[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via adbe6cb libcli/auth: avoid using transactions a chainlock is enough from 40d783c Call smb_panic when we try to exit the server uncleanly. This gives us the normal traceback and memory dump, but also runs the normal panic action. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit adbe6cba005a2060b0f641e91b500574f4637a36 Author: Stefan Metzmacher me...@samba.org Date: Wed Mar 27 08:43:18 2013 +0100 libcli/auth: avoid using transactions a chainlock is enough We're just writting a single record into a CLEAR_IF_FIRST|TDB_NOSYNC tdb. We just need to make sure we lock the record between reading and writting. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Volker Lendecke v...@samba.org Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Thu Mar 28 14:52:14 CET 2013 on sn-devel-104 --- Summary of changes: libcli/auth/schannel_state_tdb.c | 36 ++-- 1 files changed, 26 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c index bc91104..eecd00e 100644 --- a/libcli/auth/schannel_state_tdb.c +++ b/libcli/auth/schannel_state_tdb.c @@ -285,19 +285,41 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx, struct netlogon_creds_CredentialState *creds; NTSTATUS status; int ret; + char *name_upper = NULL; + char *keystr = NULL; + TDB_DATA key; + + if (creds_out != NULL) { + *creds_out = NULL; + } tmpctx = talloc_named(mem_ctx, 0, schannel_check_creds_state); if (!tmpctx) { return NT_STATUS_NO_MEMORY; } + name_upper = strupper_talloc(tmpctx, computer_name); + if (!name_upper) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + keystr = talloc_asprintf(tmpctx, %s/%s, +SECRETS_SCHANNEL_STATE, name_upper); + if (!keystr) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + key = string_term_tdb_data(keystr); + tdb_sc = open_schannel_session_store(tmpctx, lp_ctx); if (!tdb_sc) { status = NT_STATUS_ACCESS_DENIED; goto done; } - ret = tdb_transaction_start(tdb_sc-tdb); + ret = tdb_chainlock(tdb_sc-tdb, key); if (ret != 0) { status = NT_STATUS_INTERNAL_DB_CORRUPTION; goto done; @@ -310,7 +332,7 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx, status = schannel_fetch_session_key_tdb(tdb_sc, tmpctx, computer_name, creds); if (!NT_STATUS_IS_OK(status)) { - tdb_transaction_cancel(tdb_sc-tdb); + tdb_chainunlock(tdb_sc-tdb, key); goto done; } @@ -318,19 +340,13 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx, received_authenticator, return_authenticator); if (!NT_STATUS_IS_OK(status)) { - tdb_transaction_cancel(tdb_sc-tdb); + tdb_chainunlock(tdb_sc-tdb, key); goto done; } status = schannel_store_session_key_tdb(tdb_sc, tmpctx, creds); + tdb_chainunlock(tdb_sc-tdb, key); if (!NT_STATUS_IS_OK(status)) { - tdb_transaction_cancel(tdb_sc-tdb); - goto done; - } - - ret = tdb_transaction_commit(tdb_sc-tdb); - if (ret != 0) { - status = NT_STATUS_INTERNAL_DB_CORRUPTION; goto done; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ffe14d9 Optimization suggested by Volker. Don't do a stat system call on normal read path. from adbe6cb libcli/auth: avoid using transactions a chainlock is enough http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ffe14d99083fe5344fa7678e7ad780d930398427 Author: Jeremy Allison j...@samba.org Date: Mon Mar 25 09:54:50 2013 -0700 Optimization suggested by Volker. Don't do a stat system call on normal read path. Only do it if we need it in the sendfile() path. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Volker Lendecke v...@samba.org Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Thu Mar 28 17:51:22 CET 2013 on sn-devel-104 --- Summary of changes: source3/smbd/reply.c | 30 +++--- 1 files changed, 15 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8b500c5..0d9f415 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3666,11 +3666,6 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, struct lock_struct lock; int saved_errno = 0; - if(fsp_stat(fsp) == -1) { - reply_nterror(req, map_nt_error_from_unix(errno)); - return; - } - init_strict_lock_struct(fsp, (uint64_t)req-smbpid, (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK, lock); @@ -3680,16 +3675,6 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, return; } - if (!S_ISREG(fsp-fsp_name-st.st_ex_mode) || - (startpos fsp-fsp_name-st.st_ex_size) - || (smb_maxcnt (fsp-fsp_name-st.st_ex_size - startpos))) { - /* -* We already know that we would do a short read, so don't -* try the sendfile() path. -*/ - goto nosendfile_read; - } - /* * We can only use sendfile on a non-chained packet * but we can use on a non-oplocked file. tridge proved this @@ -3704,6 +3689,21 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, uint8 headerbuf[smb_size + 12 * 2]; DATA_BLOB header; + if(fsp_stat(fsp) == -1) { + reply_nterror(req, map_nt_error_from_unix(errno)); + goto strict_unlock; + } + + if (!S_ISREG(fsp-fsp_name-st.st_ex_mode) || + (startpos fsp-fsp_name-st.st_ex_size) || + (smb_maxcnt (fsp-fsp_name-st.st_ex_size - startpos))) { + /* +* We already know that we would do a short read, so don't +* try the sendfile() path. +*/ + goto nosendfile_read; + } + /* * Set up the packet header before send. We * assume here the sendfile will work (get the -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7fd926f Make sure that we only propogate the INHERITED flag when we are allowed to. from ffe14d9 Optimization suggested by Volker. Don't do a stat system call on normal read path. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7fd926fcdcb92a8e1e2b0c29371f2eb2ae4057df Author: Richard Sharpe realrichardsha...@gmail.com Date: Wed Mar 27 19:36:43 2013 -0700 Make sure that we only propogate the INHERITED flag when we are allowed to. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Richard Sharpe realrichardsha...@gmail.com Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Thu Mar 28 19:43:41 CET 2013 on sn-devel-104 --- Summary of changes: libcli/security/secdesc.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/security/secdesc.c b/libcli/security/secdesc.c index d2c5833..a7e9900 100644 --- a/libcli/security/secdesc.c +++ b/libcli/security/secdesc.c @@ -614,7 +614,8 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, if (!container) { new_flags = 0; } else { - new_flags = ~SEC_ACE_FLAG_INHERIT_ONLY; + new_flags = ~(SEC_ACE_FLAG_INHERIT_ONLY + | SEC_ACE_FLAG_INHERITED_ACE); if (!(new_flags SEC_ACE_FLAG_CONTAINER_INHERIT)) { new_flags |= SEC_ACE_FLAG_INHERIT_ONLY; -- Samba Shared Repository