IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
As we try to provide POSIX function, we should use const like all other
POSIX function.
Signed-off-by: Andreas Schneider <anschneider@suse.de>
Signed-off-by: Derrell Lipman <derrell.lipman@unwireduniverse.com>
(This used to be commit 36e5df5954)
Brian Sheehan provided a nice patch intended for the 3.0 code base. This
commit applies a similar patch for the 3.3 code base. It adds a new public
function to libsmbclient -- smbc_set_credentials() -- that may be called from
the authentication callback when DFS referrals are in use.
Derrell
(This used to be commit 888f922bd0)
buffers for large read/write - make sure we take account of the large
read/write SMB headers as well as the buffer space.
Jeremy.
(This used to be commit 19519bca9b)
Win2008 domain (merged from v3-0-test).
commit 8dc4e97977
Author: Steven Danneman <sdanneman@isilon.com>
Date: Wed May 7 13:34:26 2008 -0700
spnego SPN fix when contacting trusted domains
cli_session_setup_spnego() was not taking into consideration the situation
where we're connecting to a trusted domain, specifically one (like W2K8)
which doesn't return a SPN in the NegTokenInit.
This caused two problems:
1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we
were always using our default realm, not the realm of the domain we're
connecting to.
2) When falling back on NTLMSSP for authentication we were passing the name
of the domain we're connecting to for use in our credentials when we should be
passing our own workgroup name.
The fix for both was to split the single "domain" parameter into
"user_domain" and "dest_realm" parameters. We use the "user_domain"
parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN
if none was returned in the NegTokenInit2 packet. If no "dest_realm" is
provided we assume we're connecting to our own domain and use the credentials
cache to build the SPN.
Since we have a reasonable guess at the SPN, I removed the check that defaults
us directly to NTLM when negHint is empty.
(This used to be commit b78b14c88e)
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc5)
This is a different fix than Jeremy put into 3-0-test with 040db1ce85 and other
branches with different hashes. Jeremy, I think your fix led to bug 5436, so I
reverted your fix. This fixes the original problem I found with the transs
requests for large rpc queries in a different way. Please check!
Thanks,
Volker
(This used to be commit c572d537e0)
While storing always a type 29 reply structure in gencache, we are now able to
deliver correct data according to return flags such as DS_RETURN_FLAT_NAME and
DS_RETURN_DNS_NAME out of the cached data from gencache.
Guenther
(This used to be commit c67b6dc0ca)
This allows dsgetdcname to query for a flat, non-dns domain name and
come back with all information about the DC (site names, guid, forest,
etc.) based on a mailslot reply. The version 11 request is downgraded
to version 1 in case we do a query against NT4.
Guenther
(This used to be commit d8b2ff3c87)
This patch is the first iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 59124382d2)
Ignore optional req_flags. Use the Kerberos mechanism OID negotiated
with the client rather than hardcoding OID_KERBEROS5_OLD.
(This used to be commit 59a2bcf30f)
the space taken by the unicode password to be one byte too
long (as we're on an odd byte boundary here). Reduce the
count by 1 to cope with this. Fixes smbclient against NetApp
servers which can't cope. Fix from
bryan.kolodziej@allenlund.com in bug #3840.
Jeremy.
(This used to be commit 1e7e7d86a1)
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8
netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate
flags everywhere (not only when running in security=ads). Only for NT4 we need
to do a downgrade to the returned negotiate flags.
Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6.
Guenther
(This used to be commit 0970369ca0)
current_timestring used to return a string talloced to talloc_tos().
When called by DEBUG from a TALLOC_FREE, this produced messages
"no talloc stackframe around, leaking memory". For example when
used from net conf.
This also adds a temporary talloc context to alloc_sub_basic().
For this purpose, the exit strategy is slightly altered: a common
exit point is used for success and failure.
Michael
(This used to be commit 16b5800d4e)
In winbind, we're using the info3 struct to send it to the winbind client after
netsamlogon_cache_store. Without this info3->base.account_name.string was
prematurely freed.
(This used to be commit aa4377561b)
During my initial plans for, and the subsequent discussion of a more
significant change to the API for libsmbclient, I had removed the
AuthDataWithContext usage, in favor of a more generalized planned interface.
When the API returned to its original state, I neglected to reinsert this
code.
Use of an authentication function with the context can be tested using
examples/libsmbclient/testbrowse -C
Derrell
(This used to be commit 38eab68dfb)
To me it was not clear what parts of struct packet_struct are actually used in
build_packet(). This makes it a bit more clear that only the specific parts are
used.
(This used to be commit eb8b6f2404)
This is the big (and potentially controversial) one. It took a phone call to
explain to metze what is going on inside cli_pull_read_done, but I would really
like everybody to understand this function. It is a very good and reasonably
complex example of async programming. If we want more asynchronism in s3, this
is what we will have to deal with :-)
Make use of it in the smbclient "get" command.
Volker
(This used to be commit 76f9b360ee)
- James suggested using gcc's "deprecated" attribute to mark the context
structure fields to generate warnings. This creates a scenario with the
best of all worlds. I'm able to move to an organization that more easily
allows future enhancements, while avoiding any mandatory changes by
applications. Thanks, James!
- Updated WHATSNEW.txt so that it accurately reflects the current state of
affairs.
Derrell
(This used to be commit a67f96fbe9)
- Ensured that all public functions have documentation in libsmbclient.h
- Reformatted for "proper" indentation
- Re-added temporarily-disabled alternate authentication function capability
Derrell
(This used to be commit 64b7150d92)
Given the tacit (if that) approval by some people, and clear disapproval by
others for my proposed clean-up and reorganization of libsmbclient, I've come
up with a slightly different approach. This commit changes back to the
original libsmbclient.h SMBCCTX structure which will maintain ABI
compatibility. I retain, here, the setter and getter functions which all new
code should use. Older programs already compiled should continue to work
fine. Older programs being recompiled will encounter compile-time errors
(intentionally!) so that the code can be corrected to use the setter/getter
interfaces.
Although this doesn't clean up the interface in the way I had wanted, the code
reorganization and requirement for new programs to use the setters and getters
allows future progress to be made on libsmbclient without further muddying up
the interface, while retaining the ABI compatibility that was the big issue
causing disapproval. I hope that this compromise is adequate.
Derrell
(This used to be commit 56429a3d60)
The libsmbclient interface has suffered from difficulty of improvement and
feature enrichment without causing ABI breakage. Although there were a number
of issues, the primary ones were:
(a) the user of the library would manually manipulate the context structure
members, meaning that nothing in the context structure could change other
than adding stuff at the end;
(b) there were three methods of setting options: setting bits in a flags field
within the context structure, setting explicit options variables within an
options structure in the context structure, and by calling the
smbc_option_set() function;
(c) the authentication callback did not traditionally provide enough
information to the callee which required adding an option for a callback
with a different signature, and now there are requests for even more
information at the callback, requiring yet a third signature and option to
set it (if we implement that feature).
This commit provides a reorganization of the code which fixes (a) and (b).
The context structure is now entirely opaque, and there are setter and getter
functions for manipulating it. This makes maintaining ABI consistency much,
much easier.
Additionally, the options setting/getting has been unified into a single
mechanism using smbc_option_set() and smbc_option_get().
Yet to be completed is a refactoring of the authentication callback (c).
The test programs in examples/libsmbclient have been modified (if necessary;
some applications require no changes at all) for the new API and a few have
been minimally tested.
Derrell
(This used to be commit d4b4bae8de)
Jeremy, in 3.0 we allowed get_mydnsdomname and get_mydnsfullname to fail
without filling in anything useful. Worked fine. Without this patch and a empty
/etc/hosts and no DNS configured, session setup would return
NT_STATUS_BAD_NETWORK_NAME. This is confusing at best, BAD_NETWORK_NAME afaik
is only ever returned from tcon normally.
This restores the 3.0 behaviour.
Comments?
Volker
(This used to be commit 2bd3b7d474)
This is the big (and potentially controversial) one. It took a phone call to
explain to metze what is going on inside cli_pull_read_done, but I would really
like everybody to understand this function. It is a very good and reasonably
complex example of async programming. If we want more asynchronism in s3, this
is what we will have to deal with :-)
Make use of it in the smbclient "get" command.
Volker
(This used to be commit 844a163458)
If I'm not completely blind, we should return here. Not doing it here seems not
to be a major flaw, as far as I can see we're only missing the error code. This
might account for some of the very unhelpful NT_STATUS_UNSUCCESSFUL error
messages people see during joins.
All with stake in Samba client, please check!
(This used to be commit eadd15c936)
Just a small commit to get a handle on this git thingy. This patch
fixes some missing calls to va_end() to match various calls to va_start()
and VA_COPY().
Tim.
(This used to be commit ec367f307d)
Windows. If the requested mode is zero, we instead send the appropriate one
of 0x80 (NORMAL) or 0x10 (DIRECTORY).
Thanks Jeremy!
Derrell
(This used to be commit 54abf7d0e5)
