Tim Potter [Fri, 30 Jul 2004 05:30:14 +0000 (05:30 +0000)]
r1611: Put a brace on a new line.
Andrew Tridgell [Thu, 29 Jul 2004 11:55:57 +0000 (11:55 +0000)]
r1606: make the low level socket read/write routines cope properly with non-blocking sockets
Andrew Bartlett [Thu, 29 Jul 2004 10:33:36 +0000 (10:33 +0000)]
r1605: GENSEC krb5 updates - fix a valgrind found uninitialised variable, and
allow tests for 'unwrapped' krb5, allowed by Win2k3.
SPENGO changes, trying to get the logic right (when and what
sub-mechanisms to wrap).
Andrew Bartlett
Andrew Bartlett [Thu, 29 Jul 2004 10:13:34 +0000 (10:13 +0000)]
r1604: Samba4 avoids memcpy() as much as possible - we don't need to make a copy here.
Andrew Bartlett
Andrew Tridgell [Thu, 29 Jul 2004 09:30:54 +0000 (09:30 +0000)]
r1603: fixed in.size to not overstate the packet size by 4 bytes
my apologies to abartlett for thinking this was his bug!
Andrew Tridgell [Thu, 29 Jul 2004 08:14:34 +0000 (08:14 +0000)]
r1602: make sure we honor the use_spnego flag
Jim McDonough [Wed, 28 Jul 2004 13:08:08 +0000 (13:08 +0000)]
r1596: Fix up copyrights.
Tim Potter [Tue, 27 Jul 2004 19:08:34 +0000 (19:08 +0000)]
r1595: Always use a loop variable named $e when iterating over lists of
elements.
Tim Potter [Tue, 27 Jul 2004 18:45:18 +0000 (18:45 +0000)]
r1594: Remove some array checks that we can't do because we don't store state
between scalar and buffer passes.
Fix array handling - most of the samr queryuserinfo calls now parse
properly!
Tim Potter [Tue, 27 Jul 2004 18:43:39 +0000 (18:43 +0000)]
r1593: Fix bug in get_subtree() where we were always looking at the head of
the list of subtrees.
Tim Potter [Tue, 27 Jul 2004 10:56:34 +0000 (10:56 +0000)]
r1592: Fix up subtrees for non-scalar types instead of hardcoding module subtree.
Arrays currently broken though. )-:
Tim Potter [Mon, 26 Jul 2004 04:11:18 +0000 (04:11 +0000)]
r1586: Finally, a technique for putting buffers in scalars in the same
protocol tree that actually works. Instead of trying really hard
to do this in code, just remember a list of strings and subtrees
for every tree. (This does require the addition of a void *user_data
field to ethereal's proto_node structure).
Stefan Metzmacher [Sun, 25 Jul 2004 15:09:48 +0000 (15:09 +0000)]
r1585: add dcpromo.pl start, this should be configure a
samba4 ads domain controller's ldb database
metze
Andrew Tridgell [Fri, 23 Jul 2004 06:40:49 +0000 (06:40 +0000)]
r1578: the first stage of the async client rewrite.
Up to now the client code has had an async API, and operated
asynchronously at the packet level, but was not truly async in that it
assumed that it could always write to the socket and when a partial
packet came in that it could block waiting for the rest of the packet.
This change makes the SMB client library full async, by adding a
separate outgoing packet queue, using non-blocking socket IO and
having a input buffer that can fill asynchonously until the full
packet has arrived.
The main complexity was in dealing with the events structure when
using the CIFS proxy backend. In that case the same events structure
needs to be used in both the client library and the main smbd server,
so that when the client library is waiting for a reply that the main
server keeps processing packets. This required some changes in the
events library code.
Next step is to make the generated rpc client code use these new
capabilities.
Stefan Metzmacher [Wed, 21 Jul 2004 09:57:39 +0000 (09:57 +0000)]
r1558: the unknown_time is the same as the logon_time in the PAC_LOGON_INFO
the account_name is a 'nstring'
metze
Stefan Metzmacher [Tue, 20 Jul 2004 20:30:29 +0000 (20:30 +0000)]
r1552: commit the first version of the pidl generated krb5 PAC parser
NOTE: there a lot of work todo, maybe we need to extent pidl
metze
Stefan Metzmacher [Mon, 19 Jul 2004 10:35:05 +0000 (10:35 +0000)]
r1547: rename 'enum <bla>_level' -> 'enum smb_<bla>_level'
e.g. we now have 'union smb_mkdir' and 'enum smb_mkdir_level' in sync
we may should also rename 'RAW_MKDIR_*' -> 'SMB_MKDIR_*'
metze
Stefan Metzmacher [Mon, 19 Jul 2004 10:15:33 +0000 (10:15 +0000)]
r1546: fix the build the function name has changed to srvsvc_NetRemoteTOD
because I implemented the idl for it
metze
Stefan Metzmacher [Mon, 19 Jul 2004 06:49:53 +0000 (06:49 +0000)]
r1545: add some comments and move a transport function to the transport section
metze
Stefan Metzmacher [Mon, 19 Jul 2004 06:41:34 +0000 (06:41 +0000)]
r1544: add some comments and fix 'return True' -> 'return ret'
metze
Stefan Metzmacher [Mon, 19 Jul 2004 06:14:00 +0000 (06:14 +0000)]
r1543: add srvsvc_NetRemoteTOD idl and torture tests
metze
Tim Potter [Sat, 17 Jul 2004 03:43:15 +0000 (03:43 +0000)]
r1540: - Remove return statements when a parse error is detected as ethereal
will do this for us.
- Fix a format string error
- Use subtrees for scalar and buffer elements
- Add subtree support for function request/responses
- Formatting fixups
Tim Potter [Fri, 16 Jul 2004 12:59:16 +0000 (12:59 +0000)]
r1535: Create a subtree for each array element.
Tim Potter [Fri, 16 Jul 2004 12:58:33 +0000 (12:58 +0000)]
r1534: Alternate method of grouping togethers buffers and scalars which actually
seems to work. We create a subtree one level higher instead of in the
parse function.
Stefan Metzmacher [Fri, 16 Jul 2004 09:51:54 +0000 (09:51 +0000)]
r1530: we don't need to call srvsvc_NetShareGetInfo twice
in NetShareEnum and NetShareEnumAll
metze
Stefan Metzmacher [Fri, 16 Jul 2004 09:36:17 +0000 (09:36 +0000)]
r1529: add NetSrvGetInfo torture test
metze
Stefan Metzmacher [Fri, 16 Jul 2004 09:25:52 +0000 (09:25 +0000)]
r1528: add NetCharDevQ torture tests
metze
Stefan Metzmacher [Fri, 16 Jul 2004 09:10:36 +0000 (09:10 +0000)]
r1527: add NetCharDev torture tests
metze
Stefan Metzmacher [Fri, 16 Jul 2004 08:56:11 +0000 (08:56 +0000)]
r1526: some cleanups and fixes for the srvsvc torture tests
metze
Stefan Metzmacher [Fri, 16 Jul 2004 08:53:20 +0000 (08:53 +0000)]
r1525: share info level 1004 is invalid,
but is not the same as the default case
metze
Stefan Metzmacher [Fri, 16 Jul 2004 07:20:15 +0000 (07:20 +0000)]
r1524: add some comments
metze
Andrew Tridgell [Fri, 16 Jul 2004 03:57:04 +0000 (03:57 +0000)]
r1523: declaring variables "in" and "out" in every C module is a bad idea!
I actually don't like this idea of sharing the request buffer
structure between client and server, and I'll see if I can convince
abartlet to revert it. It ties the two pieces of code far more
intimately than is justified, and will certainly lead to ugliness as
the client and server take different paths of development. I would far
prefer we just pass 2 arguments (pointer and length) to the signing
calls instead of 1 (the request).
Andrew Bartlett [Fri, 16 Jul 2004 03:10:48 +0000 (03:10 +0000)]
r1522: Oops - I forgot this file in the prvevious commit.
This breaks the request structure out into a common part between the
client and server, which the signing code now uses.
Andrew Bartlett
Andrew Bartlett [Fri, 16 Jul 2004 02:54:57 +0000 (02:54 +0000)]
r1521: Updates to our SMB signing code.
- This causes our client and server code to use the same core code,
with the same debugs etc.
- In turn, this will allow the 'mandetory/fallback' signing algorithms
to be shared, and only written once.
Updates to the SPNEGO code
- Don't wrap an empty token to the server, if we are actually already finished.
Andrew Bartlett
Andrew Tridgell [Thu, 15 Jul 2004 10:16:40 +0000 (10:16 +0000)]
r1520: only call write handler or read handler, not both. This copes with the
connection being removed between calls.
Andrew Tridgell [Thu, 15 Jul 2004 10:08:56 +0000 (10:08 +0000)]
r1519: show the ldb_errstring() value in the log for failed ldb calls
Andrew Tridgell [Thu, 15 Jul 2004 10:07:45 +0000 (10:07 +0000)]
r1518: check for ldb_search giving -1 (indicating db corruption)
Andrew Tridgell [Thu, 15 Jul 2004 10:07:05 +0000 (10:07 +0000)]
r1517: change event_remove_timed() to remove by structure not by handler.
this fixes a crash bug in smbd with multiple RPC clients
Stefan Metzmacher [Thu, 15 Jul 2004 09:43:32 +0000 (09:43 +0000)]
r1516: remove the server_connection from the list on the server_socket
and call talloc_destroy(srv_conn->mem_ctx)
also don't follow NULL pointers
metze
Stefan Metzmacher [Thu, 15 Jul 2004 08:59:07 +0000 (08:59 +0000)]
r1515: move dublicate code to a function
metze
Stefan Metzmacher [Thu, 15 Jul 2004 08:28:19 +0000 (08:28 +0000)]
r1514: close stuff from the server_connection not in the
close_connection fn of a specific service
metze
Stefan Metzmacher [Thu, 15 Jul 2004 08:26:41 +0000 (08:26 +0000)]
r1513: change DEBUG level to 1
metze
Andrew Tridgell [Thu, 15 Jul 2004 07:44:46 +0000 (07:44 +0000)]
r1512: fixed a bug where we could reference the timer event handler after destruction
Andrew Tridgell [Thu, 15 Jul 2004 07:16:15 +0000 (07:16 +0000)]
r1511: fixed a free() that should be ldb_free()
this might explain the tdb corruption that metze found - it caused heap corruption that affected tdb
Andrew Tridgell [Thu, 15 Jul 2004 05:13:08 +0000 (05:13 +0000)]
r1510: add a commented out routine I used to test password change on NT3.
Andrew Tridgell [Thu, 15 Jul 2004 05:11:27 +0000 (05:11 +0000)]
r1509: in order to interoperate with NT3.1 we need to ignore extra data at the end of RPC PDUs.
It turns out that NT3.1 adds junk onto the end of every PDU.
Andrew Tridgell [Thu, 15 Jul 2004 05:04:17 +0000 (05:04 +0000)]
r1508: simple fix for broken server side signing. This may need more work for
SPNEGO, but I'll leave andrew to tackle that.
Andrew Tridgell [Thu, 15 Jul 2004 02:11:03 +0000 (02:11 +0000)]
r1507: fixed the handling of SMB chaining with the new server structure. You
must think carefully about packet chaining when dealing with any
authentication or SMB parsing issues. The particular problem here was
that a chained tconX didn't get the req->session setup after an
initial sesstion setup call, so the tconx used a bogus VUID.
Stefan Metzmacher [Wed, 14 Jul 2004 12:44:31 +0000 (12:44 +0000)]
r1499: combine struct user_struct and struct smbsrv_user
to a struct smbsrv_session that the same as cli_session for the client
we need a gensec_security pointer there
(spnego support will follow)
prefix some related functions with smbsrv_
metze
Andrew Bartlett [Wed, 14 Jul 2004 12:14:07 +0000 (12:14 +0000)]
r1498: (merge from 3.0)
Rework our random number generation system.
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
This also requires that we start the secrets subsystem, as that is
where the reseed value is stored, for systems without /dev/urandom.
In order to aviod identical streams in forked children, the random
state is re-initialised after the fork(), at the same point were we do
that to the tdbs.
Andrew Bartlett
Stefan Metzmacher [Wed, 14 Jul 2004 11:28:34 +0000 (11:28 +0000)]
r1497: add forward declaration for struct auth_session_info
(fix compiler warning)
metze
Stefan Metzmacher [Wed, 14 Jul 2004 09:00:28 +0000 (09:00 +0000)]
r1494: fix debug message
metze
Stefan Metzmacher [Tue, 13 Jul 2004 21:04:56 +0000 (21:04 +0000)]
r1486: commit the start of the generic server infastructure
the idea is to have services as modules (smb, dcerpc, swat, ...)
the process_model don't know about the service it self anymore.
TODO:
- the smbsrv should use the smbsrv_send function
- the service subsystem init should be done like for other modules
- we need to have a generic socket subsystem, which handle stream, datagram,
and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server
, or for smb or dcerpc or whatever to connect to a server wide auth service)
- and other fixes...
NOTE: process model pthread seems to be broken( but also before this patch!)
metze
Stefan Metzmacher [Tue, 13 Jul 2004 18:41:08 +0000 (18:41 +0000)]
r1483: build dynconfig.c also with PICFLAGS
metze
Stefan Metzmacher [Tue, 13 Jul 2004 18:10:11 +0000 (18:10 +0000)]
r1482: today I saw DCERPC_AUTH_TYPE 16(0x10)
and it seems to be raw krb5, but I need to do some tests
metze
Stefan Metzmacher [Tue, 13 Jul 2004 18:05:02 +0000 (18:05 +0000)]
r1481: add idl file and torture test dummies
for DRSUapi (the Active Directory Replication Protocol)
I'll try to fill the idl file as part of a study project
together with some other students...
metze
Stefan Metzmacher [Tue, 13 Jul 2004 17:52:29 +0000 (17:52 +0000)]
r1480: gwsam has unresolved symbols in it
(on my SuSE 9.1)
so I disable it for now
metze
Stefan Metzmacher [Tue, 13 Jul 2004 17:40:28 +0000 (17:40 +0000)]
r1479: print out domain too
Andrew Bartlett [Tue, 13 Jul 2004 06:39:55 +0000 (06:39 +0000)]
r1476: Don't print messages about the CCACHE not being found - this is normal.
Andrew Bartlett
Andrew Bartlett [Tue, 13 Jul 2004 05:14:59 +0000 (05:14 +0000)]
r1475: More kerberos work
- We can now connect to hosts that follow the SPNEGO RFC, and *do not*
give us their principal name in the mechListMIC.
- The client code now remembers the hostname it connects to
- We now kinit for a user, if there is not valid ticket already
- Re-introduce clock skew compensation
TODO:
- See if the username in the ccache matches the username specified
- Use a private ccache, rather then the global one, for a 'new' kinit
- Determine 'default' usernames.
- The default for Krb5 is the one in the ccache, then $USER
- For NTLMSSP, it's just $USER
Andrew Bartlett
Andrew Bartlett [Tue, 13 Jul 2004 03:23:55 +0000 (03:23 +0000)]
r1474: It is useful if talloc_strdup() behaves like strdup()
- NULL in, NULL out
Andrew Bartlett
Volker Lendecke [Mon, 12 Jul 2004 16:35:48 +0000 (16:35 +0000)]
r1470: Get the smb_trans2 structure out of the rap_cli_call struct.
Initial attempt at RAP server infrastructure. Look at rap_server.c for the
dummy functions that are supposed to implement the core functionality.
ipc_rap.c contains all the data shuffling. _rap_shareenum and _rap_serverenum2
in ipc_rap.c are (I think) regular enough to be auto-generated.
I did not test all the corner cases yet, but nevertheless I would like some
comments on the general style.
Volker
P.S: samba-3 smbclient now doesn't freak out anymore, although the results are
not entirely correct :-)
Stefan Metzmacher [Mon, 12 Jul 2004 15:34:34 +0000 (15:34 +0000)]
r1469: fix a segfault and compiler warning,
introduced by the "compiler warning fix" in rev 1460...
metze
Stefan Metzmacher [Mon, 12 Jul 2004 13:53:35 +0000 (13:53 +0000)]
r1467: disable gensec_krb5 by default till abartlet
add the kinit code
metze
Andrew Tridgell [Mon, 12 Jul 2004 13:23:01 +0000 (13:23 +0000)]
r1466: the name "oid" is taken by some silly system headers - avoid it in our code
Andrew Tridgell [Mon, 12 Jul 2004 13:22:26 +0000 (13:22 +0000)]
r1465: always do a full C prototype, even if its only (void).
this declaration:
int foo();
is *not* the same as this one:
int foo(void);
the first means "I don't know what arguments it takes". The second
means "it takes no arguments"
Andrew Tridgell [Mon, 12 Jul 2004 13:20:50 +0000 (13:20 +0000)]
r1464: the recent build changes completely lost the speed advantage of using
PCH (in fact, it meant that PCH was a slowdown, not a speedup). To
gain speed with PCH you must ensure that the .gch file is compiled
with _exactly_ the same options as the normal object files.
this fixes the .gch build options
Stefan Metzmacher [Mon, 12 Jul 2004 13:15:53 +0000 (13:15 +0000)]
r1463: fix the krb5 build
metze
Andrew Bartlett [Mon, 12 Jul 2004 09:11:13 +0000 (09:11 +0000)]
r1462: GENSEC Kerberos and SPENGO work:
- Spelling - it's SPNEGO, not SPENGO
- SMB signing - Krb5 logins are now correctly signed
- SPNEGO - Changes to always tell GENSEC about incoming packets, empty or not.
Andrew Bartlett
Andrew Bartlett [Mon, 12 Jul 2004 09:07:10 +0000 (09:07 +0000)]
r1461: ntlm_check.c is a server-side peice of code, so it belongs in AUTH.
Andrew Bartlett
Andrew Bartlett [Mon, 12 Jul 2004 09:02:09 +0000 (09:02 +0000)]
r1460: Avoid a compile warning.
Andrew Bartlett
Andrew Bartlett [Mon, 12 Jul 2004 05:50:29 +0000 (05:50 +0000)]
r1458: Add a new configure option, to make it possible to both find errors,
and compile with gtk.
The --enable-developer option was just too noisy with buggy GTK headers.
Andrew Bartlett
Andrew Bartlett [Mon, 12 Jul 2004 04:26:50 +0000 (04:26 +0000)]
r1457: Add the GSSAPI layer to our gensec_krb5 code.
Andrew Bartlett
Andrew Bartlett [Mon, 12 Jul 2004 02:40:38 +0000 (02:40 +0000)]
r1456: Rename this parameter to avoid shadowing a badly-named GTK global.
Andrew Bartlett
Jelmer Vernooij [Sun, 11 Jul 2004 20:16:02 +0000 (20:16 +0000)]
r1455: More Gtk+ updates:
- Start working on 'gwsam'
- Add GtkSelectDomainDialog and GtkSelectHostDialog
Volker Lendecke [Sun, 11 Jul 2004 16:16:02 +0000 (16:16 +0000)]
r1454: Today is the day of broken builds, now I get my share ... :-)
Add a missing file.
Volker
Volker Lendecke [Sun, 11 Jul 2004 14:39:25 +0000 (14:39 +0000)]
r1453: Change the RAP client to use the ndr routines for moving bytes around.
Volker
Andrew Bartlett [Sun, 11 Jul 2004 12:59:27 +0000 (12:59 +0000)]
r1452: Thanks to Volker for spotting that this code was certainly not tested...
(make sure to actually return the result).
Andrew Bartlett
Jelmer Vernooij [Sun, 11 Jul 2004 12:51:01 +0000 (12:51 +0000)]
r1451: More missing files...
Jelmer Vernooij [Sun, 11 Jul 2004 12:38:27 +0000 (12:38 +0000)]
r1450: Oops.. Missing files :-)
Jelmer Vernooij [Sun, 11 Jul 2004 12:15:58 +0000 (12:15 +0000)]
r1449: Use the config system somewhat better in libcli/auth
Andrew Bartlett [Sun, 11 Jul 2004 12:08:33 +0000 (12:08 +0000)]
r1448: Indent this so proto doesn't pick it up.
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 11:52:01 +0000 (11:52 +0000)]
r1447: Fix compile.
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 11:48:21 +0000 (11:48 +0000)]
r1446: Another funciton to avoid in proto.h
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 11:45:56 +0000 (11:45 +0000)]
r1445: Ensure get_auth_data_from_tkt doesn't get into proto.h
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 10:47:41 +0000 (10:47 +0000)]
r1443: More changes towards Kerberos in Samba4's GENSEC.
The kerberos context is now tied in life to the GENSEC context.
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 10:41:44 +0000 (10:41 +0000)]
r1442: I was going to rename kerberos.c -> kerberos_kinit.c, but didn't.
Fix config.mk...
(oh, and this file is somehow marked as binary...)
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 10:38:31 +0000 (10:38 +0000)]
r1441: Indentation and comment fixes.
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 10:29:54 +0000 (10:29 +0000)]
r1440: GENSEC improvements:
- Infrustructure for kerberos
- Don't segfault on un-implemented backend functions
- Add comments.
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 10:26:50 +0000 (10:26 +0000)]
r1439: Once we are authenticated, always return NT_STATUS_OK. (Makes SPENGO
easier to code, as it may return an 'ok' with an empty blob).
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 10:20:42 +0000 (10:20 +0000)]
r1438: Record the principal name we are sent in the SPENGO mechListMIC in a
seperate char *, not a DATA_BLOB.
This allows us to tell if we were sent a string here, or a real MIC.
Andrew Bartlett [Sun, 11 Jul 2004 10:16:36 +0000 (10:16 +0000)]
r1437: Intermediate commit of krb5 for GENSEC.
The session key in the client is wrong, we don't do signing/sealing
and we are sending raw Kerberos, not GSSAPI.
But it's a start, and if we continue to have to call Krb5 directly,
this will be the basis.
I also intend to provide an alternate implementation, using just
GSSAPI.
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 10:07:51 +0000 (10:07 +0000)]
r1436: Move GENSEC across to config.mk
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 06:51:58 +0000 (06:51 +0000)]
r1435: talloc_steal is very useful - add a function to do it with a DATA_BLOB
Andrew Bartlett
Andrew Bartlett [Sun, 11 Jul 2004 06:50:31 +0000 (06:50 +0000)]
r1434: Merge this function in from Samba 3.0, but use a mem_ctx rather than
an fstring.
Andrew Bartlett
Jelmer Vernooij [Sun, 11 Jul 2004 01:42:16 +0000 (01:42 +0000)]
r1433: Properly use GtkTreeView:
- When a key is selected the values are immediately shown in gregedit
- Only allow deleting jobs if one is selected.
Jelmer Vernooij [Sun, 11 Jul 2004 01:01:48 +0000 (01:01 +0000)]
r1432: - Move the various Gtk-specific parts from the registry code into a directory gtk/
- Move common "Samba-Gtk" code into gtk/common/ ("Connect to RPC pipe"-dialog, etc)
- Add a new utility 'gwcrontab' that can currently list, delete and add 'atsvc' jobs. It still displays times and dates as integers though, will fix that later.
Some screenshots available at:
http://samba.org/~jelmer/gwcrontab/
Stefan Metzmacher [Sat, 10 Jul 2004 10:24:58 +0000 (10:24 +0000)]
r1429: enable spnego in smbclient too.
metze
Andrew Bartlett [Fri, 9 Jul 2004 23:38:13 +0000 (23:38 +0000)]
r1426: Fix some of my silly compile errors...
Andrew Bartlett
Andrew Bartlett [Fri, 9 Jul 2004 13:33:10 +0000 (13:33 +0000)]
r1423: Make sure to destory the mem_ctx.
Andrew Bartlett