[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 100843a s3:smbd: Increase unsupported IOCTL debug message to 2
via 455fccf s3:events: Call all ready fd event handlers on each
iteration of the main loop
from 229f544 testprogs: print architecture used in win32 spoolss
testsuite.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 100843ac239688a3c328f834b7a9f90478e2e8f9
Author: Steven Danneman steven.danne...@isilon.com
Date: Fri Oct 1 12:01:16 2010 -0700
s3:smbd: Increase unsupported IOCTL debug message to 2
Even printing once per connection, level 0 was too spammy with
Windows clients frequently sending FSCTL_GET_OBJECT_ID which
is unsupported.
commit 455fccf86b6544cd17a2571c63a88f8aebff3f74
Author: Steven Danneman steven.danne...@isilon.com
Date: Mon Sep 13 19:15:23 2010 -0700
s3:events: Call all ready fd event handlers on each iteration of the main
loop
Previously, only one fd handler was being called per main message loop
in all smbd child processes.
In the case where multiple fds are available for reading the fd
corresponding to the event closest to the beginning of the event list
would be run. Obviously this is arbitrary and could cause unfairness.
Usually, the first event fd is the network socket, meaning heavy load
of client requests can starve out other fd events such as oplock
or notify upcalls from the kernel.
In this patch, I have changed the behavior of run_events() to unset
any fd that it has already called a handler function, as well
as decrement the number of fds that were returned from select().
This allows the caller of run_events() to iterate it, until all
available fds have been handled.
I then changed the main loop in smbd child processes to iterate
run_events(). This way, all available fds are handled on each wake
of select, while still checking for timed or signalled events between
each handler function call. I also added an explicit check for
EINTR from select(), which previously was masked by the fact that
run_events() would handle any signal event before the return code
was checked.
This required a signature change to run_events() but all other callers
should have no change in their behavior. I also fixed a bug in
run_events() where it could be called with a selrtn value of -1,
doing unecessary looping through the fd_event list when no fds were
available.
Also, remove the temporary echo handler hack, as all fds should be
treated fairly now.
---
Summary of changes:
source3/include/event.h |2 +-
source3/lib/events.c | 22 +++---
source3/nmbd/nmbd_packets.c |6 +++---
source3/smbd/nttrans.c |6 --
source3/smbd/process.c | 35 ---
source3/winbindd/winbindd_dual.c |6 +++---
6 files changed, 42 insertions(+), 35 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/event.h b/source3/include/event.h
index 493bc15..6b41b1d 100644
--- a/source3/include/event.h
+++ b/source3/include/event.h
@@ -31,7 +31,7 @@ bool event_add_to_select_args(struct event_context *event_ctx,
fd_set *read_fds, fd_set *write_fds,
struct timeval *timeout, int *maxfd);
bool run_events(struct event_context *event_ctx,
- int selrtn, fd_set *read_fds, fd_set *write_fds);
+ int *selrtn, fd_set *read_fds, fd_set *write_fds);
struct timeval *get_timed_events_timeout(struct event_context *event_ctx,
struct timeval *to_ret);
void dump_event_list(struct event_context *event_ctx);
diff --git a/source3/lib/events.c b/source3/lib/events.c
index 70a0d7c..0e127f0 100644
--- a/source3/lib/events.c
+++ b/source3/lib/events.c
@@ -67,7 +67,7 @@ bool event_add_to_select_args(struct tevent_context *ev,
}
bool run_events(struct tevent_context *ev,
- int selrtn, fd_set *read_fds, fd_set *write_fds)
+ int *selrtn, fd_set *read_fds, fd_set *write_fds)
{
struct tevent_fd *fde;
struct timeval now;
@@ -112,7 +112,7 @@ bool run_events(struct tevent_context *ev,
return true;
}
- if (selrtn == 0) {
+ if (*selrtn = 0) {
/*
* No fd ready
*/
@@ -122,8 +122,16 @@ bool run_events(struct tevent_context *ev,
for (fde = ev-fd_events; fde; fde = fde-next) {
uint16 flags = 0;
- if (FD_ISSET(fde-fd, read_fds)) flags |= EVENT_FD_READ;
- if (FD_ISSET(fde-fd, write_fds)) flags |= EVENT_FD_WRITE;
+ if (FD_ISSET(fde-fd, read_fds
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bf1a4b2 s4:libcli:smb2 Rename pending_id to async_id and make 64-bit
from 7e31704 selftest: Remove unused --analyse argument.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bf1a4b2bc411cba18980d00bf630aa61fc4e4699
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Sep 22 13:23:49 2010 -0700
s4:libcli:smb2 Rename pending_id to async_id and make 64-bit
Match MS-SMB2 - 2.2.1.1 SMB2 Packet Header - ASYNC
---
Summary of changes:
libcli/smb/smb2_constants.h |5 -
source4/libcli/smb2/cancel.c|2 +-
source4/libcli/smb2/smb2.h |6 +++---
source4/libcli/smb2/transport.c |2 +-
source4/torture/smb2/util.c |1 +
5 files changed, 10 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_constants.h b/libcli/smb/smb2_constants.h
index a3885f9..6d29d6e 100644
--- a/libcli/smb/smb2_constants.h
+++ b/libcli/smb/smb2_constants.h
@@ -28,7 +28,7 @@
#define SMB2_HDR_EPOCH 0x06
#define SMB2_HDR_STATUS0x08
#define SMB2_HDR_OPCODE0x0c
-#define SMB2_HDR_CREDIT0x0e
+#define SMB2_HDR_CREDIT0x0e
#define SMB2_HDR_FLAGS 0x10
#define SMB2_HDR_NEXT_COMMAND 0x14
#define SMB2_HDR_MESSAGE_ID 0x18
@@ -38,6 +38,9 @@
#define SMB2_HDR_SIGNATURE 0x30 /* 16 bytes */
#define SMB2_HDR_BODY 0x40
+/* offsets into header elements for an async SMB2 request */
+#define SMB2_HDR_ASYNC_ID 0x20
+
/* header flags */
#define SMB2_HDR_FLAG_REDIRECT 0x01
#define SMB2_HDR_FLAG_ASYNC 0x02
diff --git a/source4/libcli/smb2/cancel.c b/source4/libcli/smb2/cancel.c
index 65f0218..28ef309 100644
--- a/source4/libcli/smb2/cancel.c
+++ b/source4/libcli/smb2/cancel.c
@@ -53,7 +53,7 @@ NTSTATUS smb2_cancel(struct smb2_request *r)
SIVAL(c-out.hdr, SMB2_HDR_FLAGS, 0x0002);
SSVAL(c-out.hdr, SMB2_HDR_CREDIT, 0x0030);
- SIVAL(c-out.hdr, SMB2_HDR_PID, r-cancel.pending_id);
+ SBVAL(c-out.hdr, SMB2_HDR_ASYNC_ID,r-cancel.async_id);
SBVAL(c-out.hdr, SMB2_HDR_MESSAGE_ID, c-seqnum);
if (r-session) {
SBVAL(c-out.hdr, SMB2_HDR_SESSION_ID, r-session-uid);
diff --git a/source4/libcli/smb2/smb2.h b/source4/libcli/smb2/smb2.h
index 26b9bcb..aaafedd 100644
--- a/source4/libcli/smb2/smb2.h
+++ b/source4/libcli/smb2/smb2.h
@@ -167,7 +167,7 @@ struct smb2_request {
/* each request is in one of 3 possible states */
enum smb2_request_state state;
-
+
struct smb2_transport *transport;
struct smb2_session *session;
struct smb2_tree *tree;
@@ -177,13 +177,13 @@ struct smb2_request {
struct {
bool do_cancel;
bool can_cancel;
- uint32_t pending_id;
+ uint64_t async_id;
} cancel;
/* the NT status for this request. Set by packet receive code
or code detecting error. */
NTSTATUS status;
-
+
struct smb2_request_buffer in;
struct smb2_request_buffer out;
diff --git a/source4/libcli/smb2/transport.c b/source4/libcli/smb2/transport.c
index dffd1ac..04b2d38 100644
--- a/source4/libcli/smb2/transport.c
+++ b/source4/libcli/smb2/transport.c
@@ -302,7 +302,7 @@ static NTSTATUS smb2_transport_finish_recv(void
*private_data, DATA_BLOB blob)
if ((flags SMB2_HDR_FLAG_ASYNC)
NT_STATUS_EQUAL(req-status, STATUS_PENDING)) {
req-cancel.can_cancel = true;
- req-cancel.pending_id = IVAL(hdr, SMB2_HDR_PID);
+ req-cancel.async_id = BVAL(hdr, SMB2_HDR_ASYNC_ID);
for (i=0; i req-cancel.do_cancel; i++) {
smb2_cancel(req);
}
diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c
index 9698112..8feb968 100644
--- a/source4/torture/smb2/util.c
+++ b/source4/torture/smb2/util.c
@@ -322,6 +322,7 @@ NTSTATUS torture_smb2_testfile(struct smb2_tree *tree,
const char *fname,
r.in.length = 5;
r.in.offset = 0;
+ // What is the purpose of this? Server returns EOF.
smb2_read(tree, tree, r);
return NT_STATUS_OK;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 85504ae... s4:libcli: Modify S4 client library to check for proper
CN alignment
via 00056e7... s3:smbd: Align change notify replies on 4-byte boundary
from 502bddf... s4:new_partition LDB module - fix an uninitalised
variable warning
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 85504ae6ff72204894ea7a856f0f36b44ad77fe2
Author: Steven Danneman steven.danne...@isilon.com
Date: Mon Jun 28 16:06:33 2010 -0700
s4:libcli: Modify S4 client library to check for proper CN alignment
MS-CIFS 2.2.7.4.2 states that FILE_NOTIFY_INFORMATION structures in
change notify replies must be aligned to 4-byte boundaries.
This updates s4 client to check for this restriction and also adds a
torture test which should tickle a server into giving unaligned
structures if it doesn't follow the spec.
commit 00056e73c1cb54f5d6c10e63b70afc2c84e5883e
Author: Chere Zhou chere.z...@isilon.com
Date: Mon Jul 5 17:18:35 2010 -0700
s3:smbd: Align change notify replies on 4-byte boundary
MS-CIFS section 2.2.7.4.2 states this is mandatory. WinXP clients
don't seem to care, but a Win7 client will send an immediate Close()
to the directory handle when receiving an incorrectly aligned
change notify response.
---
Summary of changes:
source3/smbd/notify.c | 10
source4/libcli/raw/rawnotify.c |4 +-
source4/torture/raw/notify.c | 100 +++-
3 files changed, 112 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index dc13aad..e473d99 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -77,6 +77,7 @@ static bool notify_marshall_changes(int num_changes,
for (i=0; inum_changes; i++) {
struct notify_change *c;
size_t namelen;
+ intrem = 0;
uint32 u32_tmp; /* Temp arg to prs_uint32 to avoid
* signed/unsigned issues */
@@ -102,6 +103,11 @@ static bool notify_marshall_changes(int num_changes,
*/
u32_tmp = (i == num_changes-1) ? 0 : namelen + 12;
+
+ /* Align on 4-byte boundary according to MS-CIFS 2.2.7.4.2 */
+ if ((rem = u32_tmp % 4 ) != 0)
+ u32_tmp += 4 - rem;
+
if (!prs_uint32(offset, ps, 1, u32_tmp)) goto fail;
u32_tmp = c-action;
@@ -117,6 +123,10 @@ static bool notify_marshall_changes(int num_changes,
*/
prs_set_offset(ps, prs_offset(ps)-2);
+ if (rem != 0) {
+ if (!prs_align_custom(ps, 4)) goto fail;
+ }
+
TALLOC_FREE(uni_name.buffer);
if (prs_offset(ps) max_offset) {
diff --git a/source4/libcli/raw/rawnotify.c b/source4/libcli/raw/rawnotify.c
index 2155076..40256aa 100644
--- a/source4/libcli/raw/rawnotify.c
+++ b/source4/libcli/raw/rawnotify.c
@@ -71,10 +71,12 @@ _PUBLIC_ NTSTATUS smb_raw_changenotify_recv(struct
smbcli_request *req,
parms-nttrans.out.changes = NULL;
parms-nttrans.out.num_changes = 0;
-
+
/* count them */
for (ofs=0; nt.out.params.length - ofs 12; ) {
uint32_t next = IVAL(nt.out.params.data, ofs);
+ if (next % 4 != 0)
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
parms-nttrans.out.num_changes++;
if (next == 0 ||
ofs + next = nt.out.params.length) break;
diff --git a/source4/torture/raw/notify.c b/source4/torture/raw/notify.c
index 5bf7f4a..dd3aae3 100644
--- a/source4/torture/raw/notify.c
+++ b/source4/torture/raw/notify.c
@@ -50,6 +50,14 @@
goto done; \
}} while (0)
+#define CHECK_WSTR2(tctx, field, value, flags) \
+do { \
+ if (!field.s || strcmp(field.s, value) || \
+ wire_bad_flags(field, flags, cli-transport)) { \
+ torture_result(tctx, TORTURE_FAIL, \
+ (%d) %s [%s] != %s\n, __LINE__, #field, field.s, value);
\
+ } \
+} while (0)
/*
basic testing of change notify on directories
@@ -1594,7 +1602,96 @@ done:
}
-/*
+/*
+ testing alignment of multiple change notify infos
+*/
+static bool test_notify_alignment(struct smbcli_state *cli,
+struct torture_context *tctx)
+{
+ NTSTATUS status;
+ union smb_notify notify;
+ union smb_open io;
+ int i, fnum, fnum2;
+ struct smbcli_request *req;
+ const char *fname = BASEDIR \\starter;
+ const char *fnames[] = { a,
+ab,
+abc,
+abcd
RE: [SCM] Samba Shared Repository - branch master updated- release-4-0-0alpha8-349-g5334b79
Hey Metze, No one at Isilon is working on SMB2 server side implementation currently, but we are front loading a lot of test work so there will be a reasonable set of correctness tests already available when new code is written. Right now we're working on porting most of the RAW SMB tests to SMB2, including open, streams, share modes, acls, brl, and change notify. All of our testing has been against a W2K8 server, though I'll include a W2K8R2 server as well. Sorry, I made some last minute changes before pushing this patch and didn't re-run them. I'll be more careful next time. Though, several of the tests will fail against current HEAD because the features aren't implemented yet. Is it acceptable for the make test TESTS=smb2 to fail for a bit? -Steven -Original Message- From: samba-technical-boun...@lists.samba.org [mailto:samba-technical- boun...@lists.samba.org] On Behalf Of Stefan (metze) Metzmacher Sent: Wednesday, July 15, 2009 3:45 AM To: samba-techni...@lists.samba.org Cc: samba-...@samba.org Subject: Re: [SCM] Samba Shared Repository - branch master updated- release-4-0-0alpha8-349-g5334b79 Hi Steven, The branch, master has been updated via 5334b79142e32c39c56cea2e9c0d5b08e2f217ca (commit) from 4b6401ab2cce8319abe0f8176bb460d51bd4a390 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5334b79142e32c39c56cea2e9c0d5b08e2f217ca Author: Aravind aravind.sriniva...@isilon.com Date: Tue Jul 7 07:11:56 2009 -0700 torture/smb2: Adding SMB2 Directory enumeration torture tests. Could you please do runtime tests before you push such patches? See 8cb44830e0356804e21d9973382e0070f20b15be and f49129e59225f6ea84add8e845ffaeb03dc6c8da for the reasons. It would be also nice to run 'make test' or 'make test TESTS=smb2' in s4. metze
RE: [SCM] Samba Shared Repository - branch master updated- release-4-0-0alpha8-349-g5334b79
Sorry, I made some last minute changes before pushing this patch and
didn't re-run them. I'll be more careful next time. Though, several
of the tests will fail against current HEAD because the features
aren't
implemented yet. Is it acceptable for the make test TESTS=smb2 to
fail for a bit?
Not without corresponding notations in the
source{3,4}/selftest/knownfail files.
Thanks. I'll add references to the tests without implemented features
there.
-Steven
RE: [SCM] Samba Shared Repository - branch master updated- release-4-0-0alpha8-349-g5334b79
Yes, please make sure you use torture_comment() instead of printf() and all torture_assert* functions instead of just returning false in a test. Then make test reports them as failures instead of errors and it's easy to mark them as known failures. This makes sure that the server doesn't crash when the test runs against it. metze Excellent, thanks Metze. Do we have any kind of document that describes best practices for writing torture tests? If not I can start a wiki page. Thus, far I have mostly copied style from other tests, but obviously there is a mix of several different approaches added over the years. -Steven
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2523b20... s4/torture/smb2: Add two new SMB2 compound tests
from 805f750... s4:cleanup remove unused schannel ldb code
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2523b20349930be693674be915bcb423bc1fcb82
Author: Steven Danneman steven.danne...@isilon.com
Date: Mon Feb 22 12:38:26 2010 -0800
s4/torture/smb2: Add two new SMB2 compound tests
These tests server behavior when a client compounds both synchronous
and asynchronous requests.
---
Summary of changes:
source4/torture/smb2/compound.c | 157 +++
1 files changed, 157 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/compound.c b/source4/torture/smb2/compound.c
index 4e58949..858ffde 100644
--- a/source4/torture/smb2/compound.c
+++ b/source4/torture/smb2/compound.c
@@ -33,6 +33,9 @@
goto done; \
}} while (0)
+#define TARGET_IS_W2K8(_tctx) (torture_setting_bool(_tctx, w2k8, false))
+#define TARGET_IS_WIN7(_tctx) (torture_setting_bool(_tctx, win7, false))
+
static bool test_compound_related1(struct torture_context *tctx,
struct smb2_tree *tree)
{
@@ -420,6 +423,158 @@ done:
return ret;
}
+/* Send a compound request where we expect the last request (Create, Notify)
+ * to go asynchronous. This works against a Win7 server and the reply is
+ * sent in two different packets. */
+static bool test_compound_interim1(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+struct smb2_handle hd;
+struct smb2_create cr;
+NTSTATUS status = NT_STATUS_OK;
+const char *dname = compound_interim_dir;
+struct smb2_notify nt;
+bool ret = true;
+struct smb2_request *req[2];
+
+/* Win7 compound request implementation deviates substantially from the
+ * SMB2 spec as noted in MS-SMB2 159, 162. This, test currently
+ * verifies the Windows behavior, not the general spec behavior. */
+if (!TARGET_IS_WIN7(tctx) !TARGET_IS_W2K8(tctx)) {
+ torture_skip(tctx, Interim test is specific to Windows server
+ behavior.\n);
+}
+
+smb2_transport_credits_ask_num(tree-session-transport, 5);
+
+smb2_deltree(tree, dname);
+
+smb2_transport_credits_ask_num(tree-session-transport, 1);
+
+ZERO_STRUCT(cr);
+cr.in.desired_access = SEC_RIGHTS_FILE_ALL;
+cr.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
+cr.in.file_attributes = FILE_ATTRIBUTE_DIRECTORY;
+cr.in.share_access = NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE |
+ NTCREATEX_SHARE_ACCESS_DELETE;
+cr.in.create_disposition = NTCREATEX_DISP_CREATE;
+cr.in.fname= dname;
+
+smb2_transport_compound_start(tree-session-transport, 2);
+
+req[0] = smb2_create_send(tree, cr);
+
+smb2_transport_compound_set_related(tree-session-transport, true);
+
+hd.data[0] = UINT64_MAX;
+hd.data[1] = UINT64_MAX;
+
+ZERO_STRUCT(nt);
+nt.in.recursive = true;
+nt.in.buffer_size= 0x1000;
+nt.in.file.handle= hd;
+nt.in.completion_filter = FILE_NOTIFY_CHANGE_NAME;
+nt.in.unknown= 0x;
+
+req[1] = smb2_notify_send(tree, nt);
+
+status = smb2_create_recv(req[0], tree, cr);
+CHECK_STATUS(status, NT_STATUS_OK);
+
+smb2_cancel(req[1]);
+status = smb2_notify_recv(req[1], tree, nt);
+CHECK_STATUS(status, NT_STATUS_CANCELLED);
+
+smb2_util_close(tree, cr.out.file.handle);
+
+smb2_deltree(tree, dname);
+done:
+return ret;
+}
+
+/* Send a compound request where we expect the middle request (Create, Notify,
+ * GetInfo) to go asynchronous. Against Win7 the sync request succeed while
+ * the async fails. All are returned in the same compound response. */
+static bool test_compound_interim2(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+struct smb2_handle hd;
+struct smb2_create cr;
+NTSTATUS status = NT_STATUS_OK;
+const char *dname = compound_interim_dir;
+struct smb2_getinfo gf;
+struct smb2_notify nt;
+bool ret = true;
+struct smb2_request *req[3];
+
+/* Win7 compound request implementation deviates substantially from the
+ * SMB2 spec as noted in MS-SMB2 159, 162. This, test currently
+ * verifies the Windows behavior, not the general spec behavior. */
+if (!TARGET_IS_WIN7(tctx) !TARGET_IS_W2K8(tctx)) {
+ torture_skip(tctx, Interim test is specific to Windows server
+ behavior.\n);
+}
+
+smb2_transport_credits_ask_num(tree
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f42971c... s3/smbd: Fix string buffer overflow causing heap
corruption
from 772d808... s4:ldb Fix check made conditional by mistake
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f42971c520360e69c4cdd64bebb02a5f5ba49b94
Author: Steven Danneman steven.danne...@isilon.com
Date: Sat Jan 30 13:29:23 2010 -0800
s3/smbd: Fix string buffer overflow causing heap corruption
The destname malloc size was not taking into account the 1 extra byte
needed if a string without a leading '/' was passed in and that slash
was added.
This would cause the '\0' byte to be written past the end of the
malloced destname string and corrupt whatever heap memory was there.
This problem would be hit if a share name was given in smb.conf without
a leading '/' and if it was the exact size of the allocated STRDUP memory
which in some implementations of malloc is a power of 2.
---
Summary of changes:
source3/smbd/service.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 4859344..e8775ff 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -60,7 +60,8 @@ bool set_conn_connectpath(connection_struct *conn, const char
*connectpath)
return false;
}
- destname = SMB_STRDUP(connectpath);
+ /* Allocate for strlen + '\0' + possible leading '/' */
+ destname = SMB_MALLOC(strlen(connectpath) + 2);
if (!destname) {
return false;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5323fe9... s4/torture: Parameterize output in LOCK tests based off
server support
from 73422e7... Revert s4:provision_users.ldif - Import all essential
groups for Windows Server 2008 mode
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5323fe99c30bad099645711feac5f2a8979a1ee1
Author: Steven Danneman steven.danne...@isilon.com
Date: Sun Jan 10 16:06:57 2010 -0800
s4/torture: Parameterize output in LOCK tests based off server support
Two new torture parameters:
* smbexit_pdu_support: if the Server supports the Exit command
* range_not_locked_on_file_close: whether the server returns the
NT_STATUS_RANGE_NOT_LOCKED error when a file is closed which has a
pending lock request. Windows returns this error, though per the
spec, this error should only be returned to an unlock request.
---
Summary of changes:
source4/torture/raw/lock.c | 120 +
source4/torture/smbtorture.c |3 +
source4/torture/smbtorture.h | 14 +
3 files changed, 90 insertions(+), 47 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/raw/lock.c b/source4/torture/raw/lock.c
index 7eb4610..6c86a6f 100644
--- a/source4/torture/raw/lock.c
+++ b/source4/torture/raw/lock.c
@@ -80,10 +80,14 @@
#define TARGET_SUPPORTS_INVALID_LOCK_RANGE(_tctx) \
(torture_setting_bool(_tctx, invalid_lock_range_support, true))
+#define TARGET_SUPPORTS_SMBEXIT(_tctx) \
+(torture_setting_bool(_tctx, smbexit_pdu_support, true))
#define TARGET_SUPPORTS_SMBLOCK(_tctx) \
(torture_setting_bool(_tctx, smblock_pdu_support, true))
#define TARGET_SUPPORTS_OPENX_DENY_DOS(_tctx) \
(torture_setting_bool(_tctx, openx_deny_dos_support, true))
+#define TARGET_RETURNS_RANGE_NOT_LOCKED(_tctx) \
+(torture_setting_bool(_tctx, range_not_locked_on_file_close, true))
/*
test SMBlock and SMBunlock ops
*/
@@ -786,7 +790,10 @@ static bool test_async(struct torture_context *tctx,
CHECK_STATUS(status, NT_STATUS_OK);
status = smbcli_request_simple_recv(req);
- CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED);
+ if (TARGET_RETURNS_RANGE_NOT_LOCKED(tctx))
+ CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED);
+ else
+ CHECK_STATUS(status, NT_STATUS_FILE_LOCK_CONFLICT);
torture_assert(tctx,!(time(NULL) t+2), talloc_asprintf(tctx,
lock cancel by close was not immediate (%s)\n,
__location__));
@@ -816,46 +823,57 @@ static bool test_async(struct torture_context *tctx,
tree-tid = tcon.tconx.out.tid;
torture_comment(tctx, testing cancel by exit\n);
- fname = BASEDIR \\test_exit.txt;
- fnum = smbcli_open(tree, fname, O_RDWR|O_CREAT, DENY_NONE);
- torture_assert(tctx,(fnum != -1), talloc_asprintf(tctx,
- Failed to reopen %s - %s\n,
- fname, smbcli_errstr(tree)));
-
- io.lockx.level = RAW_LOCK_LOCKX;
- io.lockx.in.file.fnum = fnum;
- io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES;
- io.lockx.in.timeout = 0;
- io.lockx.in.ulock_cnt = 0;
- io.lockx.in.lock_cnt = 1;
- lock[0].pid = session-pid;
- lock[0].offset = 100;
- lock[0].count = 10;
- io.lockx.in.locks = lock[0];
- status = smb_raw_lock(tree, io);
- CHECK_STATUS(status, NT_STATUS_OK);
-
- io.lockx.in.ulock_cnt = 0;
- io.lockx.in.lock_cnt = 1;
- io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES;
- io.lockx.in.timeout = 0;
- status = smb_raw_lock(tree, io);
- CHECK_STATUS(status, NT_STATUS_LOCK_NOT_GRANTED);
+ if (TARGET_SUPPORTS_SMBEXIT(tctx)) {
+ fname = BASEDIR \\test_exit.txt;
+ fnum = smbcli_open(tree, fname, O_RDWR|O_CREAT, DENY_NONE);
+ torture_assert(tctx,(fnum != -1), talloc_asprintf(tctx,
+ Failed to reopen %s - %s\n,
+ fname, smbcli_errstr(tree)));
+
+ io.lockx.level = RAW_LOCK_LOCKX;
+ io.lockx.in.file.fnum = fnum;
+ io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES;
+ io.lockx.in.timeout = 0;
+ io.lockx.in.ulock_cnt = 0;
+ io.lockx.in.lock_cnt = 1;
+ lock[0].pid = session-pid;
+ lock[0].offset = 100;
+ lock[0].count = 10;
+ io.lockx.in.locks = lock[0];
+ status = smb_raw_lock(tree, io);
+ CHECK_STATUS(status, NT_STATUS_OK);
- io.lockx.in.timeout = 1;
- t = time(NULL);
- req = smb_raw_lock_send(tree, io);
- torture_assert(tctx,(req != NULL), talloc_asprintf(tctx,
- Failed to setup timed
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 71a40d7... s4/torture: fix small bug in lock test via 655bdb1... s4/torture: add more lock cancellation tests from f5729db... s3:lib/time: remove TIME_T_MIN/MAX defines http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 71a40d7e2c21bf3ac47be3ec57fb091ff420ba9a Author: Steven Danneman steven.danne...@isilon.com Date: Fri Dec 18 15:35:35 2009 -0800 s4/torture: fix small bug in lock test Cleanup path should unlock, not cancel existing locked range. commit 655bdb19bd91c43b2c5230927bfa8343a0c8a56a Author: Steven Danneman steven.danne...@isilon.com Date: Wed Dec 16 14:38:56 2009 -0800 s4/torture: add more lock cancellation tests * Test the SMB1 behavior when multiple lock ranges are requested, pend, and then are cancelled. The entire LockingAndX request fails. --- Summary of changes: source4/torture/raw/lock.c | 98 +++- 1 files changed, 96 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/lock.c b/source4/torture/raw/lock.c index 34b05b7..7eb4610 100644 --- a/source4/torture/raw/lock.c +++ b/source4/torture/raw/lock.c @@ -643,10 +643,104 @@ static bool test_async(struct torture_context *tctx, /* cleanup the second lock */ io.lockx.in.ulock_cnt = 1; io.lockx.in.lock_cnt = 0; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks = lock[1]; + status = smb_raw_lock(cli-tree, io); + CHECK_STATUS(status, NT_STATUS_OK); + + /* If a lock request contained multiple ranges and we are cancelling +* one while it's still pending, what happens? */ + torture_comment(tctx, testing cancel 1/2 lock request\n); + + /* Send request with two ranges */ + io.lockx.in.timeout = -1; + io.lockx.in.ulock_cnt = 0; + io.lockx.in.lock_cnt = 2; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks = lock; + req = smb_raw_lock_send(cli-tree, io); + torture_assert(tctx,(req != NULL), talloc_asprintf(tctx, + Failed to setup pending lock (%s)\n, __location__)); + + /* Try to cancel the first lock range */ + io.lockx.in.timeout = 0; + io.lockx.in.lock_cnt = 1; + io.lockx.in.mode = LOCKING_ANDX_CANCEL_LOCK | LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks = lock[0]; + status = smb_raw_lock(cli-tree, io); + CHECK_STATUS(status, NT_STATUS_OK); + + /* Locking request should've failed and second range should be +* unlocked */ + status = smbcli_request_simple_recv(req); + CHECK_STATUS(status, NT_STATUS_FILE_LOCK_CONFLICT); + + io.lockx.in.timeout = 0; + io.lockx.in.ulock_cnt = 0; + io.lockx.in.lock_cnt = 1; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; io.lockx.in.locks = lock[1]; status = smb_raw_lock(cli-tree, io); CHECK_STATUS(status, NT_STATUS_OK); + /* Cleanup both locks */ + io.lockx.in.ulock_cnt = 2; + io.lockx.in.lock_cnt = 0; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks = lock; + status = smb_raw_lock(cli-tree, io); + CHECK_STATUS(status, NT_STATUS_OK); + + torture_comment(tctx, testing cancel 2/2 lock request\n); + + /* Lock second range so it contends */ + io.lockx.in.timeout = 0; + io.lockx.in.ulock_cnt = 0; + io.lockx.in.lock_cnt = 1; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks = lock[1]; + status = smb_raw_lock(cli-tree, io); + CHECK_STATUS(status, NT_STATUS_OK); + + /* Send request with two ranges */ + io.lockx.in.timeout = -1; + io.lockx.in.ulock_cnt = 0; + io.lockx.in.lock_cnt = 2; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks = lock; + req = smb_raw_lock_send(cli-tree, io); + torture_assert(tctx,(req != NULL), talloc_asprintf(tctx, + Failed to setup pending lock (%s)\n, __location__)); + + /* Try to cancel the second lock range */ + io.lockx.in.timeout = 0; + io.lockx.in.lock_cnt = 1; + io.lockx.in.mode = LOCKING_ANDX_CANCEL_LOCK | LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks = lock[1]; + status = smb_raw_lock(cli-tree, io); + CHECK_STATUS(status, NT_STATUS_OK); + + /* Locking request should've failed and first range should be +* unlocked */ + status = smbcli_request_simple_recv(req); + CHECK_STATUS(status, NT_STATUS_FILE_LOCK_CONFLICT); + + io.lockx.in.timeout = 0; + io.lockx.in.ulock_cnt = 0; + io.lockx.in.lock_cnt = 1; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.locks
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 47f5aac... s4/torture: add test for zero byte read contention with
byte range locks
via 995b480... s4/libcli: add define for exclusive lock mode
via b4c72e4... s4/torture: fix 80 column spacing issues
via 0c42d65... s4/torture: add delete-on-close test for directories
from a246310... parent_sd can never be null in this function, so don't
check for it.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 47f5aac39d4a81f37ae0d8656ac75d985b24053b
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Dec 3 18:50:33 2009 -0800
s4/torture: add test for zero byte read contention with byte range locks
commit 995b4800f820a9d4415026e677aaad8de7668b92
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Dec 3 18:32:56 2009 -0800
s4/libcli: add define for exclusive lock mode
commit b4c72e44a83157768ae991e72d824f56a381eab6
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Dec 3 19:32:53 2009 -0800
s4/torture: fix 80 column spacing issues
commit 0c42d65d7cbc24b96f0e9ec700d32da860060174
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Nov 17 12:28:34 2009 -0800
s4/torture: add delete-on-close test for directories
This test opens a directory with delete on close, opens it again,
and checks to make sure that the second open returned with
NT_STATUS_DELETE_PENDING.
---
Summary of changes:
source4/libcli/raw/smb.h |1 +
source4/selftest/knownfail |2 +
source4/torture/basic/delete.c | 63
source4/torture/raw/lock.c | 162 +++-
source4/torture/smb2/lock.c| 132 +++--
5 files changed, 350 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/raw/smb.h b/source4/libcli/raw/smb.h
index 4fbf76f..349705d 100644
--- a/source4/libcli/raw/smb.h
+++ b/source4/libcli/raw/smb.h
@@ -559,6 +559,7 @@
#define UID_FIELD_INVALID 0
/* Lock types. */
+#define LOCKING_ANDX_EXCLUSIVE_LOCK 0x00
#define LOCKING_ANDX_SHARED_LOCK 0x01
#define LOCKING_ANDX_OPLOCK_RELEASE 0x02
#define LOCKING_ANDX_CHANGE_LOCKTYPE 0x04
diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail
index b9d40f2..ef3c10c 100644
--- a/source4/selftest/knownfail
+++ b/source4/selftest/knownfail
@@ -67,3 +67,5 @@ samba4.raw.lock.*.async # bug 6960
samba4.smb2.lock.*.MULTIPLE-UNLOCK # bug 6959
samba4.raw.sfileinfo.*.END-OF-FILE # bug 6962
samba4.raw.oplock.*.BATCH22 # bug 6963
+samba4.raw.lock.*.zerobyteread # bug 6974
+samba4.smb2.lock.*.ZEROBYTEREAD # bug 6974
diff --git a/source4/torture/basic/delete.c b/source4/torture/basic/delete.c
index 0f7c939..22d9219 100644
--- a/source4/torture/basic/delete.c
+++ b/source4/torture/basic/delete.c
@@ -1515,9 +1515,71 @@ static bool deltest22(struct torture_context *tctx)
CHECK_STATUS(cli1, NT_STATUS_DELETE_PENDING);
+ smbcli_close(cli1-tree, dnum2);
+ CHECK_STATUS(cli1, NT_STATUS_OK);
+
return correct;
}
+/* Test 23 - Second directory open fails when delete is pending. */
+static bool deltest23(struct torture_context *tctx,
+ struct smbcli_state *cli1,
+ struct smbcli_state *cli2)
+{
+ int dnum1 = -1;
+ int dnum2 = -1;
+ bool correct = true;
+ NTSTATUS status;
+
+ del_clean_area(cli1, cli2);
+
+ /* Test 23 -- Basic delete on close for directories. */
+
+ /* Open a directory */
+ dnum1 = smbcli_nt_create_full(cli1-tree, dname, 0,
+ SEC_FILE_READ_DATA|
+ SEC_FILE_WRITE_DATA|
+ SEC_STD_DELETE,
+ FILE_ATTRIBUTE_DIRECTORY,
+ NTCREATEX_SHARE_ACCESS_READ|
+ NTCREATEX_SHARE_ACCESS_WRITE|
+ NTCREATEX_SHARE_ACCESS_DELETE,
+ NTCREATEX_DISP_CREATE,
+ NTCREATEX_OPTIONS_DIRECTORY, 0);
+
+ torture_assert(tctx, dnum1 != -1, talloc_asprintf(tctx,
+ open of %s failed: %s!,
+ dname, smbcli_errstr(cli1-tree)));
+
+ correct = check_delete_on_close(tctx, cli1, dnum1, dname, false,
+ __location__);
+
+ /* Set delete on close */
+ status = smbcli_nt_delete_on_close(cli1-tree, dnum1, true);
+
+ /* Attempt opening the directory again. It should fail. */
+ dnum2 = smbcli_nt_create_full(cli1-tree, dname, 0,
+ SEC_FILE_READ_DATA|
+ SEC_FILE_WRITE_DATA
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 48358b3... s4/torture: add multiple lock cancel test
via ad9c5a7... s4/torture: add addition multiple lock tests
via dfbb92e... s4/torture: fix build warnings by removing unecessary
const
via 438b7c4... s4/torture: Add target functionality parameters to SMBv1
BRL tests
from 9a3d9ab... s3-selftest: run LOCAL-NDR when running make selftest.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 48358b3eaa425d8fbfec7bfd8ccf56860b5a1ba0
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Nov 25 17:39:42 2009 -0800
s4/torture: add multiple lock cancel test
See what happens when we have multiple outstanding lock requests and
we try to cancel both of them within a single LockingAndX.
On Windows, it seems only the first lock in the array is cancelled,
and the second is left pending. Though, this behavior goes against
the MS-CIFS spec.
commit ad9c5a7b881bd28f408a178766a00098bab19157
Author: Steven Danneman steven.danne...@isilon.com
Date: Mon Nov 30 17:05:27 2009 -0800
s4/torture: add addition multiple lock tests
* test that 2 locks in a single LockAndX are transactional
* test that 1 unlock and 1 lock in a single LockAndX are not
transactional
* test that SMB2 doesn't like mixed lock/unlock in a single
PDU
commit dfbb92e2a1c3478c9b1263adcc4818afe2acd6f7
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue Nov 24 18:38:46 2009 -0800
s4/torture: fix build warnings by removing unecessary const
commit 438b7c41aecaad55f03d2f19a0f33bb57decefa9
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue Nov 24 16:58:25 2009 -0800
s4/torture: Add target functionality parameters to SMBv1 BRL tests
Abstract the server requirements to pass some BRL tests.
* The new default for 64bit lock tests, is that the server should
return STATUS_INVALID_LOCK_RANGE.
* Add parameter for targets that don't implement DENY_DOS
---
Summary of changes:
source4/torture/raw/lock.c | 195 --
source4/torture/smb2/lock.c | 241 +-
source4/torture/smbtorture.c |7 +-
source4/torture/smbtorture.h |9 ++
4 files changed, 413 insertions(+), 39 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/raw/lock.c b/source4/torture/raw/lock.c
index 610cac9..f36d492 100644
--- a/source4/torture/raw/lock.c
+++ b/source4/torture/raw/lock.c
@@ -69,6 +69,19 @@
}} while (0)
#define BASEDIR \\testlock
+#define TARGET_SUPPORTS_SMBLOCK(_tctx) \
+(torture_setting_bool(_tctx, smblock_pdu_support, true))
+#define TARGET_SUPPORTS_OPENX_DENY_DOS(_tctx) \
+(torture_setting_bool(_tctx, openx_deny_dos_support, true))
+#define TARGET_SUPPORTS_INVALID_LOCK_RANGE(_tctx) \
+(torture_setting_bool(_tctx, invalid_lock_range_support, true))
+#define TARGET_IS_W2K8(_tctx) (torture_setting_bool(_tctx, w2k8, false))
+#define TARGET_IS_WIN7(_tctx) (torture_setting_bool(_tctx, win7, false))
+#define TARGET_IS_WINDOWS(_tctx) ((torture_setting_bool(_tctx, w2k8, false))
|| \
+ (torture_setting_bool(_tctx, win7, false)))
+#define TARGET_IS_SAMBA3(_tctx) (torture_setting_bool(_tctx, samba3, false))
+#define TARGET_IS_SAMBA4(_tctx) (torture_setting_bool(_tctx, samba4, false))
+
/*
test SMBlock and SMBunlock ops
*/
@@ -80,6 +93,9 @@ static bool test_lock(struct torture_context *tctx, struct
smbcli_state *cli)
int fnum;
const char *fname = BASEDIR \\test.txt;
+ if (!TARGET_SUPPORTS_SMBLOCK(tctx))
+ torture_skip(tctx, Target does not support the SMBlock PDU);
+
if (!torture_setup_dir(cli, BASEDIR)) {
return false;
}
@@ -361,7 +377,7 @@ static bool test_lockx(struct torture_context *tctx, struct
smbcli_state *cli)
lock[0].pid++;
lock[0].count = 2;
status = smb_raw_lock(cli-tree, io);
- if (TARGET_IS_WIN7(tctx) || TARGET_IS_SAMBA4(tctx))
+ if (TARGET_SUPPORTS_INVALID_LOCK_RANGE(tctx))
CHECK_STATUS(status, NT_STATUS_INVALID_LOCK_RANGE);
else
CHECK_STATUS(status, NT_STATUS_OK);
@@ -484,7 +500,7 @@ static bool test_async(struct torture_context *tctx,
int fnum;
const char *fname = BASEDIR \\test.txt;
time_t t;
- struct smbcli_request *req;
+ struct smbcli_request *req, *req2;
struct smbcli_session_options options;
if (!torture_setup_dir(cli, BASEDIR)) {
@@ -510,6 +526,9 @@ static bool test_async(struct torture_context *tctx,
lock[0].pid = cli-session-pid;
lock[0].offset = 100;
lock[0].count = 10;
+ lock[1].pid = cli-session-pid;
+ lock
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 76be0f6... s4/selftest: knownfail some locking tests until bugs are fixed from 7c938d1... Ñ3: remove superfluous option check http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 76be0f6a11dfadc94923a81ef984b6234db5c0b0 Author: Steven Danneman steven.danne...@isilon.com Date: Wed Dec 2 17:55:00 2009 -0800 s4/selftest: knownfail some locking tests until bugs are fixed --- Summary of changes: source4/selftest/knownfail |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index 2f75760..56bf718 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -63,3 +63,5 @@ samba4.ntvfs.cifs.base.createx_sharemodes_dir samba4.ntvfs.cifs.base.maximum_allowed samba4.base.createx_access # this test is broken for non-administrator users samba4.smb2.oplock # oplocks in the s4 SMB2 server are a mess +samba4.raw.lock.*.async # bug 6960 +samba4.smb2.lock.*.MULTIPLE-UNLOCK # bug 6959 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f66612f... s4/torture: port SMBv1 RAW-LOCK tests to SMBv2
via 7f14388... s4/libcli: rename previously reserved field in SMB2 LOCK
struct
via 65a611e... s4/libcli: Initialize client PID for SMB2 connections
from 95108f1... s3-registry: fix REG_MULTI_SZ handling in
registry_push_value.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f66612f62e43b752cb7461da429efd26d1c47296
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Nov 18 16:35:03 2009 -0800
s4/torture: port SMBv1 RAW-LOCK tests to SMBv2
RAW-LOCK ported as:
RAW-LOCK-LOCK, RAW-LOCK-LOCKX - SMB2-LOCK-LOCK
RAW-PIDHIGH - removed, no longer relevant
RAW-ASYNC - SMB2-LOCK-ASYNC, SMB2-LOCK-CANCEL, SMB2-LOCK-CANCEL-TDIS,
SMB2-LOCK-CANCEL-LOGOFF
RAW-ERRORCODE - SMB2-LOCK-ERRORCODE
RAW-CHANGETYPE - removed, no longer relevant
RAW-ZEROBYTELOCKS - SMB2-LOCK-ZEROBYTELENGTH
RAW-UNLOCK - SMB2-LOCK-UNLOCK
RAW-MULTIPLE_UNLOCK - SMB2-LOCK-MULTIPLE-UNLOCK
RAW-STACKING - SMB2-LOCK-STACKING
BASE-LOCK ported as:
BASE-LOCK-LOCK1 - SMB2-LOCK-ERRORCODE, timeout is no longer relevant
BASE-LOCK-LOCK2 - SMB2-LOCK-CONTEND, SMB2-LOCK-LOCK, SMB2-LOCK-CONTEXT
BASE-LOCK-LOCK3 - SMB2-LOCK-RANGE
BASE-LOCK-LOCK4 - SMB2-LOCK-OVERLAP
BASE-LOCK-LOCK5 - SMB2-LOCK-STACKING
BASE-LOCK-LOCK6 - SMB2-LOCK-CANCEL, change_locktype no longer relevant
BASE-LOCK-LOCK7 - SMB2-LOCK-RW-SHARED, SMB2-LOCK-RW-EXCLUSIVE
commit 7f14388721fdfdc4d5e3d36dd5071a0993695815
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Nov 18 17:51:35 2009 -0800
s4/libcli: rename previously reserved field in SMB2 LOCK struct
The lock.in.reserved field has been renamed lock_sequence in the
SMB 2.1 dialect. See MS-SMB 2.2.26.
commit 65a611ec7299ba992d16dff69da47b1b8e16241d
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Nov 18 16:35:16 2009 -0800
s4/libcli: Initialize client PID for SMB2 connections
Set the SMB pid to the Unix pid of the client process.
---
Summary of changes:
source4/libcli/raw/interfaces.h |2 +-
source4/libcli/smb2/lock.c |2 +-
source4/libcli/smb2/request.c |1 +
source4/libcli/smb2/session.c |4 +
source4/libcli/smb2/smb2.h |1 +
source4/smb_server/smb2/fileio.c|2 +-
source4/torture/gentest.c |2 +-
source4/torture/smb2/durable_open.c |2 +-
source4/torture/smb2/lock.c | 2058 ++-
9 files changed, 2036 insertions(+), 38 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index af2158c..4ddfc56 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -2030,7 +2030,7 @@ union smb_lock {
/* static body buffer 48 (0x30) bytes */
/* uint16_t buffer_code; 0x30 */
uint16_t lock_count;
- uint32_t reserved;
+ uint32_t lock_sequence;
/* struct smb2_handle handle; */
struct smb2_lock_element {
uint64_t offset;
diff --git a/source4/libcli/smb2/lock.c b/source4/libcli/smb2/lock.c
index 62c6e5d..f2a76d8 100644
--- a/source4/libcli/smb2/lock.c
+++ b/source4/libcli/smb2/lock.c
@@ -39,7 +39,7 @@ struct smb2_request *smb2_lock_send(struct smb2_tree *tree,
struct smb2_lock *io
SSVAL(req-out.body, 0, 0x30);
SSVAL(req-out.body, 0x02, io-in.lock_count);
- SIVAL(req-out.body, 0x04, io-in.reserved);
+ SIVAL(req-out.body, 0x04, io-in.lock_sequence);
smb2_push_handle(req-out.body+0x08, io-in.file.handle);
for (i=0;iio-in.lock_count;i++) {
diff --git a/source4/libcli/smb2/request.c b/source4/libcli/smb2/request.c
index 5d09a50..358d133 100644
--- a/source4/libcli/smb2/request.c
+++ b/source4/libcli/smb2/request.c
@@ -175,6 +175,7 @@ struct smb2_request *smb2_request_init_tree(struct
smb2_tree *tree, uint16_t opc
if (req == NULL) return NULL;
SBVAL(req-out.hdr, SMB2_HDR_SESSION_ID, tree-session-uid);
+ SIVAL(req-out.hdr, SMB2_HDR_PID, tree-session-pid);
SIVAL(req-out.hdr, SMB2_HDR_TID, tree-tid);
req-session = tree-session;
req-tree = tree;
diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c
index 9db32c4..1247962 100644
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -26,6 +26,8 @@
#include libcli/composite/composite.h
#include auth/gensec/gensec.h
+#include unistd.h
+
/**
initialise a smb2_session structure
*/
@@ -46,6 +48,8 @@ struct smb2_session
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 15d93a5... s4/torture: Port SMBv1 Change Notify tests to SMBv2
via 7447138... s4/libcli: add a FILE_NOTIFY_CHANGE_ALL macro
via f7e3809... s4/torture: add a new ulong parameteric torture option
via c14b0ce... torture/smb2: make SMB2 BRL tests pass against W2K8R2
from 7407b52... Start removing SMB_STRUCT_STAT variables except for the
directory enumeration code (which needs it). Jeremy.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 15d93a5d8e21893e1cca5c989dbf97010aae1622
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Nov 17 15:30:11 2009 -0800
s4/torture: Port SMBv1 Change Notify tests to SMBv2
* Ported all tests from raw/notify.c to smb2/notify.c
* Parameterized the max_buffer_size so it can be set on a
per-target basis.
* Fixed CHECK macros to use torture_result
* Created a SMB2-NOTIFY test suite
commit 74471387e03c9a0b12198275826ee56ee68994ab
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Nov 17 15:24:40 2009 -0800
s4/libcli: add a FILE_NOTIFY_CHANGE_ALL macro
This macro encompasses all possible file notifications that can
be raised.
commit f7e3809d66c54e26a7b8f8bc93b530bc9fc35f40
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Nov 17 15:23:23 2009 -0800
s4/torture: add a new ulong parameteric torture option
commit c14b0cea488f78fc2fb88646d0cc674c6154c008
Author: Steven Danneman steven.danne...@isilon.com
Date: Fri Nov 13 15:13:19 2009 -0800
torture/smb2: make SMB2 BRL tests pass against W2K8R2
The BRL tests previously based their results off several bugs in the
W2K8 byte range lock code. I've fixed up the tests to pass against
Win7 which has fixed these bugs, and assume that the Win7 behavior
is the default.
I have inverted the test behavior for 63-bit lock requests. The
tests previously expected NT_STATUS_OK as their default in this
case. I've changed that default to expect STATUS_INVALID_LOCK_RANGE.
This may requires some changing of make test to compensate.
I've also removed a few test scenarios from VALID-REQUEST in preparation
of replacing them with separate tests ported from RAW-LOCK.
---
Summary of changes:
lib/torture/torture.c |8 +
source4/libcli/raw/smb.h |8 +
source4/torture/smb2/lock.c | 201 +++---
source4/torture/smb2/notify.c | 1869 -
source4/torture/smb2/smb2.c |2 +-
source4/torture/smbtorture.c |4 +
source4/torture/smbtorture.h | 16 +
7 files changed, 1966 insertions(+), 142 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/torture/torture.c b/lib/torture/torture.c
index 392cb0a..672726e 100644
--- a/lib/torture/torture.c
+++ b/lib/torture/torture.c
@@ -425,6 +425,14 @@ int torture_setting_int(struct torture_context *test,
const char *name,
return lp_parm_int(test-lp_ctx, NULL, torture, name, default_value);
}
+unsigned long torture_setting_ulong(struct torture_context *test,
+ const char *name,
+ unsigned long default_value)
+{
+ return lp_parm_ulong(test-lp_ctx, NULL, torture, name,
+default_value);
+}
+
double torture_setting_double(struct torture_context *test, const char *name,
double default_value)
{
diff --git a/source4/libcli/raw/smb.h b/source4/libcli/raw/smb.h
index d4091ac..4fbf76f 100644
--- a/source4/libcli/raw/smb.h
+++ b/source4/libcli/raw/smb.h
@@ -464,6 +464,14 @@
#define FILE_NOTIFY_CHANGE_NAME \
(FILE_NOTIFY_CHANGE_FILE_NAME|FILE_NOTIFY_CHANGE_DIR_NAME)
+#define FILE_NOTIFY_CHANGE_ALL \
+ (FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_DIR_NAME | \
+FILE_NOTIFY_CHANGE_ATTRIBUTES | FILE_NOTIFY_CHANGE_SIZE | \
+FILE_NOTIFY_CHANGE_LAST_WRITE | FILE_NOTIFY_CHANGE_LAST_ACCESS | \
+FILE_NOTIFY_CHANGE_CREATION| FILE_NOTIFY_CHANGE_EA | \
+FILE_NOTIFY_CHANGE_SECURITY| FILE_NOTIFY_CHANGE_STREAM_NAME | \
+FILE_NOTIFY_CHANGE_STREAM_SIZE | FILE_NOTIFY_CHANGE_STREAM_WRITE)
+
/* change notify action results */
#define NOTIFY_ACTION_ADDED 1
#define NOTIFY_ACTION_REMOVED 2
diff --git a/source4/torture/smb2/lock.c b/source4/torture/smb2/lock.c
index 033e12f..211578b 100644
--- a/source4/torture/smb2/lock.c
+++ b/source4/torture/smb2/lock.c
@@ -27,8 +27,9 @@
#include torture/smb2/proto.h
-#define TARGET_IS_WINDOWS(_tctx) (torture_setting_bool(_tctx, win7, false)
|| torture_setting_bool(torture, windows, false))
-#define TARGET_IS_WIN7(_tctx) (torture_setting_bool(_tctx, win7, false))
+#define
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 622bffc... s4/torture: fix build break implicit declaration of function 'isprint' from 5aeb954... s3: Fix a memleak reported by dmarkey http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 622bffce4723353964bf0dc7bbf60235e417caa6 Author: Steven Danneman steven.danne...@isilon.com Date: Fri Oct 9 14:01:33 2009 -0700 s4/torture: fix build break implicit declaration of function 'isprint' --- Summary of changes: source4/torture/smb2/streams.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/smb2/streams.c b/source4/torture/smb2/streams.c index 50f27a8..f186a54 100644 --- a/source4/torture/smb2/streams.c +++ b/source4/torture/smb2/streams.c @@ -32,6 +32,7 @@ #include torture/util.h #include system/filesys.h +#include system/locale.h #define DNAME teststreams -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 0ec8fe4... s4/torture: Ported SMBv1 RAW-STREAMS tests to
SMB2-STREAMS
from 3703890... AD-Bench: A first go at an Active Directory benchmark.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 0ec8fe420f65fabce9d6b0a998ef892201f3e395
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Oct 6 20:25:15 2009 -0700
s4/torture: Ported SMBv1 RAW-STREAMS tests to SMB2-STREAMS
---
Summary of changes:
source4/torture/smb2/config.mk |3 +-
source4/torture/smb2/smb2.c|1 +
source4/torture/smb2/streams.c | 1767
3 files changed, 1770 insertions(+), 1 deletions(-)
create mode 100644 source4/torture/smb2/streams.c
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/config.mk b/source4/torture/smb2/config.mk
index f617f70..e26ad26 100644
--- a/source4/torture/smb2/config.mk
+++ b/source4/torture/smb2/config.mk
@@ -25,7 +25,8 @@ TORTURE_SMB2_OBJ_FILES = $(addprefix $(torturesrcdir)/smb2/, \
lease.o \
create.o \
read.o \
- compound.o)
+ compound.o \
+ streams.o)
$(eval $(call
proto_header_template,$(torturesrcdir)/smb2/proto.h,$(TORTURE_SMB2_OBJ_FILES:.o=.c)))
diff --git a/source4/torture/smb2/smb2.c b/source4/torture/smb2/smb2.c
index 2430b09..f1d8fbb 100644
--- a/source4/torture/smb2/smb2.c
+++ b/source4/torture/smb2/smb2.c
@@ -143,6 +143,7 @@ NTSTATUS torture_smb2_init(void)
torture_suite_add_suite(suite, torture_smb2_lease_init());
torture_suite_add_suite(suite, torture_smb2_compound_init());
torture_suite_add_suite(suite, torture_smb2_oplocks_init());
+ torture_suite_add_suite(suite, torture_smb2_streams_init());
torture_suite_add_1smb2_test(suite, BENCH-OPLOCK,
test_smb2_bench_oplock);
torture_suite_add_1smb2_test(suite, HOLD-OPLOCK,
test_smb2_hold_oplock);
diff --git a/source4/torture/smb2/streams.c b/source4/torture/smb2/streams.c
new file mode 100644
index 000..50f27a8
--- /dev/null
+++ b/source4/torture/smb2/streams.c
@@ -0,0 +1,1767 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ test alternate data streams
+
+ Copyright (C) Andrew Tridgell 2004
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include includes.h
+#include libcli/smb2/smb2.h
+#include libcli/smb2/smb2_calls.h
+#include libcli/smb_composite/smb_composite.h
+#include libcli/raw/libcliraw.h
+#include libcli/raw/raw_proto.h
+#include libcli/libcli.h
+
+#include torture/torture.h
+#include torture/smb2/proto.h
+#include torture/util.h
+
+#include system/filesys.h
+
+#define DNAME teststreams
+
+#define CHECK_STATUS(status, correct) do { \
+ if (!NT_STATUS_EQUAL(status, correct)) { \
+ torture_result(tctx, TORTURE_FAIL, \
+ (%s) Incorrect status %s - should be %s\n, \
+ __location__, nt_errstr(status), nt_errstr(correct)); \
+ ret = false; \
+ goto done; \
+ }} while (0)
+
+#define CHECK_VALUE(v, correct) do { \
+ if ((v) != (correct)) { \
+ torture_result(tctx, TORTURE_FAIL, \
+ (%s) Incorrect value %s=%d - should be %d\n, \
+ __location__, #v, (int)v, (int)correct); \
+ ret = false; \
+ }} while (0)
+
+#define CHECK_NTTIME(v, correct) do { \
+ if ((v) != (correct)) { \
+ torture_result(tctx, TORTURE_FAIL, \
+ (%s) Incorrect value %s=%llu - should be %llu\n, \
+ __location__, #v, (unsigned long long)v, \
+ (unsigned long long)correct); \
+ ret = false; \
+ }} while (0)
+
+#define CHECK_STR(v, correct) do { \
+ bool ok; \
+ if ((v) !(correct)) { \
+ ok = false; \
+ } else if (!(v) (correct)) { \
+ ok = false; \
+ } else if (!(v) !(correct)) { \
+ ok = true; \
+ } else if (strcmp((v), (correct)) == 0) { \
+ ok = true; \
+ } else { \
+ ok = false; \
+ } \
+ if (!ok) { \
+ torture_comment(tctx,(%s) Incorrect value
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2f379d7... s4/torture: Ported SMBv1 RAW-OPEN tests to SMB2-CREATE
via 0bff2ce... s4/torture: convert all printf to torture_comments
from 0ec8fe4... s4/torture: Ported SMBv1 RAW-STREAMS tests to
SMB2-STREAMS
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2f379d70ffa1dc8d2899489e35e715efe96a4b51
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Oct 6 20:16:38 2009 -0700
s4/torture: Ported SMBv1 RAW-OPEN tests to SMB2-CREATE
Four tests were ported from raw/open.c
One new tests added LEADING-SLASH, which tests that a server provides
the proper error when a relative path is given to a CREATE PDU
with a leading /.
commit 0bff2ced790fb9ff352b848246338999099f7f5f
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Oct 6 20:12:09 2009 -0700
s4/torture: convert all printf to torture_comments
---
Summary of changes:
source4/torture/smb2/create.c | 626 +++--
1 files changed, 605 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/create.c b/source4/torture/smb2/create.c
index febfbe0..be825b2 100644
--- a/source4/torture/smb2/create.c
+++ b/source4/torture/smb2/create.c
@@ -23,26 +23,109 @@
#include libcli/smb2/smb2.h
#include libcli/smb2/smb2_calls.h
#include torture/torture.h
+#include torture/util.h
#include torture/smb2/proto.h
#include librpc/gen_ndr/ndr_security.h
#include libcli/security/security.h
+#include system/filesys.h
+#include auth/credentials/credentials.h
+#include lib/cmdline/popt_common.h
+#include librpc/gen_ndr/security.h
+#include lib/events/events.h
+
#define FNAME test_create.dat
+#define DNAME smb2_open
#define CHECK_STATUS(status, correct) do { \
if (!NT_STATUS_EQUAL(status, correct)) { \
- printf((%s) Incorrect status %s - should be %s\n, \
- __location__, nt_errstr(status), nt_errstr(correct)); \
+ torture_result(torture, TORTURE_FAIL, \
+ (%s) Incorrect status %s - should be %s\n, \
+__location__, nt_errstr(status), nt_errstr(correct)); \
return false; \
}} while (0)
#define CHECK_EQUAL(v, correct) do { \
if (v != correct) { \
- printf((%s) Incorrect value for %s 0x%08llx - should be
0x%08llx\n, \
- __location__, #v, (unsigned long long)v, (unsigned long
long)correct); \
+ torture_result(torture, TORTURE_FAIL, \
+ (%s) Incorrect value for %s 0x%08llx - \
+ should be 0x%08llx\n, \
+__location__, #v, \
+ (unsigned long long)v, \
+ (unsigned long long)correct); \
return false; \
}} while (0)
+#define CHECK_TIME(t, field) do { \
+ time_t t1, t2; \
+ finfo.all_info.level = RAW_FILEINFO_ALL_INFORMATION; \
+ finfo.all_info.in.file.handle = h1; \
+ status = smb2_getinfo_file(tree, torture, finfo); \
+ CHECK_STATUS(status, NT_STATUS_OK); \
+ t1 = t ~1; \
+ t2 = nt_time_to_unix(finfo.all_info.out.field) ~1; \
+ if (abs(t1-t2) 2) { \
+ torture_result(torture, TORTURE_FAIL, \
+ (%s) wrong time for field %s %s - %s\n, \
+ __location__, #field, \
+ timestring(torture, t1), \
+ timestring(torture, t2)); \
+ dump_all_info(torture, finfo); \
+ ret = false; \
+ }} while (0)
+
+#define CHECK_NTTIME(t, field) do { \
+ NTTIME t2; \
+ finfo.all_info.level = RAW_FILEINFO_ALL_INFORMATION; \
+ finfo.all_info.in.file.handle = h1; \
+ status = smb2_getinfo_file(tree, torture, finfo); \
+ CHECK_STATUS(status, NT_STATUS_OK); \
+ t2 = finfo.all_info.out.field; \
+ if (t != t2) { \
+ torture_result(torture, TORTURE_FAIL, \
+ (%s) wrong time for field %s %s - %s\n, \
+ __location__, #field, \
+ nt_time_string(torture, t), \
+ nt_time_string(torture, t2)); \
+ dump_all_info(torture, finfo); \
+ ret = false; \
+ }} while (0)
+
+#define CHECK_ALL_INFO(v, field) do { \
+ finfo.all_info.level = RAW_FILEINFO_ALL_INFORMATION; \
+ finfo.all_info.in.file.handle = h1; \
+ status = smb2_getinfo_file(tree, torture, finfo); \
+ CHECK_STATUS(status, NT_STATUS_OK); \
+ if ((v) != (finfo.all_info.out.field)) { \
+ torture_result(torture, TORTURE_FAIL, \
+ (%s) wrong
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-858-gb2bcfaa
The branch, master has been updated
via b2bcfaaeed44af3a60667894ce0d7647f0382a26 (commit)
via 1160d680620d71a7d5632b73c76d516f89696b65 (commit)
via 49fdeaeaf6eca052378b88cdf726f8eef753fe86 (commit)
from a58bc2c9a93597f3625dc8b64221c601b6f59833 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b2bcfaaeed44af3a60667894ce0d7647f0382a26
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Oct 1 13:47:28 2009 -0700
s4/torture: rename oplocks.c to oplock.c to match SMB1 file layout
commit 1160d680620d71a7d5632b73c76d516f89696b65
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Jul 30 15:10:50 2009 -0700
s4/torture: Ported SMB oplock torture tests to SMB2
I've ported all applicable SMB oplock torture tests to SMB2, giving us
a good base for SMB2 oplock testing.
There are several differences between oplocks in SMB and SMB2, mostly
because of differences in W2K3 and W2K8. The existing SMB oplock
tests all pass against W2K3, but several fail against W2K8. These
same tests were failing in SMB2, util I reworked them.
BATCH19, BATCH20: In W2K3/SMB a setfileinfo - rename command wouldn't
cause a sharing violation or break an existing oplock. It appears that
in W2K8/SMB2 a sharing violation is raised.
BATCH22: In W2K3/SMB when a second opener was waiting the full timeout
of an oplock break, it would receive NT_STATUS_SHARING_VIOLATION after
about 35 seconds. This bug has been fixed in W2K8/SMB2 and instead
the second opener succeeds.
LEVELII500: Added 1 new test checking that the server returns a proper
error code when a client improperly replies to a levelII to none break
notification.
STREAM1: W2K8 now grants oplocks on alternate data streams.
commit 49fdeaeaf6eca052378b88cdf726f8eef753fe86
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Oct 1 11:35:17 2009 -0700
s4/torture: fix typo in test comment
---
Summary of changes:
source4/libcli/smb2/util.c |9 ++
source4/torture/raw/oplock.c |2 +-
source4/torture/smb2/config.mk |2 +-
source4/torture/smb2/oplocks.c | 177
source4/torture/smb2/smb2.c|4 +-
5 files changed, 14 insertions(+), 180 deletions(-)
delete mode 100644 source4/torture/smb2/oplocks.c
Changeset truncated at 500 lines:
diff --git a/source4/libcli/smb2/util.c b/source4/libcli/smb2/util.c
index 8602c91..9b8d688 100644
--- a/source4/libcli/smb2/util.c
+++ b/source4/libcli/smb2/util.c
@@ -220,3 +220,12 @@ int smb2_deltree(struct smb2_tree *tree, const char *dname)
return total_deleted;
}
+
+/*
+ check if two SMB2 file handles are the same
+*/
+bool smb2_util_handle_equal(const struct smb2_handle h1,
+ const struct smb2_handle h2)
+{
+ return (h1.data[0] == h2.data[0]) (h1.data[1] == h2.data[1]);
+}
diff --git a/source4/torture/raw/oplock.c b/source4/torture/raw/oplock.c
index da9fcf3..8623042 100644
--- a/source4/torture/raw/oplock.c
+++ b/source4/torture/raw/oplock.c
@@ -3043,7 +3043,7 @@ static bool test_raw_oplock_stream1(struct
torture_context *tctx,
if (open_base_file) {
torture_comment(tctx, Opening base file: %s with
- %d\n, fname_base, oplock_req);
+ %d\n, fname_base, batch_req);
io.ntcreatex.in.fname = fname_base;
io.ntcreatex.in.flags = batch_req;
status = smb_raw_open(cli2-tree, tctx, io);
diff --git a/source4/torture/smb2/config.mk b/source4/torture/smb2/config.mk
index 2aba86a..f617f70 100644
--- a/source4/torture/smb2/config.mk
+++ b/source4/torture/smb2/config.mk
@@ -20,7 +20,7 @@ TORTURE_SMB2_OBJ_FILES = $(addprefix $(torturesrcdir)/smb2/, \
notify.o \
smb2.o \
durable_open.o \
- oplocks.o \
+ oplock.o \
dir.o \
lease.o \
create.o \
diff --git a/source4/torture/smb2/oplocks.c b/source4/torture/smb2/oplocks.c
deleted file mode 100644
index 3fee0b4..000
--- a/source4/torture/smb2/oplocks.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- test suite for SMB2 oplocks
-
- Copyright (C) Stefan Metzmacher 2008
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-860-gc38c99a
The branch, master has been updated
via c38c99af91baf4a130917f1a0eb399879ae5708f (commit)
from 295fec2b46be2ee492b1fbe7a51d95de8ddce5ba (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c38c99af91baf4a130917f1a0eb399879ae5708f
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Oct 1 16:38:40 2009 -0700
s4/torture: second try on renaming oplocks.c to oplock.c
Forgot to git add the new file in commit b2bcfaae
---
Summary of changes:
source4/torture/smb2/oplock.c | 3617 +
1 files changed, 3617 insertions(+), 0 deletions(-)
create mode 100644 source4/torture/smb2/oplock.c
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/oplock.c b/source4/torture/smb2/oplock.c
new file mode 100644
index 000..f686de6
--- /dev/null
+++ b/source4/torture/smb2/oplock.c
@@ -0,0 +1,3617 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ test suite for SMB2 oplocks
+
+ Copyright (C) Andrew Tridgell 2003
+ Copyright (C) Stefan Metzmacher 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include includes.h
+
+#include libcli/smb2/smb2.h
+#include libcli/smb2/smb2_calls.h
+#include libcli/smb_composite/smb_composite.h
+#include libcli/resolve/resolve.h
+
+#include lib/cmdline/popt_common.h
+#include lib/events/events.h
+
+#include param/param.h
+#include system/filesys.h
+
+#include torture/torture.h
+#include torture/smb2/proto.h
+
+#define CHECK_RANGE(v, min, max) do { \
+ if ((v) (min) || (v) (max)) { \
+ torture_result(tctx, TORTURE_FAIL, (%s): wrong value for %s \
+ got %d - should be between %d and %d\n, \
+ __location__, #v, (int)v, (int)min, (int)max); \
+ ret = false; \
+ }} while (0)
+
+#define CHECK_STRMATCH(v, correct) do { \
+ if (!v || strstr((v),(correct)) == NULL) { \
+ torture_result(tctx, TORTURE_FAIL, (%s): wrong value for %s \
+ got '%s' - should be '%s'\n, \
+ __location__, #v, v?v:NULL, correct); \
+ ret = false; \
+ }} while (0)
+
+#define CHECK_VAL(v, correct) do { \
+ if ((v) != (correct)) { \
+ torture_result(tctx, TORTURE_FAIL, (%s): wrong value for %s \
+ got 0x%x - should be 0x%x\n, \
+ __location__, #v, (int)v, (int)correct); \
+ ret = false; \
+ }} while (0)
+
+#define BASEDIR oplock_test
+
+static struct {
+ struct smb2_handle handle;
+ uint8_t level;
+ struct smb2_break br;
+ int count;
+ int failures;
+ NTSTATUS failure_status;
+} break_info;
+
+static void torture_oplock_break_callback(struct smb2_request *req)
+{
+ NTSTATUS status;
+ struct smb2_break br;
+
+ ZERO_STRUCT(br);
+ status = smb2_break_recv(req, break_info.br);
+ if (!NT_STATUS_IS_OK(status)) {
+ break_info.failures++;
+ break_info.failure_status = status;
+ }
+
+ return;
+}
+
+/* A general oplock break notification handler. This should be used when a
+ * test expects to break from batch or exclusive to a lower level. */
+static bool torture_oplock_handler(struct smb2_transport *transport,
+ const struct smb2_handle *handle,
+ uint8_t level,
+ void *private_data)
+{
+ struct smb2_tree *tree = private_data;
+ const char *name;
+ struct smb2_request *req;
+ ZERO_STRUCT(break_info.br);
+
+ break_info.handle = *handle;
+ break_info.level= level;
+ break_info.count++;
+
+ switch (level) {
+ case SMB2_OPLOCK_LEVEL_II:
+ name = level II;
+ break;
+ case SMB2_OPLOCK_LEVEL_NONE:
+ name = none;
+ break;
+ default:
+ name = unknown;
+ break_info.failures++;
+ }
+ printf(Acking to %s [0x%02X] in oplock handler\n, name, level);
+
+ break_info.br.in.file.handle= *handle
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-863-gb529a1e
The branch, master has been updated
via b529a1e98723c30f965f71fb1e9577edb23219d1 (commit)
via 50db2902eebd143cea4e93bdc3771fcf2c5211f5 (commit)
from ce791d6645ece67c068079de71a0c96ad28c17b7 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b529a1e98723c30f965f71fb1e9577edb23219d1
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Thu Oct 1 16:13:37 2009 -0700
s4/torture: Add two new SMB RAW-OPEN tests
* Add chained NTCREATEX_READX test which first tries to open/read
a non-existant file failing on the open, then attempts the same
operation on a file that does exist, opening and reading
successfully.
* Add test for open_dispositions on directories.
commit 50db2902eebd143cea4e93bdc3771fcf2c5211f5
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Thu Oct 1 16:11:59 2009 -0700
s4/torture: convert printf to torture_comment() in RAW-OPEN
Allows make test and other harnesses to print cleaner output.
---
Summary of changes:
source4/libcli/raw/interfaces.h | 52 ++
source4/libcli/raw/rawfile.c| 74 +
source4/torture/raw/open.c | 332 ---
3 files changed, 399 insertions(+), 59 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index 1321715..f7d64d0 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -1356,6 +1356,7 @@ enum smb_open_level {
RAW_OPEN_T2OPEN,
RAW_OPEN_NTTRANS_CREATE,
RAW_OPEN_OPENX_READX,
+ RAW_OPEN_NTCREATEX_READX,
RAW_OPEN_SMB2
};
@@ -1400,6 +1401,9 @@ union smb_open {
case RAW_OPEN_OPENX_READX: \
file = op-openxreadx.out.file; \
break; \
+ case RAW_OPEN_NTCREATEX_READX: \
+ file = op-ntcreatexreadx.out.file; \
+ break; \
case RAW_OPEN_SMB2: \
file = op-smb2.out.file; \
break; \
@@ -1619,6 +1623,54 @@ union smb_open {
} out;
} openxreadx;
+ /* chained NTCreateX/ReadX interface */
+ struct {
+ enum smb_open_level level;
+ struct {
+ uint32_t flags;
+ uint32_t root_fid;
+ uint32_t access_mask;
+ uint64_t alloc_size;
+ uint32_t file_attr;
+ uint32_t share_access;
+ uint32_t open_disposition;
+ uint32_t create_options;
+ uint32_t impersonation;
+ uint8_t security_flags;
+ /* NOTE: fname can also be a pointer to a
+uint64_t file_id if create_options has the
+NTCREATEX_OPTIONS_OPEN_BY_FILE_ID flag set */
+ const char *fname;
+
+ /* readx part */
+ uint64_t offset;
+ uint16_t mincnt;
+ uint32_t maxcnt;
+ uint16_t remaining;
+ } in;
+ struct {
+ union smb_handle file;
+ uint8_t oplock_level;
+ uint32_t create_action;
+ NTTIME create_time;
+ NTTIME access_time;
+ NTTIME write_time;
+ NTTIME change_time;
+ uint32_t attrib;
+ uint64_t alloc_size;
+ uint64_t size;
+ uint16_t file_type;
+ uint16_t ipc_state;
+ uint8_t is_directory;
+
+ /* readx part */
+ uint8_t *data;
+ uint16_t remaining;
+ uint16_t compaction_mode;
+ uint16_t nread;
+ } out;
+ } ntcreatexreadx;
+
#define SMB2_CREATE_FLAG_REQUEST_OPLOCK 0x0100
#define SMB2_CREATE_FLAG_REQUEST_EXCLUSIVE_OPLOCK 0x0800
#define SMB2_CREATE_FLAG_GRANT_OPLOCK 0x0001
diff --git a/source4/libcli/raw/rawfile.c b/source4/libcli/raw/rawfile.c
index 35d6b75..ea254a5 100644
--- a/source4/libcli/raw/rawfile.c
+++ b/source4/libcli/raw/rawfile.c
@@ -616,6 +616,45 @@ _PUBLIC_ struct smbcli_request *smb_raw_open_send(struct
smbcli_tree *tree, unio
SIVAL(req-out.vwv,
VWV(10),parms-openxreadx.in.offset32);
}
break;
+
+ case RAW_OPEN_NTCREATEX_READX:
+ SETUP_REQUEST(SMBntcreateX, 24, 0);
+ SSVAL(req-out.vwv, VWV(0),SMB_CHAIN_NONE);
+
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-798-g9af9dbe
The branch, master has been updated
via 9af9dbeaf3344fc488c474ea7410ac425c2a4b4e (commit)
via 8c0d239317167f127324a58c593a2c5357548ec5 (commit)
via 6e4bf59d802e72f84d5fc972af6d9c28f334ca93 (commit)
from 6c0abbdd350f9af5cfb59381efb80385e5d3a4f3 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9af9dbeaf3344fc488c474ea7410ac425c2a4b4e
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue Sep 29 19:03:20 2009 -0700
s4/torture: fix RAW-OPLOCK-STREAM1 test after commit a11bb14
We were pulling junk memory for our stream names after the reordering
of the struct definition.
commit 8c0d239317167f127324a58c593a2c5357548ec5
Author: Steven Danneman steven.danne...@isilon.com
Date: Fri Sep 25 16:44:51 2009 -0700
s4/torture: Allow receiving of oplock break requests in any order
Previously, the oplock torture tests, being single threaded, required
the server to return oplock break requests, and other SMB packets
in a specific order for us to verify correctness.
Of course, in several cases the protocol allows the break packets,
especially breaks to levelII to come back in any order. With tevent
we're now able to wait for oplock breaks in the middle of a torture
test.
I've added a helper to do this, and modified all oplock tests to allow
returning of oplock breaks in any order.
commit 6e4bf59d802e72f84d5fc972af6d9c28f334ca93
Author: Aravind Srinivasan asriniva...@isilon.com
Date: Tue Sep 8 13:12:26 2009 -0700
s4/torture: convert printf to torture_comment()
Allows make test and other harnesses to print cleaner output.
---
Summary of changes:
source4/torture/raw/oplock.c | 276 ++---
1 files changed, 175 insertions(+), 101 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/raw/oplock.c b/source4/torture/raw/oplock.c
index 1eaa7e2..da9fcf3 100644
--- a/source4/torture/raw/oplock.c
+++ b/source4/torture/raw/oplock.c
@@ -204,6 +204,60 @@ static bool open_connection_no_level2_oplocks(struct
torture_context *tctx,
return true;
}
+/*
+ Timer handler function notifies the registering function that time is up
+*/
+static void timeout_cb(struct tevent_context *ev,
+ struct tevent_timer *te,
+ struct timeval current_time,
+ void *private_data)
+{
+ bool *timesup = (bool *)private_data;
+ *timesup = true;
+ return;
+}
+
+/*
+ Wait a short period of time to receive a single oplock break request
+*/
+static void torture_wait_for_oplock_break(struct torture_context *tctx)
+{
+ TALLOC_CTX *tmp_ctx = talloc_new(NULL);
+ struct tevent_timer *te = NULL;
+ struct timeval ne;
+ bool timesup = false;
+ int old_count = break_info.count;
+
+ /* Wait .1 seconds for an oplock break */
+ ne = tevent_timeval_current_ofs(0, 10);
+
+ if ((te = event_add_timed(tctx-ev, tmp_ctx, ne, timeout_cb, timesup))
+ == NULL)
+ {
+ torture_comment(tctx, Failed to wait for an oplock break.
+ test results may not be accurate.);
+ goto done;
+ }
+
+ while (!timesup break_info.count old_count + 1) {
+ if (event_loop_once(tctx-ev) != 0) {
+ torture_comment(tctx, Failed to wait for an oplock
+ break. test results may not be
+ accurate.);
+ goto done;
+ }
+ }
+
+done:
+ /* We don't know if the timed event fired and was freed, we received
+* our oplock break, or some other event triggered the loop. Thus,
+* we create a tmp_ctx to be able to safely free/remove the timed
+* event in all 3 cases. */
+ talloc_free(tmp_ctx);
+
+ return;
+}
+
static bool test_raw_oplock_exclusive1(struct torture_context *tctx, struct
smbcli_state *cli1, struct smbcli_state *cli2)
{
const char *fname = BASEDIR \\test_exclusive1.dat;
@@ -249,6 +303,7 @@ static bool test_raw_oplock_exclusive1(struct
torture_context *tctx, struct smbc
torture_comment(tctx, a 2nd open should not cause a break\n);
status = smb_raw_open(cli2-tree, tctx, io);
CHECK_STATUS(tctx, status, NT_STATUS_SHARING_VIOLATION);
+ torture_wait_for_oplock_break(tctx);
CHECK_VAL(break_info.count, 0);
CHECK_VAL(break_info.failures, 0);
@@ -257,6 +312,7 @@ static bool test_raw_oplock_exclusive1(struct
torture_context *tctx, struct smbc
unl.unlink.in.attrib = 0;
status = smb_raw_unlink(cli2-tree, unl);
CHECK_STATUS(tctx, status
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-120-g4d7685c
The branch, master has been updated
via 4d7685c1d493897096d5adae74c71f99398faeff (commit)
via c091d4b08c23ba8c839e095d9ad3dbdbab5050f3 (commit)
from adca9f681cda79511c6974b47005316dc3889ebb (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4d7685c1d493897096d5adae74c71f99398faeff
Author: Aravind Srinivasan asriniva...@isilon.com
Date: Tue Sep 8 13:19:44 2009 -0700
s4/torture: add new SMB oplock tests
* test if oplocks are granted when requesting delete-on-close
* test how oplocks are broken by byte-range-lock requests
commit c091d4b08c23ba8c839e095d9ad3dbdbab5050f3
Author: Aravind Srinivasan asriniva...@isilon.com
Date: Tue Sep 8 13:12:26 2009 -0700
s4/torture: convert printf to torture_comment()
Allows make test and other harnesses to print cleaner output.
---
Summary of changes:
source4/torture/raw/oplock.c | 414 +-
1 files changed, 406 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/raw/oplock.c b/source4/torture/raw/oplock.c
index 3493a55..d512cb3 100644
--- a/source4/torture/raw/oplock.c
+++ b/source4/torture/raw/oplock.c
@@ -19,9 +19,12 @@
#include includes.h
#include torture/torture.h
+#include torture/smbtorture.h
#include librpc/gen_ndr/security.h
+#include librpc/gen_ndr/ndr_security.h
#include libcli/raw/libcliraw.h
#include libcli/raw/raw_proto.h
+#include libcli/security/security.h
#include libcli/libcli.h
#include torture/util.h
#include lib/events/events.h
@@ -193,7 +196,8 @@ static bool open_connection_no_level2_oplocks(struct
torture_context *tctx,
lp_iconv_convenience(tctx-lp_ctx),
lp_gensec_settings(tctx, tctx-lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
- printf(Failed to open connection - %s\n, nt_errstr(status));
+ torture_comment(tctx, Failed to open connection - %s\n,
+ nt_errstr(status));
return false;
}
@@ -594,7 +598,8 @@ static bool test_raw_oplock_exclusive6(struct
torture_context *tctx, struct smbc
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname1;
- torture_comment(tctx, EXCLUSIVE6: open a file with an exclusive oplock
(share mode: none)\n);
+ torture_comment(tctx, EXCLUSIVE6: open a file with an exclusive
+ oplock (share mode: none)\n);
ZERO_STRUCT(break_info);
io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED |
NTCREATEX_FLAGS_REQUEST_OPLOCK;
@@ -603,14 +608,15 @@ static bool test_raw_oplock_exclusive6(struct
torture_context *tctx, struct smbc
fnum = io.ntcreatex.out.file.fnum;
CHECK_VAL(io.ntcreatex.out.oplock_level, EXCLUSIVE_OPLOCK_RETURN);
- torture_comment(tctx, rename should not generate a break but get a
sharing violation\n);
+ torture_comment(tctx, rename should not generate a break but get a
+ sharing violation\n);
ZERO_STRUCT(rn);
rn.generic.level = RAW_RENAME_RENAME;
rn.rename.in.pattern1 = fname1;
rn.rename.in.pattern2 = fname2;
rn.rename.in.attrib = 0;
- printf(trying rename while first file open\n);
+ torture_comment(tctx, trying rename while first file open\n);
status = smb_raw_rename(cli2-tree, rn);
CHECK_STATUS(tctx, status, NT_STATUS_SHARING_VIOLATION);
@@ -1922,7 +1928,7 @@ static bool test_raw_oplock_batch17(struct
torture_context *tctx, struct smbcli_
rn.rename.in.pattern2 = fname2;
rn.rename.in.attrib = 0;
- printf(trying rename while first file open\n);
+ torture_comment(tctx, trying rename while first file open\n);
status = smb_raw_rename(cli2-tree, rn);
CHECK_STATUS(tctx, status, NT_STATUS_SHARING_VIOLATION);
@@ -1993,7 +1999,7 @@ static bool test_raw_oplock_batch18(struct
torture_context *tctx, struct smbcli_
rn.ntrename.in.flags= RENAME_FLAG_RENAME;
rn.ntrename.in.old_name = fname1;
rn.ntrename.in.new_name = fname2;
- printf(trying rename while first file open\n);
+ torture_comment(tctx, trying rename while first file open\n);
status = smb_raw_rename(cli2-tree, rn);
CHECK_STATUS(tctx, status, NT_STATUS_SHARING_VIOLATION);
@@ -3030,7 +3036,395 @@ static bool test_raw_oplock_stream1(struct
torture_context *tctx,
return ret;
}
-/*
+static bool test_raw_oplock_doc(struct torture_context *tctx,
+ struct smbcli_state *cli)
+{
+ const char *fname = BASEDIR \\test_oplock_doc.dat;
+ NTSTATUS status;
+ bool ret = true;
+ union smb_open io;
+ uint16_t fnum=0;
+
+ if
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-101-gd5643a0
The branch, master has been updated
via d5643a08e9da1f3df2ef7eeb6eb9a0afbdca36a1 (commit)
via a38409ee4cff1c1964cdb0a56bb1f51566e6edc5 (commit)
via 5975ea793a5d1367ff89e8c69099b8eac69d273d (commit)
via 11bd19c0071eb0013bedcfc149199a2f1d4063db (commit)
from 2b16380a0e22cc455f698e59cd94bfd899c989d0 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d5643a08e9da1f3df2ef7eeb6eb9a0afbdca36a1
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue Sep 8 12:39:39 2009 -0700
s4/torture/smb2: removed SMB2-FIND test
This test has been wholly replaced by the SMB2-DIR-ONE test found
in dir.c.
commit a38409ee4cff1c1964cdb0a56bb1f51566e6edc5
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue Sep 8 12:12:01 2009 -0700
s4/torture/smb2: Fix several small bugs and style issues in SMB2 dir tests
* removed all uses of printf, replaced with torture_comment
* replaced custom CHECK macros with new torture_assert_*_todo() helpers
* switched string dir name generation to generate_unique_strs() helper,
to avoid non-deterministic test behavior where generate_rand_str()
would cause file colissions in the same directory.
commit 5975ea793a5d1367ff89e8c69099b8eac69d273d
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue Sep 8 12:10:51 2009 -0700
s4/torture: add new torture_assert_*_todo() macros
These allow torture tests to perform cleanup after a failure, by
jumping to a goto label.
commit 11bd19c0071eb0013bedcfc149199a2f1d4063db
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue Sep 8 12:09:39 2009 -0700
lib/util: add unique string generator helper function
---
Summary of changes:
lib/torture/torture.h | 38 ++
lib/util/genrand.c | 59
lib/util/util.h| 10 ++
source4/torture/smb2/config.mk |1 -
source4/torture/smb2/dir.c | 288 +---
source4/torture/smb2/find.c| 220 --
source4/torture/smb2/smb2.c|1 -
7 files changed, 259 insertions(+), 358 deletions(-)
delete mode 100644 source4/torture/smb2/find.c
Changeset truncated at 500 lines:
diff --git a/lib/torture/torture.h b/lib/torture/torture.h
index e28801e..7f387cc 100644
--- a/lib/torture/torture.h
+++ b/lib/torture/torture.h
@@ -246,6 +246,15 @@ void torture_result(struct torture_context *test,
}\
} while(0)
+#define
torture_assert_ntstatus_equal_goto(torture_ctx,got,expected,ret,label,cmt) \
+ do { NTSTATUS __got = got, __expected = expected; \
+ if (!NT_STATUS_EQUAL(__got, __expected)) { \
+ torture_result(torture_ctx, TORTURE_FAIL, __location__: #got
was %s, expected %s: %s, nt_errstr(__got), nt_errstr(__expected), cmt); \
+ ret = false; \
+ goto label; \
+ }\
+ } while(0)
+
#define torture_assert_ndr_err_equal(torture_ctx,got,expected,cmt) \
do { enum ndr_err_code __got = got, __expected = expected; \
if (__got != __expected) { \
@@ -272,6 +281,17 @@ void torture_result(struct torture_context *test,
} \
} while(0)
+#define torture_assert_str_equal_goto(torture_ctx,got,expected,ret,label,cmt)\
+ do { const char *__got = (got), *__expected = (expected); \
+ if (strcmp_safe(__got, __expected) != 0) { \
+ torture_result(torture_ctx, TORTURE_FAIL, \
+ __location__: #got was %s,
expected %s: %s, \
+ __got, __expected, cmt); \
+ ret = false; \
+ goto label; \
+ } \
+ } while(0)
+
#define torture_assert_mem_equal(torture_ctx,got,expected,len,cmt)\
do { const void *__got = (got), *__expected = (expected); \
if (memcmp(__got, __expected, len) != 0) { \
@@ -343,6 +363,17 @@ void torture_result(struct torture_context *test,
} \
} while(0)
+#define torture_assert_int_equal_goto(torture_ctx,got,expected,ret,label,cmt)\
+ do { int __got = (got), __expected = (expected); \
+ if (__got != __expected) { \
+ torture_result(torture_ctx, TORTURE_FAIL, \
+ __location__: #got was %d, expected %d: %s, \
+ __got, __expected, cmt); \
+ ret = false; \
+ goto label; \
+ } \
+ } while(0)
+
#define torture_assert_u64_equal(torture_ctx,got,expected,cmt)\
do { uint64_t __got = (got), __expected = (expected); \
if (__got != __expected) { \
@@ -370,6 +401,10 @@ void torture_result(struct torture_context *test,
torture_result(torture_ctx, TORTURE_SKIP, __location__: %s,
cmt);\
return true
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1204-g6c55518
The branch, master has been updated
via 6c55518d471950d8ebaf0df47634116802d6f735 (commit)
via bc4b253b2c793a2fce6614ee7fadf1713f558776 (commit)
via 5469866242f0dfbdc7260c86cfca196b10e4af21 (commit)
from 32f9d20dff043cca5b81ff855c44a71bf18e41e4 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6c55518d471950d8ebaf0df47634116802d6f735
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Aug 26 16:17:38 2009 -0700
s3/smbd: open the share_info.tdb on startup instead of tconx
This is a small performance optimization. Instead of opening the tdb
on every smb connection in the forked child process, we now open it in
the parent and share the fd.
This also reduces the total fd usage in the system.
commit bc4b253b2c793a2fce6614ee7fadf1713f558776
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Aug 26 10:36:48 2009 -0700
s3/debug: make SPENGO OID list appear under one debug header
commit 5469866242f0dfbdc7260c86cfca196b10e4af21
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Jul 29 16:13:44 2009 -0700
s3/winbindd: Remove unnecessary check for NULL SID
There's a known bug in some Windows implementations of
DsEnumerateDomainTrusts() where domain SIDs are not returned for
transitively trusted domains within the same forest.
Jerry originally worked around this in the winbindd parent by checking
for S-0-0 and converting it to S-1-0 in 8b0fce0b. Guenter later moved
these checks into the child process in commit 3bdfcbac making the
initial patch unecessary.
I've removed it and added a clarifying comment to the child process.
If ever this SID is needed we could add an extra DsEnumerateDomainTrusts()
call in trusted_domains() as suggested by the Microsoft KB.
---
Summary of changes:
source3/include/proto.h |1 +
source3/lib/sharesec.c |2 +-
source3/libsmb/cliconnect.c |5 -
source3/smbd/server.c|9 +
source3/winbindd/winbindd_ads.c |6 +-
source3/winbindd/winbindd_util.c |9 ++---
6 files changed, 22 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 50ac834..0da8c25 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -721,6 +721,7 @@ struct named_mutex *grab_named_mutex(TALLOC_CTX *mem_ctx,
const char *name,
/* The following definitions come from lib/sharesec.c */
+bool share_info_db_init(void);
SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32
def_access);
SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
size_t *psize);
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index a1d30f1..799d983 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -37,7 +37,7 @@ static int delete_fn(struct db_record *rec, void *priv)
return 0;
}
-static bool share_info_db_init(void)
+bool share_info_db_init(void)
{
const char *vstring = INFO/version;
int32 vers_id;
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 7726611..239dfc8 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1010,7 +1010,10 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state
*cli, const char *user,
/* make sure the server understands kerberos */
for (i=0;OIDs[i];i++) {
- DEBUG(3,(got OID=%s\n, OIDs[i]));
+ if (i == 0)
+ DEBUG(3,(got OID=%s\n, OIDs[i]));
+ else
+ DEBUGADD(3,(got OID=%s\n, OIDs[i]));
if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
strcmp(OIDs[i], OID_KERBEROS5) == 0) {
cli-got_kerberos_mechanism = True;
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index ace3124..09ad8d8 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1218,6 +1218,15 @@ extern void build_options(bool screen);
return -1;
}
+ /* Open the share_info.tdb here, so we don't have to open
+ after the fork on every single connection. This is a small
+ performance improvment and reduces the total number of system
+ fds used. */
+ if (!share_info_db_init()) {
+ DEBUG(0,(ERROR: failed to load share info db.\n));
+ exit(1);
+ }
+
/* only start the background queue daemon if we are
running as a daemon -- bad things will happen if
smbd is launched via inetd and we fork a copy of
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-349-g5334b79
The branch, master has been updated
via 5334b79142e32c39c56cea2e9c0d5b08e2f217ca (commit)
from 4b6401ab2cce8319abe0f8176bb460d51bd4a390 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5334b79142e32c39c56cea2e9c0d5b08e2f217ca
Author: Aravind aravind.sriniva...@isilon.com
Date: Tue Jul 7 07:11:56 2009 -0700
torture/smb2: Adding SMB2 Directory enumeration torture tests.
* Most of the tests were ported from SMB torture tests.
* Added one new tests which checks the behavior of the file_index field
present in SMB2_FIND struct.
* Added one new test to check the enumeration of directories containing
lots of files (~2000 files) with name lengths varying from 1 to 200 char.
---
Summary of changes:
source4/torture/smb2/config.mk |1 +
source4/torture/smb2/dir.c | 1289 +++-
source4/torture/smb2/smb2.c|1 +
3 files changed, 1265 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/config.mk b/source4/torture/smb2/config.mk
index bc4fc15..b321b41 100644
--- a/source4/torture/smb2/config.mk
+++ b/source4/torture/smb2/config.mk
@@ -22,6 +22,7 @@ TORTURE_SMB2_OBJ_FILES = $(addprefix $(torturesrcdir)/smb2/, \
smb2.o \
durable_open.o \
oplocks.o \
+ dir.o \
lease.o \
create.o \
read.o \
diff --git a/source4/torture/smb2/dir.c b/source4/torture/smb2/dir.c
index 58cf222..79672ef 100644
--- a/source4/torture/smb2/dir.c
+++ b/source4/torture/smb2/dir.c
@@ -1,20 +1,22 @@
-/*
+/*
Unix SMB/CIFS implementation.
SMB2 dir list test suite
Copyright (C) Andrew Tridgell 2005
-
+ Copyright (C) Zachary Loafman 2009
+ Copyright (C) Aravind Srinivasan 2009
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
*/
@@ -22,72 +24,1307 @@
#include includes.h
#include libcli/smb2/smb2.h
#include libcli/smb2/smb2_calls.h
+#include libcli/smb_composite/smb_composite.h
+#include libcli/raw/libcliraw.h
+#include libcli/raw/raw_proto.h
+#include libcli/libcli.h
#include torture/torture.h
#include torture/smb2/proto.h
+#include torture/util.h
+
+#include system/filesys.h
+
+#define CHECK_STATUS(status, correct) do { \
+ if (!NT_STATUS_EQUAL(status, correct)) { \
+ torture_result(tctx, TORTURE_FAIL, __location__: \
+ Incorrect status %s - should be %s, \
+ nt_errstr(status), nt_errstr(correct)); \
+ ret = false; \
+ goto done; \
+ }} while (0)
+
+#define CHECK_VALUE(v, correct) torture_assert_int_equal(tctx, (v), \
+ (correct), incorrect value);
+
+#define DNAME smb2_dir
+#define NFILES 100
+
+struct file_elem {
+ char *name;
+ bool found;
+};
+
+static NTSTATUS populate_tree(struct torture_context *tctx,
+ TALLOC_CTX *mem_ctx,
+ struct smb2_tree *tree,
+ struct file_elem *files,
+ int nfiles,
+ struct smb2_handle *h_out)
+{
+ struct smb2_create create;
+ NTSTATUS status;
+ bool ret;
+ int i;
+
+ smb2_deltree(tree, DNAME);
+
+ ZERO_STRUCT(create);
+ create.in.desired_access = SEC_RIGHTS_DIR_ALL;
+ create.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
+ create.in.file_attributes = FILE_ATTRIBUTE_DIRECTORY;
+ create.in.share_access = NTCREATEX_SHARE_ACCESS_READ |
+NTCREATEX_SHARE_ACCESS_WRITE |
+NTCREATEX_SHARE_ACCESS_DELETE;
+ create.in.create_disposition = NTCREATEX_DISP_CREATE;
+ create.in.fname = DNAME;
+
+ status = smb2_create(tree, mem_ctx, create);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ *h_out = create.out.file.handle;
+
+ ZERO_STRUCT(create);
+ create.in.desired_access = SEC_RIGHTS_FILE_ALL;
+ create.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ create.in.create_disposition = NTCREATEX_DISP_CREATE;
+
+ for (i = 0; i nfiles; i++) {
+
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-40-g5a4d618
The branch, master has been updated
via 5a4d61810961af199859dfb52981632bfe594e95 (commit)
from 36a8abce4f737102b5a2acf3c0e221391079831d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5a4d61810961af199859dfb52981632bfe594e95
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Tue Jun 16 15:11:32 2009 -0700
s3: forward MSG_DEBUG from smbd parent to all children
Before 3.3, an smbcontrol debug message sent to the target smbd would
actually be sent to all running processes including nmbd and winbindd.
This behavior was changed in 3.3 so that the smbd target would only
send a message to the process found in smbd.pid, while the all target
would send a message to all processes.
The ability to set the debug level of all processes within a single
daemon, without specifying each pid is quite useful. This was implemented
in winbindd in 065760ed. This patch does the same thing for smbd.
Upon receiving a MSG_DEBUG the parent smbd will rebroadcast it to all of
its children.
The printing process has been added to the list of smbd child processes,
and we now always track the number of smbd children regardless of the
max smbd processes setting.
---
Summary of changes:
docs-xml/manpages-3/smbcontrol.1.xml |5 +++-
source3/include/smb.h|6 +
source3/printing/printing.c | 19
source3/smbd/process.c |9 +++
source3/smbd/server.c| 39 +
5 files changed, 63 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/smbcontrol.1.xml
b/docs-xml/manpages-3/smbcontrol.1.xml
index bb0aa30..c41dadc 100644
--- a/docs-xml/manpages-3/smbcontrol.1.xml
+++ b/docs-xml/manpages-3/smbcontrol.1.xml
@@ -121,7 +121,10 @@
varlistentry
termdebug/term
listitemparaSet debug level to the value specified by the
- parameter. This can be sent to any of the destinations./para
+ parameter. This can be sent to any of the destinations. If this
+ message is sent to either the smbd or winbindd daemons, the parent
+ process will rebroadcast the message to all child processes changing
+ the debug level in each one./para
/listitem
/varlistentry
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 4eed68f..87fd2b0 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1927,4 +1927,10 @@ struct smb_filename {
SMB_STRUCT_STAT st;
};
+/* struct for maintaining the child processes that get spawned from smbd */
+struct child_pid {
+ struct child_pid *prev, *next;
+ pid_t pid;
+};
+
#endif /* _SMB_H */
diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index e73669f..986176d 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -1399,6 +1399,22 @@ static void printing_pause_fd_handler(struct
tevent_context *ev,
exit_server_cleanly(NULL);
}
+static void add_child_pid(pid_t pid)
+{
+ extern struct child_pid *children;
+ struct child_pid *child;
+ extern int num_children;
+
+child = SMB_MALLOC_P(struct child_pid);
+if (child == NULL) {
+DEBUG(0, (Could not add child struct -- malloc failed\n));
+return;
+}
+child-pid = pid;
+DLIST_ADD(children, child);
+num_children += 1;
+}
+
static pid_t background_lpq_updater_pid = -1;
/
@@ -1426,6 +1442,9 @@ void start_background_queue(void)
exit(1);
}
+ /* Track the printing pid along with other smbd children */
+ add_child_pid(background_lpq_updater_pid);
+
if(background_lpq_updater_pid == 0) {
struct tevent_fd *fde;
int ret;
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 0a3777a..b26bc15 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -2103,6 +2103,15 @@ void smbd_process(void)
messaging_register(smbd_messaging_context(), NULL,
MSG_SMB_CLOSE_FILE, msg_close_file);
+ /*
+* Use the default MSG_DEBUG handler to avoid rebroadcasting
+* MSGs to all child processes
+*/
+ messaging_deregister(smbd_messaging_context(),
+MSG_DEBUG, NULL);
+ messaging_register(smbd_messaging_context(), NULL,
+ MSG_DEBUG, debug_message);
+
if ((lp_keepalive() != 0)
!(event_add_idle(smbd_event_context(), NULL,
timeval_set(lp_keepalive(), 0),
diff --git
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1822-g6d91ac2
The branch, master has been updated via 6d91ac2a646ae47d359914503030cab51b2c9d16 (commit) from 5264ad627d59e0f2cb03cb3bdd3baf8943d7fa5b (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6d91ac2a646ae47d359914503030cab51b2c9d16 Author: Steven Danneman steven.danne...@isilon.com Date: Fri May 22 16:57:52 2009 -0700 s3/docs Add manpage for map untrusted to domain parameter This fixes bug 6352. --- Summary of changes: .../smbdotconf/security/mapuntrustedtodomain.xml | 33 1 files changed, 33 insertions(+), 0 deletions(-) create mode 100644 docs-xml/smbdotconf/security/mapuntrustedtodomain.xml Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml b/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml new file mode 100644 index 000..bcf65e6 --- /dev/null +++ b/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml @@ -0,0 +1,33 @@ +samba:parameter name=map untrusted to domain + context=G +type=boolean +advanced=1 +developer=1 +xmlns:samba=http://www.samba.org/samba/DTD/samba-doc; +description +para +If a client connects to smbd using an untrusted domain name, such as +BOGUS\user, smbd replaces the BOGUS domain with it's SAM name before +attempting to authenticate that user. In the case where smbd is acting as +a PDC this will be DOMAIN\user. In the case where smbd is acting as a +domain member server or a standalone server this will be WORKSTATION\user. +/para + +para +In previous versions of Samba (pre 3.4), if smbd was acting as a domain +member server, the BOGUS domain name would instead be replaced by the +primary domain which smbd was a member of. In this case authentication +would be deferred off to a DC using the credentials DOMAIN\user. +/para + +para +When this parameter is set to constantyes/constant smbd provides the +legacy behavior of mapping untrusted domain names to the primary domain. +When smbd is not acting as a domain member server, this parameter has no +effect. +/para + +/description + +value type=defaultno/value +/samba:parameter -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1078-gbf5fb8b
The branch, v3-4-test has been updated via bf5fb8b58cb1813fdadabe8f96ef8af305d4d582 (commit) from 816776d2f81c1ae90e52612af76aaafeaeb04598 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit bf5fb8b58cb1813fdadabe8f96ef8af305d4d582 Author: Steven Danneman steven.danne...@isilon.com Date: Fri May 22 16:57:52 2009 -0700 s3/docs Add manpage for map untrusted to domain parameter This fixes bug 6352. --- Summary of changes: .../smbdotconf/security/mapuntrustedtodomain.xml | 33 1 files changed, 33 insertions(+), 0 deletions(-) create mode 100644 docs-xml/smbdotconf/security/mapuntrustedtodomain.xml Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml b/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml new file mode 100644 index 000..bcf65e6 --- /dev/null +++ b/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml @@ -0,0 +1,33 @@ +samba:parameter name=map untrusted to domain + context=G +type=boolean +advanced=1 +developer=1 +xmlns:samba=http://www.samba.org/samba/DTD/samba-doc; +description +para +If a client connects to smbd using an untrusted domain name, such as +BOGUS\user, smbd replaces the BOGUS domain with it's SAM name before +attempting to authenticate that user. In the case where smbd is acting as +a PDC this will be DOMAIN\user. In the case where smbd is acting as a +domain member server or a standalone server this will be WORKSTATION\user. +/para + +para +In previous versions of Samba (pre 3.4), if smbd was acting as a domain +member server, the BOGUS domain name would instead be replaced by the +primary domain which smbd was a member of. In this case authentication +would be deferred off to a DC using the credentials DOMAIN\user. +/para + +para +When this parameter is set to constantyes/constant smbd provides the +legacy behavior of mapping untrusted domain names to the primary domain. +When smbd is not acting as a domain member server, this parameter has no +effect. +/para + +/description + +value type=defaultno/value +/samba:parameter -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-879-gf4e2f7b
The branch, v3-4-test has been updated
via f4e2f7bc23da5f73311bb7adeab2838af14bdeaf (commit)
from 651ae5c705c15c84882f6c1c3d73292794c63aa9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test
- Log -
commit f4e2f7bc23da5f73311bb7adeab2838af14bdeaf
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue May 5 14:42:19 2009 -0700
s3:onefs.so Change system function names
Addendum to c49730e1. Use newer cookie conversion names.
---
Summary of changes:
source3/modules/onefs_dir.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs_dir.c b/source3/modules/onefs_dir.c
index 8c056d9..47da33f 100644
--- a/source3/modules/onefs_dir.c
+++ b/source3/modules/onefs_dir.c
@@ -431,7 +431,7 @@ onefs_seekdir(vfs_handle_struct *handle, SMB_STRUCT_DIR
*dirp, long offset)
}
/* Convert offset to resume_cookie */
- resume_cookie = rdp_offset2cookie(offset);
+ resume_cookie = rdp_offset31_to_cookie63(offset);
DEBUG(9, (Seek DIR %p, offset: %ld, resume_cookie: %#llx\n,
dsp-dirp, offset, resume_cookie));
@@ -487,11 +487,11 @@ onefs_telldir(vfs_handle_struct *handle, SMB_STRUCT_DIR
*dirp)
}
/* Convert resume_cookie to offset */
- offset = rdp_cookie2offset(dsp-resume_cookie);
+ offset = rdp_cookie63_to_offset31(dsp-resume_cookie);
if (offset 0) {
DEBUG(1, (Unable to convert resume_cookie: %#llx to a
-suitable 32-bit offset value.\n,
-dsp-resume_cookie));
+suitable 32-bit offset value. Error: %s\n,
+dsp-resume_cookie, strerror(errno)));
return -1;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1446-g798389c
The branch, master has been updated
via 798389c49aa7167157d052f1513f1c81f77e10f7 (commit)
from 386a5d99b32fa1296618f59f9a9072d9faf2c8ac (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 798389c49aa7167157d052f1513f1c81f77e10f7
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue May 5 14:42:19 2009 -0700
s3:onefs.so Change system function names
Addendum to c49730e1. Use newer cookie conversion names.
---
Summary of changes:
source3/modules/onefs_dir.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs_dir.c b/source3/modules/onefs_dir.c
index 8c056d9..47da33f 100644
--- a/source3/modules/onefs_dir.c
+++ b/source3/modules/onefs_dir.c
@@ -431,7 +431,7 @@ onefs_seekdir(vfs_handle_struct *handle, SMB_STRUCT_DIR
*dirp, long offset)
}
/* Convert offset to resume_cookie */
- resume_cookie = rdp_offset2cookie(offset);
+ resume_cookie = rdp_offset31_to_cookie63(offset);
DEBUG(9, (Seek DIR %p, offset: %ld, resume_cookie: %#llx\n,
dsp-dirp, offset, resume_cookie));
@@ -487,11 +487,11 @@ onefs_telldir(vfs_handle_struct *handle, SMB_STRUCT_DIR
*dirp)
}
/* Convert resume_cookie to offset */
- offset = rdp_cookie2offset(dsp-resume_cookie);
+ offset = rdp_cookie63_to_offset31(dsp-resume_cookie);
if (offset 0) {
DEBUG(1, (Unable to convert resume_cookie: %#llx to a
-suitable 32-bit offset value.\n,
-dsp-resume_cookie));
+suitable 32-bit offset value. Error: %s\n,
+dsp-resume_cookie, strerror(errno)));
return -1;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1452-g1db0b20
The branch, master has been updated
via 1db0b20d8a26fb60299d0ed7553d7a4847aee84f (commit)
from 4842e45d59dbd6c9ac138e796d30fcf747807d1c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1db0b20d8a26fb60299d0ed7553d7a4847aee84f
Author: Steven Danneman steven.danne...@isilon.com
Date: Tue May 5 17:42:56 2009 -0700
s3 Reorder loadparm to keep aliases together
This keeps the browseable and browsable aliases together.
---
Summary of changes:
source3/param/loadparm.c | 12 ++--
1 files changed, 6 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 6dd8dbc..a6c535c 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -3354,22 +3354,22 @@ static struct parm_struct parm_table[] = {
.flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE |
FLAG_PRINT,
},
{
- .label = access based share enum,
+ .label = browsable,
.type = P_BOOL,
.p_class= P_LOCAL,
- .ptr= sDefault.bAccessBasedShareEnum,
+ .ptr= sDefault.bBrowseable,
.special= NULL,
.enum_list = NULL,
- .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE
+ .flags = FLAG_HIDE,
},
{
- .label = browsable,
+ .label = access based share enum,
.type = P_BOOL,
.p_class= P_LOCAL,
- .ptr= sDefault.bBrowseable,
+ .ptr= sDefault.bAccessBasedShareEnum,
.special= NULL,
.enum_list = NULL,
- .flags = FLAG_HIDE,
+ .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE
},
{
.label = enhanced browsing,
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1436-gc49730e
The branch, master has been updated
via c49730e15bd6b9b1d59e4ef271f4512d5a07c8b3 (commit)
from 72bd5ff9833677c3567cd1582d5dd5fbb4001e90 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c49730e15bd6b9b1d59e4ef271f4512d5a07c8b3
Author: Steven Danneman steven.danne...@isilon.com
Date: Mon May 4 15:02:17 2009 -0700
s3:onefs.so fix issue with missing entries when enumerating directories
This bug prompted several, fairly large changes to the of OneFS's
readdirplus() within Samba.
One fundamental problem is that we kept our cache cursor pointed at the
next entry to be returned from onefs_readdir(), while the resume cookie
needed to refill the cache such that our cursor would be on this entry,
was located in the previous cache entry. This meant that to correctly
handle
seekdir() cases which could be found within the existing cache, and cases
where a cache reload was needed, required that the cache always hold
at least two entries: the entry we wished to return, and the previous entry
which held the resume cookie. Since the readdirplus() syscall gives us no
guarantee that it will always return these two direntries, there was a
fundamental problem with this design.
To fix this problem, I have rearchitected the onefs_readdir() path to keep
its pointer on the entry which contains the resume_cookie, not the entry
which will be returned next. Essentially, I changed onefs_readdir() from a
return an entry then increment the cursor model to increment the cursor
then return an entry. By doing this, we only require that a single entry
be within the cache: the entry containing the resume cookie.
Second, there have been numerous off-by-one bugs in my implementation of
onefs_seekdir() which did a mapping between the 64-bit resume cookie
returned by readdirplus() and its own monotonically increasing location
offset. Furthermore, this design caused a somewhat frequent waste of
cycles, as in some cases we'd need to re-enumerate the entire directory to
recover the current location from an old resume cookie. As this code was
somewhat difficult to understand, prone to bugs, and innefficient in some
cases I decided it was better to wholesale replace it now, rather than
later.
It is possible to algorithmically map the 64-bit resume cookies from
readdirplus() into 32-bit offset values which SMB requires. The onefs.so
module now calls into a system library to do this conversion. This greatly
simplifies both the seekdir() and telldir() paths and is more efficient.
---
Summary of changes:
source3/modules/onefs_dir.c | 205 ---
1 files changed, 75 insertions(+), 130 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs_dir.c b/source3/modules/onefs_dir.c
index 68a58b3..8c056d9 100644
--- a/source3/modules/onefs_dir.c
+++ b/source3/modules/onefs_dir.c
@@ -24,6 +24,7 @@
#include onefs_config.h
#include ifs/ifs_syscalls.h
+#include isi_util/isi_dir.h
/* The OneFS filesystem provides a readdirplus() syscall, equivalent to the
* NFSv3 PDU, which retrieves bulk directory listings with stat information
@@ -48,11 +49,11 @@ static uint64_t *rdp_cookies = NULL;
struct rdp_dir_state {
struct rdp_dir_state *next, *prev;
SMB_STRUCT_DIR *dirp;
- char *direntries_cursor; /* cursor to current direntry in the cache */
+ char *direntries_cursor; /* cursor to last returned direntry in cache */
size_t stat_count; /* number of entries stored in the cache */
- size_t stat_cursor; /* cursor to current stat in the cache */
- uint64_t resume_cookie; /* last cookie returned from the cache */
- long location; /* absolute location of direnty in DIR */
+ size_t stat_cursor; /* cursor to last returned stat in the cache */
+ uint64_t resume_cookie; /* cookie from the last entry returned from the
+ cache */
};
static struct rdp_dir_state *dirstatelist = NULL;
@@ -127,7 +128,6 @@ rdp_init(struct rdp_dir_state *dsp)
dsp-stat_count = RDP_BATCH_SIZE;
dsp-stat_cursor = RDP_BATCH_SIZE;
dsp-resume_cookie = RDP_RESUME_KEY_START;
- dsp-location = 0;
return 0;
}
@@ -155,10 +155,10 @@ rdp_fill_cache(struct rdp_dir_state *dsp)
dsp-stat_count = RDP_BATCH_SIZE;
DEBUG(9, (Calling readdirplus() with DIR %p, dirfd: %d,
-resume_cookie 0x%llx, location %u, size_to_read: %zu,
+resume_cookie %#llx, size_to_read: %zu,
direntries_size: %zu, stat_count: %u\n,
-dsp-dirp, dirfd, dsp-resume_cookie, dsp-location
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-871-gaeb7de5
The branch, v3-4-test has been updated
via aeb7de50b51840bddcdd4cbe6d96a4066b5116f0 (commit)
from 4b3bd6d0ba3348659615e69b3508969aa41e7de4 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test
- Log -
commit aeb7de50b51840bddcdd4cbe6d96a4066b5116f0
Author: Steven Danneman steven.danne...@isilon.com
Date: Mon May 4 15:02:17 2009 -0700
s3:onefs.so fix issue with missing entries when enumerating directories
This bug prompted several, fairly large changes to the of OneFS's
readdirplus() within Samba.
One fundamental problem is that we kept our cache cursor pointed at the
next entry to be returned from onefs_readdir(), while the resume cookie
needed to refill the cache such that our cursor would be on this entry,
was located in the previous cache entry. This meant that to correctly
handle
seekdir() cases which could be found within the existing cache, and cases
where a cache reload was needed, required that the cache always hold
at least two entries: the entry we wished to return, and the previous entry
which held the resume cookie. Since the readdirplus() syscall gives us no
guarantee that it will always return these two direntries, there was a
fundamental problem with this design.
To fix this problem, I have rearchitected the onefs_readdir() path to keep
its pointer on the entry which contains the resume_cookie, not the entry
which will be returned next. Essentially, I changed onefs_readdir() from a
return an entry then increment the cursor model to increment the cursor
then return an entry. By doing this, we only require that a single entry
be within the cache: the entry containing the resume cookie.
Second, there have been numerous off-by-one bugs in my implementation of
onefs_seekdir() which did a mapping between the 64-bit resume cookie
returned by readdirplus() and its own monotonically increasing location
offset. Furthermore, this design caused a somewhat frequent waste of
cycles, as in some cases we'd need to re-enumerate the entire directory to
recover the current location from an old resume cookie. As this code was
somewhat difficult to understand, prone to bugs, and innefficient in some
cases I decided it was better to wholesale replace it now, rather than
later.
It is possible to algorithmically map the 64-bit resume cookies from
readdirplus() into 32-bit offset values which SMB requires. The onefs.so
module now calls into a system library to do this conversion. This greatly
simplifies both the seekdir() and telldir() paths and is more efficient.
---
Summary of changes:
source3/modules/onefs_dir.c | 205 ---
1 files changed, 75 insertions(+), 130 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs_dir.c b/source3/modules/onefs_dir.c
index 68a58b3..8c056d9 100644
--- a/source3/modules/onefs_dir.c
+++ b/source3/modules/onefs_dir.c
@@ -24,6 +24,7 @@
#include onefs_config.h
#include ifs/ifs_syscalls.h
+#include isi_util/isi_dir.h
/* The OneFS filesystem provides a readdirplus() syscall, equivalent to the
* NFSv3 PDU, which retrieves bulk directory listings with stat information
@@ -48,11 +49,11 @@ static uint64_t *rdp_cookies = NULL;
struct rdp_dir_state {
struct rdp_dir_state *next, *prev;
SMB_STRUCT_DIR *dirp;
- char *direntries_cursor; /* cursor to current direntry in the cache */
+ char *direntries_cursor; /* cursor to last returned direntry in cache */
size_t stat_count; /* number of entries stored in the cache */
- size_t stat_cursor; /* cursor to current stat in the cache */
- uint64_t resume_cookie; /* last cookie returned from the cache */
- long location; /* absolute location of direnty in DIR */
+ size_t stat_cursor; /* cursor to last returned stat in the cache */
+ uint64_t resume_cookie; /* cookie from the last entry returned from the
+ cache */
};
static struct rdp_dir_state *dirstatelist = NULL;
@@ -127,7 +128,6 @@ rdp_init(struct rdp_dir_state *dsp)
dsp-stat_count = RDP_BATCH_SIZE;
dsp-stat_cursor = RDP_BATCH_SIZE;
dsp-resume_cookie = RDP_RESUME_KEY_START;
- dsp-location = 0;
return 0;
}
@@ -155,10 +155,10 @@ rdp_fill_cache(struct rdp_dir_state *dsp)
dsp-stat_count = RDP_BATCH_SIZE;
DEBUG(9, (Calling readdirplus() with DIR %p, dirfd: %d,
-resume_cookie 0x%llx, location %u, size_to_read: %zu,
+resume_cookie %#llx, size_to_read: %zu,
direntries_size: %zu, stat_count: %u\n,
-dsp-dirp, dirfd, dsp-resume_cookie, dsp-location
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-774-g12a8ed0
The branch, master has been updated
via 12a8ed07b43ed8dc27db396a23cd8657e419101e (commit)
via 92f3686c962d67a5feab00b9e8abdb87ddb832a6 (commit)
from 0b890ae19a6e9dad9bdff248ada3fdee9416ab96 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 12a8ed07b43ed8dc27db396a23cd8657e419101e
Author: Zach Loafman zachary.loaf...@isilon.com
Date: Fri Mar 27 19:14:01 2009 -0700
s4:torture/smb2: Add torture tests for leases.
commit 92f3686c962d67a5feab00b9e8abdb87ddb832a6
Author: Zach Loafman zachary.loaf...@isilon.com
Date: Fri Mar 27 19:12:43 2009 -0700
s4:smb2: Add rudimentary SMB2.1 lease support to libcli
Add the structures, constants, and marshalling for SMB2.1 leases.
---
Summary of changes:
source4/libcli/raw/interfaces.h | 12 ++
source4/libcli/smb2/create.c| 30
source4/libcli/smb2/smb2.h |8 +
source4/torture/smb2/config.mk |1 +
source4/torture/smb2/lease.c| 296 +++
source4/torture/smb2/smb2.c |1 +
6 files changed, 348 insertions(+), 0 deletions(-)
create mode 100644 source4/torture/smb2/lease.c
Changeset truncated at 500 lines:
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index a0584c0..bd93fa1 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -53,6 +53,16 @@ struct smb2_handle {
uint64_t data[2];
};
+/*
+ SMB2 lease structure (per MS-SMB2 2.2.13)
+*/
+struct smb2_lease {
+ uint64_t lease_key[2];
+ uint32_t lease_state;
+ uint32_t lease_flags; /* should be 0 */
+ uint64_t lease_duration; /* should be 0 */
+};
+
struct ntvfs_handle;
/*
@@ -1633,6 +1643,7 @@ union smb_open {
bool query_maximal_access;
NTTIME timewarp;
bool query_on_disk_id;
+ struct smb2_lease *lease_request;
/* and any additional blobs the caller wants */
struct smb2_create_blobs {
@@ -1666,6 +1677,7 @@ union smb_open {
/* optional return values matching tagged values in the
call */
uint32_t maximal_access;
uint8_t on_disk_id[32];
+ struct smb2_lease lease_response;
/* tagged blobs in the reply */
struct smb2_create_blobs blobs;
diff --git a/source4/libcli/smb2/create.c b/source4/libcli/smb2/create.c
index 8a40e56..344be60 100644
--- a/source4/libcli/smb2/create.c
+++ b/source4/libcli/smb2/create.c
@@ -312,6 +312,23 @@ struct smb2_request *smb2_create_send(struct smb2_tree
*tree, struct smb2_create
}
}
+ if (io-in.lease_request) {
+ uint8_t data[32];
+
+ memcpy(data[0], io-in.lease_request-lease_key, 16);
+ SIVAL(data, 16, io-in.lease_request-lease_state);
+ SIVAL(data, 20, io-in.lease_request-lease_flags);
+ SBVAL(data, 24, io-in.lease_request-lease_duration);
+
+ status = smb2_create_blob_add(req, blobs,
+ SMB2_CREATE_TAG_RQLS,
+ data_blob_const(data, 32));
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(req);
+ return NULL;
+ }
+ }
+
/* and any custom blobs */
for (i=0;iio-in.blobs.num_blobs;i++) {
status = smb2_create_blob_add(req, blobs,
@@ -402,6 +419,19 @@ NTSTATUS smb2_create_recv(struct smb2_request *req,
TALLOC_CTX *mem_ctx, struct
}
memcpy(io-out.on_disk_id,
io-out.blobs.blobs[i].data.data, 32);
}
+ if (strcmp(io-out.blobs.blobs[i].tag, SMB2_CREATE_TAG_RQLS) ==
0) {
+ uint8_t *data;
+ if (io-out.blobs.blobs[i].data.length != 32) {
+ smb2_request_destroy(req);
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+
+ data = io-out.blobs.blobs[i].data.data;
+ memcpy(io-out.lease_response.lease_key, data, 16);
+ io-out.lease_response.lease_state = IVAL(data, 16);
+ io-out.lease_response.lease_flags = IVAL(data, 20);
+ io-out.lease_response.lease_duration = BVAL(data, 24);
+ }
}
data_blob_free(blob);
diff --git a/source4/libcli/smb2/smb2.h b/source4/libcli/smb2/smb2.h
index 7c07c84..fd961ce 100644
--- a/source4/libcli/smb2/smb2.h
+++ b/source4/libcli/smb2/smb2.h
@@ -263,6 +263,13
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-771-gee22c41
The branch, master has been updated
via ee22c417f3ae156522151815605300c703eeb664 (commit)
from 21ad907aa01d839d405b10809517d491b72184da (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit ee22c417f3ae156522151815605300c703eeb664
Author: Scott Urban scott.ur...@isilon.com
Date: Fri Mar 27 17:33:26 2009 -0700
s3: added per-client statistics to onefs perfcount module
* we now track, uid, remote ip, and local ip per CIFS operation
* removed perfcount_set_client() from perfcount interface as it's
unecessary
---
Summary of changes:
source3/include/smb_perfcount.h |8 -
source3/modules/perfcount_onefs.c | 52 +++--
source3/modules/perfcount_test.c |9 --
3 files changed, 38 insertions(+), 31 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/smb_perfcount.h b/source3/include/smb_perfcount.h
index 01a539d..9c83147 100644
--- a/source3/include/smb_perfcount.h
+++ b/source3/include/smb_perfcount.h
@@ -37,8 +37,6 @@ struct smb_perfcount_handlers {
uint64_t in_bytes);
void (*perfcount_set_msglen_out) (struct smb_perfcount_data *pcd,
uint64_t out_bytes);
- void (*perfcount_set_client) (struct smb_perfcount_data *pcd, uid_t uid,
- const char *user, const char *domain);
void (*perfcount_copy_context) (struct smb_perfcount_data *pcd,
struct smb_perfcount_data *new_pcd);
void (*perfcount_defer_op) (struct smb_perfcount_data *pcd,
@@ -88,12 +86,6 @@ void smb_init_perfcount_data(struct smb_perfcount_data *pcd);
(_pcd_)-handlers-perfcount_set_msglen_out((_pcd_), (_out_));\
} while (0)
-#define SMB_PERFCOUNT_SET_CLIENT(_pcd_,_uid_, _user_, _domain_) \
-do {if((_pcd_) (_pcd_)-handlers) \
- (_pcd_)-handlers-perfcount_set_client((_pcd_), (_uid_), \
- (_user_), (_domain_)); \
-} while (0)
-
#define SMB_PERFCOUNT_COPY_CONTEXT(_pcd_, _new_pcd_) \
do {if((_pcd_) (_pcd_)-handlers) \
(_pcd_)-handlers-perfcount_copy_context((_pcd_), (_new_pcd_)); \
diff --git a/source3/modules/perfcount_onefs.c
b/source3/modules/perfcount_onefs.c
index 9b35af6..066a7f1 100644
--- a/source3/modules/perfcount_onefs.c
+++ b/source3/modules/perfcount_onefs.c
@@ -20,8 +20,11 @@
#include includes.h
#include sys/isi_stats_protocol.h
+#include sys/isi_stats_client.h
#include sys/isi_stats_cifs.h
+extern struct current_user current_user;
+
struct onefs_op_counter {
struct isp_op_delta iod;
struct onefs_op_counter *next;
@@ -282,42 +285,64 @@ static void onefs_smb_statistics_defer_op(struct
smb_perfcount_data *pcd,
pcd-context = NULL;
}
-static void onefs_smb_statistics_set_client(struct smb_perfcount_data *pcd,
- uid_t uid, const char *user,
- const char *domain)
-{
- // not implemented...
- return;
-}
-
static void onefs_smb_statistics_end(struct smb_perfcount_data *pcd)
{
struct onefs_stats_context *ctxt = pcd-context;
struct onefs_op_counter *tmp;
+ uint64_t uid;
+
+ static in_addr_t rem_addr = 0;
+ static in_addr_t loc_addr = 0;
/* not enabled */
if (pcd-context == NULL)
return;
+ uid = current_user.ut.uid ? current_user.ut.uid : ISC_UNKNOWN_CLIENT_ID;
+
+ /* get address info once, doesn't change for process */
+ if (rem_addr == 0) {
+ struct sockaddr_storage sa;
+ socklen_t sa_len;
+ int fd = smbd_server_fd();
+
+ sa_len = sizeof sa;
+ if (getpeername(fd, (struct sockaddr *)sa, sa_len) == 0
+ sa.ss_family == AF_INET)
+ rem_addr = ((struct sockaddr_in *)sa)-sin_addr.s_addr;
+ else
+ rem_addr = ISC_MASKED_ADDR;
+
+ sa_len = sizeof sa;
+ if (getsockname(fd, (struct sockaddr *)sa, sa_len) == 0
+ sa.ss_family == AF_INET)
+ loc_addr = ((struct sockaddr_in *)sa)-sin_addr.s_addr;
+ else
+ loc_addr = ISC_MASKED_ADDR;
+ }
+
/*
* bug here - we aren't getting the outlens right,
* when dealing w/ chained requests.
*/
for (tmp = ctxt-ops_chain; tmp; tmp = tmp-next) {
tmp-iod.out_bytes = ctxt-iod.out_bytes;
+ isc_cookie_init(tmp-iod.cookie, rem_addr, loc_addr, uid);
ISP_OP_END(tmp-iod);
#ifdef ONEFS_PERF_DEBUG
- DEBUG(0,( Finalized CHAIN
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-759-ga9bc6a3
The branch, master has been updated
via a9bc6a3d457fc2e568317b9867f8b3dc2a8f0d4f (commit)
via 7278c549ea7ea4a83ff164a9f9bf335fa4d11dd8 (commit)
from 0788436b579b78088bfa9d77fb4c47f652ad5eb8 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a9bc6a3d457fc2e568317b9867f8b3dc2a8f0d4f
Author: Zach Loafman zachary.loaf...@isilon.com
Date: Thu Mar 26 13:35:39 2009 -0700
Add durable open / oplock interaction test. Rather than give it a chance to
disconnect, Win7 will break a batch oplock immediately on contention.
commit 7278c549ea7ea4a83ff164a9f9bf335fa4d11dd8
Author: Zach Loafman zachary.loaf...@isilon.com
Date: Thu Mar 26 09:32:50 2009 -0700
Reorganize old persistent_handles test into durable_open.c, turn it into a
suite instead of a solo test (in anticipation of more tests).
---
Summary of changes:
source4/torture/smb2/config.mk|2 +-
source4/torture/smb2/durable_open.c | 300 +
source4/torture/smb2/persistent_handles.c | 183 --
source4/torture/smb2/smb2.c |2 +-
4 files changed, 302 insertions(+), 185 deletions(-)
create mode 100644 source4/torture/smb2/durable_open.c
delete mode 100644 source4/torture/smb2/persistent_handles.c
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/config.mk b/source4/torture/smb2/config.mk
index e0fc29f..91ba9fc 100644
--- a/source4/torture/smb2/config.mk
+++ b/source4/torture/smb2/config.mk
@@ -20,7 +20,7 @@ TORTURE_SMB2_OBJ_FILES = $(addprefix $(torturesrcdir)/smb2/, \
lock.o \
notify.o \
smb2.o \
- persistent_handles.o \
+ durable_open.o \
oplocks.o \
create.o \
read.o)
diff --git a/source4/torture/smb2/durable_open.c
b/source4/torture/smb2/durable_open.c
new file mode 100644
index 000..f34dfc4
--- /dev/null
+++ b/source4/torture/smb2/durable_open.c
@@ -0,0 +1,300 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ test suite for SMB2 durable opens
+
+ Copyright (C) Stefan Metzmacher 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include includes.h
+#include librpc/gen_ndr/security.h
+#include libcli/smb2/smb2.h
+#include libcli/smb2/smb2_calls.h
+#include torture/torture.h
+#include torture/smb2/proto.h
+
+#define CHECK_VAL(v, correct) do { \
+ if ((v) != (correct)) { \
+ torture_result(tctx, TORTURE_FAIL, (%s): wrong value for %s
got 0x%x - should be 0x%x\n, \
+ __location__, #v, (int)v, (int)correct); \
+ ret = false; \
+ }} while (0)
+
+#define CHECK_STATUS(status, correct) do { \
+ if (!NT_STATUS_EQUAL(status, correct)) { \
+ torture_result(tctx, TORTURE_FAIL, __location__: Incorrect
status %s - should be %s, \
+ nt_errstr(status), nt_errstr(correct)); \
+ ret = false; \
+ goto done; \
+ }} while (0)
+
+/*
+ basic testing of SMB2 durable opens
+ regarding the position information on the handle
+*/
+bool test_durable_open_file_position(struct torture_context *tctx,
+struct smb2_tree *tree1,
+struct smb2_tree *tree2)
+{
+ TALLOC_CTX *mem_ctx = talloc_new(tctx);
+ struct smb2_handle h1, h2;
+ struct smb2_create io1, io2;
+ NTSTATUS status;
+ const char *fname = durable_open_position.dat;
+ DATA_BLOB b;
+ union smb_fileinfo qfinfo;
+ union smb_setfileinfo sfinfo;
+ bool ret = true;
+ uint64_t pos;
+
+ smb2_util_unlink(tree1, fname);
+
+ ZERO_STRUCT(io1);
+ io1.in.security_flags = 0x00;
+ io1.in.oplock_level = SMB2_OPLOCK_LEVEL_BATCH;
+ io1.in.impersonation_level = NTCREATEX_IMPERSONATION_IMPERSONATION;
+ io1.in.create_flags = 0x;
+ io1.in.reserved = 0x;
+ io1.in.desired_access = SEC_RIGHTS_FILE_ALL;
+ io1.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ io1.in.share_access =
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-714-g365b5cf
The branch, master has been updated
via 365b5cfcbeb041ce84718717f30ac02183c9af7f (commit)
from e3f7057b0942793543c215ab45176c4280bd7d51 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 365b5cfcbeb041ce84718717f30ac02183c9af7f
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Mar 25 12:53:06 2009 -0700
Add missing newlines to debug statements
---
Summary of changes:
source3/modules/onefs_open.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c
index 5a488f8..c23c176 100644
--- a/source3/modules/onefs_open.c
+++ b/source3/modules/onefs_open.c
@@ -208,14 +208,14 @@ static NTSTATUS onefs_open_file(files_struct *fsp,
if ((oplock_request ~SAMBA_PRIVATE_OPLOCK_MASK) !=
NO_OPLOCK) {
DEBUG(0,(Oplock(%d) being requested on a stream!
- Ignoring oplock request: base=%s, stream=%s,
+ Ignoring oplock request: base=%s, stream=%s\n,
oplock_request ~SAMBA_PRIVATE_OPLOCK_MASK,
base, stream));
/* Recover by requesting NO_OPLOCK instead. */
oplock_request = SAMBA_PRIVATE_OPLOCK_MASK;
}
- DEBUG(10,(Opening a stream: base=%s(%d), stream=%s,
+ DEBUG(10,(Opening a stream: base=%s(%d), stream=%s\n,
base, fsp-base_fsp-fh-fd, stream));
base_fd = fsp-base_fsp-fh-fd;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-153-g5a9f668
The branch, master has been updated
via 5a9f668dabb62efd70054dc35d19c60d027793b5 (commit)
from ddc1864fb22dfcd86e3a8688cfd12e0dccd835da (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5a9f668dabb62efd70054dc35d19c60d027793b5
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Mar 4 11:04:31 2009 -0800
s3: Remove madvise support
This reverts 193be432. The MADVISE_PROTECT is inherited by all child
processes and cannot be unset. The intention of the original patch was
to protect the parent process, but allow children to be killed in low
memory. Since this isn't possible with the current API, reverting the
whole feature.
---
Summary of changes:
source3/configure.in | 29 -
source3/lib/util.c |7 ---
2 files changed, 0 insertions(+), 36 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/configure.in b/source3/configure.in
index d67fecc..e48ff34 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -4723,35 +4723,6 @@ SMB_LIBRARY(addns, 0, no, [undefined API])
#
-# check to see if we should set the protected madvise flag,
-# which will keep smbd alive in low memory conditions
-AC_MSG_CHECKING(whether to protect smbd from being killed in low memory)
-AC_ARG_WITH(madvise-protect,
-[AS_HELP_STRING([--with-madvise-protect], [Include low memory madvise
protection (default=no)])],
-[ case $withval in
- yes)
-AC_TRY_COMPILE([
-#include sys/mman.h
-],[
-int a = MADV_PROTECT;
-],
-[samba_cv_madvise_protect=yes],
-[samba_cv_madvise_protect=no])
-if test x$samba_cv_madvise_protect = xyes; then
-AC_MSG_RESULT(yes)
-AC_DEFINE(WITH_MADVISE_PROTECTED,1,[Whether to include low memory
protection support])
-else
-AC_MSG_ERROR(Low memory protection supporte requires availability of
MADVISE_PROTECT flag.)
-fi
-;;
- *)
-AC_MSG_RESULT(no)
-;;
- esac ],
- AC_MSG_RESULT(no)
-)
-
-#
# these tests are taken from the GNU fileutils package
AC_CHECKING(how to get filesystem space usage)
space=no
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 89f7be8..ec794ca 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -899,13 +899,6 @@ bool reinit_after_fork(struct messaging_context *msg_ctx,
* numbers as each other */
set_need_random_reseed();
-#ifdef WITH_MADVISE_PROTECTED
- /* Protect parent process from being killed by kernel when system
-* memory is low. Child processes can still be killed */
- if(!parent_longlived)
- madvise(NULL,0,MADV_PROTECT);
-#endif
-
/* tdb needs special fork handling */
if (tdb_reopen_all(parent_longlived ? 1 : 0) == -1) {
DEBUG(0,(tdb_reopen_all failed.\n));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-75-g61bedb4
The branch, master has been updated
via 61bedb4263a73121bde3fb18295bc0abc4ccbcb2 (commit)
from b7b287d41720ec15eff234ffc96c2fa628e8a6e8 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 61bedb4263a73121bde3fb18295bc0abc4ccbcb2
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Feb 26 17:47:32 2009 -0800
s3: fix guest auth when winbindd is running
This fix is very subtle. If a server is configured with security = share
and guest ok = yes and winbindd is running authorization will fail during
tree connect.
This is due to our inability to map the guest sid S-1-5-21-X-501 to a uid
through sid_to_uid(). Winbindd is unaware of the hard coded mapping
between this sid and whatever uid the name in lp_guestaccount() is assigned.
So sid_to_uid() fails and we exit create_token_from_username() without
ever calling pdb_getsampwsid() which IS aware of the hard coded mapping.
This patch just reorganizes the code, moving sid_to_uid() down to the
block of code in which it is needed, avoiding this early failure.
---
Summary of changes:
source3/auth/auth_util.c | 14 +++---
1 files changed, 7 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1f00e22..c39aa85 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -806,7 +806,7 @@ NTSTATUS create_local_token(auth_serversupplied_info
*server_info)
}
/*
- * Create an artificial NT token given just a username. (Initially indended
+ * Create an artificial NT token given just a username. (Initially intended
* for force user)
*
* We go through lookup_name() to avoid problems we had with 'winbind use
@@ -859,12 +859,6 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx,
const char *username,
goto done;
}
- if (!sid_to_uid(user_sid, uid)) {
- DEBUG(1, (sid_to_uid for %s (%s) failed\n,
- username, sid_string_dbg(user_sid)));
- goto done;
- }
-
if (sid_check_is_in_our_domain(user_sid)) {
bool ret;
@@ -922,6 +916,12 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx,
const char *username,
unix_user:
+ if (!sid_to_uid(user_sid, uid)) {
+ DEBUG(1, (sid_to_uid for %s (%s) failed\n,
+ username, sid_string_dbg(user_sid)));
+ goto done;
+ }
+
uid_to_unix_users_sid(*uid, user_sid);
pass = getpwuid_alloc(tmp_ctx, *uid);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1173-g4e024b3
The branch, master has been updated via 4e024b3f87ee1ccb0d7c83dfc6a4b5a6b2c47c13 (commit) via 95bf60b39d003bea6f9f5ad2bc63d5f2a8b8b2af (commit) from 503d15e8df9075ea9cf8b2d260487e68fc68f559 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4e024b3f87ee1ccb0d7c83dfc6a4b5a6b2c47c13 Author: Dan Sledz dsl...@isilon.com Date: Tue Feb 24 14:12:48 2009 -0800 s3: onefs_acl.c cleanup Remove some duplicate code. Add a \n to a debugging statement commit 95bf60b39d003bea6f9f5ad2bc63d5f2a8b8b2af Author: todd stecher todd.stec...@gmail.com Date: Mon Feb 23 10:24:33 2009 -0800 S3: Add in profile counters for new vfs and syscall entries. --- Summary of changes: source3/include/smbprofile.h| 28 source3/modules/onefs_acl.c | 16 +++- source3/modules/onefs_cbrl.c| 26 -- source3/modules/onefs_streams.c | 16 +--- source3/modules/onefs_system.c | 18 ++ source3/profile/profile.c |7 +++ 6 files changed, 101 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/smbprofile.h b/source3/include/smbprofile.h index 131416b..f9a0436 100644 --- a/source3/include/smbprofile.h +++ b/source3/include/smbprofile.h @@ -75,6 +75,10 @@ enum profile_stats_values #define syscall_open_count __profile_stats_value(PR_VALUE_SYSCALL_OPEN, count) #define syscall_open_time __profile_stats_value(PR_VALUE_SYSCALL_OPEN, time) + PR_VALUE_SYSCALL_CREATEFILE, +#define syscall_createfile_count __profile_stats_value(PR_VALUE_SYSCALL_CREATEFILE, count) +#define syscall_createfile_time __profile_stats_value(PR_VALUE_SYSCALL_CREATEFILE, time) + PR_VALUE_SYSCALL_CLOSE, #define syscall_close_count __profile_stats_value(PR_VALUE_SYSCALL_CLOSE, count) #define syscall_close_time __profile_stats_value(PR_VALUE_SYSCALL_CLOSE, time) @@ -111,6 +115,10 @@ enum profile_stats_values #define syscall_rename_count __profile_stats_value(PR_VALUE_SYSCALL_RENAME, count) #define syscall_rename_time __profile_stats_value(PR_VALUE_SYSCALL_RENAME, time) + PR_VALUE_SYSCALL_RENAME_AT, +#define syscall_rename_at_count __profile_stats_value(PR_VALUE_SYSCALL_RENAME_AT, count) +#define syscall_rename_at_time __profile_stats_value(PR_VALUE_SYSCALL_RENAME_AT, time) + PR_VALUE_SYSCALL_FSYNC, #define syscall_fsync_count __profile_stats_value(PR_VALUE_SYSCALL_FSYNC, count) #define syscall_fsync_time __profile_stats_value(PR_VALUE_SYSCALL_FSYNC, time) @@ -215,6 +223,26 @@ enum profile_stats_values #define syscall_set_quota_count __profile_stats_value(PR_VALUE_SYSCALL_SET_QUOTA, count) #define syscall_set_quota_time __profile_stats_value(PR_VALUE_SYSCALL_SET_QUOTA, time) + PR_VALUE_SYSCALL_GET_SD, +#define syscall_get_sd_count __profile_stats_value(PR_VALUE_SYSCALL_GET_SD, count) +#define syscall_get_sd_time __profile_stats_value(PR_VALUE_SYSCALL_GET_SD, time) + + PR_VALUE_SYSCALL_SET_SD, +#define syscall_set_sd_count __profile_stats_value(PR_VALUE_SYSCALL_SET_SD, count) +#define syscall_set_sd_time __profile_stats_value(PR_VALUE_SYSCALL_SET_SD, time) + + PR_VALUE_SYSCALL_BRL_LOCK, +#define syscall_brl_lock_count __profile_stats_value(PR_VALUE_SYSCALL_BRL_LOCK, count) +#define syscall_brl_lock_time __profile_stats_value(PR_VALUE_SYSCALL_BRL_LOCK, time) + + PR_VALUE_SYSCALL_BRL_UNLOCK, +#define syscall_brl_unlock_count __profile_stats_value(PR_VALUE_SYSCALL_BRL_UNLOCK, count) +#define syscall_brl_unlock_time __profile_stats_value(PR_VALUE_SYSCALL_BRL_UNLOCK, time) + + PR_VALUE_SYSCALL_BRL_CANCEL, +#define syscall_brl_cancel_count __profile_stats_value(PR_VALUE_SYSCALL_BRL_CANCEL, count) +#define syscall_brl_cancel_time __profile_stats_value(PR_VALUE_SYSCALL_BRL_CANCEL, time) + /* counters for individual SMB types */ PR_VALUE_SMBMKDIR, #define SMBmkdir_count __profile_stats_value(PR_VALUE_SMBMKDIR, count) diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c index 7bc4a17..b8097b6 100644 --- a/source3/modules/onefs_acl.c +++ b/source3/modules/onefs_acl.c @@ -273,9 +273,6 @@ onefs_samba_acl_to_acl(SEC_ACL *samba_acl, struct ifs_security_acl **acl, if (aclu_initialize_acl(acl, aces, num_aces)) goto err_free; - if (aclu_initialize_acl(acl, aces, num_aces)) - goto err_free; - /* Currently aclu_initialize_acl should copy the aces over, allowing * us to immediately free */ free(aces); @@ -614,6 +611,8 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, bool fopened = false; NTSTATUS status = NT_STATUS_OK; + START_PROFILE(syscall_get_sd); + *ppdesc = NULL;
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1174-gaeab22b
The branch, master has been updated
via aeab22b55cb1484ff6da7242bd525e30b69e5752 (commit)
from 4e024b3f87ee1ccb0d7c83dfc6a4b5a6b2c47c13 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit aeab22b55cb1484ff6da7242bd525e30b69e5752
Author: Dan Sledz dsl...@isilon.com
Date: Mon Feb 23 23:21:13 2009 -0800
s3: Rename auth_onefs_wb and pdb_onefs_sam
auth_onefs_wb.c - auth_wbc.c
pdb_onefs_sam.c - pdb_wbc_sam.c
No changes to functionality
---
Summary of changes:
source3/Makefile.in| 10 +-
source3/auth/auth_onefs_wb.c | 134
source3/auth/auth_wbc.c| 150 ++
source3/configure.in |8 +-
source3/passdb/pdb_onefs_sam.c | 433 --
source3/passdb/pdb_wbc_sam.c | 448
6 files changed, 607 insertions(+), 576 deletions(-)
delete mode 100644 source3/auth/auth_onefs_wb.c
create mode 100644 source3/auth/auth_wbc.c
delete mode 100644 source3/passdb/pdb_onefs_sam.c
create mode 100644 source3/passdb/pdb_wbc_sam.c
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 73b2989..8f1d1a5 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -689,7 +689,7 @@ AUTH_SAM_OBJ = auth/auth_sam.o
AUTH_SERVER_OBJ = auth/auth_server.o
AUTH_UNIX_OBJ = auth/auth_unix.o
AUTH_WINBIND_OBJ = auth/auth_winbind.o
-AUTH_ONEFS_WB_OBJ = auth/auth_onefs_wb.o
+AUTH_WBC_OBJ = auth/auth_wbc.o
AUTH_SCRIPT_OBJ = auth/auth_script.o
AUTH_NETLOGOND_OBJ = auth/auth_netlogond.o
@@ -2355,9 +2355,9 @@ bin/winbi...@shlibext@: $(BINARY_PREREQS)
$(AUTH_WINBIND_OBJ)
@echo Building plugin $@
@$(SHLD_MODULE) $(AUTH_WINBIND_OBJ)
-bin/onefs_...@shlibext@: $(BINARY_PREREQS) $(AUTH_ONEFS_WB_OBJ)
+bin/w...@shlibext@: $(BINARY_PREREQS) $(AUTH_WBC_OBJ)
@echo Building plugin $@
- @$(SHLD_MODULE) $(AUTH_ONEFS_WB_OBJ)
+ @$(SHLD_MODULE) $(AUTH_WBC_OBJ)
bin/un...@shlibext@: $(BINARY_PREREQS) $(AUTH_UNIX_OBJ)
@echo Building plugin $@
@@ -2375,9 +2375,9 @@ bin/tdbs...@shlibext@: $(BINARY_PREREQS) passdb/pdb_tdb.o
@echo Building plugin $@
@$(SHLD_MODULE) passdb/pdb_tdb.o
-bin/onefs_s...@shlibext@: $(BINARY_PREREQS) passdb/pdb_onefs_sam.o
+bin/wbc_s...@shlibext@: $(BINARY_PREREQS) passdb/pdb_wbc_sam.o
@echo Building plugin $@
- @$(SHLD_MODULE) passdb/pdb_onefs_sam.o
+ @$(SHLD_MODULE) passdb/pdb_wbc_sam.o
bin/smbpass...@shlibext@: $(BINARY_PREREQS) passdb/pdb_smbpasswd.o
@echo Building plugin $@
diff --git a/source3/auth/auth_onefs_wb.c b/source3/auth/auth_onefs_wb.c
deleted file mode 100644
index 49de696..000
--- a/source3/auth/auth_onefs_wb.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind authentication mechnism, customized for onefs
-
- Copyright (C) Tim Potter 2000
- Copyright (C) Andrew Bartlett 2001 - 2002
- Copyright (C) Dan Sledz 2009
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see http://www.gnu.org/licenses/.
-*/
-
-#include includes.h
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_AUTH
-
-/* Authenticate a user with a challenge/response */
-
-static NTSTATUS check_onefs_wb_security(const struct auth_context
*auth_context,
- void *my_private_data,
- TALLOC_CTX *mem_ctx,
- const auth_usersupplied_info *user_info,
- auth_serversupplied_info **server_info)
-{
- NTSTATUS nt_status;
- wbcErr wbc_status;
- struct wbcAuthUserParams params;
- struct wbcAuthUserInfo *info = NULL;
- struct wbcAuthErrorInfo *err = NULL;
-
- if (!user_info || !auth_context || !server_info) {
- return NT_STATUS_INVALID_PARAMETER;
- }
- /* Send off request */
-
- params.account_name = user_info-smb_name;
- params.domain_name = user_info-domain;
- params.workstation_name = user_info-wksta_name;
-
- params.flags= 0;
- params.parameter_control= user_info-logon_parameters;
-
- /* Handle plaintext */
- if (!user_info-encrypted) {
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1111-g8d63c59
The branch, master has been updated
via 8d63c596a0f512c96f5663c0a9bd49d3c98c6df9 (commit)
from 3a1b4c00eb96634229fb730e9b38e8df5180756a (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8d63c596a0f512c96f5663c0a9bd49d3c98c6df9
Author: Steven Danneman steven.danne...@isilon.com
Date: Mon Feb 23 20:46:11 2009 -0800
Refactored sys_fork() and sys_pid() into shared util library
This fixes a bug in 116ce19b, where we didn't clear the pid cache in
become_daemon() and thus the /var/run/smbd.pid didn't match the actual
pid of the parent process.
Currently S4 will clear the pid cache on fork but doesn't yet take
advantage of the pid cache by using sys_pid() instead of the direct
get_pid().
---
Summary of changes:
lib/util/become_daemon.c |6 +++---
lib/util/system.c| 29 +
lib/util/util.h | 10 ++
source3/Makefile.in |2 +-
source3/include/proto.h |2 --
source3/lib/system.c | 29 -
6 files changed, 43 insertions(+), 35 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c
index 5a97b65..3d06a43 100644
--- a/lib/util/become_daemon.c
+++ b/lib/util/become_daemon.c
@@ -66,10 +66,10 @@ _PUBLIC_ void close_low_fds(bool stderr_too)
Become a daemon, discarding the controlling terminal.
/
-_PUBLIC_ void become_daemon(bool Fork, bool no_process_group)
+_PUBLIC_ void become_daemon(bool do_fork, bool no_process_group)
{
- if (Fork) {
- if (fork()) {
+ if (do_fork) {
+ if (sys_fork()) {
_exit(0);
}
}
diff --git a/lib/util/system.c b/lib/util/system.c
index 9bd1800..9bf5de1 100644
--- a/lib/util/system.c
+++ b/lib/util/system.c
@@ -88,3 +88,32 @@ _PUBLIC_ struct in_addr sys_inet_makeaddr(int net, int host)
return in2;
}
+/**
+ Wrapper for fork. Ensures we clear our pid cache.
+/
+
+static pid_t mypid = (pid_t)-1;
+
+_PUBLIC_ pid_t sys_fork(void)
+{
+ pid_t forkret = fork();
+
+ if (forkret == (pid_t)0) {
+ /* Child - reset mypid so sys_getpid does a system call. */
+ mypid = (pid_t) -1;
+ }
+
+ return forkret;
+}
+
+/**
+ Wrapper for getpid. Ensures we only do a system call *once*.
+/
+
+_PUBLIC_ pid_t sys_getpid(void)
+{
+ if (mypid == (pid_t)-1)
+ mypid = getpid();
+
+ return mypid;
+}
diff --git a/lib/util/util.h b/lib/util/util.h
index d3e446f..27f94cd 100644
--- a/lib/util/util.h
+++ b/lib/util/util.h
@@ -134,6 +134,16 @@ apparent reason.
_PUBLIC_ struct hostent *sys_gethostbyname(const char *name);
_PUBLIC_ struct in_addr sys_inet_makeaddr(int net, int host);
+/**
+ * Wrapper for fork used to invalid pid cache.
+ **/
+_PUBLIC_ pid_t sys_fork(void);
+
+/**
+ * Wrapper for getpid. Ensures we only do a system call *once*.
+ **/
+_PUBLIC_ pid_t sys_getpid(void);
+
/* The following definitions come from lib/util/genrand.c */
/**
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 7564659..a403f14 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -339,7 +339,7 @@ UTIL_OBJ = ../lib/util/rbtree.o ../lib/util/signal.o
../lib/util/time.o \
../lib/util/util.o ../lib/util/fsusage.o \
../lib/util/params.o ../lib/util/talloc_stack.o \
../lib/util/genrand.o ../lib/util/util_net.o \
- ../lib/util/become_daemon.o
+ ../lib/util/become_daemon.o ../lib/util/system.o
CRYPTO_OBJ = ../lib/crypto/crc32.o ../lib/crypto/md5.o \
../lib/crypto/hmacmd5.o ../lib/crypto/arcfour.o \
diff --git a/source3/include/proto.h b/source3/include/proto.h
index faf47d3..14241d5 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -972,8 +972,6 @@ struct passwd *sys_getpwnam(const char *name);
struct passwd *sys_getpwuid(uid_t uid);
struct group *sys_getgrnam(const char *name);
struct group *sys_getgrgid(gid_t gid);
-pid_t sys_fork(void);
-pid_t sys_getpid(void);
int sys_popen(const char *command);
int sys_pclose(int fd);
ssize_t sys_getxattr (const char *path, const char *name, void *value, size_t
size);
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 8bdc9fa..10b55f6 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -1043,35
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1072-gac0d452
The branch, master has been updated
via ac0d452ac64cae90645ad49b1bb04f2e8bf89c9b (commit)
from 4e5997736c6e173ddfd735239ac5c77d2353a5f6 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit ac0d452ac64cae90645ad49b1bb04f2e8bf89c9b
Author: Steven Danneman steven.danne...@isilon.com
Date: Sun Feb 22 21:55:25 2009 -0800
s3: Wrap usage of rlimit in configure checks
---
Summary of changes:
source3/param/loadparm.c | 39 +++
1 files changed, 19 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index e50ab92..89c706d 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4656,32 +4656,31 @@ static void init_printer_values(struct service
*pService)
static int max_open_files(void)
{
int sysctl_max = MAX_OPEN_FILES;
- struct rlimit rl;
- bool sysctl_worked = false, rlimit_worked = false;
+ int rlimit_max = MAX_OPEN_FILES;
#ifdef HAVE_SYSCTLBYNAME
- size_t size = sizeof(sysctl_max);
- if (sysctlbyname(kern.maxfilesperproc, sysctl_max, size, NULL,0)==0)
- sysctl_worked = true;
+ {
+ size_t size = sizeof(sysctl_max);
+ sysctlbyname(kern.maxfilesperproc, sysctl_max, size, NULL,
+0);
+ }
#endif
- if (getrlimit(RLIMIT_NOFILE, rl) == 0)
- rlimit_worked = true;
+#if (defined(HAVE_GETRLIMIT) defined(RLIMIT_NOFILE))
+ {
+ struct rlimit rl = {};
- if (sysctl_worked) {
- if ((!rlimit_worked) ||
- (rl.rlim_cur == RLIM_INFINITY) ||
- (rl.rlim_cur sysctl_max))
- return sysctl_max;
- else
- return rl.rlim_cur;
- } else {
- if ((!rlimit_worked) ||
- (rl.rlim_cur == RLIM_INFINITY))
- return MAX_OPEN_FILES;
- else
- return rl.rlim_cur;
+ if (getrlimit(RLIMIT_NOFILE, rl) == 0)
+ rlimit_max = rl.rlim_cur;
+
+#if defined(RLIM_INFINITY)
+ if(rl.rlim_cur == RLIM_INFINITY)
+ rlimit_max = MAX_OPEN_FILES;
}
+#endif
+#endif
+
+ return MIN(sysctl_max, rlimit_max);
}
/**
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1035-g5bd7f9c
The branch, master has been updated via 5bd7f9c61bb2fea1867ac6657c9b30799ba49d8f (commit) via 9a90cbea83548bffb224151a24005cb916f238f5 (commit) via b329ea1cf35cfe151ac026eefc8ff82b2dfd711c (commit) via 1a0aed36c0fc3815c832be1086a3a66256426414 (commit) from e6a5f11865a55e9644292ae92e4a4b5ec0662ccd (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5bd7f9c61bb2fea1867ac6657c9b30799ba49d8f Author: Steven Danneman steven.danne...@isilon.com Date: Fri Feb 20 13:25:17 2009 -0800 s3: OneFS implementation of change notify The OneFS Samba implementation of change notify is modeled after the usage of Linux's inotify kernel subsystem. A single call is made into the onefs.so VFS module to initialize kernel tracking of certain file change events. When these events occur a kernel notification is sent to smbd and the notification event is translated and given to the general Samba Change Notify layer through a callback function. The most difficult aspect is converting an SMB CompletionFilter to a matching ifs_event mask, and then back to an appropriate change notify action. Currently, not all possible cases are handled by the this module, but the most prevalent ones, which are tested by smbtorture, are implemented. commit 9a90cbea83548bffb224151a24005cb916f238f5 Author: Steven Danneman steven.danne...@isilon.com Date: Tue Feb 17 16:20:18 2009 -0800 s3: Make change notify immediately return a catch-all packet on underlying error * This allows a problem in the underlying CN backend to be bubbled up to the general CN layer so a catch-all reply can be returned * We now also return a catch-all response immediately if the server-side event queue becomes too big commit b329ea1cf35cfe151ac026eefc8ff82b2dfd711c Author: Steven Danneman steven.danne...@isilon.com Date: Fri Feb 20 13:23:53 2009 -0800 s3: Modifications to generic notify structures to allow implementation of OneFS notify. The OneFS kernel based change notify system takes an fd of the directory to watch in it's initialization syscall. Since we already have this directory open, this commit plumbs that fd down to the VFS layer via the notify_entry struct. We also need to know if the watch is taken out on a snapshot directory. The full file_id struct is also passed down to make this determination. The file_id marshalling wrappers are hand written here, but should eventually be auto-generated by moving the struct file_id into the idl. commit 1a0aed36c0fc3815c832be1086a3a66256426414 Author: Steven Danneman steven.danne...@isilon.com Date: Thu Feb 19 17:06:27 2009 -0800 Added torture tests to RAW-NOTIFY * This adds a test to check the change notify behavior of the SMB server when more events have been generated than can be returned in a single change notify response. * Second test makes sure the server doesn't return notification events for changes to the watched directory itself --- Summary of changes: source3/Makefile.in |5 +- source3/include/proto.h |3 + source3/librpc/gen_ndr/ndr_notify.c |8 + source3/librpc/gen_ndr/notify.h |2 + source3/librpc/idl/notify.idl |2 + source3/librpc/ndr/util.c | 39 ++ source3/modules/onefs.h |9 + source3/modules/onefs_notify.c | 680 +++ source3/modules/vfs_onefs.c |2 + source3/smbd/notify.c | 17 +- source4/torture/raw/notify.c| 152 - 11 files changed, 914 insertions(+), 5 deletions(-) create mode 100644 source3/modules/onefs_notify.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 6ff90fc..2df995f 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -621,7 +621,8 @@ PROFILES_OBJ = utils/profiles.o \ $(LIB_OBJ) $(LIB_DUMMY_OBJ) \ $(POPT_LIB_OBJ) -OPLOCK_OBJ = smbd/oplock.o smbd/oplock_irix.o smbd/oplock_linux.o smbd/oplock_onefs.o +OPLOCK_OBJ = smbd/oplock.o smbd/oplock_irix.o smbd/oplock_linux.o \ +smbd/oplock_onefs.o NOTIFY_OBJ = smbd/notify.o smbd/notify_inotify.o smbd/notify_internal.o @@ -666,7 +667,7 @@ VFS_ACL_TDB_OBJ = modules/vfs_acl_tdb.o VFS_SMB_TRAFFIC_ANALYZER_OBJ = modules/vfs_smb_traffic_analyzer.o VFS_ONEFS_OBJ = modules/vfs_onefs.o modules/onefs_acl.o modules/onefs_system.o \ modules/onefs_open.o modules/onefs_streams.o modules/onefs_dir.c \ - modules/onefs_cbrl.o + modules/onefs_cbrl.o modules/onefs_notify.o VFS_ONEFS_SHADOW_COPY_OBJ = modules/vfs_onefs_shadow_copy.o modules/onefs_shadow_copy.o
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1037-g193be43
The branch, master has been updated
via 193be432a224918bf0fbecfb6705146476c15c07 (commit)
via 116ce19b10a1fd60776764974ad50776ff7c4714 (commit)
from 5bd7f9c61bb2fea1867ac6657c9b30799ba49d8f (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 193be432a224918bf0fbecfb6705146476c15c07
Author: Steven Danneman steven.danne...@isilon.com
Date: Fri Feb 20 16:24:08 2009 -0800
s3: Refactor of madvise() usage in c441f58d
* move to reinit_after_fork() to protect all Samba daemons
* only protect parent processes
commit 116ce19b10a1fd60776764974ad50776ff7c4714
Author: Steven Danneman steven.danne...@isilon.com
Date: Fri Feb 20 15:10:21 2009 -0800
Moved become_daemon() and close_low_fds() to shared util lib
---
Summary of changes:
lib/util/become_daemon.c | 22 +++---
lib/util/util.h |9 --
source3/Makefile.in |3 +-
source3/include/proto.h |2 -
source3/lib/util.c | 74 -
source3/smbd/server.c|7
source4/smbd/server.c|2 +-
7 files changed, 27 insertions(+), 92 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c
index 034114e..5a97b65 100644
--- a/lib/util/become_daemon.c
+++ b/lib/util/become_daemon.c
@@ -28,14 +28,15 @@
/***
Close the low 3 fd's and open dev/null in their place.
/
-static void close_low_fds(bool stderr_too)
+
+_PUBLIC_ void close_low_fds(bool stderr_too)
{
#ifndef VALGRIND
int fd;
int i;
close(0);
- close(1);
+ close(1);
if (stderr_too)
close(2);
@@ -61,11 +62,11 @@ static void close_low_fds(bool stderr_too)
#endif
}
-/**
+/
Become a daemon, discarding the controlling terminal.
-**/
+/
-_PUBLIC_ void become_daemon(bool Fork)
+_PUBLIC_ void become_daemon(bool Fork, bool no_process_group)
{
if (Fork) {
if (fork()) {
@@ -73,14 +74,14 @@ _PUBLIC_ void become_daemon(bool Fork)
}
}
- /* detach from the terminal */
+ /* detach from the terminal */
#ifdef HAVE_SETSID
- setsid();
+ if (!no_process_group) setsid();
#elif defined(TIOCNOTTY)
- {
- int i = open(/dev/tty, O_RDWR, 0);
+ if (!no_process_group) {
+ int i = sys_open(/dev/tty, O_RDWR, 0);
if (i != -1) {
- ioctl(i, (int) TIOCNOTTY, (char *)0);
+ ioctl(i, (int) TIOCNOTTY, (char *)0);
close(i);
}
}
@@ -90,4 +91,3 @@ _PUBLIC_ void become_daemon(bool Fork)
close_low_fds(false); /* Don't close stderr, let the debug system
attach it to the logfile */
}
-
diff --git a/lib/util/util.h b/lib/util/util.h
index 7873f0e..4d4df21 100644
--- a/lib/util/util.h
+++ b/lib/util/util.h
@@ -724,12 +724,15 @@ _PUBLIC_ int idr_remove(struct idr_context *idp, int id);
/* The following definitions come from lib/util/become_daemon.c */
-#if _SAMBA_BUILD_ == 4
+/**
+ Close the low 3 fd's and open dev/null in their place
+**/
+_PUBLIC_ void close_low_fds(bool stderr_too);
+
/**
Become a daemon, discarding the controlling terminal.
**/
-_PUBLIC_ void become_daemon(bool fork);
-#endif
+_PUBLIC_ void become_daemon(bool fork, bool no_process_group);
/**
* Load a ini-style file.
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 2df995f..98ed810 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -338,7 +338,8 @@ UTIL_OBJ = ../lib/util/rbtree.o ../lib/util/signal.o
../lib/util/time.o \
../lib/util/util_file.o ../lib/util/data_blob.o \
../lib/util/util.o ../lib/util/fsusage.o \
../lib/util/params.o ../lib/util/talloc_stack.o \
- ../lib/util/genrand.o ../lib/util/util_net.o
+ ../lib/util/genrand.o ../lib/util/util_net.o \
+ ../lib/util/become_daemon.o
CRYPTO_OBJ = ../lib/crypto/crc32.o ../lib/crypto/md5.o \
../lib/crypto/hmacmd5.o ../lib/crypto/arcfour.o \
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 1ac2ac2..587bb29 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1139,11 +1139,9 @@ int set_message_bcc(char *buf,int num_bytes);
ssize_t message_push_blob(uint8 **outbuf, DATA_BLOB blob);
char *unix_clean_name(TALLOC_CTX *ctx, const char *s);
char *clean_name
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1038-gd9a842b
The branch, master has been updated
via d9a842b26f306a6328e0fb4f226ed8292a8c221a (commit)
from 193be432a224918bf0fbecfb6705146476c15c07 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d9a842b26f306a6328e0fb4f226ed8292a8c221a
Author: todd stecher todd.stec...@gmail.com
Date: Thu Feb 19 09:33:30 2009 -0800
S3: Detect max_open_files from system
- Attempt to use syscalls to determine max-open-files value.
- Add in periodic logging when max file limit reached
---
Summary of changes:
source3/configure.in | 19 +++
source3/param/loadparm.c | 38 +-
source3/smbd/open.c | 12
3 files changed, 68 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/configure.in b/source3/configure.in
index b163a9d..624862f 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -837,6 +837,25 @@ if test x$samba_cv_msghdr_msg_control = xyes; then
fi
#
+# check for sysctlbyname
+AC_CACHE_CHECK([for sysctlbyname],samba_cv_sysctlbyname, [
+AC_TRY_COMPILE([
+#include sys/types.h
+#include sys/sysctl.h
+#include stdlib.h
+#include stddef.h],
+[
+ int sysctl_max;
+ size_t size = sizeof(sysctl_max);
+ sysctlbyname(test, sysctl_max, size, NULL, 0);
+],
+ samba_cv_sysctlbyname=yes,samba_cv_sysctlbyname=no)])
+if test x$samba_cv_msghdr_msg_control = xyes; then
+AC_DEFINE(HAVE_SYSCTLBYNAME,1,
+[If we support sysctlbyname api])
+fi
+
+#
# check for fd passing struct via msg_acctrights
AC_CACHE_CHECK([for fd passing via msg_acctrights],
samba_cv_msghdr_msg_acctrights, [
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 37af703..cb56825 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4657,6 +4657,42 @@ static void init_printer_values(struct service *pService)
}
}
+/**
+ * Function to return the default value for the maximum number of open
+ * file descriptors permitted. This function tries to consult the
+ * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
+ * the smaller of those.
+ */
+static int max_open_files(void)
+{
+ int sysctl_max;
+ struct rlimit rl;
+ bool sysctl_worked = false, rlimit_worked = false;
+
+#ifdef HAVE_SYSCTLBYNAME
+ size_t size = sizeof(sysctl_max);
+ if (sysctlbyname(kern.maxfilesperproc, sysctl_max, size, NULL,0)==0)
+ sysctl_worked = true;
+#endif
+
+ if (getrlimit(RLIMIT_NOFILE, rl) == 0)
+ rlimit_worked = true;
+
+ if (sysctl_worked) {
+ if ((!rlimit_worked) ||
+ (rl.rlim_cur == RLIM_INFINITY) ||
+ (rl.rlim_cur sysctl_max))
+ return sysctl_max;
+ else
+ return rl.rlim_cur;
+ } else {
+ if ((!rlimit_worked) ||
+ (rl.rlim_cur == RLIM_INFINITY))
+ return MAX_OPEN_FILES;
+ else
+ return rl.rlim_cur;
+ }
+}
/**
* Common part of freeing allocated data for one parameter.
@@ -4880,7 +4916,7 @@ static void init_globals(bool first_time_only)
Globals.getwd_cache = true;
Globals.bLargeReadwrite = True;
Globals.max_log_size = 5000;
- Globals.max_open_files = MAX_OPEN_FILES;
+ Globals.max_open_files = max_open_files();
Globals.open_files_db_hash_size = SMB_OPEN_DATABASE_TDB_HASH_SIZE;
Globals.maxprotocol = PROTOCOL_NT1;
Globals.minprotocol = PROTOCOL_CORE;
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 239d4ff..ac7c35c 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -132,6 +132,18 @@ static NTSTATUS fd_open(struct connection_struct *conn,
fsp-fh-fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
if (fsp-fh-fd == -1) {
status = map_nt_error_from_unix(errno);
+ if (errno == EMFILE) {
+ static time_t last_warned = 0L;
+
+ if (time((time_t *) NULL) last_warned) {
+ DEBUG(0,(Too many open files, unable
+ to open more! smbd's max
+ open files = %d\n,
+ lp_max_open_files()));
+ last_warned = time((time_t *) NULL);
+ }
+ }
+
}
DEBUG(10,(fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n,
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1045-gfc02c3b0
The branch, master has been updated
via fc02c3b0890a9549989bb0aba16588026c6d6b43 (commit)
via c383022f89a34b83039502cc58178498cc06370e (commit)
via e311dcff2272968959b4268c2e7aad351443b191 (commit)
from 2539d678f54d09577d5c86fae1d6d43175bfca96 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit fc02c3b0890a9549989bb0aba16588026c6d6b43
Author: Dan Sledz dan.sl...@isilon.com
Date: Fri Feb 13 12:28:57 2009 -0800
Introduce a new passdb backend: pdb_onefs_sam
Implements a custom backend for onefs that exclusively uses the wbclient
interface for all passdb calls.
It lacks some features of a standard passdb.
In particular it's a read only interface and doesn't implement privileges.
commit c383022f89a34b83039502cc58178498cc06370e
Author: Dan Sledz dan.sl...@isilon.com
Date: Fri Feb 13 12:24:22 2009 -0800
Introduce a new authentication backend auth_onefs_wb
This new backend is custom tailored to onefs' unique requirements:
1) No fallback logic
2) Does not validate the domain of the user
3) Handles unencrypted passwords
commit e311dcff2272968959b4268c2e7aad351443b191
Author: Dan Sledz dan.sl...@isilon.com
Date: Tue Dec 9 08:29:26 2008 +
Allow building with an external libwbclient library
Introduce a new configure option --with-wbclient which specifies a
location to find a compatible libwbclient library to link against. This
options is overwritten by --with-winbind
---
Summary of changes:
source3/Makefile.in|9 +
source3/auth/auth_onefs_wb.c | 134 +
source3/configure.in | 80 ++--
source3/passdb/pdb_onefs_sam.c | 433
4 files changed, 636 insertions(+), 20 deletions(-)
create mode 100644 source3/auth/auth_onefs_wb.c
create mode 100644 source3/passdb/pdb_onefs_sam.c
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 98ed810..6087fa0 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -685,6 +685,7 @@ AUTH_SAM_OBJ = auth/auth_sam.o
AUTH_SERVER_OBJ = auth/auth_server.o
AUTH_UNIX_OBJ = auth/auth_unix.o
AUTH_WINBIND_OBJ = auth/auth_winbind.o
+AUTH_ONEFS_WB_OBJ = auth/auth_onefs_wb.o
AUTH_SCRIPT_OBJ = auth/auth_script.o
AUTH_NETLOGOND_OBJ = auth/auth_netlogond.o
@@ -2343,6 +2344,10 @@ bin/winbi...@shlibext@: $(BINARY_PREREQS)
$(AUTH_WINBIND_OBJ)
@echo Building plugin $@
@$(SHLD_MODULE) $(AUTH_WINBIND_OBJ)
+bin/onefs_...@shlibext@: $(BINARY_PREREQS) $(AUTH_ONEFS_WB_OBJ)
+ @echo Building plugin $@
+ @$(SHLD_MODULE) $(AUTH_ONEFS_WB_OBJ)
+
bin/un...@shlibext@: $(BINARY_PREREQS) $(AUTH_UNIX_OBJ)
@echo Building plugin $@
@$(SHLD_MODULE) $(AUTH_UNIX_OBJ)
@@ -2359,6 +2364,10 @@ bin/tdbs...@shlibext@: $(BINARY_PREREQS) passdb/pdb_tdb.o
@echo Building plugin $@
@$(SHLD_MODULE) passdb/pdb_tdb.o
+bin/onefs_s...@shlibext@: $(BINARY_PREREQS) passdb/pdb_onefs_sam.o
+ @echo Building plugin $@
+ @$(SHLD_MODULE) passdb/pdb_onefs_sam.o
+
bin/smbpass...@shlibext@: $(BINARY_PREREQS) passdb/pdb_smbpasswd.o
@echo Building plugin $@
@$(SHLD_MODULE) passdb/pdb_smbpasswd.o
diff --git a/source3/auth/auth_onefs_wb.c b/source3/auth/auth_onefs_wb.c
new file mode 100644
index 000..49de696
--- /dev/null
+++ b/source3/auth/auth_onefs_wb.c
@@ -0,0 +1,134 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Winbind authentication mechnism, customized for onefs
+
+ Copyright (C) Tim Potter 2000
+ Copyright (C) Andrew Bartlett 2001 - 2002
+ Copyright (C) Dan Sledz 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include includes.h
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+/* Authenticate a user with a challenge/response */
+
+static NTSTATUS check_onefs_wb_security(const struct auth_context
*auth_context,
+ void *my_private_data,
+ TALLOC_CTX *mem_ctx,
+ const auth_usersupplied_info *user_info,
+ auth_serversupplied_info **server_info)
+{
+ NTSTATUS
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1046-gc207fe4
The branch, master has been updated via c207fe42a796cf33f1901caeb2c4c1e493b94471 (commit) from fc02c3b0890a9549989bb0aba16588026c6d6b43 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c207fe42a796cf33f1901caeb2c4c1e493b94471 Author: Steven Danneman steven.danne...@isilon.com Date: Fri Feb 20 23:25:49 2009 -0800 s3: Fix build break in d9a842b2 * actually check for existance of sysctlbyname() --- Summary of changes: source3/configure.in | 22 +++--- 1 files changed, 3 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 7fe824c..bd3d4af 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -837,25 +837,6 @@ if test x$samba_cv_msghdr_msg_control = xyes; then fi # -# check for sysctlbyname -AC_CACHE_CHECK([for sysctlbyname],samba_cv_sysctlbyname, [ -AC_TRY_COMPILE([ -#include sys/types.h -#include sys/sysctl.h -#include stdlib.h -#include stddef.h], -[ - int sysctl_max; - size_t size = sizeof(sysctl_max); - sysctlbyname(test, sysctl_max, size, NULL, 0); -], - samba_cv_sysctlbyname=yes,samba_cv_sysctlbyname=no)]) -if test x$samba_cv_msghdr_msg_control = xyes; then -AC_DEFINE(HAVE_SYSCTLBYNAME,1, -[If we support sysctlbyname api]) -fi - -# # check for fd passing struct via msg_acctrights AC_CACHE_CHECK([for fd passing via msg_acctrights], samba_cv_msghdr_msg_acctrights, [ @@ -1063,6 +1044,9 @@ AC_SEARCH_LIBS(backtrace_symbols, [execinfo]) AC_CHECK_FUNCS(backtrace_symbols) AC_CHECK_LIB(exc, trace_back_stack) +# check for sysctlbyname for BSD systems +AC_CHECK_FUNCS(sysctlbyname) + printf %s checking for GPFS GPL libs... save_LIBS=$LIBS LIBS=$LIBS -lgpfs_gpl -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-984-gc192144
The branch, master has been updated
via c19214424b0f8ca0dfa5970880e54807880c443c (commit)
via 03421944b2bd82caf13946b745e4d634f0559f82 (commit)
via c441f58dedc465f59060296815a0bc7f9aeb743f (commit)
from cdcd525a05ce851dcb338dfa8c9be3009194aa96 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c19214424b0f8ca0dfa5970880e54807880c443c
Author: todd stecher todd.stec...@gmail.com
Date: Thu Feb 12 13:03:03 2009 -0800
S3: Log warning in smbstatus about lack of pid in anonymous mode.
commit 03421944b2bd82caf13946b745e4d634f0559f82
Author: todd stecher todd.stec...@gmail.com
Date: Thu Feb 12 00:11:38 2009 -0800
S3: Stop creating SMBD cores when failing to create a pipe.
This was uncovered when the MAX FD limit was hit, causing an instant core
and invoking error reporting. This fix causes SMBD to exit, but without
building a core.
commit c441f58dedc465f59060296815a0bc7f9aeb743f
Author: todd stecher todd.stec...@gmail.com
Date: Tue Feb 17 16:16:35 2009 -0800
S3: Allow SMBD processes to survive in low memory condidtions
This commit adds a configure argument which allows for setting MADV_PROTECT
in the madvise() API. With this enabled the kernel won't kill SMBD when
it's running low on memory.
---
Summary of changes:
source3/configure.in| 28
source3/include/includes.h |4
source3/lib/select.c| 12 +++-
source3/printing/printing.c | 10 +++---
source3/smbd/server.c | 11 +++
source3/utils/status.c |4
6 files changed, 65 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/configure.in b/source3/configure.in
index 691d0a8..57d475f 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -4718,6 +4718,34 @@ SMB_LIBRARY(lua, 0)
SMB_LIBRARY(addns, 0, no, [undefined API])
+#
+# check to see if we should set the protected madvise flag,
+# which will keep smbd alive in low memory conditions
+AC_MSG_CHECKING(whether to protect smbd from being killed in low memory)
+AC_ARG_WITH(madvise-protect,
+[AS_HELP_STRING([--with-madvise-protect], [Include low memory madvise
protection (default=no)])],
+[ case $withval in
+ yes)
+AC_TRY_COMPILE([
+#include sys/mman.h
+],[
+int a = MADV_PROTECT;
+],
+[samba_cv_madvise_protect=yes],
+[samba_cv_madvise_protect=no])
+if test x$samba_cv_madvise_protect = xyes; then
+AC_MSG_RESULT(yes)
+AC_DEFINE(WITH_MADVISE_PROTECTED,1,[Whether to include low memory
protection support])
+else
+AC_MSG_ERROR(Low memory protection supporte requires availability of
MADVISE_PROTECT flag.)
+fi
+;;
+ *)
+AC_MSG_RESULT(no)
+;;
+ esac ],
+ AC_MSG_RESULT(no)
+)
#
# these tests are taken from the GNU fileutils package
diff --git a/source3/include/includes.h b/source3/include/includes.h
index a9f813b..1906830 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -241,6 +241,10 @@ typedef int ber_int_t;
#include aio.h
#endif
+#ifdef WITH_MADVISE_PROTECTED
+#include sys/mman.h
+#endif
+
/* Special macros that are no-ops except when run under Valgrind on
* x86. They've moved a little bit from valgrind 1.0.4 to 1.9.4 */
#if HAVE_VALGRIND_MEMCHECK_H
diff --git a/source3/lib/select.c b/source3/lib/select.c
index 14e5925..a58530a 100644
--- a/source3/lib/select.c
+++ b/source3/lib/select.c
@@ -59,7 +59,17 @@ int sys_select(int maxfd, fd_set *readfds, fd_set *writefds,
fd_set *errorfds, s
if (initialised != sys_getpid()) {
if (pipe(select_pipe) == -1)
- smb_panic(Could not create select pipe);
+ {
+ DEBUG(0, (sys_select: pipe failed (%s)\n,
+ strerror(errno)));
+ if (readfds != NULL)
+ FD_ZERO(readfds);
+ if (writefds != NULL)
+ FD_ZERO(writefds);
+ if (errorfds != NULL)
+ FD_ZERO(errorfds);
+ return -1;
+ }
/*
* These next two lines seem to fix a bug with the Linux
diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index 17ddc55..7179184 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -1478,9 +1478,13 @@ void start_background_queue(void)
ret = sys_select(maxfd, r_fds, w_fds, NULL, to);
- /* If pause_pipe[1] is closed it means the parent smbd
-
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-987-g053e187
The branch, master has been updated
via 053e1873c5dd30e7bb3102692ba79e280034c392 (commit)
via 176e8857203944bc332844b700749120ce90c891 (commit)
via 8e8aa27e1b1366c8c4e3cf6d8a681fec80cca858 (commit)
from c19214424b0f8ca0dfa5970880e54807880c443c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 053e1873c5dd30e7bb3102692ba79e280034c392
Author: Zack Kirsch zack.kir...@isilon.com
Date: Wed Feb 18 20:39:20 2009 -0800
s3: OneFS: Pass in the client's fnum to the ifs_cbrl syscall.
commit 176e8857203944bc332844b700749120ce90c891
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Wed Feb 18 18:26:39 2009 -0800
s3: Fix OneFS bug opening streams with truncating disposition
Do not attempt to delete streams on a truncating open, if the name we're
opening is itself a stream
commit 8e8aa27e1b1366c8c4e3cf6d8a681fec80cca858
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Wed Feb 18 17:36:25 2009 -0800
s3: Fix streams enumeration bug in OneFS implementation
Previously, we didnât call SMB_VFS_OPEN_DIR from the streams module,
instead we called fdopendir(). As a result we failed to populate the
dir_state list in the readdirplus module. So when we tried to view the
stream data, we will always returned NULL.
To solve this I separated onefs_opendir() and the initialization of
the dir_state list. This is done by introducing a new utility function
âonefs_rdp_add_dir_state()â, which initializes the dir_state structure
and adds it to the dir_state list. This function is called from the
streams module before calling readdir().
---
Summary of changes:
source3/modules/onefs.h |3 ++
source3/modules/onefs_cbrl.c|7 ++--
source3/modules/onefs_dir.c | 70 +--
source3/modules/onefs_open.c|2 +-
source3/modules/onefs_streams.c | 13 +++
5 files changed, 73 insertions(+), 22 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h
index b979cfd..c002739 100644
--- a/source3/modules/onefs.h
+++ b/source3/modules/onefs.h
@@ -224,6 +224,9 @@ NTSTATUS onefs_split_ntfs_stream_name(TALLOC_CTX *mem_ctx,
const char *fname,
bool onefs_get_config(int snum, int config_type,
struct onefs_vfs_config *cfg);
+
+int onefs_rdp_add_dir_state(connection_struct *conn, SMB_STRUCT_DIR *dirp);
+
/*
* System Interfaces
*/
diff --git a/source3/modules/onefs_cbrl.c b/source3/modules/onefs_cbrl.c
index 539b1a7..a860023 100644
--- a/source3/modules/onefs_cbrl.c
+++ b/source3/modules/onefs_cbrl.c
@@ -318,7 +318,8 @@ NTSTATUS onefs_brl_lock_windows(vfs_handle_struct *handle,
DEBUG(10, (Calling ifs_cbrl(LOCK)...));
error = ifs_cbrl(fd, CBRL_OP_LOCK, exclusive, plock-start,
- plock-size, async, id, plock-context.smbpid, plock-context.tid);
+ plock-size, async, id, plock-context.smbpid, plock-context.tid,
+ plock-fnum);
if (!error) {
goto success;
} else if (errno == EWOULDBLOCK) {
@@ -376,7 +377,7 @@ bool onefs_brl_unlock_windows(vfs_handle_struct *handle,
DEBUG(10, (Calling ifs_cbrl(UNLOCK)...));
error = ifs_cbrl(fd, CBRL_OP_UNLOCK, CBRL_NOTYPE,
plock-start, plock-size, CBRL_NOTYPE, 0, plock-context.smbpid,
- plock-context.tid);
+ plock-context.tid, plock-fnum);
if (error) {
DEBUG(10, (returning false.\n));
return false;
@@ -425,7 +426,7 @@ bool onefs_brl_cancel_windows(vfs_handle_struct *handle,
DEBUG(10, (Calling ifs_cbrl(CANCEL)...));
error = ifs_cbrl(fd, CBRL_OP_CANCEL, CBRL_NOTYPE, plock-start,
plock-size, CBRL_NOTYPE, bs-id, plock-context.smbpid,
- plock-context.tid);
+ plock-context.tid, plock-fnum);
if (error) {
DEBUG(10, (returning false\n));
bs-state = ONEFS_CBRL_ERROR;
diff --git a/source3/modules/onefs_dir.c b/source3/modules/onefs_dir.c
index 3c1a836..83622b2 100644
--- a/source3/modules/onefs_dir.c
+++ b/source3/modules/onefs_dir.c
@@ -183,6 +183,54 @@ rdp_fill_cache(struct rdp_dir_state *dsp)
}
/**
+ * Create a dir_state to track an open directory that we're enumerating.
+ *
+ * This utility function is globally accessible for use by other parts of the
+ * onefs.so module to initialize a dir_state when a directory is opened through
+ * a path other than the VFS layer.
+ *
+ * @return 0 on success and errno on failure
+ *
+ * @note: Callers of this function MUST cleanup the dir_state through a proper
+ * call to VFS_CLOSEDIR().
+ */
+int
+onefs_rdp_add_dir_state(connection_struct *conn, SMB_STRUCT_DIR *dirp)
+{
+ int ret = 0;
+
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-831-g5cd4b7b
The branch, master has been updated
via 5cd4b7b7c03df6e896186d985b6858a06aa40b3f (commit)
from feec49d5cd07a69991d1bc6dc6325ecda21a19a8 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5cd4b7b7c03df6e896186d985b6858a06aa40b3f
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Feb 12 13:01:45 2009 -0800
s3: Added new parameter map untrusted to domain
When enabled this reverts smbd to the legacy domain remapping behavior when
a user provides an untrusted domain
This partially reverts d8c54fdd
---
Summary of changes:
WHATSNEW.txt | 23 +--
source3/auth/auth_util.c | 12
source3/include/proto.h |2 ++
source3/param/loadparm.c | 13 +
source3/passdb/passdb.c | 18 ++
5 files changed, 62 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 65d226c..066f718 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -10,8 +10,27 @@ system at https://bugzilla.samba.org/.
Major enhancements in Samba 3.4.0 include:
-o
-
+Authentication Changes:
+o Changed the way smbd handles untrusted domain names given during user
+ authentication
+
+Authentication Changes
+==
+
+Previously, when Samba was a domain member and a client was connecting using an
+untrusted domain name, such as BOGUS\user smbd would remap the untrusted
+domain to the primary domain smbd was a member of and attempt authentication
+using that DOMAIN\user name. This differed from how a Windows member server
+would behave. Now, smbd will replace the BOGUS name with it's SAM name. In
+the case where smbd is acting as a PDC this will be DOMAIN\user. In the case
+where smbd is acting as a domain member server this will be WORKSTATION\user.
+Thus, smbd will never assume that an incoming user name which is not qualified
+with the same primary domain, is part of smbd's primary domain.
+
+While this behavior matches Windows, it may break some workflows which depended
+on smbd to always pass through bogus names to the DC for verification. A new
+parameter map untrusted to domain can be enabled to revert to the legacy
+behavior.
##
Reporting bugs Development Discussion
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index f942b2e..892e5c4 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -226,14 +226,18 @@ NTSTATUS make_user_info_map(auth_usersupplied_info
**user_info,
if (!is_trusted_domain(domain)
!strequal(domain, get_global_sam_name()) )
{
- domain = get_global_sam_name();
- DEBUG(5, (Mapped domain from [%s] to [%s] for user [%s] on
+ if (lp_map_untrusted_to_domain())
+ domain = my_sam_name();
+ else
+ domain = get_global_sam_name();
+ DEBUG(5, (Mapped domain from [%s] to [%s] for user [%s] from
workstation [%s]\n,
client_domain, domain, smb_name, wksta_name));
}
- /* we know that it is a trusted domain (and we are allowing them) or it
-* is our domain */
+ /* We know that the given domain is trusted (and we are allowing them),
+* it is our global SAM name, or for legacy behavior it is our
+* primary domain name */
result = make_user_info(user_info, smb_name, internal_username,
client_domain, domain, wksta_name,
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 2365015..7ad063e 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -4067,6 +4067,7 @@ bool lp_nt_status_support(void);
bool lp_stat_cache(void);
int lp_max_stat_cache_size(void);
bool lp_allow_trusted_domains(void);
+bool lp_map_untrusted_to_domain(void);
int lp_restrict_anonymous(void);
bool lp_lanman_auth(void);
bool lp_ntlm_auth(void);
@@ -4435,6 +4436,7 @@ bool sid_check_is_in_our_domain(const DOM_SID *sid);
/* The following definitions come from passdb/passdb.c */
+const char *my_sam_name(void);
struct samu *samu_new( TALLOC_CTX *ctx );
NTSTATUS samu_set_unix(struct samu *user, const struct passwd *pwd);
NTSTATUS samu_alloc_rid_unix(struct samu *user, const struct passwd *pwd);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 0dfbb09..a127ec5 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -345,6 +345,7 @@ struct global {
struct param_opt_struct *param_opt;
int cups_connection_timeout;
char *szSMBPerfcountModule;
+ bool bMapUntrustedToDomain;
};
static struct global Globals;
@@ -1776,6 +1777,15
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-833-gdc19a60
The branch, master has been updated
via dc19a60e50b89886f98541ad227e6f3a3bc8720b (commit)
from 1b6543c5f9acea16b1ec4cf6d7c46283732b4522 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit dc19a60e50b89886f98541ad227e6f3a3bc8720b
Author: Steven Danneman steven.danne...@isilon.com
Date: Thu Feb 12 14:07:30 2009 -0800
s3 onefs: rename custom parameter to plural to match previous usage
---
Summary of changes:
source3/modules/onefs.h |4 ++--
source3/modules/onefs_acl.c |4 ++--
source3/modules/onefs_open.c |2 +-
3 files changed, 5 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h
index 72be682..b88719f 100644
--- a/source3/modules/onefs.h
+++ b/source3/modules/onefs.h
@@ -48,8 +48,8 @@ enum onefs_acl_wire_format
#define PARM_CREATOR_OWNER_GETS_FULL_CONTROL_DEFAULT true
#define PARM_CTIME_NOW ctime now files
#define PARM_CTIME_SLOPctime now slop
-#define PARM_IGNORE_SACL ignore sacl
-#define PARM_IGNORE_SACL_DEFAULT false
+#define PARM_IGNORE_SACLS ignore sacls
+#define PARM_IGNORE_SACLS_DEFAULT false
#define PARM_MTIME_NOW mtime now files
#define PARM_MTIME_STATIC mtime static files
#define PARM_MTIME_SLOPmtime now slop
diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c
index 0239479..7bc4a17 100644
--- a/source3/modules/onefs_acl.c
+++ b/source3/modules/onefs_acl.c
@@ -620,7 +620,7 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct
*fsp,
fsp-fsp_name, security_info));
if (lp_parm_bool(SNUM(fsp-conn), PARM_ONEFS_TYPE,
- PARM_IGNORE_SACL, PARM_IGNORE_SACL_DEFAULT)) {
+ PARM_IGNORE_SACLS, PARM_IGNORE_SACLS_DEFAULT)) {
DEBUG(5, (Ignoring SACL on %s.\n, fsp-fsp_name));
security_info = ~SACL_SECURITY_INFORMATION;
}
@@ -851,7 +851,7 @@ NTSTATUS onefs_samba_sd_to_sd(uint32 security_info_sent,
SEC_DESC *psd,
if (security_info_sent SACL_SECURITY_INFORMATION) {
if (lp_parm_bool(snum, PARM_ONEFS_TYPE,
- PARM_IGNORE_SACL, PARM_IGNORE_SACL_DEFAULT)) {
+ PARM_IGNORE_SACLS, PARM_IGNORE_SACLS_DEFAULT)) {
DEBUG(5, (Ignoring SACLs.\n));
security_info_sent = ~SACL_SECURITY_INFORMATION;
} else {
diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c
index e335dc7..1f5f855 100644
--- a/source3/modules/onefs_open.c
+++ b/source3/modules/onefs_open.c
@@ -745,7 +745,7 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn,
}
if (lp_parm_bool(SNUM(fsp-conn), PARM_ONEFS_TYPE,
- PARM_IGNORE_SACL, PARM_IGNORE_SACL_DEFAULT)) {
+ PARM_IGNORE_SACLS, PARM_IGNORE_SACLS_DEFAULT)) {
access_mask = ~SYSTEM_SECURITY_ACCESS;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-806-gd8c54fd
The branch, master has been updated
via d8c54fddda2dba3cbc5fc13e93431b152813892e (commit)
via 3b8a57e064250c6e46458e69ba156aa5d8c22059 (commit)
via aed8e9aa0a887e31562ac9da38ee4a878a4dd4ba (commit)
via 4e69f23857289bd58f4adad85602c8afc3bed03a (commit)
via 989944f8e9a27515c80ade8f1670c80d80b472a4 (commit)
from ce6125e9ec2196b7658e4e87eae3b0ae963b6ab5 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d8c54fddda2dba3cbc5fc13e93431b152813892e
Author: Dan Sledz dsl...@isilon.com
Date: Tue Feb 10 15:50:39 2009 -0800
s3: Change behavior when seeing an unknown domain.
After a lot of testing against various Windows servers (W2K, W2K3, W2K8),
within an AD domain it seems that unknown domains will only be translated
to the local account domain, not the netbios name of the member server's
domain. This makes samba act more like Windows.
commit 3b8a57e064250c6e46458e69ba156aa5d8c22059
Author: Dan Sledz dsl...@isilon.com
Date: Tue Feb 10 13:59:10 2009 -0800
s3: Implement wbcGetSidAliases
* Adds wbcGetSidAliases that calls the lookup_useraliases function.
* Updates wbinfo and winbind_util.c to call the new function.
* Also added winbind_get_groups helper function.
commit aed8e9aa0a887e31562ac9da38ee4a878a4dd4ba
Author: Dan Sledz dsl...@isilon.com
Date: Tue Feb 10 11:06:44 2009 -0800
s3: Implement wbcGetpwsid
* Adds the plumbing required to lookup users by sid into winbind, wbinfo
and smbd helper lib (winbind_util.c).
* Removes some double declarations of winbind_util.c functions.
* Bumps the winbind protocol version to 21 and the minor version of
wbclient to 3.
commit 4e69f23857289bd58f4adad85602c8afc3bed03a
Author: Dan Sledz dsl...@isilon.com
Date: Sun Feb 8 11:40:26 2009 -0800
Fix double free caused by incorrect talloc_steal usage.
commit 989944f8e9a27515c80ade8f1670c80d80b472a4
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Feb 11 16:06:18 2009 -0800
Added nsswitch/ object files to make clean
* also removed duplicate paths to lib directories in make clean
---
Summary of changes:
nsswitch/libwbclient/wbc_pwd.c | 39 ++
nsswitch/libwbclient/wbc_sid.c | 139
nsswitch/libwbclient/wbclient.h| 24 ++-
nsswitch/wbinfo.c | 101 ++
nsswitch/winbind_struct_protocol.h | 12 +++-
source3/Makefile.in|9 +--
source3/auth/auth_util.c | 61 ++--
source3/include/proto.h| 30 -
source3/lib/winbind_util.c | 131 +
source3/passdb/passdb.c| 19 -
source3/winbindd/winbindd.c|3 +
source3/winbindd/winbindd_async.c | 90 +---
source3/winbindd/winbindd_domain.c |4 +
source3/winbindd/winbindd_group.c | 115 +
source3/winbindd/winbindd_proto.h |4 +
source3/winbindd/winbindd_user.c | 28 ++-
16 files changed, 648 insertions(+), 161 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/libwbclient/wbc_pwd.c b/nsswitch/libwbclient/wbc_pwd.c
index cd94599..dacd949 100644
--- a/nsswitch/libwbclient/wbc_pwd.c
+++ b/nsswitch/libwbclient/wbc_pwd.c
@@ -190,6 +190,45 @@ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd)
return wbc_status;
}
+/* Fill in a struct passwd* for a domain user based on sid */
+wbcErr wbcGetpwsid(struct wbcDomainSid *sid, struct passwd **pwd)
+{
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct winbindd_request request;
+ struct winbindd_response response;
+ char * sid_string = NULL;
+
+ if (!pwd) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
+ }
+
+ wbc_status = wbcSidToString(sid, sid_string);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ /* Initialize request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ strncpy(request.data.sid, sid_string, sizeof(request.data.sid));
+
+ wbc_status = wbcRequestResponse(WINBINDD_GETPWSID,
+ request,
+ response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ *pwd = copy_passwd_entry(response.data.pw);
+ BAIL_ON_PTR_ERROR(*pwd, wbc_status);
+
+ done:
+ if (sid_string) {
+ wbcFreeMemory(sid_string);
+ }
+
+ return wbc_status;
+}
+
/* Fill in a struct passwd* for a domain user based on username */
wbcErr wbcGetgrnam(const char *name, struct group **grp)
{
diff --git a/nsswitch/libwbclient/wbc_sid.c b/nsswitch/libwbclient/wbc_sid.c
index e2157b9..46c59a9
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-714-g11f60a6
The branch, master has been updated via 11f60a62a1d7633e9a8ec62da18ed9ababa694df (commit) via 6272f4c2f453c509b8a3893d4c2ac5fc356b348d (commit) via 25d345eb39c69b2b42a966846ae893b068de40a4 (commit) via af0e199b31ea4132e369508d72888757887b3327 (commit) from 9a7491e83177ba32e30f29e1b84b8b8be9888953 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 11f60a62a1d7633e9a8ec62da18ed9ababa694df Author: Steven Danneman steven.danne...@isilon.com Date: Mon Jan 26 20:14:32 2009 -0800 s3: OneFS bulk directory enumeration support OneFS provides the bulk directory enumeration syscall readdirplus(). This syscall has the same semantics as the NFSv3 READDIRPLUS command, returning a batch of directory entries with prefetched stat information via one syscall. This commit wraps the readdirplus() call in the existing POSIX readdir/seekdir VFS interface. By default a batch of 128 directory entries are optimistically read from the kernel into a global cache, and fed to iterative calls of VFS_OP_READDIR. The global buffers could be avoided in the future by hanging connection specific buffers off the conn struct. Added new parameter onefs:use readdirplus which toggles usage of this code on or off. commit 6272f4c2f453c509b8a3893d4c2ac5fc356b348d Author: Steven Danneman steven.danne...@isilon.com Date: Mon Feb 2 21:37:51 2009 -0800 s3: Added SMB_VFS_INIT_SEARCH_OP to initialize data at the beginning of SMB search requests. By default this VFS call is a NOOP, but the onefs vfs module takes advantage of it to initialize direntry search caches at the beginning of each TRANS2_FIND_FIRST, TRANS2_FIND_NEXT, SMBffirst, SMBsearch, and SMBunique commit 25d345eb39c69b2b42a966846ae893b068de40a4 Author: Steven Danneman steven.danne...@isilon.com Date: Thu Jan 22 20:18:56 2009 -0800 Pass stat buffer down through all levels of VFS_READDIR wrappers * VFS_OP_READDIR can now provide stat information, take advantage of it if it's available * is_visible_file(): optimistically expect the provided stat buffer is already valid * dptr_ReadDirName(): refactor code for easier readability, functionality is the same commit af0e199b31ea4132e369508d72888757887b3327 Author: Steven Danneman steven.danne...@isilon.com Date: Thu Jan 22 20:14:38 2009 -0800 Add an optional SMB_STRUCT_SMB parameter to VFS_OP_READDIR * this allows VFS implementations that prefetch stat information on readdir to return it through one VFS call * backwards compatibility is maintained by passing in NULL * if the system readdir doesn't return stat info, the stat struct is set to invalid --- Summary of changes: source3/Makefile.in |2 +- source3/include/proto.h |6 +- source3/include/vfs.h | 15 +- source3/include/vfs_macros.h| 11 +- source3/modules/onefs.h | 46 ++- source3/modules/onefs_dir.c | 636 +++ source3/modules/onefs_streams.c |2 +- source3/modules/vfs_cap.c |2 +- source3/modules/vfs_catia.c |5 +- source3/modules/vfs_default.c | 16 +- source3/modules/vfs_full_audit.c| 21 +- source3/modules/vfs_onefs.c | 24 ++- source3/modules/vfs_shadow_copy.c |4 +- source3/modules/vfs_shadow_copy2.c |2 +- source3/modules/vfs_streams_depot.c |2 +- source3/smbd/dir.c | 180 ++- source3/smbd/filename.c |2 +- source3/smbd/msdfs.c|4 +- source3/smbd/reply.c| 24 +- source3/smbd/trans2.c | 12 +- source3/smbd/vfs.c |4 +- source3/torture/cmd_vfs.c | 35 ++- 22 files changed, 912 insertions(+), 143 deletions(-) create mode 100644 source3/modules/onefs_dir.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 2049953..6e453c9 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -664,7 +664,7 @@ VFS_ACL_XATTR_OBJ = modules/vfs_acl_xattr.o VFS_ACL_TDB_OBJ = modules/vfs_acl_tdb.o VFS_SMB_TRAFFIC_ANALYZER_OBJ = modules/vfs_smb_traffic_analyzer.o VFS_ONEFS_OBJ = modules/vfs_onefs.o modules/onefs_acl.o modules/onefs_system.o \ - modules/onefs_open.o modules/onefs_streams.o + modules/onefs_open.o modules/onefs_streams.o modules/onefs_dir.c PERFCOUNT_ONEFS_OBJ = modules/perfcount_onefs.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o diff --git a/source3/include/proto.h b/source3/include/proto.h index 1566a01..849bed3 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6495,6 +6495,7
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-749-ga45c5c6
The branch, master has been updated
via a45c5c607ab3c43d947dad96b46a94b81b6a9559 (commit)
via 9d4d2f70cbf83919a11c194c8234de269c5d91ee (commit)
from fdd282afa3e80712790c5bbac84bf4f88644692a (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a45c5c607ab3c43d947dad96b46a94b81b6a9559
Author: todd stecher todd.stec...@gmail.com
Date: Tue Feb 10 12:14:39 2009 -0800
S3: Add in missing full audit entries.
commit 9d4d2f70cbf83919a11c194c8234de269c5d91ee
Author: todd stecher todd.stec...@gmail.com
Date: Mon Feb 9 13:25:59 2009 -0800
S3: Fixes for coverity issues.
---
Summary of changes:
source3/auth/pampass.c |4 +-
source3/lib/smbrun.c | 14 +---
source3/modules/vfs_full_audit.c | 40 -
source3/utils/net_ads.c | 10 -
source3/utils/net_cache.c|3 +-
source3/utils/ntlm_auth.c|5 ++-
6 files changed, 60 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c
index 4312b77..4eec269 100644
--- a/source3/auth/pampass.c
+++ b/source3/auth/pampass.c
@@ -276,7 +276,7 @@ static int smb_pam_passchange_conv(int num_msg,
fstring current_prompt;
fstring current_reply;
struct smb_pam_userdata *udp = (struct smb_pam_userdata *)appdata_ptr;
- struct chat_struct *pw_chat= make_pw_chat(lp_passwd_chat());
+ struct chat_struct *pw_chat;
struct chat_struct *t;
bool found;
*resp = NULL;
@@ -286,7 +286,7 @@ static int smb_pam_passchange_conv(int num_msg,
if (num_msg = 0)
return PAM_CONV_ERR;
- if (pw_chat == NULL)
+ if ((pw_chat = make_pw_chat(lp_passwd_chat())) == NULL)
return PAM_CONV_ERR;
/*
diff --git a/source3/lib/smbrun.c b/source3/lib/smbrun.c
index 3199071..fdccd9e 100644
--- a/source3/lib/smbrun.c
+++ b/source3/lib/smbrun.c
@@ -183,11 +183,17 @@ static int smbrun_internal(const char *cmd, int *outfd,
bool sanitize)
#endif
{
- const char *newcmd = sanitize ? escape_shell_string(cmd) : cmd;
- if (!newcmd) {
- exit(82);
+ char *newcmd = NULL;
+ if (sanitize) {
+ newcmd = escape_shell_string(cmd);
+ if (!newcmd)
+ exit(82);
}
- execl(/bin/sh,sh,-c,newcmd,NULL);
+
+ execl(/bin/sh,sh,-c,
+ newcmd ? (const char *)newcmd : cmd, NULL);
+
+ SAFE_FREE(newcmd);
}
/* not reached */
diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
index e7ca77f..faa91c3 100644
--- a/source3/modules/vfs_full_audit.c
+++ b/source3/modules/vfs_full_audit.c
@@ -90,7 +90,7 @@ static int smb_full_audit_get_shadow_copy_data(struct
vfs_handle_struct *handle,
static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
const char *path,
struct vfs_statvfs_struct *statbuf);
-
+static int smb_full_audit_fs_capabilities(struct vfs_handle_struct *handle);
static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
const char *fname, const char *mask, uint32 attr);
static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
@@ -335,11 +335,13 @@ static int smb_full_audit_aio_cancel(struct
vfs_handle_struct *handle, struct fi
static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct
files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct
files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb);
static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct
files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct
timespec *ts);
+static bool smb_full_audit_aio_force(struct vfs_handle_struct *handle,
+struct files_struct *fsp);
/* VFS operations */
static vfs_op_tuple audit_op_tuples[] = {
-
+
/* Disk operations */
{SMB_VFS_OP(smb_full_audit_connect),SMB_VFS_OP_CONNECT,
@@ -356,6 +358,8 @@ static vfs_op_tuple audit_op_tuples[] = {
SMB_VFS_LAYER_LOGGER},
{SMB_VFS_OP(smb_full_audit_statvfs),SMB_VFS_OP_STATVFS,
SMB_VFS_LAYER_LOGGER},
+ {SMB_VFS_OP(smb_full_audit_fs_capabilities), SMB_VFS_OP_FS_CAPABILITIES,
+SMB_VFS_LAYER_LOGGER},
/* Directory operations */
@@ -520,7 +524,7 @@ static vfs_op_tuple audit_op_tuples[] = {
SMB_VFS_LAYER_LOGGER},
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-701-gb4a4d4c
The branch, master has been updated
via b4a4d4c9d06c93188d9705f944cde8ed359bd3f3 (commit)
from 1d65b7a742eede647c893bac04f3a695e66228f5 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b4a4d4c9d06c93188d9705f944cde8ed359bd3f3
Author: todd stecher todd.stec...@gmail.com
Date: Sun Feb 8 23:43:21 2009 -0800
S3: Various fixes for log2pcaphex utility
---
Summary of changes:
source3/utils/log2pcaphex.c | 162 ++-
1 files changed, 113 insertions(+), 49 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/log2pcaphex.c b/source3/utils/log2pcaphex.c
index 20cc40c..072d659 100644
--- a/source3/utils/log2pcaphex.c
+++ b/source3/utils/log2pcaphex.c
@@ -8,10 +8,33 @@
Portions (from capconvert.c) (C) Andrew Tridgell 1997
Portions (from text2pcap.c) (C) Ashok Narayanan 2001
- Example use with -h parameter:
- log2pcaphex samba-log-file | text2pcap -T 139,139 - foo.pcap
-
- TODO: Have correct IP and TCP checksums.
+ Example:
+ Output NBSS(SMB) packets in hex and convert to pcap adding
+ Eth/IP/TCP headers
+
+ log2pcap -h samba.log | text2pcap -T 139,139 - samba.pcap
+
+ Output directly to pcap format without Eth headers or TCP
+ sequence numbers
+
+ log2pcap samba.log samba.pcap
+
+TODO:
+ - Hex to text2pcap outputs are not properly parsed in Wireshark
+ the NBSS or SMB level. This is a bug.
+ - Writing directly to pcap format doesn't include sequence numbers
+ in the TCP packets
+ - Check if a packet is a response or request and set IP to/from
+ addresses accordingly. Currently all packets come from the same
+ dummy IP and go to the same dummy IP
+ - Add a message when done parsing about the number of pacekts
+ processed
+ - Parse NBSS packet header data from log file
+ - Have correct IP and TCP checksums.
+
+ Warning:
+ Samba log level 10 outputs a max of 512 bytes from the packet data
+ section. Packets larger than this will be truncated.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -35,8 +58,8 @@
#include assert.h
-bool quiet = 0;
-bool hexformat = 0;
+int quiet = 0;
+int hexformat = 0;
#define itoa(a) ((a) 0xa?'0'+(a):'A' + (a-0xa))
@@ -95,7 +118,7 @@ typedef struct {
static hdr_tcp_t HDR_TCP = {139, 139, 0, 0, 0x50, 0, 0, 0, 0};
-static void print_pcap_header(FILE *out)
+void print_pcap_header(FILE *out)
{
struct tcpdump_file_header h;
h.magic = TCPDUMP_MAGIC;
@@ -108,7 +131,7 @@ static void print_pcap_header(FILE *out)
fwrite(h, sizeof(struct tcpdump_file_header), 1, out);
}
-static void print_pcap_packet(FILE *out, unsigned char *data, long length,
long caplen)
+void print_pcap_packet(FILE *out, unsigned char *data, long length, long
caplen)
{
static int i = 0;
struct tcpdump_packet p;
@@ -121,7 +144,7 @@ static void print_pcap_packet(FILE *out, unsigned char
*data, long length, long
fwrite(data, sizeof(unsigned char), caplen, out);
}
-static void print_hex_packet(FILE *out, unsigned char *data, long length)
+void print_hex_packet(FILE *out, unsigned char *data, long length)
{
long i,cur = 0;
while(cur length) {
@@ -135,13 +158,13 @@ static void print_hex_packet(FILE *out, unsigned char
*data, long length)
}
}
-static void print_netbios_packet(FILE *out, unsigned char *data, long length,
long actual_length)
+void print_netbios_packet(FILE *out, unsigned char *data, long length, long
actual_length)
{
unsigned char *newdata; long offset = 0;
long newlen;
newlen = length+sizeof(HDR_IP)+sizeof(HDR_TCP);
- newdata = (unsigned char *)malloc(newlen);
+ newdata = malloc(newlen);
HDR_IP.packet_length = htons(newlen);
HDR_TCP.window = htons(0x2000);
@@ -156,68 +179,115 @@ static void print_netbios_packet(FILE *out, unsigned
char *data, long length, lo
}
unsigned char *curpacket = NULL;
-long curpacket_len = 0;
-
-static void read_log_msg(FILE *in, unsigned char **_buffer, long *buffersize,
long *data_offset, long *data_length)
+unsigned short curpacket_len = 0;
+long line_num = 0;
+
+/* Read the log message produced by lib/util.c:show_msg() containing the:
+ * SMB_HEADER
+ * SMB_PARAMETERS
+ * SMB_DATA.ByteCount
+ *
+ * Example:
+ * [2007/04/08 20:41:39, 5] lib/util.c:show_msg(516)
+ * size=144
+ * smb_com=0x73
+ * smb_rcls=0
+ * smb_reh=0
+ * smb_err=0
+ * smb_flg=136
+ * smb_flg2=49153
+ * smb_tid=1
+ * smb_pid=65279
+ * smb_uid=0
+ * smb_mid=64
+ * smt_wct=3
+ * smb_vwv[ 0]= 117 (0x75)
+ * smb_vwv[
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-484-g83cf98f
The branch, master has been updated
via 83cf98f113541acca5a9b4d6ad084d401b64706f (commit)
from 7435b877c7969a72b6b17d3ce4df87c5629882b8 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 83cf98f113541acca5a9b4d6ad084d401b64706f
Author: Aravind Srinivasan aravind.sriniva...@isilon.com
Date: Wed Feb 4 16:05:36 2009 -0800
Have nmbd check all available interfaces for WINS before failing
When nmbd is acting as WINS, it picks the first interface's IP as WINS
server's IP. If the first interface's IP is zero, we will just quit
(even though we might have other interfaces with valid IPs).
This patch makes nmbd look at all interfaces and pick the first interface
with a valid IP as the WINS server's IP.
---
Summary of changes:
source3/lib/interface.c|7 +--
source3/nmbd/nmbd_become_dmb.c |3 ++-
source3/nmbd/nmbd_subnetdb.c |3 ++-
3 files changed, 9 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/interface.c b/source3/lib/interface.c
index 48fa4d3..b32ccb9 100644
--- a/source3/lib/interface.c
+++ b/source3/lib/interface.c
@@ -151,7 +151,8 @@ int iface_count_v4_nl(void)
}
/
- Return a pointer to the in_addr of the first IPv4 interface.
+ Return a pointer to the in_addr of the first IPv4 interface that's
+ not 0.0.0.0.
**/
const struct in_addr *first_ipv4_iface(void)
@@ -159,7 +160,9 @@ const struct in_addr *first_ipv4_iface(void)
struct interface *i;
for (i=local_interfaces;i ;i=i-next) {
- if (i-ip.ss_family == AF_INET) {
+ if ((i-ip.ss_family == AF_INET)
+ (!is_zero_ip_v4(((struct sockaddr_in *)i-ip)-sin_addr)))
+ {
break;
}
}
diff --git a/source3/nmbd/nmbd_become_dmb.c b/source3/nmbd/nmbd_become_dmb.c
index a0b2ef1..827d56c 100644
--- a/source3/nmbd/nmbd_become_dmb.c
+++ b/source3/nmbd/nmbd_become_dmb.c
@@ -128,7 +128,8 @@ in workgroup %s on subnet %s\n,
work-dmb_name = nmbname;
- /* Pick the first interface IPv4 address as the domain master
browser ip. */
+ /* Pick the first interface IPv4 address as the domain master
+* browser ip. */
nip = first_ipv4_iface();
if (!nip) {
DEBUG(0,(become_domain_master_stage2:
diff --git a/source3/nmbd/nmbd_subnetdb.c b/source3/nmbd/nmbd_subnetdb.c
index 61af0bb..13bc931 100644
--- a/source3/nmbd/nmbd_subnetdb.c
+++ b/source3/nmbd/nmbd_subnetdb.c
@@ -287,7 +287,8 @@ bool create_subnets(void)
}
if (lp_we_are_a_wins_server()) {
- /* Pick the first interface IPv4 address as the WINS server ip.
*/
+ /* Pick the first interface IPv4 address as the WINS server
+* ip. */
const struct in_addr *nip = first_ipv4_iface();
if (!nip) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-411-gaf73692
The branch, master has been updated
via af736923a541df1a37afeb72b8a5652932c4c69c (commit)
from cfc27ece109fcc63016ad58c5f584b5459f57945 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit af736923a541df1a37afeb72b8a5652932c4c69c
Author: Björn Jacke b...@sernet.de
Date: Mon Feb 2 13:06:36 2009 +0100
fix for commit d96248a9b46 which broke Heimdal builds
---
Summary of changes:
source3/libads/kerberos_verify.c |6 ++
1 files changed, 6 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index 4483d2b..ec897ad 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -72,9 +72,15 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context
context,
}
/* Get the key for checking the pac signature */
+#ifdef HAVE_ETYPE_IN_ENCRYPTEDDATA /* Heimdal */
+ ret = krb5_kt_get_entry(context, keytab, dec_ticket-server,
+ dec_ticket.enc_part.kvno, dec_ticket.enc_part.etype,
+ kt_entry);
+#else /* MIT */
ret = krb5_kt_get_entry(context, keytab, dec_ticket-server,
dec_ticket-enc_part.kvno, dec_ticket-enc_part.enctype,
kt_entry);
+#endif
if (ret) {
DEBUG(0, (krb5_kt_get_entry failed (%s)\n,
error_message(ret)));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-323-gd96248a
The branch, master has been updated
via d96248a9b46559552f53b0ecd3861387ea7ff050 (commit)
from d75b3913c9e03ff97336aa7a6e1cbac2eb03f230 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d96248a9b46559552f53b0ecd3861387ea7ff050
Author: Dan Sledz dsl...@isilon.com
Date: Thu Jan 15 17:02:41 2009 -0800
Add two new parameters to control how we verify kerberos tickets. Removes
lp_use_kerberos_keytab parameter.
The first is kerberos method and replaces the use kerberos keytab
with an enum. Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab
For existing installs:
use kerberos keytab = yes corresponds to secrets and keytab
use kerberos keytab = no corresponds to secrets only
The major difference between system keytab and dedicated keytab is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.
The second parameter is dedicated keytab file, which is the keytab
to use when in dedicated keytab mode. This keytab is only used in
ads_verify_ticket.
---
Summary of changes:
source3/include/includes.h | 19 +-
source3/include/proto.h |3 +-
source3/libads/kerberos_verify.c | 129 +-
source3/libnet/libnet_join.c |2 +-
source3/param/loadparm.c | 33 --
source3/rpc_server/srv_pipe.c|2 +-
source3/smbd/negprot.c |2 +-
source3/smbd/sesssetup.c |4 +-
source3/utils/net_ads.c |8 +-
source3/winbindd/winbindd_dual.c |2 +-
10 files changed, 170 insertions(+), 34 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/includes.h b/source3/include/includes.h
index c58ebcd..ebd8923 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -879,8 +879,25 @@ char *talloc_asprintf_strupper_m(TALLOC_CTX *t, const char
*fmt, ...) PRINTF_ATT
#define XATTR_REPLACE 0x2 /* set value, fail if attr does not exist */
#endif
-#if defined(HAVE_KRB5)
+/*
+ * This should be under the HAVE_KRB5 flag but since they're used
+ * in lp_kerberos_method(), they ned to be always available
+ */
+#define KERBEROS_VERIFY_SECRETS 0
+#define KERBEROS_VERIFY_SYSTEM_KEYTAB 1
+#define KERBEROS_VERIFY_DEDICATED_KEYTAB 2
+#define KERBEROS_VERIFY_SECRETS_AND_KEYTAB 3
+/*
+ * If you add any entries to the above, please modify the below expressions
+ * so they remain accurate.
+ */
+#define USE_KERBEROS_KEYTAB (KERBEROS_VERIFY_SECRETS != lp_kerberos_method())
+#define USE_SYSTEM_KEYTAB \
+((KERBEROS_VERIFY_SECRETS_AND_KEYTAB == lp_kerberos_method()) || \
+ (KERBEROS_VERIFY_SYSTEM_KEYTAB == lp_kerberos_method()))
+
+#if defined(HAVE_KRB5)
krb5_error_code smb_krb5_parse_name(krb5_context context,
const char *name, /* in unix charset */
krb5_principal *principal);
diff --git a/source3/include/proto.h b/source3/include/proto.h
index c97adaa..285b44d 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -4060,7 +4060,8 @@ bool lp_client_use_spnego(void);
bool lp_hostname_lookups(void);
bool lp_change_notify(const struct share_params *p );
bool lp_kernel_change_notify(const struct share_params *p );
-bool lp_use_kerberos_keytab(void);
+char * lp_dedicated_keytab_file(void);
+int lp_kerberos_method(void);
bool lp_defer_sharing_violations(void);
bool lp_enable_privileges(void);
bool lp_enable_asu_support(void);
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index de3fdeb..4483d2b 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -31,6 +31,86 @@
const krb5_data *krb5_princ_component(krb5_context, krb5_principal, int );
#endif
+static bool ads_dedicated_keytab_verify_ticket(krb5_context context,
+ krb5_auth_context auth_context,
+ const DATA_BLOB *ticket,
+ krb5_ticket **pp_tkt,
+ krb5_keyblock **keyblock,
+ krb5_error_code *perr)
+{
+ krb5_error_code ret = 0;
+ bool auth_ok = false;
+ krb5_keytab keytab = NULL;
+ krb5_keytab_entry kt_entry;
+ krb5_ticket *dec_ticket = NULL;
+
+ krb5_data packet;
+
+ *pp_tkt = NULL;
+ *keyblock = NULL;
+ *perr = 0;
+
+ ZERO_STRUCT(kt_entry);
+
+
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-174-gfffd94b
The branch, master has been updated via fffd94b442e143ddd995ba356497dc6c2528ed4b (commit) from 31e46ff4ac2c2c339542450cf0e5f46cc990df71 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fffd94b442e143ddd995ba356497dc6c2528ed4b Author: Steven Danneman steven.danne...@isilon.com Date: Tue Jan 27 13:24:38 2009 -0800 Move S3 specific parameters to S3 conf file in make test. --- Summary of changes: source3/script/tests/selftest.sh |5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/selftest.sh b/source3/script/tests/selftest.sh index 0f1ca32..9462184 100755 --- a/source3/script/tests/selftest.sh +++ b/source3/script/tests/selftest.sh @@ -170,8 +170,6 @@ cat $COMMONCONFFILEEOF private dir = $PRIVATEDIR pid directory = $PIDDIR lock directory = $LOCKDIR - state directory = $LOCKDIR - cache directory = $LOCKDIR log file = $LOGDIR/log.%m log level = 0 @@ -207,6 +205,9 @@ cat $SERVERCONFFILEEOF panic action = $SCRIPTDIR/gdb_backtrace %d %\$(MAKE_TEST_BINARY) include = $COMMONCONFFILE + state directory = $LOCKDIR + cache directory = $LOCKDIR + passdb backend = tdbsam domain master = yes -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-111-gb7eabeb
The branch, master has been updated
via b7eabeb347d6815a7a4a0ece282dba5da94777ca (commit)
from 481183ab025a84dd8d08c1e365251b274597b6c9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b7eabeb347d6815a7a4a0ece282dba5da94777ca
Author: Dan Sledz dsl...@isilon.com
Date: Thu Jan 8 17:09:28 2009 -0800
s3: OneFS unmappable sids support.
Updates the onefs vfs module to add configurable behavior to deal
with sids that are unknown to us. The best examples are aces that
come from robocopy/xcopy.
Adds the following share level options (which are specific to the vfs_onefs
module):
onefs: ignore unmappable sids (Default = false)
If this option is set to true, sids which could not be resolved to
a uid/gid are ignored. If an unmappable sid is encountered as the owner
or group, the owner/group is converted to BUILTIN\Administrators.
onefs: unmappable sids ignore list (Default = empty)
Only the sids in the list are ignored.
onefs: ignore sacls (Default = false)
SACLs are ignored
onefs: unmappable sids deny everyone (Default = false)
If an unmappable sid is found in a deny ACE, the ACE's identity is
changed to Everyone.
---
Summary of changes:
source3/modules/onefs.h| 10 ++-
source3/modules/onefs_acl.c| 238 +---
source3/modules/onefs_system.c |2 +-
3 files changed, 183 insertions(+), 67 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h
index 6e5eae3..e189fc4 100644
--- a/source3/modules/onefs.h
+++ b/source3/modules/onefs.h
@@ -45,6 +45,14 @@ enum onefs_acl_wire_format
#define PARM_SIMPLE_FILE_SHARING_COMPATIBILITY_MODE_DEFAULT false
#define PARM_CREATOR_OWNER_GETS_FULL_CONTROL creator owner gets full control
#define PARM_CREATOR_OWNER_GETS_FULL_CONTROL_DEFAULT true
+#define PARM_UNMAPPABLE_SIDS_DENY_EVERYONE unmappable sids deny everyone
+#define PARM_UNMAPPABLE_SIDS_DENY_EVERYONE_DEFAULT false
+#define PARM_UNMAPPABLE_SIDS_IGNORE ignore unmappable sids
+#define PARM_UNMAPPABLE_SIDS_IGNORE_DEFAULT false
+#define PARM_UNMAPPABLE_SIDS_IGNORE_LIST unmappable sids ignore list
+#define PARM_UNMAPPABLE_SIDS_IGNORE_LIST_DEFAULT NULL
+#define PARM_IGNORE_SACL ignore sacl
+#define PARM_IGNORE_SACL_DEFAULT false
/*
* vfs interface handlers
@@ -105,7 +113,7 @@ NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
* Utility functions
*/
NTSTATUS onefs_samba_sd_to_sd(uint32 security_info_sent, SEC_DESC *psd,
- struct ifs_security_descriptor *sd);
+ struct ifs_security_descriptor *sd, int snum);
NTSTATUS onefs_split_ntfs_stream_name(TALLOC_CTX *mem_ctx, const char *fname,
char **pbase, char **pstream);
diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c
index 9258e0c..b9ec2d6 100644
--- a/source3/modules/onefs_acl.c
+++ b/source3/modules/onefs_acl.c
@@ -35,7 +35,8 @@ const struct enum_list enum_onefs_acl_wire_format[] = {
* Turn SID into UID/GID and setup a struct ifs_identity
*/
static bool
-onefs_sid_to_identity(const DOM_SID *sid, struct ifs_identity *id, bool
is_group)
+onefs_sid_to_identity(const DOM_SID *sid, struct ifs_identity *id,
+bool is_group)
{
enum ifs_identity_type type = IFS_ID_TYPE_LAST+1;
uid_t uid = 0;
@@ -111,18 +112,137 @@ onefs_identity_to_sid(struct ifs_identity *id, DOM_SID
*sid)
return true;
}
+static bool
+onefs_og_to_identity(DOM_SID *sid, struct ifs_identity * ident,
+bool is_group, int snum)
+{
+ const DOM_SID *b_admin_sid = global_sid_Builtin_Administrators;
+
+ if (!onefs_sid_to_identity(sid, ident, is_group)) {
+ if (!lp_parm_bool(snum, PARM_ONEFS_TYPE,
+PARM_UNMAPPABLE_SIDS_IGNORE,
+PARM_UNMAPPABLE_SIDS_IGNORE_DEFAULT)) {
+ DEBUG(3, (Unresolvable SID (%s) found.\n,
+ sid_string_dbg(sid)));
+ return false;
+ }
+ if (!onefs_sid_to_identity(b_admin_sid, ident, is_group)) {
+ return false;
+ }
+ DEBUG(3, (Mapping unresolvable owner SID (%s) to Builtin
+ Administrators group.\n,
+ sid_string_dbg(sid)));
+ }
+ return true;
+}
+
+static bool
+sid_in_ignore_list(DOM_SID * sid, int snum)
+{
+ const char ** sid_list = NULL;
+ DOM_SID match;
+
+ sid_list = lp_parm_string_list(snum, PARM_ONEFS_TYPE,
+ PARM_UNMAPPABLE_SIDS_IGNORE_LIST,
+ PARM_UNMAPPABLE_SIDS_IGNORE_LIST_DEFAULT);
+
+ /* Fast path a NULL list */
+
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-69-g989ad44
The branch, master has been updated
via 989ad44d32c2e77972a966d91f1813b0b929f83b (commit)
from e9615b43b4dc7037da7bc274d720b8e54c7f85bc (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 989ad44d32c2e77972a966d91f1813b0b929f83b
Author: todd stecher todd.stec...@gmail.com
Date: Mon Jan 19 15:09:51 2009 -0800
Memory leaks and other fixes found by Coverity
---
Summary of changes:
source3/auth/pampass.c |4 ++-
source3/include/proto.h |2 +-
source3/lib/dprintf.c| 26 --
source3/libsmb/clikrb5.c | 10 +++---
source3/nmbd/nmbd_incomingrequests.c |4 +-
source3/nmbd/nmbd_serverlistdb.c |2 +-
source3/passdb/pdb_interface.c |6 +++
source3/passdb/pdb_ldap.c|1 +
source3/rpc_client/cli_spoolss.c | 66 ++---
source3/rpc_parse/parse_buffer.c | 11 +++---
source3/rpc_server/srv_pipe.c|4 ++-
source3/rpc_server/srv_spoolss_nt.c |3 +-
source3/rpc_server/srv_svcctl_nt.c |2 -
source3/utils/net_rpc.c | 12 +-
source3/winbindd/winbindd_group.c|8 -
source3/winbindd/winbindd_user.c |8 -
source3/winbindd/winbindd_util.c | 12 +-
source3/winbindd/winbindd_wins.c | 10 -
testsuite/printing/psec.c|7 +++-
19 files changed, 136 insertions(+), 62 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c
index 9345eed..4312b77 100644
--- a/source3/auth/pampass.c
+++ b/source3/auth/pampass.c
@@ -462,7 +462,9 @@ static bool smb_pam_end(pam_handle_t *pamh, struct pam_conv
*smb_pam_conv_ptr)
static bool smb_pam_start(pam_handle_t **pamh, const char *user, const char
*rhost, struct pam_conv *pconv)
{
int pam_error;
+#ifdef PAM_RHOST
const char *our_rhost;
+#endif
char addr[INET6_ADDRSTRLEN];
*pamh = (pam_handle_t *)NULL;
@@ -475,6 +477,7 @@ static bool smb_pam_start(pam_handle_t **pamh, const char
*user, const char *rho
return False;
}
+#ifdef PAM_RHOST
if (rhost == NULL) {
our_rhost = client_name(get_client_fd());
if (strequal(our_rhost,UNKNOWN))
@@ -483,7 +486,6 @@ static bool smb_pam_start(pam_handle_t **pamh, const char
*user, const char *rho
our_rhost = rhost;
}
-#ifdef PAM_RHOST
DEBUG(4,(smb_pam_start: PAM: setting rhost to: %s\n, our_rhost));
pam_error = pam_set_item(*pamh, PAM_RHOST, our_rhost);
if(!smb_pam_error_handler(*pamh, pam_error, set rhost failed, 0)) {
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 9ce6a9d..1445b10 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5581,7 +5581,7 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli,
/* The following definitions come from rpc_parse/parse_buffer.c */
-void rpcbuf_init(RPC_BUFFER *buffer, uint32 size, TALLOC_CTX *ctx);
+bool rpcbuf_init(RPC_BUFFER *buffer, uint32 size, TALLOC_CTX *ctx);
bool prs_rpcbuffer(const char *desc, prs_struct *ps, int depth, RPC_BUFFER
*buffer);
bool prs_rpcbuffer_p(const char *desc, prs_struct *ps, int depth, RPC_BUFFER
**buffer);
bool rpcbuf_alloc_size(RPC_BUFFER *buffer, uint32 buffer_size);
diff --git a/source3/lib/dprintf.c b/source3/lib/dprintf.c
index b3c830d..631c45a 100644
--- a/source3/lib/dprintf.c
+++ b/source3/lib/dprintf.c
@@ -32,24 +32,27 @@
int d_vfprintf(FILE *f, const char *format, va_list ap)
{
- char *p, *p2;
+ char *p = NULL, *p2 = NULL;
int ret, maxlen, clen;
const char *msgstr;
va_list ap2;
+ va_copy(ap2, ap);
+
/* do any message translations */
msgstr = lang_msg(format);
- if (!msgstr) return -1;
-
- va_copy(ap2, ap);
+ if (!msgstr) {
+ ret = -1;
+ goto out;
+ }
ret = vasprintf(p, msgstr, ap2);
lang_msg_free(msgstr);
if (ret = 0) {
- va_end(ap2);
- return ret;
+ ret = -1;
+ goto out;
}
/* now we have the string in unix format, convert it to the display
@@ -58,10 +61,10 @@
again:
p2 = (char *)SMB_MALLOC(maxlen);
if (!p2) {
- SAFE_FREE(p);
- va_end(ap2);
- return -1;
+ ret = -1;
+ goto out;
}
+
clen = convert_string(CH_UNIX, CH_DISPLAY, p, ret, p2, maxlen, True);
if (clen = maxlen) {
@@ -72,10 +75,11 @@ again:
}
/* good, its converted OK */
- SAFE_FREE(p);
ret = fwrite(p2, 1, clen, f);
- SAFE_FREE(p2);
+out:
+ SAFE_FREE(p);
+ SAFE_FREE(p2);
[SCM] Samba Shared Repository - branch master updated - 4a578ec50b672d564150c956d5e479b4a3e9031b
The branch, master has been updated
via 4a578ec50b672d564150c956d5e479b4a3e9031b (commit)
via 7b02e05eb64f3ffd7aa1cf027d10a7343c0da757 (commit)
from f497a79f28180e1ddcdb1749e4e5c43532474de9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4a578ec50b672d564150c956d5e479b4a3e9031b
Author: Steven Danneman steven.danne...@isilon.com
Date: Sun Jan 11 22:56:48 2009 -0800
Covert several persistant tdb files to use state_path() instead of
lock_path()
commit 7b02e05eb64f3ffd7aa1cf027d10a7343c0da757
Author: Steven Danneman steven.danne...@isilon.com
Date: Sun Jan 11 22:44:10 2009 -0800
Audit usage of get_dyn_STATEDIR() and replace with state_path()
The state directory is now run-time configurable through loadparm, so all
references to it should be done through state_path() or lp_statedir().
---
Summary of changes:
source3/modules/vfs_acl_tdb.c |2 +-
source3/modules/vfs_xattr_tdb.c |2 +-
source3/nmbd/nmbd_winsserver.c |6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index 3d140e3..a796981 100644
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -44,7 +44,7 @@ static bool acl_tdb_init(struct db_context **pp_db)
return true;
}
- dbname = lock_path(file_ntacls.tdb);
+ dbname = state_path(file_ntacls.tdb);
if (dbname == NULL) {
errno = ENOSYS;
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 8320a58..c4806e2 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -576,7 +576,7 @@ static bool xattr_tdb_init(int snum, struct db_context
**p_db)
const char *dbname;
dbname = lp_parm_const_string(snum, xattr_tdb, file,
- lock_path(xattr.tdb));
+ state_path(xattr.tdb));
if (dbname == NULL) {
errno = ENOSYS;
diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c
index 74bed68..fecc5ba 100644
--- a/source3/nmbd/nmbd_winsserver.c
+++ b/source3/nmbd/nmbd_winsserver.c
@@ -583,7 +583,7 @@ bool initialise_wins(void)
}
/* Open the wins.tdb. */
- wins_tdb = tdb_open_log(lock_path(wins.tdb), 0,
TDB_DEFAULT|TDB_CLEAR_IF_FIRST, O_CREAT|O_RDWR, 0600);
+ wins_tdb = tdb_open_log(state_path(wins.tdb), 0,
TDB_DEFAULT|TDB_CLEAR_IF_FIRST, O_CREAT|O_RDWR, 0600);
if (!wins_tdb) {
DEBUG(0,(initialise_wins: failed to open wins.tdb. Error was
%s\n,
strerror(errno) ));
@@ -2366,7 +2366,7 @@ void wins_write_database(time_t t, bool background)
}
}
- if (asprintf(fname, %s/%s, get_dyn_STATEDIR(), WINS_LIST) 0) {
+ if (!(fname = state_path(WINS_LIST))) {
goto err_exit;
}
/* This is safe as the 0 length means don't expand. */
@@ -2394,8 +2394,8 @@ void wins_write_database(time_t t, bool background)
err_exit:
- SAFE_FREE(fname);
SAFE_FREE(fnamenew);
+ /* fname is talloced and doesn't need to be freed */
if (background) {
_exit(0);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - 9a90e4cecb2ab4afe54d2354fb9b6e985eeb245f
The branch, master has been updated
via 9a90e4cecb2ab4afe54d2354fb9b6e985eeb245f (commit)
via fd84ef938b02b43ed2ce41f1fdb195ed6beff0d9 (commit)
via 9affa82ac29a0cc03049c5440370564680cd66b2 (commit)
via 8f84d42f72896170332ade0876fdc9d99350e9f0 (commit)
via 04959a00e40405a00a80d4188d2313edeee72aa0 (commit)
from f308c2f9da7e9901aacb10a8bb19074fcadb056b (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9a90e4cecb2ab4afe54d2354fb9b6e985eeb245f
Author: Steven Danneman steven.danne...@isilon.com
Date: Sun Dec 28 17:22:28 2008 -0800
Add -D option to sharesec util to delete the entire security descriptor.
* also modified --usage descriptions to be more accurate
commit fd84ef938b02b43ed2ce41f1fdb195ed6beff0d9
Author: Steven Danneman steven.danne...@isilon.com
Date: Sun Dec 28 17:21:36 2008 -0800
Change error messages in sharesec util to go to stderr instead of stdout
commit 9affa82ac29a0cc03049c5440370564680cd66b2
Author: Steven Danneman steven.danne...@isilon.com
Date: Sun Dec 28 17:16:28 2008 -0800
Make sure share_info.tdb is open before attempting to delete an entry
commit 8f84d42f72896170332ade0876fdc9d99350e9f0
Author: Steven Danneman steven.danne...@isilon.com
Date: Fri Dec 26 12:41:29 2008 -0800
Make sharesec utility part of the default binary install.
commit 04959a00e40405a00a80d4188d2313edeee72aa0
Author: Steven Danneman steven.danne...@isilon.com
Date: Wed Dec 24 17:03:22 2008 -0800
Cleaned up whitespace issues in sharesec.c
---
Summary of changes:
source3/Makefile.in |4 +-
source3/lib/sharesec.c |8 ++-
source3/utils/sharesec.c | 125 ++---
3 files changed, 80 insertions(+), 57 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index f139d73..49f576f 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -192,7 +192,7 @@ BIN_PROGS2 = bin/smbcont...@exeext@ bin/smbt...@exeext@
bin/tdbbac...@exeext@ \
bin/nmbloo...@exeext@ bin/pdbe...@exeext@ bin/tdbd...@exeext@ \
bin/tdbt...@exeext@
BIN_PROGS3 = bin/smbpas...@exeext@ bin/rpccli...@exeext@ bin/smbca...@exeext@ \
- bin/profi...@exeext@ bin/ntlm_a...@exeext@ \
+ bin/profi...@exeext@ bin/ntlm_a...@exeext@ bin/share...@exeext@ \
bin/smbcquo...@exeext@ bin/eventlog...@exeext@
BIN_PROGS4 = bin/ldbe...@exeext@ bin/ldbsea...@exeext@ bin/ldb...@exeext@ \
bin/ldb...@exeext@ bin/ldbmod...@exeext@
@@ -209,7 +209,7 @@ BIN_PROGS = @EXTRA_BIN_PROGS@ \
EVERYTHING_PROGS = bin/debug2h...@exeext@ bin/smbfil...@exeext@ \
bin/talloct...@exeext@ bin/replacet...@exeext@ \
- bin/log2p...@exeext@ bin/share...@exeext@ \
+ bin/log2p...@exeext@ \
bin/v...@exeext@ bin/smbic...@exeext@
PAM_MODULES = @PAM_MODULES@
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index 8ea63a5..3866ff0 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -41,7 +41,7 @@ static bool share_info_db_init(void)
{
const char *vstring = INFO/version;
int32 vers_id;
-
+
if (share_db != NULL) {
return True;
}
@@ -53,7 +53,7 @@ static bool share_info_db_init(void)
state_path(share_info.tdb), strerror(errno) ));
return False;
}
-
+
vers_id = dbwrap_fetch_int32(share_db, vstring);
if (vers_id == SHARE_DATABASE_VERSION_V2) {
return true;
@@ -252,6 +252,10 @@ bool delete_share_security(const char *servicename)
char *key;
NTSTATUS status;
+ if (!share_info_db_init()) {
+ return False;
+ }
+
if (!(key = talloc_asprintf(talloc_tos(), SECDESC/%s,
servicename))) {
return False;
diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c
index 3ad949a..ae2a9ad 100644
--- a/source3/utils/sharesec.c
+++ b/source3/utils/sharesec.c
@@ -26,7 +26,12 @@
static TALLOC_CTX *ctx;
-enum acl_mode {SMB_ACL_DELETE, SMB_ACL_MODIFY, SMB_ACL_ADD, SMB_ACL_SET,
SMB_ACL_VIEW };
+enum acl_mode { SMB_ACL_DELETE,
+ SMB_ACL_MODIFY,
+ SMB_ACL_ADD,
+ SMB_ACL_SET,
+ SMB_SD_DELETE,
+ SMB_ACL_VIEW };
struct perm_value {
const char *perm;
@@ -45,7 +50,8 @@ static const struct perm_value special_values[] = {
{ NULL, 0 },
};
-#define SEC_RIGHTS_DIR_CHANGE (
SEC_RIGHTS_DIR_READ|SEC_STD_DELETE|SEC_RIGHTS_DIR_WRITE|SEC_DIR_TRAVERSE )
+#define SEC_RIGHTS_DIR_CHANGE ( SEC_RIGHTS_DIR_READ|SEC_STD_DELETE|\
+ SEC_RIGHTS_DIR_WRITE|SEC_DIR_TRAVERSE )
static const struct perm_value standard_values[] = {
{ READ
[SCM] Samba Shared Repository - branch master updated - 85b8cccab072bab263061654b677bc84826646c9
The branch, master has been updated via 85b8cccab072bab263061654b677bc84826646c9 (commit) via 239f815e30a4e5f64112a8da6401614eb3218eb5 (commit) from c09e04ac83365333605b7b1db3d07ccfd451a667 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 85b8cccab072bab263061654b677bc84826646c9 Author: Steven Danneman [EMAIL PROTECTED] Date: Tue Dec 2 20:15:34 2008 -0800 Add support for OneFS ACLs Add to the OneFS VFS module, support for NTFS ACLs through the calls: SMB_VFS_FGET_NT_ACL() SMB_VFS_GET_NT_ACL() SMB_VFS_FSET_NT_ACL() Also create several new onefs specific smb.conf parameters in onefs.h commit 239f815e30a4e5f64112a8da6401614eb3218eb5 Author: Tim Prouty [EMAIL PROTECTED] Date: Thu Oct 23 20:49:55 2008 -0700 Add OneFS VFS module skeleton. Also set configure to autodetect OneFS OS and build this VFS module. --- Summary of changes: source3/Makefile.in |5 + source3/configure.in| 19 + source3/modules/onefs.h | 52 +++ source3/modules/onefs_acl.c | 807 +++ source3/modules/vfs_onefs.c | 48 +++ 5 files changed, 931 insertions(+), 0 deletions(-) create mode 100644 source3/modules/onefs.h create mode 100644 source3/modules/onefs_acl.c create mode 100644 source3/modules/vfs_onefs.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 37c48d4..83e94a4 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -650,6 +650,7 @@ VFS_SYNCOPS_OBJ = modules/vfs_syncops.o VFS_ACL_XATTR_OBJ = modules/vfs_acl_xattr.o VFS_ACL_TDB_OBJ = modules/vfs_acl_tdb.o VFS_SMB_TRAFFIC_ANALYZER_OBJ = modules/vfs_smb_traffic_analyzer.o +VFS_ONEFS_OBJ = modules/vfs_onefs.o modules/onefs_acl.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o @@ -2479,6 +2480,10 @@ bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(VFS_ACL_TDB_OBJ) @echo Building plugin $@ @$(SHLD_MODULE) $(VFS_ACL_TDB_OBJ) +bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(VFS_ONEFS_OBJ) + @echo Building plugin $@ + @$(SHLD_MODULE) $(VFS_ONEFS_OBJ) @ONEFS_LIBS@ + bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) libgpo/gpext/registry.o @echo Building plugin $@ @$(SHLD_MODULE) libgpo/gpext/registry.o diff --git a/source3/configure.in b/source3/configure.in index 79bd63d..40e78e8 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1052,6 +1052,24 @@ if test x$samba_cv_HAVE_GPFS = xyes; then fi LIBS=$save_LIBS +# +# check if building on Isilon OneFS +printf %s checking for Isilon OneFS... +save_LIBS=$LIBS +LIBS=$LIBS -lisi_version +AC_TRY_LINK([#include isi_version/isi_version.h], + [get_isilon_copyright()], + samba_cv_HAVE_ONEFS=yes, + samba_cv_HAVE_ONEFS=no) +echo $samba_cv_HAVE_ONEFS +if test x$samba_cv_HAVE_ONEFS = xyes; then +AC_DEFINE(HAVE_ONEFS,1,[Whether building on Isilon OneFS]) +default_shared_modules=$default_shared_modules vfs_onefs +ONEFS_LIBS=-lisi_acl +fi +AC_SUBST(ONEFS_LIBS) +LIBS=$save_LIBS + # Note that all the libunwind symbols in the API are defined to internal # platform-specific version, so we must include libunwind.h before checking # any of them. @@ -6127,6 +6145,7 @@ SMB_MODULE(vfs_notify_fam, \$(VFS_NOTIFY_FAM_OBJ), bin/notify_fam.$SHLIBEXT, V SMB_MODULE(vfs_acl_xattr, \$(VFS_ACL_XATTR_OBJ), bin/acl_xattr.$SHLIBEXT, VFS) SMB_MODULE(vfs_acl_tdb, \$(VFS_ACL_TDB_OBJ), bin/acl_tdb.$SHLIBEXT, VFS) SMB_MODULE(vfs_smb_traffic_analyzer, \$(VFS_SMB_TRAFFIC_ANALYZER_OBJ), bin/smb_traffic_analyzer.$SHLIBEXT, VFS) +SMB_MODULE(vfs_onefs, \$(VFS_ONEFS), bin/onefs.$SHLIBEXT, VFS) SMB_SUBSYSTEM(VFS,smbd/vfs.o) diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h new file mode 100644 index 000..965f395 --- /dev/null +++ b/source3/modules/onefs.h @@ -0,0 +1,52 @@ +/* + * Unix SMB/CIFS implementation. + * Support for OneFS + * + * Copyright (C) Steven Danneman, 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see http://www.gnu.org/licenses/. + */ + +#ifndef _ONEFS_H +#define _ONEFS_H + +/* OneFS Module smb.conf parameters and defaults */ + +/** +* Specifies when ACLs
[SCM] Samba Shared Repository - branch master updated - 8340d100f6048776f6fd87704a10e7c103714ae7
The branch, master has been updated
via 8340d100f6048776f6fd87704a10e7c103714ae7 (commit)
from 8fc15ab96d198dce6da2324bbd589a5e9e66740e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8340d100f6048776f6fd87704a10e7c103714ae7
Author: Steven Danneman [EMAIL PROTECTED]
Date: Sun Nov 30 15:51:38 2008 -0800
Set PRESENT flag when returning NULL [SD]ACL like Windows does.
This could also be handled inside each ACL VFS module, by setting the
PRESENT
flag when a NULL [SD]ACL is created.
---
Summary of changes:
source3/smbd/nttrans.c | 10 +-
1 files changed, 9 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 18dd7d5..777073e 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1587,12 +1587,20 @@ static void
call_nt_transact_query_security_desc(connection_struct *conn,
status = SMB_VFS_FGET_NT_ACL(
fsp, security_info_wanted, psd);
}
-
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
return;
}
+ /* If the SACL/DACL is NULL, but was requested, we mark that it is
+* present in the reply to match Windows behavior */
+ if (psd-sacl == NULL
+ security_info_wanted SACL_SECURITY_INFORMATION)
+ psd-type |= SEC_DESC_SACL_PRESENT;
+ if (psd-dacl == NULL
+ security_info_wanted DACL_SECURITY_INFORMATION)
+ psd-type |= SEC_DESC_DACL_PRESENT;
+
sd_size = ndr_size_security_descriptor(psd, 0);
DEBUG(3,(call_nt_transact_query_security_desc: sd_size =
%lu.\n,(unsigned long)sd_size));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - 7bd7846df7a28b9a066fd4d862de0e4d81aadb86
The branch, master has been updated
via 7bd7846df7a28b9a066fd4d862de0e4d81aadb86 (commit)
from 0744c32678da3757d5e16802e4c153bae72b961a (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7bd7846df7a28b9a066fd4d862de0e4d81aadb86
Author: Steven Danneman [EMAIL PROTECTED]
Date: Sun Nov 30 16:26:10 2008 -0800
Make nt4_compatible_acls() non-static for use by VFS ACL modules.
---
Summary of changes:
source3/include/proto.h |1 +
source3/smbd/posix_acls.c |2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 2dd9b61..4bc524f 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -8226,6 +8226,7 @@ void reply_pipe_close(connection_struct *conn, struct
smb_request *req);
/* The following definitions come from smbd/posix_acls.c */
void create_file_sids(const SMB_STRUCT_STAT *psbuf, DOM_SID *powner_sid,
DOM_SID *pgroup_sid);
+bool nt4_compatible_acls(void);
NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32
security_info_sent, const SEC_DESC *psd);
SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl);
NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 0529d27..97fd3b2 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -870,7 +870,7 @@ static void merge_aces( canon_ace **pp_list_head )
Check if we need to return NT4.x compatible ACL entries.
/
-static bool nt4_compatible_acls(void)
+bool nt4_compatible_acls(void)
{
int compat = lp_acl_compatibility();
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - 798b9e1ad6bbdcf873285d0e1c5008e566744162
The branch, master has been updated
via 798b9e1ad6bbdcf873285d0e1c5008e566744162 (commit)
from a36415a5651c598e1dd28e163995e266dad51130 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 798b9e1ad6bbdcf873285d0e1c5008e566744162
Author: Steven Danneman [EMAIL PROTECTED]
Date: Sun Nov 23 18:20:19 2008 -0800
Fix to allow setting of NULL DACL/SACL
This is a modification of Jeremy's 7522ef15aca2429ef57c75d8297dd8121e79c9da
commit.
If no DACL/SACL is present in the packet, the SEC_INFO field should still be
passed down as is to the VFS layer to signal the creation of a NULL
DACL/SACL.
As seen in metze RAW-ACL test_nttrans_create_null_dacl(), a NULL DACL is set
regardless of the SEC_DESC_DACL_PRESENT bit being set.
---
Summary of changes:
source3/smbd/nttrans.c | 13 ++---
1 files changed, 2 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 52c16e2..8a18c87 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -721,21 +721,12 @@ static NTSTATUS set_sd(files_struct *fsp, uint8 *data,
uint32 sd_len,
return status;
}
- if (psd-owner_sid==0) {
+ if (psd-owner_sid == NULL) {
security_info_sent = ~OWNER_SECURITY_INFORMATION;
}
- if (psd-group_sid==0) {
+ if (psd-group_sid == NULL) {
security_info_sent = ~GROUP_SECURITY_INFORMATION;
}
- if (psd-sacl==0) {
- security_info_sent = ~SACL_SECURITY_INFORMATION;
- }
- if (security_info_sent DACL_SECURITY_INFORMATION) {
- psd-type |= SEC_DESC_DACL_PRESENT;
- }
- if (psd-dacl==0) {
- security_info_sent = ~DACL_SECURITY_INFORMATION;
- }
/* Convert all the generic bits. */
security_acl_map_generic(psd-dacl, file_generic_mapping);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - 6d59be1e6d83d4faf145c9b6d574bab9f2acb36a
The branch, master has been updated
via 6d59be1e6d83d4faf145c9b6d574bab9f2acb36a (commit)
via 9a7900fb38b9690bf51ab638c0f0629f2557b870 (commit)
from 0e62bb39de93433dfeb7f822ec1026da7ed643f4 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6d59be1e6d83d4faf145c9b6d574bab9f2acb36a
Author: Steven Danneman [EMAIL PROTECTED]
Date: Sat Nov 15 13:07:15 2008 -0800
Fix extended DN parse error when AD object does not have a SID.
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular
return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a
parse
error occured because of bad input, or the DN was valid but contained no
SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
commit 9a7900fb38b9690bf51ab638c0f0629f2557b870
Author: Steven Danneman [EMAIL PROTECTED]
Date: Fri Nov 14 19:16:12 2008 -0800
Whitespace and 80 column cleanups.
---
Summary of changes:
source3/include/proto.h |8 +-
source3/libads/ldap.c | 78 ++--
source3/winbindd/winbindd_ads.c | 125 +---
source3/winbindd/winbindd_group.c |4 +-
4 files changed, 125 insertions(+), 90 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 3342584..1cdf6c9 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1920,10 +1920,10 @@ ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
char ***ous,
size_t *num_ous);
-bool ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
- const char *extended_dn,
- enum ads_extended_dn_flags flags,
- DOM_SID *sid);
+ADS_STATUS ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
+ const char *extended_dn,
+ enum ads_extended_dn_flags flags,
+ DOM_SID *sid);
char* ads_get_dnshostname( ADS_STRUCT *ads, TALLOC_CTX *ctx, const char
*machine_name );
char* ads_get_upn( ADS_STRUCT *ads, TALLOC_CTX *ctx, const char *machine_name
);
char* ads_get_samaccountname( ADS_STRUCT *ads, TALLOC_CTX *ctx, const char
*machine_name );
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 2dcd1fd..f55cfa7 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -3111,60 +3111,66 @@ ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads,
/**
* pull a DOM_SID from an extended dn string
- * @param mem_ctx TALLOC_CTX
+ * @param mem_ctx TALLOC_CTX
* @param extended_dn string
* @param flags string type of extended_dn
* @param sid pointer to a DOM_SID
- * @return boolean inidicating success
+ * @return NT_STATUS_OK on success,
+ *NT_INVALID_PARAMETER on error,
+ *NT_STATUS_NOT_FOUND if no SID present
**/
-bool ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
- const char *extended_dn,
- enum ads_extended_dn_flags flags,
- DOM_SID *sid)
+ADS_STATUS ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
+ const char *extended_dn,
+ enum ads_extended_dn_flags flags,
+ DOM_SID *sid)
{
char *p, *q, *dn;
if (!extended_dn) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
/* otherwise extended_dn gets stripped off */
if ((dn = talloc_strdup(mem_ctx, extended_dn)) == NULL) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
- /*
+ /*
* ADS_EXTENDED_DN_HEX_STRING:
*
GUID=238e1963cb390f4bb032ba0105525a29;SID=010500051500bb68c8fd6b61b427572eb0455604;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
*
* ADS_EXTENDED_DN_STRING (only with w2k3):
-
GUID=63198e23-39cb-4b0f-b032-ba0105525a29;SID=S-1-5-21-4257769659-666132843-1169174103-1110;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
+*
GUID=63198e23-39cb-4b0f-b032-ba0105525a29;SID=S-1-5-21-4257769659-666132843-1169174103-1110;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
+*
+* Object with no SID, such as an Exchange Public Folder
+* GUID=28907fb4bdf6854993e7f0a10b504e7c;CN=public,CN=Microsoft
Exchange
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-4399-gc9b3bbd
The branch, v3-3-test has been updated
via c9b3bbdc3c36580dcb18a99ac58ae143b1926d8e (commit)
via f778c89592b5884c2d572c31dac3ccc14ac10dfb (commit)
from 39f47db6f93132ebeef185f064652944aec11d99 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -
commit c9b3bbdc3c36580dcb18a99ac58ae143b1926d8e
Author: Steven Danneman [EMAIL PROTECTED]
Date: Sat Nov 15 13:07:15 2008 -0800
Fix extended DN parse error when AD object does not have a SID.
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular
return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a
parse
error occured because of bad input, or the DN was valid but contained no
SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
commit f778c89592b5884c2d572c31dac3ccc14ac10dfb
Author: Steven Danneman [EMAIL PROTECTED]
Date: Fri Nov 14 19:16:12 2008 -0800
Whitespace and 80 column cleanups.
---
Summary of changes:
source/include/proto.h |8 +-
source/libads/ldap.c | 78 ++--
source/winbindd/winbindd_ads.c | 125 ++
source/winbindd/winbindd_group.c |4 +-
4 files changed, 125 insertions(+), 90 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/proto.h b/source/include/proto.h
index 7f0c1f0..2e46bca 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -2102,10 +2102,10 @@ ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
char ***ous,
size_t *num_ous);
-bool ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
- const char *extended_dn,
- enum ads_extended_dn_flags flags,
- DOM_SID *sid);
+ADS_STATUS ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
+ const char *extended_dn,
+ enum ads_extended_dn_flags flags,
+ DOM_SID *sid);
char* ads_get_dnshostname( ADS_STRUCT *ads, TALLOC_CTX *ctx, const char
*machine_name );
char* ads_get_upn( ADS_STRUCT *ads, TALLOC_CTX *ctx, const char *machine_name
);
char* ads_get_samaccountname( ADS_STRUCT *ads, TALLOC_CTX *ctx, const char
*machine_name );
diff --git a/source/libads/ldap.c b/source/libads/ldap.c
index 03d02fc..97e802a 100644
--- a/source/libads/ldap.c
+++ b/source/libads/ldap.c
@@ -3111,60 +3111,66 @@ ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads,
/**
* pull a DOM_SID from an extended dn string
- * @param mem_ctx TALLOC_CTX
+ * @param mem_ctx TALLOC_CTX
* @param extended_dn string
* @param flags string type of extended_dn
* @param sid pointer to a DOM_SID
- * @return boolean inidicating success
+ * @return NT_STATUS_OK on success,
+ *NT_INVALID_PARAMETER on error,
+ *NT_STATUS_NOT_FOUND if no SID present
**/
-bool ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
- const char *extended_dn,
- enum ads_extended_dn_flags flags,
- DOM_SID *sid)
+ADS_STATUS ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
+ const char *extended_dn,
+ enum ads_extended_dn_flags flags,
+ DOM_SID *sid)
{
char *p, *q, *dn;
if (!extended_dn) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
/* otherwise extended_dn gets stripped off */
if ((dn = talloc_strdup(mem_ctx, extended_dn)) == NULL) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
- /*
+ /*
* ADS_EXTENDED_DN_HEX_STRING:
*
GUID=238e1963cb390f4bb032ba0105525a29;SID=010500051500bb68c8fd6b61b427572eb0455604;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
*
* ADS_EXTENDED_DN_STRING (only with w2k3):
-
GUID=63198e23-39cb-4b0f-b032-ba0105525a29;SID=S-1-5-21-4257769659-666132843-1169174103-1110;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
+*
GUID=63198e23-39cb-4b0f-b032-ba0105525a29;SID=S-1-5-21-4257769659-666132843-1169174103-1110;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
+*
+* Object with no SID, such as an Exchange Public Folder
+* GUID=28907fb4bdf6854993e7f0a10b504e7c;CN=public,CN=Microsoft
Exchange System
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-3166-g48959de
The branch, v3-2-test has been updated
via 48959de11bdeea7f114d8019349b37ada1df5aef (commit)
via 8a9df932bfcae6bb9bd60914e9c74d13b3dfcd30 (commit)
from 40712b9ab1e915d405db45e2f18c72a9957158a9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -
commit 48959de11bdeea7f114d8019349b37ada1df5aef
Author: Steven Danneman [EMAIL PROTECTED]
Date: Sat Nov 15 13:07:15 2008 -0800
Fix extended DN parse error when AD object does not have a SID.
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular
return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a
parse
error occured because of bad input, or the DN was valid but contained no
SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
commit 8a9df932bfcae6bb9bd60914e9c74d13b3dfcd30
Author: Steven Danneman [EMAIL PROTECTED]
Date: Fri Nov 14 19:16:12 2008 -0800
Whitespace and 80 column cleanups.
---
Summary of changes:
source/libads/ldap.c | 78 ++--
source/winbindd/winbindd_ads.c | 125 ++
source/winbindd/winbindd_group.c |2 +-
3 files changed, 120 insertions(+), 85 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libads/ldap.c b/source/libads/ldap.c
index 842e4fd..fa27415 100644
--- a/source/libads/ldap.c
+++ b/source/libads/ldap.c
@@ -2922,60 +2922,66 @@ ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads,
/**
* pull a DOM_SID from an extended dn string
- * @param mem_ctx TALLOC_CTX
+ * @param mem_ctx TALLOC_CTX
* @param extended_dn string
* @param flags string type of extended_dn
* @param sid pointer to a DOM_SID
- * @return boolean inidicating success
+ * @return NT_STATUS_OK on success,
+ *NT_INVALID_PARAMETER on error,
+ *NT_STATUS_NOT_FOUND if no SID present
**/
-bool ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
- const char *extended_dn,
- enum ads_extended_dn_flags flags,
- DOM_SID *sid)
+ADS_STATUS ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
+ const char *extended_dn,
+ enum ads_extended_dn_flags flags,
+ DOM_SID *sid)
{
char *p, *q, *dn;
if (!extended_dn) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
/* otherwise extended_dn gets stripped off */
if ((dn = talloc_strdup(mem_ctx, extended_dn)) == NULL) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
- /*
+ /*
* ADS_EXTENDED_DN_HEX_STRING:
*
GUID=238e1963cb390f4bb032ba0105525a29;SID=010500051500bb68c8fd6b61b427572eb0455604;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
*
* ADS_EXTENDED_DN_STRING (only with w2k3):
-
GUID=63198e23-39cb-4b0f-b032-ba0105525a29;SID=S-1-5-21-4257769659-666132843-1169174103-1110;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
+*
GUID=63198e23-39cb-4b0f-b032-ba0105525a29;SID=S-1-5-21-4257769659-666132843-1169174103-1110;CN=gd,OU=berlin,OU=suse,DC=ber,DC=suse,DC=de
+*
+* Object with no SID, such as an Exchange Public Folder
+* GUID=28907fb4bdf6854993e7f0a10b504e7c;CN=public,CN=Microsoft
Exchange System Objects,DC=sd2k3ms,DC=west,DC=isilon,DC=com
*/
p = strchr(dn, ';');
if (!p) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
if (strncmp(p, ;SID=, strlen(;SID=)) != 0) {
- return False;
+ DEBUG(5,(No SID present in extended dn\n));
+ return ADS_ERROR_NT(NT_STATUS_NOT_FOUND);
}
p += strlen(;SID=);
q = strchr(p, '');
if (!q) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
-
+
*q = '\0';
DEBUG(100,(ads_get_sid_from_extended_dn: sid string is %s\n, p));
switch (flags) {
-
+
case ADS_EXTENDED_DN_STRING:
if (!string_to_sid(sid, p)) {
- return False;
+ return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
break;
case ADS_EXTENDED_DN_HEX_STRING: {
@@ -2984,21 +2990,21 @@ bool ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx,
buf_len = strhex_to_str(buf, sizeof(buf), p
[SCM] Samba Shared Repository - branch master updated - 00c6271d5cbbfe808b81906d5be2b328e4f25b30
The branch, master has been updated
via 00c6271d5cbbfe808b81906d5be2b328e4f25b30 (commit)
via 041c5cf3b5a2fba6ad49e049601b626d5b04ac3e (commit)
from 15c629181ab08f8b242b76df81e8c9863cc8342c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 00c6271d5cbbfe808b81906d5be2b328e4f25b30
Author: Steven Danneman [EMAIL PROTECTED]
Date: Mon Oct 27 23:37:55 2008 -0700
Added ability to remove id mappings in wbinfo and libwbclient.
The idmap_tdb backend already provides an interface to remove existing id
mappings. This commit plumbs that ability up through, winbindd,
libwbclient,
and wbinfo.
Added new winbindd command:
WINBINDD_REMOVE_MAPPING
Added new libwbclient interfaces:
wbcRemoveUidMapping() and wbcRemoveGidMapping()
Added new wbinfo options:
--remove-uid-mapping
--remove-gid-mapping
Increased libwbclient version to 0.2
Increased winbind interface version to 20
commit 041c5cf3b5a2fba6ad49e049601b626d5b04ac3e
Author: Steven Danneman [EMAIL PROTECTED]
Date: Mon Oct 27 23:46:44 2008 -0700
Added ability to set id mappings in wbinfo.
The two new parameters are:
--set-uid-mapping
--set-gid-mapping
These allow wbinfo to create new, or override existing id mappings in the
idmap backend. These expose the exisiting ability of libwbclient
and winbindd to do this, up through a command line utility.
---
Summary of changes:
source3/include/proto.h|1 +
source3/nsswitch/libwbclient/wbc_idmap.c | 86 ++
source3/nsswitch/libwbclient/wbclient.h|9 ++-
source3/nsswitch/wbinfo.c | 173
source3/nsswitch/winbind_struct_protocol.h |6 +-
source3/winbindd/idmap.c | 17 +++
source3/winbindd/idmap_tdb.c | 14 ++-
source3/winbindd/winbindd.c|1 +
source3/winbindd/winbindd_idmap.c | 63 ++
source3/winbindd/winbindd_proto.h |6 +
source3/winbindd/winbindd_sid.c| 42 +++
11 files changed, 414 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 1cdf6c9..45f6620 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -8665,6 +8665,7 @@ NTSTATUS idmap_backends_sid_to_unixid(const char *domname,
NTSTATUS idmap_new_mapping(const struct dom_sid *psid, enum id_type type,
struct unixid *pxid);
NTSTATUS idmap_set_mapping(const struct id_map *map);
+NTSTATUS idmap_remove_mapping(const struct id_map *map);
/* The following definitions come from winbindd/idmap_cache.c */
diff --git a/source3/nsswitch/libwbclient/wbc_idmap.c
b/source3/nsswitch/libwbclient/wbc_idmap.c
index 1615fd3..6652f67 100644
--- a/source3/nsswitch/libwbclient/wbc_idmap.c
+++ b/source3/nsswitch/libwbclient/wbc_idmap.c
@@ -362,6 +362,92 @@ wbcErr wbcSetGidMapping(gid_t gid, const struct
wbcDomainSid *sid)
return wbc_status;
}
+/** @brief Remove a user id mapping
+ *
+ * @param uid Uid of the mapping to remove.
+ * @param *sid Pointer to the sid of the mapping to remove.
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *sid_string = NULL;
+
+ if (!sid) {
+ return WBC_ERR_INVALID_PARAM;
+ }
+
+ /* Initialise request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* Make request */
+
+ request.data.dual_idmapset.id = uid;
+ request.data.dual_idmapset.type = _ID_TYPE_UID;
+
+ wbc_status = wbcSidToString(sid, sid_string);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ strncpy(request.data.dual_idmapset.sid, sid_string,
+ sizeof(request.data.dual_idmapset.sid)-1);
+ wbcFreeMemory(sid_string);
+
+ wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
+ request, response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Remove a group id mapping
+ *
+ * @param gid Gid of the mapping to remove.
+ * @param *sid Pointer to the sid of the mapping to remove.
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *sid_string = NULL;
+
+ if (!sid) {
+ return WBC_ERR_INVALID_PARAM
[SCM] Samba Shared Repository - branch master updated - ce44a2032362c6160931663af67e2e2e663b0c63
The branch, master has been updated
via ce44a2032362c6160931663af67e2e2e663b0c63 (commit)
from 00c6271d5cbbfe808b81906d5be2b328e4f25b30 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit ce44a2032362c6160931663af67e2e2e663b0c63
Author: Steven Danneman [EMAIL PROTECTED]
Date: Mon Oct 27 23:36:36 2008 -0700
Clean-up various trailing space and 80 column lines.
---
Summary of changes:
source3/nsswitch/libwbclient/wbclient.c|2 +-
source3/nsswitch/libwbclient/wbclient.h|4 +-
source3/nsswitch/wb_common.c |2 +-
source3/nsswitch/wbinfo.c |8 ++--
source3/nsswitch/winbind_struct_protocol.h |2 +-
source3/winbindd/idmap_tdb.c | 49 +---
source3/winbindd/winbindd.c|2 +-
source3/winbindd/winbindd_sid.c|3 +-
8 files changed, 42 insertions(+), 30 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/nsswitch/libwbclient/wbclient.c
b/source3/nsswitch/libwbclient/wbclient.c
index bdde562..c0b7e06 100644
--- a/source3/nsswitch/libwbclient/wbclient.c
+++ b/source3/nsswitch/libwbclient/wbclient.c
@@ -59,7 +59,7 @@ wbcErr wbcRequestResponse(int cmd,
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
NSS_STATUS nss_status;
- /* for some calls the request and/or response cna be NULL */
+ /* for some calls the request and/or response can be NULL */
nss_status = winbindd_request_response(cmd, request, response);
diff --git a/source3/nsswitch/libwbclient/wbclient.h
b/source3/nsswitch/libwbclient/wbclient.h
index 9c3d199..639f7f3 100644
--- a/source3/nsswitch/libwbclient/wbclient.h
+++ b/source3/nsswitch/libwbclient/wbclient.h
@@ -361,7 +361,7 @@ struct wbcLogonUserInfo {
#define WBC_AUTH_USER_INFO_NOENCRYPTION0x0002
#define WBC_AUTH_USER_INFO_CACHED_ACCOUNT 0x0004
#define WBC_AUTH_USER_INFO_USED_LM_PASSWORD0x0008
-#define WBC_AUTH_USER_INFO_EXTRA_SIDS 0x0020
+#define WBC_AUTH_USER_INFO_EXTRA_SIDS 0x0020
#define WBC_AUTH_USER_INFO_SUBAUTH_SESSION_KEY 0x0040
#define WBC_AUTH_USER_INFO_SERVER_TRUST_ACCOUNT0x0080
#define WBC_AUTH_USER_INFO_NTLMV2_ENABLED 0x0100
@@ -388,7 +388,7 @@ struct wbcLogonUserInfo {
#define WBC_ACB_NOT_DELEGATED 0x4000 /* 1 Not delegated */
#define WBC_ACB_USE_DES_KEY_ONLY 0x8000 /* 1 Use DES key
only */
#define WBC_ACB_DONT_REQUIRE_PREAUTH 0x0001 /* 1 Preauth not
required */
-#define WBC_ACB_PW_EXPIRED 0x0002 /* 1 Password
Expired */
+#define WBC_ACB_PW_EXPIRED 0x0002 /* 1 Password
Expired */
#define WBC_ACB_NO_AUTH_DATA_REQD 0x0008 /* 1 = No
authorization data required */
struct wbcAuthErrorInfo {
diff --git a/source3/nsswitch/wb_common.c b/source3/nsswitch/wb_common.c
index 6e6d2bb..a164621 100644
--- a/source3/nsswitch/wb_common.c
+++ b/source3/nsswitch/wb_common.c
@@ -314,7 +314,7 @@ static int winbind_open_pipe_sock(int recursing, int
need_priv)
if ((need_priv != 0) (is_privileged == 0)) {
winbind_close_sock();
}
-
+
if (winbindd_fd != -1) {
return winbindd_fd;
}
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index d5eee7e..d14cfe9 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -75,7 +75,7 @@ static char winbind_separator_int(bool strict)
/* HACK: (this module should not call lp_ funtions) */
sep = *lp_winbind_separator();
}
-
+
return sep;
}
@@ -1604,7 +1604,7 @@ int main(int argc, char **argv, char **envp)
{ user-domgroups, 0, POPT_ARG_STRING, string_arg,
OPT_USERDOMGROUPS, Get user domain groups, SID },
{ user-sids, 0, POPT_ARG_STRING, string_arg, OPT_USERSIDS,
Get user group sids for user SID, SID },
- { authenticate, 'a', POPT_ARG_STRING, string_arg, 'a',
authenticate user, user%password },
+ { authenticate, 'a', POPT_ARG_STRING, string_arg, 'a',
authenticate user, user%password },
{ set-auth-user, 0, POPT_ARG_STRING, string_arg,
OPT_SET_AUTH_USER, Store user and password used by winbindd (root only),
user%password },
{ getdcname, 0, POPT_ARG_STRING, string_arg, OPT_GETDCNAME,
Get a DC name for a foreign domain, domainname },
@@ -1613,7 +1613,7 @@ int main(int argc, char **argv, char **envp)
{ ping, 'p', POPT_ARG_NONE, 0, 'p', Ping winbindd to see if
it is alive },
{ domain, 0, POPT_ARG_STRING
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-4440-gb72335f
The branch, v3-3-test has been updated
via b72335fc9771ec815f3a32b6e0d9f5fb9faebc18 (commit)
via 2ebab00716509617f1980beacee09c85b6b13b91 (commit)
via c32dff226aa08dcbd1961bcafa61c0fdff3ecebc (commit)
from 9f168f594e25857bd71bbc97dab25ae6d2884e95 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -
commit b72335fc9771ec815f3a32b6e0d9f5fb9faebc18
Author: Steven Danneman [EMAIL PROTECTED]
Date: Mon Oct 27 23:36:36 2008 -0700
[PATCH] Clean-up various trailing space and 80 column lines.
commit 2ebab00716509617f1980beacee09c85b6b13b91
Author: Steven Danneman [EMAIL PROTECTED]
Date: Mon Oct 27 23:37:55 2008 -0700
[PATCH] Added ability to remove id mappings in wbinfo and libwbclient.
The idmap_tdb backend already provides an interface to remove existing id
mappings. This commit plumbs that ability up through, winbindd,
libwbclient,
and wbinfo.
Added new winbindd command:
WINBINDD_REMOVE_MAPPING
Added new libwbclient interfaces:
wbcRemoveUidMapping() and wbcRemoveGidMapping()
Added new wbinfo options:
--remove-uid-mapping
--remove-gid-mapping
Increased libwbclient version to 0.2
Increased winbind interface version to 20
commit c32dff226aa08dcbd1961bcafa61c0fdff3ecebc
Author: Steven Danneman [EMAIL PROTECTED]
Date: Mon Oct 27 23:46:44 2008 -0700
[PATCH] Added ability to set id mappings in wbinfo.
The two new parameters are:
--set-uid-mapping
--set-gid-mapping
These allow wbinfo to create new, or override existing id mappings in the
idmap backend. These expose the exisiting ability of libwbclient
and winbindd to do this, up through a command line utility.
---
Summary of changes:
source/include/proto.h|1 +
source/nsswitch/libwbclient/wbc_idmap.c | 86 ++
source/nsswitch/libwbclient/wbclient.c|2 +-
source/nsswitch/libwbclient/wbclient.h| 13 ++-
source/nsswitch/wb_common.c |2 +-
source/nsswitch/wbinfo.c | 181 -
source/nsswitch/winbind_struct_protocol.h |8 +-
source/winbindd/idmap.c | 17 +++
source/winbindd/idmap_tdb.c | 63 +++
source/winbindd/winbindd.c|3 +-
source/winbindd/winbindd_idmap.c | 63 ++
source/winbindd/winbindd_proto.h |6 +
source/winbindd/winbindd_sid.c| 45 +++-
13 files changed, 456 insertions(+), 34 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/proto.h b/source/include/proto.h
index f93870d..a147ae5 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -10515,6 +10515,7 @@ NTSTATUS idmap_backends_sid_to_unixid(const char
*domname,
NTSTATUS idmap_new_mapping(const struct dom_sid *psid, enum id_type type,
struct unixid *pxid);
NTSTATUS idmap_set_mapping(const struct id_map *map);
+NTSTATUS idmap_remove_mapping(const struct id_map *map);
/* The following definitions come from winbindd/idmap_cache.c */
diff --git a/source/nsswitch/libwbclient/wbc_idmap.c
b/source/nsswitch/libwbclient/wbc_idmap.c
index 1615fd3..6652f67 100644
--- a/source/nsswitch/libwbclient/wbc_idmap.c
+++ b/source/nsswitch/libwbclient/wbc_idmap.c
@@ -362,6 +362,92 @@ wbcErr wbcSetGidMapping(gid_t gid, const struct
wbcDomainSid *sid)
return wbc_status;
}
+/** @brief Remove a user id mapping
+ *
+ * @param uid Uid of the mapping to remove.
+ * @param *sid Pointer to the sid of the mapping to remove.
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ char *sid_string = NULL;
+
+ if (!sid) {
+ return WBC_ERR_INVALID_PARAM;
+ }
+
+ /* Initialise request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ /* Make request */
+
+ request.data.dual_idmapset.id = uid;
+ request.data.dual_idmapset.type = _ID_TYPE_UID;
+
+ wbc_status = wbcSidToString(sid, sid_string);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ strncpy(request.data.dual_idmapset.sid, sid_string,
+ sizeof(request.data.dual_idmapset.sid)-1);
+ wbcFreeMemory(sid_string);
+
+ wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
+ request, response);
+ BAIL_ON_WBC_ERROR(wbc_status);
+
+ done:
+ return wbc_status;
+}
+
+/** @brief Remove a group id mapping
+ *
+ * @param gid Gid of the mapping to remove.
+ * @param *sid Pointer
