summaryrefslogtreecommitdiff
path: root/source4/ntvfs/ipc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r5902: A rather large change...Andrew Bartlett1-4/+7
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5501: check the return of talloc with the NT_STATUS_HAVE_NO_MEMORY()Stefan Metzmacher1-0/+3
macro... metze (This used to be commit 9ec6c0e97765e60ef195296f17d6a27b5d0dcca9)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-7/+7
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5286: Some first steps in making the pidl code somewhat more generic for theJelmer Vernooij1-17/+17
various data types: Add ndr_flags argument to all ndr push/pull scalar functions (This used to be commit ab490c0c882bb13de190546c50a0631ecb8255ad)
2007-10-10r5102: This is a major simplification of the logic for controlling top levelAndrew Tridgell1-6/+1
servers in smbd. The old code still contained a fairly bit of legacy from the time when smbd was only handling SMB connection. The new code gets rid of all of the smb_server specific code in smbd/, and creates a much simpler infrastructures for new server code. Major changes include: - simplified the process model code a lot. - got rid of the top level server and service structures completely. The top level context is now the event_context. This got rid of service.h and server.h completely (they were the most confusing parts of the old code) - added service_stream.[ch] for the helper functions that are specific to stream type services (services that handle streams, and use a logically separate process per connection) - got rid of the builtin idle_handler code in the service logic, as none of the servers were using it, and it can easily be handled by a server in future by adding its own timed_event to the event context. - fixed some major memory leaks in the rpc server code. - added registration of servers, rather than hard coding our list of possible servers. This allows for servers as modules in the future. - temporarily disabled the winbind code until I add the helper functions for that type of server - added error checking on service startup. If a configured server fails to startup then smbd doesn't startup. - cleaned up the command line handling in smbd, removing unused options (This used to be commit cf6a46c3cbde7b1eb1b86bd3882b953a2de3a42e)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell2-4/+4
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4980: Copy RAP callno constants from Samba 3 and start to use them.Tim Potter1-4/+1
(This used to be commit e32ade44858b869001d2990c788a7e34fb70b121)
2007-10-10r4979: Return NT_STATUS_INVALID_SYSTEM_SERVICE for unimplemented RAP calls asTim Potter1-1/+1
this is what win2k3 does. (This used to be commit 145d7c03df477eca08cb81d221e3a1b60ccf8c7f)
2007-10-10r4690: - add support for async rpc server repliesStefan Metzmacher1-29/+20
the backend should check for (dce_call->state_flags & DCESRV_CALL_STATE_FLAG_MAY_ASYNC) then it's allowed to reply async then the backend should mark that call as async with dce_call->state_flags |= DCESRV_CALL_STATE_FLAG_ASYNC; later it has to manualy set r->out.result and then send the reply by calling status = dcesrv_reply(p->dce_call); NOTE: that ncacn_np doesn't support async replies yet - implement an async version of echo_TestSleep - reenable the echo_TestSleep torture test (this need to be more strict when we have support for async ncacn_np) metze (This used to be commit f0a0dbeb25b034b1333078ca085999359f5f6209)
2007-10-10r4684: the smbsrv code should not know about rpc stuffStefan Metzmacher1-8/+12
just vfs_ipc metze (This used to be commit f85ebd1e8e19f5ff271dd7d79190fea16d6a98c4)
2007-10-10r4567: Fix the build for metze.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit d05a9bf1a12c9f0b18c9e65b6aa03fa4283a1b68)
2007-10-10r4274: make the prototype RAP netshareenum call return something a bit more ↵Andrew Tridgell1-11/+12
sensible. (This used to be commit b2e29756c2084f11d841d027e7d32952daae18d0)
2007-10-10r4160: fixed the file_type in ntcreatex reply on a named pipe. NT4 requires ↵Andrew Tridgell1-0/+1
this to be right. (This used to be commit e22de9734f66bee3c9eaf8191fcae9fb06a0034f)
2007-10-10r3993: use distinctive fnums in the ipc backend, to make monitoring sniffs ↵Andrew Tridgell1-1/+3
easier (This used to be commit 54209ed05686a442156f7927c58d8656aa5e4900)
2007-10-10r3962: fix compiler warningsStefan Metzmacher1-4/+4
metze (This used to be commit 3bfb732187211d450db842a7533e4c7e915b6ce4)
2007-10-10r3737: - Get rid of the register_subsystem() and register_backend() functions.Jelmer Vernooij1-1/+1
- Re-disable tdbtool (it was building fine on my Debian box but other machines were having problems) (This used to be commit 0d7bb2c40b7a9ed59df3f8944133ea562697e814)
2007-10-10r3528: added support for the SMBntcancel() operation, which cancels anyAndrew Tridgell1-0/+10
outstanding async operation (triggering an immediate timeout). pvfs now passes the RAW-MUX test (This used to be commit 3423e2f41461d054067ef168b9b986f62cc8f77c)
2007-10-10r3466: split out request.h, signing.h, and smb_server.hAndrew Tridgell1-0/+1
(This used to be commit 7c4e6ebf05790dd6e29896dd316db0fff613aa4e)
2007-10-10r3464: split out registry.h, rap.h and ldap_server.hAndrew Tridgell2-0/+2
(This used to be commit 70d2090f6bf2c7e0caf1e9c020f330de88871f8e)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell1-0/+1
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3461: another place where "open" was used as a structure elementAndrew Tridgell1-1/+1
(This used to be commit 1087ea830e7aead86d54a1836512e88554afc919)
2007-10-10r3455: some more portability fixes. We nearly compile on solaris again now.Andrew Tridgell1-0/+1
(This used to be commit 4f33247f1ca60416415a61a7afac43c9dc8a61fd)
2007-10-10r3239: reads of more than UINT16_MAX bytes should return 0 bytesAndrew Tridgell1-5/+11
(This used to be commit 16c7dd641707b6b8b3159290ca9fa08053a10692)
2007-10-10r3167: Add a member 'endpoint' to the dcerpc_binding struct to use instead ofJelmer Vernooij1-3/+1
options[0]. (This used to be commit 18582083af800abd3d8de40eb73255c8ae6598dd)
2007-10-10r3132: - fixed a type conflict found by talloc_array_p()Andrew Tridgell1-2/+2
- use struct idr_context * in ipc code (This used to be commit c33cdd0d550fcaf78573e73b50ffe530ea6d9b17)
2007-10-10r3118: Eliminate struct dcesrv_ep_description and replace it withJelmer Vernooij1-3/+5
struct dcerpc_binding. (This used to be commit 2046e14cf8d010d4e715124859df2c1c3c782266)
2007-10-10r3114: - More work on merging the various structs that describe endpointsJelmer Vernooij1-1/+1
- Add protocol sequence to dcerpc transports (will be used later on) - Add more transports to the list (This used to be commit ab110192e6e2c1e5a3b2befe7b61158744f15d18)
2007-10-10r3081: several updates to ntvfs and server side async request handling inAndrew Tridgell1-118/+53
preparation for the full share modes and ntcreatex code that I am working on. highlights include: - changed the way a backend determines if it is allowed to process a request asynchronously. The previous method of looking at the send_fn caused problems when an intermediate ntvfs module disabled it, and the caller then wanted to finished processing using this function. The new method is a REQ_CONTROL_MAY_ASYNC flag in req->control_flags, which is also a bit easier to read - fixed 2 bugs in the readbraw server code. One related to trying to answer a readbraw with smb signing (which can't work, and crashed our signing code), the second related to error handling, which attempted to send a normal SMB error packet, when readbraw must send a 0 read reply (as it has no header) - added several more ntvfs_generic.c generic mapping functions. This means that backends no longer need to implement such esoteric functions as SMBwriteunlock() if they don't want to. The backend can just request the mapping layer turn it into a write followed by an unlock. This makes the backends considerably simpler as they only need to implement one style of each function for lock, read, write, open etc, rather than the full host of functions that SMB provides. A backend can still choose to implement them individually, of course, and the CIFS backend does that. - simplified the generic structures to make them identical to the principal call for several common SMB calls (such as RAW_WRITE_GENERIC now being an alias for RAW_WRITE_WRITEX). - started rewriting the pvfs_open() code in preparation for the full ntcreatex semantics. - in pvfs_open and ipc_open, initially allocate the open file structure as a child of the request, so on error we don't need to clean up. Then when we are going to succeed the open steal the pointer into the long term backend context. This makes for much simpler error handling (and fixes some bugs) - use a destructor in the ipc backend to make sure that everthing is cleaned up on receive error conditions. - switched the ipc backend to using idtree for fnum allocation - in the ntvfs_generic mapping routines, use a allocated secondary structure not a stack structure to ensure the request pointer remains valid even if the backend replies async. (This used to be commit 3457c1836c09c82956697eb21627dfa2ed37682e)
2007-10-10r3047: Always include a \ again before the pipe name we're opening. Without aJelmer Vernooij1-4/+3
backslash works, but is not like Windows does it. (This used to be commit f6deb3d065e1a88f92bcb8a4a138453650c97b0b)
2007-10-10r3046: \\PIPE\\ is internal (not actually included on the wire)Jelmer Vernooij1-1/+1
(This used to be commit 7771b5d8fa3db759487474eb7172df45bb3221ae)
2007-10-10r3043: Use binding strings for specifying endpoints. The property forJelmer Vernooij1-5/+0
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]", where ifacename is the name of the interface. Examples: [ uuid(60a15ec5-4de8-11d7-a637-005056a20182), endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:") ] interface rpcecho { void dummy(); } dcerpc_binding is now converted to ep_description in the server, but I hope to completely eliminate ep_description later on. The eventual goal of all these changes is to make it easier to add transports as I'm going to add support for ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets). (This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
2007-10-10r3039: This solves the problem of async handlers in ntvfs backends not beingAndrew Tridgell1-0/+11
in the right state when called. For example, when we use the unixuid handler in the chain of handlers, and a backend decides to continue a call asynchronously then we need to ensure that the continuation happens with the right security context. The solution is to add a new ntvfs operation ntvfs_async_setup(), which calls all the way down through the layers, setting up anything that is required, and takes a private pointer. The backend wanting to make a async calls can use ntvfs_async_setup() to ensure that the modules above it are called when doing async processing. (This used to be commit a256e71029727fa1659ade6257085df537308c7d)
2007-10-10r2751: this is a new ntvfs design which tries to solve:Stefan Metzmacher1-49/+82
- the stacking of modules - finding the modules private data - hide the ntvfs details from the calling layer - I set NTVFS_INTERFACE_VERSION 0 till we are closer to release (because we need to solve some async problems with the module stacking) metze (This used to be commit 3ff03b5cb21bb79afdd3b1609be9635f6688a539)
2007-10-10r2710: continue with the new style of providing a parent context wheneverAndrew Tridgell1-18/+8
possible to a structure creation routine. This makes for much easier global cleanup. (This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
2007-10-10r2671: we're getting too many errors caused by the talloc_realloc() API notAndrew Tridgell1-3/+4
taking a context (so when you pass a NULL pointer you end up with memory in a top level context). Fixed it by changing the API to take a context. The context is only used if the pointer you are reallocing is NULL. (This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell1-2/+41
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2634: use discard_const_p() in a few placesAndrew Tridgell1-2/+2
(This used to be commit 56ecda2178e33508c55c6195ccec41c06e099d6f)
2007-10-10r2627: use the new talloc capabilities in a bunch more places in the rpcAndrew Tridgell1-1/+1
server code. This fixes a number of memory leaks I found when testing with valgrind and smbtorture, as the cascading effect of a talloc_free() ensures that anything derived from the top level object is destroyed on disconnect. (This used to be commit 76d0b8206ce64d6ff4a192979c43dddbec726d6e)
2007-10-10r2580: fixed an uninitialised byte found by valgrindAndrew Tridgell1-2/+2
(This used to be commit 0806378b0e34ba3d665a9db739539819f3f52054)
2007-10-10r2561: completely redid the ntvfs module chaining code, You can now do ↵Andrew Tridgell1-10/+10
something like: ntvfs handler = nbench posix and the nbench pass-thru module will be called before the posix module. The chaining logic is now much saner, and less racy, with each level in the chain getting its own private pointer rather than relying on save/restore logic in the pass-thru module. The only pass-thru module we have at the moment is the nbench one (which records all traffic in a nbench compatibe format), but I plan on soon writing a "unixuid" pass-thru module that will implement the setegid()/setgroups()/seteuid() logic for standard posix uid handling. This separation of the posix backend from the uid handling should simplify the code, and make development easier. I also modified the nbench module so it can do multiple chaining, so if you want to you can do: ntvfs module = nbench nbench posix and it will save 2 copies of the log file in /tmp. This is really only useful for testing at the moment until we have more than one pass-thru module. (This used to be commit f84c0af35cb54c8fdc4933afefc18fa4c062aae4)
2007-10-10r2249: got rid of some more mem_ctx elements in structuresAndrew Tridgell3-12/+12
(This used to be commit 21ef338cbbe96acc8594ffc550ef60c6a40fb951)
2007-10-10r1983: a completely new implementation of tallocAndrew Tridgell1-1/+1
This version does the following: 1) talloc_free(), talloc_realloc() and talloc_steal() lose their (redundent) first arguments 2) you can use _any_ talloc pointer as a talloc context to allocate more memory. This allows you to create complex data structures where the top level structure is the logical parent of the next level down, and those are the parents of the level below that. Then destroy either the lot with a single talloc_free() or destroy any sub-part with a talloc_free() of that part 3) you can name any pointer. Use talloc_named() which is just like talloc() but takes the printf style name argument as well as the parent context and the size. The whole thing ends up being a very simple piece of code, although some of the pointer walking gets hairy. So far, I'm just using the new talloc() like the old one. The next step is to actually take advantage of the new interface properly. Expect some new commits soon that simplify some common coding styles in samba4 by using the new talloc(). (This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
2007-10-10r1499: combine struct user_struct and struct smbsrv_userStefan Metzmacher1-2/+2
to a struct smbsrv_session that the same as cli_session for the client we need a gensec_security pointer there (spnego support will follow) prefix some related functions with smbsrv_ metze (This used to be commit f276378157bb9994c4c91ce46150a510de5c33f8)
2007-10-10r1470: Get the smb_trans2 structure out of the rap_cli_call struct.Volker Lendecke3-0/+520
Initial attempt at RAP server infrastructure. Look at rap_server.c for the dummy functions that are supposed to implement the core functionality. ipc_rap.c contains all the data shuffling. _rap_shareenum and _rap_serverenum2 in ipc_rap.c are (I think) regular enough to be auto-generated. I did not test all the corner cases yet, but nevertheless I would like some comments on the general style. Volker P.S: samba-3 smbclient now doesn't freak out anymore, although the results are not entirely correct :-) (This used to be commit 08140cc1a838b4eaa23c897b280a46c95b7ef3e0)
2007-10-10r1294: A nice, large, commit...Andrew Bartlett1-3/+3
This implements gensec for Samba's server side, and brings gensec up to the standards of a full subsystem. This means that use of the subsystem is by gensec_* functions, not function pointers in structures (this is internal). This causes changes in all the existing gensec users. Our RPC server no longer contains it's own generalised security scheme, and now calls gensec directly. Gensec has also taken over the role of auth/auth_ntlmssp.c An important part of gensec, is the output of the 'session_info' struct. This is now reference counted, so that we can correctly free it when a pipe is closed, no matter if it was inherited, or created by per-pipe authentication. The schannel code is reworked, to be in the same file for client and server. ntlm_auth is reworked to use gensec. The major problem with this code is the way it relies on subsystem auto-initialisation. The primary reason for this commit now.is to allow these problems to be looked at, and fixed. There are problems with the new code: - I've tested it with smbtorture, but currently don't have VMware and valgrind working (this I'll fix soon). - The SPNEGO code is client-only at this point. - We still do not do kerberos. Andrew Bartlett (This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2007-10-10r1291: rename struct smbsrv_context to smbsrv_connectionStefan Metzmacher1-1/+1
because this is the connection state per transport layer (tcp) connection I also moved the substructs directly into smbsrv_connection, because they don't need a struct name and we should allway pass the complete smbsrv_connection struct into functions metze (This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
2007-10-10r1280: rename struct request_context to smbsrv_requestStefan Metzmacher1-31/+31
metze (This used to be commit a85d2db5826a84b812ea5162a11f54edd25f74e3)
2007-10-10r1279: rename struct tcon_context to smbsrv_tconStefan Metzmacher1-12/+12
metze (This used to be commit 99473fab4b1ff87a795f3c08f4c521d9beb504c0)
2007-10-10r1277: rename struct server_context to smbsrv_ontextStefan Metzmacher1-1/+1
because I need server_context fot the generic server infastructure metze (This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
2007-10-10r1165: fixed handling of SMBtrans replies that should return ↵Andrew Tridgell1-4/+4
STATUS_BUFFER_OVERFLOW when more data is present. (This used to be commit 0e557fe85748558affd20a58455c4b75fee69e27)