summaryrefslogtreecommitdiff
path: root/source4/client
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.Andrew Bartlett1-1/+1
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own test for the moment, but I'm working on these issues :-) This required a change to the credentials API, so that the special case for NTLM logins using a principal was indeed handled as a special, not general case. Also don't set the realm from a ccache, as then it overrides --option=realm=. Andrew Bartlett (This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
2007-10-10r10374: Add HAVE_* defines (on command-line or in config.h file) for scons +Jelmer Vernooij1-2/+2
some other minor updates (This used to be commit f142c15de1afb2f13a5e23ceb40ce70f0115c8bf)
2007-10-10r10348: Add scons scripts for remaining subsystems. Most subsystems build now,Jelmer Vernooij1-1/+0
but final linking still fails (as does generating files asn1, et, idl and proto files) (This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
2007-10-10r10336: Add sconscript for a couple more subsystems.Jelmer Vernooij1-0/+3
(This used to be commit 59d4450453c25f5cce9b67b808ff0c4433c1d194)
2007-10-10r10315: Remove use of fstring and pstring in dynconfig.cJelmer Vernooij1-1/+0
Remove unused includes of dynconfig.h (This used to be commit 59083b7ba60d518ddb59646c4fd69938afd079b3)
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett1-1/+1
Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2007-10-10r8966: Simplify the makefile generation system a bit.Jelmer Vernooij1-0/+1
Autogenerate list of binaries (rather then having them hardcoded in build/smb_build/makefile.pm) Add INSTALLDIR keyword to .mk files (This used to be commit ce0935112b846486cf705ec69f12350be9c4c89d)
2007-10-10r8678: setup for gdb backtrace in 'make test'Andrew Tridgell1-1/+1
(This used to be commit acf8c8fd4995acef47390df5a7d4e611c597367d)
2007-10-10r8643: - make lp_configfile() work againAndrew Tridgell2-6/+5
- get rid of redundeny dyn_CONFIGFILE argument to lp_load() - fixed provisioning to work with completely pristine install, creating an initial smb.conf is none is present - added lp.set() and lp.reload() to loadparm ejs object interface (This used to be commit c2691ef7126ddcee5f95970b78759b40a049d0a7)
2007-10-10r8520: fixed a pile of warnings from the build farm gcc -Wall output onAndrew Tridgell1-2/+2
S390. This is an attempt to avoid the panic we're seeing in the automatic builds. The main fixes are: - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats - use of NULL format statements to perform dn searches. - assumption that sizeof() returns an int (This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
2007-10-10r7916: - got rid of the in_client globalAndrew Tridgell3-16/+0
- make not finding smb.conf a level 1 message, not level 0. Most of our tools handle no smb.conf, and those that don't should check for the specific parameters they need, or use the defaults (This used to be commit 8c17b61f8e0f6eefa6a1f853abc06d023627bbbb)
2007-10-10r7704: - fixed open_nbt_connection() to return NULL when the connection failedAndrew Tridgell3-12/+12
- got rid of smbcli_shutdown() and use talloc_free() instead. (This used to be commit 1011b1bf51d420d6702ef448c894ea8ebeafa284)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell2-3/+3
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r7530: Simply calling convention of lp_load().Andrew Bartlett2-2/+2
This always loads all the services, as we now don't have an easy way to split out smbd. Andrew Bartlett (This used to be commit 990e061939c76b559c4f5914c5fc6ca1b13e19dd)
2007-10-10r7525: Unify lp_load(), load_interfaces and logging setup into popt().Andrew Bartlett1-12/+0
There is now a new --debug-stderr option to enable debug to STDERR. popt isn't perfect, but the callbacks are used in all the main Samba binaries, and should be used in the rest. This avoids duplicated code, and ensures every binary is setup correctly. This also ensures the setup happens early enough to have -s function, and have a correct impact on the credentials code. (Fixing a bug that frustrated tridge earlier today). The only 'subtle' aspect of all this is that I'm pretty sure that the SAMBA_COMMON popt code must be above the CREDENTIALS code, in the popt tables. Andrew Bartlett (This used to be commit 50f3c2b3a22971f40e0d3a88127b5120bfc47591)
2007-10-10r7482: Rename smbcli_send_tconX() to smbcli_tconX() so as not to get itTim Potter1-2/+1
confused with an async function. (This used to be commit 340ad67cada15329051c205c5b094ad641718c72)
2007-10-10r6933: Add a couple of helper functions for creating nbt names.Tim Potter1-3/+1
(This used to be commit b896daf11c3efb1b3ca939575da9dab82b395777)
2007-10-10r6795: Make some functions static and remove some unused ones.Jelmer Vernooij1-2/+2
(This used to be commit 46509eb89980bfe6dabd71264d570ea356ee5a22)
2007-10-10r6599: Fix formating using 'linux' C styleAlexander Bokovoy1-150/+163
Fix memory handling for blkid caches which need to be cleared when session is done. (This used to be commit c623cc60541f747f0a801eb77d97bb0a3bb6956f)
2007-10-10r6597: Make use of libblkid (part of e2fsprogs) for reporting volume GUID, ↵Alexander Bokovoy1-0/+163
if possible. Implement smbclient's 'fsinfo' comand family which allows you to query file system information in all known levels. (This used to be commit 660d6e3915d0539dd78c77df6707ea84edb4d509)
2007-10-10r6342: fixed a bad union assumption that caused ACLs to fail on 64 bit machinesAndrew Tridgell1-1/+1
Thanks to lars and agruen for finding this (This used to be commit 2acc06918574b1178eecf3d61026f84f85bb40e1)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-1/+1
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-2/+1
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5929: Use cli_credentials for the SMB functions as well.Jelmer Vernooij1-3/+1
Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij1-4/+1
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5917: First step in using the new cli_credentials structure. This patchJelmer Vernooij1-16/+12
puts support for it into popt_common, adds a few utility functions (in lib/credentials.c) and the callback functions for the command-line (lib/cmdline/credentials.c). Comments are welcome :-) (This used to be commit 1d49b57c50fe8c2683ea23e9df41ce8ad774db98)
2007-10-10r5902: A rather large change...Andrew Bartlett1-0/+1
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5308: trimmed back a lot of the old macros from smb_macros.hAndrew Tridgell1-1/+1
(This used to be commit bf43c9bdcf9e654d123f6a2b29feb9189ca9e561)
2007-10-10r5302: fixed a compilation problem on solaris caused by the recent includeAndrew Tridgell2-13/+8
changes (This used to be commit e7e015f79b10c353848a17f31c91a0593790a560)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-9/+9
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4891: - added a generic resolve_name() async interface in libcli/resolve/,Andrew Tridgell1-3/+6
which will eventually try all resolution methods setup in smb.conf - only resolution backend at the moment is bcast, which does a parallel broadcast to all configured network interfaces, and takes the first reply that comes in (this nicely demonstrates how to do parallel requests using the async APIs) - converted all the existing code to use the new resolve_name() api - removed all the old nmb code (yay!) (This used to be commit 239c310f255e43dd2d1c2433f666c9faaacbdce3)
2007-10-10r4817: ccache was being made ineffective on all the build farm machinesAndrew Tridgell1-0/+1
because the version number was being auto-updated and included in all C files. With this change it is only included where needed. (This used to be commit 520cff73c6dc62ba1050cf7ca5145d50b5f2bb4e)
2007-10-10r4758: - added async support to the session request codeAndrew Tridgell2-76/+11
- added async support to the negprot client code - removed two unused parameters from smbcli_full_connection() code - converted smbclient to use smbcli_full_connection() rather than reinventing everything itself (This used to be commit 71cbe2873473e039b4511511302cb63f1c50bce8)
2007-10-10r4547: - added talloc_new(ctx) macro that is a neater form of the common ↵Andrew Tridgell1-4/+4
talloc(ctx, 0) call. - cleaned up some talloc usage in various files I'd like to get to the point that we have no calls to talloc(), at which point we will rename talloc_p() to talloc(), to encourage everyone to use the typesafe functions. (This used to be commit e6c81d7c9f8a6938947d3c1c8a971a0d6d50b67a)
2007-10-10r4428: use minimum open permissions in the 'acl' command in smbclient, so ↵Andrew Tridgell1-1/+8
the user is not prevented from viewing the acl by other access bits (This used to be commit 61e71782f573d0fa5b88237299df516c67405e30)
2007-10-10r4365: added command 'eainfo' to smbclient for displaying binary EA contentsAndrew Tridgell1-4/+55
(This used to be commit 268edcdb4a95240662102faef4126449f286d49d)
2007-10-10r4303: a bit more consistent help on privileges commands in smbclientAndrew Tridgell1-6/+6
(This used to be commit 2d2e9e6373be153f991ee899e9d66cd3979e309f)
2007-10-10r4207: remove "lookupname" and "lookupsid", and instead have a single ↵Andrew Tridgell1-41/+24
"lookup" command that takes a name or sid. I think in general its better to make smbclient automatically work out the type from the format (I did the same with the privileges commands) (This used to be commit bbf482e13ab973a67e9b2c0e0e40c2afff073c63)
2007-10-10r4202: added smbclient commands "addprivileges" and "delprivileges" forAndrew Tridgell1-1/+104
easily adding/removing privileges from users (This used to be commit 8764909c05c4829d1e4f7eaf8c18e8ef1e53645f)
2007-10-10r4073: - added a set of lsa helper routines to make lsa lookups that areAndrew Tridgell2-1/+112
related to filesharing. For example, in order to manipulate ACLs properly its important to be able to call LookupSids, and to be able to lookup what privileges a SID has. - added 3 new commands to smbclient "lookupname", "lookupsid" and "privileges" (This used to be commit 8780c40f0539da72652d17455e98fcaee6d197d1)
2007-10-10r4063: - change char * -> uint8_t in struct request_bufferStefan Metzmacher1-6/+8
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2) all this fixes a lot of gcc-4 warnings metze (This used to be commit b94f92bc6637f748d6f7049f4f9a30b0b8d18a7a)
2007-10-10r4055: fixed more places to use type safe allocation macrosAndrew Tridgell1-2/+2
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
2007-10-10r4054: got rid of Realloc(), replacing it with the type safe macro realloc_p()Andrew Tridgell1-1/+1
(This used to be commit b0f6e21481745d1b2ced28d9ed6f09f6ffd99562)
2007-10-10r4052: fixed a bunch of code to use the type safe _p allocation macrosAndrew Tridgell2-2/+2
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
2007-10-10r4037: fixed a bunch of "might be uninitialised" warnings after enabling -O1 ↵Andrew Tridgell1-1/+1
in my compile (This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)
2007-10-10r4013: got rid of a bunch of unused or unmaintained codeAndrew Tridgell3-1960/+22
- removed the clitar code. It is unmaintained, and a horribly badly done hack - removed client.h as it contained mostly unused definitions - removed the unused clidfs.c code (This used to be commit 31a7bddbb3815b4d625e993dbce4805dae1c18f8)
2007-10-10r3971: fix compiler warningsStefan Metzmacher1-1/+1
metze (This used to be commit 234166606dc86b9e98226cff94b3869ec173671e)
2007-10-10r3959: fix compiler warningsStefan Metzmacher1-1/+1
metze (This used to be commit e28351f710525ca9863210974544a8b1a537e63a)
2007-10-10r3881: Split up the LIBNDR_GEN subsystem into NDR_* and RPC_NDR_* subsystems.Jelmer Vernooij1-1/+1
This reduces the total size of the samba binaries from 119 Mb to 73 Mb. Next step will be to have the build system obtain some of this information by itself, so that we don't have to write ~10 lines per interface manually. (This used to be commit 16d905f6b0cbec591eebc44ee2ac9516a5730378)
2007-10-10r3830: unified the query/set security descriptor code with the rest of theAndrew Tridgell1-5/+6
queryfileinfo/setfileinfo logic, so querying/setting a security descriptor is treated as just another file query/set operation. This will allow NTVFS backends to see the query/set security descriptor operations as RAW_FILEINFO_SEC_DESC and RAW_SFILEINFO_SEC_DESC operations. (This used to be commit f68a6b6b915c37e48c42390c1e74c2d1c2636fa9)