IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We now (for the first time) start to parse the 'user sensitive info'
field, which reveals the user's NT and LM passwords from Win2k3.
Using this, the 'validate samsync against netlogon' portion of the
tests works for accounts.
Trusted domains and secrets are now retreived, but like users,
require further cross-validation work.
Andrew Bartlett
clear what the correct behaviour is for delayed stat info update.
- use a common torture_setup_dir() function for setting up a test
directory in torture tests.
- Work on server side and local COM support (should work, just no
example classes yet)
- Use vtables so that local and remote calls can be used transparently
- Generate 'proxies and stubs' rather then heavily modified code in client.pm and server.pm. proxies (client side code) are generated in proxy.pm, stubs (server side dispatchers) are generated in stubs.pm
- Support registering classes and interfaces
- DCOM interfaces no longer have to be in the same IDL file as their
base interface, which will allow us to split up dcom.idl
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC,
that will cross-verify all the values.
Add support for the way netlogon credentials are shared between the
pipe that sets up schannel and the pipe that is encrypted with it.
Test this support, by calling both NETLOGON and SAMR operations in the
RPC-SCHANNEL test.
Move some of the Netlogon NEG flags into the .idl, now we have an idea
what a few of them really are.
Rename the sam_pwd_hash into a name that has meaning (all other crypto
functions were renamed in Samba4 ages ago).
Break out NTLMv2 functionality for operation on the NT hash - I intend
to do NTLMv2 logins in the samsync test in future, and naturally I
only have the hash.
Andrew Bartlett
Samba3/OpenLDAP for. For a concrete situation you have to adapt the domain,
pdcname and usernames/passwords. Sorry, not parametrized yet, but this should
be doable if necessary.
Volker
(Hmm, this whole section should be broken out into a new file, I
think).
Add new tests, particularly of the LM key for NTLMv2 responses, and
the (changed, apparently) session key for LMv2 only logins.
Next is to add SAMR modification and cross-validation.
Andrew Bartlett
waiting for a chkpath response
- fixed open async send in BASE-DISCONNECT
with these changes BASE-DISCONNECT crashes Samba4, as it was designed
to do. I'll work on a fix :)
parsing, so that module init can take account of lp_ parms (thats
why gensec:krb5=no wasn't working)
- added a BASE-DISCONNECT torture test that tests server response to
clients disconnecting with open lock and open requests pending
The torture test DCOM-SIMPLE now successfully does an
IStream_Read and a IStream_Write call.
This test can now be run successfully against the "Simple DCOM" Visual
Studio example.
(You have to quote out line 337 in pidl. pidl complains if the variable
that contains the array size follows the array. I still need to fix this
properly)
Next goals:
- Clean up code
- Server side support
- Support custom marshalling
- Support DCOM interfaces in files other then dcom.idl
this test demonstrates how w2k3 handles the special semantics of
DENY_DOS when 2 opens happen on the same connection. The 2nd open
doesn't actually do a NTFS open, it happens as a secondary reference
to the same internal file handle in the CIFS layer. The evidence is
that the 2nd open shares the same POSITION_INFORMATION field as the
first open, but only for the special DENY_DOS cases that would
normally be refused.
Both subsystems and modules can now have init functions, which can be
specified in .mk files (INIT_FUNCTION = ...)
The build system will define :
- SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal
- BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on
This removes the hack with the "static bool Initialised = " and the
"lazy_init" functions
- pvfs now passes BASE-OPENATTR
- pvfs also passes the BASE-DEFER_OPEN test, but it is not a well
formed test for regular running so I am removing it from the list of
tests to run in test_posix.sh (the test is covered better by RAW-MUX
anyway)
This allows potentially NULL pointers to be referenced, without an if ()
for every use. (previously, it would segfault).
Update doco, and allow talloc_unlink to match.
Andrew Bartlett
testing. Interestingly, w2k3 does not allow the cancel of an
outstanding async open request, whereas it does allow the cancel of an
outstanding async lock request. To support this I have changed the
pvfs_wait interface to provide a enum on why the event is happening,
so the callback can decide what to do.
The previous code didn't handle the case where the file got renamed or
deleted while waiting for the sharing violation delay. To handle this
we need to make the 2nd open a full open call, including the name
resolve call etc. Luckily this simplifies the logic.
I also expanded the RAW-MUX test to include the case where we do
open/open/open/close/close, with the 3rd open async, and that open
gets retried after both the first close and the 2nd close, with the
first retry failing and the 2nd retry working. The tests the "async
reply after a async reply" logic in pvfs_open().
- Support for sending over the object UUID in DCERPC calls
- Simple torture test for the DCOM "Simple" object
- Generate extra argument for "object" interfaces in pidl
- Some stubs for common DCOM functions
deferred reply is short-circuited immediately when the file is
closed by another user, allowing it to be opened by the waiting user.
- added a sane set of timeval manipulation routines
- converted all the events code and code that uses it to use struct
timeval instead of time_t, which allows for microsecond resolution
instead of 1 second resolution. This was needed for doing the pvfs
deferred open code, and is why the patch is so big.
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
total include lines in compiling C files in Samba (the .gch file is
now 5M instead of 12M)
This also gets rid of the silly gtk compile warning for non-gtk code
I have created the include/system/ directory, which will contain the
wrappers for the system includes for logical subsystems. So far I have
created include/system/kerberos.h and include/system/network.h, which
contain all the system includes for kerberos code and networking code.
These are the included in subsystems that need kerberos or networking
respectively.
Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C
file, instead each C module includes the include/system/XXX.h file for
the logical system support it needs, and the details are kept isolated
in include/system/
This patch also creates a "struct ipv4_addr" which replaces "struct
in_addr" in our code. That avoids every C file needing to import all
the system networking headers.
the DCOM calls are wrappers around several local calls, so you get things like:
WERROR foobar ( [in] int num_ifaces,
[in,size_is(num_ifaces)] IID *ifaces,
[out,size_is(num_ifaces)] WERROR *results);
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.
This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
Add torture test for RemoteActivation
The request is now send correctly and we get back a valid response
from Windows but r->in.Interfaces is set to 0 somewhere while parsing
the response...
- added new tests BASE-NTDENY1 and BASE-NTDENY2. These are the
ntcreatex equivalents of the BASE-DENY1 and BASE-DENY2
tests. Unfortunately, with ntcreatex there are 4 million combination
and trying each one takes 1 second, so randomised testing is the
only choice. The BASE-DENY1 test can operate in parallel with
hundreds of connections, speeding things up a bit (as most time is
spent waiting 1 second for a sharing violation to come back)
them properly (they are difficult to do in an async fashion).
By choosing trans.in.max_data to fix in the negotiated buffer size a
server won't send us multi-part replies.
I notice that windows seems to avoid them too :)
rather extensive test reveals some really bizarre error code
handling in w2k3.
- extended and simplified the RAW-CHKPATH test, making it easier to
read (note that Samba3 fails the new tests - jra may wish to look)
- marked RAW-CHKPATH as pass for pvfs
rather than doing everything itself. This greatly simplifies the
code, although I really don't like the socket_recv() interface (it
always allocates memory for you, which means an extra memcpy in this
code)
- fixed several bugs in the socket_ipv4.c code, in particular client
side code used a non-blocking connect but didn't handle EINPROGRESS,
so it had no chance of working. Also fixed the error codes, using
map_nt_error_from_unix()
- cleaned up and expanded map_nt_error_from_unix()
- changed interpret_addr2() to not take a mem_ctx. It makes absolutely
no sense to allocate a fixed size 4 byte structure like this. Dozens
of places in the code were also using interpret_addr2() incorrectly
(precisely because the allocation made no sense)
- auto-cleanup old searches that the client forgot to close (common with old searches)
- expanded the RAW-SEARCH test to test more than 256 old searches, and
old search rewind (w2k3 fails this - it appears to not support rewind
on old style searches)
field. Add torture test for setting this feild - including all the
odd cases (not all the flags 'stick', and not others cannot be
removed).
Seperate the two 'password change' flags, and test them both in the
torture code.
Check that the password did change after every password set call.
Andrew Bartlett
- added a pvfs_lock_close_pending() hook to remove pending locks on file close
- fixed the private ptr argument to messaging_deregister() in pvfs_wait
- fixed a bug in continuing lock requests after a lock that is blocking a pending lock is removed
- removed bogus brl_unlock() call in lock continue
- corrected error code for LOCKING_ANDX_CHANGE_LOCKTYPE
- expanded the lock cancel test suite to test lock cancel by unlock and by close
- added a testsuite for LOCKING_ANDX_CHANGE_LOCKTYPE
This adds a pvfs_wait_message() routine which uses the new messaging
system, event timers and talloc destructors to give a nice generic
async event handling system with a easy to use interface. The
extensions to pvfs_lock.c are based on calls to pvfs_wait_message()
routines.
We now pass all of our smbtorture locking tests, although while
writing this code I have thought of some additonal tests that should
be added, particularly for lock cancel operations. I'll work on that
soon.
This commit also extends the smbtorture lock tests to test the rather
weird 0xEEFFFFFF locking semantics that I have discovered in
win2003. Win2003 treats the 0xEEFFFFFF boundary as special, and will
give different error codes on either side of it. Locks on both sides
are allowed, the only difference is which error code is given when a
lock is denied. Anyone like to hazard a guess as to why? It has
me stumped.
full. This means callers can just "send and forget" rather than
having to check for a temporary failure. The mechanism takes nice
advantage of the timed events handling is our events code. A message
will only fail now if we completely run out of some resource (such
as memory).
- changed the test code not to do retries itself, but only to warn on real failures
- added the new messaging system, based on unix domain sockets. It
gets over 10k messages/second on my laptop without any socket
cacheing, which is better than I expected.
- added a LOCAL-MESSAGING torture test
excellent, as it means we don't lose any compatibility by also not
giving sorted listings. I was very much afraid that applications had
begun to rely on this (as its guaranteed by w2k NTFS).
no longer mark a non-sorting server as an error
the current ones. It took me three hours to realise that the DCOM standard
contains false protocol numbers (apparently someone converted the protocol
numbers to hex twice, i.e. 13 -> 0c and 14 to 0d). There are no longer
duplicates in the list with protocol numbers now.
string conversion. For RPC, all string conversions are supposed to be
done by the NDR layer, using string flags set in the IDL. The reason
this wasn't working is that I had been too lazy to do the STR_ASCII
string types properly at the NDR layer when initially writing
ndr_basic.c.
This commit fixes the ndr_basic code properly to do all ASCII
varients, by re-using the non-ascii code and a "byte_mul" local
variable. I have also removed the manual string conversion in the SAMR
torture test code.
The motivation for this change was to avoid having to convert to/from
ucs2 strings for so many operations. Doing that was slow, used many
static buffers, and was also incorrect as it didn't cope properly with
unicode codepoints above 65536 (which could not be represented
correctly as smb_ucs2_t chars)
The two core functions that allowed this change are next_codepoint()
and push_codepoint(). These functions allow you to correctly walk a
arbitrary multi-byte string a character at a time without converting
the whole string to ucs2.
While doing this cleanup I also fixed several ucs2 string handling
bugs. See the commit for details.
The following code (which counts the number of occuraces of 'c' in a
string) shows how to use the new interface:
size_t count_chars(const char *s, char c)
{
size_t count = 0;
while (*s) {
size_t size;
codepoint_t c2 = next_codepoint(s, &size);
if (c2 == c) count++;
s += size;
}
return count;
}
which is much clearer and simpler to use. It removes a specific parent
from a pointer, no matter whether that parent is a "reference" or a
direct parent. This gives complete control over the free process.
the % coverage in terms of lines of code of a test suite. I thought a
good first place to start with gcov was the talloc test suite. When I
started the test suite covered about 60% of all lines of code in
talloc.c, and now it covers about 99%. The only lines not covered are
talloc corruption errors, as that would cause smb_panic() to fire.
It will be interesting to try gcov on the main Samba test suite for
smbd. We won't achieve 100% coverage, but it would be nice to get to
90% or more.
I also modified the talloc.c sources to be able to be build standalone, using:
gcc -c -D_STANDALONE_ -Iinlcude lib/talloc.c
that should make it much easier to re-use talloc in other projects
- Several updates to the interface definitions after reading some more of the
specs
- Add Remote Activation interface
- Add body extension uuids
- Add oxidresolve torture test to list
- Make pidl complain about object interfaces that don't inherit from IUnknown
The problem was that the simple "uint_t ref_count;" in a talloc chunk
did not give enough information. It told us that a pointer was
referenced more than once, but it didn't say who it was referenced
by. This means that when the pointer was freed we had no sane way to
clean up the reference.
I have now replaced ref_count with a "refs" list, which means that
references point to the pointer, and the pointer has a linked list of
references. So now we can cleanup from either direction without losing track of anything.
I've also added a LOCAL-TALLOC smbtorture test that tests talloc
behaviour for some common uses.
RPC-SAMR torture test. This closes the samr connection before working
on a open domain handle. The server is supposed to know that the open
domain handle still holds a reference to the connection, so the
connection remains valid even though it has been closed.
taking a context (so when you pass a NULL pointer you end up with
memory in a top level context). Fixed it by changing the API to take a
context. The context is only used if the pointer you are reallocing is
NULL.
rather than manual reference counts
- properly support SMBexit in the cifs and posix backends
- added a logoff method to all backends
With these changes the RAW-CONTEXT test now passes against the posix backend
to get auto-naming of pointers very cheaply.
- fixed a couple of memory leaks found with the new tricks
A typical exit report for smbd is now:
talloc report on 'null_context' (total 811 bytes in 54 blocks)
auth/auth_sam.c:334 contains 20 bytes in 1 blocks
struct auth_serversupplied_info contains 498 bytes in 33 blocks
UNNAMED contains 8 bytes in 1 blocks
lib/data_blob.c:40 contains 16 bytes in 1 blocks
iconv(CP850,UTF8) contains 61 bytes in 4 blocks
iconv(UTF8,CP850) contains 61 bytes in 4 blocks
iconv(UTF8,UTF-16LE) contains 67 bytes in 4 blocks
iconv(UTF-16LE,UTF8) contains 67 bytes in 4 blocks
UNNAMED contains 13 bytes in 1 blocks
which is much better than before
The intial motivation for this commit was to merge in some of the
bugfixes present in Samba3's chrcnv and string handling code into
Samba4. However, along the way I found a lot of unused functions, and
decided to do a bit more...
The strlen_m code now does not use a fixed buffer, but more work is
needed to finish off other functions in str_util.c. These fixed
length buffers hav caused very nasty, hard to chase down bugs at some
sites.
The strupper_m() function has a strupper_talloc() to replace it (we
need to go around and fix more uses, but it's a start). Use of these
new functions will avoid bugs where the upper or lowercase version of
a string is a different length.
I have removed the push_*_allocate functions, which are replaced by
calls to push_*_talloc. Likewise, pstring and other 'fixed length'
wrappers are removed, where possible.
I have removed the first ('base pointer') argument, used by push_ucs2,
as the Samba4 way of doing things ensures that this is always on an
even boundary anyway. (It was used in only one place, in any case).
original core level calls). The old code was completely wrong in many respects.
also fixed the EA_SIZE level in the server
extended the RAW-SEARCH test suite to test the new code properly
have the handle type implied by the parameter name. There are four
types of handle: connect, domain, user and group handles. The
various samr_Connect functions return a connect handle, and the
samr_OpenFoo functions return a foo handle.
There is one exception - the samr_{Get,Set}Security function can
take any type of handle.
Fix up all C callers.
now do these two calls successfully against w2k3.
note that you must use ncacn_ip_tcp, and must enable dcerpc sealing,
otherwise w2k3 refuses the first DRSUAPI call.
This means that 'require NTLMv2 session security' now works for RPC
pipe signing. We don't yet have sealing, but it can't be much further.
This is almost all tridge's code, munged into a form that can work
with the GENSEC API.
This commit also includes more lsakey fixes - that key is used for all
DCE-RPC level authenticated connections, even over CIFS/ncacn_np.
No doubt I missed something, but I'm going to get some sleep :-)
Andrew Bartlett
passwords - where the LM hash is invalid.
Also, we now drive all the logon levels and validation levels from the
outer loop, so we can check the expected return values (rather than
overwriting them).
Andrew Bartlett
encryption on ncacn_ip_tcp is a fixed buffer! I don't yet know what
the buffer is, but this code proves its the same buffer for different
w2k3 servers and different user passwords, plus it is independent of
the negotiated NTLMSSP session key.
I had previously thought this was unnecessary, as windows doesn't use
standards compliant UTF-16, and for filesystem operations treats bytes
as UCS-2, but Bjoern Jacke has pointed out to me that this means we
don't correctly store extended UTF-16 characters as UTF-8 on
disk. This can be seen with (for example) the gothic characters with
codepoints above 64k.
This commit also adds a LOCAL-ICONV torture test that tests the first
1 million codepoints against the system iconv library, and tests 5
million random UTF-16LE buffers for identical error handling to the
system iconv library.
the lib/iconv.c changes need backporting to samba3
generate a separate *_send() async function for every RPC call, and
there is a single dcerpc_ndr_request_recv() call that processes the
receive side of any rpc call. The caller can use
dcerpc_event_context() to get a pointer to the event context for the
pipe so that events can be waited for asynchronously.
The only part that remains synchronous is the initial bind
calls. These could also be made async if necessary, although I suspect
most applications won't need them to be.
this means -U DOM\\user is know allowed
- torture:userdomain is a new smb.conf parameter
because lp_workgroup is not the domain of the user
- we use torture:userdomain now in the tests instad of lp_workgroup
- for backward compat the userdomain is lp_workgroup() by default and
not lp_netbios_name(), which my change later to match 'net' and 'smbclient'..
- we now have dublicate options e.g. -N -s ...
tridge: can we change this?
metze
You should never pass a non-constant string as a format for a printf()
function - it could contain printf macros, and these need to be
checked.
Andrew Bartlett
This version does the following:
1) talloc_free(), talloc_realloc() and talloc_steal() lose their
(redundent) first arguments
2) you can use _any_ talloc pointer as a talloc context to allocate
more memory. This allows you to create complex data structures
where the top level structure is the logical parent of the next
level down, and those are the parents of the level below
that. Then destroy either the lot with a single talloc_free() or
destroy any sub-part with a talloc_free() of that part
3) you can name any pointer. Use talloc_named() which is just like
talloc() but takes the printf style name argument as well as the
parent context and the size.
The whole thing ends up being a very simple piece of code, although
some of the pointer walking gets hairy.
So far, I'm just using the new talloc() like the old one. The next
step is to actually take advantage of the new interface
properly. Expect some new commits soon that simplify some common
coding styles in samba4 by using the new talloc().
handle connections using the IP as the server name, while not trying
for NBT name resolution on names like "192" and "192.168.1.2".
also removed the ip address argument to smbcli_socket_connect() as it
isn't used and doesn't really make sense.
