Age | Commit message (Collapse) | Author | Files | Lines |
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
|
|
I have created the include/system/ directory, which will contain the
wrappers for the system includes for logical subsystems. So far I have
created include/system/kerberos.h and include/system/network.h, which
contain all the system includes for kerberos code and networking code.
These are the included in subsystems that need kerberos or networking
respectively.
Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C
file, instead each C module includes the include/system/XXX.h file for
the logical system support it needs, and the details are kept isolated
in include/system/
This patch also creates a "struct ipv4_addr" which replaces "struct
in_addr" in our code. That avoids every C file needing to import all
the system networking headers.
(This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
|
|
and made them private
(This used to be commit 386ac565c452ede1d74e06acb401ca9db99d3ff3)
|
|
- added testing of the FLAGS2_READ_PERMIT_EXECUTE bit in the ntdeny tests
(This used to be commit adf4a682705871186f3b77ea6d417942445fc5d3)
|
|
debugging
(This used to be commit 91139ed8d41a1d4b99379142b3e09c6d0a8ff159)
|
|
library can handle
them properly (they are difficult to do in an async fashion).
By choosing trans.in.max_data to fix in the negotiated buffer size a
server won't send us multi-part replies.
I notice that windows seems to avoid them too :)
(This used to be commit e23edf762cace35f937959c9ffbef718431a79b9)
|
|
setting of "server signing = auto", which means to offer signing
only if we have domain logons enabled (ie. we are a DC). This is a
better match for what windows clients want, as unfortunately windows
clients always use signing if it is offered, and when they use signing
they not only go slower because of the signing itself, they also
disable large readx/writex support, so they end up sending very small
IOs for.
- changed the default max xmit again, this time matching longhorn,
which uses 12288. That seems to be a fairly good compromise value.
(This used to be commit e63edc81716fefd58a3be25deb3b25e45471f196)
|
|
is important as it allows the test suite to exercise the multiple
reply logic in smbd for trans2 search replies.
(This used to be commit 865159016ab1e806465a55697444228fb3fa286e)
|
|
was a real bug
(This used to be commit 02d5d0f685e44bd66aff4a007f0bf34c8f915574)
|
|
(This used to be commit 1e62aa262aac1c8e3676caac7b65086d21b7a01e)
|
|
allows me to test with the socket:testnonblock option. It passes.
(This used to be commit 7cb4bf8662825d507d8246647ffb10aa08bad794)
|
|
Dahyabhai <nalin@redhat.com>.
Jeremy.
(This used to be commit afed78f359a15809b2d9b7566e16ade294944fa9)
|
|
- combine setattre and standard levels in setfileinfo, as they use the
same structure
(This used to be commit e9aa1f789955533aca4fe43d5d74ffa1e8d1300b)
|
|
preparation for the full share modes and ntcreatex code that I am
working on.
highlights include:
- changed the way a backend determines if it is allowed to process a
request asynchronously. The previous method of looking at the
send_fn caused problems when an intermediate ntvfs module disabled
it, and the caller then wanted to finished processing using this
function. The new method is a REQ_CONTROL_MAY_ASYNC flag in
req->control_flags, which is also a bit easier to read
- fixed 2 bugs in the readbraw server code. One related to trying to
answer a readbraw with smb signing (which can't work, and crashed
our signing code), the second related to error handling, which
attempted to send a normal SMB error packet, when readbraw must
send a 0 read reply (as it has no header)
- added several more ntvfs_generic.c generic mapping functions. This
means that backends no longer need to implement such esoteric
functions as SMBwriteunlock() if they don't want to. The backend
can just request the mapping layer turn it into a write followed by
an unlock. This makes the backends considerably simpler as they
only need to implement one style of each function for lock, read,
write, open etc, rather than the full host of functions that SMB
provides. A backend can still choose to implement them
individually, of course, and the CIFS backend does that.
- simplified the generic structures to make them identical to the
principal call for several common SMB calls (such as
RAW_WRITE_GENERIC now being an alias for RAW_WRITE_WRITEX).
- started rewriting the pvfs_open() code in preparation for the full
ntcreatex semantics.
- in pvfs_open and ipc_open, initially allocate the open file
structure as a child of the request, so on error we don't need to
clean up. Then when we are going to succeed the open steal the
pointer into the long term backend context. This makes for much
simpler error handling (and fixes some bugs)
- use a destructor in the ipc backend to make sure that everthing is
cleaned up on receive error conditions.
- switched the ipc backend to using idtree for fnum allocation
- in the ntvfs_generic mapping routines, use a allocated secondary
structure not a stack structure to ensure the request pointer
remains valid even if the backend replies async.
(This used to be commit 3457c1836c09c82956697eb21627dfa2ed37682e)
|
|
(This used to be commit 1cef44505e5de9b8ae5206522b624082ad2343b2)
|
|
- added the new messaging system, based on unix domain sockets. It
gets over 10k messages/second on my laptop without any socket
cacheing, which is better than I expected.
- added a LOCAL-MESSAGING torture test
(This used to be commit 3af06478da7ab34a272226d8d9ac87e0a4940cfb)
|
|
of associated functions.
The motivation for this change was to avoid having to convert to/from
ucs2 strings for so many operations. Doing that was slow, used many
static buffers, and was also incorrect as it didn't cope properly with
unicode codepoints above 65536 (which could not be represented
correctly as smb_ucs2_t chars)
The two core functions that allowed this change are next_codepoint()
and push_codepoint(). These functions allow you to correctly walk a
arbitrary multi-byte string a character at a time without converting
the whole string to ucs2.
While doing this cleanup I also fixed several ucs2 string handling
bugs. See the commit for details.
The following code (which counts the number of occuraces of 'c' in a
string) shows how to use the new interface:
size_t count_chars(const char *s, char c)
{
size_t count = 0;
while (*s) {
size_t size;
codepoint_t c2 = next_codepoint(s, &size);
if (c2 == c) count++;
s += size;
}
return count;
}
(This used to be commit 814881f0e50019196b3aa9fbe4aeadbb98172040)
|
|
possible to a structure creation routine. This makes for much easier
global cleanup.
(This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
|
|
simplifies things quite a bit
(This used to be commit c82a9cf750829c4f6982ca3133295c8599023c4e)
|
|
taking a context (so when you pass a NULL pointer you end up with
memory in a top level context). Fixed it by changing the API to take a
context. The context is only used if the pointer you are reallocing is
NULL.
(This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
|
|
report from --leak-check
(This used to be commit 1ff41bbcae8dc7514a85d69679e44dc7c5b0342f)
|
|
rather than manual reference counts
- properly support SMBexit in the cifs and posix backends
- added a logoff method to all backends
With these changes the RAW-CONTEXT test now passes against the posix backend
(This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
|
|
smbcli raw context handling
(This used to be commit d5fd6388751944f11c34e5124d403d57c8670e3b)
|
|
of 16 bytes, caused by the 16 byte data_blob in the smb_signing
code.
(This used to be commit 2f1b788e09686e065d22f621f5c0c585192c6740)
|
|
to get auto-naming of pointers very cheaply.
- fixed a couple of memory leaks found with the new tricks
A typical exit report for smbd is now:
talloc report on 'null_context' (total 811 bytes in 54 blocks)
auth/auth_sam.c:334 contains 20 bytes in 1 blocks
struct auth_serversupplied_info contains 498 bytes in 33 blocks
UNNAMED contains 8 bytes in 1 blocks
lib/data_blob.c:40 contains 16 bytes in 1 blocks
iconv(CP850,UTF8) contains 61 bytes in 4 blocks
iconv(UTF8,CP850) contains 61 bytes in 4 blocks
iconv(UTF8,UTF-16LE) contains 67 bytes in 4 blocks
iconv(UTF-16LE,UTF8) contains 67 bytes in 4 blocks
UNNAMED contains 13 bytes in 1 blocks
which is much better than before
(This used to be commit 6e721393d03afd3c2f8ced8422533547a9e33342)
|
|
by making our gensec structures a talloc child of the open connection
we can be sure that it will be destroyed when the connection is
dropped.
(This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
|
|
select has indicated are possible
- when a socket is dead, don't try to do anything more on it
(This used to be commit e95e5c591fcf9c3b7fde7fbdcc1837e22195e0a8)
|
|
write_data and read_data, which are inherently blocking operations
- got rid of some old NBT keepalive routines that are not needed
(This used to be commit e73b4ae4e500d3b7ee57e160e0f8b63c99b2542a)
|
|
fixed - I'll commit a little test suite soon.
(This used to be commit 5b967c1cbb9831f7f2c6c6187f9e8e6dcc284497)
|
|
The intial motivation for this commit was to merge in some of the
bugfixes present in Samba3's chrcnv and string handling code into
Samba4. However, along the way I found a lot of unused functions, and
decided to do a bit more...
The strlen_m code now does not use a fixed buffer, but more work is
needed to finish off other functions in str_util.c. These fixed
length buffers hav caused very nasty, hard to chase down bugs at some
sites.
The strupper_m() function has a strupper_talloc() to replace it (we
need to go around and fix more uses, but it's a start). Use of these
new functions will avoid bugs where the upper or lowercase version of
a string is a different length.
I have removed the push_*_allocate functions, which are replaced by
calls to push_*_talloc. Likewise, pstring and other 'fixed length'
wrappers are removed, where possible.
I have removed the first ('base pointer') argument, used by push_ucs2,
as the Samba4 way of doing things ensures that this is always on an
even boundary anyway. (It was used in only one place, in any case).
(This used to be commit dfecb0150627b500cb026b8a4932fe87902ca392)
|
|
valgrind)
(This used to be commit b2bb41721817256618124907a6922a00d50643dc)
|
|
original core level calls). The old code was completely wrong in many respects.
also fixed the EA_SIZE level in the server
extended the RAW-SEARCH test suite to test the new code properly
(This used to be commit 71480271ad84b57fcdde264a54bb2408cf783255)
|
|
server
closes the connetion and we got EBADF from select() and event_loop_once() fails
metze
(This used to be commit 9c0e50a6f3d628156b4543d5ded89e06be696f64)
|
|
but do not support SPNEGO (such as XP, when not joined to a domain).
This is triggered by the presense or lack of a security blob in the
negprot reply.
Andrew Bartlett
(This used to be commit 99f7a38c077725b22475f2ba68d0955114879c24)
|
|
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
|
|
(This used to be commit 7256945b526a1ee68d18eb579e592f7389740c22)
|
|
I had previously thought this was unnecessary, as windows doesn't use
standards compliant UTF-16, and for filesystem operations treats bytes
as UCS-2, but Bjoern Jacke has pointed out to me that this means we
don't correctly store extended UTF-16 characters as UTF-8 on
disk. This can be seen with (for example) the gothic characters with
codepoints above 64k.
This commit also adds a LOCAL-ICONV torture test that tests the first
1 million codepoints against the system iconv library, and tests 5
million random UTF-16LE buffers for identical error handling to the
system iconv library.
the lib/iconv.c changes need backporting to samba3
(This used to be commit 756f28ac95feaa84b42402723d5f7286865c78db)
|
|
The bug (found by tridge) is that Win2k3 is being tighter about the
NTLMSSP flags. If we don't negotiate sealing, we can't use it.
We now have a way to indicate to the GENSEC implementation mechanisms
what things we want for a connection.
Andrew Bartlett
(This used to be commit 86f61568ea44c5719f9b583beeeefb12e0c26f4c)
|
|
(This used to be commit f6dc62bf119c294db060b0870b6ca80bc28bd4a5)
|
|
(This used to be commit 6ffdfd779936ce8c5ca49c5f444e8da2bbeee0a8)
|
|
It simplifies our structure handling a lot, making the code shorter
and easier to understand. Look at the diff carefully and see if you
can understand it. If you're still confused then please ask.
(This used to be commit 03c341aca7f09cb1f0d33ec65e074e6a00caa30f)
|
|
This version does the following:
1) talloc_free(), talloc_realloc() and talloc_steal() lose their
(redundent) first arguments
2) you can use _any_ talloc pointer as a talloc context to allocate
more memory. This allows you to create complex data structures
where the top level structure is the logical parent of the next
level down, and those are the parents of the level below
that. Then destroy either the lot with a single talloc_free() or
destroy any sub-part with a talloc_free() of that part
3) you can name any pointer. Use talloc_named() which is just like
talloc() but takes the printf style name argument as well as the
parent context and the size.
The whole thing ends up being a very simple piece of code, although
some of the pointer walking gets hairy.
So far, I'm just using the new talloc() like the old one. The next
step is to actually take advantage of the new interface
properly. Expect some new commits soon that simplify some common
coding styles in samba4 by using the new talloc().
(This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
|
|
- print the received security_descriptor in the smbclient "acl" command
- make sure we zero the alignment data in nttrans packet sends
(This used to be commit 8925b8b2193905d084e1bfaaa3235ed7f9d1eb55)
|
|
metze
(This used to be commit 0164cac6df46ca5996aae30b8c48a602999f7e0b)
|
|
handle connections using the IP as the server name, while not trying
for NBT name resolution on names like "192" and "192.168.1.2".
also removed the ip address argument to smbcli_socket_connect() as it
isn't used and doesn't really make sense.
(This used to be commit 2ce4028842556328da4da0de9bee942bed02cc62)
|
|
(This used to be commit 30ab38559e8c52ecdaf7ca9b124875ade82c5c66)
|
|
ALL_INFO queryfileinfo level. It is useful having it here as many
non-Microsoft servers implement it this way, which breaks just about
all the torture tests, so when testing against these broken systems
just change this one #if line and recompile smbtorture.
(This used to be commit cd8887293e7735d8ee1cc2daebda233673801775)
|
|
tridge: can you please check if this is correct,
I have only compiled it, but haven'T run it.
metze
(This used to be commit d3123c2e7357d8db4dce9e0253ac405318d05c48)
|
|
with the async SMB code
(This used to be commit cef94978f43a8326b6cf1888c15ca8c568ebe9f8)
|