Age | Commit message (Collapse) | Author | Files | Lines |
|
with talloc() for the NTLMSSP system.
Andrew Bartlett
(This used to be commit 7a93ac49c28d433ccf0f077294f473fe728b9995)
|
|
Implement push side of NDR_LEN4|NDR_NOTERM strings (pull side was already present)
(This used to be commit ea61ec1122841716ed5d90085ba79e7bf691bd6a)
|
|
metze
(This used to be commit f543eb4ede54ac361017878574b3f4b6ffc9f2d5)
|
|
less likely that anyone will use pstring for new code
- got rid of winbind_client.h from includes.h. This one triggered a
huge change, as winbind_client.h was including system/filesys.h and
defining the old uint32 and uint16 types, as well as its own
pstring and fstring.
(This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
|
|
(This used to be commit b72a0ac654857273eaaf3c5e32d86abed0af3ceb)
|
|
asn1-tied-to-blocking-sockets code into the ldap client and torture
suite, and out of the generic libs, so nobody else is tempted to use
it for any new code.
(This used to be commit 39d1ced21baeca40d1fca62ba65243ca8f15757e)
|
|
need to pull in the whole dcerpc subsystem
- moved smbencrypt.c code into libcli/auth/
(This used to be commit 3351c636af23ad88649e84f4cb88fc1167d5c654)
|
|
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
|
|
handle the inverted memory hierarchy that a normal session
establishment gave. The inverted hierarchy came from that fact that
you first establish a socket, then a transport, then a session and
finally a tree. That leads to the socket being at the top of the
memory hierarchy and the tree at the bottom, which makes no sense from
the users point of view, as they want to be able to free the tree and
have everything disappear.
The core problem was that the libcli interface didn't distinguish
between establishing a primary context and a secondary context. If you
establish a 2nd session on a transport then you want the transport to
be referenced by the session, whereas if you establish a primary
session then you want the transport to be a child of the session.
To fix this I have added "parent_ctx" and "primary" arguments to the
libcli intialisation functions. This makes using the library much
easier, and gives us a memory hierarchy that makes much more sense.
I was prompted to do this by a bug in the cifs backend, which was
caused by the socket not being properly torn down on a disconnect due
to the inverted memory hierarchy.
(This used to be commit 5e8fd5f70178992e249805c2e1ddafaf6840739b)
|
|
socket connections. This was complicated by a few factors:
- it meant moving the event context from clitransport to clisocket,
so lots of structures changed
- we need to asynchronously handle connection to lists of port
numbers, not just one port number. The code internally tries each
port in the list in turn, without ever blocking
- the man page on how connect() is supposed to work asynchronously
doesn't work in practice (now why doesn't this surprise me?). The
getsockopt() for SOL_ERROR is supposed to retrieve the error, but
in fact the next (unrelated) connect() call on the same socket also
gets an error, though not the right error. To work around this I
need to tear down the whole socket between each attempted port. I
hate posix.
Note that clisocket.c still does a blocking name resolution call in
smbcli_sock_connect_byname(). That will be fixed when we add the async
NBT resolution code.
Also note that I arranged things so that every SMB connection is now
async internally, so using plain smbclient or smbtorture tests all the
async features of this new code.
(This used to be commit 468f8ebbfdbdf37c757fdc4863626aa9946a8870)
|
|
- make use of talloc destructors
metze
(This used to be commit 8308da6ce4a95f8c10e22949ef00e9e64f2dbb85)
|
|
metze
(This used to be commit 9db0d19413beb4a0a0b48f4223600ff8dff33728)
|
|
We really should have a seperate structure for this (the ARCFOUR
sbox), but for now, get the declaration right.
Andrew Bartlett
(This used to be commit 2e16f3a8d31954fdfe4a8832637fcd9191ecab96)
|
|
- there is no alter_nak or alter_ack packet, its all done in an
alter_response
- auto-allocated the contex_ids
- tried to fix up the dcom code to work again with
alter_context. Jelmer, please take a look :)
(This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
|
|
dcerpc_alter_context and multiple context_ids in the dcerpc client
library.
This stage does the following:
- split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which
contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has
the context dependent part. This is similar to the layering in libcli_*() for SMB
- disable the current dcerpc_alter code. I've used a #warning until i
get the 2nd phase finished. I don't know how portable #warning is, but
it won't be long before I add full alter context support anyway, so it won't last long
- cleanup the allocation of dcerpc_pipe structures. The previous code
was quite awkward.
(This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
|
|
- added #if TALLOC_DEPRECATED around the _p functions
- fixes the code that broke from the above
while doing this I fixed quite a number of places that were
incorrectly using the non type-safe talloc functions to use the type
safe ones. Some were even doing multiplies for array allocation, which
is potentially unsafe.
(This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
|
|
(This used to be commit f4337c988c15dc84e3cfd77b628e92a0996717ea)
|
|
talloc_size() or talloc_array_p() where appropriate.
also fixed a memory leak in pvfs_copy_file() (failed to free a memory
context)
(This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
|
|
talloc(ctx, 0) call.
- cleaned up some talloc usage in various files
I'd like to get to the point that we have no calls to talloc(), at
which point we will rename talloc_p() to talloc(), to encourage
everyone to use the typesafe functions.
(This used to be commit e6c81d7c9f8a6938947d3c1c8a971a0d6d50b67a)
|
|
metze
(This used to be commit 02861f63052c48fc85c6694ad8164cc6cc5443d4)
|
|
metze
(This used to be commit 74e65680fa9a6b8f04c6ae62ec1da49659879fb5)
|
|
easily adding/removing privileges from users
(This used to be commit 8764909c05c4829d1e4f7eaf8c18e8ef1e53645f)
|
|
metze
(This used to be commit e624bb52886db80a3600b79494ad1150592efebe)
|
|
metze
(This used to be commit e5db58526825476fd6d8d80c8ee6c3bca0e23c84)
|
|
related to filesharing. For example, in order to manipulate ACLs
properly its important to be able to call LookupSids, and to be able
to lookup what privileges a SID has.
- added 3 new commands to smbclient "lookupname", "lookupsid" and
"privileges"
(This used to be commit 8780c40f0539da72652d17455e98fcaee6d197d1)
|
|
(This used to be commit 335b1c6a52b2e437e7f16a84ba547e5387ef64d1)
|
|
(This used to be commit 19efd83b863a8c94f509d6a933a7d5de43aa95e9)
|
|
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2)
all this fixes a lot of gcc-4 warnings
metze
(This used to be commit b94f92bc6637f748d6f7049f4f9a30b0b8d18a7a)
|
|
metze
(This used to be commit 64570b7a4734ec1cc56a07e6bd9b20a155a876c0)
|
|
metze
(This used to be commit efe840c8b0dd599d205068a4946ef587d542f2a5)
|
|
metze
(This used to be commit f2ff50dfc40f7bf329ab83eefcc2cff9e575a84e)
|
|
metze
(This used to be commit b1b47bda0177c42687b9c291e4e28ae123fb4eac)
|
|
on Simple example server side implementation
(This used to be commit 98afb504d95ccca4d6ec48273e10b52ccfa26ad0)
|
|
- fixed push/pull of chained ea lists
- fixed a bug in the nttrans wire encoding
(This used to be commit fcd09224076508f9c10095bf2e2c394232a4d297)
|
|
- move dom_sid, security_descriptor, security_* funtions to one place
and rename some of them
metze
(This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
|
|
NT_STATUS_HOST_UNREACHABLE instead of NT_STATUS_UNSUCCESSFUL
(This used to be commit f2a488e5668ab5d262269f1bab1b33a63265cbe9)
|
|
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC,
that will cross-verify all the values.
Add support for the way netlogon credentials are shared between the
pipe that sets up schannel and the pipe that is encrypted with it.
Test this support, by calling both NETLOGON and SAMR operations in the
RPC-SCHANNEL test.
Move some of the Netlogon NEG flags into the .idl, now we have an idea
what a few of them really are.
Rename the sam_pwd_hash into a name that has meaning (all other crypto
functions were renamed in Samba4 ages ago).
Break out NTLMv2 functionality for operation on the NT hash - I intend
to do NTLMv2 logins in the samsync test in future, and naturally I
only have the hash.
Andrew Bartlett
(This used to be commit 6e6cc6fb9842113a1b0c7f6904dac709b320a6e5)
|
|
parameter to SMBNTLMv2encrypt().
Andrew Bartlett
(This used to be commit 75ff351faf0a3231e17f000b006beb9cb545d905)
|
|
attributes of files.
I decided to use IDL/NDR to encode the attribute, as it gives us a
simple way to describe and extend the saved attributes.
The xattr code needs to hook into quite a few more places in the pvfs
code, but this at least gets the basics done. I will start encoding
alternate data streams streams, DOS EAs etc soon using the same basic
mechanism.
I'll probably stick to "version 1" for the xattr.idl for quite a while
even though it will be changing, as I don't expect anyone to be
deploying this in production just yet. Once we have production users
we will need to keep compatibility by supporting all the old version
numbers in xattr.idl.
(This used to be commit c54253ed1b7dce1d14f43e747da61089aea87094)
|
|
(This used to be commit 7dc58dc01e19b342df76dcc14ee28ff37a8f9ace)
|
|
ioctl.h)
(This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
|
|
(This used to be commit 3f75117db921e493bb77a5dc14b8ce91a6288f30)
|
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
|
|
(This used to be commit 73ea8ee6c268371d05cf74160f2ad451dd2ae699)
|
|
and made them private
(This used to be commit 386ac565c452ede1d74e06acb401ca9db99d3ff3)
|
|
place. (I always have trouble finding one half or the other).
Andrew Bartlett
(This used to be commit 224b59edba7c00ad515b4c5e3e9a886700247ad4)
|
|
(This used to be commit 1d374cdeb09b856449287cf12a77b23296c82a1d)
|
|
was a real bug
(This used to be commit 02d5d0f685e44bd66aff4a007f0bf34c8f915574)
|
|
rather than doing everything itself. This greatly simplifies the
code, although I really don't like the socket_recv() interface (it
always allocates memory for you, which means an extra memcpy in this
code)
- fixed several bugs in the socket_ipv4.c code, in particular client
side code used a non-blocking connect but didn't handle EINPROGRESS,
so it had no chance of working. Also fixed the error codes, using
map_nt_error_from_unix()
- cleaned up and expanded map_nt_error_from_unix()
- changed interpret_addr2() to not take a mem_ctx. It makes absolutely
no sense to allocate a fixed size 4 byte structure like this. Dozens
of places in the code were also using interpret_addr2() incorrectly
(precisely because the allocation made no sense)
(This used to be commit 7f2c771b0e0e98c5c9e5cf662592d64d34ff1205)
|