Age | Commit message (Collapse) | Author | Files | Lines |
|
responses...
Also trust OpenLDAP to be pedantic about it, breaking connections to AD.
In any case, we now get this 'right' (by nasty overloading hacks, but
hey), and we can now use system-supplied OpenLDAP libs and SASL/GSSAPI
to talk to Samba4.
Andrew Bartlett
(This used to be commit 0cbe18211a95f811b51865bc0e8729e9a302ad25)
|
|
the spec.
GSSAPI differs from GSS-SPNEGO in an additional 3 packets, negotiating
a buffer size and what integrity protection/privacy should be used.
I worked off draft-ietf-sasl-gssapi-03, and this works against Win2k3.
I'm doing this in the hope that Apple clients as well as SASL-based
LDAP tools may get a bit further.
I still can't get ldapsearch to work, it fails with the ever-helpful
'Local error'.
Andrew Bartlett
(This used to be commit 3e462897754b30306c1983af2d137329dd937ad6)
|
|
in client/cifsdd*, which implements a minimal implementation of dd. The
IO path is careful to always perform IO at the requested block size.
There is a very basic test suite in script/tests/test_cifsdd.sh which
covers local and remote IO at a variety of block sizes.
Added to lib/util_str.c is a small set of conv_str_*() functions to
convert strings to the corresponding type.
smbcli_parse_unc is modified to insert NULL terminators after its
hostname and sharename parameters. This allows it to correctly parse a
path of the form //foo/share/path/file.
(This used to be commit cd2f94a65817bfae20ac21b730a2c42d8e581ab3)
|
|
Andrew Bartlett
(This used to be commit 8e2b461669d2d4d5a789da66b5049ecbddd8fd15)
|
|
(This used to be commit 62822a26550842dbb763b27994cb38474fe8eea3)
|
|
name, and use that.
(I was trying to find a machine by the name of __SAMBA__)
Andrew Bartlett
(This used to be commit cde044d023c7580442bceb60ac62dc4cfc1b85fe)
|
|
metze
(This used to be commit ec30a40f042016bc167382b63bd284f656ed7cb1)
|
|
NOTIFICATION LDAP Controls
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_notification_oid.asp
this doesn't work yet, but it shows that we need to extend ldb to correctly
handle async requests...
metze
(This used to be commit 1fe67189490c9faf499b68a28071a6294a53db0e)
|
|
Still investigating how it works.
Simo.
(This used to be commit bebd403523e581606505e05e7cb621efbc22fa36)
|
|
metze
(This used to be commit 8208a4abf0cacb9ee3496611f121c095b5d1bcca)
|
|
(This used to be commit dd386bdc6ca6fe0b25705d5a375d29e6940b437f)
|
|
some more work on timeouts
(This used to be commit a7e2fe3cb33be2effff7eb764047567f2da3cd55)
|
|
metze
(This used to be commit 1768a698a461bfb8aeaa8f28efaab4ad300823a2)
|
|
Andrew Bartlett
(This used to be commit 3e90e7edfa7d343a6b6bf073b8f4d018e3b463d0)
|
|
another case where we have to fallback to the node status request.
Andrew Bartlett
(This used to be commit 181064dbcf102de80937fc30b3d3ba5114194a72)
|
|
the remote server's name, or in the absence of a local nbt_server to
communicate with (or without root access), a node status request.
The result is that we are in a better position to use kerberos, as well
as to remove the 'password server' mandatory parameter for the samsync
and samdump commands. (I need this to put these into SWAT).
The only problem I have is that I must create a messaging context, which
requires a server ID. As a client process, I don't expect to get
messages, but it is currently required for replies, so I generate a
random() number. We probably need the servers to accept connections on
streamed sockets too, for client-only tasks that want IRPC.
Because I wanted to test this code, I have put the NET-API-* tests into
our test scripts, to ensure they pass and keep passing. They are good
frontends onto the libnet system, and I see no reason not to test them.
In doing so the NET-API-RPCCONNECT test was simplified to take a
binding string on the command line, removing duplicate code, and
testing the combinations in the scripts instead.
(I have done a bit of work on the list shares code in libnet_share.c
to make it pass 'make test')
In the future, I would like to extend the libcli/findds.c code (based
off volker's winbind/wb_async_helpers.c, which is why it shows up a bit
odd in the patch) to handle getting multiple name replies, sending a
getdc request to each in turn.
(posted to samba-technical for review, and I'll happily update with
any comments)
Andrew Bartlett
(This used to be commit 7ccddfd3515fc2c0d6f447c768ccbf7a220c3380)
|
|
structure that is more generic than just 'IP/port'.
It now passes make test, and has been reviewed and updated by
metze. (Thankyou *very* much).
This passes 'make test' as well as kerberos use (not currently in the
testsuite).
The original purpose of this patch was to have Samba able to pass a
socket address stucture from the BSD layer into the kerberos routines
and back again. It also removes nbt_peer_addr, which was being used
for a similar purpose.
It is a large change, but worthwhile I feel.
Andrew Bartlett
(This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
|
|
to specific dirs)
(This used to be commit 243cf760b077e155f5ac508aeebf819f7708a84e)
|
|
Andrew Bartlett
(This used to be commit 10eadf48124d61f2eb586fb277a66aa4b9e6cad3)
|
|
There's still lot of work to do but the patch is stable
enough to be pushed into the main samba4 tree.
Simo.
(This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
|
|
metze
(This used to be commit f2e97983f278211c6d70400ce1f43d6a69df0d8a)
|
|
(This used to be commit 63917616016133c623fc6ff59454bc313ee7dd8f)
|
|
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
|
|
Re-introduce and use the OUTPUT_TYPE property for MODULEs to force
specific modules to always be included
(This used to be commit f9eede3d40098eddc3618ee48f9253cdddb94a6f)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
metze
(This used to be commit 82d5bdb1e73dd203cfaf83fdb46c485d212d5c65)
|
|
(This used to be commit ca8db1a0cd77682ac2c6dc4718f5d753a4fcc4db)
|
|
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
|
|
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.
This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).
This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.
I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
|
|
'librpc'
are the only two subsystems left to convert.
(This used to be commit f6bbc72996aeee8607fc583140fd60be0e06e969)
|
|
the difference between these at all, and in the future the
fact that INIT_OBJ_FILES include smb_build.h will be sufficient to
have recompiles at the right time.
(This used to be commit b24f2583edee38abafa58578d8b5c4b43e517def)
|
|
instead of segfaulting
metze
(This used to be commit 043f5c1054cd2dc95571d601b0872c4cb0d99588)
|
|
installed.
Install pkg-config files.
(This used to be commit a86abe84e2cae7c6188c094a92c6b62aace02fdf)
|
|
- free it at the end of wrepl_socket_dead() if needed
metze
(This used to be commit 58285115c83a3b7bbc9bf52a105cebd11831e9d8)
|
|
(mostly use for send_only requests, where we don't have a reply at all)
metze
(This used to be commit a01d5a769c63777232aad89f8c4b5460824ca2b1)
|
|
packet_context isn't inplace yet
metze
(This used to be commit 064d9409c3dda25a803fd5ca9ad15c48271e8905)
|
|
in build/smb_build/, remove unused pstring macros
(This used to be commit 432296207400636dd81d0929ec7b1b4cebbcaa62)
|
|
packet_context
system
- this needs to be in one big patch, because of the merging code,
that changes client in server connections and the other way around
- use socket_connect_send/_recv() in the client code
metze
(This used to be commit f0105b7fcdc3032d22444a1973927fff2dd9a06f)
|
|
(This used to be commit 82d87d62614a33ec9d2ed20e63d80a7af64e8678)
|
|
displaying security descriptors in ldbsearch or ldbedit you can see
the SDDL version.
This also allows us to specify security descriptors in our
setup/*.ldif files in SDDL format, which is much more convenient than
the NDR binary format!
(This used to be commit 8185731c1846412c1b3366824cdb3d05b2d50b73)
|
|
- allow for arbitrary access masks in sddl_encode_ace()
(This used to be commit 5e2b1bd6afafe2eb96e98c4636e0a62235693183)
|
|
(This used to be commit a0662ae9d3f719d2db193490361923095bd4d419)
|
|
couple of days ago. Doesn't yet encode using the shorthand for well
known SIDs.
(This used to be commit 655a4ebe8e0ee18133103bfba0ca6d14cbf81d56)
|
|
instead make the normal composite_done() and composite_error()
functions automatically trigger a delayed callback if the caller has
had no opportunity to setup a async callback
this removes one of the common mistakes in writing a composite function
(This used to be commit f9413ce792ded682e05134b66d433eeec293e6f1)
|
|
- smb2_logoff() acts on the smb2_session
metze
(This used to be commit ae1ca2bb4affefff1026c03f0765faf28c2b316b)
|
|
rafal
(This used to be commit 7aa40e3a3ff7a655c5ed8ee67c55af92193815f1)
|
|
only try permitted mechanims.
Andrew Bartlett
(This used to be commit 0f50239dc40ee128e4985f8aec5bb5f440a4f3f0)
|
|
metze
(This used to be commit 2433800834293a95669c3c48eb2462b76d1b3029)
|
|
(This used to be commit 1eca19d597ea21a073361fc6fc550919abf97574)
|
|
- added a bunch more tests to LOCAL-SDDL (all the ones from our schema)
- fixed 'mixed coded declarations' bug
(This used to be commit c30e7698e8e1d9991d35bf86c0d4041a1814ad92)
|