IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- get rid of redundeny dyn_CONFIGFILE argument to lp_load()
- fixed provisioning to work with completely pristine install,
creating an initial smb.conf is none is present
- added lp.set() and lp.reload() to loadparm ejs object interface
(This used to be commit c2691ef712)
- Fixes annoying array-of-pointers bug in pidl.
- No longer "inherit" alignment thru subcontexts
- Use "Image Object" as example DCOM object, rather then the "My Computer" object, which is built-in and can't be accessed remotely as far as I can see
(This used to be commit bd706d4964)
S390. This is an attempt to avoid the panic we're seeing in the
automatic builds.
The main fixes are:
- assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats
- use of NULL format statements to perform dn searches.
- assumption that sizeof() returns an int
(This used to be commit a58ea6b385)
file_load() to use talloc, which impacted quite a few bits of code,
including our smb.conf processing.
took the opportunity to remove the gloabls in params.c while doing this
(This used to be commit b220756cb4)
now push/pull a sample PAC, and still have the same byte buffer.
(Metze set up the string code, and probably already has a similar
patch).
Unfortunetly win2k3 still doesn't like what we provide, but every step helps.
Also use data_blob_const() when we are just wrapping data for API
reasons.
Andrew Bartlett
(This used to be commit e7c8076fc1)
(I have included the krbtgt key from my test network).
It turns out the krbtgt signature is over the 16 (or whatever,
enc-type dependent) bytes of the signature, not the entire structure.
Also do not even try to use Kerberos or GSSAPI on an IP address, it
will only fail.
Andrew Bartlett
(This used to be commit 3b9558e82f)
Creating a file in a directory with delete-on-close set returns
DELETE_PENDING, and trying to set the flag on a non-empty directory returns
DIRECTORY_NOT_EMPTY.
Volker
(This used to be commit 5680f34778)
A delete-on-close deleted file is still around while open on another fd. But
only for findfirst, not for qpathinfo :-)
Volker
(This used to be commit dbc7a1a978)
actually a uint16 * without the [string] attribute, a la the the
system_name argument to samr_Connect().
Initialising the pointer to NULL is sufficient and we still pass the
RPC-WINREG test against win2k3.
(This used to be commit 407d962dac)
- move to handmodified pull/push code for PAC_BUFFER
to get the _ndr_size field and the subcontext size right
- after looking closely to the sample w2k3 PAC in our torture test (and some more in my archive)
I found out that the first uint32 before the netr_SamInfo3 was also a pointer,
(and we passed a NULL pointer there before, so I think that was the reason why the windows clients doesn't want our PAC)
w2k3 uses this for unique pointers:
ptr = ndr->ptr_count * 4;
ptr |= 0x00020000;
ndr->ptr_count;
- do one more pull/push round with the sample PAC
metze
(This used to be commit 0eee179415)
NT_STATUS_INVALID_HANDLE on a per call basis for a bad vuid. That
means it is doing checking for a valid vuid in each backend function,
rather than globally. I don't want to emulate that as it is way too
error prone, and could easily lead to a security hole, so instead
accept either error code in our test suite.
(This used to be commit aefa9e53fa)
The biggest change was fixing the RAW-CONTEXT test. It was forcing
capabilities to zero in an attempt to not negotiated extended
security, but as a side effect it was forcing negotiation of dos error
codes. This confused the hell out of the test code!
Also fixed a bunch of places incorrectly using NT_STATUS_V() instead
of NT_STATUS_EQUAL() and several places that had the wrong dos status
codes
(This used to be commit 0b22744f40)
much closer.
This changes PIDL to allow a subcontext to have a pad8 flag, saying to
pad behind to an 8 byte boundary. This is the only way I can explain
the 4 trainling zeros in the signature struct.
Far more importantly, the PAC code is now under self-test, both in
creating/parsing our own PAC, but also a PAC from my win2k3 server.
This required changing auth_anonymous, because I wanted to reuse the
anonymous 'server_info' generation code.
I'm still having trouble with PIDL, particulary as surrounds value(),
but I'll follow up on the list.
Andrew Bartlett
(This used to be commit 50a54bf4e9)
that relied on the mapping need to be fixed. The first thing is to get
all the torture tests working against w2k3 again with nt status codes
enabled. The 2nd step will be to make them pass with nt status
disabled.
This starts on the first task, fixing the assumption that
NT_STATUS_INVALID_LOCK_SEQUENCE is a valid substitute for
ERRDOS:ERRbadaccess
(This used to be commit 87cdd11708)
with 'nt status support' option.
- make nt_errstr() display nice strings for dos status codes encoded
using NT_STATUS_DOS()
- no longer map between dos and nt status codes in the client library,
instead return using NT_STATUS_DOS()
- fixed the RAW-CONTEXT test to look for
NT_STATUS_DOS(ERRSRV, ERRbaduid) instead of NT_STATUS_INVALID_HANDLE
(This used to be commit ff5549e87f)
- test AddForm on the PrintServer object
- GetForm() isn't allowed on the PrintServer object so remove NTPTR
function for it
- accept the dns name as servername in the spoolss server
metze
(This used to be commit d8c308a465)
We now generate the PAC, and can verifiy both our own PAC and the PAC
from Win2k3.
This commit adds the PAC generation code, spits out the code to get
the information we need from the NETLOGON server back into a auth/
helper function, and adds a number of glue functions.
In the process of building the PAC generation code, some hints in the
Microsoft PAC specification shed light on other parts of the code, and
the updates to samr.idl and netlogon.idl come from those hints.
Also in this commit:
The Heimdal build package has been split up, so as to only link the
KDC with smbd, not the client utils.
To enable the PAC to be veified with gensec_krb5 (which isn't quite
dead yet), the keyblock has been passed back to the calling layer.
Andrew Bartlett
(This used to be commit e2015671c2)
don't like to bother with netbios type names when looking for common
types: hosts (servers) and domain controllers. Also, apropriate tests
rafal
(This used to be commit 50cd94be0f)
Session Setup code.
Add a mem_ctx argument to a few of the NTLMv2 support functions, and
add smb.conf options to control client NTLMv2 behaviour.
Andrew Bartlett
(This used to be commit 3f35cdb218)
server as to the CIFS session key.
JRA had pain with this being wrong against NT4 (without spnego), hence
this specific test.
Andrew Bartlett
(This used to be commit 47f433708b)
- test EnumForms() on the PrintServer (NT4 returns WERR_BADFID)
(jerry: how do it get the lists of forms in the printserver gui)
metze
(This used to be commit fddfe1f04b)
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.
Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.
There were 3 places where I punted:
- abartlet wanted me to add a gensec_set_event_context() call
instead of adding it to the gensec init calls. Andrew, my
apologies for not doing this. I didn't do it as adding a new
parameter allowed me to catch all the callers with the
compiler. Now that its done, we could go back and use
gensec_set_event_context()
- the ejs code calls auth initialisation, which means it should pass
in the event context from the web server. I punted on that. Needs fixing.
- I used a NULL event context in dcom_get_pipe(). This is equivalent
to what we did already, but should be fixed to use a callers event
context. Jelmer, can you think of a clean way to do that?
I also cleaned up a couple of things:
- libnet_context_destroy() makes no sense. I removed it.
- removed some unused vars in various places
(This used to be commit 3a3025485b)
- hooked into events system, so requests can be truly async and won't
interfere with other processing happening at the same time
- uses NTSTATUS codes for errors (previously errors were mostly
ignored). In a similar fashion to the DOS error handling, I have
reserved a range of the NTSTATUS code 32 bit space for LDAP error
codes, so a function can return a LDAP error code in a NTSTATUS
- much cleaner packet handling
(This used to be commit 2e3c660b2f)
- add EnumMonitors() server code and return "Standard TCP/IP Port"
- add parsing for opening Ports and Monitors with OpenPrinterEx()
metze
(This used to be commit 08e6de37bc)
- use the same names as etherel (offered,needed) for the buffer sizes
(and they are really independently used)
metze
(This used to be commit f5532a5b74)
instead of a search expression. This allows our ldap server to pass
its ASN.1 parsed search expressions straight to ldb, instead of going
via strings.
- updated all the ldb modules code to handle the new interface
- got rid of the separate ldb_parse.h now that the ldb_parse
structures are exposed externally
- moved to C99 structure initialisation in ldb
- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee)
There is now a new --debug-stderr option to enable debug to STDERR.
popt isn't perfect, but the callbacks are used in all the main Samba
binaries, and should be used in the rest. This avoids duplicated
code, and ensures every binary is setup correctly.
This also ensures the setup happens early enough to have -s function,
and have a correct impact on the credentials code. (Fixing a bug that
frustrated tridge earlier today).
The only 'subtle' aspect of all this is that I'm pretty sure that the
SAMBA_COMMON popt code must be above the CREDENTIALS code, in the
popt tables.
Andrew Bartlett
(This used to be commit 50f3c2b3a2)
get stuck waiting on no file descriptors, with no timeout, so it sits
forever. I need to fix that bug separately, but to prevent build farm
machines being totally stuck, this timeout will be used.
(This used to be commit 5cccf0a770)
