Age | Commit message (Collapse) | Author | Files | Lines |
|
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC,
that will cross-verify all the values.
Add support for the way netlogon credentials are shared between the
pipe that sets up schannel and the pipe that is encrypted with it.
Test this support, by calling both NETLOGON and SAMR operations in the
RPC-SCHANNEL test.
Move some of the Netlogon NEG flags into the .idl, now we have an idea
what a few of them really are.
Rename the sam_pwd_hash into a name that has meaning (all other crypto
functions were renamed in Samba4 ages ago).
Break out NTLMv2 functionality for operation on the NT hash - I intend
to do NTLMv2 logins in the samsync test in future, and naturally I
only have the hash.
Andrew Bartlett
(This used to be commit 6e6cc6fb9842113a1b0c7f6904dac709b320a6e5)
|
|
parameter to SMBNTLMv2encrypt().
Andrew Bartlett
(This used to be commit 75ff351faf0a3231e17f000b006beb9cb545d905)
|
|
attributes of files.
I decided to use IDL/NDR to encode the attribute, as it gives us a
simple way to describe and extend the saved attributes.
The xattr code needs to hook into quite a few more places in the pvfs
code, but this at least gets the basics done. I will start encoding
alternate data streams streams, DOS EAs etc soon using the same basic
mechanism.
I'll probably stick to "version 1" for the xattr.idl for quite a while
even though it will be changing, as I don't expect anyone to be
deploying this in production just yet. Once we have production users
we will need to keep compatibility by supporting all the old version
numbers in xattr.idl.
(This used to be commit c54253ed1b7dce1d14f43e747da61089aea87094)
|
|
(This used to be commit 7dc58dc01e19b342df76dcc14ee28ff37a8f9ace)
|
|
ioctl.h)
(This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
|
|
(This used to be commit 3f75117db921e493bb77a5dc14b8ce91a6288f30)
|
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
|
|
(This used to be commit 73ea8ee6c268371d05cf74160f2ad451dd2ae699)
|
|
and made them private
(This used to be commit 386ac565c452ede1d74e06acb401ca9db99d3ff3)
|
|
place. (I always have trouble finding one half or the other).
Andrew Bartlett
(This used to be commit 224b59edba7c00ad515b4c5e3e9a886700247ad4)
|
|
(This used to be commit 1d374cdeb09b856449287cf12a77b23296c82a1d)
|
|
was a real bug
(This used to be commit 02d5d0f685e44bd66aff4a007f0bf34c8f915574)
|
|
rather than doing everything itself. This greatly simplifies the
code, although I really don't like the socket_recv() interface (it
always allocates memory for you, which means an extra memcpy in this
code)
- fixed several bugs in the socket_ipv4.c code, in particular client
side code used a non-blocking connect but didn't handle EINPROGRESS,
so it had no chance of working. Also fixed the error codes, using
map_nt_error_from_unix()
- cleaned up and expanded map_nt_error_from_unix()
- changed interpret_addr2() to not take a mem_ctx. It makes absolutely
no sense to allocate a fixed size 4 byte structure like this. Dozens
of places in the code were also using interpret_addr2() incorrectly
(precisely because the allocation made no sense)
(This used to be commit 7f2c771b0e0e98c5c9e5cf662592d64d34ff1205)
|
|
- force disable spnego in the RAW-CONTEXT test (it breaks the test)
(This used to be commit 3f247ec21c59af92b420a3e550552b5a1f1f08e2)
|
|
(This used to be commit 2c852539ed089b584b721a31cd411667bb5669c7)
|
|
errno is 0
- more consistent checking for system call return values in simple backend
(This used to be commit 375a9a1347abf0b917cf94ea0cabcdea37d60e98)
|
|
metze
(This used to be commit c79bbe54b400f8e088401e1d59a626cb2a37ee34)
|
|
metze
(This used to be commit ad7b0385cfdb989d69a5c42c21fdaf8cd816999e)
|
|
of associated functions.
The motivation for this change was to avoid having to convert to/from
ucs2 strings for so many operations. Doing that was slow, used many
static buffers, and was also incorrect as it didn't cope properly with
unicode codepoints above 65536 (which could not be represented
correctly as smb_ucs2_t chars)
The two core functions that allowed this change are next_codepoint()
and push_codepoint(). These functions allow you to correctly walk a
arbitrary multi-byte string a character at a time without converting
the whole string to ucs2.
While doing this cleanup I also fixed several ucs2 string handling
bugs. See the commit for details.
The following code (which counts the number of occuraces of 'c' in a
string) shows how to use the new interface:
size_t count_chars(const char *s, char c)
{
size_t count = 0;
while (*s) {
size_t size;
codepoint_t c2 = next_codepoint(s, &size);
if (c2 == c) count++;
s += size;
}
return count;
}
(This used to be commit 814881f0e50019196b3aa9fbe4aeadbb98172040)
|
|
metze
(This used to be commit a62fbcb30f63245d9dfb48c83a5f449965bb1ca7)
|
|
taking a context (so when you pass a NULL pointer you end up with
memory in a top level context). Fixed it by changing the API to take a
context. The context is only used if the pointer you are reallocing is
NULL.
(This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
|
|
The intial motivation for this commit was to merge in some of the
bugfixes present in Samba3's chrcnv and string handling code into
Samba4. However, along the way I found a lot of unused functions, and
decided to do a bit more...
The strlen_m code now does not use a fixed buffer, but more work is
needed to finish off other functions in str_util.c. These fixed
length buffers hav caused very nasty, hard to chase down bugs at some
sites.
The strupper_m() function has a strupper_talloc() to replace it (we
need to go around and fix more uses, but it's a start). Use of these
new functions will avoid bugs where the upper or lowercase version of
a string is a different length.
I have removed the push_*_allocate functions, which are replaced by
calls to push_*_talloc. Likewise, pstring and other 'fixed length'
wrappers are removed, where possible.
I have removed the first ('base pointer') argument, used by push_ucs2,
as the Samba4 way of doing things ensures that this is always on an
even boundary anyway. (It was used in only one place, in any case).
(This used to be commit dfecb0150627b500cb026b8a4932fe87902ca392)
|
|
does not check the return value, that we don't return uninitialised memory here.
Andrew Bartlett
(This used to be commit 0e081ecb9d752067b99305b3b62477c3eed9ac24)
|
|
(This used to be commit 4e4859c06b9de5fe60ebd17cfb09eed480b79ec1)
|
|
(This used to be commit dff6262e4f9d48ed753e00faf081e52c03c7129c)
|
|
values.
Andrew Bartlett
(This used to be commit 59e361f7cca1bbaeba5d5952173b90665a76ab2d)
|
|
(This used to be commit b7191999634cf3817dc69dd3743d185ae41dbdc3)
|
|
metze
(This used to be commit 492a00d909d6f3ff8305f102551f60d91d988ccd)
|
|
Volker
(This used to be commit 53f58c053b643c8b45d2f9394faf8cfdd5005f6d)
|
|
metze
(This used to be commit 46762c9ee011e5c37f3d94a1b80ed7d679c55434)
|
|
Argl. I could never get the naming right. Having the most significant byte at
the lowest memory address is big endian, at least according to the google
search for 'big endian'....
Volker
(This used to be commit bc4c188362901423cc900fd4bdfa4a9ed6838f2b)
|
|
Fix bug found by Love H?\195?\182rnquist ?\195?\133strand: asn1_write_Integer needs to push
stuff little endian.
(This used to be commit 79bee828fbb70e71ad3fbd45758bcc7775ea977b)
|
|
table. Should get rid of the static buffer completely at some point.
(This used to be commit e0bda611121ed1f4afc2bfe83853e5521c494164)
|
|
Andrew Bartlett
(This used to be commit 0237389ce765cbb6825b79de1b0727da0969efeb)
|
|
(This used to be commit c0862278cab106a441d1049c1da945fa11353f9f)
|
|
an SPNEGO login from WinXP at least).
talloc_asprintf_append() lost an argument, but because TALLOC_CTX is
now a void*, this was not picked up by the compiler.
I've tested the login (asn1), but not the registry/gtk changes.
Andrew Bartlett
(This used to be commit 4294be44057124568fe1d176702056bb62ad3214)
|
|
- merge some stuff from trunk
metze
(This used to be commit 267edf1c0bb1ed73f1ba19148e6412b9a1c41979)
|
|
metze
(This used to be commit 01626ed381bdc9cab3e94e80220c916bb61acf30)
|
|
Thanks to Metze and Volker for their unvaluable support :)
(This used to be commit e6a6c0737ab94d58930c0d4e1ef0bb4d99510833)
|
|
ldap server code
it's not compiled in yet...
metze
(This used to be commit 48939adca1332ff90f9287311c0e9ff3e2e5917a)
|
|
Andrew Bartlett
(This used to be commit 6da7b65851aa4932aab56d1ab0f8fc67ccb62cdf)
|
|
rename CLI_ -> SMBCLI_
metze
(This used to be commit 8441750fd9427dd6fe477f27e603821b4026f038)
|
|
Rework our random number generation system.
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
This also requires that we start the secrets subsystem, as that is
where the reseed value is stored, for systems without /dev/urandom.
In order to aviod identical streams in forked children, the random
state is re-initialised after the fork(), at the same point were we do
that to the tdbs.
Andrew Bartlett
(This used to be commit b97d3cb2efd68310b1aea8a3ac40a64979c8cdae)
|
|
various switches without looking one byte past te end of the buffer.
(This used to be commit 5bce188d429b4166f3d0314922ae40204de182a7)
|
|
of SIDs
w2k3 can handle in a single request. With the samba3 client rpc libs I can do
about 21000 SIDs in a single request. test_many_LookupSIDs with 10000 SIDs
fails on the subsequent request with a NET_WRITE_FAULT. Maybe the Samba4 DCE
people want to take a look at this -- I don't see the problem.
Bug fix: SID components should be treated as unsigned when parsing
Volker
(This used to be commit 8c997a2ad2e89a640f854b556ef76a3d52c15963)
|
|
metze
(This used to be commit 52e2d038252bd745d53c687d266ad3ad62efa6fc)
|
|
(This used to be commit de5984c95602ca67e8ac3139c3aa4330b74266e0)
|
|
ndr_<push|pull>_format_blob()
simular to ndr_<push|pull>_struct_blob()
metze
(This used to be commit b25dd341e0febd550a2936ca484b6fecce2ff8c2)
|
|
This layer is used for DCERPC security, as well as ntlm_auth at this
time. It expect things like SASL and the CIFS layer to use it as
well.
The particular purpose of this layer is to introduce SPENGO, which
needs generic access to the actual implementation mechanisms.
Schannel, due to it's 'interesting' setup properties is in GENSEC, but
is only in the RPC code.
Andrew Bartlett
(This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)
|