Age | Commit message (Collapse) | Author | Files | Lines |
|
Rework our random number generation system.
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
This also requires that we start the secrets subsystem, as that is
where the reseed value is stored, for systems without /dev/urandom.
In order to aviod identical streams in forked children, the random
state is re-initialised after the fork(), at the same point were we do
that to the tdbs.
Andrew Bartlett
(This used to be commit b97d3cb2efd68310b1aea8a3ac40a64979c8cdae)
|
|
the idea is to have services as modules (smb, dcerpc, swat, ...)
the process_model don't know about the service it self anymore.
TODO:
- the smbsrv should use the smbsrv_send function
- the service subsystem init should be done like for other modules
- we need to have a generic socket subsystem, which handle stream, datagram,
and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server
, or for smb or dcerpc or whatever to connect to a server wide auth service)
- and other fixes...
NOTE: process model pthread seems to be broken( but also before this patch!)
metze
(This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
|
|
Add some 'multi init' code, until we get a better set of infrustructure.
Andrew Bartlett
(This used to be commit 982422b2d286335378531ae9523e74192340af3c)
|
|
because this is the connection state per transport layer (tcp)
connection
I also moved the substructs directly into smbsrv_connection,
because they don't need a struct name and we should allway pass the complete
smbsrv_connection struct into functions
metze
(This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
|
|
metze
(This used to be commit a85d2db5826a84b812ea5162a11f54edd25f74e3)
|
|
metze
(This used to be commit 99473fab4b1ff87a795f3c08f4c521d9beb504c0)
|
|
because I need server_context fot the generic server infastructure
metze
(This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
|
|
-move process_model code to smbd/process_model.c
-remove some used code
metze
(This used to be commit 10dd8487290a2876253ce69033e374d23b42e704)
|
|
I have moved the SPNEGO and Kerberos code into libcli/auth, and intend
to refactor them into the same format as NTLMSSP.
Andrew Bartlett
(This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)
|
|
Fix other 'const' warnings in the torture code.
Andrew Bartlett
(This used to be commit 5d39d7497f189da15d659b3f83b7314026040a15)
|
|
metze
(This used to be commit 57151e80eb1090281401930c8fe25b20a8cf3a38)
|
|
misc.idl
(This used to be commit ce7920a5fac0dbccb01402129c341b410a032e60)
|
|
metze
(This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
|
|
metze
(This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
metze
(This used to be commit c0269d294e7677d9a561460084a8da00736bfc3a)
|
|
metze
(This used to be commit 0f8c193ac35572862b0d653dc02a71ebc71e88a8)
|
|
and add server_auth, server_smb, server_rpc as server modules
metze
(This used to be commit ecdeedb2ac81a3c816f7d72b6f39f16dd6e6267f)
|
|
- don't link lib/ldap_escape.c it's currently unused
metze
(This used to be commit be472beea3a7ae60cbacada8047b13d4de30643e)
|
|
and have to use the nonthreadsafe wrapper
- add pread/pwrite wrapper to ntvfs_simple
- fix const warning in ntvfs_simple
metze
(This used to be commit f0b2e42978a28204f497cccb07e407f409e3bf50)
|
|
Andrew Bartlett
(This used to be commit 62eef851fd79b2739b93b4ed7829514a3dcbf1d0)
|
|
(This used to be commit a9768c25fd32e76514c837f343f2b52bf0f0824d)
|
|
This commit kills passdb, which was only hosting the auth subsystem.
With the work tridge has done on Samba4's SAM backend, this can (and
now is) all hosted on ldb. The auth_sam.c file now references this
backend.
You will need to assign your users passwords in ldb - adding a new line:
unicodePwd: myPass
to a record, using ldbedit, should be sufficient. Naturally, this
assumes you have had your personal SAMR provisioning tutorial from
tridge. Everybody else can still use the anonymous logins.
Andrew Bartlett
(This used to be commit 2aa0b55fb86648731d5f2201fa5a6aa993b7ca48)
|
|
to the main SAMBA_4_0 tree.
NOTE: that it's not completely ready, but it's functional:-)
metze
(This used to be commit c78a2ddb28ec50d6570a83b1f66f18a5c3621731)
|
|
Andrew Bartlett
(This used to be commit 795ace17a8905f495e9e191ffbd559927894941b)
|
|
Andrew Bartlett
(This used to be commit 4e614cbe922ddc591b17b2357e17eff8ce1d546c)
|
|
'standard'
metze
(This used to be commit 3d01cf95ad8b065cd274bc0e544919c7c9336721)
|
|
added ldbedit, a _really_ useful command
added ldbadd, ldbdel, ldbsearch and ldbmodify to build
solved lots of timezone issues, we now pass the torture tests with
client and server in different zones
fixed several build issues
I know this breaks the no-LDAP build. Wait till I arrive in San Jose for that
fix.
(This used to be commit af34710d4da1841653624fe304b1c8d812c0fdd9)
|
|
(This used to be commit ad8b3cc1e3bd2f86397038010d77cd875b1c94da)
|
|
(This used to be commit 11717ae912449bde596ff6cf7d8fddcc86548f15)
|
|
SMB_SUBSYSTEM() scheme
- some const fixes in ntvfs
metze
(This used to be commit af89a78123068767b1d134969c5651a0fd978b0d)
|
|
and create the SMB server subsystem
- remove unused XML and MYSQL configure tests
metze
(This used to be commit 956d212c83d8ebd8e31ec109f17dc2105ca72c30)
|
|
metze
(This used to be commit a2beaa0823f899ae9f49c2e624f5e10263c5c26b)
|
|
I plan to convert all objectfile group to use SMB_SUBSYSTEM
later I'll add a SMB_BINARY() and SMB_LIBRARY(), then there will be no more need
to touch Makefile.in, because all make rules will be autogenerated by configure
- convert the PROCESS_MODEL subsystem to this new scheme
and move the pthread test to smbd/process_model.m4
- convert the CHARSET subsystem to this new scheme
and move the iconv test to lib/iconv.m4
(This used to be commit 2e57ee884ebea194ee79ac20e84e385481b56aa2)
|
|
- fix mem leak in process.c
metze
(This used to be commit d82ada11377e7613fc7c48afa9ef5f8a2e54233c)
|
|
metze
(This used to be commit 24dc237e109f6dce69814b22e0fb7878a7f6bfa8)
|
|
- handle SIBABRT with a backtrace
metze
(This used to be commit e9f584143d5bbcbbdaaac2c231efd85c7bd5a922)
|
|
('cvs ci filename' should be my friend:-)
get rid of some more global unconst vars.
I didn't find a referenz of this vars:
SIG_ATOMIC_T reload_after_sighup = 0;
SIG_ATOMIC_T got_sig_term = 0;
tridge: is it ok to remove them?
it compiles for me
metze
(This used to be commit b34a3104c63b36cec47acdedef36caaf571eb383)
|
|
metze
(This used to be commit 61ec710518469876ccc48d57b5fee5d6ead3d482)
|
|
Jerry should I change this in 3_0 and HEAD as well?
metze
(This used to be commit 664f1e30f816ef64f85b5df841592675a6fe06f2)
|
|
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
|
|
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.
In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.
I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.
The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
(This used to be commit bb1af644a5a7b188290ce36232f255da0e5d66d2)
|
|
types on some platforms (eg. solaris)
(This used to be commit ac8a23af8c67d2e39bb6cfd409c50f1f429cf271)
|
|
server endpoints. We can now successfully setup listening endpoints on
high ports, then use our endpoint mapper redirect incoming clients to
the right port.
also greatly cleanup the rpc over tcp session handling.
(This used to be commit 593bc29bbe0e46d356d001160e8a3332a88f2fa8)
|
|
needs quite a bit more work to get it finished. The biggest missing
feature is the lack of NTLMSSP which is needed for basic
authentication over tcp
(This used to be commit 9fb0f0369356909c99389e2cbc525be27c08793c)
|
|
don't cause fragmented pdus (I'll add fragments shortly)
* change data_blob_talloc() to not zero memory when the 2nd argument
is NULL. The zeroing just masks bugs, and can't even allow a DOS
attack
* modified pidl to ensure that [ref] arguments to the out side of
functions are allocated when parsing the in side. This allows rpc
backends to assume that [ref] variables are all setup. Doesn't work
correctly for [ref] arrays yet
* changed DLIST_ADD_END() to take the type instead of a tmp
variable. This means you don't need to declare a silly tmp variable in
the caller
(This used to be commit 46e0a358198eeb9af1907ee2a29025d3ab23b6d1)
|
|
IPC IO routines and the dcerpc endpoint servers.
(This used to be commit 4929c53bc8dddda8a763fdfbcf81a79776d01113)
|
|
(This used to be commit 5fb01b0ec0321724c25669151ea7c20e6ec182d0)
|
|
* updated tdb to latest version from Samba3
* removed some extraneous ';' in tdbutil.c (Thanks to Erlend Aasland
for pointing this out)
(This used to be commit f3eaf270e57d8d2e2157a6a36e260860c7f71c19)
|
|
(This used to be commit 03bf30659640d684073f92d64da6e911edb65a73)
|