summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* passdb: Use sam_get_results_trust() and implement ↵Andrew Bartlett2014-09-011-1/+124
| | | | | | | | | | | | | pdb_samba_dsdb_get_trusteddom_pw We now return the plaintext passwords for trusted domains so winbindd can use them. Change-Id: Ifcd59b0be815d25b73bdbc41db7477895461c7b6 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* winbindd: Do not segfault if the trusted domain has no SIDAndrew Bartlett2014-09-011-1/+9
| | | | | | | | | | | Currently we abort, as skipping the domain would make the loop much more complex for a situation not yet seen in the real world. Andrew Bartlett Change-Id: Ie1e269eb25047d662d8fd0f771ee20de1d48706b Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s3-winbindd: Document parameters in ads_cached_connection_reuseChristof Schmitt2014-08-301-0/+13
| | | | | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 30 06:10:36 CEST 2014 on sn-devel-104
* s3-winbindd: Use more descriptive parameter names in ↵Christof Schmitt2014-08-301-8/+8
| | | | | | | ads_cached_connection_connect Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-winbindd: Use correct realm for trusted domains in idmap childChristof Schmitt2014-08-301-2/+9
| | | | | | | | | | | | When authenticating users in a trusted domain, the idmap_ad module always connects to a local DC instead of one in the trusted domain. Fix this by passing the correct realm to connect to. Also Comment parameters passed to ads_cached_connection_connect Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Also run raw.read against the aio shareChristof Schmitt2014-08-301-0/+4
| | | | | | | | | | This tests the changes in the aio code path. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 30 02:51:46 CEST 2014 on sn-devel-104
* smbd: Add padding byte to readx responseChristof Schmitt2014-08-304-17/+29
| | | | | | | | | | | | | | MS-CIFS 2.2.4.42.2 states: "Pad (1 byte): This field is optional. When using the NT LAN Manager dialect, this field can be used to align the Data field to a 16-bit boundary relative to the start of the SMB Header. If Unicode strings are being used, this field MUST be present. When used, this field MUST be one padding byte long." Always add the padding byte to all readx responses to avoid additional complexity. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture3: Allow padding byte for LARGE_READX responsesChristof Schmitt2014-08-301-1/+2
| | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dosmode: fix FSCTL_SET_SPARSE request validationDavid Disseldorp2014-08-281-0/+13
| | | | | | | | | | | | | Check that FSCTL_SET_SPARSE requests does not refer to directories. Also reject such requests when issued over IPC or printer share connections. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10787 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 28 04:22:37 CEST 2014 on sn-devel-104
* smbd: Properly initialize mangle_hashVolker Lendecke2014-08-261-0/+4
| | | | | | | | | | | | [Bug 10782] mangle_hash() can fail to initialize charset (smbd crash). https://bugzilla.samba.org/show_bug.cgi?id=10782 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Aug 26 01:30:38 CEST 2014 on sn-devel-104
* passdb: fix NT_STATUS_NO_SUCH_GROUPArvid Requate2014-08-251-2/+2
| | | | | | | | | | | | | | | | Share options like "force group" and "valid users = @group1" triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in the SAM backend, its objectclass was not retrived. This fix also revealed a talloc access after free in the group branch of pdb_samba_dsdb_getgrfilter. [Bug 9570] Access failure for shares with "force group" or "valid users = @group" https://bugzilla.samba.org/show_bug.cgi?id=9570 Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Don't discard result of checking grouptypeRoel van Meer2014-08-231-2/+0
| | | | | | | | | | | | | | The pdb_samba_dsdb_getgrfilter() function first determines the security type of a group and sets map->sid_name_use accordingly. A little later, this variable is set again, undoing the previous work. https://bugzilla.samba.org/show_bug.cgi?id=10777 Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 23 02:48:52 CEST 2014 on sn-devel-104
* messaging3: Avoid messaging_is_self_sendVolker Lendecke2014-08-231-9/+6
| | | | | | | | | | | This was a bad API, and it was used in a buggy way: In messaging_dispatch_rec we always did the defer, we referenced the destination pid, not the source. In messaging_send_iov this is the right thing to do to reference the destination, but when we have arrived in messaging_dispatch_rec we should compare source and destination. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pthreadpool: Slightly serialize jobsVolker Lendecke2014-08-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | Using the new msg_source program with 1.500 instances against a single msg_sink I found the msg_source process to spawn two worker threads for synchronously sending the data towards the receiving socket. This should not happen: Per destination node we only create one queue. We strictly only add pthreadpool jobs one after the other, so a single helper thread should be perfectly sufficient. It turned out that under heavy overload the main sending thread was scheduled before the thread that just had finished its send() job. So the helper thread was not able to increment the pool->num_idle variable indicating that we don't have to create a new thread when the new job is added. This patch moves the signalling write under the mutex. This means that indicating readiness via the pipe and the pool->num_idle variable happen both under the same mutex lock and thus are atomic. No superfluous threads anymore. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Add msg_sink/source -- perftestVolker Lendecke2014-08-233-0/+455
| | | | | | | | | | | | | | | | | | | | | | | | | | With this pair of programs I did some performance tests of the messaging system. Guess what -- I found two bugs :-) See the subsequent patches. With 1500 msg_source processes I can generate message overload: A Intel(R) Xeon(R) CPU L5640 @ 2.27GHz can receive roughly 100k messages per second. When using messaging_read_send/recv user/system time is roughly even, a bit more work done in user space. When using messaging_register, due to less malloc activity, user space chews a lot less. By the way: 1.500 helper threads in a blocking sendto() against a single datagram socket reading as fast as it can (with epoll_wait in between) only drove the loadavg to 12 on a 24-core machine. So I guess unix domain datagram sockets are pretty well protected against overload. No thundering herd or so. Interestingly "top" showed msg_sink at less than 90% CPU, although it was clearly the bottleneck. But that must be a "top" artifact. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Fix cleanup2 to utilize on-demand cleanupVolker Lendecke2014-08-231-16/+3
| | | | | | | | | Now we check the cleanup when conflicts happen, not when we first open the file. This means we don't have to re-open the connection to make cleanup happen. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Run the cleanup2 test against 2 nodesVolker Lendecke2014-08-231-1/+1
| | | | | | | This enables testing the brlock cleanup across ctdb Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* brlock: Remove validate_lock_entriesVolker Lendecke2014-08-231-94/+1
| | | | | | | | | This is now only called during brl_forall. It does not really hurt if we list dead processes here. If the upper layers really care, they can filter it out themselves. The real lock conflicts are not removed on-demand. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* brlock: Do auto-cleanup at conflict timeVolker Lendecke2014-08-234-48/+57
| | | | | | | This avoids the need to do sweeping validate_lock_entries calls Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smbd: POSIX ACLs. Remove incorrect check for SECINFO_PROTECTED_DACL in ↵Jeremy Allison2014-08-221-5/+1
| | | | | | | | | | | | | | | incoming security_information flags in posix_get_nt_acl_common(). Tidy-up of code obsoleted by fixes for bug #10773 (SECINFO_PROTECTED_DACL is not ignored). We now never pass SECINFO_PROTECTED_DACL in security_information flags to this layer. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Aug 22 11:26:57 CEST 2014 on sn-devel-104
* messaging_dgm: Factor out messaging_dgm_lockfile_nameVolker Lendecke2014-08-221-9/+15
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 22 05:20:43 CEST 2014 on sn-devel-104
* messaging_dgm: Use %ju to fill lockfileVolker Lendecke2014-08-221-1/+1
| | | | | | | | | ... much nicer than PRIu64 Also, append a \n. Makes it better readable when looking at the lockfile Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd: mask security_information input values with SMB_SUPPORTED_SECINFO_FLAGSStefan Metzmacher2014-08-224-5/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes Windows clients doesn't filter SECINFO_[UN]PROTECTED_[D|S]ACL flags before sending the security_information to the server. security_information = SECINFO_PROTECTED_DACL| SECINFO_DACL results in a NULL dacl being returned from an GetSecurityDecriptor request. This happens because posix_get_nt_acl_common() has the following logic: if ((security_info & SECINFO_DACL) && !(security_info & SECINFO_PROTECTED_DACL)) { ... create DACL ... } I'm not sure if the logic is correct or wrong in this place (I guess it's wrong...). But what I know is that the SMB server should filter the given security_information flags before passing to the filesystem. [MS-SMB2] 3.3.5.20.3 Handling SMB2_0_INFO_SECURITY ... The server MUST ignore any flag value in the AdditionalInformation field that is not specified in section 2.2.37. Section 2.2.37 lists: OWNER_SECURITY_INFORMATION GROUP_SECURITY_INFORMATION DACL_SECURITY_INFORMATION SACL_SECURITY_INFORMATION LABEL_SECURITY_INFORMATION ATTRIBUTE_SECURITY_INFORMATION SCOPE_SECURITY_INFORMATION BACKUP_SECURITY_INFORMATION Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libsmb: Set a max charge for SMB2 connectionsRoss Lagerwall2014-08-211-0/+5
| | | | | | | | | | | | Set a max charge for SMB2 connections so that larger request sizes can be used and more requests can be in flight. Signed-off-by: Ross Lagerwall <rosslagerwall@gmail.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Aug 21 17:31:11 CEST 2014 on sn-devel-104
* smbcontrol: Fix a typoVolker Lendecke2014-08-211-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <Ira@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Aug 21 14:58:37 CEST 2014 on sn-devel-104
* smbd: Only DEBUG errors from messaging_cleanupVolker Lendecke2014-08-211-2/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ronnie sahlberg <ronniesahlberg@gmail.com>
* messaging3: Don't print a message if there's nothing to clean upVolker Lendecke2014-08-211-2/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ronnie sahlberg <ronniesahlberg@gmail.com>
* lib: Check socket length in ctdbd_connectVolker Lendecke2014-08-211-1/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ronnie sahlberg <ronniesahlberg@gmail.com>
* s4:torture: add boilerplate code for vfs_fruitRalph Boehme2014-08-181-1/+6
| | | | | | Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* New VFS module vfs_fruitRalph Boehme2014-08-183-1/+2954
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This module provides enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. The module intercepts the OS X special streams "AFP_AfpInfo" and "AFP_Resource" and handles them in a special way. All other named streams are deferred to vfs_streams_xattr. The OS X client maps all NTFS illegal characters to the Unicode private range. This module optionally stores the charcters using their native ASCII encoding. Open modes are optionally checked against Netatalk AFP share modes. The "AFP_AfpInfo" named stream is a binary blob containing OS X extended metadata for files and directories. This module optionally reads and stores this metadata in a way compatible with Netatalk 3 which stores the metadata in an EA "org.netatalk.metadata". Cf source3/include/MacExtensions.h for a description of the binary blobs content. The "AFP_Resource" named stream may be arbitrarily large, thus it can't be stored in an EA on most filesystem. ZFS on Solaris is an exception to the rule, because it there EAs can be of any size and EAs are first-class filesystem objects that can be used with normal file syscalls like open(), read(), write(), fcntl() asf. This module stores the AFP_Resource stream in an AppleDouble file, prepending "._" to the filename. On Solaris and ZFS the stream is optionally stored in an EA "org.netatalk.ResourceFork". Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Fix AFP_BackupTime byte order and use ISO C99 integer typesRalph Boehme2014-08-181-5/+5
| | | | | | | | | AFP_BackupTime value must be 0x80000000 and all existing defines use native byte order, not byte swapped. Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* build: fix configure to honour --without-dmapiMichael Adam2014-08-181-28/+44
| | | | | | | | | | | | Previously, --without-dmapi would still autodetect and link a useable dmapi library. This change allows to build without dmapi support even when a dmapi library is found. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10369 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* Remove popt/iniparser from .clang_completeJeremy Allison2014-08-141-2/+0
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Replace all uses of iniparser with tiniparser.Jeremy Allison2014-08-142-6/+6
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Fixed a memory leak in cli_set_mntpoint().Har Gagan Sahai2014-08-131-2/+4
| | | | | | | | | | | | | | Fixes bug #10759 - Memory leak in libsmbclient in cli_set_mntpoint function https://bugzilla.samba.org/show_bug.cgi?id=10759 Signed-off-by: Har Gagan Sahai <SHarGagan@novell.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Aug 13 04:36:50 CEST 2014 on sn-devel-104
* messaging3: Include messages_dgm.h only in messages.cVolker Lendecke2014-08-122-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Aug 12 02:21:32 CEST 2014 on sn-devel-104
* messaging3: Move messaging_hdr handling to messages.c.Volker Lendecke2014-08-113-68/+51
| | | | | | | | This makes messages_dgm a simple byte-transport across processes that knows almost nothing about server_id etc. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Only store the pid in messaging_dgm_contextVolker Lendecke2014-08-111-6/+4
| | | | | | | That's all we need here Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Save 48 bytes .textVolker Lendecke2014-08-111-5/+5
|
* messaging3: Remove one-context protection from messages.cVolker Lendecke2014-08-111-22/+0
| | | | | | | messages_dgm.c takes care of it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Protect messaging_dgm against multiple contextsVolker Lendecke2014-08-111-0/+14
| | | | | | | We can't rely on posix locking within a process Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Add messages_dgm.hVolker Lendecke2014-08-113-24/+48
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Pass on msg_type unmaskedVolker Lendecke2014-08-111-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: I don't see 2 versions running concurrently...Volker Lendecke2014-08-111-2/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Avoid "enum messaging_type" in messages_dgmVolker Lendecke2014-08-111-2/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Pass dir_owner to messaging_dgm_init()Volker Lendecke2014-08-113-7/+9
|
* messaging3: Pass cache_dir to messaging_dgm_init()Volker Lendecke2014-08-113-8/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Move [un]become_root() calls out of messaging_dgm_send()Volker Lendecke2014-08-112-2/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Move sec_init() call out of messaging_dgm_init()Volker Lendecke2014-08-112-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Directly refer to messaging_dgm in messages.cVolker Lendecke2014-08-113-64/+36
| | | | | | | | | | | | | This removes the messaging_backend abstraction layer from messages_dgm.c. That layer was introduced for ctdb and is still used there. But as the messaging_dgm interface is very slim anyway, I don't think directly calling it is too bad. Why this commit? It is another step towards making messages_dgm independent of messages.[ch], thus it might become usable in other contexts like ctdb and source4 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2025-09-27 01:20:00 +0000