summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2010-02-18s3-rpcclient: fix uninitialized variable in wkssvc_enumerateusers.Günther Deschner1-2/+2
Guenther
2010-02-17Fix bug #7146 - Samba miss-parses authenticated RPC packets.Jeremy Allison4-138/+363
Parts of the Samba RPC client and server code misinterpret authenticated packets. DCE authenticated packets actually look like this : +--------------------------+ |header | | ... frag_len (packet len)| | ... auth_len | +--------------------------+ | | | Data payload | ... .... | | +--------------------------+ | | | auth_pad_len bytes | +--------------------------+ | | | Auth footer | | auth_pad_len value | +--------------------------+ | | | Auth payload | | (auth_len bytes long) | +--------------------------+ That's right. The pad bytes come *before* the footer specifying how many pad bytes there are. In order to read this you must seek to the end of the packet and subtract the auth_len (in the packet header) and the auth footer length (a known value). The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long as the pad alignment is on an 8 byte boundary (there are some special cases in the code for this). Tridge discovered there are some (DRS replication) cases where on 64-bit machines where the pad alignment is on a 16-byte boundary. This breaks the existing S3 hand-optimized rpc code. This patch removes all the special cases in client and server code, and allows the pad alignment for generated packets to be specified by changing a constant in include/local.h (this doesn't affect received packets, the new code always handles them correctly whatever pad alignment is used). This patch also works correctly with rpcclient using sign+seal from the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow) so even as a server it should still work with older libsmbclient and winbindd code. Jeremy
2010-02-17Fix bug #6557 - Do not work VFS full_auditJeremy Allison1-51/+34
Re-arrange the operations order so SMB_VFS_CONNECT is done first as root (to allow modules to correctly initialize themselves). Reviewed modules to check if they needed CONNECT invoked as a user (which we previously did) and it turns out any of them that cared needed root permissions anyway. Jeremy.
2010-02-17s3: go straight to winbindd_dual_pam_auth() in case of !NT_STATUS_OKLars Müller1-1/+1
At the formerly used process_result statement we have alone one NT_STATUS_IS_OK() which never could be hit in our case as we only go here if NT_STATUS_EQUAL is not ok.
2010-02-17s3: let the pam_winbind po files reference the correct locationLars Müller20-644/+644
2010-02-17s3: Fix bug 7139Volker Lendecke1-2/+32
To provide the user with the same SID when doing Kerberos logins, attempt to do a make_server_info_sam instead of a make_server_info_pw.
2010-02-16s3:rpc streamline memory handlingSimo Sorce1-13/+5
2010-02-16s3: Fix timeout calculation if g_lock_lock is given a timeout < 60sVolker Lendecke1-1/+6
Detected while showing this code to obnox :-)
2010-02-16s3: Slightly increase parallelism in g_lockVolker Lendecke1-1/+7
There's no need to still hold the g_lock tdb-level lock while telling the waiters to retry
2010-02-16s3: Avoid starving locks when many processes die at the same timeVolker Lendecke1-6/+4
In g_lock_unlock we have a little race between the process_exists and messaging_send call: We only send to 5 waiters now, they all might have died between us checking their existence and sending the message. This change makes g_lock_lock retry at least once every minute.
2010-02-16s3: Avoid a thundering herd in g_lock_unlockVolker Lendecke1-1/+16
Only notify the first 5 pending lock waiters. This avoids a thundering herd problem that is really nasty in a cluster. It also makes acquiring a lock a bit more FIFO, lock waiters are added to the end of the array.
2010-02-16s3: Optimize g_lock_lock for a heavily contended caseVolker Lendecke1-3/+36
Only check the existence of the lock owner in g_lock_parse, check the rest of the records only when we got the lock successfully. This reduces the load on process_exists which can involve a network roundtrip in the clustered case.
2010-02-16s3: Fix handling of processes that died in g_lockVolker Lendecke1-3/+5
g_lock_parse might have thrown away entries from the locks array because the processes were not around anymore. Don't store the orphaned entries.
2010-02-15s3: Fix a typoVolker Lendecke1-1/+1
2010-02-15spoolss: disable GetPrinterDriver level 101 (as called by XP).Günther Deschner1-2/+6
We still dont get the marshalling right, disable and XP will just fall back to level 6. Guenther
2010-02-15s3: eventlogadm.c: add -s option to use alternative config file.Holger Hetterich1-4/+15
Update the manpage accordingly.
2010-02-14s3: Fix initgroups return checkPeter Watkins1-1/+1
A return code of 1 from initgroups() is OK since apparently it means the gid has already been set. The man page doesn't mention this.
2010-02-14s3: last part of TYPESAFE_QSORT() conversionAndrew Tridgell3-6/+5
convert smbcacls, sharesec and web/
2010-02-14s3-smbd: convert lanman and notify code to TYPESAFE_QSORT()Andrew Tridgell2-12/+4
2010-02-14s3-rpc: convert wkssvc to use TYPESAFE_QSORT()Andrew Tridgell1-10/+4
2010-02-14s3-locking: convert brlock to TYPESAFE_QSORT()Andrew Tridgell1-3/+2
2010-02-14s3: convert registry and printing code to TYPESAFE_QSORT()Andrew Tridgell3-8/+6
2010-02-14s3-nmbd: note TODO item for qsortAndrew Tridgell1-0/+2
This uses another char* cast hack. Left alone for now.
2010-02-14s3-vfs: use TYPESAFE_QSORT() in s3 VFS modulesAndrew Tridgell2-8/+6
2010-02-14s3-lib: use TYPESAFE_QSORT() in remaining s3 library codeAndrew Tridgell3-3/+6
the sort_query_replies() in nmblib.c is a TODO. It uses a hack that treats a char* as a structure. I've left that one alone for now.
2010-02-14s3-libsmb: use TYPESAFE_QSORT() in namequery codeAndrew Tridgell1-14/+12
This one was a bit trickier. I'd appreciate it if someone else can look over this.
2010-02-14s3-lib: use TYPESAFE_QSORT() in s3 interfaces codeAndrew Tridgell1-1/+1
2010-02-14s3-includes: enable TYPESAFE_QSORT() in s3Andrew Tridgell1-0/+1
2010-02-13s3: Fix Coverity ID 629: DEADCODEVolker Lendecke1-3/+0
We have already returned if (argc < 1) above
2010-02-13s3: Fix bug 5198 -- parse chfn(1)-change gecos fieldVolker Lendecke1-1/+34
2010-02-13s3: Fix typo found by jhell <jhell@DataIX.net>Volker Lendecke1-2/+2
2010-02-13libwbclient: Separate out the async functionsKai Blin1-5/+11
2010-02-13s3: Remove unused comparison fn from "struct sorted_tree"Volker Lendecke3-10/+4
2010-02-13s3: Make adt_tree data definitions private to adt_tree.cVolker Lendecke2-16/+15
2010-02-13s3: SORTED_TREE -> struct sorted_treeVolker Lendecke3-14/+16
2010-02-13s3: TREE_NODE -> struct tree_nodeVolker Lendecke2-17/+23
2010-02-13s3: Fix some nonempty blank linesVolker Lendecke1-69/+68
2010-02-13s3: Fix a C++ warningVolker Lendecke1-1/+1
2010-02-12Use sec_initial_uid() in the places where being root doesn't matter,Jeremy Allison5-5/+5
and 0 in the places where it does. Jeremy
2010-02-12Simplify the logic in make_connection_snum(), and make it match Windows ↵Jeremy Allison1-41/+63
behavior. Cause all exit paths to go through one place, where all cleanup is done. change_to_root_user() for pathname operations that should succeed if the path exists, even if the connecting user has no access. For example, a share can now be defined with a path of /root/only/access (where /root/only/access is a directory path with all components only accessible to root e.g. root owned, permissions 700 on every component). Non-root users will now correctly connect, but get ACCESS_DENIED on all activities (which matches Windows behavior). Previously, non-root users would get NT_STATUS_BAD_NETWORK_NAME on doing a TConX to this share, even though it's a perfectly valid share path (just not accessible to them). This change was inspired by the research I did for bug #7126, which was reported by bepi@adria.it. As this is a change in a core function, I'm proposing to leave this only in master for 3.6.0, not back-port to any existing releases. This should give us enough time to decide if this is the way we want this to behave (as Windows) or if we prefer the previous behavior. Jeremy.
2010-02-12Fix warning messages on compile in g_lock.c Volker & Michael please check.Jeremy Allison1-14/+4
Jeremy.
2010-02-12s3/smbd: change locking behavior when "lock spin time = 0".Steven Danneman2-7/+16
The "lock spin time" parameter mimics the following Windows setting which by default is 250ms in Windows and 200ms in Samba. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\LockViolationDelay When a client sends repeated, non-blocking, contending BRL requests to a Windows server, after the first Windows starts treating these requests as timed blocking locks with the above timeout. As an efficiency, I've changed the behavior when this setting is 0, to skip this logic and treat all requests as non-blocking locks. This gives the smbd server behavior similar to the 3.0 release with the do_spin_lock() implementation. I've also changed the blocking lock parameter in the call from push_blocking_lock_request() to true as all requests made in this path are blocking by definition.
2010-02-12Remove #if SOFTLINK_OPTIMIZATION code.Jeremy Allison1-17/+0
This hasn't been turned on or been capable of doing so for many years now. Makes this jumbo function smaller... Jeremy.
2010-02-12Revert "Fix bug #7126 - [SMBD] With access denied error smbd return wrong ↵Jeremy Allison1-16/+9
NT_STATUS_OBJECT_PATH_INVALID error" This reverts commit 2fdd8b10c6abadd27c579e772c0482214d2363a5. This fix is incorrect. The original code works as desired, I made a mistake here. Jeremy.
2010-02-12Fix bug #7126 - [SMBD] With access denied error smbd return wrong ↵Jeremy Allison1-9/+16
NT_STATUS_OBJECT_PATH_INVALID error As tridge's comment says, we should be ignoring ACCESS_DENIED on the share path in a TconX call, instead allowing the mount and having individual SMB calls fail (as Windows does). The original code erroneously caught SMB_VFS_STAT != 0 and errored out on that. Jeremy.
2010-02-12s3:registry: eliminate race condition in creating/scanning sorted subkeysMichael Adam1-0/+17
Called, from key_exists, scan_sorted_subkeys re-creates the sorted subkeys record of the given key and then searches through it. The race is that between creation and parsing of the sorted subkey record, another process that stores some other subkey of the same parent key will delete the sorted subkey record, resulting in an WERR_BADFILE of an operation that should actually succeed. This patch fixes the issue by wrapping the creation and parsing into a transaction. Michael
2010-02-12s3:make "net conf addshare" atomic by wrapping all writes in one transactionMichael Adam1-6/+36
Michael
2010-02-12s3:g_lock: remove a nested event loop, replacing the inner loop by selectMichael Adam1-38/+101
This made smbd crash in g_lock_lock() when trying to start a transaction on a db with an already started transaction, e.g. in a tcon_and_X where the share_info.tdb was not yet initialized but share_info.tdb was already locked by another process or writing acces to the winreg rpc pipe where the registry tdb was already locked by another process. What we really _want_ to do here by design is to react to MSG_DBWRAP_G_LOCK_RETRY messages that are either sent by a client doing g_lock_unlock or by ourselves when we receive a CTDB_SRVID_SAMBA_NOTIFY or CTDB_SRVID_RECONFIGURE message from ctdbd, i.e. when either a client holding a lock or a complete node has died. Doing this properly involves calling tevent_loop_once(), but doing this here with the main ctdbd messaging context creates a nested event loop when g_lock_lock() is called from the main event loop. So as a quick fix, we act a little corasely here: we do a select on the ctdb connection fd and when it is readable or we get EINTR, then we retry without actually parsing any ctdb packages or dispatching messages. This means that we retry more often than necessary and intended by design, but this does not harm and it is unobtrusive. When we have finished, the main loop will pick up all the messages and ctdb packets. The only extra twist is that we cannot use timed events here but have to handcode a timeout for select. Michael
2010-02-12s3:ctdb_conn: add ctdbd_conn_get_fd() to get the fd out of the ctdb connectionMichael Adam2-0/+7
Michael
2010-02-12s3:g_lock: remove an unreached code path.Michael Adam1-4/+0
Michael