samba-cvs.cvs
[Top] [All Lists]

[SCM] Samba Shared Repository - branch master updated

Subject: [SCM] Samba Shared Repository - branch master updated
From: Andrew Tridgell
Date: Thu, 4 Mar 2010 23:13:49 -0600 CST
The branch, master has been updated
       via  2e16378... s4-pvfs: log more error conditions in NTVFS backend
       via  80a37be... s4-pvfs: move the private ntcreatex flags to 
private_flags
       via  f01f124... s4-rpc: don't use s->credentials after it is freed
       via  2e1e446... s4-torture: fixed commas separating C statements
      from  aaafadb... s3: Fix unnecessary traversing winbindd_cache.tdb in 
SIGHUP handler.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 2e1637833bb5e1d5c44b10761a8f6bbd88bde32d
Author: Andrew Tridgell <tridge@xxxxxxxxx>
Date:   Fri Mar 5 14:59:08 2010 +1100

    s4-pvfs: log more error conditions in NTVFS backend
    
    This should make is easier to track down some bug reports
    
    Pair-Programmed-With: Andrew Bartlett <abartlet@xxxxxxxxx>

commit 80a37beb53519fdbb907a01f29ef150bafdd74e7
Author: Andrew Tridgell <tridge@xxxxxxxxx>
Date:   Fri Mar 5 14:57:50 2010 +1100

    s4-pvfs: move the private ntcreatex flags to private_flags
    
    Re-using two of the create_options bits was bound to eventually
    cause problems, and indeed, Windows7 now uses one of those bits
    when opening text files.
    
    Fixes bug 7189

commit f01f124969b3e75accfc82fb85487fdab2046e82
Author: Andrew Tridgell <tridge@xxxxxxxxx>
Date:   Fri Mar 5 13:49:49 2010 +1100

    s4-rpc: don't use s->credentials after it is freed

commit 2e1e446ba3f9fd177a29876a9d7173d11b334f40
Author: Andrew Tridgell <tridge@xxxxxxxxx>
Date:   Fri Mar 5 13:02:16 2010 +1100

    s4-torture: fixed commas separating C statements

-----------------------------------------------------------------------

Summary of changes:
 source4/libcli/raw/interfaces.h      |    3 +++
 source4/libcli/raw/smb.h             |   12 ++++--------
 source4/librpc/rpc/dcerpc_schannel.c |    3 +--
 source4/ntvfs/ntvfs_generic.c        |    6 ++++--
 source4/ntvfs/posix/pvfs_open.c      |   30 ++++++++++++++++++++++++++----
 source4/ntvfs/posix/pvfs_read.c      |    1 +
 source4/ntvfs/posix/pvfs_rename.c    |   10 ++++++++++
 source4/ntvfs/posix/vfs_posix.h      |    2 ++
 source4/smb_server/smb/nttrans.c     |    1 +
 source4/smb_server/smb/reply.c       |    7 +------
 source4/torture/rpc/handles.c        |    7 +++----
 11 files changed, 56 insertions(+), 26 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index f159074..f6d0905 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -1439,6 +1439,9 @@ union smb_open {
                        
                        /* some optional parameters from the SMB2 varient */
                        bool query_maximal_access;
+
+                       /* private flags for internal use only */
+                       uint8_t private_flags;
                } in;
                struct {
                        union smb_handle file;
diff --git a/source4/libcli/raw/smb.h b/source4/libcli/raw/smb.h
index 349705d..7291821 100644
--- a/source4/libcli/raw/smb.h
+++ b/source4/libcli/raw/smb.h
@@ -178,19 +178,15 @@
 #define NTCREATEX_OPTIONS_INVALID_PARAM_MASK    (NTCREATEX_OPTIONS_OPFILTER | \
                                                 NTCREATEX_OPTIONS_SYNC_ALERT | 
\
                                                 NTCREATEX_OPTIONS_ASYNC_ALERT 
| \
-                                                NTCREATEX_OPTIONS_OPFILTER | \
                                                 0xFF000000)
 
 /*
- * We reuse some ignored flags for private use.
+ * private_flags field in ntcreatex
  * This values have different meaning for some ntvfs backends.
- *
- * TODO: use values that are ignore for sure...
  */
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS      0x00010000
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB      0x00020000
-#define NTCREATEX_OPTIONS_PRIVATE_MASK          
(NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | \
-                                                
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS      0x0001
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB      0x0002
+
 
 /* ntcreatex impersonation field */
 #define NTCREATEX_IMPERSONATION_ANONYMOUS      0
diff --git a/source4/librpc/rpc/dcerpc_schannel.c 
b/source4/librpc/rpc/dcerpc_schannel.c
index 0870c89..4927e20 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -315,8 +315,7 @@ static void continue_schannel_key(struct composite_context 
*ctx)
        /* receive schannel key */
        c->status = dcerpc_schannel_key_recv(ctx);
        if (!composite_is_ok(c)) {
-               DEBUG(1, ("Failed to setup credentials for account %s: %s\n",
-                         cli_credentials_get_username(s->credentials), 
nt_errstr(c->status)));
+               DEBUG(1, ("Failed to setup credentials: %s\n", 
nt_errstr(c->status)));
                return;
        }
 
diff --git a/source4/ntvfs/ntvfs_generic.c b/source4/ntvfs/ntvfs_generic.c
index 547d038..8e1eb0b 100644
--- a/source4/ntvfs/ntvfs_generic.c
+++ b/source4/ntvfs/ntvfs_generic.c
@@ -284,6 +284,7 @@ static NTSTATUS map_openx_open(uint16_t flags, uint16_t 
open_mode,
                               union smb_open *io2)
 {
        io2->generic.in.create_options = NTCREATEX_OPTIONS_NON_DIRECTORY_FILE;
+       io2->generic.in.private_flags = 0;
 
        if (flags & OPENX_FLAGS_REQUEST_OPLOCK) {
                io2->generic.in.flags |= NTCREATEX_FLAGS_REQUEST_OPLOCK;
@@ -327,7 +328,7 @@ static NTSTATUS map_openx_open(uint16_t flags, uint16_t 
open_mode,
                break;
        case OPENX_MODE_DENY_DOS:
                /* DENY_DOS is quite strange - it depends on the filename! */
-               io2->generic.in.create_options |= 
+               io2->generic.in.private_flags |=
                        NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
                if (is_exe_filename(fname)) {
                        io2->generic.in.share_access = 
@@ -342,7 +343,7 @@ static NTSTATUS map_openx_open(uint16_t flags, uint16_t 
open_mode,
                }
                break;
        case OPENX_MODE_DENY_FCB:
-               io2->generic.in.create_options |= 
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
+               io2->generic.in.private_flags |= 
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
                io2->generic.in.share_access = NTCREATEX_SHARE_ACCESS_NONE;
                break;
        default:
@@ -528,6 +529,7 @@ NTSTATUS ntvfs_map_open(struct ntvfs_module_context *ntvfs,
                io2->generic.in.sec_desc        = io->smb2.in.sec_desc;
                io2->generic.in.ea_list         = &io->smb2.in.eas;
                io2->generic.in.query_maximal_access = 
io->smb2.in.query_maximal_access; 
+               io2->generic.in.private_flags   = 0;
 
                /* we don't support timewarp yet */
                if (io->smb2.in.timewarp != 0) {
diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c
index aa66ad7..d9d0d21 100644
--- a/source4/ntvfs/posix/pvfs_open.c
+++ b/source4/ntvfs/posix/pvfs_open.c
@@ -206,6 +206,8 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
        if (io->ntcreatex.in.access_mask == SEC_FLAG_MAXIMUM_ALLOWED &&
            (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_DIRECTORY) &&
            (io->ntcreatex.in.create_options & 
NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) {
+               DEBUG(3,(__location__ ": Invalid access_mask/create_options 
0x%08x 0x%08x for %s\n",
+                        io->ntcreatex.in.access_mask, 
io->ntcreatex.in.create_options, name->original_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
        
@@ -229,6 +231,8 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
        case NTCREATEX_DISP_OVERWRITE:
        case NTCREATEX_DISP_SUPERSEDE:
        default:
+               DEBUG(3,(__location__ ": Invalid open disposition 0x%08x for 
%s\n",
+                        io->generic.in.open_disposition, name->original_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -276,6 +280,7 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
        f->handle->fd                = -1;
        f->handle->odb_locking_key   = data_blob(NULL, 0);
        f->handle->create_options    = io->generic.in.create_options;
+       f->handle->private_flags     = io->generic.in.private_flags;
        f->handle->seek_offset       = 0;
        f->handle->position          = 0;
        f->handle->mode              = 0;
@@ -617,15 +622,21 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
        struct security_descriptor *sd = NULL;
 
        if (io->ntcreatex.in.file_attr & ~FILE_ATTRIBUTE_ALL_MASK) {
+               DEBUG(3,(__location__ ": Invalid file_attr 0x%08x for %s\n",
+                        io->ntcreatex.in.file_attr, name->original_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
        if (io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_ENCRYPTED) {
+               DEBUG(3,(__location__ ": Invalid encryption request for %s\n",
+                        name->original_name));
                return NT_STATUS_ACCESS_DENIED;
        }
            
        if ((io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_READONLY) &&
            (create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) {
+               DEBUG(4,(__location__ ": Invalid delete on close for readonly 
file %s\n",
+                        name->original_name));
                return NT_STATUS_CANNOT_DELETE;
        }
 
@@ -776,6 +787,7 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
        f->handle->name              = talloc_steal(f->handle, name);
        f->handle->fd                = fd;
        f->handle->create_options    = io->generic.in.create_options;
+       f->handle->private_flags     = io->generic.in.private_flags;
        f->handle->seek_offset       = 0;
        f->handle->position          = 0;
        f->handle->mode              = 0;
@@ -1061,7 +1073,7 @@ static NTSTATUS pvfs_open_deny_dos(struct 
ntvfs_module_context *ntvfs,
                if (f2 != f &&
                    f2->ntvfs->session_info == req->session_info &&
                    f2->ntvfs->smbpid == req->smbpid &&
-                   (f2->handle->create_options & 
+                   (f2->handle->private_flags &
                     (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
                      NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
                    (f2->access_mask & SEC_FILE_WRITE_DATA) &&
@@ -1077,7 +1089,7 @@ static NTSTATUS pvfs_open_deny_dos(struct 
ntvfs_module_context *ntvfs,
 
        /* quite an insane set of semantics ... */
        if (is_exe_filename(io->generic.in.fname) &&
-           (f2->handle->create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
+           (f2->handle->private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
                return NT_STATUS_SHARING_VIOLATION;
        }
 
@@ -1129,7 +1141,7 @@ static NTSTATUS pvfs_open_setup_retry(struct 
ntvfs_module_context *ntvfs,
        struct timeval end_time;
        struct timeval *final_timeout = NULL;
 
-       if (io->generic.in.create_options & 
+       if (io->generic.in.private_flags &
            (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | 
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
                /* see if we can satisfy the request using the special DENY_DOS
                   code */
@@ -1211,6 +1223,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
        access_mask    = io->generic.in.access_mask;
 
        if (share_access & ~NTCREATEX_SHARE_ACCESS_MASK) {
+               DEBUG(3,(__location__ ": Invalid share_access 0x%08x for %s\n",
+                        share_access, io->ntcreatex.in.fname));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -1219,7 +1233,6 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
         * but we reuse some of them as private values for the generic mapping
         */
        create_options_must_ignore_mask = NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
-       create_options_must_ignore_mask &= ~NTCREATEX_OPTIONS_PRIVATE_MASK;
        create_options &= ~create_options_must_ignore_mask;
 
        if (create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
@@ -1229,6 +1242,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
        }
 
        if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
+               DEBUG(3,(__location__ ": Invalid create_options 0x%08x for 
%s\n",
+                        create_options, io->ntcreatex.in.fname));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -1259,6 +1274,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
        /* other create options are not allowed */
        if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) &&
            !(access_mask & SEC_STD_DELETE)) {
+               DEBUG(3,(__location__ ": Invalid delete_on_close option 0x%08x 
with access_mask 0x%08x for %s\n",
+                        create_options, access_mask, io->ntcreatex.in.fname));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -1290,6 +1307,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
        if (io->ntcreatex.in.file_attr & (FILE_ATTRIBUTE_DEVICE|
                                          FILE_ATTRIBUTE_VOLUME| 
                                          (~FILE_ATTRIBUTE_ALL_MASK))) {
+               DEBUG(3,(__location__ ": Invalid file_attr 0x%08x for %s\n",
+                        io->ntcreatex.in.file_attr, io->ntcreatex.in.fname));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -1373,6 +1392,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
                break;
 
        default:
+               DEBUG(3,(__location__ ": Invalid open disposition 0x%08x for 
%s\n",
+                        io->generic.in.open_disposition, name->original_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -1438,6 +1459,7 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
        f->handle->fd                = -1;
        f->handle->name              = talloc_steal(f->handle, name);
        f->handle->create_options    = io->generic.in.create_options;
+       f->handle->private_flags     = io->generic.in.private_flags;
        f->handle->seek_offset       = 0;
        f->handle->position          = 0;
        f->handle->mode              = 0;
diff --git a/source4/ntvfs/posix/pvfs_read.c b/source4/ntvfs/posix/pvfs_read.c
index 75fba3c..d25036a 100644
--- a/source4/ntvfs/posix/pvfs_read.c
+++ b/source4/ntvfs/posix/pvfs_read.c
@@ -60,6 +60,7 @@ NTSTATUS pvfs_read(struct ntvfs_module_context *ntvfs,
 
        maxcnt = rd->readx.in.maxcnt;
        if (maxcnt > 2*UINT16_MAX && req->ctx->protocol < PROTOCOL_SMB2) {
+               DEBUG(3,(__location__ ": Invalid SMB maxcnt 0x%x\n", maxcnt));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
diff --git a/source4/ntvfs/posix/pvfs_rename.c 
b/source4/ntvfs/posix/pvfs_rename.c
index d963357..66c1427 100644
--- a/source4/ntvfs/posix/pvfs_rename.c
+++ b/source4/ntvfs/posix/pvfs_rename.c
@@ -366,6 +366,8 @@ static NTSTATUS pvfs_rename_wildcard(struct pvfs_state 
*pvfs,
        if (strncmp(dir_path, name2->full_name, strlen(dir_path)) != 0 ||
            name2->full_name[strlen(dir_path)] != '/' ||
            strchr(name2->full_name + strlen(dir_path) + 1, '/')) {
+               DEBUG(3,(__location__ ": Invalid rename for %s -> %s\n",
+                        name1->original_name, name2->original_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -480,10 +482,14 @@ static NTSTATUS pvfs_rename_stream(struct 
ntvfs_module_context *ntvfs,
        struct odb_lock *lck = NULL;
 
        if (name1->has_wildcard) {
+               DEBUG(3,(__location__ ": Invalid wildcard rename for %s\n",
+                        name1->original_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
        if (ren->ntrename.in.new_name[0] != ':') {
+               DEBUG(3,(__location__ ": Invalid rename for %s\n",
+                        ren->ntrename.in.new_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -492,6 +498,8 @@ static NTSTATUS pvfs_rename_stream(struct 
ntvfs_module_context *ntvfs,
        }
 
        if (ren->ntrename.in.flags != RENAME_FLAG_RENAME) {
+               DEBUG(3,(__location__ ": Invalid rename flags 0x%x for %s\n",
+                        ren->ntrename.in.flags, ren->ntrename.in.new_name));
                return NT_STATUS_INVALID_PARAMETER;
        }
 
@@ -621,6 +629,8 @@ static NTSTATUS pvfs_rename_nt(struct ntvfs_module_context 
*ntvfs,
                return pvfs_copy_file(pvfs, name1, name2);
 
        case RENAME_FLAG_MOVE_CLUSTER_INFORMATION:
+               DEBUG(3,(__location__ ": Invalid rename cluster for %s\n",
+                        name1->original_name));
                return NT_STATUS_INVALID_PARAMETER;
 
        default:
diff --git a/source4/ntvfs/posix/vfs_posix.h b/source4/ntvfs/posix/vfs_posix.h
index 6354f75..86e9532 100644
--- a/source4/ntvfs/posix/vfs_posix.h
+++ b/source4/ntvfs/posix/vfs_posix.h
@@ -182,6 +182,8 @@ struct pvfs_file_handle {
 
        /* the open went through to completion */
        bool open_completed;
+
+       uint8_t private_flags;
 };
 
 /* open file state */
diff --git a/source4/smb_server/smb/nttrans.c b/source4/smb_server/smb/nttrans.c
index 74c98ea..5fba041 100644
--- a/source4/smb_server/smb/nttrans.c
+++ b/source4/smb_server/smb/nttrans.c
@@ -134,6 +134,7 @@ static NTSTATUS nttrans_create(struct smbsrv_request *req,
        io->ntcreatex.in.sec_desc         = NULL;
        io->ntcreatex.in.ea_list          = NULL;
        io->ntcreatex.in.query_maximal_access = false;
+       io->ntcreatex.in.private_flags    = 0;
 
        req_pull_string(&req->in.bufinfo, &io->ntcreatex.in.fname, 
                        params + 53, 
diff --git a/source4/smb_server/smb/reply.c b/source4/smb_server/smb/reply.c
index ef7cbbf..7d33a37 100644
--- a/source4/smb_server/smb/reply.c
+++ b/source4/smb_server/smb/reply.c
@@ -2228,12 +2228,7 @@ void smbsrv_reply_ntcreate_and_X(struct smbsrv_request 
*req)
        io->ntcreatex.in.ea_list          = NULL;
        io->ntcreatex.in.sec_desc         = NULL;
        io->ntcreatex.in.query_maximal_access = false;
-
-       /* we use a couple of bits of the create options internally */
-       if (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_PRIVATE_MASK) {
-               smbsrv_send_error(req, NT_STATUS_INVALID_PARAMETER);
-               return;
-       }
+       io->ntcreatex.in.private_flags    = 0;
 
        /* we need a neater way to handle this alignment */
        if ((req->flags2 & FLAGS2_UNICODE_STRINGS) && 
diff --git a/source4/torture/rpc/handles.c b/source4/torture/rpc/handles.c
index bbd0415..fa42a6a 100644
--- a/source4/torture/rpc/handles.c
+++ b/source4/torture/rpc/handles.c
@@ -120,7 +120,7 @@ static bool test_handles_lsa_shared(struct torture_context 
*torture)
        status = torture_rpc_connection(torture, &p1, &ndr_table_lsarpc);
        torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
 
-       transport       = p1->conn->transport.transport,
+       transport       = p1->conn->transport.transport;
        assoc_group_id  = p1->assoc_group_id;
 
        torture_comment(torture, "use assoc_group_id[0x%08X] for new 
connections\n", assoc_group_id);
@@ -402,7 +402,7 @@ static bool test_handles_mixed_shared(struct 
torture_context *torture)
        status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
        torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
 
-       transport       = p1->conn->transport.transport,
+       transport       = p1->conn->transport.transport;
        assoc_group_id  = p1->assoc_group_id;
 
        torture_comment(torture, "use assoc_group_id[0x%08X] for new 
connections\n", assoc_group_id);
@@ -490,7 +490,7 @@ static bool test_handles_random_assoc(struct 
torture_context *torture)
        status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
        torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
 
-       transport       = p1->conn->transport.transport,
+       transport       = p1->conn->transport.transport;
        assoc_group_id  = p1->assoc_group_id;
 
        torture_comment(torture, "pip1 use assoc_group_id[0x%08X]\n", 
assoc_group_id);
@@ -570,7 +570,6 @@ static bool test_handles_drsuapi(struct torture_context 
*torture)
        return true;
 }
 
-
 struct torture_suite *torture_rpc_handles(TALLOC_CTX *mem_ctx)
 {
        struct torture_suite *suite;


-- 
Samba Shared Repository

<Prev in Thread] Current Thread [Next in Thread>