Michael Adam [Thu, 20 May 2010 08:28:03 +0000 (10:28 +0200)]
s3:winbindd:idmap: remove idmap_new_mapping() - now implemented in the backends
Michael Adam [Sat, 15 May 2010 22:32:10 +0000 (00:32 +0200)]
s3:idmap: add a debug message to idmap_sid_to_gid
Michael Adam [Sat, 15 May 2010 22:31:39 +0000 (00:31 +0200)]
s3:idmap: add a debug message to idmap_sid_to_uid
Michael Adam [Fri, 14 May 2010 14:19:46 +0000 (16:19 +0200)]
s3:idmap: don't call idmap_new_mapping idmap_sid_to_gid
The setting of a new mapping is moved into the backend code
to achieve atomicity and greater flexibility.
Michael
Michael Adam [Fri, 14 May 2010 14:18:16 +0000 (16:18 +0200)]
s3:idmap: don't call idmap_new_mapping idmap_sid_to_unixid.
The setting of a new mapping is moved into the backend code
to achieve atomicity and greater flexibility.
Michael
Michael Adam [Fri, 14 May 2010 14:11:32 +0000 (16:11 +0200)]
s3:idmap: remove the set_mapping method from the idmap API
Keep the backend implementations for possible internal use.
Michael
Michael Adam [Thu, 22 Jan 2009 16:59:18 +0000 (17:59 +0100)]
s3:idmap: remove unused method set_id_hwm from idmap API
Michael
Michael Adam [Thu, 22 Jan 2009 16:56:19 +0000 (17:56 +0100)]
s3:idmap: remove unused alloc method get_id_hwm from idmap API
Michael
Michael Adam [Thu, 22 Jan 2009 14:52:34 +0000 (15:52 +0100)]
s3:idmap: remove unused method dump_data() from the idmap API
Michael
Michael Adam [Thu, 22 Jan 2009 13:44:24 +0000 (14:44 +0100)]
s3:idmap: remove the remove_mapping method from API and backends
Michael
Michael Adam [Thu, 22 Jan 2009 13:38:21 +0000 (14:38 +0100)]
s3:idmap: remove unused idmap_remove_mapping().
Michael
Michael Adam [Thu, 22 Jan 2009 13:36:51 +0000 (14:36 +0100)]
s4: remove REMOVE_MAPPING from wb_samba3_protocol
Michael
Michael Adam [Thu, 22 Jan 2009 13:34:50 +0000 (14:34 +0100)]
s3:winbind: remove the method REMOVE_MAPPING from winbind's API
Michael
Michael Adam [Thu, 22 Jan 2009 13:31:55 +0000 (14:31 +0100)]
s3:idmap: remove unused idmap_set_mapping().
Michael
Michael Adam [Thu, 22 Jan 2009 13:30:25 +0000 (14:30 +0100)]
s4: remove SET_MAPPING from wb_samba3_protocol
Michael
Michael Adam [Thu, 22 Jan 2009 13:29:15 +0000 (14:29 +0100)]
s3:winbind: remove the method SET_MAPPING from winbind's API
Michael
Michael Adam [Thu, 22 Jan 2009 12:57:21 +0000 (13:57 +0100)]
libwbclient: unimplement wbcRemoveGidMapping()
Michael
Michael Adam [Thu, 22 Jan 2009 12:56:09 +0000 (13:56 +0100)]
libwbclient: unimplement wbcRemoveUidMapping()
Michael
Michael Adam [Thu, 22 Jan 2009 12:54:03 +0000 (13:54 +0100)]
libwbclient: unimplement wbcSetGidMapping()
Michael
Michael Adam [Thu, 22 Jan 2009 12:51:53 +0000 (13:51 +0100)]
libwbclient: unimplement wbcSetUidMapping()
Michael
Michael Adam [Thu, 22 Jan 2009 12:49:42 +0000 (13:49 +0100)]
s3:idmap: remove unused idmap_set_gid_hwm()
Michael
Michael Adam [Thu, 22 Jan 2009 12:49:06 +0000 (13:49 +0100)]
s3:idmap: remove unused idmap_set_uid_hwm()
Michael
Michael Adam [Thu, 22 Jan 2009 12:46:25 +0000 (13:46 +0100)]
s4: remove SET_HWM and SET_DUAL_HWM from wb_samba3_protocol
Michael
Michael Adam [Thu, 22 Jan 2009 12:46:03 +0000 (13:46 +0100)]
s3:winbind: remove SET_HWM from winbind's API.
Michael
Michael Adam [Thu, 22 Jan 2009 12:39:33 +0000 (13:39 +0100)]
libwbclient: unimplement wbcSetGidHwm()
Michael
Michael Adam [Thu, 22 Jan 2009 12:37:11 +0000 (13:37 +0100)]
libwbclient: unimplement wbcSetUidHwm()
Michael
Michael Adam [Thu, 22 Jan 2009 12:33:54 +0000 (13:33 +0100)]
s3:net idmap: TEMPORARILY disable the "net idmap restore" functionality
The use of libwbclient has to be removed from net idmap restore,
since the idmap-rw-methods are removed from the winbindd API.
"net idmap restore" needs to be rewritten with plain tdb access,
more precisely with dbwrap access (also "net idmap dump" needs
rewrite), to allow for restoring mappings directly to a database,
potentially to a clustered database handled by ctdb.
Michael Adam [Mon, 31 May 2010 08:14:57 +0000 (10:14 +0200)]
s3: remove prototype of non-existsing function idmap_tdb_tdb_close().
Michael Adam [Tue, 18 May 2010 13:25:53 +0000 (15:25 +0200)]
s3:winbind:idmap_tdb2_set_mapping: untangle assignment from check
Michael Adam [Mon, 17 May 2010 08:45:04 +0000 (10:45 +0200)]
s3:winbind:idmap_tdb: don't check ranges when an invalid entry was found.
There is no point in checking the ranges this if the record found had an
invalid/unknown type: the mapping is not filled in. If it were initialized
to some defaults before, the check just might replace the status
NT_STATUS_INTERNAL_DB_ERROR with a NT_STATUS_NONE_MAPPED, which is not
as precise.
Volker Lendecke [Wed, 26 May 2010 15:52:10 +0000 (17:52 +0200)]
s3: Fix some debug messages
Volker Lendecke [Wed, 26 May 2010 15:47:37 +0000 (17:47 +0200)]
s3: Don't announce readraw and writeraw with the async echo responder
Volker Lendecke [Thu, 27 May 2010 16:12:30 +0000 (18:12 +0200)]
s3: Fix a bad memleak in the async echo responder
Volker Lendecke [Tue, 11 May 2010 09:59:40 +0000 (11:59 +0200)]
v3-4-ctdb: Bump up the vendor patch level to 5
Volker Lendecke [Mon, 10 May 2010 10:05:01 +0000 (12:05 +0200)]
libwbclient: Fix a fd-leak at dlclose-time
__attribute__((destructor)) makes winbind_close_sock() being called at
dlclose() time.
Found while testing apache on Linux with mod_auth_pam.
Other platforms will have to find a different fix. One possibility would be to
always close the socket after each operation, but this badly sucks
performance-wise.
Volker Lendecke [Mon, 10 May 2010 09:53:03 +0000 (11:53 +0200)]
s3: Test for "__attribute__((destructor))"
Volker Lendecke [Sat, 23 Jan 2010 17:06:53 +0000 (18:06 +0100)]
nsswitch: Make some functions static
Volker Lendecke [Thu, 29 Apr 2010 10:14:08 +0000 (12:14 +0200)]
s3: range-check idmap script output
Not doing so results in the id mapping succeeding once unchecked and later on
being refused, because when reading from the tdb we do the checks.
Volker Lendecke [Thu, 29 Apr 2010 10:11:04 +0000 (12:11 +0200)]
s3: Fix an uninitialized variable in idmap_tdb2_sid_to_id()
When we find an invalid record in the database, there's no point in checking
the non-existing value against the range limits.
Volker Lendecke [Thu, 29 Apr 2010 10:09:48 +0000 (12:09 +0200)]
s3: Fix some nonempty blank lines
Volker Lendecke [Mon, 26 Apr 2010 14:30:34 +0000 (16:30 +0200)]
v3-4-ctdb: Bump up the vendor patch level to 4
Volker Lendecke [Mon, 26 Apr 2010 14:44:34 +0000 (16:44 +0200)]
s3: Implement "net rpc user setprimarygroup"
Christian Ambach [Wed, 14 Apr 2010 08:05:56 +0000 (10:05 +0200)]
fix snapshot content display with hide unreadable
With the hide unreadable option set, snapshots are be displayed
as empty with shadow_copy2 and a NFSv4 ACL module.
To prevent multiple conversions of the paths when the acl call
does a VFS_STAT (as the nfs4acl code does), a check was added
to convert_shadow2_name() so it will not touch paths any more
that look like they have already been converted.
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
Volker Lendecke [Tue, 13 Apr 2010 10:09:21 +0000 (12:09 +0200)]
libwbclient: Re-Fix a bug that was fixed with
e5741e27c4c
> r21878: Fix a bug with smbd serving a windows terminal server: If winbind
> decides smbd to be idle it might happen that smbd needs to do a winbind
> operation (for example sid2name) as non-root. This then fails to get the
> privileged pipe. When later on on the same connection another authentication
> request comes in, we try to do the CRAP auth via the non-privileged pipe.
>
> This adds a winbindd_priv_request_response() request that kills the existing
> winbind pipe connection if it's not privileged.
The fix for this was lost during the conversion to libwbclient.
Thanks to Ira Cooper <samba@ira.wakeful.net> for pointing this out!
Volker
Volker Lendecke [Fri, 9 Apr 2010 15:19:13 +0000 (17:19 +0200)]
s3: Cache the username map in gencache
This is for uses with a heavy-weight username map script
Volker Lendecke [Fri, 9 Apr 2010 12:30:54 +0000 (14:30 +0200)]
s3: Little refactoring: Factor out skip_space
Volker Lendecke [Fri, 9 Apr 2010 12:28:44 +0000 (14:28 +0200)]
s3: Remove a bogus 0-check, "isspace" can not return true for \0
Volker Lendecke [Mon, 12 Apr 2010 08:34:29 +0000 (10:34 +0200)]
s3: Cache the result of the username map script
Volker Lendecke [Fri, 9 Apr 2010 12:09:20 +0000 (14:09 +0200)]
s3: Use talloc_tos() as talloc ctx for fd_lines_load() in map_username()
Volker Lendecke [Fri, 9 Apr 2010 12:05:09 +0000 (14:05 +0200)]
s3: TALLOC_FREE(command) correctly in map_username()
Volker Lendecke [Thu, 8 Apr 2010 13:24:02 +0000 (15:24 +0200)]
v3-4-ctdb: Bump up the vendor patch level to 3
Volker Lendecke [Wed, 7 Apr 2010 15:45:12 +0000 (17:45 +0200)]
s3: Fork multiple children per domain
Volker Lendecke [Wed, 7 Apr 2010 15:44:18 +0000 (17:44 +0200)]
s3: Introduce winbindd_child_busy()
Volker Lendecke [Wed, 7 Apr 2010 15:43:37 +0000 (17:43 +0200)]
s3: Remove the separate "child" argument from setup_domain_child()
Stefan Metzmacher [Thu, 8 Apr 2010 10:45:54 +0000 (12:45 +0200)]
s3:winbindd: make "smbcontrol winbindd validate-cache" reliable again
commit
73577205cf81644e7fe853eaf3e6459f7f443096
(s3:winbindd: fix problems with SIGCHLD handling (bug #7317))
broke this.
metze
(cherry picked from commit
eb9b7d0363669574de8ec380089407890f15eac2)
Volker Lendecke [Thu, 8 Apr 2010 08:41:15 +0000 (10:41 +0200)]
v3-4-ctdb: Bump up the vender patch level to 2
Stefan Metzmacher [Tue, 30 Mar 2010 07:50:09 +0000 (09:50 +0200)]
s3:libads: retry with signing after getting LDAP_STRONG_AUTH_REQUIRED
If server requires LDAP signing we're getting LDAP_STRONG_AUTH_REQUIRED,
if "client ldap sasl wrapping = plain", instead of failing we now
autoupgrade to "client ldap sasl wrapping = sign" for the given connection.
metze
(cherry picked from commit
cc2ef27e369f0950ec931bf15cba4665c053ac53)
Stefan Metzmacher [Thu, 1 Apr 2010 16:10:47 +0000 (18:10 +0200)]
s3:winbindd: remove unused variables
metze
(cherry picked from commit
e18ddb6036f5e0a2211e89a7c9b5514c30a653cf)
Stefan Metzmacher [Thu, 1 Apr 2010 14:23:06 +0000 (16:23 +0200)]
s3:winbindd: fix problems with SIGCHLD handling (bug #7317)
The main problem is that we call CatchChild() within the
parent winbindd, which overwrites the signal handler
that was registered by winbindd_setup_sig_chld_handler().
That means winbindd_sig_chld_handler() and winbind_child_died()
are never triggered when a winbindd domain child dies.
As a result will get "broken pipe" for all requests to that domain.
To reduce the risk of similar bugs in future we call
CatchChild() in winbindd_reinit_after_fork() now.
We also use a full winbindd_reinit_after_fork() in the
cache validation child now instead instead of just resetting
the SIGCHLD handler by hand. This will also fix possible
tdb problems on systems without pread/pwrite and disabled mmap
as we now correctly reopen the tdb handle for the child.
metze
(cherry picked from commit
73577205cf81644e7fe853eaf3e6459f7f443096)
Stefan Metzmacher [Thu, 1 Apr 2010 07:29:38 +0000 (09:29 +0200)]
s3:winbindd: make sure we don't try rpc requests against unaccessable domains
This makes sure we don't crash while trying to dereference domain->conn.cli->foo
while trying to establish a rpc connection to the server.
This fixes bug #7316.
metze
(cherry picked from commit
d930904b997d310aeff781bde1e7e3ce47dde8a1)
(cherry picked from commit
01b60b113869f526dcf3bb478d70df21dbb207c8)
Stefan Metzmacher [Tue, 23 Feb 2010 07:42:41 +0000 (08:42 +0100)]
s3:winbindd: never mark external domains as internal!
This way we can endup with silently using builtin_passdb_methods
for an ad domain without an inbound trust.
This fixes bug #7170.
metze
(cherry picked from commit
f924b7749280b31ece19885de1c3ad1bd71942ac)
(cherry picked from commit
1ea768baa9bb38533d4bd273d6c4e7b1f5fd12bd)
Stefan Metzmacher [Mon, 29 Mar 2010 20:03:55 +0000 (22:03 +0200)]
s3:winbindd: correctly retry if the netlogon pipe gets disconnected during a logon call
This fixes hopefully the last part of bug #7295.
metze
(cherry picked from commit
4c6cde99c0751a073120d8bc36d40922d8027344)
(cherry picked from commit
482518fcafb18bda1f084ebf1906a2ad02436b80)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 12:45:19 +0000 (14:45 +0200)]
s3:winbindd_reconnect: don't only reconnect on NT_STATUS_UNSUCCESSFUL
metze
(cherry picked from commit
6bd5a2a3739938f95fce23ab2da652c9b5a48111)
(cherry picked from commit
169628fcb656ba5987a99bd50c7f588b731eae51)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 25 Mar 2010 14:25:47 +0000 (15:25 +0100)]
s3:winbindd_cm: invalidate connection if cm_connect_netlogon() fails
metze
(cherry picked from commit
94a4bcd2f0c0464e192556679c6636639cb307ea)
(cherry picked from commit
c046ae8428fb62ff2749689e7c738f1a2e8f8251)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 25 Mar 2010 14:17:07 +0000 (15:17 +0100)]
s3:winbindd: consistently use TALLOC_FREE(conn->foo_pipe) is we create a new connection
metze
(cherry picked from commit
4f391fedac7111683d13f2d79fee7c0dbc27f86e)
(cherry picked from commit
c462e54142c00fdd81c2847d16a75119b1cc89fc)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 12:42:04 +0000 (14:42 +0200)]
s3:winbindd_cm: use rpccli_is_connected() helper function
metze
(cherry picked from commit
d980c06a994d032a833adc8d56d2f2c037f8fdaf)
(cherry picked from commit
aa7d54ed04585a183a88363406ed7f3244b24d85)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 25 Mar 2010 14:14:02 +0000 (15:14 +0100)]
s3:winbindd_cm: use cli_state_is_connected() helper function
metze
(cherry picked from commit
408a3eb35a0e61b5d66a3b48ebbd1a6796672d0f)
(cherry picked from commit
00a93190d2cae31cd2213b810ea348c055670399)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Sun, 28 Mar 2010 17:34:34 +0000 (19:34 +0200)]
s3:rpc_client: return at least 10 sec as old timeout in rpccli_set_timeout() instead of 0
metze
(cherry picked from commit
3e70da3f470eeb122f95477fb48d89939f501b3e)
(cherry picked from commit
60861fba533027b6c9a0ff704b95dcf631ea3ca3)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 12:31:17 +0000 (14:31 +0200)]
s3:rpc_client: add set_timeout hook to rpc_cli_transport
metze
(cherry picked from commit
99664ad15460530b6fb44957b6c57823f09884bf)
(cherry picked from commit
89164eb8363ffc0b951256578be48d37ddba46b1)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 12:26:29 +0000 (14:26 +0200)]
s3:rpc_client: add rpccli_is_connected()
metze
(cherry picked from commit
4f41b53487ac9bc96c7960e8edab464558656373)
(similar to commit
958b49323968740e2cbf69dc2a0a5dd57d5bcf87)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 29 Mar 2010 12:58:19 +0000 (14:58 +0200)]
s3:rpc_client: don't mix layers and keep a reference to cli_state in the caller
We should not rely on the backend to have a reference to the cli_state.
This will make it possible for the backend to set its cli_state reference
to NULL, when the transport is dead.
metze
(cherry picked from commit
dc09b12681ea0e6d4c2b0f1c99dfeb1f23019c65)
(cherry picked from commit
1e2e47da82aeb249dce431541738a62cb139aebb)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 10:23:39 +0000 (12:23 +0200)]
s3:rpc_transport_np: use cli_state_is_connected() helper
metze
(cherry picked from commit
b862351da8624df893ec77e020a456c1d23c58ed)
(cherry picked from commit
8c2f4426ce178ac33748cfba01532ec2fd205710)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 25 Mar 2010 12:20:56 +0000 (13:20 +0100)]
s3:libsmb: add cli_state_is_connected() function
metze
(cherry picked from commit
d7bf30ef92031ffddcde3680b38e602510bcae24)
(cherry picked from commit
589f73924273e8a9b54669f42a92381661dcb33f)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 29 Mar 2010 16:23:40 +0000 (18:23 +0200)]
s3:libsmb: don't let cli_shutdown() segfault with a NULL cli_state
metze
(similar to commit
47e10ab9a85960c78af807b66b99bcd139713644)
(cherry picked from commit
957c0d4a5ee67ac70e576155a0f2f6f84cdb1596)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 10:22:54 +0000 (12:22 +0200)]
s3:rpc_transport_np: handle trans rdata like the output of a normal read
Inspired by bug #7159.
metze
(cherry picked from commit
911287285cc4c8485b75edfad3c1ece901a69b0b)
(cherry picked from commit
e2739a2bf37e654c37cbea6e510f63a7ce4adfea)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 12:14:53 +0000 (14:14 +0200)]
s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
Signed-off-by: Bo Yang <boyang@samba.org>
(cherry picked from commit
36493bf2f6634b84c57107bcb86bcbf3e82e80fc)
(similar to commit
b58b359881c91ec382cfa1d6ba3007b8354b29cb)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 12:06:39 +0000 (14:06 +0200)]
Fix broken pipe handling
Metze is right: If we have *any* error at the socket level, we just can
not continue.
Also, apply some defensive programming: With this async stuff someone else
might already have closed the socket.
(cherry picked from commit
f140bf2e6578e45b8603d4a6c5feef9a3b735804)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 12:04:33 +0000 (14:04 +0200)]
s3:rpc_client: close the socket when pipe is broken
Signed-off-by: Bo Yang <boyang@samba.org>
(similar to commit
aa70e44cd0576e5280e24cf35000369a47dd958f)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 09:53:33 +0000 (11:53 +0200)]
s3: fix crash in winbindd (similar to commit
f8cc0e88fbbb082ead023e0cb437b1e12cf35459)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Fri, 19 Feb 2010 22:24:17 +0000 (14:24 -0800)]
Second part of fix for bug #7159 - client rpc_transport doesn't cope with bad server data returns.
If server returns zero on a NP read. Report pipe broken.
Prevents client from looping if it thinks there should be
more data.
Jeremy.
(cherry picked from commit
0055e33dbed0e81548464d01bcf864255bab3159)
(cherry picked from commit
f5ca9f84e9b511c2ba7a4280b1997daa441f9877)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 6 Apr 2010 10:20:02 +0000 (12:20 +0200)]
First part of fix for bug #7159 - client rpc_transport doesn't cope with bad server data returns.
Ensure that subreq is *always* talloc_free'd in the _done
function, as it has an event timeout attached. If the
read requests look longer than the cli->timeout, then
the timeout fn is called with already freed data.
Jeremy.
(cherry picked from commit
ad77ae1d5870e06f8587ecf634e0b6bdcbb950d7)
(similar to commit
6e5b6b5acb30869eb63b25ed1406014101a5e89d)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Christian Ambach [Mon, 5 Apr 2010 12:12:52 +0000 (14:12 +0200)]
fix a segfault in the notify subsystem
When the notify_array cannot be loaded correctly,
do not keep the half-baked parsing results in the global variable.
This can lead to segfaults next time notify_load is entered and
the seqnum has not changed. This has been seen in a case
where mixed smbd versions were running in a CTDB cluster
(versions with and w/o commit
c216d1e6 that changed the
notify_entry structure).
There will be missed notifications until all smbds are at the
same software level, but this should be acceptable and is better
than crashing and interrupting client operations.
This fix cleans up the notify_array, removes the unparseable data
from the TDB and returns a fresh notify_array that can be worked
with.
The NDR_PRINT_DEBUG had to be moved to only be called when the
parsing succeeded, it was seen to cause additional segfaults.
The status variable is intentionally left to NT_STATUS_OK to not
make callers abort and report errors to the clients and make them
disconnect.
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
Volker Lendecke [Fri, 26 Mar 2010 12:18:52 +0000 (13:18 +0100)]
s3: Use tdb_transaction_start_nonblock in gencache_stabilize
This avoids the thundering herd problem when 5000 smbds exit simultaneously
because the network went down.
Volker Lendecke [Fri, 26 Mar 2010 12:30:28 +0000 (13:30 +0100)]
tdb: Add a non-blocking version of tdb_transaction_start
Volker Lendecke [Fri, 26 Mar 2010 12:20:34 +0000 (13:20 +0100)]
Revert "s3: Optimize gencache for smbd exit"
This reverts commit
e5a63346ecbfff1058c08402c40df927dbac51b8.
That does not fully fix the problem, adding a tdb_transaction_start_nonblock to
fix it.
Stefan Metzmacher [Tue, 23 Mar 2010 18:46:07 +0000 (19:46 +0100)]
s3:passdb: avoid sid_to_gid() if the sid is "domain users"
If the call fails we would use the "domain users" sid anyway.
metze
(cherry picked from commit
9fbbaa560ae74f015e404cfa700753c0b5909519)
Volker Lendecke [Thu, 18 Mar 2010 11:50:22 +0000 (12:50 +0100)]
s3: Implement an asynchronous echo responder process
This replies to echo requests when the main smbd is stuck somewhere
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
cad0c004ad54d80dcb25803f0ebb317344a42792)
Stefan Metzmacher [Fri, 19 Mar 2010 14:47:11 +0000 (15:47 +0100)]
s3:smbd: disable SMB encryption when the echo handler is active
metze
(cherry picked from commit
5a069f7209855e69082a176969533cc0d0ac0f55)
Stefan Metzmacher [Mon, 22 Mar 2010 08:11:05 +0000 (09:11 +0100)]
s3:smbd: disallow readbraw and writebraw if the echo handler is active
metze
(cherry picked from commit
d663b4c6c03450366375eb0951209bc374835935)
Stefan Metzmacher [Fri, 19 Mar 2010 11:08:13 +0000 (12:08 +0100)]
s3:smbd: disable sendfile if the echo handler is active
metze
(cherry picked from commit
fbf112bd1684acf420b104e0e7d66721af47c676)
Stefan Metzmacher [Thu, 18 Mar 2010 19:22:26 +0000 (20:22 +0100)]
s3:smbd: don't use recvfile if the echo handler is active
metze
(cherry picked from commit
453e6af5b81c8f206d87ec2e62fd79172f695950)
Stefan Metzmacher [Mon, 22 Mar 2010 08:45:43 +0000 (09:45 +0100)]
s3:smbd: setup a shared memory area for the signing state
metze
(cherry picked from commit
79e5e3dda7178c4d3c5952a48474d6dcafba91ec)
Stefan Metzmacher [Mon, 22 Mar 2010 08:43:48 +0000 (09:43 +0100)]
s3:smbd: add echo handler information to struct smbd_server_connection
metze
(cherry picked from commit
44d655b33fecb7a543ff957940716ba93fec12cd)
Stefan Metzmacher [Mon, 22 Mar 2010 08:36:41 +0000 (09:36 +0100)]
s3:param: add "async smb echo handler" option
This will enable an extra forked process that will reply
to SMBecho requests, while the main process is blocked by another
request.
metze
(cherry picked from commit
752240ccdc4dcdce7a2270ee5544e007c44bcf4d)
Stefan Metzmacher [Thu, 18 Mar 2010 14:36:19 +0000 (15:36 +0100)]
s3:smbd: pass down trusted_channel via receive_smb_talloc()
metze
(cherry picked from commit
b2c107ffbcd067ccc42f81a2d0969f7f88b63ae7)
Stefan Metzmacher [Fri, 19 Mar 2010 11:04:32 +0000 (12:04 +0100)]
s3:smbd: let reply_readbraw_error use the locked socket
metze
(cherry picked from commit
1e7086e5ce0924687d657de583adb63a9f0c1bfb)
Stefan Metzmacher [Fri, 19 Mar 2010 11:02:27 +0000 (12:02 +0100)]
s3:smbd: send keepalive packets under the socket lock
metze
(cherry picked from commit
c1653e3b0e536e835faf82a5aadadaec1cd38d1a)
Stefan Metzmacher [Thu, 18 Mar 2010 08:23:48 +0000 (09:23 +0100)]
s3:smbd: smbd_[un]lock_socket() while accessing the socket to the client
metze
(cherry picked from commit
977aa660f452d8ebc8f3a2f4bfbf0dda0bc230a2)
Stefan Metzmacher [Mon, 22 Mar 2010 08:34:07 +0000 (09:34 +0100)]
s3:smbd: add smbd_[un]lock_socket() dummies
metze
(cherry picked from commit
8de8554628bd3b16d9e488adfc31c8014c2eb1db)
Stefan Metzmacher [Mon, 22 Mar 2010 08:31:57 +0000 (09:31 +0100)]
s3:smbd: add an option to skip signings checks srv_check_sign_mac for trusted channels
metze
(cherry picked from commit
0b7da43da0bd5c7e0986854cda63103f082a26ee)