Age | Commit message (Collapse) | Author | Files | Lines |
|
by making our gensec structures a talloc child of the open connection
we can be sure that it will be destroyed when the connection is
dropped.
(This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
|
|
server code. This fixes a number of memory leaks I found when testing
with valgrind and smbtorture, as the cascading effect of a
talloc_free() ensures that anything derived from the top level object
is destroyed on disconnect.
(This used to be commit 76d0b8206ce64d6ff4a192979c43dddbec726d6e)
|
|
server side request structure to prevent a structing being freed in
some circumstances. This change replaces this with the much more
robust mechanism of talloc_increase_ref_count().
(This used to be commit 3f7741f178b359f81cc98ef18cd69bf976123e9f)
|
|
this case the bug was that server_terminate_connection() destroys the
server context, which in turn cascades down to destroy all current
request contexts, so we musn't then try to destroy the request
structure a second time.
(This used to be commit 28a647f681e2166c01f7ac59b16305676d5caa71)
|
|
(This used to be commit 9e1eb58e4b332e4a300e8b546a5d39bd2f7cd7a6)
|
|
as my box keeps getting hit by viruses spreading on my companies
internal network, which screws up my debug log badly (sigh).
metze, I'm not sure if you think access.c should go in the socket
library or not. It is closely tied to the socket functions, but you
may prefer it separate.
The access.c code is a port from Samba3, but with some cleanups to
make it (slighly) less ugly.
(This used to be commit 058b2fd99e3957d7d2a9544fd27071f1122eab68)
|
|
something like:
ntvfs handler = nbench posix
and the nbench pass-thru module will be called before the posix
module. The chaining logic is now much saner, and less racy, with each
level in the chain getting its own private pointer rather than relying
on save/restore logic in the pass-thru module.
The only pass-thru module we have at the moment is the nbench one
(which records all traffic in a nbench compatibe format), but I plan
on soon writing a "unixuid" pass-thru module that will implement the
setegid()/setgroups()/seteuid() logic for standard posix uid
handling. This separation of the posix backend from the uid handling
should simplify the code, and make development easier.
I also modified the nbench module so it can do multiple chaining, so
if you want to you can do:
ntvfs module = nbench nbench posix
and it will save 2 copies of the log file in /tmp. This is really only
useful for testing at the moment until we have more than one pass-thru
module.
(This used to be commit f84c0af35cb54c8fdc4933afefc18fa4c062aae4)
|
|
The intial motivation for this commit was to merge in some of the
bugfixes present in Samba3's chrcnv and string handling code into
Samba4. However, along the way I found a lot of unused functions, and
decided to do a bit more...
The strlen_m code now does not use a fixed buffer, but more work is
needed to finish off other functions in str_util.c. These fixed
length buffers hav caused very nasty, hard to chase down bugs at some
sites.
The strupper_m() function has a strupper_talloc() to replace it (we
need to go around and fix more uses, but it's a start). Use of these
new functions will avoid bugs where the upper or lowercase version of
a string is a different length.
I have removed the push_*_allocate functions, which are replaced by
calls to push_*_talloc. Likewise, pstring and other 'fixed length'
wrappers are removed, where possible.
I have removed the first ('base pointer') argument, used by push_ucs2,
as the Samba4 way of doing things ensures that this is always on an
even boundary anyway. (It was used in only one place, in any case).
(This used to be commit dfecb0150627b500cb026b8a4932fe87902ca392)
|
|
Andrew Bartlett
(This used to be commit a13208224921b6ad37ac5d9aeb12252f5d4aa288)
|
|
smb_conn->socket has gone away, and the packet count is now in the
main structure.
Andrew Bartlett
(This used to be commit 2e197f05ff186783bb76f7cb972faed3e8cb1ce7)
|
|
like it in the mainline code (outside the smb.conf magic).
We will need to have a more useful 'helper' routine for this, but for
now we at least get a reliable IP address.
Also remove the unused 'socket' structure in the smb server - it seems
to have been replaced by the socket library.
Andrew Bartlett
(This used to be commit d8fd19a2020da6cce691c0db2b00f42e31d672cc)
|
|
Andrew Bartlett
(This used to be commit cd2f97530b2846bdb98ef36fabdc0a1cdd9e69fd)
|
|
negotiating a old style session setup (eg. LANMAN1)
(This used to be commit 04f68f481c49102411b168593adaddf5e97b7d4d)
|
|
(This used to be commit 4e4859c06b9de5fe60ebd17cfb09eed480b79ec1)
|
|
(This used to be commit 9710f24b1fd103d5656c9585cdfed96449cf9f97)
|
|
original core level calls). The old code was completely wrong in many respects.
also fixed the EA_SIZE level in the server
extended the RAW-SEARCH test suite to test the new code properly
(This used to be commit 71480271ad84b57fcdde264a54bb2408cf783255)
|
|
(This used to be commit 9a708e2281b87e41032e8a0b12bb5ac3b0e151ce)
|
|
(This used to be commit 93d444e6fd6b0e86a17a9aa8fa72408435cab3e0)
|
|
metze
(This used to be commit fba1637710138b0f2fae148e88b91a9cd1665465)
|
|
metze
(This used to be commit 2fd577d2417e117a7e8c1a56feb147eae805df34)
|
|
metze
(This used to be commit 1854907da8d577db41de9aa14573d5c8c0092f47)
|
|
metze
(This used to be commit 45b77064bfeae1d4db2fa83c5513bdafa0c237e4)
|
|
in a more samba4 style at some point (along with the session code).
Andrew Bartlett
(This used to be commit b8fe29dc7ac6fc60e5171a29788ae56968c1098b)
|
|
(This used to be commit c455a3a61d587f5126236d8c11ba84e19d4f038a)
|
|
(This used to be commit 21ef338cbbe96acc8594ffc550ef60c6a40fb951)
|
|
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
|
|
I had previously thought this was unnecessary, as windows doesn't use
standards compliant UTF-16, and for filesystem operations treats bytes
as UCS-2, but Bjoern Jacke has pointed out to me that this means we
don't correctly store extended UTF-16 characters as UTF-8 on
disk. This can be seen with (for example) the gothic characters with
codepoints above 64k.
This commit also adds a LOCAL-ICONV torture test that tests the first
1 million codepoints against the system iconv library, and tests 5
million random UTF-16LE buffers for identical error handling to the
system iconv library.
the lib/iconv.c changes need backporting to samba3
(This used to be commit 756f28ac95feaa84b42402723d5f7286865c78db)
|
|
(This used to be commit 9fdbe60230741e11478871072a40c8bc8124b5ea)
|
|
(This used to be commit a6cc0bedad98e7b9bbc27d9f31c21d5eba77146f)
|
|
(This used to be commit d17e088ebbf1fd0dd2ef2d73115c7f458677d02f)
|
|
The bug (found by tridge) is that Win2k3 is being tighter about the
NTLMSSP flags. If we don't negotiate sealing, we can't use it.
We now have a way to indicate to the GENSEC implementation mechanisms
what things we want for a connection.
Andrew Bartlett
(This used to be commit 86f61568ea44c5719f9b583beeeefb12e0c26f4c)
|
|
metze
(This used to be commit 8c9c702bc3328c3826985711c4a30b878cf8b02e)
|
|
metze
(This used to be commit bf06f476dbdfbcb38ccbd8606e622097015c2b3d)
|
|
This version does the following:
1) talloc_free(), talloc_realloc() and talloc_steal() lose their
(redundent) first arguments
2) you can use _any_ talloc pointer as a talloc context to allocate
more memory. This allows you to create complex data structures
where the top level structure is the logical parent of the next
level down, and those are the parents of the level below
that. Then destroy either the lot with a single talloc_free() or
destroy any sub-part with a talloc_free() of that part
3) you can name any pointer. Use talloc_named() which is just like
talloc() but takes the printf style name argument as well as the
parent context and the size.
The whole thing ends up being a very simple piece of code, although
some of the pointer walking gets hairy.
So far, I'm just using the new talloc() like the old one. The next
step is to actually take advantage of the new interface
properly. Expect some new commits soon that simplify some common
coding styles in samba4 by using the new talloc().
(This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
|
|
classic case for a list)
(This used to be commit e53d32c65ab0751b3e01f4f699f5d0e1892369ae)
|
|
signing code to be able to cope.
Andrew Bartlett
(This used to be commit cb74d52b563730a50e33c92d868c45ee96a598e8)
|
|
when we have negotiated SPNEGO.
Andrew Bartlett
(This used to be commit 07e3d2c4cd77d06c9ffaefd481ba58e4debe028c)
|
|
to finish
metze
(This used to be commit ddac5e46d42d3b2daae10107b1bcb3b138de7474)
|
|
(This used to be commit 2b41de48b24d5850a2e3a5834916403f44a6d9ed)
|
|
is reworked).
Andrew Bartlett
(This used to be commit 73ee549b8c54e93556ff0105941996e0d4de8303)
|
|
cases, so don't shorten them back to 0 byte data length.
Andrew Bartlett
(This used to be commit 66c54fe7ebdbe1348731191d86ac4804e99d114e)
|
|
Andrew Bartlett
(This used to be commit 30275764d8f22c47d46195e155d07c106ca3beba)
|
|
Andrew Bartlett
(This used to be commit 3520af0f3d8826ac52a7fb6a658ed0924e51bbf7)
|
|
Up to now the client code has had an async API, and operated
asynchronously at the packet level, but was not truly async in that it
assumed that it could always write to the socket and when a partial
packet came in that it could block waiting for the rest of the packet.
This change makes the SMB client library full async, by adding a
separate outgoing packet queue, using non-blocking socket IO and
having a input buffer that can fill asynchonously until the full
packet has arrived.
The main complexity was in dealing with the events structure when
using the CIFS proxy backend. In that case the same events structure
needs to be used in both the client library and the main smbd server,
so that when the client library is waiting for a reply that the main
server keeps processing packets. This required some changes in the
events library code.
Next step is to make the generated rpc client code use these new
capabilities.
(This used to be commit 96bf4da3edc4d64b0f58ef520269f3b385b8da02)
|
|
e.g. we now have 'union smb_mkdir' and 'enum smb_mkdir_level' in sync
we may should also rename 'RAW_MKDIR_*' -> 'SMB_MKDIR_*'
metze
(This used to be commit 0bb50dcf1ccb9797000fcbea4d8a73f2d2a3db77)
|
|
- This causes our client and server code to use the same core code,
with the same debugs etc.
- In turn, this will allow the 'mandetory/fallback' signing algorithms
to be shared, and only written once.
Updates to the SPNEGO code
- Don't wrap an empty token to the server, if we are actually already finished.
Andrew Bartlett
(This used to be commit 35b83eb329482ac1b3bc67285854cc47844ff353)
|
|
close_connection fn of a specific service
metze
(This used to be commit 0e1f5e66d37deb7a77ae9f545e60685428fd9d21)
|
|
SPNEGO, but I'll leave andrew to tackle that.
(This used to be commit 5dd71be8d9e49277f17668877e47729c340f0f67)
|
|
must think carefully about packet chaining when dealing with any
authentication or SMB parsing issues. The particular problem here was
that a chained tconX didn't get the req->session setup after an
initial sesstion setup call, so the tconx used a bogus VUID.
(This used to be commit 6f2a335cd623211071b01d982d4e7c69b49a5602)
|
|
to a struct smbsrv_session that the same as cli_session for the client
we need a gensec_security pointer there
(spnego support will follow)
prefix some related functions with smbsrv_
metze
(This used to be commit f276378157bb9994c4c91ce46150a510de5c33f8)
|