Tim Prouty [Sun, 7 Dec 2008 00:08:35 +0000 (16:08 -0800)]
s3: [3/3]: Fix a delete on close divergence from windows and the associated torture test
This third patch cleans up by removing all of the code that is made
obsolete by the first patch. It should cause no functional changes.
Tim Prouty [Sun, 7 Dec 2008 18:34:37 +0000 (10:34 -0800)]
s4: [2/3] Fix a delete on close divergence from windows and the associated torture test
This second patch fixes the deltest17 BASE-DELETE torture test to pass
against win2k3/win2k8/winXPsp2
Tim Prouty [Sun, 7 Dec 2008 18:30:01 +0000 (10:30 -0800)]
s3: [1/3] Fix a delete on close divergence from windows and the associated torture test
smbtorture4's BASE-DELETE:deltest17 was failing against win2k8,
win2k3, and winXPsp2 but passing against samba.
deltest17 does the following:
1. open file -> file is created
2. closes file
3. open file with DOC -> fnum1
4. check that DOC is not reported as being set from fnum1
5. opens file again Read Only -> fnum2
6. check that DOC is not reported as being set from either file handle
7. close fnum1 (the file handle that requested DOC to be set)
8. check if DOC is reported as being set from fnum2
* This is where windows and samba begin to diverge. Windows
reports that the DOC bit is set, while samba reports that it is not set.
9. close fnum2 (the last remaining open handle for the file)
10.See if the file has been deleted.
* On samba the file still exists. On windows the file was deleted.
The way open_file_ntcreate is written now, if an open has the DOC bit
set on the wire, DOC (fsp->initial_delete_on_close) is not set unless:
a. the open creates the file, or b. there is an open file handle with
a share_entry in the struct lck that has the
SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE bit set (let's call it
SM_AIDOC).
My understanding of SM_AIDOC is that it was added to differentiate
between DOC being set on an open that creates a file vs an open that
opens an existing. As described in step 8/10 above, it appears that
windows does not make this differentiation.
To resolve this issue there are three patches. This first patch is a
simple proof of concept change that is sufficient to fix the bug. It
removes the differentiation in open_file_ntcreate, and updates
deltest17 to allow it to pass against win2k3/xp. This makes
open_file_ntcreate more closely match the semantics in open_directory
and rename_internals_fsp. This change also does not break any other
tests in BASE-DELETE or "make test". Specifically test deltest20b
which verifies the CIFSFS rename DOC semantics still passes :).
Matthias Dieter Wallnöfer [Tue, 9 Dec 2008 22:32:04 +0000 (23:32 +0100)]
s4-samr: Fix Bug #5946. userparameters handling in torture test.
Signed-off-by: Günther Deschner <gd@samba.org>
Matthias Dieter Wallnöfer [Tue, 9 Dec 2008 22:31:15 +0000 (23:31 +0100)]
s4-samr: Fix Bug #5946. userparameters handling in samr server.
Signed-off-by: Günther Deschner <gd@samba.org>
Tim Prouty [Tue, 9 Dec 2008 00:57:58 +0000 (16:57 -0800)]
s3: Add the OneFS SMB_VFS_CREATE_FILE implementation
This is the first pass at extending the onefs vfs module to support
the CIFS-specific enhancements available on OneFS. Most of this patch
is massaging the sama open path to work with ifs_createfile.
ifs_createfile is a CIFS-specific syscall for opening/files and
directories. It adds support for:
- Full in-kernel access checks using a windows access_mask
- Cluster-coherent share mode locks
- Cluster-coherent oplocks
- Streams
- Setting security descriptors at create time
- Setting dos_attributes at create time
This patch does not implement the samba side of the streams support or
oplocks support. Tests that expect oplocks to be granted or streams
to be supported will fail. This will be remedied in upcoming patches.
Tim Prouty [Tue, 9 Dec 2008 00:42:45 +0000 (16:42 -0800)]
s3: Add onefs_open.c with code copied verbatim from smbd/open.c
This is an intermediate step that makes it much easier to see how the
OneFS SMB_VFS_CREATE_FILE implementation diverges from stock samba.
The goal is that more common code can be refactored into utility
functions.
Tim Prouty [Thu, 27 Nov 2008 00:47:14 +0000 (16:47 -0800)]
s3: Call fd_close from close_directory
Some implementations of SMB_VFS_CREATE_FILE implementations actually
keep an fd open for directories just as files. In this case it is
necessary to call fd_close when closing directories. This is safe
because fd_close is a no-op when fd == -1, which is true for directory
opens originating from open.c (the default SMB_VFS_CREATE_FILE
implementation).
Tim Prouty [Thu, 20 Nov 2008 05:26:42 +0000 (21:26 -0800)]
s3: Refactor calculating path from relative_fid into a separate function
Tim Prouty [Wed, 5 Nov 2008 02:08:03 +0000 (18:08 -0800)]
s3: Refactor getting sec_info from a security_descriptor into separate function
Tim Prouty [Thu, 30 Oct 2008 00:28:19 +0000 (17:28 -0700)]
s3: Make a few open utility functions non-static
This allows vfs modules that implement SMB_VFS_CREATE_FILE to access
some of the useful utility functions.
SATOH Fumiyasu [Tue, 9 Dec 2008 22:26:22 +0000 (14:26 -0800)]
Fix bug #5688 LPQ process is orphaned if socket address parameter is invalid
Günther Deschner [Tue, 9 Dec 2008 16:28:15 +0000 (17:28 +0100)]
s3-ldapsam: Fix Bug 5957: do not abort rename process on valid rename script.
Guenther
(cherry picked from commit
26139344fd0fac4fdd2a6752628b252fbd9b7450)
(cherry picked from commit
866efa63a26f75bbf17cd4bebf639594e2feafba)
Stefan Metzmacher [Tue, 9 Dec 2008 15:16:31 +0000 (16:16 +0100)]
s4:rpc_server: don't keep half finished dcesrv_connection_contexts
metze
Günther Deschner [Tue, 9 Dec 2008 13:48:10 +0000 (14:48 +0100)]
s3-libnet: fix build warning (missing prototype).
Guenther
Stefan Metzmacher [Tue, 9 Dec 2008 08:22:31 +0000 (09:22 +0100)]
s4:rpc_server: initialize rpc server module also for the named pipe case
This fixes bug #5878.
metze
Günther Deschner [Tue, 9 Dec 2008 11:39:47 +0000 (12:39 +0100)]
s3-samr: a level 18 password set needs to set the pwdlastset as well.
Guenther
Günther Deschner [Tue, 9 Dec 2008 11:39:14 +0000 (12:39 +0100)]
s3-srvsvc: fix build warning.
Guenther
Todd Stecher [Thu, 4 Dec 2008 19:33:32 +0000 (11:33 -0800)]
s3: Add support for access based share enumeration
Jeremy Allison [Mon, 8 Dec 2008 22:24:38 +0000 (14:24 -0800)]
Fix bug #5953 - smbclient crashes: cli_list_new segmentation fault.
Jeremy.
Volker Lendecke [Mon, 1 Dec 2008 07:25:25 +0000 (08:25 +0100)]
Add wb_trans_send/revc
Volker Lendecke [Fri, 28 Nov 2008 18:54:46 +0000 (19:54 +0100)]
Add infrastructure to transfer winbindd_request/response asynchronously
Volker Lendecke [Mon, 1 Dec 2008 07:23:35 +0000 (08:23 +0100)]
Simplify async programming a bit with helper routines
Introduce async_req_is_error() and async_req_simple_recv()
Volker Lendecke [Fri, 28 Nov 2008 18:52:52 +0000 (19:52 +0100)]
Streamline the async_sock API a bit
Volker Lendecke [Sun, 16 Nov 2008 17:02:17 +0000 (18:02 +0100)]
Add a "bytes_padding" parameter to smb_splice_chain
For example open&x and write&x needs the bytes to be aligned relative to the
SMB header. In particular for write&x we should not have to move stuff around.
Volker Lendecke [Wed, 12 Nov 2008 17:43:34 +0000 (18:43 +0100)]
Factor out smb_splice_chain(), to be used by chain_reply() in smbd
Stefan Metzmacher [Mon, 8 Dec 2008 14:51:01 +0000 (15:51 +0100)]
s4:rpc_server: fix crash bugs in
26200f4fb1db81be7a9da51f317e46405351b170
call->context needs to be valid.
metze
Stefan Metzmacher [Fri, 5 Dec 2008 14:06:57 +0000 (15:06 +0100)]
s4:rpc_server: make it possible for iface->bind() to specify the assoc_group_id
This helps the openchange mapiproxy plugin to work correctly.
metze
Volker Lendecke [Sun, 9 Nov 2008 18:57:10 +0000 (19:57 +0100)]
Replace some pointless variables in reply_open_pipe_and_X by comments
Volker Lendecke [Wed, 26 Nov 2008 13:01:22 +0000 (14:01 +0100)]
Fix nonempty blank lines
Volker Lendecke [Sun, 30 Nov 2008 12:49:14 +0000 (13:49 +0100)]
Slightly simplify cli_session_setup_ntlmssp
Remove three pointless variables
Stefan Metzmacher [Sat, 6 Dec 2008 14:48:10 +0000 (15:48 +0100)]
s4:winbind: fill in the correct variable...
metze
Stefan Metzmacher [Sat, 6 Dec 2008 14:38:49 +0000 (15:38 +0100)]
s4:secrets: remove unused structure
metze
Stefan Metzmacher [Sat, 6 Dec 2008 14:04:34 +0000 (15:04 +0100)]
RPC-BROWSER: send the correct data in later requests
metze
Stefan Metzmacher [Sat, 6 Dec 2008 11:39:58 +0000 (12:39 +0100)]
s4:torture: add simple RPC-BROWSER test
metze
Stefan Metzmacher [Sat, 6 Dec 2008 13:18:13 +0000 (14:18 +0100)]
s4:librpc: add SUBSYSTEM::RPC_NDR_BROWSER
metze
Stefan Metzmacher [Sat, 6 Dec 2008 13:20:45 +0000 (14:20 +0100)]
s4:loadparm: start 'browser' rpc_server
metze
Stefan Metzmacher [Sat, 6 Dec 2008 13:19:58 +0000 (14:19 +0100)]
s4:dcesrv_browser: implement dcesrv_BrowserrQueryOtherDomains()
metze
Stefan Metzmacher [Sat, 6 Dec 2008 09:21:11 +0000 (10:21 +0100)]
s4:rpc_server: add dcesrv_browser template
metze
Stefan Metzmacher [Sat, 6 Dec 2008 09:11:30 +0000 (10:11 +0100)]
s4:brwoser.idl: add idl for BrowserrQueryOtherDomains()
metze
Stefan Metzmacher [Fri, 5 Dec 2008 15:53:44 +0000 (16:53 +0100)]
s4:winbind: move setting up the primary_sid into a new function wbsrv_setup_domains()
metze
Dan Sledz [Sat, 6 Dec 2008 01:29:38 +0000 (17:29 -0800)]
Fix logging to syslog
Tomasz Krasuski [Sat, 6 Dec 2008 00:30:39 +0000 (16:30 -0800)]
Fix bug #5928 - Option --version in testparm does not work.
Jeremy Allison [Fri, 5 Dec 2008 22:04:51 +0000 (14:04 -0800)]
Fix lp_socket_address() prototype.
Jeremy.
Yasuma Takeda [Fri, 5 Dec 2008 21:37:51 +0000 (13:37 -0800)]
Fix bug #5944 - nmbd does not boot if socket adress = "" is defined in smb.conf
Volker Lendecke [Fri, 5 Dec 2008 21:20:55 +0000 (13:20 -0800)]
Fix for crash bug freeing a non-malloc'ed buffer if the client sends a non-encrypted packet with the crypto state set.
Günther Deschner [Fri, 5 Dec 2008 15:13:28 +0000 (16:13 +0100)]
s3-samr: fix samr_SetUserInfo level 18 server-side.
Guenther
Günther Deschner [Fri, 5 Dec 2008 15:11:15 +0000 (16:11 +0100)]
s4-smbtorture: do full level 18, 21, 23, 24, 25, 26 testing in pwdlastset test.
Guenther
Günther Deschner [Fri, 5 Dec 2008 15:07:06 +0000 (16:07 +0100)]
s4-smbtorture: add support for level 18 and 21 in test_SetUserPass_level_ex.
Guenther
Günther Deschner [Tue, 2 Dec 2008 22:22:14 +0000 (23:22 +0100)]
s4-smbtorture: more tests for RPC-SAMR-PASSWORDS-PWDLASTSET.
Guenther
Günther Deschner [Fri, 5 Dec 2008 14:43:33 +0000 (15:43 +0100)]
s4-smbtorture: add test for setting passwords via samr_UserInfo21.
Guenther
Günther Deschner [Fri, 5 Dec 2008 14:19:22 +0000 (15:19 +0100)]
s4-smbtorture: add test for setting passwords via samr_UserInfo18.
Guenther
Günther Deschner [Fri, 5 Dec 2008 14:47:48 +0000 (15:47 +0100)]
s4-smbtorture: fix build of samr test (bad git merge).
Guenther
Steve French [Fri, 5 Dec 2008 14:09:08 +0000 (08:09 -0600)]
mount.cifs: if mount user not specified use USER environment variable
smbfs also would use the USER environment variable if the user was not
specified on the mount command and no credential file specified, and
mount.cifs man page says that we will use this environment variable
(in most cases this will not cause a behavior change, because
we were doing getuid of the current process which will usually be
the same name).
Fixes Samba bug #5934
Acked-by: Jeff Layton
Günther Deschner [Fri, 5 Dec 2008 11:59:07 +0000 (12:59 +0100)]
s3-rpcclient: add setuserinfo to set passwords using level 18,21,23,24,25,26.
Guenther
Günther Deschner [Thu, 4 Dec 2008 17:23:45 +0000 (18:23 +0100)]
s3: store user session key in cli_rpc_pipe_open_noauth().
Guenther
Günther Deschner [Thu, 4 Dec 2008 17:21:10 +0000 (18:21 +0100)]
s3-samr: fix samr callers of samr_UserInfo18.
Guenther
Günther Deschner [Thu, 4 Dec 2008 17:18:06 +0000 (18:18 +0100)]
s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change.
Guenther
Günther Deschner [Thu, 4 Dec 2008 17:15:03 +0000 (18:15 +0100)]
s3-samr: fix SAMR_FIELD_PASSWORD callers.
Guenther
Günther Deschner [Tue, 2 Dec 2008 22:27:08 +0000 (23:27 +0100)]
s4-samr: fix s4 samr server after idl change.
Guenther
Günther Deschner [Tue, 2 Dec 2008 22:26:48 +0000 (23:26 +0100)]
s3-samr: fix rpcclient after idl change.
Guenther
Günther Deschner [Fri, 28 Nov 2008 23:36:23 +0000 (00:36 +0100)]
s3-samr: fix init_samr_user_info2{1,3,5} callers.
Guenther
Günther Deschner [Fri, 28 Nov 2008 23:30:21 +0000 (00:30 +0100)]
s3-build: re-run make samba3-idl.
Guenther
Günther Deschner [Fri, 5 Dec 2008 11:40:19 +0000 (12:40 +0100)]
samr: fix samr_UserInfo18, lm/nt pwd mixup.
Guenther
Günther Deschner [Thu, 4 Dec 2008 17:19:29 +0000 (18:19 +0100)]
samr: fix samr_UserInfo18. It also contains password_expired, thanks metze.
Guenther
Günther Deschner [Thu, 4 Dec 2008 17:12:45 +0000 (18:12 +0100)]
samr: make more explicit what SAMR_FIELD_PASSWORD{2} means.
Guenther
Günther Deschner [Thu, 4 Dec 2008 12:09:38 +0000 (13:09 +0100)]
samr: fill in two unknowns in samr_UserInfo21.
Guenther
Günther Deschner [Tue, 2 Dec 2008 22:25:16 +0000 (23:25 +0100)]
samr: fill in two unknowns in samr_DomInfo13.
Guenther
Günther Deschner [Fri, 28 Nov 2008 23:29:47 +0000 (00:29 +0100)]
samr: fix samr_UserInfo21 (order of lm_password_set and nt_password_set).
Guenther
Günther Deschner [Fri, 28 Nov 2008 23:27:28 +0000 (00:27 +0100)]
s3-rpcclient: add get_domain_handle for samr commands.
Guenther
Stefan Metzmacher [Fri, 5 Dec 2008 12:29:58 +0000 (13:29 +0100)]
s4:password_hash: really catch the clearTextPasswordAttr case...
This fixes the creation of the user object for incoming trusts
in dcesrv_lsa_CreateTrustedDomain_base().
And now w2k3 trust samba4 just fine:-)
metze
Sam Liddicott [Fri, 5 Dec 2008 09:05:47 +0000 (09:05 +0000)]
vfs_cifs - Use ntvfs request transport close to close downstream session
When upstream session closes, close the downstream session
Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Sam Liddicott [Fri, 5 Dec 2008 09:04:55 +0000 (09:04 +0000)]
Let ntvfs request transport close via ntvfs_request state
[I can't swear that this covers all the smb2 cases, there are some reply
functions that I can't trace properly]
Add NTVFS_ASYNC_STATE_CLOSE bit to ntvfs_request->async_states->state
so that the ntvfs layer can signify that the client transport should
be closed, most useful for proxy servies, and most likely due to a
forwarding transport having been closed.
Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Thu, 4 Dec 2008 23:35:32 +0000 (15:35 -0800)]
Fix bug #5937 - filenames with "*" char hide other files
Jeremy.
Henning Henkel [Thu, 4 Dec 2008 21:55:12 +0000 (13:55 -0800)]
Fix bug #5929 - vfs_prealloc does not build with option --with-cluster-support and GPFS
Jeremy Allison [Thu, 4 Dec 2008 19:20:57 +0000 (11:20 -0800)]
Fix bug #1254 - write list not working under share-level security
A somewhat more elegant fix than I could use for 3.2.x or 3.0.x.
Turns out the only part of check_user_ok() that needs to change
for share level security is the VUID cache pieces, so I can just
always use check_user_ok() for all lp_security() cases.
Jeremy
Stefan Metzmacher [Thu, 4 Dec 2008 14:40:31 +0000 (15:40 +0100)]
s4:kludge_acl: allow everybody to read the sequence number
metze
Stefan Metzmacher [Thu, 4 Dec 2008 14:09:21 +0000 (15:09 +0100)]
s4:kdc: allow a trusted domain to get kerberos tickets
metze
Michael Adam [Thu, 4 Dec 2008 13:00:44 +0000 (14:00 +0100)]
s3:winbindd: fix horrible mis-indentation of toplvl braces in getgrsid_sid2gid_recv
to make code more readble
Michael
Michael Adam [Wed, 3 Dec 2008 15:38:55 +0000 (16:38 +0100)]
s3:winbindd: don't open a new dc connection in winbindd_getpwnam (main winbindd)
This is just to find the corresponding domain struct.
Actual connection is handled by the domain child.
Michael
Michael Adam [Wed, 3 Dec 2008 14:59:17 +0000 (15:59 +0100)]
s3:winbindd: don't open a new dc connection in winbindd_getgrnam (main winbindd)
This is just to find the corresponding domain struct.
Actual connection is handled by the domain child.
Michael
Stefan Metzmacher [Thu, 4 Dec 2008 11:47:43 +0000 (12:47 +0100)]
s4:selftest: we have netr_GetDcName() and netr_GetAnyDCName() implementations now
metze
Stefan Metzmacher [Thu, 4 Dec 2008 11:46:30 +0000 (12:46 +0100)]
RAW-NETLOGON: check netr_GetAnyDCName() result
metze
Stefan Metzmacher [Thu, 4 Dec 2008 11:03:01 +0000 (12:03 +0100)]
s4:netlogon: for now implement netr_GetAnyDCName() as wrapper of netr_GetDcName()
metze
Stefan Metzmacher [Thu, 4 Dec 2008 10:56:51 +0000 (11:56 +0100)]
s4:netlogon: Implement netr_GetDcName() similar to netr_DsGetDCName()
metze
Stefan Metzmacher [Thu, 4 Dec 2008 11:26:03 +0000 (12:26 +0100)]
s3:net: fix password set of 'net rpc trustdom add'
metze
Tim Prouty [Mon, 1 Dec 2008 22:13:14 +0000 (14:13 -0800)]
s3: Fix FILE_FLAG_POSIX_SEMANTICS handling underneath SMB_VFS_CREATE_FILE
Tim Prouty [Mon, 1 Dec 2008 20:47:31 +0000 (12:47 -0800)]
s3: Change SMB_VFS_CREATE_FILE to take a create_file_flags argument
This replaces the is_dos_path bool with a more future-proof argument.
The next step is to plumb INTERNAL_OPEN_ONLY through this flag instead
of overridding the oplock_request.
Tim Prouty [Sun, 23 Nov 2008 03:40:09 +0000 (19:40 -0800)]
s3: Simplify the create_file_unix_path->open_file_ntcreate path
Also removed open_file_ntcreate/open_file from proto.h so they can no
longer be called directly.
Tim Prouty [Sun, 23 Nov 2008 03:37:24 +0000 (19:37 -0800)]
s3: Modify direct caller of open_file to call SMB_VFS_CREATE_FILE
Tim Prouty [Fri, 21 Nov 2008 02:55:24 +0000 (18:55 -0800)]
s3: Modify direct callers of open_file_ntcreate and open_directory to call SMB_VFS_CREATE_FILE
Tim Prouty [Thu, 20 Nov 2008 02:03:27 +0000 (18:03 -0800)]
s3: Modify direct callers of create_file_unix_path to call SMB_VFS_CREATE_FILE
Tim Prouty [Sun, 23 Nov 2008 22:37:37 +0000 (14:37 -0800)]
s3: Add SMB_VFS_CREATE_FILE to vfs_full_audit module
Tim Prouty [Thu, 20 Nov 2008 01:55:28 +0000 (17:55 -0800)]
s3: Add new "is_dos_path" argument to SMB_VFS_CREATE_FILE
Now unix paths can be differentiated from windows paths so the
underlying create_file implementations can convert paths correctly.
Tim Prouty [Tue, 21 Oct 2008 00:43:45 +0000 (17:43 -0700)]
s3: Add SMB_VFS_CREATE_FILE to the vfs layer
Modify all callers of create_file to go through SMB_VFS_CREATE_FILE
Tim Prouty [Wed, 3 Dec 2008 07:29:57 +0000 (23:29 -0800)]
s3: Change sockaddr util function names for consistency
Also eliminates name conflicts with OneFS system libraries
Stefan Metzmacher [Wed, 3 Dec 2008 16:41:09 +0000 (17:41 +0100)]
s4: add some useful link and the patch for the ntp_signd support
metze
Stefan Metzmacher [Wed, 3 Dec 2008 08:07:00 +0000 (09:07 +0100)]
libwbclient: avoid usage talloc_init() in library code
talloc_init() is a compat function for the old samba3
non-hierachical talloc implementation. It enables
the talloc null tracking which should never be done
by library code.
metze
Steven Danneman [Wed, 3 Dec 2008 04:15:34 +0000 (20:15 -0800)]
Add support for OneFS ACLs
Add to the OneFS VFS module, support for NTFS ACLs through the calls:
SMB_VFS_FGET_NT_ACL()
SMB_VFS_GET_NT_ACL()
SMB_VFS_FSET_NT_ACL()
Also create several new onefs specific smb.conf parameters in onefs.h
Tim Prouty [Fri, 24 Oct 2008 03:49:55 +0000 (20:49 -0700)]
Add OneFS VFS module skeleton.
Also set configure to autodetect OneFS OS and build this VFS module.