summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r3190: When we don't have a PAC, do a lookup in the local ldb instead.Andrew Bartlett2-30/+57
This required reworking the auth_sam code, so that it would export the 'name -> server_info' functionality. It's a bit ugly from a modular point of view, but it's what we have to do... Fix up some of the code to better use the new talloc() Andrew Bartlett (This used to be commit 18e08b4497ebabc2f31210254e145458b7c6a198)
2007-10-10r3187: This 'optional' part of the ASN.1 in SPNEGO is required by Samba3 (butAndrew Bartlett1-5/+4
not Microsoft). Unfortunetly it's harder to fix Samba3 than to make Samba4 cope... Andrew Bartlett (This used to be commit bbd52ab2641d5d6fc184235ac838ce4a022174a9)
2007-10-10r3131: - make map_nt_error_from_unix() return NT_STATUS_UNSUCCESSFUL if ↵Andrew Tridgell1-3/+3
errno is 0 - more consistent checking for system call return values in simple backend (This used to be commit 375a9a1347abf0b917cf94ea0cabcdea37d60e98)
2007-10-10r3128: Return the correct error code for a secrets/kerberos login, butAndrew Bartlett1-7/+15
skipping 'bad encryption type'. Andrew Bartlett (This used to be commit 4efb87eb03acfa888d455e4ca0aff18bda7f7ba5)
2007-10-10r3115: Bugfixes and extra debug in our kerberos verify code.Andrew Bartlett2-27/+26
Andrew Bartlett (This used to be commit 9f19aae0c0812b156054385ef77785971488e21c)
2007-10-10r3110: Fix the krb5 client and server, so that it doesn't segfault. ThereAndrew Bartlett3-49/+49
were also gensec bugs that didn't turn up until we hit error paths in the krb5 code. Andrew Bartlett (This used to be commit e08366ffeb52e8c522d3808a2af1aa0bc632b55f)
2007-10-10r3096: typoStefan Metzmacher1-1/+1
metze (This used to be commit c730d7d638875c239f0b67c1d4b25eb1fb01c5ff)
2007-10-10r3094: import all LDAP error codes from the RFC 2251Stefan Metzmacher1-5/+39
metze (This used to be commit f1d8f4bc5df5b4f284739096684c9dbc76352511)
2007-10-10r3081: several updates to ntvfs and server side async request handling inAndrew Tridgell2-18/+0
preparation for the full share modes and ntcreatex code that I am working on. highlights include: - changed the way a backend determines if it is allowed to process a request asynchronously. The previous method of looking at the send_fn caused problems when an intermediate ntvfs module disabled it, and the caller then wanted to finished processing using this function. The new method is a REQ_CONTROL_MAY_ASYNC flag in req->control_flags, which is also a bit easier to read - fixed 2 bugs in the readbraw server code. One related to trying to answer a readbraw with smb signing (which can't work, and crashed our signing code), the second related to error handling, which attempted to send a normal SMB error packet, when readbraw must send a 0 read reply (as it has no header) - added several more ntvfs_generic.c generic mapping functions. This means that backends no longer need to implement such esoteric functions as SMBwriteunlock() if they don't want to. The backend can just request the mapping layer turn it into a write followed by an unlock. This makes the backends considerably simpler as they only need to implement one style of each function for lock, read, write, open etc, rather than the full host of functions that SMB provides. A backend can still choose to implement them individually, of course, and the CIFS backend does that. - simplified the generic structures to make them identical to the principal call for several common SMB calls (such as RAW_WRITE_GENERIC now being an alias for RAW_WRITE_WRITEX). - started rewriting the pvfs_open() code in preparation for the full ntcreatex semantics. - in pvfs_open and ipc_open, initially allocate the open file structure as a child of the request, so on error we don't need to clean up. Then when we are going to succeed the open steal the pointer into the long term backend context. This makes for much simpler error handling (and fixes some bugs) - use a destructor in the ipc backend to make sure that everthing is cleaned up on receive error conditions. - switched the ipc backend to using idtree for fnum allocation - in the ntvfs_generic mapping routines, use a allocated secondary structure not a stack structure to ensure the request pointer remains valid even if the backend replies async. (This used to be commit 3457c1836c09c82956697eb21627dfa2ed37682e)
2007-10-10r3079: make code more pretty :-)Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 9c911b361c4dbb058eb48150c113c2e95b8053da)
2007-10-10r3075: Initialise (and check for intialisation) of the private pointer toAndrew Bartlett1-2/+4
ensure we don't segfault on the cleanup from an incomplete schannel bind. Andrew Bartlett (This used to be commit 173f29a1d8db111d5adb258eead5379d681d3bb2)
2007-10-10r3044: resolve the error code for WERR_DS_OBJ_NOT_FOUND to the nameStefan Metzmacher1-0/+1
metze (This used to be commit c79bbe54b400f8e088401e1d59a626cb2a37ee34)
2007-10-10r3017: nicer memory handling for event_context_merge()Andrew Tridgell1-1/+0
(This used to be commit 1cef44505e5de9b8ae5206522b624082ad2343b2)
2007-10-10r3016: - converted the events code to tallocAndrew Tridgell1-1/+1
- added the new messaging system, based on unix domain sockets. It gets over 10k messages/second on my laptop without any socket cacheing, which is better than I expected. - added a LOCAL-MESSAGING torture test (This used to be commit 3af06478da7ab34a272226d8d9ac87e0a4940cfb)
2007-10-10r3005: added talloc wrappers around tdb_open() and ldb_connect(), so that theAndrew Tridgell1-12/+14
caller doesn't have to worry about the constraint of only opening a database a single time in a process. These wrappers will ensure that only a single open is done, and will auto-close when the last instance is gone. When you are finished with a database pointer, use talloc_free() to close it. note that this code does not take account of the threads process model, and does not yet take account of symlinks or hard links to tdb files. (This used to be commit 04e1171996612ddb15f84134cadded68f0d173b2)
2007-10-10r2884: parse LDAP Control messagesStefan Metzmacher1-0/+41
metze (This used to be commit e23dcb18870450be4252a0dba3e427f73291da25)
2007-10-10r2883: set BOOL to the internal values not the wire onesStefan Metzmacher1-1/+7
metze (This used to be commit ad7b0385cfdb989d69a5c42c21fdaf8cd816999e)
2007-10-10r2861: encode and decode BindRequest/Response correctStefan Metzmacher1-69/+82
and some minor changes - make ldap_encode/decode_response maore usable metze (This used to be commit cc77baf729a56499e19a50dcb1a404a4777b36d5)
2007-10-10r2860: add gensec_have_feature() to check what feature are used in the ↵Stefan Metzmacher1-0/+15
connection metze (This used to be commit 30aa8af04498d674dbcf428a9e62df9055f53ea2)
2007-10-10r2859: It seems useful to allow the seal/unseal functions in gensec to passAndrew Bartlett1-0/+12
though to the sign/check_sig functions. Andrew Bartlett (This used to be commit 18367c4235cf16f3c2fee003153ec9b19b02aa9b)
2007-10-10r2857: this commit gets rid of smb_ucs2_t, wpstring and fpstring, plus lots ↵Andrew Tridgell3-32/+29
of associated functions. The motivation for this change was to avoid having to convert to/from ucs2 strings for so many operations. Doing that was slow, used many static buffers, and was also incorrect as it didn't cope properly with unicode codepoints above 65536 (which could not be represented correctly as smb_ucs2_t chars) The two core functions that allowed this change are next_codepoint() and push_codepoint(). These functions allow you to correctly walk a arbitrary multi-byte string a character at a time without converting the whole string to ucs2. While doing this cleanup I also fixed several ucs2 string handling bugs. See the commit for details. The following code (which counts the number of occuraces of 'c' in a string) shows how to use the new interface: size_t count_chars(const char *s, char c) { size_t count = 0; while (*s) { size_t size; codepoint_t c2 = next_codepoint(s, &size); if (c2 == c) count++; s += size; } return count; } (This used to be commit 814881f0e50019196b3aa9fbe4aeadbb98172040)
2007-10-10r2853: add torture test to find the defaultNamingContext on the RootDSEStefan Metzmacher1-0/+2
try a sasl sealed CompareRequest abartlet: we need to check how SINGING only can work, it failed for me:-( metze (This used to be commit 1dabd04e265bbc1e8335f816708c2639746d9afd)
2007-10-10r2851: don't destroy the gensec context it's used for sign and sealStefan Metzmacher1-2/+3
check the result of ldap_receive() metze (This used to be commit 778cf6d92bc3c50add43b573652c2aefef65026c)
2007-10-10r2850: - check for GENSEC_WANT_SEAL in gensec_unseal_packet()Stefan Metzmacher2-2/+4
- pass functions to the subcontext in spnego metze (This used to be commit d02fab41f8261095ca8f9a819e0c25bef41b5807)
2007-10-10r2787: force masktest to use RAW_SEARCH_BOTH_DIRECTORY_INFO so it can obtain ↵Andrew Tridgell1-7/+11
the short name (This used to be commit ad5a5ea08d5be812e0ef662948477add2433bc6f)
2007-10-10r2750: decode AbandonRequest correct (untested:-)Stefan Metzmacher1-2/+6
metze (This used to be commit 4233067921d386d4bf02218b479083cdbe2bd3c1)
2007-10-10r2749: add asn1_read_implicit_Integer()Stefan Metzmacher1-5/+15
metze (This used to be commit a62fbcb30f63245d9dfb48c83a5f449965bb1ca7)
2007-10-10r2747: use DATA_BLOB for attribute valuesStefan Metzmacher2-5/+17
en/decode CompareRequest/Response correct metze (This used to be commit 72dfea2b07aea83d0965a585f6e388eb88a7c6d1)
2007-10-10r2710: continue with the new style of providing a parent context wheneverAndrew Tridgell4-24/+28
possible to a structure creation routine. This makes for much easier global cleanup. (This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
2007-10-10r2695: revert "Del" renamingSimo Sorce3-20/+20
(This used to be commit ddd74dae8efe4e04b5a56ee9ecd9d4f87f99d104)
2007-10-10r2690: deleted by mistakeSimo Sorce1-0/+3
(This used to be commit 3d587a7141908362657afc2dfd0c78d73a5fed07)
2007-10-10r2689: Use consistent naming Del -> DeleteSimo Sorce3-23/+21
Add delete functionality to ldb simple lda server backend add some const in ldap.h (This used to be commit 5ed9a6eb184f34eb572dd81202237042518ec7cd)
2007-10-10r2680: switched the libcli/raw/ code over to use talloc_reference(), which ↵Andrew Tridgell4-39/+15
simplifies things quite a bit (This used to be commit c82a9cf750829c4f6982ca3133295c8599023c4e)
2007-10-10r2671: we're getting too many errors caused by the talloc_realloc() API notAndrew Tridgell8-24/+32
taking a context (so when you pass a NULL pointer you end up with memory in a top level context). Fixed it by changing the API to take a context. The context is only used if the pointer you are reallocing is NULL. (This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
2007-10-10r2669: convert make_user_info() and associated functions from malloc to tallocAndrew Tridgell1-1/+2
(This used to be commit 278cef77f083c002d17ecbbe18c20825a380eda3)
2007-10-10r2664: fixed the final server leak for normal operation. We now get a clean ↵Andrew Tridgell1-4/+6
report from --leak-check (This used to be commit 1ff41bbcae8dc7514a85d69679e44dc7c5b0342f)
2007-10-10r2661: fixed a client side memory leak in the clilist code.Andrew Tridgell1-3/+3
This sort of bug happens quite easily with the new talloc_realloc() interface. talloc_realloc() now looks like this: void *talloc_realloc(void *ptr, size_t size); and if ptr is not NULL then everything is fine. If ptr is NULL then talloc_realloc() presumes you want to allocate in the NULL context, which is probably not what is wanted. For now the solution is to initialise ptr like this: ptr = talloc(mem_ctx, 0); so when the realloc happens it has a context to get hold of. I might change the interface of talloc_realloc() later to prevent this problem in a more robust manner (This used to be commit bd813dfb1b08b586dc71f9cec4eb65b35ea808fe)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell5-79/+83
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2655: fixed an error in the shutdown of the sock->transport->session->treeAndrew Tridgell4-4/+4
smbcli raw context handling (This used to be commit d5fd6388751944f11c34e5124d403d57c8670e3b)
2007-10-10r2654: fixed some more server memory leaks. We are now down to a single leakAndrew Tridgell6-6/+6
of 16 bytes, caused by the 16 byte data_blob in the smb_signing code. (This used to be commit 2f1b788e09686e065d22f621f5c0c585192c6740)
2007-10-10r2650: fixed a memory leak in make_server_info()Andrew Tridgell1-1/+1
(This used to be commit 4aba6e7101041100f7d400abd5e7144b95528fc3)
2007-10-10r2649: - used some cpp tricks to make users of talloc() and talloc_realloc()Andrew Tridgell1-2/+2
to get auto-naming of pointers very cheaply. - fixed a couple of memory leaks found with the new tricks A typical exit report for smbd is now: talloc report on 'null_context' (total 811 bytes in 54 blocks) auth/auth_sam.c:334 contains 20 bytes in 1 blocks struct auth_serversupplied_info contains 498 bytes in 33 blocks UNNAMED contains 8 bytes in 1 blocks lib/data_blob.c:40 contains 16 bytes in 1 blocks iconv(CP850,UTF8) contains 61 bytes in 4 blocks iconv(UTF8,CP850) contains 61 bytes in 4 blocks iconv(UTF8,UTF-16LE) contains 67 bytes in 4 blocks iconv(UTF-16LE,UTF8) contains 67 bytes in 4 blocks UNNAMED contains 13 bytes in 1 blocks which is much better than before (This used to be commit 6e721393d03afd3c2f8ced8422533547a9e33342)
2007-10-10r2648: - use a destructor on struct server_connection to simplify theAndrew Tridgell1-2/+3
connection termination cleanup, and to ensure that the event contexts are properly removed for every process model - gave auth_context the new talloc treatment, which removes another source of memory leaks. (This used to be commit 230e1cd777b0fba82dffcbd656cfa23c155d0560)
2007-10-10r2646: - use a talloc destructor to ensure that sockets from the new socketAndrew Tridgell1-2/+1
library are closed on abnormal termination - convert the service.h structures to the new talloc methods (This used to be commit 2dc334a3284858eb1c7190f9687c9b6c879ecc9d)
2007-10-10r2645: converted the NTLMSSP code to the new style of tallocAndrew Tridgell6-103/+64
(This used to be commit b378aae95d4001c4cf4e6e59ed80ee1bd55382ee)
2007-10-10r2643: convert more of the auth subsyystem to the new talloc methods. ThisAndrew Tridgell2-11/+11
also fixes a memory leak found with --leak-check. (This used to be commit f19201ea274f0a542314c61c4af676197bf154ad)
2007-10-10r2629: convert gensec to the new talloc modelAndrew Tridgell5-35/+30
by making our gensec structures a talloc child of the open connection we can be sure that it will be destroyed when the connection is dropped. (This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
2007-10-10r2624: - save some system calls by only trying read/write operations that ↵Andrew Tridgell1-1/+11
select has indicated are possible - when a socket is dead, don't try to do anything more on it (This used to be commit e95e5c591fcf9c3b7fde7fbdcc1837e22195e0a8)
2007-10-10r2621: - now that the client code is non-blocking, we no longer needAndrew Tridgell1-2/+2
write_data and read_data, which are inherently blocking operations - got rid of some old NBT keepalive routines that are not needed (This used to be commit e73b4ae4e500d3b7ee57e160e0f8b63c99b2542a)
2007-10-10r2587: fixed a couple of authentication memory leaks. There are more to beAndrew Tridgell3-2/+9
fixed - I'll commit a little test suite soon. (This used to be commit 5b967c1cbb9831f7f2c6c6187f9e8e6dcc284497)