Age | Commit message (Collapse) | Author | Files | Lines |
|
- with DsBind and DsUnbind implmented :-)
the RPC-DRSUAPI test works
metze
(This used to be commit 536af87ef12024615728ce0060b557f6f504e33f)
|
|
- switch the fallback case tables to use talloc
- moved the used-once octal_string() inline in loadparm.c
(This used to be commit b04202eaacc87d264d463f75673ee0e68cd54f94)
|
|
provisioning.
- enable the unixuid module by default on all backends
(This used to be commit e335cd4933fccc1bb53641131eb6505faca857ce)
|
|
something like:
ntvfs handler = nbench posix
and the nbench pass-thru module will be called before the posix
module. The chaining logic is now much saner, and less racy, with each
level in the chain getting its own private pointer rather than relying
on save/restore logic in the pass-thru module.
The only pass-thru module we have at the moment is the nbench one
(which records all traffic in a nbench compatibe format), but I plan
on soon writing a "unixuid" pass-thru module that will implement the
setegid()/setgroups()/seteuid() logic for standard posix uid
handling. This separation of the posix backend from the uid handling
should simplify the code, and make development easier.
I also modified the nbench module so it can do multiple chaining, so
if you want to you can do:
ntvfs module = nbench nbench posix
and it will save 2 copies of the log file in /tmp. This is really only
useful for testing at the moment until we have more than one pass-thru
module.
(This used to be commit f84c0af35cb54c8fdc4933afefc18fa4c062aae4)
|
|
Andrew Bartlett
(This used to be commit 543401990aa9eb650cb93fa6cb60d2a0adf7b274)
|
|
(This used to be commit 7478f50c2f5c011a1eec04be06f9ecdc48e85f17)
|
|
to process init_globals(). This also allows all global options to be
set using lp_set_cmdline() or --option
a side effect is that init_globals() is slower. If this turns out to
be a problem we can try a different approach.
(This used to be commit ccfc2106a03bd5143d28e6fdedab773cf7abbe5a)
|
|
commandline
(This used to be commit 2c0b5e119eddc6389500bcc80d1ae417dd9bfbb9)
|
|
smb.conf to be set on the command line. For example, you can use:
smbtorture --option 'unicode=false'
or
smbtorture --option 'netbios name=myname'
(This used to be commit 360a6b530e2295976ddefc138d1333411a94484d)
|
|
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
|
|
classic case for a list)
(This used to be commit e53d32c65ab0751b3e01f4f699f5d0e1892369ae)
|
|
(This used to be commit d2553aac0a75591026b9b1fcf46065e5b03ed19c)
|
|
the idea is to have services as modules (smb, dcerpc, swat, ...)
the process_model don't know about the service it self anymore.
TODO:
- the smbsrv should use the smbsrv_send function
- the service subsystem init should be done like for other modules
- we need to have a generic socket subsystem, which handle stream, datagram,
and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server
, or for smb or dcerpc or whatever to connect to a server wide auth service)
- and other fixes...
NOTE: process model pthread seems to be broken( but also before this patch!)
metze
(This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
|
|
- Spelling - it's SPNEGO, not SPENGO
- SMB signing - Krb5 logins are now correctly signed
- SPNEGO - Changes to always tell GENSEC about incoming packets, empty or not.
Andrew Bartlett
(This used to be commit cea578d6f39a2ea4a24e7a0064c95193ab6f6df7)
|
|
so I set 'use spnego = True'
metze
(This used to be commit e06898f88c82c286574f9d73de1a9de829b1ded8)
|
|
code
set lp_use_spnego = False, because I can't get it working yet
but I commit it so others can help me
metze
(This used to be commit 2445cceba9ab9bd928c8bc50927a39509e4526b0)
|
|
because this is the connection state per transport layer (tcp)
connection
I also moved the substructs directly into smbsrv_connection,
because they don't need a struct name and we should allway pass the complete
smbsrv_connection struct into functions
metze
(This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
|
|
because I need server_context fot the generic server infastructure
metze
(This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
|
|
(This used to be commit 487211f1ae105fd1972fecf521654dab81175c86)
|
|
(This used to be commit 2b9f364ed052c43b6074da9f5f03908ac81840f3)
|
|
Fix other 'const' warnings in the torture code.
Andrew Bartlett
(This used to be commit 5d39d7497f189da15d659b3f83b7314026040a15)
|
|
- added start of QueryDomainInfo in samr server
"net rpc info" from samba3 now works against a samba4 server. I
suspect join will work fairly soon.
(This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
metze
(This used to be commit 8f59daba0d03a2c58f7f23655153de05cbe47e81)
|
|
(This used to be commit f61d333b2a280434181451ce735a05ad319a2515)
|
|
(This used to be commit 8e5ddf5e8eb74f667897f90baa2d00f02ca5818b)
|
|
Currently this only authentiates the machine, not real users.
As a consequence of running the Samba4 NETLOGON test against Samba4, I
found a number of issues in the SAMR server, which I have addressed.
There are more templates in the provison.ldif for this reason.
I also added some debug to our credentials code, and fixed some bugs
in the auth_sam module.
The static buffer in generate_random_string() bit me badly, so I
removed it in favor of a talloc based system.
Andrew Bartlett
(This used to be commit 94624e519b66def97758b8a48a01ffe9029176f0)
|
|
Samba4. I'm committing this now so I can get comments on the approach.
Note that you need to do something like this to initialise the SAM db:
edit script/provision.pl
script/provision.pl > provision.ldif.out
bin/ldbadd /path/to/private/sam.ldb provision.ldif.out
(This used to be commit e2002e40a5abe0cd33a2056b1da8ba5732f9021f)
|
|
paramter, without special links to other variables.
When we get 'server role' ideas back into Samba4, we can fix this properly.
The default is:
guest, sam_ignoredomain
which is the expected behaviour for a stand-alone server.
Andrew Bartlett
(This used to be commit 56ebc4275fedc8141d43a4ae9a4f4f0e1eccaf49)
|
|
metze
(This used to be commit f1b1bbc5505c112cd66e07da5faa9a65407e9c07)
|
|
(This used to be commit 11717ae912449bde596ff6cf7d8fddcc86548f15)
|
|
(This used to be commit 82e50a1ce8904c72c90b1e771f232acaad2c835e)
|
|
including readline and popt
- creat the CONFIG subsystem
including param/* dynconfig.* and passdb/secrets.*
metze
(This used to be commit bfd7fd21c8e38c0065fc41dde10e863a169878c2)
|
|
I think we should remove a view more,
but step by step:-)
metze
(This used to be commit 534ccc5332d16c395847885e3b793d10b67b9855)
|
|
metze
(This used to be commit 24dc237e109f6dce69814b22e0fb7878a7f6bfa8)
|
|
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
|
|
send packets in bigendian format.
(This used to be commit 44df662960e662a55a9f27627f838771503a7a59)
|
|
(This used to be commit abbc9993b8f7eb9f57e079db1d0b170d0b9aa443)
|
|
(This used to be commit 9edf634569d89b152fc73eae70245cbf338b498d)
|
|
(This used to be commit dad7d285abe853653e72ba2e5ed03092061e9d65)
|
|
(This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f)
|