Age | Commit message (Collapse) | Author | Files | Lines |
|
switch, rather than a series of if statements.
Also start to use the GENSEC subcontexts, and add some comments
explaining some of the 'odd' logic in parts.
I'll probably break these out into subfunctions soon.
Thanks to metze for getting me to do this :-)
Andrew Bartlett
(This used to be commit 73e03596d3b2ad5927e8154d0fbfbdae9ec3f717)
|
|
- Add the concept of a 'subcontext' into gensec, so that the spengo
code doesn't have to figure out how to make one.
(A subcontext inherits the username, domain, password (or callback)
from the main context).
- Add comments to some other routines, and explain a bit about what
the various 'start' functions are for.
Andrew Bartlett
(This used to be commit 7aedbfbdd92b4ca93cbd0babff16e7526201ee88)
|
|
Andrew Bartlett
(This used to be commit 871e98ce5771bc96527f7ad4da07a7d6c1ae1c3c)
|
|
Andrew Bartlett
(This used to be commit dbe484a0c2c1ef99b71621208fb3fec68fe4fada)
|
|
Andrew Bartlett
(This used to be commit 842a5dfc1f313b771fef14a484be6eea8c6eedf8)
|
|
Andrew Bartlett
(This used to be commit 9039a2a1128d8af278cae76c0aa6d5362b3671e4)
|
|
various switches without looking one byte past te end of the buffer.
(This used to be commit 5bce188d429b4166f3d0314922ae40204de182a7)
|
|
not yet used and not working because of bugs in the gensec spnego code
metze
(This used to be commit b9795ed5735ad88a2ba9608d3d8804edf77e4cd4)
|
|
- set auth_type = DCERPC_AUTH_TYPE_SPNEGO
metze
(This used to be commit 7354521f3cfaa2ead8fac38a68b7704d43731f72)
|
|
metze
(This used to be commit a826accd55e90cb0628f198886ba1ae6c845e68b)
|
|
metze
(This used to be commit 38e00f87191b86901b603e66aec1e7e71f74c29f)
|
|
- pass down gensec_user to the sub context
- if segfault when mechType is NULL
metze
(This used to be commit 3f84263c27add3bf01eea88618f707da925bed5c)
|
|
metze
(This used to be commit 7b8237bfb3c302a448a7db0236c0a953603dcd89)
|
|
code
set lp_use_spnego = False, because I can't get it working yet
but I commit it so others can help me
metze
(This used to be commit 2445cceba9ab9bd928c8bc50927a39509e4526b0)
|
|
some gensec spnego fixes
(NULL pointer and length checks)
metze
(This used to be commit 41ff6d0cd47f6295fe7fe1d31fec7306416ce199)
|
|
metze
(This used to be commit 442905394b5e2f74baa4d83b2f4ba5159f321dd2)
|
|
of SIDs
w2k3 can handle in a single request. With the samba3 client rpc libs I can do
about 21000 SIDs in a single request. test_many_LookupSIDs with 10000 SIDs
fails on the subsequent request with a NET_WRITE_FAULT. Maybe the Samba4 DCE
people want to take a look at this -- I don't see the problem.
Bug fix: SID components should be treated as unsigned when parsing
Volker
(This used to be commit 8c997a2ad2e89a640f854b556ef76a3d52c15963)
|
|
metze
(This used to be commit ee711c71fedd9d24b5a78b51d9dc3e166645260f)
|
|
metze
(This used to be commit 32e307857ccc99b446e7574d46b610c63ee03583)
|
|
should cause DEBUG(0,(...));
metze
(This used to be commit 80851e67783a9c3c8bdd7f2b52e0b46dd7b18d05)
|
|
metze
(This used to be commit 7a8786269b4f9e4962b51dd734171adf04021c15)
|
|
accept '--' comments
implement the
<name> DEFINITIONS ::=
BEGIN
...
END
syntax
metze
(This used to be commit 4422547711b9d653999433f36d48dccebc006bce)
|
|
metze
(This used to be commit 52674db28203b3a7f35c36379670813f9297b5ed)
|
|
print
servers.
(This used to be commit 0edf17ac38b43cadb07dc0840730cd9b4e381713)
|
|
metze
(This used to be commit d752eb660fd974fe3a14ed04974e54b3c385527c)
|
|
(for better bug tracking)
when generating config.smb_build.pl
metze
(This used to be commit 390c03b9297f2105c0c5277fca049fe653e8b012)
|
|
merge the backtrace stuff from 3.0
metze
(This used to be commit 4daf1bafc71cc8f13188aeb85d81aa7513d57d95)
|
|
metze
(This used to be commit 1727ef2bb9377ace00700f3c3e32ea6a4d267f60)
|
|
called 'pasn1', it works like 'pidl'
and we may can autogenerate ASN.1 code out of it.
(NOTE: the complete LDAP ASN.1 definition is in the RFC 2251,
and maybe some others too :-)
I'm not completly shure if we'll use it in future,
but I commit it so that it won't be lost...
metze
(This used to be commit ddcaf7b63a0bc49ef1fc2d85d0ba81d67db48790)
|
|
Declare variables at the start of a block.
Andrew Bartlett
(This used to be commit 9f5394703e81db9ed93648e06e48b0364a04a696)
|
|
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
|
|
Andrew Bartlett
(This used to be commit 9002584c020a48ab37cce103b4413e871aae2985)
|
|
Add some 'multi init' code, until we get a better set of infrustructure.
Andrew Bartlett
(This used to be commit 982422b2d286335378531ae9523e74192340af3c)
|
|
because this is the connection state per transport layer (tcp)
connection
I also moved the substructs directly into smbsrv_connection,
because they don't need a struct name and we should allway pass the complete
smbsrv_connection struct into functions
metze
(This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
|
|
metze
(This used to be commit a6c0ca9de52b2395b092cb245bb94cbd55dfdd46)
|
|
metze
(This used to be commit 7b4ad993ad7c937ef9bee1a48a8bda62f2f5d3b9)
|
|
metze
(This used to be commit a85d2db5826a84b812ea5162a11f54edd25f74e3)
|
|
metze
(This used to be commit 99473fab4b1ff87a795f3c08f4c521d9beb504c0)
|
|
metze
(This used to be commit a9ba29e00fc818e798079c42888da3f20f3d1634)
|
|
because I need server_context fot the generic server infastructure
metze
(This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
|
|
(This used to be commit cf4e9080d52a5461650062f21f95b7887e3f3411)
|
|
use them in the enumprinters server code.
(This used to be commit 5fcba0aa2019e489e3936ec13dd11a5e8d74ba9f)
|
|
metze
(This used to be commit 52e2d038252bd745d53c687d266ad3ad62efa6fc)
|
|
add to it, delete from it, etc. I really want have some discussion about it
before we go ahead and start implementing it.
Vance
(This used to be commit 822d7a4a483b27b458a38aa9bbc0be3a02a3f735)
|
|
(This used to be commit 60e48790dc7ee8a98be1914ff4a2c335d25639a8)
|
|
similar dbs.
(This used to be commit 1162e2fcff177cbbe84506efea0f79f68ecb233c)
|
|
which the offset applies to. In an array of structures containing
relative members, the offset applies to the start of the array element
being marshalled. Previously, there was no way to access the relevant
structure start as by the time we have hit buffers, the head of the
offset list will be the last structure being marshalled.
Interestingly enough, this makes relstrs go away. I think we thought
they were a special case in samba 3 but it turns out they are just
regular relative elements in the idl. This makes spoolss a lot simpler
than I thought it would be.
I've run the samr and lsa tests and this doesn't seem to break anything.
It looks like security descriptors are the only structures that contain
relative members.
Oh yeah, this will probably require a 'make clean && make' otherwise you
will get bizzare errors.
(This used to be commit d379dcdfd5f41e7cf7668354c3011b8ace190953)
|
|
(This used to be commit de5984c95602ca67e8ac3139c3aa4330b74266e0)
|
|
(This used to be commit 6b24ee38646f3476eaf8eda946488b46180038e2)
|
|
structures.
(This used to be commit 6a39b17f6d8776ae695dc5c6caa0990ab2733e3c)
|