| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
Patch from Blindauer Emmanuel <samba@mooby.net>.
Guenther
(cherry picked from commit 290449aeae950d7490cdcf9d601052fc45bb84dd)
(cherry picked from commit a79ae4e5364fe8e3ec6b451364dc5d861f202528)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This bug prompted several, fairly large changes to the of OneFS's
readdirplus() within Samba.
One fundamental problem is that we kept our cache cursor pointed at the
next entry to be returned from onefs_readdir(), while the resume cookie
needed to refill the cache such that our cursor would be on this entry,
was located in the previous cache entry. This meant that to correctly handle
seekdir() cases which could be found within the existing cache, and cases
where a cache reload was needed, required that the cache always hold
at least two entries: the entry we wished to return, and the previous entry
which held the resume cookie. Since the readdirplus() syscall gives us no
guarantee that it will always return these two direntries, there was a
fundamental problem with this design.
To fix this problem, I have rearchitected the onefs_readdir() path to keep
its pointer on the entry which contains the resume_cookie, not the entry
which will be returned next. Essentially, I changed onefs_readdir() from a
"return an entry then increment the cursor" model to "increment the cursor
then return an entry". By doing this, we only require that a single entry
be within the cache: the entry containing the resume cookie.
Second, there have been numerous off-by-one bugs in my implementation of
onefs_seekdir() which did a mapping between the 64-bit resume cookie
returned by readdirplus() and its own monotonically increasing "location"
offset. Furthermore, this design caused a somewhat frequent waste of
cycles, as in some cases we'd need to re-enumerate the entire directory to
recover the current "location" from an old resume cookie. As this code was
somewhat difficult to understand, prone to bugs, and innefficient in some
cases I decided it was better to wholesale replace it now, rather than later.
It is possible to algorithmically map the 64-bit resume cookies from
readdirplus() into 32-bit offset values which SMB requires. The onefs.so
module now calls into a system library to do this conversion. This greatly
simplifies both the seekdir() and telldir() paths and is more efficient.
(cherry picked from commit aeb7de50b51840bddcdd4cbe6d96a4066b5116f0)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The underlying problem
is that once SMBulogoff is called, all server_info contexts associated with the
vuid should become invalid, even if that's the context being currently used by
the connection struct (tid). When the SMBtdis comes in it doesn't need a valid
vuid value, but the code called inside vfs_full_audit always assumes that there
is one (and hence a valid conn->server_info pointer) available.
This is actually a bug inside the vfs_full_audit and other code inside Samba,
which should only indirect conn->server_info on calls which require AS_USER to
be set in our process table. I could fix all these issues, but there's no
guarentee that someone might not add more code that fails this assumption, as
it's a hard assumption to break (it's usually true).
So what I've done is to ensure that on SMBulogoff the previously used
conn->server_info struct is kept around to be used for print debugging purposes
(it won't be used to change to an invalid user context, as such calls need
AS_USER set). This isn't strictly correct, as there's no association with the
(now invalid) context being freed and the call that causes conn->server_info to
be indirected, but it's good enough for most cases.
The hard part was to ensure that once a valid context is used again (via new
sessionsetupX calls, or new calls on a still valid vuid on this tid) that we
don't leak memory by simply replacing the stored conn->server_info pointer. We
would never actually leak the memory (as all conn->server_info pointers are
talloc children of conn), but with the previous patch a malicious client could
cause many server_info structs to be talloced by the right combination of SMB
calls. This new patch introduces free_conn_server_info_if_unused(), which
protects against the above.
Jeremy.
(cherry picked from commit 4b3bd6d0ba3348659615e69b3508969aa41e7de4)
|
| |
|
|
|
| |
Karolin
(cherry picked from commit c2eb0d87a2436614741119ebd14fda05b42a2ddd)
|
| |
|
|
| |
(cherry picked from commit 7ad42cc74322a1435c9cce9b286b13cd9b490ec6)
|
| |
|
|
|
|
| |
I don't think we should unconditionally send every refused connection attempt
to a share to syslog, that's where all debug level 0 messages end up.
(cherry picked from commit 8c7afce8bb86cda773c713459bb18233dc4848a3)
|
| |
|
|
|
|
|
|
|
| |
Haven't checked this myself, but as I've already got several reports that Samba
won't compile against current OpenAFS anymore, I just believe Geza Gemes. This
patch only affects AFS code, so it should not hurt anything else.
Volker
(cherry picked from commit 70231f2d88b96da365e56c8d077749366509a4e1)
|
| |
|
|
|
|
|
|
|
| |
That fixes bug #4247. Thanks to David McNeill <davemc [at] mcpond.co.nz>
for reporting!
Karolin
(cherry picked from commit eaf949947c2eb03363c4b6f588f87b70110d6ff7)
(cherry picked from commit cea79d1fbf44b0d5bff5aa12962fb3d3cb61c367)
|
| |
|
|
|
|
|
|
|
| |
This fixes bug #4245. Thanks to David McNeill <davemc [at] mcpond.co.nz>
for reporting!
Karolin
(cherry picked from commit 579c91581f5b6d5341a12923fe6cde377223caff)
(cherry picked from commit 49caab4044e47236594c6688f202aed555b9da61)
|
| |
|
|
|
|
|
|
| |
A previous fix broke the invariant that *uid is always
initialized on return from create_token_from_username().
Restore it.
Jeremy.
(cherry picked from commit e178c02a216fefc8295a7fd2d623c888c81f8734)
|
| |
|
|
|
|
| |
Michael
(cherry picked from commit 384c1aaa8ee8879b6cc4bc34dfc4d3c9fa11667b)
(cherry picked from commit ec02a0c1ceea2afc9324f6f069941deaed38c22d)
|
| |
|
|
|
|
| |
Michael
(cherry picked from commit f3308b91d75356a83e99aade7e88d2cd1edc2042)
(cherry picked from commit c14f81738b64377e978a87681b5e687fa9d4d2a2)
|
| |
|
|
|
|
| |
Michael
(cherry picked from commit 62a69994f252f7cc98ef12bc39a25a2ee25afb0a)
(cherry picked from commit 1b4ab194a9f20ee1392bd54dbb82a6384c4b8b3d)
|
| |
|
|
|
|
|
|
|
|
|
| |
as requested in bug #6292.
This is taken from
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
Michael
(cherry picked from commit f81c02c3f31a4700d32aff884254fcd752797be7)
(cherry picked from commit 09192e196bb20e7b8e4203debf9a7e4dc51e1c36)
|
| |
|
|
|
|
| |
Michael
(cherry picked from commit faaa306c6ae7b00fa5e53321203f072776eefa0a)
(cherry picked from commit c59d97195dc8002b6837e17f5e37be26c7ee5dd3)
|
| |
|
|
|
|
| |
Michael
(cherry picked from commit d230ac7b322827930de2e1b922cd4b6a597c933f)
(cherry picked from commit 198736e1f17c43853f200435f1c1969e13aed77d)
|
| |
|
|
|
| |
(cherry picked from commit fee78294589a02090887233ad112c69d3a5bd383)
(cherry picked from commit 76a8b17f4f2a48baa6d847648b2d7442b63888bc)
|
| |
|
|
|
|
|
|
|
|
|
| |
as requested in bug #6292.
This is taken from
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
Michael
(cherry picked from commit 1188c78f53fb7d56f4bf61c41fe635b639a311fd)
(cherry picked from commit 20fcbc85ddb59c7972422471705841cb8595d7ec)
|
| |
|
|
|
|
|
|
| |
Found by David Markey <admin@dmarkey.com>. Thanks!
Guenther
(cherry picked from commit ab4b8c9c0438bc5afca17e3ebf05dde6f98bc0aa)
(cherry picked from commit 942d47e5ed583e29afaa005f9ca6251373db8e2f)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit 26b9c9370ce047ecc732082b2b554ffc295ae406)
(cherry picked from commit d5c6ff96fd89b87c7331f264044e931b100b3a1a)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit baf78506895b8bd50433058ba0f18e1aaf8aeee5)
(cherry picked from commit 492b5cfea364c60376245962a8777e04e31e8392)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit af5a71d5280984a7d707e39fb522ecc7e1b71436)
(cherry picked from commit c89fdbed5286806d9a9b0b4a5d35870f7989baf7)
|
| |
|
|
|
|
|
|
| |
The objects for this module should probably be cleaned up once.
Guenther
(cherry picked from commit eee446a94841a5df97b3a47c7076ef52fb5ccdcf)
(cherry picked from commit d5da80b175b8e7e12070577abdab4f57917727a3)
|
| |
|
|
|
|
|
|
| |
sec_initial_uid() instead).
Guenther
(cherry picked from commit d22965e2e596c8ad78f5330398d43d96bf564773)
(cherry picked from commit 6ca91ff2d56f33a96e013cc3ab796ba38aa10dcd)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit 233bfb25c9443688f74c506348b0a7b34489e1d1)
(cherry picked from commit bbeefe338e654cb0f43281d9dabe77b59fa931d6)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit a2a155bee59c7e849a492933d1ea5769e409bac5)
(cherry picked from commit be680b2aae289cc7e173c4a76802fe09ff7882f6)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The merged version behaves differently: "Domain Users" is parsed into two
values, as it does not look at quotes. Samba3 users depend on the ability do
say for example
valid users = "domain users"
which would not work anymore with the merged version.
Thanks to Björn Jacke for testing this!
Volker
(cherry picked from commit 5b9477f9930d0c6511c70409561c04c5729bcc05)
|
| |
|
|
|
| |
Karolin
(cherry picked from commit b7c4a63d034f8c33b3a4857cae41270bd55e270f)
|
| |
|
|
|
| |
Karolin
(cherry picked from commit b59f79fd262b9dbb97db90e8cafe7642fd6b6317)
|
| |
|
|
|
| |
Karolin
(cherry picked from commit 83c7d8697a8df92ff1592af9c382f483354eeb0f)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit 3316ae9d75dfe6c7a960938c9503367880510079)
(cherry picked from commit 0146649cf95ad27a583057df300fe5712b89e806)
|
| |
|
|
|
| |
(cherry picked from commit 79177c1d36e125b08aa4d6e0e42e9a97f625b3c8)
(cherry picked from commit f51a4b95b472496f58759dae75ff1369324c0a29)
|
| |
|
|
|
|
|
|
|
| |
This fixes bug #4315.
Thanks to Felipe Augusto van de Wiel <faw [at] cathedrallabs [dot] org>!
Karolin
(cherry picked from commit 3422b9c546cdd262bd747e1e737c2b6479b4d21e)
(cherry picked from commit 3da62734fffa99cde1084beeb69e94a7bc623dde)
|
| |
|
|
|
| |
Karolin
(cherry picked from commit 245b859dfb0e1de4c453cf9de97e6d50b163daa4)
|
| |
|
|
|
|
|
|
| |
This parameter has been removed with d96248a9b4655.
Karolin
(cherry picked from commit b6eab68c20f0914cb946f05ebae2faba67f32806)
(cherry picked from commit 644d45ef4878e396fe62918e35e7103465eeb971)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit 6900d61d369961e0c11e590ccdc102169f21cef3)
(cherry picked from commit 41dae8256cdddd9557ae7a00b1282a0eb05d4f36)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit 5e563ee508d0b3cc87d72ad52d777946ee0537b1)
(cherry picked from commit c3f1cbd26792928970b6a60d82746719fea688d7)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit d76837f6da2cf735d2b18c97f3b46ae2f04b750d)
(cherry picked from commit d845a971ee32c8e9adb4717abe546355eb7153c9)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit 664ff081cadd29a1e750b349ecb23e8402d977cb)
(cherry picked from commit 65d4acdb1b7f9cd78d38c23a00267688dc156da6)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit e89cc775e660183e7126bcfa8fb37496074cf5a1)
(cherry picked from commit e26efbd2c8a49012383032fef07cddec76561aa3)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
instead of reading the registry directly with tdb and activating the
configure options by hand.
This eliminates the need for repeating checks done in loadparm.
For instance it disables registry shares without path in the server
as is the case with text based shares.
Michael
(cherry picked from commit 077bcc11257697b243916fbb02cd72b3a122b9ba)
(cherry picked from commit 502bfe9352d36ee909d7210a9d0ec0b6c7db5149)
|
| |
|
|
|
|
| |
Michael
(cherry picked from commit fb3b6576127ce837ac711e87c293d1f4cf97473c)
(cherry picked from commit 480af4e0ead10241aa94f4095c7fa580240fec00)
|
| |
|
|
|
|
|
|
|
| |
Volker, please check.
Rafal, haven't we seen this in your tests at sambaxp as well ?
Guenther
(cherry picked from commit 67ca76c288eb095ae59e98927317d51c96c89551)
(cherry picked from commit 59e75824e81ffb6d05e624a5344123c585998904)
|
| |
|
|
|
|
| |
Guenther
(cherry picked from commit a23fb4663df11b237e94683510d282c286bbeed6)
(cherry picked from commit d49e69d49a41d193d6e1dd342c653d9a8bc3b140)
|
| |
|
|
|
|
| |
Michael
(cherry picked from commit 664da577f931dfd47573d3d77a95afb573fba855)
(cherry picked from commit caa1f05420191d934c2ea1c2acaa75702c8e5c2e)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces a hard coded MAX_INCLUDE_DEPTH of 100.
When this is exceeded, handle_include (and hence lp_load) fails.
One could of course implement a more intelligent loop detection
in the include-tree, but this would require some restructuring
of the internal loadparm housekeeping. Maybe as a second improvement
step.
Michael
(cherry picked from commit d5f2bbdc489b751331e86afae58b0d80c5fedb9c)
(cherry picked from commit bfd10fd322fe1721b8b45256cd988ed83b18a8a6)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
command.
Without the initialization "net rpc password" will prompt twice for passwords
and will not allow to define the name of the connection admin user.
In the long run we should probably only have one place where to initialize
libnetapi.
Kai, please check.
Guenther
(cherry picked from commit 09ec85715b0e99740156ebb7213eddd1edfea631)
(cherry picked from commit 0c5f19fbea7a6419a84ac0137a9a09995ef7a933)
|
| |
|
|
|
|
|
|
| |
This prevents users from getting access to "/" in misconfigured setups.
Michael
(cherry picked from commit d16e40b5ef9add630d027ff92e440c44bfb88ef0)
(cherry picked from commit 3bdb4342225444055b084908083e003e0e272e10)
|
| |
|
|
|
|
|
|
| |
Not being able to open the shadow copy directory is the same as having no
shadow copy support at all. The VFS module should in this case not log with
debug level 0 and set ENOSYS to indicate "no shadow copies used" to the higher
levels.
(cherry picked from commit 4982483cdd2a4d37f96574c19dd3aade236c1b93)
|
| |
|
|
|
|
|
|
| |
The resume handle is a unique pointer, always check before dereference.
Guenther
(cherry picked from commit dd33abf649f4e1479365a2ccc2b41134270ff4ac)
(cherry picked from commit 1e117c6ebc6322b7fac4928d84bc5e714e559ea5)
|
