Age | Commit message (Collapse) | Author | Files | Lines |
|
Andrew Bartlett
(This used to be commit 3520af0f3d8826ac52a7fb6a658ed0924e51bbf7)
|
|
Up to now the client code has had an async API, and operated
asynchronously at the packet level, but was not truly async in that it
assumed that it could always write to the socket and when a partial
packet came in that it could block waiting for the rest of the packet.
This change makes the SMB client library full async, by adding a
separate outgoing packet queue, using non-blocking socket IO and
having a input buffer that can fill asynchonously until the full
packet has arrived.
The main complexity was in dealing with the events structure when
using the CIFS proxy backend. In that case the same events structure
needs to be used in both the client library and the main smbd server,
so that when the client library is waiting for a reply that the main
server keeps processing packets. This required some changes in the
events library code.
Next step is to make the generated rpc client code use these new
capabilities.
(This used to be commit 96bf4da3edc4d64b0f58ef520269f3b385b8da02)
|
|
e.g. we now have 'union smb_mkdir' and 'enum smb_mkdir_level' in sync
we may should also rename 'RAW_MKDIR_*' -> 'SMB_MKDIR_*'
metze
(This used to be commit 0bb50dcf1ccb9797000fcbea4d8a73f2d2a3db77)
|
|
- This causes our client and server code to use the same core code,
with the same debugs etc.
- In turn, this will allow the 'mandetory/fallback' signing algorithms
to be shared, and only written once.
Updates to the SPNEGO code
- Don't wrap an empty token to the server, if we are actually already finished.
Andrew Bartlett
(This used to be commit 35b83eb329482ac1b3bc67285854cc47844ff353)
|
|
close_connection fn of a specific service
metze
(This used to be commit 0e1f5e66d37deb7a77ae9f545e60685428fd9d21)
|
|
SPNEGO, but I'll leave andrew to tackle that.
(This used to be commit 5dd71be8d9e49277f17668877e47729c340f0f67)
|
|
must think carefully about packet chaining when dealing with any
authentication or SMB parsing issues. The particular problem here was
that a chained tconX didn't get the req->session setup after an
initial sesstion setup call, so the tconx used a bogus VUID.
(This used to be commit 6f2a335cd623211071b01d982d4e7c69b49a5602)
|
|
to a struct smbsrv_session that the same as cli_session for the client
we need a gensec_security pointer there
(spnego support will follow)
prefix some related functions with smbsrv_
metze
(This used to be commit f276378157bb9994c4c91ce46150a510de5c33f8)
|
|
the idea is to have services as modules (smb, dcerpc, swat, ...)
the process_model don't know about the service it self anymore.
TODO:
- the smbsrv should use the smbsrv_send function
- the service subsystem init should be done like for other modules
- we need to have a generic socket subsystem, which handle stream, datagram,
and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server
, or for smb or dcerpc or whatever to connect to a server wide auth service)
- and other fixes...
NOTE: process model pthread seems to be broken( but also before this patch!)
metze
(This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
|
|
(This used to be commit 2758c26ac96a62d7e0853e5d5fa95925ddce3420)
|
|
Initial attempt at RAP server infrastructure. Look at rap_server.c for the
dummy functions that are supposed to implement the core functionality.
ipc_rap.c contains all the data shuffling. _rap_shareenum and _rap_serverenum2
in ipc_rap.c are (I think) regular enough to be auto-generated.
I did not test all the corner cases yet, but nevertheless I would like some
comments on the general style.
Volker
P.S: samba-3 smbclient now doesn't freak out anymore, although the results are
not entirely correct :-)
(This used to be commit 08140cc1a838b4eaa23c897b280a46c95b7ef3e0)
|
|
metze
(This used to be commit ee711c71fedd9d24b5a78b51d9dc3e166645260f)
|
|
metze
(This used to be commit 32e307857ccc99b446e7574d46b610c63ee03583)
|
|
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
|
|
Andrew Bartlett
(This used to be commit 9002584c020a48ab37cce103b4413e871aae2985)
|
|
because this is the connection state per transport layer (tcp)
connection
I also moved the substructs directly into smbsrv_connection,
because they don't need a struct name and we should allway pass the complete
smbsrv_connection struct into functions
metze
(This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
|
|
metze
(This used to be commit 7b4ad993ad7c937ef9bee1a48a8bda62f2f5d3b9)
|
|
metze
(This used to be commit a85d2db5826a84b812ea5162a11f54edd25f74e3)
|
|
metze
(This used to be commit 99473fab4b1ff87a795f3c08f4c521d9beb504c0)
|
|
metze
(This used to be commit a9ba29e00fc818e798079c42888da3f20f3d1634)
|
|
because I need server_context fot the generic server infastructure
metze
(This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
|
|
(This used to be commit de5984c95602ca67e8ac3139c3aa4330b74266e0)
|
|
-move process_model code to smbd/process_model.c
-remove some used code
metze
(This used to be commit 10dd8487290a2876253ce69033e374d23b42e704)
|
|
STATUS_BUFFER_OVERFLOW when more data is present.
(This used to be commit 0e557fe85748558affd20a58455c4b75fee69e27)
|
|
Fix other 'const' warnings in the torture code.
Andrew Bartlett
(This used to be commit 5d39d7497f189da15d659b3f83b7314026040a15)
|
|
(This used to be commit be75cdc1bf5558cb7da50b15bf1fd629a0c44dc2)
|
|
goodness and light' struct ;-)
Break apart the auth subsystem's return strucutres, into the parts
that a netlogon call cares about, and the parts that are for a local
session. This is the 'struct session_info' and it will almost
completly replace the current information stored on a vuid, but be
generic to all login methods (RPC over TCP, for example).
Andrew Bartlett
(This used to be commit d199697014d9562f9439a30b950fda798c5ef419)
|
|
metze
(This used to be commit 57151e80eb1090281401930c8fe25b20a8cf3a38)
|
|
metze
(This used to be commit 18062d2ed9fc9224c43143c10efbf2f6f1f5bbe0)
|
|
metze
(This used to be commit b5378803fdcb3b3afe7c2932a38828e83470f61a)
|
|
- remove unused lib/smbpasswd.c
- don't set the pkt size twice when doing SMB signing
(This used to be commit 69a2942f7987647a32d43c71f41ac1a82a82ccda)
|
|
metze
(This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
|
|
metze
(This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
structures. This was suggested by metze recently.
I checked on the build farm and all the machines we have support 64
bit ints, and support the LL suffix for 64 bit constants. I suspect
some won't support strtoll() and related functions, so we will
probably need replacements for those.
(This used to be commit 9a9244a1c66654c12abe4379661cba83a73c4c21)
|
|
metze
(This used to be commit 8f59daba0d03a2c58f7f23655153de05cbe47e81)
|
|
metze
(This used to be commit 7f2e8a2b843cb58098a841c71764697553c57112)
|
|
(This used to be commit 8e5ddf5e8eb74f667897f90baa2d00f02ca5818b)
|
|
(This used to be commit b4b67c330174ac0570558bedf50729542ea775da)
|
|
This commit kills passdb, which was only hosting the auth subsystem.
With the work tridge has done on Samba4's SAM backend, this can (and
now is) all hosted on ldb. The auth_sam.c file now references this
backend.
You will need to assign your users passwords in ldb - adding a new line:
unicodePwd: myPass
to a record, using ldbedit, should be sufficient. Naturally, this
assumes you have had your personal SAMR provisioning tutorial from
tridge. Everybody else can still use the anonymous logins.
Andrew Bartlett
(This used to be commit 2aa0b55fb86648731d5f2201fa5a6aa993b7ca48)
|
|
to the main SAMBA_4_0 tree.
NOTE: that it's not completely ready, but it's functional:-)
metze
(This used to be commit c78a2ddb28ec50d6570a83b1f66f18a5c3621731)
|
|
andrew's recent chainsaw job :)
(This used to be commit 20166f4e19a599a85dfff045a738309d191db9e7)
|
|
This removes the code that tried to lookup posix groups, as well as
the code that was tied to the SAM_ACCOUNT.
This should make auth_ldb much easier to write :-)
Andrew Bartlett
(This used to be commit e096ee2112adecaa69b6b3eb155a4e8f80dfc0f7)
|
|
(This used to be commit 329c5ccd74680381b30c4a2235010c766ac46ecc)
|
|
range of NTSTATUS codes that are normally invalid to prevent conflicts
with real error codes.
use the new DOS facility to fix the ERRbaduid return that volker found
(This used to be commit 10fdfb52398857b604fff9684ee65a96d970bdaa)
|
|
talloc code catches errors like this.
(This used to be commit 22aa425c96030f55f6202bca1e1a876b0bc03f03)
|
|
Not all the auth code is merged - only those parts that are actually
being used in Samba4.
There is a lot more work to do in the NTLMSSP area, and I hope to
develop that work here. There is a start on this here - splitting
NTLMSSP into two parts that my operate in an async fashion (before and
after the actual authentication)
Andrew Bartlett
(This used to be commit 5876c78806e6a6c44613a1354e8d564b427d0c9f)
|
|
added ldbedit, a _really_ useful command
added ldbadd, ldbdel, ldbsearch and ldbmodify to build
solved lots of timezone issues, we now pass the torture tests with
client and server in different zones
fixed several build issues
I know this breaks the no-LDAP build. Wait till I arrive in San Jose for that
fix.
(This used to be commit af34710d4da1841653624fe304b1c8d812c0fdd9)
|
|
(This used to be commit 96c54df6facc8d1d5ef559ebc3e7e0953d89b2ab)
|
|
acting as a cifs redirectory (using the cifs backend)
(This used to be commit 06a8100e6a2f3f079af5b6ec32d87d1d25f56c3c)
|