Age | Commit message (Collapse) | Author | Files | Lines |
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
the ldb part isn't ideal, I will have to think of a better solution
(This used to be commit 6b1f86aea8427a8e957b1aeb0ec2f507297f07cb)
|
|
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
|
|
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.
This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
(This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
|
|
(This used to be commit 3f902f8d851d32fa81d89ed61bfda6edaea00984)
|
|
Samba4.
(This used to be commit 01f5c1c72d9fc8f21029adc586154b0c54f76c9e)
|
|
setting of "server signing = auto", which means to offer signing
only if we have domain logons enabled (ie. we are a DC). This is a
better match for what windows clients want, as unfortunately windows
clients always use signing if it is offered, and when they use signing
they not only go slower because of the signing itself, they also
disable large readx/writex support, so they end up sending very small
IOs for.
- changed the default max xmit again, this time matching longhorn,
which uses 12288. That seems to be a fairly good compromise value.
(This used to be commit e63edc81716fefd58a3be25deb3b25e45471f196)
|
|
multi-part code
A higher max xmit avoids multi-part trans requests
(This used to be commit 23f4ce3a7d207db0c2705295cbb8d46dc5290b1a)
|
|
most other calls
return WERR_NOT_SUPPORTED for now.
Hive backends can be set like this:
registry:HKEY_LOCAL_MACHINE = ldb:tdb://registry.tdb
registry:HKEY_CURRENT_USER = gconf
registry:HKEY_USERS = dir:/tmp/registry
registry:HKEY_CLASSES_ROOT = nt4:/path/to/NTUSER.DAT
registry:HKEY_PERFORMANCE_DATA = w95:/path/to/USER.DAT
(This used to be commit 42844a4e3422bbbe891ba944c0e97861db7763ec)
|
|
backend that the underlying filesystem is case insensitive, so it can
bypass the directory search if the name is not found.
(This used to be commit d84ade90ce7e03ec749d6ae8dcdcb41de85d836e)
|
|
transports.
ncalrpc uses the new config option "ncalrpc dir" for creating unix sockets.
(This used to be commit b15cfbe2512961a199ecb069730d9a19787579f5)
|
|
(This used to be commit 069305adaf5e88d83f4591acced807d5ea1aa194)
|
|
don't need a path
(This used to be commit a8c49a0de3f806bddaf6bd594ec052cf9f4a3fab)
|
|
(This used to be commit dac00ef3b0d0f8467367d7b6ff77db7b63a042cc)
|
|
- with DsBind and DsUnbind implmented :-)
the RPC-DRSUAPI test works
metze
(This used to be commit 536af87ef12024615728ce0060b557f6f504e33f)
|
|
- switch the fallback case tables to use talloc
- moved the used-once octal_string() inline in loadparm.c
(This used to be commit b04202eaacc87d264d463f75673ee0e68cd54f94)
|
|
provisioning.
- enable the unixuid module by default on all backends
(This used to be commit e335cd4933fccc1bb53641131eb6505faca857ce)
|
|
something like:
ntvfs handler = nbench posix
and the nbench pass-thru module will be called before the posix
module. The chaining logic is now much saner, and less racy, with each
level in the chain getting its own private pointer rather than relying
on save/restore logic in the pass-thru module.
The only pass-thru module we have at the moment is the nbench one
(which records all traffic in a nbench compatibe format), but I plan
on soon writing a "unixuid" pass-thru module that will implement the
setegid()/setgroups()/seteuid() logic for standard posix uid
handling. This separation of the posix backend from the uid handling
should simplify the code, and make development easier.
I also modified the nbench module so it can do multiple chaining, so
if you want to you can do:
ntvfs module = nbench nbench posix
and it will save 2 copies of the log file in /tmp. This is really only
useful for testing at the moment until we have more than one pass-thru
module.
(This used to be commit f84c0af35cb54c8fdc4933afefc18fa4c062aae4)
|
|
Andrew Bartlett
(This used to be commit 543401990aa9eb650cb93fa6cb60d2a0adf7b274)
|
|
(This used to be commit 7478f50c2f5c011a1eec04be06f9ecdc48e85f17)
|
|
to process init_globals(). This also allows all global options to be
set using lp_set_cmdline() or --option
a side effect is that init_globals() is slower. If this turns out to
be a problem we can try a different approach.
(This used to be commit ccfc2106a03bd5143d28e6fdedab773cf7abbe5a)
|
|
commandline
(This used to be commit 2c0b5e119eddc6389500bcc80d1ae417dd9bfbb9)
|
|
smb.conf to be set on the command line. For example, you can use:
smbtorture --option 'unicode=false'
or
smbtorture --option 'netbios name=myname'
(This used to be commit 360a6b530e2295976ddefc138d1333411a94484d)
|
|
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
|
|
classic case for a list)
(This used to be commit e53d32c65ab0751b3e01f4f699f5d0e1892369ae)
|
|
(This used to be commit d2553aac0a75591026b9b1fcf46065e5b03ed19c)
|
|
the idea is to have services as modules (smb, dcerpc, swat, ...)
the process_model don't know about the service it self anymore.
TODO:
- the smbsrv should use the smbsrv_send function
- the service subsystem init should be done like for other modules
- we need to have a generic socket subsystem, which handle stream, datagram,
and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server
, or for smb or dcerpc or whatever to connect to a server wide auth service)
- and other fixes...
NOTE: process model pthread seems to be broken( but also before this patch!)
metze
(This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
|
|
- Spelling - it's SPNEGO, not SPENGO
- SMB signing - Krb5 logins are now correctly signed
- SPNEGO - Changes to always tell GENSEC about incoming packets, empty or not.
Andrew Bartlett
(This used to be commit cea578d6f39a2ea4a24e7a0064c95193ab6f6df7)
|
|
so I set 'use spnego = True'
metze
(This used to be commit e06898f88c82c286574f9d73de1a9de829b1ded8)
|
|
code
set lp_use_spnego = False, because I can't get it working yet
but I commit it so others can help me
metze
(This used to be commit 2445cceba9ab9bd928c8bc50927a39509e4526b0)
|
|
because this is the connection state per transport layer (tcp)
connection
I also moved the substructs directly into smbsrv_connection,
because they don't need a struct name and we should allway pass the complete
smbsrv_connection struct into functions
metze
(This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
|
|
because I need server_context fot the generic server infastructure
metze
(This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
|
|
(This used to be commit 487211f1ae105fd1972fecf521654dab81175c86)
|
|
(This used to be commit 2b9f364ed052c43b6074da9f5f03908ac81840f3)
|
|
Fix other 'const' warnings in the torture code.
Andrew Bartlett
(This used to be commit 5d39d7497f189da15d659b3f83b7314026040a15)
|
|
- added start of QueryDomainInfo in samr server
"net rpc info" from samba3 now works against a samba4 server. I
suspect join will work fairly soon.
(This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
metze
(This used to be commit 8f59daba0d03a2c58f7f23655153de05cbe47e81)
|
|
(This used to be commit f61d333b2a280434181451ce735a05ad319a2515)
|
|
(This used to be commit 8e5ddf5e8eb74f667897f90baa2d00f02ca5818b)
|
|
Currently this only authentiates the machine, not real users.
As a consequence of running the Samba4 NETLOGON test against Samba4, I
found a number of issues in the SAMR server, which I have addressed.
There are more templates in the provison.ldif for this reason.
I also added some debug to our credentials code, and fixed some bugs
in the auth_sam module.
The static buffer in generate_random_string() bit me badly, so I
removed it in favor of a talloc based system.
Andrew Bartlett
(This used to be commit 94624e519b66def97758b8a48a01ffe9029176f0)
|
|
Samba4. I'm committing this now so I can get comments on the approach.
Note that you need to do something like this to initialise the SAM db:
edit script/provision.pl
script/provision.pl > provision.ldif.out
bin/ldbadd /path/to/private/sam.ldb provision.ldif.out
(This used to be commit e2002e40a5abe0cd33a2056b1da8ba5732f9021f)
|
|
paramter, without special links to other variables.
When we get 'server role' ideas back into Samba4, we can fix this properly.
The default is:
guest, sam_ignoredomain
which is the expected behaviour for a stand-alone server.
Andrew Bartlett
(This used to be commit 56ebc4275fedc8141d43a4ae9a4f4f0e1eccaf49)
|
|
metze
(This used to be commit f1b1bbc5505c112cd66e07da5faa9a65407e9c07)
|
|
(This used to be commit 11717ae912449bde596ff6cf7d8fddcc86548f15)
|
|
(This used to be commit 82e50a1ce8904c72c90b1e771f232acaad2c835e)
|
|
including readline and popt
- creat the CONFIG subsystem
including param/* dynconfig.* and passdb/secrets.*
metze
(This used to be commit bfd7fd21c8e38c0065fc41dde10e863a169878c2)
|
|
I think we should remove a view more,
but step by step:-)
metze
(This used to be commit 534ccc5332d16c395847885e3b793d10b67b9855)
|
|
metze
(This used to be commit 24dc237e109f6dce69814b22e0fb7878a7f6bfa8)
|
|
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
|