IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
backend.
The idea is that every time we open an LDB, we can provide a
session_info and/or credentials. This would allow any ldb to be remote
to LDAP. We should also support provisioning to a authenticated ldap
server.
(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).
Andrew Bartlett
(This used to be commit ae2f3a64ee)
e.g. to return the first address of the 0x1B address as first
address in the 0x1C reply, and handle sgroup merge overflow
of 25 addresses
metze
(This used to be commit a80280e061)
and add a flags argument to add and modify,the current flags are:
WINSDB_FLAG_ALLOC_VERSION to allocate a new version id for the record
WINSDB_FLAG_TAKE_OWNERSHIP to take the become the wins owner of the record
- fix handling of records with no addresses, this is valid for MHOMED and SGROUP
records when they're not in ACTIVE state
metze
(This used to be commit 0ffea2a7b8)
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6f)
so you can use them in search filters,
only for administration not used inside the winserver code
- fix the samba3 ugrade scripts to create a correct samba4 wins.ldb
metze
(This used to be commit 9f3b6746d8)
fix the build for changes from SAMBA_4_0 branch
metze
r10541@SERNOX: metze | 2005-09-27 15:05:33 +0200
use a transaction when we allocate a new version
metze
r10549@SERNOX: metze | 2005-09-27 18:58:37 +0200
- add first start of wins pull replication
- we not yet apply records to our database but we fetch them correct form our partners
(we need conflict handling for this)
- we also need to filter out our own records!
metze
r10568@SERNOX: metze | 2005-09-28 11:33:04 +0200
move composite helpers to a seperate file, create a a seperate file for the conflict resolving logic
metze
r10571@SERNOX: metze | 2005-09-28 12:00:17 +0200
add forward declarations...to fix the build
metze
r10612@SERNOX: metze | 2005-09-29 16:11:06 +0200
we have a nbt_name now, and don't need to parse it
metze
r10614@SERNOX: metze | 2005-09-29 16:38:35 +0200
filter out our own records
metze
r10620@SERNOX: metze | 2005-09-29 18:07:08 +0200
- handle mutliple addresses in WREPL_REPL_SEND_REPLY
- make strings always valid talloc pointers
metze
r10621@SERNOX: metze | 2005-09-29 18:09:41 +0200
use debug level 2
metze
r10622@SERNOX: metze | 2005-09-29 18:48:05 +0200
- add one more debug message when we reply no record
- fix min max logic
metze
r10623@SERNOX: metze | 2005-09-29 20:49:06 +0200
build fixes...
metze
r10629@SERNOX: metze | 2005-09-30 00:11:41 +0200
- use seperate attributes for type, state, nodetype, is_static
... the winserver.c code needs some more updates to correctly,
create special group and multihomed registrations...
metze
r10640@SERNOX: metze | 2005-09-30 04:07:34 +0200
- add some short path for the composite helper functions
they will be used in the next commit
metze
r10642@SERNOX: metze | 2005-09-30 06:29:06 +0200
fix the build
metze
r10655@SERNOX: metze | 2005-09-30 17:36:49 +0200
- implement the WREPL_REPL_UPDATE* and WREPL_REPL_INFORM*
this includes the connection fliping into a client connection
for WREPL_REPL_UPDATE*
NOTE: I not yet found out how to get the w2k server to use INFORM against samba4
it uses inform against w2k and w2k3 but UPDATE against nt4 and samba4
what's left now is to be able to initiate INFORM and UPDATE requests to notify
our pull partners
metze
r10727@SERNOX: metze | 2005-10-05 14:11:05 +0200
fix the build
metze
r10770@SERNOX: metze | 2005-10-06 16:56:01 +0200
- move the table filling to a seperate function, will be reused later
- fix the build, wrepl_nbt_name fixes
- remove state -> update_state
metze
r10771@SERNOX: metze | 2005-10-06 17:04:48 +0200
add a function to create a wreplsrv_in_connection from a client connection
metze
r10772@SERNOX: metze | 2005-10-06 17:13:51 +0200
- make the connection code more generic to handle the pull cached connection,
push cached connection or given connections
- when we don't use a cached connection, disconnection when a pull_cycle is done
- fix the build and use the configured source ip
metze
r10773@SERNOX: metze | 2005-10-06 17:18:49 +0200
- add composite functions for push notification
metze
r10774@SERNOX: metze | 2005-10-06 17:23:46 +0200
- use periodic push notifycation, this is just for now
as it needs to be configurable and and be triggered when the local database
has changes since the last notify
- I also need to work out how to decide if the partner supports
persistent connections and WREPL_REPL_INFORM* messages
metze
r10923@SERNOX: metze | 2005-10-12 16:52:34 +0200
fix the build becuse of conflicts with main SAMBA_4_0 tree
metze
(This used to be commit 6d97dd6e50)
we should only use 255.255.255.255 for group records,
only when we reply, not when the name is registered.
the real address is used for replication
metze
(This used to be commit 45a774c63c)
- as the old records are broken sinse the last winsdb_dn() changes, (the dn components order was reversed)
we can use nicer attribute and objectClass names...
- use much more verbose error handling for winsdb_*
- print a debug message when we found a corrupted record
metze
(This used to be commit 82bad3f3ef)
create winsdb_record() and winsdb_message() as public functions
so that they can be used in the wrepl_server/
metze
(This used to be commit b8b48c8aa5)
- store the wins owner on the record and the wins owner and expire time on each address
- we use "0.0.0.0" to mark entries which are registered at the local wins server
- we use this ldif-format:
address: 172.31.9.1;winsOwner:0.0.0.0;expireTime:20050923032337.0Z
address: 172.31.1.1;winsOwner:172.31.9.202;expireTime:20050923032330.0Z
metze
(This used to be commit 752025a0e1)
move to struct winsdb_addr, (I'll add expiry_time and the wins_owner later
tridge: can you please review the new winsdb_addr_* functions carefull, look for off-by-one bugs, etc.
metze
(This used to be commit 72eba90465)
add wrapper functions for the "address" attribute in the winsdb,
the goal is to store the expiry time and the wins owner per address,
which is needed for wins replication
metze
(This used to be commit 2fd3bbd044)
- add winsdb_connect() function, so that the winsdb can be opened by the wrepl_server/ code
- remove maintaining of a min_version field, as it was implemented incorrect, and is maybe not needed at all
- fix handling of max_version, (we started with 0, on each server start)
metze
(This used to be commit e6106e21a0)
add struct nbt_peer_socket and use it instead of passing const char *addr, uint16 port everyhwere
(tridge: can you review this please, (make test works)
metze
(This used to be commit a599d7a4ae)
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecc)
ldap. Also ensure we put a objectclass on our private ldb's, so they
have some chance of being stored in ldap if you want to
(This used to be commit 1af2cc067f)
authenticated session down into LDB. This associates a session info
structure with the open LDB, allowing a future ldb_ntacl module to
allow/deny operations on that basis.
Along the way, I cleaned up a few things, and added new helper functions
to assist. In particular the LSA pipe uses simpler queries for some of
the setup.
In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't
been worked on (other than making it continue to compile) since January,
and I think the features of this module are being put into ldb anyway.
I have also changed the partitions in ldap_server to be initialised
after the connection, with the private pointer used to associate the ldb
with the incoming session.
Andrew Bartlett
(This used to be commit fd7203789a)
NBT server code remains reabable. Also fixed the copyright header to
include Volker, as he wrote the getdc server function
(This used to be commit a973197d3e)
stuff.
- don't use SMBCLI_REQUEST_* state's in the genreic composite stuff
- move monitor_fn to libnet.
NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR
state in the _send() function. I haven't fixed this bugs in this
commit! We may need some composite_trigger_*() functions or so.
And maybe some other generic helper functions...
metze
(This used to be commit 4527815a0a)
domain and gets the DC's name via a mailslot call.
Metze, I renamed wbsrv_queue_reply to wbsrv_send_reply in accordance with
irpc_send_reply. Having _queue_ here and _send_ there is a bit confusing. And
as everything is async anyway, the semantics should not be too much of a
problem.
Volker
(This used to be commit 4637964b19)
do not autostart transactions on ldb operations if a transaction is already in place
test transactions on winsdb
all my tests passes so far
tridge please confirm this is ok for you
(This used to be commit c2bb2a36bd)
searches in ldb to be more ldap compliant, but broke the wins server
and the ejs ldb code. This fixes those up so 'make test' passes again.
(This used to be commit dff660c23c)
This gets it working, but I'm rather worried about the speed. We used
to get more than 5000 ops/sec, but now we are down to around 15
ops/sec. I suspect a bug in ldb.
(This used to be commit 83727bf72c)
the caller should free it
this fixed a double free bug noticed by
Дейтер Александр Валериевич <tiamat@komi.mts.ru>
metze
(This used to be commit ee1a5d5419)
I can now join winxp -> samba4 DC using long name, and login. The nice
thing is there are no delays now, as the client likes the replies it gets
(This used to be commit 5aff7d36f3)
server. Currently just listens on port 138 and parses the packets
(using IDL like the rest of NBT). This allows me to develop the
structures and test with real packets
(This used to be commit 10d64a5253)
changes:
- ldb_wrap disappears from code and become a private structure of db_wrap.c
thanks to our move to talloc in ldb code, we do not need to expose it anymore
- removal of ldb_close() function form the code
thanks to our move to talloc in ldb code, we do not need it anymore
use talloc_free() to close and free an ldb database
- some minor updates to ldb modules code to cope with the change and fix some
bugs I found out during the process
(This used to be commit d58be9e74b)
replication support
- on a WACK registration success, check that the database record
hasn't changed during the WACK processing. If it has, then fail
the registration
(This used to be commit 2acd79b959)
- if we have no configured network interfaces, then don't start nbtd (when I add dynamic
interface loading this will change to a delay until a network interface comes up)
- choose the best interface by netmask for torture tests that need a
specific IP (such as the WINS test). Added iface_best_ip() for that.
- if specific interfaces are chosen in smb.conf, then keep that ordering, and
default to the first one listed
(This used to be commit 4d08c11407)
do secure server WACK responses
- added a ldap_string_to_time() function, for converting a LDAP
formatted time to a time_t
(This used to be commit 9aa3313b3f)
as a human readable string. The format is designed to be able to be
used as the DN for the WINS database as well, while coping with
arbitrary bytes in the name (except nul bytes)
(This used to be commit aac3090e35)
- more NBT packet asserts, to ensure that incoming requests have all
the elements we depend on
- open the WINS database at startup if we are configured as a WINS server
- split out the nbtd server reply packet generation code so it can be
shared by the WINS server
- re-did the logic of what is answered by the WINS server and what by
the B node server. It now always tries to answer by the B node, and
only "recurses" to the WINS server for names that are not found.
(This used to be commit 5613e6b8ad)
- change the iface_n_*() functions to return a "const char *" instead of a "struct ipv4_addr"
I think that in general we should move towards "const char *" for
all IP addresses, as this makes IPv6 much easier, and is also easier
to debug. Andrew, when you get a chance, could you fix some of the
auth code to use strings for IPs ?
- return a NTSTATUS error on bad name queries and node status instead
of using rcode. This makes the calling code simpler.
- added low level name release code in libcli/nbt/
- use a real IP in the register and wins nbt torture tests, as w2k3
WINS server silently rejects some operations that don't come from the
IP being used (eg. it says "yes" to a release, but does not in fact
release the name)
(This used to be commit bb1ab11d8e)
- when registering with a WINS server, initially use multi-homed
registration, then switch to name refresh requests. Send refresh
requests only to the WINS server that responded to our
registration. If that server goes away, then start the registration
from scratch. This makes registration more robust to WINS server
failure.
- send WINS registration requests out on our first interface rather
than an unbound interface, to avoid the problem of WACK replies
being sent to the wrong port (w2k3 WINS server does this)
(This used to be commit f7712ac746)
be consistent with the function names
- added WINS client support to the NBT server. It will do initial WINS
registration, and WINS refresh, automatically failing over to
secondary WINS servers and handling multi-homed servers where we need
to register multiple IPs.
- added support for multi-homed name query replies, which are
essential for multi-homed registration as the WINS server will query
us to ensure we have the names when doing the secondary IPs in
multi-homed registration
(This used to be commit a1553fa805)
make it possible to add optimisations to the events code such as
keeping the next timed event in a sorted list, and using epoll for
file descriptor events.
I also removed the loop events code, as it wasn't being used anywhere,
and changed timed events to always be one-shot (as adding a new timed
event in the event handler is so easy to do if needed)
(This used to be commit d7b4b6de51)
bind twice on each interface, once using the broadcast address and
once using the specific IP. We then only listen on the wildcard
address if we don't have "bind interface only" set. This also happens
to simplify the code that finds the right interface for an incoming
request.
(This used to be commit b3edf17281)
the header, and defined on the wire as a 4 byte network byte order
IP. This means the calling code doesn't have to worry about network
byte order conversions.
(This used to be commit 72048e3717)
broadcast name registration demands per name per interface at 1 second
intervals, then send a name overwrite request and demand. Any name
conflict replies are reported.
(This used to be commit d656fba6f1)
names on the network and answers name queries. Lots of details are
still missing, but at least this now means you don't need a Samba3
nmbd to use Samba4.
missing pieces include:
- name registrations should be "shout 3 times, then demand"
- no WINS server yet
- no master browser code
(This used to be commit d7d31fdc66)
the packets it receives, but it at least shows how the server
structure will work.
To implement it I extended the libcli/nbt/ library to allow for an
incoming packet handler to be registered. That allows the nbt client
library to be used for low level processing of the nbtd server packets.
Other changes:
- made the socket library always set SO_REUSEADDR when binding to an
interface, to ensure that restarts of a server don't have to wait
for a couple of minutes.
- made the nbt port configurable. Defaults to 137, but other ports
will be useful for testing.
(This used to be commit 2fedca6adf)