Age | Commit message (Collapse) | Author | Files | Lines |
|
authenticated session down into LDB. This associates a session info
structure with the open LDB, allowing a future ldb_ntacl module to
allow/deny operations on that basis.
Along the way, I cleaned up a few things, and added new helper functions
to assist. In particular the LSA pipe uses simpler queries for some of
the setup.
In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't
been worked on (other than making it continue to compile) since January,
and I think the features of this module are being put into ldb anyway.
I have also changed the partitions in ldap_server to be initialised
after the connection, with the private pointer used to associate the ldb
with the incoming session.
Andrew Bartlett
(This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
|
|
NBT server code remains reabable. Also fixed the copyright header to
include Volker, as he wrote the getdc server function
(This used to be commit a973197d3e0045a76a2f14153f5541b9e36e6c8a)
|
|
Volker
(This used to be commit c7557884843a5b2bac9e21ec81cafcaadf436bca)
|
|
then StaticLibrary()
(This used to be commit b53313dc517986c69a4e4cb8fe3885b696f8faa1)
|
|
stuff.
- don't use SMBCLI_REQUEST_* state's in the genreic composite stuff
- move monitor_fn to libnet.
NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR
state in the _send() function. I haven't fixed this bugs in this
commit! We may need some composite_trigger_*() functions or so.
And maybe some other generic helper functions...
metze
(This used to be commit 4527815a0a9b96e460f301cb1f0c0b3964c166fc)
|
|
domain and gets the DC's name via a mailslot call.
Metze, I renamed wbsrv_queue_reply to wbsrv_send_reply in accordance with
irpc_send_reply. Having _queue_ here and _send_ there is a bit confusing. And
as everything is async anyway, the semantics should not be too much of a
problem.
Volker
(This used to be commit 4637964b19c6e9f7d201b287e2d409d029fced01)
|
|
do not autostart transactions on ldb operations if a transaction is already in place
test transactions on winsdb
all my tests passes so far
tridge please confirm this is ok for you
(This used to be commit c2bb2a36bdbe0ec7519697a9a9ba7526a0defac2)
|
|
but final linking still fails (as does generating files asn1, et, idl and proto
files)
(This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
|
|
(This used to be commit 59d4450453c25f5cce9b67b808ff0c4433c1d194)
|
|
searches in ldb to be more ldap compliant, but broke the wins server
and the ejs ldb code. This fixes those up so 'make test' passes again.
(This used to be commit dff660c23c97114d0c1be705f4d6a9c114b60456)
|
|
- use LIBCLI_WREPL for the winsreplication client code
- fix some dependencies
metze
(This used to be commit 7dd931ee5ac1408da8d14d00f43d19473e06871e)
|
|
distinguished names
Provide more functions to handle DNs in this form
(This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
|
|
cross-reference instead.
Andrew Bartlett
(This used to be commit 0f7b1136f6e0779f28f2132a8606dd64be20c42e)
|
|
This gets it working, but I'm rather worried about the speed. We used
to get more than 5000 ops/sec, but now we are down to around 15
ops/sec. I suspect a bug in ldb.
(This used to be commit 83727bf72c970effdc5995e2f6e7816a57887b5c)
|
|
(This used to be commit dc0ea36344c8eeeff0aa1afa01202fe1f477d307)
|
|
to look at
(This used to be commit 73643884a3c76de5a738a28054a168fdb008a9f8)
|
|
be able to send a message to the "ldap_server" task without having to
know its task ID.
(This used to be commit 8f69867867857e0c9a9246c2dec9612ccc234724)
|
|
the caller should free it
this fixed a double free bug noticed by
Дейтер Александр Валериевич <tiamat@komi.mts.ru>
metze
(This used to be commit ee1a5d5419f4d79af5c447a6b397a0f4dc89310a)
|
|
to task_server_terminate()
(This used to be commit a7447e25ac203f0ee09ffdf72df1094eb70e7c0c)
|
|
NETLOGON reply.
Use the kdc server service to determine if we are a kdc (no more
krb5:kdc=yes).
Andrew Bartlett
(This used to be commit fe9cdb063ca183674d0093b43017cc054d7c3f63)
|
|
(This used to be commit 4c0ed7328b14969ea34790b0e80fa714c44ccc5f)
|
|
lorikeet-heimdal kdc running
metze
(This used to be commit fa652919bd6ab58ff15cab239cf88d2359b03d55)
|
|
(This used to be commit 2f80b2070f1fc99151f0a583271cd9047d53bab6)
|
|
I can now join winxp -> samba4 DC using long name, and login. The nice
thing is there are no delays now, as the client likes the replies it gets
(This used to be commit 5aff7d36f3e535e305820ae42b023ae53cc0daf9)
|
|
type
(This used to be commit 8229fe4dd5f4eb89eb19fa02eedc7f00a31b204e)
|
|
(andrew, please fix the method of sseeing if we do krb5, if you can
think of a better one)
(This used to be commit 4c2207c946fa7bb6a8ba32ac82256c424b5d0d3c)
|
|
Samba4 without Samba3 nmbd
(This used to be commit f4d07d7d3b6973b503d8c98f177471dd6cebfa92)
|
|
workstations can now login
to a Samba4 domain.
(This used to be commit df146d64ebce6b462c08a1f30919390fcf8196cb)
|
|
clients when a user tries to login)
(This used to be commit 08ded62156b387457bc56b5910e1ddc813b375bd)
|
|
without
Samba3 nmbd
(This used to be commit 4507bdc339505e91118d403948946f4a98a4f562)
|
|
test suite, but doesn't yet seem to satisfy a nt4 client. I'm
investigating.
(This used to be commit 406217262dff5adb5d0cb0028198e08f66cc85f4)
|
|
parsing incoming netlogon requests. No replies are sent yet.
(This used to be commit 3b34df6a674cd2aeddc354cdadae3f0e1c000d45)
|
|
server. Currently just listens on port 138 and parses the packets
(using IDL like the rest of NBT). This allows me to develop the
structures and test with real packets
(This used to be commit 10d64a525349ff96695ad961a3cfeb5bc7c8844f)
|
|
changes:
- ldb_wrap disappears from code and become a private structure of db_wrap.c
thanks to our move to talloc in ldb code, we do not need to expose it anymore
- removal of ldb_close() function form the code
thanks to our move to talloc in ldb code, we do not need it anymore
use talloc_free() to close and free an ldb database
- some minor updates to ldb modules code to cope with the change and fix some
bugs I found out during the process
(This used to be commit d58be9e74b786a11a57e89df36081d55730dfe0a)
|
|
(This used to be commit 0bb997127fe6c49361d9f1eaeda5d9321601a52a)
|
|
adding server side
replication support
- on a WACK registration success, check that the database record
hasn't changed during the WACK processing. If it has, then fail
the registration
(This used to be commit 2acd79b95931b57efae9f7c239bc08dc143f5225)
|
|
- if we have no configured network interfaces, then don't start nbtd (when I add dynamic
interface loading this will change to a delay until a network interface comes up)
- choose the best interface by netmask for torture tests that need a
specific IP (such as the WINS test). Added iface_best_ip() for that.
- if specific interfaces are chosen in smb.conf, then keep that ordering, and
default to the first one listed
(This used to be commit 4d08c114079ef6d1d10a96195046fe43631aefa2)
|
|
- added WINS server support for the 0x1c name
(This used to be commit 1558a545285ae0432c70e0a3e2b132a5132e7b3b)
|
|
for the 0x1d local master browser name
in WINS
(This used to be commit 2650b43ca903fb478d2943fa9bbdba8b2bf74966)
|
|
registrations from anyone who isn't a current owner, then query the
owner addresses to see if they still want it.
(This used to be commit 8dc2a028d3ca0115d3173df435d926d7b6a4d5d5)
|
|
- added support for group names in registration and query
(This used to be commit 3690a65bef2b2791203c49d68c8268ff03434622)
|
|
(This used to be commit 807a3a1f80b1c065ee799531cdf947b31d1a109f)
|
|
test, but doesn't yet
do secure server WACK responses
- added a ldap_string_to_time() function, for converting a LDAP
formatted time to a time_t
(This used to be commit 9aa3313b3f93e47e3f93028e072f6a23b3c22385)
|
|
as a human readable string. The format is designed to be able to be
used as the DN for the WINS database as well, while coping with
arbitrary bytes in the name (except nul bytes)
(This used to be commit aac3090e3504ba07124a9d480322a98efb97175e)
|
|
- more NBT packet asserts, to ensure that incoming requests have all
the elements we depend on
- open the WINS database at startup if we are configured as a WINS server
- split out the nbtd server reply packet generation code so it can be
shared by the WINS server
- re-did the logic of what is answered by the WINS server and what by
the B node server. It now always tries to answer by the B node, and
only "recurses" to the WINS server for names that are not found.
(This used to be commit 5613e6b8ad9b32639caf5055f793dbc4d0a2fc19)
|
|
(This used to be commit 895071881920a5d6726f377f4367b588deabfb03)
|
|
(This used to be commit b902ea546d2d1327b23f40ddaeeaa8e7e3662454)
|
|
refresh, release and query)
- change the iface_n_*() functions to return a "const char *" instead of a "struct ipv4_addr"
I think that in general we should move towards "const char *" for
all IP addresses, as this makes IPv6 much easier, and is also easier
to debug. Andrew, when you get a chance, could you fix some of the
auth code to use strings for IPs ?
- return a NTSTATUS error on bad name queries and node status instead
of using rcode. This makes the calling code simpler.
- added low level name release code in libcli/nbt/
- use a real IP in the register and wins nbt torture tests, as w2k3
WINS server silently rejects some operations that don't come from the
IP being used (eg. it says "yes" to a release, but does not in fact
release the name)
(This used to be commit bb1ab11d8e0ea0bd9ae34aebeb565d36fe4b495f)
|
|
- when registering with a WINS server, initially use multi-homed
registration, then switch to name refresh requests. Send refresh
requests only to the WINS server that responded to our
registration. If that server goes away, then start the registration
from scratch. This makes registration more robust to WINS server
failure.
- send WINS registration requests out on our first interface rather
than an unbound interface, to avoid the problem of WACK replies
being sent to the wrong port (w2k3 WINS server does this)
(This used to be commit f7712ac7468184c07b3e3c10cb7b847ad1791dd2)
|
|
- always try to enable broadcast on nbt name sockets (this matches
samba3 behaviour better)
(This used to be commit 919bc14e7bbc04479cf11f7a7fd4c5e46616ef46)
|