diff options
author | Gerald Carter <jerry@samba.org> | 2003-02-28 14:42:49 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2003-02-28 14:42:49 +0000 |
commit | ee4f04334b6cd6bdac85b54fe14176fa5db4b291 (patch) | |
tree | c2790246abc2201cb0e5cd83a8a12b5670f1c445 | |
parent | 2f727ca7d5bb000ecba4137d26debbb03d6cbdfd (diff) | |
download | samba-ee4f04334b6cd6bdac85b54fe14176fa5db4b291.tar.gz |
syncing up for 2.2.8pre2
48 files changed, 1483 insertions, 509 deletions
@@ -92,12 +92,12 @@ If you want to contribute to the development of the software then please join the mailing list. The Samba team accepts patches (preferably in "diff -u" format, see docs/textdocs/BUGS.txt for more details) and are always glad to receive feedback or suggestions to the address -samba@samba.org. We have recently put a new bug tracking +samba@lists.samba.org. We have recently put a new bug tracking system into place which should help the throughput quite a lot. You can also get the Samba sourcecode straight from the CVS tree - see http://samba.org/cvs.html. -You could also send hardware/software/money/jewelry or pizza +You could also send hardware/software/money/jewelry or pre-paid pizza vouchers directly to Andrew. The pizza vouchers would be especially welcome, in fact there is a special field in the survey for people who have paid up their pizza :-) @@ -111,13 +111,6 @@ we get. If noone tells us they like it then we'll probably move onto something else. However, as you can see from the user survey quite a lot of people do seem to like it at the moment :-) -Andrew Tridgell -Email: samba@samba.org - -3 Ballow Crescent -Macgregor, A.C.T. -2615 Australia - Samba Team Email: samba@samba.org @@ -145,19 +138,63 @@ http://lists.samba.org/ MAILING LIST ------------ -There is a mailing list for discussion of Samba. To subscribe send -mail to listproc@samba.org with a body of "subscribe samba Your Name" -Please do NOT send this request to the list alias instead. +Please do NOT send subscription/unsubscription requests to the lists! -To send mail to everyone on the list mail to samba@samba.org +There is a mailing list for discussion of Samba. For details go to +<http://lists.samba.org/> or send mail to <samba-subscribe@lists.samba.org> There is also an announcement mailing list where new versions are -announced. To subscribe send mail to listproc@samba.org with a -body of "subscribe samba-announce Your Name". All announcements also -go to the samba list. +announced. To subscribe go to <http://lists.samba.org/> or send mail +to <samba-announce-subscribe@lists.samba.org>. All announcements also +go to the samba list, so you only need to be on one. For details of other Samba mailing lists and for access to archives, see -http://lists.samba.org/ +<http://lists.samba.org/> + + +MAILING LIST ETIQUETTE +---------------------- + +A few tips when submitting to this or any mailing list. + +1. Make your subject short and descriptive. Avoid the words "help" or + "Samba" in the subject. The readers of this list already know that + a) you need help, and b) you are writing about samba (of course, + you may need to distinguish between Samba PDC and other file + sharing software). Avoid phrases such as "what is" and "how do + i". Some good subject lines might look like "Slow response with + Excel files" or "Migrating from Samba PDC to NT PDC". + +2. If you include the original message in your reply, trim it so that + only the relevant lines, enough to establish context, are + included. Chances are (since this is a mailing list) we've already + read the original message. + +3. Trim irrelevant headers from the original message in your + reply. All we need to see is a) From, b) Date, and c) Subject. We + don't even really need the Subject, if you haven't changed + it. Better yet is to just preface the original message with "On + [date] [someone] wrote:". + +4. Please don't reply to or argue about spam, spam filters or viruses + on any Samba lists. We do have a spam filtering system that is + working quite well thank you very much but occasionally unwanted + messages slip through. Deal with it. + +5. Never say "Me too." It doesn't help anyone solve the + problem. Instead, if you ARE having the same problem, give more + information. Have you seen something that the other writer hasn't + mentioned, which may be helpful? + +6. If you ask about a problem, then come up with the solution on your + own or through another source, by all means post it. Someone else + may have the same problem and is waiting for an answer, but never + hears of it. + +7. Give as much *relevant* information as possible such as Samba + release number, OS, kernel version, etc... + +8. RTFM. Google. groups.google.com. NEWS GROUP diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f00623d0d63..64be6c8e460 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -62,6 +62,48 @@ See the cvs log for SAMBA_2_2 for more details 27) Include support for CUPS printer classes and logging the remote client name +Changes since 2.2.8pre1 +----------------------- +28) smbumount lazy patch from Mandrake +29) Check for too many processes *before* the fork. +30) make sure we don't run over the end of 'name' in unix_convert() +31) set umask to 0 before creating socket directory. +32) Fix the LARGE_SMB_OFF_T problems and allow smbd to do the right thing in + interactive mode when a log file dir is also specified. +33) Fix delete on close semantics to match W2K. +34) Correctly return access denied on share mode deny when we can't open the + file. +35) Always use safe_strcpy not pstrcpy for malloced strings +36) Fixes for HPUX only having limited POSIX lock range from Michael Steffens + <michael.steffens@hp.com> +37) Added code based on Michael Steffens <michael.steffens@hp.com> uid/gid + caching code. Reduces load on winbindd. +38) Removed extra copy of server name in the printername field (it was + mangling the the name to be \\server\\\server\printer +39) Fix dumb perror used without errno beeing set. + thanks to RedHat developers for the report +40) Do retries correctly if the connection to the DC has failed. Based on + work by Michael Steffens. +41) Correctly check for inet_addr fail. Patch from gregor.7@osu.edu. +42) Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined. +43) Fix from Corny.Bondad@hp.com for missing if (setting_acls) on default + perms. +44) Fix inspired by Stefan (metze) Metzmacher - cache the sidtype also. +45) fix printer settings on Solaris print servers. + ASCII -> UNICODE conversion bug. +46) Small fix from Tom Jansen <tom@ninja.nl> to check correct error return. +47) Ensure space_avail is unsigned. Patch from R.Nieuwenhuizen@cpb.nl. +48) patch from Hal Roberts check for a valid [f]chmod_acl function pointer + before calling it. Fixes seg fault in audit VFS module +49) When checking is_locked() new WRITE locks conflict with existing READ locks even + if the context is the same. +50) Merge off-by-one crash fixes found and fixed in HEAD by Andrew Bartlett. +51) Move off-by-one buggy malloc()/safe_strcpy() combination to strdup() instead. +52) Merge from HEAD. Use pstrcpy not safe_strcpy. +53) Fix to allow blocking lock notification to be done rapidly (no wait + for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb + (does not interfere with existing locks). + Changes since 2.2.7 -------------------- diff --git a/examples/VFS/audit.c b/examples/VFS/audit.c index e2feedf83ba..b06d5af9557 100644 --- a/examples/VFS/audit.c +++ b/examples/VFS/audit.c @@ -288,7 +288,12 @@ int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode) int audit_chmod_acl(struct connection_struct *conn, const char *path, mode_t mode) { - int result = default_vfs_ops.chmod_acl(conn, path, mode); + int result; + + if ( !default_vfs_ops.chmod_acl ) + return 0; + + result = default_vfs_ops.chmod_acl(conn, path, mode); syslog(SYSLOG_PRIORITY, "chmod_acl %s mode 0x%x %s%s\n", path, mode, @@ -312,7 +317,12 @@ int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode) int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode) { - int result = default_vfs_ops.fchmod_acl(fsp, fd, mode); + int result; + + if ( !default_vfs_ops.fchmod_acl ) + return 0; + + result = default_vfs_ops.fchmod_acl(fsp, fd, mode); syslog(SYSLOG_PRIORITY, "fchmod_acl %s mode 0x%x %s%s\n", fsp->fsp_name, mode, diff --git a/examples/VFS/recycle/recycle.c b/examples/VFS/recycle/recycle.c index dc4cb1e855a..25cae65822e 100644 --- a/examples/VFS/recycle/recycle.c +++ b/examples/VFS/recycle/recycle.c @@ -433,8 +433,8 @@ static int recycle_unlink(connection_struct *conn, const char *inname) pstring fname,fpath, bin; char *base, *ext; int i=1, len, addlen; - SMB_BIG_UINT dfree,dsize,bsize; - SMB_OFF_T fsize,space_avail; + SMB_BIG_UINT dfree,dsize,bsize,space_avail; + SMB_OFF_T fsize; BOOL exist; int rc; @@ -470,7 +470,7 @@ static int recycle_unlink(connection_struct *conn, const char *inname) space_avail = default_vfs_ops.disk_free(conn,".",True,&bsize,&dfree,&dsize)*1024L; DEBUG(10,("space_avail = %Lu, fsize = %Lu\n",space_avail,fsize)); - if(space_avail < fsize) { + if(space_avail < (SMB_BIG_UINT)fsize) { DEBUG(3, ("Not enough diskspace, purging file %s\n",fname)); return default_vfs_ops.unlink(conn,fname); } diff --git a/packaging/Mandrake/samba-2.2.7a-smbldaptools-paths.patch b/packaging/Mandrake/samba-2.2.7a-smbldaptools-paths.patch new file mode 100644 index 00000000000..b915121d12f --- /dev/null +++ b/packaging/Mandrake/samba-2.2.7a-smbldaptools-paths.patch @@ -0,0 +1,139 @@ +diff -ur samba-2.2.7a.orig/examples/LDAP/ldapchpasswd samba-2.2.7a/examples/LDAP/ldapchpasswd +--- samba-2.2.7a.orig/examples/LDAP/ldapchpasswd 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/LDAP/ldapchpasswd 2003-02-10 15:38:24.000000000 -0500 +@@ -103,7 +103,7 @@ + $password = crypt($pass, $modsalt); + + # LanManager and NT clear text passwords +-$ntpwd = `/usr/local/sbin/mkntpwd '$pass'`; ++$ntpwd = `/usr/sbin/mkntpwd '$pass'`; + chomp($lmpassword = substr($ntpwd, 0, index($ntpwd, ':'))); + chomp($ntpassword = substr($ntpwd, index($ntpwd, ':')+1)); + +diff -ur samba-2.2.7a.orig/examples/LDAP/smbldap-tools/INSTALL samba-2.2.7a/examples/LDAP/smbldap-tools/INSTALL +--- samba-2.2.7a.orig/examples/LDAP/smbldap-tools/INSTALL 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/LDAP/smbldap-tools/INSTALL 2003-02-10 15:56:06.000000000 -0500 +@@ -4,12 +4,12 @@ + + Quick & Dirty: + =-=-=-=-=-=-=- +- . Copy all those scripts in /usr/local/sbin/ ++ . Copy all those scripts in /usr/share/samba/scripts + . Modify smbldap_conf.pm to match your configuration + . If not already done : "smbpasswd -w secret" to set up + the ldap admin password in secrets.tdb +- . Either add /usr/local/sbin in $PERLLIB or run the scripts +- from this directory, or make a symlink from /usr/local/sbin/*.pm ++ . Either add /usr/share/samba/scripts in $PERLLIB or run the scripts ++ from this directory, or make a symlink from /etc/samba/*.pm + to /usr/lib/perl5/. + . to allow a domain admin to add user using "add user script" in smb.conf : + chmod 753 smbldap_conf.pm +@@ -21,7 +21,7 @@ + RedHat RPM: + =-=-=-=-=-= + Install smbldap-tools-0.7-1.i386.rpm +-Modify /usr/local/sbin/smbldap_conf.pm to match you configuration ++Modify /etc/samba/smbldap_conf.pm to match you configuration + If not already done : "smbpasswd -w secret" to set up + the ldap admin password in secrets.tdb + +diff -ur samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap_conf.pm samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap_conf.pm +--- samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap_conf.pm 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap_conf.pm 2003-02-10 15:39:42.000000000 -0500 +@@ -230,7 +230,7 @@ + # prefer mkntpwd... most of the time, it's a wise choice :-) + $with_smbpasswd = 0; + $smbpasswd = "/usr/bin/smbpasswd"; +-$mk_ntpasswd = "/usr/local/sbin/mkntpwd"; ++$mk_ntpasswd = "/usr/sbin/mkntpwd"; + + $ldap_path = "/usr/bin"; + $ldap_opts = "-x"; +diff -ur samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-migrate-accounts.pl samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-migrate-accounts.pl +--- samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-migrate-accounts.pl 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-migrate-accounts.pl 2003-02-10 15:50:15.000000000 -0500 +@@ -134,7 +134,7 @@ + if (!$user_exists) { + if (!defined($Options{'C'})) { + # uid doesn't exist and we want to create it +- my $addcmd = "/usr/local/sbin/smbldap-useradd.pl $usertype $login > /dev/null"; ++ my $addcmd = "/usr/share/samba/scripts/smbldap-useradd.pl $usertype $login > /dev/null"; + print STDERR "$addcmd\n"; + my $r = system "$addcmd"; + if ($r != 0) { +diff -ur samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-migrate-groups.pl samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-migrate-groups.pl +--- samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-migrate-groups.pl 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-migrate-groups.pl 2003-02-10 15:52:51.000000000 -0500 +@@ -135,7 +135,7 @@ + if (!defined($dn_line = get_group_dn($group))) { + # group not found, create it ? + if (!$nocreate) { +- system "/usr/local/sbin/smbldap-groupadd.pl \"$group\"; sleep 5"; ++ system "/usr/share/samba/scripts/smbldap-groupadd.pl \"$group\"; sleep 5"; + if (!defined($dn_line = get_group_dn($group))) { + return 1; + } +diff -ur samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-tools.spec samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-tools.spec +--- samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-tools.spec 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-tools.spec 2003-02-10 15:47:58.000000000 -0500 +@@ -1,6 +1,6 @@ + # $Source: /data/src/mirror/cvs/samba/packaging/Mandrake/Attic/samba-2.2.7a-smbldaptools-paths.patch,v $ + %define version 0.7 +-%define release 1 ++%define release 2 + %define name smbldap-tools + %define realname smbldap-tools + +@@ -37,7 +37,7 @@ + Source20: smbldap-migrate-groups.pl + Source21: INFRA + BuildRoot: /%{_tmppath}/%{name} +-Prefix: /usr/local ++Prefix: /usr + BuildRequires: perl >= 5.6 + Requires: perl >= 5.6, openldap, openldap-clients, samba + +@@ -94,7 +94,7 @@ + %post + ln -sf %{prefix}/sbin/smbldap_tools.pm /usr/lib/perl5/site_perl/smbldap_tools.pm + ln -sf %{prefix}/sbin/smbldap_conf.pm /usr/lib/perl5/site_perl/smbldap_conf.pm +-chgrp 512 %{prefix}/sbin/smbldap-useradd.pl %{prefix}/sbin/smbldap_conf.pm || echo "An error occured while changing groups of smbldap-useradd.pl and smbldap_conf.pm in /usr/local/sbin. For proper operations, please ensure that they have the same posix group as the Samba domain administrator if there's a local Samba PDC." ++chgrp 512 %{prefix}/sbin/smbldap-useradd.pl %{prefix}/sbin/smbldap_conf.pm || echo "An error occured while changing groups of smbldap-useradd.pl and smbldap_conf.pm in /etc/samba. For proper operations, please ensure that they have the same posix group as the Samba domain administrator if there's a local Samba PDC." + perl -i -pe 's/_SLAVELDAP_/localhost/' %{prefix}/sbin/smbldap_conf.pm + perl -i -pe 's/_MASTERLDAP_/localhost/' %{prefix}/sbin/smbldap_conf.pm + perl -i -pe 's/_SUFFIX_/dc=IDEALX,dc=org/' %{prefix}/sbin/smbldap_conf.pm +@@ -129,6 +129,10 @@ + + + %changelog ++* Mon Feb 10 2003 Jim Collings <jcllings@tsunamicomm.net> 0.7-2 ++- Changed prefix to /usr instead of ++- /usr/local for Mandrake compatibility. ++ + * Sat Jun 1 2002 Olivier Lemaire <olem@IDEALX.com> 0.7-1 + - some bugfixes about smbldap-populate + - bugfixed the smbpasswd call in smbldap-useradd +diff -ur samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-useradd.pl samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-useradd.pl +--- samba-2.2.7a.orig/examples/LDAP/smbldap-tools/smbldap-useradd.pl 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-useradd.pl 2003-02-10 15:53:50.000000000 -0500 +@@ -346,7 +346,7 @@ + } + + if (defined($Options{'P'})) { +- exec "/usr/local/sbin/smbldap-passwd.pl $userName" ++ exec "/usr/share/samba/scripts/smbldap-passwd.pl $userName" + } + + exit 0; +diff -ur samba-2.2.7a.orig/examples/VFS/block/smb.conf samba-2.2.7a/examples/VFS/block/smb.conf +--- samba-2.2.7a.orig/examples/VFS/block/smb.conf 2003-02-10 15:17:53.000000000 -0500 ++++ samba-2.2.7a/examples/VFS/block/smb.conf 2003-02-11 13:53:53.000000000 -0500 +@@ -1,6 +1,6 @@ + [homes] + comment = Home Directories +- vfs object = /usr/local/samba/lib/block.so ++ vfs object = /usr/lib/samba/vfs/block.so + browseable = yes + writable = yes + diff --git a/packaging/Mandrake/samba-print-pdf.sh b/packaging/Mandrake/samba-print-pdf.sh index 3d88f9fb885..4f500569bc5 100644 --- a/packaging/Mandrake/samba-print-pdf.sh +++ b/packaging/Mandrake/samba-print-pdf.sh @@ -10,9 +10,10 @@ # Arguments: # $1 = file (usually passed with %s from samba) # $2 = unix prefix to where to place the file (~%u should work) -# $3 = windows prefix to the same location (\\%L\%u should work) +# $3 = windows prefix to the same location (//%L/%u should work) # $4 = user/computer to send a notification to (%u or %m) # $5 = IP address of client (%I) +# $6 = Name of destination file without extension (%J) PS2PDF=ps2pdf13 @@ -22,6 +23,9 @@ KEEP_PS=1 PERMS=640 INFILE=$(basename $INPUT) BASEFILE=pdf-service +PREFIX="$2" +NAME="$6" +WINBASE=$(echo "$3"|sed -e 's,/,\\\\,g') #make a temp file to use for the output of the PDF OUTPUT=`mktemp -q $2/$BASEFILE-XXXXXX` @@ -29,30 +33,34 @@ if [ $? -ne 0 ]; then echo "$0: Can't create temp file $2/$BASEFILE-XXXXXX, exiting..." exit 1 fi +if [ "$NAME" != "" ]; then + FINALOUTPUT="$PREFIX/$NAME" +else + FINALOUTPUT="$OUTPUT" +fi -WIN_OUTPUT="$3\\`basename $OUTPUT`" +WIN_OUTPUT="$WINBASE\\"`basename "$FINALOUTPUT"` # create the PDF: -$PS2PDF $OPTIONS $INPUT $OUTPUT.pdf >/dev/null 2>&1 +$PS2PDF $OPTIONS $INPUT "$OUTPUT".pdf >/dev/null 2>&1 +mv -f "$OUTPUT".pdf "$FINALOUTPUT".pdf # Generate a message to send to the user, and deal with the original file: MESSAGE=$(echo "Your PDF file has been created as $WIN_OUTPUT.pdf\n") if [ $KEEP_PS ];then - mv $INPUT $OUTPUT.ps + mv -f $INPUT "${FINALOUTPUT}".ps MESSAGE=$(echo "$MESSAGE and your postscript file as $WIN_OUTPUT.ps") # Fix permissions on the generated files - chmod $PERMS $OUTPUT.ps + chmod $PERMS "${FINALOUTPUT}".ps else rm -f $INPUT - chmod $PERMS $OUTPUT.ps $OUTPUT.pdf + chmod $PERMS "${FINALOUTPUT}".ps "${FINALOUTPUT}".pdf # Fix permissions on the generated files fi -chmod $PERMS $OUTPUT.ps $OUTPUT.pdf - #Remove empty file from mktemp: -rm -f $OUTPUT +[ "x$NAME" -eq "x" ] && rm -f $OUTPUT # Send notification to user echo -e $MESSAGE|smbclient -M $4 -I $5 -U "PDF Generator" >/dev/null 2>&1 diff --git a/packaging/Mandrake/samba2.spec.tmpl b/packaging/Mandrake/samba2.spec.tmpl index f7d8131b98d..7b492239b72 100644 --- a/packaging/Mandrake/samba2.spec.tmpl +++ b/packaging/Mandrake/samba2.spec.tmpl @@ -1,6 +1,6 @@ -%define ver 2.2.5 -%define rel 21mdk -%define vscanver 0.2.5c +%define ver 2.2.7a +%define rel 4mdk +%define vscanver 0.3.1 # 2.2.4 and 1 replace by samba-team at release %define pversion PVERSION @@ -33,6 +33,7 @@ # We now do detection of the Mandrake release we are building on: #%define build_cooker %(if [ `awk '{print $3}' /etc/mandrake-release` = "Cooker" ];then echo 1; else echo 0; fi) #%define build_cooker %(if [[ `cat /etc/mandrake-release|grep Cooker` ]];then echo 1; else echo 0; fi) +%define build_mdk91 %(if [ `awk '{print $4}' /etc/mandrake-release` = 9.1 ];then echo 1; else echo 0; fi) %define build_mdk90 %(if [ `awk '{print $4}' /etc/mandrake-release` = 9.0 ];then echo 1; else echo 0; fi) %define build_mdk83 %(if [ `awk '{print $4}' /etc/mandrake-release` = 8.3 ];then echo 1; else echo 0; fi) %define build_mdk82 %(if [ `awk '{print $4}' /etc/mandrake-release` = 8.2 ];then echo 1; else echo 0; fi) @@ -41,12 +42,18 @@ %define build_mdk72 %(if [ `awk '{print $4}' /etc/mandrake-release` = 7.2 ];then echo 1; else echo 0; fi) %define build_non_default 0 -%define build_acl 1 -%define build_winbind 1 -%define build_wins 1 -%define build_ldap 0 +# Default options +%define build_acl 1 +%define build_winbind 1 +%define build_wins 1 +%define build_ldap 0 +%define build_scanners 0 # Set defaults for each version +%if %build_mdk91 +%define build_ldap 0 +%endif + %if %build_mdk90 %define build_ldap 0 %endif @@ -98,6 +105,8 @@ %{?_with_ldap: %{expand: %%define build_non_default 1}} %{?_without_ldap: %{expand: %%global build_ldap 0}} %{?_without_ldap: %{expand: %%define build_non_default 1}} +%{?_with_scanners: %{expand: %%define build_scanners 1}} +%{?_with_scanners: %{expand: %%define build_non_default 1}} # As if that weren't enough, we're going to try building with antivirus # support as an option also @@ -108,17 +117,26 @@ %define build_sophos 0 %define build_symantec 0 %define build_trend 0 +%if %build_vscan && %build_scanners +#These can be enabled here by default +# (kaspersky requires their library present) +%define build_fprot 1 +%define build_mks 1 +%define build_openantivirus 1 +%define build_sophos 1 +%define build_trend 1 +%endif %if %build_vscan %{?_with_fprot: %{expand: %%global build_fprot 1}} %{?_with_kaspersky: %{expand: %%global build_kaspersky 1}} %{?_with_mks: %{expand: %%global build_mks 1}} %{?_with_openav: %{expand: %%global build_openantivirus 1}} %{?_with_sophos: %{expand: %%global build_sophos 1}} -%{?_with_symantec: %{expand: %%global build_symantec 1}} +#%{?_with_symantec: %{expand: %%global build_symantec 1}} %{?_with_trend: %{expand: %%global build_trend 1}} -%define vscandir "samba-vscan-%{vscanver}" +%global vscandir samba-vscan-%{vscanver} %endif -%define vfsdir "examples.bin/VFS" +%global vfsdir examples.bin/VFS #Workaround missing macros in 8.x: %{!?perl_vendorlib: %{expand: %%global perl_vendorlib %{perl_sitearch}/../}} @@ -147,6 +165,7 @@ Release: 1.0.%{pre_pre}.%{prelease}mdk Release: %{rel} %endif License: GPL +URL: http://www.samba.org Group: System/Servers Source: ftp://samba.org/pub/samba/samba-%{source_ver}.tar.bz2 Source1: samba.log @@ -161,35 +180,27 @@ Source8: samba-vscan-%{vscanver}.tar.bz2 %endif Source10: samba-print-pdf.sh.bz2 Patch1: smbw.patch.bz2 -Patch5: samba-2.2.0-gawk.patch.bz2 -#Patch11: samba-2.0.7-smbspool-guest.patch.bz2 -Patch12: samba-2.2.0-buildroot.patch.bz2 -#Patch16: samba-mkdir.patch.bz2 -Patch17: smbmount-sbin.patch.bz2 -Patch18: samba-2.2.5-gp-reloc-fix.patch.bz2 +Patch2: samba-2.2.0-gawk.patch.bz2 +Patch3: samba-2.2.0-buildroot.patch.bz2 +Patch4: smbmount-sbin.patch.bz2 +Patch5: samba-2.2.5-gp-reloc-fix.patch.bz2 +Patch6: samba-2.2.7a-smbldaptools-paths.patch.bz2 %if !%have_pversion # Version specific patches: current version -Patch26: samba-2.2.5-smb.conf.patch.bz2 -Patch28: samba-2.2.5-ldap_start_tls.patch.bz2 -Patch29: samba-2.2.5-parse_sec.patch.bz2 -Patch30: samba-2.2.5-nt-dirlisting.patch.bz2 -Patch31: samba-2.2.5-random_smbd-read.patch.bz2 -Patch32: samba-2.2.5-winbind-init.patch.bz2 -Patch33: samba-2.2.5-pam-password.patch.bz2 -Patch34: samba-2.2.5-win2k_copy_bug.patch.bz2 -Patch35: samba-2.2.5-samba-ldap-include-conf.patch.bz2 -Patch36: samba-2.2.6-smb.conf.patch.bz2 -Patch37: samba-2.2.6-smbumount_lazy.patch.bz2 +Patch101: samba-2.2.7a-smbtar-large-file-fix.patch.bz2 +Patch102: samba-2.2.7a-smbclient-large-file-fix.patch.bz2 +Patch103: samba-2.2.7a-ldap-rebind.patch.bz2 +Patch104: samba-2.2.7a-mandrake-packaging.patch.bz2 +Patch105: samba-2.2.6-smbumount_lazy.patch.bz2 %else # Version specific patches: upcoming version %endif # Limbo patches (applied to prereleases, but not preleases, ie destined for # samba CVS) %if %have_pversion && %have_pre -Patch36: samba-2.2.6-smb.conf.patch.bz2 %endif Requires: pam >= 0.64, samba-common = %{version} -BuildRequires: pam-devel autoconf readline-devel +BuildRequires: pam-devel autoconf readline-devel libldap2-devel popt-devel %if %build_acl BuildRequires: libacl-devel %endif @@ -198,9 +209,9 @@ BuildRequires: cups-devel %else BuildRequires: libcups-devel %endif -%if %build_ldap -BuildRequires: libldap-devel -%endif +#%if %build_ldap +#BuildRequires: libldap-devel +#%endif BuildRoot: %{_tmppath}/%{name}-root Prefix: /usr Prereq: /sbin/chkconfig /bin/mktemp /usr/bin/killall @@ -411,6 +422,7 @@ IP addresses. Summary: On-access virus scanning for samba using FPROT Group: System/Servers Requires: samba = %{version} +Provides: samba-vscan Autoreq: 0 %description vscan-fprot A vfs-module for samba to implement on-access scanning using the @@ -422,6 +434,7 @@ FPROT antivirus software (which must be installed to use this). Summary: On-access virus scanning for samba using Kaspersky Group: System/Servers Requires: samba = %{version} +Provides: samba-vscan Autoreq: 0 %description vscan-kaspersky A vfs-module for samba to implement on-access scanning using the @@ -433,6 +446,7 @@ Kaspersky antivirus software (which must be installed to use this). Summary: On-access virus scanning for samba using MKS Group: System/Servers Requires: samba = %{version} +Provides: samba-vscan Autoreq: 0 %description vscan-mks A vfs-module for samba to implement on-access scanning using the @@ -444,6 +458,7 @@ MKS antivirus software (which must be installed to use this). Summary: On-access virus scanning for samba using OpenAntivirus Group: System/Servers Requires: samba = %{version} +Provides: samba-vscan Autoreq: 0 %description vscan-openantivirus A vfs-module for samba to implement on-access scanning using the @@ -455,6 +470,7 @@ OpenAntivirus antivirus software (which must be installed to use this). Summary: On-access virus scanning for samba using Sophos Group: System/Servers Requires: samba = %{version} +Provides: samba-vscan Autoreq: 0 %description vscan-sophos A vfs-module for samba to implement on-access scanning using the @@ -466,6 +482,7 @@ Sophos antivirus software (which must be installed to use this). Summary: On-access virus scanning for samba using Symantec Group: System/Servers Requires: samba = %{version} +Provides: samba-vscan Autoreq: 0 %description vscan-symantec A vfs-module for samba to implement on-access scanning using the @@ -477,6 +494,7 @@ Symantec antivirus software (which must be installed to use this). Summary: On-access virus scanning for samba using Trend Group: System/Servers Requires: samba = %{version} +Provides: samba-vscan Autoreq: 0 %description vscan-trend A vfs-module for samba to implement on-access scanning using the @@ -523,28 +541,26 @@ echo -e "\n%{name}-%{version}-%{release}\n">>%{SOURCE7} %else %setup -q -n %{name}-%{source_ver} %endif -#%patch111 -p1 +# Current patches +echo "Applying patches for version: %{ver}" %patch1 -p1 -b .smbw -%patch5 -p1 -b .gawk -#%patch7 -p1 -#%patch11 -p0 -b .smbspool -%patch12 -p1 -b .buildroot -%patch17 -p1 -%patch18 -p1 -b .gp-reloc-fix +%patch2 -p1 -b .gawk +%patch3 -p1 -b .buildroot +%patch4 -p1 +%patch5 -p1 -b .gp-reloc-fix +%patch6 -p1 # Version specific patches: current version %if !%have_pversion echo "Applying patches for current version: %{ver}" -%patch26 -p1 -b .mdk -%patch28 -p1 -%patch29 -p1 -%patch30 -p1 -%patch31 -p1 -%patch32 -p1 -%patch33 -p1 -%patch34 -p1 -%patch35 -p1 -%patch36 -p1 -%patch37 -p1 +(cd source/client +%patch101 -p0 -b .lfs +) +( cd source +%patch102 -p0 -b .lfs +) +%patch103 -p1 -b .ldap +%patch104 -p1 -b .mdk +%patch105 -p1 %else # Version specific patches: upcoming version echo "Applying patches for new versions: %{pversion}" @@ -553,7 +569,6 @@ echo "Applying patches for new versions: %{pversion}" # Limbo patches %if %have_pversion && %have_pre echo "Appling patches which should only be applied to prereleases" -%patch36 -p1 %endif cp %{SOURCE7} . @@ -563,9 +578,12 @@ cp -a examples examples.bin %if %build_vscan # put antivirus files in examples.bin/VFS/ -for av in fprot kaspersky mks openantivirus sophos symantec trend; do - cp -a %{vscandir}/$av %{vfsdir} -done +#for av in fprot kaspersky mks openantivirus sophos trend; do +# [ -e %{vscandir}/$av ] && cp -a %{vscandir}/$av %{vfsdir} +#done +cp -a %{vscandir} %{vfsdir} +#fix stupid directory names: +mv %{vfsdir}/%{vscandir}/openantivirus %{vfsdir}/%{vscandir}/oav %endif %build @@ -575,31 +593,34 @@ autoconf CPPFLAGS="-I/usr/include/openssl"; export CPPFLAGS CFLAGS="$RPM_OPT_FLAGS" %configure --prefix=%{prefix} \ - --with-fhs \ - --libdir=/etc/samba \ - --sysconfdir=/etc/samba \ - --localstatedir=/var \ - --with-configdir=/etc/samba \ - --with-codepagedir=/var/lib/samba/codepages \ - --with-privatedir=/etc/samba \ - --with-swatdir=%{prefix}/share/swat \ - --with-smbmount \ - --with-syslog \ - --with-automount \ - --with-pam \ - --with-pam_smbpass \ - --with-vfs \ - --with-utmp \ - --with-msdfs \ - --with-smbwrapper \ - --with-libsmbclient \ + --with-fhs \ + --libdir=/etc/samba \ + --sysconfdir=/etc/samba \ + --localstatedir=/var \ + --with-configdir=/etc/samba \ + --with-codepagedir=/var/lib/samba/codepages \ + --with-privatedir=/etc/samba \ + --with-swatdir=%{prefix}/share/swat \ + --with-smbmount \ + --with-syslog \ + --with-automount \ + --with-pam \ + --with-sendfile-support \ + --with-pam_smbpass \ + --with-vfs \ + --with-utmp \ + --with-msdfs \ + --with-smbwrapper \ + --with-libsmbclient \ %if %build_acl - --with-acl-support \ + --with-acl-support \ %endif %if %build_ldap - --with-ldapsam \ + --with-ldapsam \ + --with-winbind-ldap-hack \ %endif - --with-quotas + --with-winbind-auth-challenge \ + --with-quotas #make CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE" all make CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE" \ @@ -609,8 +630,6 @@ cd ../%vfsdir %configure --prefix=%{prefix} \ --mandir=%{prefix}/share/man make -#make CFLAGS="$RPM_OPT_FLAGS -I../../source -I../../source/include -I../../source/ubiqx \ -# -I../../source/smbwrapper -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE" ) # Build mkntpasswd in examples/LDAP/ for smbldaptools @@ -621,31 +640,33 @@ make # Build antivirus vfs objects: %if %build_fprot +echo -e "\n\nBuild antivirus VFS modules\n\n" echo "Building fprot" +(cd %{vfsdir}/%{vscandir}/fprot;make) %endif %if %build_kaspersky echo "Building Kaspersky" -(cd %{vfsdir}/kaspersky;make) +(cd %{vfsdir}/%{vscandir}/kaspersky;make) %endif %if %build_mks echo "Building mks" -(cd %{vfsdir}/mks;make) +(cd %{vfsdir}/%{vscandir}/mks;make) %endif %if %build_openantivirus echo "Building OpenAntivirus" -(cd %{vfsdir}/openantivirus;make) +(cd %{vfsdir}/%{vscandir}/oav;make) %endif %if %build_sophos echo "building sophos" -(cd %{vfsdir}/sophos;make) +(cd %{vfsdir}/%{vscandir}/sophos;make) %endif %if %build_symantec echo "Building symantec" -(cd %{vfsdir}/symantec;make) +(cd %{vfsdir}/%{vscandir}/symantec;make) %endif %if %build_trend echo "Building Trend" -(cd %{vfsdir}/trend;make) +(cd %{vfsdir}/%{vscandir}/trend;make) %endif %install @@ -694,10 +715,12 @@ done # Antivirus support: # mkdir -p $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan - for av in fprotd kavp mksd oav sophos symantec trend; do - if [ -d %{vfsdir}/$av -a -e %{vfsdir}/$av/vscan-$av.so ];then - cp %{vfsdir}/$av/vscan-$av.so \ + for av in fprot kavp mks oav sophos symantec trend; do + if [ -d %{vfsdir}/%{vscandir}/$av -a -e %{vfsdir}/%{vscandir}/$av/vscan-$av*.so ];then + cp %{vfsdir}/%{vscandir}/$av/vscan-$av*.so \ $RPM_BUILD_ROOT%{_libdir}/samba/vfs/ + cp %{vfsdir}/%{vscandir}/$av/vscan-$av*.conf \ + $RPM_BUILD_ROOT%{_sysconfdir}/%{name} fi done @@ -729,7 +752,7 @@ do install -m644 source/codepages/codepage_def.$i $RPM_BUILD_ROOT/var/lib/samba/codepages/src done -for i in 437 737 775 850 852 857 861 862 866 932 936 949 950 1125 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 ISO8859-9 ISO8859-13 ISO8859-15 KOI8-R KOI8-U +for i in 437 737 775 850 852 857 861 862 866 932 936 949 950 1125 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 ISO8859-8 ISO8859-9 ISO8859-13 ISO8859-15 KOI8-R KOI8-U do install -m644 source/codepages/CP$i.TXT $RPM_BUILD_ROOT/var/lib/samba/codepages/src done @@ -740,7 +763,7 @@ for i in 437 737 775 850 852 857 861 862 866 932 936 949 950 1125 1251; do done # Build unicode load files -for i in 437 737 775 850 852 857 861 862 866 932 936 949 950 1125 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 ISO8859-9 ISO8859-13 ISO8859-15 KOI8-R KOI8-U; do +for i in 437 737 775 850 852 857 861 862 866 932 936 949 950 1125 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 ISO8859-8 ISO8859-9 ISO8859-13 ISO8859-15 KOI8-R KOI8-U; do $RPM_BUILD_ROOT/%{prefix}/bin/make_unicodemap $i $RPM_BUILD_ROOT/var/lib/samba/codepages/src/CP$i.TXT $RPM_BUILD_ROOT/var/lib/samba/codepages/unicode_map.$i done rm -rf $RPM_BUILD_ROOT/var/lib/samba/codepages/src @@ -785,7 +808,6 @@ done install -m644 packaging/Mandrake/smb.conf $RPM_BUILD_ROOT/etc/samba/smb.conf install -m644 packaging/Mandrake/smbusers $RPM_BUILD_ROOT/etc/samba/smbusers install -m755 packaging/Mandrake/smbprint $RPM_BUILD_ROOT/usr/bin - #install -m755 packaging/RedHat/smbadduser $RPM_BUILD_ROOT/usr/bin install -m755 packaging/Mandrake/findsmb $RPM_BUILD_ROOT/usr/bin install -m755 packaging/Mandrake/smb.init $RPM_BUILD_ROOT/etc/rc.d/init.d/smb install -m755 packaging/Mandrake/smb.init $RPM_BUILD_ROOT/usr/sbin/samba @@ -800,6 +822,7 @@ done # Install smbldap-tools scripts: for i in examples/LDAP/smbldap-tools/*.pl; do install -m 750 $i $RPM_BUILD_ROOT/%{_datadir}/samba/scripts/ + ln -s %{_datadir}/%{name}/scripts/`basename $i` $RPM_BUILD_ROOT/%{_bindir}/`basename $i|sed -e 's/\.pl//g'` done install -m 750 examples/LDAP/smbldap-tools/smbldap_tools.pm $RPM_BUILD_ROOT/%{_datadir}/samba/scripts/ @@ -860,6 +883,71 @@ bzcat %{SOURCE5} > $RPM_BUILD_ROOT%{_iconsdir}/swat.xpm bzcat %{SOURCE6} > $RPM_BUILD_ROOT%{_miconsdir}/swat.xpm bzcat %{SOURCE10}> $RPM_BUILD_ROOT%{_datadir}/samba/scripts/print-pdf + +# Delete files which will not be included, so that /usr/lib/rpm/check-files +# doesn't error out when Checking for unpackaged file(s) +%if ! %build_ldap +%endif + +%if ! %build_acl +%endif + +%if ! %build_winbind +rm -f $RPM_BUILD_ROOT%{_sbindir}/winbind +rm -f $RPM_BUILD_ROOT%{_sbindir}/winbindd +rm -f $RPM_BUILD_ROOT%{_bindir}/wbinfo +rm -f $RPM_BUILD_ROOT/lib/security/pam_winbind* +rm -f $RPM_BUILD_ROOT/lib/libnss_winbind* +rm -f $RPM_BUILD_ROOT/etc/rc.d/init.d/winbind +rm -f $RPM_BUILD_ROOT/etc/pam.d/system-auth-winbind +rm -f $RPM_BUILD_ROOT%{_mandir}/man8/winbindd.8* +rm -f $RPM_BUILD_ROOT%{_mandir}/man1/wbinfo.1* +%endif + +%if ! %build_wins +rm -f $RPM_BUILD_ROOT/lib/libnss_wins.so* +%endif + +%ifarch alpha +rm -f $RPM_BUILD_ROOT/sbin/mount.smb +rm -f $RPM_BUILD_ROOT/sbin/mount.smbfs +rm -f $RPM_BUILD_ROOT%{_bindir}/smbmount +rm -f $RPM_BUILD_ROOT%{_bindir}/smbumount +rm -f $RPM_BUILD_ROOT%{_sbindir}/smbmnt +rm -f $RPM_BUILD_ROOT%{_mandir}/man8/smbmnt.8* +rm -f $RPM_BUILD_ROOT%{_mandir}/man8/smbmount.8* +rm -f $RPM_BUILD_ROOT%{_mandir}/man8/smbumount.8* +%endif + +#Files for antivirus support: +%if ! %build_fprot +rm -f $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan-fprotd.so +%endif + +%if ! %build_kaspersky +rm -f $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan-kavp.so +%endif + +%if ! %build_mks +rm -f $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan-mksd.so +%endif + +%if ! %build_openantivirus +rm -f $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan-oav.so +%endif + +%if ! %build_sophos +rm -f $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan-sophos.so +%endif + +%if ! %build_symantec +rm -f $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan-symantec.so +%endif + +%if ! %build_trend +rm -f $RPM_BUILD_ROOT%{_libdir}/samba/vfs/vscan-trend.so +%endif + %clean rm -rf $RPM_BUILD_ROOT @@ -1013,15 +1101,6 @@ fi if [ $1 = 0 ] ; then %_preun_service smb -# /sbin/chkconfig --level 35 smb reset -# Let's not loose /var/cache/samba - -# for i in browse.dat wins.dat brlock.tdb unexpected.tdb connections.tdb \ -#locking.tdb messages.tdb;do -# if [ -e /var/cache/samba/$i ]; then -# mv -f /var/cache/samba/$i /var/cache/samba/$i.BAK -# fi; -# done if [ -d /var/log/samba ]; then rm -rf /var/log/samba/* fi @@ -1050,6 +1129,11 @@ fi %else %post -n samba-swat %endif +# Change only_from entry in /etc/xinetd.d/swat (localhost bug) +[[ `/bin/grep "localhost" /etc/xinetd.d/swat` ]] && { +echo "-- Setting swat xinetd only_from entry to 127.0.0.1" +perl -pi -e 's/localhost/127.0.0.1/' /etc/xinetd.d/swat +} if [ -f /var/lock/subsys/xinetd ]; then service xinetd reload >/dev/null 2>&1 || : fi @@ -1100,7 +1184,6 @@ fi %{_bindir}/smbstatus %{_bindir}/convert_smbpasswd %attr(755,root,root) /lib/security/pam_smbpass* -#/usr/share/swat %attr(-,root,root) %config(noreplace) /etc/samba/smbusers %attr(-,root,root) %config /etc/rc.d/init.d/smb %attr(-,root,root) %config(noreplace) /etc/logrotate.d/samba @@ -1113,10 +1196,9 @@ fi %{_mandir}/man8/nmbd.8* %{_mandir}/man1/smbcontrol.1* #%{_mandir}/man1/lmhosts.1* -%{_mandir}/man5/smb.conf.5* %attr(755,root,root) %dir /var/lib/samba/netlogon %attr(775,root,users) %dir /var/lib/samba/profiles -%attr(755,root,root) %dir /var/lib/samba/printers/* +%attr(775,root,adm) %dir /var/lib/samba/printers/* %attr(755,root,root) %dir %{_libdir}/samba/vfs %attr(755,root,root) %{_libdir}/samba/vfs/audit.so %attr(755,root,root) %{_libdir}/samba/vfs/block.so @@ -1126,15 +1208,16 @@ fi %attr(1777,root,root) %dir /var/spool/samba %dir %{_datadir}/%{name}/scripts %attr(0755,root,root) %{_datadir}/%{name}/scripts/print-pdf -%attr(0750,root,root) %{_datadir}/%{name}/scripts/smbldap*.pl -%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/%{name}/smbldap_conf.pm +%attr(0750,root,adm) %{_datadir}/%{name}/scripts/smbldap*.pl +%attr(0750,root,adm) %{_bindir}/smbldap* +%attr(0640,root,adm) %config(noreplace) %{_sysconfdir}/%{name}/smbldap_conf.pm %attr(0644,root,root) %{_datadir}/%{name}/scripts/smbldap_tools.pm %{perl_vendorlib}/*.pm %attr(0700,root,root) %{_datadir}/%{name}/scripts/*port_smbpasswd.pl %files doc -%defattr(-,root,root) +%defattr(644,root,root,755) %doc README COPYING Manifest Read-Manifest-Now %doc WHATSNEW.txt Roadmap %doc README.%{name}-mandrake-rpm @@ -1180,11 +1263,12 @@ fi %{_bindir}/smbtar %{_bindir}/smbspool # Link of smbspool to CUPS -/%{_libdir}/cups/backend/smb -/%{_mandir}/man1/nmblookup.1* -/%{_mandir}/man1/findsmb.1* -/%{_mandir}/man1/smbclient.1* -/%{_mandir}/man1/smbtar.1* +%{_libdir}/cups/backend/smb +%{_mandir}/man1/nmblookup.1* +%{_mandir}/man1/findsmb.1* +%{_mandir}/man1/smbclient.1* +%{_mandir}/man1/smbtar.1* +%{_mandir}/man8/smbspool.8* %if %build_ldap %files common-ldap @@ -1204,6 +1288,8 @@ fi %{_bindir}/smbsh %{_bindir}/smbpasswd %{_bindir}/smbcacls +%{_sbindir}/debug2html +%{_sbindir}/smbfilter %{_libdir}/smbwrapper.so %{_libdir}/libsmbclient.so %attr(-,root,root) %config(noreplace) /etc/samba/smb.conf @@ -1218,7 +1304,9 @@ fi %{_mandir}/man5/smb.conf.5* %{_mandir}/man5/lmhosts.5* %{_mandir}/man8/smbpasswd.8* -/%{_mandir}/man1/smbcacls.1* +%{_mandir}/man1/smbcacls.1* +%{_mandir}/man1/rpcclient.1* +%{_mandir}/man8/pdbedit.8* #%if %build_winbind #%if %build_ldap @@ -1232,6 +1320,7 @@ fi %if %build_winbind %defattr(-,root,root) %{_sbindir}/winbindd +%{_sbindir}/winbind %{_bindir}/wbinfo %attr(755,root,root) /lib/security/pam_winbind* %attr(755,root,root) /lib/libnss_winbind* @@ -1252,52 +1341,155 @@ fi %files vscan-fprot %defattr(-,root,root) %{_libdir}/samba/vfs/vscan-fprotd.so -%doc examples.bin/VFS/fprot/INSTALL +%config(noreplace) %{_sysconfdir}/%{name}/vscan-fprotd.conf +%doc %{vfsdir}/%{vscandir}/INSTALL %endif %if %build_kaspersky %files vscan-kaspersky %defattr(-,root,root) %{_libdir}/samba/vfs/vscan-kavp.so -%doc examples.bin/VFS/kaspersky/INSTALL +%config(noreplace) %{_sysconfdir}/%{name}/vscan-kavp.conf +%doc %{vfsdir}/%{vscandir}/examples.bin/VFS/kaspersky/INSTALL %endif %if %build_mks %files vscan-mks %defattr(-,root,root) %{_libdir}/samba/vfs/vscan-mksd.so -%doc examples.bin/VFS/mks/INSTALL +%config(noreplace) %{_sysconfdir}/%{name}/vscan-mks*.conf +%doc %{vfsdir}/%{vscandir}/INSTALL %endif %if %build_openantivirus %files vscan-openantivirus %defattr(-,root,root) %{_libdir}/samba/vfs/vscan-oav.so -%doc examples.bin/VFS/openantivirus/INSTALL +%config(noreplace) %{_sysconfdir}/%{name}/vscan-oav.conf +%doc %{vfsdir}/%{vscandir}/INSTALL %endif %if %build_sophos %files vscan-sophos %defattr(-,root,root) %{_libdir}/samba/vfs/vscan-sophos.so -%doc examples.bin/VFS/sophos/INSTALL +%config(noreplace) %{_sysconfdir}/%{name}/vscan-sophos.conf +%doc %{vfsdir}/%{vscandir}/INSTALL %endif %if %build_symantec %files vscan-symantec %defattr(-,root,root) %{_libdir}/samba/vfs/vscan-symantec.so -%doc examples.bin/VFS/symantec/INSTALL +%config(noreplace) %{_sysconfdir}/%{name}/vscan-symantec.conf +%doc %{vfsdir}/%{vscandir}/INSTALL %endif %if %build_trend %files vscan-trend %defattr(-,root,root) %{_libdir}/samba/vfs/vscan-trend.so -%doc examples.bin/VFS/trend/INSTALL +%config(noreplace) %{_sysconfdir}/%{name}/vscan-trend.conf +%doc %{vfsdir}/%{vscandir}/INSTALL %endif %changelog +* Fri Feb 14 2003 Buchan Milne <bgmilne@linux-mandrake.com> 2.2.7a-4mdk +- Fix build openantivirus with default scanners +- buildrequire popt-devel +- From Jim Collings <jcllings@tsunamicomm.net> + - Patched smbldap-tools and created links to same in /usr/bin + +* Thu Jan 23 2003 Buchan Milne <bgmilne@linux-mandrake.com> 2.2.7a-3mdk +- Two patches to fix large file support (smbtar:p101 and smbclient:p102) +- Patch to enable ldap referral (103) +- Build all vscan except kav (requires kaspersky lib) with --with-scanners +- Allow adm group to install printer drivers and use smbldaptools by default +- Remove smb.conf man page conflict + +* Thu Jan 02 2003 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.7a-2mdk +- Rebuilt because of new rpm macros and new glibc. +- Happy new year 2003 to all samba developers, contributors and users! + +* Wed Dec 11 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.7a-1mdk +- Upgraded to 2.2.7a. + +* Sun Dec 08 2002 Buchan Milne <bgmilne@linux-mandrake.com> 2.2.7-5mdk +- samba-vscan 0.3.1 (and make it build again) +- Make all vscan packages provide samba-vscan +- All scanner packages (besides kaspersky) can be built without the + scanner installed, but we don't quite to this yet ... +- Add vscan-(scanner).conf files +- Add winbind-auth-challenge to configure, for squid support +- Use winbind-ldap-hack only when building with ldapsam support + since no-one has been able to test this thoroughly, and my only + tests indicated performance problems with it (and I need this RPM to + work for squid) + +* Tue Nov 26 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.7-4mdk +- Fix perms on doc. +- Cleaned up specfile a bit. +- Added support for upcoming Mandrake Linux 9.1 in auto build process. + +* Tue Nov 26 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.7-3mdk +- Put (noreplace) back in %files swat. +- Changed only_from entry in sample swat to "127.0.0.1". +- Change only_from entry in /etc/xinetd.d/swat to "127.0.0.1" on %post swat. + +* Fri Nov 22 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.7-2mdk +- Removed noreplace of /etc/xinetd.d/swat on update. +- Updated samba-vscan (0.3.0). + +* Wed Nov 20 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.7-1mdk +- Update to 2.2.7. +- Removed patch 38. + +* Sat Nov 16 2002 Alexander Skwar <ASkwar@DigitalProjects.com> 2.2.6-6mdk +- Remove installed files which will not be included due to build options, + so that /usr/lib/rpm/check-files doesn't error out when + Checking for unpackaged file(s) +- Add debug2html, smbfilter to common package +- Add /usr/sbin/winbind to winbind package +- Add rpcclient manpage to common package +- Add smbspool, pdbedit manpage to client package + +* Wed Nov 06 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.6-5mdk +- add winbind ldap hack again, with proper build-require (libldap2-devel) +- enable --with-sendfile-support (default in 3.0. Increases performance). + +* Wed Oct 30 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.6-4mdk +- Patch to fix fd leak with kernel change notify. (38) (--Jeremy Allison) + +* Fri Oct 25 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.6-3mdk +- Add URL to http://www.samba.org +- Add --with-winbind-ldap-hack to remove the need to enable + pre-windows2000-compatible access for winbind. + +* Tue Oct 22 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.6-2mdk +- Really switch back to std versioning. +- samba-vscan v-0.2.5e + +* Fri Oct 18 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.6-1.3mdk +- Clean-up patches. +- Switch back to normal versioning. +- added ISO8859-8 (Hebrew). + +* Fri Oct 18 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.6-1.2mdk +- Birthday release ;o) +- Added smbumount patch back (37). + +* Thu Oct 17 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.6-1.1mdk +- New version: 2.2.6 + +* Wed Oct 16 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.5-23mdk +- Upgrade to 2.2.6rc4 +- 2.2.6-1.0.rc4.1mdk +- remove patch 36. + +* Mon Oct 14 2002 Sylvestre Taburet <staburet@mandrakesoft.com> 2.2.5-22mdk +- Upgrade to 2.2.6rc3 +- 2.2.6-1.0.rc3.1mdk + * Thu Oct 10 2002 Buchan Milne <bgmilne@linux-mandrake.com> 2.2.5-21mdk - Put docs back (aka rpm sucks, builds cleanly when doc fails) - 2.2.6-1.0.rc2.3mdk diff --git a/packaging/Mandrake/smb.conf b/packaging/Mandrake/smb.conf index c450490bb0c..fe23ee36c3b 100644 --- a/packaging/Mandrake/smb.conf +++ b/packaging/Mandrake/smb.conf @@ -77,6 +77,8 @@ # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest +# Allow users to map to guest: + map to guest = bad user # Security mode. Most people will want user level security. See # security_level.txt for details. @@ -227,7 +229,7 @@ # Domain groups: # domain admin group is a list of unix users or groups who are made members # of the Domain Admin group -; domain admin group = root @wheel +; domain admin group = root @adm # # domain guest groups is a list of unix users or groups who are made members # of the Domain Guests group @@ -313,6 +315,8 @@ # examples/VFS/recycle/REAME in samba-doc for details ; vfs object = /usr/lib/samba/vfs/recycle.so ; vfs options= /etc/samba/recycle.conf +# You may want to prevent abuse of your server disk space, and spread of virii +; veto files = /*.eml/*.nws/*.dll/*.mp3/*.MP3/*.mpg/*.MPG/*.vbs/*.VBS/ # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] @@ -338,7 +342,7 @@ # You may want to turn off guest acces if you enable this, as it # hasn't been thoroughly tested. ; root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e $PROFILE ]; \ -; then mkdir -pm700 $PROFILE; chown %u $PROFILE;fi +; then mkdir -pm700 $PROFILE; chown %u.%g $PROFILE;fi # NOTE: If you have a CUPS print system there is no need to @@ -388,8 +392,8 @@ guest ok = No printable = Yes comment = PDF Generator (only valid users) - #print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP & - print command = /usr/share/samba/scripts/print-pdf %s ~%u \\\\\\\\%L\\\\%u %m %I & + #print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP doc_name & + print command = /usr/share/samba/scripts/print-pdf %s ~%u //%L/%u %m %I "%J" & # This one is useful for people to share files ;[tmp] diff --git a/source/Doxyfile b/source/Doxyfile index c25a45ddc3d..c1040781d84 100644 --- a/source/Doxyfile +++ b/source/Doxyfile @@ -5,7 +5,15 @@ #--------------------------------------------------------------------------- PROJECT_NAME = Samba PROJECT_NUMBER = HEAD + +# NOTE: By default, Doxygen writes into the dox/ subdirectory of the +# invocation directory. If you want to put it somewhere else, for +# example, to write straight into a webserver directory, then override +# this variable in a configuration concatenated to this one: Doxygen +# doesn't mind variables being redefined. + OUTPUT_DIRECTORY = dox + OUTPUT_LANGUAGE = English EXTRACT_ALL = YES EXTRACT_PRIVATE = YES @@ -15,8 +23,8 @@ HIDE_UNDOC_CLASSES = NO BRIEF_MEMBER_DESC = YES REPEAT_BRIEF = YES ALWAYS_DETAILED_SEC = NO -FULL_PATH_NAMES = NO -STRIP_FROM_PATH = *source +FULL_PATH_NAMES = YES +STRIP_FROM_PATH = $(PWD)/ INTERNAL_DOCS = YES CLASS_DIAGRAMS = YES SOURCE_BROWSER = YES @@ -41,10 +49,11 @@ ENABLED_SECTIONS = MAX_INITIALIZER_LINES = 30 OPTIMIZE_OUTPUT_FOR_C = YES SHOW_USED_FILES = YES +REFERENCED_BY_RELATION = YES #--------------------------------------------------------------------------- # configuration options related to warning and progress messages #--------------------------------------------------------------------------- -QUIET = NO +QUIET = YES WARNINGS = NO WARN_IF_UNDOCUMENTED = NO WARN_FORMAT = "$file:$line: $text" @@ -52,7 +61,7 @@ WARN_LOGFILE = #--------------------------------------------------------------------------- # configuration options related to the input files #--------------------------------------------------------------------------- -INPUT = . +INPUT = . FILE_PATTERNS = *.c \ *.h \ *.idl @@ -75,11 +84,11 @@ IGNORE_PREFIX = # configuration options related to the HTML output #--------------------------------------------------------------------------- GENERATE_HTML = YES -HTML_OUTPUT = html +HTML_OUTPUT = . HTML_HEADER = HTML_FOOTER = HTML_STYLESHEET = -HTML_ALIGN_MEMBERS = NO +HTML_ALIGN_MEMBERS = YES GENERATE_HTMLHELP = NO GENERATE_CHI = NO BINARY_TOC = NO @@ -121,9 +130,9 @@ MAN_LINKS = NO #--------------------------------------------------------------------------- GENERATE_XML = NO #--------------------------------------------------------------------------- -# Configuration options related to the preprocessor +# configuration options related to the preprocessor #--------------------------------------------------------------------------- -ENABLE_PREPROCESSING = YES +ENABLE_PREPROCESSING = NO MACRO_EXPANSION = NO EXPAND_ONLY_PREDEF = NO SEARCH_INCLUDES = YES @@ -133,16 +142,16 @@ PREDEFINED = EXPAND_AS_DEFINED = SKIP_FUNCTION_MACROS = YES #--------------------------------------------------------------------------- -# Configuration::addtions related to external references +# configuration::additions related to external references #--------------------------------------------------------------------------- TAGFILES = GENERATE_TAGFILE = ALLEXTERNALS = NO PERL_PATH = /usr/bin/perl #--------------------------------------------------------------------------- -# Configuration options related to the dot tool +# configuration options related to the dot tool #--------------------------------------------------------------------------- -HAVE_DOT = YES +HAVE_DOT = NO CLASS_GRAPH = YES COLLABORATION_GRAPH = YES TEMPLATE_RELATIONS = YES @@ -156,7 +165,7 @@ MAX_DOT_GRAPH_HEIGHT = 1024 GENERATE_LEGEND = YES DOT_CLEANUP = YES #--------------------------------------------------------------------------- -# Configuration::addtions related to the search engine +# configuration::additions related to the search engine #--------------------------------------------------------------------------- SEARCHENGINE = NO CGI_NAME = search.cgi diff --git a/source/acconfig.h b/source/acconfig.h index 5ec7ad2c5d0..94973f033c0 100644 --- a/source/acconfig.h +++ b/source/acconfig.h @@ -222,3 +222,4 @@ #undef HAVE_SENDFILEV #undef HAVE_SENDFILEV64 #undef SOLARIS_SENDFILE_API +#undef LDAP_SET_REBIND_PROC_ARGS diff --git a/source/client/client.c b/source/client/client.c index 529ecabad97..be9d8987c13 100644 --- a/source/client/client.c +++ b/source/client/client.c @@ -71,8 +71,6 @@ extern BOOL tar_reset; /* clitar bits end */ -mode_t myumask = 0755; - BOOL prompt = True; int printmode = 1; @@ -2561,8 +2559,6 @@ static int do_message_op(void) pstrcpy(workgroup,lp_workgroup()); load_interfaces(); - myumask = umask(0); - umask(myumask); if (getenv("USER")) { pstrcpy(username,getenv("USER")); diff --git a/source/client/smbspool.c b/source/client/smbspool.c index 88d7421813f..38543e53abd 100644 --- a/source/client/smbspool.c +++ b/source/client/smbspool.c @@ -210,12 +210,12 @@ static int smb_print(struct cli_state *, char *, FILE *); { if (getenv("CLASS") == NULL) { - perror("ERROR: Unable to connect to SAMBA host, will retry in 60 seconds..."); + fprintf(stderr, "ERROR: Unable to connect to SAMBA host, will retry in 60 seconds..."); sleep (60); } else { - perror("ERROR: Unable to connect to SAMBA host, trying next printer..."); + fprintf(stderr, "ERROR: Unable to connect to SAMBA host, trying next printer..."); return (1); } } diff --git a/source/configure b/source/configure index 64c5463622d..dfadf4f84e9 100755 --- a/source/configure +++ b/source/configure @@ -1453,7 +1453,7 @@ EOF # case `uname -r` in *9*|*10*) - CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4" + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4 -DMAX_POSITIVE_LOCK_OFFSET=0x1ffffffffffLL" cat >> confdefs.h <<\EOF #define USE_BOTH_CRYPT_CALLS 1 EOF @@ -1476,7 +1476,7 @@ EOF ;; *11*) - CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_LARGEFILE64_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4" + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_LARGEFILE64_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4 -DMAX_POSITIVE_LOCK_OFFSET=0x1ffffffffffLL" cat >> confdefs.h <<\EOF #define _HPUX_SOURCE 1 EOF diff --git a/source/configure.in b/source/configure.in index dd134b522b1..d8c8f2418c7 100644 --- a/source/configure.in +++ b/source/configure.in @@ -241,7 +241,7 @@ case "$host_os" in # case `uname -r` in *9*|*10*) - CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4" + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4 -DMAX_POSITIVE_LOCK_OFFSET=0x1ffffffffffLL" AC_DEFINE(USE_BOTH_CRYPT_CALLS) AC_DEFINE(_HPUX_SOURCE) AC_DEFINE(_POSIX_SOURCE) @@ -249,7 +249,7 @@ case "$host_os" in AC_DEFINE(_MAX_ALIGNMENT,4) ;; *11*) - CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_LARGEFILE64_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4" + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_POSIX_SOURCE -D_LARGEFILE64_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4 -DMAX_POSITIVE_LOCK_OFFSET=0x1ffffffffffLL" AC_DEFINE(_HPUX_SOURCE) AC_DEFINE(_POSIX_SOURCE) AC_DEFINE(_LARGEFILE64_SOURCE) diff --git a/source/include/config.h.in b/source/include/config.h.in index 4bf432a0fc3..f7a57c1ad39 100644 --- a/source/include/config.h.in +++ b/source/include/config.h.in @@ -231,7 +231,6 @@ #undef MMAP_BLACKLIST #undef HAVE_CUPS #undef WITH_LDAP_SAM -#undef LDAP_SET_REBIND_PROC_ARGS #undef WITH_NISPLUS_SAM #undef WITH_SMBPASSWD_SAM #undef WITH_TDB_SAM @@ -289,6 +288,7 @@ #undef HAVE_SENDFILEV #undef HAVE_SENDFILEV64 #undef SOLARIS_SENDFILE_API +#undef LDAP_SET_REBIND_PROC_ARGS /* The number of bytes in a int. */ #undef SIZEOF_INT @@ -1150,3 +1150,10 @@ /* Define if you have the socket library (-lsocket). */ #undef HAVE_LIBSOCKET + +/* Whether to enable POSIX support */ +#undef _POSIX_C_SOURCE + +/* Whether to enable System V compatibility */ +#undef _SYSV + diff --git a/source/include/includes.h b/source/include/includes.h index a451d155e95..88dd6cd867a 100644 --- a/source/include/includes.h +++ b/source/include/includes.h @@ -456,7 +456,7 @@ typedef int socklen_t; #define int32 short #else /* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */ -#define uint32 int +#define int32 int #endif #endif diff --git a/source/include/local.h b/source/include/local.h index d9663e5f231..a593722b304 100644 --- a/source/include/local.h +++ b/source/include/local.h @@ -194,4 +194,6 @@ /* Max number of open RPC pipes. */ #define MAX_OPEN_PIPES 2048 +/* Max number of simultaneous winbindd socket connections. */ +#define WINBINDD_MAX_SIMULTANEOUS_CLIENTS 200 #endif diff --git a/source/include/messages.h b/source/include/messages.h index f49055b3bd8..c38ca761af6 100644 --- a/source/include/messages.h +++ b/source/include/messages.h @@ -44,5 +44,5 @@ #define MSG_SMB_FORCE_TDIS 3002 #define MSG_SMB_SAM_SYNC 3003 #define MSG_SMB_SAM_REPL 3004 - +#define MSG_SMB_UNLOCK 3005 #endif diff --git a/source/include/proto.h b/source/include/proto.h index f1b47c1f9e2..4d38c8c49e2 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -1272,8 +1272,8 @@ BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain); BOOL lookup_known_rid(DOM_SID *sid, uint32 rid, char *name, enum SID_NAME_USE *psid_name_use); BOOL map_domain_name_to_sid(DOM_SID *sid, char *nt_domain); void split_domain_name(const char *fullname, char *domain, char *name); -char *sid_to_string(fstring sidstr_out, DOM_SID *sid); -const char *sid_string_static(DOM_SID *sid); +char *sid_to_string(fstring sidstr_out, const DOM_SID *sid); +const char *sid_string_static(const DOM_SID *sid); BOOL string_to_sid(DOM_SID *sidout, const char *sidstr); BOOL sid_append_rid(DOM_SID *sid, uint32 rid); BOOL sid_split_rid(DOM_SID *sid, uint32 *rid); @@ -1318,8 +1318,8 @@ char *client_addr(void); char *get_socket_name(int fd); char *get_socket_addr(int fd); int create_pipe_sock(const char *socket_dir, - const char *socket_name, - mode_t dir_perms); + const char *socket_name, + mode_t dir_perms); int sock_exec(const char *prog); /* The following definitions come from lib/util_str.c */ @@ -1470,7 +1470,8 @@ NTSTATUS brl_lock(SMB_DEV_T dev, SMB_INO_T ino, int fnum, enum brl_type lock_type); BOOL brl_unlock(SMB_DEV_T dev, SMB_INO_T ino, int fnum, uint16 smbpid, pid_t pid, uint16 tid, - br_off start, br_off size); + br_off start, br_off size, + BOOL remove_pending_locks_only); BOOL brl_locktest(SMB_DEV_T dev, SMB_INO_T ino, int fnum, uint16 smbpid, pid_t pid, uint16 tid, br_off start, br_off size, @@ -4318,10 +4319,11 @@ NTSTATUS _wks_query_info(pipes_struct *p, WKS_Q_QUERY_INFO *q_u, WKS_R_QUERY_INF /* The following definitions come from smbd/blocking.c */ -BOOL push_blocking_lock_request( char *inbuf, int length, int lock_timeout, int lock_num); +BOOL push_blocking_lock_request( char *inbuf, int length, int lock_timeout, + int lock_num, uint16 lock_pid, SMB_BIG_UINT offset, SMB_BIG_UINT count); void remove_pending_lock_requests_by_fid(files_struct *fsp); void remove_pending_lock_requests_by_mid(int mid); -BOOL blocking_locks_timeout(unsigned default_timeout); +unsigned blocking_locks_timeout(unsigned default_timeout); void process_blocking_lock_queue(time_t t); /* The following definitions come from smbd/chgpasswd.c */ @@ -4731,6 +4733,7 @@ void init_sec_ctx(void); int smbd_server_fd(void); void smbd_set_server_fd(int fd); +BOOL allowable_number_of_smbd_processes(void); BOOL reload_services(BOOL test); int32 increment_smbd_process_count(void); void exit_server(char *reason); @@ -4770,6 +4773,7 @@ SMB_BIG_UINT get_allocation_size(files_struct *fsp, SMB_STRUCT_STAT *sbuf); time_t interpret_long_unix_date(char *p); NTSTATUS set_bad_path_error(int err, BOOL bad_path); NTSTATUS set_delete_on_close_internal(files_struct *fsp, BOOL delete_on_close); +NTSTATUS set_delete_on_close_over_all(files_struct *fsp, BOOL delete_on_close); int reply_findclose(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize); int reply_findnclose(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize); int reply_transs2(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize); diff --git a/source/include/smb.h b/source/include/smb.h index 7a239823da1..613e2d06ad0 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -723,7 +723,7 @@ typedef enum } parm_class; /* passed to br lock code */ -enum brl_type {READ_LOCK, WRITE_LOCK}; +enum brl_type {READ_LOCK, WRITE_LOCK, PENDING_LOCK}; struct enum_list { int value; diff --git a/source/include/version.h b/source/include/version.h index 7f57416ccd3..8bdb1a56ce3 100644 --- a/source/include/version.h +++ b/source/include/version.h @@ -1 +1 @@ -#define VERSION "2.2.8pre1" +#define VERSION "2.2.8pre2" diff --git a/source/lib/hash.c b/source/lib/hash.c index 68c334a8ca8..0f12ba73b1f 100644 --- a/source/lib/hash.c +++ b/source/lib/hash.c @@ -172,6 +172,7 @@ hash_element *hash_insert(hash_table *table, char *value, char *key) hash_element *hash_elem; ubi_dlNodePtr lru_item; ubi_dlList *bucket; + size_t string_length; /* * If the hash table size has not reached the MAX_HASH_TABLE_SIZE, @@ -205,12 +206,13 @@ hash_element *hash_insert(hash_table *table, char *value, char *key) * string. */ - if(!(hash_elem = (hash_element *) malloc(sizeof(hash_element) + strlen(key)))) { + string_length = strlen(key); + if(!(hash_elem = (hash_element *) malloc(sizeof(hash_element) + string_length))) { DEBUG(0,("hash_insert: malloc fail !\n")); return (hash_element *)NULL; } - safe_strcpy((char *) hash_elem->key, key, strlen(key)+1); + safe_strcpy((char *) hash_elem->key, key, string_length); hash_elem->value = (char *)value; hash_elem->bucket = bucket; diff --git a/source/lib/util_getent.c b/source/lib/util_getent.c index 81b36effcb4..05b6f0c2358 100644 --- a/source/lib/util_getent.c +++ b/source/lib/util_getent.c @@ -246,18 +246,16 @@ static struct sys_userlist *add_members_to_userlist(struct sys_userlist *list_he for (i = 0; i < num_users; i++) { struct sys_userlist *entry = (struct sys_userlist *)malloc(sizeof(*entry)); - size_t len = strlen(grp->gr_mem[i])+1; if (entry == NULL) { free_userlist(list_head); return NULL; } - entry->unix_name = (char *)malloc(len); + entry->unix_name = strdup(grp->gr_mem[i]); if (entry->unix_name == NULL) { SAFE_FREE(entry); free_userlist(list_head); return NULL; } - safe_strcpy(entry->unix_name, grp->gr_mem[i],len); DLIST_ADD(list_head, entry); } return list_head; @@ -286,6 +284,11 @@ struct sys_userlist *get_users_in_group(const char *gname) return add_members_to_userlist(list_head, gptr); } +#if !defined(BROKEN_GETGRNAM) + if ((gptr = (struct group *)getgrnam(gname)) == NULL) + return NULL; + return add_members_to_userlist(list_head, gptr); +#else setgrent(); while((gptr = getgrent()) != NULL) { if (strequal(gname, gptr->gr_name)) { @@ -296,6 +299,7 @@ struct sys_userlist *get_users_in_group(const char *gname) } endgrent(); return list_head; +#endif } /**************************************************************** diff --git a/source/lib/util_sid.c b/source/lib/util_sid.c index fd1a64d7711..af739a20d49 100644 --- a/source/lib/util_sid.c +++ b/source/lib/util_sid.c @@ -345,7 +345,7 @@ void split_domain_name(const char *fullname, char *domain, char *name) Convert a SID to an ascii string. *****************************************************************/ -char *sid_to_string(fstring sidstr_out, DOM_SID *sid) +char *sid_to_string(fstring sidstr_out, const DOM_SID *sid) { char subauth[16]; int i; @@ -368,7 +368,7 @@ char *sid_to_string(fstring sidstr_out, DOM_SID *sid) /* useful function for debug lines */ -const char *sid_string_static(DOM_SID *sid) +const char *sid_string_static(const DOM_SID *sid) { static fstring sid_str; sid_to_string(sid_str, sid); diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c index 8f5efcab786..7339e46626e 100644 --- a/source/lib/util_sock.c +++ b/source/lib/util_sock.c @@ -1021,102 +1021,97 @@ char *get_socket_addr(int fd) /******************************************************************* Create protected unix domain socket. - some unixen cannot set permissions on a ux-dom-sock, so we + Some unixes cannot set permissions on a ux-dom-sock, so we have to make sure that the directory contains the protection - permissions, instead. + permissions instead. ******************************************************************/ + int create_pipe_sock(const char *socket_dir, - const char *socket_name, - mode_t dir_perms) + const char *socket_name, + mode_t dir_perms) { - struct sockaddr_un sunaddr; - struct stat st; - int sock; - mode_t old_umask; - pstring path; - - /* Create the socket directory or reuse the existing one */ - - if (lstat(socket_dir, &st) == -1) { - - if (errno == ENOENT) { - - /* Create directory */ - - if (mkdir(socket_dir, dir_perms) == -1) { - DEBUG(0, ("error creating socket directory " - "%s: %s\n", socket_dir, - strerror(errno))); - return -1; - } - - } else { - - DEBUG(0, ("lstat failed on socket directory %s: %s\n", - socket_dir, strerror(errno))); - return -1; - } - - } else { - - /* Check ownership and permission on existing directory */ - - if (!S_ISDIR(st.st_mode)) { - DEBUG(0, ("socket directory %s isn't a directory\n", - socket_dir)); - return -1; - } - - if ((st.st_uid != sec_initial_uid()) || - ((st.st_mode & 0777) != dir_perms)) { - DEBUG(0, ("invalid permissions on socket directory " - "%s\n", socket_dir)); - return -1; - } - } +#ifdef HAVE_UNIXSOCKET + struct sockaddr_un sunaddr; + struct stat st; + int sock; + mode_t old_umask; + pstring path; - /* Create the socket file */ + old_umask = umask(0); - old_umask = umask(0); + /* Create the socket directory or reuse the existing one */ - sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (lstat(socket_dir, &st) == -1) { + if (errno == ENOENT) { + /* Create directory */ + if (mkdir(socket_dir, dir_perms) == -1) { + DEBUG(0, ("error creating socket directory " + "%s: %s\n", socket_dir, + strerror(errno))); + goto out_umask; + } + } else { + DEBUG(0, ("lstat failed on socket directory %s: %s\n", + socket_dir, strerror(errno))); + goto out_umask; + } + } else { + /* Check ownership and permission on existing directory */ + if (!S_ISDIR(st.st_mode)) { + DEBUG(0, ("socket directory %s isn't a directory\n", + socket_dir)); + goto out_umask; + } + if ((st.st_uid != sec_initial_uid()) || + ((st.st_mode & 0777) != dir_perms)) { + DEBUG(0, ("invalid permissions on socket directory " + "%s\n", socket_dir)); + goto out_umask; + } + } - if (sock == -1) { - perror("socket"); - umask(old_umask); - return -1; - } + /* Create the socket file */ - snprintf(path, sizeof(path), "%s/%s", socket_dir, socket_name); + sock = socket(AF_UNIX, SOCK_STREAM, 0); - unlink(path); - memset(&sunaddr, 0, sizeof(sunaddr)); - sunaddr.sun_family = AF_UNIX; - safe_strcpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path)-1); + if (sock == -1) { + perror("socket"); + goto out_umask; + } - if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) { - DEBUG(0, ("bind failed on pipe socket %s: %s\n", - path, - strerror(errno))); - close(sock); - umask(old_umask); - return -1; - } + snprintf(path, sizeof(path), "%s/%s", socket_dir, socket_name); - if (listen(sock, 5) == -1) { - DEBUG(0, ("listen failed on pipe socket %s: %s\n", - path, - strerror(errno))); - close(sock); - umask(old_umask); - return -1; - } + unlink(path); + memset(&sunaddr, 0, sizeof(sunaddr)); + sunaddr.sun_family = AF_UNIX; + safe_strcpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path)-1); - umask(old_umask); + if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) { + DEBUG(0, ("bind failed on pipe socket %s: %s\n", path, + strerror(errno))); + goto out_close; + } - /* Success! */ + if (listen(sock, 5) == -1) { + DEBUG(0, ("listen failed on pipe socket %s: %s\n", path, + strerror(errno))); + goto out_close; + } - return sock; + umask(old_umask); + return sock; + +out_close: + close(sock); + +out_umask: + umask(old_umask); + return -1; + +#else + DEBUG(0, ("create_pipe_sock: No Unix sockets on this system\n")); + return -1; +#endif /* HAVE_UNIXSOCKET */ } /******************************************************************* diff --git a/source/libsmb/clireadwrite.c b/source/libsmb/clireadwrite.c index 9e3e2bf2c2a..0cb1a81a8b8 100644 --- a/source/libsmb/clireadwrite.c +++ b/source/libsmb/clireadwrite.c @@ -51,7 +51,7 @@ static BOOL cli_issue_read(struct cli_state *cli, int fnum, off_t offset, SSVAL(cli->outbuf,smb_vwv6,size); SSVAL(cli->outbuf,smb_mid,cli->mid + i); -#ifdef SMB_LARGE_OFF_T +#ifdef LARGE_SMB_OFF_T /* * We only want to do the following if we understand large offsets * otherwise the compiler is likely to get upset with us @@ -59,7 +59,7 @@ static BOOL cli_issue_read(struct cli_state *cli, int fnum, off_t offset, if (bigoffset) SIVAL(cli->outbuf,smb_vwv10,(offset>>32) & 0xffffffff); -#endif /* SMB_LARGE_OFF_T */ +#endif /* LARGE_SMB_OFF_T */ return cli_send_smb(cli); } @@ -279,14 +279,14 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset, uint1 SSVAL(cli->outbuf,smb_vwv11, smb_buf(cli->outbuf) - smb_base(cli->outbuf)); -#ifdef SMB_LARGE_OFF_T +#ifdef LARGE_SMB_OFF_T /* * We only want to do the following if we understand large offsets * otherwise the compiler is likely to get upset with us */ if (bigoffset) SIVAL(cli->outbuf,smb_vwv12,(offset>>32) & 0xffffffff); -#endif /* SMB_LARGE_OFF_T */ +#endif /* LARGE_SMB_OFF_T */ p = smb_base(cli->outbuf) + SVAL(cli->outbuf,smb_vwv11); memcpy(p, buf, size); diff --git a/source/libsmb/libsmbclient.c b/source/libsmb/libsmbclient.c index f052f83e1ff..67f392b9873 100644 --- a/source/libsmb/libsmbclient.c +++ b/source/libsmb/libsmbclient.c @@ -1446,7 +1446,7 @@ static int add_dirent(struct smbc_file *dir, const char *name, const char *comme dir->dir_end->next = malloc(sizeof(struct smbc_dir_list)); - if (!dir->dir_end) { + if (!dir->dir_end->next) { SAFE_FREE(dirent); dir->dir_error = ENOMEM; diff --git a/source/libsmb/namequery.c b/source/libsmb/namequery.c index e4bbd047ab7..e880e385a04 100644 --- a/source/libsmb/namequery.c +++ b/source/libsmb/namequery.c @@ -855,8 +855,11 @@ static BOOL internal_resolve_name(const char *name, int name_type, } if(is_address) { /* if it's in the form of an IP address then get the lib to interpret it */ - (*return_iplist)->s_addr = inet_addr(name); - } else { + if (((*return_iplist)->s_addr = inet_addr(name)) == 0xFFFFFFFF ){ + DEBUG(1,("internal_resolve_name: inet_addr failed on %s\n", name)); + return False; + } + } else { (*return_iplist)->s_addr = allones ? 0xFFFFFFFF : 0; *return_count = 1; } diff --git a/source/locking/brlock.c b/source/locking/brlock.c index 8c22f7d7ab2..4cd885f1a65 100644 --- a/source/locking/brlock.c +++ b/source/locking/brlock.c @@ -98,6 +98,9 @@ static BOOL brl_same_context(struct lock_context *ctx1, static BOOL brl_conflict(struct lock_struct *lck1, struct lock_struct *lck2) { + if (lck1->lock_type == PENDING_LOCK || lck2->lock_type == PENDING_LOCK ) + return False; + if (lck1->lock_type == READ_LOCK && lck2->lock_type == READ_LOCK) { return False; } @@ -119,6 +122,9 @@ static BOOL brl_conflict(struct lock_struct *lck1, static BOOL brl_conflict1(struct lock_struct *lck1, struct lock_struct *lck2) { + if (lck1->lock_type == PENDING_LOCK || lck2->lock_type == PENDING_LOCK ) + return False; + if (lck1->lock_type == READ_LOCK && lck2->lock_type == READ_LOCK) { return False; } @@ -148,13 +154,23 @@ static BOOL brl_conflict1(struct lock_struct *lck1, static BOOL brl_conflict_other(struct lock_struct *lck1, struct lock_struct *lck2) { - if (lck1->lock_type == READ_LOCK && lck2->lock_type == READ_LOCK) + if (lck1->lock_type == PENDING_LOCK || lck2->lock_type == PENDING_LOCK ) return False; - if (brl_same_context(&lck1->context, &lck2->context) && - lck1->fnum == lck2->fnum) + if (lck1->lock_type == READ_LOCK && lck2->lock_type == READ_LOCK) return False; + /* + * Incoming WRITE locks conflict with existing READ locks even + * if the context is the same. JRA. See LOCKTEST7 in smbtorture. + */ + + if (!(lck2->lock_type == WRITE_LOCK && lck1->lock_type == READ_LOCK)) { + if (brl_same_context(&lck1->context, &lck2->context) && + lck1->fnum == lck2->fnum) + return False; + } + if (lck1->start >= (lck2->start + lck2->size) || lck2->start >= (lck1->start + lck1->size)) return False; @@ -379,15 +395,29 @@ NTSTATUS brl_lock(SMB_DEV_T dev, SMB_INO_T ino, int fnum, } /**************************************************************************** + Check if an unlock overlaps a pending lock. +****************************************************************************/ + +static BOOL brl_pending_overlap(struct lock_struct *lock, struct lock_struct *pend_lock) +{ + if ((lock->start <= pend_lock->start) && (lock->start + lock->size > pend_lock->start)) + return True; + if ((lock->start >= pend_lock->start) && (lock->start <= pend_lock->start + pend_lock->size)) + return True; + return False; +} + +/**************************************************************************** Unlock a range of bytes. ****************************************************************************/ BOOL brl_unlock(SMB_DEV_T dev, SMB_INO_T ino, int fnum, uint16 smbpid, pid_t pid, uint16 tid, - br_off start, br_off size) + br_off start, br_off size, + BOOL remove_pending_locks_only) { TDB_DATA kbuf, dbuf; - int count, i; + int count, i, j; struct lock_struct *locks; struct lock_context context; @@ -445,9 +475,34 @@ BOOL brl_unlock(SMB_DEV_T dev, SMB_INO_T ino, int fnum, struct lock_struct *lock = &locks[i]; if (brl_same_context(&lock->context, &context) && - lock->fnum == fnum && - lock->start == start && - lock->size == size) { + lock->fnum == fnum && + lock->start == start && + lock->size == size) { + + if (remove_pending_locks_only && lock->lock_type != PENDING_LOCK) + continue; + + if (lock->lock_type != PENDING_LOCK) { + /* Send unlock messages to any pending waiters that overlap. */ + for (j=0; j<count; j++) { + struct lock_struct *pend_lock = &locks[j]; + + /* Ignore non-pending locks. */ + if (pend_lock->lock_type != PENDING_LOCK) + continue; + + /* We could send specific lock info here... */ + if (brl_pending_overlap(lock, pend_lock)) { + DEBUG(10,("brl_unlock: sending unlock message to pid %u\n", + (unsigned int)pend_lock->context.pid )); + + message_send_pid(pend_lock->context.pid, + MSG_SMB_UNLOCK, + NULL, 0, True); + } + } + } + /* found it - delete it */ if (count == 1) { tdb_delete(tdb, kbuf); @@ -539,7 +594,7 @@ BOOL brl_locktest(SMB_DEV_T dev, SMB_INO_T ino, int fnum, void brl_close(SMB_DEV_T dev, SMB_INO_T ino, pid_t pid, int tid, int fnum) { TDB_DATA kbuf, dbuf; - int count, i, dcount=0; + int count, i, j, dcount=0; struct lock_struct *locks; kbuf = locking_key(dev,ino); @@ -554,12 +609,34 @@ void brl_close(SMB_DEV_T dev, SMB_INO_T ino, pid_t pid, int tid, int fnum) /* there are existing locks - remove any for this fnum */ locks = (struct lock_struct *)dbuf.dptr; count = dbuf.dsize / sizeof(*locks); + for (i=0; i<count; i++) { struct lock_struct *lock = &locks[i]; if (lock->context.tid == tid && lock->context.pid == pid && lock->fnum == fnum) { + + /* Send unlock messages to any pending waiters that overlap. */ + for (j=0; j<count; j++) { + struct lock_struct *pend_lock = &locks[j]; + + /* Ignore our own or non-pending locks. */ + if (pend_lock->lock_type != PENDING_LOCK) + continue; + + if (pend_lock->context.tid == tid && + pend_lock->context.pid == pid && + pend_lock->fnum == fnum) + continue; + + /* We could send specific lock info here... */ + if (brl_pending_overlap(lock, pend_lock)) + message_send_pid(pend_lock->context.pid, + MSG_SMB_UNLOCK, + NULL, 0, True); + } + /* found it - delete it */ if (count > 1 && i < count-1) { memmove(&locks[i], &locks[i+1], diff --git a/source/locking/locking.c b/source/locking/locking.c index 2c9da056889..d0061ecbe99 100644 --- a/source/locking/locking.c +++ b/source/locking/locking.c @@ -134,7 +134,7 @@ static NTSTATUS do_lock(files_struct *fsp,connection_struct *conn, uint16 lock_p */ (void)brl_unlock(fsp->dev, fsp->inode, fsp->fnum, lock_pid, sys_getpid(), conn->cnum, - offset, count); + offset, count, False); } } } @@ -203,7 +203,7 @@ NTSTATUS do_unlock(files_struct *fsp,connection_struct *conn, uint16 lock_pid, */ ok = brl_unlock(fsp->dev, fsp->inode, fsp->fnum, - lock_pid, sys_getpid(), conn->cnum, offset, count); + lock_pid, sys_getpid(), conn->cnum, offset, count, False); if (!ok) { DEBUG(10,("do_unlock: returning ERRlock.\n" )); @@ -674,6 +674,7 @@ BOOL set_share_mode(files_struct *fsp, uint16 port, uint16 op_type) /* read in the existing share modes if any */ dbuf = tdb_fetch(tdb, locking_key_fsp(fsp)); if (!dbuf.dptr) { + size_t offset; /* we'll need to create a new record */ pstring fname; @@ -691,7 +692,8 @@ BOOL set_share_mode(files_struct *fsp, uint16 port, uint16 op_type) DEBUG(10,("set_share_mode: creating entry for file %s. num_share_modes = 1\n", fsp->fsp_name )); - pstrcpy(p + sizeof(*data) + sizeof(share_mode_entry), fname); + offset = sizeof(*data) + sizeof(share_mode_entry); + safe_strcpy(p + offset, fname, size - offset - 1); fill_share_mode(p + sizeof(*data), fsp, port, op_type); dbuf.dptr = p; dbuf.dsize = size; diff --git a/source/locking/posix.c b/source/locking/posix.c index 8b3538d8ca1..553b8b1c57f 100644 --- a/source/locking/posix.c +++ b/source/locking/posix.c @@ -150,9 +150,8 @@ static size_t get_posix_pending_close_entries(files_struct *fsp, int **entries) dbuf = tdb_fetch(posix_pending_close_tdb, kbuf); - if (!dbuf.dptr) { + if (!dbuf.dptr) return 0; - } *entries = (int *)dbuf.dptr; count = (size_t)(dbuf.dsize / sizeof(int)); @@ -177,9 +176,8 @@ static size_t get_posix_lock_entries(files_struct *fsp, struct posix_lock **entr dbuf = tdb_fetch(posix_lock_tdb, kbuf); - if (!dbuf.dptr) { + if (!dbuf.dptr) return 0; - } *entries = (struct posix_lock *)dbuf.dptr; count = (size_t)(dbuf.dsize / sizeof(struct posix_lock)); @@ -282,9 +280,9 @@ int fd_close_posix(struct connection_struct *conn, files_struct *fsp) ret = conn->vfs_ops.close(fsp,fsp->fd); if (saved_errno != 0) { - errno = saved_errno; + errno = saved_errno; ret = -1; - } + } fsp->fd = -1; @@ -339,8 +337,9 @@ static BOOL delete_posix_lock_entry_by_index(files_struct *fsp, size_t entry) return True; fail: - SAFE_FREE(dbuf.dptr); - return False; + + SAFE_FREE(dbuf.dptr); + return False; } /**************************************************************************** @@ -386,17 +385,18 @@ static BOOL add_posix_lock_entry(files_struct *fsp, SMB_OFF_T start, SMB_OFF_T s goto fail; } - SAFE_FREE(dbuf.dptr); + SAFE_FREE(dbuf.dptr); DEBUG(10,("add_posix_lock: File %s: type = %s: start=%.0f size=%.0f: dev=%.0f inode=%.0f\n", fsp->fsp_name, posix_lock_type_name(lock_type), (double)start, (double)size, (double)fsp->dev, (double)fsp->inode )); - return True; + return True; fail: - SAFE_FREE(dbuf.dptr); - return False; + + SAFE_FREE(dbuf.dptr); + return False; } /**************************************************************************** @@ -493,13 +493,14 @@ static int delete_posix_lock_entry(files_struct *fsp, SMB_OFF_T start, SMB_OFF_T posix_lock_type_name(pl->lock_type), (double)pl->start, (double)pl->size, (unsigned int)num_overlapping_records )); - SAFE_FREE(dbuf.dptr); + SAFE_FREE(dbuf.dptr); return num_overlapping_records; fail: - SAFE_FREE(dbuf.dptr); - return -1; + + SAFE_FREE(dbuf.dptr); + return -1; } /**************************************************************************** @@ -525,12 +526,12 @@ static int map_posix_lock_type( files_struct *fsp, enum brl_type lock_type) return F_WRLCK; } - /* - * This return should be the most normal, as we attempt - * to always open files read/write. - */ + /* + * This return should be the most normal, as we attempt + * to always open files read/write. + */ - return (lock_type == READ_LOCK) ? F_RDLCK : F_WRLCK; + return (lock_type == READ_LOCK) ? F_RDLCK : F_WRLCK; } /**************************************************************************** @@ -550,16 +551,20 @@ static BOOL posix_lock_in_range(SMB_OFF_T *offset_out, SMB_OFF_T *count_out, * find the maximum positive lock offset as an SMB_OFF_T. */ -#if defined(LARGE_SMB_OFF_T) && !defined(HAVE_BROKEN_FCNTL64_LOCKS) +#if defined(MAX_POSITIVE_LOCK_OFFSET) /* Some systems have arbitrary limits. */ + + SMB_OFF_T max_positive_lock_offset = (MAX_POSITIVE_LOCK_OFFSET); + +#elif defined(LARGE_SMB_OFF_T) && !defined(HAVE_BROKEN_FCNTL64_LOCKS) /* * In this case SMB_OFF_T is 64 bits, * and the underlying system can handle 64 bit signed locks. */ - SMB_OFF_T mask2 = ((SMB_OFF_T)0x4) << (SMB_OFF_T_BITS-4); - SMB_OFF_T mask = (mask2<<1); - SMB_OFF_T max_positive_lock_offset = ~mask; + SMB_OFF_T mask2 = ((SMB_OFF_T)0x4) << (SMB_OFF_T_BITS-4); + SMB_OFF_T mask = (mask2<<1); + SMB_OFF_T max_positive_lock_offset = ~mask; #else /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */ @@ -569,7 +574,7 @@ static BOOL posix_lock_in_range(SMB_OFF_T *offset_out, SMB_OFF_T *count_out, * All offsets & counts must be 2^31 or less. */ - SMB_OFF_T max_positive_lock_offset = 0x7FFFFFFF; + SMB_OFF_T max_positive_lock_offset = 0x7FFFFFFF; #endif /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */ @@ -596,19 +601,10 @@ static BOOL posix_lock_in_range(SMB_OFF_T *offset_out, SMB_OFF_T *count_out, } /* - * We must truncate the offset and count to less than max_positive_lock_offset. + * We must truncate the count to less than max_positive_lock_offset. */ - offset &= max_positive_lock_offset; - count &= max_positive_lock_offset; - - - /* - * Deal with a very common case of count of all ones. - * (lock entire file). - */ - - if(count == (SMB_OFF_T)-1) + if (u_count & ~((SMB_BIG_UINT)max_positive_lock_offset)) count = max_positive_lock_offset; /* @@ -723,10 +719,10 @@ BOOL is_posix_locked(files_struct *fsp, SMB_BIG_UINT u_offset, SMB_BIG_UINT u_co */ struct lock_list { - struct lock_list *next; - struct lock_list *prev; - SMB_OFF_T start; - SMB_OFF_T size; + struct lock_list *next; + struct lock_list *prev; + SMB_OFF_T start; + SMB_OFF_T size; }; /**************************************************************************** diff --git a/source/msdfs/msdfs.c b/source/msdfs/msdfs.c index 3be57b1d23c..a825447dd79 100644 --- a/source/msdfs/msdfs.c +++ b/source/msdfs/msdfs.c @@ -269,7 +269,7 @@ static BOOL resolve_dfs_path(char* dfspath, struct dfs_path* dp, if (consumedcntp) { char *q; pstring buf; - safe_strcpy(buf, dfspath, sizeof(buf)); + pstrcpy(buf, dfspath); trim_string(buf, NULL, "\\"); q = strrchr(buf, '\\'); if (q) @@ -610,7 +610,7 @@ int setup_dfs_referral(char* pathname, int max_referral_level, char** ppdata) && pathnamep[1] == '\\') pathnamep++; - safe_strcpy(buf, pathnamep, sizeof(buf)); + pstrcpy(buf, pathnamep); if (!get_referred_path(buf, &junction, &consumedcnt, &self_referral)) return -1; @@ -829,7 +829,7 @@ static BOOL form_junctions(int snum, struct junction_map* jn, int* jn_count) return False; } - safe_strcpy(ref->alternate_path, alt_path, sizeof(pstring)); + pstrcpy(ref->alternate_path, alt_path); ref->proximity = 0; ref->ttl = REFERRAL_TTL; cnt++; diff --git a/source/nsswitch/winbindd.c b/source/nsswitch/winbindd.c index b4fe60487cf..f5998d47c78 100644 --- a/source/nsswitch/winbindd.c +++ b/source/nsswitch/winbindd.c @@ -343,7 +343,9 @@ static void new_connection(int accept_sock) ZERO_STRUCTP(state); state->sock = sock; - + + state->last_access = time(NULL); + /* Add to connection list */ DLIST_ADD(client_list, state); @@ -380,6 +382,35 @@ static void remove_client(struct winbindd_cli_state *state) } } +/* Shutdown client connection which has been idle for the longest time */ + +static BOOL remove_idle_client(void) +{ + struct winbindd_cli_state *state, *remove_state = NULL; + time_t last_access = 0; + int nidle = 0; + + for (state = client_list; state; state = state->next) { + if (state->read_buf_len == 0 && state->write_buf_len == 0 && + !state->getpwent_state && !state->getgrent_state) { + nidle++; + if (!last_access || state->last_access < last_access) { + last_access = state->last_access; + remove_state = state; + } + } + } + + if (remove_state) { + DEBUG(5,("Found %d idle client connections, shutting down sock %d, pid %u\n", + nidle, remove_state->sock, (unsigned int)remove_state->pid)); + remove_client(remove_state); + return True; + } + + return False; +} + /* Process a complete received packet from a client */ static void process_packet(struct winbindd_cli_state *state) @@ -427,6 +458,7 @@ static void client_read(struct winbindd_cli_state *state) /* Update client state */ state->read_buf_len += n; + state->last_access = time(NULL); } /* Write some data to a client connection */ @@ -479,7 +511,8 @@ static void client_write(struct winbindd_cli_state *state) /* Update client state */ state->write_buf_len -= num_written; - + state->last_access = time(NULL); + /* Have we written all data? */ if (state->write_buf_len == 0) { @@ -597,9 +630,19 @@ static void process_loop(int accept_sock) if (selret > 0) { - if (FD_ISSET(accept_sock, &r_fds)) + if (FD_ISSET(accept_sock, &r_fds)) { + while (num_clients > WINBINDD_MAX_SIMULTANEOUS_CLIENTS - 1) { + DEBUG(5,("winbindd: Exceeding %d client connections, removing idle connection.\n", + WINBINDD_MAX_SIMULTANEOUS_CLIENTS)); + if (!remove_idle_client()) { + DEBUG(0,("winbindd: Exceeding %d client connections, no idle connection found\n", + WINBINDD_MAX_SIMULTANEOUS_CLIENTS)); + break; + } + } new_connection(accept_sock); - + } + /* Process activity on client connections */ for (state = client_list; state; state = state->next) { diff --git a/source/nsswitch/winbindd.h b/source/nsswitch/winbindd.h index 5329164f731..4a09cfb244e 100644 --- a/source/nsswitch/winbindd.h +++ b/source/nsswitch/winbindd.h @@ -32,16 +32,17 @@ /* Client state structure */ struct winbindd_cli_state { - struct winbindd_cli_state *prev, *next; /* Linked list pointers */ - int sock; /* Open socket from client */ - pid_t pid; /* pid of client */ - int read_buf_len, write_buf_len; /* Indexes in request/response */ - BOOL finished; /* Can delete from list */ - BOOL write_extra_data; /* Write extra_data field */ - struct winbindd_request request; /* Request from client */ - struct winbindd_response response; /* Respose to client */ - struct getent_state *getpwent_state; /* State for getpwent() */ - struct getent_state *getgrent_state; /* State for getgrent() */ + struct winbindd_cli_state *prev, *next; /* Linked list pointers */ + int sock; /* Open socket from client */ + pid_t pid; /* pid of client */ + int read_buf_len, write_buf_len; /* Indexes in request/response */ + BOOL finished; /* Can delete from list */ + BOOL write_extra_data; /* Write extra_data field */ + time_t last_access; /* Time of last access (read or write) */ + struct winbindd_request request; /* Request from client */ + struct winbindd_response response; /* Respose to client */ + struct getent_state *getpwent_state; /* State for getpwent() */ + struct getent_state *getgrent_state; /* State for getgrent() */ }; /* State between get{pw,gr}ent() calls */ diff --git a/source/nsswitch/winbindd_rpc.c b/source/nsswitch/winbindd_rpc.c index c6becce486e..93df063b6d6 100644 --- a/source/nsswitch/winbindd_rpc.c +++ b/source/nsswitch/winbindd_rpc.c @@ -55,19 +55,24 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, BOOL got_dom_pol = False; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; int i, loop_count = 0; + int retry; *num_entries = 0; *info = NULL; - /* Get sam handle */ + retry = 0; + do { + /* Get sam handle */ - if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) - goto done; + if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) + goto done; - /* Get domain handle */ + /* Get domain handle */ - result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, + result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, des_access, &domain->sid, &dom_pol); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) goto done; @@ -152,15 +157,20 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, POLICY_HND dom_pol; NTSTATUS result; uint32 start = 0; + int retry; *num_entries = 0; *info = NULL; - if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) - return result; + retry = 0; + do { + if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) + return result; - result = cli_samr_open_domain(hnd->cli, mem_ctx, + result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, des_access, &domain->sid, &dom_pol); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) return result; @@ -213,17 +223,13 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, DOM_SID *sids = NULL; uint32 *types = NULL; const char *full_name; + int retry; if (!(mem_ctx = talloc_init_named("name_to_sid[rpc] for [%s]\\[%s]", domain->name, name))) { DEBUG(0, ("talloc_init failed!\n")); return NT_STATUS_NO_MEMORY; } - if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain->name, &hnd))) { - talloc_destroy(mem_ctx); - return NT_STATUS_UNSUCCESSFUL; - } - full_name = talloc_asprintf(mem_ctx, "%s\\%s", domain->name, name); if (!full_name) { @@ -232,8 +238,17 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, return NT_STATUS_NO_MEMORY; } - result = cli_lsa_lookup_names(hnd->cli, mem_ctx, &hnd->pol, 1, + retry = 0; + do { + if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain->name, &hnd))) { + talloc_destroy(mem_ctx); + return NT_STATUS_UNSUCCESSFUL; + } + + result = cli_lsa_lookup_names(hnd->cli, mem_ctx, &hnd->pol, 1, &full_name, &sids, &types); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); /* Return rid and type if lookup successful */ @@ -260,12 +275,17 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain, char **names; uint32 *types; NTSTATUS result; - - if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain->name, &hnd))) - return NT_STATUS_UNSUCCESSFUL; + int retry; + + retry = 0; + do { + if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain->name, &hnd))) + return NT_STATUS_UNSUCCESSFUL; - result = cli_lsa_lookup_sids(hnd->cli, mem_ctx, &hnd->pol, + result = cli_lsa_lookup_sids(hnd->cli, mem_ctx, &hnd->pol, 1, sid, &domains, &names, &types); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); if (NT_STATUS_IS_OK(result)) { *type = types[0]; @@ -293,17 +313,20 @@ static NTSTATUS query_user(struct winbindd_domain *domain, POLICY_HND dom_pol, user_pol; BOOL got_dom_pol = False, got_user_pol = False; SAM_USERINFO_CTR *ctr; + int retry; - /* Get sam handle */ - - if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) - goto done; - - /* Get domain handle */ + retry = 0; + do { + /* Get sam handle */ + if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) + goto done; - result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, + /* Get domain handle */ + result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, SEC_RIGHTS_MAXIMUM_ALLOWED, &domain->sid, &dom_pol); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) goto done; @@ -360,19 +383,22 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, BOOL got_dom_pol = False, got_user_pol = False; DOM_GID *user_groups; int i; + int retry; *num_groups = 0; *user_gids = NULL; - /* Get sam handle */ - - if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) - goto done; - - /* Get domain handle */ + retry = 0; + do { + /* Get sam handle */ + if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) + goto done; - result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, + /* Get domain handle */ + result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, des_access, &domain->sid, &dom_pol); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) goto done; @@ -425,18 +451,21 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, POLICY_HND dom_pol, group_pol; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; BOOL got_dom_pol = False, got_group_pol = False; + int retry; *num_names = 0; - /* Get sam handle */ - - if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) - goto done; - - /* Get domain handle */ + retry = 0; + do { + /* Get sam handle */ + if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) + goto done; - result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, - des_access, &domain->sid, &dom_pol); + /* Get domain handle */ + result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, + des_access, &domain->sid, &dom_pol); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) goto done; @@ -615,35 +644,38 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) POLICY_HND dom_pol; BOOL got_dom_pol = False; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; + int retry; *seq = DOM_SEQUENCE_NONE; if (!(mem_ctx = talloc_init_named("sequence_number[rpc]"))) return NT_STATUS_NO_MEMORY; - /* Get sam handle */ - - if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) - goto done; + retry = 0; + do { + /* Get sam handle */ + if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain->name, &hnd))) + goto done; #ifdef WITH_HORRIBLE_LDAP_NATIVE_MODE_HACK - if (get_ldap_seq( inet_ntoa(hnd->cli->dest_ip), seq) == 0) { - result = NT_STATUS_OK; - seqnum = *seq; - DEBUG(10,("domain_sequence_number: LDAP for domain %s is %u\n", + if (get_ldap_seq( inet_ntoa(hnd->cli->dest_ip), seq) == 0) { + result = NT_STATUS_OK; + seqnum = *seq; + DEBUG(10,("domain_sequence_number: LDAP for domain %s is %u\n", domain->name, (unsigned)seqnum )); - goto done; - } + goto done; + } - DEBUG(10,("domain_sequence_number: failed to get LDAP sequence number (%u) for domain %s\n", + DEBUG(10,("domain_sequence_number: failed to get LDAP sequence number (%u) for domain %s\n", (unsigned)seqnum, domain->name )); #endif /* WITH_HORRIBLE_LDAP_NATIVE_MODE_HACK */ - /* Get domain handle */ - - result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, + /* Get domain handle */ + result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, des_access, &domain->sid, &dom_pol); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) goto done; @@ -688,15 +720,20 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, CLI_POLICY_HND *hnd; NTSTATUS result; uint32 enum_ctx = 0; + int retry; *num_domains = 0; - if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(lp_workgroup(), &hnd))) - goto done; + retry = 0; + do { + if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(lp_workgroup(), &hnd))) + goto done; - result = cli_lsa_enum_trust_dom(hnd->cli, mem_ctx, + result = cli_lsa_enum_trust_dom(hnd->cli, mem_ctx, &hnd->pol, &enum_ctx, num_domains, names, dom_sids); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); done: return result; } @@ -708,18 +745,22 @@ static NTSTATUS domain_sid(struct winbindd_domain *domain, DOM_SID *sid) TALLOC_CTX *mem_ctx; CLI_POLICY_HND *hnd; fstring level5_dom; + int retry; if (!(mem_ctx = talloc_init_named("domain_sid[rpc]"))) return NT_STATUS_NO_MEMORY; - /* Get sam handle */ - - if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain->name, &hnd))) - goto done; + retry = 0; + do { + /* Get lsa handle */ + if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain->name, &hnd))) + goto done; - result = cli_lsa_query_info_policy(hnd->cli, mem_ctx, - &hnd->pol, 0x05, level5_dom, sid); + result = cli_lsa_query_info_policy(hnd->cli, mem_ctx, + &hnd->pol, 0x05, level5_dom, sid); + } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && + hnd && hnd->cli && hnd->cli->fd == -1); done: talloc_destroy(mem_ctx); return result; diff --git a/source/rpc_server/srv_spoolss_nt.c b/source/rpc_server/srv_spoolss_nt.c index 6e211aff521..a2a38afc68f 100644 --- a/source/rpc_server/srv_spoolss_nt.c +++ b/source/rpc_server/srv_spoolss_nt.c @@ -5481,7 +5481,6 @@ static BOOL fill_job_info_2(JOB_INFO_2 *job_info, print_queue_struct *queue, DEVICEMODE *devmode) { pstring temp_name; - pstring chaine; struct tm *t; t=gmtime(&queue->time); @@ -5489,9 +5488,7 @@ static BOOL fill_job_info_2(JOB_INFO_2 *job_info, print_queue_struct *queue, job_info->jobid=queue->job; - slprintf(chaine, sizeof(chaine)-1, "\\\\%s\\%s", get_called_name(), ntprinter->info_2->printername); - - init_unistr(&job_info->printername, chaine); + init_unistr(&job_info->printername, ntprinter->info_2->printername); init_unistr(&job_info->machinename, temp_name); init_unistr(&job_info->username, queue->fs_user); @@ -7879,12 +7876,22 @@ WERROR _spoolss_enumprinterkey(pipes_struct *p, SPOOL_Q_ENUMPRINTERKEY *q_u, SPO uint16 enumkeys[ENUMERATED_KEY_SIZE+1]; char* ptr = NULL; int i; - char *PrinterKey = "PrinterDriverData"; + fstring PrinterKey; + UNISTR2 uni_keys; + int enum_key_len; DEBUG(4,("_spoolss_enumprinterkey\n")); unistr2_to_dos(key, &q_u->key, sizeof(key) - 1); + ZERO_STRUCTP(PrinterKey); + fstrcpy( PrinterKey, "PrinterDriverData" ); + + /* add space for 2 terminating NULLs */ + + enum_key_len = strlen( PrinterKey ) + 2; + + /* * we only support enumating all keys (key == "") * Of course, the only key we support is the "PrinterDriverData" @@ -7892,22 +7899,13 @@ WERROR _spoolss_enumprinterkey(pipes_struct *p, SPOOL_Q_ENUMPRINTERKEY *q_u, SPO */ if (strlen(key) == 0) { - r_u->needed = ENUMERATED_KEY_SIZE *2; + r_u->needed = enum_key_len*2; if (q_u->size < r_u->needed) return WERR_MORE_DATA; - ptr = PrinterKey; - for (i=0; i<ENUMERATED_KEY_SIZE-2; i++) - { - enumkeys[i] = (uint16)(*ptr); - ptr++; - } + init_unistr2( &uni_keys, PrinterKey, enum_key_len ); - /* tag of with 2 '\0's */ - enumkeys[i++] = '\0'; - enumkeys[i] = '\0'; - - if (!make_spoolss_buffer5(p->mem_ctx, &r_u->keys, ENUMERATED_KEY_SIZE, enumkeys)) + if ( !make_spoolss_buffer5(p->mem_ctx, &r_u->keys, enum_key_len, uni_keys.buffer) ) return WERR_BADFILE; return WERR_OK; diff --git a/source/rpc_server/srv_srvsvc_nt.c b/source/rpc_server/srv_srvsvc_nt.c index 2218fdb455c..85688417961 100644 --- a/source/rpc_server/srv_srvsvc_nt.c +++ b/source/rpc_server/srv_srvsvc_nt.c @@ -1037,7 +1037,7 @@ static void init_srv_r_net_file_enum(SRV_R_NET_FILE_ENUM *r_n, if (file_level == 0) r_n->status = WERR_UNKNOWN_LEVEL; else - r_n->status = init_srv_file_info_ctr(r_n->ctr, switch_value, &resume_hnd, &(r_n->total_entries)); + r_n->status = init_srv_file_info_ctr(r_n->ctr, switch_value, &resume_hnd, &r_n->total_entries); if (!W_ERROR_IS_OK(r_n->status)) resume_hnd = 0; diff --git a/source/smbd/blocking.c b/source/smbd/blocking.c index 96235dea3a5..d9c433c3223 100644 --- a/source/smbd/blocking.c +++ b/source/smbd/blocking.c @@ -33,6 +33,9 @@ typedef struct { files_struct *fsp; time_t expire_time; int lock_num; + SMB_BIG_UINT offset; + SMB_BIG_UINT count; + uint16 lock_pid; char *inbuf; int length; } blocking_lock_record; @@ -77,13 +80,18 @@ static BOOL in_chained_smb(void) return (chain_size != 0); } +static void received_unlock_msg(int msg_type, pid_t src, void *buf, size_t len); + /**************************************************************************** Function to push a blocking lock request onto the lock queue. ****************************************************************************/ -BOOL push_blocking_lock_request( char *inbuf, int length, int lock_timeout, int lock_num) +BOOL push_blocking_lock_request( char *inbuf, int length, int lock_timeout, + int lock_num, uint16 lock_pid, SMB_BIG_UINT offset, SMB_BIG_UINT count) { + static BOOL set_lock_msg; blocking_lock_record *blr; + NTSTATUS status; if(in_chained_smb() ) { DEBUG(0,("push_blocking_lock_request: cannot queue a chained request (currently).\n")); @@ -110,11 +118,31 @@ BOOL push_blocking_lock_request( char *inbuf, int length, int lock_timeout, int blr->fsp = get_fsp_from_pkt(inbuf); blr->expire_time = (lock_timeout == -1) ? (time_t)-1 : time(NULL) + (time_t)lock_timeout; blr->lock_num = lock_num; + blr->lock_pid = lock_pid; + blr->offset = offset; + blr->count = count; memcpy(blr->inbuf, inbuf, length); blr->length = length; + /* Add a pending lock record for this. */ + status = brl_lock(blr->fsp->dev, blr->fsp->inode, blr->fsp->fnum, + lock_pid, sys_getpid(), blr->fsp->conn->cnum, + offset, count, + PENDING_LOCK); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("push_blocking_lock_request: failed to add PENDING_LOCK record.\n")); + free_blocking_lock_record(blr); + return False; + } + ubi_slAddTail(&blocking_lock_queue, blr); + /* Ensure we'll receive messages when this is unlocked. */ + if (!set_lock_msg) { + message_register(MSG_SMB_UNLOCK, received_unlock_msg); + set_lock_msg = True; + } DEBUG(3,("push_blocking_lock_request: lock request length=%d blocked with expiry time %d (+%d) \ for fnum = %d, name = %s\n", length, (int)blr->expire_time, lock_timeout, @@ -493,6 +521,10 @@ void remove_pending_lock_requests_by_fid(files_struct *fsp) DEBUG(10,("remove_pending_lock_requests_by_fid - removing request type %d for \ file %s fnum = %d\n", blr->com_type, fsp->fsp_name, fsp->fnum )); + brl_unlock(blr->fsp->dev, blr->fsp->inode, blr->fsp->fnum, + blr->lock_pid, sys_getpid(), blr->fsp->conn->cnum, + blr->offset, blr->count, True); + free_blocking_lock_record((blocking_lock_record *)ubi_slRemNext( &blocking_lock_queue, prev)); blr = (blocking_lock_record *)(prev ? ubi_slNext(prev) : ubi_slFirst(&blocking_lock_queue)); continue; @@ -520,6 +552,9 @@ void remove_pending_lock_requests_by_mid(int mid) file %s fnum = %d\n", blr->com_type, fsp->fsp_name, fsp->fnum )); blocking_lock_reply_error(blr,NT_STATUS_CANCELLED); + brl_unlock(blr->fsp->dev, blr->fsp->inode, blr->fsp->fnum, + blr->lock_pid, sys_getpid(), blr->fsp->conn->cnum, + blr->offset, blr->count, True); free_blocking_lock_record((blocking_lock_record *)ubi_slRemNext( &blocking_lock_queue, prev)); blr = (blocking_lock_record *)(prev ? ubi_slNext(prev) : ubi_slFirst(&blocking_lock_queue)); continue; @@ -531,32 +566,41 @@ file %s fnum = %d\n", blr->com_type, fsp->fsp_name, fsp->fnum )); } /**************************************************************************** + Set a flag as an unlock request affects one of our pending locks. +*****************************************************************************/ + +static void received_unlock_msg(int msg_type, pid_t src, void *buf, size_t len) +{ + DEBUG(10,("received_unlock_msg\n")); + process_blocking_lock_queue(time(NULL)); +} + +/**************************************************************************** Return the number of seconds to the next blocking locks timeout, or default_timeout. *****************************************************************************/ -BOOL blocking_locks_timeout(unsigned default_timeout) +unsigned blocking_locks_timeout(unsigned default_timeout) { unsigned timeout = default_timeout; time_t t; blocking_lock_record *blr = (blocking_lock_record *)ubi_slFirst(&blocking_lock_queue); /* note that we avoid the time() syscall if there are no blocking locks */ - if (!blr) { + if (!blr) return timeout; - } t = time(NULL); while (blr) { - if (timeout > (blr->expire_time - t)) { + if ((blr->expire_time != (time_t)-1) && + (timeout > (blr->expire_time - t))) { timeout = blr->expire_time - t; } blr = (blocking_lock_record *)ubi_slNext(blr); } - if (timeout < 1) { + if (timeout < 1) timeout = 1; - } return timeout; } @@ -605,6 +649,10 @@ void process_blocking_lock_queue(time_t t) DEBUG(5,("process_blocking_lock_queue: pending lock fnum = %d for file %s timed out.\n", fsp->fnum, fsp->fsp_name )); + brl_unlock(fsp->dev, fsp->inode, fsp->fnum, + blr->lock_pid, sys_getpid(), conn->cnum, + blr->offset, blr->count, True); + blocking_lock_reply_error(blr,NT_STATUS_FILE_LOCK_CONFLICT); free_blocking_lock_record((blocking_lock_record *)ubi_slRemNext( &blocking_lock_queue, prev)); blr = (blocking_lock_record *)(prev ? ubi_slNext(prev) : ubi_slFirst(&blocking_lock_queue)); @@ -618,6 +666,11 @@ void process_blocking_lock_queue(time_t t) * Remove the entry and return an error to the client. */ blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); + + brl_unlock(fsp->dev, fsp->inode, fsp->fnum, + blr->lock_pid, sys_getpid(), conn->cnum, + blr->offset, blr->count, True); + free_blocking_lock_record((blocking_lock_record *)ubi_slRemNext( &blocking_lock_queue, prev)); blr = (blocking_lock_record *)(prev ? ubi_slNext(prev) : ubi_slFirst(&blocking_lock_queue)); continue; @@ -629,6 +682,11 @@ void process_blocking_lock_queue(time_t t) * Remove the entry and return an error to the client. */ blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); + + brl_unlock(fsp->dev, fsp->inode, fsp->fnum, + blr->lock_pid, sys_getpid(), conn->cnum, + blr->offset, blr->count, True); + free_blocking_lock_record((blocking_lock_record *)ubi_slRemNext( &blocking_lock_queue, prev)); blr = (blocking_lock_record *)(prev ? ubi_slNext(prev) : ubi_slFirst(&blocking_lock_queue)); change_to_root_user(); @@ -642,6 +700,11 @@ void process_blocking_lock_queue(time_t t) */ if(blocking_lock_record_process(blr)) { + + brl_unlock(fsp->dev, fsp->inode, fsp->fnum, + blr->lock_pid, sys_getpid(), conn->cnum, + blr->offset, blr->count, True); + free_blocking_lock_record((blocking_lock_record *)ubi_slRemNext( &blocking_lock_queue, prev)); blr = (blocking_lock_record *)(prev ? ubi_slNext(prev) : ubi_slFirst(&blocking_lock_queue)); change_to_root_user(); diff --git a/source/smbd/close.c b/source/smbd/close.c index e3feab0bfdc..2080d5ad545 100644 --- a/source/smbd/close.c +++ b/source/smbd/close.c @@ -147,6 +147,22 @@ static int close_normal_file(files_struct *fsp, BOOL normal_close) */ lock_share_entry_fsp(fsp); + + if (fsp->delete_on_close) { + + /* + * Modify the share mode entry for all files open + * on this device and inode to tell other smbds we have + * changed the delete on close flag. The last closer will delete the file + * if flag is set. + */ + + NTSTATUS status =set_delete_on_close_over_all(fsp, fsp->delete_on_close); + if (NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_OK)) + DEBUG(0,("close_normal_file: failed to change delete on close flag for file %s\n", + fsp->fsp_name )); + } + share_entry_count = del_share_mode(fsp, &share_entry); DEBUG(10,("close_normal_file: share_entry_count = %d for file %s\n", diff --git a/source/smbd/dir.c b/source/smbd/dir.c index 66a76a6637b..f1db06b33a3 100644 --- a/source/smbd/dir.c +++ b/source/smbd/dir.c @@ -928,9 +928,9 @@ void DirCacheAdd( char *path, char *name, char *dname, int snum ) return; /* so just return as if nothing happened. */ /* Set pointers correctly and load values. */ - entry->path = pstrcpy( (char *)&entry[1], path); - entry->name = pstrcpy( &(entry->path[pathlen]), name); - entry->dname = pstrcpy( &(entry->name[namelen]), dname); + entry->path = memcpy( (char *)&entry[1], path, strlen(path)+1 ); + entry->name = memcpy( &(entry->path[pathlen]), name, strlen(name)+1 ); + entry->dname = memcpy( &(entry->name[namelen]), dname, strlen(dname)+1 ); entry->snum = snum; /* Add the new entry to the linked list. */ @@ -965,8 +965,8 @@ char *DirCacheCheck( char *path, char *name, int snum ) entry = (dir_cache_entry *)ubi_dlNext( entry ) ) { if( entry->snum == snum - && 0 == strcmp( name, entry->name ) - && 0 == strcmp( path, entry->path ) ) + && entry->name && 0 == strcmp( name, entry->name ) + && entry->path && 0 == strcmp( path, entry->path ) ) { DEBUG(4, ("Got dir cache hit on %s %s -> %s\n",path,name,entry->dname)); return( entry->dname ); diff --git a/source/smbd/open.c b/source/smbd/open.c index 77841b4619b..809b842be12 100644 --- a/source/smbd/open.c +++ b/source/smbd/open.c @@ -81,6 +81,7 @@ static void check_for_pipe(char *fname) DEBUG(3,("Rejecting named pipe open for %s\n",fname)); unix_ERR_class = ERRSRV; unix_ERR_code = ERRaccess; + unix_ERR_ntstatus = NT_STATUS_ACCESS_DENIED; } } @@ -261,6 +262,7 @@ static int truncate_unless_locked(struct connection_struct *conn, files_struct * errno = EACCES; unix_ERR_class = ERRDOS; unix_ERR_code = ERRlock; + unix_ERR_ntstatus = dos_to_ntstatus(ERRDOS, ERRlock); return -1; } else { return conn->vfs_ops.ftruncate(fsp,fsp->fd,0); @@ -405,9 +407,10 @@ static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, i if (GET_DELETE_ON_CLOSE_FLAG(share->share_mode)) { DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n", fname )); - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRnoaccess; - unix_ERR_ntstatus = NT_STATUS_DELETE_PENDING; + /* Use errno to map to correct error. */ + unix_ERR_class = SMB_SUCCESS; + unix_ERR_code = 0; + unix_ERR_ntstatus = NT_STATUS_OK; return False; } @@ -450,6 +453,7 @@ static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, i fname )); unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadshare; + unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; return False; } @@ -470,6 +474,7 @@ and existing desired access (0x%x) are non-data opens\n", fname )); unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadshare; + unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; return False; } @@ -485,6 +490,7 @@ and existing desired access (0x%x) are non-data opens\n", fname )); unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadshare; + unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; return False; } @@ -516,6 +522,7 @@ existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsign unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadshare; + unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; return False; } @@ -602,6 +609,7 @@ dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (dou errno = EACCES; unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadshare; + unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; return -1; } @@ -652,6 +660,7 @@ dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry.pid, fn errno = EACCES; unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadshare; + unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; return -1; } @@ -926,6 +935,7 @@ files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_ * we can do. We also ensure we're not going to create or tuncate * the file as we only want an access decision at this stage. JRA. */ + errno = 0; fsp_open = open_file(fsp,conn,fname,psbuf, flags|(flags2&~(O_TRUNC|O_CREAT)),mode,desired_access); @@ -933,6 +943,12 @@ files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_ flags=0x%X flags2=0x%X mode=0%o returned %d\n", flags,(flags2&~(O_TRUNC|O_CREAT)),(int)mode,(int)fsp_open )); + if (!fsp_open && errno) { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRnoaccess; + unix_ERR_ntstatus = NT_STATUS_ACCESS_DENIED; + } + unlock_share_entry(conn, dev, inode); if (fsp_open) fd_close(conn, fsp); diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c index b8f4b752fda..752d807caff 100644 --- a/source/smbd/posix_acls.c +++ b/source/smbd/posix_acls.c @@ -669,8 +669,11 @@ static BOOL ensure_canon_entry_valid(canon_ace **pp_ace, pace->unix_ug.world = -1; pace->trustee = global_sid_World; pace->attr = ALLOW_ACE; - pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IROTH, S_IWOTH, S_IXOTH); - apply_default_perms(fsp, pace, S_IROTH); + if (setting_acl) { + pace->perms = 0; + apply_default_perms(fsp, pace, S_IROTH); + } else + pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IROTH, S_IWOTH, S_IXOTH); DLIST_ADD(*pp_ace, pace); } @@ -913,8 +916,16 @@ Deny entry after Allow entry. Failing to set on file %s.\n", fsp->fsp_name )); return False; } + /* + * We must not free current_ace here as its + * pointer is now owned by the dir_ace list. + */ current_ace = dup_ace; } else { + /* + * We must not free current_ace here as its + * pointer is now owned by the dir_ace list. + */ current_ace = NULL; } } @@ -949,6 +960,10 @@ Deny entry after Allow entry. Failing to set on file %s.\n", fsp->fsp_name )); print_canon_ace( current_ace, 0); } all_aces_are_inherit_only = False; + /* + * We must not free current_ace here as its + * pointer is now owned by the file_ace list. + */ current_ace = NULL; } diff --git a/source/smbd/process.c b/source/smbd/process.c index 99710b4dfd0..2912513d6d9 100644 --- a/source/smbd/process.c +++ b/source/smbd/process.c @@ -1272,6 +1272,13 @@ void smbd_process(void) lp_talloc_free(); main_loop_talloc_free(); + /* Did someone ask for immediate checks on things like blocking locks ? */ + if (select_timeout == 0) { + if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time)) + return; + num_smbs = 0; /* Reset smb counter. */ + } + while (!receive_message_or_smb(InBuffer,BUFFER_SIZE+LARGE_WRITEX_HDR_SIZE,select_timeout)) { if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time)) return; diff --git a/source/smbd/reply.c b/source/smbd/reply.c index 54fcac8a04e..a01753c2d49 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -2393,7 +2393,8 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) { + if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)startpos, + (SMB_BIG_UINT)numtoread)) { END_PROFILE(SMBlockread); return -1; } @@ -3281,7 +3282,7 @@ int reply_lock(connection_struct *conn, * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) { + if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), offset, count)) { END_PROFILE(SMBlock); return -1; } @@ -4721,7 +4722,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) { + if(push_blocking_lock_request(inbuf, length, lock_timeout, i, lock_pid, offset, count)) { END_PROFILE(SMBlockingX); return -1; } diff --git a/source/smbd/server.c b/source/smbd/server.c index 1dd68d730f4..d53e6ff1a6c 100644 --- a/source/smbd/server.c +++ b/source/smbd/server.c @@ -115,6 +115,40 @@ static BOOL open_sockets_inetd(void) } /**************************************************************************** + Have we reached the process limit ? +****************************************************************************/ + +BOOL allowable_number_of_smbd_processes(void) +{ + int max_processes = lp_max_smbd_processes(); + + if (!max_processes) + return True; + + { + TDB_CONTEXT *tdb = conn_tdb_ctx(); + int32 val; + if (!tdb) { + DEBUG(0,("allowable_number_of_smbd_processes: can't open connection tdb.\n" )); + return False; + } + + val = tdb_fetch_int32(tdb, "INFO/total_smbds"); + if (val == -1 && (tdb_error(tdb) != TDB_ERR_NOEXIST)) { + DEBUG(0,("allowable_number_of_smbd_processes: can't fetch INFO/total_smbds. Error %s\n", + tdb_errorstr(tdb) )); + return False; + } + if (val > max_processes) { + DEBUG(0,("allowable_number_of_smbd_processes: number of processes (%d) is over allowed limit (%d)\n", + val, max_processes )); + return False; + } + } + return True; +} + +/**************************************************************************** Open the socket communication. ****************************************************************************/ @@ -253,7 +287,7 @@ max can be %d\n", for( ; num > 0; num--) { struct sockaddr addr; socklen_t in_addrlen = sizeof(addr); - + s = -1; for(i = 0; i < num_interfaces; i++) { if(FD_ISSET(fd_listenset[i],&lfds)) { @@ -279,7 +313,7 @@ max can be %d\n", if (smbd_server_fd() != -1 && interactive) return True; - if (smbd_server_fd() != -1 && sys_fork()==0) { + if (allowable_number_of_smbd_processes() && smbd_server_fd() != -1 && sys_fork()==0) { /* Child code ... */ /* close the listening socket(s) */ @@ -674,7 +708,11 @@ static void usage(char *pname) pstrcpy(remote_machine, "smbd"); - setup_logging(argv[0],interactive); + /* + * Only want interactive behaviour if the user has not also + * specified a logfile dir etc. + */ + setup_logging(argv[0],interactive & !specified_logfile); charset_initialise(); diff --git a/source/smbd/trans2.c b/source/smbd/trans2.c index 8a43b103268..fa103318268 100644 --- a/source/smbd/trans2.c +++ b/source/smbd/trans2.c @@ -2186,59 +2186,39 @@ NTSTATUS set_delete_on_close_internal(files_struct *fsp, BOOL delete_on_close) DEBUG(10, ("set_delete_on_close_internal: %s delete on close flag for fnum = %d, directory %s\n", delete_on_close ? "Added" : "Removed", fsp->fnum, fsp->fsp_name )); } else { + fsp->delete_on_close = delete_on_close; + DEBUG(10, ("set_delete_on_close_internal: %s delete on close flag for fnum = %d, file %s\n", + delete_on_close ? "Added" : "Removed", fsp->fnum, fsp->fsp_name )); + } - files_struct *iterate_fsp; - - /* - * Modify the share mode entry for all files open - * on this device and inode to tell other smbds we have - * changed the delete on close flag. This will be noticed - * in the close code, the last closer will delete the file - * if flag is set. - */ - - DEBUG(10,("set_delete_on_close_internal: %s delete on close flag for fnum = %d, file %s\n", - delete_on_close ? "Adding" : "Removing", fsp->fnum, fsp->fsp_name )); + return NT_STATUS_OK; +} - if (lock_share_entry_fsp(fsp) == False) - return NT_STATUS_ACCESS_DENIED; +/**************************************************************************** + Sets the delete on close flag over all share modes on this file. + Modify the share mode entry for all files open + on this device and inode to tell other smbds we have + changed the delete on close flag. This will be noticed + in the close code, the last closer will delete the file + if flag is set. +****************************************************************************/ - if (!modify_delete_flag(fsp->dev, fsp->inode, delete_on_close)) { - DEBUG(0,("set_delete_on_close_internal: failed to change delete on close flag for file %s\n", - fsp->fsp_name )); - unlock_share_entry_fsp(fsp); - return NT_STATUS_ACCESS_DENIED; - } +NTSTATUS set_delete_on_close_over_all(files_struct *fsp, BOOL delete_on_close) +{ + DEBUG(10,("set_delete_on_close_over_all: %s delete on close flag for fnum = %d, file %s\n", + delete_on_close ? "Adding" : "Removing", fsp->fnum, fsp->fsp_name )); - /* - * Release the lock. - */ + if (lock_share_entry_fsp(fsp) == False) + return NT_STATUS_ACCESS_DENIED; + if (!modify_delete_flag(fsp->dev, fsp->inode, delete_on_close)) { + DEBUG(0,("set_delete_on_close_internal: failed to change delete on close flag for file %s\n", + fsp->fsp_name )); unlock_share_entry_fsp(fsp); - - /* - * Go through all files we have open on the same device and - * inode (hanging off the same hash bucket) and set the DELETE_ON_CLOSE_FLAG. - * Other smbd's that have this file open will look in the share_mode on close. - * take care of this (rare) case in close_file(). See the comment there. - * NB. JRA. We don't really need to do this anymore - all should be taken - * care of in the share_mode changes in the tdb. - */ - - for(iterate_fsp = file_find_di_first(fsp->dev, fsp->inode); - iterate_fsp; iterate_fsp = file_find_di_next(iterate_fsp)) - fsp->delete_on_close = delete_on_close; - - /* - * Set the delete on close flag in the fsp. - */ - fsp->delete_on_close = delete_on_close; - - DEBUG(10, ("set_delete_on_close_internal: %s delete on close flag for fnum = %d, file %s\n", - delete_on_close ? "Added" : "Removed", fsp->fnum, fsp->fsp_name )); - + return NT_STATUS_ACCESS_DENIED; } + unlock_share_entry_fsp(fsp); return NT_STATUS_OK; } @@ -2624,7 +2604,11 @@ static int call_trans2setfilepathinfo(connection_struct *conn, char *inbuf, char return(UNIXERROR(ERRDOS,ERRbadfid)); status = set_delete_on_close_internal(fsp, delete_on_close); + if (NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_OK)) + return ERROR_NT(status); + /* The set is across all open files on this dev/inode pair. */ + status =set_delete_on_close_over_all(fsp, delete_on_close); if (NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_OK)) return ERROR_NT(status); diff --git a/source/smbd/uid.c b/source/smbd/uid.c index b94fc05875d..fff8e3a263f 100644 --- a/source/smbd/uid.c +++ b/source/smbd/uid.c @@ -545,6 +545,188 @@ BOOL lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE } /***************************************************************** + Id mapping cache. This is to avoid Winbind mappings already + seen by smbd to be queried too frequently, keeping winbindd + busy, and blocking smbd while winbindd is busy with other + stuff. Written by Michael Steffens <michael.steffens@hp.com>, + modified to use linked lists by jra. +*****************************************************************/ + +#define MAX_UID_SID_CACHE_SIZE 100 +#define TURNOVER_UID_SID_CACHE_SIZE 10 +#define MAX_GID_SID_CACHE_SIZE 100 +#define TURNOVER_GID_SID_CACHE_SIZE 10 + +static size_t n_uid_sid_cache = 0; +static size_t n_gid_sid_cache = 0; + +static struct uid_sid_cache { + struct uid_sid_cache *next, *prev; + uid_t uid; + DOM_SID sid; + enum SID_NAME_USE sidtype; +} *uid_sid_cache_head; + +static struct gid_sid_cache { + struct gid_sid_cache *next, *prev; + gid_t gid; + DOM_SID sid; + enum SID_NAME_USE sidtype; +} *gid_sid_cache_head; + +/***************************************************************** + Find a SID given a uid. +*****************************************************************/ + +static BOOL fetch_sid_from_uid_cache(DOM_SID *psid, enum SID_NAME_USE *psidtype, uid_t uid) +{ + struct uid_sid_cache *pc; + + for (pc = uid_sid_cache_head; pc; pc = pc->next) { + if (pc->uid == uid) { + fstring sid; + *psid = pc->sid; + *psidtype = pc->sidtype; + DEBUG(3,("fetch sid from uid cache %u -> %s\n", + (unsigned int)uid, sid_to_string(sid, psid))); + DLIST_PROMOTE(uid_sid_cache_head, pc); + return True; + } + } + return False; +} + +/***************************************************************** + Find a uid given a SID. +*****************************************************************/ + +static BOOL fetch_uid_from_cache(uid_t *puid, const DOM_SID *psid, enum SID_NAME_USE sidtype) +{ + struct uid_sid_cache *pc; + + for (pc = uid_sid_cache_head; pc; pc = pc->next) { + if (sid_compare(&pc->sid, psid) == 0) { + fstring sid; + *puid = pc->uid; + DEBUG(3,("fetch uid from cache %u -> %s\n", + (unsigned int)*puid, sid_to_string(sid, psid))); + DLIST_PROMOTE(uid_sid_cache_head, pc); + return True; + } + } + return False; +} + +/***************************************************************** + Store uid to SID mapping in cache. +*****************************************************************/ + +static void store_uid_sid_cache(const DOM_SID *psid, const enum SID_NAME_USE sidtype, uid_t uid) +{ + struct uid_sid_cache *pc; + + if (n_uid_sid_cache >= MAX_UID_SID_CACHE_SIZE && n_uid_sid_cache > TURNOVER_UID_SID_CACHE_SIZE) { + /* Delete the last TURNOVER_UID_SID_CACHE_SIZE entries. */ + struct uid_sid_cache *pc_next; + size_t i; + + for (i = 0, pc = uid_sid_cache_head; i < (n_uid_sid_cache - TURNOVER_UID_SID_CACHE_SIZE); i++, pc = pc->next) + ; + for(; pc; pc = pc_next) { + pc_next = pc->next; + DLIST_REMOVE(uid_sid_cache_head,pc); + SAFE_FREE(pc); + n_uid_sid_cache--; + } + } + + pc = (struct uid_sid_cache *)malloc(sizeof(struct uid_sid_cache)); + if (!pc) + return; + pc->uid = uid; + sid_copy(&pc->sid, psid); + pc->sidtype = sidtype; + DLIST_ADD(uid_sid_cache_head, pc); + n_uid_sid_cache++; +} + +/***************************************************************** + Find a SID given a gid. +*****************************************************************/ + +static BOOL fetch_sid_from_gid_cache(DOM_SID *psid, enum SID_NAME_USE *psidtype, gid_t gid) +{ + struct gid_sid_cache *pc; + + for (pc = gid_sid_cache_head; pc; pc = pc->next) { + if (pc->gid == gid) { + fstring sid; + *psid = pc->sid; + *psidtype = pc->sidtype; + DEBUG(3,("fetch sid from gid cache %u -> %s\n", + (unsigned int)gid, sid_to_string(sid, psid))); + DLIST_PROMOTE(gid_sid_cache_head, pc); + return True; + } + } + return False; +} + +/***************************************************************** + Find a gid given a SID. +*****************************************************************/ + +static BOOL fetch_gid_from_cache(gid_t *pgid, const DOM_SID *psid, enum SID_NAME_USE sidtype) +{ + struct gid_sid_cache *pc; + + for (pc = gid_sid_cache_head; pc; pc = pc->next) { + if (sid_compare(&pc->sid, psid) == 0) { + fstring sid; + *pgid = pc->gid; + DEBUG(3,("fetch uid from cache %u -> %s\n", + (unsigned int)*pgid, sid_to_string(sid, psid))); + DLIST_PROMOTE(gid_sid_cache_head, pc); + return True; + } + } + return False; +} + +/***************************************************************** + Store gid to SID mapping in cache. +*****************************************************************/ + +static void store_gid_sid_cache(const DOM_SID *psid, const enum SID_NAME_USE sidtype, gid_t gid) +{ + struct gid_sid_cache *pc; + + if (n_gid_sid_cache >= MAX_GID_SID_CACHE_SIZE && n_gid_sid_cache > TURNOVER_GID_SID_CACHE_SIZE) { + /* Delete the last TURNOVER_GID_SID_CACHE_SIZE entries. */ + struct gid_sid_cache *pc_next; + size_t i; + + for (i = 0, pc = gid_sid_cache_head; i < (n_gid_sid_cache - TURNOVER_GID_SID_CACHE_SIZE); i++, pc = pc->next) + ; + for(; pc; pc = pc_next) { + pc_next = pc->next; + DLIST_REMOVE(gid_sid_cache_head,pc); + SAFE_FREE(pc); + n_gid_sid_cache--; + } + } + + pc = (struct gid_sid_cache *)malloc(sizeof(struct gid_sid_cache)); + if (!pc) + return; + pc->gid = gid; + sid_copy(&pc->sid, psid); + pc->sidtype = sidtype; + DLIST_ADD(gid_sid_cache_head, pc); + n_gid_sid_cache++; +} + +/***************************************************************** *THE CANONICAL* convert uid_t to SID function. Tries winbind first - then uses local lookup. Returns SID pointer. @@ -553,14 +735,20 @@ BOOL lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid) { uid_t low, high; + enum SID_NAME_USE sidtype; fstring sid; + if (fetch_sid_from_uid_cache(psid, &sidtype, uid)) + return psid; + if (lp_winbind_uid(&low, &high) && uid >= low && uid <= high) { if (winbind_uid_to_sid(psid, uid)) { DEBUG(10,("uid_to_sid: winbindd %u -> %s\n", (unsigned int)uid, sid_to_string(sid, psid))); + if (psid) + store_uid_sid_cache(psid, SID_NAME_USER, uid); return psid; } } @@ -569,6 +757,9 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid) DEBUG(10,("uid_to_sid: local %u -> %s\n", (unsigned int)uid, sid_to_string(sid, psid))); + if (psid) + store_uid_sid_cache(psid, SID_NAME_USER, uid); + return psid; } @@ -581,14 +772,20 @@ DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid) DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) { gid_t low, high; + enum SID_NAME_USE sidtype; fstring sid; + if (fetch_sid_from_gid_cache(psid, &sidtype, gid)) + return psid; + if (lp_winbind_gid(&low, &high) && gid >= low && gid <= high) { if (winbind_gid_to_sid(psid, gid)) { DEBUG(10,("gid_to_sid: winbindd %u -> %s\n", (unsigned int)gid, sid_to_string(sid, psid))); + if (psid) + store_gid_sid_cache(psid, SID_NAME_DOM_GRP, gid); return psid; } } @@ -597,6 +794,9 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) DEBUG(10,("gid_to_sid: local %u -> %s\n", (unsigned int)gid, sid_to_string(sid, psid))); + if (psid) + store_gid_sid_cache(psid, SID_NAME_DOM_GRP, gid); + return psid; } @@ -611,11 +811,18 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) { fstring dom_name, name, sid_str; enum SID_NAME_USE name_type; + BOOL ret; + if (fetch_uid_from_cache(puid, psid, *sidtype)) + return True; /* if we know its local then don't try winbindd */ - if (sid_compare_domain(&global_sam_sid, psid) == 0) - return local_sid_to_uid(puid, psid, sidtype); + if (sid_compare_domain(&global_sam_sid, psid) == 0) { + ret = local_sid_to_uid(puid, psid, sidtype); + if (ret) + store_uid_sid_cache(psid, *sidtype, *puid); + return ret; + } *sidtype = SID_NAME_UNKNOWN; @@ -627,7 +834,10 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) DEBUG(10,("sid_to_uid: winbind lookup for sid %s failed - trying local.\n", sid_to_string(sid_str, psid) )); - return local_sid_to_uid(puid, psid, sidtype); + ret = local_sid_to_uid(puid, psid, sidtype); + if (ret) + store_uid_sid_cache(psid, *sidtype, *puid); + return ret; } /* @@ -649,13 +859,17 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) if (!winbind_sid_to_uid(puid, psid)) { DEBUG(10,("sid_to_uid: winbind lookup for sid %s failed.\n", sid_to_string(sid_str, psid) )); - return local_sid_to_uid(puid, psid, sidtype);; + ret = local_sid_to_uid(puid, psid, sidtype);; + if (ret) + store_uid_sid_cache(psid, *sidtype, *puid); + return ret; } DEBUG(10,("sid_to_uid: winbindd %s -> %u\n", sid_to_string(sid_str, psid), (unsigned int)*puid )); + store_uid_sid_cache(psid, *sidtype, *puid); return True; } @@ -670,9 +884,13 @@ BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) { fstring dom_name, name, sid_str; enum SID_NAME_USE name_type; + BOOL ret; *sidtype = SID_NAME_UNKNOWN; + if (fetch_gid_from_cache(pgid, psid, *sidtype)) + return True; + /* * First we must look up the name and decide if this is a group sid. */ @@ -681,7 +899,10 @@ BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) DEBUG(10,("sid_to_gid: winbind lookup for sid %s failed - trying local.\n", sid_to_string(sid_str, psid) )); - return local_sid_to_gid(pgid, psid, sidtype); + ret = local_sid_to_gid(pgid, psid, sidtype); + if (ret) + store_gid_sid_cache(psid, *sidtype, *pgid); + return ret; } /* @@ -692,7 +913,10 @@ BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) DEBUG(10,("sid_to_gid: winbind lookup succeeded but SID is not a known group (%u)\n", (unsigned int)name_type )); - return local_sid_to_gid(pgid, psid, sidtype); + ret = local_sid_to_gid(pgid, psid, sidtype); + if (ret) + store_gid_sid_cache(psid, *sidtype, *pgid); + return ret; } *sidtype = name_type; @@ -711,5 +935,6 @@ BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) sid_to_string(sid_str, psid), (unsigned int)*pgid )); + store_gid_sid_cache(psid, *sidtype, *pgid); return True; } diff --git a/source/utils/rpctorture.c b/source/utils/rpctorture.c index 3bf70b9719e..3cef9b51b64 100644 --- a/source/utils/rpctorture.c +++ b/source/utils/rpctorture.c @@ -232,7 +232,6 @@ enum client_action pstring term_code; BOOL got_pass = False; char *cmd_str=""; - mode_t myumask = 0755; enum client_action cli_action = CLIENT_NONE; int nprocs = 1; int numops = 100; @@ -302,9 +301,6 @@ enum client_action TimeInit(); charset_initialise(); - myumask = umask(0); - umask(myumask); - if (!get_myname(global_myname)) { fprintf(stderr, "Failed to get my hostname.\n"); |