svn commit: samba r18004 - in branches/SAMBA_3_0/source/libads: .
Author: jra Date: 2006-09-02 06:28:48 + (Sat, 02 Sep 2006) New Revision: 18004 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18004 Log: If you're writing out a krb5.conf, at least get the syntax right... :-). Jeremy. Modified: branches/SAMBA_3_0/source/libads/kerberos.c Changeset: Modified: branches/SAMBA_3_0/source/libads/kerberos.c === --- branches/SAMBA_3_0/source/libads/kerberos.c 2006-09-02 05:55:47 UTC (rev 18003) +++ branches/SAMBA_3_0/source/libads/kerberos.c 2006-09-02 06:28:48 UTC (rev 18004) @@ -505,9 +505,9 @@ realm_upper = talloc_strdup(fname, realm); strupper_m(realm_upper); - file_contents = talloc_asprintf(fname, [libdefaults]\n\tdefault_realm = %s\n + file_contents = talloc_asprintf(fname, [libdefaults]\n\tdefault_realm = %s\n\n [realms]\n\t%s = {\n - \t\tkdc = %s\n]\n, + \t\tkdc = %s\n\t}\n, realm_upper, realm_upper, inet_ntoa(ip)); if (!file_contents) {
Re: svn commit: samba r17990 - in branches/SAMBA_4_0/source/librpc/rpc:.
On Fri, Sep 01, 2006 at 01:06:40PM +0200, Stefan (metze) Metzmacher wrote: Hi Tridge, /* + handle timeouts of a dcerpc connect +*/ +static void dcerpc_connect_timeout_handler(struct event_context *ev, struct timed_event *te, + struct timeval t, void *private) +{ + struct composite_context *c = talloc_get_type(private, struct composite_context); + DEBUG(0,(DCERPC CONNECT TIMEOUT\n)); + composite_error(c, NT_STATUS_IO_TIMEOUT); + composite_done(c); +} this is wrong, composite_error() already calls the callback and frees 'c' and composite_done() would use freed memory Though I sometimes think it would be more convenient to be able to first set the status code with composite_error() and then do something more, before calling the callback and freeing the composite context. cheers, -- Rafal Szczesniak Samba Team member http://www.samba.org signature.asc Description: Digital signature
svn commit: samba r18005 - in branches: SAMBA_3_0/source/libsmb SAMBA_3_0_23/source/libsmb
Author: vlendec Date: 2006-09-02 19:18:49 + (Sat, 02 Sep 2006) New Revision: 18005 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18005 Log: The ntlmssp fix is not correct yet, working on it Modified: branches/SAMBA_3_0/source/libsmb/ntlmssp.c branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/ntlmssp.c === --- branches/SAMBA_3_0/source/libsmb/ntlmssp.c 2006-09-02 06:28:48 UTC (rev 18004) +++ branches/SAMBA_3_0/source/libsmb/ntlmssp.c 2006-09-02 19:18:49 UTC (rev 18005) @@ -816,14 +816,13 @@ SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state-lm_resp.data, session_key.data); DEBUG(10,(ntlmssp_server_auth: Created NTLM session key.\n)); + dump_data_pw(LM session key:\n, session_key.data, session_key.length); } else { - static const uint8 zeros[24] = { 0, }; - SMBsesskeygen_lm_sess_key( - lm_session_key.data, zeros, - session_key.data); + /* use the key unmodified - it's +* probably a NULL key from the guest +* login */ + session_key = lm_session_key; } - dump_data_pw(LM session key:\n, session_key.data, -session_key.length); } else { DEBUG(10,(ntlmssp_server_auth: Failed to create NTLM session key.\n)); session_key = data_blob(NULL, 0); Modified: branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c === --- branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c 2006-09-02 06:28:48 UTC (rev 18004) +++ branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c 2006-09-02 19:18:49 UTC (rev 18005) @@ -749,14 +749,13 @@ SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state-lm_resp.data, session_key.data); DEBUG(10,(ntlmssp_server_auth: Created NTLM session key.\n)); + dump_data_pw(LM session key:\n, session_key.data, session_key.length); } else { - static const uint8 zeros[24] = { 0, }; - SMBsesskeygen_lm_sess_key( - lm_session_key.data, zeros, - session_key.data); + /* use the key unmodified - it's +* probably a NULL key from the guest +* login */ + session_key = lm_session_key; } - dump_data_pw(LM session key:\n, session_key.data, -session_key.length); } else { DEBUG(10,(ntlmssp_server_auth: Failed to create NTLM session key.\n)); session_key = data_blob(NULL, 0);
svn commit: samba r18006 - in branches/SAMBA_3_0/source: include libads libsmb
Author: jra Date: 2006-09-02 19:27:44 + (Sat, 02 Sep 2006) New Revision: 18006 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18006 Log: Actually a smaller change than it looks. Leverage the get_dc_list code to get the _kerberos. names for site support. This way we don't depend on one KDC to do ticket refresh. Even though we know it's up when we add it, it may go down when we're trying to refresh. Jeremy. Modified: branches/SAMBA_3_0/source/include/smb.h branches/SAMBA_3_0/source/libads/dns.c branches/SAMBA_3_0/source/libads/kerberos.c branches/SAMBA_3_0/source/libsmb/namecache.c branches/SAMBA_3_0/source/libsmb/namequery.c Changeset: Modified: branches/SAMBA_3_0/source/include/smb.h === --- branches/SAMBA_3_0/source/include/smb.h 2006-09-02 19:18:49 UTC (rev 18005) +++ branches/SAMBA_3_0/source/include/smb.h 2006-09-02 19:27:44 UTC (rev 18006) @@ -1789,6 +1789,9 @@ unsigned port; }; +/* Special name type used to cause a _kerberos DNS lookup. */ +#define KDC_NAME_TYPE 0xDCDC + /* Used by the SMB signing functions. */ typedef struct smb_sign_info { Modified: branches/SAMBA_3_0/source/libads/dns.c === --- branches/SAMBA_3_0/source/libads/dns.c 2006-09-02 19:18:49 UTC (rev 18005) +++ branches/SAMBA_3_0/source/libads/dns.c 2006-09-02 19:27:44 UTC (rev 18006) @@ -649,18 +649,20 @@ Query with optional sitename. / -NTSTATUS ads_dns_query_dcs_internal(TALLOC_CTX *ctx, - const char *domain, +NTSTATUS ads_dns_query_internal(TALLOC_CTX *ctx, + const char *servicename, + const char *realm, const char *sitename, struct dns_rr_srv **dclist, int *numdcs ) { char *name; if (sitename) { - name = talloc_asprintf(ctx, _ldap._tcp.%s._sites.dc._msdcs.%s, - sitename, domain ); + name = talloc_asprintf(ctx, %s._tcp.%s._sites.dc._msdcs.%s, + servicename, sitename, realm ); } else { - name = talloc_asprintf(ctx, _ldap._tcp.dc._msdcs.%s, domain ); + name = talloc_asprintf(ctx, %s._tcp.dc._msdcs.%s, + servicename, realm ); } if (!name) { return NT_STATUS_NO_MEMORY; @@ -673,18 +675,45 @@ / NTSTATUS ads_dns_query_dcs(TALLOC_CTX *ctx, - const char *domain, + const char *realm, struct dns_rr_srv **dclist, int *numdcs ) { NTSTATUS status; char *sitename = sitename_fetch(); - status = ads_dns_query_dcs_internal(ctx, domain, sitename, dclist, numdcs); + status = ads_dns_query_internal(ctx, _ldap, realm, sitename, + dclist, numdcs); if (sitename !NT_STATUS_IS_OK(status)) { /* Sitename DNS query may have failed. Try without. */ - status = ads_dns_query_dcs_internal(ctx, domain, NULL, dclist, numdcs); + status = ads_dns_query_internal(ctx, _ldap, realm, NULL, + dclist, numdcs); } SAFE_FREE(sitename); return status; } + +/ + Query for AD KDC's. Transparently use sitename. + Even if our underlying kerberos libraries are UDP only, this + is pretty safe as it's unlikely that a KDC supports TCP and not UDP. +/ + +NTSTATUS ads_dns_query_kdcs(TALLOC_CTX *ctx, + const char *realm, + struct dns_rr_srv **dclist, + int *numdcs ) +{ + NTSTATUS status; + char *sitename = sitename_fetch(); + + status = ads_dns_query_internal(ctx, _kerberos, realm, sitename, + dclist, numdcs); + if (sitename !NT_STATUS_IS_OK(status)) { + /* Sitename DNS query may have failed. Try without. */ + status = ads_dns_query_internal(ctx, _kerberos, realm, NULL, + dclist, numdcs); + } + SAFE_FREE(sitename); + return status; +} Modified: branches/SAMBA_3_0/source/libads/kerberos.c === --- branches/SAMBA_3_0/source/libads/kerberos.c 2006-09-02 19:18:49 UTC (rev 18005) +++ branches/SAMBA_3_0/source/libads/kerberos.c 2006-09-02 19:27:44 UTC (rev
svn commit: samba r18007 - in branches/SAMBA_3_0/source/libsmb: .
Author: jra Date: 2006-09-02 20:17:05 + (Sat, 02 Sep 2006) New Revision: 18007 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18007 Log: Ensure we don't namecache KDC entries with port 88 as a generic DC (that should be the LDAP port). Jeremy. Modified: branches/SAMBA_3_0/source/libsmb/namequery.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/namequery.c === --- branches/SAMBA_3_0/source/libsmb/namequery.c2006-09-02 19:27:44 UTC (rev 18006) +++ branches/SAMBA_3_0/source/libsmb/namequery.c2006-09-02 20:17:05 UTC (rev 18007) @@ -1197,6 +1197,8 @@ SRV record lookup */ if (resolve_ads(name, KDC_NAME_TYPE, return_iplist, return_count)) { result = True; + /* Ensure we don't namecache this with the KDC port. */ + name_type = KDC_NAME_TYPE; goto done; } } else if(strequal( tok, ads)) {
svn commit: samba r18008 - in branches: SAMBA_3_0/source/libsmb SAMBA_3_0_23/source/libsmb
Author: vlendec Date: 2006-09-02 21:41:28 + (Sat, 02 Sep 2006) New Revision: 18008 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18008 Log: Ok, same fix as before. But this time also allocate the session key. This had worked in one test, no idea what memory I've overwritten that time. This time it survives the unpatched w2k password change. Volker Modified: branches/SAMBA_3_0/source/libsmb/ntlmssp.c branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/ntlmssp.c === --- branches/SAMBA_3_0/source/libsmb/ntlmssp.c 2006-09-02 20:17:05 UTC (rev 18007) +++ branches/SAMBA_3_0/source/libsmb/ntlmssp.c 2006-09-02 21:41:28 UTC (rev 18008) @@ -813,16 +813,25 @@ if (lm_session_key.data lm_session_key.length = 8) { if (ntlmssp_state-lm_resp.data ntlmssp_state-lm_resp.length == 24) { session_key = data_blob_talloc(ntlmssp_state-mem_ctx, NULL, 16); + if (session_key.data == NULL) { + return NT_STATUS_NO_MEMORY; + } SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state-lm_resp.data, session_key.data); DEBUG(10,(ntlmssp_server_auth: Created NTLM session key.\n)); - dump_data_pw(LM session key:\n, session_key.data, session_key.length); } else { - /* use the key unmodified - it's -* probably a NULL key from the guest -* login */ - session_key = lm_session_key; + static const uint8 zeros[24] = { 0, }; + session_key = data_blob_talloc( + ntlmssp_state-mem_ctx, NULL, 16); + if (session_key.data == NULL) { + return NT_STATUS_NO_MEMORY; + } + SMBsesskeygen_lm_sess_key( + lm_session_key.data, zeros, + session_key.data); } + dump_data_pw(LM session key:\n, session_key.data, +session_key.length); } else { DEBUG(10,(ntlmssp_server_auth: Failed to create NTLM session key.\n)); session_key = data_blob(NULL, 0); Modified: branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c === --- branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c 2006-09-02 20:17:05 UTC (rev 18007) +++ branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c 2006-09-02 21:41:28 UTC (rev 18008) @@ -746,16 +746,25 @@ if (lm_session_key.data lm_session_key.length = 8) { if (ntlmssp_state-lm_resp.data ntlmssp_state-lm_resp.length == 24) { session_key = data_blob_talloc(ntlmssp_state-mem_ctx, NULL, 16); + if (session_key.data == NULL) { + return NT_STATUS_NO_MEMORY; + } SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state-lm_resp.data, session_key.data); DEBUG(10,(ntlmssp_server_auth: Created NTLM session key.\n)); - dump_data_pw(LM session key:\n, session_key.data, session_key.length); } else { - /* use the key unmodified - it's -* probably a NULL key from the guest -* login */ - session_key = lm_session_key; + static const uint8 zeros[24] = { 0, }; + session_key = data_blob_talloc( + ntlmssp_state-mem_ctx, NULL, 16); + if (session_key.data == NULL) { + return NT_STATUS_NO_MEMORY; + } + SMBsesskeygen_lm_sess_key( + lm_session_key.data, zeros, + session_key.data); } + dump_data_pw(LM session key:\n, session_key.data, +session_key.length); } else {
svn commit: samba r18009 - in branches/SAMBA_3_0: examples/libsmbclient source/include source/lib source/libsmb
Author: derrell Date: 2006-09-02 21:47:56 + (Sat, 02 Sep 2006) New Revision: 18009 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18009 Log: Fixes bug 4026. This completes the work Jeremy began last week, disambiguating the meaning of c_time. (In POSIX terminology, c_time means status Change time, not create time.) All uses of c_time, a_time and m_time have now been replaced with change_time, access_time, and write_time, and when creation time is intended, create_time is used. Additionally, the capability of setting and retrieving the create time have been added to the smbc_setxattr() and smbc_getxattr() functions. An example of setting all four times can be seen with the program examples/libsmbclient/testacl with the following command line similar to: testacl -f -S system.*:CREATE_TIME:10,ACCESS_TIME:100060,WRITE_TIME:100120,CHANGE_TIME:100180 'smb://server/share/testfile.txt' The -f option turns on the new mode which uses full time names in the attribute specification (e.g. ACCESS_TIME vs A_TIME). Modified: branches/SAMBA_3_0/examples/libsmbclient/testacl.c branches/SAMBA_3_0/source/include/libsmb_internal.h branches/SAMBA_3_0/source/lib/time.c branches/SAMBA_3_0/source/libsmb/clifile.c branches/SAMBA_3_0/source/libsmb/clirap.c branches/SAMBA_3_0/source/libsmb/libsmbclient.c Changeset: Sorry, the patch is too large (1259 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18009
svn commit: samba r18010 - in branches/SAMBA_3_0/source: libads nsswitch
Author: jra Date: 2006-09-02 23:06:21 + (Sat, 02 Sep 2006) New Revision: 18010 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18010 Log: Ensure we don't timeout twice to the same server in winbindd when it's down and listed in the -ve connection cache. Fix memory leak, reduce timeout for cldap calls - minimum 3 secs. Jeremy. Modified: branches/SAMBA_3_0/source/libads/cldap.c branches/SAMBA_3_0/source/libads/kerberos.c branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c Changeset: Modified: branches/SAMBA_3_0/source/libads/cldap.c === --- branches/SAMBA_3_0/source/libads/cldap.c2006-09-02 21:47:56 UTC (rev 18009) +++ branches/SAMBA_3_0/source/libads/cldap.c2006-09-02 23:06:21 UTC (rev 18010) @@ -188,6 +188,8 @@ DATA_BLOB blob; DATA_BLOB os1, os2, os3; int i1; + /* half the time of a regular ldap timeout, not less than 3 seconds. */ + unsigned int al_secs = MAX(3,lp_ldap_timeout()/2); char *p; blob = data_blob(NULL, 8192); @@ -200,7 +202,7 @@ /* Setup timeout */ gotalarm = 0; CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig); - alarm(lp_ldap_timeout()); + alarm(al_secs); /* End setup timeout. */ ret = read(sock, blob.data, blob.length); Modified: branches/SAMBA_3_0/source/libads/kerberos.c === --- branches/SAMBA_3_0/source/libads/kerberos.c 2006-09-02 21:47:56 UTC (rev 18009) +++ branches/SAMBA_3_0/source/libads/kerberos.c 2006-09-02 23:06:21 UTC (rev 18010) @@ -494,10 +494,13 @@ kdc_str = talloc_asprintf(mem_ctx, %s\tkdc = %s\n, kdc_str, inet_ntoa(ip_srv[i].ip)); if (!kdc_str) { + SAFE_FREE(ip_srv); return NULL; } } + SAFE_FREE(ip_srv); + DEBUG(10,(get_kdc_ip_string: Returning %s\n, kdc_str )); Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c === --- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2006-09-02 21:47:56 UTC (rev 18009) +++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2006-09-02 23:06:21 UTC (rev 18010) @@ -791,17 +791,22 @@ char *saf_servername = saf_fetch( domain-name ); int retries; - if ((mem_ctx = talloc_init(cm_open_connection)) == NULL) + if ((mem_ctx = talloc_init(cm_open_connection)) == NULL) { + SAFE_FREE(saf_servername); return NT_STATUS_NO_MEMORY; + } /* we have to check the server affinity cache here since later we selecte a DC based on response time and not preference */ - if ( saf_servername ) - { + /* Check the negative connection cache + before talking to it. It going down may have + triggered the reconnection. */ + + if ( saf_servername NT_STATUS_IS_OK(check_negative_conn_cache( domain-name, saf_servername))) { + /* convert an ip address to a name */ - if ( is_ipaddress( saf_servername ) ) - { + if ( is_ipaddress( saf_servername ) ) { fstring saf_name; struct in_addr ip; @@ -814,9 +819,7 @@ domain-name, saf_servername, NT_STATUS_UNSUCCESSFUL); } - } - else - { + } else { fstrcpy( domain-dcname, saf_servername ); }
Build status as of Sun Sep 3 00:00:02 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-09-02 00:00:04.0 + +++ /home/build/master/cache/broken_results.txt 2006-09-03 00:00:19.0 + @@ -1,19 +1,19 @@ -Build status as of Sat Sep 2 00:00:02 2006 +Build status as of Sun Sep 3 00:00:02 2006 Build counts: Tree Total Broken Panic SOC 0 0 0 ccache 25 4 0 -distcc 25 2 0 +distcc 27 2 0 ldb 28 5 0 lorikeet-heimdal 0 0 0 ppp 17 0 0 rsync30 3 0 samba0 0 0 samba-docs 0 0 0 -samba4 38 21 2 -samba_3_035 4 0 +samba4 38 22 1 +samba_3_035 5 0 smb-build25 0 0 talloc 32 4 0 -tdb 30 3 0 +tdb 30 4 0
svn commit: samba r18011 - in branches/SAMBA_3_0: examples/libsmbclient source/libsmb
Author: derrell Date: 2006-09-03 00:50:34 + (Sun, 03 Sep 2006) New Revision: 18011 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18011 Log: Should fix bug 3835. Jeremy: requires your eyes... If the remote connection timed out while cli_list() was retrieving its list of files, the error was not returned to the user, e.g. via smbc_opendir(), so the user didn't have a way to know to set the timeout longer and try again. This problem would occur when a very large directory is being read with a too-small timeout on the cli. Jeremy, although there were a couple of areas that needed to be handled, I needed to make one change that you should bless, in libsmb/clientgen.c. It was setting cli-smb_rw_error = smb_read_error; but smb_read_error is zero, so this had no effect. I'm now doing cli-smb_rw_error = READ_TIMEOUT; instead, and according to the OP, these (cumulative) changes (in a slightly different form) solve the problem. Please confirm this smb_rw_error change will have no other adverse effects that you can see. Derrell Modified: branches/SAMBA_3_0/examples/libsmbclient/Makefile branches/SAMBA_3_0/source/libsmb/clientgen.c branches/SAMBA_3_0/source/libsmb/clilist.c branches/SAMBA_3_0/source/libsmb/libsmbclient.c Changeset: Modified: branches/SAMBA_3_0/examples/libsmbclient/Makefile === --- branches/SAMBA_3_0/examples/libsmbclient/Makefile 2006-09-02 23:06:21 UTC (rev 18010) +++ branches/SAMBA_3_0/examples/libsmbclient/Makefile 2006-09-03 00:50:34 UTC (rev 18011) @@ -6,10 +6,12 @@ -I/usr/include/glib-1.2 \ -I/usr/lib/glib/include + DEFS = -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE CFLAGS = -O0 -g -I$(SAMBA_INCL) $(EXTLIB_INCL) $(DEFS) LDFLAGS = -L/usr/local/samba/lib +LIBSMBCLIENT = /usr/local/samba/lib/libsmbclient.so TESTS= testsmbc \ tree \ @@ -26,43 +28,43 @@ testsmbc: testsmbc.o @echo Linking testsmbc - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $ -lsmbclient + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $ $(LIBSMBCLIENT) tree: tree.o @echo Linking tree - @$(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ `gtk-config --libs` -lsmbclient $ + @$(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ `gtk-config --libs` $(LIBSMBCLIENT) $ testacl: testacl.o @echo Linking testacl - @$(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ `gtk-config --libs` -lsmbclient -lpopt $ + @$(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ `gtk-config --libs` $(LIBSMBCLIENT) -lpopt $ testbrowse: testbrowse.o @echo Linking testbrowse - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -lsmbclient -lpopt $ + @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $ testbrowse2: testbrowse2.o @echo Linking testbrowse2 - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -lsmbclient -lpopt $ + @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $ teststat: teststat.o @echo Linking teststat - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ /usr/local/samba/lib/libsmbclient.so -lpopt $ + @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $ teststat2: teststat2.o @echo Linking teststat2 - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ /usr/local/samba/lib/libsmbclient.so -lpopt $ + @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $ testchmod: testchmod.o @echo Linking testchmod - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ /usr/local/samba/lib/libsmbclient.so -lpopt $ + @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $ testutime: testutime.o @echo Linking testutime - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ /usr/local/samba/lib/libsmbclient.so -lpopt $ + @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $ testread: testread.o @echo Linking testread - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ /usr/local/samba/lib/libsmbclient.so -lpopt $ + @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $ smbsh: make -C smbwrapper Modified: branches/SAMBA_3_0/source/libsmb/clientgen.c === --- branches/SAMBA_3_0/source/libsmb/clientgen.c2006-09-02 23:06:21 UTC (rev 18010) +++ branches/SAMBA_3_0/source/libsmb/clientgen.c2006-09-03 00:50:34 UTC (rev 18011) @@ -79,7 +79,6 @@ BOOL cli_receive_smb(struct cli_state *cli) { - extern int smb_read_error; BOOL ret; /* fd == -1 causes segfaults -- Tom ([EMAIL PROTECTED]) */ @@ -107,9 +106,9 @@ } /* If the server is not responding, note that now */ - if (!ret) { - cli-smb_rw_error = smb_read_error; +DEBUG(0, (Receiving SMB: Server stopped responding\n)); + cli-smb_rw_error = READ_TIMEOUT; close(cli-fd); cli-fd
Re: svn commit: samba r18011 - in branches/SAMBA_3_0: examples/libsmbclient source/libsmb
On Sun, Sep 03, 2006 at 12:50:36AM +, [EMAIL PROTECTED] wrote: Jeremy: requires your eyes... If the remote connection timed out while cli_list() was retrieving its list of files, the error was not returned to the user, e.g. via smbc_opendir(), so the user didn't have a way to know to set the timeout longer and try again. This problem would occur when a very large directory is being read with a too-small timeout on the cli. Jeremy, although there were a couple of areas that needed to be handled, I needed to make one change that you should bless, in libsmb/clientgen.c. It was setting cli-smb_rw_error = smb_read_error; but smb_read_error is zero, so this had no effect. I'm now doing cli-smb_rw_error = READ_TIMEOUT; instead, and according to the OP, these (cumulative) changes (in a slightly different form) solve the problem. Please confirm this smb_rw_error change will have no other adverse effects that you can see. The change shouldn't have any adverse effects, but what I'm curious about is why 'smb_read_error' was zero at that point ? All paths through that code should end up setting 'smb_read_error' nonzero on error or timeout. Did you reproduce this ? Is so, set the debugger to break on read_socket_with_timeout() and walk through the function. Tell me how it exits on timeout with smb_read_error == 0. That's where the real bug is. The patch you added may just be a band-aid on this. Jeremy.
svn commit: samba r18012 - in branches/SAMBA_3_0: examples/libsmbclient source/libsmb
Author: derrell Date: 2006-09-03 01:37:26 + (Sun, 03 Sep 2006) New Revision: 18012 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18012 Log: Should fix bug 4018. NetApp filers expect paths in Open AndX Request to have a leading slash. Windows clients send the leading slash, so we should too. Modified: branches/SAMBA_3_0/examples/libsmbclient/testread.c branches/SAMBA_3_0/source/libsmb/libsmbclient.c Changeset: Modified: branches/SAMBA_3_0/examples/libsmbclient/testread.c === --- branches/SAMBA_3_0/examples/libsmbclient/testread.c 2006-09-03 00:50:34 UTC (rev 18011) +++ branches/SAMBA_3_0/examples/libsmbclient/testread.c 2006-09-03 01:37:26 UTC (rev 18012) @@ -55,6 +55,7 @@ { ret = smbc_read(fd, buffer, sizeof(buffer)); savedErrno = errno; +if (ret 0) fwrite(buffer, 1, ret, stdout); } while (ret 0); smbc_close(fd); Modified: branches/SAMBA_3_0/source/libsmb/libsmbclient.c === --- branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-09-03 00:50:34 UTC (rev 18011) +++ branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-09-03 01:37:26 UTC (rev 18012) @@ -414,7 +414,15 @@ } -safe_strcpy(path, p, path_len - 1); +/* + * Prepend a leading slash if there's a file path, as required by + * NetApp filers. + */ +*path = '\0'; +if (*p != '\0') { +*path = '/'; +safe_strcpy(path + 1, p, path_len - 2); +} all_string_sub(path, /, \\, 0);
svn commit: samba r18013 - in branches/SAMBA_3_0/source: include libsmb
Author: derrell Date: 2006-09-03 02:10:24 + (Sun, 03 Sep 2006) New Revision: 18013 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18013 Log: Fix for bug (enhancement) 3684. Provide a new option to specify the share mode to be used when opening a file. Modified: branches/SAMBA_3_0/source/include/libsmb_internal.h branches/SAMBA_3_0/source/include/libsmbclient.h branches/SAMBA_3_0/source/libsmb/libsmbclient.c Changeset: Modified: branches/SAMBA_3_0/source/include/libsmb_internal.h === --- branches/SAMBA_3_0/source/include/libsmb_internal.h 2006-09-03 01:37:26 UTC (rev 18012) +++ branches/SAMBA_3_0/source/include/libsmb_internal.h 2006-09-03 02:10:24 UTC (rev 18013) @@ -90,6 +90,12 @@ BOOL _full_time_names; /* + * The share mode of a file being opened. To match POSIX semantics + * (and maintain backward compatibility), DENY_NONE is the default. + */ + smbc_share_mode _share_mode; + +/* * Authentication function which includes the context. This will be * used if set; otherwise context-callbacks.auth_fn() will be used. */ Modified: branches/SAMBA_3_0/source/include/libsmbclient.h === --- branches/SAMBA_3_0/source/include/libsmbclient.h2006-09-03 01:37:26 UTC (rev 18012) +++ branches/SAMBA_3_0/source/include/libsmbclient.h2006-09-03 02:10:24 UTC (rev 18013) @@ -141,7 +141,21 @@ #define SMBC_DOS_MODE_DIRECTORY 0x10 #define SMBC_DOS_MODE_ARCHIVE0x20 +/* + * Valid values for the option open_share_mode, when calling + * smbc_option_set() + */ +typedef enum smbc_share_mode +{ +SMBC_SHAREMODE_DENY_DOS = 0, +SMBC_SHAREMODE_DENY_ALL = 1, +SMBC_SHAREMODE_DENY_WRITE = 2, +SMBC_SHAREMODE_DENY_READ= 3, +SMBC_SHAREMODE_DENY_NONE= 4, +SMBC_SHAREMODE_DENY_FCB = 7 +} smbc_share_mode; + #ifndef ENOATTR # define ENOATTR ENOENT/* No such attribute */ #endif Modified: branches/SAMBA_3_0/source/libsmb/libsmbclient.c === --- branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-09-03 01:37:26 UTC (rev 18012) +++ branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-09-03 02:10:24 UTC (rev 18013) @@ -1120,7 +1120,8 @@ cli_dfs_make_full_path( targetpath, targetcli-desthost, targetcli-share, temppath); } - if ((fd = cli_open(targetcli, targetpath, flags, DENY_NONE)) 0) { + if ((fd = cli_open(targetcli, targetpath, flags, + context-internal-_share_mode)) 0) { /* Handle the error ... */ @@ -6166,6 +6167,8 @@ context-options.browse_max_lmb_count = 3;/* # LMBs to query */ context-options.urlencode_readdir_entries = False;/* backward compat */ context-options.one_share_per_server = False;/* backward compat */ +context-internal-_share_mode = SMBC_SHAREMODE_DENY_NONE; +/* backward compat */ context-open = smbc_open_ctx; context-creat = smbc_creat_ctx; @@ -6301,6 +6304,7 @@ { va_list ap; union { +int i; BOOL b; smbc_get_auth_data_with_context_fn auth_fn; void *v; @@ -6327,6 +6331,15 @@ option_value.b = (BOOL) va_arg(ap, int); context-internal-_full_time_names = option_value.b; +} else if (strcmp(option_name, open_share_mode) == 0) { +/* + * The share mode to use for files opened with + * smbc_open_ctx(). The default is SMBC_SHAREMODE_DENY_NONE. + */ +option_value.i = va_arg(ap, int); +context-internal-_share_mode = +(smbc_share_mode) option_value.i; + } else if (strcmp(option_name, auth_function) == 0) { /* * Use the new-style authentication function which includes
Re: svn commit: samba r18011 - in branches/SAMBA_3_0: examples/libsmbclient source/libsmb
Jeremy Allison [EMAIL PROTECTED] writes: On Sun, Sep 03, 2006 at 12:50:36AM +, [EMAIL PROTECTED] wrote: Please confirm this smb_rw_error change will have no other adverse effects that you can see. The change shouldn't have any adverse effects, but what I'm curious about is why 'smb_read_error' was zero at that point ? All paths through that code should end up setting 'smb_read_error' nonzero on error or timeout. I may, have inferred a non-truth. I'll set that back to smb_read_error and have Henrik test it with the other, clearly-required fixes in this patch and see what happens. He has an environment set up that seems to easily reproduce the problem, so we'll know quickly. Thanks! Derrell
svn commit: samba r18014 - in branches/SAMBA_3_0/source/libsmb: .
Author: derrell Date: 2006-09-03 02:28:22 + (Sun, 03 Sep 2006) New Revision: 18014 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18014 Log: revert a possibly unnecessary change Modified: branches/SAMBA_3_0/source/libsmb/clientgen.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/clientgen.c === --- branches/SAMBA_3_0/source/libsmb/clientgen.c2006-09-03 02:10:24 UTC (rev 18013) +++ branches/SAMBA_3_0/source/libsmb/clientgen.c2006-09-03 02:28:22 UTC (rev 18014) @@ -79,6 +79,7 @@ BOOL cli_receive_smb(struct cli_state *cli) { + extern int smb_read_error; BOOL ret; /* fd == -1 causes segfaults -- Tom ([EMAIL PROTECTED]) */ @@ -108,7 +109,7 @@ /* If the server is not responding, note that now */ if (!ret) { DEBUG(0, (Receiving SMB: Server stopped responding\n)); - cli-smb_rw_error = READ_TIMEOUT; + cli-smb_rw_error = smb_read_error; close(cli-fd); cli-fd = -1; return ret;
svn commit: samba r18015 - in branches/SAMBA_3_0/source: libads nsswitch
Author: jra Date: 2006-09-03 03:46:07 + (Sun, 03 Sep 2006) New Revision: 18015 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18015 Log: Try and detect network failures immediately in set_dc_type_and_flags(). Fix problem when DC is down in ads_connect, where we fall back to NetBIOS and try exactly the same IP addresses we just put in the negative connection cache We can never succeed, so don't try lookups a second time. Jeremy. Modified: branches/SAMBA_3_0/source/libads/ldap.c branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c Changeset: Modified: branches/SAMBA_3_0/source/libads/ldap.c === --- branches/SAMBA_3_0/source/libads/ldap.c 2006-09-03 02:28:22 UTC (rev 18014) +++ branches/SAMBA_3_0/source/libads/ldap.c 2006-09-03 03:46:07 UTC (rev 18015) @@ -286,6 +286,26 @@ if ( !NT_STATUS_IS_OK(check_negative_conn_cache(realm, server)) ) continue; + + if (!got_realm) { + /* realm in this case is a workgroup name. We need + to ignore any IP addresses in the negative connection + cache that match ip addresses returned in the ad realm + case. It sucks that I have to reproduce the logic above... */ + c_realm = ads-server.realm; + if ( !c_realm || !*c_realm ) { + if ( !ads-server.workgroup || !*ads-server.workgroup ) { + c_realm = lp_realm(); + } + } + if (c_realm *c_realm + !NT_STATUS_IS_OK(check_negative_conn_cache(c_realm, server))) { + /* Ensure we add the workgroup name for this + IP address as negative too. */ + add_failed_connection_entry( realm, server, NT_STATUS_UNSUCCESSFUL ); + continue; + } + } if ( ads_try_connect(ads, server) ) { SAFE_FREE(ip_list); Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c === --- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2006-09-03 02:28:22 UTC (rev 18014) +++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2006-09-03 03:46:07 UTC (rev 18015) @@ -594,7 +594,7 @@ /* For active directory servers, try to get the ldap server name. None of these failures should be considered critical for now */ - if ( lp_security() == SEC_ADS ) { + if (lp_security() == SEC_ADS) { ADS_STRUCT *ads; ads = ads_init(realm, domainname, NULL); @@ -976,10 +976,11 @@ TALLOC_CTX *mem_ctx = NULL; struct rpc_pipe_client *cli; POLICY_HND pol; - + char *domain_name = NULL; char *dns_name = NULL; DOM_SID *dom_sid = NULL; + int try_count = 0; ZERO_STRUCT( ctr ); @@ -991,8 +992,10 @@ return; } + try_again: + result = init_dc_connection(domain); - if (!NT_STATUS_IS_OK(result)) { + if (!NT_STATUS_IS_OK(result) || try_count 2) { DEBUG(5, (set_dc_type_and_flags: Could not open a connection to %s: (%s)\n, domain-name, nt_errstr(result))); domain-initialized = True; @@ -1007,7 +1010,9 @@ PI_LSARPC_DS on domain %s: (%s)\n, domain-name, nt_errstr(result))); domain-initialized = True; - return; + /* We want to detect network failures asap to try another dc. */ + try_count++; + goto try_again; } result = rpccli_ds_getprimarydominfo(cli, cli-cli-mem_ctx, @@ -1028,7 +1033,9 @@ if (cli == NULL) { domain-initialized = True; - return; + /* We want to detect network failures asap to try another dc. */ + try_count++; + goto try_again; } mem_ctx = talloc_init(set_dc_type_and_flags on domain %s\n,