Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit b03e5d00110be3f1fe5809dad4eb6ca5cea7463d)
|
|
(This used to be commit e452cb28594f23add7c00247ed39e8323aea78a6)
|
|
(This used to be commit 6fd0d9d3b75546d08c24c513e05b1843d5777608)
|
|
system/network.h because we stripped down includes.
(This used to be commit 262c1c23a61f1f4fae13e0a61179fe98b682cecf)
|
|
metze
(This used to be commit 192c05556f786b4523fb325cee6d87b251aee059)
|
|
code between IPv4 and IPv6 later on.
(This used to be commit e3df90927b2878917f0f555772a875f05bf609e8)
|
|
(This used to be commit 5e814287ba475e12f8cc934fdd09b199dcdfdb86)
|
|
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
|
|
(This used to be commit 02b4621181c35ebf3e7c2531302b44863b94f8bf)
|
|
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
|
|
(This used to be commit e227c749711aef2f2ce2eb66f7f3485962f36399)
|
|
jelmer: I wonder what broke it...
metze
(This used to be commit 4c8063b9c4ca2c0359859338a8335e177e9c31bd)
|
|
(This used to be commit 3f30cd5688a532a2d6c4d970c2bc759efa2a1b04)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
(This used to be commit 5085c53fcfade614e83d21fc2c1a5bc43bb2a729)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
ts=4 lines that I accidently added earlier.
(This used to be commit 0bcb21ed740fcec0f48ad36bbc2deee2948e8fc7)
|
|
(This used to be commit a5a1a5540510cdb1bfbb3e89b84f4ba5b2812c55)
|
|
(This used to be commit 15f47aaf533bec4d7d82d75d27c233b3b0b261cd)
|
|
(This used to be commit 9b256a0ca232ea6e89771bf73a1adf877273a752)
|
|
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
were set in the old one. Otherwise SOCKET_FLAG_NOCLOSE causes a major
fd leak
(This used to be commit 4e31eda055781a710d285c509d0c51b42e351431)
|
|
we will handle the close of the socket
(This used to be commit d57aaf5ba60464e5e782353a0879a84f8c70dd32)
|
|
(This used to be commit 5ff665b6531fdb4c7e56c49b7f923546d93b384c)
|
|
(This used to be commit 2f64b758460a3bde6c7b4a240998fb76bd6e0827)
|
|
(This used to be commit 7a0da66e39fde8c06ab8af94a14113141076c969)
|
|
metze
(This used to be commit e0e35965d1eaab182941d17da744b70c4234ca52)
|
|
(This used to be commit af6661e442ff37070cf49b6d9ab85a1c045ef293)
|
|
with samba3 easier.
(This used to be commit 4d755fb5d7adedd1dd8bad917b921324411bfd59)
|
|
metze
(This used to be commit 8999a9eb2e7f3e8e4ff8f5311b9375bde590f2a5)
|
|
but I think this is the wrong fix...
metze
(This used to be commit 018b142d93ba2d36cd68db407e4a591461137b9b)
|
|
metze
(This used to be commit cc729e646c5e3cb7919d033f90bda1dce545ff6b)
|
|
(This used to be commit ac71f40f8ff13c422e528dd5013842aa5a5004e7)
|
|
- change the test for net/if.h to do a full compile, not just an
existance test. net/if.h is completely broken on hpux, and can never
compile (it uses stuff before it defines it), so by using a
AC_TRY_COMPILE() test we avoid using net/if.h on hpux, which should
fix the build
(This used to be commit bde18f3d5ce837f600bae8d63f31d92a579fe1f2)
|
|
include them explicit
- undefine _XOPEN_SOURCE_EXTENDED for the AIX interface detection test
#define _XOPEN_SOURCE_EXTENDED 1 brings in sa_len to sockaddr on Tru64
which means the AIX code compiles...
metze
(This used to be commit 04a0a5144a249e12a9dcb327c5b6055e6a6135db)
|
|
defined
try to find the problem on Tru64...where configure says the AIX method finds 1 interface
but later can't compile netif.c. (revision 18486 was the last that detects ifconf with 2 interfaces)
metze
(This used to be commit 8fa9852160680054ddb5316c4ee03a03f8553a37)
|
|
(This used to be commit 449fab2c264aa50601f9a2d3310f1910ba97706b)
|
|
always at it as first private dependencies
metze
(This used to be commit 135d096776b53ae09ffc2b4f767dfbd18139570f)
|
|
happier now
(This used to be commit 18542f184f75074e56a9793a9e3b6c6d747bb9e6)
|
|
* Move dlinklist.h, smb.h to subsystem-specific directories
* Clean up ads.h and move what is left of it to dsdb/
(only place where it's used)
(This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
|
|
configure check for the interfaces.
should fix the build on some old sun boxes
metze
(This used to be commit f20e251bfd9f1eb7ce5c00739631b1625a2aa467)
|
|
pre-processed last, and get AIX and some other hosts to pass make test
again (I think the macros were being over-overridden).
Andrew Bartlett
(This used to be commit 650b99b19d3ede84848ebe747f8afbf2cce9d7e2)
|
|
metze
(This used to be commit b5c06d5b4ca4da6d1b582a33830471443a62d842)
|
|
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
|
|
make the testnonblock skip some things. The socket *under* the tls
socket is still tested.
Andrew Bartlett
(This used to be commit 9c33c6a20a77e3f15eac3d62488117517afad940)
|
|
(This used to be commit 61c6100617589ac6df4f527877241464cacbf8b3)
|
|
(This used to be commit dea82fa615e33115e42ef04c8d2a54788aa38e9a)
|
|
Split of system/locale.h header from system/iconv.h
Previously, iconv wasn't being used on these systems
(This used to be commit aa6d66fda69779d1c2948a1aca85dbd5208f1cba)
|
|
This reduces caller complexity, because the TLS code is now called
just like any other socket. (A new socket context is returned by the
tls_init_server and tls_init_client routines).
When TLS is not available, the original socket is returned.
Andrew Bartlett
(This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
|