Age | Commit message (Collapse) | Author | Files | Lines |
|
against Samba4.
Also added support for the '*' wildcard name
(This used to be commit 2dd7ccf72444db668fa970c3a95de1448baea224)
|
|
names on the network and answers name queries. Lots of details are
still missing, but at least this now means you don't need a Samba3
nmbd to use Samba4.
missing pieces include:
- name registrations should be "shout 3 times, then demand"
- no WINS server yet
- no master browser code
(This used to be commit d7d31fdc6670f026f96b50e51a4de19f0b920e5b)
|
|
- added error checking on socket startup in nbtd
(This used to be commit 5707ebc9ecdce5c195a2788ab1e4214788a086ea)
|
|
Andrew Bartlett
(This used to be commit e5afc3609382a7b534c9d845e809d135a0d4eb3a)
|
|
queries
- fixed unaligned pulls at the end of the packet in the ndr lib
(This used to be commit 61c43509f7a538541d87bd505ca241e08a50f605)
|
|
(This used to be commit 7607ddda3f221bd5a68d28c0eae297569fbb58b1)
|
|
(This used to be commit 9587cbcb9ea5303b345c31a662e9cd75d7cd705d)
|
|
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
|
|
(This used to be commit 1d1a9c11ee681540ef8a1029409bb24fc26f976c)
|
|
files don't need to match the type names in the generated headers
- with this type mapping we no longer need definitions for the
deprecated "int32", "uint8" etc form of types. We can now force
everyone to use the standard types int32_t, uint8_t etc.
- fixed all the code that used the deprecated types
- converted the IDL types "int64" and "uint64" to "dlong" and
"udlong". These are the 4 byte aligned 64 bit integers that
Microsoft internally define as two 32 bit integers in a
structure. After discussions with Ronnie Sahlberg we decided that
calling these "int64" was confusing, as it implied a true 8 byte
aligned type
- fixed all the cases where we incorrectly used things like
"NTTIME_hyper" in our C code. The generated API now uses a NTTIME for
those. The fact that it is hyper-aligned on the wire is not relevant
to the API, and should remain just a IDL property
(This used to be commit f86521677d7ff16bdc4815f9524e5286026f10f3)
|
|
(This used to be commit 765ede8ca6032ac1efdeca417eb62f34fdd7ed24)
|
|
(This used to be commit 19a907cb58f9ec58c5eea12e7979134976c0c469)
|
|
Note this doesn't work currently because the gensec_modules are not ready for that yet
metze
(This used to be commit 7b09a3f725baca5d4483b7ec24a9cb6151557bb5)
|
|
control of the event, so instead build that into the function. If you
pass NULL as mem_ctx then it leaves it as a child of the events
structure.
(This used to be commit 7f981b9ed96f39027cbfd500f41e0c2be64cbb50)
|
|
recv side in the same event. That's a bad idea, as the first callback
could decide to destroy the socket.
(This used to be commit bf74ea34fc0e3c31e220c8f5a9217c95f3ca1d52)
|
|
- structures defined using IDL in nbt.idl
- build around our events structure, and talloc
- fully async
- supports all NBT packet fields as per rfc1002
- easy interfaces for name query and status
For the moment there are just a couple of test functions in
namequery.c, test_name_query() and test_name_status(). These will be
removed when we hook the new library into libcli/ fully
The new library will also be a fairly good basis for a nbt
server. Although it can't be a server as-is, I wrote it with the needs
of a server in mind (for example, extremely scalable idtree based
packet handling)
(This used to be commit ae7e625bfa4b4a3ee32c64566064b6a4c84ee4b9)
|
|
metze
(This used to be commit 3381617a031db1dfb9dc7fc30f13e260f1dc589a)
|
|
remaining data. Pity - I was looking for kerberos keys :-)
Andrew Bartlett
(This used to be commit 37a81aad74b9f7e982469cd36e56e6f9608b9123)
|
|
(This used to be commit 0d31523aaed7a8995970dc9933a6a9d9b8536ee0)
|
|
size_is() base arrays.
Andrew Bartlett
(This used to be commit 3d3063b1f65efe3b9eb814f7425afa3278095a68)
|
|
- added async support to the negprot client code
- removed two unused parameters from smbcli_full_connection() code
- converted smbclient to use smbcli_full_connection() rather than
reinventing everything itself
(This used to be commit 71cbe2873473e039b4511511302cb63f1c50bce8)
|
|
socket connections. This was complicated by a few factors:
- it meant moving the event context from clitransport to clisocket,
so lots of structures changed
- we need to asynchronously handle connection to lists of port
numbers, not just one port number. The code internally tries each
port in the list in turn, without ever blocking
- the man page on how connect() is supposed to work asynchronously
doesn't work in practice (now why doesn't this surprise me?). The
getsockopt() for SOL_ERROR is supposed to retrieve the error, but
in fact the next (unrelated) connect() call on the same socket also
gets an error, though not the right error. To work around this I
need to tear down the whole socket between each attempted port. I
hate posix.
Note that clisocket.c still does a blocking name resolution call in
smbcli_sock_connect_byname(). That will be fixed when we add the async
NBT resolution code.
Also note that I arranged things so that every SMB connection is now
async internally, so using plain smbclient or smbtorture tests all the
async features of this new code.
(This used to be commit 468f8ebbfdbdf37c757fdc4863626aa9946a8870)
|
|
specification.
Andrew Bartlett
(This used to be commit d360f30948723687ec1504765e52db366f17cfa2)
|
|
POSIX offset for the trusted domain.
Andrew Bartlett
(This used to be commit cd9e795e4004e28dc0184b86f0c44431378fc3ff)
|
|
metze
(This used to be commit 57bf3d7a83ede0099f43a1f71026715f22cda68f)
|
|
Add my copyright to the SAMR server.
Andrew Bartlett
(This used to be commit 51e94fa26cc602ddca652776c213cd7096f9703a)
|
|
metze
(This used to be commit 7d8ba92da2b8babe7165f105591fd3e5738b2319)
|
|
- Use templates for Secrets and the new trusted domains
- Auto-add modifiedTime, createdTime and objectGUID to records in the
samdb layer.
Andrew Bartlett
(This used to be commit 271c8faadfe2d9e0f3d523a1cdc831f5f9e35d19)
|
|
that the GENSEC mechanism wishes to select. It is of course up to the
GENSEC mech and the remote server to actually support this however...
Andrew Bartlett
(This used to be commit 7200a01545e14a8b0c90fadf3c27933dd1f4359f)
|
|
This uses LDB (a local secrets.ldb and the global samdb) to fill out
the secrets from an LSA perspective.
Some small changes to come, but the bulk of the work is now done.
A re-provision is required after this change.
Andrew Bartlett
(This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
|
|
as it's already converted in the pull/push code
metze
(This used to be commit 0d2286ba56fa8d25244a5554e75b5be24eba28b0)
|
|
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned,
as the name suggests.
Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to
validate the behaviour of times, and of the old secrets.
Thanks to tridge for spotting the use of HYPER!
Andrew Bartlett
(This used to be commit 1fed79cb0f2ae7940639d08ef99576559d4cd06e)
|
|
- move some structs out of misc.idl
metze
(This used to be commit b6543a6e3057b5588ec50a2ebf6c7c932209efe6)
|
|
metze
(This used to be commit fa798fe1f0c39dfee7d4c86a8cd5924be8a32922)
|
|
(This used to be commit 6f2019c307161953291f6bb5401eefaa7edc3857)
|
|
(This used to be commit 4e62bd2a349c0cce8cb82a401fdf1cc33828af6f)
|
|
specific GENSEC mech type, but on the behaviour of the mech.
Andrew Bartlett
(This used to be commit f2bd7a5a699b91d99d7dc2a0b3b6c7006274a59c)
|
|
token in the client (the final token in the negotiation).
Consequential fixes in the SPNEGO code, which now uses the out.length
as the indicator of 'I need to send something to the other side'.
Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client.
Fix the RPC-MULTIBIND test consequent to this merge.
Andrew Bartlett
(This used to be commit 43e3516fc03008e97ebb4ad1a0cde464303f43c6)
|
|
advanced auth types we should do a plain bind. This fixes rpc
connections to ancient servers (like sun cascade)
(This used to be commit 59a5a0b218f7182c541a06ffc4528c1160699033)
|
|
- added support for "spnego" in binding strings. This enables SPNEGO
auth in the dcerpc client code, using as many allter_context calls as
are needed
To try SPNEGO do this:
smbtorture ncacn_ip_tcp:SERVER[spnego,seal] -Uadministrator%password RPC-SAMR
(This used to be commit 9c0a3423f03111c110d21c0d3910e16aa1a8bf87)
|
|
doesn't need to
use function pointers anymore
- make the module init much easier
- a lot of cleanups
don't try to read the diff in auth/ better read the new files
it passes test_echo.sh and test_rpc.sh
abartlet: please fix spelling fixes
metze
(This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
|
|
(This used to be commit 95e849bf94160ae4807a54b28e351539c1119215)
|
|
- there is no alter_nak or alter_ack packet, its all done in an
alter_response
- auto-allocated the contex_ids
- tried to fix up the dcom code to work again with
alter_context. Jelmer, please take a look :)
(This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
|
|
just does a simple LSA/DSSETUP combo, which is what w2k does in the
ACL editor rpc calls that triggered this work
(This used to be commit 0129ec947aa1fa5a7104dc3a666af3cb9bd104f1)
|
|
dcerpc_alter_context and multiple context_ids in the dcerpc client
library.
This stage does the following:
- split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which
contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has
the context dependent part. This is similar to the layering in libcli_*() for SMB
- disable the current dcerpc_alter code. I've used a #warning until i
get the 2nd phase finished. I don't know how portable #warning is, but
it won't be long before I add full alter context support anyway, so it won't last long
- cleanup the allocation of dcerpc_pipe structures. The previous code
was quite awkward.
(This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
|
|
- added #if TALLOC_DEPRECATED around the _p functions
- fixes the code that broke from the above
while doing this I fixed quite a number of places that were
incorrectly using the non type-safe talloc functions to use the type
safe ones. Some were even doing multiplies for array allocation, which
is potentially unsafe.
(This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
|
|
(This used to be commit b65a95c11778fd778ad3c013664aea7d038e16ae)
|
|
this fixes RPC-SAMLOGON and some other tests on ncacn_ip_tcp
(This used to be commit 244370d62424ab3c0f9d6689b0e674d057b3fc09)
|
|
metze
(This used to be commit c2523adc0a0807979fb21b8ba77d556bac82e435)
|
|
(This used to be commit 08d7b77efc05571146c54322e684753ccd4cd2d6)
|