summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* s3: winbindd: Old NT Domain code sets struct winbind_domain->alt_name to be ↵Jeremy Allison2014-09-152-3/+8
| | | | | | | | | | | | | | | | | | NULL. Ensure this is safe with modern AD-DCs. There are places in the code where we're not checking that alt_name is NULL and then calling into the DC lookup code with a NULL name request. This can happen in offline mode. Fixes bug #10717 - Winbind crash on losing VPN connection https://bugzilla.samba.org/show_bug.cgi?id=10717 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Sep 15 23:29:00 CEST 2014 on sn-devel-104
* messaging_dgm: Don't expose the messaging_dgm_contextVolker Lendecke2014-09-143-37/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Right now we can only support one messaging_dgm_context per process anyway, the code has checks for this. I would like to keep it that way, in the future we will have multiple messaging_context's or imessaging_context's filtering based upon the dst server_id. Why this change? messaging_dgm's lockfile contains the serverid->unique_id. When designing messaging_dgm, I had in mind to remove the serverid.tdb and replace it with the dgm lockfiles for server lookup and enumeration. I have a WIP-patchset that gets rid of almost all users of serverid.tdb. The problem is serverid_exists. Here we don't have a messaging_context available, and it would be pretty intrusive to make it so. This problem has plagued us since ctdb was developed, see for example the comment /* * This is a Samba3 hack/optimization. Routines like process_exists need to * talk to ctdbd, and they don't get handed a messaging context. */ in messaging_ctdb.c. This patchset removes this problem in a radical way: Treat the messaging_dgm context as one globally available structure and be done with it. The ctdb socket could go the same way in the future. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Sep 14 16:29:30 CEST 2014 on sn-devel-104
* messaging_dgm: Avoid a tallocVolker Lendecke2014-09-141-10/+10
| | | | | | | Not really required, but it removes a NULL check Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* messaging_dgm: Avoid a tallocVolker Lendecke2014-09-141-7/+8
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* messaging_dgm: messaging_dgm_lockfile_remove does not use tmp_ctx anymoreVolker Lendecke2014-09-141-3/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* messaging_dgm: messaging_dgm_lockfile_create does not use tmp_ctx anymoreVolker Lendecke2014-09-141-3/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* messaging_dgm: Avoid talloc_tos()Volker Lendecke2014-09-141-56/+55
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* messaging_dgm: ReformattingVolker Lendecke2014-09-141-2/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* messaging_dgm: Remove an unnecessary castVolker Lendecke2014-09-141-2/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* namecache: fix uninitialised pointer returnsDavid Disseldorp2014-09-131-3/+3
| | | | | | | | | | asprintf_strupper_m() doesn't set *strp on error. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Sep 13 03:21:39 CEST 2014 on sn-devel-104
* s3: smbd: streams - Ensure share mode validation ignores internal opens ↵Volker Lendecke2014-09-121-1/+6
| | | | | | | | | | | (op_mid == 0). Fixes bug 10797 - smbd panic at find_oplock_types https://bugzilla.samba.org/show_bug.cgi?id=10797 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* media_harmony: Fix a crash bugVolker Lendecke2014-09-121-2/+2
| | | | | | | | | | | | Now that the dust has settled, fix a crash bug that was hidden behind the warnings... Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Sep 12 02:45:40 CEST 2014 on sn-devel-104
* media_harmony: Fix warningsVolker Lendecke2014-09-121-12/+9
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3: smbd - open logic fix.Jeremy Allison2014-09-111-0/+11
| | | | | | | | | | | | | | | | | | | | | | | As we atomically create using O_CREAT|O_EXCL, then if new_file_created is true, then file_existed *MUST* have been false (even if the file was previously detected as being there. We use the variable file_existed again in logic below this statement, so we must set file_existed = false, if new_file_created returns are true from open_file(). Based on a fix from Michael Adam. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10809 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Sep 11 22:29:22 CEST 2014 on sn-devel-104
* vfs_acl_common: dacl size must be updatedRalph Boehme2014-09-111-0/+3
| | | | | | | | | Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 11 03:54:42 CEST 2014 on sn-devel-104
* s3: smbd: Ensure we don't call qsort() with a size of -1.Jeremy Allison2014-09-111-16/+16
| | | | | | | | | | | Based on a patch idea from Ken Harris <kharris@mathworks.com> Fixes bug 10798 - crash in source3/smbd/notify.c https://bugzilla.samba.org/show_bug.cgi?id=10798 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* s3:smbd:open_file: use a more natural check.Michael Adam2014-09-111-1/+3
| | | | | | | As suggested by Jeremy Allison <jra@samba.org>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd: fix a race in open codeMichael Adam2014-09-101-17/+42
| | | | | | | | | | | | | The race is when a file vanishes between existence check and acl check. In this case, open_file_ncreate() returns OBJECT_NAME_NOT_FOUND even if the create was called with disposition OPEN_IF. But in this case, the file should be created. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Fix a typoVolker Lendecke2014-09-101-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd: fix a comment typoRalph Boehme2014-09-091-1/+1
| | | | | | Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* smbd: Move make_dir_struct() to reply.cVolker Lendecke2014-09-093-54/+46
| | | | | | | | This routine has nothing to do with dptr handling, it is SMB1 marshalling called only from reply_search(). Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3:smbd: close the connection if the client doesn't start with a SMB1 ↵Stefan Metzmacher2014-09-091-0/+18
| | | | | | | | | | | | | | | Negprot or old messaging call. The case where the client starts with a SMB2 Negprot is already handled in smbd_smb2_request_dispatch(). Bug: https://bugzilla.samba.org/show_bug.cgi?id=10766 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 9 13:02:21 CEST 2014 on sn-devel-104
* s3: smbd: smb2-sessionsetup. Fix use after free when the sessionsetup ↵Jeremy Allison2014-09-081-0/+6
| | | | | | | | | | request state is freed before struct smbXsrv_session struct. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Sep 8 09:52:23 CEST 2014 on sn-devel-104
* s3-lib: Do not walk past the end of the dos_to_ntstatus_map arrayAndrew Bartlett2014-09-081-1/+1
| | | | | | | | Found by AddressSanitizer Change-Id: Ic8b3e2599713c37b11324f9ec2d01891f0f287b9 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* passdb: Avoid use-after-free when setting a plaintext passwordAndrew Bartlett2014-09-081-2/+3
| | | | | | | | | | | | | | The issue here is that pdb_set_plaintext_passwd() re-used the memory from pdb_get_pw_history() as input We need to free this after we copy and set it. Found by AddressSanitizer Andrew Bartlett Change-Id: I4e148e23ccbbe5444c969ff8f91709791c7696bb Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* s3:build: don't detect perl in source3/wscript again.Michael Adam2014-09-051-1/+0
| | | | | | This is done in the top level now. Signed-off-by: Michael Adam <obnox@samba.org>
* s3: smbd: vfs_dirsort module.Jeremy Allison2014-09-031-1/+1
| | | | | | | | | | | Fix an off-by-one check that would cause seekdir to seek off the end of the cached array. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ronnie Sahlberg <ronniesahlberg.gmail.com> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Sep 3 19:59:54 CEST 2014 on sn-devel-104
* s3-kpasswd: Fix build warning.Günther Deschner2014-09-011-1/+1
| | | | | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Sep 1 18:15:15 CEST 2014 on sn-devel-104
* s3-kpasswd: send a netbios krb5 address to avoid invalid net address errors fromGünther Deschner2014-09-011-0/+14
| | | | | | | | | heimdal. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* Remove custom password change code in libadsSimo Sorce2014-09-011-555/+59
| | | | | | | | | Use standard libkrb5 calls instead. Signed-off-by: Simo Sorce <idra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* Remove duplicate definitionsSimo Sorce2014-09-011-9/+0
| | | | | | | | | Thee are already defined both in Heimdal and MIT public headers Signed-off-by: Simo Sorce <idra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* s3-rpc_client: Do not give NT_STATUS_NO_MEMORY when the source string was NULLAndrew Bartlett2014-09-011-5/+6
| | | | | | | Change-Id: I25a4dcc2239267ee7c219e965693027ca2981983 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* set_dc_type_and_flags_trustinfo: Use init_dc_connection and ↵Andrew Bartlett2014-09-011-18/+26
| | | | | | | | | | | | | wb_open_internal_pipe This means we call this code, and mark trusted domains as active directory, when we are an AD DC. Otherwise, in the previous case we would not have domain->active_directory set, and would fail on connection_ok() due to not having a full connection to our internal DC Change-Id: I7ccee569d69d6c5466334540db8920e57aafa991 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* winbindd: Add debugging to assist in locating errors creating NETLOGON pipesAndrew Bartlett2014-09-011-0/+12
| | | | | | | Change-Id: If15483c37ed43267c6474ce8b5e9d96254745bca Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* passdb: Use sam_get_results_trust() and implement ↵Andrew Bartlett2014-09-011-1/+124
| | | | | | | | | | | | | pdb_samba_dsdb_get_trusteddom_pw We now return the plaintext passwords for trusted domains so winbindd can use them. Change-Id: Ifcd59b0be815d25b73bdbc41db7477895461c7b6 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* winbindd: Do not segfault if the trusted domain has no SIDAndrew Bartlett2014-09-011-1/+9
| | | | | | | | | | | Currently we abort, as skipping the domain would make the loop much more complex for a situation not yet seen in the real world. Andrew Bartlett Change-Id: Ie1e269eb25047d662d8fd0f771ee20de1d48706b Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s3-winbindd: Document parameters in ads_cached_connection_reuseChristof Schmitt2014-08-301-0/+13
| | | | | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 30 06:10:36 CEST 2014 on sn-devel-104
* s3-winbindd: Use more descriptive parameter names in ↵Christof Schmitt2014-08-301-8/+8
| | | | | | | ads_cached_connection_connect Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-winbindd: Use correct realm for trusted domains in idmap childChristof Schmitt2014-08-301-2/+9
| | | | | | | | | | | | When authenticating users in a trusted domain, the idmap_ad module always connects to a local DC instead of one in the trusted domain. Fix this by passing the correct realm to connect to. Also Comment parameters passed to ads_cached_connection_connect Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Also run raw.read against the aio shareChristof Schmitt2014-08-301-0/+4
| | | | | | | | | | This tests the changes in the aio code path. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 30 02:51:46 CEST 2014 on sn-devel-104
* smbd: Add padding byte to readx responseChristof Schmitt2014-08-304-17/+29
| | | | | | | | | | | | | | MS-CIFS 2.2.4.42.2 states: "Pad (1 byte): This field is optional. When using the NT LAN Manager dialect, this field can be used to align the Data field to a 16-bit boundary relative to the start of the SMB Header. If Unicode strings are being used, this field MUST be present. When used, this field MUST be one padding byte long." Always add the padding byte to all readx responses to avoid additional complexity. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture3: Allow padding byte for LARGE_READX responsesChristof Schmitt2014-08-301-1/+2
| | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dosmode: fix FSCTL_SET_SPARSE request validationDavid Disseldorp2014-08-281-0/+13
| | | | | | | | | | | | | Check that FSCTL_SET_SPARSE requests does not refer to directories. Also reject such requests when issued over IPC or printer share connections. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10787 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 28 04:22:37 CEST 2014 on sn-devel-104
* smbd: Properly initialize mangle_hashVolker Lendecke2014-08-261-0/+4
| | | | | | | | | | | | [Bug 10782] mangle_hash() can fail to initialize charset (smbd crash). https://bugzilla.samba.org/show_bug.cgi?id=10782 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Aug 26 01:30:38 CEST 2014 on sn-devel-104
* passdb: fix NT_STATUS_NO_SUCH_GROUPArvid Requate2014-08-251-2/+2
| | | | | | | | | | | | | | | | Share options like "force group" and "valid users = @group1" triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in the SAM backend, its objectclass was not retrived. This fix also revealed a talloc access after free in the group branch of pdb_samba_dsdb_getgrfilter. [Bug 9570] Access failure for shares with "force group" or "valid users = @group" https://bugzilla.samba.org/show_bug.cgi?id=9570 Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Don't discard result of checking grouptypeRoel van Meer2014-08-231-2/+0
| | | | | | | | | | | | | | The pdb_samba_dsdb_getgrfilter() function first determines the security type of a group and sets map->sid_name_use accordingly. A little later, this variable is set again, undoing the previous work. https://bugzilla.samba.org/show_bug.cgi?id=10777 Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 23 02:48:52 CEST 2014 on sn-devel-104
* messaging3: Avoid messaging_is_self_sendVolker Lendecke2014-08-231-9/+6
| | | | | | | | | | | This was a bad API, and it was used in a buggy way: In messaging_dispatch_rec we always did the defer, we referenced the destination pid, not the source. In messaging_send_iov this is the right thing to do to reference the destination, but when we have arrived in messaging_dispatch_rec we should compare source and destination. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pthreadpool: Slightly serialize jobsVolker Lendecke2014-08-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | Using the new msg_source program with 1.500 instances against a single msg_sink I found the msg_source process to spawn two worker threads for synchronously sending the data towards the receiving socket. This should not happen: Per destination node we only create one queue. We strictly only add pthreadpool jobs one after the other, so a single helper thread should be perfectly sufficient. It turned out that under heavy overload the main sending thread was scheduled before the thread that just had finished its send() job. So the helper thread was not able to increment the pool->num_idle variable indicating that we don't have to create a new thread when the new job is added. This patch moves the signalling write under the mutex. This means that indicating readiness via the pipe and the pool->num_idle variable happen both under the same mutex lock and thus are atomic. No superfluous threads anymore. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Add msg_sink/source -- perftestVolker Lendecke2014-08-233-0/+455
| | | | | | | | | | | | | | | | | | | | | | | | | | With this pair of programs I did some performance tests of the messaging system. Guess what -- I found two bugs :-) See the subsequent patches. With 1500 msg_source processes I can generate message overload: A Intel(R) Xeon(R) CPU L5640 @ 2.27GHz can receive roughly 100k messages per second. When using messaging_read_send/recv user/system time is roughly even, a bit more work done in user space. When using messaging_register, due to less malloc activity, user space chews a lot less. By the way: 1.500 helper threads in a blocking sendto() against a single datagram socket reading as fast as it can (with epoll_wait in between) only drove the loadavg to 12 on a 24-core machine. So I guess unix domain datagram sockets are pretty well protected against overload. No thundering herd or so. Interestingly "top" showed msg_sink at less than 90% CPU, although it was clearly the bottleneck. But that must be a "top" artifact. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Fix cleanup2 to utilize on-demand cleanupVolker Lendecke2014-08-231-16/+3
| | | | | | | | | Now we check the cleanup when conflicts happen, not when we first open the file. This means we don't have to re-open the connection to make cleanup happen. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2025-09-27 11:44:51 +0000