summaryrefslogtreecommitdiff
path: root/source4/smb_server
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4011: get rid of rpc_secdes.h and replace it with a single sane set ofAndrew Tridgell1-19/+0
definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
2007-10-10r3971: fix compiler warningsStefan Metzmacher2-7/+7
metze (This used to be commit 234166606dc86b9e98226cff94b3869ec173671e)
2007-10-10r3916: w2k3 does not check the max_setup count in nttrans requestsAndrew Tridgell1-0/+3
(This used to be commit 671a864d8f3548b052ffa33fa8fb0bbf3a0e3970)
2007-10-10r3836: - fixed the handling of NT_STATUS_BUFFER_TOO_SMALL in nttrans serverAndrew Tridgell1-0/+13
- fixed revision number on default DACL - fixed DACL_PRESENT bit in acl query with these fixes cacls.exe and the GUI ACL editor in w2k both work against pvfs. The GUI editor is slow as it times out looking up the SID -> name mappings. (This used to be commit 4468018cb63fd884920c2b0f5235bded50c6b5db)
2007-10-10r3831: added nttrans server code for query/set security descriptor. ThisAndrew Tridgell1-1/+106
means ACLs now can be set/fetched from the CIFS NTVFS backend. (This used to be commit f49c636e10f1e4bba506baadb67a0e288f1717c4)
2007-10-10r3830: unified the query/set security descriptor code with the rest of theAndrew Tridgell1-0/+2
queryfileinfo/setfileinfo logic, so querying/setting a security descriptor is treated as just another file query/set operation. This will allow NTVFS backends to see the query/set security descriptor operations as RAW_FILEINFO_SEC_DESC and RAW_SFILEINFO_SEC_DESC operations. (This used to be commit f68a6b6b915c37e48c42390c1e74c2d1c2636fa9)
2007-10-10r3826: - added testing of ea lists in NTTRANS CREATEAndrew Tridgell1-6/+3
- fixed push/pull of chained ea lists - fixed a bug in the nttrans wire encoding (This used to be commit fcd09224076508f9c10095bf2e2c394232a4d297)
2007-10-10r3810: create a LIB_SECURITY subsystemStefan Metzmacher1-0/+1
- move dom_sid, security_descriptor, security_* funtions to one place and rename some of them metze (This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
2007-10-10r3806: added support to smb_server and pvfs for the NTTRANS Create call. ThisAndrew Tridgell2-11/+128
call has an optional sec_desc and ea_list. (This used to be commit 8379ad14e3d51a848a99865d9ce8d56a301e8a3c)
2007-10-10r3756: Fix netbios session request reply. The buffer should not be a stack-basedVolker Lendecke1-1/+1
variable that is overwritten later. Samba3 smbclient still does not like Samba4. In ntlmssp samba3 smbclient expects an mechlistmic that 4 does not send. Volker (This used to be commit 614dbd8fec09a5e4c63e4b7774aa38335e030a42)
2007-10-10r3733: More build system fixes/features:Jelmer Vernooij1-3/+0
- Use .mk files directly (no need for a SMB_*_MK() macro when adding a new SUBSYSTEM, MODULE or BINARY). This allows addition of new modules and subsystems without running configure - Add support for generating .dot files with the Samba4 dependency tree (as used by the graphviz and springgraph utilities) (This used to be commit 64826da834e26ee0488674e27a0eae36491ee179)
2007-10-10r3720: fixed the pulling of zero length ucs2 strings in smbd. I found thisAndrew Tridgell1-0/+5
bug using ifstest.exe, which is a IFS (Installable File System) test suite. With this fix I was pleasantly surprised to find that Samba4 passes many (maybe even most?) of the tests in ifstest. (This used to be commit a20cbca7880b66d3cf21213cccf93675e03f8728)
2007-10-10r3593: fixed the trans2 t2open reply to initialise all bytes (bug found by ↵Andrew Tridgell1-4/+6
valgrind) (This used to be commit b8ba6793c1b27f118083ddfa71af8ffbf2b65125)
2007-10-10r3591: to get a bit more useful info from valgrind I'm disabling theAndrew Tridgell1-1/+1
deliberate over-allocation of request structures in smbd and libcli/raw code for now. (This used to be commit 07596d87213e8ccbf6a0e7bc216d692065f43403)
2007-10-10r3573: added trans2open support to smbd and pvfs, and fine-tuned the ↵Andrew Tridgell2-1/+62
open->generic ntvfs mapping code. (This used to be commit ed844192d7f7ed487290f719df65f256a5b0b9bc)
2007-10-10r3539: much nicer async open delay code.Andrew Tridgell1-4/+4
The previous code didn't handle the case where the file got renamed or deleted while waiting for the sharing violation delay. To handle this we need to make the 2nd open a full open call, including the name resolve call etc. Luckily this simplifies the logic. I also expanded the RAW-MUX test to include the case where we do open/open/open/close/close, with the 3rd open async, and that open gets retried after both the first close and the 2nd close, with the first retry failing and the 2nd retry working. The tests the "async reply after a async reply" logic in pvfs_open(). (This used to be commit eded2ad9c91f5ba587ef4f7f5f5a6dceb4b51ff3)
2007-10-10r3531: add support for RAW_OPEN_MKNEW, RAW_OPEN_CREATE and RAW_OPEN_CTEMP in ↵Andrew Tridgell1-1/+5
pvfs (This used to be commit 1d2f0a55c1de01cbbf6552371584847223841bc3)
2007-10-10r3529: fixed signing support for SMBntcancel requests (no reply means seqAndrew Tridgell2-2/+11
number rises by 1, not 2) (This used to be commit 201ff734d47cb0c335820f11e2629cb3bd18162f)
2007-10-10r3528: added support for the SMBntcancel() operation, which cancels anyAndrew Tridgell1-1/+3
outstanding async operation (triggering an immediate timeout). pvfs now passes the RAW-MUX test (This used to be commit 3423e2f41461d054067ef168b9b986f62cc8f77c)
2007-10-10r3518: fixed some includes to be consistent.Andrew Tridgell1-13/+4
- use #include <XXX.h> for operating system includes - use includes relative to include/ for things like system/wait.h also fixed the thread backend to work somewhat. To fix it properly we need to do this: - add a configure test for support for thread local storage (the __thread keyword) - refuse to do pthreads if tls doesn't work - refuse to do pthreads if seteuid() affects process instead of thread - defined THREAD_LOCAL as __thread when WITH_PTHREADS - add THREAD_LOCAL to all the global data structures that should be thread local (there are quite a few) right now the thread backend falls over when you hit it with several connections at once, due to the lack of __thread on some critical structures. (This used to be commit 0dc1deabd0b53bc7a6f6cee2ed99e2cbbe422262)
2007-10-10r3507: - added deferred replies on sharing violation in pvfs open. TheAndrew Tridgell1-5/+4
deferred reply is short-circuited immediately when the file is closed by another user, allowing it to be opened by the waiting user. - added a sane set of timeval manipulation routines - converted all the events code and code that uses it to use struct timeval instead of time_t, which allows for microsecond resolution instead of 1 second resolution. This was needed for doing the pvfs deferred open code, and is why the patch is so big. (This used to be commit 0d51511d408d91eb5f68a35e980e0875299b1831)
2007-10-10r3500: cleaned up the AS_USER/AS_GUEST stuff in the core smb packet processingAndrew Tridgell1-96/+36
(This used to be commit 8fa456afc9be113f292a1952119b533e4dc04fc1)
2007-10-10r3493: fixed a bug in readx reply where the client specifies an invalid highAndrew Tridgell1-1/+7
part of the maxcnt. This caused an allocation failure and server exit. Note: we need to go back over all the places in the core smb_server that can cause allocation failures based on user input and fix them to instead produce a SMB error. Thanks to Susan for finding this bug. (This used to be commit 4aed1b7921a3bfef460f8602467ac0dca9561032)
2007-10-10r3481: split out client.h and events.hAndrew Tridgell2-0/+2
(This used to be commit c6f486574470a311e0d336c026103f131451e21e)
2007-10-10r3466: split out request.h, signing.h, and smb_server.hAndrew Tridgell14-2/+27
(This used to be commit 7c4e6ebf05790dd6e29896dd316db0fff613aa4e)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell6-0/+6
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3461: another place where "open" was used as a structure elementAndrew Tridgell1-6/+6
(This used to be commit 1087ea830e7aead86d54a1836512e88554afc919)
2007-10-10r3458: more solaris portability fixes, the main one being that we can't use aAndrew Tridgell1-11/+11
structure element called "open" as its a macro on solaris. (This used to be commit 4e92e15c4e396b1d8cd211192888fea68c2cf0f9)
2007-10-10r3455: some more portability fixes. We nearly compile on solaris again now.Andrew Tridgell1-0/+1
(This used to be commit 4f33247f1ca60416415a61a7afac43c9dc8a61fd)
2007-10-10r3453: - split out the auth and popt includesAndrew Tridgell2-0/+2
- tidied up some of the system includes - moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl knows about inter-IDL dependencies (This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
2007-10-10r3447: more include/system/XXX.h include filesAndrew Tridgell1-0/+1
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
2007-10-10r3443: the next stage in the include files re-organisation.Andrew Tridgell1-4/+4
I have created the include/system/ directory, which will contain the wrappers for the system includes for logical subsystems. So far I have created include/system/kerberos.h and include/system/network.h, which contain all the system includes for kerberos code and networking code. These are the included in subsystems that need kerberos or networking respectively. Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C file, instead each C module includes the include/system/XXX.h file for the logical system support it needs, and the details are kept isolated in include/system/ This patch also creates a "struct ipv4_addr" which replaces "struct in_addr" in our code. That avoids every C file needing to import all the system networking headers. (This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
2007-10-10r3441: some include file cleanups and general housekeepingAndrew Tridgell1-1/+1
(This used to be commit 73ea8ee6c268371d05cf74160f2ad451dd2ae699)
2007-10-10r3425: got rid of a bunch of cruft from rewrite.hAndrew Tridgell2-2/+1
(This used to be commit 3f902f8d851d32fa81d89ed61bfda6edaea00984)
2007-10-10r3380: - changed the default behaviour of server signing. We now have a defaultAndrew Tridgell1-0/+7
setting of "server signing = auto", which means to offer signing only if we have domain logons enabled (ie. we are a DC). This is a better match for what windows clients want, as unfortunately windows clients always use signing if it is offered, and when they use signing they not only go slower because of the signing itself, they also disable large readx/writex support, so they end up sending very small IOs for. - changed the default max xmit again, this time matching longhorn, which uses 12288. That seems to be a fairly good compromise value. (This used to be commit e63edc81716fefd58a3be25deb3b25e45471f196)
2007-10-10r3361: Allow Samba4 (I'm interested in ntlm_auth in particular) to useAndrew Bartlett1-11/+20
Samba3's winbind. This is also the start of domain membership code in Samba4, as we now (partially) parse the info3, and use it like Samba3 does. Andrew Bartlett (This used to be commit c1b7303c1c7d9fb815006c3bd2af20a0010d15a8)
2007-10-10r3355: fixed the old style search code in smb_server to correctly handleAndrew Tridgell1-4/+8
searches that go beyond the negotiated max xmit size (This used to be commit 84762a59763005f5d29106cd409867cb150d648f)
2007-10-10r3350: fixed a bug with sending multiple replies for the one request, asAndrew Tridgell4-58/+107
happens with trans2, trans and echo. Now that smbd is async we queue the multiples replies all at once, and now need a way to ensure each reply gets it own smbsrv_request buffer. I have added req_setup_secondary() to cope with this. (This used to be commit 2dbd2abc5f197ee21d7dceeda2922c7449c46d99)
2007-10-10r3341: - don't zero the async structure (makes valgrind more useful)Andrew Tridgell3-6/+2
- get rid of req->mid, as it isn't a safe value to use to match requests in the server (it is safe in the client code, as we choose the mid, but in the server we can't rely on other clients to choose the mid carefully) (This used to be commit 938fb44351e12a515073ea94cd306988d5ca7340)
2007-10-10r3336: use a struct ntvfs_async_state to be able to do async chaning of ↵Stefan Metzmacher5-185/+179
ntvfs modules the idea is that a passthru module can use ntvfs_async_state_push() before calling ntvfs_next_*() and in the _send function it calls ntvfs_async_state_pop() and then call the upper layer send_fn itself - ntvfs_nbench is now fully async - the ntvfs_map_*() functions and the trans(2) mapping functions are not converted yet metze (This used to be commit fde64c0dc142b53d128c8ba09af048dc58d8ef3a)
2007-10-10r3307: fixed the send side of the smb_server code to be non-blocking. ThisAndrew Tridgell3-18/+49
means the whole of the SMB handling code is now non-blocking. (This used to be commit 30acedb943f0170d30e7b08925280d0dffc7873e)
2007-10-10r3306: the main smb server code now handles non-blocking socket receives. IAndrew Tridgell2-47/+81
haven't marked the socket non-blocking yet as I haven't checked that the send path is OK for non-blocking. (This used to be commit bda978cc2a921a888534054135b9325427425dd2)
2007-10-10r3304: changed the API to lib/socket/ a little.Andrew Tridgell2-7/+16
The main change is to make socket_recv() take a pre-allocated buffer, rather than allocating one itself. This allows non-blocking users of this API to avoid a memcpy(). As a result our messaging code is now about 10% faster, and the ncacn_ip_tcp and ncalrpc code is also faster. The second change was to remove the unused mem_ctx argument from socket_send(). Having it there implied that memory could be allocated, which meant the caller had to worry about freeing that memory (if for example it is sending in a tight loop using the same memory context). Removing that unused argument keeps life simpler for users. (This used to be commit a16e4756cd68ca8aab4ffc59d4d9db0b6e44dbd1)
2007-10-10r3278: - rewrote the client side rpc connection code to use lib/socket/Andrew Tridgell1-11/+3
rather than doing everything itself. This greatly simplifies the code, although I really don't like the socket_recv() interface (it always allocates memory for you, which means an extra memcpy in this code) - fixed several bugs in the socket_ipv4.c code, in particular client side code used a non-blocking connect but didn't handle EINPROGRESS, so it had no chance of working. Also fixed the error codes, using map_nt_error_from_unix() - cleaned up and expanded map_nt_error_from_unix() - changed interpret_addr2() to not take a mem_ctx. It makes absolutely no sense to allocate a fixed size 4 byte structure like this. Dozens of places in the code were also using interpret_addr2() incorrectly (precisely because the allocation made no sense) (This used to be commit 7f2c771b0e0e98c5c9e5cf662592d64d34ff1205)
2007-10-10r3256: get rid of the unused session_claim() and session_yield() callsAndrew Tridgell3-25/+0
(This used to be commit f1c5be396b62203fb183431ea6218eed38976d0b)
2007-10-10r3255: - fixed 2 uninitialised data errors found with valgrindAndrew Tridgell1-1/+3
- fixed offset of setup words in nttrans reply (This used to be commit 86b5118c2ae605560a196ee014b6134ec2928c5b)
2007-10-10r3243: read the high offset count in SMBreadx in the serverAndrew Tridgell1-0/+1
(This used to be commit 977bc87d18d2ea8c6967bd8c1b953b09fff9b434)
2007-10-10r3234: in SMBreadx, if the client asks for exactly 65535 bytes then don't tryAndrew Tridgell1-3/+13
to align the buffer, as that would make the read reply not fit (This used to be commit 70be45de05993d386ceaf54325d1c3023008eaed)
2007-10-10r3202: return a old DOS error code ERRSRV:ERRbaduid for a bad vuid. This ↵Andrew Tridgell1-1/+1
means we now pass the BASE-VUID test. (This used to be commit 560300c0025940d84c9be41447145f4b441e7105)
2007-10-10r3186: Use the properties of the new talloc() system to handle the authAndrew Bartlett2-9/+14
session info and server info structures. Andrew Bartlett (This used to be commit 5bdf391b3bc10291739f5640be9a404dbbeda273)