summaryrefslogtreecommitdiffstats
path: root/source3/smbd
Commit message (Collapse)AuthorAgeFilesLines
* s3: smbd: Remove open_file_fchmod().Jeremy Allison2014-05-022-36/+0
| | | | | | | | | | | | | | No longer used (hurrah!). Bug 10564 - Lock order violation and file lost https://bugzilla.samba.org/show_bug.cgi?id=10564 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri May 2 23:47:38 CEST 2014 on sn-devel-104
* s3: smbd: change file_set_dosmode() to use get_file_handle_for_metadata() ↵Jeremy Allison2014-05-021-12/+92
| | | | | | | | | | | | | | | | | | instead of open_file_fchmod(). get_file_handle_for_metadata() is a new function that finds an existing open handle (fsp->fh->fd != -1) for a given dev/ino if there is one available, and uses INTERNAL_OPEN_ONLY with WRITE_DATA access if not. Allows open_file_fchmod() to be removed next. Bug 10564 - Lock order violation and file lost https://bugzilla.samba.org/show_bug.cgi?id=10564 Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org>
* s3: smbd : Ensure file_new doesn't call into smbXsrv_open_create() for ↵Jeremy Allison2014-05-022-4/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | INTERNAL_OPEN_ONLY. This causes deadlocks which cause smbd to crash if the locking database has already been locked for a compound operation we need to be atomic (as in the file rename case). Ensure INTERNAL_OPEN_ONLY opens are synonymous with req==NULL. INTERNAL_OPEN_ONLY opens leave a NO_OPLOCK record in the share mode database, so they can be detected by other processes for share mode violation purposes (because they're doing an operation on the file that may include reads or writes they need to have real state inside the locking database) but have an fnum of FNUM_FIELD_INVALID and a local share_file_id of zero, as they will never be seen on the wire. Ensure validate_my_share_entries() ignores INTERNAL_OPEN_ONLY records (share_file_id == 0). Bug 10564 - Lock order violation and file lost https://bugzilla.samba.org/show_bug.cgi?id=10564 Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org>
* s3 : smbd : Protect all possible code paths from fsp->op == NULL.Jeremy Allison2014-05-022-0/+13
| | | | | | | | | | | | | In changes to come this will be possible for an INTERNAL_OPEN_ONLY. The protection was already in place for some code paths, this makes the coverage compete. Bug 10564 - Lock order violation and file lost https://bugzilla.samba.org/show_bug.cgi?id=10564 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* smbd: Fix compile warning in dmapi.cChristof Schmitt2014-05-021-1/+1
| | | | | | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I69297d91ab8c857204e1f78cafb210b9a05f3b77 Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri May 2 03:41:31 CEST 2014 on sn-devel-104
* s3: smbd : Fix wildcard unlink to fail if we get an error rather than trying ↵Jeremy Allison2014-04-301-1/+2
| | | | | | | | | | to continue. This can break smbd if we end up leaving a SHARING_VIOLATION retry record on the queue. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3: smbd: Call dgram cleanup init background setup.Jeremy Allison2014-04-231-0/+4
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* smbd: Always clean up the child's msg_ctxVolker Lendecke2014-04-231-6/+5
| | | | | | | | | | This is a bit lazy programming, we could and possibly should do this in exit_server() in the child. But this way we make sure the cleanup works. If it only was executed for unclean exits, we might not detect failure of this code in the parent. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Sort notify events by timestampVolker Lendecke2014-04-231-0/+16
| | | | | | | | | | | | | This will fix the raw.notify test with the new messaging system. With the new messaging system messages come in via yet another fd that has to line up in poll next to the incoming client TCP socket. With the signal-based messaging messages were always handled before client requests. The new scheme means that notify messages might be deferred a bit (something which can happen in a cluster already now), which then means that notify_marshall_changes() will coalesce entries, which in turn makes raw.notify unhappy. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Pass on a timestamp in MSG_PVFS_NOTIFYVolker Lendecke2014-04-231-34/+33
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Pass timespec_current through the notify_callbackVolker Lendecke2014-04-233-6/+10
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Pass timespec_current to notify_fspVolker Lendecke2014-04-231-4/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Add a timestamp to queued notify eventsVolker Lendecke2014-04-231-7/+14
| | | | | | | | | | | In a cluster and with changed messaging it can happen that messages are scheduled after new SMB requests. This re-ordering breaks a few notify tests. This starts the infrastructure to add timestamps to notify events, so that they can be sorted before they are sent out. The timestamp will be the current local time of notify_fname, that's all we can do. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Remove messages_localVolker Lendecke2014-04-231-11/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Add messaging_dgmVolker Lendecke2014-04-231-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Messaging based on unix domain datagram sockets This makes every process participating in messaging bind on a unix domain datagram socket, similar to the source4 based messaging. The details are a bit different though: Retry after EWOULDBLOCK is done with a blocking thread, not by polling. This was the only way I could in experiments avoid a thundering herd or high load under Linux in extreme overload situations like many thousands of processes sending to one blocked process. If there are better ideas to do this in a simple way, I'm more than happy to remove the pthreadpool dependency again. There is only one socket per process, not per task. I don't think that per-task sockets are really necessary, we can do filtering in user space. The message contains the destination server_id, which contains the destination task_id. I think we can rebase the source4 based imessaging on top of this, allowing multiple imessaging contexts on top of one messaging_context. I had planned to do this conversion before this goes in, but Jeremy convinced me that this has value in itself :-) Per socket we also create a fcntl-based lockfile to allow race-free cleanup of orphaned sockets. This lockfile contains the unique_id, which in the future will make the server_id.tdb obsolete. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Move full_path_tos to util_str.cVolker Lendecke2014-04-232-42/+0
| | | | | | | This can be useful elsewhere Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: use exit_daemon() to support reporting to systemd from smbdAlexander Bokovoy2014-04-231-25/+19
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* add systemd integrationAlexander Bokovoy2014-04-231-0/+4
| | | | | | | | | | | | | | | Add --with-systemd / --without-systemd options to check whether libsystemd-daemon library is available and use it to report service startup status to systemd for smbd/winbindd/nmbd and AD DC. The problem it solves is correct reporting of the Samba services at the point when they are ready to serve clients, important for high availability software integration. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:smbd: fix typo in comment for set_conn_force_user_group()Michael Adam2014-04-231-1/+1
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date(master): Wed Apr 23 01:49:09 CEST 2014 on sn-devel-104
* s3: use smb_xmemdup instead of smb_memdup and smb_panicBjörn Baumbach2014-04-161-5/+2
| | | | | | | | Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 16 22:53:42 CEST 2014 on sn-devel-104
* lib-util: rename memdup to smb_memdup and fix all callersBjörn Baumbach2014-04-162-3/+3
| | | | | Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:smbd: always allow SMB1 signing, but only announce it if configured.Stefan Metzmacher2014-04-162-5/+8
| | | | | | | | | | | Always allow the client to turn on SMB1 signing using FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Apr 16 10:07:56 CEST 2014 on sn-devel-104
* Typo: s/prefered/preferred/Jelmer Vernooij2014-04-131-1/+1
| | | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Change-Id: Ib82b71111fd208990aa876a8bf06431cfed21a6c Reviewed-on: https://gerrit.samba.org/220 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:smb2_server: remove unused get_min_receive_file_size() wrapper functionStefan Metzmacher2014-04-111-13/+2
| | | | | | | | | | smb2req always comes from talloc_zero(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Apr 11 23:55:17 CEST 2014 on sn-devel-104
* s3:smb2_server: only allocate the required buffer in the smb2 recvfile() ↵Stefan Metzmacher2014-04-112-19/+30
| | | | | | | | | | code path This way the buffer will likely be allocated within the existing talloc_pool, which avoids one malloc() per request. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: prepare smbd_smb2_request_verify_sizes() for the optimized ↵Stefan Metzmacher2014-04-111-0/+9
| | | | | | | | | recvfile() case For recvfile we haven't read and may not allocated the dyn buffer. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_write: allow SMBD_SMB2_IN_DYN_LEN() to be 0 for the recvfile case.Stefan Metzmacher2014-04-111-2/+18
| | | | | | | For recvfile we haven't read and may not allocated the dyn buffer. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: make sure we don't try recvfile for special NBT messagesStefan Metzmacher2014-04-111-0/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: use the same logic to avoid recvfile() for IPC/PRINT sharesStefan Metzmacher2014-04-111-0/+41
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd: use smb1srv_open_lookup() in is_valid_writeX_buffer()Stefan Metzmacher2014-04-111-9/+20
| | | | | | | | | It's more logical to check the fnum instead of tid here. This will make it easier to reuse the logic for SMB2 and allows per fsp recvfile detection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbXsrv_open: allow now==0 to skip the idle_time update.Stefan Metzmacher2014-04-111-1/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smbd: Performance optimization for RECVFILE.Jeremy Allison2014-04-101-13/+43
| | | | | | | | | | | | | | | | | | | | | Based on work proposed by Jones <jones.kstw@gmail.com>. Removes set_blocking()/set_unblocking() fcntl calls around RECVFILE on the non-blocking socket. Instead uses RECVFILE in a loop, and only drops back to set_blocking()/set_unblocking() once RECVFILE returns -1/EAGAIN/EWOULDBLOCK. From the samba-technical list: ------------------------------------------------ The iometer 512b sequential write shows following result, Before applying this patch: 75333 IOps After applying this patch: 82691 IOps ------------------------------------------------ Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3: messages: Implement cleanup of dead records.Jeremy Allison2014-04-031-0/+7
| | | | | | | | | | | | When a smbd process dies, pending messages.tdb records for this process might not get cleaned up. Implement a cleanup for dead records that is triggered after a smbd dies uncleanly; the records for that PID are deleted. Based on a patchset from Christof Schmitt <cs@samba.org>. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s3-auth: Finally change make_user_info_*() use a parent talloc contextAndrew Bartlett2014-04-021-8/+10
| | | | | | Change-Id: Iedf516e8c24e0d18064aeedd8e287ed692d3c5b4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3:smbd: let srvstr_pull_req_talloc() take 'const uint8_t *src'Stefan Metzmacher2014-04-024-20/+21
| | | | | | | | | | This is the correct thing to do the smb request buffer contains just bytes (uint8_t). It also avoids strange casting in the callers. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:smbd: avoid compiler warnings in smbd_tevent_trace_callback()Stefan Metzmacher2014-04-021-0/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-smbd: Align debug level for the same information.Andreas Schneider2014-04-011-3/+5
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10388 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Apr 1 23:16:19 CEST 2014 on sn-devel-104
* auth/gensec: remove tevent_context argument from gensec_update()Stefan Metzmacher2014-03-273-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:build: remove global CLUSTER_SUPPORT defineStefan Metzmacher2014-03-242-9/+0
| | | | | | | | | | All ctdb specific code is isolated in samba-cluster-support.so now. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Mar 24 19:08:44 CET 2014 on sn-devel-104
* smbd: Explicitly pass "file_id" to rename_share_filenameVolker Lendecke2014-03-211-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Use fsp->file_id in open_file_ntcreateVolker Lendecke2014-03-211-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Explicitly pass "file_id" to schedule_defer_openVolker Lendecke2014-03-211-3/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Explicitly pass "file_id" to rename_open_filesVolker Lendecke2014-03-211-3/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smbd: Fileserving share access checks.Jeremy Allison2014-03-181-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Git commit 86d1e1db8e2747e30c89627cda123fde1e84f579 fixed share_access not being reset between users, by changing make_connection_snum() to call a common function check_user_share_access() in the same way that change_to_user() (which can be called on any incoming packet) does. Unfortunately that bugfix was incorrect and broke "force user" and "force group" as it called check_user_share_access() inside make_connection_snum() using the conn->session_info pointer instead of the vuser->session_info pointer. conn->session_info represents the token to use when actually accessing the file system, and so is modified by force user and force group. conn->session_info represents the "pristine" token of the user logging in, and is never modified by force user and force group. Samba 3.6.x checked the share access based on the "pristine" token of the user logging in, not the token modified by force user and force group. This change restores the expected behavior. Fixes bug #9878 - force user does not work as expected https://bugzilla.samba.org/show_bug.cgi?id=9878 Signed-off-by: Jeremy Allison <jra@samba.org> Tested-by: Gerhard Wiesinger <lists@wiesinger.com> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Mar 18 19:19:31 CET 2014 on sn-devel-104
* CVE-2013-4496:samr: Remove ChangePasswordUserAndrew Bartlett2014-03-131-254/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This old password change mechanism does not provide the plaintext to validate against password complexity, and it is not used by modern clients. It also has quite difficult semantics to handle regarding password lockout. The missing features in both implementations (by design) were: - the password complexity checks (no plaintext) - the minimum password length (no plaintext) Additionally, the source3 version did not check: - the minimum password age - pdb_get_pass_can_change() which checks the security descriptor for the 'user cannot change password' setting. - the password history - the output of the 'passwd program' if 'unix passwd sync = yes'. Finally, the mechanism was almost useless, as it was incorrectly only made available to administrative users with permission to reset the password. It is removed here so that it is not mistakenly reinstated in the future. Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245 Change-Id: If2edd3183c177e5ff37c9511b0d0ad0dd9038c66 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-on: https://gerrit.samba.org/37
* s3:smb2_tcon: cancel and wait for pending requests on tdisStefan Metzmacher2014-03-121-4/+78
| | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_sesssetup: cancel and wait for pending requests on logoffStefan Metzmacher2014-03-121-4/+78
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_tcon: split smbd_smb2_tdis into an async *_send/recv pair.Jeremy Allison2014-03-121-16/+89
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:smb2_sesssetup: split smbd_smb2_logoff into an async *_send/recv pair.Jeremy Allison2014-03-121-20/+92
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:smb2_lock: return RANGE_NOT_LOCKED instead of CANCELLED for logoff and tdisStefan Metzmacher2014-03-121-0/+20
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2024-09-22 11:44:08 +0000