summaryrefslogtreecommitdiff
path: root/source4/lib/socket
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r17197: This patch moves the encryption of bulk data on SASL negotiated securityAndrew Bartlett2-14/+19
contexts from the application layer into the socket layer. This improves a number of correctness aspects, as we now allow LDAP packets to cross multiple SASL packets. It should also make it much easier to write async LDAP tests from windows clients, as they use SASL by default. It is also vital to allowing OpenLDAP clients to use GSSAPI against Samba4, as it negotiates a rather small SASL buffer size. This patch mirrors the earlier work done to move TLS into the socket layer. Unusual in this pstch is the extra read callback argument I take. As SASL is a layer on top of a socket, it is entirely possible for the SASL layer to drain a socket dry, but for the caller not to have read all the decrypted data. This would leave the system without an event to restart the read (as the socket is dry). As such, I re-invoke the read handler from a timed callback, which should trigger on the next running of the event loop. I believe that the TLS code does require a similar callback. In trying to understand why this is required, imagine a SASL-encrypted LDAP packet in the following formation: +-----------------+---------------------+ | SASL Packet #1 | SASL Packet #2 | ----------------------------------------+ | LDAP Packet #1 | LDAP Packet #2 | ----------------------------------------+ In the old code, this was illegal, but it is perfectly standard SASL-encrypted LDAP. Without the callback, we would read and process the first LDAP packet, and the SASL code would have read the second SASL packet (to decrypt enough data for the LDAP packet), and no data would remain on the socket. Without data on the socket, read events stop. That is why I add timed events, until the SASL buffer is drained. Another approach would be to add a hack to the event system, to have it pretend there remained data to read off the network (but that is ugly). In improving the code, to handle more real-world cases, I've been able to remove almost all the special-cases in the testnonblock code. The only special case is that we must use a deterministic partial packet when calling send, rather than a random length. (1 + n/2). This is needed because of the way the SASL and TLS code works, and the 'resend on failure' requirements. Andrew Bartlett (This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2007-10-10r17168: Now that TLS (and soon SASL) is below the socket layer, we need toAndrew Bartlett2-11/+24
make the testnonblock skip some things. The socket *under* the tls socket is still tested. Andrew Bartlett (This used to be commit 9c33c6a20a77e3f15eac3d62488117517afad940)
2007-10-10r15854: more talloc_set_destructor() typesafe fixesAndrew Tridgell1-2/+1
(This used to be commit 61c6100617589ac6df4f527877241464cacbf8b3)
2007-10-10r15798: shortcut the lookup of "localhost" in the ipv6 backendAndrew Tridgell1-1/+5
(This used to be commit dea82fa615e33115e42ef04c8d2a54788aa38e9a)
2007-10-10r15573: Fix build of systems that have iconv headers in non-standard locationsJelmer Vernooij1-1/+1
Split of system/locale.h header from system/iconv.h Previously, iconv wasn't being used on these systems (This used to be commit aa6d66fda69779d1c2948a1aca85dbd5208f1cba)
2007-10-10r15400: Move the TLS code behind the socket interface.Andrew Bartlett2-3/+6
This reduces caller complexity, because the TLS code is now called just like any other socket. (A new socket context is returned by the tls_init_server and tls_init_client routines). When TLS is not available, the original socket is returned. Andrew Bartlett (This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
2007-10-10r15384: Improve naming of socket library, disable Requires(.private)? fields ↵Jelmer Vernooij1-4/+4
in pkg-config files for now as they break external projects. (This used to be commit f919fd6655f00361691e676d260bd40e0b8ddcc7)
2007-10-10r15376: Add detection of -lnsl, required for building on SUN boxes.Jelmer Vernooij2-4/+21
(This used to be commit 49bac12767ca59095ad6609a3826f7f17ddb601c)
2007-10-10r15373: Rename SOCKET to LIBSAMBA-SOCKET to prevent name clashes with ↵Jelmer Vernooij1-4/+4
-lsocket on SUN boxes. (This used to be commit c95ad11307dc89384c10bd5919817bf12d9c1ed9)
2007-10-10r15356: Remove unused 'flags' argument from socket_send() and friends.Andrew Bartlett5-81/+38
This is in preperation for making TLS a socket library. Andrew Bartlett (This used to be commit a312812b92f5ac7e6bd2c4af725dbbbc900d4452)
2007-10-10r15349: Integrate set_socket_options() into the socket libraryJelmer Vernooij2-0/+109
(This used to be commit 598ea173cd718dad0df24505796ca50cb728a2e9)
2007-10-10r15344: Fix shared library buildJelmer Vernooij2-3/+3
(This used to be commit 7113a16309a83225f3ab6ccbfe48778ae8fc52e8)
2007-10-10r15329: I'm sick of this patch being in my local tree...Andrew Bartlett1-7/+8
Use inet_ntop to convert IPv6 names to strings. Don't do a reverse lookup. Andrew Bartlett (This used to be commit bf57b213c2c4c835037456deea7d522f2fc905e6)
2007-10-10r15314: Fix recursive dependency hack for static libs. Should fix the buildJelmer Vernooij1-1/+1
on most systems. (This used to be commit c0ab0f4ed49d88807d07b1504574ca35542e2943)
2007-10-10r15313: Fix some dependencies in dso modeJelmer Vernooij1-1/+1
(This used to be commit f0afe9e2ff16515df1b3226b479b19ea3e9c3d0c)
2007-10-10r15301: Use static libraries internally. This required a few hacks in the buildJelmer Vernooij1-0/+1
system - these should be removed later on. (This used to be commit 06547391669e064d2b92f5841b7df5f101a34cb9)
2007-10-10r15298: Fix the build using a few hacks in the build system.Jelmer Vernooij1-4/+5
Recursive dependencies are now forbidden (the build system will bail out if there are any). I've split up auth_sam.c into auth_sam.c and sam.c. Andrew, please rename sam.c / move its contents to whatever/wherever you think suits best. (This used to be commit 6646384aaf3e7fa2aa798c3e564b94b0617ec4d0)
2007-10-10r15295: Fix some dependenciesJelmer Vernooij1-1/+2
Move unistr-specific code to lib/charset/. Remove _m from some places where it's not needed. (This used to be commit 03224e112424968fc3f547c6159c7ccae2d1aa5b)
2007-10-10r15274: Drop default EXT_LIB_ prefix for external libraries. Fixes issues ↵Jelmer Vernooij2-5/+5
with local (empty) libpopt.a overriding global one (This used to be commit 2f06305e53478e5030c24550954f221a9a97c83f)
2007-10-10r15271: Fix --enable-dsoJelmer Vernooij1-1/+2
(This used to be commit 8de11ec2445ce414b37938b07937fdd7837f89a2)
2007-10-10r15207: Introduce PRIVATE_DEPENDENCIES and PUBLIC_DEPENDENCIES as replacementJelmer Vernooij1-4/+4
for REQUIRED_SUBSYSTEMS. (This used to be commit adc8a019b6da256f104abed1b82bfde6998a2ac9)
2007-10-10r14542: Remove librpc, libndr and libnbt from includes.hJelmer Vernooij1-0/+2
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
2007-10-10r14477: Remove the NOPROTO property - it's no longer used as proto.h is gone.Jelmer Vernooij1-4/+0
(This used to be commit 9c37f847d32d2f327a88c53a90af0c73126b76be)
2007-10-10r14307: fixed dereference of my_address->addr when NULLAndrew Tridgell1-2/+3
(This used to be commit e017246f1052f3344b90500e04c73277923baa20)
2007-10-10r13956: make more functions publicStefan Metzmacher1-39/+39
metze (This used to be commit d099282d4956e7dc1134abf0632b01c40160e114)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij2-0/+2
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13662: Typo fix, add more public headersJelmer Vernooij1-1/+1
(This used to be commit d98948716f237c3a501b283a0bbc3837bb3fd3c8)
2007-10-10r12959: hopefully fix bug #3365 this timeStefan Metzmacher1-5/+7
metze (This used to be commit 8fc2b68aa8d1a6bb3a828b3a1ab5f2a4f354f6f7)
2007-10-10r12911: try to fix bug #3365Stefan Metzmacher2-4/+12
metze (This used to be commit e70ca698cea901a66f7201c16bb3ba1faa7e7289)
2007-10-10r12804: This patch reworks the Samba4 sockets layer to use a socket_addressAndrew Bartlett8-323/+568
structure that is more generic than just 'IP/port'. It now passes make test, and has been reviewed and updated by metze. (Thankyou *very* much). This passes 'make test' as well as kerberos use (not currently in the testsuite). The original purpose of this patch was to have Samba able to pass a socket address stucture from the BSD layer into the kerberos routines and back again. It also removes nbt_peer_addr, which was being used for a similar purpose. It is a large change, but worthwhile I feel. Andrew Bartlett (This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
2007-10-10r12728: Revive testparm.Andrew Bartlett2-3/+6
It needs work to not dump defaults from loadparm.c, but otherwise it works. Andrew Bartlett (This used to be commit 1260fcf46579d708a406625f548add9be9fdc6fb)
2007-10-10r12670: Make a couple of dependencies stricterJelmer Vernooij1-0/+3
Re-introduce and use the OUTPUT_TYPE property for MODULEs to force specific modules to always be included (This used to be commit f9eede3d40098eddc3618ee48f9253cdddb94a6f)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij3-3/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12592: Remove some useless dependenciesJelmer Vernooij1-0/+1
(This used to be commit ca8db1a0cd77682ac2c6dc4718f5d753a4fcc4db)
2007-10-10r12498: Eliminate INIT_OBJ_FILES and ADD_OBJ_FILES. We were not usingJelmer Vernooij1-6/+5
the difference between these at all, and in the future the fact that INIT_OBJ_FILES include smb_build.h will be sufficient to have recompiles at the right time. (This used to be commit b24f2583edee38abafa58578d8b5c4b43e517def)
2007-10-10r12239: as we only get error from our events system when we wait for read ↵Stefan Metzmacher1-1/+1
events, we need to initialy ask for read events too, otherwise we'll never get an error back from socket_connect() metze (This used to be commit 7d94054d0fc954e6d810573430f2c5d35b73125d)
2007-10-10r12116: got rid of composite_trigger_done() and composite_trigger_error(), andAndrew Tridgell2-2/+2
instead make the normal composite_done() and composite_error() functions automatically trigger a delayed callback if the caller has had no opportunity to setup a async callback this removes one of the common mistakes in writing a composite function (This used to be commit f9413ce792ded682e05134b66d433eeec293e6f1)
2007-10-10r11823: make the socket_connect_send() context a child of the local stateAndrew Tridgell1-0/+1
this fixes a valgrind error (This used to be commit db9c0887bd24de4d81b5afa2ff096b3ba65c9720)
2007-10-10r11822: reworked the socket_connect_multi() code so it is built on top ofAndrew Tridgell1-144/+149
socket_connect_send() rather than the lower level socket code. Also simplified the state structures a fair bit, and added name resolution, fixing a bug where the multi-port connect code did a separate name resolution for each port being tried. (This used to be commit 3e6888156c1b2d24fe0d46940773560d219498b3)
2007-10-10r11821: got rid of two more unnecessary variables and made the variable namesAndrew Tridgell1-60/+58
a bit more consistent (This used to be commit 4b6e9c7c978dfca54c05ed2d8995d1333ed21b02)
2007-10-10r11820: fixed some problems with the socket socket.c code.Andrew Tridgell1-68/+72
- removed the duplicate calls to socket_connect(), instead creating a common function socket_send_connect() used by both code paths - fixed some NULL ptr checks (probably was cut-and-paste bugs) - ensure we use the result of the name resolution - added a few comments - use 'fde' for the file description event. The variable name 'connect_ev' immediately made me think of an event context, not a fde. Using common variable name conventions makes code a bit easier to read (This used to be commit 37b73521b4c858c78013279daaa71352c704551d)
2007-10-10r11811: Revert 11808, this broke the selftest. No idea why though. Why do we ↵Volker Lendecke1-2/+2
to the resolve_name if it's not used? I know this is my code, but I don't understand why it breaks tests. Volker (This used to be commit 577a5639d3fc008480e988864bb4fb59939bc2d8)
2007-10-10r11808: Fix socket_connect_evVolker Lendecke1-2/+2
(This used to be commit 95bd3ffaf7efb117206c83f7c75c302b54e6d059)
2007-10-10r11382: Require number of required M4 macrosJelmer Vernooij1-4/+4
Make MODULE handling a bit more like BINARY, LIBRARY and SUBSYSTEM Add some more PUBLIC_HEADERS (This used to be commit 875eb8f4cc658e6aebab070029fd499a726ad520)
2007-10-10r11369: Implement socket_connect_multi: Connect to multiple ipv4 tcp ports inVolker Lendecke3-0/+282
sequence, with a 2-millisecond timeout between firing the syn packets. Build smbcli_sock_connect_send upon that. Volker (This used to be commit 5718df44d90d113304c5deed1e2e7f82ff9e928f)
2007-10-10r11274: Start a connection attempt to the DC's port 389. To do this ↵Volker Lendecke2-63/+175
properly, make socket_connect and ldap_connect properly async. Volker (This used to be commit bcc71fc1deeed443d7cf00220ce264011ddf588d)
2007-10-10r11244: Relative path names in .mk filesJelmer Vernooij1-6/+6
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
2007-10-10r11214: Remove scons files (see ↵Jelmer Vernooij1-64/+0
http://lists.samba.org/archive/samba-technical/2005-October/043443.html) (This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
2007-10-10r11052: bring samba4 uptodate with the samba4-winsrepl branch,Stefan Metzmacher1-0/+1
before the bad merge metze (This used to be commit 471c0ca4abb17fb5f73c0efed195c67628c1c06e)
2007-10-10r11037:Stefan Metzmacher1-1/+0
(This used to be commit 6913e338405a5aca5c70cf6e022532c596ed0a36)