summaryrefslogtreecommitdiff
path: root/source4/ntvfs
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r3087: fixed a typoAndrew Tridgell1-1/+1
(This used to be commit 3791b97694f052b0b7e170e07c21f7a5739d74dd)
2007-10-10r3086: fixed smbpid handling in the cifs backendAndrew Tridgell1-2/+50
(This used to be commit fbc6949e95df6ea70ca9892099efb537ded97287)
2007-10-10r3083: fixed a couple of generic mapping errors found with RAW-* and ↵Andrew Tridgell1-2/+4
cifs:mapgeneric (This used to be commit 76329798ff7f804bf4d7e6e9c1bb4c4dc7b9bb01)
2007-10-10r3082: added a "cifs:mapgeneric" option, which tells the cifs backend to useAndrew Tridgell1-5/+50
the ntvfs_generic mapping functions rather than sending the exact function asked for. This allows the generic mapping functions to be tested by comparing the behaviour of smbtorture against two cifs backend shares, one using "cifs:mapgeneric = true" and the other "cifs:mapgeneric = False" (This used to be commit c240c6bca5e10f1acbff45b0ed41c4c1ebcaae96)
2007-10-10r3081: several updates to ntvfs and server side async request handling inAndrew Tridgell8-373/+656
preparation for the full share modes and ntcreatex code that I am working on. highlights include: - changed the way a backend determines if it is allowed to process a request asynchronously. The previous method of looking at the send_fn caused problems when an intermediate ntvfs module disabled it, and the caller then wanted to finished processing using this function. The new method is a REQ_CONTROL_MAY_ASYNC flag in req->control_flags, which is also a bit easier to read - fixed 2 bugs in the readbraw server code. One related to trying to answer a readbraw with smb signing (which can't work, and crashed our signing code), the second related to error handling, which attempted to send a normal SMB error packet, when readbraw must send a 0 read reply (as it has no header) - added several more ntvfs_generic.c generic mapping functions. This means that backends no longer need to implement such esoteric functions as SMBwriteunlock() if they don't want to. The backend can just request the mapping layer turn it into a write followed by an unlock. This makes the backends considerably simpler as they only need to implement one style of each function for lock, read, write, open etc, rather than the full host of functions that SMB provides. A backend can still choose to implement them individually, of course, and the CIFS backend does that. - simplified the generic structures to make them identical to the principal call for several common SMB calls (such as RAW_WRITE_GENERIC now being an alias for RAW_WRITE_WRITEX). - started rewriting the pvfs_open() code in preparation for the full ntcreatex semantics. - in pvfs_open and ipc_open, initially allocate the open file structure as a child of the request, so on error we don't need to clean up. Then when we are going to succeed the open steal the pointer into the long term backend context. This makes for much simpler error handling (and fixes some bugs) - use a destructor in the ipc backend to make sure that everthing is cleaned up on receive error conditions. - switched the ipc backend to using idtree for fnum allocation - in the ntvfs_generic mapping routines, use a allocated secondary structure not a stack structure to ensure the request pointer remains valid even if the backend replies async. (This used to be commit 3457c1836c09c82956697eb21627dfa2ed37682e)
2007-10-10r3064: - use UINT8_MAX and UINT16_MAX instead of hex values for ↵Andrew Tridgell2-3/+3
idr_get_new() limits - change idr_get_new() to use > instead of >= in the limit check (This used to be commit 834b09929bcb8aabdd151b7c2306001497cabdb4)
2007-10-10r3057: - moved the idtree.c code into lib/Andrew Tridgell2-361/+0
- converted the tid handling to use a idtree instead of bitmaps (This used to be commit 4220914179d10132057216650b65ed7f7679717e)
2007-10-10r3056: added a id -> pointer data structure (a type of radix tree). This isAndrew Tridgell7-130/+494
an extremely efficient way of mapping from an integer handle (such as an open file handle) to a pointer (such as the structure containing the open file information). The code is taken from lib/idr.c in the 2.6 Linux kernel, and is very fast and space efficient. By using talloc it even has auto cleanup. This commit converts the handling of open file handles and open directory search handles to use the idtree routines. In combination with talloc destructors, this simplifies the structure handling in the pvfs backend a lot. For example, we no longer need to keep a linked list of open directory searches at all, and we no longer need to do linear scans of the list of open files on most operations. The end result is that the pvfs code is now extremely scalable. You can have 10s of thousands of open files and open searches and the code still runs very fast. I have also added a small optimisation into the file close path, to avoid looking in the byte range locking database if we know that there are no locks outstanding. (This used to be commit 16835a0ef91a16fa01145b773aad8d43da215dbf)
2007-10-10r3055: use talloc_zero_p()Andrew Tridgell1-1/+1
(This used to be commit 7bea9afeed219efa51aa8268af96f782f23f2400)
2007-10-10r3047: Always include a \ again before the pipe name we're opening. Without aJelmer Vernooij1-4/+3
backslash works, but is not like Windows does it. (This used to be commit f6deb3d065e1a88f92bcb8a4a138453650c97b0b)
2007-10-10r3046: \\PIPE\\ is internal (not actually included on the wire)Jelmer Vernooij1-1/+1
(This used to be commit 7771b5d8fa3db759487474eb7172df45bb3221ae)
2007-10-10r3043: Use binding strings for specifying endpoints. The property forJelmer Vernooij1-5/+0
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]", where ifacename is the name of the interface. Examples: [ uuid(60a15ec5-4de8-11d7-a637-005056a20182), endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:") ] interface rpcecho { void dummy(); } dcerpc_binding is now converted to ep_description in the server, but I hope to completely eliminate ep_description later on. The eventual goal of all these changes is to make it easier to add transports as I'm going to add support for ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets). (This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
2007-10-10r3039: This solves the problem of async handlers in ntvfs backends not beingAndrew Tridgell9-4/+120
in the right state when called. For example, when we use the unixuid handler in the chain of handlers, and a backend decides to continue a call asynchronously then we need to ensure that the continuation happens with the right security context. The solution is to add a new ntvfs operation ntvfs_async_setup(), which calls all the way down through the layers, setting up anything that is required, and takes a private pointer. The backend wanting to make a async calls can use ntvfs_async_setup() to ensure that the modules above it are called when doing async processing. (This used to be commit a256e71029727fa1659ade6257085df537308c7d)
2007-10-10r3035: if the ntvfs layers prior to us have said that we can't perform anAndrew Tridgell1-1/+2
operation asynchronously (such as the nbench module), then ignore lock timeouts, as they would make no sense (This used to be commit 2894dd0ac0ddd0ae5b4d536d5cff0690bbfab1a0)
2007-10-10r3034: - fixed a bug in message dispatch, when the dispatch function called ↵Andrew Tridgell3-14/+38
messaging_deregister() - added a pvfs_lock_close_pending() hook to remove pending locks on file close - fixed the private ptr argument to messaging_deregister() in pvfs_wait - fixed a bug in continuing lock requests after a lock that is blocking a pending lock is removed - removed bogus brl_unlock() call in lock continue - corrected error code for LOCKING_ANDX_CHANGE_LOCKTYPE - expanded the lock cancel test suite to test lock cancel by unlock and by close - added a testsuite for LOCKING_ANDX_CHANGE_LOCKTYPE (This used to be commit 5ef80f034d4aa4dd6810532c63ad041bfc019cb8)
2007-10-10r3031: added support for lock cancelation, which effectively just triggers ↵Andrew Tridgell4-11/+72
an early lock timeout added support for more of the bizarre special lock offset semantics of w2k3 (This used to be commit d5bfc910b1200fb283e26572dc57fcf93652fd32)
2007-10-10r3029: implemented byte range lock timeouts.Andrew Tridgell6-35/+561
This adds a pvfs_wait_message() routine which uses the new messaging system, event timers and talloc destructors to give a nice generic async event handling system with a easy to use interface. The extensions to pvfs_lock.c are based on calls to pvfs_wait_message() routines. We now pass all of our smbtorture locking tests, although while writing this code I have thought of some additonal tests that should be added, particularly for lock cancel operations. I'll work on that soon. This commit also extends the smbtorture lock tests to test the rather weird 0xEEFFFFFF locking semantics that I have discovered in win2003. Win2003 treats the 0xEEFFFFFF boundary as special, and will give different error codes on either side of it. Locks on both sides are allowed, the only difference is which error code is given when a lock is denied. Anyone like to hazard a guess as to why? It has me stumped. (This used to be commit 4395c0557ab175d6a8dd99df03c266325949ffa5)
2007-10-10r3024: run the *_connect() NTVFS initialisation operation as root, to allowAndrew Tridgell1-1/+4
backends to open databases and perform any other privileged operations that might be needed. (This used to be commit 54fd395025656d9b264ba1c1fab6e3ce8ca3d357)
2007-10-10r3017: nicer memory handling for event_context_merge()Andrew Tridgell1-2/+2
(This used to be commit 1cef44505e5de9b8ae5206522b624082ad2343b2)
2007-10-10r3012: added initial support for byte range locking in the posix vfs. This isAndrew Tridgell8-22/+645
enough for us to pass locktest, but does not yet support lock timeouts and some of the other esoteric features. (This used to be commit 58a92abd88f190bc60894a68e0528e95ae33fe39)
2007-10-10r2984: fixed the error code for a non-terminal component of a path name not ↵Andrew Tridgell1-2/+1
existing (This used to be commit c6a922dbd844c69bbba83c259169655d17e9f87f)
2007-10-10r2941: added pvfs_flush() implementation to the posix backendAndrew Tridgell4-10/+67
(This used to be commit dac00ef3b0d0f8467367d7b6ff77db7b63a042cc)
2007-10-10r2934: - changed the unixuid module to use the nt_user_token instead of the ↵Andrew Tridgell1-14/+19
server supplied info structure. - added SID_WORLD and SID_NETWORK to the foreign sids in the provisioning, as these are auto-added to the nt_user_token (why is that done? Andrew?) (This used to be commit 1dff12fba88827660a2647457867bf4ff6bc8d3d)
2007-10-10r2931: use next_codepoint() to ensure we properly handle multi-byte ↵Andrew Tridgell1-2/+6
characters in pvfs_unix_path() (This used to be commit 0acf95d84c51d564f7215d34364c37ca74a2a150)
2007-10-10r2930: added a security context cache to the unixuid module. The moduleAndrew Tridgell1-4/+22
doesn't actually leave us in the requested sec context between requests yet, but it does prevent us from doing the samdb lookup on every packet. This change speeds up the BASE-MANGLE test against Samba4 with 5000 operations from 61 seconds to 16 seconds. For reference, Samba3 takes 27 seconds for the same test (the string and filename handling in Samba4 is much more efficient than Samba3) (This used to be commit da0481ac75a01270897da5aa24dbb2b431928b30)
2007-10-10r2928: - fixed the handling of reserved names (rejecting them with ↵Andrew Tridgell3-38/+23
ACCESS_DENIED) - don't check for '.' specially in checking for legal names. Longhorn doesn't do this any more, and its a real pain. Longhorn allows for filenames ending in '.', and with as many '.' elements as you like. (This used to be commit 0a475175c53016bfa5b8246819676ddcd8b66feb)
2007-10-10r2927: imported the hash2 name mangling code from Samba3 into Samba4, butAndrew Tridgell5-39/+693
heavily modified to suit the Samba4 architecture. Samba4 with posix backend now passes the BASE-MANGLE test (This used to be commit ed52d69e8a065b6a8df2fb73c89be67acfdbca65)
2007-10-10r2926: name->dos.attrib is not valid unless name->exists is trueAndrew Tridgell1-2/+4
(This used to be commit f85a0b725d3bf67531e6874d4e8558fb050bb66f)
2007-10-10r2916: longhorn client doesn't bother setting the directory bit in ntcreatexAndrew Tridgell1-1/+6
when opening directories. This change allows samba4 server to work with longhorn client. (This used to be commit 4a8b0302eff37ccfcb66b91259ee5da20879c652)
2007-10-10r2904: - fixed the old style SMBsearch to return the pvfs shortname, not a ↵Andrew Tridgell2-3/+6
truncated long name. - short name can be up to 12 bytes, not 11 (This used to be commit 657103ec6264bf4c2986fedd3fc6577746395d49)
2007-10-10r2893: added very primitive name mangling support to pvfsAndrew Tridgell2-4/+58
(This used to be commit 749fa73544201f521d9cd3fa972b89cae99bc2c0)
2007-10-10r2803: allow unixuid module to work with foreign security principlesAndrew Tridgell1-4/+8
(This used to be commit f522728728fa523ce7d9e73c93b27e71f3757d50)
2007-10-10r2800: removed the warning about using the posix ntvfs handler, as it is nowAndrew Tridgell1-2/+0
considerably more complete than the simple handler (This used to be commit e6ecd31be8e91f552d891c41b2f8737519a490a1)
2007-10-10r2796: - changed ldap attributes "UnixID" to "unixID" and "UnixName" to ↵Andrew Tridgell1-18/+23
"unixName" to be more ldap traditional - register the unixuid module as all 3 ntvfs backend types, as it doesn't care what type of backend it filters (This used to be commit cd43def6ce280442306f14ca61508b4f7eb92cb6)
2007-10-10r2794: a very simple version of the unixuid NTVFS pass-thru module. InAndrew Tridgell5-55/+821
conjunction with the posix backend this gives us a way to correctly setup the unix security context in Samba4. I chose the following method to determine the unix uid's and gid's to use given the list of SIDs from the login process - look for a "UnixID" field in the sam record. If present, then use it (check if the record is of the right type as well) - if UnixID is not present, then look for the "UnixName" sam field. If it is present then use getpwnam() or getgrnam() to find the unix id. - if UnixID and UnixName are not present, then look for a unix account of the right type called by the same name as the sAMAccountName field. - if none of the above work then fail the operation with NT_STATUS_ACCESS_DENIED obviously these steps only work well with a local SAM. It will need to be more sophisticated in future. I did not put any cache in place at all. That will need to be added for decent performance. (This used to be commit 78b67d19b9766131f0270e451089ee5bb1aa8bd9)
2007-10-10r2789: fix compileSimo Sorce1-1/+1
(This used to be commit a34ba8dafebb65e59616a0e68cc3d6fe3a349801)
2007-10-10r2788: prevent a memory leak in the pvfs search backendAndrew Tridgell2-4/+6
(This used to be commit 1de22070610231e60d329f56997bbec2cc674a4e)
2007-10-10r2786: - match on both long and short name for search posix backendAndrew Tridgell3-4/+29
- a final name component of . is illegal (This used to be commit 11c852170b83e5adbdb58407e1c7d3aeb4ab5bb8)
2007-10-10r2751: this is a new ntvfs design which tries to solve:Stefan Metzmacher24-415/+1178
- the stacking of modules - finding the modules private data - hide the ntvfs details from the calling layer - I set NTVFS_INTERFACE_VERSION 0 till we are closer to release (because we need to solve some async problems with the module stacking) metze (This used to be commit 3ff03b5cb21bb79afdd3b1609be9635f6688a539)
2007-10-10r2710: continue with the new style of providing a parent context wheneverAndrew Tridgell2-25/+16
possible to a structure creation routine. This makes for much easier global cleanup. (This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
2007-10-10r2679: fixed an uninitialised variable found with valgrindAndrew Tridgell1-1/+2
(This used to be commit 9087fab0adcf1791caeb795509ca9f14f5f47e82)
2007-10-10r2671: we're getting too many errors caused by the talloc_realloc() API notAndrew Tridgell5-18/+11
taking a context (so when you pass a NULL pointer you end up with memory in a top level context). Fixed it by changing the API to take a context. The context is only used if the pointer you are reallocing is NULL. (This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell12-22/+156
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2656: moved the seteuid configure tests into the posix backend (these testsAndrew Tridgell1-0/+57
don't actually work yet, that will come later) (This used to be commit 46b790c19da25ba88d29f555f828688bb05e531d)
2007-10-10r2654: fixed some more server memory leaks. We are now down to a single leakAndrew Tridgell1-1/+1
of 16 bytes, caused by the 16 byte data_blob in the smb_signing code. (This used to be commit 2f1b788e09686e065d22f621f5c0c585192c6740)
2007-10-10r2634: use discard_const_p() in a few placesAndrew Tridgell1-2/+2
(This used to be commit 56ecda2178e33508c55c6195ccec41c06e099d6f)
2007-10-10r2633: fixed some function types in the (unused) print backendAndrew Tridgell1-2/+2
(This used to be commit e9803058ecc0b0f849aee48a077bff4e2c8feaa5)
2007-10-10r2627: use the new talloc capabilities in a bunch more places in the rpcAndrew Tridgell1-1/+1
server code. This fixes a number of memory leaks I found when testing with valgrind and smbtorture, as the cascading effect of a talloc_free() ensures that anything derived from the top level object is destroyed on disconnect. (This used to be commit 76d0b8206ce64d6ff4a192979c43dddbec726d6e)
2007-10-10r2613: use a talloc destructor to ensure that file descriptors are not leakedAndrew Tridgell1-2/+26
on abnormal termination of a connection. As long as the top level connection structure is freed then that should cascade down to the file structure, and call this destructor which will close the open file descriptor. In general I'd like to use this technique in any place in Samba4 where we hold operating system resources that we need to make sure are released on abnormal termination. (This used to be commit ed87b7fcbd9fedc155528ce6dd8ab5d5fce637b2)
2007-10-10r2591: fixed two errors in simple backend found with valgrindAndrew Tridgell1-0/+2
(This used to be commit 1730882b9d2ecff1b65e5fc85961edb300a9ce17)