Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 6927aa19052baba2dcfcdec7564dad1a17f4c562)
|
|
(This used to be commit 671e52cec2f254a11f9dcef9ef692afa3b86c679)
|
|
as SMB_OFF_T, we need to do some autoconf changes to generate a 64 bit
int whenever possible (eg. long long on 32 bit i386)
(This used to be commit 09dbe8bccec244c8ea0893a7d8ca4fe85d5420f7)
|
|
Jeremy.
(This used to be commit 95d37a1d25d56316c80eec54aea1f358cd621d4c)
|
|
is *missing* from samba cvs main, therefore it is set to all zeros.
this will cause, amongst other things, administrator-changing-user-passwords,
and setting up new accounts, to fail, as the user's password can only be
decoded with the session key (in this case, the administrator's usr sess key).
it's never a perfect world, is it?
(This used to be commit 3362fcdfa492cfd1d9d4ec35ef2108192302b984)
|
|
that will make us match NT semantics exactly and do away with the
horrible fd multiplexing in smbd.
this is some diag stuff to get me started.
- added the ability to do read or write locks in clientgen.c
- added a LOCK4 test to smbtorture. This produces a report on the server
and its locking capabilities. For example, NT4 gives this:
the same process cannot set overlapping write locks
the same process can set overlapping read locks
a different connection cannot set overlapping write locks
a different connection can set overlapping read locks
a different pid cannot set overlapping write locks
a different pid can set overlapping read locks
the same process can set the same read lock twice
the same process cannot set the same write lock twice
the same process cannot override a read lock with a write lock
the same process can override a write lock with a read lock
a different pid cannot override a write lock with a read lock
the same process cannot coalesce read locks
this server does strict write locking
this server does strict read locking
whereas Samba currently gives this:
the same process can set overlapping write locks
the same process can set overlapping read locks
a different connection cannot set overlapping write locks
a different connection can set overlapping read locks
a different pid can set overlapping write locks
a different pid can set overlapping read locks
the same process can set the same read lock twice
the same process can set the same write lock twice
the same process can override a read lock with a write lock
the same process can override a write lock with a read lock
a different pid can override a write lock with a read lock
the same process can coalesce read locks
this server does strict write locking
this server does strict read locking
win95 gives this - I don't understand why!
the same process cannot set overlapping write locks
the same process cannot set overlapping read locks
a different connection cannot set overlapping write locks
a different connection cannot set overlapping read locks
a different pid cannot set overlapping write locks
a different pid cannot set overlapping read locks
the same process cannot set the same read lock twice
the same process cannot set the same write lock twice
the same process cannot override a read lock with a write lock
the same process cannot override a write lock with a read lock
a different pid cannot override a write lock with a read lock
the same process cannot coalesce read locks
this server does strict write locking
this server does strict read locking
(This used to be commit 49637936b6e9478df248c4ef73d818870c73b597)
|
|
smbd/negprot.c: Tidyup of static initializers.
smbd/server.c: Fix -l option.
Jeremy.
(This used to be commit d120f22fefde21b38e43ea5ad0180bf27304d2eb)
|
|
This fixes our netbios scope handling. We now have a 'netbios scope' option
in smb.conf and the scope option is removed from make_nmb_name()
this was prompted by a bug in our PDC finding code where it didn't append
the scope to the query of the '*' name.
(This used to be commit b563be824b8c3141c49558eced7829b48d4ab26f)
|
|
but was not in the code.
Jeremy.
(This used to be commit f4898a1f16a2dbc25d062b0088d6c589a34c93a0)
|
|
configure configure.in include/config.h.in: Added <sys/un.h> autoconf
code for Luke's UNIX domain sockets code.
Jeremy.
(This used to be commit 210d61db08136122f51a93428607fccd582c9e7d)
|
|
lp_string() bug properly.
we still need to add lp_talloc_free() calls in all the main event
loops, I've only put it in smbd and nmbd thus far.
(This used to be commit aa7f81552540f5dca2c146f5edd805611d5b390f)
|
|
to using internal msrpc code in smbd.
(This used to be commit 8976e26d46cb991710bc77463f7f928ac00dd4d8)
|
|
I also fixed up the lookup_pdc_name() code so that it now works, even
with a NT server that insists on replying to udp/138.
The method I used to match packets was to use the mailslot string as a
datagram ID. The true dgm_id doesn't work as NT doesn't set it
correctly. uggh.
PS: Jeremy, I had to change your code quite a bit, are you sure this
worked with a Samba PDC?? The code looked broken, it got the offsets
wrong in the SMB portion of the packet and filled in the IP
incorrectly.
(This used to be commit 32f66f4ea63038cb4b3785bdf1762abdde076f5d)
|
|
yamd is much better, and doesn't require any source code changes
if you haven't seen yamd then take a look at
http://www3.hmc.edu/~neldredge/yamd/
its excellent!
(This used to be commit 25b13f8b79d648188036f027f45bc78ec117cc88)
|
|
this means "nmblookup -S" now always works, even with broken servers
the database stores all unexpected replies and these can be accessed
by any client.
while doing this I cleaned up a couple of functions, and put in place
a better trn_id generator. in most places the code got quite a bit
simpler due to the addition of simple helper functions.
I haven't yet put the code in to take advantage of this for pdc
replies - that will be next. Jeremys pdc finding code will then work :)
(This used to be commit 280e6359d36c9bc8dcded302f15c3a1db8e3feeb)
|
|
- added TDB_CLEAR_IF_FIRST flag to clear the database if this is the
first attached process. Useful for non-persistent databases like our
locking area (this will also make upgrades to new database layouts easier)
- use lock_path() in a couple of places
- leave connections database open while smbd running
- cleaned up some tdb code a little, using macros for constants
(This used to be commit 00e9da3ca577527db392aced62f02c69cfee8f4f)
|
|
Jeremy.
(This used to be commit 1ba42aca2163c534f6be4e4a733604e3dffe0ed8)
|
|
Jeremy.
(This used to be commit d7b72d4cbfb6bd1925abc7f95c1180d3d65856a5)
|
|
Jeremy.
(This used to be commit 82421e93c09790a7e38014c42f8402db5cb827e3)
|
|
lib/system.c: Trimmed down unicode directory entry to be POSIX complient.
lib/util_unistr.c: Added wstrdup().
Jeremy.
(This used to be commit ca64f4ab00c6d54022ba9bd4b869523566a242d7)
|
|
Jeremy.
(This used to be commit b5eb009cc3cfd1adc044e91911d59acdb54c30cb)
|
|
unicode_to_unix()
unix_to_unicode()
unicode_to_dos()
dos_to_unicode()
wstrlen()
safe_wstrcpy()
safe_wstrcat()
wstrcmp()
wstrncmp()
wstrstr()
wstrchr()
wstrrchr()
wstrtok()
Jeremy.
(This used to be commit ae34e2589ac32b7144607b77bd0d42bc74b42aff)
|
|
internal unicode conversion of Samba.
Jeremy.
(This used to be commit 302412df64aa4b6572b13ef61dfd68c3f8ebbb8b)
|
|
instead of either sysv or mmap shared memory or lock files.
this means we can now completely remove
locking_shm.c
locking_slow.c
shmem.c
shmem_sysv.c
and lots of other things also got simpler
locking.c got a bit larger, but is much better compartmentalised now
(This used to be commit e48c2d9937eea0667b8cd3332e49c06314ef31e7)
|
|
SWAT status page and smbstatus. It made the code _much_ simpler, I
wish we'd done a database module a long time ago!
(This used to be commit 4951755413c11d4c5b9af4699a6e622056d52433)
|
|
suite and a very simple tool for manuipulating the databases.
the main code is in tdb/tdb.c and includes both mmap and file based
IO. All databases auto-expand and allow multiple simultaneous writers.
the next step is using this new capability in lots of places in Samba
where we have existing ad-hoc databases
(This used to be commit c89d29cc5e3b6d568928acace01144059f1668b3)
|
|
(This used to be commit c3a30ce459d1e535b4aa9a39311e000a4474dbb8)
|
|
(This used to be commit a3d7ec0c9d06f18e656da354e2fec57aaf395fc5)
|
|
that were in the head branch but weren't in SAMBA_2_0
(This used to be commit d7b208786590b5a28618590172b8d523627dda09)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
clash with gnu readline library.
fixed issue with [homes] service not being there - call lp_add_home()
just before starting the msrpc processing.
(This used to be commit 054195df9b6187c663ede5cf4489499abbdc29fc)
|
|
done a minimal amout of clean-up in the Makefile, removing unnecessary
modules from the link stage. this is not complete, yet, and will
involve some changes, for example to smbd, to remove dependencies on
the password database API that shouldn't be there. for example,
smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa
API.
this first implementation has minor problems with not reinstantiating
the same services as the caller. the "homes" service is a good example.
(This used to be commit caa50525220b0d0250fa139367593c2de2c12135)
|
|
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
|
|
arguments: get_any_dc_name() was being called with a server name
not a domain name. oops.
(This used to be commit 631814302d6992138cfe024ba7bd456cc7e0d3bf)
|
|
(This used to be commit b2ea37a8f1a28a825719b46354a1244b359aca2c)
|
|
at present, a unix password is missing from the unix credentials, but is
not _actually_ expected to be needed. weeelll... maybe :-)
this is used to transfer credentials between smbd and msrpc daemons, down
a unix socket, so that the unix and nt credentials can be inherited by
an msrpc daemon called up from smbd.
(This used to be commit 5e68403bbb6f18e754679d967fee9e259d24211c)
|
|
damn, this one is bad.
started, at least two days ago, to add an authentication mechanism to
the smbd<->msrpc redirector/relay, such that sufficient unix / nt
information could be transferred across the unix socket to do a
become_user() on the other side of the socket.
it is necessary that the msrpc daemon inherit the same unix and nt
credentials as the smbd process from which it was spawned, until
such time as the msrpc daemon receives an authentication request
of its own, whereupon the msrpc daemon is responsible for authenticating
the new credentials and doing yet another become_user() etc sequence.
(This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
|
|
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.
the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons. i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real. at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.
i can't believe this all worked!!!
(This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
|
|
(This used to be commit 5e5a1dceee0b6088822697284d3e0af04d197477)
|
|
(This used to be commit a3af3b4312144943413894b18b5845b56474ebb5)
|
|
(This used to be commit 7bb2e55d0d3a00a97bba99ebed722a4adf84093c)
|
|
created an "nmb-agent" utility that, yes: it connects to the 137 socket
and accepts unix socket connections which it redirects onto port 137.
it uses the name_trn_id field to filter requests to the correct
location.
name_query() and name_status() are the first victims to use this
feature (by specifying a file descriptor of -1).
(This used to be commit d923bc8da2cf996408194d98381409191dd81a16)
|
|
to redirect multiple socket-based connnections onto a single client state.
argh!
(This used to be commit 06390e792cd8aa57a91c3a3d1d267fd1bcdc17a1)
|
|
which isn't actually used right now :-)
(This used to be commit d54a64ae3ab7cdc1ac67fb49f7255e6a106d624e)
|
|
ideas from ssh-agent.
the intent is to be able to share smb sessions using cli_net_use_add()
across multiple processes, where one process knows the target server
name, user name and domain, but not the smb password.
(This used to be commit 294b653f2e9cdc1864ec638ae8b4300df25723cf)
|
|
get_any_dc_name().
(This used to be commit e21367c0ebdc5e202cdc39d50950bff089bf67f8)
|
|
functions (cli_net_use_addlist()). needed originally because
there was no get_dc_any_name() function.
(This used to be commit 3a2b920ea2e6704b2574f404e1e41c7cfc0f96b2)
|
|
(This used to be commit 455e17dbb7d451b462004f302f5c68770f17b65e)
|
|
this is horrible.
(This used to be commit 9df973fe711f322075d86d6792d6c0b8539c1d00)
|
|
(This used to be commit f0946d1ccafeb5f541935b41f2d54bcbc06797ed)
|