[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 77f3730 auth: fix a memory leak in gssapi_get_session_key()
via a646d9e s3-libads: fix a memory leak in ads_sasl_spnego_bind()
from c9d61db ctdb-build: Exit if requested feature cannot be built
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 77f3730295735dc9465c8e3d07fc761c83761b6e
Author: Uri Simchoni <u...@samba.org>
Date: Sun Jul 3 22:50:22 2016 +0300
auth: fix a memory leak in gssapi_get_session_key()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12006
Signed-off-by: Uri Simchoni <u...@samba.org>
Signed-off-by: Richard Sharpe <rsha...@samba.org>
Signed-off-by: Andreas Schneider <a...@samba.org>
Autobuild-User(master): Richard Sharpe <sha...@samba.org>
Autobuild-Date(master): Wed Jul 6 00:40:15 CEST 2016 on sn-devel-144
commit a646d9e796902dcb5246eb585433d4859796be2f
Author: Uri Simchoni <u...@samba.org>
Date: Sun Jul 3 22:51:56 2016 +0300
s3-libads: fix a memory leak in ads_sasl_spnego_bind()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12006
Signed-off-by: Uri Simchoni <u...@samba.org>
Signed-off-by: Richard Sharpe <rsha...@samba.org>
Signed-off-by: Andreas Schneider <a...@samba.org>
---
Summary of changes:
auth/kerberos/gssapi_pac.c | 7 +--
source3/libads/sasl.c | 5 -
2 files changed, 5 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/kerberos/gssapi_pac.c b/auth/kerberos/gssapi_pac.c
index 685d0ec..74c199a 100644
--- a/auth/kerberos/gssapi_pac.c
+++ b/auth/kerberos/gssapi_pac.c
@@ -246,6 +246,7 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx,
int diflen, i;
const uint8_t *p;
+ *keytype = 0;
if (set->count < 2) {
#ifdef HAVE_GSSKRB5_GET_SUBKEY
@@ -256,10 +257,6 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx,
if (gss_maj == 0) {
*keytype = KRB5_KEY_TYPE(subkey);
krb5_free_keyblock(NULL /* should be
krb5_context */, subkey);
- } else
-#else
- {
- *keytype = 0;
}
#endif
gss_maj = gss_release_buffer_set(_min, );
@@ -270,7 +267,6 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx,
gse_sesskeytype_oid.elements,
gse_sesskeytype_oid.length) != 0) {
/* Perhaps a non-krb5 session key */
- *keytype = 0;
gss_maj = gss_release_buffer_set(_min, );
return NT_STATUS_OK;
}
@@ -280,7 +276,6 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx,
gss_maj = gss_release_buffer_set(_min, );
return NT_STATUS_INVALID_PARAMETER;
}
- *keytype = 0;
for (i = 0; i < diflen; i++) {
*keytype = (*keytype << 7) | (p[i] & 0x7f);
if (i + 1 != diflen && (p[i] & 0x80) == 0) {
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 10f63e8..d76d872 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -696,7 +696,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
struct berval *scred=NULL;
int rc, i;
ADS_STATUS status;
- DATA_BLOB blob;
+ DATA_BLOB blob = data_blob_null;
char *given_principal = NULL;
char *OIDs[ASN1_MAX_OIDS];
#ifdef HAVE_KRB5
@@ -792,6 +792,9 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
done:
ads_free_service_principal();
TALLOC_FREE(frame);
+ if (blob.data != NULL) {
+ data_blob_free();
+ }
return status;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1444196 testprogs/blackbox: Improve the net ads dns register tests. from 2352e49 selftest: Add test for domain join + kerberos-only auth https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1444196521d705d86650fb5b508a0cedd0a5c830 Author: Richard Sharpe <rsha...@samba.org> Date: Thu Jun 30 21:07:19 2016 -0700 testprogs/blackbox: Improve the net ads dns register tests. More tests are added that add an unprivileged user, enable their account, and then test that they can add IP addressed but that they cannot modify other user's IP addresses. Signed-off-by: Richard Sharpe <rsha...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Richard Sharpe <sha...@samba.org> Autobuild-Date(master): Sun Jul 3 14:24:59 CEST 2016 on sn-devel-144 --- Summary of changes: testprogs/blackbox/test_net_ads_dns.sh | 19 ++- 1 file changed, 18 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/testprogs/blackbox/test_net_ads_dns.sh b/testprogs/blackbox/test_net_ads_dns.sh index 41bc63d..8f9a91b 100755 --- a/testprogs/blackbox/test_net_ads_dns.sh +++ b/testprogs/blackbox/test_net_ads_dns.sh @@ -44,7 +44,11 @@ export UID_WRAPPER_ROOT IPADDRESS=10.1.4.111 IPADDRMAC=10.1.4.124 +UNPRIVIP=10.1.4.130 NAME=testname +UNPRIVNAME=unprivname +UNPRIVUSER=unprivuser +UNPRIVPASS=UnPrivPass1 # These tests check that privileged users can add DNS names and that # unprivileged users cannot do so. @@ -63,7 +67,17 @@ testit "We should be able to unregister the name $NAME.$REALM $IPADDRESS" $VALGR testit "The name $NAME.$REALM should not be there any longer" test X"`$net_tool ads dns gethostbyname $SERVER $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD | tr " " B | tr \! N`" != X"$IPADDRESS" || failed=`expr $failed + 1` # This should be an expect_failure test ... -# testit "unprivileged users should not be able to add a DNS entry" $VALGRIND $net_tool ads dns register funnyname2.$REALM 10.1.4.112 -U$USERNAME%$PASSWORD && failed=`expr $failed + 1` +testit "Adding an unprivileged user" $VALGRIND $net_tool user add $UNPRIVUSER $UNPRIVPASS -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1` + +LDIF="dn: CN=$UNPRIVUSER,CN=users,DC=samba,DC=example,DC=com+changetype: modify+replace: userAccountControl+userAccountControl: 512" + +echo $LDIF | tr '+' '\n' | ./bin/ldbmodify -Uadministrator%locDCpass1 -H ldap://localdc.samba.example.com -i +STATUS=$? + +testit "We should have enabled the account" test $STATUS -eq 0 || failed=`expr $failed + 1` + +#Unprivileged users should be able to add new names +testit "Unprivileged users should be able to add new names" $net_tool ads dns register $UNPRIVNAME.$REALM $UNPRIVIP -U$UNPRIVUSER%$UNPRIVPASS || failed=`expr $failed + 1` # This should work as well testit "machine account should be able to add a DNS entry net ads dns register membername.$REALM $IPADDRMAC -P " $net_tool ads dns register membername.$REALM $IPADDRMAC -P || failed=`expr $failed + 1` @@ -72,6 +86,9 @@ testit "machine account should be able to add a DNS entry net ads dns register m # and spaces from the output. Thew will screw up the comparison syntax. testit "We should be able to see the new name membername.$REALM using -P" [ X"`$VALGRIND $net_tool ads dns gethostbyname $SERVER membername.$REALM -P | tr \! N | tr " " B`" = X"$IPADDRMAC" ] || failed=`expr $failed + 1` +#Unprivileged users should not be able to overwrite other's names +testit_expect_failure "Unprivileged users should not be able modify existing names" $net_tool ads dns register membername.$REALM $UNPRIVIP -U$UNPRIVUSER%$UNPRIVPASS || failed=`expr $failed + 1` + testit "We should be able to unregister the name $NAME.$REALM $IPADDRESS" $VALGRIND $net_tool ads dns unregister $NAME.$REALM -P || failed=`expr $failed + 1` # The complicated pipeline is to ensure that we remove exclamation points -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a8c737f s3:utils/net: Add new option 'unregister' in 'net ads dns'
command.
from e0777da s4:dsdb/tests: add pwdLastSet tests
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a8c737fc93a8c4ccc5999cb52344945be750cef5
Author: Shyamsunder Rathi <shyam.ra...@nutanix.com>
Date: Sun Jun 26 16:26:53 2016 -0700
s3:utils/net: Add new option 'unregister' in 'net ads dns' command.
This new option allows DNS names to be unregistered and removes all
IP entries for a given name in the specified AD server.
Signed-off-by: Shyamsunder Rathi <shyam.ra...@nutanic.com>
Reviewed-by: Richard SHarpe <rsha...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
Autobuild-User(master): Richard Sharpe <sha...@samba.org>
Autobuild-Date(master): Mon Jun 27 20:43:26 CEST 2016 on sn-devel-144
---
Summary of changes:
source3/utils/net_ads.c | 104
source3/utils/net_dns.c | 4 +-
source3/utils/net_dns.h | 2 +-
3 files changed, 100 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 5feecc9..e6b9fdc 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -1142,7 +1142,7 @@ static NTSTATUS net_update_dns_internal(struct
net_context *c,
TALLOC_CTX *ctx, ADS_STRUCT *ads,
const char *machine_name,
const struct sockaddr_storage *addrs,
- int num_addrs)
+ int num_addrs, bool remove_host)
{
struct dns_rr_ns *nameservers = NULL;
int ns_count = 0, i;
@@ -1232,6 +1232,14 @@ static NTSTATUS net_update_dns_internal(struct
net_context *c,
flags &= ~DNS_UPDATE_UNSIGNED_SUFFICIENT;
}
+ /*
+* Do not return after PROBE completion if this function
+* is called for DNS removal.
+*/
+ if (remove_host) {
+ flags &= ~DNS_UPDATE_PROBE_SUFFICIENT;
+ }
+
status = NT_STATUS_UNSUCCESSFUL;
/* Now perform the dns update - we'll try non-secure and if we
fail,
@@ -1239,7 +1247,13 @@ static NTSTATUS net_update_dns_internal(struct
net_context *c,
fstrcpy( dns_server, nameservers[i].hostname );
- dns_err = DoDNSUpdate(dns_server, dnsdomain, machine_name,
addrs, num_addrs, flags);
+ dns_err = DoDNSUpdate(dns_server,
+ dnsdomain,
+ machine_name,
+ addrs,
+ num_addrs,
+ flags,
+ remove_host);
if (ERR_DNS_IS_OK(dns_err)) {
status = NT_STATUS_OK;
goto done;
@@ -1270,7 +1284,7 @@ static NTSTATUS net_update_dns_ext(struct net_context *c,
TALLOC_CTX *mem_ctx, ADS_STRUCT *ads,
const char *hostname,
struct sockaddr_storage *iplist,
- int num_addrs)
+ int num_addrs, bool remove_host)
{
struct sockaddr_storage *iplist_alloc = NULL;
fstring machine_name;
@@ -1285,7 +1299,11 @@ static NTSTATUS net_update_dns_ext(struct net_context *c,
return NT_STATUS_INVALID_PARAMETER;
}
- if (num_addrs == 0 || iplist == NULL) {
+ /*
+* If remove_host is true, then remove all IP addresses associated with
+* this hostname from the AD server.
+*/
+ if (!remove_host && (num_addrs == 0 || iplist == NULL)) {
/*
* Get our ip address
* (not the 127.0.0.x address but a real ip address)
@@ -1300,7 +1318,7 @@ static NTSTATUS net_update_dns_ext(struct net_context *c,
}
status = net_update_dns_internal(c, mem_ctx, ads, machine_name,
-iplist, num_addrs);
+iplist, num_addrs, remove_host);
SAFE_FREE(iplist_alloc);
return status;
@@ -1310,7 +1328,7 @@ static NTSTATUS net_update_dns(struct net_context *c,
TALLOC_CTX *mem_ctx, ADS_S
{
NTSTATUS status;
- status = net_update_dns_ext(c, mem_ctx, ads, hostname, NULL, 0);
+ status = net_update_dns_ext(c, mem_ctx, ads, hostname, NULL, 0, false);
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8813faf libutil: Support systemd 230
from becc43b krb5_wrap: Fix build error when not using heimdal.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8813faffe3ce4b598b626afea4bf90405c8129d8
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jun 22 11:13:15 2016 +0200
libutil: Support systemd 230
systemd 230 version finally deprecated
libsystemd-daemon/libsystemd-journal split and put everything in
libsystemd library.
Make sure HAVE_LIBSYSTEMD define is supported in the code (we already
have it defined by the waf).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11936
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Richard Sharpe <rsha...@samba.org>
Autobuild-User(master): Richard Sharpe <sha...@samba.org>
Autobuild-Date(master): Mon Jun 27 00:01:55 CEST 2016 on sn-devel-144
---
Summary of changes:
lib/util/debug.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/debug.c b/lib/util/debug.c
index 95b3d95..ed89944 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -102,7 +102,7 @@ static struct {
.fd = 2 /* stderr by default */
};
-#if defined(WITH_SYSLOG) || defined(HAVE_LIBSYSTEMD_JOURNAL)
+#if defined(WITH_SYSLOG) || defined(HAVE_LIBSYSTEMD_JOURNAL) ||
defined(HAVE_LIBSYSTEMD)
static int debug_level_to_priority(int level)
{
/*
@@ -183,7 +183,7 @@ static void debug_syslog_log(int msg_level,
}
#endif /* WITH_SYSLOG */
-#ifdef HAVE_LIBSYSTEMD_JOURNAL
+#if defined(HAVE_LIBSYSTEMD_JOURNAL) || defined(HAVE_LIBSYSTEMD)
#include
static void debug_systemd_log(int msg_level,
const char *msg, const char *msg_no_nl)
@@ -255,7 +255,7 @@ static struct debug_backend {
},
#endif
-#ifdef HAVE_LIBSYSTEMD_JOURNAL
+#if defined(HAVE_LIBSYSTEMD_JOURNAL) || defined(HAVE_LIBSYSTEMD)
{
.name = "systemd",
.log = debug_systemd_log,
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b95b2be A small improvement to the DEBUG message when pass-through
authentication fails with ACCESS_DENIED. Increased it to log level 1 so it will
print out and pointed to Restrict NTLM as the setting so people know what to
look for.
from 7b6d1a2 talloc: Test that talloc magic differs between processes.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b95b2be8451e7804704dc2046b6c3eb35f79220e
Author: Richard Sharpe <rsha...@samba.org>
Date: Sat Oct 10 17:58:59 2015 -0700
A small improvement to the DEBUG message when pass-through authentication
fails with ACCESS_DENIED. Increased it to log level 1 so it will print out
and pointed to Restrict NTLM as the setting so people know what to look for.
Signed-off-by: Richard Sharpe <rsha...@samba.org>
Reviewed-by: Uri Simchoni <u...@samba.org>
Autobuild-User(master): Richard Sharpe <sha...@samba.org>
Autobuild-Date(master): Sun Oct 11 06:28:05 CEST 2015 on sn-devel-104
---
Summary of changes:
source3/winbindd/winbindd_pam.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 329db62..0ea146b 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1428,8 +1428,9 @@ static NTSTATUS winbind_samlogon_retry_loop(struct
winbindd_domain *domain,
rpc changetrustpw' */
if ( NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) ) {
- DEBUG(3,("winbind_samlogon_retry_loop: sam_logon
returned "
-"ACCESS_DENIED. Maybe the trust account "
+ DEBUG(1,("winbind_samlogon_retry_loop: sam_logon
returned "
+"ACCESS_DENIED. Maybe the DC has Restrict "
+"NTLM set or the trust account "
"password was changed and we didn't know it. "
"Killing connections to domain %s\n",
domainname));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f25a5c9 Fix a few small spelling mistakes in DEBUG messages to
reduce confusion for those trying to debug stuff.
from 5709dec vfs_commit: set the fd on open before calling SMB_VFS_FSTAT
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f25a5c9e84e802bc7005d6bd400cbf784fb30fdf
Author: Richard Sharpe <rsha...@samba.org>
Date: Wed Oct 7 17:19:38 2015 -0700
Fix a few small spelling mistakes in DEBUG messages to reduce confusion
for those trying to debug stuff.
Signed-off-by: Richard Sharpe <rsha...@samba.org>
Reviewed-by: Ira Cooper <i...@samba.org>
Autobuild-User(master): Richard Sharpe <sha...@samba.org>
Autobuild-Date(master): Thu Oct 8 08:48:06 CEST 2015 on sn-devel-104
---
Summary of changes:
source3/smbd/server.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 7b2b055..ca9fb9e 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -705,7 +705,7 @@ static bool smbd_open_one_socket(struct smbd_parent_context
*parent,
ifss,
true);
if (s->fd == -1) {
- DEBUG(0,("smbd_open_once_socket: open_socket_in: "
+ DEBUG(0,("smbd_open_one_socket: open_socket_in: "
"%s\n", strerror(errno)));
TALLOC_FREE(s);
/*
@@ -723,7 +723,7 @@ static bool smbd_open_one_socket(struct smbd_parent_context
*parent,
set_blocking(s->fd, False);
if (listen(s->fd, SMBD_LISTEN_BACKLOG) == -1) {
- DEBUG(0,("open_sockets_smbd: listen: "
+ DEBUG(0,("smbd_open_one_socket: listen: "
"%s\n", strerror(errno)));
close(s->fd);
TALLOC_FREE(s);
@@ -736,7 +736,7 @@ static bool smbd_open_one_socket(struct smbd_parent_context
*parent,
smbd_accept_connection,
s);
if (!s->fde) {
- DEBUG(0,("open_sockets_smbd: "
+ DEBUG(0,("smbd_open_one_socket: "
"tevent_add_fd: %s\n",
strerror(errno)));
close(s->fd);
--
Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 5f63bda Change the link to the VFS documentation and massage the text slightly. from 86cee6d Link to the results of the Samba survey. https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 5f63bda8ebf6972f61de3072c57a93ce60bf1a33 Author: Richard Sharpe rsha...@samba.org Date: Fri May 22 19:17:29 2015 -0700 Change the link to the VFS documentation and massage the text slightly. Signed-off-by: Richard Sharpe rsha...@samba.org --- Summary of changes: devel/index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/devel/index.html b/devel/index.html index e7ac1bf..25325ee 100755 --- a/devel/index.html +++ b/devel/index.html @@ -119,7 +119,7 @@ Channel logs are available a href=http://irclog.samba.org/;here/a./p Developer's Guide/a is available in a href=/samba/docs/Samba-Developers-Guide.pdfPDF/a or a href=/samba/docs/man/Samba-Developers-Guide/HTML/a format/li - liRichard Sharpe's a href=http://www.samba.org/~sharpe/The-Samba-VFS.pdf;Writing a Samba VFS/a/li + liRichard Sharpe's documentation on a href=https://wiki.samba.org/index.php/Developer_documentation#VFS;Writing a Samba VFS/a/li lia href=http://www.snia.org/tech_activities/CIFS/;SNIA CIFS Technical Reference/a/li lia href=http://www.cb1.com/~lkcl/ntdom/;http://www.cb1.com/~lkcl/ntdom//a/li lia href=/samba/ftp/specs/Archive of SMB/CIFS Protocol Drafts/a/li -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6a56bdf Update the tevent_data.dox tutrial stuff to fix some
errors, including white space problems.
from 3b2d8bd vfs_glusterfs: Add comments to the pipe(2) code.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6a56bdf9869162e57c816c067598552bd33c2910
Author: Richard Sharpe rsha...@samba.org
Date: Fri Jan 23 21:56:19 2015 -0800
Update the tevent_data.dox tutrial stuff to fix some errors, including white
space problems.
Signed-off-by: Richard Sharpe rsha...@samba.org
Reviewed-by: Ralph Boehme r...@sernet.de
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Sat Jan 24 09:33:03 CET 2015 on sn-devel-104
---
Summary of changes:
lib/tevent/doc/tevent_data.dox | 30 +-
1 file changed, 17 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/doc/tevent_data.dox b/lib/tevent/doc/tevent_data.dox
index 4ee4ac2..dbe7a04 100644
--- a/lib/tevent/doc/tevent_data.dox
+++ b/lib/tevent/doc/tevent_data.dox
@@ -46,18 +46,19 @@ struct testA {
static void foo_done(struct tevent_req *req) {
-// a-x contains 9
-struct foo_state *a = tevent_req_data(req, struct foo_state);
+// a-x contains 10 since it came from foo_send
+struct foo_state *a = tevent_req_data(req, struct foo_state);
-// b-y contains 10
-struct testA *b = tevent_req_callback_data(req, struct testA);
+// b-y contains 9 since it came from run
+struct testA *b = tevent_req_callback_data(req, struct testA);
-// c-y contains 10
-struct testA *c = (struct testA *)tevent_req_callback_data_void(req);
+// c-y contains 9 since it came from run we just used a different way
+// of getting it.
+struct testA *c = (struct testA *)tevent_req_callback_data_void(req);
-printf(a-x: %d\n, a-x);
-printf(b-y: %d\n, b-y);
-printf(c-y: %d\n, c-y);
+printf(a-x: %d\n, a-x);
+printf(b-y: %d\n, b-y);
+printf(c-y: %d\n, c-y);
}
@@ -77,6 +78,9 @@ static void run(struct tevent_context *ev, struct
tevent_timer *te,
struct timeval current_time, void *private_data) {
struct tevent_req *req;
struct testA *tmp = talloc(ev, struct testA);
+
+// Note that we did not use the private data passed in
+
tmp-y = 9;
req = foo_send(ev, ev);
@@ -101,7 +105,7 @@ int main (int argc, char **argv) {
return EXIT_FAILURE;
data = talloc(mem_ctx, struct testA);
-data-y = 10;
+data-y = 11;
time_event = tevent_add_timer(event_ctx,
mem_ctx,
@@ -125,9 +129,9 @@ int main (int argc, char **argv) {
Output of this example is:
@code
-a-x: 9
-b-y: 10
-c-y: 10
+a-x: 10
+b-y: 9
+c-y: 9
@endcode
*/
--
Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch master updated
On Wed, Feb 19, 2014 at 5:13 PM, Jeremy Allison j...@samba.org wrote:
On Wed, Feb 19, 2014 at 08:20:04PM +0100, Andreas Schneider wrote:
The branch, master has been updated
Andreas and David,
via b8844fc clitar.c: check all allocations return value
I *HATE* *HATE* *HATE* the idiom used here.
Calling smb_panic on an allocation fail in the
new tar code is manifestly the *WRONG* thing to
do.
+/* helper macro to die in case of NULL pointer */
+#define PANIC_IF_NULL(x) \
+_panic_if_null(x, __FILE__ : STR2(__LINE__) ( #x ) == NULL\n)
+
+/* prototype to silent gcc warning */
+static inline void* _panic_if_null(void *p, const char *expr);
+static inline void* _panic_if_null(void *p, const char *expr)
+{
+if (!p) {
+smb_panic(expr);
+}
+return p;
+}
+
Then later..
+TALLOC_CTX *ctx = PANIC_IF_NULL(talloc_new(NULL));
and:
+fname = PANIC_IF_NULL(talloc_asprintf(ctx,
+ %s%s,
+ client_get_cur_dir(),
+ buf));
if (!fname) {
err = 1;
goto out;
The above even left the (correct) handling of
the NULL return alone !
Remember on common setups this will call a
panic action script which will leave the
client hanging on a sleep 999 call and
leave the caller with a hung command and no
indication of what failed.
Can you fix this please to do proper error
checking of a NULL return and to bail out
of the tar command with a correct error indication
that the command failed ?
This really needs fixing properly before this code
can go anywhere near a production branch.
Personally, I would like to lobby for an extra parameter to smb_panic,
called dump_core or something.
Here is a situation where we don't need to dump core:
source3/smbd/server.c#6 (text)
@@ -640,6 +640,18 @@
because too many files are open\n));
goto exit;
}
+
+ /*
+* If we get NT_STATUS_OPEN_FAILED, there was
a problem with
+* re-initing the TDBs, so complain, but do
not dump core
+* as this can exacerbate the problems.
+*/
+ if (NT_STATUS_EQUAL(status, NT_STATUS_OPEN_FAILED)) {
+ DEBUG(0, (FATAL: child process cannot
initialize
+ because one or more TDBs
could not be reopened\n));
+ goto exit;
+ }
+
if (lp_clustering()
NT_STATUS_EQUAL(status,
NT_STATUS_INTERNAL_DB_ERROR)) {
This happens after reinit_after_fork ...
When it happens because tdb_reopen_all failed, we should probably not
dump core, especially as that only exacerbates existing problems and
the core file tells us absolutely nothing new (the error in
tdb_reopen_all is long gone.)
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 852c9ac There are tests all over the SMB1 code to check that srv_send_smb fails, but it never returns false. from 859182d dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 852c9ac34dbef66d0b2619554c611157c2fab771 Author: Richard Sharpe realrichardsha...@gmail.com Date: Mon Jul 22 16:04:43 2013 -0700 There are tests all over the SMB1 code to check that srv_send_smb fails, but it never returns false. Even if the write to the socket/fd fails, we never return false and will keep reading stuff off of the input buffer until it is exhausted and then we will exit. Signed-off-by: Richard Sharpe rsha...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Richard Sharpe sha...@samba.org Autobuild-Date(master): Sat Aug 3 17:41:22 CEST 2013 on sn-devel-104 --- Summary of changes: source3/smbd/process.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 5ef0fd3..3fbfc37 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -194,7 +194,7 @@ out: SMB_PERFCOUNT_END(pcd); smbd_unlock_socket(sconn); - return true; + return (ret 0); } /*** -- Samba Shared Repository
Re: [Samba] Samba 4 Slow Performance
On Sat, Jul 27, 2013 at 8:20 AM, Kinglok, Fong busywa...@gmail.com wrote: Dear all, After using samba 3 for two years, I have just spent totally one week finishing setting up a samba 4 file system in my working school. There are about 200 computers, 80+ staff, 1000 students and 10 printers. The AD was properly setup, mandatory profile and one GPO policy (which is printer download trust) is effective for all users. Logon script is for mapping four shares and 10 printers from the file server. Also, I have setup two additional DCs (with AD replication and DHCP server) for two other subnets in the hope to speed up the logon process. Hmmm, some further info might be useful. Is the Samba server an AD DC or a simple member server? Do you know (perhaps from a capture) whether the excess logon time is mostly caused by the initial authentication or by trying to retrieve the GPO and/or roaming profiles? Do you know whether or not Kerberos is being used or if the client is falling back to NTLM? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 30a2243 build: Update md5.h detection in waf and autoconf to use
sys/md5.h and -lmd
via 27df444 Make sure that if an smbd is exiting because of an error we
let the user know.
from f80d56a s4-torture: No need to disable rpc.spoolss.win test when
compiled with MIT kerberos.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 30a224367595f9e2506e41053fc9c7cb96a90928
Author: Andrew Bartlett abart...@samba.org
Date: Wed May 22 00:14:19 2013 +1000
build: Update md5.h detection in waf and autoconf to use sys/md5.h and -lmd
This brings the two build systems in sync, without using md5.h (which is a
problem name)
Tested on FreeBSD
Andrew Bartlett
Reviewed-by: Richard Sharpe rsha...@samba.org
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Wed May 22 10:06:40 CEST 2013 on sn-devel-104
commit 27df444d0b92a8acb4d830b3b62f04835b57f0e8
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Sat May 11 09:47:23 2013 -0700
Make sure that if an smbd is exiting because of an error we let the user
know.
Signed-off-by: Richard Sharpe realrichardsha...@gmail.com
---
Summary of changes:
lib/crypto/md5.h | 16 +---
lib/crypto/wscript_build |4
lib/crypto/wscript_configure |8 ++--
source3/configure.in |4 ++--
source3/smbd/smb2_server.c |2 +-
5 files changed, 22 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/crypto/md5.h b/lib/crypto/md5.h
index 388cdf8..edae27f 100644
--- a/lib/crypto/md5.h
+++ b/lib/crypto/md5.h
@@ -6,12 +6,16 @@
#define HEADER_MD5_H
#endif
-#ifdef HAVE_BSD_MD5_H
-/* Try to avoid clashes with BSD MD5 implementation */
+#if defined(HAVE_BSD_MD5_H)
+/* Try to avoid clashes with BSD MD5 implementation (on linux) */
#include bsd/md5.h
-#else
+
+#elif defined(HAVE_SYS_MD5_H)
+/* Try to avoid clashes with BSD MD5 implementation (on BSD) */
+#include sys/md5.h
+
/* Try to use CommonCrypto on Mac as otherwise we can get MD5Final twice */
-#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+#elif defined(HAVE_COMMONCRYPTO_COMMONDIGEST_H)
#include CommonCrypto/CommonDigest.h
#define MD5Init(c) CC_MD5_Init(c)
@@ -32,8 +36,6 @@ void MD5Init(MD5_CTX *context);
void MD5Update(MD5_CTX *context, const uint8_t *buf,
size_t len);
void MD5Final(uint8_t digest[MD5_DIGEST_LENGTH], MD5_CTX *context);
-#endif /* HAVE_COMMONCRYPTO_COMMONDIGEST_H */
-
-#endif /* HAVE_BSD_MD5_H */
+#endif /* HAVE_*MD5_H */
#endif /* !MD5_H */
diff --git a/lib/crypto/wscript_build b/lib/crypto/wscript_build
index cd7a466..e056f65 100644
--- a/lib/crypto/wscript_build
+++ b/lib/crypto/wscript_build
@@ -4,6 +4,10 @@ extra_source = ''
extra_deps = ''
if bld.CONFIG_SET('HAVE_BSD_MD5_H'):
extra_deps += ' bsd'
+elif bld.CONFIG_SET('HAVE_SYS_MD5_H') and bld.CONFIG_SET('HAVE_LIBMD5'):
+ extra_deps += ' md5'
+elif bld.CONFIG_SET('HAVE_SYS_MD5_H') and bld.CONFIG_SET('HAVE_LIBMD'):
+ extra_deps += ' md'
elif not bld.CONFIG_SET('HAVE_COMMONCRYPTO_COMMONDIGEST_H'):
extra_source += ' md5.c'
diff --git a/lib/crypto/wscript_configure b/lib/crypto/wscript_configure
index 5fc00fb..21ec566 100644
--- a/lib/crypto/wscript_configure
+++ b/lib/crypto/wscript_configure
@@ -1,4 +1,8 @@
-conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
-checklibc=True)
+if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
+checklibc=True):
+conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
+checklibc=True)
+conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h',
+checklibc=True)
conf.CHECK_FUNCS_IN('CC_MD5_Init', '', headers='CommonCrypto/CommonDigest.h',
checklibc=True)
diff --git a/source3/configure.in b/source3/configure.in
index 822c5f4..0e2f126 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -620,11 +620,11 @@ if test x$samba_cv_md5lib = xnone ; then
fi
if test x$samba_cv_md5lib != xnone ; then
- AC_CHECK_HEADERS(md5.h)
+ AC_CHECK_HEADERS(sys/md5.h)
fi
CRYPTO_MD5_OBJ=../lib/crypto/md5.o
-if test x$ac_cv_header_md5_h = xyes -a \
+if test x$ac_cv_header_sys_md5_h = xyes -a \
x$samba_cv_md5lib != xnone ; then
if test x$samba_cv_md5lib != x ; then
LIBS=${LIBS} -l${samba_cv_md5lib}
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index b031c6d..73df368 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -997,7 +997,7 @@ void smbd_server_connection_terminate_ex(struct
smbd_server_connection *sconn,
const char *reason
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bea2af9 Revert my accidental commit.
from 9ddfd7d lib/replace: Set BROKEN_STRNLEN and BROKEN_STRNDUP on all
AIX
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bea2af9369d596d513ae3909f9c6a1f356f7c827
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Wed May 22 20:05:17 2013 -0700
Revert my accidental commit.
Signed-off-by: Richard Sharpe rsha...@samba.org
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Thu May 23 06:53:17 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/smbd/smb2_server.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 73df368..b031c6d 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -997,7 +997,7 @@ void smbd_server_connection_terminate_ex(struct
smbd_server_connection *sconn,
const char *reason,
const char *location)
{
- DEBUG(0,(smbd_server_connection_terminate_ex: reason[%s] at %s\n,
+ DEBUG(10,(smbd_server_connection_terminate_ex: reason[%s] at %s\n,
reason, location));
exit_server_cleanly(reason);
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 76bffc2 Tests processing an oplock break within a compound SMB2
request.
via cbff488 Remove the compound_related_in_progress state from the smb2
global state.
via 10cbcfd The core of the fix to allow opens to go async inside a
compound request.
via 1102e73 Move a variable into the area of code where it's used.
via a026fc6 Ensure we don't try and cancel anything that is in a
compound-related request.
via 4111fcf Only do the 1 second delay for sharing violations for SMB1,
not SMB2.
from 637887c Makefile: Fix bug 9868 - Don't know how to make
LIBNDR_PREG_OBJ.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 76bffc27a3f9ad6ac6b8ff8e21f801012835b73d
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Thu May 2 14:36:05 2013 -0700
Tests processing an oplock break within a compound SMB2 request.
Signed-off-by: Richard Sharpe realrichardsha...@gmail.com
Reviewed-by: Jeremy Allison j...@samba.org
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Tue May 7 19:45:36 CEST 2013 on sn-devel-104
commit cbff4885508e050bcb91c0faccb26941de5c1e1d
Author: Jeremy Allison j...@samba.org
Date: Thu May 2 14:16:22 2013 -0700
Remove the compound_related_in_progress state from the smb2 global state.
And also remove the restriction that we can't read a new
request whilst we're in this state.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@samba.org
commit 10cbcfd167a4d7b1a22f9b42b684a66e424cbede
Author: Jeremy Allison j...@samba.org
Date: Thu May 2 13:55:53 2013 -0700
The core of the fix to allow opens to go async inside a compound request.
This is only allowed for opens that cause an oplock break, otherwise it
is not allowed. See [MS-SMB2].pdf note 194 on Section 3.3.5.2.7.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
commit 1102e73832f78ca5decc928d6c3649d4fe68eab7
Author: Jeremy Allison j...@samba.org
Date: Thu May 2 13:08:16 2013 -0700
Move a variable into the area of code where it's used.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
commit a026fc6b699719309a27d4646d06fe1a45b0d158
Author: Jeremy Allison j...@samba.org
Date: Thu May 2 12:34:54 2013 -0700
Ensure we don't try and cancel anything that is in a compound-related
request.
Too hard to deal with splitting off the replies.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
commit 4111fcfd4f570d39d46a0d414546ca62c7b609be
Author: Jeremy Allison j...@samba.org
Date: Thu May 2 11:12:47 2013 -0700
Only do the 1 second delay for sharing violations for SMB1, not SMB2.
Match Windows behavior.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
---
Summary of changes:
selftest/knownfail |1 +
source3/smbd/globals.h |1 -
source3/smbd/open.c |3 +-
source3/smbd/smb2_server.c | 115 +++-
source4/torture/smb2/compound.c | 163 +++
5 files changed, 227 insertions(+), 56 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index 0c96eee..cb7630f 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -107,6 +107,7 @@
^samba4.smb2.rename.no_share_delete_no_delete_access\(.*\)$
^samba4.smb2.rename.msword
^samba4.smb2.compound.related3
+^samba4.smb2.compound.compound-break
^samba4.winbind.struct.*.show_sequence # Not yet working in winbind
^samba4.*base.delaywrite.*update of write time and SMBwrite truncate\(.*\)$
^samba4.*base.delaywrite.*update of write time and SMBwrite truncate
expand\(.*\)$
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 46baeed..d618aea 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -794,7 +794,6 @@ struct smbd_server_connection {
uint32_t max_trans;
uint32_t max_read;
uint32_t max_write;
- bool compound_related_in_progress;
} smb2;
struct smbXsrv_connection *conn;
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 7d02e52..53f8b8e 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2526,10 +2526,11 @@ static NTSTATUS open_file_ntcreate(connection_struct
*conn,
/*
* If we're returning a share violation, ensure we
-* cope with the braindead 1 second delay.
+* cope
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via fa5898b Remove a bunch of unused variable _relative_save_offset
warnings.
from 76bffc2 Tests processing an oplock break within a compound SMB2
request.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit fa5898b6de797431d5ae9d2ce6dcddcb35a60b66
Author: Jeremy Allison j...@samba.org
Date: Tue May 7 17:07:10 2013 -0700
Remove a bunch of unused variable _relative_save_offset warnings.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Wed May 8 07:47:45 CEST 2013 on sn-devel-104
---
Summary of changes:
pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm |6 --
1 files changed, 4 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
index 5ffb678..ed86571 100644
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
@@ -1157,8 +1157,10 @@ sub ParseElementPullLevel
$self-indent;
if ($l-{POINTER_TYPE} eq relative or
$l-{POINTER_TYPE} eq relative_short) {
- $self-pidl(uint32_t _relative_save_offset;);
- $self-pidl(_relative_save_offset =
$ndr-offset;);
+ if ($l-{POINTER_TYPE} eq relative) {
+ $self-pidl(uint32_t
_relative_save_offset;);
+ $self-pidl(_relative_save_offset =
$ndr-offset;);
+ }
$self-pidl(NDR_CHECK(ndr_pull_relative_ptr2($ndr, $var_name)););
}
}
--
Samba Shared Repository
Re: [Samba] determining Samba version
On Thu, Apr 4, 2013 at 10:33 AM, Chris Smith smb...@chrissmith.org wrote: Is there a way to determine (or at least get close) what version of Samba an embedded client may be running (or based on) via packet sniffing (tcpdump, wireshark)? If they have not changed the version string to obscure the version, then the following will work: cc1# smbclient //some-node/some-share -U[some-dom/]some-user%some-password Failed to load upcase.dat, will use lame ASCII-only case sensitivity rules Failed to load lowcase.dat, will use lame ASCII-only case sensitivity rules Domain=[some-dom] OS=[Unix] Server=[Samba 3.6.12] You can also look at the Session Setup X Responses for SMB1 only and will see something like: Samba 3.6.6 in something like the Native Lanmanager Version field. However, if the version of Samba supports SMB2, you will have to force the connection to SMB1. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] determining Samba version
On Thu, Apr 4, 2013 at 11:21 AM, Chris Smith smb...@chrissmith.org wrote: On Thu, Apr 4, 2013 at 2:00 PM, Richard Sharpe realrichardsha...@gmail.com wrote: If they have not changed the version string to obscure the version, then the following will work: cc1# smbclient //some-node/some-share -U[some-dom/]some-user%some-password Failed to load upcase.dat, will use lame ASCII-only case sensitivity rules Failed to load lowcase.dat, will use lame ASCII-only case sensitivity rules Domain=[some-dom] OS=[Unix] Server=[Samba 3.6.12] It's not a server, just a client, so I cannot connect to it as such. You can also look at the Session Setup X Responses for SMB1 only and will see something like: Samba 3.6.6 in something like the Native Lanmanager Version field. That gives something: == Native OS: Linux version 2.6.35 Native LAN Manager: CIFS VFS Client for Linux == Doesn't seem to be any detail about what CIFS version they're using. Check Linux 2.6.35. It will be the CIFS FS in that version, which I believe was SMB1 based. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b7765fe torture: Only test leases if supported
via 27e9115 torture: Use ZERO_STRUCTPN instead of explicit deref
from 5185460 Check for WRITE_ACCESS on the file before overriding an
EACCESS.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b7765fe63fa04e09ac67285d0e17e37b06bcff8b
Author: Volker Lendecke v...@samba.org
Date: Wed Apr 17 13:41:54 2013 +0200
torture: Only test leases if supported
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Sat Apr 27 18:09:37 CEST 2013 on sn-devel-104
commit 27e9115eb01f02d5d07d2cf35887f99ff8d823b8
Author: Volker Lendecke v...@samba.org
Date: Wed Apr 17 12:34:14 2013 +0200
torture: Use ZERO_STRUCTPN instead of explicit deref
Signed-off-by: Volker Lendecke v...@samba.org
---
Summary of changes:
source4/torture/smb2/lease.c | 37 +
source4/torture/smb2/util.c |2 +-
2 files changed, 38 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/lease.c b/source4/torture/smb2/lease.c
index 21d4679..992c21b 100644
--- a/source4/torture/smb2/lease.c
+++ b/source4/torture/smb2/lease.c
@@ -25,6 +25,7 @@
#include libcli/smb2/smb2_calls.h
#include torture/torture.h
#include torture/smb2/proto.h
+#include libcli/smb/smbXcli_base.h
#define CHECK_VAL(v, correct) do { \
if ((v) != (correct)) { \
@@ -117,6 +118,12 @@ static bool test_lease_request(struct torture_context
*tctx,
const char *dname = lease.dir;
bool ret = true;
int i;
+ uint32_t caps;
+
+ caps = smb2cli_conn_server_capabilities(tree-session-transport-conn);
+ if (!(caps SMB2_CAP_LEASING)) {
+ torture_skip(tctx, leases are not supported);
+ }
smb2_util_unlink(tree, fname);
smb2_util_unlink(tree, fname2);
@@ -193,6 +200,12 @@ static bool test_lease_upgrade(struct torture_context
*tctx,
NTSTATUS status;
const char *fname = lease.dat;
bool ret = true;
+ uint32_t caps;
+
+ caps = smb2cli_conn_server_capabilities(tree-session-transport-conn);
+ if (!(caps SMB2_CAP_LEASING)) {
+ torture_skip(tctx, leases are not supported);
+ }
smb2_util_unlink(tree, fname);
@@ -301,6 +314,12 @@ static bool test_lease_upgrade2(struct torture_context
*tctx,
const char *fname = lease.dat;
bool ret = true;
int i;
+ uint32_t caps;
+
+ caps = smb2cli_conn_server_capabilities(tree-session-transport-conn);
+ if (!(caps SMB2_CAP_LEASING)) {
+ torture_skip(tctx, leases are not supported);
+ }
for (i = 0; i NUM_UPGRADE_TESTS; i++) {
struct lease_upgrade2_test t = lease_upgrade2_tests[i];
@@ -515,6 +534,12 @@ static bool test_lease_break(struct torture_context *tctx,
const char *fname = lease.dat;
bool ret = true;
int i;
+ uint32_t caps;
+
+ caps = smb2cli_conn_server_capabilities(tree-session-transport-conn);
+ if (!(caps SMB2_CAP_LEASING)) {
+ torture_skip(tctx, leases are not supported);
+ }
tree-session-transport-lease.handler = torture_lease_handler;
tree-session-transport-lease.private_data = tree;
@@ -677,6 +702,12 @@ static bool test_lease_oplock(struct torture_context *tctx,
const char *fname = lease.dat;
bool ret = true;
int i;
+ uint32_t caps;
+
+ caps = smb2cli_conn_server_capabilities(tree-session-transport-conn);
+ if (!(caps SMB2_CAP_LEASING)) {
+ torture_skip(tctx, leases are not supported);
+ }
tree-session-transport-lease.handler = torture_lease_handler;
tree-session-transport-lease.private_data = tree;
@@ -796,6 +827,12 @@ static bool test_lease_multibreak(struct torture_context
*tctx,
NTSTATUS status;
const char *fname = lease.dat;
bool ret = true;
+ uint32_t caps;
+
+ caps = smb2cli_conn_server_capabilities(tree-session-transport-conn);
+ if (!(caps SMB2_CAP_LEASING)) {
+ torture_skip(tctx, leases are not supported);
+ }
tree-session-transport-lease.handler = torture_lease_handler;
tree-session-transport-lease.private_data = tree;
diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c
index 59748b7..cb9a527 100644
--- a/source4/torture/smb2/util.c
+++ b/source4/torture/smb2/util.c
@@ -692,7 +692,7 @@ void smb2_generic_create_share(struct smb2_create *io,
struct smb2_lease *ls,
}
if (ls) {
- ZERO_STRUCT(*ls
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 0f9eb25 smbd: Fix an error return in change_dir_owner_to_parent
from f67ae78 samba-tool - MX records cannot be deleted (part2)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 0f9eb25183e6ed5a2f4ec8e385bc5f985f2087e5
Author: Volker Lendecke v...@samba.org
Date: Mon Apr 15 11:15:23 2013 +0200
smbd: Fix an error return in change_dir_owner_to_parent
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Mon Apr 15 18:05:06 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/smbd/open.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index be8d31b..1086e80 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -493,7 +493,7 @@ NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
status = create_synthetic_smb_fname(ctx, ., NULL, NULL,
smb_fname_cwd);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto chdir;
}
ret = SMB_VFS_STAT(conn, smb_fname_cwd);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f61ee72 pylibsmb: Avoid a segfault if no credentials are passed to
libsmb.Conn()
from 045c446 BUG 9766: Cache name_to_sid/sid_to_name correctly.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f61ee7238b8430572fb266521dad3ee000d1f252
Author: Volker Lendecke v...@samba.org
Date: Tue Apr 9 14:29:11 2013 +0200
pylibsmb: Avoid a segfault if no credentials are passed to libsmb.Conn()
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Tue Apr 9 18:30:06 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/libsmb/pylibsmb.c | 10 +-
1 files changed, 5 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/pylibsmb.c b/source3/libsmb/pylibsmb.c
index 4fd5921..2b253f9 100644
--- a/source3/libsmb/pylibsmb.c
+++ b/source3/libsmb/pylibsmb.c
@@ -406,7 +406,7 @@ static int py_cli_state_init(struct py_cli_state *self,
PyObject *args,
{
NTSTATUS status;
char *host, *share;
- PyObject *creds;
+ PyObject *creds = NULL;
struct cli_credentials *cli_creds;
bool ret;
@@ -434,10 +434,10 @@ static int py_cli_state_init(struct py_cli_state *self,
PyObject *args,
return -1;
}
- cli_creds = cli_credentials_from_py_object(creds);
- if (cli_creds == NULL) {
- PyErr_SetString(PyExc_TypeError, Expected credentials);
- return -1;
+ if (creds == NULL) {
+ cli_creds = cli_credentials_init_anon(NULL);
+ } else {
+ cli_creds = PyCredentials_AsCliCredentials(creds);
}
status = cli_full_connection(
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5530cc4 Fix bad SMB2 opcode reading in server.
from 7fd926f Make sure that we only propogate the INHERITED flag when we
are allowed to.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5530cc4816534d64d50403c266616633db8202cc
Author: Jeremy Allison j...@samba.org
Date: Mon Apr 1 20:11:26 2013 -0700
Fix bad SMB2 opcode reading in server.
SMB2 opcodes are 16-bit values. We should *never*
be reading them with IVAL(inhdr, SMB2_HDR_OPCODE),
it should always be SVAL(inhdr, SMB2_HDR_OPCODE).
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Tue Apr 2 07:28:48 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/smbd/smb2_server.c | 10 +-
1 files changed, 5 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index f486236..eb7059e 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -632,7 +632,7 @@ static bool smb2_validate_message_id(struct
smbd_server_connection *sconn,
const uint8_t *inhdr)
{
uint64_t message_id = BVAL(inhdr, SMB2_HDR_MESSAGE_ID);
- uint16_t opcode = IVAL(inhdr, SMB2_HDR_OPCODE);
+ uint16_t opcode = SVAL(inhdr, SMB2_HDR_OPCODE);
uint16_t credit_charge = 1;
uint64_t i;
@@ -1416,7 +1416,7 @@ static void smbd_smb2_request_pending_timer(struct
tevent_context *ev,
DEBUG(10,(smbd_smb2_request_pending_queue: opcode[%s] mid %llu
going async\n,
- smb2_opcode_name((uint16_t)IVAL(inhdr, SMB2_HDR_OPCODE)),
+ smb2_opcode_name(SVAL(inhdr, SMB2_HDR_OPCODE)),
(unsigned long long)async_id ));
/*
@@ -1621,7 +1621,7 @@ static NTSTATUS smbd_smb2_request_process_cancel(struct
smbd_smb2_request *req)
inhdr = SMBD_SMB2_IN_HDR_PTR(cur);
DEBUG(10,(smbd_smb2_request_process_cancel: attempting to
cancel opcode[%s] mid %llu\n,
- smb2_opcode_name((uint16_t)IVAL(inhdr,
SMB2_HDR_OPCODE)),
+ smb2_opcode_name(SVAL(inhdr, SMB2_HDR_OPCODE)),
(unsigned long long)found_id ));
tevent_req_cancel(cur-subreq);
}
@@ -1699,7 +1699,7 @@ static NTSTATUS smbd_smb2_request_check_session(struct
smbd_smb2_request *req)
inhdr = SMBD_SMB2_IN_HDR_PTR(req);
in_flags = IVAL(inhdr, SMB2_HDR_FLAGS);
- in_opcode = IVAL(inhdr, SMB2_HDR_OPCODE);
+ in_opcode = SVAL(inhdr, SMB2_HDR_OPCODE);
in_session_id = BVAL(inhdr, SMB2_HDR_SESSION_ID);
if (in_flags SMB2_HDR_FLAG_CHAINED) {
@@ -1870,7 +1870,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct
smbd_smb2_request *req)
/* TODO: verify more things */
flags = IVAL(inhdr, SMB2_HDR_FLAGS);
- opcode = IVAL(inhdr, SMB2_HDR_OPCODE);
+ opcode = SVAL(inhdr, SMB2_HDR_OPCODE);
mid = BVAL(inhdr, SMB2_HDR_MESSAGE_ID);
DEBUG(10,(smbd_smb2_request_dispatch: opcode[%s] mid = %llu\n,
smb2_opcode_name(opcode),
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 41edcf8 vfs_catia: testcase - add missing pieces
via 3966473 vfs_catia: testcase - implement vfstest additions
via e10c815 vfs_catia: write a testcase - add a translate command to
vfstest
via b40c4b0 vfstest: fix the -c multiple-command option
from 389197e scripting: No longer install samba_upgradeprovision
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 41edcf849a592d0d358621fdffbab82befa76e02
Author: Guenter Kukkukk ku...@samba.org
Date: Tue Mar 12 01:44:59 2013 +0100
vfs_catia: testcase - add missing pieces
Signed-off-by: Guenter Kukkukk ku...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@samba.org
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Tue Mar 12 07:36:13 CET 2013 on sn-devel-104
commit 396647340f233e30277d6d6081465b7b6d855181
Author: Guenter Kukkukk ku...@samba.org
Date: Mon Mar 11 05:34:27 2013 +0100
vfs_catia: testcase - implement vfstest additions
Signed-off-by: Guenter Kukkukk ku...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
commit e10c81553b1691ae1b7c260719d724beed61bb48
Author: Guenter Kukkukk ku...@samba.org
Date: Sun Mar 10 05:43:24 2013 +0100
vfs_catia: write a testcase - add a translate command to vfstest
first approach
Signed-off-by: Guenter Kukkukk ku...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
commit b40c4b069a600af86c1f20ee09cbf5052c1552bf
Author: Guenter Kukkukk ku...@samba.org
Date: Tue Mar 12 04:51:03 2013 +0100
vfstest: fix the -c multiple-command option
Signed-off-by: Guenter Kukkukk ku...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
---
Summary of changes:
source3/script/tests/vfstest-catia/run.sh | 102 +++
source3/script/tests/vfstest-catia/vfstest.cmd |2 +
source3/script/tests/vfstest-catia/vfstest1.cmd |2 +
source3/selftest/tests.py |1 +
source3/torture/cmd_vfs.c | 75 +
source3/torture/vfstest.c |7 ++-
6 files changed, 188 insertions(+), 1 deletions(-)
create mode 100755 source3/script/tests/vfstest-catia/run.sh
create mode 100644 source3/script/tests/vfstest-catia/vfstest.cmd
create mode 100644 source3/script/tests/vfstest-catia/vfstest1.cmd
Changeset truncated at 500 lines:
diff --git a/source3/script/tests/vfstest-catia/run.sh
b/source3/script/tests/vfstest-catia/run.sh
new file mode 100755
index 000..c345f11
--- /dev/null
+++ b/source3/script/tests/vfstest-catia/run.sh
@@ -0,0 +1,102 @@
+#!/bin/sh
+if [ $# -lt 2 ]; then
+cat EOF
+Usage: run.sh VFSTEST PREFIX
+EOF
+exit 1;
+fi
+
+TESTBASE=`dirname $0`
+VFSTEST=$1
+PREFIX=$2
+shift 2
+ADDARGS=$*
+
+VFSTEST_PREFIX=vfstest
+VFSTEST_TMPDIR=$(mktemp -d ${PREFIX}/${VFSTEST_PREFIX}_XX)
+
+# We could pass in the --option=... via tests.py as ADDARGS
+# Atm i've choosen to specify them here:
+
+MYARGS1=--option=vfsobjects=catia
+MYARGS2=--option=catia:mappings=0x22:0xa8,0x2a:0xa4,0x2f:0xf8,0x3a:0xf7,0x3c:0xab,0x3e:0xbb,0x3f:0xbf,0x5c:0xff,0x7c:0xa6,0x20:0xb1
+
+# vars for the translation test:
+# a) here for unix-to-windows test
+UNIX_FILE=a\\a:a*a?aaa|a
+# translated window file name
+WIN_FILE=aÿa÷a¤a¿a«a»a¦a
+
+# b) here for windows-to-unix test
+WIN_DIR=dir_aÿa÷a¤a¿a«a»a¦a
+# translated unix directory name
+UNIX_DIR=dir_a\a:a*a?aaa|a
+
+incdir=`dirname $0`/../../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+failed=0
+
+cd $VFSTEST_TMPDIR || exit 1
+
+# create unix file in tmpdir
+touch $UNIX_FILE || exit 1
+
+# test translate unix-to-windows
+test_vfstest()
+{
+cmd='$VFSTEST -f $TESTBASE/vfstest.cmd $MYARGS1 $MYARGS2 $ADDARGS '
+out=`eval $cmd`
+ret=$?
+
+if [ $ret != 0 ] ; then
+ echo $out
+ echo command failed
+ false
+ return
+fi
+
+echo $out | grep $WIN_FILE /dev/null 21
+
+if [ $? = 0 ] ; then
+ echo ALL IS WORKING
+ true
+else
+ false
+fi
+}
+
+# test the mkdir call with special windows chars
+# and then check the created unix directory name
+test_vfstest_dir()
+{
+cmd='$VFSTEST -f $TESTBASE/vfstest1.cmd $MYARGS1 $MYARGS2 $ADDARGS '
+out=`eval $cmd`
+ret=$?
+
+if [ $ret != 0 ] ; then
+ echo $out
+ echo command failed
+ false
+ return
+fi
+
+NUM=`find $UNIX_DIR | wc -l`
+if [ $NUM -ne 1 ] ; then
+ echo Cannot find $UNIX_DIR
+ false
+else
+ true
+fi
+}
+
+testit vfstest_catia test_vfstest || failed=`expr $failed + 1`
+
+if [ $failed = 0 ] ; then
+testit vfstest1_catia test_vfstest_dir || failed=`expr $failed + 1`
+fi
+
+# Cleanup: remove tempdir
+rm -R
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 11d1286 Correct the name of the nss_winbind module for FreeBSD by
creating a symlink from the FreeBSD required name to the built module.
from 5372571 s3:idmap: fix a debug message and lower its level
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 11d128632357c9ae89d67aaf23c429fae83a1b29
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Thu Mar 7 17:36:37 2013 -0800
Correct the name of the nss_winbind module for FreeBSD by creating a symlink
from the FreeBSD required name to the built module.
Signed-off-by: Timur Bakeyev ti...@freebsd.org
Reviewed-by: Andrew Bartlett abartl...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Fri Mar 8 05:04:04 CET 2013 on sn-devel-104
---
Summary of changes:
nsswitch/wscript_build |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/wscript_build b/nsswitch/wscript_build
index 1efee55..a7d6489 100644
--- a/nsswitch/wscript_build
+++ b/nsswitch/wscript_build
@@ -42,7 +42,7 @@ elif (host_os.rfind('freebsd') -1):
bld.SAMBA_LIBRARY('nss_winbind',
source='winbind_nss_linux.c winbind_nss_freebsd.c',
deps='winbind-client',
- realname='libnss_winbind.so.1',
+ realname='nss_winbind.so.1',
vnum='1')
elif (host_os.rfind('netbsd') -1):
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a64a617 Add a herald with version string to smbtorture from fa3924f Fix bug 9519 - Samba returns unexpected error on SMB posix open. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a64a617e103983e2423cca2e8e09009d2e571b2b Author: Richard Sharpe realrichardsha...@gmail.com Date: Wed Feb 6 13:02:13 2013 -0800 Add a herald with version string to smbtorture Signed-off-by: Richard Sharpe realrichardsha...@gmail.com Reviewed-by: Andreas Schneider a...@samba.org Autobuild-User(master): Richard Sharpe sha...@samba.org Autobuild-Date(master): Wed Feb 13 08:03:21 CET 2013 on sn-devel-104 --- Summary of changes: source4/torture/smbtorture.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/smbtorture.c b/source4/torture/smbtorture.c index 95f0719..1a1fa34 100644 --- a/source4/torture/smbtorture.c +++ b/source4/torture/smbtorture.c @@ -420,6 +420,8 @@ int main(int argc,char *argv[]) setlinebuf(stdout); + printf(smbtorture %s\n, samba_version_string()); + /* we are never interested in SIGPIPE */ BlockSignals(true, SIGPIPE); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via dc929ca tevent: Fix a comment typo
from 48d954b Fix the compound tests to correctly pass against Windows
when run with --signing=required.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit dc929ca57fb1b23d74d898cfb76737601656961f
Author: Volker Lendecke v...@samba.org
Date: Thu Jan 31 15:46:43 2013 +0100
tevent: Fix a comment typo
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Ira Cooper i...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Thu Jan 31 17:52:39 CET 2013 on sn-devel-104
---
Summary of changes:
lib/tevent/tevent_poll.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/tevent_poll.c b/lib/tevent/tevent_poll.c
index da8cc01..44e108f 100644
--- a/lib/tevent/tevent_poll.c
+++ b/lib/tevent/tevent_poll.c
@@ -56,7 +56,7 @@ struct poll_event_context {
};
/*
- create a select_event_context structure.
+ create a poll_event_context structure.
*/
static int poll_event_context_init(struct tevent_context *ev)
{
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 48d954b Fix the compound tests to correctly pass against Windows
when run with --signing=required.
via 1624d83 Add new function smbXcli_session_copy(), to be used when
creating compound SMB2 requests.
from 7b0b1d6 smbd: Fix a typo
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 48d954b90e6aa14721d236180df959a038416672
Author: Jeremy Allison j...@samba.org
Date: Mon Jan 28 16:52:11 2013 -0800
Fix the compound tests to correctly pass against Windows when run with
--signing=required.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.org
Autobuild-User(master): Richard Sharpe sha...@samba.org
Autobuild-Date(master): Thu Jan 31 03:53:55 CET 2013 on sn-devel-104
commit 1624d83fdeb675ee4032f5d3cabcf86d5b05a3cb
Author: Jeremy Allison j...@samba.org
Date: Mon Jan 28 16:51:25 2013 -0800
Add new function smbXcli_session_copy(), to be used when creating compound
SMB2 requests.
Copies the signing state needed to make client compound requests work
on signed connections.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Richard Sharpe realrichardsha...@gmail.com
---
Summary of changes:
libcli/smb/smbXcli_base.c | 27 +++
libcli/smb/smbXcli_base.h |2 ++
source4/torture/smb2/compound.c | 12 ++--
3 files changed, 35 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index c547515..421e884 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4482,6 +4482,33 @@ struct smbXcli_session
*smbXcli_session_create(TALLOC_CTX *mem_ctx,
return session;
}
+struct smbXcli_session *smbXcli_session_copy(TALLOC_CTX *mem_ctx,
+ struct smbXcli_session *src)
+{
+ struct smbXcli_session *session;
+
+ session = talloc_zero(mem_ctx, struct smbXcli_session);
+ if (session == NULL) {
+ return NULL;
+ }
+ session-smb2 = talloc_zero(session, struct smb2cli_session);
+ if (session-smb2 == NULL) {
+ talloc_free(session);
+ return NULL;
+ }
+
+ session-conn = src-conn;
+ *session-smb2 = *src-smb2;
+ session-smb2_channel = src-smb2_channel;
+ session-disconnect_expired = src-disconnect_expired;
+
+ DLIST_ADD_END(src-conn-sessions, session, struct smbXcli_session *);
+ talloc_set_destructor(session, smbXcli_session_destructor);
+
+ return session;
+}
+
+
NTSTATUS smbXcli_session_application_key(struct smbXcli_session *session,
TALLOC_CTX *mem_ctx,
DATA_BLOB *key)
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index b720bc6..f7b60d3 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -260,6 +260,8 @@ NTSTATUS smbXcli_negprot(struct smbXcli_conn *conn,
struct smbXcli_session *smbXcli_session_create(TALLOC_CTX *mem_ctx,
struct smbXcli_conn *conn);
+struct smbXcli_session *smbXcli_session_copy(TALLOC_CTX *mem_ctx,
+ struct smbXcli_session *src);
NTSTATUS smbXcli_session_application_key(struct smbXcli_session *session,
TALLOC_CTX *mem_ctx,
DATA_BLOB *key);
diff --git a/source4/torture/smb2/compound.c b/source4/torture/smb2/compound.c
index e75f682..4a47e14 100644
--- a/source4/torture/smb2/compound.c
+++ b/source4/torture/smb2/compound.c
@@ -92,8 +92,8 @@ static bool test_compound_related1(struct torture_context
*tctx,
0, /* capabilities */
0 /* maximal_access */);
- tree-session-smbXcli = smbXcli_session_create(tree-session,
-
tree-session-transport-conn);
+ tree-session-smbXcli = smbXcli_session_copy(tree-session,
+ tree-session-smbXcli);
smb2cli_session_set_id_and_flags(tree-session-smbXcli, UINT64_MAX, 0);
req[1] = smb2_close_send(tree, cl);
@@ -171,8 +171,8 @@ static bool test_compound_related2(struct torture_context
*tctx,
0, /* capabilities */
0 /* maximal_access */);
- tree-session-smbXcli = smbXcli_session_create(tree-session,
-
tree-session-transport-conn);
+ tree-session-smbXcli = smbXcli_session_copy(tree-session
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d4bce35 Add two flags to allow for handling of Extended Signatures (Session Key Protection) on a TCON_AND_X request and response. via 610ac2d Make it possible to build under Solaris make as well as FreeBSD and Linux. Also add comments on changes that might be needed from 23df816 VERSION: Move on to beta6! http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d4bce355ad1c0c2e9d61cfaa6f8ef3ffb8d391f0 Author: Richard Sharpe realrichardsha...@gmail.com Date: Tue Jul 31 19:36:18 2012 -0700 Add two flags to allow for handling of Extended Signatures (Session Key Protection) on a TCON_AND_X request and response. Autobuild-User(master): Richard Sharpe sha...@samba.org Autobuild-Date(master): Wed Aug 1 06:36:37 CEST 2012 on sn-devel-104 commit 610ac2d350ee8a2d5e58d08f61ba1af03b3d762b Author: Richard Sharpe realrichardsha...@gmail.com Date: Sat Jun 2 22:27:22 2012 -0700 Make it possible to build under Solaris make as well as FreeBSD and Linux. Also add comments on changes that might be needed --- Summary of changes: examples/VFS/Makefile.in | 21 + source3/include/smb.h|2 ++ 2 files changed, 19 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/VFS/Makefile.in b/examples/VFS/Makefile.in index db787de..ba41923 100644 --- a/examples/VFS/Makefile.in +++ b/examples/VFS/Makefile.in @@ -27,6 +27,13 @@ libdir = @libdir@ VFS_LIBDIR = $(libdir)/vfs +# Note, if make fails, it might be because your version of make does not +# support what we need. Try installing GNU make and rerun make. +# +# Note also, that if your module requires more than one object file to be +# linked in you will have to modify Makefile.in to accommodate your needs and +# then rerun configure before you can build. + # Change these targets to the names of your modules if building out of tree MODULES= skel_opaque.@SHLIBEXT@ shadow_copy_test.@SHLIBEXT@ \ skel_transparent.@SHLIBEXT@ @@ -37,13 +44,19 @@ all: $(MODULES) .SUFFIXES: .@SHLIBEXT@ -.@OBJEXT@.@SHLIBEXT@: - @echo Linking $ - @$(CC) $(LDSHFLAGS) $(LDFLAGS) $*.@OBJEXT@ -o $*.@SHLIBEXT@ +# You might need to create an explicit rule for your shared object if your +# shared object is built from multiple .c files. -.c.@OBJEXT@: +.c.@SHLIBEXT@: @echo Compiling $ @$(CC) $(FLAGS) -c $ -D$*_init=samba_init_module + @echo Linking $@ + @$(CC) $(LDSHFLAGS) $(LDFLAGS) $*.@OBJEXT@ -o $*.@SHLIBEXT@ + +# You might need to uncomment this if you have other .c files to compile +#.c.@OBJEXT@: +# @echo Compiling $ +# @$(CC) $(FLAGS) -c $ -D$*_init=samba_init_module install: default $(INSTALLCMD) -d $(VFS_LIBDIR) diff --git a/source3/include/smb.h b/source3/include/smb.h index c396f0e..310cbbb 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -623,6 +623,8 @@ char *strdup(char *s); /* TCONX Flag (smb_vwv2). */ #define TCONX_FLAG_EXTENDED_RESPONSE 0x8 +#define TCONX_FLAG_EXTENDED_SIGNATURES 0x4 +#define SMB_EXTENDED_SIGNATURES0x20 /* File Status Flags. See: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 632af66 Check the return from create_acl_blob
from 6bafb4a s3-smbd: Avoid creating a UID ACL entry for SIDs that are
mapped as ID_TYPE_BOTH The GID ACL entry is what will be mapped in most cases,
and so is sufficient.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 632af6645376185500820a5be9dbf5c0c3d1e515
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Wed May 16 20:21:34 2012 -0700
Check the return from create_acl_blob
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Thu May 17 07:17:29 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/modules/vfs_acl_common.c | 10 ++
1 files changed, 6 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 221b43f..c7bce57 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -592,10 +592,12 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct
*handle, files_struct *fsp,
NDR_PRINT_DEBUG(security_descriptor,
discard_const_p(struct security_descriptor, psd));
}
- /*
-* Perhaps create_acl_blob should have a status return as well
-*/
- create_acl_blob(psd, blob, XATTR_SD_HASH_TYPE_SHA256, hash);
+ status = create_acl_blob(psd, blob, XATTR_SD_HASH_TYPE_SHA256, hash);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, (fset_nt_acl_xattr: create_acl_blob failed\n));
+ return status;
+ }
+
status = store_acl_blob_fsp(handle, fsp, blob);
return status;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bfe4a2b Fix the overwriting of errno before use in a DEBUG
statement and use the return value from store_acl_blob_fsp rather than ignoring
it.
from b6e3608 build: Add explicit mention of --abi-check-disable to ABI
checker
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bfe4a2baeec6bc4558a617ec67532ea11f865861
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Tue May 15 07:47:14 2012 -0700
Fix the overwriting of errno before use in a DEBUG statement and use the
return value from store_acl_blob_fsp rather than ignoring it.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Wed May 16 03:43:41 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/modules/vfs_acl_common.c |7 +--
source3/modules/vfs_acl_xattr.c |6 +++---
2 files changed, 8 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 241bc8f..221b43f 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -592,10 +592,13 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct
*handle, files_struct *fsp,
NDR_PRINT_DEBUG(security_descriptor,
discard_const_p(struct security_descriptor, psd));
}
+ /*
+* Perhaps create_acl_blob should have a status return as well
+*/
create_acl_blob(psd, blob, XATTR_SD_HASH_TYPE_SHA256, hash);
- store_acl_blob_fsp(handle, fsp, blob);
+ status = store_acl_blob_fsp(handle, fsp, blob);
- return NT_STATUS_OK;
+ return status;
}
static int acl_common_remove_object(vfs_handle_struct *handle,
diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c
index 5653657..c1b0a60 100644
--- a/source3/modules/vfs_acl_xattr.c
+++ b/source3/modules/vfs_acl_xattr.c
@@ -119,12 +119,12 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct
*handle,
}
unbecome_root();
if (ret) {
- errno = saved_errno;
DEBUG(5, (store_acl_blob_fsp: setting attr failed for file %s
with error %s\n,
fsp_str_dbg(fsp),
- strerror(errno) ));
- return map_nt_error_from_unix(errno);
+ strerror(saved_errno) ));
+ errno = saved_errno;
+ return map_nt_error_from_unix(saved_errno);
}
return NT_STATUS_OK;
}
--
Samba Shared Repository
Re: [Samba] How to build Samba4 using static linked libraries
On Mon, 2012-05-07 at 12:21 -0400, peixing@emc.com wrote: Hi All: I am building the torture/smbtorture forsamba-4.0.0alpha17. After build, I am running the test in another environment. I not only need to copy the binary smbtorture, I also need to copy the shared libraries. This is HUGE inconvenient for us. Could somebody tell me how to build the binary using static linked libraries? Is there anything else you would like us to do for you? Come clean now. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 0dc3f42 Add an audit file VFS routine so we can handle auditing
with SACLs.
from 12ee793 s4:torture: add a check for talloc success in
rpc.samba3.randomauth2
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 0dc3f423d25d3a50fa39ecee8a8ca13cdfe32267
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Fri Apr 27 21:31:34 2012 -0700
Add an audit file VFS routine so we can handle auditing with SACLs.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Sat Apr 28 08:05:00 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/include/vfs.h |6 ++
source3/include/vfs_macros.h |5 +
source3/modules/vfs_default.c | 10 ++
source3/smbd/vfs.c| 14 ++
4 files changed, 35 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index e858235..b5f234a 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -370,6 +370,12 @@ struct vfs_fn_pointers {
uint32 security_info_sent,
const struct security_descriptor *psd);
+ NTSTATUS (*audit_file_fn)(struct vfs_handle_struct *handle,
+ struct smb_filename *file,
+ struct security_acl *sacl,
+ uint32_t access_requested,
+ uint32_t access_denied);
+
/* POSIX ACL operations. */
int (*chmod_acl_fn)(struct vfs_handle_struct *handle, const char *name,
mode_t mode);
diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h
index c324439..3c2256b 100644
--- a/source3/include/vfs_macros.h
+++ b/source3/include/vfs_macros.h
@@ -389,6 +389,11 @@
#define SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc) \
smb_vfs_call_get_nt_acl((handle)-next, (name), (security_info),
(ppdesc))
+#define SMB_VFS_AUDIT_FILE(conn, name, sacl, access_requested, access_denied) \
+ smb_vfs_call_audit_file((conn)-vfs_handles, (name), (sacl),
(access_requested), (access_denied))
+#define SMB_VFS_NEXT_AUDIT_FILE(handle, name, sacl, access_requested,
access_denied) \
+ smb_vfs_call_audit_file((handle)-next, (name), (sacl),
(access_requested), (access_denied))
+
#define SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd) \
smb_vfs_call_fset_nt_acl((fsp)-conn-vfs_handles, (fsp),
(security_info_sent), (psd))
#define SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd) \
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index dd54417..887dbcb 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -1872,6 +1872,15 @@ static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct
*handle, files_struct *fsp
return result;
}
+NTSTATUS vfswrap_audit_file(struct vfs_handle_struct *handle,
+ struct smb_filename *file,
+ struct security_acl *sacl,
+ uint32_t access_requested,
+ uint32_t access_denied)
+{
+ return NT_STATUS_OK; /* Nothing to do here ... */
+}
+
static int vfswrap_chmod_acl(vfs_handle_struct *handle, const char *name,
mode_t mode)
{
#ifdef HAVE_NO_ACL
@@ -2249,6 +2258,7 @@ static struct vfs_fn_pointers vfs_default_fns = {
.fget_nt_acl_fn = vfswrap_fget_nt_acl,
.get_nt_acl_fn = vfswrap_get_nt_acl,
.fset_nt_acl_fn = vfswrap_fset_nt_acl,
+ .audit_file_fn = vfswrap_audit_file,
/* POSIX ACL operations. */
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index 6c9692a..2be6c54 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -1958,6 +1958,20 @@ NTSTATUS smb_vfs_call_fset_nt_acl(struct
vfs_handle_struct *handle,
psd);
}
+NTSTATUS smb_vfs_call_audit_file(struct vfs_handle_struct *handle,
+struct smb_filename *file,
+struct security_acl *sacl,
+uint32_t access_requested,
+uint32_t access_denied)
+{
+ VFS_FIND(audit_file);
+ return handle-fns-audit_file_fn(handle,
+ file,
+ sacl,
+ access_requested,
+ access_denied);
+}
+
int smb_vfs_call_chmod_acl(struct vfs_handle_struct *handle, const char *name,
mode_t mode)
{
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2730eda Improve the VFS Makefile so that it is easier for use out of tree but still works with FreeBSD. from 1e949f3 provision: Simplify handling of default for --server-role. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2730eda640d77d22db08f090f1cd1a734645a496 Author: Richard Sharpe realrichardsha...@gmail.com Date: Mon Apr 16 05:00:08 2012 -0700 Improve the VFS Makefile so that it is easier for use out of tree but still works with FreeBSD. Autobuild-User: Richard Sharpe sha...@samba.org Autobuild-Date: Mon Apr 16 19:51:14 CEST 2012 on sn-devel-104 --- Summary of changes: examples/VFS/Makefile.in | 22 +- 1 files changed, 9 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/VFS/Makefile.in b/examples/VFS/Makefile.in index f9b81eb..fab5611 100644 --- a/examples/VFS/Makefile.in +++ b/examples/VFS/Makefile.in @@ -26,28 +26,24 @@ libdir = @libdir@ VFS_LIBDIR = $(libdir)/vfs -all: skel_opaque.@SHLIBEXT@ shadow_copy_test.@SHLIBEXT@ \ - skel_transparent.@SHLIBEXT@ +# Change these targets to the names of your modules if building out of tree +MODULES= skel_opaque.@SHLIBEXT@ shadow_copy_test.@SHLIBEXT@ \ + skel_transparent.@SHLIBEXT@ -skel_opaque.@SHLIBEXT@: skel_opaque.@OBJEXT@ - @echo Linking $@ - @$(CC) $(LDSHFLAGS) $(LDFLAGS) skel_opaque.@OBJEXT@ -o $@ +all: $(MODULES) -shadow_copy_test.@SHLIBEXT@: shadow_copy_test.@OBJEXT@ - @echo Linking $@ - @$(CC) $(LDSHFLAGS) $(LDFLAGS) shadow_copy_test.@OBJEXT@ -o $@ +# Pattern rules -skel_transparent.@SHLIBEXT@: skel_transparent.@OBJEXT@ - @echo Linking $@ - @$(CC) $(LDSHFLAGS) $(LDFLAGS) skel_transparent.@OBJEXT@ -o $@ +.SUFFIXES: .@SHLIBEXT@ -# Pattern rules +.@OBJEXT@.@SHLIBEXT@: + @echo Linking $ + @$(CC) $(LDSHFLAGS) $(LDFLAGS) $*.@OBJEXT@ -o $*.@SHLIBEXT@ .c.@OBJEXT@: @echo Compiling $ @$(CC) $(FLAGS) -c $ -D$*_init=samba_init_module - install: default $(INSTALLCMD) -d $(VFS_LIBDIR) $(INSTALLCMD) -m 755 *.$(SHLIBEXT) $(VFS_LIBDIR) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 36101d3 Add an open and close method to samba.smb.SMB so we can
open and close files. Also, fix up some documentation.
from 0aacdbf s3-aio-fork: Fix a segfault in vfs_aio_fork
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 36101d3fa45c0b583628862794054f60eb4e6ed3
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Fri Mar 30 22:04:28 2012 -0700
Add an open and close method to samba.smb.SMB so we can open and close
files.
Also, fix up some documentation.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Sun Apr 1 16:29:52 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/libcli/pysmb.c | 96 +++-
1 files changed, 86 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/pysmb.c b/source4/libcli/pysmb.c
index b4eba14..a0021b9 100644
--- a/source4/libcli/pysmb.c
+++ b/source4/libcli/pysmb.c
@@ -53,7 +53,6 @@ struct smb_private_data {
struct smbcli_tree *tree;
};
-
static void dos_format(char *s)
{
string_replace(s, '/', '\\');
@@ -151,7 +150,6 @@ static PyObject * py_smb_savefile(pytalloc_Object *self,
PyObject *args)
Py_RETURN_NONE;
}
-
/*
* Callback function to accumulate directory contents in a python list
*/
@@ -183,7 +181,6 @@ static void py_smb_list_callback(struct clilist_file_info
*f, const char *mask,
}
}
-
/*
* List the directory contents for specified directory (Ignore '.' and '..'
dirs)
*/
@@ -225,7 +222,6 @@ static PyObject *py_smb_list(pytalloc_Object *self,
PyObject *args, PyObject *kw
return py_dirlist;
}
-
/*
* Create a directory
*/
@@ -246,7 +242,6 @@ static PyObject *py_smb_mkdir(pytalloc_Object *self,
PyObject *args)
Py_RETURN_NONE;
}
-
/*
* Remove a directory
*/
@@ -267,7 +262,6 @@ static PyObject *py_smb_rmdir(pytalloc_Object *self,
PyObject *args)
Py_RETURN_NONE;
}
-
/*
* Check existence of a path
*/
@@ -291,7 +285,6 @@ static PyObject *py_smb_chkpath(pytalloc_Object *self,
PyObject *args)
Py_RETURN_FALSE;
}
-
/*
* Read ACL on a given file/directory as a security descriptor object
*/
@@ -357,7 +350,6 @@ static PyObject *py_smb_getacl(pytalloc_Object *self,
PyObject *args, PyObject *
self-talloc_ctx, fio.query_secdesc.out.sd);
}
-
/*
* Set ACL on file/directory using given security descriptor object
*/
@@ -436,6 +428,86 @@ static PyObject *py_smb_setacl(pytalloc_Object *self,
PyObject *args, PyObject *
Py_RETURN_NONE;
}
+/*
+ * Open the file with the parameters passed in and return an object if OK
+ */
+static PyObject *py_open_file(pytalloc_Object *self, PyObject *args, PyObject
*kwargs)
+{
+ NTSTATUS status;
+ union smb_open io;
+ struct smb_private_data *spdata;
+ const char *filename;
+ uint32_t access_mask = 0;
+ uint32_t share_access = 0;
+uint32_t open_disposition = 0;
+uint32_t create_options = 0;
+ int fnum;
+
+ if (!PyArg_ParseTuple(args, si|iii:open_file,
+ filename,
+ access_mask,
+ share_access,
+ open_disposition,
+ create_options)) {
+ return NULL;
+ }
+
+ if (!access_mask)
+ access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+
+ if (!share_access)
+ share_access = NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE;
+
+ if (!open_disposition)
+ open_disposition = NTCREATEX_DISP_OPEN;
+
+ ZERO_STRUCT(io);
+
+ spdata = self-ptr;
+
+ io.generic.level = RAW_OPEN_NTCREATEX;
+ io.ntcreatex.in.root_fid.fnum = 0;
+ io.ntcreatex.in.flags = 0;
+ io.ntcreatex.in.access_mask = access_mask;
+ io.ntcreatex.in.create_options = create_options;
+ io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
+ io.ntcreatex.in.share_access = share_access;
+ io.ntcreatex.in.alloc_size = 0;
+ io.ntcreatex.in.open_disposition = open_disposition;
+ io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ io.ntcreatex.in.security_flags = 0;
+ io.ntcreatex.in.fname = filename;
+
+ status = smb_raw_open(spdata-tree, self-talloc_ctx, io);
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+
+ fnum = io.ntcreatex.out.file.fnum;
+
+ return Py_BuildValue(i, fnum);
+}
+
+/*
+ * Close the file based on the fnum passed in
+ */
+static PyObject *py_close_file(pytalloc_Object *self, PyObject *args, PyObject
*kwargs)
+{
+ struct smb_private_data
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2c322ca Fix some of the issues that Jelmer identified in my first
patch. This might be changed again, especially when I figure out how to return
the file as an object.
from 36101d3 Add an open and close method to samba.smb.SMB so we can
open and close files. Also, fix up some documentation.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2c322ca95a7dc4fb8396b475d115f31837316267
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Sun Apr 1 13:14:49 2012 -0700
Fix some of the issues that Jelmer identified in my first patch. This might
be
changed again, especially when I figure out how to return the file as an
object.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Mon Apr 2 01:43:44 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/libcli/pysmb.c | 28
1 files changed, 12 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/pysmb.c b/source4/libcli/pysmb.c
index a0021b9..3f2efe9 100644
--- a/source4/libcli/pysmb.c
+++ b/source4/libcli/pysmb.c
@@ -437,13 +437,15 @@ static PyObject *py_open_file(pytalloc_Object *self,
PyObject *args, PyObject *k
union smb_open io;
struct smb_private_data *spdata;
const char *filename;
- uint32_t access_mask = 0;
- uint32_t share_access = 0;
-uint32_t open_disposition = 0;
+ uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ uint32_t share_access = NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE;
+uint32_t open_disposition = NTCREATEX_DISP_OPEN;
uint32_t create_options = 0;
+ TALLOC_CTX *mem_ctx;
int fnum;
- if (!PyArg_ParseTuple(args, si|iii:open_file,
+ if (!PyArg_ParseTuple(args, s|:open_file,
filename,
access_mask,
share_access,
@@ -452,20 +454,12 @@ static PyObject *py_open_file(pytalloc_Object *self,
PyObject *args, PyObject *k
return NULL;
}
- if (!access_mask)
- access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
-
- if (!share_access)
- share_access = NTCREATEX_SHARE_ACCESS_READ |
- NTCREATEX_SHARE_ACCESS_WRITE;
-
- if (!open_disposition)
- open_disposition = NTCREATEX_DISP_OPEN;
-
ZERO_STRUCT(io);
spdata = self-ptr;
+ mem_ctx = talloc_new(NULL);
+
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.flags = 0;
@@ -479,7 +473,9 @@ static PyObject *py_open_file(pytalloc_Object *self,
PyObject *args, PyObject *k
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = filename;
- status = smb_raw_open(spdata-tree, self-talloc_ctx, io);
+ status = smb_raw_open(spdata-tree, mem_ctx, io);
+ talloc_free(mem_ctx);
+
PyErr_NTSTATUS_IS_ERR_RAISE(status);
fnum = io.ntcreatex.out.file.fnum;
@@ -541,7 +537,7 @@ static PyMethodDef py_smb_methods[] = {
Set security descriptor for file. },
{ open_file, (PyCFunction)py_open_file, METH_VARARGS,
open_file(path, access_mask[, share_access[,
open_disposition[, create_options]]] - fnum\n\n \
- Open a file. Throws exceptions on errors. },
+ Open a file. Throws NTSTATUS exceptions on errors. },
{ close_file, (PyCFunction)py_close_file, METH_VARARGS,
close_file(fnum) - None\n\n \
Close the file based on fnum.},
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7d3c26e Make sure we claim that a DACL or SACL is present if the SD says so from 786cb13 Fix an IPv6 breakage I introduced by adding an strlcpy truncation check. Found by Matthieu Patou m...@samba.org. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7d3c26e8cfcffb519990d5d2d70af3307e34c15f Author: Richard Sharpe realrichardsha...@gmail.com Date: Fri Mar 30 22:02:25 2012 -0700 Make sure we claim that a DACL or SACL is present if the SD says so Autobuild-User: Richard Sharpe sha...@samba.org Autobuild-Date: Sat Mar 31 09:34:36 CEST 2012 on sn-devel-104 --- Summary of changes: source3/libsmb/clisecdesc.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/clisecdesc.c b/source3/libsmb/clisecdesc.c index aef3432..04f661c 100644 --- a/source3/libsmb/clisecdesc.c +++ b/source3/libsmb/clisecdesc.c @@ -92,9 +92,9 @@ NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, SIVAL(param, 0, fnum); - if (sd-dacl) + if (sd-dacl || (sd-type SEC_DESC_DACL_PRESENT)) sec_info |= SECINFO_DACL; - if (sd-sacl) + if (sd-sacl || (sd-type SEC_DESC_SACL_PRESENT)) sec_info |= SECINFO_SACL; if (sd-owner_sid) sec_info |= SECINFO_OWNER; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3be2af1 Add DEBUG statements to show when access has been denied
and why.
from 26f7a67 s4 dns: Only do recursive queries when allowed/desired
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3be2af1df94443a2dc21d4f5f58ce11b83e4306f
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Tue Mar 27 20:32:11 2012 -0700
Add DEBUG statements to show when access has been denied and why.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Wed Mar 28 07:07:26 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/smbd/nttrans.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index fc52ee5..20379ac 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1868,11 +1868,13 @@ NTSTATUS smbd_do_query_security_desc(connection_struct
*conn,
if ((security_info_wanted SECINFO_SACL)
!(fsp-access_mask SEC_FLAG_SYSTEM_SECURITY)) {
+ DEBUG(10, (Access to SACL denied.\n));
return NT_STATUS_ACCESS_DENIED;
}
if ((security_info_wanted (SECINFO_DACL|SECINFO_OWNER|SECINFO_GROUP))
!(fsp-access_mask SEC_STD_READ_CONTROL)) {
+ DEBUG(10, (Access to DACL, OWNER, or GROUP denied.\n));
return NT_STATUS_ACCESS_DENIED;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via cb7220d Fix the PyDoc comments in samba.smb.SMB and add a
security_info argument to both get_acl and set_acl to allow the caller to
specify what info is wanted. Defaults to 0 which means all info.
from d86e701 s4:ldap.py - re-introduce the
(dn=CN=ldaptestUSER3,CN=Users,DC=wallnoefer2,DC=local) test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit cb7220d72124b89f316c181c674982dbe5f6c372
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Sun Mar 25 17:27:11 2012 -0700
Fix the PyDoc comments in samba.smb.SMB and add a security_info argument to
both get_acl and set_acl to allow the caller to specify what info is wanted.
Defaults to 0 which means all info.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Mon Mar 26 04:05:25 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/libcli/pysmb.c | 31 +++
1 files changed, 23 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/pysmb.c b/source4/libcli/pysmb.c
index 2f9a579..b4eba14 100644
--- a/source4/libcli/pysmb.c
+++ b/source4/libcli/pysmb.c
@@ -302,9 +302,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self,
PyObject *args, PyObject *
union smb_fileinfo fio;
struct smb_private_data *spdata;
const char *filename;
+ int sinfo = 0;
int fnum;
- if (!PyArg_ParseTuple(args, s:get_acl, filename)) {
+ if (!PyArg_ParseTuple(args, s|i:get_acl, filename, sinfo)) {
return NULL;
}
@@ -335,7 +336,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self,
PyObject *args, PyObject *
fio.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
fio.query_secdesc.in.file.fnum = fnum;
- fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER |
+ if (sinfo)
+ fio.query_secdesc.in.secinfo_flags = sinfo;
+ else
+ fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER |
SECINFO_GROUP |
SECINFO_DACL |
SECINFO_PROTECTED_DACL |
@@ -344,7 +348,6 @@ static PyObject *py_smb_getacl(pytalloc_Object *self,
PyObject *args, PyObject *
SECINFO_PROTECTED_SACL |
SECINFO_UNPROTECTED_SACL;
-
status = smb_raw_query_secdesc(spdata-tree, self-talloc_ctx, fio);
smbcli_close(spdata-tree, fnum);
@@ -367,9 +370,10 @@ static PyObject *py_smb_setacl(pytalloc_Object *self,
PyObject *args, PyObject *
const char *filename;
PyObject *py_sd;
struct security_descriptor *sd;
+ uint32_t sinfo = 0;
int fnum;
- if (!PyArg_ParseTuple(args, sO:set_acl, filename, py_sd)) {
+ if (!PyArg_ParseTuple(args, sO|i:get_acl, filename, py_sd, sinfo))
{
return NULL;
}
@@ -410,7 +414,18 @@ static PyObject *py_smb_setacl(pytalloc_Object *self,
PyObject *args, PyObject *
fio.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
fio.set_secdesc.in.file.fnum = fnum;
- fio.set_secdesc.in.secinfo_flags = 0;
+ if (sinfo)
+ fio.set_secdesc.in.secinfo_flags = sinfo;
+ else
+ fio.set_secdesc.in.secinfo_flags = SECINFO_OWNER |
+ SECINFO_GROUP |
+ SECINFO_DACL |
+ SECINFO_PROTECTED_DACL |
+ SECINFO_UNPROTECTED_DACL |
+ SECINFO_SACL |
+ SECINFO_PROTECTED_SACL |
+ SECINFO_UNPROTECTED_SACL;
+
fio.set_secdesc.in.sd = sd;
status = smb_raw_set_secdesc(spdata-tree, fio);
@@ -447,10 +462,10 @@ static PyMethodDef py_smb_methods[] = {
chkpath(path) - True or False\n\n \
Return true if path exists, false otherwise. },
{ get_acl, (PyCFunction)py_smb_getacl, METH_VARARGS,
- get_acl(path) - security_descriptor object\n\n \
+ get_acl(path[, security_info=0]) - security_descriptor
object\n\n \
Get security descriptor for file. },
{ set_acl, (PyCFunction)py_smb_setacl, METH_VARARGS,
- set_acl(path, security_descriptor) - None\n\n \
+ set_acl(path, security_descriptor[, security_info=0]) -
None\n\n \
Set security descriptor for file. },
{ NULL },
};
@@ -522,7 +537,7 @@ static PyTypeObject PySMB = {
.tp_new = py_smb_new
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1080483 Improve the Makefile. Use a standard make macro, not a shell command. from ae9b5ad selftest.py: Add cleanup_pid. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1080483319d4eb7a8cdee767fc41f7258e0e2537 Author: Richard Sharpe realrichardsha...@gmail.com Date: Fri Mar 23 21:27:41 2012 -0700 Improve the Makefile. Use a standard make macro, not a shell command. Autobuild-User: Richard Sharpe sha...@samba.org Autobuild-Date: Sat Mar 24 07:09:44 CET 2012 on sn-devel-104 --- Summary of changes: examples/VFS/Makefile.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/VFS/Makefile.in b/examples/VFS/Makefile.in index 55e2c04..f9b81eb 100644 --- a/examples/VFS/Makefile.in +++ b/examples/VFS/Makefile.in @@ -45,7 +45,7 @@ skel_transparent.@SHLIBEXT@: skel_transparent.@OBJEXT@ .c.@OBJEXT@: @echo Compiling $ - @$(CC) $(FLAGS) -c $ -D$(basename $@)_init=samba_init_module + @$(CC) $(FLAGS) -c $ -D$*_init=samba_init_module install: default -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a15aefe Make it possible for developers of out-of-tree modules to use the same names as in-tree modules. from 9e17e7d lib/async_req: Retry read_packet with read(2) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a15aefea27fffcbf622f7032e5d50628189a49bd Author: Richard Sharpe realrichardsha...@gmail.com Date: Fri Mar 23 07:39:45 2012 -0700 Make it possible for developers of out-of-tree modules to use the same names as in-tree modules. Autobuild-User: Richard Sharpe sha...@samba.org Autobuild-Date: Sat Mar 24 03:18:38 CET 2012 on sn-devel-104 --- Summary of changes: examples/VFS/Makefile.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/VFS/Makefile.in b/examples/VFS/Makefile.in index bbb66be..55e2c04 100644 --- a/examples/VFS/Makefile.in +++ b/examples/VFS/Makefile.in @@ -45,7 +45,7 @@ skel_transparent.@SHLIBEXT@: skel_transparent.@OBJEXT@ .c.@OBJEXT@: @echo Compiling $ - @$(CC) $(FLAGS) -c $ + @$(CC) $(FLAGS) -c $ -D$(basename $@)_init=samba_init_module install: default -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8b01b88 Trivial Comment fix: Supply a missing word in a comment
from 8ea2b5d s3: Fix make bin/smbtorture4 in the autoconf build
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8b01b88fe85ef69a054456540ff3c92927bfc08a
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Wed Feb 29 19:45:29 2012 -0800
Trivial Comment fix: Supply a missing word in a comment
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Thu Mar 1 06:55:44 CET 2012 on sn-devel-104
---
Summary of changes:
source3/include/smb.h |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/smb.h b/source3/include/smb.h
index a54d206..d93f30d 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -461,7 +461,7 @@ struct smb_request {
/*
* Async handling in the main smb processing loop is directed by
* outbuf: reply_xxx routines indicate sync behaviour by putting their
-* reply into outbuf. If they leave it as NULL, they take of it
+* reply into outbuf. If they leave it as NULL, they take care of it
* themselves, possibly later.
*
* If async handling is wanted, the reply_xxx routine must make sure
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1082532 Honor SeTakeOwnershiPrivilege when client asks for
SEC_STD_WRITE_OWNER but has no permission for that, but token has
SeTakeOwnershipPrivilege
from ee2e3d5 s3-vfstest: Fake smb_requests
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 108253250048673493a636fd9fb2bf99b64ccf3c
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Wed Feb 22 06:25:54 2012 -0800
Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER but
has no permission for that, but token has SeTakeOwnershipPrivilege
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
---
Summary of changes:
libcli/security/access_check.c |5 +
1 files changed, 5 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c
index 1b02a86..a9b618f 100644
--- a/libcli/security/access_check.c
+++ b/libcli/security/access_check.c
@@ -205,6 +205,11 @@ NTSTATUS se_access_check(const struct security_descriptor
*sd,
bits_remaining = ~(SEC_RIGHTS_PRIV_BACKUP);
}
+ if ((bits_remaining SEC_STD_WRITE_OWNER)
+security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) {
+ bits_remaining = ~(SEC_STD_WRITE_OWNER);
+ }
+
/* a NULL dacl allows access */
if ((sd-type SEC_DESC_DACL_PRESENT) sd-dacl == NULL) {
*access_granted = access_desired;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 422494a vfs: Make function pointer names consistent. They all end
in _fn
from f452add s3/doc: document the ignore system acls option of
vfs_acl_xattr and vfs_acl_tdb
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 422494a8e630e2ca89386344eaa5346388698a32
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Sat Dec 3 20:45:04 2011 -0800
vfs: Make function pointer names consistent. They all end in _fn
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Mon Dec 12 04:58:40 CET 2011 on sn-devel-104
---
Summary of changes:
examples/VFS/shadow_copy_test.c|2 +-
examples/VFS/skel_opaque.c | 228
examples/VFS/skel_transparent.c| 228
source3/include/vfs.h | 429 ++--
source3/include/vfs_macros.h | 20 +-
source3/locking/brlock.c |9 +-
source3/locking/posix.c|5 +-
source3/modules/vfs_acl_tdb.c | 24 +-
source3/modules/vfs_acl_xattr.c| 22 +-
source3/modules/vfs_afsacl.c |6 +-
source3/modules/vfs_aio_fork.c |8 +-
source3/modules/vfs_aixacl.c | 10 +-
source3/modules/vfs_aixacl2.c | 16 +-
source3/modules/vfs_audit.c| 20 +-
source3/modules/vfs_cacheprime.c |8 +-
source3/modules/vfs_cap.c | 68 +++---
source3/modules/vfs_catia.c| 58 ++--
source3/modules/vfs_crossrename.c |2 +-
source3/modules/vfs_default.c | 226
source3/modules/vfs_default_quota.c|4 +-
source3/modules/vfs_dfs_samba4.c |4 +-
source3/modules/vfs_dirsort.c | 12 +-
source3/modules/vfs_expand_msdfs.c |2 +-
source3/modules/vfs_extd_audit.c | 20 +-
source3/modules/vfs_fake_perms.c |4 +-
source3/modules/vfs_fileid.c |4 +-
source3/modules/vfs_full_audit.c | 220 +++---
source3/modules/vfs_gpfs_hsm_notify.c |4 +-
source3/modules/vfs_hpuxacl.c | 10 +-
source3/modules/vfs_irixacl.c | 10 +-
source3/modules/vfs_linux_xfs_sgid.c |4 +-
source3/modules/vfs_netatalk.c | 16 +-
source3/modules/vfs_notify_fam.c |2 +-
source3/modules/vfs_onefs.c| 64 ++--
source3/modules/vfs_onefs_shadow_copy.c| 80 +++---
source3/modules/vfs_posixacl.c | 10 +-
source3/modules/vfs_prealloc.c |2 +-
source3/modules/vfs_readahead.c|4 +-
source3/modules/vfs_recycle.c |2 +-
source3/modules/vfs_scannedonly.c | 24 +-
source3/modules/vfs_shadow_copy.c | 16 +-
source3/modules/vfs_shadow_copy2.c | 60 ++--
source3/modules/vfs_smb_traffic_analyzer.c | 22 +-
source3/modules/vfs_solarisacl.c | 10 +-
source3/modules/vfs_streams_depot.c| 12 +-
source3/modules/vfs_streams_xattr.c| 22 +-
source3/modules/vfs_syncops.c | 16 +-
source3/modules/vfs_time_audit.c | 216 +++---
source3/modules/vfs_tru64acl.c | 10 +-
source3/modules/vfs_tsmsm.c| 14 +-
source3/modules/vfs_xattr_tdb.c| 20 +-
source3/modules/vfs_zfsacl.c | 16 +-
source3/smbd/vfs.c | 277 +-
53 files changed, 1305 insertions(+), 1297 deletions(-)
Changeset truncated at 500 lines:
diff --git a/examples/VFS/shadow_copy_test.c b/examples/VFS/shadow_copy_test.c
index a47d2ee..0efceb4 100644
--- a/examples/VFS/shadow_copy_test.c
+++ b/examples/VFS/shadow_copy_test.c
@@ -81,7 +81,7 @@ static int test_get_shadow_copy_data(vfs_handle_struct
*handle,
/* VFS operations structure */
static struct vfs_fn_pointers vfs_test_shadow_copy_fns = {
- .get_shadow_copy_data = test_get_shadow_copy_data
+ .get_shadow_copy_data_fn = test_get_shadow_copy_data
};
NTSTATUS vfs_shadow_copy_test_init(void)
diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c
index 7c63dd2..ae42d1c 100644
--- a/examples/VFS/skel_opaque.c
+++ b/examples/VFS/skel_opaque.c
@@ -799,142 +799,142 @@ struct vfs_fn_pointers skel_opaque_fns = {
/* Disk operations */
.connect_fn = skel_connect,
- .disconnect = skel_disconnect,
- .disk_free = skel_disk_free,
- .get_quota = skel_get_quota,
- .set_quota = skel_set_quota,
- .get_shadow_copy_data = skel_get_shadow_copy_data,
- .statvfs = skel_statvfs,
- .fs_capabilities = skel_fs_capabilities
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f50aa98 Improve configure.in so it can be used outside the Samba
source tree.
from 3a0f7b8 ldb: Add handy macros for reporting error inside ldb module
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f50aa988c201c2fe78e467f1a419bedc741e1d31
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Mon Nov 14 07:47:38 2011 -0800
Improve configure.in so it can be used outside the Samba source tree.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Thu Nov 17 07:00:38 CET 2011 on sn-devel-104
---
Summary of changes:
examples/VFS/configure.in |5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/examples/VFS/configure.in b/examples/VFS/configure.in
index 4e9d465..9e30197 100644
--- a/examples/VFS/configure.in
+++ b/examples/VFS/configure.in
@@ -337,11 +337,11 @@ AC_CACHE_CHECK([whether building shared libraries
actually works],
ac_cv_shlib_works=no
# try building a trivial shared library
if test $PICSUFFIX = po; then
- $CC $CPPFLAGS $CFLAGS $PICFLAGS -c -o shlib.po
${srcdir-.}/../../tests/shlib.c
+ $CC $CPPFLAGS $CFLAGS $PICFLAGS -c -o shlib.po
${SAMBA_SOURCE}/../tests/shlib.c
$CC $CPPFLAGS $CFLAGS `eval echo $LDSHFLAGS` -o shlib.$SHLIBEXT
shlib.po
ac_cv_shlib_works=yes
else
- $CC $CPPFLAGS $CFLAGS $PICFLAGS -c -o shlib.$PICSUFFIX
${srcdir-.}/../../tests/shlib.c
+ $CC $CPPFLAGS $CFLAGS $PICFLAGS -c -o shlib.$PICSUFFIX
${SAMBA_SOURCE}/../tests/shlib.c
mv shlib.$PICSUFFIX shlib.po
$CC $CPPFLAGS $CFLAGS `eval echo $LDSHFLAGS` -o shlib.$SHLIBEXT
shlib.po
ac_cv_shlib_works=yes
@@ -350,6 +350,7 @@ AC_CACHE_CHECK([whether building shared libraries actually
works],
])
if test $ac_cv_shlib_works = no; then
BLDSHARED=false
+ AC_MSG_WARN([[Did you forget to specify
--with-samba-source=/path/to/samba?]])
fi
fi
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 595cc42 Add the new test_nttrans_fsctl.c to waf
via c875ab8 Move FSCTL handling into the VFS. Initial code changes.
Passes smbtorture NTTRANS-FSCTL. Test added to selftests.
via e8f143a Add a torture test to test existing FSCTL responses
from c704d92 Fix bug #8493 - DFS breaks zip file extracting unless
follow symlinks = no set
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 595cc42a46f5dfbac5c17a403fb1f82769f26ff2
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Sat Oct 1 09:03:13 2011 -0700
Add the new test_nttrans_fsctl.c to waf
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Sat Oct 1 19:36:53 CEST 2011 on sn-devel-104
commit c875ab8747d65cc6556228616f076b0928013c87
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Fri Sep 16 11:52:22 2011 -0700
Move FSCTL handling into the VFS. Initial code changes. Passes smbtorture
NTTRANS-FSCTL. Test added to selftests.
commit e8f143a45cceb8d2c01d45167a0c90d5c7f38289
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Thu Sep 15 16:13:54 2011 -0700
Add a torture test to test existing FSCTL responses
---
Summary of changes:
source3/Makefile.in |1 +
source3/include/vfs.h| 22 ++
source3/include/vfs_macros.h |6 +
source3/modules/vfs_default.c| 335 +++
source3/selftest/tests.py|2 +-
source3/smbd/nttrans.c | 367 +++---
source3/smbd/vfs.c | 17 ++
source3/torture/proto.h |1 +
source3/torture/test_nttrans_fsctl.c | 287 ++
source3/torture/torture.c|1 +
source3/wscript_build|1 +
11 files changed, 704 insertions(+), 336 deletions(-)
create mode 100644 source3/torture/test_nttrans_fsctl.c
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index bddde78..c736ae8 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -1251,6 +1251,7 @@ SMBTORTURE_OBJ1 = torture/torture.o torture/nbio.o
torture/scanner.o torture/uta
torture/test_async_echo.o \
torture/test_smbsock_any_connect.o \
torture/test_nttrans_create.o \
+ torture/test_nttrans_fsctl.o \
torture/test_notify_online.o \
torture/test_addrchange.o \
torture/test_case_insensitive.o \
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index b47e80f..3b5e0e7 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -136,6 +136,7 @@
/* Leave at 28 - not yet released. Rename open function to open_fn. - gd */
/* Leave at 28 - not yet released. Make getwd function always return malloced
memory. JRA. */
/* Bump to version 29 - Samba 3.6.0 will ship with interface version 28. */
+/* Leave at 29 - not yet releases. Add fsctl. Richard Sharpe */
#define SMB_VFS_INTERFACE_VERSION 29
/*
@@ -329,6 +330,17 @@ struct vfs_fn_pointers {
TALLOC_CTX *mem_ctx,
char **mapped_name);
+ NTSTATUS (*fsctl)(struct vfs_handle_struct *handle,
+ struct files_struct *fsp,
+ TALLOC_CTX *ctx,
+ uint32_t function,
+ uint16_t req_flags,
+ const uint8_t *_in_data,
+ uint32_t in_len,
+ uint8_t **_out_data,
+ uint32_t max_out_len,
+ uint32_t *out_len);
+
/* NT ACL operations. */
NTSTATUS (*fget_nt_acl)(struct vfs_handle_struct *handle,
@@ -692,6 +704,16 @@ NTSTATUS smb_vfs_call_translate_name(struct
vfs_handle_struct *handle,
enum vfs_translate_direction direction,
TALLOC_CTX *mem_ctx,
char **mapped_name);
+NTSTATUS smb_vfs_call_fsctl(struct vfs_handle_struct *handle,
+ struct files_struct *fsp,
+ TALLOC_CTX *ctx,
+ uint32_t function,
+ uint16_t req_flags,
+ const uint8_t *_in_data,
+ uint32_t in_len,
+ uint8_t **_out_data,
+ uint32_t max_out_len,
+ uint32_t *out_len);
NTSTATUS smb_vfs_call_fget_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
uint32 security_info,
diff --git a/source3/include
Re: [Samba] Samba Cross-Compilation Problem
On Fri, Feb 18, 2011 at 8:44 AM, Hitesh Bajaj hitesh_baja...@yahoo.com wrote: Hi, I want to cross-compile samba for arm-linux. I have host machine: Red Had Enterprise Edition 5.0 and I am not able to cross compile it. I tried 3-4 Versions of samba but in vain. Can you guide me through compiling process.Which stable version of samba should i use?Step by step cross compilation process.OR If you have binaries or package for samba which i can directly use at my arm machine. Well, this worked for me with Samba 3.4.4 or thereabouts around March 2010 and later. You would be better off to tell us: 1. What tool chain you are using? 2. What version of Samba you are trying to cross compile? 3. What specific problem you are seeing? It really was a matter of simply making sure that the bin directory for the tool chain was in my path, running configure with the correct arg to select the tool chain and then running make. -- Regards, Richard Sharpe -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: svn commit: samba r8856 - in branches/SOC/SAMBA_4_0/source/torture/rpc: .
On Sat, 30 Jul 2005 [EMAIL PROTECTED] wrote: Author: brad Date: 2005-07-30 01:20:33 + (Sat, 30 Jul 2005) New Revision: 8856 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8856 Log: I think I have the ldb code down in test_CompleteJoin (not complete yet though) Modified: @@ -346,33 +342,23 @@ // userAccountControl: %u\n, // ctx-new_dc.dc_info2.computer_dn, Hmmm, I thought we preferred to avoid C++ style comments in our C code? Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: svn commit: samba r6426 - in branches/SAMBA_4_0/source/torture/libnet: .
On Fri, 22 Apr 2005 [EMAIL PROTECTED] wrote:
Author: mimir
Date: 2005-04-22 00:32:37 + (Fri, 22 Apr 2005)
New Revision: 6426
[deletia]
Changeset:
Modified: branches/SAMBA_4_0/source/torture/libnet/userinfo.c
===
--- branches/SAMBA_4_0/source/torture/libnet/userinfo.c 2005-04-22
00:22:11 UTC (rev 6425)
+++ branches/SAMBA_4_0/source/torture/libnet/userinfo.c 2005-04-22
00:32:37 UTC (rev 6426)
@@ -225,17 +225,8 @@
DCERPC_SAMR_UUID,
DCERPC_SAMR_VERSION);
- if (!NT_STATUS_IS_OK(status)) {
- return False;
- }
+ if (!NT_STATUS_IS_OK(status)) return False;
I don't think this is a big item, but I actually prefer the first one
above that was deleted, because it makes things much easier when you are
inserting debugging statements and so forth, at the cost of a few more
characters.
Of course, I am not going to create a big fuss, though.
Regards
-
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: svn commit: samba r6182 - in branches/SAMBA_4_0/source/librpc/ndr: .
On Mon, 4 Apr 2005, Stefan (metze) Metzmacher wrote: [EMAIL PROTECTED] schrieb: | Author: sharpe | Date: 2005-04-03 03:58:45 + (Sun, 03 Apr 2005) | New Revision: 6182 | | WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6182 | | Log: | | Jelmer, I think we need to initialize the switch_list, else we are | crash city. [Deletia ...] | ndr-depth = 1; | ndr-flags = 0; | + ndr-switch_list = talloc(ndr, struct ndr_token_list); | + if (!ndr-switch_list) | + goto fail; I can't see how this can fix the problem, when we initialize a pointer with another uninitialized struct... Sigh, yeah, I didn't look at what DLIST_ADD was doing ... Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: [Samba] Re: [proposal] Samba Software Foundation
On Wed, 15 Dec 2004, [ISO-8859-1] Gémes Géza wrote: Charles N Wyble írta: i like it. i like it a lot. sounds wonderful. lets get this going. the time is NOW to kill exchange. -charles http://www.thewybles.com/~charles www.oserproject.org Yes it realy sounds wonderful, and the basic idea probably is, but I dislike the reiteration of personal tastes, and dislikes. Imposing if xy would say something negative about me I'll take my ball with me and won't play again with you until you would force him to leave IMHO sounds too childish in an OSS software organizations ruleset :-( Not only that, it is not clear that we need a change in structure given that: 1. Things seem to be working pretty well the current way, in any case, and 2. We have technical agreement among the people who are actually working on the code. The direction that samba4 has taken promises to bring us a big improvement in the correctness and flexibility of the code. Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: svn commit: samba r3872 - in trunk/source/passdb: .
On Fri, 19 Nov 2004 [EMAIL PROTECTED] wrote:
Author: vlendec
Date: 2004-11-19 12:00:23 + (Fri, 19 Nov 2004)
New Revision: 3872
Log:
Fix memleak
Modified:
trunk/source/passdb/pdb_ldap.c
Changeset:
Modified: trunk/source/passdb/pdb_ldap.c
===
--- trunk/source/passdb/pdb_ldap.c2004-11-19 11:59:56 UTC (rev 3871)
+++ trunk/source/passdb/pdb_ldap.c2004-11-19 12:00:23 UTC (rev 3872)
@@ -2263,7 +2263,7 @@
struct smbldap_state *conn = ldap_state-smbldap_state;
pstring filter;
char *attrs[] = { gidNumber, sambaSID, NULL };
- char *escape_name = escape_ldap_string_alloc(username);
+ char *escape_name;
int rc;
LDAPMessage *msg = NULL;
LDAPMessage *entry;
@@ -2279,6 +2279,8 @@
*sids = NULL;
num_sids = 0;
+ escape_name = escape_ldap_string_alloc(username);
+
if (escape_name == NULL)
return NT_STATUS_UNSUCCESSFUL;
Hmmm, how does that fix a mem leak? You have just moved the code around a
bit.
Secondly, shouldn't that return status be NT_STATUS_NOMEM or whatever the
Windows out of mem code is? Actually, NT_STATUS_NO_MEMORY?
Regards
-
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Samba improvements needed
On Thu, 23 Sep 2004, John E. Malmberg wrote: In article [EMAIL PROTECTED], BG - Ben Armstrong [EMAIL PROTECTED] writes: On Tue, 2004-09-21 at 08:32 -0500, John E. Malmberg wrote: And it is not preallocation that SAMBA is doing as noted below. Oh? It sure looked like it ... If you look at it from stepping through the file create sequence in the SMBD program it does. The client does tell the SAMBA server how big to make the file, but not when VMS can do it efficiently. First it has the server open the file for write access, and then it uses ftruncate() or other means to extend it. Most of these move the highwater mark of the file, unlike just allocating space. And that means that the now empty file must be totally written to disk. What's the distinction between this and preallocation? Is it that the client does the file extending writes in small increments, whereas preallocation would do it all at once? The issue is that the way that VMS is doing it now, is slightly more overhead than should be needed. First, the open/write creates an empty file. Second, the SAMBA requests that the empty file be extended to the size the client says the end file will have. This is done one of three ways, and I am not sure which method that SAMBA 2.2.8 is using. Method A, moves the high water mark and allocates the space. Method B, writes an empty file of that size. Method C ignores the request. Third, the data is written to the file. By delaying the open until there is actual data to write or the client has specified the resulting size, then Method A can be used. [Deleted all the rest of the context because I only wanted to reply to this point.] I do not think you can defer opening the file until there is data to write because of the race that implies. If the file did not exist when the NTCreateX was processed, that may seem fine, but if a subsequent NTCreateX comes in with a conflicting share mode, that one may succeed when it shouldn't, especially if it manages to write before you do. Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Samba improvements needed
On Thu, 23 Sep 2004, John E. Malmberg wrote: Richard Sharpe wrote: On Thu, 23 Sep 2004, John E. Malmberg wrote: By delaying the open until there is actual data to write or the client has specified the resulting size, then Method A can be used. [Deleted all the rest of the context because I only wanted to reply to this point.] I do not think you can defer opening the file until there is data to write because of the race that implies. If the file did not exist when the NTCreateX was processed, that may seem fine, but if a subsequent NTCreateX comes in with a conflicting share mode, that one may succeed when it shouldn't, especially if it manages to write before you do. As I understand things now, the share mode conflicts are handled by a tdb, so there should not be a conflict. Yes, that is true ... However, at the time of the open request, the vfs module can take out a VMS lock on the filespec, and that will provide a cluster wide protection. ... as long as you only run Samba on one node in the cluster ... The VFS layer in SAMBA allows much improvement in the VMS port. Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
Re: WinXP - OpenVMS tests reproduced using C++ test program
On Wed, 22 Sep 2004, BG - Ben Armstrong wrote: I have reproduced the same test results as for the ruby test program, only this time using a C++ port of it. I saw the same samba protocol pattern of a 1024-byte write followed by one 1-byte write after the first 64K observed in the packet capture log, and similar performance numbers. Please ignore the earlier version I posted, as it was buggy, and use the one below instead. This should work on OpenVMS, Linux and Windows. This should settle the question over what's this ruby thing now. :) As before, I have a packet capture log if anyone wants to see it. These small writes might be because the MAX XMIT size is set very low ... Do you have the raw packet capture? That would be interesting to look at, but I would need to see it from the time the connection to the server was established. Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
[Samba] Re: Request patch for samba 2.2.2
On Tue, 8 Jun 2004, Udomchai Srisuk (LAD:1Logic) wrote: I'm request patch for samba 2.2.2 on Sun Server (Solaris) There is no such patch. Since you ask for a patch, you most likely are happy to work with source. You should upgrade to 3.0.4, but if you must continue with the 2.2.x stream, then you should move to 2.2.9. Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: svn commit: samba r428 - in branches/SAMBA_3_0/source: include lib smbd
On Fri, 30 Apr 2004, Stefan (metze) Metzmacher wrote: [EMAIL PROTECTED] schrieb: Author: herb Date: 2004-04-30 14:28:38 + (Fri, 30 Apr 2004) New Revision: 428 Modified: branches/SAMBA_3_0/source/include/debug.h branches/SAMBA_3_0/source/lib/debug.c branches/SAMBA_3_0/source/smbd/posix_acls.c Log: Hi Herb, please merge this to trunk also Are there simple steps we can take to merge things to the trunk, or do we have to apply the change to the trunk as well? Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
[Samba] Re: client connections to shares
On Tue, 24 Feb 2004, Ephi Dror wrote: Hi All, I am wondering: Is it possible for a windows client to use separate tcp/ip connection per share. Yes. This will happen if you use different NetBIOS names for the same server, or if you connect via the NetBIOS name first, and then use an IP address for the next use ... Meaning that if we have SAMBA server that shares let's say three shares, then each client that connect to those shares (tcon) will end up having three tcp/ip connections with the server and of course there will be three separate smbd to handle each share. Essentially configuring SMBA that each smbd only communicate with one client (as it does today) and only allow one share access. Can it be configured on the client side or the server side to allow this architecture (one smbd/tcp per client per share) It can't be configured to do that, you have to play games with the NetBIOS name as far as I know. Regards - Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: CVS update: samba4/source/librpc/idl
On Wed, 19 Nov 2003, Simo Sorce wrote:
To me the two syntaxes seem equivalent, where's the difference?
/simo's mind obfuscated at the end of the day
OK, as it turns out, both are wrong!
NetShareEnum in MSDN shows something like:
NET_API_STATUS NetShareEnum(
LPWSTR serbername,
DWORD level,
LPBYTE *bufptr, /* The Info struct */
DWORD prefmaxlen,
LPDWORD entriesread,
LPDWORD totalentries,
LPDWORD resume_handle
);
This means that level should be a top-level entity in the IDL, and it is
not in either. I will correct that in both.
However, in Ethereal, the SHARE_ENUM_STRUCT is shown as:
/*
* IDL typedef struct {
* IDL long Level;
* IDL SHARE_ENUM_UNION shares;
* IDL } SHARE_ENUM_STRUCT;
*/
Which is still not correct, but more correct than what is in the current
samba4 IDL:
typedef struct {
uint32 level;
uint32 level2;
[switch_is(level)] srvsvc_NetShareSubCtr subctr;
} srvsvc_NetShareCtr;
This is just ugly :-)
Also, I think we should use the same names as MSDN wherever possible!
On Wed, 2003-11-19 at 19:29, Richard Sharpe wrote:
Hmmm, the IDL for NetrShareEnum seems wrong. For example, Ethereal, which
dissects this correctly, and follows MSDN in its naming conventions, has
it as:
/*
* IDL long NetrShareEnum(
* IDL [in] [string] [unique] wchar_t *ServerName,
* IDL [in] [out] [ref] SHARE_ENUM_STRUCT *share,
* IDL [in] long MaxLen,
* IDL [out] long Entries,
* IDL [in] [out] [unique] long *ResumeHandle
* IDL );
*/
while the above change has it as:
/**/
/* Function: 0x24 */
WERROR srvsvc_NetShareEnum(
[in] unistr *server_unc,
[in,out] srvsvc_NetShareCtr ctr,
[in] uint32 preferred_len,
[out] uint32 total,
[in,out] uint32 *resume_handle
);
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
--
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: CVS update: samba/source/nsswitch
On Tue, 14 Oct 2003, Simo wrote: I did it on purpose I found the 2 offending DEBUG lines, and found also they were not compiling (may totally b e a problem of mine). As there aren't any other DEBUG lines in that file, I tought you committed that DEBUG statement by mistake. I should have asked, but it was late, sorry. Do it compile now? Actually, it was my problem :-) Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: CVS update: samba/source/nsswitch
On Mon, 13 Oct 2003 [EMAIL PROTECTED] wrote: Modified Files: wb_common.c Log Message: Revisions: wb_common.c 1.26 = 1.27 http://www.samba.org/cgi-bin/cvsweb/samba/source/nsswitch/wb_common.c.diff?r1=1.26r2=1.27 Hmmm, you might have needed a cvs update before that commit, since all you did was delete a two line addition of debugging info I added. I have since re-applied it and fixed a spelling mistake ... Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
[Samba] Re: What's happend when the UID/SID mapping changes for acomputer account ?
On Fri, 27 Jun 2003, Andrew Bartlett wrote: The 'net' command should allow you to suck in the SID from the NT PDC, if for some reason it has been lost. And it should also contain a command to allow you to display your current SID as well ... Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: removing -A
On Sun, 22 Jun 2003, Andrew Bartlett wrote: Hmmm, but do we really want to do that? I like having short forms like that, and surely we could test that information presented works before writing it to the secrets file? Short-forms of things are good, when you do something often - but this is a once-off command. Anyway, the information probably would work, so that test isn't that useful... I am sorry, that is just not true. What about the case where the admin gets the authentication information incorrect? We should be checking the info they provide to prevent the admin from having to hunt around for the reason for subsequent failure. Sorry, I wasn't clear - yes, we should test the info before we start it. Be warned that it's not quite as trivial as it should be (unless you want to turn wbinfo into something the size of 'net' just to do it). What I meant was that we can't just keep -A and -a on the basis that we we can tell if the user stuffed up - given that they both take the same input parameter format. But the point is that a test in the -A case that the details provided actually work cathes both problems: 1. The case where someone did wbinfo -A blah blah when they meant wbinfo -a, and 2. The case where someone did wbinfo -A blah blah and supplied the wrong blah blah. Of course, the test is going to have to ensure that the blah blah that was supplied allows winbindd to do what it needs to do. The only remaining case, it seems to me, that is not handled is where someone does wbinfo -A when they meant to do wbinfo -a and they also supply account details that are powerful enough to do what is needed but are not the ones they intended to supply. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: CVS update: samba/source/nsswitch
On Sun, 22 Jun 2003, Andrew Bartlett wrote: On Sat, 2003-06-21 at 09:57, Richard Sharpe wrote: On Thu, 19 Jun 2003, Tim Potter wrote: On Wed, Jun 18, 2003 at 02:20:23PM +, [EMAIL PROTECTED] wrote: Modified Files: Tag: SAMBA_3_0 wbinfo.c Log Message: Remove the -A option of wbinfo, leaving only the long version, --set-auth-user. There was enough confusion, as in bug #158, when a user accidentally typed -A instead of -a, and would get themselves stuck with a non-working winbind. Nice one. I've done this myself a couple of times. That should have been a hint. (-: Hmmm, but do we really want to do that? I like having short forms like that, and surely we could test that information presented works before writing it to the secrets file? Short-forms of things are good, when you do something often - but this is a once-off command. Anyway, the information probably would work, so that test isn't that useful... I am sorry, that is just not true. What about the case where the admin gets the authentication information incorrect? We should be checking the info they provide to prevent the admin from having to hunt around for the reason for subsequent failure. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: CVS update: samba/source/nsswitch
On Sat, 21 Jun 2003, Tim Potter wrote: On Fri, Jun 20, 2003 at 04:57:11PM -0700, Richard Sharpe wrote: Remove the -A option of wbinfo, leaving only the long version, --set-auth-user. There was enough confusion, as in bug #158, when a user accidentally typed -A instead of -a, and would get themselves stuck with a non-working winbind. Nice one. I've done this myself a couple of times. That should have been a hint. (-: Hmmm, but do we really want to do that? I like having short forms like that, and surely we could test that information presented works before writing it to the secrets file? I think we should stick with the new format. It's too easy to get it wrong and break your system badly just because you didn't press the shift key once. But what about those cases where the admin mis-spells the account or password? You would condemn them to a broken system? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: CVS update: samba/source/nsswitch
On Thu, 19 Jun 2003, Tim Potter wrote: On Wed, Jun 18, 2003 at 02:20:23PM +, [EMAIL PROTECTED] wrote: Modified Files: Tag: SAMBA_3_0 wbinfo.c Log Message: Remove the -A option of wbinfo, leaving only the long version, --set-auth-user. There was enough confusion, as in bug #158, when a user accidentally typed -A instead of -a, and would get themselves stuck with a non-working winbind. Nice one. I've done this myself a couple of times. That should have been a hint. (-: Hmmm, but do we really want to do that? I like having short forms like that, and surely we could test that information presented works before writing it to the secrets file? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Users able to execute windows .exe though execute bit not set
On Tue, 1 Apr 2003, Ronan Waide wrote: On April 1, [EMAIL PROTECTED] said: I'm looking for some assistance regarding file permissions and the inability to stop the execution of a file even though the execute permission has not been set. Execute bits are a Unix concept. Windows will execute any file it can read that it understands the extension of and has a handler for. Hmmm, I did some testing a week or so ago, and found that removing the execute permission from ACLs on the file (esp inherited ones) prevents Win2K from executing the file, although it does open the file for read first. Since we have just added proper eXecute permission support to our (almost) NT ACLs in the file system, let me check this today to see what the deal is. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Users able to execute windows .exe though execute bit not set
On Tue, 1 Apr 2003, Jim McDonough wrote: Hmmm, I did some testing a week or so ago, and found that removing the execute permission from ACLs on the file (esp inherited ones) prevents Win2K from executing the file, although it does open the file for read first. Doesn't happen for me. It lets me execute a file for which I only have read access... Right, but I was testing Win2K against NT. I know that we will fail this test, as discussed on IRC because the POSIX open call does not allow you to specify O_EXEC ... so I will need to do other checks here. However, since our NFS code needs to check for X access, I can probably piggy back on this with an IOCTL. UGLY. We should probably have a torture test for this. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: use sendfile problems with Windows 95
On Thu, 27 Mar 2003, Pierre Belanger wrote: Hi, I turned on use sendfile, not too long after (on the next logon) someone called me. His Windows 95 was having trouble opening files on the server. He can explore the shared volume but when trying to open a file, his computer hangs and needs to reboot. I've been using sendfile myself with Samba under Solaris 8 with NT 2000 XP since a long time with no trouble at all. I tested with another Windows 95 box -- same problem. Even after ~ 5 min. the box is still hanged. I'm wondering if Windows 98/ME are also affected by this? I don't have access to Windows ME boxes but I might find a Windows 98 box... I'll post when I am able to test. I generated a level 10 log file, it's 155KB (gzip -9). Someone wants to look at it? (I did not want to post this hughe file here). Can you get us a sniff? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: generating core dumps in winbindd and smbd
On Fri, 28 Mar 2003, Tim Potter wrote: I was poking around in the segv signal handling code today as I'm in a situation where an actual core dump would be handy to have. The intent of the current code looks like core dumps are to be made in $LOGDIR/corefiles but the dump_core() function is never executed as the argument to fault_setup() is never used. Do we want to keep the existing behaviour or shall I fix it to do what was intended? I would say do what was intended. I often need core files :-( Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Error joining Samba domain with Windows 2000 Pro
On Wed, 26 Mar 2003, John Brown wrote: I am getting the following message when I try to add my Windows 2000 Pro SP3 machine to the Samba domain. The following error occurred validating the name x This condition may be caused by a DNS lookup problem... The specified domain either does not exist or could not be contacted. I can see and access the server from the workgroup. I have seen this when nmbd is not running. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Support for Multiple Data Streams?
On Thu, 20 Mar 2003, Ken Cross wrote: Samba-folk: Samba apparently does not support Alternate Data Streams/Multiple Data Streams. ADS/MDS are the hidden files associated with the Summary tab on a 2K/XP/.Net version of Windows. A file on a SAMBA_3_0 server does not even display the Summary tab on the Properties page. Hmmm, are you sure of this? Alternate Data Streams are named $DATA attributes of a file in NTFS, and if I create one such thing via: echo Some Data somefile.txt:ADS That works and I can look at the data with type, but the Summary tab of the properties dialog box for the file does not show me that attribute? It should be noted that normal file data is associated with the unnamed $DATA attribute. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Support for Multiple Data Streams?
On Thu, 20 Mar 2003, Ken Cross wrote: Samba-folk: Samba apparently does not support Alternate Data Streams/Multiple Data Streams. ADS/MDS are the hidden files associated with the Summary tab on a 2K/XP/.Net version of Windows. A file on a SAMBA_3_0 server does not even display the Summary tab on the Properties page. So, why are you seeing a need to support these? :-) Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Support for Multiple Data Streams?
On Thu, 20 Mar 2003, Christopher R. Hertel wrote: Ken, How would you store that information on a Unix filesystem? How do you prevent users or other services from messing things up? There are solutions, but it's a much bigger problem than it seems on the surface. There are some interesting issues here. Alternate Data Streams can be accessed via CIFS, but there is no special support built into the protocol. They are simply accessed syntactically. An ADS has a name like file-name:ADS-name, and NTFS maps that to the named $DATA attribute called ADS-name. Other implementations are free to do it any way they want. Since UNIX allows : in names, the files will appear with funny names, but searches will be screwed up. The bigger issue is how to back up the file and all its attributes, and as far as I can see, Windows NT4/5/... requires that you use BackupRead and BackupWrite where you can get access to all the attributes of a file as byte streams. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Some more info on permissions and opening files ...
Hi, I have done some further analysis of what permissions are needed to access files under Windows. Yesterday I was under the mistaken impression that to open a file for writing you need FILE_WRITE_DATA, FILE_WRITE_ATTRIBUTES, and FILE_WRITE_EA. However, this is only if you are using the POSIX open call. If you use the Win32 CreateFile and WriteFile calls, you can open a file for writing and write to it with just FILE_WRITE_DATA, even over CIFS. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Support for Multiple Data Streams?
On Fri, 21 Mar 2003, Tim Potter wrote: On Thu, Mar 20, 2003 at 03:46:59PM -0500, Ken Cross wrote: Yes, to support it properly, the underlying filesystem should include all streams when you cp/mv/rm/... And a portable backup/restore could be interesting! However, I'm having trouble getting Samba to return goofy names like filename:ADS. It keeps mangling them (even with mangling disabled). What's wrong with extended attributes? They satisfy the portability requirements (modulo some autoconf stuff that is probably required to create a uniform system call interface) and are backed up and restored by dump. Right, XATTRs would be one way to do it on Linux. Of course, Samba needs some mods, and Tridge was looking at putting that into his NTVFS layer (where it belongs). Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: very interesting!
On Fri, 21 Mar 2003, Martin Pool wrote: I just noticed this in the libc manual. http://www.gnu.org/manual/glibc-2.2.5/html_node/Backtraces.html It could be pretty cool to have this built in to smb_panic(). But is it portable? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: libsmbclient again :|
On Fri, 21 Mar 2003, dzvine wrote:
Hello samba-technical,
i wrote a simple app using this lib and noticed huge memory leaks. My
code is just simple sequence like:
smbc_init()
while()
{
smbc_opendir() ;
smbc_getdents() ;
smbc_closedir();
}
but library leaks a lot of memory, i noticed the hugest leaks are
because of ?? uninitialized ?? client/server connections? also 12-20
bytes leaks in pstrings ?
after scanning a network of about 200 computers it eats up to 30-40MB
of ram( depending on file/share amount)
closedir should be freeing the resources, but looks like it is not. I can
try to look at it over the weekend.
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
RE: rd /s, can't find the file specified (internal reference b1996)
On Wed, 19 Mar 2003, Nir Soffer wrote: I can't reproduce this at all on a recent (CVS) build of SAMBA_3_0. Can you give me more details on *exactly* how you reproduce it please ? What I did was simply do, on the unix side: mkdir b1996 cd b1996 touch nirtest123456 touch nirtest12345 and on the W2K side use a command line prompt, map the drive using net use, and try to rd /s b1996 OK, that explains the insistence on using short names. Did you use command or cmd? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
RE: rd /s, can't find the file specified (internal reference b1996)
On Wed, 19 Mar 2003, Nir Soffer wrote: On Wed, 19 Mar 2003, Nir Soffer wrote: I can't reproduce this at all on a recent (CVS) build of SAMBA_3_0. Can you give me more details on *exactly* how you reproduce it please ? What I did was simply do, on the unix side: mkdir b1996 cd b1996 touch nirtest123456 touch nirtest12345 and on the W2K side use a command line prompt, map the drive using net use, and try to rd /s b1996 OK, that explains the insistence on using short names. Did you use command or cmd? I used cmd. I specified I was using the command line on the beginning, and that everything worked perfectly alright from the explorer and the GUIs. Right, but there is command and cmd, and cmd uses 8.3 names, and it looks like the good trace was taken with a client that only understands short names. I also thought that the rd /s in the subject was a big hint ;) Is it reproducable on your end too, or is something in my configuration screwy? I have not tried it yet, and I am predominantly using a 2.2.x base, but will try soonish ... Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
RE: rd /s, can't find the file specified (internal reference b1996)
On Wed, 19 Mar 2003, Nir Soffer wrote: On Wed, 19 Mar 2003, Nir Soffer wrote: I can't reproduce this at all on a recent (CVS) build of SAMBA_3_0. Can you give me more details on *exactly* how you reproduce it please ? What I did was simply do, on the unix side: mkdir b1996 cd b1996 touch nirtest123456 touch nirtest12345 and on the W2K side use a command line prompt, map the drive using net use, and try to rd /s b1996 OK, that explains the insistence on using short names. Did you use command or cmd? Okay. I was being stupid. Very very stupid, and I apologize. Turns out mangled filenames was disabled. But is this the expected error when manged filenames are disabled? I would hope not. I think that if mangled file names are disabled, we should perhaps return nothing in the short name field in a FindFirst/FindNext ... However, I don't know what clients will do. I have been planning to try it, but have not had a chance. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: samba: group sid user sid
On Wed, 19 Mar 2003, David Gaston wrote: Mr. Sharpe, That's Richard to most folks ... Our university computer science department systems groups has recently used samba-3.0alpha22 to aid in merging our unix windows NT environments. Older accounts created before the merge grab the old sid when being logged into. We've downloaded your profiles program, and I had a question about it's usage. On the first page of http://www.richardsharpe.com/samba-stuff.html, you mention: You might be able to do the following to fix the SIDs: profiles -c S-1-5-21-x-y-z-oldrid -n S-1-5-21-a-b-c-newrid /path/to/profile You will have to do that twice, once for the owner SID and once for the group SID. Why is it necessary to change both of these? Because if you don't, the group SID on the entries in the profile will all have the wrong DOMAIN portion of their SID. However, this just might not be an issue. With a user having an owner SID of 1-5-32-544, the correct syntax to change this would be: profiles -c S-1-5-32-544-x-y-z-oldrid -n S-1-5-32-544-a-b-c-newrid \ /path/to/profile Hmmm, I am not familiar with that S-1-5-32-544. That seems like a well-known SID. Ahhh, I see, S-1-5-32 is for the Built-in domain, and 544 looks like the Domain Admins built-in group RID (0x220). So, in that case, you don't need to change that SID, I believe, and the syntax above is wrong, also. It would be: profiles -c S-1-5-32-544 -n S-1-5-21-x-y-z-somerid If you wanted to change the Domain Admins group to some specific person, but I don't think you really want to do that. If you list the ACLs on the entries in the profiles, you should seem more SIDs that the one above. You should see SIDs like S-1-5-21-x-y-z-RID, and those are the ones you want to change. To find the RID of an existing user, try wbinfo, as it has flags that allow you to translate a name into a SID. I guess I will have to update my page to help people further. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: What to do when Windows client asks you to set permissions thatyou can't?
On Wed, 19 Mar 2003, Christopher R. Hertel wrote: On Wed, Mar 19, 2003 at 01:59:52PM -0800, Richard Sharpe wrote: Hi, A question I have relating to ACLs is the following: What should you do (In Samba etc) if you get an ACE in an ACL where the ACE contains permission bits that you do not implement? You could: 1. Deny the request, leaving the user not knowing which bits were good and which not. 2. Ignore the bits you don't process, leaving the user in a state of confusion about which bits you support and which you don't. That is, leaving them not trusting the file system. Are there any other choices (assuming that implementing all the NT bits is out of the question). We have the same problem with DOS Attributes vs. Unix Attributes. They don't map very well. The best you can do is try to find a way to approximate (your best guess) of the user's intention. Right, which means that you have to document these things properly. Now, let's say that you do do some level of NT ACL, should you try to do all the permission bits. Here, you no longer have the excuse that the underlying ACLs are POSIX ACLs and that is the best you can do. Now, you implement lots more of the NT ACLs semantics, say ALLOW and DENY, along with a number of the bits (READ_DATA, WRITE_DATA, WRITE_OWNER, WRITE_ACL, APPEND_DATA), won't the user get even more confused, because you have given them something that is close to NT ACLs, but not quite? Of couse, the question is, is the distinction between WRITE_DATA, WRITE_ATTRIBUTES, and WRITE_EXTENDED_ATTRIBUTES useful? All my testing under Win2K seems to indicate that you need all three of them just to write to a file, at least in some circumstances. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
What permissions do you need to read a fike on Win2K?
Hi, After doing some testing of Win2K permission bits, I find that you need READ_DATA and READ_EXTENDED_ATTRIBUTES to be able to read a file under Win2K. Can anyone confirm that? Similarly, you need WRITE_DATA, WRITE_ATTRIBUTES and WRITE_EXTENDED_ATTRIBUTES to be able to write a file. Bizaro, unless you know that Windows implements file data as the unnamed $DATA attribute (except where you have created alternate data streams, in which case they are named). Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
RE: rd /s, can't find the file specified (internal reference b1996)
On Mon, 17 Mar 2003, Nir Soffer wrote: Enjoy. OK, now that I have looked at both traces in more detail, here is what is happening: The bad trace, perhaps the one from UNIX, is returning exactly the same short name for each of those files, 0123456789AB. The client tries to use the short name, and the server obviouly gets confused. In the second case, the short names are all correct looking names, or the form 012345~1, 012345~2 etc. Have you modified Samba's name mangling code to do silly things? From a very very fast look, it looks like something with file mangling, but IANA Samba Expert. baddosdel.cap is against Samba-CVS (From yesterday) gooddosdel.cap is against my personal W2K workstation. -- Nir Soffer -=- Exanet Inc. -=- http://www.evilpuppy.org Father, why are all the children weeping? / They are merely crying son O, are they merely crying, father? / Yes, true weeping is yet to come -- Nick Cave and the Bad Seeds, The Weeping Song -Original Message- From: Richard Sharpe [mailto:[EMAIL PROTECTED] Sent: Monday, March 17, 2003 9:23 AM To: Nir Soffer Cc: [EMAIL PROTECTED] Subject: RE: rd /s, can't find the file specified (internal reference b1996) On Sun, 16 Mar 2003, Nir Soffer wrote: Following up to myself, reproducing this is apparently even simpler than I thought - simply do a: touch nir test test and try to delete it from a DOS command line. It will fail. nirtest123456 fails as well, but nirtest12345 so it seems to filename size related. 13 characters won't work and 12 will. Perhaps it's because something is geared towards 8 characters, a dot, and 3 characters somewhere along the line? Needless to say, it works fine on w2k shares... Can you get us a sniff? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com -- Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com baddosdel.cap Description: baddosdel.cap gooddosdel.cap Description: gooddosdel.cap
Re: Showstopper! Samba 2.2.8 can't read TDB files from previousversions.
On Sun, 16 Mar 2003, Fredrik Ohrn wrote: To salvage the domain SID I copied smbpasswd.c from 2.2.8 into a 2.2.7a source tree and compiled it, then I could use the new -X and -W options to extract the SID from the old secrets.tdb and write it into a fresh TDB from 2.2.8. I am glad to be of help :-) Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
RE: Question - Latest security alery of samba
On Sun, 16 Mar 2003, Nir Livni wrote: I've read the announcement carefully. The announcement does not point a specific threat in the samba code. It mentions that This version of Samba adds explicit overrun and overflow checks on fragment re-assembly of SMB/CIFS packets to ensure that only valid re-assembly is performed by smbd. It also mentions that samba is highly vulnerable to attacks from an external network, And that 1. host based protection 2. interface protection 3. Using a firewall 4. Using a IPC$ share deny May reduce vulnerability to such attacks. There is no access to my samba servers from the internet, but I would like to know more about this security issue - specially, which source codes are involved. (SMB client code is currently no issue for me) Any list of affected source files would be appreciated. How can we be sure that you are not a script-kiddie? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
RE: rd /s, can't find the file specified (internal reference b1996)
On Sun, 16 Mar 2003, Nir Soffer wrote: Following up to myself, reproducing this is apparently even simpler than I thought - simply do a: touch nir test test and try to delete it from a DOS command line. It will fail. nirtest123456 fails as well, but nirtest12345 so it seems to filename size related. 13 characters won't work and 12 will. Perhaps it's because something is geared towards 8 characters, a dot, and 3 characters somewhere along the line? Needless to say, it works fine on w2k shares... Can you get us a sniff? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
RE: FW: encrypt passwords = no, security=user, samba 3.0a22
On Tue, 11 Mar 2003, Nir Soffer wrote: FWIW turning off unicode with unicode=no helps somewhat, and both ethereal and Samba parse the session request correctly: Hmmm, I fixed a problem in Ethereal around Unicode handling last week at Connectathon. I would be very interested in a trace that shows the problem. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Error messages generated by passdb/pdb_smbpasswd.c are (almost)useless
Hi,
Someone asked me what some messages like getsmbfilepwent: malformed
password entry (uid not number) meant when using the smbpasswd command.
Not knowing, I went searching the source code to find:
if (!isdigit(*p)) {
DEBUG(0, (getsmbfilepwent: malformed password entry (uid not
number)\n));
continue;
This is very little help in pinpointing the problems, as it does not tell
us what the routine was looking at that caused the problem. Perhaps
including the string it was processing would have been more useful!
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
tcon torture test
Hi, Herb and I looked at the TCON torture test a bit today. In our testing we found that Windows NT4, Win2K and most Samba versions fail it, so we both wonder which server ever passed this test. We tested NT4 SP3 and NT4 SP6, as well as Win2K server and Win2K workstation. I have also tested NT4 SP1. To refresh your memory, the TCON tests connects to a share and opens a file. It then writes to the file, and then connects to the same share again, and writes to the file that was originally opened and expects the second write to fail. Herb found an interesting case, though. It seems that Pillar Data's CIFS implementation, which is based on Samba 2.2.x, passes this test. This is surprising, because it suggests that Pillar has changed their version to pass this test, when so few other servers pass the test. Does anyone know of any servers pass the test, and why it is there? It is interesting to note that it is in the torture code in Samba 2.2.x as well, so it might be left over from a very early version of NT4. I wonder if it was only Win9X where this test succeeds? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Restrict Anonymous
On Thu, 6 Mar 2003, Marc Kaplan wrote: Hello list, Has anybody coded some sort of workaround for joining domains with RestrictAnonymous set? The typical behavior I see is for NT4 domains we're able to look up sequence, but never enumerate users and groups. For ADS domains, it seems that even looking up sequence from the domain fails. Are you referring to domain joining or having winbindd function. If the latter, winbindd in head and Samba 3.0.0 allows you to specify a username and password that winbindd can use to perform functions that it used to be able to do. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Detecting Windows OS Version through Samba
On Wed, 5 Mar 2003, Agis Andreou wrote: Thanks, could you please mail it to me, their server http://www.apostols.org/projectz/queso/ seems to be down at the moment. Will it distinguish windows flavours? Hmmm, doesn't nmap do a better job? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
tcontest in Samba-head's torture code
Hi, Herb came across an oddity at Connectathon. He was running the head torture tests against a WinNT 4 sp3 box and a WinNT4 sp6 box. The tcontest fails against that platform. In looking at the code and a trace, it connects to a share, opens a file, and writes to that file. It then connects with a tconX to the same share and then writes to the already opened file, expecting the write to fail. However, it succeeds! Does anyone know what this test is supposed to be testing? The comments are very poor, but the intent seems clear. Just don't know why? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
smbtorture does not seem to want to fallback to *SMBSERVER
Hi, In running some tests at connectathon, I see two issues: 1. smbtorture does not fall back to using *SMBSERVER when setting up a NetBIOS session. I think this would be worth adding. 2. smbtorture does not allow you to specify the port to connect on. I have added code to support this. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
[Samba] Re: number of groups of NT account causes authenticationproblems
On Tue, 4 Mar 2003, Gopal Bhat wrote:
Hi,
I did more experiments with this problem and found that 'SMBD' fails to
authenticate when the Number of Groups an NT user belongs grows more
than 14 (i.e. 15 or more).
Thanks,
Gopal
I can't have a look until tomorrow, but I wonder, is it possible that
Solaris 9 has a restriction that the user cannot be in more that 14
groups? I would think not, but will find it difficult to test tonight.
Besides, I can probably only test on Solaris 8.
If that is not the problem, then I would have to look at the code that
does setgroups and test on our platform.
Gopal Bhat wrote:
I am facing a strange problem related to authentication of NT users
accessing the SAMBA server.
Here are the details:
Server: Solaris 9, SUN Ultra 60, SAMBA 2.2.7a with PAM and WINBIND
Client: Windows XP, NT4.0, 2000
Symptoms:
Created a share \\server\test (UNIX: /export/SMB/test) with access to
group 'TestGoup' where 'TestUser' is a member.
'TestUser' is a member of 14 more groups along with 'TestGroup' (Total
number of TestUser's group = 15)
With the above settings 'TestUser' can't access the share
'\\server\test', and the following message shows up in the Client.log:
[2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(244)
Unable to initgroups. Error was Not owner
[2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(247)
This is probably a problem with the account domain\testuser
[2003/03/04 13:31:52, 0] smbd/service.c:make_connection(599)
client (10.81.105.121) Can't change directory to /export/SMB/test
(Permission denied)
If I change the number of groups the user 'TestUser' belongs from 15
to 8 ('TestGroup' + 7 other groups), the user can access the share
'\\server\test' without any problems.
It looks like there is some limitation on number of NT group
memberships 'smbd' can handle. Note: 'wbinfo' returns all the right
groups of the user without any problems.
Is there anyone out there who is aware of this problem and knows a
workaround/solution to this?
I really appreciate any help from the prestigious SAMBA Team.
Thanks,
Gopal
--
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Connecting to Win2K via port 445 and etc
Hi,
based on a change that Jeremy made today relating to Win2K via 445, I
wonder if the following code in cli_send_tconX (head) is perhaps still a
bit wrong
if (cli-port == 445) {
slprintf(fullshare, sizeof(fullshare)-1,
%s, share);
} else {
slprintf(fullshare, sizeof(fullshare)-1,
%s\\%s, cli-desthost, share);
}
What this is doing is for port 139 consructing \\server\share, while for
port 445, simply using the share name. All the code that calls
cli_send_tconX should pass just the share name.
There is also the additional issue that if the server was specified by a
name other than its NetBIOS name, and we are talking to a Win9x system, it
will want the actual NetBIOS name there perhaps.
However, I wonder also if the code should do exactly the same for port 445
and 139?
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: number of groups of NT account causes authentication problems
On Tue, 4 Mar 2003, Gopal Bhat wrote:
Hi,
I did more experiments with this problem and found that 'SMBD' fails to
authenticate when the Number of Groups an NT user belongs grows more
than 14 (i.e. 15 or more).
Thanks,
Gopal
I can't have a look until tomorrow, but I wonder, is it possible that
Solaris 9 has a restriction that the user cannot be in more that 14
groups? I would think not, but will find it difficult to test tonight.
Besides, I can probably only test on Solaris 8.
If that is not the problem, then I would have to look at the code that
does setgroups and test on our platform.
Gopal Bhat wrote:
I am facing a strange problem related to authentication of NT users
accessing the SAMBA server.
Here are the details:
Server: Solaris 9, SUN Ultra 60, SAMBA 2.2.7a with PAM and WINBIND
Client: Windows XP, NT4.0, 2000
Symptoms:
Created a share \\server\test (UNIX: /export/SMB/test) with access to
group 'TestGoup' where 'TestUser' is a member.
'TestUser' is a member of 14 more groups along with 'TestGroup' (Total
number of TestUser's group = 15)
With the above settings 'TestUser' can't access the share
'\\server\test', and the following message shows up in the Client.log:
[2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(244)
Unable to initgroups. Error was Not owner
[2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(247)
This is probably a problem with the account domain\testuser
[2003/03/04 13:31:52, 0] smbd/service.c:make_connection(599)
client (10.81.105.121) Can't change directory to /export/SMB/test
(Permission denied)
If I change the number of groups the user 'TestUser' belongs from 15
to 8 ('TestGroup' + 7 other groups), the user can access the share
'\\server\test' without any problems.
It looks like there is some limitation on number of NT group
memberships 'smbd' can handle. Note: 'wbinfo' returns all the right
groups of the user without any problems.
Is there anyone out there who is aware of this problem and knows a
workaround/solution to this?
I really appreciate any help from the prestigious SAMBA Team.
Thanks,
Gopal
--
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: file descriptors consumed by printing
On Mon, 3 Mar 2003, Tim Potter wrote: On Sun, Mar 02, 2003 at 06:54:37AM -0800, Richard Sharpe wrote: On Sat, 1 Mar 2003, Vance Lankhaar wrote: What about adding a value to the printing param? - printing = disabled This seems like a good way to do it. Does anyone have any objections if I do so? Why do we need it? Just call lp_default_server_announce() and check if the SV_TYPE_PRINTQ_SERVER bit is set. If no print shares are exported then don't call nt_printing_backend_init(). That seems like a good idea. Seems like you printer-type guys know your way around that code :-) I don't think we need yet another parameter when the information is already available. I agree. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Samba-2.2.8pre2 compiler warnings
On Sun, 2 Mar 2003, Brian Poole wrote:
Quoting Nicholas Brealey ([EMAIL PROTECTED]) from 1 March 2003:
CLITAR
==
client/clitar.c, line 688: warning: argument #4 is incompatible with
prototype:
prototype: pointer to uint : include/proto.h, line 303
argument : pointer to ullong
A 64 bit integer being used where a 32 bit integer is expected?
smbtar make not work on bigendian machines?
smbtar may not work for files over 2GB on little endian machines?
Hmm.. I don't know what to say here. cli_getattrE does expect an int..
but if its being provided with the filesize an int isn't going to
suffice..
Thanks for bringing this up again ... so much work to do ...
smbtar still has at least two issues that could cause problems
with large files to my knowledge. I'll repost the list to keep it alive
and in developers' minds. This has been given to rsharpe herb
previously. I wouldn't be terribly suprised if there are more large file
problems hiding in the tar code as it doesn't seem like it gets much use
and/or attention from the developers.
1) clitar.c::get_file()
static int get_file(file_info2 finfo)
{
int fnum = -1, pos = 0, dsize = 0, rsize = 0, bpos = 0;
..
rsize = finfo.size; /* This is how much to write */
rsize would overflow here.
2) clitar.c::get_longfilename()
static char * get_longfilename(file_info2 finfo)
int namesize = finfo.size + strlen(cur_dir) + 2;
char *longname = malloc(namesize);
This must not be frequently used code. This would [attempt] to
malloc a 1GB chunk of memory (if that was the size of the current file.)
This should be using strlen(finfo.name) or something.
At least a couple debugs still bogus in clitar.c 2_2 code as well.. I
believe one of these got fixed in HEAD but not 2_2.
DEBUG(5, (get_file: file: %s, size %i\n, finfo.name, (int)finfo.size));
(can't cast finfo.size to a int)
DEBUG(0, (restore tar file %s of size %d bytes\n, finfo.name, (int)finfo.size));
(can't cast finfo.size to a int)
I've attached a patch for the issues I know of (but not the cli_getattrE
issue that you brought up.) I'm not really sure what to say about that.
The patch is against the 2_2 tree but should mostly apply to HEAD as well.
This patch was tested only for compilation and should be treated as such.
-b
Index: clitar.c
===
RCS file: /cvsroot/samba/source/client/clitar.c,v
retrieving revision 1.74.4.10
diff -u -r1.74.4.10 clitar.c
--- clitar.c 6 Jan 2003 19:53:11 - 1.74.4.10
+++ clitar.c 2 Mar 2003 23:41:47 -
@@ -1000,9 +1000,10 @@
static int get_file(file_info2 finfo)
{
- int fnum = -1, pos = 0, dsize = 0, rsize = 0, bpos = 0;
+ int fnum = -1, pos = 0, dsize = 0, bpos = 0;
+ SMB_BIG_INT rsize = 0;
- DEBUG(5, (get_file: file: %s, size %i\n, finfo.name, (int)finfo.size));
+ DEBUG(5, (get_file: file: %s, size %.0f\n, finfo.name, (double)finfo.size));
if (ensurepath(finfo.name)
(fnum=cli_open(cli, finfo.name, O_RDWR|O_CREAT|O_TRUNC, DENY_NONE)) == -1) {
@@ -1093,7 +1094,7 @@
ntarf++;
- DEBUG(0, (restore tar file %s of size %d bytes\n, finfo.name, (int)finfo.size));
+ DEBUG(0, (restore tar file %s of size %.0f bytes\n, finfo.name,
(double)finfo.size));
return(True);
}
@@ -1123,18 +1124,17 @@
*/
static char * get_longfilename(file_info2 finfo)
{
- int namesize = finfo.size + strlen(cur_dir) + 2;
+ int namesize = strlen(finfo.name) + strlen(cur_dir) + 2;
char *longname = malloc(namesize);
- int offset = 0, left = finfo.size;
+ SMB_BIG_INT offset = 0, left = finfo.size;
BOOL first = True;
DEBUG(5, (Restoring a long file name: %s\n, finfo.name));
- DEBUG(5, (Len = %d\n, (int)finfo.size));
+ DEBUG(5, (Len = %.0f\n, (double)finfo.size));
if (longname == NULL) {
-
DEBUG(0, (could not allocate buffer of size %d for longname\n,
- (int)(finfo.size + strlen(cur_dir) + 2)));
+ namesize));
return(NULL);
}
--
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Samba-2.2.8pre2 compiler warnings
On Sun, 2 Mar 2003, Brian Poole wrote:
Quoting Nicholas Brealey ([EMAIL PROTECTED]) from 1 March 2003:
CLITAR
==
client/clitar.c, line 688: warning: argument #4 is incompatible with
prototype:
prototype: pointer to uint : include/proto.h, line 303
argument : pointer to ullong
A 64 bit integer being used where a 32 bit integer is expected?
smbtar make not work on bigendian machines?
smbtar may not work for files over 2GB on little endian machines?
Groan. I need to look at the CIFS def for the size of that field and how
it is handled if large offsets are in use :-(
Hmm.. I don't know what to say here. cli_getattrE does expect an int..
but if its being provided with the filesize an int isn't going to
suffice..
smbtar still has at least two issues that could cause problems
with large files to my knowledge. I'll repost the list to keep it alive
and in developers' minds. This has been given to rsharpe herb
previously. I wouldn't be terribly suprised if there are more large file
problems hiding in the tar code as it doesn't seem like it gets much use
and/or attention from the developers.
1) clitar.c::get_file()
static int get_file(file_info2 finfo)
{
int fnum = -1, pos = 0, dsize = 0, rsize = 0, bpos = 0;
..
rsize = finfo.size; /* This is how much to write */
rsize would overflow here.
2) clitar.c::get_longfilename()
static char * get_longfilename(file_info2 finfo)
int namesize = finfo.size + strlen(cur_dir) + 2;
char *longname = malloc(namesize);
This must not be frequently used code. This would [attempt] to
malloc a 1GB chunk of memory (if that was the size of the current file.)
This should be using strlen(finfo.name) or something.
At least a couple debugs still bogus in clitar.c 2_2 code as well.. I
believe one of these got fixed in HEAD but not 2_2.
DEBUG(5, (get_file: file: %s, size %i\n, finfo.name, (int)finfo.size));
(can't cast finfo.size to a int)
DEBUG(0, (restore tar file %s of size %d bytes\n, finfo.name, (int)finfo.size));
(can't cast finfo.size to a int)
I've attached a patch for the issues I know of (but not the cli_getattrE
issue that you brought up.) I'm not really sure what to say about that.
The patch is against the 2_2 tree but should mostly apply to HEAD as well.
This patch was tested only for compilation and should be treated as such.
-b
Index: clitar.c
===
RCS file: /cvsroot/samba/source/client/clitar.c,v
retrieving revision 1.74.4.10
diff -u -r1.74.4.10 clitar.c
--- clitar.c 6 Jan 2003 19:53:11 - 1.74.4.10
+++ clitar.c 2 Mar 2003 23:41:47 -
@@ -1000,9 +1000,10 @@
static int get_file(file_info2 finfo)
{
- int fnum = -1, pos = 0, dsize = 0, rsize = 0, bpos = 0;
+ int fnum = -1, pos = 0, dsize = 0, bpos = 0;
+ SMB_BIG_INT rsize = 0;
Got that one ...
- DEBUG(5, (get_file: file: %s, size %i\n, finfo.name, (int)finfo.size));
+ DEBUG(5, (get_file: file: %s, size %.0f\n, finfo.name, (double)finfo.size));
Hmmm, this should be llu if sizeof(off_t) is 8, and lu if sizeof(off_t) is
4, but maybe casting to a float is OK.
if (ensurepath(finfo.name)
(fnum=cli_open(cli, finfo.name, O_RDWR|O_CREAT|O_TRUNC, DENY_NONE)) == -1) {
@@ -1093,7 +1094,7 @@
ntarf++;
- DEBUG(0, (restore tar file %s of size %d bytes\n, finfo.name, (int)finfo.size));
+ DEBUG(0, (restore tar file %s of size %.0f bytes\n, finfo.name,
(double)finfo.size));
return(True);
}
@@ -1123,18 +1124,17 @@
*/
static char * get_longfilename(file_info2 finfo)
{
- int namesize = finfo.size + strlen(cur_dir) + 2;
+ int namesize = strlen(finfo.name) + strlen(cur_dir) + 2;
char *longname = malloc(namesize);
- int offset = 0, left = finfo.size;
+ SMB_BIG_INT offset = 0, left = finfo.size;
BOOL first = True;
DEBUG(5, (Restoring a long file name: %s\n, finfo.name));
- DEBUG(5, (Len = %d\n, (int)finfo.size));
+ DEBUG(5, (Len = %.0f\n, (double)finfo.size));
if (longname == NULL) {
-
DEBUG(0, (could not allocate buffer of size %d for longname\n,
- (int)(finfo.size + strlen(cur_dir) + 2)));
+ namesize));
return(NULL);
}
OK, I got all those, thanks ...
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: file descriptors consumed by printing
On Mon, 3 Mar 2003, Tim Potter wrote: On Sun, Mar 02, 2003 at 06:54:37AM -0800, Richard Sharpe wrote: On Sat, 1 Mar 2003, Vance Lankhaar wrote: What about adding a value to the printing param? - printing = disabled This seems like a good way to do it. Does anyone have any objections if I do so? Why do we need it? Just call lp_default_server_announce() and check if the SV_TYPE_PRINTQ_SERVER bit is set. If no print shares are exported then don't call nt_printing_backend_init(). Hmmm, Samba 2.2.x sets SV_TYPE_PRINTQ_SERVER unconditionaly. I don't think we need yet another parameter when the information is already available. Tim. -- Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
