Age | Commit message (Collapse) | Author | Files | Lines |
|
bad server data returns.
If server returns zero on a NP read. Report pipe broken.
Prevents client from looping if it thinks there should be
more data.
Jeremy.
|
|
server data returns.
Ensure that subreq is *always* talloc_free'd in the _done
function, as it has an event timeout attached. If the
read requests look longer than the cli->timeout, then
the timeout fn is called with already freed data.
Jeremy.
|
|
Alignment space calculations are tricky :-).
Jeremy.
|
|
Guenther
|
|
Ensure we calculate the space correctly (including the ss_padding_len)
when constructing reply packets.
Jeremy.
|
|
|
|
value(s) error when "mangling method = hash"
The charset array allocated in init_chartest() is allocated
by MALLOC, but only some elements of it being set after allocation. Fix is to
memset to zero after allocation.
Jeremy.
|
|
containing a '.'
Fix use of uninitialized variable. This can lead to crashes if
mangling = hash processes names with no '.'.
Jeremy.
|
|
Guenther
|
|
Background is: the SetPrinter level 2 calls "addprinter command" an fails if a
share already existed (and the addprinter command returned a non-0 return code).
Removing the non-0 return code is fine, as in AddPrinter{Ex}, we have checks to
see if a share already exists before calling out the addprinter command.
Maybe one day, we need to have a "changeprinter command"...
Guenther
|
|
Guenther
|
|
Guenther
|
|
When the printer has been removed by the "deleteprinter command", we need to
check if it is still there and then fail, not fail if we successfully removed
it (found by RPC-SPOOLSS-PRINTER).
Guenther
|
|
Guenther
|
|
Windows will allow to add a non-shared printer that is returned by EnumPrinters.
Samba has no notion of non-shared local printers yet, so just make sure to
behave like we do elsewhere: a printer autoloaded by samba or added to samba is
shared.
Guenther
|
|
Guenther
|
|
Shuttle-reviewed by jra :)
Guenther
|
|
Guenther
|
|
Parts of the Samba RPC client and server code misinterpret authenticated
packets.
DCE authenticated packets actually look like this :
+--------------------------+
|header |
| ... frag_len (packet len)|
| ... auth_len |
+--------------------------+
| |
| Data payload |
... ....
| |
+--------------------------+
| |
| auth_pad_len bytes |
+--------------------------+
| |
| Auth footer |
| auth_pad_len value |
+--------------------------+
| |
| Auth payload |
| (auth_len bytes long) |
+--------------------------+
That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).
The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).
Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.
This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).
This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.
Jeremy
|
|
Re-arrange the operations order so SMB_VFS_CONNECT is done
first as root (to allow modules to correctly initialize themselves).
Reviewed modules to check if they needed CONNECT invoked as
a user (which we previously did) and it turns out any of them
that cared needed root permissions anyway.
Jeremy.
|
|
At the formerly used process_result statement we have alone one
NT_STATUS_IS_OK() which never could be hit in our case as we only go here
if NT_STATUS_EQUAL is not ok.
|
|
|
|
To provide the user with the same SID when doing Kerberos logins, attempt to do
a make_server_info_sam instead of a make_server_info_pw.
|
|
|
|
Detected while showing this code to obnox :-)
|
|
There's no need to still hold the g_lock tdb-level lock while telling the
waiters to retry
|
|
In g_lock_unlock we have a little race between the process_exists and
messaging_send call: We only send to 5 waiters now, they all might have died
between us checking their existence and sending the message. This change makes
g_lock_lock retry at least once every minute.
|
|
Only notify the first 5 pending lock waiters. This avoids a thundering herd
problem that is really nasty in a cluster. It also makes acquiring a lock a bit
more FIFO, lock waiters are added to the end of the array.
|
|
Only check the existence of the lock owner in g_lock_parse, check the rest of
the records only when we got the lock successfully. This reduces the load on
process_exists which can involve a network roundtrip in the clustered case.
|
|
g_lock_parse might have thrown away entries from the locks array because the
processes were not around anymore. Don't store the orphaned entries.
|
|
|
|
We still dont get the marshalling right, disable and XP will just fall back to
level 6.
Guenther
|
|
Update the manpage accordingly.
|
|
A return code of 1 from initgroups() is OK since apparently it means
the gid has already been set. The man page doesn't mention this.
|
|
convert smbcacls, sharesec and web/
|
|
|
|
|
|
|
|
|
|
This uses another char* cast hack. Left alone for now.
|
|
|
|
the sort_query_replies() in nmblib.c is a TODO. It uses a hack that
treats a char* as a structure. I've left that one alone for now.
|
|
This one was a bit trickier. I'd appreciate it if someone else can
look over this.
|
|
|
|
|
|
We have already returned if (argc < 1) above
|
|
|
|
|
|
|
|
|