Age | Commit message (Collapse) | Author | Files | Lines |
|
gensec_session_key()
This is slightly less efficient, because we no longer keep a cache on
the gensec structures, but much clearer in terms of memory ownership.
Both gensec_session_info() and gensec_session_key() now take a mem_ctx
and put the result only on that context.
Some duplication of memory in the callers (who were rightly uncertain
about who was the rightful owner of the returned memory) has been
removed to compensate for the internal copy.
Andrew Bartlett
|
|
Guenther
|
|
Andrew Bartlett
|
|
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
|
|
|
|
the mixture of async and sync code in gensec makes a EOF on a socket
during a session setup cause a crash. The simplest solution is to
stop processing events on the socket until the session setup is
complete.
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Spotted by the Solaris 10 compiler
|
|
|
|
metze
|
|
we won't be using the mk -> wscript generator again
|
|
them
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
|
|
|
|
|
|
metze
|
|
|
|
The lock.in.reserved field has been renamed lock_sequence in the
SMB 2.1 dialect. See MS-SMB 2.2.26.
|
|
|
|
compounded chain
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
We need to loop over all given dialects and check
if we can find SMB2_DIALECT_REVISION_202.
metze
|
|
This change brings ntvfs_connect into compliance with other ntvfs functions
which take an ntvfs module, an ntvfs request and an smb io union.
It now becomes the responsibility of ntvfs modules to examine
tcon->generic.level themselves and derive the share name and any other
options
directly; e.g.
const char *sharename;
switch (tcon->generic.level) {
case RAW_TCON_TCON:
sharename = tcon->tcon.in.service;
break;
case RAW_TCON_TCONX:
sharename = tcon->tconx.in.path;
break;
case RAW_TCON_SMB2:
default:
return NT_STATUS_INVALID_LEVEL;
}
if (strncmp(sharename, "\\\\", 2) == 0) {
char *p = strchr(sharename+2, '\\');
if (p) {
sharename = p + 1;
}
}
service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in
some of the tcon->..out values.
For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and
tcon->tconx.out.options
For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and
tcon->tcon.out.max_xmit
Thus the ntvfs_connect function for vfs modules may override these values
if desired, but are not required to.
ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type
fields, for RAW_TCON_TCONX, perhaps something like:
if (tcon->generic.level == RAW_TCON_TCONX) {
tcon->tconx.out.fs_type = ntvfs->ctx->fs_type;
tcon->tconx.out.dev_type = ntvfs->ctx->dev_type;
}
Signed-off-by: Sam Liddicott <sam@liddicott.com>
(I fixed the ntvfs_connect() in the smb_server/smb2/
and the RAW_TCON_SMB2 switch case in the modules)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
|
|
When starting GENSEC on the server, the auth subsystem context must be
passed in, which now includes function pointers to the key elements.
This should (when the other dependencies are fixed up) allow GENSEC to
exist as a client or server library without bundling in too much of
our server code.
Andrew Bartlett
|
|
metze
|
|
[I can't swear that this covers all the smb2 cases, there are some reply
functions that I can't trace properly]
Add NTVFS_ASYNC_STATE_CLOSE bit to ntvfs_request->async_states->state
so that the ntvfs layer can signify that the client transport should
be closed, most useful for proxy servies, and most likely due to a
forwarding transport having been closed.
Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
should in the future only contain some settings required for gensec.
|
|
|
|
functions.
|
|
other SMB2 operations.
|
|
|
|
|
|
|
|
|
|
|
|
thanks to the bluearc test suite
|
|
..., but the they may have the sign flag set.
metze
(This used to be commit 43e43dead030f6bffd06631007fdb162c3c6b2b5)
|
|
metze
(This used to be commit dd2f4f7a491debcc30e590f571272afd99e52940)
|
|
metze
(This used to be commit 7c4abf6614c47471ae005a12abe27d85890d867f)
|
|
metze
(This used to be commit 2844e361730a6bc640ea89d0e10059deca1ca867)
|
|
metze
(This used to be commit 5b3ba3f3556e8031133128853cd2324ee3852aa1)
|
|
Metze pointed out that if signing is mandatory in the server then we
need to reject packets without the signed flag if the packet contains
a session id.
(This used to be commit 056f16e664e581bab1c07759e99ad4f6685c58eb)
|
|
(This used to be commit 8e919dcb0826a5b25d037ee6144af5f7cb21f3ae)
|
|
(This used to be commit 85d1873ee92fcc7df3addc42ddb8189144901f8b)
|