summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2012-01-31s3-smbd: Use gensec_spnego in smb seal serverAndrew Bartlett1-304/+29
This is instead of the inline, manual spnego code currently in use. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31s3: Unify stream testing in open_directoryVolker Lendecke1-9/+5
The second if-statement could never have kicked in, assuming the SMB_ASSERT above was right. Jeremy, please check! Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jan 31 20:15:36 CET 2012 on sn-devel-104
2012-01-31s3: Re-indent an && sequence for better understandingVolker Lendecke1-2/+2
2012-01-31s3: Fix "smbcontrol smbd close-share"Volker Lendecke1-0/+11
2012-01-25s3:smb2_sessetup: call set_current_user_info() and reload_services() on successStefan Metzmacher1-0/+11
This matches the smb1 code. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 25 08:39:35 CET 2012 on sn-devel-104
2012-01-24Another fix for bug #8556 - ACL permissions ignored when SMBsetatr is requested.Jeremy Allison1-5/+0
Remove erroneous check on FILE_WRITE_ATTRIBUTES when changing POSIX permissions - this isn't an attribute set call (unless you're storing attributes in POSIX permissions, which is not recommended). Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Jan 24 00:44:24 CET 2012 on sn-devel-104
2012-01-23Another fix for bug #8556 - ACL permissions ignored when SMBsetatr is requested.Richard Sharpe1-0/+1
Prevent systems with "store dos attributes = yes" from overriding FILE_WRITE_ATTRIBUITES.
2012-01-20s3-libsmb: use struct gensec_security directlyAndrew Bartlett1-9/+9
This is rather than via a now one-element union. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20s3-libcli Change krb5 smb sealing to call via gensec and gensec_gseAndrew Bartlett1-189/+32
This also fixes the support for smb sealing with krb5 in make test, as this now relies on secrets.tdb rather than /etc/krb5.keytab. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20s3:smbd/proto.h: remove unused do_map_to_guest() prototypeStefan Metzmacher1-4/+0
metze
2012-01-19Now make_connection_snum() is a static function that takes aJeremy Allison1-33/+26
connection_struct as a parameter, fix the interface to allow it to return an NTSTATUS. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Jan 19 07:25:49 CET 2012 on sn-devel-104
2012-01-18Fix bug 8710 - connections.tdb - major leak with SMB2.Jeremy Allison3-22/+78
Ensure the cnum used to claim the connection for SMB2 is the id that will be used for the SMB2 tcon. Based on code from Ira Cooper <ira@wakeful.net>. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jan 18 23:14:32 CET 2012 on sn-devel-104
2012-01-18Revert "Fix bug #8175 - smbd deadlock."Volker Lendecke1-68/+26
This reverts commit 5a2b5b6cfed74e0e9c2965525995f64cdad7b7c9.
2012-01-18s3: Change locking order between brlock and lockingVolker Lendecke1-8/+58
But 8175 was fixed in a way that brlock.tdb was always locked before locking.tdb. This patch fixes the bug in a different way. locking.tdb is the central tdb for files and should always be locked first. This patch solves the problem by postponing the level2 break messages, which are async anyway.
2012-01-18s3: Add a "lock_order" argument to db_openVolker Lendecke1-2/+4
This will be used to enforce a lock hierarchy between the databases. We have seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb. These should be fixed by refusing a dbwrap_fetch_locked that does not follow a defined lock hierarchy.
2012-01-12s3: Put an indirection layer into share_mode_lockVolker Lendecke5-36/+36
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-01-12s3: Introduce get_share_mode_lock_fresh()Volker Lendecke5-26/+14
This slightly simplifies the code path for all callers which assume that a share mode exists already. Only the callers in open_file_ntcreate and open_directory will ever create new share modes. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-01-12s3:smbd: explicitly ask for GENSEC_FEATURE_UNIX_TOKENStefan Metzmacher2-0/+6
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jan 12 11:22:53 CET 2012 on sn-devel-104
2012-01-12Ensure we always free aio_ex on all error paths by moving the TALLOC_FREEJeremy Allison1-2/+1
call out of smbd_aio_complete_aio_ex() and into the caller. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Jan 12 03:10:52 CET 2012 on sn-devel-104
2012-01-06s3-auth Rename make_auth_ntlmssp() -> make_auth_gensec()Andrew Bartlett1-5/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-auth remove outdated commentAndrew Bartlett1-3/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jan 5 18:51:47 CET 2012 on sn-devel-104
2012-01-05s3-auth remove unused ntlmssp.hAndrew Bartlett1-1/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-auth Remove ntlmssp_wrap.h which is no longer requiredAndrew Bartlett4-4/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-auth use gensec directly rather than via auth_generic_stateAndrew Bartlett6-63/+62
This is possible because the s3 gensec modules are started as normal gensec modules, so we do not need a wrapper any more. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-auth Add TALLOC_CTX * to auth_generic_prepare()Andrew Bartlett4-15/+9
This makes the long term owner of this memory more clear. So far only the clear cases have been moved from NULL however. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3: Move basic SMB checking to a much earlier pointVolker Lendecke1-19/+19
2012-01-05s3: Add a suicide mode to smbdVolker Lendecke1-0/+11
To test our cleanup code paths properly, we need a way to make smbd exit hard without cleaning up
2012-01-04s3: Check for the packet size before accessing itVolker Lendecke1-2/+1
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jan 4 15:16:20 CET 2012 on sn-devel-104
2012-01-03s3: Remove the unused "file_existed" parameter from smbd_calculate_access_maskVolker Lendecke4-10/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jan 3 15:16:50 CET 2012 on sn-devel-104
2012-01-03s3: Avoid "file_existed" in smbd_calculate_maximum_allowed_accessVolker Lendecke1-36/+35
We access the file by name anyway, so we can just try to access it. The file system will for sure tell us if the file does not exist.
2012-01-03s3: Remove some else{} branches in smbd_calculate_maximum_allowed_accessVolker Lendecke1-3/+7
2012-01-03s3: Directly use *p_access_mask in smbd_calculate_maximum_allowed_accessVolker Lendecke1-6/+4
2012-01-03s3: Factor out smbd_calculate_maximum_allowed_accessVolker Lendecke1-40/+59
2011-12-31Final part of fix for bug #8679 - recvfile code path using splice() on Linux ↵Jeremy Allison1-5/+0
leaves data in the pipe on short write. The code to set a DOS error on short writeX return is amazingly legacy code, and also breaks the reply as fixup_chain_error_packet() enforces a 2-byte wct on any reply where smb_rcls != 0. Found in testing by Andrew Bartlett. Thanks Andrew ! Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Dec 31 08:05:35 CET 2011 on sn-devel-104
2011-12-22s3-auth remove auth_ntlmssp_start(), call auth_generic_start() directlyAndrew Bartlett3-7/+7
This makes it clear that this can support more than just NTLMSSP. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3-auth rename auth_ntlmssp_prepare() -> auth_generic_prepare()Andrew Bartlett4-8/+8
This function handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3-auth rename auth_ntlmssp_state -> auth_generic_stateAndrew Bartlett4-6/+6
This structure handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3:smb2_negprot: add support for PROTOCOL_SMB2_24Stefan Metzmacher1-0/+15
metze
2011-12-20Allow an object to be deleted from a directory if the caller has ↵Jeremy Allison1-1/+9
DELETE_CHILD access even if we don't have access to read the ACL on the object. Fixes bug #8673 - NT ACL issue. Different fix needed for 3.6.x. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Dec 20 22:13:51 CET 2011 on sn-devel-104
2011-12-20s3: Fix some False/NULL hickupsVolker Lendecke2-2/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Dec 20 13:13:17 CET 2011 on sn-devel-104
2011-12-17check_name() not needed in mkdir.Jeremy Allison1-5/+0
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Dec 17 02:44:55 CET 2011 on sn-devel-104
2011-12-17Ensure VALID_STAT before accessing fields.Jeremy Allison1-1/+3
2011-12-16Fix bug #8664 - Renaming a symlink fails if the symlink target is outside of ↵Jeremy Allison1-2/+4
the share. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Dec 16 23:32:26 CET 2011 on sn-devel-104
2011-12-16Restrict UCF_UNIX_NAME_LOOKUP (symlink allowed) to restricted set of calls.Jeremy Allison1-1/+4
2011-12-16s3:smbd: remove unused sconn_server_id()Stefan Metzmacher1-2/+0
metze
2011-12-16s3:smbd: avoid using sconn_server_id()Stefan Metzmacher9-19/+24
metze
2011-12-16s3: Add some const to find_oplock_typesVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Dec 16 09:10:07 CET 2011 on sn-devel-104
2011-12-16s3: Make open_file_ntcreate a bit easier to readVolker Lendecke1-3/+2
Move the declaration of "id" closer to its use
2011-12-16s3: Make open_file_ntcreate a bit easier to readVolker Lendecke1-4/+6
Move the calculation of "new_file_created" closer to its use
2011-12-16s3: Make open_file_ntcreate a bit easier to readVolker Lendecke1-3/+3
Remove a negation where it's not necessary