Age | Commit message (Collapse) | Author | Files | Lines |
|
another leak in the ASN.1 code that andrew has volunteered to look at
- make the timelimit controllable with -t
(This used to be commit 227d4d2115e768bbae13db2559d27bf8508aa18d)
|
|
(This used to be commit 1cb91a11d46b49ae296abae9c8304e267e922df4)
|
|
(This used to be commit d2c928548336682ffd3dda873f9957f3d041f0af)
|
|
S390. This is an attempt to avoid the panic we're seeing in the
automatic builds.
The main fixes are:
- assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats
- use of NULL format statements to perform dn searches.
- assumption that sizeof() returns an int
(This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
|
|
Creating a file in a directory with delete-on-close set returns
DELETE_PENDING, and trying to set the flag on a non-empty directory returns
DIRECTORY_NOT_EMPTY.
Volker
(This used to be commit 5680f34778b2f5291936f4d4fb937a7713696c52)
|
|
Volker
(This used to be commit 47a9df946d5ff967289fba0ff4209711ead11e31)
|
|
connection(!) and
resetting it on another resets it for both.
Volker
(This used to be commit 30bd7e36669dbb2fd7d85a1cd72927370267d616)
|
|
The share mode db is actually checked on qpathinfo even before the
delete-on-close is executed.
Volker
(This used to be commit 124f3b74ca2ece9ba73737c3ccb75e1730973f19)
|
|
A delete-on-close deleted file is still around while open on another fd. But
only for findfirst, not for qpathinfo :-)
Volker
(This used to be commit dbc7a1a978d782c73f593f4b46f2a81d35169713)
|
|
The biggest change was fixing the RAW-CONTEXT test. It was forcing
capabilities to zero in an attempt to not negotiated extended
security, but as a side effect it was forcing negotiation of dos error
codes. This confused the hell out of the test code!
Also fixed a bunch of places incorrectly using NT_STATUS_V() instead
of NT_STATUS_EQUAL() and several places that had the wrong dos status
codes
(This used to be commit 0b22744f40804a0d6dc94bfc40ec09306f584f7e)
|
|
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'.
GENSEC now no longer has it's own handling of 'set username' etc,
instead it uses cli_credentials calls.
In order to link the credentails code right though Samba, a lot of
interfaces have changed to remove 'username, domain, password'
arguments, and these have been replaced with a single 'struct
cli_credentials'.
In the session setup code, a new parameter 'workgroup' contains the
client/server current workgroup, which seems unrelated to the
authentication exchange (it was being filled in from the auth info).
This allows in particular kerberos to only call back for passwords
when it actually needs to perform the kinit.
The kerberos code has been modified not to use the SPNEGO provided
'principal name' (in the mechListMIC), but to instead use the name the
host was connected to as. This better matches Microsoft behaviour,
is more secure and allows better use of standard kerberos functions.
To achieve this, I made changes to our socket code so that the
hostname (before name resolution) is now recorded on the socket.
In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now
in libcli/auth/schannel.c, and it looks much more like a standard
GENSEC module. The actual sign/seal code moved to
libcli/auth/schannel_sign.c in a previous commit.
The schannel credentails structure is now merged with the rest of the
credentails, as many of the values (username, workstation, domain)
where already present there. This makes handling this in a generic
manner much easier, as there is no longer a custom entry-point.
The auth_domain module continues to be developed, but is now just as
functional as auth_winbind. The changes here are consequential to the
schannel changes.
The only removed function at this point is the RPC-LOGIN test
(simulating the load of a WinXP login), which needs much more work to
clean it up (it contains copies of too much code from all over the
torture suite, and I havn't been able to penetrate its 'structure').
Andrew Bartlett
(This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
|
|
open on the same file on the same connection.
Jeremy.
(This used to be commit 23733abfa201347265f54232989b608b11ad7a85)
|
|
less likely that anyone will use pstring for new code
- got rid of winbind_client.h from includes.h. This one triggered a
huge change, as winbind_client.h was including system/filesys.h and
defining the old uint32 and uint16 types, as well as its own
pstring and fstring.
(This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
|
|
- removed the u32 hack in events.c as I think this was only needed as
tdb.h defines u32. Metze, can you check that this hack is indeed no
longer needed on your suse system?
(This used to be commit 6f79432fe656164d4770dbce114a30dda5e7bf9a)
|
|
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
|
|
handle the inverted memory hierarchy that a normal session
establishment gave. The inverted hierarchy came from that fact that
you first establish a socket, then a transport, then a session and
finally a tree. That leads to the socket being at the top of the
memory hierarchy and the tree at the bottom, which makes no sense from
the users point of view, as they want to be able to free the tree and
have everything disappear.
The core problem was that the libcli interface didn't distinguish
between establishing a primary context and a secondary context. If you
establish a 2nd session on a transport then you want the transport to
be referenced by the session, whereas if you establish a primary
session then you want the transport to be a child of the session.
To fix this I have added "parent_ctx" and "primary" arguments to the
libcli intialisation functions. This makes using the library much
easier, and gives us a memory hierarchy that makes much more sense.
I was prompted to do this by a bug in the cifs backend, which was
caused by the socket not being properly torn down on a disconnect due
to the inverted memory hierarchy.
(This used to be commit 5e8fd5f70178992e249805c2e1ddafaf6840739b)
|
|
encapsulates all the different session setup methods, including the
multi-pass spnego code.
I have hooked this into all the places that previously used the
RAW_SESSSETUP_GENERIC method, and have removed the old
RAW_SESSSETUP_GENERIC code from clisession.c and clitree.c. A nice
side effect is that these two modules are now very simple again, back
to being "raw" session setup handling, which was what was originally
intended.
I have also used this to replace the session setup code in the
smb_composite_connect() code, and used that to build a very simple
replacement for smbcli_tree_full_connection().
As a result, smbclient, smbtorture and all our other SMB connection
code now goes via these composite async functions. That should give
them a good workout!
(This used to be commit 080d0518bc7d6fd4bc3ef783e7d4d2e3275d0799)
|
|
talloc_size() or talloc_array_p() where appropriate.
also fixed a memory leak in pvfs_copy_file() (failed to free a memory
context)
(This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
|
|
talloc(ctx, 0) call.
- cleaned up some talloc usage in various files
I'd like to get to the point that we have no calls to talloc(), at
which point we will rename talloc_p() to talloc(), to encourage
everyone to use the typesafe functions.
(This used to be commit e6c81d7c9f8a6938947d3c1c8a971a0d6d50b67a)
|
|
(This used to be commit 382231ca365eccec8024af9420b1ebe41953bdb5)
|
|
setup the directory before each test,
thus avoiding errors due to previous failures
(This used to be commit a44fa5319d87e57f4b904334d9ea65cc6807b789)
|
|
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2)
all this fixes a lot of gcc-4 warnings
metze
(This used to be commit b94f92bc6637f748d6f7049f4f9a30b0b8d18a7a)
|
|
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
|
|
in my compile
(This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)
|
|
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and
SEC_RIGHTS_FULL_CONTROL, which are just other names for
SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names
match the new naming conventions in security.idl
Also added names for the generic->specific mappings for files are
directories
(This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
|
|
- removed the clitar code. It is unmaintained, and a horribly badly done hack
- removed client.h as it contained mostly unused definitions
- removed the unused clidfs.c code
(This used to be commit 31a7bddbb3815b4d625e993dbce4805dae1c18f8)
|
|
definitions for security access masks, in security.idl
The previous definitions were inconsistently named, and contained many
duplicate and misleading entries. I kept finding myself tripping up
while using them.
(This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
|
|
apologies for not committing this earlier
(This used to be commit 0950681091ab99f0e79048a9c1db57d057a96e66)
|
|
metze
(This used to be commit 234166606dc86b9e98226cff94b3869ec173671e)
|
|
tridge: please fix that!
metze
(This used to be commit 45401b757e13036b9e8bffce3e7c3695a6da1e9b)
|
|
the capabilities and filesystem attribute bits of the server.
(This used to be commit 9debe2938194d686eb9ef46f7e10010490f2a624)
|
|
write time is sticky, and causes any subsequent writes not to update
the last write time. Added write that extends the file followed by
fnum specific smbflush. It stays the same time :-).
Jeremy.
(This used to be commit a2ea2166dcb7044d7b9e53417e53febea2f81e20)
|
|
with setfileinfo modifying the write time. I have some ideas on how
to emulate this in the Samba server now but the commented case will
be very hard...
Jeremy.
(This used to be commit c9211d084719a16f671b315a9c0bc6ed59fa8c8e)
|
|
test that uses 2 connections and queries the time via pathinfo, not fileinfo.
MSDN states : "When writing to a file, the last write time is not fully updated
until all handles used for writing have been closed." - but this is obviously
untrue. W2K3 seems to use a 2 second granularity for this. Next I'll try using
SetFileTime equivalent to see if this takes the same time to take effect.
Jeremy.
(This used to be commit 2e47e241f98c3dba8be346cea726def38399eb97)
|
|
clear what the correct behaviour is for delayed stat info update.
- use a common torture_setup_dir() function for setting up a test
directory in torture tests.
(This used to be commit f7fb34715b7d6ea3c35ddd684cfb27459a420339)
|
|
waiting for a chkpath response
- fixed open async send in BASE-DISCONNECT
with these changes BASE-DISCONNECT crashes Samba4, as it was designed
to do. I'll work on a fix :)
(This used to be commit 25e01384647116d8ea0f20a6988fb8fe63218840)
|
|
parsing, so that module init can take account of lp_ parms (thats
why gensec:krb5=no wasn't working)
- added a BASE-DISCONNECT torture test that tests server response to
clients disconnecting with open lock and open requests pending
(This used to be commit 5205f598b8c0be6985e61cc842cc5da109ba5b7e)
|
|
this test demonstrates how w2k3 handles the special semantics of
DENY_DOS when 2 opens happen on the same connection. The 2nd open
doesn't actually do a NTFS open, it happens as a secondary reference
to the same internal file handle in the CIFS layer. The evidence is
that the 2nd open shares the same POSITION_INFORMATION field as the
first open, but only for the special DENY_DOS cases that would
normally be refused.
(This used to be commit eeec57d4f6d18a40e0ce451bfe051b3f699e8337)
|
|
- pvfs now passes BASE-OPENATTR
- pvfs also passes the BASE-DEFER_OPEN test, but it is not a well
formed test for regular running so I am removing it from the list of
tests to run in test_posix.sh (the test is covered better by RAW-MUX
anyway)
(This used to be commit cb76bd218ed4194ea151264d495aa902ddf03b3c)
|
|
fixes most of them, although RAW-SEARCH still fails (due to an
interaction with the new xattr code)
(This used to be commit 09b4652b40c4cfca027765178bd5a0adbaa666c2)
|
|
deferred reply is short-circuited immediately when the file is
closed by another user, allowing it to be opened by the waiting user.
- added a sane set of timeval manipulation routines
- converted all the events code and code that uses it to use struct
timeval instead of time_t, which allows for microsecond resolution
instead of 1 second resolution. This was needed for doing the pvfs
deferred open code, and is why the patch is so big.
(This used to be commit 0d51511d408d91eb5f68a35e980e0875299b1831)
|
|
(This used to be commit c6f486574470a311e0d336c026103f131451e21e)
|
|
ioctl.h)
(This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
|
|
the ldb part isn't ideal, I will have to think of a better solution
(This used to be commit 6b1f86aea8427a8e957b1aeb0ec2f507297f07cb)
|
|
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
|
|
(This used to be commit dd0618d5950ca052b57715cb8451af23e4622049)
|
|
and made them private
(This used to be commit 386ac565c452ede1d74e06acb401ca9db99d3ff3)
|
|
- added testing of the FLAGS2_READ_PERMIT_EXECUTE bit in the ntdeny tests
(This used to be commit adf4a682705871186f3b77ea6d417942445fc5d3)
|
|
SA_RIGHT_FILE_EXECUTE, which depends on a flags2 bit
(This used to be commit c36851d230bcf552ed79322f8358060ab164ec09)
|
|
- added new tests BASE-NTDENY1 and BASE-NTDENY2. These are the
ntcreatex equivalents of the BASE-DENY1 and BASE-DENY2
tests. Unfortunately, with ntcreatex there are 4 million combination
and trying each one takes 1 second, so randomised testing is the
only choice. The BASE-DENY1 test can operate in parallel with
hundreds of connections, speeding things up a bit (as most time is
spent waiting 1 second for a sharing violation to come back)
(This used to be commit b95493d3d16581b8dd8f4727cd10631c18e16748)
|