Changeset 733 for branches/samba-3.5.x/source3
- Timestamp:
- Nov 12, 2012, 5:09:31 PM (13 years ago)
- Location:
- branches/samba-3.5.x/source3
- Files:
-
- 28 edited
-
VERSION (modified) (1 diff)
-
client/client.c (modified) (1 diff)
-
client/clitar.c (modified) (3 diffs)
-
include/proto.h (modified) (1 diff)
-
lib/ctdbd_conn.c (modified) (1 diff)
-
lib/recvfile.c (modified) (4 diffs)
-
lib/util_seaccess.c (modified) (3 diffs)
-
libads/kerberos_verify.c (modified) (1 diff)
-
libsmb/clikrb5.c (modified) (1 diff)
-
libsmb/clireadwrite.c (modified) (5 diffs)
-
modules/vfs_acl_common.c (modified) (7 diffs)
-
modules/vfs_commit.c (modified) (1 diff)
-
param/loadparm.c (modified) (2 diffs)
-
passdb/pdb_get_set.c (modified) (5 diffs)
-
rpc_server/srv_netlog_nt.c (modified) (4 diffs)
-
rpc_server/srv_samr_nt.c (modified) (1 diff)
-
smbd/file_access.c (modified) (2 diffs)
-
smbd/nttrans.c (modified) (1 diff)
-
smbd/open.c (modified) (3 diffs)
-
smbd/posix_acls.c (modified) (1 diff)
-
smbd/process.c (modified) (1 diff)
-
smbd/reply.c (modified) (4 diffs)
-
smbd/trans2.c (modified) (2 diffs)
-
utils/net_groupmap.c (modified) (1 diff)
-
winbindd/wb_next_pwent.c (modified) (3 diffs)
-
winbindd/winbindd_cache.c (modified) (19 diffs)
-
winbindd/winbindd_cm.c (modified) (1 diff)
-
winbindd/winbindd_pam.c (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.5.x/source3/VERSION
r732 r733 26 26 SAMBA_VERSION_MAJOR=3 27 27 SAMBA_VERSION_MINOR=5 28 SAMBA_VERSION_RELEASE=1 228 SAMBA_VERSION_RELEASE=13 29 29 30 30 ######################################################## -
branches/samba-3.5.x/source3/client/client.c
r732 r733 4483 4483 status = cli_echo(cli, 1, data_blob_const(garbage, sizeof(garbage))); 4484 4484 4485 if (!NT_STATUS_IS_OK(status)) { 4486 DEBUG(0, ("SMBecho failed. Maybe server has closed " 4487 "the connection\n")); 4485 if (NT_STATUS_IS_OK(status)) { 4486 return; 4487 } 4488 4489 if (!cli_state_is_connected(cli)) { 4490 DEBUG(0, ("SMBecho failed (%s). The connection is " 4491 "disconnected now\n", nt_errstr(status))); 4488 4492 finished = true; 4489 4493 smb_readline_done(); -
branches/samba-3.5.x/source3/client/clitar.c
r414 r733 205 205 memset(hb.dbuf.size, 0, 4); 206 206 hb.dbuf.size[0]=128; 207 for (i = 8, jp=(char*)&size; i; i--) 208 hb.dbuf.size[i+3] = *(jp++); 207 for (i = 8; i; i--) { 208 hb.dbuf.size[i+3] = size & 0xff; 209 size >>= 8; 210 } 209 211 } 210 212 oct_it((uint64_t) mtime, 13, hb.dbuf.mtime); … … 308 310 convert_time_t_to_timespec((time_t)strtol(hb->dbuf.mtime, NULL, 8)); 309 311 finfo->atime_ts = convert_time_t_to_timespec(time(NULL)); 310 finfo->size = unoct(hb->dbuf.size, sizeof(hb->dbuf.size)); 312 if ((hb->dbuf.size[0] & 0xff) == 0x80) { 313 /* This is a non-POSIX compatible extention to extract files 314 greater than 8GB. */ 315 finfo->size = 0; 316 for (i = 0; i < 8; i++) { 317 finfo->size <<= 8; 318 finfo->size |= hb->dbuf.size[i+4] & 0xff; 319 } 320 } else { 321 finfo->size = unoct(hb->dbuf.size, sizeof(hb->dbuf.size)); 322 } 311 323 312 324 return True; … … 1000 1012 { 1001 1013 uint16_t fnum; 1002 int pos = 0,dsize = 0, bpos = 0;1003 uint64_t rsize = 0 ;1014 int dsize = 0, bpos = 0; 1015 uint64_t rsize = 0, pos = 0; 1004 1016 1005 1017 DEBUG(5, ("get_file: file: %s, size %.0f\n", finfo.name, (double)finfo.size)); -
branches/samba-3.5.x/source3/include/proto.h
r732 r733 4493 4493 /* The following definitions come from passdb/pdb_get_set.c */ 4494 4494 4495 bool pdb_is_password_change_time_max(time_t test_time); 4495 4496 uint32 pdb_get_acct_ctrl(const struct samu *sampass); 4496 4497 time_t pdb_get_logon_time(const struct samu *sampass); -
branches/samba-3.5.x/source3/lib/ctdbd_conn.c
r429 r733 1132 1132 struct ctdbd_traverse_state state; 1133 1133 1134 become_root(); 1134 1135 status = ctdbd_init_connection(NULL, &conn); 1136 unbecome_root(); 1135 1137 if (!NT_STATUS_IS_OK(status)) { 1136 1138 DEBUG(0, ("ctdbd_init_connection failed: %s\n", -
branches/samba-3.5.x/source3/lib/recvfile.c
r664 r733 33 33 * as we're below the Samba vfs layer. 34 34 * 35 * If tofd is -1 we just drain the incoming socket of count36 * bytes without writing to the outgoing fd.37 * If a write fails we do the same (to cope with disk full)38 * errors.39 *40 35 * Returns -1 on short reads from fromfd (read error) 41 36 * and sets errno. 42 37 * 43 38 * Returns number of bytes written to 'tofd' 44 * or thrown away if 'tofd == -1'.45 39 * return != count then sets errno. 46 40 * Returns count if complete success. … … 99 93 num_written = 0; 100 94 101 while (num_written < read_ret) { 95 /* Don't write any more after a write error. */ 96 while (tofd != -1 && (num_written < read_ret)) { 102 97 ssize_t write_ret; 103 98 104 if (tofd == -1) { 105 write_ret = read_ret; 106 } else { 107 /* Write to file - ignore EINTR. */ 108 write_ret = sys_write(tofd, 109 buffer + num_written, 110 read_ret - num_written); 111 112 if (write_ret <= 0) { 113 /* write error - stop writing. */ 114 tofd = -1; 115 saved_errno = errno; 116 continue; 117 } 99 /* Write to file - ignore EINTR. */ 100 write_ret = sys_write(tofd, 101 buffer + num_written, 102 read_ret - num_written); 103 104 if (write_ret <= 0) { 105 /* write error - stop writing. */ 106 tofd = -1; 107 if (total_written == 0) { 108 /* Ensure we return 109 -1 if the first 110 write failed. */ 111 total_written = -1; 112 } 113 saved_errno = errno; 114 break; 118 115 } 119 116 … … 217 214 218 215 done: 219 if ( total_written <count) {216 if (count) { 220 217 int saved_errno = errno; 221 if (drain_socket(fromfd, count-total_written) != 222 count-total_written) { 218 if (drain_socket(fromfd, count) != count) { 223 219 /* socket is dead. */ 224 220 return -1; … … 246 242 /***************************************************************** 247 243 Throw away "count" bytes from the client socket. 244 Returns count or -1 on error. 248 245 *****************************************************************/ 249 246 250 247 ssize_t drain_socket(int sockfd, size_t count) 251 248 { 252 return default_sys_recvfile(sockfd, -1, (SMB_OFF_T)-1, count); 253 } 249 size_t total = 0; 250 size_t bufsize = MIN(TRANSFER_BUF_SIZE,count); 251 char *buffer = NULL; 252 253 if (count == 0) { 254 return 0; 255 } 256 257 buffer = SMB_MALLOC_ARRAY(char, bufsize); 258 if (buffer == NULL) { 259 return -1; 260 } 261 262 while (total < count) { 263 ssize_t read_ret; 264 size_t toread = MIN(bufsize,count - total); 265 266 /* Read from socket - ignore EINTR. */ 267 read_ret = sys_read(sockfd, buffer, toread); 268 if (read_ret <= 0) { 269 /* EOF or socket error. */ 270 free(buffer); 271 return -1; 272 } 273 total += read_ret; 274 } 275 276 free(buffer); 277 return count; 278 } -
branches/samba-3.5.x/source3/lib/util_seaccess.c
r599 r733 159 159 int i; 160 160 uint32_t bits_remaining; 161 uint32_t explicitly_denied_bits = 0; 161 162 162 163 *access_granted = access_desired; … … 224 225 case SEC_ACE_TYPE_ACCESS_DENIED: 225 226 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT: 226 if (bits_remaining & ace->access_mask) { 227 return NT_STATUS_ACCESS_DENIED; 228 } 227 explicitly_denied_bits |= (bits_remaining & ace->access_mask); 229 228 break; 230 229 default: /* Other ACE types not handled/supported */ … … 232 231 } 233 232 } 233 234 bits_remaining |= explicitly_denied_bits; 234 235 235 236 done: -
branches/samba-3.5.x/source3/libads/kerberos_verify.c
r480 r733 269 269 } 270 270 271 SAFE_FREE(entry_princ_s);271 TALLOC_FREE(entry_princ_s); 272 272 273 273 { -
branches/samba-3.5.x/source3/libsmb/clikrb5.c
r596 r733 2089 2089 } 2090 2090 2091 ret = krb5_cc_store_cred(context, ccache, creds);2092 if (ret) {2093 goto done;2094 }2095 2096 2091 if (out_creds) { 2097 2092 *out_creds = creds; -
branches/samba-3.5.x/source3/libsmb/clireadwrite.c
r668 r733 200 200 state->buf = (uint8_t *)smb_base(inbuf) + SVAL(vwv+6, 0); 201 201 202 if (trans_oob(smb_len (inbuf), SVAL(vwv+6, 0), state->received)202 if (trans_oob(smb_len_large(inbuf), SVAL(vwv+6, 0), state->received) 203 203 || ((state->received != 0) && (state->buf < bytes))) { 204 204 DEBUG(5, ("server returned invalid read&x data offset\n")); … … 945 945 } 946 946 947 s ize = MIN(size, max_write);947 state->size = MIN(size, max_write); 948 948 949 949 vwv = state->vwv; … … 957 957 SSVAL(vwv+7, 0, mode); 958 958 SSVAL(vwv+8, 0, 0); 959 SSVAL(vwv+9, 0, (s ize>>16));960 SSVAL(vwv+10, 0, s ize);959 SSVAL(vwv+9, 0, (state->size>>16)); 960 SSVAL(vwv+10, 0, state->size); 961 961 962 962 SSVAL(vwv+11, 0, … … 975 975 state->iov[0].iov_len = 1; 976 976 state->iov[1].iov_base = CONST_DISCARD(void *, buf); 977 state->iov[1].iov_len = s ize;977 state->iov[1].iov_len = state->size; 978 978 979 979 subreq = cli_smb_req_create(state, ev, cli, SMBwriteX, 0, wct, vwv, … … 1027 1027 } 1028 1028 state->written = SVAL(vwv+2, 0); 1029 state->written |= SVAL(vwv+4, 0)<<16; 1029 if (state->size > UINT16_MAX) { 1030 /* 1031 * It is important that we only set the 1032 * high bits only if we asked for a large write. 1033 * 1034 * OS/2 print shares get this wrong and may send 1035 * invalid values. 1036 * 1037 * See bug #5326. 1038 */ 1039 state->written |= SVAL(vwv+4, 0)<<16; 1040 } 1030 1041 tevent_req_done(req); 1031 1042 } -
branches/samba-3.5.x/source3/modules/vfs_acl_common.c
r732 r733 374 374 } 375 375 } 376 is_directory = S_ISDIR( sbuf.st_ex_mode);376 is_directory = S_ISDIR(psbuf->st_ex_mode); 377 377 378 378 if (ignore_file_system_acl) { … … 409 409 } 410 410 if (!(security_info & DACL_SECURITY_INFORMATION)) { 411 psd->type &= ~SEC_DESC_DACL_PRESENT; 411 412 psd->dacl = NULL; 412 413 } 413 414 if (!(security_info & SACL_SECURITY_INFORMATION)) { 415 psd->type &= ~SEC_DESC_SACL_PRESENT; 414 416 psd->sacl = NULL; 415 417 } … … 533 535 (SECINFO_OWNER | 534 536 SECINFO_GROUP | 535 SECINFO_DACL), 537 SECINFO_DACL | 538 SECINFO_SACL), 536 539 pp_parent_desc); 537 540 … … 616 619 (OWNER_SECURITY_INFORMATION | 617 620 GROUP_SECURITY_INFORMATION | 618 DACL_SECURITY_INFORMATION), 621 DACL_SECURITY_INFORMATION | 622 SACL_SECURITY_INFORMATION), 619 623 &pdesc); 620 624 if (NT_STATUS_IS_OK(status)) { … … 627 631 if (!NT_STATUS_IS_OK(status)) { 628 632 DEBUG(10,("open_acl_xattr: %s open " 633 "for access 0x%x (0x%x) " 629 634 "refused with error %s\n", 630 635 fsp_str_dbg(fsp), 636 (unsigned int)fsp->access_mask, 637 (unsigned int)access_granted, 631 638 nt_errstr(status) )); 632 639 goto err; … … 912 919 int ret; 913 920 921 /* Try the normal rmdir first. */ 914 922 ret = SMB_VFS_NEXT_RMDIR(handle, path); 915 if (!(ret == -1 && (errno == EACCES || errno == EPERM))) { 916 DEBUG(10,("rmdir_acl_common: unlink of %s failed %s\n", 917 path, 918 strerror(errno) )); 919 return ret; 920 } 921 922 return acl_common_remove_object(handle, 923 path, 924 true); 923 if (ret == 0) { 924 return 0; 925 } 926 if (errno == EACCES || errno == EPERM) { 927 /* Failed due to access denied, 928 see if we need to root override. */ 929 return acl_common_remove_object(handle, 930 path, 931 true); 932 } 933 934 DEBUG(10,("rmdir_acl_common: unlink of %s failed %s\n", 935 path, 936 strerror(errno) )); 937 return -1; 925 938 } 926 939 … … 1040 1053 int ret; 1041 1054 1055 /* Try the normal unlink first. */ 1042 1056 ret = SMB_VFS_NEXT_UNLINK(handle, smb_fname); 1043 if ( !(ret == -1 && (errno == EACCES || errno == EPERM))) {1044 DEBUG(10,("unlink_acl_common: unlink of %s failed %s\n",1045 smb_fname->base_name,1046 strerror(errno) ));1047 return ret;1048 }1049 /* Don't do anything fancy for streams. */ 1050 if (smb_fname->stream_name) {1051 return ret;1052 }1053 1054 return acl_common_remove_object(handle,1057 if (ret == 0) { 1058 return 0; 1059 } 1060 if (errno == EACCES || errno == EPERM) { 1061 /* Failed due to access denied, 1062 see if we need to root override. */ 1063 1064 /* Don't do anything fancy for streams. */ 1065 if (smb_fname->stream_name) { 1066 return -1; 1067 } 1068 return acl_common_remove_object(handle, 1055 1069 smb_fname->base_name, 1056 1070 false); 1071 } 1072 1073 DEBUG(10,("unlink_acl_common: unlink of %s failed %s\n", 1074 smb_fname->base_name, 1075 strerror(errno) )); 1076 return -1; 1057 1077 } 1058 1078 -
branches/samba-3.5.x/source3/modules/vfs_commit.c
r414 r733 232 232 } 233 233 234 return 0;234 return fd; 235 235 } 236 236 -
branches/samba-3.5.x/source3/param/loadparm.c
r732 r733 7104 7104 } 7105 7105 7106 /** 7107 * reload those shares from registry that are already 7108 * activated in the services array. 7109 */ 7110 static bool reload_registry_shares(void) 7111 { 7112 int i; 7113 bool ret = true; 7114 7115 for (i = 0; i < iNumServices; i++) { 7116 if (!VALID(i)) { 7117 continue; 7118 } 7119 7120 if (ServicePtrs[i]->usershare == USERSHARE_VALID) { 7121 continue; 7122 } 7123 7124 ret = process_registry_service(ServicePtrs[i]->szService); 7125 if (!ret) { 7126 goto done; 7127 } 7128 } 7129 7130 done: 7131 return ret; 7132 } 7133 7134 7106 7135 #define MAX_INCLUDE_DEPTH 100 7107 7136 … … 9292 9321 } 9293 9322 9294 if (bRetval && lp_registry_shares() && allow_registry_shares) { 9295 bRetval = process_registry_shares(); 9323 if (bRetval && lp_registry_shares()) { 9324 if (allow_registry_shares) { 9325 bRetval = process_registry_shares(); 9326 } else { 9327 bRetval = reload_registry_shares(); 9328 } 9296 9329 } 9297 9330 -
branches/samba-3.5.x/source3/passdb/pdb_get_set.c
r414 r733 38 38 39 39 /********************************************************************* 40 Test if a change time is a max value. Copes with old and new values 41 of max. 42 ********************************************************************/ 43 44 bool pdb_is_password_change_time_max(time_t test_time) 45 { 46 if (test_time == get_time_t_max()) { 47 return true; 48 } 49 #if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8)) 50 if (test_time == 0x7FFFFFFFFFFFFFFFLL) { 51 return true; 52 } 53 #endif 54 if (test_time == 0x7FFFFFFF) { 55 return true; 56 } 57 return false; 58 } 59 60 /********************************************************************* 61 Return an unchanging version of max password change time - 0x7FFFFFFF. 62 ********************************************************************/ 63 64 time_t pdb_password_change_time_max(void) 65 { 66 return 0x7FFFFFFF; 67 } 68 69 /********************************************************************* 40 70 Collection of get...() functions for struct samu. 41 71 ********************************************************************/ … … 85 115 to indicate that the user cannot change their password. jmcd 86 116 */ 87 if ( sampass->pass_can_change_time == get_time_t_max() &&117 if (pdb_is_password_change_time_max(sampass->pass_can_change_time) && 88 118 pdb_get_init_flags(sampass, PDB_CANCHANGETIME) == PDB_CHANGED) 89 119 return sampass->pass_can_change_time; … … 111 141 112 142 if (sampass->acct_ctrl & ACB_PWNOEXP) 113 return get_time_t_max();143 return pdb_password_change_time_max(); 114 144 115 145 if (!pdb_get_account_policy(PDB_POLICY_MAX_PASSWORD_AGE, &expire) 116 146 || expire == (uint32)-1 || expire == 0) 117 return get_time_t_max();147 return pdb_password_change_time_max(); 118 148 119 149 return sampass->pass_last_set_time + expire; … … 122 152 bool pdb_get_pass_can_change(const struct samu *sampass) 123 153 { 124 if ( sampass->pass_can_change_time == get_time_t_max() &&154 if (pdb_is_password_change_time_max(sampass->pass_can_change_time) && 125 155 sampass->pass_last_set_time != 0) 126 156 return False; … … 1002 1032 { 1003 1033 return pdb_set_pass_can_change_time(sampass, 1004 canchange ? 0 : get_time_t_max(),1034 canchange ? 0 : pdb_password_change_time_max(), 1005 1035 PDB_CHANGED); 1006 1036 } -
branches/samba-3.5.x/source3/rpc_server/srv_netlog_nt.c
r429 r733 978 978 { 979 979 NTSTATUS status; 980 struct netlogon_creds_CredentialState *creds ;980 struct netlogon_creds_CredentialState *creds = NULL; 981 981 struct samu *sampass; 982 982 DATA_BLOB plaintext; … … 993 993 994 994 if (!NT_STATUS_IS_OK(status)) { 995 const char *computer_name = "<unknown>"; 996 997 if (creds && creds->computer_name) { 998 computer_name = creds->computer_name; 999 } 1000 995 1001 DEBUG(2,("_netr_ServerPasswordSet2: netlogon_creds_server_step " 996 1002 "failed. Rejecting auth request from client %s machine account %s\n", 997 r->in.computer_name, c reds->computer_name));1003 r->in.computer_name, computer_name)); 998 1004 TALLOC_FREE(creds); 999 1005 return status; … … 1005 1011 1006 1012 if (!extract_pw_from_buffer(p->mem_ctx, password_buf.data, &plaintext)) { 1013 TALLOC_FREE(creds); 1007 1014 return NT_STATUS_WRONG_PASSWORD; 1008 1015 } … … 1013 1020 creds->account_name, 1014 1021 &sampass); 1022 TALLOC_FREE(creds); 1015 1023 if (!NT_STATUS_IS_OK(status)) { 1016 1024 return status; -
branches/samba-3.5.x/source3/rpc_server/srv_samr_nt.c
r480 r733 2878 2878 2879 2879 must_change_time = pdb_get_pass_must_change_time(pw); 2880 if ( must_change_time == get_time_t_max()) {2880 if (pdb_is_password_change_time_max(must_change_time)) { 2881 2881 unix_to_nt_time_abs(&force_password_change, must_change_time); 2882 2882 } else { -
branches/samba-3.5.x/source3/smbd/file_access.c
r620 r733 38 38 if (conn->server_info->utok.uid == 0 || conn->admin_user) { 39 39 /* I'm sorry sir, I didn't know you were root... */ 40 return true; 41 } 42 43 if (access_mask == DELETE_ACCESS && 44 VALID_STAT(smb_fname->st) && 45 S_ISLNK(smb_fname->st.st_ex_mode)) { 46 /* We can always delete a symlink. */ 40 47 return true; 41 48 } … … 116 123 * by owner of directory. */ 117 124 if (smb_fname_parent->st.st_ex_mode & S_ISVTX) { 118 if(SMB_VFS_STAT(conn, smb_fname) != 0) { 119 if (errno == ENOENT) { 120 /* If the file doesn't already exist then 121 * yes we'll be able to delete it. */ 122 ret = true; 123 goto out; 124 } 125 DEBUG(10,("can_delete_file_in_directory: can't " 126 "stat file %s (%s)", 127 smb_fname_str_dbg(smb_fname), 128 strerror(errno) )); 129 ret = false; 125 if (!VALID_STAT(smb_fname->st)) { 126 /* If the file doesn't already exist then 127 * yes we'll be able to delete it. */ 128 ret = true; 130 129 goto out; 131 130 } -
branches/samba-3.5.x/source3/smbd/nttrans.c
r732 r733 1884 1884 } 1885 1885 if (!(security_info_wanted & SECINFO_DACL)) { 1886 psd->type &= ~SEC_DESC_DACL_PRESENT; 1886 1887 psd->dacl = NULL; 1887 1888 } 1888 1889 if (!(security_info_wanted & SECINFO_SACL)) { 1890 psd->type &= ~SEC_DESC_SACL_PRESENT; 1889 1891 psd->sacl = NULL; 1890 1892 } -
branches/samba-3.5.x/source3/smbd/open.c
r732 r733 94 94 smb_fname_str_dbg(smb_fname), 95 95 (unsigned int)*access_granted )); 96 return NT_STATUS_OK; 97 } 98 99 if (access_mask == DELETE_ACCESS && 100 VALID_STAT(smb_fname->st) && 101 S_ISLNK(smb_fname->st.st_ex_mode)) { 102 /* We can always delete a symlink. */ 103 DEBUG(10,("smbd_check_open_rights: not checking ACL " 104 "on DELETE_ACCESS on symlink %s.\n", 105 smb_fname_str_dbg(smb_fname) )); 96 106 return NT_STATUS_OK; 97 107 } … … 1432 1442 } 1433 1443 1434 status = check_name(conn, smb_fname->base_name);1435 if (!NT_STATUS_IS_OK(status)) {1436 return status;1437 }1438 1439 1444 if (!posix_open) { 1440 1445 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK; … … 3309 3314 } 3310 3315 3311 /* All file access must go through check_name() */3312 3313 status = check_name(conn, smb_fname->base_name);3314 if (!NT_STATUS_IS_OK(status)) {3315 goto fail;3316 }3317 3318 3316 status = create_file_unixpath( 3319 3317 conn, req, smb_fname, access_mask, share_access, -
branches/samba-3.5.x/source3/smbd/posix_acls.c
r732 r733 1124 1124 ****************************************************************************/ 1125 1125 1126 #define FILE_SPECIFIC_READ_BITS (FILE_READ_DATA|FILE_READ_EA |FILE_READ_ATTRIBUTES)1127 #define FILE_SPECIFIC_WRITE_BITS (FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_WRITE_EA |FILE_WRITE_ATTRIBUTES)1126 #define FILE_SPECIFIC_READ_BITS (FILE_READ_DATA|FILE_READ_EA) 1127 #define FILE_SPECIFIC_WRITE_BITS (FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_WRITE_EA) 1128 1128 #define FILE_SPECIFIC_EXECUTE_BITS (FILE_EXECUTE) 1129 1129 -
branches/samba-3.5.x/source3/smbd/process.c
r732 r733 1274 1274 /* Make sure this is an SMB packet. smb_size contains NetBIOS header 1275 1275 * so subtract 4 from it. */ 1276 if ( !valid_smb_header(req->inbuf)1277 || (size < (smb_size - 4))) {1276 if ((size < (smb_size - 4)) || 1277 !valid_smb_header(req->inbuf)) { 1278 1278 DEBUG(2,("Non-SMB packet of length %d. Terminating server\n", 1279 1279 smb_len(req->inbuf))); -
branches/samba-3.5.x/source3/smbd/reply.c
r732 r733 4430 4430 SSVAL(req->outbuf,smb_vwv4,nwritten>>16); 4431 4431 4432 if (nwritten < (ssize_t)numtowrite) {4433 SCVAL(req->outbuf,smb_rcls,ERRHRD);4434 SSVAL(req->outbuf,smb_err,ERRdiskfull);4435 }4436 4437 4432 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", 4438 4433 fsp->fnum, (int)numtowrite, (int)nwritten)); … … 6291 6286 struct smb_filename *smb_fname_src = NULL; 6292 6287 struct smb_filename *smb_fname_dst = NULL; 6288 uint32_t src_ucf_flags = lp_posix_pathnames() ? UCF_UNIX_NAME_LOOKUP : UCF_COND_ALLOW_WCARD_LCOMP; 6289 uint32_t dst_ucf_flags = UCF_SAVE_LCOMP | (lp_posix_pathnames() ? 0 : UCF_COND_ALLOW_WCARD_LCOMP); 6293 6290 6294 6291 START_PROFILE(SMBmv); … … 6320 6317 req->flags2 & FLAGS2_DFS_PATHNAMES, 6321 6318 name, 6322 UCF_COND_ALLOW_WCARD_LCOMP,6319 src_ucf_flags, 6323 6320 &src_has_wcard, 6324 6321 &smb_fname_src); … … 6338 6335 req->flags2 & FLAGS2_DFS_PATHNAMES, 6339 6336 newname, 6340 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,6337 dst_ucf_flags, 6341 6338 &dest_has_wcard, 6342 6339 &smb_fname_dst); -
branches/samba-3.5.x/source3/smbd/trans2.c
r732 r733 7736 7736 } else { 7737 7737 char *fname = NULL; 7738 uint32_t ucf_flags = 0; 7738 7739 7739 7740 /* set path info */ … … 7752 7753 } 7753 7754 7755 if (info_level == SMB_SET_FILE_UNIX_BASIC || 7756 info_level == SMB_SET_FILE_UNIX_INFO2 || 7757 info_level == SMB_FILE_RENAME_INFORMATION || 7758 info_level == SMB_POSIX_PATH_UNLINK) { 7759 ucf_flags |= UCF_UNIX_NAME_LOOKUP; 7760 } 7761 7754 7762 status = filename_convert(req, conn, 7755 7763 req->flags2 & FLAGS2_DFS_PATHNAMES, 7756 7764 fname, 7757 0,7765 ucf_flags, 7758 7766 NULL, 7759 7767 &smb_fname); -
branches/samba-3.5.x/source3/utils/net_groupmap.c
r414 r733 824 824 d_printf("%s\n%s", 825 825 _("Usage:"), 826 _("net groupmap member ofsid\n"));826 _("net groupmap memberships sid\n")); 827 827 return -1; 828 828 } -
branches/samba-3.5.x/source3/winbindd/wb_next_pwent.c
r414 r733 31 31 static void wb_next_pwent_fill_done(struct tevent_req *subreq); 32 32 33 static struct winbindd_domain *wb_next_find_domain(struct winbindd_domain *domain) 34 { 35 if (domain == NULL) { 36 domain = domain_list(); 37 } else { 38 domain = domain->next; 39 } 40 41 if ((domain != NULL) 42 && sid_check_is_domain(&domain->sid)) { 43 domain = domain->next; 44 } 45 46 if (domain == NULL) { 47 return NULL; 48 } 49 50 return domain; 51 } 52 33 53 struct tevent_req *wb_next_pwent_send(TALLOC_CTX *mem_ctx, 34 54 struct tevent_context *ev, … … 50 70 TALLOC_FREE(state->gstate->users); 51 71 52 if (state->gstate->domain == NULL) { 53 state->gstate->domain = domain_list(); 54 } else { 55 state->gstate->domain = state->gstate->domain->next; 56 } 57 58 if ((state->gstate->domain != NULL) 59 && sid_check_is_domain(&state->gstate->domain->sid)) { 60 state->gstate->domain = state->gstate->domain->next; 61 } 62 72 state->gstate->domain = wb_next_find_domain(state->gstate->domain); 63 73 if (state->gstate->domain == NULL) { 64 74 tevent_req_nterror(req, NT_STATUS_NO_MORE_ENTRIES); … … 148 158 status = wb_fill_pwent_recv(subreq); 149 159 TALLOC_FREE(subreq); 150 if (!NT_STATUS_IS_OK(status)) { 160 /* 161 * When you try to enumerate users with 'getent passwd' and the user 162 * doesn't have a uid set we should just move on. 163 */ 164 if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) { 165 state->gstate->next_user += 1; 166 167 if (state->gstate->next_user >= state->gstate->num_users) { 168 TALLOC_FREE(state->gstate->users); 169 170 state->gstate->domain = wb_next_find_domain(state->gstate->domain); 171 if (state->gstate->domain == NULL) { 172 tevent_req_nterror(req, NT_STATUS_NO_MORE_ENTRIES); 173 return; 174 } 175 176 subreq = wb_query_user_list_send(state, state->ev, 177 state->gstate->domain); 178 if (tevent_req_nomem(subreq, req)) { 179 return; 180 } 181 tevent_req_set_callback(subreq, wb_next_pwent_fetch_done, req); 182 return; 183 } 184 185 subreq = wb_fill_pwent_send(state, 186 state->ev, 187 &state->gstate->users[state->gstate->next_user], 188 state->pw); 189 if (tevent_req_nomem(subreq, req)) { 190 return; 191 } 192 tevent_req_set_callback(subreq, wb_next_pwent_fill_done, req); 193 194 return; 195 } else if (!NT_STATUS_IS_OK(status)) { 151 196 tevent_req_nterror(req, status); 152 197 return; -
branches/samba-3.5.x/source3/winbindd/winbindd_cache.c
r599 r733 33 33 #define DBGC_CLASS DBGC_WINBIND 34 34 35 #define WINBINDD_CACHE_VERSION 1 35 #define WINBINDD_CACHE_VER1 1 /* initial db version */ 36 #define WINBINDD_CACHE_VER2 2 /* second version with timeouts for NDR entries */ 37 38 #define WINBINDD_CACHE_VERSION WINBINDD_CACHE_VER2 36 39 #define WINBINDD_CACHE_VERSION_KEYSTR "WINBINDD_CACHE_VERSION" 37 40 … … 93 96 NTSTATUS status; 94 97 uint32 sequence_number; 98 uint64 timeout; 95 99 uint8 *data; 96 100 uint32 len, ofs; … … 224 228 225 229 /* 230 pull a uint64 from a cache entry 231 */ 232 static uint64 centry_uint64(struct cache_entry *centry) 233 { 234 uint64 ret; 235 236 if (!centry_check_bytes(centry, 8)) { 237 smb_panic_fn("centry_uint64"); 238 } 239 ret = BVAL(centry->data, centry->ofs); 240 centry->ofs += 8; 241 return ret; 242 } 243 244 /* 226 245 pull a uint32 from a cache entry 227 246 */ … … 615 634 616 635 /* if the server is down or the cache entry is not older than the 617 current sequence number then it is OK */ 618 if (wcache_server_down(domain) || 619 centry->sequence_number == domain->sequence_number) { 636 current sequence number or it did not timeout then it is OK */ 637 if (wcache_server_down(domain) 638 || (centry->sequence_number == domain->sequence_number 639 && centry->timeout > time(NULL))) { 620 640 DEBUG(10,("centry_expired: Key %s for domain %s is good.\n", 621 641 keystr, domain->name )); … … 648 668 centry->ofs = 0; 649 669 650 if (centry->len < 8) {670 if (centry->len < 16) { 651 671 /* huh? corrupt cache? */ 652 DEBUG(10,("wcache_fetch_raw: Corrupt cache for key %s (len < 8) ?\n", kstr)); 672 DEBUG(10,("wcache_fetch_raw: Corrupt cache for key %s " 673 "(len < 16)?\n", kstr)); 653 674 centry_free(centry); 654 675 return NULL; … … 657 678 centry->status = centry_ntstatus(centry); 658 679 centry->sequence_number = centry_uint32(centry); 680 centry->timeout = centry_uint64(centry); 659 681 660 682 return centry; … … 743 765 744 766 /* 767 push a uint64 into a centry 768 */ 769 static void centry_put_uint64(struct cache_entry *centry, uint64 v) 770 { 771 centry_expand(centry, 8); 772 SBVAL(centry->data, centry->ofs, v); 773 centry->ofs += 8; 774 } 775 776 /* 745 777 push a uint32 into a centry 746 778 */ … … 863 895 centry->ofs = 0; 864 896 centry->sequence_number = domain->sequence_number; 897 centry->timeout = lp_winbind_cache_time() + time(NULL); 865 898 centry_put_ntstatus(centry, status); 866 899 centry_put_uint32(centry, centry->sequence_number); 900 centry_put_uint64(centry, centry->timeout); 867 901 return centry; 868 902 } … … 3449 3483 centry->ofs = 0; 3450 3484 3451 if (centry->len < 8) {3485 if (centry->len < 16) { 3452 3486 /* huh? corrupt cache? */ 3453 DEBUG(0,("create_centry_validate: Corrupt cache for key %s (len < 8) ?\n", kstr)); 3487 DEBUG(0,("create_centry_validate: Corrupt cache for key %s " 3488 "(len < 16) ?\n", kstr)); 3454 3489 centry_free(centry); 3455 3490 state->bad_entry = true; … … 3460 3495 centry->status = NT_STATUS(centry_uint32(centry)); 3461 3496 centry->sequence_number = centry_uint32(centry); 3497 centry->timeout = centry_uint64(centry); 3462 3498 return centry; 3463 3499 } … … 4012 4048 } 4013 4049 4050 static int wbcache_update_centry_fn(TDB_CONTEXT *tdb, 4051 TDB_DATA key, 4052 TDB_DATA data, 4053 void *state) 4054 { 4055 uint64_t ctimeout; 4056 TDB_DATA blob; 4057 4058 if (is_non_centry_key(key)) { 4059 return 0; 4060 } 4061 4062 if (data.dptr == NULL || data.dsize == 0) { 4063 if (tdb_delete(tdb, key) < 0) { 4064 DEBUG(0, ("tdb_delete for [%s] failed!\n", 4065 key.dptr)); 4066 return 1; 4067 } 4068 } 4069 4070 /* add timeout to blob (uint64_t) */ 4071 blob.dsize = data.dsize + 8; 4072 4073 blob.dptr = SMB_XMALLOC_ARRAY(uint8_t, blob.dsize); 4074 if (blob.dptr == NULL) { 4075 return 1; 4076 } 4077 memset(blob.dptr, 0, blob.dsize); 4078 4079 /* copy status and seqnum */ 4080 memcpy(blob.dptr, data.dptr, 8); 4081 4082 /* add timeout */ 4083 ctimeout = lp_winbind_cache_time() + time(NULL); 4084 SBVAL(blob.dptr, 8, ctimeout); 4085 4086 /* copy the rest */ 4087 memcpy(blob.dptr + 16, data.dptr + 8, data.dsize - 8); 4088 4089 if (tdb_store(tdb, key, blob, TDB_REPLACE) < 0) { 4090 DEBUG(0, ("tdb_store to update [%s] failed!\n", 4091 key.dptr)); 4092 SAFE_FREE(blob.dptr); 4093 return 1; 4094 } 4095 4096 SAFE_FREE(blob.dptr); 4097 return 0; 4098 } 4099 4100 static bool wbcache_upgrade_v1_to_v2(TDB_CONTEXT *tdb) 4101 { 4102 int rc; 4103 4104 DEBUG(1, ("Upgrade to version 2 of the winbindd_cache.tdb\n")); 4105 4106 rc = tdb_traverse(tdb, wbcache_update_centry_fn, NULL); 4107 if (rc < 0) { 4108 return false; 4109 } 4110 4111 return true; 4112 } 4113 4014 4114 /*********************************************************************** 4015 4115 Try and validate every entry in the winbindd cache. If we fail here, … … 4022 4122 const char *tdb_path = cache_path("winbindd_cache.tdb"); 4023 4123 TDB_CONTEXT *tdb = NULL; 4124 uint32_t vers_id; 4125 bool ok; 4024 4126 4025 4127 DEBUG(10, ("winbindd_validate_cache: replacing panic function\n")); 4026 4128 smb_panic_fn = validate_panic; 4027 4028 4129 4029 4130 tdb = tdb_open_log(tdb_path, … … 4039 4140 goto done; 4040 4141 } 4142 4143 /* Version check and upgrade code. */ 4144 if (!tdb_fetch_uint32(tdb, WINBINDD_CACHE_VERSION_KEYSTR, &vers_id)) { 4145 DEBUG(10, ("Fresh database\n")); 4146 tdb_store_uint32(tdb, WINBINDD_CACHE_VERSION_KEYSTR, WINBINDD_CACHE_VERSION); 4147 vers_id = WINBINDD_CACHE_VERSION; 4148 } 4149 4150 if (vers_id != WINBINDD_CACHE_VERSION) { 4151 if (vers_id == WINBINDD_CACHE_VER1) { 4152 ok = wbcache_upgrade_v1_to_v2(tdb); 4153 if (!ok) { 4154 DEBUG(10, ("winbindd_validate_cache: upgrade to version 2 failed.\n")); 4155 unlink(tdb_path); 4156 goto done; 4157 } 4158 4159 tdb_store_uint32(tdb, 4160 WINBINDD_CACHE_VERSION_KEYSTR, 4161 WINBINDD_CACHE_VERSION); 4162 vers_id = WINBINDD_CACHE_VER2; 4163 } 4164 } 4165 4041 4166 tdb_close(tdb); 4042 4167 … … 4658 4783 return false; 4659 4784 } 4660 if (data.dsize < 4) {4785 if (data.dsize < 12) { 4661 4786 goto fail; 4662 4787 } … … 4664 4789 if (!is_domain_offline(domain)) { 4665 4790 uint32_t entry_seqnum, dom_seqnum, last_check; 4791 uint64_t entry_timeout; 4666 4792 4667 4793 if (!wcache_fetch_seqnum(domain->name, &dom_seqnum, … … 4675 4801 goto fail; 4676 4802 } 4677 } 4678 4679 resp->data = (uint8_t *)talloc_memdup(mem_ctx, data.dptr + 4, 4680 data.dsize - 4); 4803 entry_timeout = BVAL(data.dptr, 4); 4804 if (time(NULL) > entry_timeout) { 4805 DEBUG(10, ("Entry has timed out\n")); 4806 goto fail; 4807 } 4808 } 4809 4810 resp->data = (uint8_t *)talloc_memdup(mem_ctx, data.dptr + 12, 4811 data.dsize - 12); 4681 4812 if (resp->data == NULL) { 4682 4813 DEBUG(10, ("talloc failed\n")); 4683 4814 goto fail; 4684 4815 } 4685 resp->length = data.dsize - 4;4816 resp->length = data.dsize - 12; 4686 4817 4687 4818 ret = true; … … 4696 4827 TDB_DATA key, data; 4697 4828 uint32_t dom_seqnum, last_check; 4829 uint64_t timeout; 4698 4830 4699 4831 if (!wcache_opnum_cacheable(opnum)) { … … 4715 4847 } 4716 4848 4717 data.dsize = resp->length + 4; 4849 timeout = time(NULL) + lp_winbind_cache_time(); 4850 4851 data.dsize = resp->length + 12; 4718 4852 data.dptr = talloc_array(key.dptr, uint8_t, data.dsize); 4719 4853 if (data.dptr == NULL) { … … 4722 4856 4723 4857 SIVAL(data.dptr, 0, dom_seqnum); 4724 memcpy(data.dptr+4, resp->data, resp->length); 4858 SBVAL(data.dptr, 4, timeout); 4859 memcpy(data.dptr + 12, resp->data, resp->length); 4725 4860 4726 4861 tdb_store(wcache->tdb, key, data, 0); -
branches/samba-3.5.x/source3/winbindd/winbindd_cm.c
r596 r733 1767 1767 domain->active_directory ? "" : "NOT ")); 1768 1768 1769 domain->can_do_ncacn_ip_tcp = domain->active_directory; 1770 domain->can_do_validation6 = domain->active_directory; 1769 1771 1770 1772 domain->initialized = True; -
branches/samba-3.5.x/source3/winbindd/winbindd_pam.c
r732 r733 2102 2102 done: 2103 2103 2104 if (NT_STATUS_EQUAL(result, NT_STATUS_IO_TIMEOUT)) { 2105 DEBUG(3,("winbindd_dual_pam_auth_crap: sam_network_logon(ex) " 2106 "returned NT_STATUS_IO_TIMEOUT after the retry." 2107 "We didn't know what's going on killing " 2108 "connections to domain %s\n", 2109 name_domain)); 2110 invalidate_cm_connection(&contact_domain->conn); 2111 } 2112 2104 2113 /* give us a more useful (more correct?) error code */ 2105 2114 if ((NT_STATUS_EQUAL(result, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND) ||
Note:
See TracChangeset
for help on using the changeset viewer.
