summaryrefslogtreecommitdiff
path: root/source4/libcli/raw
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett3-19/+20
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-6/+2
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5929: Use cli_credentials for the SMB functions as well.Jelmer Vernooij1-6/+5
Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
2007-10-10r5371: on port 139 the called name needs to be in uppercaseAndrew Tridgell1-2/+2
(This used to be commit c5aef260c4581bfc0d32ec09fac3414156c40230)
2007-10-10r5322: removed a whole bunch of #include lines that minimal_includes.plAndrew Tridgell4-4/+0
thinks are not needed. Now to see how this fares on the build farm :) (This used to be commit 80ffcc650c9c86141507edd8338b97814a85f868)
2007-10-10r5304: removed lib/socket/socket.h from includes.hAndrew Tridgell2-0/+2
(This used to be commit b902ea546d2d1327b23f40ddaeeaa8e7e3662454)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-0/+1
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5197: moved events code to lib/events/ (suggestion from metze)Andrew Tridgell3-3/+3
(This used to be commit 7f54c8a339f36aa43c9340be70ab7f0067593ef2)
2007-10-10r5195: most events don't need the time of the event, so save a ↵Andrew Tridgell2-2/+1
gettimeofday() call and just use timeval_current() when its actually needed (This used to be commit 236403cc4dc2924ed6a898acae0bb44cc1688dcc)
2007-10-10r5185: make all the events data structures private to events.c. This willAndrew Tridgell3-33/+40
make it possible to add optimisations to the events code such as keeping the next timed event in a sorted list, and using epoll for file descriptor events. I also removed the loop events code, as it wasn't being used anywhere, and changed timed events to always be one-shot (as adding a new timed event in the event handler is so easy to do if needed) (This used to be commit d7b4b6de51342a65bf46fce772d313f92f8d73d3)
2007-10-10r5126: the composite code is no longer client specific or smb specific, soAndrew Tridgell1-7/+7
rename the core structure to composite_context and the wait routine to composite_wait() (suggestion from metze) (This used to be commit cf11d05e35179c2c3e51c5ab370cd0a3fb15f24a)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell6-16/+16
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4954: we don't need the separate event_remove_*() calls any more, as you nowAndrew Tridgell1-1/+1
remove an event by calling talloc_free(). (This used to be commit 8f19b6886cc58a56d52aecfc83a175197061e533)
2007-10-10r4951: some of the code dealing with libcli was getting too complex trying toAndrew Tridgell3-11/+25
handle the inverted memory hierarchy that a normal session establishment gave. The inverted hierarchy came from that fact that you first establish a socket, then a transport, then a session and finally a tree. That leads to the socket being at the top of the memory hierarchy and the tree at the bottom, which makes no sense from the users point of view, as they want to be able to free the tree and have everything disappear. The core problem was that the libcli interface didn't distinguish between establishing a primary context and a secondary context. If you establish a 2nd session on a transport then you want the transport to be referenced by the session, whereas if you establish a primary session then you want the transport to be a child of the session. To fix this I have added "parent_ctx" and "primary" arguments to the libcli intialisation functions. This makes using the library much easier, and gives us a memory hierarchy that makes much more sense. I was prompted to do this by a bug in the cifs backend, which was caused by the socket not being properly torn down on a disconnect due to the inverted memory hierarchy. (This used to be commit 5e8fd5f70178992e249805c2e1ddafaf6840739b)
2007-10-10r4944: every event_add_*() caller was having to call talloc_steal() to takeAndrew Tridgell2-4/+3
control of the event, so instead build that into the function. If you pass NULL as mem_ctx then it leaves it as a child of the events structure. (This used to be commit 7f981b9ed96f39027cbfd500f41e0c2be64cbb50)
2007-10-10r4943: Smplified the events handling code a lot. The first source ofAndrew Tridgell2-18/+4
complexity was that events didn't automatically cleanup themselves. This was because the events code was written before we had talloc destructors, so you needed to call event_remove_XX() to clean the event out of the event lists from every piece of code that used events. I have now added automatic event destructors, which in turn allowed me to simplify a lot of the calling code. The 2nd source of complexity was caused by the ref_count, which was needed to cope with event handlers destroying events while handling them, which meant the linked lists became invalid, so the ref_count ws used to mark events for later destruction. The new system is much simpler. I now have a ev->destruction_count, which is incremented in all event destructors. The event dispatch code checks for changes to this and handles it. (This used to be commit a3c7417cfeab429ffb22d5546b205818f531a7b4)
2007-10-10r4938: allow the caller to supply an existing event_context if they want toAndrew Tridgell1-2/+8
in smb_composite_connect_send(). This makes doing parallel calls much easier. (This used to be commit 442308970c123b9fb25615673049e1c1c234a0b9)
2007-10-10r4924: continue the effort to simplify and generalise the compositeAndrew Tridgell1-3/+4
interface. This patch removes the "stage" variable, which is really better suited to the backend state structures (This used to be commit 39da684ea8bc72d7a4a12c00eaad56b4f32890a9)
2007-10-10r4891: - added a generic resolve_name() async interface in libcli/resolve/,Andrew Tridgell3-24/+42
which will eventually try all resolution methods setup in smb.conf - only resolution backend at the moment is bcast, which does a parallel broadcast to all configured network interfaces, and takes the first reply that comes in (this nicely demonstrates how to do parallel requests using the async APIs) - converted all the existing code to use the new resolve_name() api - removed all the old nmb code (yay!) (This used to be commit 239c310f255e43dd2d1c2433f666c9faaacbdce3)
2007-10-10r4886: fixed two places where we process the send side of a socket after theAndrew Tridgell1-0/+1
recv side in the same event. That's a bad idea, as the first callback could decide to destroy the socket. (This used to be commit bf74ea34fc0e3c31e220c8f5a9217c95f3ca1d52)
2007-10-10r4811: now that the event context is at the socket level, the event cleanupAndrew Tridgell2-1/+13
should be there too (This used to be commit 058ae5527e3daeb50eeea9e0ecee858c84e7e17d)
2007-10-10r4810: fixed anonymous connections with smbclient. Thanks to jbm for ↵Andrew Tridgell1-2/+6
pointing this out. (This used to be commit 7da0af98a0e0bc743d3c64be30b37cbc45e00737)
2007-10-10r4791: used the new talloc type safety macros to make the "void *private"Andrew Tridgell1-2/+2
pointers in the composite code type safe. This is a bit of an experiement, I'd be interested in comments on whether we should use this more widely. (This used to be commit 0e1da827b380998355f75f4ef4f424802059c278)
2007-10-10r4777: added a smb_composite_sesssetup() async composite function. ThisAndrew Tridgell4-496/+14
encapsulates all the different session setup methods, including the multi-pass spnego code. I have hooked this into all the places that previously used the RAW_SESSSETUP_GENERIC method, and have removed the old RAW_SESSSETUP_GENERIC code from clisession.c and clitree.c. A nice side effect is that these two modules are now very simple again, back to being "raw" session setup handling, which was what was originally intended. I have also used this to replace the session setup code in the smb_composite_connect() code, and used that to build a very simple replacement for smbcli_tree_full_connection(). As a result, smbclient, smbtorture and all our other SMB connection code now goes via these composite async functions. That should give them a good workout! (This used to be commit 080d0518bc7d6fd4bc3ef783e7d4d2e3275d0799)
2007-10-10r4769: added a smb_composite_connect() function that provides a simple asyncAndrew Tridgell2-3/+37
interface to a complete SMB connection setup. Internally it does: - socket connection - session request (if needed) - negprot - session setup - tcon This is the first example of a composite function that builds on other composite components (the socket connection is a composite function, which is used as a building block for this function). I think this will be quite common in composite functions in the future, building up ever more complex composite functions from smaller building blocks, while hiding the details from the caller. There are two things missing from this now. The first is async name resolution routines (wins, bcast, DNS etc), and the second is that this code currently only does a NT1 style session setup. I'll work on adding spnego and old style session setup support next. (This used to be commit 6bc9e17f5c5236f662c7c8f308d03e6d97379b23)
2007-10-10r4767: handle the different NBT session request refusals, and map them toAndrew Tridgell1-10/+41
reasonable NT_STATUS values (This used to be commit b193a9cb0c851a4ec55ad9956a815be93eea35e4)
2007-10-10r4765: simplify the async socket code to always go via the event handlerAndrew Tridgell1-18/+9
rather than short-circuiting in the unlikely event the OS returns an immediate success on a non-blocking connect (This used to be commit db4380717041485e216f965103f9e803518b45c3)
2007-10-10r4758: - added async support to the session request codeAndrew Tridgell4-40/+75
- added async support to the negprot client code - removed two unused parameters from smbcli_full_connection() code - converted smbclient to use smbcli_full_connection() rather than reinventing everything itself (This used to be commit 71cbe2873473e039b4511511302cb63f1c50bce8)
2007-10-10r4757: added the ability of the clisocket level of libcli to handle asyncAndrew Tridgell4-90/+220
socket connections. This was complicated by a few factors: - it meant moving the event context from clitransport to clisocket, so lots of structures changed - we need to asynchronously handle connection to lists of port numbers, not just one port number. The code internally tries each port in the list in turn, without ever blocking - the man page on how connect() is supposed to work asynchronously doesn't work in practice (now why doesn't this surprise me?). The getsockopt() for SOL_ERROR is supposed to retrieve the error, but in fact the next (unrelated) connect() call on the same socket also gets an error, though not the right error. To work around this I need to tear down the whole socket between each attempted port. I hate posix. Note that clisocket.c still does a blocking name resolution call in smbcli_sock_connect_byname(). That will be fixed when we add the async NBT resolution code. Also note that I arranged things so that every SMB connection is now async internally, so using plain smbclient or smbtorture tests all the async features of this new code. (This used to be commit 468f8ebbfdbdf37c757fdc4863626aa9946a8870)
2007-10-10r4726: - use the name tcon and tid instead of conn and cnumStefan Metzmacher1-3/+3
- make use of talloc destructors metze (This used to be commit 8308da6ce4a95f8c10e22949ef00e9e64f2dbb85)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell3-5/+5
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4549: got rid of a lot more uses of plain talloc(), instead usingAndrew Tridgell3-7/+7
talloc_size() or talloc_array_p() where appropriate. also fixed a memory leak in pvfs_copy_file() (failed to free a memory context) (This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10r4547: - added talloc_new(ctx) macro that is a neater form of the common ↵Andrew Tridgell1-1/+1
talloc(ctx, 0) call. - cleaned up some talloc usage in various files I'd like to get to the point that we have no calls to talloc(), at which point we will rename talloc_p() to talloc(), to encourage everyone to use the typesafe functions. (This used to be commit e6c81d7c9f8a6938947d3c1c8a971a0d6d50b67a)
2007-10-10r4364: - added support for testing of chained SMB operations in smbtortureAndrew Tridgell3-6/+140
- added test for chained OpenX/ReadX, simulating the OS/2 workplace shell - fixed a bug in handling chained fnum in openx and ntcreatex in the server (yes, I'm on holiday, but this bug was annoying me ....) (This used to be commit b3b8958a18e302b815d98c0e3879e404bced6a08)
2007-10-10r4361: fix the buildStefan Metzmacher1-2/+3
metze (This used to be commit 78b2af77e9e4b97c698d6d9e680207b1df289cb4)
2007-10-10r4356: Allow anonymous connections to use NTLMSSP. The silly bugs thatAndrew Bartlett1-1/+0
prevented this are gone. Andrew Bartlett (This used to be commit 87dad5ec538abad93d621078a82f162675847f9f)
2007-10-10r4316: - now that the trans2 code properly supports multi-part requests, we ↵Andrew Tridgell4-7/+7
can set a maximum sized max_data in libcli trans2 code - fixed string termination in the EA_LIST trans2 findfirst level (This used to be commit a2a5f147f4faac8a48ff8f1b3e5f1334c92575bb)
2007-10-10r4315: use the remote hosts max_xmit, not the local hosts, in calculating ↵Andrew Tridgell1-1/+1
max trans2 data sizes (This used to be commit 827008cfebf29d081b457ba7162d89c8150cb24b)
2007-10-10r4263: added support for the trans2 RAW_SEARCH_EA_LIST informationAndrew Tridgell2-2/+61
level. This is quite a strange level that we've never seen before, but is used by the os2 workplace shell. note w2k screws up this level when unicode is negotiated, so it only passes the RAW-SEARCH test when you force non-unicode (This used to be commit 25189b8fbf6515d573e3398dc9fca56505dc37b9)
2007-10-10r4261: added the RAW_FILEINFO_EA_LIST trans2 qfileinfo and qpathinfoAndrew Tridgell2-10/+170
level. Interestingly, this level did now show up on our trans2 scanner previously as we didn't have the FLAGS2_EXTENDED_ATTRIBUTES bit set in the client code. Now that we set that bit, new levels appear in windows servers. (This used to be commit 0b76d405a73e924dc2706f28bbf1084a59c9b393)
2007-10-10r4243: a sniff from kukks showed that the ea_set interface in trans2 ↵Andrew Tridgell2-4/+4
setfileinfo allows for multiple EAs to be set at once. This fixes all the ea code to allow for that. (This used to be commit b26828bef5d55e5eef0e34a164e76292df45e207)
2007-10-10r4229: - added support for multi-part SMBtrans and SMBtrans2 requests in theAndrew Tridgell2-18/+106
client code. This was essential to test the multi-part server code (which I will commit soon) - when the request state is an error, ensure that req->status is not NT_STATUS_OK (This used to be commit ef502c403044b68ccdff15b1a94d447d0f53473d)
2007-10-10r4228: make sure the caller knows the packet is in error when a signing ↵Andrew Tridgell1-0/+1
error occurs (This used to be commit 5e13571e6b9f5eb35f710c2c8bd85b5569665613)
2007-10-10r4182: fixed trans2 mkdir, allowing mkdir with an initial EA listAndrew Tridgell1-2/+2
(This used to be commit 7d981c29c28391813c7f93245f64b3ee108378a4)
2007-10-10r4173: - new t2open code, that can cope with "create with EAs". Many thanksAndrew Tridgell2-7/+7
to kukks on #samba-technical for the sniffs that allowed me to work this out - much simpler ntvfs open generic mapping code - added t2open create with EA torture test to RAW-OPEN test (This used to be commit a56d95ad89b4f32a05974c4fe9a816d67aa369e3)
2007-10-10r4080: missing file from the last commitStefan Metzmacher1-1/+1
metze (This used to be commit ea7b496995573426486b7eab5de822d5602d7368)
2007-10-10r4070: move some defines from asn_1.h to the places they belong toStefan Metzmacher1-3/+2
metze (This used to be commit ab2c2f27e1c61516e885f02bf26350f97209057a)
2007-10-10r4063: - change char * -> uint8_t in struct request_bufferStefan Metzmacher11-32/+32
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2) all this fixes a lot of gcc-4 warnings metze (This used to be commit b94f92bc6637f748d6f7049f4f9a30b0b8d18a7a)
2007-10-10r4055: fixed more places to use type safe allocation macrosAndrew Tridgell2-4/+3
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
2007-10-10r4037: fixed a bunch of "might be uninitialised" warnings after enabling -O1 ↵Andrew Tridgell1-1/+1
in my compile (This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)