IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
taking a context (so when you pass a NULL pointer you end up with
memory in a top level context). Fixed it by changing the API to take a
context. The context is only used if the pointer you are reallocing is
NULL.
(This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
plus removed unused ndr_pull_relative() function
once volker commits a test for this I'll be able to ensure it really works as expected
(This used to be commit 8ffe136ad2be52f3504d73ead0785c9c5f5d8770)
for this struct and all sub-structures to be like spoolss relative
pointers (where offset is relative to current position).
volker will test this for me :)
(This used to be commit bd45329a3fb55a5d9f006ad601ae26a80b9a563f)
generate a separate *_send() async function for every RPC call, and
there is a single dcerpc_ndr_request_recv() call that processes the
receive side of any rpc call. The caller can use
dcerpc_event_context() to get a pointer to the event context for the
pipe so that events can be waited for asynchronously.
The only part that remains synchronous is the initial bind
calls. These could also be made async if necessary, although I suspect
most applications won't need them to be.
(This used to be commit f5d004d8eb8c76c03342cace1976b27266cfa1f0)
This version does the following:
1) talloc_free(), talloc_realloc() and talloc_steal() lose their
(redundent) first arguments
2) you can use _any_ talloc pointer as a talloc context to allocate
more memory. This allows you to create complex data structures
where the top level structure is the logical parent of the next
level down, and those are the parents of the level below
that. Then destroy either the lot with a single talloc_free() or
destroy any sub-part with a talloc_free() of that part
3) you can name any pointer. Use talloc_named() which is just like
talloc() but takes the printf style name argument as well as the
parent context and the size.
The whole thing ends up being a very simple piece of code, although
some of the pointer walking gets hairy.
So far, I'm just using the new talloc() like the old one. The next
step is to actually take advantage of the new interface
properly. Expect some new commits soon that simplify some common
coding styles in samba4 by using the new talloc().
(This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
in pidl. This mechanism should be much easier to extend to the
"retrospective subcontexts" that jelmer needs.
also produced more standards complient full-pointer offsets. This
keeps ethereal happy with decoding our epmapper frames.
(This used to be commit ecb7378bbcd86727aedfa04a9e302e06b0a2ccd9)
like normal pointers in most cases. This means we can now support
relative pointers to unions, builtin types etc, whereas we could only
previously support relative pointers to structures.
metze needs this for the PAC decoding.
(This used to be commit 0d063725e12f51375b7d0be55a19072a9a54e7e6)
simpler. This doesn't appear to hurt any of the existing uses of
[relative], but fixes its use for svcctl that jelmer is working on.
(This used to be commit 573f56a44785526d15c0179c5bbdab4c8b9461f1)
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
which the offset applies to. In an array of structures containing
relative members, the offset applies to the start of the array element
being marshalled. Previously, there was no way to access the relevant
structure start as by the time we have hit buffers, the head of the
offset list will be the last structure being marshalled.
Interestingly enough, this makes relstrs go away. I think we thought
they were a special case in samba 3 but it turns out they are just
regular relative elements in the idl. This makes spoolss a lot simpler
than I thought it would be.
I've run the samr and lsa tests and this doesn't seem to break anything.
It looks like security descriptors are the only structures that contain
relative members.
Oh yeah, this will probably require a 'make clean && make' otherwise you
will get bizzare errors.
(This used to be commit d379dcdfd5f41e7cf7668354c3011b8ace190953)
- added server side support for schannel type 23. This allows WinXP to establish a schannel connection
to Samba4 as an ADS DC
- added client side support for schannel type 23, but disabled it as currently the client
code has now way of getting the fully qualified domain name (which is needed)
- report dcerpc faults in the server code in the log
(This used to be commit 55e0b014fe14ca8811b55887208a1c3147ddb0d2)
e.g.
ncacn_np:myserver:[samr,sign,print]
will now enable the packet debugging
and the debugging is not bound anymore to the debuglevel >= 2
in the torture tests
- also the dcesrv_remote module now supports debugging of the packets
use the 'dcerpc_remote:binding' smb.conf parameter.
metze
(This used to be commit 40abf3c584efed7f977ddd688ea064540e5a5b13)
we needed to adjust the alignment of [relative] buffers for this to
work. I wonder if they are always 4 byte aligned?
(This used to be commit 9cd0a0b8b976e62c6da71b7e55cba5b38483620d)
don't cause fragmented pdus (I'll add fragments shortly)
* change data_blob_talloc() to not zero memory when the 2nd argument
is NULL. The zeroing just masks bugs, and can't even allow a DOS
attack
* modified pidl to ensure that [ref] arguments to the out side of
functions are allocated when parsing the in side. This allows rpc
backends to assume that [ref] variables are all setup. Doesn't work
correctly for [ref] arrays yet
* changed DLIST_ADD_END() to take the type instead of a tmp
variable. This means you don't need to declare a silly tmp variable in
the caller
(This used to be commit 46e0a358198eeb9af1907ee2a29025d3ab23b6d1)
* moved ntlmssp code into libcli/auth/, and updated to latest ntlmssp
code from samba3 (thanks Andrew! the new interface is great)
* added signing/ntlmssp support in the dcerpc code
* added a dcerpc_auth.c module for the various dcerpc auth mechanisms
(This used to be commit c18c9b5585a3e5f7868562820c14f7cb529cdbcd)
test suite. The test suite dumps all of the interfaces available on
all pipes. There sure are a lot more interfaces on w2k3 than w2k !
(This used to be commit f94bc079902d725b63155d8d2de5bf408c6e7335)
according to the current IDL taking the data from a file. In
combination with a little hack to ethereal to extract data this is a
quite powerful IDL development tool.
(This used to be commit 229a325c3cf0d4dc1e910ed32e1d7391040aeba1)
I have recoded the core dcerpc packet structures (all the PDUs etc) in
terms of IDL, which means we now use pidl to generate all the code for
handling the most basic dcerpc packets. This is not normally possible
as it isn't completely valid NDR, but pidl has a number of extensions
that make it quite easy.
This also means we get the server side dcerpc
marshalling/unmarshalling code for free.
(This used to be commit 92bcad02587c3c1b31b523ee9fa46658a6cef9ff)
* fixed nested relative offsets in push functions
the spoolss torture test now passes!
(This used to be commit 60ced76160e4f4e2b511ebbeec31130c8ebcdd22)
* don't consider not doing lsa_QueryInfoPolicy level 11 a failure
(w2k3 doesn't have this level, w2k does)
* on a NDR validation failure dump the failed data at level 3
(This used to be commit 9d5078962f0f8aef3360dea4c4774cf8de1fdc26)
* added a NDR validator. The way it works is that when the
DCERPC_DEBUG_VALIDATE_* flags are set the dcerpc system will
perform NDR buffer validation. On sending a request the packet is
first marshalled, then unmarahslled, then marshalled again, and it is
confirmed that the two marshalling results are idential. This
ensures that our pull and push routines are absolutely in sync, so
that we can be very confident that if a routine works in the client
then the corresponding routine must work on the server side. A
similar validation is performed on all replies.
* a result of this change is that pidl is fussier about the [ref]
tag. You can only use it on pointers (which is the only place it
makes sense)
* fixed a basic alignment bug in the push side of the NDR code
* added server side pull/push support. Our dcerpc system is now fully
ready to be used on the server side.
* fixed the relative offset pointer list. It must be traversed in
reverse order on push
* added automatic value setting for the size parameter in outgoing
SdBuf structures.
* expanded the ndr debugging code to always give a message on any
failure
* fixed the subcontext push code
* fixed some memory leaks in smbtorture RPC tests
(This used to be commit 8ecf720206a2eef3f8ea7cbdb1f460664a5dba9a)
interface. We now support an arbitrary set of flags to each parser,
and these can be used to control the string types. I have provided
some common IDL string types in librpc/idl/idl_types.h which needs to
be included in every IDL file.
* added IDL for the endpoint mapper. Added a test suite that enumerates
all endpoints on the server.
(This used to be commit d2665f36a75b482ff82733f72ffac938c2acf87a)
debug level 2 or above. This is more useful for checking that
something hasn't broken without swamping yourself with output.
(This used to be commit 53ff3a572a23c2f45c5d503255bc6b535ca99134)
alignment correctly for unions that have non-uint16 discriminants
fixed the union handling in srvsvc.idl. (metze, please take a look at
the changes, your IDL did match what was one the wire in most cases,
but isn't the way IDL is usually coded)
(This used to be commit 7b5d0287298e8505e0ec7b22d75d9f9a8a610031)
number of "magic" add-ons to IDL to make it less painful, hopefully
this will make IDL generation useful for horrible systems like spoolss
(This used to be commit e18dba7d5a957ef82e8f91733a0bf95d579dcd7a)
