Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
|
|
have
been working on for at least half a year now. Contains the following
improvements:
* proper layering (finally!) for the registry library. Distinction is
now made between 'real' backends (local, remote, wine, etc) and
the low-level hive backends (regf, creg, ldb, ...) that are only used
by the local registry backend
* tests for all important hive and registry operations
* re-enable RPC-WINREG tests (still needs more work though, as
some return values aren't checked yet)
* write support for REGF files
* dir backend now supports setting/reading values, creating keys
* support for storing security descriptors
* remove CREG backend as it was incomplete, didn't match the data model
and wasn't used at all anyway
* support for parsing ADM files as used by the policy editor (see lib/policy)
* support for parsing PREG files (format used by .POL files)
* new streaming interface for registry diffs (improves speed and memory usage
for regdiff/regpatch significantly)
... and fixes a large number of bugs in the registry code
(This used to be commit 7a1eec6358bc863dfc671c542b7185d3e39d7b5a)
|
|
Andrew Bartlett
(This used to be commit 3d74d178bfd89127ff387939e848b240e638cc35)
|
|
metze
(This used to be commit 5ecc1311a143dd1adf9369d71ccb919be06daf57)
|
|
complete. This is needed because messaging setup with ctdb involve
events, and we don't want a SMB packet to be processed on this stream
until after the stream structure is fully setup
(This used to be commit 8e378051e594372dfb2c00a380ef4bc151021ea2)
|
|
printing it.
Andrew Bartlett
(This used to be commit 18d2680f357cef68e0e9714ce5404be70759d2ad)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
model. It's much cleaner to get the event system to close the fd,
especially with the complexity of forks
(This used to be commit d1b710f09c95a8181d2b642081282d8c97b37811)
|
|
falsely report them as leaked.
Andrew Bartlett
(This used to be commit e3eb6c2cf63edf50d93a87f656df3ae5aa6efc00)
|
|
metze
(This used to be commit 7fae261a494b4b71c3022f63112ef23ea495c769)
|
|
metze
(This used to be commit c3cc03ffb290cb7c1eba51e98c52e5e7c1aba5fb)
|
|
(This used to be commit ec611774da4759d2d6a334e57c104ed0ad5b7967)
|
|
(This used to be commit 7cf9d07c88b0c81777bb9363d445ac657982a366)
|
|
(This used to be commit e73063a0c6af927e520b3bdd7574dc7183847813)
|
|
uint32_t server_id
to
struct server_id server_id;
which allows a server ID to have an node number. The node number will
be zero in non-clustered case. This is the most basic hook needed for
clustering, and ctdb.
(This used to be commit 2365abaa991d57d68c6ebe9be608e01c907102eb)
|
|
metze
(This used to be commit dbabec633881d7b2521aa17b484e425e6db36e01)
|
|
(This used to be commit 8768bec81f57131a0c9754e8121b345c0be4a5d0)
|
|
and only have private depdendencies
metze
(This used to be commit f37c9f4d920c1a2dc160ce1c26cf70fbb45c653f)
|
|
metze
(This used to be commit f02f7ed19db2be8e23b1a5850082c9f9da35c028)
|
|
metze
(This used to be commit 59fe6cfaba2eb39cb5ff33110e830c4c9b21fb95)
|
|
This merges Samba4 with lorikeet-heimdal, which itself has been
tracking Heimdal CVS for the past couple of weeks.
This is such a big change because Heimdal reorganised it's internal
structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases.
In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO
PAC. This matches windows behavour. We also have an option to
require the PAC to be present (which allows us to automate the testing
of this code).
This also includes a restructure of how the kerberos dependencies are
handled, due to the fallout of the merge.
Andrew Bartlett
(This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
|
|
(This used to be commit 8143de855c0b65346b2d8e59ecdb78952927de4a)
|
|
places where this was currently not the case.
(This used to be commit 3894497a232df8cf0457c7439c9ae347f63f24a1)
|
|
(This used to be commit eefa64cbe392c4c4dcbf71b8bcf5128cce0339ba)
|
|
libraries
works again now, by specifying --enable-dso to configure.
(This used to be commit 7a01235067a4800b07b8919a6a475954bfb0b04c)
|
|
(This used to be commit f11112d7f0a6b1550008fd8192be2592412fb222)
|
|
(This used to be commit e46d8ed53f8eb4ba596ab6fc1924eb7f1829a3df)
|
|
(This used to be commit 6a2144caab60073b40577dc1f66f663f817d6cbd)
|
|
(This used to be commit 8b622c5ded0732df0eaf9f6226f52a27b6eacd73)
|
|
(This used to be commit 1adf65b4d7c5d2d4f65d4b28575bdf2368a42139)
|
|
(This used to be commit c079cedb084d621c5a0aac59310b237ba375df20)
|
|
* Move dlinklist.h, smb.h to subsystem-specific directories
* Clean up ads.h and move what is left of it to dsdb/
(only place where it's used)
(This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
|
|
with NULL.
metze
(This used to be commit 3711b968adf8a0951171ad1a90be65a9ae0dc03b)
|
|
Should fix some build farm machine
(This used to be commit 15b8fafb991d3ce4b40c144702399d6f705a8e8e)
|
|
Commit the classic backwards compatible module which is the default one
(This used to be commit a89cc346b9296cb49929898d257a064a6c2bae86)
|
|
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
|
|
(This used to be commit 8d95bf14b93326b097884366a527753f8ad93d47)
|
|
(This used to be commit d72c5c8f755277eb22e1f6834d98202f00c09934)
|
|
system - these should be removed later on.
(This used to be commit 06547391669e064d2b92f5841b7df5f101a34cb9)
|
|
Recursive dependencies are now forbidden (the build system
will bail out if there are any).
I've split up auth_sam.c into auth_sam.c and sam.c. Andrew,
please rename sam.c / move its contents to whatever/wherever you think suits
best.
(This used to be commit 6646384aaf3e7fa2aa798c3e564b94b0617ec4d0)
|
|
prototype
but --with-setproctitle wasn't used
metze
(This used to be commit 0754154f5154e8285608c7f17e15aa223f04adea)
|
|
with local
(empty) libpopt.a overriding global one
(This used to be commit 2f06305e53478e5030c24550954f221a9a97c83f)
|
|
metze
(This used to be commit 35936fd4743554bb4ba9b2f61ec3651762189bee)
|
|
the subsystems in question
(This used to be commit 2fbb4d91fa580ccb64e36f0b082f23af33123b13)
|
|
(This used to be commit 555ca1df1c57e5798e75b19f66b62b253a066e21)
|
|
for REQUIRED_SUBSYSTEMS.
(This used to be commit adc8a019b6da256f104abed1b82bfde6998a2ac9)
|
|
"." for "..". These express the intention better that strcmp or strequal
and improve searchability via cscope/ctags.
(This used to be commit 7e4ad7e8e5ec266b969e3075c4ad7f021571f24e)
|
|
metze
(This used to be commit 2b0ce388a4d955ce9bf0cdb00a13cd82f8acc87d)
|
|
(This used to be commit 3ebdae4217be9c00150ae4ceb76c94ba619bbf6a)
|
|
(This used to be commit 5f1d52f232051324082b840f29dd7719a9328bd5)
|