IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We need to remove fragments from the incoming fragment list, or else
we leak (actually, we walk free()'ed data as we add/remove elements).
Andrew Bartlett
talloc(NULL, xxx) to allocate the registry context. That had two
consequences
1) it was a massive memory leak, as all winreg operations leaked their
entire context (including an open ldb database) every time
2) event_context_find() never found the exsting event context, so we
used a new event context each time, which called epoll_create()
each time, which caused a fd to be allocated
Jerry, there is a big difference on the wire between these two:
[out] uint32 x;
and
[out] uint32 *x;
if you change from
[out] uint32 x;
then you need to change to:
[out,ref] uint32 *x;
otherwise it changes the format on the wire, which means we are no
longer compatible with MS servers.
but be aware that even if you change to a ref ptr, you also need to
change all the client code to set all the return variables in the out
part of the structure. That's why I don't like the MIDL restriction of
forcing the use of ref pointers for output variables - it makes life
much harder when writing client code, and makes the code much more
error prone (just look at all the extra code needed to make this work
again).
I know we could auto-allocate these variables in the generated client
side NDR code, but if we did that then we would have no way of doing a
_real_ ref out pointer, which we really wanted to set to some already
allocated variable.
So please hold off on changing our idl to use the MIDL convention for
output variables until Jelmer and I have had a good "chat" about this :-)
Also cope with the fact that we define the FSTYPE as NTFS by default.
We never use this anywhere else, so we may just change it, but just
detect the fact and return DISK in share_classic for now.
We were adding packet fragments onto the *reply* queue, not the
recieve queue. This worked, as long as we got a whole packet before
we did any reply work, but failed once the backend called a remote
LDAP server (and I presume something invoked the event loop).
Andrew Bartlett
The latter calls don't supply a policy handle
The latter calls now acquire a policy handle, then call the earlier
calls. This means we still share the codepaths, but don't need to
fetch policy state when it is already provided.
Andrew Bartlett
This commit cleans up a number of aspects of the LSA interface.
Firstly, we do 2 simple searches on opening the LSA policy, to obtain
the basic information we need. This also avoids us searching for
dnsDomain (an invented attribute).
While I was at it, I added and tested new LSA calls, including the
enumTrustedDomainsEx call. I have also merged the identical structures
lsa_DomainInformation and lsa_DomainList.
Also in this commit: Fix netlogon use of uninitialised variables.
Andrew Bartlett
- creation of ForeignSecurityPrincipals
- template duplication code
Rework much of the LSA server to pass the RPC-LSA test. Much of the
server code was untested. In implementing the LSA Accounts feature, I
have opted to have it only create entires when privilages are applied,
and not to delete entries, but to delete the privilages.
We skip some parts of the test, but it is much better than not testing
it at all.
Andrew Bartlett
This intersting call is apparently used to construct the user token,
collect memberships from other DSAs and to retrieve (nested) memberships
of a given group.
Torture test to follow (once I cleaned it up).
Guenther
still a couple of unimplemented functions, but this is far better than
not testing this at all. In particular, this exercises the
password_hash module.
Specific changes:
- Add support for SetDomainInfo
- Add many more info levels to QueryDomainInfo
- Set a domain comment in RPC-SAMR, and verify it is kept
- Refactor QueryUserInfo not to always serach for all attributes
- Add QueryDiplayInfo3 and QueryDomainInfo2 as aliased calls
- Make OemChangePassword2 search under the samdb_base_dn(), so it
finds the user when partitions are active.
- Skip SetSecurity, DisplayIndex, MemberAttributesOfGroup and
'Multiple' alias operations in RPC-SAMR for Samba4
- Add RPC-SAMR as a 'slow' RPC test (it is quite slow)
Andrew Bartlett
This change is required for compatibility with the OSX client, in
particular, but returning 0x80000002 rather than -2147483646 violates
what LDAP clients expect in general.
Andrew Bartlett
