Age | Commit message (Collapse) | Author | Files | Lines |
|
{get,set}ntacl
programs can build on non-xattr machines.
(This used to be commit daad76207dbb4060c231a58c99970e837e1e858f)
|
|
(This used to be commit 4e4859c06b9de5fe60ebd17cfb09eed480b79ec1)
|
|
- Samba4-style code in lib/registry (struct registry_key instead of REG_KEY, etc)
- Use hives (like Windows has drives) instead of one root key (like a Unix FS)
- usability fixes in the GTK utilities (autodetect the username,
enable/disable options, etc)
- fix gwsam compile
- several bugfixes in the registry rpc code
- do charset conversion in nt4 registry backend
(This used to be commit 2762ed3b9bf1d67dd54d63e02cddbfd71ea89892)
|
|
(This used to be commit 7c31998da148cca53e798e3d89b9b754de2e64ac)
|
|
original core level calls). The old code was completely wrong in many respects.
also fixed the EA_SIZE level in the server
extended the RAW-SEARCH test suite to test the new code properly
(This used to be commit 71480271ad84b57fcdde264a54bb2408cf783255)
|
|
(This used to be commit 3bf55c9e1129d8036a968c49ac2de7260e657f53)
|
|
(This used to be commit ea7eac5e3fb8f0db8d412a95ef4dc7889a07bc73)
|
|
pointless
(This used to be commit 5fcad57128e47d4d6c0f387d5563d9de2fc08351)
|
|
this is still very much a skeleton (with many limbs missing too!). I
am committing this early to get some feedback on the approach taken.
(This used to be commit 40d5cae5ebbfe328e193eadb685df6a370730299)
|
|
(This used to be commit 1de5aa5b1d6a9b4b3ed18935c562b0bf03a4d94e)
|
|
independent socket library.
this is not used, but compiled currently
there're maybe some api changes later...
metze
(This used to be commit de4447d7a57c614b80d0ac00dca900ea7e1c21ea)
|
|
based on volker's patch
this is compiled by default but not started by default
metze
(This used to be commit 5387bc423d4dc669cbac6626f8dd3a5498a6519d)
|
|
PRINTF_ATTRIBUTE() format checking magic, so only enable it for gcc
versions >= 3.0
(This used to be commit 9c7100e3c770fca163d3788fc6b735457f74d7e9)
|
|
I had previously thought this was unnecessary, as windows doesn't use
standards compliant UTF-16, and for filesystem operations treats bytes
as UCS-2, but Bjoern Jacke has pointed out to me that this means we
don't correctly store extended UTF-16 characters as UTF-8 on
disk. This can be seen with (for example) the gothic characters with
codepoints above 64k.
This commit also adds a LOCAL-ICONV torture test that tests the first
1 million codepoints against the system iconv library, and tests 5
million random UTF-16LE buffers for identical error handling to the
system iconv library.
the lib/iconv.c changes need backporting to samba3
(This used to be commit 756f28ac95feaa84b42402723d5f7286865c78db)
|
|
I plan on replacing the concept by adding a generic destructor in all talloc ptrs, so you can do:
talloc_set_destructor(ptr, my_destructor);
to setup a function that will be called on free.
(This used to be commit 957b260621c091830c01e9e8c370c199350342ec)
|
|
metze
(This used to be commit 71992c90cc35179ea8783d770c89b16618e1adc6)
|
|
(This used to be commit 6ffdfd779936ce8c5ca49c5f444e8da2bbeee0a8)
|
|
It simplifies our structure handling a lot, making the code shorter
and easier to understand. Look at the diff carefully and see if you
can understand it. If you're still confused then please ask.
(This used to be commit 03c341aca7f09cb1f0d33ec65e074e6a00caa30f)
|
|
This version does the following:
1) talloc_free(), talloc_realloc() and talloc_steal() lose their
(redundent) first arguments
2) you can use _any_ talloc pointer as a talloc context to allocate
more memory. This allows you to create complex data structures
where the top level structure is the logical parent of the next
level down, and those are the parents of the level below
that. Then destroy either the lot with a single talloc_free() or
destroy any sub-part with a talloc_free() of that part
3) you can name any pointer. Use talloc_named() which is just like
talloc() but takes the printf style name argument as well as the
parent context and the size.
The whole thing ends up being a very simple piece of code, although
some of the pointer walking gets hairy.
So far, I'm just using the new talloc() like the old one. The next
step is to actually take advantage of the new interface
properly. Expect some new commits soon that simplify some common
coding styles in samba4 by using the new talloc().
(This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
|
|
metze
(This used to be commit ecf6be894fc47f9e00f46531e06ef20e11115c0f)
|
|
and deal with users DOMAIN and lp_workgroup() of the local workstation
metze
(This used to be commit 1fc0100e44a8640cfc15effb99f5824cb7817da8)
|
|
metze
(This used to be commit 64d61ef4a5b44e76c90914ebaeaafac58228d78c)
|
|
metze
(This used to be commit edde7497e9e06be0e51e886981725271a85bd9e5)
|
|
(This used to be commit e50fc00671ace0085632f35ec99ad1125cd4d546)
|
|
(This used to be commit 5dc793b2b4b5c54df4aa3b0c98c248bdd671bbb1)
|
|
the inlcude has to move to includes.h
metze
(This used to be commit 97fe38183b6a03c01f6ac2d28a958d632eb4ff8a)
|
|
doing a
password change
- add start of libnet_SetPassword
- use KRB5 and LDAP instead of ADS as ADS isn't a protocol
- add start of lib_rpc_connect()
metze
(This used to be commit 05c40dca8ad1ab020aa75282da046f1dbce2a52a)
|
|
signing code to be able to cope.
Andrew Bartlett
(This used to be commit cb74d52b563730a50e33c92d868c45ee96a598e8)
|
|
(This used to be commit 44083e317855f6d8a0b4a81002a3376e8775df28)
|
|
(This used to be commit 512c410860a5947c94187454d7220ad1df08a6c0)
|
|
ldap server code
it's not compiled in yet...
metze
(This used to be commit 48939adca1332ff90f9287311c0e9ff3e2e5917a)
|
|
This removes the function pointer mess from the SMB signing code.
Andrew Bartlett
(This used to be commit 8830603e4bc821a11db87072a32a51b076a28e06)
|
|
a packet, so don't pretend we do...
Andrew Bartlett
(This used to be commit 68a6d5aeb35e8972182fffbb6cc506f89584b2d5)
|
|
and servers).
Andrew Bartlett
(This used to be commit b90b04e84bc8add235cf9ee7797a608ff48c4ca0)
|
|
Andrew Bartlett
(This used to be commit 64fcd8ecebabdd09fed6b65e3c436bffc1da9de7)
|
|
rename CLI_ -> SMBCLI_
metze
(This used to be commit 8441750fd9427dd6fe477f27e603821b4026f038)
|
|
(This used to be commit d7e2f39b90122088e94d4a8e8c7ffa7c91d7d664)
|
|
larger than 35536 (the max value is actually 12*3600 == 43200)
(This used to be commit 78dcaddbb78574b7f489989df0b1f979677bb7d5)
|
|
(This used to be commit d2553aac0a75591026b9b1fcf46065e5b03ed19c)
|
|
Up to now the client code has had an async API, and operated
asynchronously at the packet level, but was not truly async in that it
assumed that it could always write to the socket and when a partial
packet came in that it could block waiting for the rest of the packet.
This change makes the SMB client library full async, by adding a
separate outgoing packet queue, using non-blocking socket IO and
having a input buffer that can fill asynchonously until the full
packet has arrived.
The main complexity was in dealing with the events structure when
using the CIFS proxy backend. In that case the same events structure
needs to be used in both the client library and the main smbd server,
so that when the client library is waiting for a reply that the main
server keeps processing packets. This required some changes in the
events library code.
Next step is to make the generated rpc client code use these new
capabilities.
(This used to be commit 96bf4da3edc4d64b0f58ef520269f3b385b8da02)
|
|
e.g. we now have 'union smb_mkdir' and 'enum smb_mkdir_level' in sync
we may should also rename 'RAW_MKDIR_*' -> 'SMB_MKDIR_*'
metze
(This used to be commit 0bb50dcf1ccb9797000fcbea4d8a73f2d2a3db77)
|
|
I actually don't like this idea of sharing the request buffer
structure between client and server, and I'll see if I can convince
abartlet to revert it. It ties the two pieces of code far more
intimately than is justified, and will certainly lead to ugliness as
the client and server take different paths of development. I would far
prefer we just pass 2 arguments (pointer and length) to the signing
calls instead of 1 (the request).
(This used to be commit 70838a921185c091d0e774dd5fb0546693999e8f)
|
|
This breaks the request structure out into a common part between the
client and server, which the signing code now uses.
Andrew Bartlett
(This used to be commit 33de58455a3674e8fc803fb043d26af4e2794c30)
|
|
- This causes our client and server code to use the same core code,
with the same debugs etc.
- In turn, this will allow the 'mandetory/fallback' signing algorithms
to be shared, and only written once.
Updates to the SPNEGO code
- Don't wrap an empty token to the server, if we are actually already finished.
Andrew Bartlett
(This used to be commit 35b83eb329482ac1b3bc67285854cc47844ff353)
|
|
to a struct smbsrv_session that the same as cli_session for the client
we need a gensec_security pointer there
(spnego support will follow)
prefix some related functions with smbsrv_
metze
(This used to be commit f276378157bb9994c4c91ce46150a510de5c33f8)
|
|
the idea is to have services as modules (smb, dcerpc, swat, ...)
the process_model don't know about the service it self anymore.
TODO:
- the smbsrv should use the smbsrv_send function
- the service subsystem init should be done like for other modules
- we need to have a generic socket subsystem, which handle stream, datagram,
and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server
, or for smb or dcerpc or whatever to connect to a server wide auth service)
- and other fixes...
NOTE: process model pthread seems to be broken( but also before this patch!)
metze
(This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
|
|
- We can now connect to hosts that follow the SPNEGO RFC, and *do not*
give us their principal name in the mechListMIC.
- The client code now remembers the hostname it connects to
- We now kinit for a user, if there is not valid ticket already
- Re-introduce clock skew compensation
TODO:
- See if the username in the ccache matches the username specified
- Use a private ccache, rather then the global one, for a 'new' kinit
- Determine 'default' usernames.
- The default for Krb5 is the one in the ccache, then $USER
- For NTLMSSP, it's just $USER
Andrew Bartlett
(This used to be commit de5da669397db4ac87c6da08d3533ca3030da2b0)
|
|
Initial attempt at RAP server infrastructure. Look at rap_server.c for the
dummy functions that are supposed to implement the core functionality.
ipc_rap.c contains all the data shuffling. _rap_shareenum and _rap_serverenum2
in ipc_rap.c are (I think) regular enough to be auto-generated.
I did not test all the corner cases yet, but nevertheless I would like some
comments on the general style.
Volker
P.S: samba-3 smbclient now doesn't freak out anymore, although the results are
not entirely correct :-)
(This used to be commit 08140cc1a838b4eaa23c897b280a46c95b7ef3e0)
|
|
- Spelling - it's SPNEGO, not SPENGO
- SMB signing - Krb5 logins are now correctly signed
- SPNEGO - Changes to always tell GENSEC about incoming packets, empty or not.
Andrew Bartlett
(This used to be commit cea578d6f39a2ea4a24e7a0064c95193ab6f6df7)
|
|
- Start working on 'gwsam'
- Add GtkSelectDomainDialog and GtkSelectHostDialog
(This used to be commit bea47671aa791f3c4d22263f9444aea1a73f47f1)
|