summaryrefslogtreecommitdiff
path: root/source4/smb_server/negprot.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett1-4/+24
authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell1-2/+6
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r7222: remove double call to the same function in the same place, probable ↵Simo Sorce1-6/+0
cut&paste error (This used to be commit 615618f192a05b95ab0e0fba68e339a6df1a3363)
2007-10-10r5102: This is a major simplification of the logic for controlling top levelAndrew Tridgell1-4/+4
servers in smbd. The old code still contained a fairly bit of legacy from the time when smbd was only handling SMB connection. The new code gets rid of all of the smb_server specific code in smbd/, and creates a much simpler infrastructures for new server code. Major changes include: - simplified the process model code a lot. - got rid of the top level server and service structures completely. The top level context is now the event_context. This got rid of service.h and server.h completely (they were the most confusing parts of the old code) - added service_stream.[ch] for the helper functions that are specific to stream type services (services that handle streams, and use a logically separate process per connection) - got rid of the builtin idle_handler code in the service logic, as none of the servers were using it, and it can easily be handled by a server in future by adding its own timed_event to the event context. - fixed some major memory leaks in the rpc server code. - added registration of servers, rather than hard coding our list of possible servers. This allows for servers as modules in the future. - temporarily disabled the winbind code until I add the helper functions for that type of server - added error checking on service startup. If a configured server fails to startup then smbd doesn't startup. - cleaned up the command line handling in smbd, removing unused options (This used to be commit cf6a46c3cbde7b1eb1b86bd3882b953a2de3a42e)
2007-10-10r4728: split up server_services into:Stefan Metzmacher1-3/+3
- stream_socket services the smb, ldap and rpc service which sets up a srtam socket end then waits for connections and - task services which this you can create a seperate task that do something (this is also going through the process_model subsystem so with -M standard a new process for this created with -M thread a new thread ... I'll add datagram services later when we whave support for datagram sockets in lib/socket/ see the next commit as an example for service_task's metze (This used to be commit d5fa02746c6569b09b6e05785642da2fad3ba3e0)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher1-10/+28
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4109: fixed an uninitialised socket write found by kukksAndrew Tridgell1-0/+1
(This used to be commit 30c58b046d65164da37f705de105662f806e1331)
2007-10-10r4099: Spelling fixes.Tim Potter1-4/+4
(This used to be commit 24d9f97bd6059d90eeead23900225e286047a862)
2007-10-10r4095: smbsrv_terminate_connection() doesn't exit() in single processor ↵Andrew Tridgell1-0/+4
mode, so after we call it we need to return, and not continue processing packets (This used to be commit 33e4cee17dbfbb79e5ae68fda893a4d313865eb5)
2007-10-10r4070: move some defines from asn_1.h to the places they belong toStefan Metzmacher1-2/+1
metze (This used to be commit ab2c2f27e1c61516e885f02bf26350f97209057a)
2007-10-10r4068: added LANMAN2.1 to list of supported protocols (for OS/2)Andrew Tridgell1-0/+1
(This used to be commit 06e48d1276d3837db4d278400e7ee29561cd9205)
2007-10-10r4063: - change char * -> uint8_t in struct request_bufferStefan Metzmacher1-6/+6
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2) all this fixes a lot of gcc-4 warnings metze (This used to be commit b94f92bc6637f748d6f7049f4f9a30b0b8d18a7a)
2007-10-10r3466: split out request.h, signing.h, and smb_server.hAndrew Tridgell1-0/+2
(This used to be commit 7c4e6ebf05790dd6e29896dd316db0fff613aa4e)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell1-0/+1
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3453: - split out the auth and popt includesAndrew Tridgell1-0/+1
- tidied up some of the system includes - moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl knows about inter-IDL dependencies (This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
2007-10-10r2783: got rid of the unused remote architecture detection codeAndrew Tridgell1-120/+0
(This used to be commit 9a04664531601b8251dbf6a0922ab48e675adb90)
2007-10-10r2648: - use a destructor on struct server_connection to simplify theAndrew Tridgell1-1/+1
connection termination cleanup, and to ensure that the event contexts are properly removed for every process model - gave auth_context the new talloc treatment, which removes another source of memory leaks. (This used to be commit 230e1cd777b0fba82dffcbd656cfa23c155d0560)
2007-10-10r2629: convert gensec to the new talloc modelAndrew Tridgell1-1/+1
by making our gensec structures a talloc child of the open connection we can be sure that it will be destroyed when the connection is dropped. (This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
2007-10-10r2550: survive our own BASE-NEGNOWAIT torture test.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit a13208224921b6ad37ac5d9aeb12252f5d4aa288)
2007-10-10r2521: fixed two uninitialised data errors found with valgrind whenAndrew Tridgell1-0/+1
negotiating a old style session setup (eg. LANMAN1) (This used to be commit 04f68f481c49102411b168593adaddf5e97b7d4d)
2007-10-10r2249: got rid of some more mem_ctx elements in structuresAndrew Tridgell1-1/+1
(This used to be commit 21ef338cbbe96acc8594ffc550ef60c6a40fb951)
2007-10-10r1796: Enable server-side SPNEGO, now that I have fixed the server-side SMBAndrew Bartlett1-12/+25
signing code to be able to cope. Andrew Bartlett (This used to be commit cb74d52b563730a50e33c92d868c45ee96a598e8)
2007-10-10r1731: Add server-side SPNEGO support to Samba (disabled, until SMB signingAndrew Bartlett1-55/+45
is reworked). Andrew Bartlett (This used to be commit 73ee549b8c54e93556ff0105941996e0d4de8303)
2007-10-10r1486: commit the start of the generic server infastructureStefan Metzmacher1-2/+2
the idea is to have services as modules (smb, dcerpc, swat, ...) the process_model don't know about the service it self anymore. TODO: - the smbsrv should use the smbsrv_send function - the service subsystem init should be done like for other modules - we need to have a generic socket subsystem, which handle stream, datagram, and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server , or for smb or dcerpc or whatever to connect to a server wide auth service) - and other fixes... NOTE: process model pthread seems to be broken( but also before this patch!) metze (This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
2007-10-10r1291: rename struct smbsrv_context to smbsrv_connectionStefan Metzmacher1-53/+53
because this is the connection state per transport layer (tcp) connection I also moved the substructs directly into smbsrv_connection, because they don't need a struct name and we should allway pass the complete smbsrv_connection struct into functions metze (This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
2007-10-10r1280: rename struct request_context to smbsrv_requestStefan Metzmacher1-7/+7
metze (This used to be commit a85d2db5826a84b812ea5162a11f54edd25f74e3)
2007-10-10r1277: rename struct server_context to smbsrv_ontextStefan Metzmacher1-53/+53
because I need server_context fot the generic server infastructure metze (This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
2007-10-10r890: convert samba4 to use [u]int8_t instead of [u]int8Stefan Metzmacher1-2/+2
metze (This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
2007-10-10r889: convert samba4 to use [u]int16_t instead of [u]int16Stefan Metzmacher1-7/+7
metze (This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
2007-10-10r873: converted samba4 to use real 64 bit integers instead ofAndrew Tridgell1-5/+3
structures. This was suggested by metze recently. I checked on the build farm and all the machines we have support 64 bit ints, and support the LL suffix for 64 bit constants. I suspect some won't support strtoll() and related functions, so we will probably need replacements for those. (This used to be commit 9a9244a1c66654c12abe4379661cba83a73c4c21)
2007-10-10r818: added server side SMB signing to Samba4Andrew Tridgell1-1/+15
(This used to be commit 8e5ddf5e8eb74f667897f90baa2d00f02ca5818b)
2007-10-10r815: include our netbios name in the negprot response (this matches win2003)Andrew Tridgell1-0/+1
(This used to be commit b4b67c330174ac0570558bedf50729542ea775da)
2007-10-10r152: a quick airport commit ....Andrew Tridgell1-6/+9
added ldbedit, a _really_ useful command added ldbadd, ldbdel, ldbsearch and ldbmodify to build solved lots of timezone issues, we now pass the torture tests with client and server in different zones fixed several build issues I know this breaks the no-LDAP build. Wait till I arrive in San Jose for that fix. (This used to be commit af34710d4da1841653624fe304b1c8d812c0fdd9)
2004-02-03- move all SMB server stuff to smb_server/*Stefan Metzmacher1-0/+526
and create the SMB server subsystem - remove unused XML and MYSQL configure tests metze (This used to be commit 956d212c83d8ebd8e31ec109f17dc2105ca72c30)