IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
change was in the ldb_msg_add_*() routines, which now use the msg as a context,
and thus it needs to be a talloc ptr)
(This used to be commit 1a4713bfd0)
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2)
all this fixes a lot of gcc-4 warnings
metze
(This used to be commit b94f92bc66)
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and
SEC_RIGHTS_FULL_CONTROL, which are just other names for
SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names
match the new naming conventions in security.idl
Also added names for the generic->specific mappings for files are
directories
(This used to be commit 17a4e0b3ac)
- removed the clitar code. It is unmaintained, and a horribly badly done hack
- removed client.h as it contained mostly unused definitions
- removed the unused clidfs.c code
(This used to be commit 31a7bddbb3)
definitions for security access masks, in security.idl
The previous definitions were inconsistently named, and contained many
duplicate and misleading entries. I kept finding myself tripping up
while using them.
(This used to be commit 01c0fa722f)
clear what the correct behaviour is for delayed stat info update.
- use a common torture_setup_dir() function for setting up a test
directory in torture tests.
(This used to be commit f7fb34715b)
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC,
that will cross-verify all the values.
Add support for the way netlogon credentials are shared between the
pipe that sets up schannel and the pipe that is encrypted with it.
Test this support, by calling both NETLOGON and SAMR operations in the
RPC-SCHANNEL test.
Move some of the Netlogon NEG flags into the .idl, now we have an idea
what a few of them really are.
Rename the sam_pwd_hash into a name that has meaning (all other crypto
functions were renamed in Samba4 ages ago).
Break out NTLMv2 functionality for operation on the NT hash - I intend
to do NTLMv2 logins in the samsync test in future, and naturally I
only have the hash.
Andrew Bartlett
(This used to be commit 6e6cc6fb98)
RPC-SAMLOGON of their own.
I have expanded the tests to validate the use of various flags, which
change some of the crypto behaviour.
Andrew Bartlett
(This used to be commit 3a140a3691)
Samba3/OpenLDAP for. For a concrete situation you have to adapt the domain,
pdcname and usernames/passwords. Sorry, not parametrized yet, but this should
be doable if necessary.
Volker
(This used to be commit 02f5205872)
parsing, so that module init can take account of lp_ parms (thats
why gensec:krb5=no wasn't working)
- added a BASE-DISCONNECT torture test that tests server response to
clients disconnecting with open lock and open requests pending
(This used to be commit 5205f598b8)
this test demonstrates how w2k3 handles the special semantics of
DENY_DOS when 2 opens happen on the same connection. The 2nd open
doesn't actually do a NTFS open, it happens as a secondary reference
to the same internal file handle in the CIFS layer. The evidence is
that the 2nd open shares the same POSITION_INFORMATION field as the
first open, but only for the special DENY_DOS cases that would
normally be refused.
(This used to be commit eeec57d4f6)
Both subsystems and modules can now have init functions, which can be
specified in .mk files (INIT_FUNCTION = ...)
The build system will define :
- SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal
- BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on
This removes the hack with the "static bool Initialised = " and the
"lazy_init" functions
(This used to be commit 7a8244761b)
- Support for sending over the object UUID in DCERPC calls
- Simple torture test for the DCOM "Simple" object
- Generate extra argument for "object" interfaces in pidl
- Some stubs for common DCOM functions
(This used to be commit c052f2e1ed)
deferred reply is short-circuited immediately when the file is
closed by another user, allowing it to be opened by the waiting user.
- added a sane set of timeval manipulation routines
- converted all the events code and code that uses it to use struct
timeval instead of time_t, which allows for microsecond resolution
instead of 1 second resolution. This was needed for doing the pvfs
deferred open code, and is why the patch is so big.
(This used to be commit 0d51511d40)
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42)
total include lines in compiling C files in Samba (the .gch file is
now 5M instead of 12M)
This also gets rid of the silly gtk compile warning for non-gtk code
(This used to be commit 8ebd20cf55)
Add torture test for RemoteActivation
The request is now send correctly and we get back a valid response
from Windows but r->in.Interfaces is set to 0 somewhere while parsing
the response...
(This used to be commit cabec03422)
- added new tests BASE-NTDENY1 and BASE-NTDENY2. These are the
ntcreatex equivalents of the BASE-DENY1 and BASE-DENY2
tests. Unfortunately, with ntcreatex there are 4 million combination
and trying each one takes 1 second, so randomised testing is the
only choice. The BASE-DENY1 test can operate in parallel with
hundreds of connections, speeding things up a bit (as most time is
spent waiting 1 second for a sharing violation to come back)
(This used to be commit b95493d3d1)
- made idtree return a "struct idr_context *" instead of a void*
- more efficient idr_remove for ids that are not present (patch from Jim Houston)
(This used to be commit f8d12d4b4a)
Add local test for testing the functions dcerpc_parse_binding(),
dcerpc_binding_string() and dcerpc_binding_build_tower()
(This used to be commit 7a07c2c769)
- added the new messaging system, based on unix domain sockets. It
gets over 10k messages/second on my laptop without any socket
cacheing, which is better than I expected.
- added a LOCAL-MESSAGING torture test
(This used to be commit 3af06478da)
- Several updates to the interface definitions after reading some more of the
specs
- Add Remote Activation interface
- Add body extension uuids
- Add oxidresolve torture test to list
- Make pidl complain about object interfaces that don't inherit from IUnknown
(This used to be commit 1bb4718328)
The problem was that the simple "uint_t ref_count;" in a talloc chunk
did not give enough information. It told us that a pointer was
referenced more than once, but it didn't say who it was referenced
by. This means that when the pointer was freed we had no sane way to
clean up the reference.
I have now replaced ref_count with a "refs" list, which means that
references point to the pointer, and the pointer has a linked list of
references. So now we can cleanup from either direction without losing track of anything.
I've also added a LOCAL-TALLOC smbtorture test that tests talloc
behaviour for some common uses.
(This used to be commit 911a8d590c)
clashes
metze, please note that the 'val' field in popt is not the default
value, its the integer to switch on in the argument loop.
(This used to be commit 0f3b01beba)
encryption on ncacn_ip_tcp is a fixed buffer! I don't yet know what
the buffer is, but this code proves its the same buffer for different
w2k3 servers and different user passwords, plus it is independent of
the negotiated NTLMSSP session key.
(This used to be commit 05fd38f3cf)
I had previously thought this was unnecessary, as windows doesn't use
standards compliant UTF-16, and for filesystem operations treats bytes
as UCS-2, but Bjoern Jacke has pointed out to me that this means we
don't correctly store extended UTF-16 characters as UTF-8 on
disk. This can be seen with (for example) the gothic characters with
codepoints above 64k.
This commit also adds a LOCAL-ICONV torture test that tests the first
1 million codepoints against the system iconv library, and tests 5
million random UTF-16LE buffers for identical error handling to the
system iconv library.
the lib/iconv.c changes need backporting to samba3
(This used to be commit 756f28ac95)
this means -U DOM\\user is know allowed
- torture:userdomain is a new smb.conf parameter
because lp_workgroup is not the domain of the user
- we use torture:userdomain now in the tests instad of lp_workgroup
- for backward compat the userdomain is lp_workgroup() by default and
not lp_netbios_name(), which my change later to match 'net' and 'smbclient'..
- we now have dublicate options e.g. -N -s ...
tridge: can we change this?
metze
(This used to be commit 4733dcbf5f)
handle connections using the IP as the server name, while not trying
for NBT name resolution on names like "192" and "192.168.1.2".
also removed the ip address argument to smbcli_socket_connect() as it
isn't used and doesn't really make sense.
(This used to be commit 2ce4028842)
deferopen test should probably be ripped out and redone, as it
tests the wrong thing.)
- removed some unused code
- add progress printing to the pipe_number test
- fixed the dir1 test to use deltree rather than trying to re-invent it itself (in a broken manner)
- renamed all of the tests into catagories, so you can now run
BASE-* for the base tests, and BENCH-* for the benchmarks.
(This used to be commit 2e297be5c3)
Rework our random number generation system.
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
This also requires that we start the secrets subsystem, as that is
where the reseed value is stored, for systems without /dev/urandom.
In order to aviod identical streams in forked children, the random
state is re-initialised after the fork(), at the same point were we do
that to the tdbs.
Andrew Bartlett
(This used to be commit b97d3cb2ef)
for DRSUapi (the Active Directory Replication Protocol)
I'll try to fill the idl file as part of a study project
together with some other students...
metze
(This used to be commit 3fc9abcad7)
Initial attempt at RAP server infrastructure. Look at rap_server.c for the
dummy functions that are supposed to implement the core functionality.
ipc_rap.c contains all the data shuffling. _rap_shareenum and _rap_serverenum2
in ipc_rap.c are (I think) regular enough to be auto-generated.
I did not test all the corner cases yet, but nevertheless I would like some
comments on the general style.
Volker
P.S: samba-3 smbclient now doesn't freak out anymore, although the results are
not entirely correct :-)
(This used to be commit 08140cc1a8)
we'll try to autogenerate the specific calls in future by pidl
and create a new subsystem for the rap lib
after that the server side will be added
metze
(This used to be commit f1bbde6bb4)
This has found some signing errors in the Samba3.0 implementation
of the deferred open code. Still working on these...
Jeremy
(This used to be commit 0068cb12ef)
multiple torture tests to temporarily join a domain
- fixed a session key size problem
- added a schannel test suite
- allow schannel to work with ncacn_ip_tcp
(This used to be commit 36f05e4d57)
Samba's NTLMSSP code is now fully talloc based, which should go a long
way to cleaning up the memory leaks in this code. This also avoids a
lot of extra copies of data, as we now allocate the 'return' blobs on
a caller-supplied context.
I have also been doing a lot of work towards NTLM2 signing and
sealing. I have this working for sealing, but not for the verifier
(MD5 integrity check on the stream) which is still incorrect.
(I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the
data arrives intact, but the signature check fails. It does however
match the test values I have...).
The new torture test is cludged in - when we get a unit test suite
back, I'll happliy put it in the 'right' place....
Andrew Bartlett
(This used to be commit 399e2e2b11)
Believe it or not, w2k3 returns ERRSRV:ERRbaduid DOS error code if you pass in
a wrong vuid. We (Samba 3) currently return NT_STATUS_NETWORK_ACCESS_DENIED.
Volker
(This used to be commit 37221b81f1)
- added a CHARSET set of tests, which determines how the server deals
with some specific charset issues related to UTF-16
support. Interestingly, Samba3 already passes all but one of these
tests, because our incorrect UCS-2 and UTF-8 implementations where we
don't check the validity of characters actually matches what Windows
does! This means that adding UTF-16 support to Samba is going to be
_much_ easier than we expected.
(This used to be commit c8497a4236)
this option takes a filename containing a list of UNC names. When
supplied to a torture test that uses multiple client connections the
test will distribute the load across the listed UNC names. This allows
you to use NBENCH effectively against a server that has multiple IP
addresses, and spread the load among them.
(This used to be commit e0d9502aa2)
- more accurate request simulation using Samba4 raw client library
- now checks for correct status on all requests
- timelimit based benchmarking, default of 600 seconds
(This used to be commit a46c009c04)
hundreds of idle connections to the server, which can be used to
simulate environments with large numbers of idle connections.
(This used to be commit cfce9458a2)
smbtorture to use the new interface.
Part 2 will be to eliminate cli_state from smbtorture as this is now
the only place where it is used.
(This used to be commit db1cc96af6)
server endpoints. We can now successfully setup listening endpoints on
high ports, then use our endpoint mapper redirect incoming clients to
the right port.
also greatly cleanup the rpc over tcp session handling.
(This used to be commit 593bc29bbe)
a pipe. I'm not sure how possible this will be without lots of human
intervention, but its an interesting thing to try.
(This used to be commit d5afe7c6a8)
uuid 82273fdc-e32a-18c3-3f78-827929dc23ea version 0x0000:0x0000 'eventlog'
24 calls available
WARNING: local IDL defines 4 calls
when all the WARNINGs are gone then we know we have all the calls :)
(This used to be commit f5821b2468)
* moved ntlmssp code into libcli/auth/, and updated to latest ntlmssp
code from samba3 (thanks Andrew! the new interface is great)
* added signing/ntlmssp support in the dcerpc code
* added a dcerpc_auth.c module for the various dcerpc auth mechanisms
(This used to be commit c18c9b5585)
test suite. The test suite dumps all of the interfaces available on
all pipes. There sure are a lot more interfaces on w2k3 than w2k !
(This used to be commit f94bc07990)
* allow us to distinguish between null arrays and zero length arrays,
by making the allocation size a minimum of 1 on array pull
(This used to be commit 11c0fe548e)
interface. We now support an arbitrary set of flags to each parser,
and these can be used to control the string types. I have provided
some common IDL string types in librpc/idl/idl_types.h which needs to
be included in every IDL file.
* added IDL for the endpoint mapper. Added a test suite that enumerates
all endpoints on the server.
(This used to be commit d2665f36a7)
I think this is our first complete pipe for Samba4 (albeit a simple
one). Of course, there may be lots more info levels that Samba3 didn't
do. Time to explore :)
(This used to be commit 3305226140)
cope with servers that return bogus (too large) values in max_xmit
cope with a couple more error conditions in RAW-SFILEINFO
better startup time heuristics in NBENCH
(This used to be commit 89f7261ba5)