| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(This used to be commit 6df956edbab7ad5e72b2f20e74ab0f0d62528932)
|
|
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own
test for the moment, but I'm working on these issues :-)
This required a change to the credentials API, so that the special
case for NTLM logins using a principal was indeed handled as a
special, not general case.
Also don't set the realm from a ccache, as then it overrides --option=realm=.
Andrew Bartlett
(This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
|
|
some other minor updates
(This used to be commit f142c15de1afb2f13a5e23ceb40ce70f0115c8bf)
|
|
-Udomain\\user.
This will probably break in a few configurations, so please let me
know. I'll also work to have a way to inhibit kerberos/ntlmssp, as
this removes -k.
Andrew Bartlett
(This used to be commit 3c0dc570b86e79aea5446d7c3bb9750a11bf8ca4)
|
|
but final linking still fails (as does generating files asn1, et, idl and proto
files)
(This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
|
|
(This used to be commit 540a3649e88690e829c17d79ecdccdc9ed464845)
|
|
does
not work yet and can exist parallel with the existing build system.
(This used to be commit 829568d75985e875e3363d76fb44270a0298c7f8)
|
|
(This used to be commit 0963ab9c148772b961f17ec779213b0eb861e1dd)
|
|
Add fdprintf() and vfdprintf() helper functions.
(This used to be commit 6685009f6af94b088084d69a43bcea5f8335ae57)
|
|
(This used to be commit 908ba892598af83ae2fbe661d40e9f10ff3e34a0)
|
|
function interface used in the credentials code.
Fix bug in ntlm_auth, where we would overwrite the PW specified as a
first input. (Reported and chased by Kai Blin <blin@gmx.net>, bug
#3040)
Andrew Bartlett
(This used to be commit 04af95bd31de39ad6aff349a4838dd77cb300034)
|
|
Kerberos CCACHE into the system.
This again allows the use of the system ccache when no username is
specified, and brings more code in common between gensec_krb5 and
gensec_gssapi.
It also has a side-effect that may (or may not) be expected: If there
is a ccache, even if it is not used (perhaps the remote server didn't
want kerberos), it will change the default username.
Andrew Bartlett
(This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
|
|
(This used to be commit d89caeb8004c5cfabc934c8efa899a6d1839d250)
|
|
that were found) and a config.pm file (with all substitution variables)
(This used to be commit 52bb1374bbcfc9b9a6d098687bafe9021a1ee858)
|
|
(This used to be commit f8a2b032a70dd63f4454b982d00168dcf6793202)
|
|
(This used to be commit acf8c8fd4995acef47390df5a7d4e611c597367d)
|
|
- get rid of redundeny dyn_CONFIGFILE argument to lp_load()
- fixed provisioning to work with completely pristine install,
creating an initial smb.conf is none is present
- added lp.set() and lp.reload() to loadparm ejs object interface
(This used to be commit c2691ef7126ddcee5f95970b78759b40a049d0a7)
|
|
cmdline credentials, but don't want a prompt if none are supplied
(This used to be commit d7d7f7292b7032dcad6d6245510af229f12f7085)
|
|
Andrew Bartlett
(This used to be commit 56a5ccd7d924343609698b034b91b4891fb3f08a)
|
|
This always loads all the services, as we now don't have an easy way
to split out smbd.
Andrew Bartlett
(This used to be commit 990e061939c76b559c4f5914c5fc6ca1b13e19dd)
|
|
There is now a new --debug-stderr option to enable debug to STDERR.
popt isn't perfect, but the callbacks are used in all the main Samba
binaries, and should be used in the rest. This avoids duplicated
code, and ensures every binary is setup correctly.
This also ensures the setup happens early enough to have -s function,
and have a correct impact on the credentials code. (Fixing a bug that
frustrated tridge earlier today).
The only 'subtle' aspect of all this is that I'm pretty sure that the
SAMBA_COMMON popt code must be above the CREDENTIALS code, in the
popt tables.
Andrew Bartlett
(This used to be commit 50f3c2b3a22971f40e0d3a88127b5120bfc47591)
|
|
metze
(This used to be commit d31b4d7df375c0d4ea962a0df1693778d56f03ec)
|
|
painful, so don't call lp_*() functions until the post stage (rather
than in the cli_credentails_init(), which is called in the pre stage),
and don't open the secrets.ldb looking for the machine account details
until we actually need them (well after popt is done, and we know we have the other things right).
Set the domain and realm, as well as the account and password for -P
(fetch machine password) operation.
Allow NETLOGON credentials to be stored in this structure - will allow
SCHANNEL to be made more generic.
Clarify why we don't do special checks for NULL pointers, particularly
in the anonymous check (it indicates a programmer error, not a
run-time condition).
Also make lib/credentials.c a little more consistant.
Andrew Bartlett
(This used to be commit 730e6056b730c15008772c30cd6f7c03fb6b7e5f)
|
|
secrets system, and not the old system from Samba3.
This allowed the code from auth_domain to be shared - we now only
lookup the secrets.ldb in lib/credentials.c.
In order to link the resultant binary, samdb_search() has been moved
from deep inside rpc_server into lib/gendb.c, along with the existing
gendb_search_v(). The vast majority of this patch is the simple
rename that followed,
(Depending on the whole SAMDB for just this function seemed pointless,
and brought in futher dependencies, such as smbencrypt.c).
Andrew Bartlett
(This used to be commit e13c671619bd290a8b3cae8555cb281a9a185ee0)
|
|
range())
(This used to be commit ec1eaa274b997197ca6996457229c802f1b76d56)
|
|
metze needs a working tree...
The main volume of this patch was what I started working on today:
- Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context.
- Uses sepereate inner loops for some of the DCE/RPC tests
The other and more important part of this patch fixes issues
surrounding the new credentials framwork:
This makes the struct cli_credentials always a talloc() structure,
rather than on the stack. Parts of the cli_credentials code already
assumed this.
There were other issues, particularly in the DCERPC over SMB handling,
as well as little things that had to be tidied up before test_w2k3.sh
would start to pass.
Andrew Bartlett
(This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
|
|
Support ncacn_spx in DCE/RPC bindings.
(This used to be commit a0233a3a9a83176ae46873d3a25ed601758a1511)
|
|
Fix a couple of bugs in the new cli_credentials code
(This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
|
|
puts support for it into popt_common, adds a few utility functions
(in lib/credentials.c) and the callback functions for the command-line
(lib/cmdline/credentials.c). Comments are welcome :-)
(This used to be commit 1d49b57c50fe8c2683ea23e9df41ce8ad774db98)
|
|
less likely that anyone will use pstring for new code
- got rid of winbind_client.h from includes.h. This one triggered a
huge change, as winbind_client.h was including system/filesys.h and
defining the old uint32 and uint16 types, as well as its own
pstring and fstring.
(This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
|
|
metze
(This used to be commit 274ef2a206aa00b3155adc27f5b7e35d3fa52bf6)
|
|
metze
(This used to be commit 670e088e94468a5311353dbbaa7e34d200999313)
|
|
because the version number was being auto-updated and included in all
C files. With this change it is only included where needed.
(This used to be commit 520cff73c6dc62ba1050cf7ca5145d50b5f2bb4e)
|
|
use:
gensec:krb5=yes
gensec:ms_krb5=yes
to enable it
or -k on the client tools on the command line
metze
(This used to be commit 0ae5794cf44933d2554e0356baaca24c7a784f71)
|
|
metze
(This used to be commit 51630caeb1419565b4196c5672f113373586dafc)
|
|
the hierarchy in the init functions is correct now
will also make it easier to implement some other features
(This used to be commit cbe819a75568403ac8850ea4d344c607a46d61c2)
|
|
(This used to be commit 558de54ec6432a4ae90aa14a585f32c6cd03ced2)
|
|
include files.
this brings us down to about 11k lines of headers included with
includes.h, while still retaining the speed of building with pch
(This used to be commit 10188869ef072309ca580b8b933e172571fcdda7)
|
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
(This used to be commit 73ea8ee6c268371d05cf74160f2ad451dd2ae699)
|
|
(This used to be commit 5921587ec26e4892efc678421277e4969417d7f5)
|
|
metze
(This used to be commit 3bbda7475a63f939019a41a0b7da8d179c533d79)
|
|
metze
(This used to be commit 61de2229e27c55041cb4e1aac32bc1d8ed68a05c)
|
|
\\administrator@w2k3.vmnet1.vm.base'
we need to send an empty string as userdomain in this case.
fix bug #1317 in the client side
metze
(This used to be commit 958aa8de630b2a88f29ccdf80ac0fc44a8205401)
|
|
of associated functions.
The motivation for this change was to avoid having to convert to/from
ucs2 strings for so many operations. Doing that was slow, used many
static buffers, and was also incorrect as it didn't cope properly with
unicode codepoints above 65536 (which could not be represented
correctly as smb_ucs2_t chars)
The two core functions that allowed this change are next_codepoint()
and push_codepoint(). These functions allow you to correctly walk a
arbitrary multi-byte string a character at a time without converting
the whole string to ucs2.
While doing this cleanup I also fixed several ucs2 string handling
bugs. See the commit for details.
The following code (which counts the number of occuraces of 'c' in a
string) shows how to use the new interface:
size_t count_chars(const char *s, char c)
{
size_t count = 0;
while (*s) {
size_t size;
codepoint_t c2 = next_codepoint(s, &size);
if (c2 == c) count++;
s += size;
}
return count;
}
(This used to be commit 814881f0e50019196b3aa9fbe4aeadbb98172040)
|
|
a const pointer really means that "the data pointed to by this pointer
won't change", and that is certainly true of talloc(). The fact that
some behind-the-scenes meta-data can change doesn't matter from the
point of view of const.
this fixes a number of const warnings caused by const data structures
being passed as talloc contexts. That will no longer generate a
warning.
also changed the talloc leak reporting option from --leak-check to
--leak-report, as all it does is generate a report on exit. A new
--leak-report-full option has been added that shows the complete tree
of memory allocations, which is is quite useful in tracking things down.
NOTE: I find it quite useful to insert talloc_report_full(ptr, stderr)
calls at strategic points in the code while debugging memory
allocation problems, particularly before freeing a major context (such
as the connection context). This allows you to see if that context has
been accumulating too much data, such as per-request data, which
should have been freed when the request finished.
(This used to be commit c60ff99c3129c26a9204bac1c6e5fb386114a923)
|
|
and can't properly handle leaks of doubly linked lists which we use a
lot (as the memory is always reachable). Even with --show-reachable
its hard to track leaks down sometimes.
I realised that talloc does have the necessary information to track
these, and by using the cascading property of the new talloc it can
report on leaks in a much more succinct fashion than valgrind can.
I have added a new samba option --leak-check that applies to all Samba
tools. When enabled it prints a leak report summarising all top level
contexts that are present when the program exits. A typical report
looks like this:
talloc report on 'null_context' (total 1071 bytes in 52 blocks)
iconv(CP850,UTF8) contains 43 bytes in 3 blocks
UNNAMED contains 24 bytes in 1 blocks
UNNAMED contains 24 bytes in 1 blocks
dcesrv_init contains 604 bytes in 26 blocks
server_service contains 120 bytes in 6 blocks
UNNAMED contains 24 bytes in 1 blocks
UNNAMED contains 24 bytes in 1 blocks
server_service contains 104 bytes in 4 blocks
server_context contains 12 bytes in 2 blocks
iconv(UTF8,UTF-16LE) contains 46 bytes in 3 blocks
iconv(UTF-16LE,UTF8) contains 46 bytes in 3 blocks
the numbers are recursive summaries for all the memory hanging off each context.
this option is not thread safe when used, but the code is thread safe
if the option is not given, so I don't think thats a problem.
(This used to be commit 96d33d36a5639e7fc46b14a470ccac674d87c62a)
|
|
smb.conf to be set on the command line. For example, you can use:
smbtorture --option 'unicode=false'
or
smbtorture --option 'netbios name=myname'
(This used to be commit 360a6b530e2295976ddefc138d1333411a94484d)
|
|
(This used to be commit 89acbf4f02ae03f0546e1633c030765a563ce958)
|
|
and nasy pointer tricks.
this involved fixing some of the internals of smbclient
(This used to be commit 126fec6169f9412932c82e7675840476132bce87)
|
