IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- it does Negprot and SessionSetup yet
the rest returns NT_STATUS_NOT_IMPLEMENTED
- it's off by default, enable with:
smbsrv:enable smb2 = yes
- negotition in the SMB Negprot isn't supported yet
- it's only tested with smbtorture SMB2-CONNECT
not with vista as client
metze
- add an idtree_limit to limit the max VUID we give the clients
it's UINT16_MAX (0xffff) for the SMB protocol
- add auth_time to the smbsrv_session statistics
- use the session_info as marker for finished and non-finished
session setups
metze
them
- add a idtree_limit to the tcons substructure of smbsrv_connection
this controls what the highest TID is we give away to the client
it's UINT16_MAX (0xFFFF) for the SMB protocol
metze
- just use '0', I'll remove the UID_FIELD_INVALID macro completly later
- why search for the session we have just create
- add TODO notices, I need to dicuss them with abartlet...
metze
ntcancel also needs to have AS_USER
- move the SIGNING_NO_REPLY logic as global option, because this needs to be set
for the error replies too.
- as we currently don't know how to generate signatures for ntcancel replies
we just skip the sending of the reply
- w2k3 first checks the VUID and then the TID, so we do now
- ntcreateX also uses ERRbaduid when getting a wrong VUID
metze
authentication. This pulls the creating of the keytab back to the
credentials code, and removes the special case of 'use keberos keytab
= yes' for now.
This allows (and requires) the callers to specify the credentials for
the server credentails to GENSEC. This allows kpasswdd (soon to be
added) to use a different set of kerberos credentials.
The 'use kerberos keytab' code will be moved into the credentials
layer, as the layers below now expect a keytab.
We also now allow for the old secret to be stored into the
credentials, allowing service password changes.
Andrew Bartlett
user_info strcture in auth/
This moves it to a pattern much like that found in ntvfs, with
functions to migrate between PAIN, HASH and RESPONSE passwords.
Instead of make_user_info*() functions, we simply fill in the control
block in the callers, per recent dicussions on the lists. This
removed a lot of data copies as well as error paths, as we can grab
much of it with talloc.
Andrew Bartlett
setup. Andrew, please check over this.
What happens is this:
- run the BASE-SECLEAK test
- with each failed session setup using spnego a gensec ctx is leaked into the smb_conn structure
- after the client disconnects these are finally cleaned up as they
are all children of the connection structure
- the cleanup of the millions of memory objects takes long enough
that the next operation in test_posix.sh sometimes fails with a timeout
Andrew, can you also look at the talloc_reference() on line 332 of
sesssetup.c ? I suspect it isn't needed (I don't think it does any
actual harm though)
