Age | Commit message (Collapse) | Author | Files | Lines |
|
(cherry picked from commit a7d8bfd373392eecf4fff33d39b85e1b55ad901d)
|
|
(cherry picked from commit 4d23d777bc6d4fad20d0f3084fe658635812bee9)
|
|
uses of (list)->prev are moved over to DLIST_PREV. This will be replaced
when the final (new) version of the dlinklist.h header is added.
Jeremy.
|
|
This reverts commit 84fba3c1bc962804259f201d465acfdf0cd3c6a8.
Now we have a "processed packet queue" in nmbd we can go back
to doing this by default.
Jeremy.
|
|
Add a simple "processed packet queue" cache to stop nmbd responding to
packets received on the broadcast and non-broadcast socket (which
it has opened when "nmbd bind explicit broadcast = yes").
This is a very simple packet queue - it only keeps the packets
processed during a single call to listen_for_packets() (i.e. one
select call). This means that if the delivery notification for a
packet received on both broadcast and non-broadcast addresses
is done in two different select calls, the packet will still be
processed twice. This is a very rare occurrance and we can just
live with it when it does as the protocol is stateless. If this
is ever flagged as a repeatable problem then we can add a longer
lived cache, using timeout processing to clear etc. etc. But without
storing all packets processed we can never be *sure* we've eliminated
the race condition so I'm going to go with this simple solution until
someone proves a more complex one is needed :-).
Jeremy.
|
|
until the double processing problem in bug #7118 is fixed.
Jeremy.
|
|
|
|
values in subsequent SMBtrans replies)
There are two problems:
1). The server is off-by-one in the end of buffer space test.
2). The server returns 0 in the totaldata (smb_vwv1) and totalparams (smb_vwv0)
fields in the second and subsequent SMBtrans replies.
This patch fixes both.
Jeremy.
|
|
Jeremy.
|
|
dumps.
Ensure we have no naked memcpy calls. This isn't a crash bug (it's
already checked in the data_blob_talloc_zero() above, but I want to
get into the pattern of having all memcpy's covered by safety checks.
Jeremy.
|
|
Jeremy.
|
|
metze
|
|
A comparison function for qsort needs to return an 'int'!
Otherwise you'll get random results depending on the compiler
and the architecture...
metze
|
|
So force bash until we removed the dependency to bash.
metze
|
|
local sam
Otherwise retry with pdb_gid_to_sid().
metze
|
|
|
|
|
|
Fix a comment typo.
Jeremy.
|
|
As pointed out by bj@sernet.de, the rmdir module initializer was
duplicated. Fix this properly.
Jeremy.
|
|
metze
|
|
This is needed to support large browse lists.
metze
|
|
metze
|
|
metze
|
|
broadcast"
metze
|
|
And send replies always via the unicast address of the subnet.
This behavior is off by default (as before)
and can be enabled with "nmbd:bind explicit broadcast = yes".
metze
|
|
Bjoern, please check.
Guenther
|
|
metze
|
|
ldapsam_alias_memberships() does the same LDAP search twice, triggered
via add_aliases() from create_local_nt_token().
This happens when no domain aliases are used.
metze
|
|
support
And also store the gid_to_sid mappings in the idmap_cache.
metze
|
|
Use the cached version gid_to_sid() instead
of pdb_gid_to_sid().
And also avoid the expensive lookup_sid() call
for wellkown domain groups.
metze
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
The normal gid_to_sid behaviour is to call sys_getgrgid()
to get the name for the given gid and then call the
getsamgrnam passdb method for the resulting name.
In the ldapsam:trusted case we can reduce the gid_to_sid
operation to one simple search for the gidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.
metze
|
|
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
our vfs modules
|
|
Thanks, Volker for the hint - acl_type is a macro on Tru64. Renamed it
to acltype. This fixes #7103.
|
|
|
|
|
|
|
|
|
|
|
|
after recent fixes we need to raise the version to 1.2.1 so that
we can require also the right patched version.
|
|
Jeremy.
|
|
tevent ensures that a timed event is only called once. The old events
code relied on the called handler removing the event itself. If the
handler removed the event after calling a function which invoked the
event loop then the timed event could loop forever.
This change makes the two timed event systems more compatible, by
allowing the handler to free the te if it wants to, but ensuring it is
off the linked list of events before the handler is called, and
ensuring it is freed even if the handler doesn't free it.
|
|
On unclean shutdown we can end up with stale entries in the brlock,
connections and locking db. Previously we would do the cleanup on
every unclean exit, but that can cause smbd to be completely
unavailable for several minutes when a large number of child smbd
processes exit.
This adds a rate limited cleanup of the databases, with the default
that cleanup happens at most every 20s
|
|
These have been replaced with the min timeout in blocking.c
|
|
When we are waiting on a pending byte range lock, another smbd might
exit uncleanly, and therefore not notify us of the removal of the
lock, and thus not trigger the lock to be retried.
We coped with this up to now by adding a message_send_all() in the
SIGCHLD and cluster reconfigure handlers to send a MSG_SMB_UNLOCK to
all smbd processes. That would generate O(N^2) work when a large
number of clients disconnected at once (such as on a network outage),
which could leave the whole system unusable for a very long time (many
minutes, or even longer).
By adding a minimum re-check time for pending byte range locks we
avoid this problem by ensuring that pending locks are retried at a
more regular interval.
|
|
Jeremy.
|
|
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
Jeremy.
|
|
|
|
|