summaryrefslogtreecommitdiff
path: root/source4/lib/socket/socket.h
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r22960: added a SOCKET_FLAG_NOCLOSE to allow us to tell the socket layer thatAndrew Tridgell1-0/+3
we will handle the close of the socket (This used to be commit d57aaf5ba60464e5e782353a0879a84f8c70dd32)
2007-10-10r17197: This patch moves the encryption of bulk data on SASL negotiated securityAndrew Bartlett1-1/+7
contexts from the application layer into the socket layer. This improves a number of correctness aspects, as we now allow LDAP packets to cross multiple SASL packets. It should also make it much easier to write async LDAP tests from windows clients, as they use SASL by default. It is also vital to allowing OpenLDAP clients to use GSSAPI against Samba4, as it negotiates a rather small SASL buffer size. This patch mirrors the earlier work done to move TLS into the socket layer. Unusual in this pstch is the extra read callback argument I take. As SASL is a layer on top of a socket, it is entirely possible for the SASL layer to drain a socket dry, but for the caller not to have read all the decrypted data. This would leave the system without an event to restart the read (as the socket is dry). As such, I re-invoke the read handler from a timed callback, which should trigger on the next running of the event loop. I believe that the TLS code does require a similar callback. In trying to understand why this is required, imagine a SASL-encrypted LDAP packet in the following formation: +-----------------+---------------------+ | SASL Packet #1 | SASL Packet #2 | ----------------------------------------+ | LDAP Packet #1 | LDAP Packet #2 | ----------------------------------------+ In the old code, this was illegal, but it is perfectly standard SASL-encrypted LDAP. Without the callback, we would read and process the first LDAP packet, and the SASL code would have read the second SASL packet (to decrypt enough data for the LDAP packet), and no data would remain on the socket. Without data on the socket, read events stop. That is why I add timed events, until the SASL buffer is drained. Another approach would be to add a hack to the event system, to have it pretend there remained data to read off the network (but that is ugly). In improving the code, to handle more real-world cases, I've been able to remove almost all the special-cases in the testnonblock code. The only special case is that we must use a deterministic partial packet when calling send, rather than a random length. (1 + n/2). This is needed because of the way the SASL and TLS code works, and the 'resend on failure' requirements. Andrew Bartlett (This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2007-10-10r17168: Now that TLS (and soon SASL) is below the socket layer, we need toAndrew Bartlett1-0/+1
make the testnonblock skip some things. The socket *under* the tls socket is still tested. Andrew Bartlett (This used to be commit 9c33c6a20a77e3f15eac3d62488117517afad940)
2007-10-10r15400: Move the TLS code behind the socket interface.Andrew Bartlett1-0/+3
This reduces caller complexity, because the TLS code is now called just like any other socket. (A new socket context is returned by the tls_init_server and tls_init_client routines). When TLS is not available, the original socket is returned. Andrew Bartlett (This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
2007-10-10r15356: Remove unused 'flags' argument from socket_send() and friends.Andrew Bartlett1-8/+8
This is in preperation for making TLS a socket library. Andrew Bartlett (This used to be commit a312812b92f5ac7e6bd2c4af725dbbbc900d4452)
2007-10-10r15349: Integrate set_socket_options() into the socket libraryJelmer Vernooij1-0/+1
(This used to be commit 598ea173cd718dad0df24505796ca50cb728a2e9)
2007-10-10r14542: Remove librpc, libndr and libnbt from includes.hJelmer Vernooij1-0/+2
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
2007-10-10r12804: This patch reworks the Samba4 sockets layer to use a socket_addressAndrew Bartlett1-26/+39
structure that is more generic than just 'IP/port'. It now passes make test, and has been reviewed and updated by metze. (Thankyou *very* much). This passes 'make test' as well as kerberos use (not currently in the testsuite). The original purpose of this patch was to have Samba able to pass a socket address stucture from the BSD layer into the kerberos routines and back again. It also removes nbt_peer_addr, which was being used for a similar purpose. It is a large change, but worthwhile I feel. Andrew Bartlett (This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
2007-10-10r12728: Revive testparm.Andrew Bartlett1-0/+3
It needs work to not dump defaults from loadparm.c, but otherwise it works. Andrew Bartlett (This used to be commit 1260fcf46579d708a406625f548add9be9fdc6fb)
2007-10-10r11369: Implement socket_connect_multi: Connect to multiple ipv4 tcp ports inVolker Lendecke1-0/+15
sequence, with a 2-millisecond timeout between firing the syn packets. Build smbcli_sock_connect_send upon that. Volker (This used to be commit 5718df44d90d113304c5deed1e2e7f82ff9e928f)
2007-10-10r11274: Start a connection attempt to the DC's port 389. To do this ↵Volker Lendecke1-0/+8
properly, make socket_connect and ldap_connect properly async. Volker (This used to be commit bcc71fc1deeed443d7cf00220ce264011ddf588d)
2007-10-10r9704: r9684@blu: tridge | 2005-08-27 19:38:31 +1000Andrew Tridgell1-0/+1
don't try to call the name resolver on non-ipv4 names! (This used to be commit 4bb3d36fe6705bc625fe4122500f681ab7f2dc53)
2007-10-10r7626: a new ldap client library. Main features are:Andrew Tridgell1-0/+5
- hooked into events system, so requests can be truly async and won't interfere with other processing happening at the same time - uses NTSTATUS codes for errors (previously errors were mostly ignored). In a similar fashion to the DOS error handling, I have reserved a range of the NTSTATUS code 32 bit space for LDAP error codes, so a function can return a LDAP error code in a NTSTATUS - much cleaner packet handling (This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0)
2007-10-10r7227: added a socket_pending() call to abstract away the FIONREAD ioctl. ItAndrew Tridgell1-0/+2
will be interesting to see if this causes any portability problems, as it is a less commonly used call. (This used to be commit f6993db31d93059c70b44a23005ba444e205870f)
2007-10-10r6795: Make some functions static and remove some unused ones.Jelmer Vernooij1-1/+0
(This used to be commit 46509eb89980bfe6dabd71264d570ea356ee5a22)
2007-10-10r5304: removed lib/socket/socket.h from includes.hAndrew Tridgell1-0/+35
(This used to be commit b902ea546d2d1327b23f40ddaeeaa8e7e3662454)
2007-10-10r4831: added udp support to our generic sockets library.Andrew Tridgell1-4/+11
I decided to incorporate the udp support into the socket_ipv4.c backend (and later in socket_ipv6.c) rather than doing a separate backend, as so much of the code is shareable. Basically this adds a socket_sendto() and a socket_recvfrom() call and not much all. For udp servers, I decided to keep the call as socket_listen(), even though dgram servers don't actually call listen(). This keeps the API consistent. I also added a simple local sockets testsuite in smbtorture, LOCAL-SOCKET (This used to be commit 9f12a45a05c5c447fb4ec18c8dd28f70e90e32a5)
2007-10-10r4753: added the ability for the generic socket library to handle asyncAndrew Tridgell1-0/+4
connect(). This required a small API change (the addition of a socket_connect_complete() method) (This used to be commit b787dd166f5cca82b3710802eefb41e0a8851fc3)
2007-10-10r3450: portability fixesAndrew Tridgell1-14/+14
- fix rep_inet_ntoa() for IRIX - lib/signal.c needs system/wait.h - some systems define a macro "accept", which breaks the lib/socket/ structures. use fn_ as a prefix for the structure elements to avoid the problem (This used to be commit ced1a0fcdc8d8e47755ce4391c19f8b12862eb60)
2007-10-10r3314: added a option "socket:testnonblock" to the generic socket code. IfAndrew Tridgell1-4/+4
you set this option (either on the command line using --option or in smb.conf) then every socket recv or send will return short by random amounts. This allows you to test that the non-blocking socket logic in your code works correctly. I also removed the flags argument to socket_accept(), and instead made the new socket inherit the flags of the old socket, which makes more sense to me. (This used to be commit 406d356e698da01c84e8aa5b7894752b4403f63c)
2007-10-10r3304: changed the API to lib/socket/ a little.Andrew Tridgell1-4/+4
The main change is to make socket_recv() take a pre-allocated buffer, rather than allocating one itself. This allows non-blocking users of this API to avoid a memcpy(). As a result our messaging code is now about 10% faster, and the ncacn_ip_tcp and ncalrpc code is also faster. The second change was to remove the unused mem_ctx argument from socket_send(). Having it there implied that memory could be allocated, which meant the caller had to worry about freeing that memory (if for example it is sending in a tight loop using the same memory context). Removing that unused argument keeps life simpler for users. (This used to be commit a16e4756cd68ca8aab4ffc59d4d9db0b6e44dbd1)
2007-10-10r2581: added "hosts allow" and "hosts deny" checking in smbd. I needed thisAndrew Tridgell1-0/+1
as my box keeps getting hit by viruses spreading on my companies internal network, which screws up my debug log badly (sigh). metze, I'm not sure if you think access.c should go in the socket library or not. It is closely tied to the socket functions, but you may prefer it separate. The access.c code is a port from Samba3, but with some cleanups to make it (slighly) less ugly. (This used to be commit 058b2fd99e3957d7d2a9544fd27071f1122eab68)
2007-10-10r2439: - function that return just an int don't need a TALLOC_CTXStefan Metzmacher1-3/+3
- fix some return and state bugs metze (This used to be commit 2757c593ab746b9dd7090f2cf5fcc31686adf67f)
2007-10-10r2343: - make socket_get_*_addr() return char * not const char *Stefan Metzmacher1-3/+4
- add some error mappings - use some flags SOCKET_FLAG_PEEK ans SOCKET_FLAG_BLOCK metze (This used to be commit a375c6b0b1ec4d63251f63993f7798c1f2e7c717)
2007-10-10r2328: add the start of a new system and protocolStefan Metzmacher1-0/+93
independent socket library. this is not used, but compiled currently there're maybe some api changes later... metze (This used to be commit de4447d7a57c614b80d0ac00dca900ea7e1c21ea)