1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
Commit Graph

79 Commits

Author SHA1 Message Date
Jelmer Vernooij
afe3e8172d Install public header files again and include required prototypes.
(This used to be commit 47ffbbf674)
2008-04-02 04:53:27 +02:00
Volker Lendecke
482f33077b Add my copyright
If I remember it right and when I look at the git log, then this way to do the
async functions was designed by me.
(This used to be commit 8d44f997c8)
2008-03-21 10:36:58 +01:00
Stefan Metzmacher
e08a78abcd [PATCH] composite: make it possible to call composite_is_ok() without callback fn
metze
(This used to be commit 4e459f1fb3)
2008-02-12 12:49:43 +01:00
Jelmer Vernooij
2151cde580 r25554: Convert last instances of BOOL, True and False to the standard types.
(This used to be commit 566aa14139)
2007-10-10 15:07:55 -05:00
Jelmer Vernooij
61ffa08f4c r24712: No longer expose the 'BOOL' data type in any interfaces.
(This used to be commit 1ce32673d9)
2007-10-10 15:02:54 -05:00
Andrew Tridgell
0479a2f1cb r23792: convert Samba4 to GPLv3
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac)
2007-10-10 14:59:12 -05:00
Stefan Metzmacher
40cd2d7780 r22944: fix bug #4618:
rename private -> private_data

metze
(This used to be commit 58551f2f28)
2007-10-10 14:52:30 -05:00
Andrew Tridgell
ed962c833b r18243: when setting up a composite continuation, if the context has already
finished when we need to trigger the continuation immediately.

Via a fairly complex path, this fixes the problem where all hosts in
the build farm that do not have ipv6 failed a lot of the RPC
tests. This happened because the dcerpc_connect() async code used a
composite_continue() on a context which was already in an error state,
due to the socket backend saying that ipv6 was unavailable
(This used to be commit dbf935d38b)
2007-10-10 14:17:54 -05:00
Jelmer Vernooij
0329d755a7 r17930: Merge noinclude branch:
* Move dlinklist.h, smb.h to subsystem-specific directories
 * Clean up ads.h and move what is left of it to dsdb/
   (only place where it's used)
(This used to be commit f7afa1cb77)
2007-10-10 14:16:54 -05:00
Stefan Metzmacher
7e949c9fb1 r17317: - add a composite_create() function that allocates and initialize
the composite_context structue, we should try to convert all code
  to use this because there're a lot of places where the we have
  bugs with this task...
- add a composite_continue_smb2() helper

We should try to hide the internals of the composite code from the users
to avoid errors (and I found a lot of them... and will fix then step by step)

metze
(This used to be commit a16180f202)
2007-10-10 14:15:10 -05:00
Jelmer Vernooij
35349a58df r14542: Remove librpc, libndr and libnbt from includes.h
(This used to be commit 51b4270513)
2007-10-10 13:58:42 -05:00
Jelmer Vernooij
e3f2414cf9 r14380: Reduce the size of structs.h
(This used to be commit 1a16a6f1df)
2007-10-10 13:57:16 -05:00
Rafal Szczesniak
66e3a63c19 r14239: Fix indentation.
rafal
(This used to be commit 7aa90f58b9)
2007-10-10 13:57:05 -05:00
Jelmer Vernooij
4ac2be9958 r13924: Split more prototypes out of include/proto.h + initial work on header
file dependencies
(This used to be commit 1228358767)
2007-10-10 13:52:24 -05:00
Jelmer Vernooij
af30a32b69 r13840: Mark some functions as public.
(This used to be commit 9a188eb1f4)
2007-10-10 13:52:14 -05:00
Jelmer Vernooij
d4de4c2d21 r12608: Remove some unused #include lines.
(This used to be commit 70e7449318)
2007-10-10 13:49:03 -05:00
Andrew Tridgell
111a920fdb r12116: got rid of composite_trigger_done() and composite_trigger_error(), and
instead make the normal composite_done() and composite_error()
functions automatically trigger a delayed callback if the caller has
had no opportunity to setup a async callback

this removes one of the common mistakes in writing a composite function
(This used to be commit f9413ce792)
2007-10-10 13:47:11 -05:00
Rafal Szczesniak
4a397070b6 r12079: Fix to the comment for sake of completness...
rafal
(This used to be commit 7aa40e3a3f)
2007-10-10 13:47:06 -05:00
Stefan Metzmacher
9d3b3e8395 r11971: add nbt specific continue wrapper
metze
(This used to be commit b8c5978df1)
2007-10-10 13:46:53 -05:00
Volker Lendecke
8383a3459a r11885: Add forgotten files
(This used to be commit 470cc59529)
2007-10-10 13:46:41 -05:00
Volker Lendecke
d68319431e r11095: Implement wb_getuserdomgroups.
Tridge, if you have the time, you might want to look at a problem I'm having
with unix domain stream sockets. From a comment in this commit:

	/* Using composite_trigger_error here causes problems with the client
	 * socket. Linux 2.6.8 gives me a ECONNRESET on the next read after
	 * writing the reply when I don't wait the 100 milliseconds. */

This is in winbind/wb_cmd_userdomgroups.c:93.

The problem I have is that I can not *immediately* send an error reply to the
client because the next receive fails. Waiting 100 milliseconds helps. It
might also be a problem with epoll(), I don't really know.

I'd appreciate if you took a brief look at this, maybe I'm doing something
wrong.

Thanks,

Volker
(This used to be commit 3e535cce74)
2007-10-10 13:44:48 -05:00
Volker Lendecke
d617556ef5 r10878: Reply to some comments by tridge and metze:
* rename the composite helper functions from comp_* to composite_*

* Move the lsa initialization to wb_connect_lsa.c

* Equip smb_composite_connect with a fallback_to_anonymous

The latter two simplify wb_init_domain.c quite a bit.

Volker
(This used to be commit deb127e04e)
2007-10-10 13:39:39 -05:00
Volker Lendecke
9e5d44d567 r10852: Continuation-based programming can become a bit spaghetti...
Initialize a domain structure properly. Excerpt from wb_init_domain.c:

/*
 * Initialize a domain:
 *
 * - With schannel credentials, try to open the SMB connection with the machine
 *   creds. Fall back to anonymous.
 *
 * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
 *   pipe.
 *
 * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
 *   to schannel and then to anon bind.
 *
 * - With queryinfopolicy, verify that we're talking to the right domain
 *
 * A bit complex, but with all the combinations I think it's the best we can
 * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
 * have a signed&sealed lsa connection on all of them.
 *
 * Is this overkill? In particular the authenticated SMB connection seems a
 * bit overkill, given that we do schannel for netlogon and ntlmssp for
 * lsa later on w2k3, the others don't do this anyway.
 */

Thanks to Jeremy for his detective work, and to the Samba4 team for providing
such a great infrastructure.

Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
with all we have.

Volker
(This used to be commit 3e69fdc07c)
2007-10-10 13:39:36 -05:00
Rafal Szczesniak
65271095d0 r10635: Formatting for better readability.
rafal
(This used to be commit 7b3a4096b5)
2007-10-10 13:39:13 -05:00
Stefan Metzmacher
38e43be7b8 r10537: - we now use a much nicer way to handle talloc_free(timed_event)
the events code replaces a destructor to one that returns allways -1
  while it's calling the event handler
- we don't need the composite and winsrepl specific fixes any more
- this also fixes the problem with smbcli, dcerpc, cldap, ldap and nbt
  request timeouts

metze
(This used to be commit 495996cfc4)
2007-10-10 13:39:03 -05:00
Stefan Metzmacher
fa70d1d0c2 r10529: fix a crash bug in full async code the uses the composite_trigger_done() code
the event subsystem wants to free timed_events!

metze
(This used to be commit dc5d5953b6)
2007-10-10 13:39:02 -05:00
Stefan Metzmacher
ab4d635b92 r10504: - seperate implementation specific stuff, from the generic composite
stuff.
- don't use SMBCLI_REQUEST_* state's in the genreic composite stuff
- move monitor_fn to libnet.

NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR
      state in the _send() function. I haven't fixed this bugs in this
      commit! We may need some composite_trigger_*() functions or so.
      And maybe some other generic helper functions...

metze
(This used to be commit 4527815a0a)
2007-10-10 13:38:57 -05:00
Andrew Bartlett
51cbc188df r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own
test for the moment, but I'm working on these issues :-)

This required a change to the credentials API, so that the special
case for NTLM logins using a principal was indeed handled as a
special, not general case.

Also don't set the realm from a ccache, as then it overrides --option=realm=.

Andrew Bartlett
(This used to be commit 194e8f07c0)
2007-10-10 13:38:39 -05:00
Andrew Tridgell
45f760973d r10200: added a composite_trigger_done() call that allows a composite function
to cause an event to happen immediately. This allows metzes patch for
recognising IPs in resolve_name() to work, and also allows us to
remove some of the other code where we currently do specific checks
for is_ipaddress().
(This used to be commit 9cc000d868)
2007-10-10 13:38:08 -05:00
Andrew Bartlett
24186a80eb r9728: A *major* update to the credentials system, to incorporate the
Kerberos CCACHE into the system.

This again allows the use of the system ccache when no username is
specified, and brings more code in common between gensec_krb5 and
gensec_gssapi.

It also has a side-effect that may (or may not) be expected: If there
is a ccache, even if it is not used (perhaps the remote server didn't
want kerberos), it will change the default username.

Andrew Bartlett
(This used to be commit 6202267f6e)
2007-10-10 13:34:54 -05:00
Andrew Bartlett
ba90b652d9 r9505: Work on GENSEC and the code that calls it, for tighter interface
requirements, and for better error reporting.

In particular, the composite session setup (extended security/SPNEGO)
code now returns errors, rather than NT_STATUS_NO_MEMORY.  This is
seen particularly when GENSEC fails to start.

The tighter interface rules apply to NTLMSSP, which must be called
exactly the right number of times.  This is to match some of our other
less-tested modules, where adding flexablity is harder.  (and this is
security code, so let's just get it right).  As such, the DCE/RPC and
LDAP clients have been updated.

Andrew Bartlett
(This used to be commit 134550cf75)
2007-10-10 13:34:24 -05:00
Tim Potter
172cee9adc r9223: Rename smb_raw_session_setup() to smb_raw_sesssetup().
(This used to be commit 5e6d330e73)
2007-10-10 13:31:33 -05:00
Tim Potter
2fa50ab671 r9222: Rename smb_tree_connect() to smb_raw_tcon() to match other raw function
names.
(This used to be commit 26b191b3c9)
2007-10-10 13:31:33 -05:00
Rafal Szczesniak
0102f2752f r8788: New monitor messages.
rafal
(This used to be commit 40061d7bd6)
2007-10-10 13:30:05 -05:00
Andrew Tridgell
528bb470bd r8776: fixed SMB connections for IP addresses, even when name resolve order
doesn't include 'host'
(This used to be commit 77a1e3076a)
2007-10-10 13:30:04 -05:00
Rafal Szczesniak
a04e899bc0 r8760: Rework monitor messaging code a bit, as Metze once suggested.
enum type has now been replaced with unsigned 32-bit field and
message data is passed as void pointer.

This allows various extension implementers to plug their monitor
messages in more easily.

rafal
(This used to be commit 4a6ab58133)
2007-10-10 13:30:03 -05:00
Andrew Bartlett
176c0d1b77 r8699: removed invalid comment
(This used to be commit f5910ceef5)
2007-10-10 13:29:55 -05:00
Rafal Szczesniak
49417aaed7 r7814: Propagate the change in resolve_name_send function.
(This used to be commit 7abd634701)
2007-10-10 13:18:40 -05:00
Andrew Bartlett
e578c33c2c r7757: Add NTLMv2 support to the NT1 Session setup (ie, not SPNEGO/NTLMSSP)
Session Setup code.

Add a mem_ctx argument to a few of the NTLMv2 support functions, and
add smb.conf options to control client NTLMv2 behaviour.

Andrew Bartlett
(This used to be commit 3f35cdb218)
2007-10-10 13:18:32 -05:00
Rafal Szczesniak
7a8315bddc r7736: Propagate change in resolve_name function. Let's use default methods
in this case.

rafal
(This used to be commit b0bae584a4)
2007-10-10 13:18:28 -05:00
Andrew Tridgell
af237084ec r7633: this patch started as an attempt to make the dcerpc code use a given
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.

Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.

There were 3 places where I punted:

  - abartlet wanted me to add a gensec_set_event_context() call
    instead of adding it to the gensec init calls. Andrew, my
    apologies for not doing this. I didn't do it as adding a new
    parameter allowed me to catch all the callers with the
    compiler. Now that its done, we could go back and use
    gensec_set_event_context()

  - the ejs code calls auth initialisation, which means it should pass
    in the event context from the web server. I punted on that. Needs fixing.

  - I used a NULL event context in dcom_get_pipe(). This is equivalent
    to what we did already, but should be fixed to use a callers event
    context. Jelmer, can you think of a clean way to do that?

I also cleaned up a couple of things:

 - libnet_context_destroy() makes no sense. I removed it.

 - removed some unused vars in various places
(This used to be commit 3a3025485b)
2007-10-10 13:18:15 -05:00
Volker Lendecke
46c231f1c8 r7435: Another little step, sorry for the spam... :-)
(This used to be commit 96d9b7fc98)
2007-10-10 13:17:53 -05:00
Volker Lendecke
35314f2427 r7433: Another little AIX one...
(This used to be commit c1ccaa0cc9)
2007-10-10 13:17:53 -05:00
Volker Lendecke
09753bf20a r7430: Next step in AIX build
(This used to be commit 43e1bd870d)
2007-10-10 13:17:52 -05:00
Tim Potter
2b7fe67f4d r6933: Add a couple of helper functions for creating nbt names.
(This used to be commit b896daf11c)
2007-10-10 13:16:58 -05:00
Rafal Szczesniak
5cbfca2967 r6708: Another type of monitor message.
rafal
(This used to be commit f7aaa0bfca)
2007-10-10 13:16:36 -05:00
Andrew Bartlett
1cf8396db4 r6702: Revert -r 6699, as I think this is a win2k v win2k3 issue.
Andrew Bartlett
(This used to be commit 77b67da5b8)
2007-10-10 13:16:36 -05:00
Andrew Bartlett
493cab3dbc r6699: Windows clients seem to ask for CIFS/, ie in upper case, so match it.
Andrew Bartlett
(This used to be commit 6d7f1daaf2)
2007-10-10 13:16:35 -05:00
Rafal Szczesniak
aefd5df199 r6614: Basic approach to monitoring messages for composite functions.
rafal
(This used to be commit 47a7a6c3fc)
2007-10-10 13:16:30 -05:00
Alexander Bokovoy
9779e6d670 r6352: Two new composite calls:
- qfsinfo (query file system information)
- appendacl (append an ACL to existing file's security descriptor and get new
full ACL)

The second one also includes an improvement to security descriptor handling
which allows to copy security descriptor. Written by Peter Novodvorsky
<peter.novodvorsky@ru.ibm.com>

Both functions have corresponding torture tests added. Tested under valgrind and
work against Samba 4 and Windows XP.

ToDo: document composite call creation process in prog_guide.txt
(This used to be commit 441cff62ac)
2007-10-10 13:11:34 -05:00