1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00

719 Commits

Author SHA1 Message Date
Andrew Tridgell
54ffd4fdbf r8313: moved PRINTF_ATTRIBUTE to replace.h to try to get irix building with heimdal
(This used to be commit 7d4e309f02cfcef661ebf3bbe9c227938318077c)
2007-10-10 13:20:05 -05:00
Andrew Tridgell
76478d7eb1 r8306: some more heimdal configure checks
(This used to be commit 575413fc863147ee46e1ff658af1d74093fc7686)
2007-10-10 13:20:04 -05:00
Tim Potter
4109f7d069 r8288: The SMB_ASSERT_ARRAY macro isn't used anymore.
(This used to be commit aab24385ab736f4072e25ad5702ee0aaf4192ecc)
2007-10-10 13:19:32 -05:00
Jeremy Allison
3de3d6a02d r8174: Check DOS error codes in torture chkpath test.
Jeremy.
(This used to be commit ff58ecad044dc7a3cdb4c010ea5cc1ea5e2e4b3b)
2007-10-10 13:19:17 -05:00
Stefan Metzmacher
f1031746e5 r8164: - match the ordering w2k3 uses for the PAC_BUFFER:
LOGON_INFO
   LOGON_NAME
   SRV_CHECKSUM
   KDC_CHECKSUM

- w2k3 also don't use the groupmembership array with rids
  it uses the othersids array

metze
(This used to be commit 2286fad27d749ebba14f5448f1f635bb36750c9c)
2007-10-10 13:19:16 -05:00
Andrew Bartlett
42bb490709 r8161: Update Samba4 for the new Heimdal update.
Andrew Bartlett
(This used to be commit 6a9b6373273f135fe012a6603707d77c2a65e9fa)
2007-10-10 13:19:16 -05:00
Stefan Metzmacher
148235a009 r8148: - make the PAC generation code a bit more readable and add some outof memory checks
- move to handmodified pull/push code for PAC_BUFFER
  to get the _ndr_size field and the subcontext size right

- after looking closely to the sample w2k3 PAC in our torture test (and some more in my archive)
  I found out that the first uint32 before the netr_SamInfo3 was also a pointer,
  (and we passed a NULL pointer there before, so I think that was the reason why the windows clients doesn't want our PAC)

  w2k3 uses this for unique pointers:

  ptr = ndr->ptr_count * 4;
  ptr |= 0x00020000;
  ndr->ptr_count;

- do one more pull/push round with the sample PAC

metze
(This used to be commit 0eee17941595e9842a264bf89ac73ca66cea7ed5)
2007-10-10 13:19:13 -05:00
Rafal Szczesniak
242fe4d8b9 r8128: Janitor work...
rafal
(This used to be commit 9f0dfafcdeceb23c19686d2163e6ff6e613bd067)
2007-10-10 13:19:12 -05:00
Andrew Tridgell
54fba5b1b8 r8116: demonstrate a little trick that can be used to track down where an
error is coming from. In this case I needed to know where a
NT_STATUS_ACCESS_DENIED was being returned, which is a very common
error, but I needed to know which place in the code was giving it
(This used to be commit 692bb1c8a1428917ed6c516d02524c2f76157181)
2007-10-10 13:19:10 -05:00
Andrew Tridgell
934831686c r8115: added support for 2 more dos error codes found during testing
(This used to be commit 97cb70571377e3b4e5eb0b7ca516e4af349fdfea)
2007-10-10 13:19:10 -05:00
Andrew Tridgell
67a777a0e5 r8113: this should fix the build on systems without heimdal
(This used to be commit 980c09cfca1744c35eb284c7177709fedba073dc)
2007-10-10 13:19:09 -05:00
Andrew Tridgell
950f662484 r8111: fixed the client library to work against w2k3 with nt status codes
disabled. The main change is to turn off spnego, which cannot work at
all without nt status codes (w2k3 gives a ERRHRD:ERRgeneral error when
you try)

I also modified NT_STATUS_EQUAL() to allow for nt->dos code equality,
but only when nt status codes are disabled in smb.conf. That keeps all
the existing torture code working, while still allowing us to
correctly catch the cases where forced dos error codes are needed

The dos->ntstatus mapping table has been removed completely, as it
doesn't really make sense, is impossible to get right, and with the
new dos status handling isn't needed. When matching a nt status code
to a dos status code it makes far more sense to map from the nt code
to the dos code and compare, rather than the reverse, as the nt->dos
mapping is what windows has to do internally, so there really is a
valid mapping table.
(This used to be commit f21274e07b361ef40fdc0fe23e96f1c9c63a091c)
2007-10-10 13:19:09 -05:00
Andrew Tridgell
b3383236a2 r8106: the use of a static string for dos error codes was causing problems in
the torture code. To fix this, get rid of dos_errstr() and instead
move the strings into the nt_errstr() table, using cpp to generate the
strings
(This used to be commit 3136ad9634f0a5ab46e4f83e093df87fdd36484d)
2007-10-10 13:19:08 -05:00
Rafal Szczesniak
90046a1de2 r8078: rpc connect function uses structure now.
rafal
(This used to be commit 34592b6a92591122180649de251f2ddc181fe382)
2007-10-10 13:19:06 -05:00
Stefan Metzmacher
88df3c81ee r8050: - make use of more [value()] properties
- the out subcontext's need to have a fixed size of r->in.offered,
  to make windows clients happy

metze
(This used to be commit 054e1ca434b2f81de199eeb41cb6233524fc5779)
2007-10-10 13:19:02 -05:00
Rafal Szczesniak
396074a7fc r7999: Fix lacking structure definition.
rafal
(This used to be commit 6886aefe4c78e3e208eacb3c4b76f1189bd1352a)
2007-10-10 13:18:57 -05:00
Andrew Bartlett
f62a70fe54 r7988: Store the KVNO for the machine account, and set it up in the provision.
Andrew Bartlett
(This used to be commit 90e94a4630c24282cd93ee05e258877b38e24a57)
2007-10-10 13:18:56 -05:00
Andrew Bartlett
2d95bf6da6 r7971: structs.h update
(This used to be commit 31e7df1392f39e170e3d072b8356e746208d0621)
2007-10-10 13:18:55 -05:00
Jelmer Vernooij
66a52992ff r7850: Support mkdir() with just one parameter. Patch from
Steven Edwards <steven_ed4153@yahoo.com>.

I've moved the Win32-specific tests to win32.m4 so it does not
make any of the POSIX configure stuff more complicated.
(This used to be commit bf85fdd01552f75b745fdf3159a7a87cd6521ed2)
2007-10-10 13:18:42 -05:00
Rafal Szczesniak
52f072865d r7733: New io structure for name lookup function.
rafal
(This used to be commit 12b468417da04a2b7ddcacdf224ed7d055f0d3d9)
2007-10-10 13:18:27 -05:00
Andrew Bartlett
5b19286df0 r7690: Move the NT hash generation into the credentials system, rather than
in all the callers.  This also allows us to be more flexible in the
type of password we store.

Andrew Bartlett
(This used to be commit 00b8588c68526e1d86fda0bd81c0b86f690b62c3)
2007-10-10 13:18:23 -05:00
Andrew Bartlett
8a6b60e1e4 r7688: Fix the internal heimdal build - push one #define back to
heimdal_build/config.h

Andrew Bartlett
(This used to be commit 337cb20ac45c95b8a6d0c90dfef4bdac591ba39a)
2007-10-10 13:18:22 -05:00
Andrew Bartlett
dd39c8cedf r7683: The other file from the last commit. And it's include/system/kerberos.h that I'm putting the #defines in...
Andrew Bartlett
(This used to be commit 31f7ec38e63fc86ad7c756de47414152d2809c8f)
2007-10-10 13:18:22 -05:00
Andrew Bartlett
d2c2e0d3b7 r7681: This #define is unused.
Andrew Bartlett
(This used to be commit 2a22f413c9704dbfc3befb819d4183523f75d393)
2007-10-10 13:18:21 -05:00
Andrew Tridgell
44a04d74cd r7668: - setup HAVE_ILDAP to enable the ildap backend in ldb
- fixed a bug in socket_connect_ev()
(This used to be commit 3f77b879a035929a843e02b798d54eba6625bde7)
2007-10-10 13:18:20 -05:00
Stefan Metzmacher
8f85427d6d r7643: This patch adds a new NTPTR subsystem:
- this is an abstraction layer for print services,
  like out NTVFS subsystem for file services

- all protocol specific details are still in rpc_server/spoolss/
  - like the stupid in and out Buffer handling
  - checking of the r->in.server_name
  - ...

- this subsystem can have multiple implementation
  selected by the "ntptr providor" global-section parameter

- I currently added a "simple_ldb" backend,
  that stores Printers, Forms, Ports, Monitors, ...
  in the spoolss.db, and does no real printing
  this backend is basicly for testing, how the spoolss protocol
  works

- the interface is just a prototype and will be changed a bit
  the next days or weeks, till the simple_ldb backend can
  handle all calls that are used by normal w2k3/xp clients

- I'll also make the api async, as the ntvfs api
  this will make things like the RemoteFindFirstPrinterChangeNotifyEx(),
  that opens a connection back to the client, easier to implement,
  as we should not block the whole smbd for that

- the idea is to later implement a "unix" backend
  that works like the current samba3 code

- and maybe some embedded print server vendors can write there own
  backend that can directly talk to a printer without having cups or something like this

- the default settings are (it currently makes no sense to change them :-):

ntptr providor = simple_ldb
spoolss database = $private_dir/spoolss.db

metze
(This used to be commit 455b5536d41bc31ebef8290812f45d4a38afa8e9)
2007-10-10 13:18:16 -05:00
Andrew Tridgell
bab977dad7 r7626: a new ldap client library. Main features are:
- hooked into events system, so requests can be truly async and won't
   interfere with other processing happening at the same time

 - uses NTSTATUS codes for errors (previously errors were mostly
   ignored). In a similar fashion to the DOS error handling, I have
   reserved a range of the NTSTATUS code 32 bit space for LDAP error
   codes, so a function can return a LDAP error code in a NTSTATUS

 - much cleaner packet handling
(This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0)
2007-10-10 13:18:14 -05:00
Andrew Tridgell
3e92471d4c r7596: next step in ldap cleanup. I'm aiming to get rid of the cut&pasted
ldif parsing code in libcli/ldap/ldap_ldif.c, and instead use the ldb
ldif code. To do that I have changed the ldap code to use 'struct
ldb_message_element' instead of 'struct ldap_attribute'. They are
essentially the same structure anyway, so by making them really the
same it will be much easier to use the ldb code in libcli/ldap/

I have also made 'struct ldb_val' the same as a DATA_BLOB, which will
simplify data handling in quite a few places (I haven't yet removed
all the code that maps between these two, that will come later)
(This used to be commit 87fc3073392236221a3a6b933284e9e477c24ae5)
2007-10-10 13:18:12 -05:00
Andrew Tridgell
4b0e5bd753 r7527: - added a ldb_search_bytree() interface, which takes a ldb_parse_tree
instead of a search expression. This allows our ldap server to pass
  its ASN.1 parsed search expressions straight to ldb, instead of going
  via strings.

- updated all the ldb modules code to handle the new interface

- got rid of the separate ldb_parse.h now that the ldb_parse
  structures are exposed externally

- moved to C99 structure initialisation in ldb

- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
2007-10-10 13:18:06 -05:00
Andrew Bartlett
2b4791ae73 r7525: Unify lp_load(), load_interfaces and logging setup into popt().
There is now a new --debug-stderr option to enable debug to STDERR.

popt isn't perfect, but the callbacks are used in all the main Samba
binaries, and should be used in the rest.  This avoids duplicated
code, and ensures every binary is setup correctly.

This also ensures the setup happens early enough to have -s function,
and have a correct impact on the credentials code.  (Fixing a bug that
frustrated tridge earlier today).

The only 'subtle' aspect of all this is that I'm pretty sure that the
SAMBA_COMMON popt code must be above the CREDENTIALS code, in the
popt tables.

Andrew Bartlett
(This used to be commit 50f3c2b3a22971f40e0d3a88127b5120bfc47591)
2007-10-10 13:18:06 -05:00
Rafal Szczesniak
c29896d0ae r7490: Rename functions and prefices s/rpc_composite/libnet_rpc/
This makes more clear where the functions belong to. Also
the rule will be that lowercased function names are not
part of "official" libnet API (though it doesn't mean one
absolutely cannot use them).

rafal
(This used to be commit f6ef7b882acc6ee07422944a417a8d9013c9d8d2)
2007-10-10 13:17:59 -05:00
Rafal Szczesniak
ae6907c5c8 r7379: Simplify CreateUser function and io structure. Also, implementing
it based on composite functions. Moving to fully async CreateUser
on the way...

rafal
(This used to be commit 240409bc3cfa1426db15fc0537fcf0841f51ede0)
2007-10-10 13:17:48 -05:00
Andrew Tridgell
bce8cda061 r7352: the internal heimdal build change. This changes quite a few things:
- if you want kerberos now, you need to unpack a lorikeet heimdal
   tree in source/heimdal/. If source/heimdal/ does not exist at
   configure time then all kerberos features are disabled. You cannot
   use an external kerberos library for now. That may change later.

 - moved lib/replace/ config stuff to lib/replace/ and create a
   lib/replace/replace.h. That allows the heimdal build to use our
   portability layer, and prevenets duplicate definitions of functions
   like strlcat()

 - if you do enable heimdal, then you will need to do 'make
   HEIMDAL_EXTERNAL' before you build Samba. That should be fixed once
   I explain the problem to jelmer (the problem is the inability to
   set a depend without also dragging in the object list of the
   dependency. We need this for building the heimdal asn1 compiler and
   et compiler.

 - disabled all of the m4 checks for external kerberos libraries. I
   left them in place in auth/kerberos/, but disabled it in
   configure.in

some of the heimdal_build/ code is still very rough, for example I
don't correctly detect the correct awk, flex, bison replacements for
heimdal_build/build_external.sh. I expect to fix that stuff up over
the next few days.
(This used to be commit d4648249b2c7fc8b5e7c0fc8d8f92ae043b5691f)
2007-10-10 13:17:45 -05:00
Stefan Metzmacher
9a831a3963 r7328: fix GetPrinterData and SetPrinterData, with zero length subcontexts
metze
(This used to be commit 73d597bacf83492ed3da2307dd6785548b903b39)
2007-10-10 13:17:42 -05:00
Andrew Tridgell
bf1ffa283c r7294: implemented the irpc messaging system. This is the core of the
management system I proposed on samba-technical a couple of days
ago. Essentially it is a very lightweight way for any code in Samba to
make IDL based rpc calls to anywhere else in the code, without the
client or server having to go to the trouble of setting up a full rpc
service.

It can be used with any of our existing IDL, but I expect it will
mostly be used for a new set of Samba specific management calls.

The LOCAL-IRPC torture test demonstrates how it can be used by calling
the echo_AddOne() call over this transport.
(This used to be commit 3d589a09954eb8b318f567e1150b0c27412fb942)
2007-10-10 13:17:37 -05:00
Derrell Lipman
a1ba224107 r7276: - moved static tdb function ltdb_dn_fold() into common/ so that it can be
called from multiple backends.  (ldb_sqlite3 needs it too.)  Added parameter
  for a callback function that determines whether an attribute needs case
  folding.
- begin to prepare for sqlite3 in build process
- work-in-progress updates, on ldb_sqlite3
(This used to be commit a80bced0b96ffb655559a43cf7f4d7a34deb5a7d)
2007-10-10 13:17:35 -05:00
Tim Potter
6bf9b5cd9a r7253: Fix build.
(This used to be commit 54ff16b9a198237999cedd973cced70a62f03418)
2007-10-10 13:17:32 -05:00
Rafal Szczesniak
af61fb8771 r7251: Initial work on composite domain open call.
rafal
(This used to be commit be3b283b20af0b17d8c9711f362b63b881ffbc1c)
2007-10-10 13:17:31 -05:00
Jelmer Vernooij
77c3d463c8 r7248: Remove enum that is causing trouble on AIX
(This used to be commit 512536c9165eb4a630c8bf4e43e71def26006047)
2007-10-10 13:17:31 -05:00
Andrew Bartlett
51fc684227 r7221: Add the start of a KDC service (to be built on a 'libkdc' from a to be
included Heimdal) to Samba4.

Andrew Bartlett
(This used to be commit 51ba3ea60c265b837821b6c3e031dfe229c10d6a)
2007-10-10 13:17:27 -05:00
Stefan Metzmacher
6dd757005a r7183: add some forward declarations ...
metze
(This used to be commit e9f30ad69800a9858676c467f7f12aceff693358)
2007-10-10 13:17:24 -05:00
Andrew Tridgell
1511cde44c r7002: added support for getting at loadparm config parameters via lpGet() in esp scripts
lpGet takes 4 forms
    v = lpGet("type:parm");             gets a parametric variable
    v = lpGet("share", "type:parm");    gets a parametric variable on a share
    v = lpGet("parm");                  gets a global variable
    v = lpGet("share", "parm");         gets a share variable

in all cases a ejs object of the appropriate type for the variable is returned.

This commit also adds the function typeof() which returns the type of an object
(This used to be commit 5537a0d38d4805cbc2dad0d6f76db15173b1fd60)
2007-10-10 13:17:04 -05:00
Andrew Tridgell
7e58231952 r6982: install the swat pages with 'make installswat'
(This used to be commit 31543e1eae03d22343ea8c970494af36eb07b41f)
2007-10-10 13:17:02 -05:00
Andrew Tridgell
d70912a26a r6981: first version of the builtin web server for Samba4
This includes an embedded server side scripting system called 'esp'
(see http://www.appwebserver.org/products/esp/esp.html) and javascript
based scripting language called 'esj' (see
http://www.appwebserver.org/products/ejs/ejs.html)

The justification for including this scripting language is that it
should make it much easier to write a high quality web interface for
Samba4. The scripting language can call into any Samba4 library code
(so for example it will be able to make ldb and loadparm calls), plus
it provides easy support for forms, cookies, sessions etc.

There is still quite a bit more work to do on the web server, but
there is enough here now for people to look at and comment. I will be
committing some sample web pages that test esp functionality shortly.
(This used to be commit 26f0ba92c0c565ac9e4cb5a079d795d4262497dd)
2007-10-10 13:17:01 -05:00
Rafal Szczesniak
d516fa53aa r6963: Further definitions for share manipulation code. Untested.
Original patch provided by Gregory Leocadie <gleocadie@idealx.com>

rafal
(This used to be commit eb83a8210a939a0512f505a283148898ba6eceb1)
2007-10-10 13:17:00 -05:00
Andrew Bartlett
2a01014f8f r6879: Another attempt at including the 'right' kerberos headers on
dual-install systems.

Andrew Bartlett
(This used to be commit efc24f1a4592270634dca253689c1b54e154d8b8)
2007-10-10 13:16:53 -05:00
Andrew Bartlett
fc748e650f r6811: Another attempt at better kerberos/gssapi headers.
Andrew Bartlett
(This used to be commit f4b7484516b956baabb3eba3f233da29fc101100)
2007-10-10 13:16:46 -05:00
Andrew Bartlett
3a9c42c033 r6806: Try again to fix the build on various kerberos libs.
Andrew Bartlett
(This used to be commit 5749b63f171acb99c63bfe24312050b316644082)
2007-10-10 13:16:46 -05:00
Andrew Bartlett
1d0e2b9569 r6803: Try to bring in the correct GSSAPI headers for the krb5 mech. This
should allow us to ditch the local static storage for OIDs, as well as
fix the build on non-heimdal platforms.

Andrew Bartlett
(This used to be commit a7e2ecfac9aaacd673e3583b62139e4f4e114429)
2007-10-10 13:16:45 -05:00
Andrew Bartlett
5c6dd5e800 r6800: A big GENSEC update:
Finally remove the distinction between 'krb5' and 'ms_krb5'.  We now
don't do kerberos stuff twice on failure.  The solution to this is
slightly more general than perhaps was really required (as this is a
special case), but it works, and I'm happy with the cleanup I achived
in the process.  All modules have been updated to supply a
NULL-terminated list of OIDs.

In that process, SPNEGO code has been generalised, as I realised that
two of the functions should have been identical in behaviour.

Over in the actual modules, I have worked to remove the 'kinit' code
from gensec_krb5, and placed it in kerberos/kerberos_util.c.

The GSSAPI module has been extended to use this, so no longer requires
a manual kinit at the command line.  It will soon loose the
requirement for a on-disk keytab too.

The general kerberos code has also been updated to move from
error_message() to our routine which gets the Heimdal error string
(which may be much more useful) when available.

Andrew Bartlett
(This used to be commit 0101728d8e2ed9419eb31fe95047944a718ba135)
2007-10-10 13:16:45 -05:00