IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
sequence, with a 2-millisecond timeout between firing the syn packets. Build
smbcli_sock_connect_send upon that.
Volker
(This used to be commit 5718df44d9)
I'm sure this will not be the final resting place, but it will do for
now.
Use the cracknames code in auth/ for creating a server_info given a
principal name only (should avoid assumtions about spliting a
user@realm principal).
Andrew Bartlett
(This used to be commit c9d5d8e45d)
first. And if a request is being processed, queue it. This correctly survived
3 endless loops with wbinfo's doing different things while starting up smbd.
The number of indirections starts to become a bit scary, but what can you do
without a decent programming language that provides closures :-)
One thing that we might consider is to auto-generate async rpc requests that
return composite_context structs instead of rpc_requests. Otherwise I'd have
to write a lot of wrappers like composite_netr_LogonSamLogon_send.
The alternative would be to write two versions of wb_queue_domain_send which I
would like to avoid. This is cluttered enough already.
Volker
(This used to be commit 66c1b674f9)
fix the build for changes from SAMBA_4_0 branch
metze
r10541@SERNOX: metze | 2005-09-27 15:05:33 +0200
use a transaction when we allocate a new version
metze
r10549@SERNOX: metze | 2005-09-27 18:58:37 +0200
- add first start of wins pull replication
- we not yet apply records to our database but we fetch them correct form our partners
(we need conflict handling for this)
- we also need to filter out our own records!
metze
r10568@SERNOX: metze | 2005-09-28 11:33:04 +0200
move composite helpers to a seperate file, create a a seperate file for the conflict resolving logic
metze
r10571@SERNOX: metze | 2005-09-28 12:00:17 +0200
add forward declarations...to fix the build
metze
r10612@SERNOX: metze | 2005-09-29 16:11:06 +0200
we have a nbt_name now, and don't need to parse it
metze
r10614@SERNOX: metze | 2005-09-29 16:38:35 +0200
filter out our own records
metze
r10620@SERNOX: metze | 2005-09-29 18:07:08 +0200
- handle mutliple addresses in WREPL_REPL_SEND_REPLY
- make strings always valid talloc pointers
metze
r10621@SERNOX: metze | 2005-09-29 18:09:41 +0200
use debug level 2
metze
r10622@SERNOX: metze | 2005-09-29 18:48:05 +0200
- add one more debug message when we reply no record
- fix min max logic
metze
r10623@SERNOX: metze | 2005-09-29 20:49:06 +0200
build fixes...
metze
r10629@SERNOX: metze | 2005-09-30 00:11:41 +0200
- use seperate attributes for type, state, nodetype, is_static
... the winserver.c code needs some more updates to correctly,
create special group and multihomed registrations...
metze
r10640@SERNOX: metze | 2005-09-30 04:07:34 +0200
- add some short path for the composite helper functions
they will be used in the next commit
metze
r10642@SERNOX: metze | 2005-09-30 06:29:06 +0200
fix the build
metze
r10655@SERNOX: metze | 2005-09-30 17:36:49 +0200
- implement the WREPL_REPL_UPDATE* and WREPL_REPL_INFORM*
this includes the connection fliping into a client connection
for WREPL_REPL_UPDATE*
NOTE: I not yet found out how to get the w2k server to use INFORM against samba4
it uses inform against w2k and w2k3 but UPDATE against nt4 and samba4
what's left now is to be able to initiate INFORM and UPDATE requests to notify
our pull partners
metze
r10727@SERNOX: metze | 2005-10-05 14:11:05 +0200
fix the build
metze
r10770@SERNOX: metze | 2005-10-06 16:56:01 +0200
- move the table filling to a seperate function, will be reused later
- fix the build, wrepl_nbt_name fixes
- remove state -> update_state
metze
r10771@SERNOX: metze | 2005-10-06 17:04:48 +0200
add a function to create a wreplsrv_in_connection from a client connection
metze
r10772@SERNOX: metze | 2005-10-06 17:13:51 +0200
- make the connection code more generic to handle the pull cached connection,
push cached connection or given connections
- when we don't use a cached connection, disconnection when a pull_cycle is done
- fix the build and use the configured source ip
metze
r10773@SERNOX: metze | 2005-10-06 17:18:49 +0200
- add composite functions for push notification
metze
r10774@SERNOX: metze | 2005-10-06 17:23:46 +0200
- use periodic push notifycation, this is just for now
as it needs to be configurable and and be triggered when the local database
has changes since the last notify
- I also need to work out how to decide if the partner supports
persistent connections and WREPL_REPL_INFORM* messages
metze
r10923@SERNOX: metze | 2005-10-12 16:52:34 +0200
fix the build becuse of conflicts with main SAMBA_4_0 tree
metze
(This used to be commit 6d97dd6e50)
create winsdb_record() and winsdb_message() as public functions
so that they can be used in the wrepl_server/
metze
(This used to be commit b8b48c8aa5)
- load our wins partners at start time:
# this is a sample partner record:
dn: name=SERNOX4-1,CN=PARTNERS
objectClass: wreplPartner
name: SERNOX4-9
address: 172.31.1.1
ourAddress: 172.31.9.1
type: 0x3
pullInterval: 3600
- go through all winsdb records in the database and create the wins_owner table,
but don't add ourself to it as out nbt task will update the db too, we refetch
the local max_versiion, each time we need it, (that typicaly onces per replication cycle)
metze
(This used to be commit 4490a2864e)
- move structs to a seperate header file
- move the code for the wreplsrv_in_call handling to a seperate file
metze
(This used to be commit c9a8544446)
add struct nbt_peer_socket and use it instead of passing const char *addr, uint16 port everyhwere
(tridge: can you review this please, (make test works)
metze
(This used to be commit a599d7a4ae)
but the version before did not either, so we're not worse than before.
One thing this does better is to call the domain init code if it's not there
yet.
Volker
(This used to be commit 35bcfb185b)
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecc)
Initialize a domain structure properly. Excerpt from wb_init_domain.c:
/*
* Initialize a domain:
*
* - With schannel credentials, try to open the SMB connection with the machine
* creds. Fall back to anonymous.
*
* - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
* pipe.
*
* - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
* to schannel and then to anon bind.
*
* - With queryinfopolicy, verify that we're talking to the right domain
*
* A bit complex, but with all the combinations I think it's the best we can
* get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
* have a signed&sealed lsa connection on all of them.
*
* Is this overkill? In particular the authenticated SMB connection seems a
* bit overkill, given that we do schannel for netlogon and ntlmssp for
* lsa later on w2k3, the others don't do this anyway.
*/
Thanks to Jeremy for his detective work, and to the Samba4 team for providing
such a great infrastructure.
Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
with all we have.
Volker
(This used to be commit 3e69fdc07c)
start to look sane.
Question: What about providing all winbind commands as irpc interfaces that
are called from the samba3 compatibility layer? This way it would be easy for
other samba components to access its functionality. Does that make sense?
Volker
(This used to be commit 2a6b805385)
used for WREPL_REPL_INFORM* messsages
- make it possible to close the connection after a request was send
used for WREPL_ASSOCIATION_STOP
- fix the torture test that tests the assoc context handling
between connections, you can issue a request and get the reply
on another connection, I think we should not implement that in our server
code, as I think it's a security hole, you can cause a windows server
to send the replies to someone another client, that doesn't wait for data,
and as there're no massage_id in the protocol the client would be confused
by a replies that doesn't belong to a query
metze
(This used to be commit dfc95de8fa)
queryinfopolicy. Idea is to get a consistency check between that and our
notion of the domain name and sid, and take the lsa pipe as the holder of the
central smbcli_tree that netlogon and samr use as well.
Volker
(This used to be commit 126c80aefc)
Tridge, if you have time, you might want to look at the segfault I was still
seeing. Now I store the handle to the netlogon pipe in the global winbind
state and free it on the next entry into check_machacc. The problem seems to
be that talloc_free()ing a pipe struct from within a callback function on that
pipe is not possible. I think I can live with that, but it has been not really
obvious. To reproduce the segfault you might want to look at putting a
talloc_free(state->getcreds->out.netlogon) into
wbsrv_samba3_check_machacc_receive_creds. This is called from a dcerpc
callback function.
In particular if the check failed it would be nice if I could delete the pipe
directly and not post a different event to some winbind queue.
I tried to delete the pipe from a timed event triggered immediately, but this
also fails because the inner loop seems to hit the same event again, calling
it twice.
Volker
(This used to be commit 5436d77648)
of an existing socket, that is needed to handle WREPL_REPL_UPDATE
in the server, because we need to flig the connection and act as client on it
metze
(This used to be commit 131e5dfe69)
domain and gets the DC's name via a mailslot call.
Metze, I renamed wbsrv_queue_reply to wbsrv_send_reply in accordance with
irpc_send_reply. Having _queue_ here and _send_ there is a bit confusing. And
as everything is async anyway, the semantics should not be too much of a
problem.
Volker
(This used to be commit 4637964b19)
that a given set of (working) POSIX functions are available (without
prefixes to their names, etc). See lib/replace/README for a list.
Functions that behave different from their POSIX specification
(such as sys_select, sys_read, etc) have kept the sys_ prefix.
(This used to be commit 29919a7105)
- remove the echo test stuff
- abstract out the used protocol
- we have a seperate handler for the samba3 protocol now
- the backend can easy do async replies
by setting WBSRV_CALL_FLAGS_REPLY_ASYNC in wbsrv_call
and then call wbsrv_queue_reply() later
metze
(This used to be commit 32f3e68a56)
- use this for the send_queue's of the different stream_servers
to not redefine the same struct so often, and it maybe will be used
in other places too
metze
(This used to be commit b6694f067a)
