[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bed281d s3: Remove the unused file_existed parameter from
smbd_calculate_access_mask
via c01f02a s3: Avoid file_existed in
smbd_calculate_maximum_allowed_access
via 49a5202 s3: Remove some else{} branches in
smbd_calculate_maximum_allowed_access
via 8cadd19 s3: Directly use *p_access_mask in
smbd_calculate_maximum_allowed_access
via a5a4b58 s3: Factor out smbd_calculate_maximum_allowed_access
from f66ef5c upgradeprovision: do not hold references to messageElements
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bed281dad774cfe3c828552740de70072b4901b5
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 16 18:56:40 2011 +0100
s3: Remove the unused file_existed parameter from
smbd_calculate_access_mask
Autobuild-User: Volker Lendecke vlen...@samba.org
Autobuild-Date: Tue Jan 3 15:16:50 CET 2012 on sn-devel-104
commit c01f02a4b97de453a0db7feb3c2d323f05fac7f6
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 16 18:51:19 2011 +0100
s3: Avoid file_existed in smbd_calculate_maximum_allowed_access
We access the file by name anyway, so we can just try to access it. The file
system will for sure tell us if the file does not exist.
commit 49a520217ceb04cbd4278a3bce7cb1f8dd04b018
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 16 18:47:03 2011 +0100
s3: Remove some else{} branches in smbd_calculate_maximum_allowed_access
commit 8cadd19a91cc4cded493b9ba5dec821f93dcfb54
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 16 18:45:14 2011 +0100
s3: Directly use *p_access_mask in smbd_calculate_maximum_allowed_access
commit a5a4b581b7b428621da5477994f0413443fa6bcb
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 16 18:42:30 2011 +0100
s3: Factor out smbd_calculate_maximum_allowed_access
---
Summary of changes:
source3/smbd/fake_file.c |1 -
source3/smbd/globals.h |1 -
source3/smbd/open.c| 105 ++--
source3/smbd/smb2_create.c |5 --
4 files changed, 62 insertions(+), 50 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/fake_file.c b/source3/smbd/fake_file.c
index 2b31ba5..95f6f93 100644
--- a/source3/smbd/fake_file.c
+++ b/source3/smbd/fake_file.c
@@ -130,7 +130,6 @@ NTSTATUS open_fake_file(struct smb_request *req,
connection_struct *conn,
NTSTATUS status;
status = smbd_calculate_access_mask(conn, smb_fname,
- false, /* fake files do not exist */
access_mask, access_mask);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, (open_fake_file: smbd_calculate_access_mask
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 02527e7..631298b 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -214,7 +214,6 @@ bool smbd_dirptr_lanman2_entry(TALLOC_CTX *ctx,
NTSTATUS smbd_calculate_access_mask(connection_struct *conn,
const struct smb_filename *smb_fname,
- bool file_existed,
uint32_t access_mask,
uint32_t *access_mask_out);
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 587093a..dbc4dba 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -1476,9 +1476,64 @@ static void schedule_defer_open(struct share_mode_lock
*lck,
Work out what access_mask to use from what the client sent us.
/
+static NTSTATUS smbd_calculate_maximum_allowed_access(
+ connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ uint32_t *p_access_mask)
+{
+ struct security_descriptor *sd;
+ uint32_t access_granted;
+ NTSTATUS status;
+
+ if (get_current_uid(conn) == (uid_t)0) {
+ *p_access_mask |= FILE_GENERIC_ALL;
+ return NT_STATUS_OK;
+ }
+
+ status = SMB_VFS_GET_NT_ACL(conn, smb_fname-base_name,
+ (SECINFO_OWNER |
+SECINFO_GROUP |
+SECINFO_DACL),sd);
+
+ if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
+ /*
+* File did not exist
+*/
+ *p_access_mask = FILE_GENERIC_ALL;
+ return NT_STATUS_OK;
+ }
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10,(smbd_calculate_access_mask:
+ Could not get acl on file %s: %s\n,
+ smb_fname_str_dbg(smb_fname),
+ nt_errstr(status)));
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via cd3a935 s3: Fix a cutpaste error
via 0923e7f s3: Fix a typo
from bed281d s3: Remove the unused file_existed parameter from
smbd_calculate_access_mask
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit cd3a935d0e170cf82ac16ee99affab4950fe0b72
Author: Volker Lendecke v...@samba.org
Date: Tue Jan 3 15:20:09 2012 +0100
s3: Fix a cutpaste error
Autobuild-User: Volker Lendecke vlen...@samba.org
Autobuild-Date: Tue Jan 3 16:57:44 CET 2012 on sn-devel-104
commit 0923e7fa39f18a9717230d82c4f3488391e7e961
Author: Volker Lendecke v...@samba.org
Date: Tue Jan 3 15:13:48 2012 +0100
s3: Fix a typo
---
Summary of changes:
source3/torture/torture.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 9e16bac..619f92d 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -3778,7 +3778,7 @@ static bool run_oplock4(int dummy)
ev = tevent_context_init(talloc_tos());
if (ev == NULL) {
- printf(tevent_req_create failed\n);
+ printf(tevent_context_init failed\n);
return false;
}
@@ -3802,7 +3802,7 @@ static bool run_oplock4(int dummy)
open_req = cli_openx_send(
talloc_tos(), ev, cli2, fname_ln, O_RDWR, DENY_NONE);
- if (oplock_req == NULL) {
+ if (open_req == NULL) {
printf(cli_openx_send failed\n);
return false;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 909056a s3-cli: fix bug 563, 8GB tar on BE machines
from cd3a935 s3: Fix a cutpaste error
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 909056a2daacd961b40158b86bc117650a897054
Author: Masafumi Nakayama mas...@jp.ibm.com
Date: Wed Nov 2 10:35:19 2011 +0100
s3-cli: fix bug 563, 8GB tar on BE machines
Borrows on existing patches proposed by Craig Barratt and Brad Ellis.
Signed-off-by: David Disseldorp dd...@suse.de
Autobuild-User: David Disseldorp dd...@samba.org
Autobuild-Date: Tue Jan 3 18:31:28 CET 2012 on sn-devel-104
---
Summary of changes:
source3/client/clitar.c | 22 +-
1 files changed, 17 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/client/clitar.c b/source3/client/clitar.c
index 5943926..bf18e54 100644
--- a/source3/client/clitar.c
+++ b/source3/client/clitar.c
@@ -188,8 +188,10 @@ static void writetarheader(int f, const char *aname,
uint64_t size, time_t mtime
memset(hb.dbuf.size, 0, 4);
hb.dbuf.size[0]=128;
- for (i = 8, jp=(char*)size; i; i--)
- hb.dbuf.size[i+3] = *(jp++);
+ for (i = 8; i; i--) {
+ hb.dbuf.size[i+3] = size 0xff;
+ size = 8;
+ }
}
oct_it((uint64_t) mtime, 13, hb.dbuf.mtime);
memcpy(hb.dbuf.chksum, , sizeof(hb.dbuf.chksum));
@@ -291,7 +293,17 @@ of link other than a GNUtar Longlink - ignoring\n));
finfo-mtime_ts = finfo-ctime_ts =
convert_time_t_to_timespec((time_t)strtol(hb-dbuf.mtime, NULL,
8));
finfo-atime_ts = convert_time_t_to_timespec(time(NULL));
- finfo-size = unoct(hb-dbuf.size, sizeof(hb-dbuf.size));
+ if ((hb-dbuf.size[0] 0xff) == 0x80) {
+ /* This is a non-POSIX compatible extention to extract files
+ greater than 8GB. */
+ finfo-size = 0;
+ for (i = 0; i 8; i++) {
+ finfo-size = 8;
+ finfo-size |= hb-dbuf.size[i+4] 0xff;
+ }
+ } else {
+ finfo-size = unoct(hb-dbuf.size, sizeof(hb-dbuf.size));
+ }
return True;
}
@@ -1005,8 +1017,8 @@ static int skip_file(int skipsize)
static int get_file(file_info2 finfo)
{
uint16_t fnum = (uint16_t) -1;
- int pos = 0, dsize = 0, bpos = 0;
- uint64_t rsize = 0;
+ int dsize = 0, bpos = 0;
+ uint64_t rsize = 0, pos = 0;
NTSTATUS status;
DEBUG(5, (get_file: file: %s, size %.0f\n, finfo.name,
(double)finfo.size));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6a1201a dlz_bind9: create session info from PAC using auth context
from 909056a s3-cli: fix bug 563, 8GB tar on BE machines
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6a1201a67b36bc1bb3214ee911b130c4affb8dec
Author: Amitay Isaacs ami...@gmail.com
Date: Tue Jan 3 15:39:20 2012 +1100
dlz_bind9: create session info from PAC using auth context
This fixes the creation of session info from PAC, after changes
in gensec code.
Autobuild-User: Amitay Isaacs ami...@samba.org
Autobuild-Date: Wed Jan 4 01:59:09 CET 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dlz_bind9.c | 66 +++
1 files changed, 59 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dlz_bind9.c b/source4/dns_server/dlz_bind9.c
index 97eaac8..549ae0d 100644
--- a/source4/dns_server/dlz_bind9.c
+++ b/source4/dns_server/dlz_bind9.c
@@ -54,6 +54,7 @@ struct dlz_bind9_data {
/* Used for dynamic update */
struct smb_krb5_context *smb_krb5_ctx;
+ struct auth4_context *auth_context;
struct auth_session_info *session_info;
char *update_name;
@@ -463,6 +464,50 @@ static isc_result_t parse_options(struct dlz_bind9_data
*state,
/*
+ * Create session info from PAC
+ * This is called as auth_context-generate_session_info_pac()
+ */
+static NTSTATUS b9_generate_session_info_pac(struct auth4_context
*auth_context,
+TALLOC_CTX *mem_ctx,
+struct smb_krb5_context
*smb_krb5_context,
+DATA_BLOB *pac_blob,
+const char *principal_name,
+const struct tsocket_address
*remote_addr,
+uint32_t session_info_flags,
+struct auth_session_info
**session_info)
+{
+ NTSTATUS status;
+ struct auth_user_info_dc *user_info_dc;
+ TALLOC_CTX *tmp_ctx;
+
+ tmp_ctx = talloc_new(mem_ctx);
+ NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
+
+ status = kerberos_pac_blob_to_user_info_dc(tmp_ctx,
+ *pac_blob,
+
smb_krb5_context-krb5_context,
+ user_info_dc,
+ NULL,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(tmp_ctx);
+ return status;
+ }
+
+ session_info_flags |= AUTH_SESSION_INFO_SIMPLE_PRIVILEGES;
+ status = auth_generate_session_info(mem_ctx, NULL, NULL, user_info_dc,
+ session_info_flags, session_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(tmp_ctx);
+ return status;
+ }
+
+ talloc_free(tmp_ctx);
+ return status;
+}
+
+
+/*
called to initialise the driver
*/
_PUBLIC_ isc_result_t dlz_create(const char *dlzname,
@@ -473,7 +518,6 @@ _PUBLIC_ isc_result_t dlz_create(const char *dlzname,
const char *helper_name;
va_list ap;
isc_result_t result;
- TALLOC_CTX *tmp_ctx;
struct ldb_dn *dn;
NTSTATUS nt_status;
@@ -482,8 +526,6 @@ _PUBLIC_ isc_result_t dlz_create(const char *dlzname,
return ISC_R_NOMEMORY;
}
- tmp_ctx = talloc_new(state);
-
/* fill in the helper functions */
va_start(ap, dbdata);
while ((helper_name = va_arg(ap, const char *)) != NULL) {
@@ -527,8 +569,14 @@ _PUBLIC_ isc_result_t dlz_create(const char *dlzname,
nt_status = gensec_init();
if (!NT_STATUS_IS_OK(nt_status)) {
- talloc_free(tmp_ctx);
- return false;
+ result = ISC_R_NOMEMORY;
+ goto failed;
+ }
+
+ state-auth_context = talloc_zero(state, struct auth4_context);
+ if (state-auth_context == NULL) {
+ result = ISC_R_NOMEMORY;
+ goto failed;
}
if (state-options.url == NULL) {
@@ -559,9 +607,13 @@ _PUBLIC_ isc_result_t dlz_create(const char *dlzname,
state-log(ISC_LOG_INFO, samba_dlz: started for DN %s,
ldb_dn_get_linearized(dn));
+ state-auth_context-event_ctx = state-ev_ctx;
+ state-auth_context-lp_ctx = state-lp;
+ state-auth_context-sam_ctx = state-samdb;
+ state-auth_context-generate_session_info_pac =
b9_generate_session_info_pac;
+
*dbdata = state;
- talloc_free(tmp_ctx);
