summaryrefslogtreecommitdiff
path: root/source4/smb_server
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r3443: the next stage in the include files re-organisation.Andrew Tridgell1-4/+4
I have created the include/system/ directory, which will contain the wrappers for the system includes for logical subsystems. So far I have created include/system/kerberos.h and include/system/network.h, which contain all the system includes for kerberos code and networking code. These are the included in subsystems that need kerberos or networking respectively. Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C file, instead each C module includes the include/system/XXX.h file for the logical system support it needs, and the details are kept isolated in include/system/ This patch also creates a "struct ipv4_addr" which replaces "struct in_addr" in our code. That avoids every C file needing to import all the system networking headers. (This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
2007-10-10r3441: some include file cleanups and general housekeepingAndrew Tridgell1-1/+1
(This used to be commit 73ea8ee6c268371d05cf74160f2ad451dd2ae699)
2007-10-10r3425: got rid of a bunch of cruft from rewrite.hAndrew Tridgell2-2/+1
(This used to be commit 3f902f8d851d32fa81d89ed61bfda6edaea00984)
2007-10-10r3380: - changed the default behaviour of server signing. We now have a defaultAndrew Tridgell1-0/+7
setting of "server signing = auto", which means to offer signing only if we have domain logons enabled (ie. we are a DC). This is a better match for what windows clients want, as unfortunately windows clients always use signing if it is offered, and when they use signing they not only go slower because of the signing itself, they also disable large readx/writex support, so they end up sending very small IOs for. - changed the default max xmit again, this time matching longhorn, which uses 12288. That seems to be a fairly good compromise value. (This used to be commit e63edc81716fefd58a3be25deb3b25e45471f196)
2007-10-10r3361: Allow Samba4 (I'm interested in ntlm_auth in particular) to useAndrew Bartlett1-11/+20
Samba3's winbind. This is also the start of domain membership code in Samba4, as we now (partially) parse the info3, and use it like Samba3 does. Andrew Bartlett (This used to be commit c1b7303c1c7d9fb815006c3bd2af20a0010d15a8)
2007-10-10r3355: fixed the old style search code in smb_server to correctly handleAndrew Tridgell1-4/+8
searches that go beyond the negotiated max xmit size (This used to be commit 84762a59763005f5d29106cd409867cb150d648f)
2007-10-10r3350: fixed a bug with sending multiple replies for the one request, asAndrew Tridgell4-58/+107
happens with trans2, trans and echo. Now that smbd is async we queue the multiples replies all at once, and now need a way to ensure each reply gets it own smbsrv_request buffer. I have added req_setup_secondary() to cope with this. (This used to be commit 2dbd2abc5f197ee21d7dceeda2922c7449c46d99)
2007-10-10r3341: - don't zero the async structure (makes valgrind more useful)Andrew Tridgell3-6/+2
- get rid of req->mid, as it isn't a safe value to use to match requests in the server (it is safe in the client code, as we choose the mid, but in the server we can't rely on other clients to choose the mid carefully) (This used to be commit 938fb44351e12a515073ea94cd306988d5ca7340)
2007-10-10r3336: use a struct ntvfs_async_state to be able to do async chaning of ↵Stefan Metzmacher5-185/+179
ntvfs modules the idea is that a passthru module can use ntvfs_async_state_push() before calling ntvfs_next_*() and in the _send function it calls ntvfs_async_state_pop() and then call the upper layer send_fn itself - ntvfs_nbench is now fully async - the ntvfs_map_*() functions and the trans(2) mapping functions are not converted yet metze (This used to be commit fde64c0dc142b53d128c8ba09af048dc58d8ef3a)
2007-10-10r3307: fixed the send side of the smb_server code to be non-blocking. ThisAndrew Tridgell3-18/+49
means the whole of the SMB handling code is now non-blocking. (This used to be commit 30acedb943f0170d30e7b08925280d0dffc7873e)
2007-10-10r3306: the main smb server code now handles non-blocking socket receives. IAndrew Tridgell2-47/+81
haven't marked the socket non-blocking yet as I haven't checked that the send path is OK for non-blocking. (This used to be commit bda978cc2a921a888534054135b9325427425dd2)
2007-10-10r3304: changed the API to lib/socket/ a little.Andrew Tridgell2-7/+16
The main change is to make socket_recv() take a pre-allocated buffer, rather than allocating one itself. This allows non-blocking users of this API to avoid a memcpy(). As a result our messaging code is now about 10% faster, and the ncacn_ip_tcp and ncalrpc code is also faster. The second change was to remove the unused mem_ctx argument from socket_send(). Having it there implied that memory could be allocated, which meant the caller had to worry about freeing that memory (if for example it is sending in a tight loop using the same memory context). Removing that unused argument keeps life simpler for users. (This used to be commit a16e4756cd68ca8aab4ffc59d4d9db0b6e44dbd1)
2007-10-10r3278: - rewrote the client side rpc connection code to use lib/socket/Andrew Tridgell1-11/+3
rather than doing everything itself. This greatly simplifies the code, although I really don't like the socket_recv() interface (it always allocates memory for you, which means an extra memcpy in this code) - fixed several bugs in the socket_ipv4.c code, in particular client side code used a non-blocking connect but didn't handle EINPROGRESS, so it had no chance of working. Also fixed the error codes, using map_nt_error_from_unix() - cleaned up and expanded map_nt_error_from_unix() - changed interpret_addr2() to not take a mem_ctx. It makes absolutely no sense to allocate a fixed size 4 byte structure like this. Dozens of places in the code were also using interpret_addr2() incorrectly (precisely because the allocation made no sense) (This used to be commit 7f2c771b0e0e98c5c9e5cf662592d64d34ff1205)
2007-10-10r3256: get rid of the unused session_claim() and session_yield() callsAndrew Tridgell3-25/+0
(This used to be commit f1c5be396b62203fb183431ea6218eed38976d0b)
2007-10-10r3255: - fixed 2 uninitialised data errors found with valgrindAndrew Tridgell1-1/+3
- fixed offset of setup words in nttrans reply (This used to be commit 86b5118c2ae605560a196ee014b6134ec2928c5b)
2007-10-10r3243: read the high offset count in SMBreadx in the serverAndrew Tridgell1-0/+1
(This used to be commit 977bc87d18d2ea8c6967bd8c1b953b09fff9b434)
2007-10-10r3234: in SMBreadx, if the client asks for exactly 65535 bytes then don't tryAndrew Tridgell1-3/+13
to align the buffer, as that would make the read reply not fit (This used to be commit 70be45de05993d386ceaf54325d1c3023008eaed)
2007-10-10r3202: return a old DOS error code ERRSRV:ERRbaduid for a bad vuid. This ↵Andrew Tridgell1-1/+1
means we now pass the BASE-VUID test. (This used to be commit 560300c0025940d84c9be41447145f4b441e7105)
2007-10-10r3186: Use the properties of the new talloc() system to handle the authAndrew Bartlett2-9/+14
session info and server info structures. Andrew Bartlett (This used to be commit 5bdf391b3bc10291739f5640be9a404dbbeda273)
2007-10-10r3136: - Allow specifying socket type when adding smbd serviceJelmer Vernooij1-1/+1
- Make sure a epm_tower struct is completely initialized - Some more minor fixes (This used to be commit d560dcbdb85cb2c6915bdb9e2f82f1872b0f5a52)
2007-10-10r3134: use struct idr_context * in tid allocationAndrew Tridgell1-1/+1
(This used to be commit 3ea9445226a678b410bf565ec114a3c544f8ade3)
2007-10-10r3084: mincnt and maxcnt were the wrong way around in readbraw server codeAndrew Tridgell1-2/+2
(This used to be commit e11b000319953dfeeb84fed142e857a5247a93e9)
2007-10-10r3081: several updates to ntvfs and server side async request handling inAndrew Tridgell3-5/+41
preparation for the full share modes and ntcreatex code that I am working on. highlights include: - changed the way a backend determines if it is allowed to process a request asynchronously. The previous method of looking at the send_fn caused problems when an intermediate ntvfs module disabled it, and the caller then wanted to finished processing using this function. The new method is a REQ_CONTROL_MAY_ASYNC flag in req->control_flags, which is also a bit easier to read - fixed 2 bugs in the readbraw server code. One related to trying to answer a readbraw with smb signing (which can't work, and crashed our signing code), the second related to error handling, which attempted to send a normal SMB error packet, when readbraw must send a 0 read reply (as it has no header) - added several more ntvfs_generic.c generic mapping functions. This means that backends no longer need to implement such esoteric functions as SMBwriteunlock() if they don't want to. The backend can just request the mapping layer turn it into a write followed by an unlock. This makes the backends considerably simpler as they only need to implement one style of each function for lock, read, write, open etc, rather than the full host of functions that SMB provides. A backend can still choose to implement them individually, of course, and the CIFS backend does that. - simplified the generic structures to make them identical to the principal call for several common SMB calls (such as RAW_WRITE_GENERIC now being an alias for RAW_WRITE_WRITEX). - started rewriting the pvfs_open() code in preparation for the full ntcreatex semantics. - in pvfs_open and ipc_open, initially allocate the open file structure as a child of the request, so on error we don't need to clean up. Then when we are going to succeed the open steal the pointer into the long term backend context. This makes for much simpler error handling (and fixes some bugs) - use a destructor in the ipc backend to make sure that everthing is cleaned up on receive error conditions. - switched the ipc backend to using idtree for fnum allocation - in the ntvfs_generic mapping routines, use a allocated secondary structure not a stack structure to ensure the request pointer remains valid even if the backend replies async. (This used to be commit 3457c1836c09c82956697eb21627dfa2ed37682e)
2007-10-10r3064: - use UINT8_MAX and UINT16_MAX instead of hex values for ↵Andrew Tridgell1-1/+1
idr_get_new() limits - change idr_get_new() to use > instead of >= in the limit check (This used to be commit 834b09929bcb8aabdd151b7c2306001497cabdb4)
2007-10-10r3060: Replace magic number with a C99 constant.Tim Potter1-1/+1
(This used to be commit b572be00b3432317169c6fa6df3f91a0c8f23fcb)
2007-10-10r3059: completely get rid of the MAX_CONNECTIONS limit, as a idle treeAndrew Tridgell1-7/+1
connect is very cheap now. (This used to be commit 8856f010e96d2f20d349a51820f225a8493f6eef)
2007-10-10r3057: - moved the idtree.c code into lib/Andrew Tridgell2-74/+25
- converted the tid handling to use a idtree instead of bitmaps (This used to be commit 4220914179d10132057216650b65ed7f7679717e)
2007-10-10r3054: use talloc_zero_array_p() in a couple of placesAndrew Tridgell2-2/+2
(This used to be commit cccd59009d54d63ccf57181c15d161998a15da6b)
2007-10-10r2857: this commit gets rid of smb_ucs2_t, wpstring and fpstring, plus lots ↵Andrew Tridgell1-7/+1
of associated functions. The motivation for this change was to avoid having to convert to/from ucs2 strings for so many operations. Doing that was slow, used many static buffers, and was also incorrect as it didn't cope properly with unicode codepoints above 65536 (which could not be represented correctly as smb_ucs2_t chars) The two core functions that allowed this change are next_codepoint() and push_codepoint(). These functions allow you to correctly walk a arbitrary multi-byte string a character at a time without converting the whole string to ucs2. While doing this cleanup I also fixed several ucs2 string handling bugs. See the commit for details. The following code (which counts the number of occuraces of 'c' in a string) shows how to use the new interface: size_t count_chars(const char *s, char c) { size_t count = 0; while (*s) { size_t size; codepoint_t c2 = next_codepoint(s, &size); if (c2 == c) count++; s += size; } return count; } (This used to be commit 814881f0e50019196b3aa9fbe4aeadbb98172040)
2007-10-10r2797: don't free the server_info before using it for anonymous connectionsAndrew Tridgell1-3/+2
(This used to be commit 5f5b04196c7930c91e6c00e0276f25f88181b317)
2007-10-10r2784: - fixed alignment of ascii directory listingsAndrew Tridgell1-1/+14
- fixed minimum parameter size for ascii qpathinfo call (This used to be commit ee065ae7f92e60600966cb1d44cd0e30498b93dd)
2007-10-10r2783: got rid of the unused remote architecture detection codeAndrew Tridgell1-120/+0
(This used to be commit 9a04664531601b8251dbf6a0922ab48e675adb90)
2007-10-10r2751: this is a new ntvfs design which tries to solve:Stefan Metzmacher7-102/+76
- the stacking of modules - finding the modules private data - hide the ntvfs details from the calling layer - I set NTVFS_INTERFACE_VERSION 0 till we are closer to release (because we need to solve some async problems with the module stacking) metze (This used to be commit 3ff03b5cb21bb79afdd3b1609be9635f6688a539)
2007-10-10r2671: we're getting too many errors caused by the talloc_realloc() API notAndrew Tridgell2-3/+3
taking a context (so when you pass a NULL pointer you end up with memory in a top level context). Fixed it by changing the API to take a context. The context is only used if the pointer you are reallocing is NULL. (This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
2007-10-10r2669: convert make_user_info() and associated functions from malloc to tallocAndrew Tridgell1-3/+5
(This used to be commit 278cef77f083c002d17ecbbe18c20825a380eda3)
2007-10-10r2664: fixed the final server leak for normal operation. We now get a clean ↵Andrew Tridgell1-1/+2
report from --leak-check (This used to be commit 1ff41bbcae8dc7514a85d69679e44dc7c5b0342f)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell1-14/+26
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2658: fixed a couple of error codes found with RAW-CONTEXTAndrew Tridgell1-2/+2
(This used to be commit 18632ec56524f294655d881406c10beb659ddee1)
2007-10-10r2657: if we are already fully authenticated in session setup then the vuid ↵Andrew Tridgell1-6/+3
is ignored (This used to be commit 50d5c638a3710855be67cd41dccc9658d64b70fd)
2007-10-10r2648: - use a destructor on struct server_connection to simplify theAndrew Tridgell2-2/+2
connection termination cleanup, and to ensure that the event contexts are properly removed for every process model - gave auth_context the new talloc treatment, which removes another source of memory leaks. (This used to be commit 230e1cd777b0fba82dffcbd656cfa23c155d0560)
2007-10-10r2646: - use a talloc destructor to ensure that sockets from the new socketAndrew Tridgell1-1/+1
library are closed on abnormal termination - convert the service.h structures to the new talloc methods (This used to be commit 2dc334a3284858eb1c7190f9687c9b6c879ecc9d)
2007-10-10r2629: convert gensec to the new talloc modelAndrew Tridgell2-2/+2
by making our gensec structures a talloc child of the open connection we can be sure that it will be destroyed when the connection is dropped. (This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
2007-10-10r2627: use the new talloc capabilities in a bunch more places in the rpcAndrew Tridgell2-3/+2
server code. This fixes a number of memory leaks I found when testing with valgrind and smbtorture, as the cascading effect of a talloc_free() ensures that anything derived from the top level object is destroyed on disconnect. (This used to be commit 76d0b8206ce64d6ff4a192979c43dddbec726d6e)
2007-10-10r2618: before we had refererence counts in talloc I added a hack in theAndrew Tridgell4-22/+8
server side request structure to prevent a structing being freed in some circumstances. This change replaces this with the much more robust mechanism of talloc_increase_ref_count(). (This used to be commit 3f7741f178b359f81cc98ef18cd69bf976123e9f)
2007-10-10r2616: the cascading nature of talloc_free() can lead to some surprises. InAndrew Tridgell1-0/+1
this case the bug was that server_terminate_connection() destroys the server context, which in turn cascades down to destroy all current request contexts, so we musn't then try to destroy the request structure a second time. (This used to be commit 28a647f681e2166c01f7ac59b16305676d5caa71)
2007-10-10r2590: fixed one of the server security memory leaks. There are more :(Andrew Tridgell1-0/+4
(This used to be commit 9e1eb58e4b332e4a300e8b546a5d39bd2f7cd7a6)
2007-10-10r2581: added "hosts allow" and "hosts deny" checking in smbd. I needed thisAndrew Tridgell1-0/+7
as my box keeps getting hit by viruses spreading on my companies internal network, which screws up my debug log badly (sigh). metze, I'm not sure if you think access.c should go in the socket library or not. It is closely tied to the socket functions, but you may prefer it separate. The access.c code is a port from Samba3, but with some cleanups to make it (slighly) less ugly. (This used to be commit 058b2fd99e3957d7d2a9544fd27071f1122eab68)
2007-10-10r2561: completely redid the ntvfs module chaining code, You can now do ↵Andrew Tridgell2-4/+7
something like: ntvfs handler = nbench posix and the nbench pass-thru module will be called before the posix module. The chaining logic is now much saner, and less racy, with each level in the chain getting its own private pointer rather than relying on save/restore logic in the pass-thru module. The only pass-thru module we have at the moment is the nbench one (which records all traffic in a nbench compatibe format), but I plan on soon writing a "unixuid" pass-thru module that will implement the setegid()/setgroups()/seteuid() logic for standard posix uid handling. This separation of the posix backend from the uid handling should simplify the code, and make development easier. I also modified the nbench module so it can do multiple chaining, so if you want to you can do: ntvfs module = nbench nbench posix and it will save 2 copies of the log file in /tmp. This is really only useful for testing at the moment until we have more than one pass-thru module. (This used to be commit f84c0af35cb54c8fdc4933afefc18fa4c062aae4)
2007-10-10r2552: Character set conversion and string handling updates.Andrew Bartlett2-5/+9
The intial motivation for this commit was to merge in some of the bugfixes present in Samba3's chrcnv and string handling code into Samba4. However, along the way I found a lot of unused functions, and decided to do a bit more... The strlen_m code now does not use a fixed buffer, but more work is needed to finish off other functions in str_util.c. These fixed length buffers hav caused very nasty, hard to chase down bugs at some sites. The strupper_m() function has a strupper_talloc() to replace it (we need to go around and fix more uses, but it's a start). Use of these new functions will avoid bugs where the upper or lowercase version of a string is a different length. I have removed the push_*_allocate functions, which are replaced by calls to push_*_talloc. Likewise, pstring and other 'fixed length' wrappers are removed, where possible. I have removed the first ('base pointer') argument, used by push_ucs2, as the Samba4 way of doing things ensures that this is always on an even boundary anyway. (It was used in only one place, in any case). (This used to be commit dfecb0150627b500cb026b8a4932fe87902ca392)
2007-10-10r2550: survive our own BASE-NEGNOWAIT torture test.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit a13208224921b6ad37ac5d9aeb12252f5d4aa288)