summaryrefslogtreecommitdiff
path: root/source4/include
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r6573: Start on my project to implement an NT4 compatible BDC in Samba4.Andrew Bartlett1-0/+3
This brings in a compatability layer for Samba3 in Samba4 - where we will start to define file formats and similar details. The 'net samdump' command uses 'password server = ' for now, and performs a similar task to Samba3's 'net rpc samsync'. Andrew Bartlett (This used to be commit 550f17f9924fe783917318753de7d1a388423908)
2007-10-10r6565: Cludge, cludge, cludge...Andrew Bartlett3-2/+2
We need to pass the 'secure channel type' to the NETLOGON layer, which must match the account type. (Yes, jelmer objects to this inclusion of the kitchen sink ;-) Andrew Bartlett (This used to be commit 8ee208a926d2b15fdc42753b1f9ee586564c6248)
2007-10-10r6467: keep the compiler quiet with another entry in structs.hAndrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit 106047032fe269f02c8ef71937e9d2e4ae0a4eb7)
2007-10-10r6462: Move the arcfour sbox state into it's own structure, and allocate itAndrew Bartlett1-0/+2
with talloc() for the NTLMSSP system. Andrew Bartlett (This used to be commit 7a93ac49c28d433ccf0f077294f473fe728b9995)
2007-10-10r6414: Added composite user del function. Slightly broken still, but I don'tRafal Szczesniak1-0/+1
want it to hang around not commited. rafal (This used to be commit 98d98b9bc7437e744e1e730fa8005b43fb1b672b)
2007-10-10r6382: New structure for useradd call.Rafal Szczesniak1-0/+1
rafal (This used to be commit 3752122550dcdd1d954c602a28f4b6ad26fe3a0e)
2007-10-10r6352: Two new composite calls:Alexander Bokovoy1-0/+2
- qfsinfo (query file system information) - appendacl (append an ACL to existing file's security descriptor and get new full ACL) The second one also includes an improvement to security descriptor handling which allows to copy security descriptor. Written by Peter Novodvorsky <peter.novodvorsky@ru.ibm.com> Both functions have corresponding torture tests added. Tested under valgrind and work against Samba 4 and Windows XP. ToDo: document composite call creation process in prog_guide.txt (This used to be commit 441cff62ac75ed16851ce7b8daf9d03eb4c3ec79)
2007-10-10r6342: fixed a bad union assumption that caused ACLs to fail on 64 bit machinesAndrew Tridgell1-4/+2
Thanks to lars and agruen for finding this (This used to be commit 2acc06918574b1178eecf3d61026f84f85bb40e1)
2007-10-10r6271: Don't zero the cli_credentials structure - instead allow valgrind toAndrew Bartlett1-1/+2
track the use of un-initialised values. This change will require a recompile from clean, as the enum describing the status of each element now has a default of CRED_UNINITIALISED. Andrew Bartlett (This used to be commit 83c2eb806d43f588bd06336aa7e2dbdc00dc2c67)
2007-10-10r6247: added the server side code for receiving mailslot requests, andAndrew Tridgell1-0/+2
parsing incoming netlogon requests. No replies are sent yet. (This used to be commit 3b34df6a674cd2aeddc354cdadae3f0e1c000d45)
2007-10-10r6185: added LIBCLI_DGRAM to the list of libs to be built as part of LIBCLIAndrew Tridgell1-0/+2
(This used to be commit 47e1452da08d06b0b9f15545b3b2b0631f15bac2)
2007-10-10r6179: - add new spoolss tests for all spoolss_Enum*() calls which didn't needStefan Metzmacher1-0/+2
a handle as parameter, EnumPorts EnumPrinterDrivers EnumMonitors EnumPrintProcessors EnumPrinters we now do cross checks between the different info levels and sore the results in a global context, so that we later can add cross checks between the different object types - add idl for EnumMonitors and EnumPrintProcessors metze (This used to be commit 92a3721bc7a28d521090b10eb3b1eed089036432)
2007-10-10r6140: - Add configure option for enabling the socket-wrapper library, so itJelmer Vernooij1-1/+1
can be enabled on the buildfarm without requiring --enable-developer - Support tcp and udp being used on the same port - FIx some portability issues (should fix the build on some hosts on the buildfarm) - Ignore setting TCP_NODELAY on (semi-)TCP sockets rather then complain about it not being supported (saves us from a couple of error messages for each connection that is opened) (This used to be commit 443fb7853b8d3cb516c442fdc595038544b75738)
2007-10-10r6139: Move socket_wrapper to a seperate directoryJelmer Vernooij1-1/+1
(This used to be commit a2ef9225f15e369af7b884262b997ab321fd24d6)
2007-10-10r6134: add a new type dom_sid28 which is a 28 byte fixed buffer with a ↵Stefan Metzmacher1-0/+3
dom_sid in it metze (This used to be commit 460d1b089e494efaeb0c8c7fd4601a9ef57123c5)
2007-10-10r6088: Add the socket_wrapper library. This is a very simple library thatJelmer Vernooij1-0/+4
redirects traffic (currently just IP traffic) over unix domain sockets if the SOCKET_WRAPPER_DIR environment variable has been set. Aim is to use this for the Samba4 torture suite on the buildfarm. The socket_wrapper library can only be used if Samba was compiled with --enable-developer. test_rpc.sh passes against a local smbd with SOCKET_WRAPPER_DIR set. (and ethereal showed no traffic whatsoever) Stuff that still needs to be fixed in socketwrapper: - Give ENETUNREACH if target is not localhost - A given port number can only be used for UDP /or/ TCP, not both. - Perhaps allow some calls to circumvent socketwrapper (do we need DNS?) (This used to be commit f8a63a843ccca092d9756b64e09175d37c08550a)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-2/+2
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r6024: Some of the ordering constraints on the popt callbacks were gettingAndrew Bartlett1-0/+10
painful, so don't call lp_*() functions until the post stage (rather than in the cli_credentails_init(), which is called in the pre stage), and don't open the secrets.ldb looking for the machine account details until we actually need them (well after popt is done, and we know we have the other things right). Set the domain and realm, as well as the account and password for -P (fetch machine password) operation. Allow NETLOGON credentials to be stored in this structure - will allow SCHANNEL to be made more generic. Clarify why we don't do special checks for NULL pointers, particularly in the anonymous check (it indicates a programmer error, not a run-time condition). Also make lib/credentials.c a little more consistant. Andrew Bartlett (This used to be commit 730e6056b730c15008772c30cd6f7c03fb6b7e5f)
2007-10-10r5988: Fix the -P option (use machine account credentials) to use the Samba4Andrew Bartlett1-0/+3
secrets system, and not the old system from Samba3. This allowed the code from auth_domain to be shared - we now only lookup the secrets.ldb in lib/credentials.c. In order to link the resultant binary, samdb_search() has been moved from deep inside rpc_server into lib/gendb.c, along with the existing gendb_search_v(). The vast majority of this patch is the simple rename that followed, (Depending on the whole SAMDB for just this function seemed pointless, and brought in futher dependencies, such as smbencrypt.c). Andrew Bartlett (This used to be commit e13c671619bd290a8b3cae8555cb281a9a185ee0)
2007-10-10r5929: Use cli_credentials for the SMB functions as well.Jelmer Vernooij1-2/+0
Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij1-0/+2
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5917: First step in using the new cli_credentials structure. This patchJelmer Vernooij2-2/+18
puts support for it into popt_common, adds a few utility functions (in lib/credentials.c) and the callback functions for the command-line (lib/cmdline/credentials.c). Comments are welcome :-) (This used to be commit 1d49b57c50fe8c2683ea23e9df41ce8ad774db98)
2007-10-10r5866: Add InitShutdown IDL and torture test.Jelmer Vernooij1-0/+2
Implement push side of NDR_LEN4|NDR_NOTERM strings (pull side was already present) (This used to be commit ea61ec1122841716ed5d90085ba79e7bf691bd6a)
2007-10-10r5828: add some idl for DsAddEntry()Stefan Metzmacher1-1/+2
metze (This used to be commit 3e6ec811288d74921bf3e393213e75d928156772)
2007-10-10r5800: fix recursiv printing in ndr_print_DsGetNCChangesInfo1()Stefan Metzmacher1-0/+2
metze (This used to be commit 1084ad4bfce6bc20537f5bfccb5a25b60f503b32)
2007-10-10r5737: add some error codesStefan Metzmacher1-0/+2
metze (This used to be commit f543eb4ede54ac361017878574b3f4b6ffc9f2d5)
2007-10-10r5716: Add new Unix extensions defines for infolevelsSteve French1-0/+5
(This used to be commit 7f6ea98e0f338c3c9f1132c6d64a54266c1b9cfa)
2007-10-10r5674: - Re-enable DCOM support.Jelmer Vernooij1-1/+2
- Always put IID in vtables (useful for asserts) - Add table to keep track of DCOM proxy classes - Bunch of smaller bug fixes (This used to be commit 26d5a0b92c66bc86d0c26f687f83fa712342ac32)
2007-10-10r5585: LDB interfaces change:Simo Sorce1-7/+0
changes: - ldb_wrap disappears from code and become a private structure of db_wrap.c thanks to our move to talloc in ldb code, we do not need to expose it anymore - removal of ldb_close() function form the code thanks to our move to talloc in ldb code, we do not need it anymore use talloc_free() to close and free an ldb database - some minor updates to ldb modules code to cope with the change and fix some bugs I found out during the process (This used to be commit d58be9e74b786a11a57e89df36081d55730dfe0a)
2007-10-10r5538: Fix typo in comment -- non-existant constant name mentionedAlexander Bokovoy1-1/+1
(This used to be commit 1d033d9dba7bc567b5458c08672ce9e570bb374b)
2007-10-10r5499: Commit forgotten change what tridge immediately pointed outRafal Szczesniak1-0/+1
in his comments to new rpc composite code. rafal (This used to be commit 1294db747e8c894d1c773b1fd028e7ae6deabc2c)
2007-10-10r5490: The big (D)COM commit! :-) Contains most of the changes described in theJelmer Vernooij1-2/+2
DCOM paper in lorikeet. This is the result of 1.5 months work (mainly figuring out how things *really* work) at the end of 2004. In general: - Clearer distinction between COM and DCOM. DCOM is now merely the glue between DCE/RPC+ORPC and COM. COM can also work without DCOM now. This makes the code a lot clearer. - Clearer distinction between NDR and DCOM. Before, NDR had a couple of "if"s to cope with DCOM, which are now gone. - Use "real" arguments rather then structures for function arguments in COM, mainly because most of these calls are local so packing/unpacking data for every call is too much overhead (both speed- and code-wise) - Support several mechanisms to load class objects: - from memory (e.g. part of the current executable, registered at start-up) - from shared object files - remotely - Most things are now also named COM rather then DCOM because that's what it really is. After an object is created, it no longer matters whether it was created locally or remotely. There is a very simple example class that contains both a class factory and a class that implements the IStream interface. It can be tested (locally only, remotely is broken at the moment) by running the COM-SIMPLE smbtorture test. Still to-do: - Autogenerate parts of the class implementation code (using the coclass definitions in IDL) - Test server-side - Implement some of the common classes, add definitions for common interfaces. (This used to be commit 71fd3e5c3aac5f0002001ab29d2248e6c6842d6f)
2007-10-10r5489: hide handwritten pull/push/print code from the callerStefan Metzmacher1-5/+5
for the spoolss_Enum* functions metze (This used to be commit bfcc86e706cf32672323eda939e5def6694509a8)
2007-10-10r5451: - added separate wrepl_associate(), wrepl_pull_table() and ↵Andrew Tridgell1-0/+3
wrepl_pull_names() functions, with reasonable parameters, so callers don't need to deal directly with wins replication packet structures - converted the NBT-WINSREPLICATION torture test to use the new APIs (This used to be commit cec1672662b7e5b1bdf843e9dee317aa4b03f719)
2007-10-10r5414: - added libcli/wins/, a basic client library for WINS replicationAndrew Tridgell1-0/+1
- added a new IDL type "udlongr", which is like udlong, but with the two uint32 halves reversed - modified the winsrepl.idl to cope with a wider range of packets (This used to be commit bc8d60c918f2e268d591aac464fc6a78c38a4cf9)
2007-10-10r5372: fixed the buildAndrew Tridgell1-0/+1
(This used to be commit 2899d289455d373409c2aadc3dbefd96ea1c91b8)
2007-10-10r5358: - added initial WINS server code. It passes most of the NBT-WINS ↵Andrew Tridgell1-0/+2
test, but doesn't yet do secure server WACK responses - added a ldap_string_to_time() function, for converting a LDAP formatted time to a time_t (This used to be commit 9aa3313b3f93e47e3f93028e072f6a23b3c22385)
2007-10-10r5334: Bah, it's all to hard...Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit a28ca320dc604fcffe89e9096a643bb4740a1da2)
2007-10-10r5330: Remove #include <sys/time.h> from includes.h.Andrew Bartlett1-1/+0
Add #include "system/time.h" back (it was removed in some of these places because the definitions were provided by <sys/time.h> on tridge's platform.) Andrew Bartlett (This used to be commit 34b1da730304bed7fee5bae7cbde7fbccecb6af5)
2007-10-10r5309: removed ads.h from includes.hAndrew Tridgell3-2/+3
(This used to be commit 196c45b834c39f293b9533cec5cfe5a77382d4e2)
2007-10-10r5308: trimmed back a lot of the old macros from smb_macros.hAndrew Tridgell1-67/+10
(This used to be commit bf43c9bdcf9e654d123f6a2b29feb9189ca9e561)
2007-10-10r5307: removed db_wrap.h from includes.hAndrew Tridgell2-1/+1
(This used to be commit 826baec7b348814a7bbdcdbec8c8526514f25da1)
2007-10-10r5306: removed all the unused mutex functions from mutex.c. When (if?) weAndrew Tridgell3-12/+3
decide to reinstate the mutex code for the threads process model, I'd like to do it a little differently. At least this gets it out of includes.h for now. (This used to be commit cfee0fb02e10add22b6c436bdfa95d1a8f5f3def)
2007-10-10r5305: removed libcli/ldap/ldap.h from includes.hAndrew Tridgell2-1/+2
(This used to be commit 0df3fdd8178085c40f9cd776cc3e1486ca559c8e)
2007-10-10r5304: removed lib/socket/socket.h from includes.hAndrew Tridgell1-1/+0
(This used to be commit b902ea546d2d1327b23f40ddaeeaa8e7e3662454)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell4-16/+19
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5296: - only include the tdb headers where they are neededAndrew Tridgell2-4/+1
- removed the u32 hack in events.c as I think this was only needed as tdb.h defines u32. Metze, can you check that this hack is indeed no longer needed on your suse system? (This used to be commit 6f79432fe656164d4770dbce114a30dda5e7bf9a)
2007-10-10r5294: - added a separate NBT-WINS test for WINS operations (register, ↵Andrew Tridgell1-0/+1
refresh, release and query) - change the iface_n_*() functions to return a "const char *" instead of a "struct ipv4_addr" I think that in general we should move towards "const char *" for all IP addresses, as this makes IPv6 much easier, and is also easier to debug. Andrew, when you get a chance, could you fix some of the auth code to use strings for IPs ? - return a NTSTATUS error on bad name queries and node status instead of using rcode. This makes the calling code simpler. - added low level name release code in libcli/nbt/ - use a real IP in the register and wins nbt torture tests, as w2k3 WINS server silently rejects some operations that don't come from the IP being used (eg. it says "yes" to a release, but does not in fact release the name) (This used to be commit bb1ab11d8e0ea0bd9ae34aebeb565d36fe4b495f)
2007-10-10r5285: add a generic dlist_item struct which has a void *ptr for the dataStefan Metzmacher1-0/+4
metze (This used to be commit 7dbd9e7aab0720c76561b4c9a2d38b82b3a8bfe4)
2007-10-10r5275: - added support for NBT_OPCODE_MULTI_HOME_REG (opcode 0xf) for WINS ↵Andrew Tridgell1-0/+1
name registrations - fixed a bug in the send queue handling on timeouts - added support for handling unexpected replies (replies to the wrong port) at the nbtsocket layer - added separate layer 2 code for wins refresh and wins registration (This used to be commit 2502b02898407e3262c09a5a4aa573c5f87b8f5f)