Age | Commit message (Collapse) | Author | Files | Lines |
|
Session Setup code.
Add a mem_ctx argument to a few of the NTLMv2 support functions, and
add smb.conf options to control client NTLMv2 behaviour.
Andrew Bartlett
(This used to be commit 3f35cdb218a3dae08a05e77452ca9f73716ceb28)
|
|
(This used to be commit 023fc567badba38b87895ea73515b2ce0b703a8c)
|
|
- this is an abstraction layer for print services,
like out NTVFS subsystem for file services
- all protocol specific details are still in rpc_server/spoolss/
- like the stupid in and out Buffer handling
- checking of the r->in.server_name
- ...
- this subsystem can have multiple implementation
selected by the "ntptr providor" global-section parameter
- I currently added a "simple_ldb" backend,
that stores Printers, Forms, Ports, Monitors, ...
in the spoolss.db, and does no real printing
this backend is basicly for testing, how the spoolss protocol
works
- the interface is just a prototype and will be changed a bit
the next days or weeks, till the simple_ldb backend can
handle all calls that are used by normal w2k3/xp clients
- I'll also make the api async, as the ntvfs api
this will make things like the RemoteFindFirstPrinterChangeNotifyEx(),
that opens a connection back to the client, easier to implement,
as we should not block the whole smbd for that
- the idea is to later implement a "unix" backend
that works like the current samba3 code
- and maybe some embedded print server vendors can write there own
backend that can directly talk to a printer without having cups or something like this
- the default settings are (it currently makes no sense to change them :-):
ntptr providor = simple_ldb
spoolss database = $private_dir/spoolss.db
metze
(This used to be commit 455b5536d41bc31ebef8290812f45d4a38afa8e9)
|
|
to globals only (no shares).
Andrew Bartlett
(This used to be commit 9e6112eee37927cd4deaa078ea09813e07c7c386)
|
|
This always loads all the services, as we now don't have an easy way
to split out smbd.
Andrew Bartlett
(This used to be commit 990e061939c76b559c4f5914c5fc6ca1b13e19dd)
|
|
included Heimdal) to Samba4.
Andrew Bartlett
(This used to be commit 51ba3ea60c265b837821b6c3e031dfe229c10d6a)
|
|
- by default enable tls if the certfile is set in smb.conf and gnutls library
was compiled in
(This used to be commit bbafdeae3a68c0ff1170b0a4ecc568664ec1a925)
|
|
web tls keyfile
web tls certfile
web tls cafile
web tls crlfile
(This used to be commit abfa3e9179557cf1853f490a479a0003ce4e11f7)
|
|
be accessed externally
- moved esp_lpGet() to web_server/calls.c
- attempt to fixup ejs build with includes.h again
(This used to be commit 592a81c347981420154ddf3b8d4252d3bb08bc86)
|
|
in esp scripts
lpGet takes 4 forms
v = lpGet("type:parm"); gets a parametric variable
v = lpGet("share", "type:parm"); gets a parametric variable on a share
v = lpGet("parm"); gets a global variable
v = lpGet("share", "parm"); gets a share variable
in all cases a ejs object of the appropriate type for the variable is returned.
This commit also adds the function typeof() which returns the type of an object
(This used to be commit 5537a0d38d4805cbc2dad0d6f76db15173b1fd60)
|
|
(This used to be commit 31543e1eae03d22343ea8c970494af36eb07b41f)
|
|
This includes an embedded server side scripting system called 'esp'
(see http://www.appwebserver.org/products/esp/esp.html) and javascript
based scripting language called 'esj' (see
http://www.appwebserver.org/products/ejs/ejs.html)
The justification for including this scripting language is that it
should make it much easier to write a high quality web interface for
Samba4. The scripting language can call into any Samba4 library code
(so for example it will be able to make ldb and loadparm calls), plus
it provides easy support for forms, cookies, sessions etc.
There is still quite a bit more work to do on the web server, but
there is enough here now for people to look at and comment. I will be
committing some sample web pages that test esp functionality shortly.
(This used to be commit 26f0ba92c0c565ac9e4cb5a079d795d4262497dd)
|
|
(no ACL support)
Andrew Bartlett
(This used to be commit 9f895f6482e45dd975baea7114748b65dbe6e688)
|
|
(This used to be commit 77f9c471eaad71e6adf0371de206ed879daca2d8)
|
|
(This used to be commit 04af0e7c5de467a24b965ce1de2fb07621133164)
|
|
(This used to be commit 93e70717c7cb6aa591d3d83a70e5df03822fa17c)
|
|
server. Currently just listens on port 138 and parses the packets
(using IDL like the rest of NBT). This allows me to develop the
structures and test with real packets
(This used to be commit 10d64a525349ff96695ad961a3cfeb5bc7c8844f)
|
|
metze
(This used to be commit ac062a29799665121c15f60a8f5d25a3c68e51ae)
|
|
(This used to be commit e2cbe16c1e4e3912ecdccc6480a147478fff3d9e)
|
|
(This used to be commit b75f8fe1844c539d8a4e369225bcbe0e6f81e9de)
|
|
(This used to be commit ee61fab163ed7faccef908d7458a2038fdad0887)
|
|
- more NBT packet asserts, to ensure that incoming requests have all
the elements we depend on
- open the WINS database at startup if we are configured as a WINS server
- split out the nbtd server reply packet generation code so it can be
shared by the WINS server
- re-did the logic of what is answered by the WINS server and what by
the B node server. It now always tries to answer by the B node, and
only "recurses" to the WINS server for names that are not found.
(This used to be commit 5613e6b8ad9b32639caf5055f793dbc4d0a2fc19)
|
|
(This used to be commit bf43c9bdcf9e654d123f6a2b29feb9189ca9e561)
|
|
changes
(This used to be commit e7e015f79b10c353848a17f31c91a0593790a560)
|
|
- removed the u32 hack in events.c as I think this was only needed as
tdb.h defines u32. Metze, can you check that this hack is indeed no
longer needed on your suse system?
(This used to be commit 6f79432fe656164d4770dbce114a30dda5e7bf9a)
|
|
a precursor to adding the wins client code in the nbt server.
(This used to be commit e8e499755ab667015740b35a7787134ebe852954)
|
|
(This used to be commit 4c0cc5fc11241c8a19081c4944b162c29da31603)
|
|
the packets it receives, but it at least shows how the server
structure will work.
To implement it I extended the libcli/nbt/ library to allow for an
incoming packet handler to be registered. That allows the nbt client
library to be used for low level processing of the nbtd server packets.
Other changes:
- made the socket library always set SO_REUSEADDR when binding to an
interface, to ensure that restarts of a server don't have to wait
for a couple of minutes.
- made the nbt port configurable. Defaults to 137, but other ports
will be useful for testing.
(This used to be commit 2fedca6adfd4df9e85cc86896dfa79630777a917)
|
|
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
|
|
- expanded the generic async name resolver to try multiple methods
- added wins resolutions to the list of methods tried
- fixed up the random trn id generation to use the good random generator
(This used to be commit 266fd2751c01808e5a18d4094032af50554ceb7a)
|
|
because the version number was being auto-updated and included in all
C files. With this change it is only included where needed.
(This used to be commit 520cff73c6dc62ba1050cf7ca5145d50b5f2bb4e)
|
|
metze
(This used to be commit 5287ec0818cf38cc5d3ef2a21518c98b700116fb)
|
|
- move some structs out of misc.idl
metze
(This used to be commit b6543a6e3057b5588ec50a2ebf6c7c932209efe6)
|
|
talloc_size() or talloc_array_p() where appropriate.
also fixed a memory leak in pvfs_copy_file() (failed to free a memory
context)
(This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
|
|
definition, not by hardcoded reference in loadparm.c
Andrew Bartlett
(This used to be commit 43558eaf7604d2bb0187e0d1ba0686935a965ad7)
|
|
default at this point), and include the GSSAPI OIDs in our source, per
advice by lha that this is easier than getting the includes right.
Andrew Bartlett
(This used to be commit 9ff8b2b4d12d364084df5c95a752ce2a0546053d)
|
|
metze
(This used to be commit 30980d218495d389d7a5db4b190ed717217c08d4)
|
|
(disabled by default, set parametric option: gensec:gssapi=yes to enable).
This module backs directly onto GSSAPI, and allows us to sign and seal
GSSAPI/Krb5 connections in particular. This avoids me reinventing the
entire GSSAPI wheel.
Currently a lot of things are left as default - we will soon start
specifiying OIDs as well as passwords (it uses the keytab only at the
moment). Tested with our LDAP-* torture tests against Win2k3.
My hope is to use this module to access the new SPNEGO implementation
in Heimdal, to avoid having to standards-verify our own.
Andrew Bartlett
(This used to be commit 14b650c85db14a9bf97e24682b2643b63c51ff35)
|
|
(This used to be commit 1c2170ae21d60c22ee3053fbf249dba59de576ba)
|
|
provision.pl suggests hklm.ldb be put)
- fix the globals init not to wipe parametic values after initialising
them (this bug prevented default values for parametric parameters)
(This used to be commit 6a360c52c1723b4c3485a97ebcfeb907f840a051)
|
|
metze
(This used to be commit e62b36bef193f6a58ee035d581ef0f574f1e2910)
|
|
metze
(This used to be commit 33a185ec3b211f6137abd6367ccc81d5102e5f4f)
|
|
metze
(This used to be commit c44f4d44b51789916e50c9da93046d0a15245edc)
|
|
Andrew Bartlett
(This used to be commit cc47b4c6fc932f8257506276eaa1a98a41055f8b)
|
|
- don't use static const strings in the server_info
- fix segfault when auth_sam gets "" as username
metze
(This used to be commit 7fcbd483d4977cf6483f34ddd28e6c0182897ba2)
|
|
(This used to be commit 1235afa5fe3a396cd7a180cbc500834a30fbaa80)
|
|
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
|
|
(This used to be commit b0f6e21481745d1b2ced28d9ed6f09f6ffd99562)
|
|
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
|
|
use:
gensec:krb5=yes
gensec:ms_krb5=yes
to enable it
or -k on the client tools on the command line
metze
(This used to be commit 0ae5794cf44933d2554e0356baaca24c7a784f71)
|