summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2012-10-19s3:smbXsrv_tcon: add smbXsrv_tcon_global_traverse()Gregor Beck2-0/+74
Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbXsrv_session: add smbXsrv_session_global_traverse()Gregor Beck2-0/+75
Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: use session_global_id as session number for pam and utmpGregor Beck2-77/+15
Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-10-19s3:smbd: initialize session->global before calling session_claimGregor Beck2-27/+27
Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: remove smbd_server_connection argument from session_claim()Gregor Beck4-6/+7
retrieve the server connection from the smbXsrv_session argument instead. Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: pass smbXsrv_session instead of user_struct to session_claim() and ↵Gregor Beck5-8/+11
session_yield() Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:count_current_connections: do not clear orphaned entries from connections.tdbGregor Beck2-21/+9
This removes one of the last callers of connetions_forall. Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd/utmp: remove ip address from utmp recordStefan Metzmacher3-38/+8
1. This was broken since Samba 3.2. when ipv6 support was added, it only worked for ipv6 addresses. 2. userspace tools only display the hostname field. 3. This is not really portable metze Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: remove duplicate prototypes for sys_utmp_claim() an sys_utmp_yield()Michael Adam1-6/+0
Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: add exit_server to the smbd_shim hooksStefan Metzmacher3-4/+10
This is in preparation of moving sessionid_tdb and conn_tdb to smbd exclusively. metze Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: move initialization of the smbd_shim from smbd_init_globals() to main()Michael Adam2-16/+15
This is in preparation of adding server exit hooks to the shim. Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: update sconn->remote_hostname after the netbios session requestStefan Metzmacher1-0/+13
Also update the info in the new smbXsrv structure. This way we can log the remote name in status outputs. metze Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-17s3:smbd: fix brace placements in validate_my_share_entries() for readabilityMichael Adam1-2/+4
according to coding guidelines Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Oct 17 14:37:58 CEST 2012 on sn-devel-104
2012-10-17s3:smbd: also log the "offline" flag when debugging the dos-modeMichael Adam1-0/+1
Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org>
2012-10-12s3:smb2_getinfo ensure proper error for not yet present quota supportChristian Ambach1-0/+4
non-existing quota support needs to be signaled by NT_STATUS_NOT_SUPPORTED, not NT_STATUS_INVALID_PARAMETER Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Fri Oct 12 13:37:37 CEST 2012 on sn-devel-104
2012-10-11smbd: Always free the talloc_stackframe() before leaving ↵Andrew Bartlett1-0/+3
smbd_do_query_security_desc Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Oct 11 15:20:54 CEST 2012 on sn-devel-104
2012-10-11vfs: Implement a sys_acl_blob_get_{fd,file} for POSIX ACL backendsAndrew Bartlett2-0/+125
This simply linearlises the SMB_ACL_T (default and access acl for directories) and the file owner, group and mode into a blob. It will be useful for an improved vfs_acl_common.c that uses this sets that, rather than the hash of the NT ACL, in the xattr This will in turn insulate the stored hash from changes in the ACL mapping. Andrew Bartlett
2012-10-11vfs: Remove type parameter from sys_acl_blob_get_{fd,file}Andrew Bartlett1-2/+1
This interface actually needs to match the get_nt_acl interface in that the system ACL implmenetation may not be posix ACLs, and the blob is not meant to be enforced to be of a particular system ACL structure. Andrew Bartlett
2012-10-11smbd: Add mem_ctx to {f,}get_nt_acl VFS callAndrew Bartlett6-37/+65
This makes it clear which context the returned SD is allocated on, as a number of callers do not want it on talloc_tos(). As the ACL transformation allocates and then no longer needs a great deal of memory, a talloc_stackframe() call is used to contain the memory that is not returned further up the stack. Andrew Bartlett
2012-10-11smbd: Add mem_ctx to sys_acl_init() and all callersAndrew Bartlett4-43/+66
This changes from allocation on NULL to allocation on the supplied memory context. Currently that supplied context is talloc_tos() at the the final consumer of the ACL. Andrew Bartlett
2012-10-06We should never just assign an st_mode to an ace->perms field, theoreticallyJeremy Allison1-2/+2
they are different so should go through a mapping function. Ensure this is so. Practically this does not matter, as for user permissions the mapping function is an identity, and the extra bits we may add are ignored anyway, but this makes the intent clear. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Oct 6 03:04:14 CEST 2012 on sn-devel-104
2012-10-05Modify ensure_canon_entry_valid() into ensure_canon_entry_valid_on_set() - ↵Jeremy Allison1-154/+141
makes the logic clearer.
2012-10-05Simplify ensure_canon_entry_valid by splitting out the _get codepath.Jeremy Allison1-3/+86
2012-10-04Remove all uses of ↵Jeremy Allison2-20/+10
lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode and replace with the normal masks. Now these parameters can be removed.
2012-10-04Revert "When creating a new file/directory, we need to obey the create ↵Jeremy Allison1-15/+0
mask/directory mask parameters." This reverts commit c251a6b0442abc13bc8be4ff8de324c1d7706a78. Remove this as we're planning to remove the security mask, directory security mask parameters and only use create mask/directory mask.
2012-10-04s3fs-smbd: Make sure the registry is set up before we init printing.Andreas Schneider1-4/+4
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Oct 4 12:06:29 CEST 2012 on sn-devel-104
2012-10-03Revert "Fix bug #9222 - smbd ignores the "server signing = no" setting for ↵Jeremy Allison2-12/+4
SMB2." This reverts commit dfd3c31a3f9eea96854b2d22574856368e86b245. As Metze pointed out: From MS-SMB2 section 2.2.4: SMB2_NEGOTIATE_SIGNING_ENABLED When set, indicates that security signatures are enabled on the server. The server MUST set this bit, and the client MUST return STATUS_INVALID_NETWORK_RESPONSE if the flag is missing. I'll submit a documentation bug to fix #9222 that way.
2012-10-03Fix bug #9214 - Bad user supplied SMB2 credit value can cause smbd to call ↵Jeremy Allison1-1/+6
smb_panic. Terminate the connection cleanly instead.
2012-10-03Fix bug #9222 - smbd ignores the "server signing = no" setting for SMB2.Jeremy Allison2-4/+12
Still sign if client request is signed, just don't negotiate it in negprot or sessionsetup. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Oct 3 00:59:42 CEST 2012 on sn-devel-104
2012-10-02When creating a new file/directory, we need to obey the create ↵Jeremy Allison1-0/+15
mask/directory mask parameters. Currently we call FSET_NT_ACL to inherit any ACLs on create. However FSET_NT_ACL uses the security mask/directory security mask parameters instead of the create mask/directory mask parameters. Swap them temporarily when creating to ensure the correct masks are applied. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 2 22:27:17 CEST 2012 on sn-devel-104
2012-10-02When setting a non-default ACL, don't forget to apply masks to SMB_ACL_USER ↵Jeremy Allison1-0/+10
and SMB_ACL_GROUP entries.
2012-10-02Only apply masks on non-default ACL entries when setting the ACL.Jeremy Allison1-9/+19
2012-10-02Use is_default_acl variable in canonicalise_acl().Jeremy Allison1-2/+3
2012-10-02Reformat spacing to be even.Jeremy Allison1-7/+8
2012-10-01s3: make recursive_rmdir function non-staticBjörn Baumbach2-4/+7
2012-09-29s3: Fix opening a file under kernel oplocksVolker Lendecke1-0/+79
With the prior code we assumed that we do not have kernel oplocks around when we open a file because we handled samba-internal oplock breaks before the open attempt. Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sat Sep 29 19:29:36 CEST 2012 on sn-devel-104
2012-09-29s3: Remove a SMB_ASSERTVolker Lendecke1-2/+0
With the simplified logic this became unnecessary
2012-09-29s3: Close the now opened file descriptor in error pathsVolker Lendecke1-0/+3
2012-09-29s3: No code change, just re-indentVolker Lendecke1-188/+187
Look at this with "git diff -b" if you don't believe me :-)
2012-09-29s3: Remove share mode handling before we open the fileVolker Lendecke1-204/+1
This is a significant behaviour change: We do not open the file under the share mode lock anymore. This might lead to more open calls in case of oplock breaks or sharing violations, but those are slow error paths and as such might be not too performance sensitive. The benefit of this patch is a significant reduction of complexity of open_file_ntcreate()
2012-09-29s3: Fix fcb_or_dos_open after logic changeVolker Lendecke1-1/+2
With the new behaviour, we call fcb_or_dos_open after open_file(). It is open_file() that sets up the fsp so that fcb_or_dos_open can find it in the list of fsps. Avoid finding the fsp we are just setting up.
2012-09-29s3: Copy share mode handling from before to after open_fileVolker Lendecke1-17/+124
This is a 1:1 copy&paste of the oplock/sharemode code that we do before an existing file is opened. It is a prerequiste for a patch that removes all of that handling before we open the file.
2012-09-27s3: For read-only shares, filter out write bits from conn->access_maskVolker Lendecke1-0/+7
Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 27 02:51:42 CEST 2012 on sn-devel-104
2012-09-27s3: Fix rejecting mkdir on read-only sharesVolker Lendecke1-1/+1
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-09-26s3: Slightly simplify open_file()Volker Lendecke1-1/+2
The "else" is not necessary. In the if-branch we just returned. Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Sep 26 18:08:03 CEST 2012 on sn-devel-104
2012-09-26s3: Slightly simplify calculate_open_access_flagsVolker Lendecke1-9/+10
2012-09-26s3: Slightly simplify calculate_open_access_flagsVolker Lendecke1-13/+17
2012-09-26s3-smbd: Don't segfault if user specified ports out for range.Andreas Schneider1-7/+9
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Sep 26 16:28:44 CEST 2012 on sn-devel-104
2012-09-26s3:smb2_create: don't take 'state->te' as indication for "was_deferred" (bug ↵Stefan Metzmacher1-1/+4
#9196) We always set state->te = NULL of TALLOC_FREE(state->te), before calling smbd_smb2_request_dispatch(), so open_was_deferred_smb2() always returned false, while dispatching it again. But it's remove_deferred_open_message_smb2_internal() which should reset this state. In developer mode validate_my_share_entries() did call smb_panic() before. metze
2012-09-26s3: Factor out calculate_open_access_flagsVolker Lendecke1-15/+31
Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Sep 26 00:22:56 CEST 2012 on sn-devel-104