[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Thu Mar 4 22:13:49 MST 2010
The branch, master has been updated
via 2e16378... s4-pvfs: log more error conditions in NTVFS backend
via 80a37be... s4-pvfs: move the private ntcreatex flags to private_flags
via f01f124... s4-rpc: don't use s->credentials after it is freed
via 2e1e446... s4-torture: fixed commas separating C statements
from aaafadb... s3: Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2e1637833bb5e1d5c44b10761a8f6bbd88bde32d
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Mar 5 14:59:08 2010 +1100
s4-pvfs: log more error conditions in NTVFS backend
This should make is easier to track down some bug reports
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 80a37beb53519fdbb907a01f29ef150bafdd74e7
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Mar 5 14:57:50 2010 +1100
s4-pvfs: move the private ntcreatex flags to private_flags
Re-using two of the create_options bits was bound to eventually
cause problems, and indeed, Windows7 now uses one of those bits
when opening text files.
Fixes bug 7189
commit f01f124969b3e75accfc82fb85487fdab2046e82
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Mar 5 13:49:49 2010 +1100
s4-rpc: don't use s->credentials after it is freed
commit 2e1e446ba3f9fd177a29876a9d7173d11b334f40
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Mar 5 13:02:16 2010 +1100
s4-torture: fixed commas separating C statements
-----------------------------------------------------------------------
Summary of changes:
source4/libcli/raw/interfaces.h | 3 +++
source4/libcli/raw/smb.h | 12 ++++--------
source4/librpc/rpc/dcerpc_schannel.c | 3 +--
source4/ntvfs/ntvfs_generic.c | 6 ++++--
source4/ntvfs/posix/pvfs_open.c | 30 ++++++++++++++++++++++++++----
source4/ntvfs/posix/pvfs_read.c | 1 +
source4/ntvfs/posix/pvfs_rename.c | 10 ++++++++++
source4/ntvfs/posix/vfs_posix.h | 2 ++
source4/smb_server/smb/nttrans.c | 1 +
source4/smb_server/smb/reply.c | 7 +------
source4/torture/rpc/handles.c | 7 +++----
11 files changed, 56 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index f159074..f6d0905 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -1439,6 +1439,9 @@ union smb_open {
/* some optional parameters from the SMB2 varient */
bool query_maximal_access;
+
+ /* private flags for internal use only */
+ uint8_t private_flags;
} in;
struct {
union smb_handle file;
diff --git a/source4/libcli/raw/smb.h b/source4/libcli/raw/smb.h
index 349705d..7291821 100644
--- a/source4/libcli/raw/smb.h
+++ b/source4/libcli/raw/smb.h
@@ -178,19 +178,15 @@
#define NTCREATEX_OPTIONS_INVALID_PARAM_MASK (NTCREATEX_OPTIONS_OPFILTER | \
NTCREATEX_OPTIONS_SYNC_ALERT | \
NTCREATEX_OPTIONS_ASYNC_ALERT | \
- NTCREATEX_OPTIONS_OPFILTER | \
0xFF000000)
/*
- * We reuse some ignored flags for private use.
+ * private_flags field in ntcreatex
* This values have different meaning for some ntvfs backends.
- *
- * TODO: use values that are ignore for sure...
*/
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x00010000
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x00020000
-#define NTCREATEX_OPTIONS_PRIVATE_MASK (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | \
- NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x0001
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x0002
+
/* ntcreatex impersonation field */
#define NTCREATEX_IMPERSONATION_ANONYMOUS 0
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index 0870c89..4927e20 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -315,8 +315,7 @@ static void continue_schannel_key(struct composite_context *ctx)
/* receive schannel key */
c->status = dcerpc_schannel_key_recv(ctx);
if (!composite_is_ok(c)) {
- DEBUG(1, ("Failed to setup credentials for account %s: %s\n",
- cli_credentials_get_username(s->credentials), nt_errstr(c->status)));
+ DEBUG(1, ("Failed to setup credentials: %s\n", nt_errstr(c->status)));
return;
}
diff --git a/source4/ntvfs/ntvfs_generic.c b/source4/ntvfs/ntvfs_generic.c
index 547d038..8e1eb0b 100644
--- a/source4/ntvfs/ntvfs_generic.c
+++ b/source4/ntvfs/ntvfs_generic.c
@@ -284,6 +284,7 @@ static NTSTATUS map_openx_open(uint16_t flags, uint16_t open_mode,
union smb_open *io2)
{
io2->generic.in.create_options = NTCREATEX_OPTIONS_NON_DIRECTORY_FILE;
+ io2->generic.in.private_flags = 0;
if (flags & OPENX_FLAGS_REQUEST_OPLOCK) {
io2->generic.in.flags |= NTCREATEX_FLAGS_REQUEST_OPLOCK;
@@ -327,7 +328,7 @@ static NTSTATUS map_openx_open(uint16_t flags, uint16_t open_mode,
break;
case OPENX_MODE_DENY_DOS:
/* DENY_DOS is quite strange - it depends on the filename! */
- io2->generic.in.create_options |=
+ io2->generic.in.private_flags |=
NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
if (is_exe_filename(fname)) {
io2->generic.in.share_access =
@@ -342,7 +343,7 @@ static NTSTATUS map_openx_open(uint16_t flags, uint16_t open_mode,
}
break;
case OPENX_MODE_DENY_FCB:
- io2->generic.in.create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
+ io2->generic.in.private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
io2->generic.in.share_access = NTCREATEX_SHARE_ACCESS_NONE;
break;
default:
@@ -528,6 +529,7 @@ NTSTATUS ntvfs_map_open(struct ntvfs_module_context *ntvfs,
io2->generic.in.sec_desc = io->smb2.in.sec_desc;
io2->generic.in.ea_list = &io->smb2.in.eas;
io2->generic.in.query_maximal_access = io->smb2.in.query_maximal_access;
+ io2->generic.in.private_flags = 0;
/* we don't support timewarp yet */
if (io->smb2.in.timewarp != 0) {
diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c
index aa66ad7..d9d0d21 100644
--- a/source4/ntvfs/posix/pvfs_open.c
+++ b/source4/ntvfs/posix/pvfs_open.c
@@ -206,6 +206,8 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
if (io->ntcreatex.in.access_mask == SEC_FLAG_MAXIMUM_ALLOWED &&
(io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_DIRECTORY) &&
(io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) {
+ DEBUG(3,(__location__ ": Invalid access_mask/create_options 0x%08x 0x%08x for %s\n",
+ io->ntcreatex.in.access_mask, io->ntcreatex.in.create_options, name->original_name));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -229,6 +231,8 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
case NTCREATEX_DISP_OVERWRITE:
case NTCREATEX_DISP_SUPERSEDE:
default:
+ DEBUG(3,(__location__ ": Invalid open disposition 0x%08x for %s\n",
+ io->generic.in.open_disposition, name->original_name));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -276,6 +280,7 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
f->handle->fd = -1;
f->handle->odb_locking_key = data_blob(NULL, 0);
f->handle->create_options = io->generic.in.create_options;
+ f->handle->private_flags = io->generic.in.private_flags;
f->handle->seek_offset = 0;
f->handle->position = 0;
f->handle->mode = 0;
@@ -617,15 +622,21 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
struct security_descriptor *sd = NULL;
if (io->ntcreatex.in.file_attr & ~FILE_ATTRIBUTE_ALL_MASK) {
+ DEBUG(3,(__location__ ": Invalid file_attr 0x%08x for %s\n",
+ io->ntcreatex.in.file_attr, name->original_name));
return NT_STATUS_INVALID_PARAMETER;
}
if (io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_ENCRYPTED) {
+ DEBUG(3,(__location__ ": Invalid encryption request for %s\n",
+ name->original_name));
return NT_STATUS_ACCESS_DENIED;
}
if ((io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_READONLY) &&
(create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) {
+ DEBUG(4,(__location__ ": Invalid delete on close for readonly file %s\n",
+ name->original_name));
return NT_STATUS_CANNOT_DELETE;
}
@@ -776,6 +787,7 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
f->handle->name = talloc_steal(f->handle, name);
f->handle->fd = fd;
f->handle->create_options = io->generic.in.create_options;
+ f->handle->private_flags = io->generic.in.private_flags;
f->handle->seek_offset = 0;
f->handle->position = 0;
f->handle->mode = 0;
@@ -1061,7 +1073,7 @@ static NTSTATUS pvfs_open_deny_dos(struct ntvfs_module_context *ntvfs,
if (f2 != f &&
f2->ntvfs->session_info == req->session_info &&
f2->ntvfs->smbpid == req->smbpid &&
- (f2->handle->create_options &
+ (f2->handle->private_flags &
(NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
(f2->access_mask & SEC_FILE_WRITE_DATA) &&
@@ -1077,7 +1089,7 @@ static NTSTATUS pvfs_open_deny_dos(struct ntvfs_module_context *ntvfs,
/* quite an insane set of semantics ... */
if (is_exe_filename(io->generic.in.fname) &&
- (f2->handle->create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
+ (f2->handle->private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
return NT_STATUS_SHARING_VIOLATION;
}
@@ -1129,7 +1141,7 @@ static NTSTATUS pvfs_open_setup_retry(struct ntvfs_module_context *ntvfs,
struct timeval end_time;
struct timeval *final_timeout = NULL;
- if (io->generic.in.create_options &
+ if (io->generic.in.private_flags &
(NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
/* see if we can satisfy the request using the special DENY_DOS
code */
@@ -1211,6 +1223,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
access_mask = io->generic.in.access_mask;
if (share_access & ~NTCREATEX_SHARE_ACCESS_MASK) {
+ DEBUG(3,(__location__ ": Invalid share_access 0x%08x for %s\n",
+ share_access, io->ntcreatex.in.fname));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -1219,7 +1233,6 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
* but we reuse some of them as private values for the generic mapping
*/
create_options_must_ignore_mask = NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
- create_options_must_ignore_mask &= ~NTCREATEX_OPTIONS_PRIVATE_MASK;
create_options &= ~create_options_must_ignore_mask;
if (create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
@@ -1229,6 +1242,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
}
if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
+ DEBUG(3,(__location__ ": Invalid create_options 0x%08x for %s\n",
+ create_options, io->ntcreatex.in.fname));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -1259,6 +1274,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
/* other create options are not allowed */
if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) &&
!(access_mask & SEC_STD_DELETE)) {
+ DEBUG(3,(__location__ ": Invalid delete_on_close option 0x%08x with access_mask 0x%08x for %s\n",
+ create_options, access_mask, io->ntcreatex.in.fname));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -1290,6 +1307,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
if (io->ntcreatex.in.file_attr & (FILE_ATTRIBUTE_DEVICE|
FILE_ATTRIBUTE_VOLUME|
(~FILE_ATTRIBUTE_ALL_MASK))) {
+ DEBUG(3,(__location__ ": Invalid file_attr 0x%08x for %s\n",
+ io->ntcreatex.in.file_attr, io->ntcreatex.in.fname));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -1373,6 +1392,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
break;
default:
+ DEBUG(3,(__location__ ": Invalid open disposition 0x%08x for %s\n",
+ io->generic.in.open_disposition, name->original_name));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -1438,6 +1459,7 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
f->handle->fd = -1;
f->handle->name = talloc_steal(f->handle, name);
f->handle->create_options = io->generic.in.create_options;
+ f->handle->private_flags = io->generic.in.private_flags;
f->handle->seek_offset = 0;
f->handle->position = 0;
f->handle->mode = 0;
diff --git a/source4/ntvfs/posix/pvfs_read.c b/source4/ntvfs/posix/pvfs_read.c
index 75fba3c..d25036a 100644
--- a/source4/ntvfs/posix/pvfs_read.c
+++ b/source4/ntvfs/posix/pvfs_read.c
@@ -60,6 +60,7 @@ NTSTATUS pvfs_read(struct ntvfs_module_context *ntvfs,
maxcnt = rd->readx.in.maxcnt;
if (maxcnt > 2*UINT16_MAX && req->ctx->protocol < PROTOCOL_SMB2) {
+ DEBUG(3,(__location__ ": Invalid SMB maxcnt 0x%x\n", maxcnt));
return NT_STATUS_INVALID_PARAMETER;
}
diff --git a/source4/ntvfs/posix/pvfs_rename.c b/source4/ntvfs/posix/pvfs_rename.c
index d963357..66c1427 100644
--- a/source4/ntvfs/posix/pvfs_rename.c
+++ b/source4/ntvfs/posix/pvfs_rename.c
@@ -366,6 +366,8 @@ static NTSTATUS pvfs_rename_wildcard(struct pvfs_state *pvfs,
if (strncmp(dir_path, name2->full_name, strlen(dir_path)) != 0 ||
name2->full_name[strlen(dir_path)] != '/' ||
strchr(name2->full_name + strlen(dir_path) + 1, '/')) {
+ DEBUG(3,(__location__ ": Invalid rename for %s -> %s\n",
+ name1->original_name, name2->original_name));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -480,10 +482,14 @@ static NTSTATUS pvfs_rename_stream(struct ntvfs_module_context *ntvfs,
struct odb_lock *lck = NULL;
if (name1->has_wildcard) {
+ DEBUG(3,(__location__ ": Invalid wildcard rename for %s\n",
+ name1->original_name));
return NT_STATUS_INVALID_PARAMETER;
}
if (ren->ntrename.in.new_name[0] != ':') {
+ DEBUG(3,(__location__ ": Invalid rename for %s\n",
+ ren->ntrename.in.new_name));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -492,6 +498,8 @@ static NTSTATUS pvfs_rename_stream(struct ntvfs_module_context *ntvfs,
}
if (ren->ntrename.in.flags != RENAME_FLAG_RENAME) {
+ DEBUG(3,(__location__ ": Invalid rename flags 0x%x for %s\n",
+ ren->ntrename.in.flags, ren->ntrename.in.new_name));
return NT_STATUS_INVALID_PARAMETER;
}
@@ -621,6 +629,8 @@ static NTSTATUS pvfs_rename_nt(struct ntvfs_module_context *ntvfs,
return pvfs_copy_file(pvfs, name1, name2);
case RENAME_FLAG_MOVE_CLUSTER_INFORMATION:
+ DEBUG(3,(__location__ ": Invalid rename cluster for %s\n",
+ name1->original_name));
return NT_STATUS_INVALID_PARAMETER;
default:
diff --git a/source4/ntvfs/posix/vfs_posix.h b/source4/ntvfs/posix/vfs_posix.h
index 6354f75..86e9532 100644
--- a/source4/ntvfs/posix/vfs_posix.h
+++ b/source4/ntvfs/posix/vfs_posix.h
@@ -182,6 +182,8 @@ struct pvfs_file_handle {
/* the open went through to completion */
bool open_completed;
+
+ uint8_t private_flags;
};
/* open file state */
diff --git a/source4/smb_server/smb/nttrans.c b/source4/smb_server/smb/nttrans.c
index 74c98ea..5fba041 100644
--- a/source4/smb_server/smb/nttrans.c
+++ b/source4/smb_server/smb/nttrans.c
@@ -134,6 +134,7 @@ static NTSTATUS nttrans_create(struct smbsrv_request *req,
io->ntcreatex.in.sec_desc = NULL;
io->ntcreatex.in.ea_list = NULL;
io->ntcreatex.in.query_maximal_access = false;
+ io->ntcreatex.in.private_flags = 0;
req_pull_string(&req->in.bufinfo, &io->ntcreatex.in.fname,
params + 53,
diff --git a/source4/smb_server/smb/reply.c b/source4/smb_server/smb/reply.c
index ef7cbbf..7d33a37 100644
--- a/source4/smb_server/smb/reply.c
+++ b/source4/smb_server/smb/reply.c
@@ -2228,12 +2228,7 @@ void smbsrv_reply_ntcreate_and_X(struct smbsrv_request *req)
io->ntcreatex.in.ea_list = NULL;
io->ntcreatex.in.sec_desc = NULL;
io->ntcreatex.in.query_maximal_access = false;
-
- /* we use a couple of bits of the create options internally */
- if (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_PRIVATE_MASK) {
- smbsrv_send_error(req, NT_STATUS_INVALID_PARAMETER);
- return;
- }
+ io->ntcreatex.in.private_flags = 0;
/* we need a neater way to handle this alignment */
if ((req->flags2 & FLAGS2_UNICODE_STRINGS) &&
diff --git a/source4/torture/rpc/handles.c b/source4/torture/rpc/handles.c
index bbd0415..fa42a6a 100644
--- a/source4/torture/rpc/handles.c
+++ b/source4/torture/rpc/handles.c
@@ -120,7 +120,7 @@ static bool test_handles_lsa_shared(struct torture_context *torture)
status = torture_rpc_connection(torture, &p1, &ndr_table_lsarpc);
torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
- transport = p1->conn->transport.transport,
+ transport = p1->conn->transport.transport;
assoc_group_id = p1->assoc_group_id;
torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id);
@@ -402,7 +402,7 @@ static bool test_handles_mixed_shared(struct torture_context *torture)
status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
- transport = p1->conn->transport.transport,
+ transport = p1->conn->transport.transport;
assoc_group_id = p1->assoc_group_id;
torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id);
@@ -490,7 +490,7 @@ static bool test_handles_random_assoc(struct torture_context *torture)
status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
- transport = p1->conn->transport.transport,
+ transport = p1->conn->transport.transport;
assoc_group_id = p1->assoc_group_id;
torture_comment(torture, "pip1 use assoc_group_id[0x%08X]\n", assoc_group_id);
@@ -570,7 +570,6 @@ static bool test_handles_drsuapi(struct torture_context *torture)
return true;
}
-
struct torture_suite *torture_rpc_handles(TALLOC_CTX *mem_ctx)
{
struct torture_suite *suite;
--
Samba Shared Repository
More information about the samba-cvs
mailing list