Age | Commit message (Collapse) | Author | Files | Lines |
|
We need more testing in the real world. We need to be sure that if a
Windows client can access port 135 it doesn't require that a service is
available via ncacn_ip_tcp. If possible please enable it using the
following smb.conf options for testing:
rpc_daemon:epmd = fork
rpc_server:epmapper = external
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Aug 31 16:29:20 CEST 2011 on sn-devel-104
|
|
The following LSA calls are added:
- _lsa_SetInformationTrustedDomain()
- _lsa_SetTrustedDomainInfo()
-_lsa_SetTrustedDomainInfoByName()
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
We always have a valid session info and if it is a anonymous connection
we have a session info of the guest user. This means we should always
call become_authenticated_pipe_user() else and anonymous user could do
things as root.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Aug 30 20:50:54 CEST 2011 on sn-devel-104
|
|
(copy and paste from eventlog?)
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Aug 29 15:30:33 CEST 2011 on sn-devel-104
|
|
The create_pipe_sock() function should only create the socket as the
name states and not start to listen on it too. We should start to listen
on in the individual places as we need different backlog values.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Aug 29 13:21:43 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 24 00:34:04 CEST 2011 on sn-devel-104
|
|
lsasd.c uses basename(3), which according to susv3
requires libgen.h and without which the FreeBSD build breaks.
|
|
When deleting a user send a message to all interested parties so they can
purge their caches. Otherwise some processes may positively respond with a
cached getpwnam, when the user have actully been removed.
Without this some tests that remove and then immediately create users are
flakey.
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
If we *really* are a bout to exit (PF_WORKER_EXITING) then the event will not
be called as the loop will exit. Otherwise PF_SRV_MSG_EXIT may not be honoured
for a long time if we have cients connected, therefore keep handling SIGHUP
properly in those cases.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
We can't have a clear idea of wether the worker is IDLE or BUSY.
The only things we can tell is if it is Alive, whether it is currently
Accepting connections or wether it is Exiting soon.
Remove PF_WORKER_IDLE, PF_WORKER_BUSY and replace their use with
PF_WORKER_ALIVE. Also properly assign PF_WORKER_ACCEPTING so that
users of the API can rely on the flag.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
We used a lock mimicking what apache does for preforked children.
But it doesn't work properly in our case because we do not stop once a request
has been served. Clients are allowed to perform multiple requests and keep the
connection open.
This means that if we allow multiple clients per children, then a child could
take the lock and then be asked to do a long or even locking operation by a
client it already is serving. This woulkd cause the whole server to deadlock,
as the child is now busy and also holding on the lock.
Using a race on accept() by having a tevent_fd on the listening socket wait
for read events we never deadlock. At most we cause a bit of contention among
children. But in the generic case connections are much less frequent for us as
clients tend to be long lived. So the little contention we may have is not a
big deal.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Properly rotate log files in children by using a gloabl lsasd_child_id
variable.
Simplify code by using a global lsasd_pool variable, we can never use
more than one prefork pool in the same process anyway.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Use rpc_daemon_type() macros where appropriate instead.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Wtith this set of helper functions we make it easy to configure if we want to
use an embedded rpc server, or if we want to fork one. Or even just disable it
and let a third party server be used when the service is configured as
"external".
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Aug 11 17:09:30 CEST 2011 on sn-devel-104
|
|
The FLAG_MSG_PRINT_NOTIFY class is actually obsolete and never used, as the
only message belonging to it is not used either.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
This way we can act when a client disconnects.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
This will allow to hook the prefork socket handlers to the rpc service.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
We need for named pipes we need to send each fragment on its own to be a
message.
Signed-off-by: Simo Sorce <idra@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Aug 9 11:55:18 CEST 2011 on sn-devel-104
|
|
Free the children of p->mem_ctx after processing a complete incoming and
outgoing request.
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
There is no longer any theft of memory as the underlying routines now
produce a new auth_session_info for this caller, allocating it
on the supplied memory context.
Andrew Bartlett
|
|
Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token(). This also removes the need for
auth_ntlmssp_get_username().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This helps map on to the GENSEC semantics better, and ensures that the
full set of desired features are set before the mechanism starts.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is changed so that the callers ask for the additional flags
that they need, starting with no additional flags.
This helps to create a proper abstraction layer in
ntlmssp_wrap/auth_ntlmssp.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This clarifies the lifetime of the returned token.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is the authoritative source for what the user was actually
authenticated as.
The previous message printed only what they claimed, and the DC might
map this.
The workstation is no longer printed in the logs, as it allows
auth_ntlmssp_get_client() to be removed.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
metze
|