diff options
| author | Gerald Carter <jerry@samba.org> | 2003-02-04 02:12:33 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2003-02-04 02:12:33 +0000 |
| commit | f5360a76016bf937695297e399f3e5b962ada1e9 (patch) | |
| tree | f30e17081724751f0ee53f21a57175c4aef72e8b | |
| parent | e8023090f0dc33a12815bfd19ea3dcb7c82b9319 (diff) | |
| download | samba-f5360a76016bf937695297e399f3e5b962ada1e9.tar.gz samba-f5360a76016bf937695297e399f3e5b962ada1e9.tar.xz samba-f5360a76016bf937695297e399f3e5b962ada1e9.zip | |
syncing up with SAMBA_2_2 for 2.2.8pre1
51 files changed, 937 insertions, 410 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 5385ebe1aea..46ea141de70 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,12 +1,58 @@ - WHAT'S NEW IN Samba 2.2.7a - 10th December 2002 - =============================================== + What's new in Samba 2.2.8pre1 - 3rd February 2003 + ================================================= -This is the latest stable release of Samba. This is the version -that all production Samba servers should be running for all current -bug-fixes. The primary reason for this release is to correct problems -with large file (>2Gb) support. Please see the "Changes..." section -for more details. +This is a non-production, preview release of the upcoming Samba +2.2.8 distribution. This preview release is for testing purposes +only and should not be installed in production environments. + +The purpose of this preview release to make numerous bugs fixes +for Samba 2.2.7a available to the Samba community. Please report +testing results of this release to the Samba mailing list +<samba@samba.org>. + + +Changes since 2.2.7a +--------------------- + +See the cvs log for SAMBA_2_2 for more details +1) Fix seg fault in smbpasswd when specifying the new password + as a command line argument +2) Correct 64-but file sizes issues with smbtar and smbclient +3) Add batch mode option to pdbedit +4) Add protection in nmbd against malformed reply packets +5) Fix bug with sendfile profiling support in smbstatus output +6) Correct bug in "hide unreadable" smb.conf parameter that + resulted in incorrect directory listings +7) Fix bug in group enumerationg in winbindd +8) Correct build issues with libsmbclient on Solaris +9) Fix memory leak and bad pointer dereference in password + changing code in smbd +10) Fix for changing attributes on a file truncate +11) Ensure smbd process count never gets to -1 if limiting number + of processes +12) Ensure we return disk full by default on short writes +13) Don't delete jobs submitted after the lpq time +14) Fix reference count bug where smbd's would not terminate + with no open resources +15) Performance fix when using quota support on HP-UX +16) Fixes for --with-ldapsam + * Default to port 389 when "ldap ssl != on" + * add support for rebinding to the master directory server + for password changes when "ldap server" points to a read-only + slave +17) Add -W and -X comand line flags to smbpasswd for extracting and + setting the machine/domain SID in secrets.tdb. See the + smbpasswd(8) man page for details. +18) Added (c) Luke Howard to winbind_nss_solaris.c for coded + obtained from PADL's nss_ldap library. +19) Fix bug in samr_dispinfo query in winbindd +20) Fix segfault in NTLMSSP password changing code for + guest connections +21) Correct pstring/fstring mismatches +22) Send level II oplock break requests synchronously to prevent + condition where one smbd would continually lock a share entry + in locking.tdb Changes since 2.2.7 diff --git a/docs/Samba-HOWTO-Collection.pdf b/docs/Samba-HOWTO-Collection.pdf index 7ea8b98e039..72beba7291d 100644 --- a/docs/Samba-HOWTO-Collection.pdf +++ b/docs/Samba-HOWTO-Collection.pdf @@ -1,6 +1,6 @@ %PDF-1.3 %âãÏÓ -1 0 obj<</Producer(htmldoc 1.8.22 Copyright 1997-2002 Easy Software Products, All Rights Reserved.)/CreationDate(D:20021119124951+0600)/Title(SAMBA Project Documentation)/Creator(Modular DocBook HTML Stylesheet Version 1.57)>>endobj +1 0 obj<</Producer(htmldoc 1.8.22 Copyright 1997-2002 Easy Software Products, All Rights Reserved.)/CreationDate(D:20030201112407+0600)/Title(SAMBA Project Documentation)/Creator(Modular DocBook HTML Stylesheet Version 1.57)>>endobj 2 0 obj<</Type/Encoding/Differences[ 32/space/exclam/quotedbl/numbersign/dollar/percent/ampersand/quotesingle/parenleft/parenright/asterisk/plus/comma/minus/period/slash/zero/one/two/three/four/five/six/seven/eight/nine/colon/semicolon/less/equal/greater/question/at/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O/P/Q/R/S/T/U/V/W/X/Y/Z/bracketleft/backslash/bracketright/asciicircum/underscore/grave/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/x/y/z/braceleft/bar/braceright/asciitilde 128/Euro 130/quotesinglbase/florin/quotedblbase/ellipsis/dagger/daggerdbl/circumflex/perthousand/Scaron/guilsinglleft/OE 145/quoteleft/quoteright/quotedblleft/quotedblright/bullet/endash/emdash/tilde/trademark/scaron/guilsinglright/oe 159/Ydieresis/space/exclamdown/cent/sterling/currency/yen/brokenbar/section/dieresis/copyright/ordfeminine/guillemotleft/logicalnot/hyphen/registered/macron/degree/plusminus/twosuperior/threesuperior/acute/mu/paragraph/periodcentered/cedilla/onesuperior/ordmasculine/guillemotright/onequarter/onehalf/threequarters/questiondown/Agrave/Aacute/Acircumflex/Atilde/Adieresis/Aring/AE/Ccedilla/Egrave/Eacute/Ecircumflex/Edieresis/Igrave/Iacute/Icircumflex/Idieresis/Eth/Ntilde/Ograve/Oacute/Ocircumflex/Otilde/Odieresis/multiply/Oslash/Ugrave/Uacute/Ucircumflex/Udieresis/Yacute/Thorn/germandbls/agrave/aacute/acircumflex/atilde/adieresis/aring/ae/ccedilla/egrave/eacute/ecircumflex/edieresis/igrave/iacute/icircumflex/idieresis/eth/ntilde/ograve/oacute/ocircumflex/otilde/odieresis/divide/oslash/ugrave/uacute/ucircumflex/udieresis/yacute/thorn/ydieresis]>>endobj 3 0 obj<</Type/Font/Subtype/Type1/BaseFont/Courier/Encoding 2 0 R>>endobj 4 0 obj<</Type/Font/Subtype/Type1/BaseFont/Courier-Bold/Encoding 2 0 R>>endobj @@ -3167,7 +3167,7 @@ xref 0000246836 00000 n 0000246925 00000 n trailer -<</Size 1021/Root 1020 0 R/Info 1 0 R/ID[<99fe594a95c1fff1643a6f06804b26d4><99fe594a95c1fff1643a6f06804b26d4>]>> +<</Size 1021/Root 1020 0 R/Info 1 0 R/ID[<a1f72d1f02ec5c904fa524f9b1183212><a1f72d1f02ec5c904fa524f9b1183212>]>> startxref 247391 %%EOF diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml index 03621c409a0..8581a61e0b5 100644 --- a/docs/docbook/manpages/smb.conf.5.sgml +++ b/docs/docbook/manpages/smb.conf.5.sgml @@ -5237,9 +5237,9 @@ connections with usernames not in the <parameter>user</parameter> list will be allowed. By default this option is disabled so that a client can supply a username to be used by the server. Enabling - this parameter will force the server to only user the login + this parameter will force the server to only use the login names from the <parameter>user</parameter> list and is only really - useful in <link linkend="SECURITYEQUALSSHARE">shave level</link> + useful in <link linkend="SECURITYEQUALSSHARE">share level</link> security.</para> <para>Note that this also means Samba won't try to deduce diff --git a/docs/docbook/manpages/smbpasswd.8.sgml b/docs/docbook/manpages/smbpasswd.8.sgml index d607fa1ca92..9f23dab19cf 100644 --- a/docs/docbook/manpages/smbpasswd.8.sgml +++ b/docs/docbook/manpages/smbpasswd.8.sgml @@ -69,6 +69,13 @@ <command>smbpasswd</command> accesses the local smbpasswd file directly, thus enabling changes to be made even if smbd is not running. </para> + + <para><command>smbpasswd</command> can also be used to retrieve + the SIDs related to previous incarnations of this server on the + same machine, as well as set the SID of this domain. This is needed + in those cases when the admin changes the NetBIOS or DNS name of + the server without realizing that doing so will change the SID of + the server as well. See the -W and -X options below. </para> </refsect1> <refsect1> @@ -210,7 +217,24 @@ </listitem> </varlistentry> - + <varlistentry> + <term> -W S-1-5-21-x-y-z</term> + <listitem><para>This option forces the SID S-1-5-21-x-y-z to + be the server and domain SID for the current Samba server. It + does this by updating the appropriate keys in the secrets + file. </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> -X server|domain</term> + <listitem><para>This option allows the admin to retrieve the + SID associated with a former servername or domain name that + this Samba server might have used. It does this by retrieving + the appropriate entry from the secrets file.</para> + </listitem> + </varlistentry> + <varlistentry> <term><command>NOTE:</command></term> <listitem><para> diff --git a/docs/htmldocs/smb.conf.5.html b/docs/htmldocs/smb.conf.5.html index 128ec728e5d..e84ef070522 100644 --- a/docs/htmldocs/smb.conf.5.html +++ b/docs/htmldocs/smb.conf.5.html @@ -13146,7 +13146,7 @@ CLASS="PARAMETER" > list will be allowed. By default this option is disabled so that a client can supply a username to be used by the server. Enabling - this parameter will force the server to only user the login + this parameter will force the server to only use the login names from the <TT CLASS="PARAMETER" ><I @@ -13155,7 +13155,7 @@ CLASS="PARAMETER" > list and is only really useful in <A HREF="#SECURITYEQUALSSHARE" ->shave level</A +>share level</A > security.</P ><P diff --git a/docs/htmldocs/smbpasswd.8.html b/docs/htmldocs/smbpasswd.8.html index 7c0699c535b..c05a22c2579 100644 --- a/docs/htmldocs/smbpasswd.8.html +++ b/docs/htmldocs/smbpasswd.8.html @@ -115,11 +115,21 @@ CLASS="COMMAND" > accesses the local smbpasswd file directly, thus enabling changes to be made even if smbd is not running. </P +><P +><B +CLASS="COMMAND" +>smbpasswd</B +> can also be used to retrieve + the SIDs related to previous incarnations of this server on the + same machine, as well as set the SID of this domain. This is needed + in those cases when the admin changes the NetBIOS or DNS name of + the server without realizing that doing so will change the SID of + the server as well. See the -W and -X options below. </P ></DIV ><DIV CLASS="REFSECT1" ><A -NAME="AEN36" +NAME="AEN38" ></A ><H2 >OPTIONS</H2 @@ -331,6 +341,24 @@ CLASS="PARAMETER" used to create the machine account when invoked with -j</P ></DD ><DT +>-W S-1-5-21-x-y-z</DT +><DD +><P +>This option forces the SID S-1-5-21-x-y-z to + be the server and domain SID for the current Samba server. It + does this by updating the appropriate keys in the secrets + file. </P +></DD +><DT +>-X server|domain</DT +><DD +><P +>This option allows the admin to retrieve the + SID associated with a former servername or domain name that + this Samba server might have used. It does this by retrieving + the appropriate entry from the secrets file.</P +></DD +><DT ><B CLASS="COMMAND" >NOTE:</B @@ -685,7 +713,7 @@ CLASS="FILENAME" ><DIV CLASS="REFSECT1" ><A -NAME="AEN213" +NAME="AEN223" ></A ><H2 >NOTES</H2 @@ -728,7 +756,7 @@ CLASS="FILENAME" ><DIV CLASS="REFSECT1" ><A -NAME="AEN223" +NAME="AEN233" ></A ><H2 >VERSION</H2 @@ -739,7 +767,7 @@ NAME="AEN223" ><DIV CLASS="REFSECT1" ><A -NAME="AEN226" +NAME="AEN236" ></A ><H2 >SEE ALSO</H2 @@ -762,7 +790,7 @@ TARGET="_top" ><DIV CLASS="REFSECT1" ><A -NAME="AEN232" +NAME="AEN242" ></A ><H2 >AUTHOR</H2 diff --git a/docs/manpages/pdbedit.8 b/docs/manpages/pdbedit.8 index 01593b3f881..30fe63e4da5 100644 --- a/docs/manpages/pdbedit.8 +++ b/docs/manpages/pdbedit.8 @@ -8,7 +8,7 @@ pdbedit \- manage the SAM database .SH SYNOPSIS .sp -\fBpdbedit\fR [ \fB-l\fR ] [ \fB-v\fR ] [ \fB-w\fR ] [ \fB-u username\fR ] [ \fB-f fullname\fR ] [ \fB-h homedir\fR ] [ \fB-d drive\fR ] [ \fB-s script\fR ] [ \fB-p profile\fR ] [ \fB-a\fR ] [ \fB-m\fR ] [ \fB-x\fR ] [ \fB-i file\fR ] +\fBpdbedit\fR [ \fB-l\fR ] [ \fB-v\fR ] [ \fB-w\fR ] [ \fB-u username\fR ] [ \fB-f fullname\fR ] [ \fB-h homedir\fR ] [ \fB-d drive\fR ] [ \fB-s script\fR ] [ \fB-p profile\fR ] [ \fB-a\fR ] [ \fB-b\fR ] [ \fB-m\fR ] [ \fB-x\fR ] [ \fB-i file\fR ] .SH "DESCRIPTION" .PP This tool is part of the Samba suite. @@ -145,6 +145,13 @@ new password: .sp .fi .TP +\fB-b\fR +This option causes pdbedit to read the password from standard +input, rather than from \fI/dev/tty\fR. + +Example: \fBecho -e "secret\\nsecret\\n" | pdbedit -a -b -u sorce\fR +.fi +.TP \fB-m\fR This option may only be used in conjunction with the \fI-a\fR option. It will make diff --git a/docs/manpages/smb.conf.5 b/docs/manpages/smb.conf.5 index 228a6047791..b05361fb9ca 100644 --- a/docs/manpages/smb.conf.5 +++ b/docs/manpages/smb.conf.5 @@ -3,7 +3,7 @@ .\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/> .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "SMB.CONF" "5" "19 November 2002" "" "" +.TH "SMB.CONF" "5" "01 February 2003" "" "" .SH NAME smb.conf \- The configuration file for the Samba suite .SH "SYNOPSIS" @@ -4862,9 +4862,9 @@ This is a boolean option that controls whether connections with usernames not in the \fIuser\fR list will be allowed. By default this option is disabled so that a client can supply a username to be used by the server. Enabling -this parameter will force the server to only user the login +this parameter will force the server to only use the login names from the \fIuser\fR list and is only really -useful in shave level +useful in share level security. Note that this also means Samba won't try to deduce diff --git a/docs/manpages/smbpasswd.8 b/docs/manpages/smbpasswd.8 index 98bd0610156..827b6b22ef5 100644 --- a/docs/manpages/smbpasswd.8 +++ b/docs/manpages/smbpasswd.8 @@ -3,7 +3,7 @@ .\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/> .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "SMBPASSWD" "8" "19 November 2002" "" "" +.TH "SMBPASSWD" "8" "01 February 2003" "" "" .SH NAME smbpasswd \- change a user's SMB password .SH SYNOPSIS @@ -54,6 +54,13 @@ the attributes of the user in this file to be made. When run by root, \fBsmbpasswd\fR accesses the local smbpasswd file directly, thus enabling changes to be made even if smbd is not running. +.PP +\fBsmbpasswd\fR can also be used to retrieve +the SIDs related to previous incarnations of this server on the +same machine, as well as set the SID of this domain. This is needed +in those cases when the admin changes the NetBIOS or DNS name of +the server without realizing that doing so will change the SID of +the server as well. See the -W and -X options below. .SH "OPTIONS" .TP \fB-L\fR @@ -155,6 +162,18 @@ different systems to change these passwords. The optional In particular, this parameter specifies the username used to create the machine account when invoked with -j .TP +\fB-W S-1-5-21-x-y-z\fR +This option forces the SID S-1-5-21-x-y-z to +be the server and domain SID for the current Samba server. It +does this by updating the appropriate keys in the secrets +file. +.TP +\fB-X server|domain\fR +This option allows the admin to retrieve the +SID associated with a former servername or domain name that +this Samba server might have used. It does this by retrieving +the appropriate entry from the secrets file. +.TP \fBNOTE:\fR \fBThe following options are available only when the smbpasswd command is run as root or in local mode.\fR diff --git a/docs/textdocs/UNIX_SECURITY.txt b/docs/textdocs/UNIX_SECURITY.txt index 84f8fad27fd..a979dc5a497 100644 --- a/docs/textdocs/UNIX_SECURITY.txt +++ b/docs/textdocs/UNIX_SECURITY.txt @@ -35,7 +35,7 @@ directory and do an ls, the UNIX security solution is to change the UNIX file permissions on the users home directories such that the cd and ls would be denied. -Samba tries very had not to second guess the UNIX administrators +Samba tries very hard not to second guess the UNIX administrators security policies, and trusts the UNIX admin to set the policies and permissions he or she desires. diff --git a/packaging/RedHat/makerpms.sh.tmpl b/packaging/RedHat/makerpms.sh.tmpl index 31e660d9450..9d71452db8e 100644 --- a/packaging/RedHat/makerpms.sh.tmpl +++ b/packaging/RedHat/makerpms.sh.tmpl @@ -12,9 +12,9 @@ # Note: Under this directory rpm expects to find the same directories that are under the # /usr/src/redhat directory # -if [ -x ~/.rpmmacros ]; then +if [ -r ~/.rpmmacros ]; then TOPDIR=`awk '/topdir/ {print $2}' < ~/.rpmmacros` - if [ z$TOPDIR <> "z" ]; then + if [ z$TOPDIR != "z" ]; then SPECDIR=${TOPDIR}/SPECS SRCDIR=${TOPDIR}/SOURCES fi diff --git a/packaging/RedHat/samba2.spec.tmpl b/packaging/RedHat/samba2.spec.tmpl index 75a7e0cac50..ed03730b55f 100644 --- a/packaging/RedHat/samba2.spec.tmpl +++ b/packaging/RedHat/samba2.spec.tmpl @@ -9,6 +9,7 @@ Packager: John H Terpstra [Samba-Team] <jht@samba.org> Requires: pam >= 0.72 kernel >= 2.2.1 glibc >= 2.1.2 Prereq: chkconfig fileutils Provides: samba = %{version} +BuildPreReq: libtool Obsoletes: samba-common, samba-client, samba-swat BuildRoot: /var/tmp/samba Prefix: /usr diff --git a/source/Makefile.in b/source/Makefile.in index 7339742957c..5d0c8726ddb 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -645,7 +645,7 @@ bin/smbwrapper.32.@SHLIBEXT@: $(PICOBJS32) bin/.dummy bin/libsmbclient.@SHLIBEXT@: $(LIBSMBCLIENT_PICOBJS) bin/.dummy @echo Linking libsmbclient shared library $@ - @$(SHLD) @LDSHFLAGS@ -o $@ $(LIBSMBCLIENT_PICOBJS) $(LIBS) \ + @$(SHLD) @LDSHFLAGS@ -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \ @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR) bin/libsmbclient.a: $(LIBSMBCLIENT_PICOBJS) bin/.dummy diff --git a/source/client/client.c b/source/client/client.c index fb537153610..529ecabad97 100644 --- a/source/client/client.c +++ b/source/client/client.c @@ -92,9 +92,9 @@ extern file_info def_finfo; /* timing globals */ off_t get_total_size = 0; -int get_total_time_ms = 0; +unsigned int get_total_time_ms = 0; off_t put_total_size = 0; -int put_total_time_ms = 0; +unsigned int put_total_time_ms = 0; /* totals globals */ static double dir_total; diff --git a/source/client/clitar.c b/source/client/clitar.c index 50a46c70007..c6f78715907 100644 --- a/source/client/clitar.c +++ b/source/client/clitar.c @@ -45,10 +45,10 @@ typedef struct file_info_struct file_info2; struct file_info_struct { - size_t size; + SMB_BIG_UINT size; uint16 mode; - int uid; - int gid; + uid_t uid; + gid_t gid; /* These times are normally kept in GMT */ time_t mtime; time_t atime; @@ -118,18 +118,18 @@ extern uint16 cnum; extern BOOL readbraw_supported; extern int max_xmit; extern pstring cur_dir; -extern int get_total_time_ms; -extern int get_total_size; +extern unsigned int get_total_time_ms; +extern off_t get_total_size; extern int Protocol; int blocksize=20; int tarhandle; -static void writetarheader(int f, char *aname, int size, time_t mtime, +static void writetarheader(int f, char *aname, SMB_BIG_UINT size, time_t mtime, char *amode, unsigned char ftype); static void do_atar(char *rname,char *lname,file_info *finfo1); static void do_tar(file_info *finfo); -static void oct_it(long value, int ndgs, char *p); +static void oct_it(SMB_BIG_UINT value, int ndgs, char *p); static void fixtarname(char *tptr, char *fp, int l); static int dotarbuf(int f, char *b, int n); static void dozerobuf(int f, int n); @@ -168,14 +168,14 @@ static char *string_create_s(int size) /**************************************************************************** Write a tar header to buffer ****************************************************************************/ -static void writetarheader(int f, char *aname, int size, time_t mtime, +static void writetarheader(int f, char *aname, SMB_BIG_UINT size, time_t mtime, char *amode, unsigned char ftype) { union hblock hb; int i, chk, l; char *jp; - DEBUG(5, ("WriteTarHdr, Type = %c, Size= %i, Name = %s\n", ftype, size, aname)); + DEBUG(5, ("WriteTarHdr, Type = %c, Size = %.0f, Name = %s\n", ftype, (double)size, aname)); memset(hb.dummy, 0, sizeof(hb.dummy)); @@ -207,17 +207,17 @@ static void writetarheader(int f, char *aname, int size, time_t mtime, hb.dbuf.name[NAMSIZ-1]='\0'; safe_strcpy(hb.dbuf.mode, amode, strlen(amode)); - oct_it(0L, 8, hb.dbuf.uid); - oct_it(0L, 8, hb.dbuf.gid); - oct_it((long) size, 13, hb.dbuf.size); - oct_it((long) mtime, 13, hb.dbuf.mtime); + oct_it((SMB_BIG_UINT)0, 8, hb.dbuf.uid); + oct_it((SMB_BIG_UINT)0, 8, hb.dbuf.gid); + oct_it((SMB_BIG_UINT) size, 13, hb.dbuf.size); + oct_it((SMB_BIG_UINT) mtime, 13, hb.dbuf.mtime); memcpy(hb.dbuf.chksum, " ", sizeof(hb.dbuf.chksum)); memset(hb.dbuf.linkname, 0, NAMSIZ); hb.dbuf.linkflag=ftype; for (chk=0, i=sizeof(hb.dummy), jp=hb.dummy; --i>=0;) chk+=(0xFF & *jp++); - oct_it((long) chk, 8, hb.dbuf.chksum); + oct_it((SMB_BIG_UINT) chk, 8, hb.dbuf.chksum); hb.dbuf.chksum[6] = '\0'; (void) dotarbuf(f, hb.dummy, sizeof(hb.dummy)); @@ -450,7 +450,7 @@ static void fixtarname(char *tptr, char *fp, int l) /**************************************************************************** Convert from decimal to octal string ****************************************************************************/ -static void oct_it (long value, int ndgs, char *p) +static void oct_it (SMB_BIG_UINT value, int ndgs, char *p) { /* Converts long to octal string, pads with leading zeros */ @@ -621,7 +621,7 @@ append one remote file to the tar file static void do_atar(char *rname,char *lname,file_info *finfo1) { int fnum; - uint32 nread=0; + SMB_BIG_UINT nread=0; char ftype; file_info2 finfo; BOOL close_done = False; @@ -643,6 +643,7 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) finfo.mtime = finfo1 -> mtime; finfo.atime = finfo1 -> atime; finfo.ctime = finfo1 -> ctime; + finfo.name = finfo1 -> name; } else { finfo.size = def_finfo.size; @@ -652,13 +653,14 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) finfo.mtime = def_finfo.mtime; finfo.atime = def_finfo.atime; finfo.ctime = def_finfo.ctime; + finfo.name = def_finfo.name; } if (dry_run) { - DEBUG(3,("skipping file %s of size %d bytes\n", + DEBUG(3,("skipping file %s of size %12.0f bytes\n", finfo.name, - (int)finfo.size)); + (double)finfo.size)); shallitime=0; ttarf+=finfo.size + TBLOCK - (finfo.size % TBLOCK); ntarf++; @@ -709,9 +711,9 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) } else { - DEBUG(3,("getting file %s of size %d bytes as a tar file %s", + DEBUG(3,("getting file %s of size %.0f bytes as a tar file %s", finfo.name, - (int)finfo.size, + (double)finfo.size, lname)); /* write a tar header, don't bother with mode - just set to 100644 */ @@ -719,7 +721,7 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) while (nread < finfo.size && !close_done) { - DEBUG(3,("nread=%d\n",nread)); + DEBUG(3,("nread=%.0f\n",(double)nread)); datalen = cli_read(cli, fnum, data, nread, read_size); @@ -736,7 +738,7 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) if (nread > finfo.size) { datalen -= nread - finfo.size; - DEBUG(0,("File size change - truncating %s to %d bytes\n", finfo.name, (int)finfo.size)); + DEBUG(0,("File size change - truncating %s to %.0f bytes\n", finfo.name, (double)finfo.size)); } /* add received bits of file to buffer - dotarbuf will @@ -756,7 +758,7 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) /* pad tar file with zero's if we couldn't get entire file */ if (nread < finfo.size) { - DEBUG(0, ("Didn't get entire file. size=%d, nread=%d\n", (int)finfo.size, (int)nread)); + DEBUG(0, ("Didn't get entire file. size=%.0f, nread=%.0f\n", (double)finfo.size, (double)nread)); if (padit(data, sizeof(data), finfo.size - nread)) DEBUG(0,("Error writing tar file - %s\n", strerror(errno))); } @@ -789,8 +791,8 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) if (tar_noisy) { - DEBUG(0, ("%10d (%7.1f kb/s) %s\n", - (int)finfo.size, finfo.size / MAX(0.001, (1.024*this_time)), + DEBUG(0, ("%12.0f (%7.1f kb/s) %s\n", + (double)finfo.size, finfo.size / MAX(0.001, (1.024*this_time)), finfo.name)); } @@ -1868,7 +1870,7 @@ int tar_parseargs(int argc, char *argv[], char *Optarg, int Optind) if (tar_type=='c' && (dry_run || strcmp(argv[Optind], "/dev/null")==0)) { if (!dry_run) { - DEBUG(0,("Output is /dev/null, assuming dry_run")); + DEBUG(0,("Output is /dev/null, assuming dry_run\n")); dry_run = True; } tarhandle=-1; diff --git a/source/configure b/source/configure index 339da49537f..fb8154b4aeb 100755 --- a/source/configure +++ b/source/configure @@ -12385,6 +12385,46 @@ done LDFLAGS="$old_LDFLAGS" with_smbpasswd_sam=no +echo $ac_n "checking whether ldap_set_rebind_proc takes 3 arguments""... $ac_c" 1>&6 +echo "configure:12390: checking whether ldap_set_rebind_proc takes 3 arguments" >&5 +if eval "test \"`echo '$''{'samba_cv_ldap_set_rebind_proc'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + +cat > conftest.$ac_ext <<EOF +#line 12396 "configure" +#include "confdefs.h" + +#include <lber.h> +#include <ldap.h> +int main() { +ldap_set_rebind_proc(0, 0, 0); +; return 0; } +EOF +if { (eval echo configure:12405: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + samba_cv_ldap_set_rebind_proc=3 +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + samba_cv_ldap_set_rebind_proc=2 +fi +rm -f conftest* +fi + +echo "$ac_t""$samba_cv_ldap_set_rebind_proc" 1>&6 +if test x"$samba_cv_ldap_set_rebind_proc" = x"3"; then + cat >> confdefs.h <<\EOF +#define LDAP_SET_REBIND_PROC_ARGS 3 +EOF + +else + cat >> confdefs.h <<\EOF +#define LDAP_SET_REBIND_PROC_ARGS 2 +EOF + +fi ;; *) echo "$ac_t""no" 1>&6 @@ -12396,10 +12436,11 @@ else fi + ################################################# # check for a NISPLUS password database echo $ac_n "checking whether to use NISPLUS SAM database""... $ac_c" 1>&6 -echo "configure:12403: checking whether to use NISPLUS SAM database" >&5 +echo "configure:12444: checking whether to use NISPLUS SAM database" >&5 # Check whether --with-nisplussam or --without-nisplussam was given. if test "${with_nisplussam+set}" = set; then withval="$with_nisplussam" @@ -12427,7 +12468,7 @@ fi # smbpasswd SAM is only used if another format # has not been defined echo $ac_n "checking whether to use traditional smbpasswd file""... $ac_c" 1>&6 -echo "configure:12431: checking whether to use traditional smbpasswd file" >&5 +echo "configure:12472: checking whether to use traditional smbpasswd file" >&5 if test $with_smbpasswd_sam = yes; then echo "$ac_t""yes" 1>&6 cat >> confdefs.h <<\EOF @@ -12449,7 +12490,7 @@ fi ################################################# # check for a NISPLUS_HOME support echo $ac_n "checking whether to use NISPLUS_HOME""... $ac_c" 1>&6 -echo "configure:12453: checking whether to use NISPLUS_HOME" >&5 +echo "configure:12494: checking whether to use NISPLUS_HOME" >&5 # Check whether --with-nisplus-home or --without-nisplus-home was given. if test "${with_nisplus_home+set}" = set; then withval="$with_nisplus_home" @@ -12474,7 +12515,7 @@ fi ################################################# # check for the secure socket layer echo $ac_n "checking whether to use SSL""... $ac_c" 1>&6 -echo "configure:12478: checking whether to use SSL" >&5 +echo "configure:12519: checking whether to use SSL" >&5 # Check whether --with-ssl or --without-ssl was given. if test "${with_ssl+set}" = set; then withval="$with_ssl" @@ -12548,7 +12589,7 @@ fi ################################################# # check for syslog logging echo $ac_n "checking whether to use syslog logging""... $ac_c" 1>&6 -echo "configure:12552: checking whether to use syslog logging" >&5 +echo "configure:12593: checking whether to use syslog logging" >&5 # Check whether --with-syslog or --without-syslog was given. if test "${with_syslog+set}" = set; then withval="$with_syslog" @@ -12573,7 +12614,7 @@ fi ################################################# # check for a shared memory profiling support echo $ac_n "checking whether to use profiling""... $ac_c" 1>&6 -echo "configure:12577: checking whether to use profiling" >&5 +echo "configure:12618: checking whether to use profiling" >&5 # Check whether --with-profiling-data or --without-profiling-data was given. if test "${with_profiling_data+set}" = set; then withval="$with_profiling_data" @@ -12601,7 +12642,7 @@ fi QUOTAOBJS=smbd/noquotas.o echo $ac_n "checking whether to support disk-quotas""... $ac_c" 1>&6 -echo "configure:12605: checking whether to support disk-quotas" >&5 +echo "configure:12646: checking whether to support disk-quotas" >&5 # Check whether --with-quotas or --without-quotas was given. if test "${with_quotas+set}" = set; then withval="$with_quotas" @@ -12625,7 +12666,7 @@ fi # check for experimental utmp accounting echo $ac_n "checking whether to support utmp accounting""... $ac_c" 1>&6 -echo "configure:12629: checking whether to support utmp accounting" >&5 +echo "configure:12670: checking whether to support utmp accounting" >&5 # Check whether --with-utmp or --without-utmp was given. if test "${with_utmp+set}" = set; then withval="$with_utmp" @@ -12651,7 +12692,7 @@ fi # check for MS Dfs support echo $ac_n "checking whether to support Microsoft Dfs""... $ac_c" 1>&6 -echo "configure:12655: checking whether to support Microsoft Dfs" >&5 +echo "configure:12696: checking whether to support Microsoft Dfs" >&5 # Check whether --with-msdfs or --without-msdfs was given. if test "${with_msdfs+set}" = set; then withval="$with_msdfs" @@ -12679,7 +12720,7 @@ fi LIBSMBCLIENT_SHARED= LIBSMBCLIENT= echo $ac_n "checking whether to build the libsmbclient shared library""... $ac_c" 1>&6 -echo "configure:12683: checking whether to build the libsmbclient shared library" >&5 +echo "configure:12724: checking whether to build the libsmbclient shared library" >&5 # Check whether --with-libsmbclient or --without-libsmbclient was given. if test "${with_libsmbclient+set}" = set; then withval="$with_libsmbclient" @@ -12706,14 +12747,14 @@ fi ################################################# # these tests are taken from the GNU fileutils package echo "checking how to get filesystem space usage" 1>&6 -echo "configure:12710: checking how to get filesystem space usage" >&5 +echo "configure:12751: checking how to get filesystem space usage" >&5 space=no # Test for statvfs64. if test $space = no; then # SVR4 echo $ac_n "checking statvfs64 function (SVR4)""... $ac_c" 1>&6 -echo "configure:12717: checking statvfs64 function (SVR4)" >&5 +echo "configure:12758: checking statvfs64 function (SVR4)" >&5 if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs64'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12721,7 +12762,7 @@ else fu_cv_sys_stat_statvfs64=cross else cat > conftest.$ac_ext <<EOF -#line 12725 "configure" +#line 12766 "configure" #include "confdefs.h" #if defined(HAVE_UNISTD_H) @@ -12735,7 +12776,7 @@ else exit (statvfs64 (".", &fsd)); } EOF -if { (eval echo configure:12739: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:12780: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then fu_cv_sys_stat_statvfs64=yes else @@ -12768,12 +12809,12 @@ fi if test $space = no; then # SVR4 echo $ac_n "checking statvfs function (SVR4)""... $ac_c" 1>&6 -echo "configure:12772: checking statvfs function (SVR4)" >&5 +echo "configure:12813: checking statvfs function (SVR4)" >&5 if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 12777 "configure" +#line 12818 "configure" #include "confdefs.h" #include <sys/types.h> #include <sys/statvfs.h> @@ -12781,7 +12822,7 @@ int main() { struct statvfs fsd; statvfs (0, &fsd); ; return 0; } EOF -if { (eval echo configure:12785: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12826: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* fu_cv_sys_stat_statvfs=yes else @@ -12806,7 +12847,7 @@ fi if test $space = no; then # DEC Alpha running OSF/1 echo $ac_n "checking for 3-argument statfs function (DEC OSF/1)""... $ac_c" 1>&6 -echo "configure:12810: checking for 3-argument statfs function (DEC OSF/1)" >&5 +echo "configure:12851: checking for 3-argument statfs function (DEC OSF/1)" >&5 if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs3_osf1'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12814,7 +12855,7 @@ else fu_cv_sys_stat_statfs3_osf1=no else cat > conftest.$ac_ext <<EOF -#line 12818 "configure" +#line 12859 "configure" #include "confdefs.h" #include <sys/param.h> @@ -12827,7 +12868,7 @@ else exit (statfs (".", &fsd, sizeof (struct statfs))); } EOF -if { (eval echo configure:12831: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:12872: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then fu_cv_sys_stat_statfs3_osf1=yes else @@ -12854,7 +12895,7 @@ fi if test $space = no; then # AIX echo $ac_n "checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)""... $ac_c" 1>&6 -echo "configure:12858: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5 +echo "configure:12899: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5 if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_bsize'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12862,7 +12903,7 @@ else fu_cv_sys_stat_statfs2_bsize=no else cat > conftest.$ac_ext <<EOF -#line 12866 "configure" +#line 12907 "configure" #include "confdefs.h" #ifdef HAVE_SYS_PARAM_H @@ -12881,7 +12922,7 @@ else exit (statfs (".", &fsd)); } EOF -if { (eval echo configure:12885: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:12926: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then fu_cv_sys_stat_statfs2_bsize=yes else @@ -12908,7 +12949,7 @@ fi if test $space = no; then # SVR3 echo $ac_n "checking for four-argument statfs (AIX-3.2.5, SVR3)""... $ac_c" 1>&6 -echo "configure:12912: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5 +echo "configure:12953: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5 if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs4'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12916,7 +12957,7 @@ else fu_cv_sys_stat_statfs4=no else cat > conftest.$ac_ext <<EOF -#line 12920 "configure" +#line 12961 "configure" #include "confdefs.h" #include <sys/types.h> #include <sys/statfs.h> @@ -12926,7 +12967,7 @@ else exit (statfs (".", &fsd, sizeof fsd, 0)); } EOF -if { (eval echo configure:12930: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:12971: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then fu_cv_sys_stat_statfs4=yes else @@ -12953,7 +12994,7 @@ fi if test $space = no; then # 4.4BSD and NetBSD echo $ac_n "checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)""... $ac_c" 1>&6 -echo "configure:12957: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5 +echo "configure:12998: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5 if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_fsize'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12961,7 +13002,7 @@ else fu_cv_sys_stat_statfs2_fsize=no else cat > conftest.$ac_ext <<EOF -#line 12965 "configure" +#line 13006 "configure" #include "confdefs.h" #include <sys/types.h> #ifdef HAVE_SYS_PARAM_H @@ -12977,7 +13018,7 @@ else exit (statfs (".", &fsd)); } EOF -if { (eval echo configure:12981: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13022: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then fu_cv_sys_stat_statfs2_fsize=yes else @@ -13004,7 +13045,7 @@ fi if test $space = no; then # Ultrix echo $ac_n "checking for two-argument statfs with struct fs_data (Ultrix)""... $ac_c" 1>&6 -echo "configure:13008: checking for two-argument statfs with struct fs_data (Ultrix)" >&5 +echo "configure:13049: checking for two-argument statfs with struct fs_data (Ultrix)" >&5 if eval "test \"`echo '$''{'fu_cv_sys_stat_fs_data'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -13012,7 +13053,7 @@ else fu_cv_sys_stat_fs_data=no else cat > conftest.$ac_ext <<EOF -#line 13016 "configure" +#line 13057 "configure" #include "confdefs.h" #include <sys/types.h> #ifdef HAVE_SYS_PARAM_H @@ -13032,7 +13073,7 @@ else exit (statfs (".", &fsd) != 1); } EOF -if { (eval echo configure:13036: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13077: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then fu_cv_sys_stat_fs_data=yes else @@ -13065,9 +13106,9 @@ fi # file support. # echo $ac_n "checking if large file support can be enabled""... $ac_c" 1>&6 -echo "configure:13069: checking if large file support can be enabled" >&5 +echo "configure:13110: checking if large file support can be enabled" >&5 cat > conftest.$ac_ext <<EOF -#line 13071 "configure" +#line 13112 "configure" #include "confdefs.h" #if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8))) @@ -13080,7 +13121,7 @@ int main() { int i ; return 0; } EOF -if { (eval echo configure:13084: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13125: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* samba_cv_HAVE_EXPLICIT_LARGEFILE_SUPPORT=yes else @@ -13147,7 +13188,7 @@ fi # check for ACL support echo $ac_n "checking whether to support ACLs""... $ac_c" 1>&6 -echo "configure:13151: checking whether to support ACLs" >&5 +echo "configure:13192: checking whether to support ACLs" >&5 # Check whether --with-acl-support or --without-acl-support was given. if test "${with_acl_support+set}" = set; then withval="$with_acl_support" @@ -13200,7 +13241,7 @@ EOF ;; *) echo $ac_n "checking for acl_get_file in -lacl""... $ac_c" 1>&6 -echo "configure:13204: checking for acl_get_file in -lacl" >&5 +echo "configure:13245: checking for acl_get_file in -lacl" >&5 ac_lib_var=`echo acl'_'acl_get_file | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -13208,7 +13249,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lacl $LIBS" cat > conftest.$ac_ext <<EOF -#line 13212 "configure" +#line 13253 "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 @@ -13219,7 +13260,7 @@ int main() { acl_get_file() ; return 0; } EOF -if { (eval echo configure:13223: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13264: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13247,13 +13288,13 @@ else fi echo $ac_n "checking for ACL support""... $ac_c" 1>&6 -echo "configure:13251: checking for ACL support" >&5 +echo "configure:13292: checking for ACL support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_POSIX_ACLS'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13257 "configure" +#line 13298 "configure" #include "confdefs.h" #include <sys/types.h> #include <sys/acl.h> @@ -13261,7 +13302,7 @@ int main() { acl_t acl; int entry_id; acl_entry_t *entry_p; return acl_get_entry( acl, entry_id, entry_p); ; return 0; } EOF -if { (eval echo configure:13265: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13306: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_POSIX_ACLS=yes else @@ -13281,13 +13322,13 @@ echo "$ac_t""$samba_cv_HAVE_POSIX_ACLS" 1>&6 EOF echo $ac_n "checking for acl_get_perm_np""... $ac_c" 1>&6 -echo "configure:13285: checking for acl_get_perm_np" >&5 +echo "configure:13326: checking for acl_get_perm_np" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_ACL_GET_PERM_NP'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13291 "configure" +#line 13332 "configure" #include "confdefs.h" #include <sys/types.h> #include <sys/acl.h> @@ -13295,7 +13336,7 @@ int main() { acl_permset_t permset_d; acl_perm_t perm; return acl_get_perm_np( permset_d, perm); ; return 0; } EOF -if { (eval echo configure:13299: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13340: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_ACL_GET_PERM_NP=yes else @@ -13348,7 +13389,7 @@ fi # check for sendfile support echo $ac_n "checking whether to check for support sendfile""... $ac_c" 1>&6 -echo "configure:13352: checking whether to check for support sendfile" >&5 +echo "configure:13393: checking whether to check for support sendfile" >&5 # Check whether --with-sendfile-support or --without-sendfile-support was given. if test "${with_sendfile_support+set}" = set; then withval="$with_sendfile_support" @@ -13360,13 +13401,13 @@ if test "${with_sendfile_support+set}" = set; then case "$host_os" in *linux*) echo $ac_n "checking for linux sendfile64 support""... $ac_c" 1>&6 -echo "configure:13364: checking for linux sendfile64 support" >&5 +echo "configure:13405: checking for linux sendfile64 support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_SENDFILE64'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13370 "configure" +#line 13411 "configure" #include "confdefs.h" #include <sys/sendfile.h> int main() { @@ -13378,7 +13419,7 @@ ssize_t nwritten = sendfile64(tofd, fromfd, &offset, total); ; return 0; } EOF -if { (eval echo configure:13382: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13423: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_SENDFILE64=yes else @@ -13393,13 +13434,13 @@ fi echo "$ac_t""$samba_cv_HAVE_SENDFILE64" 1>&6 echo $ac_n "checking for linux sendfile support""... $ac_c" 1>&6 -echo "configure:13397: checking for linux sendfile support" >&5 +echo "configure:13438: checking for linux sendfile support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_SENDFILE'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13403 "configure" +#line 13444 "configure" #include "confdefs.h" #include <sys/sendfile.h> int main() { @@ -13411,7 +13452,7 @@ ssize_t nwritten = sendfile(tofd, fromfd, &offset, total); ; return 0; } EOF -if { (eval echo configure:13415: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13456: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_SENDFILE=yes else @@ -13427,13 +13468,13 @@ echo "$ac_t""$samba_cv_HAVE_SENDFILE" 1>&6 # Try and cope with broken Linux sendfile.... echo $ac_n "checking for broken linux sendfile support""... $ac_c" 1>&6 -echo "configure:13431: checking for broken linux sendfile support" >&5 +echo "configure:13472: checking for broken linux sendfile support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_BROKEN_LINUX_SENDFILE'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13437 "configure" +#line 13478 "configure" #include "confdefs.h" \ #if defined(_FILE_OFFSET_BITS) && (_FILE_OFFSET_BITS == 64) @@ -13449,7 +13490,7 @@ ssize_t nwritten = sendfile(tofd, fromfd, &offset, total); ; return 0; } EOF -if { (eval echo configure:13453: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13494: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_BROKEN_LINUX_SENDFILE=yes else @@ -13505,13 +13546,13 @@ EOF ;; *freebsd*) echo $ac_n "checking for freebsd sendfile support""... $ac_c" 1>&6 -echo "configure:13509: checking for freebsd sendfile support" >&5 +echo "configure:13550: checking for freebsd sendfile support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_SENDFILE'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13515 "configure" +#line 13556 "configure" #include "confdefs.h" \ #include <sys/types.h> @@ -13539,7 +13580,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:13543: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13584: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_SENDFILE=yes else @@ -13573,13 +13614,13 @@ EOF *hpux*) echo $ac_n "checking for hpux sendfile64 support""... $ac_c" 1>&6 -echo "configure:13577: checking for hpux sendfile64 support" >&5 +echo "configure:13618: checking for hpux sendfile64 support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_SENDFILE64'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13583 "configure" +#line 13624 "configure" #include "confdefs.h" \ #include <sys/socket.h> @@ -13599,7 +13640,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:13603: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13644: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_SENDFILE64=yes else @@ -13630,13 +13671,13 @@ EOF fi echo $ac_n "checking for hpux sendfile support""... $ac_c" 1>&6 -echo "configure:13634: checking for hpux sendfile support" >&5 +echo "configure:13675: checking for hpux sendfile support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_SENDFILE'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13640 "configure" +#line 13681 "configure" #include "confdefs.h" \ #include <sys/socket.h> @@ -13656,7 +13697,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:13660: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13701: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_SENDFILE=yes else @@ -13690,13 +13731,13 @@ EOF *solaris*) LIBS="$LIBS -lsendfile" echo $ac_n "checking for solaris sendfilev64 support""... $ac_c" 1>&6 -echo "configure:13694: checking for solaris sendfilev64 support" >&5 +echo "configure:13735: checking for solaris sendfilev64 support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_SENDFILEV64'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13700 "configure" +#line 13741 "configure" #include "confdefs.h" \ #include <sys/sendfile.h> @@ -13723,7 +13764,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:13727: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13768: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_SENDFILEV64=yes else @@ -13755,13 +13796,13 @@ EOF fi echo $ac_n "checking for solaris sendfilev support""... $ac_c" 1>&6 -echo "configure:13759: checking for solaris sendfilev support" >&5 +echo "configure:13800: checking for solaris sendfilev support" >&5 if eval "test \"`echo '$''{'samba_cv_HAVE_SENDFILEV'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 13765 "configure" +#line 13806 "configure" #include "confdefs.h" \ #include <sys/sendfile.h> @@ -13788,7 +13829,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:13792: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13833: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* samba_cv_HAVE_SENDFILEV=yes else @@ -13840,7 +13881,7 @@ fi # (WINBIND_STARGETS) and shared libraries (WINBIND_LTARGETS). echo $ac_n "checking whether to build winbind""... $ac_c" 1>&6 -echo "configure:13844: checking whether to build winbind" >&5 +echo "configure:13885: checking whether to build winbind" >&5 # Initially, the value of $host_os decides whether winbind is supported @@ -13900,7 +13941,7 @@ if test x"$HAVE_WINBIND" = x"yes"; then echo "$ac_t""yes" 1>&6 echo $ac_n "checking whether to enable winbind auth challenge/response code""... $ac_c" 1>&6 -echo "configure:13904: checking whether to enable winbind auth challenge/response code" >&5 +echo "configure:13945: checking whether to enable winbind auth challenge/response code" >&5 # Check whether --with-winbind-auth-challenge or --without-winbind-auth-challenge was given. if test "${with_winbind_auth_challenge+set}" = set; then withval="$with_winbind_auth_challenge" @@ -13946,7 +13987,7 @@ fi # Check for Horrible winbindd ldap hack. echo $ac_n "checking whether to enable winbind ldap hack""... $ac_c" 1>&6 -echo "configure:13950: checking whether to enable winbind ldap hack" >&5 +echo "configure:13991: checking whether to enable winbind ldap hack" >&5 # Check whether --with-winbind-ldap-hack or --without-winbind-ldap-hack was given. if test "${with_winbind_ldap_hack+set}" = set; then withval="$with_winbind_ldap_hack" @@ -13984,7 +14025,7 @@ fi # It returns EGID too many times in the list of groups # and causes a security problem echo $ac_n "checking whether or not getgroups returns EGID too many times""... $ac_c" 1>&6 -echo "configure:13988: checking whether or not getgroups returns EGID too many times" >&5 +echo "configure:14029: checking whether or not getgroups returns EGID too many times" >&5 if eval "test \"`echo '$''{'samba_cv_have_getgroups_too_many_egids'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -13992,7 +14033,7 @@ else samba_cv_have_getgroups_too_many_egids=cross else cat > conftest.$ac_ext <<EOF -#line 13996 "configure" +#line 14037 "configure" #include "confdefs.h" #include <sys/types.h> @@ -14008,7 +14049,7 @@ int main(int argc, char *argv[]) exit((n > 1 && groups[0] == getegid() && groups[1] == getegid()) ? 1 : 0); } EOF -if { (eval echo configure:14012: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:14053: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then samba_cv_have_getgroups_too_many_egids=no else @@ -14049,20 +14090,20 @@ fi # [#include <pwd.h>]) echo $ac_n "checking whether struct passwd has pw_comment""... $ac_c" 1>&6 -echo "configure:14053: checking whether struct passwd has pw_comment" >&5 +echo "configure:14094: checking whether struct passwd has pw_comment" >&5 if eval "test \"`echo '$''{'samba_cv_passwd_pw_comment'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 14059 "configure" +#line 14100 "configure" #include "confdefs.h" #include <pwd.h> int main() { struct passwd p; p.pw_comment; ; return 0; } EOF -if { (eval echo configure:14066: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14107: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* samba_cv_passwd_pw_comment=yes else @@ -14087,20 +14128,20 @@ fi # [#include <pwd.h>]) echo $ac_n "checking whether struct passwd has pw_age""... $ac_c" 1>&6 -echo "configure:14091: checking whether struct passwd has pw_age" >&5 +echo "configure:14132: checking whether struct passwd has pw_age" >&5 if eval "test \"`echo '$''{'samba_cv_passwd_pw_age'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <<EOF -#line 14097 "configure" +#line 14138 "configure" #include "confdefs.h" #include <pwd.h> int main() { struct passwd p; p.pw_age; ; return 0; } EOF -if { (eval echo configure:14104: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14145: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* samba_cv_passwd_pw_age=yes else @@ -14139,7 +14180,7 @@ fi if test x"$INCLUDED_POPT" != x"yes"; then echo $ac_n "checking for poptGetContext in -lpopt""... $ac_c" 1>&6 -echo "configure:14143: checking for poptGetContext in -lpopt" >&5 +echo "configure:14184: checking for poptGetContext in -lpopt" >&5 ac_lib_var=`echo popt'_'poptGetContext | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -14147,7 +14188,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lpopt $LIBS" cat > conftest.$ac_ext <<EOF -#line 14151 "configure" +#line 14192 "configure" #include "confdefs.h" /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 @@ -14158,7 +14199,7 @@ int main() { poptGetContext() ; return 0; } EOF -if { (eval echo configure:14162: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14203: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -14182,7 +14223,7 @@ fi fi echo $ac_n "checking whether to use included popt""... $ac_c" 1>&6 -echo "configure:14186: checking whether to use included popt" >&5 +echo "configure:14227: checking whether to use included popt" >&5 if test x"$INCLUDED_POPT" = x"yes"; then echo "$ac_t""$srcdir/popt" 1>&6 BUILD_POPT='$(POPT_OBJS)' @@ -14197,16 +14238,16 @@ fi ################################################# # final configure stuff echo $ac_n "checking configure summary""... $ac_c" 1>&6 -echo "configure:14201: checking configure summary" >&5 +echo "configure:14242: checking configure summary" >&5 if test "$cross_compiling" = yes; then echo "configure: warning: cannot run when cross-compiling" 1>&2 else cat > conftest.$ac_ext <<EOF -#line 14206 "configure" +#line 14247 "configure" #include "confdefs.h" #include "${srcdir-.}/tests/summary.c" EOF -if { (eval echo configure:14210: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:14251: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then echo "$ac_t""yes" 1>&6 else diff --git a/source/configure.developer b/source/configure.developer index c3856889ea1..fbd7c99533f 100755 --- a/source/configure.developer +++ b/source/configure.developer @@ -1,4 +1,4 @@ #!/bin/sh -CFLAGS="-g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -DDEBUG_PASSWORD -DDEVELOPER" +CFLAGS="$CFLAGS -g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -DDEBUG_PASSWORD -DDEVELOPER" export CFLAGS `dirname $0`/configure $* diff --git a/source/configure.in b/source/configure.in index 093f7eee798..be17446f699 100644 --- a/source/configure.in +++ b/source/configure.in @@ -2114,6 +2114,15 @@ AC_ARG_WITH(ldapsam, LDFLAGS="$old_LDFLAGS" with_smbpasswd_sam=no AC_SUBST(LDAPLIBS) +AC_CACHE_CHECK(whether ldap_set_rebind_proc takes 3 arguments, samba_cv_ldap_set_rebind_proc, [ +AC_TRY_COMPILE([ +#include <lber.h> +#include <ldap.h>], [ldap_set_rebind_proc(0, 0, 0);], [samba_cv_ldap_set_rebind_proc=3], [samba_cv_ldap_set_rebind_proc=2]) ]) +if test x"$samba_cv_ldap_set_rebind_proc" = x"3"; then + AC_DEFINE(LDAP_SET_REBIND_PROC_ARGS,3) +else + AC_DEFINE(LDAP_SET_REBIND_PROC_ARGS,2) +fi ;; *) AC_MSG_RESULT(no) @@ -2122,6 +2131,7 @@ AC_ARG_WITH(ldapsam, AC_MSG_RESULT(no) ) + ################################################# # check for a NISPLUS password database AC_MSG_CHECKING(whether to use NISPLUS SAM database) diff --git a/source/include/config.h.in b/source/include/config.h.in index b632d8bb5a7..4bf432a0fc3 100644 --- a/source/include/config.h.in +++ b/source/include/config.h.in @@ -231,6 +231,7 @@ #undef MMAP_BLACKLIST #undef HAVE_CUPS #undef WITH_LDAP_SAM +#undef LDAP_SET_REBIND_PROC_ARGS #undef WITH_NISPLUS_SAM #undef WITH_SMBPASSWD_SAM #undef WITH_TDB_SAM diff --git a/source/include/proto.h b/source/include/proto.h index 7cd0088a520..020e2eba28e 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -525,10 +525,13 @@ NTSTATUS cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, NTSTATUS cli_samr_query_dom_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, uint16 switch_value, SAM_UNK_CTR *ctr); +void get_query_dispinfo_params(int loop_count, uint32 *max_entries, + uint32 *max_size); NTSTATUS cli_samr_query_dispinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, uint32 *start_idx, uint16 switch_value, uint32 *num_entries, - uint32 max_entries, SAM_DISPINFO_CTR *ctr); + uint32 max_entries, uint32 max_size, + SAM_DISPINFO_CTR *ctr); NTSTATUS cli_samr_lookup_rids(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, uint32 flags, uint32 num_rids, uint32 *rids, @@ -3158,7 +3161,7 @@ BOOL samr_io_r_enum_dom_users(char *desc, SAMR_R_ENUM_DOM_USERS * r_u, prs_struct *ps, int depth); void init_samr_q_query_dispinfo(SAMR_Q_QUERY_DISPINFO * q_e, POLICY_HND *pol, uint16 switch_level, uint32 start_idx, - uint32 max_entries); + uint32 max_entries, uint32 max_size); BOOL samr_io_q_query_dispinfo(char *desc, SAMR_Q_QUERY_DISPINFO * q_e, prs_struct *ps, int depth); NTSTATUS init_sam_dispinfo_1(TALLOC_CTX *ctx, SAM_DISPINFO_1 *sam, uint32 num_entries, @@ -4544,7 +4547,7 @@ files_struct *open_file_fchmod(connection_struct *conn, const char *fname, SMB_S int close_file_fchmod(files_struct *fsp); files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf, uint32 desired_access, int share_mode, int smb_ofun, mode_t unixmode, int *action); -BOOL check_file_sharing(connection_struct *conn,char *fname, BOOL rename_op); +files_struct *open_file_stat(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf); /* The following definitions come from smbd/oplock.c */ @@ -4557,7 +4560,7 @@ BOOL remove_oplock(files_struct *fsp, BOOL break_to_none); int setup_oplock_select_set( fd_set *fds); BOOL process_local_message(char *buffer, int buf_size); BOOL oplock_break_level2(files_struct *fsp, BOOL local_request, int token); -BOOL request_oplock_break(share_mode_entry *share_entry); +BOOL request_oplock_break(share_mode_entry *share_entry, BOOL async); BOOL attempt_close_oplocked_file(files_struct *fsp); void release_level_2_oplocks_on_change(files_struct *fsp); BOOL init_oplocks(void); @@ -4726,6 +4729,7 @@ void init_sec_ctx(void); int smbd_server_fd(void); void smbd_set_server_fd(int fd); BOOL reload_services(BOOL test); +int32 increment_smbd_process_count(void); void exit_server(char *reason); /* The following definitions come from smbd/service.c */ diff --git a/source/include/smb.h b/source/include/smb.h index 49b6048e7cc..7a239823da1 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -423,6 +423,7 @@ typedef struct files_struct BOOL print_file; BOOL modified; BOOL is_directory; + BOOL is_stat; BOOL directory_delete_on_close; char *fsp_name; } files_struct; @@ -1501,15 +1502,17 @@ extern int chain_size; * +----+--------+-------+--------+---------+ */ -#define OPLOCK_BREAK_CMD 0x1 #define OPLOCK_BREAK_PID_OFFSET 2 #define OPLOCK_BREAK_DEV_OFFSET (OPLOCK_BREAK_PID_OFFSET + sizeof(pid_t)) #define OPLOCK_BREAK_INODE_OFFSET (OPLOCK_BREAK_DEV_OFFSET + sizeof(SMB_DEV_T)) #define OPLOCK_BREAK_FILEID_OFFSET (OPLOCK_BREAK_INODE_OFFSET + sizeof(SMB_INO_T)) #define OPLOCK_BREAK_MSG_LEN (OPLOCK_BREAK_FILEID_OFFSET + sizeof(unsigned long)) +/* Message types */ +#define OPLOCK_BREAK_CMD 0x1 #define KERNEL_OPLOCK_BREAK_CMD 0x2 #define LEVEL_II_OPLOCK_BREAK_CMD 0x3 +#define ASYNC_LEVEL_II_OPLOCK_BREAK_CMD 0x4 /* * Capabilities abstracted for different systems. diff --git a/source/include/version.h b/source/include/version.h index ca3544de529..7f57416ccd3 100644 --- a/source/include/version.h +++ b/source/include/version.h @@ -1 +1 @@ -#define VERSION "2.2.7a" +#define VERSION "2.2.8pre1" diff --git a/source/lib/snprintf.c b/source/lib/snprintf.c index ebb8bf74c77..2f738cdbba2 100644 --- a/source/lib/snprintf.c +++ b/source/lib/snprintf.c @@ -341,6 +341,7 @@ static size_t dopr(char *buffer, size_t maxlen, const char *format, va_list args fvalue = va_arg (args, LDOUBLE); else fvalue = va_arg (args, double); + fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags); break; case 'G': flags |= DP_F_UP; @@ -349,6 +350,7 @@ static size_t dopr(char *buffer, size_t maxlen, const char *format, va_list args fvalue = va_arg (args, LDOUBLE); else fvalue = va_arg (args, double); + fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags); break; case 'c': dopr_outch (buffer, &currlen, maxlen, va_arg (args, int)); diff --git a/source/lib/util.c b/source/lib/util.c index b6266cb9257..daaa480a462 100644 --- a/source/lib/util.c +++ b/source/lib/util.c @@ -1284,11 +1284,15 @@ routine to free a namearray. void free_namearray(name_compare_entry *name_array) { - if(name_array == NULL) - return; + int i; + + if(name_array == NULL) + return; + + for(i=0; name_array[i].name!=NULL; i++) + SAFE_FREE(name_array[i].name); - SAFE_FREE(name_array->name); - SAFE_FREE(name_array); + SAFE_FREE(name_array); } /**************************************************************************** @@ -2123,7 +2127,6 @@ void data_blob_free(DATA_BLOB *d) if (d->free) { (d->free)(d); } - ZERO_STRUCTP(d); } } diff --git a/source/libsmb/cli_samr.c b/source/libsmb/cli_samr.c index fbcc650b010..1f14da4206c 100644 --- a/source/libsmb/cli_samr.c +++ b/source/libsmb/cli_samr.c @@ -817,12 +817,45 @@ NTSTATUS cli_samr_query_dom_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, return result; } +/* This function returns the bizzare set of (max_entries, max_size) required + for the QueryDisplayInfo RPC to actually work against a domain controller + with large (10k and higher) numbers of users. These values were + obtained by inspection using ethereal and NT4 running User Manager. */ + +void get_query_dispinfo_params(int loop_count, uint32 *max_entries, + uint32 *max_size) +{ + switch(loop_count) { + case 0: + *max_entries = 512; + *max_size = 16383; + break; + case 1: + *max_entries = 1024; + *max_size = 32766; + break; + case 2: + *max_entries = 2048; + *max_size = 65532; + break; + case 3: + *max_entries = 4096; + *max_size = 131064; + break; + default: /* loop_count >= 4 */ + *max_entries = 4096; + *max_size = 131071; + break; + } +} + /* Query display info */ NTSTATUS cli_samr_query_dispinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, uint32 *start_idx, uint16 switch_value, uint32 *num_entries, - uint32 max_entries, SAM_DISPINFO_CTR *ctr) + uint32 max_entries, uint32 max_size, + SAM_DISPINFO_CTR *ctr) { prs_struct qbuf, rbuf; SAMR_Q_QUERY_DISPINFO q; @@ -840,10 +873,17 @@ NTSTATUS cli_samr_query_dispinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* Marshall data and send request */ init_samr_q_query_dispinfo(&q, domain_pol, switch_value, - *start_idx, max_entries); + *start_idx, max_entries, max_size); + + /* XXX: Some level 0 debugs to try and identify the cause of cr1168 */ + + if (!samr_io_q_query_dispinfo("", &q, &qbuf, 0)) { + DEBUG(0, ("cli_samr_query_dispinfo: samr_io_q_query_dispinfo failed!\n")); + goto done; + } - if (!samr_io_q_query_dispinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, SAMR_QUERY_DISPINFO, &qbuf, &rbuf)) { + if (!rpc_api_pipe_req(cli, SAMR_QUERY_DISPINFO, &qbuf, &rbuf)) { + DEBUG(0, ("cli_samr_query_dispinfo: rpc_api_pipe_req failed!\n")); goto done; } @@ -852,6 +892,7 @@ NTSTATUS cli_samr_query_dispinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, r.ctr = ctr; if (!samr_io_r_query_dispinfo("", &r, &rbuf, 0)) { + DEBUG(0, ("cli_samr_query_dispinfo: samr_io_r_query_dispinfo failed!\n")); goto done; } diff --git a/source/libsmb/clireadwrite.c b/source/libsmb/clireadwrite.c index ca0b1bb2d51..9e3e2bf2c2a 100644 --- a/source/libsmb/clireadwrite.c +++ b/source/libsmb/clireadwrite.c @@ -30,10 +30,15 @@ Issue a single SMBread and don't wait for a reply. static BOOL cli_issue_read(struct cli_state *cli, int fnum, off_t offset, size_t size, int i) { + BOOL bigoffset = False; + memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,10,0,True); + if ((SMB_BIG_UINT)offset >> 32) + bigoffset = True; + + set_message(cli->outbuf,bigoffset ? 12 : 10,0,True); SCVAL(cli->outbuf,smb_com,SMBreadX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -46,6 +51,16 @@ static BOOL cli_issue_read(struct cli_state *cli, int fnum, off_t offset, SSVAL(cli->outbuf,smb_vwv6,size); SSVAL(cli->outbuf,smb_mid,cli->mid + i); +#ifdef SMB_LARGE_OFF_T + /* + * We only want to do the following if we understand large offsets + * otherwise the compiler is likely to get upset with us + */ + if (bigoffset) + SIVAL(cli->outbuf,smb_vwv10,(offset>>32) & 0xffffffff); + +#endif /* SMB_LARGE_OFF_T */ + return cli_send_smb(cli); } @@ -223,6 +238,7 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset, uint1 size_t size, int i) { char *p; + BOOL bigoffset = False; if (size > cli->bufsize) { cli->outbuf = realloc(cli->outbuf, size + 1024); @@ -235,7 +251,10 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset, uint1 memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - if (size > 0xFFFF) + if ((SMB_BIG_UINT)offset >> 32) + bigoffset = True; + + if (bigoffset) set_message(cli->outbuf,14,0,True); else set_message(cli->outbuf,12,0,True); @@ -248,15 +267,27 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset, uint1 SSVAL(cli->outbuf,smb_vwv2,fnum); SIVAL(cli->outbuf,smb_vwv3,offset); - SIVAL(cli->outbuf,smb_vwv5,(mode & 0x0008) ? 0xFFFFFFFF : 0); + SIVAL(cli->outbuf,smb_vwv5,0); SSVAL(cli->outbuf,smb_vwv7,mode); + /* + * THe following is still wrong ... + */ SSVAL(cli->outbuf,smb_vwv8,(mode & 0x0008) ? size : 0); SSVAL(cli->outbuf,smb_vwv9,((size>>16)&1)); SSVAL(cli->outbuf,smb_vwv10,size); SSVAL(cli->outbuf,smb_vwv11, smb_buf(cli->outbuf) - smb_base(cli->outbuf)); - + +#ifdef SMB_LARGE_OFF_T + /* + * We only want to do the following if we understand large offsets + * otherwise the compiler is likely to get upset with us + */ + if (bigoffset) + SIVAL(cli->outbuf,smb_vwv12,(offset>>32) & 0xffffffff); +#endif /* SMB_LARGE_OFF_T */ + p = smb_base(cli->outbuf) + SVAL(cli->outbuf,smb_vwv11); memcpy(p, buf, size); cli_setup_bcc(cli, p+size); diff --git a/source/nmbd/nmbd_namequery.c b/source/nmbd/nmbd_namequery.c index 945058d2b2b..5c2490e26ee 100644 --- a/source/nmbd/nmbd_namequery.c +++ b/source/nmbd/nmbd_namequery.c @@ -82,6 +82,14 @@ static void query_name_response( struct subnet_record *subrec, } else { + if (!nmb->answers) + { + dbgtext( "query_name_response: On subnet %s ", subrec->subnet_name ); + dbgtext( "IP %s ", inet_ntoa(p->ip) ); + dbgtext( "returned a success response with no answer\n" ); + return; + } + success = True; putip((char *)&answer_ip,&nmb->answers->rdata[2]); @@ -103,7 +111,8 @@ static void query_name_response( struct subnet_record *subrec, { if( DEBUGLVL( 0 ) ) { - putip( (char *)&answer_ip, &nmb->answers->rdata[2] ); + if (nmb->answers) + putip( (char *)&answer_ip, &nmb->answers->rdata[2] ); dbgtext( "query_name_response: " ); dbgtext( "Multiple (%d) responses ", rrec->num_msgs ); dbgtext( "received for a query on subnet %s ", subrec->subnet_name ); diff --git a/source/nsswitch/winbind_nss_solaris.c b/source/nsswitch/winbind_nss_solaris.c index b54dec33cb9..767f1471df0 100644 --- a/source/nsswitch/winbind_nss_solaris.c +++ b/source/nsswitch/winbind_nss_solaris.c @@ -1,10 +1,30 @@ /* Solaris NSS wrapper for winbind - Shirish Kalele 2000 - + Based on Luke Howard's ldap_nss module for Solaris */ +/* + Copyright (C) 1997-2003 Luke Howard. + This file is part of the nss_ldap library. + + The nss_ldap library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The nss_ldap library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the nss_ldap library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. +*/ + #include <stdlib.h> #include <sys/types.h> #include <sys/param.h> diff --git a/source/nsswitch/winbindd_rpc.c b/source/nsswitch/winbindd_rpc.c index 668244da372..c6becce486e 100644 --- a/source/nsswitch/winbindd_rpc.c +++ b/source/nsswitch/winbindd_rpc.c @@ -54,7 +54,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, POLICY_HND dom_pol; BOOL got_dom_pol = False; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; - int i; + int i, loop_count = 0; *num_entries = 0; *info = NULL; @@ -78,7 +78,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, do { SAM_DISPINFO_CTR ctr; SAM_DISPINFO_1 info1; - uint32 count = 0, start=i; + uint32 count = 0, start=i, max_entries, max_size; int j; TALLOC_CTX *ctx2; @@ -90,10 +90,15 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, goto done; } + get_query_dispinfo_params( + loop_count, &max_entries, &max_size); + /* Query display info level 1 */ - result = cli_samr_query_dispinfo(hnd->cli, ctx2, - &dom_pol, &start, 1, - &count, 0xFFFF, &ctr); + result = cli_samr_query_dispinfo( + hnd->cli, ctx2, &dom_pol, &start, 1, &count, + max_entries, max_size, &ctr); + + loop_count++; if (!NT_STATUS_IS_OK(result) && !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) break; @@ -146,6 +151,7 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, CLI_POLICY_HND *hnd; POLICY_HND dom_pol; NTSTATUS result; + uint32 start = 0; *num_entries = 0; *info = NULL; @@ -161,11 +167,12 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, do { struct acct_info *info2 = NULL; - uint32 count = 0, start = *num_entries; + uint32 count = 0; TALLOC_CTX *mem_ctx2; mem_ctx2 = talloc_init_named("enum_dom_groups[rpc]"); + /* This call updates 'start' */ result = cli_samr_enum_dom_groups( hnd->cli, mem_ctx2, &dom_pol, &start, 0xFFFF, /* buffer size? */ &info2, &count); diff --git a/source/passdb/machine_sid.c b/source/passdb/machine_sid.c index f7ed3811b97..d83fe2adc03 100644 --- a/source/passdb/machine_sid.c +++ b/source/passdb/machine_sid.c @@ -158,7 +158,7 @@ BOOL pdb_generate_sam_sid(void) /* we don't have the SID in secrets.tdb, we will need to generate one and save it */ generate_random_sid(&global_sam_sid); - + DEBUG(10, ("Generated random SID ...\n")); if (!secrets_store_domain_sid(global_myname, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n")); return False; diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c index 5795aa7b9bd..9d416f7c8bd 100644 --- a/source/passdb/pdb_ldap.c +++ b/source/passdb/pdb_ldap.c @@ -64,6 +64,7 @@ struct ldap_enum_info { }; static struct ldap_enum_info global_ldap_ent; +static pstring ldap_secret; extern pstring samlogon_user; @@ -140,7 +141,7 @@ static BOOL ldap_open_connection (LDAP ** ldap_struct) port = lp_ldap_port(); /* remap default port is no SSL */ - if ( (lp_ldap_ssl() == LDAP_SSL_OFF) && (lp_ldap_port() == 636) ) { + if ( (lp_ldap_ssl() != LDAP_SSL_ON) && (lp_ldap_port() == 636) ) { port = 389; } @@ -217,6 +218,81 @@ static BOOL ldap_open_connection (LDAP ** ldap_struct) return True; } + +/******************************************************************* + ldap rebind proc to rebind w/ the admin dn when following referrals +*******************************************************************/ + +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +# if LDAP_SET_REBIND_PROC_ARGS == 3 +static int rebindproc_with_state (LDAP *ldap_struct, + LDAP_CONST char *url, + ber_tag_t request, + ber_int_t msgid, void *arg) +# else /* LDAP_SET_REBIND_PROC_ARGS == 2 */ +static int rebindproc (LDAP *ldap_struct, + LDAP_CONST char *url, + ber_tag_t request, + ber_int_t msgid) +# endif /* LDAP_SET_REBIND_PROC_ARGS */ +{ + + int rc = 0; + + DEBUG(2,("ldap_connect_system: Rebinding as \"%s\", API: %d, PROC_ARGS: %d\n", + lp_ldap_admin_dn(), LDAP_API_VERSION, LDAP_SET_REBIND_PROC_ARGS)); + + /** @TODO Should we be doing something to check what servers we rebind to? + Could we get a referral to a machine that we don't want to give our + username and password to? */ + + if ( ( rc = ldap_simple_bind_s( ldap_struct, lp_ldap_admin_dn(), ldap_secret ) ) == LDAP_SUCCESS ) + { + DEBUG( 2, ( "Rebind successful\n" ) ); + } + else { + DEBUG( 2, ( "Rebind failed: %s\n", ldap_err2string( rc ) ) ); + } + return rc; +} +#else /* other Vendor or LDAP_API_VERSION */ +# if LDAP_SET_REBIND_PROC_ARGS ==3 +static int rebindproc_with_state (LDAP * ld, char **whop, char **credp, + int *methodp, int freeit, void *arg) + +# else /* LDAP_SET_REBIND_PROC_ARGS == 2 */ +static int rebindproc (LDAP *ldap_struct, char **whop, char **credp, + int *method, int freeit ) +# endif +{ + register char *to_clear = *credp; + + + if (freeit) { + SAFE_FREE(*whop); + memset(*credp, '\0', strlen(*credp)); + SAFE_FREE(*credp); + } else { + *whop = strdup(ldap_state->bind_dn); + if (!*whop) { + return LDAP_NO_MEMORY; + } + DEBUG(5,("ldap_connect_system: Rebinding as \"%s\"\n", + whop)); + + *credp = strdup(ldap_secret); + if (!*credp) { + SAFE_FREE(*whop); + return LDAP_NO_MEMORY; + } + *methodp = LDAP_AUTH_SIMPLE; + } + return LDAP_SUCCESS; +} +#endif + + + /******************************************************************* connect to the ldap server under system privilege. ******************************************************************/ @@ -224,7 +300,6 @@ static BOOL ldap_connect_system(LDAP * ldap_struct) { int rc; static BOOL got_pw = False; - static pstring ldap_secret; /* get the password if we don't have it already */ if (!got_pw && !(got_pw=fetch_ldap_pw(lp_ldap_admin_dn(), ldap_secret, sizeof(pstring)))) @@ -236,10 +311,16 @@ static BOOL ldap_connect_system(LDAP * ldap_struct) /* removed the sasl_bind_s "EXTERNAL" stuff, as my testsuite (OpenLDAP) doesnt' seem to support it */ - - DEBUG(10,("ldap_connect_system: Binding to ldap server as \"%s\"\n", + + DEBUG(0,("ldap_connect_system: Binding to ldap server as \"%s\"\n", lp_ldap_admin_dn())); - + +#if LDAP_SET_REBIND_PROC_ARGS == 2 + ldap_set_rebind_proc(ldap_struct, rebindproc); +#else /* LDAP_SET_REBIND_PROC_ARGS == 3 */ + ldap_set_rebind_proc(ldap_struct, rebindproc_with_state, NULL); +#endif + if ((rc = ldap_simple_bind_s(ldap_struct, lp_ldap_admin_dn(), ldap_secret)) != LDAP_SUCCESS) { diff --git a/source/passdb/secrets.c b/source/passdb/secrets.c index cbeea5bbb70..7d2cb73b7eb 100644 --- a/source/passdb/secrets.c +++ b/source/passdb/secrets.c @@ -35,6 +35,7 @@ BOOL secrets_init(void) return True; get_private_directory(fname); + pstrcat(fname,"/secrets.tdb"); tdb = tdb_open_log(fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600); @@ -52,6 +53,7 @@ BOOL secrets_init(void) void *secrets_fetch(char *key, size_t *size) { TDB_DATA kbuf, dbuf; + if (!tdb) return False; kbuf.dptr = key; @@ -106,7 +108,9 @@ BOOL secrets_fetch_domain_sid(char *domain, DOM_SID *sid) slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_SID, domain); strupper(key); + dos_to_unix(key); /* Convert key to unix-codepage */ + dyn_sid = (DOM_SID *)secrets_fetch(key, &size); if (dyn_sid == NULL) diff --git a/source/printing/printing.c b/source/printing/printing.c index 1243c6a8e06..4f30c47481e 100644 --- a/source/printing/printing.c +++ b/source/printing/printing.c @@ -186,6 +186,7 @@ static void print_unix_job(int snum, print_queue_struct *q) struct traverse_struct { print_queue_struct *queue; int qcount, snum, maxcount, total_jobs; + time_t lpq_time; }; /**************************************************************************** @@ -246,17 +247,15 @@ static int traverse_fn_delete(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data, void completed, so delete the database entry. */ if (i == ts->qcount) { - time_t cur_t = time(NULL); /* A race can occur between the time a job is spooled and when it appears in the lpq output. This happens when the job is added to printing.tdb when another smbd running print_queue_update() has completed a lpq and is currently traversing the printing tdb and deleting jobs. - A workaround is to not delete the job if it has been - submitted less than lp_lpqcachetime() seconds ago. */ + Don't delete the job if it was submitted after the lpq_time. */ - if ((cur_t - pjob.starttime) > lp_lpqcachetime()) + if (pjob.starttime < ts->lpq_time) tdb_delete(t, key); else ts->total_jobs++; @@ -476,6 +475,7 @@ static void print_queue_update(int snum) tstruct.qcount = qcount; tstruct.snum = snum; tstruct.total_jobs = 0; + tstruct.lpq_time = time(NULL); tdb_traverse(tdb, traverse_fn_delete, (void *)&tstruct); diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c index 355e10a97bf..b86717704e6 100644 --- a/source/rpc_parse/parse_samr.c +++ b/source/rpc_parse/parse_samr.c @@ -1386,7 +1386,7 @@ inits a SAMR_Q_QUERY_DISPINFO structure. void init_samr_q_query_dispinfo(SAMR_Q_QUERY_DISPINFO * q_e, POLICY_HND *pol, uint16 switch_level, uint32 start_idx, - uint32 max_entries) + uint32 max_entries, uint32 max_size) { DEBUG(5, ("init_samr_q_query_dispinfo\n")); @@ -1396,7 +1396,7 @@ void init_samr_q_query_dispinfo(SAMR_Q_QUERY_DISPINFO * q_e, POLICY_HND *pol, q_e->start_idx = start_idx; q_e->max_entries = max_entries; - q_e->max_size = 0xffff; /* Not especially useful */ + q_e->max_size = max_size; } /******************************************************************* diff --git a/source/rpc_server/srv_lsa_hnd.c b/source/rpc_server/srv_lsa_hnd.c index 09d03cd97f5..59bbc5263fa 100644 --- a/source/rpc_server/srv_lsa_hnd.c +++ b/source/rpc_server/srv_lsa_hnd.c @@ -135,14 +135,6 @@ BOOL create_policy_hnd(pipes_struct *p, POLICY_HND *hnd, void (*free_fn)(void *) DLIST_ADD(p->pipe_handles->Policy, pol); p->pipe_handles->count++; - /* - * Ensure we don't idle this connection if a handle is open. - * Increment the number of files open on the first handle create. - */ - - if (p->pipe_handles->count == 1) - p->conn->num_files_open++; - *hnd = pol->pol_hnd; DEBUG(4,("Opened policy hnd[%d] ", (int)p->pipe_handles->count)); @@ -209,15 +201,6 @@ BOOL close_policy_hnd(pipes_struct *p, POLICY_HND *hnd) p->pipe_handles->count--; - /* - * Ensure we can idle this connection if this is the last handle. - * Decrement the number of files open on the last handle delete. - */ - - if (p->pipe_handles->count == 0) - p->conn->num_files_open--; - - DLIST_REMOVE(p->pipe_handles->Policy, pol); ZERO_STRUCTP(pol); diff --git a/source/rpc_server/srv_pipe.c b/source/rpc_server/srv_pipe.c index 1ad57a9b016..7594ae58e4e 100644 --- a/source/rpc_server/srv_pipe.c +++ b/source/rpc_server/srv_pipe.c @@ -324,7 +324,7 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm { guest_user = True; - fstrcpy(pipe_user_name, lp_guestaccount(-1)); + fstrcpy(pipe_user_name, lp_guestaccount(-1)); DEBUG(100,("Null user in NTLMSSP verification. Using guest = %s\n", pipe_user_name)); smb_passwd_ptr = null_smb_passwd; @@ -380,8 +380,8 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name unbecome_root(); - /* Quit if the account was disabled. */ - if((pdb_get_acct_ctrl(sampass) & ACB_DISABLED) || !pdb_get_lanman_passwd(sampass)) { + /* Quit if the account was disabled. */ + if((pdb_get_acct_ctrl(sampass) & ACB_DISABLED) || !pdb_get_lanman_passwd(sampass)) { DEBUG(1,("Account for user '%s' was disabled.\n", pipe_user_name)); pdb_free_sam(sampass); return False; @@ -393,7 +393,31 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name return False; } - smb_passwd_ptr = pdb_get_lanman_passwd(sampass); + smb_passwd_ptr = pdb_get_lanman_passwd(sampass); + + /* + * Store the UNIX credential data (uid/gid pair) in the pipe structure. + */ + + p->pipe_user.uid = pdb_get_uid(sampass); + p->pipe_user.gid = pdb_get_gid(sampass); + } + else { + struct passwd *pw; + + /* setup the guest credentials; assuming that the guest + account does not have to exist in the smbpasswd file */ + + if ( (pw = sys_getpwnam(pipe_user_name)) == NULL ) { + DEBUG(0,("api_pipe_ntlmssp_verify: Invalid guest account [%s]. getpwnam() failed!\n", + pipe_user_name)); + pdb_free_sam(sampass); + return False; + } + + p->pipe_user.uid = pw->pw_uid; + p->pipe_user.gid = pw->pw_gid; + } /* @@ -440,13 +464,6 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name fstrcpy(p->domain, domain); fstrcpy(p->wks, wks); - /* - * Store the UNIX credential data (uid/gid pair) in the pipe structure. - */ - - p->pipe_user.uid = pdb_get_uid(sampass); - p->pipe_user.gid = pdb_get_gid(sampass); - /* Set up pipe user group membership. */ initialise_groups(pipe_user_name, p->pipe_user.uid, p->pipe_user.gid); get_current_groups( p->pipe_user.gid, &p->pipe_user.ngroups, &p->pipe_user.groups); diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c index dd954b38f8f..d133898abab 100644 --- a/source/rpcclient/cmd_samr.c +++ b/source/rpcclient/cmd_samr.c @@ -763,7 +763,7 @@ static NTSTATUS cmd_samr_query_dispinfo(struct cli_state *cli, { POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 start_idx=0, max_entries=250, num_entries, i; + uint32 start_idx=0, max_entries=250, max_size = 0xffff, num_entries, i; int info_level = 1; SAM_DISPINFO_CTR ctr; SAM_DISPINFO_1 info1; @@ -771,9 +771,11 @@ static NTSTATUS cmd_samr_query_dispinfo(struct cli_state *cli, SAM_DISPINFO_3 info3; SAM_DISPINFO_4 info4; SAM_DISPINFO_5 info5; + int loop_count = 0; + BOOL got_params = False; /* Use get_query_dispinfo_params() or not? */ if (argc > 4) { - printf("Usage: %s [info level] [start index] [max entries]\n", argv[0]); + printf("Usage: %s [info level] [start index] [max entries] [max_size]\n", argv[0]); return NT_STATUS_OK; } @@ -783,8 +785,15 @@ static NTSTATUS cmd_samr_query_dispinfo(struct cli_state *cli, if (argc >= 3) sscanf(argv[2], "%i", &start_idx); - if (argc >= 4) + if (argc >= 4) { sscanf(argv[3], "%i", &max_entries); + got_params = True; + } + + if (argc >= 5) { + sscanf(argv[4], "%i", &max_size); + got_params = True; + } /* Get sam policy handle */ @@ -832,9 +841,17 @@ static NTSTATUS cmd_samr_query_dispinfo(struct cli_state *cli, do { + + if (!got_params) + get_query_dispinfo_params( + loop_count, &max_entries, &max_size); + result = cli_samr_query_dispinfo(cli, mem_ctx, &domain_pol, &start_idx, info_level, - &num_entries, max_entries, &ctr); + &num_entries, max_entries, + max_size, &ctr); + + loop_count++; for (i = 0; i < num_entries; i++) { switch (info_level) { diff --git a/source/smbd/chgpasswd.c b/source/smbd/chgpasswd.c index 33ecfc5c2ff..42e82482dcb 100644 --- a/source/smbd/chgpasswd.c +++ b/source/smbd/chgpasswd.c @@ -730,6 +730,7 @@ BOOL pass_oem_change(char *user, but does use the lm OEM password to check the nt hashed-hash. ************************************************************/ + BOOL check_oem_password(char *user, uchar * lmdata, uchar * lmhash, uchar * ntdata, uchar * nthash, @@ -751,6 +752,8 @@ BOOL check_oem_password(char *user, BOOL nt_pass_set = (ntdata != NULL && nthash != NULL); + *hnd = NULL; + pdb_init_sam(&sampass); become_root(); @@ -763,12 +766,11 @@ BOOL check_oem_password(char *user, return False; } - *hnd = sampass; - acct_ctrl = pdb_get_acct_ctrl(sampass); if (acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); + pdb_free_sam(sampass); return False; } @@ -779,25 +781,38 @@ BOOL check_oem_password(char *user, /* save pointers to passwords so we don't have to keep looking them up */ lanman_pw = pdb_get_lanman_passwd(sampass); - nt_pw = pdb_get_nt_passwd (sampass); + nt_pw = pdb_get_nt_passwd(sampass); /* check for null passwords */ if (lanman_pw == NULL) { if (acct_ctrl & ACB_PWNOTREQ) { if (!pdb_set_lanman_passwd(sampass, null_pw)) { + pdb_free_sam(sampass); + return False; + } + lanman_pw = pdb_get_lanman_passwd(sampass); + if (!lanman_pw) { + pdb_free_sam(sampass); return False; } } else { DEBUG(0,("check_oem_password: no lanman password !\n")); + pdb_free_sam(sampass); return False; } } if (pdb_get_nt_passwd(sampass) == NULL && nt_pass_set) { - if (acct_ctrl & ACB_PWNOTREQ) - pdb_set_nt_passwd(sampass, null_pw); - else { + if (acct_ctrl & ACB_PWNOTREQ) { + pdb_set_nt_passwd(sampass, null_ntpw); + nt_pw = pdb_get_nt_passwd(sampass); + if (!nt_pw) { + pdb_free_sam(sampass); + return False; + } + } else { DEBUG(0,("check_oem_password: no ntlm password !\n")); + pdb_free_sam(sampass); return False; } } @@ -815,6 +830,7 @@ BOOL check_oem_password(char *user, new_pw_len = IVAL(lmdata, 512); if (new_pw_len < 0 || new_pw_len > new_passwd_size - 1) { DEBUG(0,("check_oem_password: incorrect password length (%d).\n", new_pw_len)); + pdb_free_sam(sampass); return False; } @@ -839,17 +855,16 @@ BOOL check_oem_password(char *user, nt_lm_owf_gen(new_passwd, new_ntp16, new_p16); - if (!nt_pass_set) - { + if (!nt_pass_set) { /* * Now use new_p16 as the key to see if the old * password matches. */ D_P16(new_p16, lmhash, unenc_old_pw); - if (memcmp(lanman_pw, unenc_old_pw, 16)) - { + if (memcmp(lanman_pw, unenc_old_pw, 16)) { DEBUG(0,("check_oem_password: old lm password doesn't match.\n")); + pdb_free_sam(sampass); return False; } @@ -857,6 +872,7 @@ BOOL check_oem_password(char *user, DEBUG(100, ("check_oem_password: password %s ok\n", new_passwd)); #endif + *hnd = sampass; return True; } @@ -867,20 +883,21 @@ BOOL check_oem_password(char *user, D_P16(new_ntp16, lmhash, unenc_old_pw); D_P16(new_ntp16, nthash, unenc_old_ntpw); - if (memcmp(lanman_pw, unenc_old_pw, 16)) - { + if (memcmp(lanman_pw, unenc_old_pw, 16)) { DEBUG(0,("check_oem_password: old lm password doesn't match.\n")); + pdb_free_sam(sampass); return False; } - if (memcmp(nt_pw, unenc_old_ntpw, 16)) - { + if (memcmp(nt_pw, unenc_old_ntpw, 16)) { DEBUG(0,("check_oem_password: old nt password doesn't match.\n")); + pdb_free_sam(sampass); return False; } #ifdef DEBUG_PASSWORD DEBUG(100, ("check_oem_password: password %s ok\n", new_passwd)); #endif + *hnd = sampass; return True; } @@ -926,23 +943,23 @@ BOOL check_plaintext_password(char *user, char *old_passwd, uchar old_pw[16], old_ntpw[16]; BOOL ret; + *hnd = NULL; + pdb_init_sam(&sampass); become_root(); ret = pdb_getsampwnam(sampass, user); unbecome_root(); - *hnd = sampass; - - if (ret == False) - { + if (ret == False) { DEBUG(0,("check_plaintext_password: getsmbpwnam returned NULL\n")); + pdb_free_sam(sampass); return False; } - if (pdb_get_acct_ctrl(sampass) & ACB_DISABLED) - { + if (pdb_get_acct_ctrl(sampass) & ACB_DISABLED) { DEBUG(0,("check_plaintext_password: account %s disabled.\n", user)); + pdb_free_sam(sampass); return (False); } @@ -960,8 +977,11 @@ BOOL check_plaintext_password(char *user, char *old_passwd, #endif if (memcmp(pdb_get_nt_passwd(sampass), old_ntpw, 16) - && memcmp(pdb_get_lanman_passwd(sampass), old_pw, 16)) + && memcmp(pdb_get_lanman_passwd(sampass), old_pw, 16)) { + pdb_free_sam(sampass); return (False); - else + } else { + *hnd = sampass; return (True); + } } diff --git a/source/smbd/close.c b/source/smbd/close.c index 38270fbfe31..e3feab0bfdc 100644 --- a/source/smbd/close.c +++ b/source/smbd/close.c @@ -264,6 +264,24 @@ static int close_directory(files_struct *fsp, BOOL normal_close) } /**************************************************************************** + Close a 'stat file' opened internally. +****************************************************************************/ + +static int close_stat(files_struct *fsp) +{ + /* + * Do the code common to files and directories. + */ + close_filestruct(fsp); + + if (fsp->fsp_name) + string_free(&fsp->fsp_name); + + file_free(fsp); + return 0; +} + +/**************************************************************************** Close a directory opened by an NT SMB call. ****************************************************************************/ @@ -271,5 +289,8 @@ int close_file(files_struct *fsp, BOOL normal_close) { if(fsp->is_directory) return close_directory(fsp, normal_close); - return close_normal_file(fsp, normal_close); + else if (fsp->is_stat) + return close_stat(fsp); + else + return close_normal_file(fsp, normal_close); } diff --git a/source/smbd/conn.c b/source/smbd/conn.c index 822ff5abcd4..3f09d7ac0e3 100644 --- a/source/smbd/conn.c +++ b/source/smbd/conn.c @@ -136,10 +136,12 @@ void conn_close_all(void) } /**************************************************************************** -idle inactive connections + Idle inactive connections. ****************************************************************************/ + BOOL conn_idle_all(time_t t, int deadtime) { + pipes_struct *plist = NULL; BOOL allidle = True; connection_struct *conn, *next; @@ -154,6 +156,15 @@ BOOL conn_idle_all(time_t t, int deadtime) allidle = False; } + /* + * Check all pipes for any open handles. We cannot + * idle with a handle open. + */ + + for (plist = get_first_pipe(); plist; plist = get_next_pipe(plist)) + if (plist->pipe_handles && plist->pipe_handles->count) + allidle = False; + return allidle; } diff --git a/source/smbd/dir.c b/source/smbd/dir.c index 3d77fd64ce4..66a76a6637b 100644 --- a/source/smbd/dir.c +++ b/source/smbd/dir.c @@ -695,7 +695,6 @@ static BOOL user_can_read_file(connection_struct *conn, char *name) size_t sd_size; files_struct *fsp; int smb_action; - int access_mode; NTSTATUS status; uint32 access_granted; @@ -719,15 +718,14 @@ static BOOL user_can_read_file(connection_struct *conn, char *name) fsp = open_directory(conn, name, &ste, 0, SET_DENY_MODE(DENY_NONE), (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), unix_mode(conn,aRONLY|aDIR, name), &smb_action); else - fsp = open_file_shared1(conn, name, &ste, FILE_READ_ATTRIBUTES, SET_DENY_MODE(DENY_NONE), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &smb_action); + fsp = open_file_stat(conn, name, &ste); if (!fsp) return False; /* Get NT ACL -allocated in main loop talloc context. No free needed here. */ sd_size = conn->vfs_ops.fget_nt_acl(fsp, fsp->fd, &psd); - close_file(fsp, False); + close_file(fsp, True); /* No access if SD get failed. */ if (!sd_size) diff --git a/source/smbd/lanman.c b/source/smbd/lanman.c index c0de7c9f9c4..13ec59df479 100644 --- a/source/smbd/lanman.c +++ b/source/smbd/lanman.c @@ -1151,7 +1151,7 @@ static int get_server_info(uint32 servertype, if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) continue; if (!next_token(&ptr,s->domain , NULL, sizeof(s->domain))) { /* this allows us to cope with an old nmbd */ - pstrcpy(s->domain,global_myworkgroup); + fstrcpy(s->domain,global_myworkgroup); } if (sscanf(stype,"%X",&s->type) != 1) { @@ -1794,7 +1794,8 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param SSVAL(*rparam,0,NERR_badpass); } - pdb_free_sam(sampass); + if (sampass) + pdb_free_sam(sampass); } /* diff --git a/source/smbd/open.c b/source/smbd/open.c index 1958ff7c079..0e1da1e439d 100644 --- a/source/smbd/open.c +++ b/source/smbd/open.c @@ -590,7 +590,7 @@ dev = %x, inode = %.0f\n", *p_oplock_request, share_entry->op_type, fname, (unsi /* Oplock break - unlock to request it. */ unlock_share_entry(conn, dev, inode); - opb_ret = request_oplock_break(share_entry); + opb_ret = request_oplock_break(share_entry, False); /* Now relock. */ lock_share_entry(conn, dev, inode); @@ -685,7 +685,8 @@ dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry.pid, fn return num_share_modes; } -static BOOL open_match_attributes(connection_struct *conn, char *path, mode_t existing_mode, mode_t new_mode) +static BOOL open_match_attributes(connection_struct *conn, char *path, mode_t existing_mode, + mode_t new_mode, mode_t *returned_mode) { uint32 old_dos_mode, new_dos_mode; SMB_STRUCT_STAT sbuf; @@ -698,14 +699,25 @@ static BOOL open_match_attributes(connection_struct *conn, char *path, mode_t ex sbuf.st_mode = new_mode; new_dos_mode = dos_mode(conn, path, &sbuf); + /* + * We only set returned mode to be the same as new_mode if + * the file attributes need to be changed. + */ + + *returned_mode = (mode_t)0; + /* If we're mapping SYSTEM and HIDDEN ensure they match. */ if (lp_map_system(SNUM(conn))) { if ((old_dos_mode & FILE_ATTRIBUTE_SYSTEM) && !(new_dos_mode & FILE_ATTRIBUTE_SYSTEM)) return False; + if (!(old_dos_mode & FILE_ATTRIBUTE_SYSTEM) && (new_dos_mode & FILE_ATTRIBUTE_SYSTEM)) + *returned_mode = new_mode; } if (lp_map_hidden(SNUM(conn))) { if ((old_dos_mode & FILE_ATTRIBUTE_HIDDEN) && !(new_dos_mode & FILE_ATTRIBUTE_HIDDEN)) return False; + if (!(old_dos_mode & FILE_ATTRIBUTE_HIDDEN) && (new_dos_mode & FILE_ATTRIBUTE_HIDDEN)) + *returned_mode = new_mode; } return True; } @@ -763,6 +775,7 @@ files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_ files_struct *fsp = NULL; int open_mode=0; uint16 port = 0; + mode_t new_mode = (mode_t)0; if (conn->printer) { /* printers are handled completely differently. Most @@ -822,7 +835,7 @@ files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_ /* We only care about matching attributes on file exists and truncate. */ if (file_existed && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE)) { - if (!open_match_attributes(conn, fname, psbuf->st_mode, mode)) { + if (!open_match_attributes(conn, fname, psbuf->st_mode, mode, &new_mode)) { DEBUG(5,("open_file_shared: attributes missmatch for file %s (0%o, 0%o)\n", fname, psbuf->st_mode, mode )); file_free(fsp); @@ -1091,11 +1104,36 @@ flags=0x%X flags2=0x%X mode=0%o returned %d\n", */ if (!file_existed && !def_acl && (conn->vfs_ops.fchmod_acl != NULL)) { + int saved_errno = errno; /* We might get ENOSYS in the next call.. */ + if (conn->vfs_ops.fchmod_acl(fsp, fsp->fd, mode) == -1 && errno == ENOSYS) errno = saved_errno; /* Ignore ENOSYS */ + + } else if (new_mode) { + + int ret = -1; + + /* Attributes need changing. File already existed. */ + + if (conn->vfs_ops.fchmod_acl != NULL) { + int saved_errno = errno; /* We might get ENOSYS in the next call.. */ + ret = conn->vfs_ops.fchmod_acl(fsp, fsp->fd, new_mode); + + if (ret == -1 && errno == ENOSYS) { + errno = saved_errno; /* Ignore ENOSYS */ + } else { + DEBUG(5, ("open_file_shared: failed to reset attributes of file %s to 0%o\n", + fname, (int)new_mode)); + ret = 0; /* Don't do the fchmod below. */ + } + } + + if ((ret == -1) && (conn->vfs_ops.fchmod(fsp, fsp->fd, new_mode) == -1)) + DEBUG(5, ("open_file_shared: failed to reset attributes of file %s to 0%o\n", + fname, (int)new_mode)); } - + unlock_share_entry_fsp(fsp); conn->num_files_open++; @@ -1284,118 +1322,61 @@ files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_ST return fsp; } -#if 0 -Old code - I have replaced with correct desired_access checking. JRA. - -/******************************************************************* - Check if the share mode on a file allows it to be deleted or unlinked. - Return True if sharing doesn't prevent the operation. -********************************************************************/ +/**************************************************************************** + Open a pseudo-file (no locking checks - a 'stat' open). +****************************************************************************/ -BOOL check_file_sharing(connection_struct *conn,char *fname, BOOL rename_op) +files_struct *open_file_stat(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf) { - int i; - int ret = False; - share_mode_entry *old_shares = 0; - int num_share_modes; - SMB_STRUCT_STAT sbuf; - pid_t pid = sys_getpid(); - SMB_DEV_T dev; - SMB_INO_T inode; - - if (vfs_stat(conn,fname,&sbuf) == -1) - return(True); - - dev = sbuf.st_dev; - inode = sbuf.st_ino; - - lock_share_entry(conn, dev, inode); - num_share_modes = get_share_modes(conn, dev, inode, &old_shares); - - /* - * Check if the share modes will give us access. - */ - - if(num_share_modes != 0) { - BOOL broke_oplock; - - do { - - broke_oplock = False; - for(i = 0; i < num_share_modes; i++) { - share_mode_entry *share_entry = &old_shares[i]; - - /* - * Break oplocks before checking share modes. See comment in - * open_file_shared for details. - * Check if someone has an oplock on this file. If so we must - * break it before continuing. - */ - if(BATCH_OPLOCK_TYPE(share_entry->op_type)) { - - DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \ -dev = %x, inode = %.0f\n", share_entry->op_type, fname, (unsigned int)dev, (double)inode)); + extern struct current_user current_user; + files_struct *fsp = NULL; - /* Oplock break.... */ - unlock_share_entry(conn, dev, inode); + if (!VALID_STAT(*psbuf)) + return NULL; - if(request_oplock_break(share_entry) == False) { - DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \ -dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode)); + /* Can't 'stat' open directories. */ + if(S_ISDIR(psbuf->st_mode)) + return NULL; - SAFE_FREE(old_shares); - return False; - } - lock_share_entry(conn, dev, inode); - broke_oplock = True; - break; - } + fsp = file_new(conn); + if(!fsp) + return NULL; - /* - * If this is a delete request and ALLOW_SHARE_DELETE is set then allow - * this to proceed. This takes precedence over share modes. - */ - - if(!rename_op && GET_ALLOW_SHARE_DELETE(share_entry->share_mode)) - continue; - - /* - * Someone else has a share lock on it, check to see - * if we can too. - */ - if ((GET_DENY_MODE(share_entry->share_mode) != DENY_DOS) || - (share_entry->pid != pid)) - goto free_and_exit; - - } /* end for */ + fsp->conn = conn; /* The vfs_fXXX() macros need this. */ - if(broke_oplock) { - SAFE_FREE(old_shares); - num_share_modes = get_share_modes(conn, dev, inode, &old_shares); - } - } while(broke_oplock); - } + DEBUG(5,("open_file_stat: 'opening' file %s\n", fname)); /* - * XXXX exactly what share mode combinations should be allowed for - * deleting/renaming? + * Setup the files_struct for it. */ - + + fsp->mode = psbuf->st_mode; /* - * If we got here then either there were no share modes or - * all share modes were DENY_DOS and the pid == getpid() or - * delete access was requested and all share modes had the - * ALLOW_SHARE_DELETE bit set (takes precedence over other - * share modes). + * Don't store dev or inode, we don't want any iterator + * to see this. */ + fsp->inode = (SMB_INO_T)0; + fsp->dev = (SMB_DEV_T)0; + fsp->size = psbuf->st_size; + fsp->vuid = current_user.vuid; + fsp->pos = -1; + fsp->can_lock = False; + fsp->can_read = False; + fsp->can_write = False; + fsp->share_mode = 0; + fsp->desired_access = 0; + fsp->print_file = False; + fsp->modified = False; + fsp->oplock_type = NO_OPLOCK; + fsp->sent_oplock_break = NO_BREAK_SENT; + fsp->is_directory = False; + fsp->is_stat = True; + fsp->directory_delete_on_close = False; + fsp->conn = conn; + string_set(&fsp->fsp_name,fname); - ret = True; - -free_and_exit: + conn->num_files_open++; - unlock_share_entry(conn, dev, inode); - SAFE_FREE(old_shares); - return(ret); + return fsp; } -#endif diff --git a/source/smbd/oplock.c b/source/smbd/oplock.c index f36875fc4a9..abb2cf78d30 100644 --- a/source/smbd/oplock.c +++ b/source/smbd/oplock.c @@ -369,6 +369,7 @@ BOOL process_local_message(char *buffer, int buf_size) case OPLOCK_BREAK_CMD: case LEVEL_II_OPLOCK_BREAK_CMD: + case ASYNC_LEVEL_II_OPLOCK_BREAK_CMD: /* Ensure that the msg length is correct. */ if(msg_len != OPLOCK_BREAK_MSG_LEN) { @@ -439,14 +440,14 @@ oplocks. Returning success.\n")); } /* - * Do the appropriate reply - none in the kernel or level II case. + * Do the appropriate reply - none in the kernel or async level II case. */ - if(SVAL(msg_start,OPBRK_MESSAGE_CMD_OFFSET) == OPLOCK_BREAK_CMD) { + if(break_cmd_type == OPLOCK_BREAK_CMD || break_cmd_type == LEVEL_II_OPLOCK_BREAK_CMD) { struct sockaddr_in toaddr; /* Send the message back after OR'ing in the 'REPLY' bit. */ - SSVAL(msg_start,OPBRK_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD | CMD_REPLY); + SSVAL(msg_start,OPBRK_MESSAGE_CMD_OFFSET,break_cmd_type | CMD_REPLY); memset((char *)&toaddr,'\0',sizeof(toaddr)); toaddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); @@ -901,7 +902,7 @@ Send an oplock break message to another smbd process. If the oplock is held by the local smbd then call the oplock break function directly. ****************************************************************************/ -BOOL request_oplock_break(share_mode_entry *share_entry) +BOOL request_oplock_break(share_mode_entry *share_entry, BOOL async) { char op_break_msg[OPLOCK_BREAK_MSG_LEN]; struct sockaddr_in addr_out; @@ -911,6 +912,7 @@ BOOL request_oplock_break(share_mode_entry *share_entry) SMB_DEV_T dev = share_entry->dev; SMB_INO_T inode = share_entry->inode; unsigned long file_id = share_entry->share_file_id; + uint16 break_cmd_type; if(pid == share_entry->pid) { /* We are breaking our own oplock, make sure it's us. */ @@ -941,11 +943,12 @@ dev = %x, inode = %.0f, file_id = %lu and no fsp found !\n", /* We need to send a OPLOCK_BREAK_CMD message to the port in the share mode entry. */ if (LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) { - SSVAL(op_break_msg,OPBRK_MESSAGE_CMD_OFFSET,LEVEL_II_OPLOCK_BREAK_CMD); + break_cmd_type = async ? ASYNC_LEVEL_II_OPLOCK_BREAK_CMD : LEVEL_II_OPLOCK_BREAK_CMD; } else { - SSVAL(op_break_msg,OPBRK_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD); + break_cmd_type = OPLOCK_BREAK_CMD; } + SSVAL(op_break_msg,OPBRK_MESSAGE_CMD_OFFSET,break_cmd_type); memcpy(op_break_msg+OPLOCK_BREAK_PID_OFFSET,(char *)&pid,sizeof(pid)); memcpy(op_break_msg+OPLOCK_BREAK_DEV_OFFSET,(char *)&dev,sizeof(dev)); memcpy(op_break_msg+OPLOCK_BREAK_INODE_OFFSET,(char *)&inode,sizeof(inode)); @@ -958,7 +961,7 @@ dev = %x, inode = %.0f, file_id = %lu and no fsp found !\n", addr_out.sin_family = AF_INET; if( DEBUGLVL( 3 ) ) { - dbgtext( "request_oplock_break: sending a oplock break message to " ); + dbgtext( "request_oplock_break: sending a %s oplock break message to ", async ? "asynchronous" : "synchronous" ); dbgtext( "pid %d on port %d ", (int)share_entry->pid, share_entry->op_port ); dbgtext( "for dev = %x, inode = %.0f, file_id = %lu\n", (unsigned int)dev, (double)inode, file_id ); @@ -971,19 +974,19 @@ dev = %x, inode = %.0f, file_id = %lu and no fsp found !\n", dbgtext( "break message to pid %d ", (int)share_entry->pid ); dbgtext( "on port %d ", share_entry->op_port ); dbgtext( "for dev = %x, inode = %.0f, file_id = %lu\n", - (unsigned int)dev, (double)inode, file_id ); + (unsigned int)dev, (double)inode, file_id ); dbgtext( "Error was %s\n", strerror(errno) ); } return False; } /* - * If we just sent a message to a level II oplock share entry then + * If we just sent a message to a level II oplock share entry in async mode then * we are done and may return. */ - if (LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) { - DEBUG(3,("request_oplock_break: sent break message to level II entry.\n")); + if (LEVEL_II_OPLOCK_TYPE(share_entry->op_type) && async) { + DEBUG(3,("request_oplock_break: sent async break message to level II entry.\n")); return True; } @@ -1038,10 +1041,10 @@ dev = %x, inode = %.0f, file_id = %lu and no fsp found !\n", reply_msg_start = &op_break_reply[OPBRK_CMD_HEADER_LEN]; /* - * Test to see if this is the reply we are awaiting. + * Test to see if this is the reply we are awaiting (ie. the one we sent with the CMD_REPLY flag OR'ed in). */ if((SVAL(reply_msg_start,OPBRK_MESSAGE_CMD_OFFSET) & CMD_REPLY) && - ((SVAL(reply_msg_start,OPBRK_MESSAGE_CMD_OFFSET) & ~CMD_REPLY) == OPLOCK_BREAK_CMD) && + ((SVAL(reply_msg_start,OPBRK_MESSAGE_CMD_OFFSET) & ~CMD_REPLY) == break_cmd_type) && (reply_from_port == share_entry->op_port) && (memcmp(&reply_msg_start[OPLOCK_BREAK_PID_OFFSET], &op_break_msg[OPLOCK_BREAK_PID_OFFSET], OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) == 0)) { @@ -1184,8 +1187,8 @@ void release_level_2_oplocks_on_change(files_struct *fsp) * message. */ - DEBUG(10,("release_level_2_oplocks_on_change: breaking remote oplock.\n")); - request_oplock_break(share_entry); + DEBUG(10,("release_level_2_oplocks_on_change: breaking remote oplock (async).\n")); + request_oplock_break(share_entry, True); } } diff --git a/source/smbd/process.c b/source/smbd/process.c index ea3eb4ba76f..99710b4dfd0 100644 --- a/source/smbd/process.c +++ b/source/smbd/process.c @@ -812,7 +812,9 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize) /**************************************************************************** Keep track of the number of running smbd's. This functionality is used to 'hard' limit Samba overhead on resource constrained systems. + This function is only called once per smbd. ****************************************************************************/ + static BOOL smbd_process_limit(void) { int32 total_smbds; @@ -823,17 +825,13 @@ static BOOL smbd_process_limit(void) * subtracts one. */ - total_smbds = 1; /* In case we need to create the entry. */ - if (!conn_tdb_ctx()) { DEBUG(0,("smbd_process_limit: max smbd processes parameter set with status parameter not \ set. Ignoring max smbd restriction.\n")); return False; } - if (tdb_change_int32_atomic(conn_tdb_ctx(), "INFO/total_smbds", &total_smbds, 1) == -1) - return True; - + total_smbds = increment_smbd_process_count(); return total_smbds > lp_max_smbd_processes(); } else diff --git a/source/smbd/quotas.c b/source/smbd/quotas.c index 4cfa05b1997..be72d26058d 100644 --- a/source/smbd/quotas.c +++ b/source/smbd/quotas.c @@ -908,10 +908,21 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB #if !defined(__FreeBSD__) && !defined(AIX) && !defined(__OpenBSD__) char dev_disk[256]; SMB_STRUCT_STAT S; + /* find the block device file */ - if ((sys_stat(path, &S)<0) || - (devnm(S_IFBLK, S.st_dev, dev_disk, 256, 0)<0)) return (False); -#endif + +#ifdef HPUX + /* Need to set the cache flag to 1 for HPUX. Seems + * to have a significant performance boost when + * lstat calls on /dev access this function. + */ + if ((sys_stat(path, &S)<0) || (devnm(S_IFBLK, S.st_dev, dev_disk, 256, 1)<0)) +#else + if ((sys_stat(path, &S)<0) || (devnm(S_IFBLK, S.st_dev, dev_disk, 256, 0)<0)) + return (False); +#endif /* ifdef HPUX */ + +#endif /* !defined(__FreeBSD__) && !defined(AIX) && !defined(__OpenBSD__) */ euser_id = geteuid(); diff --git a/source/smbd/reply.c b/source/smbd/reply.c index 7aae4baa22c..54fcac8a04e 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -706,8 +706,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstring smb_ntpasswd; BOOL valid_nt_password = False; BOOL valid_lm_password = False; - pstring user; - pstring orig_user; + fstring user; + fstring orig_user; BOOL guest=False; static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); @@ -731,12 +731,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); smb_apasswd[smb_apasslen] = 0; - pstrcpy(user,smb_buf(inbuf)+smb_apasslen); + fstrcpy(user,smb_buf(inbuf)+smb_apasslen); /* * Incoming user is in DOS codepage format. Convert * to UNIX. */ - pstrcpy(user,dos_to_unix_static(user)); + fstrcpy(user,dos_to_unix_static(user)); if (!doencrypt && (lp_security() != SEC_SERVER)) { smb_apasslen = strlen(smb_apasswd); @@ -852,7 +852,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * Incoming user and domain are in DOS codepage format. Convert * to UNIX. */ - pstrcpy(user,dos_to_unix_static(user)); + fstrcpy(user,dos_to_unix_static(user)); fstrcpy(domain, dos_to_unix_static(p)); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", domain,skip_string(p,1),skip_string(p,2))); @@ -898,11 +898,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* If no username is sent use the guest account */ if (!*user) { - pstrcpy(user,lp_guestaccount(-1)); + fstrcpy(user,lp_guestaccount(-1)); guest = True; } - pstrcpy(current_user_info.smb_name,user); + fstrcpy(current_user_info.smb_name,user); reload_services(True); @@ -912,7 +912,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * and security=domain checking. */ - pstrcpy( orig_user, user); + fstrcpy( orig_user, user); /* * Always try the "DOMAIN\user" lookup first, as this is the most @@ -920,7 +920,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int */ { - pstring dom_user; + fstring dom_user; /* Work out who's who */ @@ -928,7 +928,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int domain, lp_winbind_separator(), user); if (sys_getpwnam(dom_user) != NULL) { - pstrcpy(user, dom_user); + fstrcpy(user, dom_user); DEBUG(3,("Using unix username %s\n", dom_user)); } } @@ -1038,7 +1038,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } if (*smb_apasswd || !smb_getpwnam(user,True)) - pstrcpy(user,lp_guestaccount(-1)); + fstrcpy(user,lp_guestaccount(-1)); DEBUG(3,("Registered username %s for guest access\n",user)); guest = True; } @@ -1046,7 +1046,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!smb_getpwnam(user,True)) { DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); - pstrcpy(user,lp_guestaccount(-1)); + fstrcpy(user,lp_guestaccount(-1)); guest = True; } @@ -2672,7 +2672,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through)); - if (nwritten < numtowrite) { + if (nwritten < (ssize_t)numtowrite) { END_PROFILE(SMBwritebraw); return(UNIXERROR(ERRHRD,ERRdiskfull)); } @@ -2791,7 +2791,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteunlock); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, @@ -2872,7 +2872,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwrite); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } outsize = set_message(outbuf,1,0,True); @@ -2966,7 +2966,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteX); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } set_message(outbuf,6,0,True); @@ -3232,9 +3232,9 @@ int reply_writeclose(connection_struct *conn, fsp->fnum, (int)numtowrite, (int)nwritten, conn->num_files_open)); - if (nwritten <= 0) { + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteclose); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } if(close_err != 0) { @@ -3556,7 +3556,7 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ if (write_file(fsp,data,-1,numtowrite) != numtowrite) { END_PROFILE(SMBsplwr); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); diff --git a/source/smbd/server.c b/source/smbd/server.c index 14105342755..1dd68d730f4 100644 --- a/source/smbd/server.c +++ b/source/smbd/server.c @@ -434,12 +434,28 @@ static BOOL dump_core(void) update the current smbd process count ****************************************************************************/ -static void decrement_smbd_process_count(void) +static BOOL process_count_update_successful = False; + +int32 increment_smbd_process_count(void) { int32 total_smbds; if (lp_max_smbd_processes()) { total_smbds = 0; + if (tdb_change_int32_atomic(conn_tdb_ctx(), "INFO/total_smbds", &total_smbds, 1) == -1) + return 1; + process_count_update_successful = True; + return total_smbds + 1; + } + return 1; +} + +static void decrement_smbd_process_count(void) +{ + int32 total_smbds; + + if (lp_max_smbd_processes() && process_count_update_successful) { + total_smbds = 1; tdb_change_int32_atomic(conn_tdb_ctx(), "INFO/total_smbds", &total_smbds, -1); } } diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c index a96793e18e2..7691e1d577f 100644 --- a/source/utils/pdbedit.c +++ b/source/utils/pdbedit.c @@ -66,6 +66,7 @@ static void usage(void) printf(" -m it is a machine trust\n"); printf(" -x delete this user\n"); printf(" -i file import account from file (smbpasswd style)\n"); + printf(" -t read password from STDIN\n"); exit(1); } @@ -295,7 +296,7 @@ static char *prompt_for_new_password(BOOL stdin_get) /********************************************************* Add New User **********************************************************/ -static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile, BOOL stdin_get) { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; @@ -311,7 +312,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, return -1; } - password = prompt_for_new_password(0); + password = prompt_for_new_password(stdin_get); if (!password) { fprintf (stderr, "Passwords do not match!\n"); pdb_free_sam (sam_pwent); @@ -416,7 +417,7 @@ static int new_machine (char *machinename) static int delete_user_entry (char *username) { - return pdb_delete_sam_account (username); + return (! pdb_delete_sam_account (username)); } /********************************************************* @@ -430,7 +431,7 @@ static int delete_machine_entry (char *machinename) safe_strcpy (name, machinename, 16); if (name[strlen(name)] != '$') safe_strcat (name, "$", 16); - return pdb_delete_sam_account (name); + return (! pdb_delete_sam_account (name)); } /********************************************************* @@ -662,6 +663,7 @@ int main (int argc, char **argv) BOOL add_user = False; BOOL delete_user = False; BOOL import = False; + BOOL pw_from_stdin = False; char *user_name = NULL; char *full_name = NULL; char *home_dir = NULL; @@ -700,11 +702,14 @@ int main (int argc, char **argv) codepage_initialise(lp_client_code_page()); - while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwxD:")) != EOF) { + while ((ch = getopt(argc, argv, "abd:f:h:i:lmp:s:u:vwxD:")) != EOF) { switch(ch) { case 'a': add_user = True; break; + case 'b': + pw_from_stdin = True; + break; case 'm': machine = True; break; @@ -767,8 +772,8 @@ int main (int argc, char **argv) } if (machine) return new_machine (user_name); - else - return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path); + else + return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path, pw_from_stdin); } if (delete_user) { diff --git a/source/utils/smbpasswd.c b/source/utils/smbpasswd.c index 79d49a9e058..471efbdc666 100644 --- a/source/utils/smbpasswd.c +++ b/source/utils/smbpasswd.c @@ -99,7 +99,9 @@ static void usage(void) printf(" -t DOMAIN change trust account password on domain\n"); printf(" -S DOMAIN Retrieve the domain SID for DOMAIN\n"); printf(" -R ORDER name resolve order\n"); - + printf(" -W S-1-5-... Write the SID S-1-5-... to the secrets file\n"); + printf(" -X SERVER|DOMAIN Extract SID for SERVER or DOMAIN from the secrets file\n"); + exit(1); } @@ -114,10 +116,12 @@ static void set_line_buffering(FILE *f) static void process_options(int argc, char **argv, BOOL amroot) { int ch; + DOM_SID dom_sid; + fstring sid_str; user_name[0] = '\0'; - while ((ch = getopt(argc, argv, "c:axdehmnj:t:r:sw:R:D:U:LS")) != EOF) { + while ((ch = getopt(argc, argv, "c:axdehmnj:t:r:sw:R:D:U:LSW:X:")) != EOF) { switch(ch) { case 'L': local_mode = amroot = True; @@ -208,8 +212,60 @@ static void process_options(int argc, char **argv, BOOL amroot) strlen(user_password)); } - break; } + break; + + case 'W': /* Take the SID on the command line and make it ours */ + if (!lp_load(servicesf,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + servicesf); + exit(1); + } + + if (!string_to_sid(&dom_sid, optarg)) { + fprintf(stderr, "Invalid SID: %s\n", optarg); + exit(1); + } + if (!secrets_init()) { + fprintf(stderr, "Unable to open secrets database!\n"); + exit(1); + } + if (!secrets_store_domain_sid(global_myname, &dom_sid)) { + fprintf(stderr, "Unable to write the new SID %s as the server SID for %s\n", optarg, global_myname); + exit(1); + } + /* + * Now, write it to the workgroup as well, to make + * things consistent. This is a risk however. + */ + if (!secrets_store_domain_sid(lp_workgroup(), &dom_sid)) { + fprintf(stderr, "Unable to write the new SID %s as the domain SID for %s\n", optarg, lp_workgroup()); + exit(1); + } + + exit(0); + break; + + case 'X': /* Extract the SID for a domain from secrets */ + if (!lp_load(servicesf,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + servicesf); + exit(1); + } + if (!secrets_init()) { + fprintf(stderr, "Unable to open secrets database!\n"); + exit(1); + } + if (secrets_fetch_domain_sid(optarg, &dom_sid)) { + sid_to_string(sid_str, &dom_sid); + printf("SID for domain %s is: %s\n", optarg, sid_str); + exit(0); + } + else { + fprintf(stderr, "Could not retrieve SID for domain: %s\n", optarg); + exit(1); + } + break; case 'h': default: bad_args: @@ -906,6 +962,7 @@ static int process_root(void) /* * get the domain sid from a PDC and store it in secrets.tdb * Used for Samba PDC/BDC installations. + * */ if (local_flags & LOCAL_GET_DOM_SID) { @@ -1041,6 +1098,8 @@ static int process_nonroot(void) { struct passwd *pwd = NULL; int result = 0; + char *new_pw = NULL; + char *old_pw = NULL; if (!user_name[0]) { pwd = sys_getpwuid(getuid()); @@ -1065,19 +1124,21 @@ static int process_nonroot(void) } if (remote_machine != NULL) { - old_passwd = get_pass("Old SMB password:",stdin_passwd_get); + old_pw = get_pass("Old SMB password:",stdin_passwd_get); } if (!new_passwd) { - new_passwd = prompt_for_new_password(stdin_passwd_get); + new_pw = prompt_for_new_password(stdin_passwd_get); } + else + new_pw = strdup_x(new_passwd); - if (!new_passwd) { + if (!new_pw) { fprintf(stderr, "Unable to get new password.\n"); exit(1); } - if (!password_change(remote_machine, user_name, old_passwd, new_passwd, 0)) { + if (!password_change(remote_machine, user_name, old_pw, new_pw, 0)) { fprintf(stderr,"Failed to change password for %s\n", user_name); result = 1; goto done; @@ -1086,8 +1147,8 @@ static int process_nonroot(void) printf("Password changed for user %s\n", user_name); done: - safe_free(old_passwd); - safe_free(new_passwd); + SAFE_FREE(old_pw); + SAFE_FREE(new_pw); return result; } diff --git a/source/utils/status.c b/source/utils/status.c index af29d9bf640..e04b567ae28 100644 --- a/source/utils/status.c +++ b/source/utils/status.c @@ -194,7 +194,7 @@ static int profile_dump(void) printf("write_count: %u\n", profile_p->syscall_write_count); printf("write_time: %u\n", profile_p->syscall_write_time); printf("write_bytes: %u\n", profile_p->syscall_write_bytes); -#ifdef HAVE_SENDFILE +#ifdef WITH_SENDFILE printf("sendfile_count: %u\n", profile_p->syscall_sendfile_count); printf("sendfile_time: %u\n", profile_p->syscall_sendfile_time); printf("sendfile_bytes: %u\n", profile_p->syscall_sendfile_bytes); |