHT_SYSTEM_SECURITY.Günther Deschner1-4/+4
Guenther
2009-04-20Remove smb_mkstemp() - libreplace will now provide a secure mkstemp() ifJelmer Vernooij2-3/+3
the system one is broken.
2009-04-20Merge commit 'origin/master' into libcli-auth-merge-without-netlogondAndrew Bartlett7-20/+350
2009-04-20Do not use the file system GET_REAL_FILENAME for mangled namesVolker Lendecke1-7/+23
2009-04-19Make "struct policy" private to srv_lsa_hnd.cVolker Lendecke1-1/+1
2009-04-16Fix bug found by Tim Prouty, logging off and then re-using a vuid can cause ↵Jeremy Allison1-0/+11
smbd to access a freed structure. Jeremy.
2009-04-16Add notify_onelevel.tdbVolker Lendecke3-0/+300
This optimizes non-recursive notifys. For non-recursive notifies we can use a per-directory file-id indexed notify record. This matters for the Windows Explorer and IIS cases which do not use recursive notifies. In these cases, we do not have to shuffle around the whole notify record on every change. For the cluster case, this improves correctness of the notifies, ctdb only distributes the tdb seqnum once a second, so we can lose notifies.
2009-04-16Rename notify_context->db to db_recursiveVolker Lendecke1-9/+12
2009-04-15Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+Jeremy Allison1-3/+3
What a difference a name makes... :-). Just because something is missnamed SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN, don't automatically use it for a security check in _samr_OpenDomain(). Jeremy.
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett2-3/+5
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-04-14Convert Samba3 to use the common lib/util/charset APIAndrew Bartlett2-11/+11
This removes calls to push_*_allocate() and pull_*_allocate(), as well as convert_string_allocate, as they are not in the common API To allow transition to a common charcnv in future, provide Samba4-like strupper functions in source3/lib/charcnv.c (the actual implementation remains distinct, but the API is now shared) Andrew Bartlett
2009-04-14Solve some of the conflict between Samba3 and Samba4 push_stringAndrew Bartlett1-2/+2
This renames push_string in Samba3 into push_string_base and push_string_check for the two different use cases. This should allow push_string to be imported from Samba4, using it's calling conventions.
2009-04-13Use convert_string_talloc, thanks Andrew!Volker Lendecke1-1/+1
2009-04-12We have to deny a level 2 oplock if kernel oplocks are enabledVolker Lendecke1-0/+6
The second r/o opener of a file is supposed to get a level2 oplock. The first opener due to the protection in process_oplock_break_message() has been forced to break to no oplock. The second opener according to locking.tdb gets a level2 oplock. Further down in open_file_ntcreate we try to set this level2 oplock in the kernel, and the non-clustered Linux kernel disallows this. The rules for the kernel leases are a bit baroque, but the attempt to do the SETLEASE correctly fails and we end up with no oplock for any client. In the clustered case however the linux kernel on the second opening node has not seen the open fd of the first node, it is only the cluster fs that has this information. If the cluster fs does not have the very same notion of leases as the local kernel has, we can end up with a WRLCK style kernel lease for the second opener where locking.tdb only indicates a level2 oplock. Getting a kernel oplock break signal with just a level2 oplock in locking.tdb is something smbd is not prepared for. For example after sending out the break in response to the kernel signal we set a timeout, waiting for a reply. More work needs to be done to make level2 kernel oplocks real for us. This patch addresses a real problem we have right now without them.
2009-04-12Add "netbios retarget"Volker Lendecke1-0/+93
This is fun -- XP still does this :-) netbios retarget : foo = 192.168.234.10:1139 and if you connect to port 139 name foo, XP will happily do SMB over 1139
2009-04-12write_data already guarantees everything was writtenVolker Lendecke1-9/+6
2009-04-12Extract and print the server name type the client connects toVolker Lendecke1-7/+7
2009-04-11Fix some nonempty blank linesVolker Lendecke1-4/+4