| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
metze
(This used to be commit a29d52817ce943c15f6896b74273df739867c8f7)
|
|
stuff),
based on a patch from j.kerihuel@openchange.org
- remove unused $ndr_flags argument for the ParseCompression*Start() function's
metze
(This used to be commit 27ccdd61822ba1a24244086522b9f8fe97fe0a78)
|
|
(taken from cabextract.c from KDE)
this code maybe need to be rewritten and the
compression side needs to be done,
but for now it seems to works
- remove the dependency to zlib
metze
(This used to be commit 5e8558c5b4365a494aa054c3e08d4084b319e6e5)
|
|
this is not complete cuurently...
but I want other people to test it and help me on finishing it.
(try to change the #if 0 in torture/rpc/drsuapi.c into #if 1)
metze
(This used to be commit 335adef37082a78e0426decb715629bd778e6582)
|
|
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'.
GENSEC now no longer has it's own handling of 'set username' etc,
instead it uses cli_credentials calls.
In order to link the credentails code right though Samba, a lot of
interfaces have changed to remove 'username, domain, password'
arguments, and these have been replaced with a single 'struct
cli_credentials'.
In the session setup code, a new parameter 'workgroup' contains the
client/server current workgroup, which seems unrelated to the
authentication exchange (it was being filled in from the auth info).
This allows in particular kerberos to only call back for passwords
when it actually needs to perform the kinit.
The kerberos code has been modified not to use the SPNEGO provided
'principal name' (in the mechListMIC), but to instead use the name the
host was connected to as. This better matches Microsoft behaviour,
is more secure and allows better use of standard kerberos functions.
To achieve this, I made changes to our socket code so that the
hostname (before name resolution) is now recorded on the socket.
In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now
in libcli/auth/schannel.c, and it looks much more like a standard
GENSEC module. The actual sign/seal code moved to
libcli/auth/schannel_sign.c in a previous commit.
The schannel credentails structure is now merged with the rest of the
credentails, as many of the values (username, workstation, domain)
where already present there. This makes handling this in a generic
manner much easier, as there is no longer a custom entry-point.
The auth_domain module continues to be developed, but is now just as
functional as auth_winbind. The changes here are consequential to the
schannel changes.
The only removed function at this point is the RPC-LOGIN test
(simulating the load of a WinXP login), which needs much more work to
clean it up (it contains copies of too much code from all over the
torture suite, and I havn't been able to penetrate its 'structure').
Andrew Bartlett
(This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
|
|
(This used to be commit ff478d44bed302f4a27edea56e9b7e897e62c769)
|
|
Implement push side of NDR_LEN4|NDR_NOTERM strings (pull side was already present)
(This used to be commit ea61ec1122841716ed5d90085ba79e7bf691bd6a)
|
|
metze
(This used to be commit 1084ad4bfce6bc20537f5bfccb5a25b60f503b32)
|
|
- Keep COM and DCOM more seperated
(This used to be commit f694f484c422d0c86beb58e8f62f134f8676d5e1)
|
|
- Disable all current DCOM functionality (I hope to commit
a large bunch of COM and DCOM changes later today)
- Make remact and oxidresolver depend on orpc rather then dcom
(This used to be commit f298f2a5478a905fe385b8d68318db92ee984374)
|
|
(This used to be commit 75d8fc8338ea0345ed0181f5700640029e311599)
|
|
(This used to be commit 00b0ec8a599c9467ba52aebf978dc33648d33136)
|
|
on tcp port 42. This is enough to reasonably decode (with ndrdump) all
the packets I have seen on the wire. It will need some fine tuning
once I understand the protocol a bit more.
(This used to be commit 3f90bc132139815c23c7322d3d47268d92ba00ac)
|
|
so we can use it in nbt.idl and
get a nicer debug output
metze
(This used to be commit abacbc9192646f6f3c720758ab65889b82b9ae7b)
|
|
- structures defined using IDL in nbt.idl
- build around our events structure, and talloc
- fully async
- supports all NBT packet fields as per rfc1002
- easy interfaces for name query and status
For the moment there are just a couple of test functions in
namequery.c, test_name_query() and test_name_status(). These will be
removed when we hook the new library into libcli/ fully
The new library will also be a fairly good basis for a nbt
server. Although it can't be a server as-is, I wrote it with the needs
of a server in mind (for example, extremely scalable idtree based
packet handling)
(This used to be commit ae7e625bfa4b4a3ee32c64566064b6a4c84ee4b9)
|
|
token in the client (the final token in the negotiation).
Consequential fixes in the SPNEGO code, which now uses the out.length
as the indicator of 'I need to send something to the other side'.
Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client.
Fix the RPC-MULTIBIND test consequent to this merge.
Andrew Bartlett
(This used to be commit 43e3516fc03008e97ebb4ad1a0cde464303f43c6)
|
|
metze
(This used to be commit a4d94034239980d8a7ab38dfe2b19936b15d23df)
|
|
(This used to be commit 05c8fd81ddec969ed5280e2fe9f838ac4399f1c9)
|
|
metze
(This used to be commit 523e6acf4fec5d4946fa7c0c89f40d7d712c9f3a)
|
|
service
metze
(This used to be commit 07803f28863db72a7691766da912878459eec70a)
|
|
(This used to be commit 4840eaeed3cfd72026babb382f26929c29702713)
|
|
This reduces the total size of the samba binaries from 119 Mb to 73 Mb.
Next step will be to have the build system obtain some of this information
by itself, so that we don't have to write ~10 lines per interface manually.
(This used to be commit 16d905f6b0cbec591eebc44ee2ac9516a5730378)
|
|
- Add some const
(This used to be commit a00bda88e1b6abdc36e5aa8c2a35f64855f67c96)
|
|
- move dom_sid, security_descriptor, security_* funtions to one place
and rename some of them
metze
(This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
|
|
rather then a large table in librpc/gen_ndr/tables.c. This will allow us
to only link in only the required gen_ndr files (speeds up linking quite a
bit, makes binaries smaller).
Each gen_ndr_* file now has a init function that calls the init functions
of the interfaces it contains. I did it this way to keep pidl's code simple,
though it might hurt startup time a bit. I'd be happy to change it if
people like one function better.
(This used to be commit 3c436590ae95b58ad6d00e72d6fdd08a4d80f208)
|
|
(This used to be commit a7c3c8cb6256acf672996fc6bf6128865a9ba0a9)
|
|
(This used to be commit 3add9e7de52496b135a230cccfd2d99a8b77ddd0)
|
|
- Use .mk files directly (no need for a SMB_*_MK() macro when adding a new SUBSYSTEM, MODULE or BINARY). This allows addition of new modules and subsystems without running configure
- Add support for generating .dot files with the Samba4 dependency tree (as used by the graphviz and springgraph utilities)
(This used to be commit 64826da834e26ee0488674e27a0eae36491ee179)
|
|
- OXID tables work now. IOXIDResolver is used if there is used for getting a STRINGBINDING if none is known yet
- Add custom dissectors for STRINGARRAY and DUALSTRINGARRAY. If there's a way to get rid of these later on (by supporting them thru pidl somehow), I'd be happy to use that instead of doing it manually.
I can now get to the point where we have created an object and are connected to
it. The only thing left to do is being able to set the Object UUID properly..
(This used to be commit 54e1e5edca50d3cd496c080715e84ec62cb2a10c)
|
|
use of contexts.
(This used to be commit 93eb3cd99c4fb065a69eabcead0c33804259c976)
|
|
Both subsystems and modules can now have init functions, which can be
specified in .mk files (INIT_FUNCTION = ...)
The build system will define :
- SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal
- BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on
This removes the hack with the "static bool Initialised = " and the
"lazy_init" functions
(This used to be commit 7a8244761bfdfdfb48f8264d76951ebdfbf7bd8a)
|
|
attributes of files.
I decided to use IDL/NDR to encode the attribute, as it gives us a
simple way to describe and extend the saved attributes.
The xattr code needs to hook into quite a few more places in the pvfs
code, but this at least gets the basics done. I will start encoding
alternate data streams streams, DOS EAs etc soon using the same basic
mechanism.
I'll probably stick to "version 1" for the xattr.idl for quite a while
even though it will be changing, as I don't expect anyone to be
deploying this in production just yet. Once we have production users
we will need to keep compatibility by supporting all the old version
numbers in xattr.idl.
(This used to be commit c54253ed1b7dce1d14f43e747da61089aea87094)
|
|
(This used to be commit c1f345eefdce3f6fc9e3a526543b2b9a6441e566)
|
