Age | Commit message (Collapse) | Author | Files | Lines |
|
Both subsystems and modules can now have init functions, which can be
specified in .mk files (INIT_FUNCTION = ...)
The build system will define :
- SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal
- BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on
This removes the hack with the "static bool Initialised = " and the
"lazy_init" functions
(This used to be commit 7a8244761bfdfdfb48f8264d76951ebdfbf7bd8a)
|
|
(This used to be commit 0987a5fdd6425a85823f57fe5b596bb6c404bce8)
|
|
Examples of binding strings are :
ncalrpc:[EPMAPPER]
ncacn_unix_stream:[/tmp/epmapper]
N.B. The unix socket support in lib/socket/ appears to close and remove the
socket it is listening on after the first client disconnects so until
that has been fixed, it is only possible to do one ncalrpc: or ncacn_unix_stream: request per instance of smbd :-)
Support for looking up NCALRPC names via the endpoint mapper will be added later.
(This used to be commit 426f3e63cae3d306dcdc13ee4b655eed30057ff8)
|
|
- do more crackname tests in the torture test
- move server code for cracknames to a different file
metze
(This used to be commit 18050ea6037b3c0c7cfe975eb9c872368b9e3328)
|
|
- with DsBind and DsUnbind implmented :-)
the RPC-DRSUAPI test works
metze
(This used to be commit 536af87ef12024615728ce0060b557f6f504e33f)
|
|
- Start working on OXIDResolver interface
- Add torture test for SimplePing()
(This used to be commit b54d14a01a71082251ff926ab57974c6eb3c0a41)
|
|
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
|
|
(This used to be commit 60e48790dc7ee8a98be1914ff4a2c335d25639a8)
|
|
(This used to be commit 487211f1ae105fd1972fecf521654dab81175c86)
|
|
Doesn't do much at the moment except compile.
(This used to be commit ed9c4d7d70041879fa5005222f6cf84af558abef)
|
|
(This used to be commit 2ac79dfba0e64056a680f21d7dd0c007f79d4a70)
|
|
- move to a centralised way of handling talloc/ldb interaction
(This used to be commit 2b9b752875ba5e03e82f40e31f26bc1f245b3825)
|
|
I made it much more generic, and we should be able to add a
module interface to this code, so that other DCERPC_AUTH types can be added
via modules...
metze
(This used to be commit d09abeb686c43c62322205689273d1b417113004)
|
|
names rather than our crazy naming scheme. So DES is now called
des_crypt() rather than smbhash()
- added the code from the solution of the ADS crypto challenge that
allows Samba to correctly handle a 128 bit session key in all of the
netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard
from PADL for solving this one!
- restructured the server side rpc authentication to allow for other
than NTLMSSP sign and seal. This commit just adds the structure, the
next commit will add schannel server side support.
- added 128 bit session key support to our client side code, and
testing against w2k3 with smbtorture. Works well.
(This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee)
|
|
- added start of QueryDomainInfo in samr server
"net rpc info" from samba3 now works against a samba4 server. I
suspect join will work fairly soon.
(This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
|
|
metze
(This used to be commit 7fffc124e38a4e5b16d650b1f6d82b24dcfee982)
|