Age | Commit message (Collapse) | Author | Files | Lines |
|
the ndr_pull/push/print functions for it in the ntacl-lsm module
- fix compiler warnings in the ldap_encode_ndr_* code
metze
(This used to be commit 83d65d0d7ed9c240ad44aa2c881c1f07212bfda4)
|
|
runs on a failed ntvfs init works
(This used to be commit dac0be64c7cef18f6740053b3e6fe9a25df40c88)
|
|
RAW-STREAMS to fail)
(This used to be commit c164ee5b19f6880b7b5df8d8fb96704350432862)
|
|
metze
(This used to be commit 51ab751c619bfa05a736853723f1aeda901a0b33)
|
|
delete on close
(This used to be commit dada509f5e374872cded9035611c9d4fd9f4c4c7)
|
|
(This used to be commit 320ab3c93b05a79b77dbbb85e9b038bb07848ba5)
|
|
first two entries in a directory. This is what caused the FC3 system
shelob in the build farm to fail the RAW-UNLINK and RAW-SEARCH tests.
(This used to be commit f48abaaaca301c025ebd381f62345b3869809917)
|
|
directories open, but close search states based on an inactivity
timer, with a default of a 5 minute timeout
(This used to be commit 2e8d154e7dfb9b320a1344e957a39e96e1eefadd)
|
|
required by ISO C99.
(This used to be commit 56fd21c806e816cf4c3d23881f26474f858b45e2)
|
|
Volker
(This used to be commit 2c4fd3ff99a4ade613030b3eb47d0ed527a95be3)
|
|
(This used to be commit b71fbcf5e2c627d918aef555b8cc8dd4591d8fe7)
|
|
(This used to be commit d77b3820d16f60fb9119ac6eb70007363990b20d)
|
|
that relied on the mapping need to be fixed. The first thing is to get
all the torture tests working against w2k3 again with nt status codes
enabled. The 2nd step will be to make them pass with nt status
disabled.
This starts on the first task, fixing the assumption that
NT_STATUS_INVALID_LOCK_SEQUENCE is a valid substitute for
ERRDOS:ERRbadaccess
(This used to be commit 87cdd117081193d215c5a9e3603438e058ad777b)
|
|
(This used to be commit 14f51a99bccffac0ca284d1315ab6d4b10f3711f)
|
|
metze
(This used to be commit 66d6b1d5783cba98f2f8e1c8eed1bdc26a5bad4f)
|
|
we now can reference the DATA_BLOB that is used inside the dcesrv subsystem
metze
(This used to be commit 078f42bc3f74c66b69c7f76005812b221d691f7a)
|
|
and not for the ipc_read() replies as here the client explicit says how much data it wants
the write_fn() in dcesrv_output() now returns NTSTATUS
and the ipc specific implementations are moved to the ntvfs_ipc module
metze
(This used to be commit fe483dcd874b7243d61e9623840c672b4ea06b2c)
|
|
(This used to be commit 447d5fcc1bdbdeaf2d96dbcace36b480b5a18c73)
|
|
quite a large change as we had lots of code that assumed that
objectSid was a string in S- format.
metze and simo tried to convince me to use NDR format months ago, but
I didn't listen, so its fair that I have the pain of fixing all the
code now :-)
This builds on the ldb_register_samba_handlers() and ldif handlers
code I did earlier this week. There are still three parts of this
conversion I have not finished:
- the ltdb index records need to use the string form of the objectSid
(to keep the DNs sane). Until that it done I have disabled indexing on
objectSid, which is a big performance hit, but allows us to pass
all our tests while I rejig the indexing system to use a externally
supplied conversion function
- I haven't yet put in place the code that allows client to use the
"S-xxx-yyy" form for objectSid in ldap search expressions. w2k3
supports this, presumably by looking for the "S-" prefix to
determine what type of objectSid form is being used by the client. I
have been working on ways to handle this, but am not happy with
them yet so they aren't part of this patch
- I need to change pidl to generate push functions that take a
"const void *" instead of a "void*" for the data pointer. That will
fix the couple of new warnings this code generates.
Luckily it many places the conversion to NDR formatted records
actually simplified the code, as it means we no longer need as many
calls to dom_sid_parse_talloc(). In some places it got more complex,
but not many.
(This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
|
|
Steven Edwards <steven_ed4153@yahoo.com>.
I've moved the Win32-specific tests to win32.m4 so it does not
make any of the POSIX configure stuff more complicated.
(This used to be commit bf85fdd01552f75b745fdf3159a7a87cd6521ed2)
|
|
(This used to be commit 9adacb0d1620d4cfadd515239b853977cf03a719)
|
|
(This used to be commit 1f35642bed1129d0834906b3e94e8868992d6eb9)
|
|
survives
smbtorture *DENY* .
Volker
(This used to be commit da78ed1a4d1f7966d8013278436a710d258879e1)
|
|
the filesystem
(This used to be commit 71e281ae2fe2ce169aeb09f72376a60d28845808)
|
|
that fixes the RAW-RENAME test
metze
(This used to be commit e27c1ab89b21726d3c9e7f8f7af22d1ff38f2413)
|
|
when you cancel a lock, w2k3 gives NT_STATUS_FILE_LOCK_CONFLICT not
NT_STATUS_CANCELLED. Strange.
(This used to be commit a4f17fcd9218f16b6cc166b2f797e8889d6f63f4)
|
|
we now survive the RAW-UNLINK test without crashing
metze
(This used to be commit c2149963911bf95892e732b744f244fd76ff88c8)
|
|
Thanks Marc!
(This used to be commit d1c5eb3693b77b3eb7527dc2758a6ea75a100376)
|
|
management system I proposed on samba-technical a couple of days
ago. Essentially it is a very lightweight way for any code in Samba to
make IDL based rpc calls to anywhere else in the code, without the
client or server having to go to the trouble of setting up a full rpc
service.
It can be used with any of our existing IDL, but I expect it will
mostly be used for a new set of Samba specific management calls.
The LOCAL-IRPC torture test demonstrates how it can be used by calling
the echo_AddOne() call over this transport.
(This used to be commit 3d589a09954eb8b318f567e1150b0c27412fb942)
|
|
Fix memory handling for blkid caches which need to be cleared when session is
done.
(This used to be commit c623cc60541f747f0a801eb77d97bb0a3bb6956f)
|
|
if possible.
Implement smbclient's 'fsinfo' comand family which allows you to query file
system information in all known levels.
(This used to be commit 660d6e3915d0539dd78c77df6707ea84edb4d509)
|
|
open with openx and the 'truncate if exists' flag
(This used to be commit aa82b105d5871b3ca693a0757bb48cc589d88824)
|
|
code. On lock cancel don't retry the lock.
(This used to be commit dffeb3c3d44d1b837a6036c47eb809ce1bd53b22)
|
|
Thanks to lars and agruen for finding this
(This used to be commit 2acc06918574b1178eecf3d61026f84f85bb40e1)
|
|
(This used to be commit 321fbae51267153102e47845736f2c3a5abfe0be)
|
|
DCERPC_SCHANNEL_128 if we fail. Thus, it allows us to work with Windows
NT DCs ...
(This used to be commit 3034b226705c4736d57c9bf4e9470c4d44c72e8e)
|
|
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'.
GENSEC now no longer has it's own handling of 'set username' etc,
instead it uses cli_credentials calls.
In order to link the credentails code right though Samba, a lot of
interfaces have changed to remove 'username, domain, password'
arguments, and these have been replaced with a single 'struct
cli_credentials'.
In the session setup code, a new parameter 'workgroup' contains the
client/server current workgroup, which seems unrelated to the
authentication exchange (it was being filled in from the auth info).
This allows in particular kerberos to only call back for passwords
when it actually needs to perform the kinit.
The kerberos code has been modified not to use the SPNEGO provided
'principal name' (in the mechListMIC), but to instead use the name the
host was connected to as. This better matches Microsoft behaviour,
is more secure and allows better use of standard kerberos functions.
To achieve this, I made changes to our socket code so that the
hostname (before name resolution) is now recorded on the socket.
In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now
in libcli/auth/schannel.c, and it looks much more like a standard
GENSEC module. The actual sign/seal code moved to
libcli/auth/schannel_sign.c in a previous commit.
The schannel credentails structure is now merged with the rest of the
credentails, as many of the values (username, workstation, domain)
where already present there. This makes handling this in a generic
manner much easier, as there is no longer a custom entry-point.
The auth_domain module continues to be developed, but is now just as
functional as auth_winbind. The changes here are consequential to the
schannel changes.
The only removed function at this point is the RPC-LOGIN test
(simulating the load of a WinXP login), which needs much more work to
clean it up (it contains copies of too much code from all over the
torture suite, and I havn't been able to penetrate its 'structure').
Andrew Bartlett
(This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
|
|
secrets system, and not the old system from Samba3.
This allowed the code from auth_domain to be shared - we now only
lookup the secrets.ldb in lib/credentials.c.
In order to link the resultant binary, samdb_search() has been moved
from deep inside rpc_server into lib/gendb.c, along with the existing
gendb_search_v(). The vast majority of this patch is the simple
rename that followed,
(Depending on the whole SAMDB for just this function seemed pointless,
and brought in futher dependencies, such as smbencrypt.c).
Andrew Bartlett
(This used to be commit e13c671619bd290a8b3cae8555cb281a9a185ee0)
|
|
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
|
|
basic_info. Add null_nttime() as the equivalent of the existing
null_time() call for cheecking for valid NTTIME values
(This used to be commit 439ce2efbf7d2ba9b17d6b4bfaf651e781140715)
|
|
macro...
metze
(This used to be commit 9ec6c0e97765e60ef195296f17d6a27b5d0dcca9)
|
|
dev and fs types
this prevents the main smbsrv code from crashing when someone does a
tree connect on a print share
metze
(This used to be commit e8b081d5d10ef617eaed88fd05990e7753a85b99)
|
|
(This used to be commit 196c45b834c39f293b9533cec5cfe5a77382d4e2)
|
|
(This used to be commit 826baec7b348814a7bbdcdbec8c8526514f25da1)
|
|
changes
(This used to be commit e7e015f79b10c353848a17f31c91a0593790a560)
|
|
less likely that anyone will use pstring for new code
- got rid of winbind_client.h from includes.h. This one triggered a
huge change, as winbind_client.h was including system/filesys.h and
defining the old uint32 and uint16 types, as well as its own
pstring and fstring.
(This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
|
|
- removed the u32 hack in events.c as I think this was only needed as
tdb.h defines u32. Metze, can you check that this hack is indeed no
longer needed on your suse system?
(This used to be commit 6f79432fe656164d4770dbce114a30dda5e7bf9a)
|
|
various data types:
Add ndr_flags argument to all ndr push/pull scalar functions
(This used to be commit ab490c0c882bb13de190546c50a0631ecb8255ad)
|
|
(This used to be commit 7f54c8a339f36aa43c9340be70ab7f0067593ef2)
|
|
gettimeofday() call
and just use timeval_current() when its actually needed
(This used to be commit 236403cc4dc2924ed6a898acae0bb44cc1688dcc)
|