summaryrefslogtreecommitdiff
path: root/source4/ntvfs
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7361: fixed the 'file becomes a directory' bug that marc kapland found.Andrew Tridgell2-4/+11
Thanks Marc! (This used to be commit d1c5eb3693b77b3eb7527dc2758a6ea75a100376)
2007-10-10r7294: implemented the irpc messaging system. This is the core of theAndrew Tridgell3-0/+3
management system I proposed on samba-technical a couple of days ago. Essentially it is a very lightweight way for any code in Samba to make IDL based rpc calls to anywhere else in the code, without the client or server having to go to the trouble of setting up a full rpc service. It can be used with any of our existing IDL, but I expect it will mostly be used for a new set of Samba specific management calls. The LOCAL-IRPC torture test demonstrates how it can be used by calling the echo_AddOne() call over this transport. (This used to be commit 3d589a09954eb8b318f567e1150b0c27412fb942)
2007-10-10r6599: Fix formating using 'linux' C styleAlexander Bokovoy3-19/+52
Fix memory handling for blkid caches which need to be cleared when session is done. (This used to be commit c623cc60541f747f0a801eb77d97bb0a3bb6956f)
2007-10-10r6597: Make use of libblkid (part of e2fsprogs) for reporting volume GUID, ↵Alexander Bokovoy2-2/+33
if possible. Implement smbclient's 'fsinfo' comand family which allows you to query file system information in all known levels. (This used to be commit 660d6e3915d0539dd78c77df6707ea84edb4d509)
2007-10-10r6580: fixed the bug that caused the truncation of the main file on a streamAndrew Tridgell2-7/+21
open with openx and the 'truncate if exists' flag (This used to be commit aa82b105d5871b3ca693a0757bb48cc589d88824)
2007-10-10r6579: improved the handling of lock timeouts and cancels in the pvfs lockingAndrew Tridgell1-16/+16
code. On lock cancel don't retry the lock. (This used to be commit dffeb3c3d44d1b837a6036c47eb809ce1bd53b22)
2007-10-10r6342: fixed a bad union assumption that caused ACLs to fail on 64 bit machinesAndrew Tridgell1-1/+1
Thanks to lars and agruen for finding this (This used to be commit 2acc06918574b1178eecf3d61026f84f85bb40e1)
2007-10-10r6229: Back out these changes ...Richard Sharpe1-1/+1
(This used to be commit 321fbae51267153102e47845736f2c3a5abfe0be)
2007-10-10r6219: This change allows us to fall back to authenticating withoutRichard Sharpe1-1/+1
DCERPC_SCHANNEL_128 if we fail. Thus, it allows us to work with Windows NT DCs ... (This used to be commit 3034b226705c4736d57c9bf4e9470c4d44c72e8e)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-4/+10
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5988: Fix the -P option (use machine account credentials) to use the Samba4Andrew Bartlett1-7/+7
secrets system, and not the old system from Samba3. This allowed the code from auth_domain to be shared - we now only lookup the secrets.ldb in lib/credentials.c. In order to link the resultant binary, samdb_search() has been moved from deep inside rpc_server into lib/gendb.c, along with the existing gendb_search_v(). The vast majority of this patch is the simple rename that followed, (Depending on the whole SAMDB for just this function seemed pointless, and brought in futher dependencies, such as smbencrypt.c). Andrew Bartlett (This used to be commit e13c671619bd290a8b3cae8555cb281a9a185ee0)
2007-10-10r5902: A rather large change...Andrew Bartlett1-4/+7
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5666: winxp will use a NTTIME of -1 to mean "don't change" in setfileinfoAndrew Tridgell2-12/+12
basic_info. Add null_nttime() as the equivalent of the existing null_time() call for cheecking for valid NTTIME values (This used to be commit 439ce2efbf7d2ba9b17d6b4bfaf651e781140715)
2007-10-10r5501: check the return of talloc with the NT_STATUS_HAVE_NO_MEMORY()Stefan Metzmacher2-15/+12
macro... metze (This used to be commit 9ec6c0e97765e60ef195296f17d6a27b5d0dcca9)
2007-10-10r5500: ntvfs modules that are the final backend needs to set theStefan Metzmacher1-0/+8
dev and fs types this prevents the main smbsrv code from crashing when someone does a tree connect on a print share metze (This used to be commit e8b081d5d10ef617eaed88fd05990e7753a85b99)
2007-10-10r5309: removed ads.h from includes.hAndrew Tridgell1-0/+1
(This used to be commit 196c45b834c39f293b9533cec5cfe5a77382d4e2)
2007-10-10r5307: removed db_wrap.h from includes.hAndrew Tridgell3-0/+3
(This used to be commit 826baec7b348814a7bbdcdbec8c8526514f25da1)
2007-10-10r5302: fixed a compilation problem on solaris caused by the recent includeAndrew Tridgell2-10/+11
changes (This used to be commit e7e015f79b10c353848a17f31c91a0593790a560)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell15-13/+17
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5296: - only include the tdb headers where they are neededAndrew Tridgell4-0/+4
- removed the u32 hack in events.c as I think this was only needed as tdb.h defines u32. Metze, can you check that this hack is indeed no longer needed on your suse system? (This used to be commit 6f79432fe656164d4770dbce114a30dda5e7bf9a)
2007-10-10r5286: Some first steps in making the pidl code somewhat more generic for theJelmer Vernooij1-17/+17
various data types: Add ndr_flags argument to all ndr push/pull scalar functions (This used to be commit ab490c0c882bb13de190546c50a0631ecb8255ad)
2007-10-10r5197: moved events code to lib/events/ (suggestion from metze)Andrew Tridgell2-2/+2
(This used to be commit 7f54c8a339f36aa43c9340be70ab7f0067593ef2)
2007-10-10r5195: most events don't need the time of the event, so save a ↵Andrew Tridgell1-1/+1
gettimeofday() call and just use timeval_current() when its actually needed (This used to be commit 236403cc4dc2924ed6a898acae0bb44cc1688dcc)
2007-10-10r5185: make all the events data structures private to events.c. This willAndrew Tridgell2-15/+19
make it possible to add optimisations to the events code such as keeping the next timed event in a sorted list, and using epoll for file descriptor events. I also removed the loop events code, as it wasn't being used anywhere, and changed timed events to always be one-shot (as adding a new timed event in the event handler is so easy to do if needed) (This used to be commit d7b4b6de51342a65bf46fce772d313f92f8d73d3)
2007-10-10r5137: fix typesStefan Metzmacher2-2/+2
metze (This used to be commit add1c579375d08040f722946da31ee3862f9e7ac)
2007-10-10r5126: the composite code is no longer client specific or smb specific, soAndrew Tridgell1-1/+1
rename the core structure to composite_context and the wait routine to composite_wait() (suggestion from metze) (This used to be commit cf11d05e35179c2c3e51c5ab370cd0a3fb15f24a)
2007-10-10r5102: This is a major simplification of the logic for controlling top levelAndrew Tridgell6-35/+16
servers in smbd. The old code still contained a fairly bit of legacy from the time when smbd was only handling SMB connection. The new code gets rid of all of the smb_server specific code in smbd/, and creates a much simpler infrastructures for new server code. Major changes include: - simplified the process model code a lot. - got rid of the top level server and service structures completely. The top level context is now the event_context. This got rid of service.h and server.h completely (they were the most confusing parts of the old code) - added service_stream.[ch] for the helper functions that are specific to stream type services (services that handle streams, and use a logically separate process per connection) - got rid of the builtin idle_handler code in the service logic, as none of the servers were using it, and it can easily be handled by a server in future by adding its own timed_event to the event context. - fixed some major memory leaks in the rpc server code. - added registration of servers, rather than hard coding our list of possible servers. This allows for servers as modules in the future. - temporarily disabled the winbind code until I add the helper functions for that type of server - added error checking on service startup. If a configured server fails to startup then smbd doesn't startup. - cleaned up the command line handling in smbd, removing unused options (This used to be commit cf6a46c3cbde7b1eb1b86bd3882b953a2de3a42e)
2007-10-10r5050: make sure we translate the generic to the specific bits before doing aAndrew Tridgell1-5/+4
pvfs_access_check_unix(). Fixes a problem with the cifsfs filesystem (This used to be commit 8ebc61a2297176515d767ef0f67ec912293ab905)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell25-79/+79
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4980: Copy RAP callno constants from Samba 3 and start to use them.Tim Potter1-4/+1
(This used to be commit e32ade44858b869001d2990c788a7e34fb70b121)
2007-10-10r4979: Return NT_STATUS_INVALID_SYSTEM_SERVICE for unimplemented RAP calls asTim Potter1-1/+1
this is what win2k3 does. (This used to be commit 145d7c03df477eca08cb81d221e3a1b60ccf8c7f)
2007-10-10r4956: - moved the definition of the mangle context structure into a ↵Andrew Tridgell2-36/+35
pvfs_shortname - made the mangle cache size configurable (This used to be commit 4adbd01812a53395f175bd6d8e402ad5451f7561)
2007-10-10r4944: every event_add_*() caller was having to call talloc_steal() to takeAndrew Tridgell1-2/+1
control of the event, so instead build that into the function. If you pass NULL as mem_ctx then it leaves it as a child of the events structure. (This used to be commit 7f981b9ed96f39027cbfd500f41e0c2be64cbb50)
2007-10-10r4943: Smplified the events handling code a lot. The first source ofAndrew Tridgell1-1/+1
complexity was that events didn't automatically cleanup themselves. This was because the events code was written before we had talloc destructors, so you needed to call event_remove_XX() to clean the event out of the event lists from every piece of code that used events. I have now added automatic event destructors, which in turn allowed me to simplify a lot of the calling code. The 2nd source of complexity was caused by the ref_count, which was needed to cope with event handlers destroying events while handling them, which meant the linked lists became invalid, so the ref_count ws used to mark events for later destruction. The new system is much simpler. I now have a ev->destruction_count, which is incremented in all event destructors. The event dispatch code checks for changes to this and handles it. (This used to be commit a3c7417cfeab429ffb22d5546b205818f531a7b4)
2007-10-10r4942: converted the cifs backend to not use event_context_merge(). Instead,Andrew Tridgell1-16/+21
is supplies the server event context during the connect. (This used to be commit 133e67bb1fa661b0e0d340091be4160f9af04fe3)
2007-10-10r4887: removed a bogus castAndrew Tridgell1-1/+1
(This used to be commit a034556faa5d15fee44a58be3aea8aee8ffae3c8)
2007-10-10r4757: added the ability of the clisocket level of libcli to handle asyncAndrew Tridgell1-5/+5
socket connections. This was complicated by a few factors: - it meant moving the event context from clitransport to clisocket, so lots of structures changed - we need to asynchronously handle connection to lists of port numbers, not just one port number. The code internally tries each port in the list in turn, without ever blocking - the man page on how connect() is supposed to work asynchronously doesn't work in practice (now why doesn't this surprise me?). The getsockopt() for SOL_ERROR is supposed to retrieve the error, but in fact the next (unrelated) connect() call on the same socket also gets an error, though not the right error. To work around this I need to tear down the whole socket between each attempted port. I hate posix. Note that clisocket.c still does a blocking name resolution call in smbcli_sock_connect_byname(). That will be fixed when we add the async NBT resolution code. Also note that I arranged things so that every SMB connection is now async internally, so using plain smbclient or smbtorture tests all the async features of this new code. (This used to be commit 468f8ebbfdbdf37c757fdc4863626aa9946a8870)
2007-10-10r4728: split up server_services into:Stefan Metzmacher2-5/+5
- stream_socket services the smb, ldap and rpc service which sets up a srtam socket end then waits for connections and - task services which this you can create a seperate task that do something (this is also going through the process_model subsystem so with -M standard a new process for this created with -M thread a new thread ... I'll add datagram services later when we whave support for datagram sockets in lib/socket/ see the next commit as an example for service_task's metze (This used to be commit d5fa02746c6569b09b6e05785642da2fad3ba3e0)
2007-10-10r4726: - use the name tcon and tid instead of conn and cnumStefan Metzmacher1-1/+1
- make use of talloc destructors metze (This used to be commit 8308da6ce4a95f8c10e22949ef00e9e64f2dbb85)
2007-10-10r4690: - add support for async rpc server repliesStefan Metzmacher1-29/+20
the backend should check for (dce_call->state_flags & DCESRV_CALL_STATE_FLAG_MAY_ASYNC) then it's allowed to reply async then the backend should mark that call as async with dce_call->state_flags |= DCESRV_CALL_STATE_FLAG_ASYNC; later it has to manualy set r->out.result and then send the reply by calling status = dcesrv_reply(p->dce_call); NOTE: that ncacn_np doesn't support async replies yet - implement an async version of echo_TestSleep - reenable the echo_TestSleep torture test (this need to be more strict when we have support for async ncacn_np) metze (This used to be commit f0a0dbeb25b034b1333078ca085999359f5f6209)
2007-10-10r4684: the smbsrv code should not know about rpc stuffStefan Metzmacher1-8/+12
just vfs_ipc metze (This used to be commit f85ebd1e8e19f5ff271dd7d79190fea16d6a98c4)
2007-10-10r4615: added acl checking on directory search in pvfsAndrew Tridgell5-12/+24
(This used to be commit 0e61a422bd9a1596a284c176f033e958bbeaa8ce)
2007-10-10r4608: - use better error codesStefan Metzmacher1-12/+7
- use new NT_STATUS_* macros for error checking return - don't use talloc_p anymore metze (This used to be commit 372a8eeeefc2ebff50211985372888b5b6d4eb65)
2007-10-10r4595: on create check access against parent not child ...Andrew Tridgell1-2/+2
(This used to be commit 5a1a17d3fc771b1e1c61297067f38c87901891d3)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell3-6/+7
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4584: fix pvfs backend to pass the new enhanced RAW-ACLS test. Easy once I ↵Andrew Tridgell5-20/+43
really the strange behaviour I saw was a w2k3 bug :-) (This used to be commit e729061bcde25d0565a72222e4720ca8074ef23f)
2007-10-10r4567: Fix the build for metze.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit d05a9bf1a12c9f0b18c9e65b6aa03fa4283a1b68)
2007-10-10r4549: got rid of a lot more uses of plain talloc(), instead usingAndrew Tridgell4-7/+11
talloc_size() or talloc_array_p() where appropriate. also fixed a memory leak in pvfs_copy_file() (failed to free a memory context) (This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10r4547: - added talloc_new(ctx) macro that is a neater form of the common ↵Andrew Tridgell5-12/+12
talloc(ctx, 0) call. - cleaned up some talloc usage in various files I'd like to get to the point that we have no calls to talloc(), at which point we will rename talloc_p() to talloc(), to encourage everyone to use the typesafe functions. (This used to be commit e6c81d7c9f8a6938947d3c1c8a971a0d6d50b67a)
2007-10-10r4501: when copying files it is common for clients to copy the ACL. When theAndrew Tridgell1-2/+8
ACL is the default ACL this menas the copied file would have an xattr but the original would not. Avoid this by checking if the ACL being set is the original ACL, and avoid the copy. (This used to be commit 1df985a49b200a41eed39023aa668afb233f2e53)