IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
add struct nbt_peer_socket and use it instead of passing const char *addr, uint16 port everyhwere
(tridge: can you review this please, (make test works)
metze
(This used to be commit a599d7a4ae881c94be2c2d908a398838549942bb)
this is the compression algorithm used by w2k3 for DsGetNCChanges().
This algorithm isn't known yet, but it seems to be some sort of Lempel-Ziv
algorithm.
metze
(This used to be commit 694252b6e02e365ae5baffb76cdbc89eec5358e7)
problem was that the return string was declared as:
[out] astring dcname
which means "this is a non-NULL string". The server code sometimes
returned NULL however (on getdc lookup failure), which caused the NDR
marshalling code to crash. When you declare a non-pointer return value
you are promising that the value can never be NULL.
The trivial fix is to use:
[out] astring *dcname
which leaves the API alone, but includes a pointer in the wire format,
which in turn means it is valid to send a NULL string as a response.
(This used to be commit e39bac61960f6ce8957f148a482e39499a8e9096)
within a callback on the pipe. This should fix a problem volker
encountered with winbind. The fix invoolves making the recv_data
handler free the memory for a packet, instead of having the transport
layer free it after calling recv_data. When the transport layer freed
it, it had no way of knowing if the callback had shutdown the pipe, so
it had no way of knowing if it could safely use the pointer.
Also changed the pipe shutdown hook for the smb transport to use an
async SMB close. This ensures that when you shutdown the pipe, you
don't block waiting for the server to ack the close of the pipe fnum.
(This used to be commit c87d7f580e39245db181605f50883de07dd9632e)
Tridge, if you have time, you might want to look at the segfault I was still
seeing. Now I store the handle to the netlogon pipe in the global winbind
state and free it on the next entry into check_machacc. The problem seems to
be that talloc_free()ing a pipe struct from within a callback function on that
pipe is not possible. I think I can live with that, but it has been not really
obvious. To reproduce the segfault you might want to look at putting a
talloc_free(state->getcreds->out.netlogon) into
wbsrv_samba3_check_machacc_receive_creds. This is called from a dcerpc
callback function.
In particular if the check failed it would be nice if I could delete the pipe
directly and not post a different event to some winbind queue.
I tried to delete the pipe from a timed event triggered immediately, but this
also fails because the inner loop seems to hit the same event again, calling
it twice.
Volker
(This used to be commit 5436d7764812bb632ba865e633005ed07923b57f)
- the unknown flag 0x10 seems to mean that this name was localy registered on this
currently asked server, that flag is not present in replica records
metze
(This used to be commit ba3685c41dc934692bd653f4fe9c0ee451146c40)
make wrepl_nbt_name a scalar type that is another
wire representation of struct nbt_name
give wrepl_name->flags a meaning
metze
(This used to be commit 5fa13d6c2bd4cff9540ee97b3aa4c8a9c8e51fc5)
domain and gets the DC's name via a mailslot call.
Metze, I renamed wbsrv_queue_reply to wbsrv_send_reply in accordance with
irpc_send_reply. Having _queue_ here and _send_ there is a bit confusing. And
as everything is async anyway, the semantics should not be too much of a
problem.
Volker
(This used to be commit 4637964b19c6e9f7d201b287e2d409d029fced01)
Generate NDR mashalling code for all idl files (why isn't this automatically by the scanner when it finds librpc/gen_ndr/{misc,dcerpc,orpc}.h in includes.h?)
(This used to be commit 01eb22b9dac4f7d06c7e760ce5f1f4b4049e41c9)
yet as scons somehow thinks it needs to put a directory called ndr_idl
in the command line.
(This used to be commit e4a54a4c49b958b56dc7822c800a3f5ff7eb0b60)
that a given set of (working) POSIX functions are available (without
prefixes to their names, etc). See lib/replace/README for a list.
Functions that behave different from their POSIX specification
(such as sys_select, sys_read, etc) have kept the sys_ prefix.
(This used to be commit 29919a71059b29fa27a49b1f5b84bb8881de65fc)
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own
test for the moment, but I'm working on these issues :-)
This required a change to the credentials API, so that the special
case for NTLM logins using a principal was indeed handled as a
special, not general case.
Also don't set the realm from a ccache, as then it overrides --option=realm=.
Andrew Bartlett
(This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
at every single build. Run 'scons configure=1' or delete sconf.cache
to force checks to be re-run.
Jelmer, I think this stuff is cached in the .sconf_cache directory but
the message is still displayed and it looks like it caches the compiled
test object file not the actual result of the test.
(This used to be commit 9d001dc083937bbf5642af90bc8a8b1a27825de0)
field, instead put a zero address. Note that zero is correct (ie. we
shouldn't do the lookup) as in the client we want to send a zero for
the server to fill in. When we make this call from the server we fill
in a real IP.
(This used to be commit e54c8b5658761c33d50a1a557d2ec77229b07b47)
but final linking still fails (as does generating files asn1, et, idl and proto
files)
(This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
data to be signed/sealed. We can use this to split the data from the
signature portion of the resultant wrapped packet.
This required merging the gsskrb5_wrap_size patch from
lorikeet-heimdal, and fixes AES encrption issues on DCE/RPC (we no
longer use a static 45 byte value).
This fixes one of the krb5 issues in my list.
Andrew Bartlett
(This used to be commit e4f2afc34362953f56a026b66ae1aea81e9db104)
other than arcfour-hmac-md5. Currently we still fail to verify other
signatures however.
Andrew Bartlett
(This used to be commit 2e5884fc2472c6bcc7e6e083c28a4da6b2f72af1)
ndr_pull_data_blob() doesn't work correct. so make them exclute each other.
jelmer, tridge: does that look correct? it fixes a problem, abartlet had
with krb5pac.idl, where the align flags are inherited from the parent, and we want to get the
[flag(NDR_REMAINING)] DATA_BLOB signature;
metze
(This used to be commit b9ea3e8f9f85098b63081bf12e2be65687921874)
where the idl was something like this:
uint32 size;
[size_is(size+1)] wchar_t *string;
we always need a pair of NDR_PULL_NEEDED_BYTES() and ndr_pull_advance(),
with the same size passed in.
metze
(This used to be commit 8eb75bd5ac5869f11f930ec872ec8a46fba9361b)
Kerberos CCACHE into the system.
This again allows the use of the system ccache when no username is
specified, and brings more code in common between gensec_krb5 and
gensec_gssapi.
It also has a side-effect that may (or may not) be expected: If there
is a ccache, even if it is not used (perhaps the remote server didn't
want kerberos), it will change the default username.
Andrew Bartlett
(This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
