| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This bug re-occurred for 3.3.x and above.
The reason is that to change a NT ACL we now have to open the file requesting
WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions
in posix_acls doesn't add these bits when "dos filemode = yes", so even though
the permission or owner change would be allowed by the POSIX ACL code, the
NTCreateX call fails with ACCESS_DENIED now we always check NT permissions
first.
Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access.
Jeremy.
|
|
This is to introduce a new format of the password history, maintaining backwards
compatibility: The old format was 16 byte hash + 16 byte md5(salt + nt hash).
The new format is 16 zero bytes and 16 bytes nt hash.
This will allow us to respect the last X entries of the nt password history
when deciding whether to increment the bad password count.
This is part of the fix for bug #4347 .
Michael
|
|
The code I just removed was checked in with e5466fffc286a99f as a bug fix for
https://bugzilla.samba.org/show_bug.cgi?id=3319. With the changes to
is_visible_file made with 9e8b8f8c16612 these lines have become unnecessary,
even with "hide unreadable = yes" dead msdfs symlinks show. This is because we
can not stat(2) them and default to showing them.
Why this change? I have a user who wants to use "hide unreadable" on msdfs
links. Because you can't edit acls on symlinks themselves, the user created the
targets as bogus, empty files that just exist as acl placeholders. With the
code in place that this patch removes, we never allow this to work.
Jeremy, please check! :-)
Thanks,
Volker
|
|
|
|
|
|
|
|
When deferring an async pipe writeX and readX transfer
the outstanding request struct onto the conn struct. This
needs freeing after the packet is finally processed.
Jeremy.
|
|
struct in the fsp->fsp_name pointer incorrectly for a directory.
Fix this. Make map_canon_ace_perms() public.
Jeremy.
|
|
Andrew Bartlett
|
|
|
|
Don't change the contents of a const string via a pointer
alias (or if you do, change it back.....).
Jeremy.
|
|
Rewrite all calls to reply_nterror(NT_STATUS_DOS()) to
reply_force_doserror() and update the comment in smbd/error.c
Jeremy.
|
|
correct reply_nterror calls. Next rename reply_doserror ->
reply_force_doserror and plumb in when NT_STATUS_DOS is
used.
Jeremy.
|
|
reply_doserror(), reply_nterror(), and reply_nterror(NT_STATUS_DOS()).
Fix the call in rely_openerror() to actually force a DOS error
for "too many open files".
Jeremy.
|
|
Start migrating uses of reply_doserror() to reply_nterror() with the
correct mapping. Eventually we'll get to the point where we can
change reply_doserror() to force a DOS error code on the wire,
and can change calls to reply_nterror(req, NT_STATUS_DOS()) - which *does*
force DOS errors on the wire - to reply_doserror(). Which might
actually make the server code look like it's making sense.
Jeremy.
|
|
This is what W2KR3 does for NTCreateX and openX calls. May be the correct fix
for bug 6837 - "Too many open files" when trying to access large number of files.
Jeremy.
|
|
Jeremy.
|
|
We were returning the wrong sense of the bool. must_mangle()
has to return !NT_STATUS_IS_OK, not NT_STATUS_IS_OK.
Jeremy.
|
|
Jeremy.
|
|
attributes by protocol level.
This makes us consistant in returning DOS attrs across all replies. Tested on OS/2 by Günter Kukkukk.
Jeremy.
|
|
|
|
Guenther
|
|
I don't think we need to log the fact that a user gave a wrong sharename in Explorer with the highest log level.
The level of this was not very consistent:
service.c: DEBUG(3,("find_service() failed to find service %s\n", service));
service.c: DEBUG(0,("%s (%s) couldn't find service %s\n",
smb2_tcon.c: DEBUG(1,("smbd_smb2_tree_connect: couldn't find service %s\n",
This changes the last two to 3 as the first one.
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
|
|
Implement the win7 NT_STATUS_INVALID_LOCK_RANGE.
Make smbd behave as Windows does in canceling locks.
Jeremy.
|
|
Jeremy.
|
|
fsp->fsp_name.
Moving towards making VFS_OPEN/VFS_MKDIR/VFS_RMDIR
handle based...
Jeremy.
|
|
calls are now handle based. Put rmdir into close.c
and make it private.
Jeremy.
|
|
can_set_delete_on_close() is correctly called before any setting
of the disposition bit (clean up the do_unlink() call).
Jeremy.
|
|
files
from Windows 7. Original patch by me fixed up with the correct open files number
by jmaggard10@hotmail.com.
Jeremy.
|
|
is used). Allows make test to pass with acl_xattr.so prepended to the vfs modules.
Jeremy.
|
|
for paths
This allows smbd to pass the freshly updated RAW-SFILEINFO-END-OF-FILE
torture test.
|
|
|
|
|
|
Step 0 to restore it as a per-share paramter
|
|
Guenther
|
|
samba.
Guenther
|
|
I know Volker will look at this closely so here's the explaination :-).
Originally on a case-sensitive share we simply did a stat (or lstat)
call and returned success of fail based on the result. However this
failed to take account of incoming paths with a wildcard (which must
always fail, and with different error messages depending on whether
the wildcard is the last component or in the path). Also it failed
to take account of a stat fail with ENOENT due to a missing component
of the path as the last component (which is ok as it could be a new
file) or if the ENOENT was due to the missing component within
the path (not the last component) - which must return the correct
error. What this means is that with "case sensitive = yes" we do
one more talloc call (to get the parent directory) and one more
stat call (on the parent directory) in the case where the stat
call fails. I think this is an acceptable overhead to enable
case sensitive shares to return the correct error messages for
applications. Volker please examine carefully :-).
Jeremy.
|
|
Jeremy.
|
|
This matches what is outlined here:
http://msdn.microsoft.com/en-us/library/ms804363.aspx
This is also inline with how winXP/win7 handle this. See
RAW-SFILEINFO-END-OF-FILE* in smbtorture4.
|
|
RAW-CHKPATH when case sensitive = yes, but isn't the correct way to do
it. I'm testing a larger patch to smbd/filename.c that should fix this
correctly, and will add a torture test to ensure RAW-CHKPATH is run against
a case sensitive share once this is done.
Jeremy.
|
|
wide links = no.
Jeremy.
|
|
set. Doh !
Jeremy.
|
|
it worked in 3.3.x and 3.2.x. UCF_POSIX_PATHNAMES may no longer be needed,
as lp_posix_pathnames() being set isn't the same as case handling from
NtCreateX (lp_posix_pathnames() changes the STAT calls to LSTAT, not
the case semantics).
Jeremy.
|
|
Jeremy.
|
|
out by Volker.Restores the pathname handling for FILE_FLAG_POSIX_SEMANTICS but still prevents the O_APPEND problems. Jeremy.
|
|
Clients using a Windows open call should not be able to set
FILE_FLAG_POSIX_SEMANTICS in an open.
Jeremy.
|
|
This reverts commit e23d8a3d1f558a7e98ef2afd71e1d15c5b3a71bc.
|
|
This reverts commit f7b4151a64d8c6851e62255a7139fd00a5fc63a3.
|
|
explicit"
This reverts commit 6a149022976fe6a5579ec9afc7a4d2dcb44dc8af.
|
|
This reverts commit c85a4c9ba4a7de65a7850f6f9708df66bd24deea.
|
