| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
metze
(This used to be commit d92100fcc2066454df441a1ea2c7b9940fa19fa1)
|
|
Makefile fragments for the build system. This allows the file to be
edited without using quite as many backslashes. Some are still necessary
for interpolation of perl variables though.
I've diffed the new Makefile against the old and there are only some
extra newlines as a result of making things more consistent.
(This used to be commit 3808c5e092e1a11d453d0a043818a10e28c78961)
|
|
- talloc should always be done in the right context. For example, when creating
the userinfo_state structure, place it inside the composite
structure, not directly on the pipe. If this isn't done then
correct cleanup can't happen on errors (as cleanup destroys the top
level composite context only)
- define private structures like userinfo_state in the userinfo.c
code, not in the public header
- only keep the parameters we need in the state structure. For
example, the domain_handle is only needed in the first call, so we
don't need to keep it around in the state structure, but the level is
needed in later calls, so we need to keep it
- always initialise [out,ref] parameters in RPC calls. The [ref] part
means that the call assumes the pointer it has been given is
valid. If you don't initialise it then you will get a segv on
recv. This is why the code was dying.
- don't use internal strucrure elements like the pipe
pipe->conn->pending outside of the internal rpc implementation. That
is an internal list, trying to use it from external code will cause crashes.
- rpc calls assume that rpc call strucrures remain valid for the
duration of the call. This means you need to keep the structures
(such as "struct samr_Close") in the userinfo_state strucrure,
otherwise it will go out of scope during the async processing
- need to remember to change c->state to SMBCLI_REQUEST_DONE when the
request has finished in the close handler, otherwise it will loop
forever trying to close
Mimir, please look at the diff carefully for more detailed info on the fixes
(This used to be commit 01ea1e7762e214e87e74d6f28d6efeb6cdea9736)
|
|
rafal
(This used to be commit 01cbed98b32c2050a665aec51a99288e4afb29c1)
|
|
(This used to be commit f4d550c348e9604439f07329ddbc3cf65891d578)
|
|
- now works properly with UDP, so the NBT tests work
- fixed byte order in a few places
- connect() now fails to non-localhost
- fixed some places that tested for < 0, which should be == -1 (most syscalls
return -1 on error, not "negative")
(This used to be commit 61e1eea0fdb13577de2506472c5443ee92656263)
|
|
showlayout. There seems to be a bunch of -D and -I stuff in LD_FLAGS
which I don't think should be there.
(This used to be commit 87f88aaceeacf57b4a8a31e005894cbff4a21779)
|
|
less scalable. It only needs to be recalculated when we the highest fd
is destroyed.
(This used to be commit 568b9175f329f594404c9091ee5946670c40697e)
|
|
AF_LOCAL (we already use AF_UNIX in other places).
(This used to be commit 88d93b9782766ab1159a233307ef508881caa615)
|
|
then at the element level.
(This used to be commit fac5edd2b71759c82232713f77ab91b41ed09250)
|
|
can be enabled on the buildfarm without requiring --enable-developer
- Support tcp and udp being used on the same port
- FIx some portability issues (should fix the build on
some hosts on the buildfarm)
- Ignore setting TCP_NODELAY on (semi-)TCP sockets rather then complain about
it not being supported (saves us from a couple of error messages for each
connection that is opened)
(This used to be commit 443fb7853b8d3cb516c442fdc595038544b75738)
|
|
(This used to be commit a2ef9225f15e369af7b884262b997ab321fd24d6)
|
|
(this fixes parsing of w2k blob, which some times have random gargabe data in the sid buffer)
- make the names of the DsReplicaCoursor*Ctr* 's more consistent
and fix DsGetNCchangesCtr6 parsing
metze
(This used to be commit 75e427dca9f6b129ead100f7265794189f257c67)
|
|
dom_sid in it
metze
(This used to be commit 460d1b089e494efaeb0c8c7fd4601a9ef57123c5)
|
|
(tridge: asked me for that commit)
metze
(This used to be commit 2791de069a571aaa53283d68b5cc957d82e7ce41)
|
|
(and the push side isn't used currently...)
metze
(This used to be commit 2d121c84312723ef6a7a3250a204efa8488f6303)
|
|
(This used to be commit ad7ea50eb29402d213438e5fcaa56f853c00487e)
|
|
(taken from cabextract.c from KDE)
this code maybe need to be rewritten and the
compression side needs to be done,
but for now it seems to works
- remove the dependency to zlib
metze
(This used to be commit 5e8558c5b4365a494aa054c3e08d4084b319e6e5)
|
|
metze
(This used to be commit 80593150341852af0816e69bd653c93228862e9b)
|
|
of small typos.
(This used to be commit 9b4069e84573f85ce4341ceacd35737a18726a0b)
|
|
metze
(This used to be commit bbc0f6c5525b03deb9374fd96cb22cff4d3fb2e1)
|
|
metze
(This used to be commit 4b88ff29715a98c728cf70db4889daafed8eeeb2)
|
|
auth/gensec and auth/kerberos.
This also pulls the kerberos configure code out of libads (which is
otherwise dead), and into auth/kerberos/kerberos.m4
Andrew Bartlett
(This used to be commit e074d63f3dcf4f84239a10879112ebaf1cfa6c4f)
|
|
it produces the correct DATA_BLOB length, but only the first chunk is
successfull decompressed...
metze
(This used to be commit 0d44d077975d756023f1dcc8d2c3ebf06305e355)
|
|
metze
(This used to be commit a3cec189e1f5d137ba2f2829def03b060b59f0e2)
|
|
what does length_of() and id() do?
metze
(This used to be commit 55963934db51fadb1340c7a2ec275aa24151dd14)
|
|
find...:-( )
- use a DATA_BLOB for the driver specific data in the devmode
metze
(This used to be commit 87d48b20769666b568ac1115246b58995d221148)
|
|
metze
(This used to be commit ff32e2182e3f11b1b51110c9d3f34bc8781dec0b)
|
|
metze
(This used to be commit f3c64120a16289472bdc56329d39c7221d00b558)
|
|
metze
(This used to be commit 2a7eead1c8058f829395723028a43b0336a1cf87)
|
|
up issues I introduced during the merge, that caused a segfault.
I've still not got the keytab code to work for me (using Samba3 to
generate the keytab) so this is still not fully tested, but it's
better than it was.
To add debugging, I now use the krb5_get_error_message() function from
Heimdal when present, to return the custom error string, which
contains far, far more information than the simple error code does.
(This last point may well be worth merging back into 3.0)
Andrew Bartlett
(This used to be commit ed5755d9d1e48df7ae77a9410d30e10cb8b0cbd7)
|
|
is ready to read. Patch from Mark Weaver <mark-clist@npsl.co.uk>.
Jeremy.
(This used to be commit 857e98e8ea842bb94c93b81d7b69e3d304f100f5)
|
|
redirects traffic (currently just IP traffic) over unix domain sockets
if the SOCKET_WRAPPER_DIR environment variable has been set.
Aim is to use this for the Samba4 torture suite on the buildfarm.
The socket_wrapper library can only be used if Samba was compiled with
--enable-developer.
test_rpc.sh passes against a local smbd with SOCKET_WRAPPER_DIR set.
(and ethereal showed no traffic whatsoever)
Stuff that still needs to be fixed in socketwrapper:
- Give ENETUNREACH if target is not localhost
- A given port number can only be used for UDP /or/ TCP, not both.
- Perhaps allow some calls to circumvent socketwrapper (do we need DNS?)
(This used to be commit f8a63a843ccca092d9756b64e09175d37c08550a)
|
|
made into something that isn't a maze of #ifdefs)
- when a module is not found, make it a non-fatal error. Otherwise the standalone ldb
tools just bail out. The previous code meant that if you had a
module listed and it wasn't present then you could _never_ fix it,
as you coudln't open the ldb to remove that module from @MODULES !
(This used to be commit c4728625c093d91e522b80c049e0d42d2b5f143b)
|
|
ldb_connect()
(This used to be commit a6e492f95c6f31ed37ee32a13a34fa2847d8352d)
|
|
(This used to be commit 55117f1ab9171ee77cea5a6635411b23e7c542c8)
|
|
- This module will take care of properly filling an user or group object
with required fields. You just need to provide the dn and the objectclass
and a user/group get created
Simo.
(This used to be commit fb9afcaf533a4c32547d1857306e0aece8063953)
|
|
Andrew Bartlett
(This used to be commit 258c04e3678b936bb564ecef10f14128c0a54510)
|
|
client. The issue was actually a cut-and-paste bug, I was filling in
the .old not the .nt1 part of the union.
I've also removed the 'error checks' - I'll shortly document the API
for the credentials code to clarify that it will always return a
pointer here, except in cases of programmer error.
Tridge: I hope this is OK.
Andrew Bartlett
(This used to be commit 6439de9ec8c8d24197ea69dc337473e54c8b36b8)
|
|
(This used to be commit 40b8ee186af3e7f771c680dbbb03fdcf559bf103)
|
|
(This used to be commit ff6663aac8ed475bf65d9c06d7f2447a9827898c)
|
|
other username could be guessed.
(This used to be commit 7fe77cd65901776b5a78e8398547f364379259d3)
|
|
metze
(This used to be commit fca4dc4827c98c02051165c1aedf5bdc5354bdda)
|
|
this is not complete cuurently...
but I want other people to test it and help me on finishing it.
(try to change the #if 0 in torture/rpc/drsuapi.c into #if 1)
metze
(This used to be commit 335adef37082a78e0426decb715629bd778e6582)
|
|
Use uint32_t and uint16_t rather then DWORD and WORD in
the NT4 backend. Add some more unknown fields..
(This used to be commit 6c3b1ec3296c7ab1ddfdcee86162f2eb0d73f5a8)
|
|
Andrew Bartlett
(This used to be commit 48c518796797f021c9c7f319ca8cd0a0c185f64c)
|
|
has the patience to run test_w2k3.sh to completion :-)
It looks to me that the Windows server runs the RC4 over the C struct,
not the NDR data.
Andrew Bartlett
(This used to be commit c324d974134c35b4c50c91d5a932a63c78b67046)
|
|
(This used to be commit 54c02846791cd8bda942fec847257c00013d3409)
|
|
libcli/auth/schannel.c and libcli/auth/schannel_sign.c
Andrew Bartlett
(This used to be commit 1e0e66d7202d3f0e7fb3c90f2ca608fa08a713a6)
|
|
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'.
GENSEC now no longer has it's own handling of 'set username' etc,
instead it uses cli_credentials calls.
In order to link the credentails code right though Samba, a lot of
interfaces have changed to remove 'username, domain, password'
arguments, and these have been replaced with a single 'struct
cli_credentials'.
In the session setup code, a new parameter 'workgroup' contains the
client/server current workgroup, which seems unrelated to the
authentication exchange (it was being filled in from the auth info).
This allows in particular kerberos to only call back for passwords
when it actually needs to perform the kinit.
The kerberos code has been modified not to use the SPNEGO provided
'principal name' (in the mechListMIC), but to instead use the name the
host was connected to as. This better matches Microsoft behaviour,
is more secure and allows better use of standard kerberos functions.
To achieve this, I made changes to our socket code so that the
hostname (before name resolution) is now recorded on the socket.
In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now
in libcli/auth/schannel.c, and it looks much more like a standard
GENSEC module. The actual sign/seal code moved to
libcli/auth/schannel_sign.c in a previous commit.
The schannel credentails structure is now merged with the rest of the
credentails, as many of the values (username, workstation, domain)
where already present there. This makes handling this in a generic
manner much easier, as there is no longer a custom entry-point.
The auth_domain module continues to be developed, but is now just as
functional as auth_winbind. The changes here are consequential to the
schannel changes.
The only removed function at this point is the RPC-LOGIN test
(simulating the load of a WinXP login), which needs much more work to
clean it up (it contains copies of too much code from all over the
torture suite, and I havn't been able to penetrate its 'structure').
Andrew Bartlett
(This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
|
