summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Implement anonymization for protocol v2.Holger Hetterich2010-03-161-14/+53
| | | | | | | | | Since we need to care for the SID too, do the anonymization in the marshalling function and anonymize both the username and the SID. Remove the 'A' status flag from the header definition. A listener could see from the unencrypted header if the module is anonymizing or not, which is certainly not wanted.
* Make all remarks compatible to the linux kernel coding styleguide.Holger Hetterich2010-03-161-27/+33
|
* Added an exact description of the V2 protocol.Holger Hetterich2010-03-161-0/+62
| | | | | I don't think it should have it's place the man page, because this is developer information.
* Move the creation of the header.Holger Hetterich2010-03-161-11/+37
| | | | | | | | | | | | | | | | | | | | Since the header block of the protocol contains the number of bytes to come, we always send the header itself unmodified. If we compress or crypt the data we are about to send, the length of the data to send may change. Therefore, we no longer create the header in smb_traffic_analyzer_create_string, but shortly before we send the data. For both cases, encryption and normal, we create our own header, and send it before the actual data. In case of protocol v1, we don't need to create an extra header. Just send the data, and return from the function. Change a debug message to say that the header for crypted data has been created. Add a status flags consisting of 6 bytes to the header. Their function will be descriped in one of the next patches, which is descriping the header in a longer comment. When anonymization and/or encryption is used, set the flags accordingly.
* Fetch the SID of the user we are running as and send with the commonHolger Hetterich2010-03-161-2/+5
| | | | data.
* Additionally send the vfs function id with the protocol.Holger Hetterich2010-03-161-7/+11
|
* According to the linux kernel coding styleguide, it's better toHolger Hetterich2010-03-161-46/+46
| | | | | align the switch and it's case statements in the same column. This saves us one indentation level.
* Don't use typedefs on the VFS function data structures asHolger Hetterich2010-03-161-27/+27
| | | | | typedefs are evil according to the linux kernel coding styleguide.
* Add read,pread,write,pwrite support to the V2 protocol.Holger Hetterich2010-03-161-3/+14
|
* Enable AES encryption of the data if a key was found in secrets.tdb.Holger Hetterich2010-03-161-3/+22
|
* Add rmdir, chdir, and rename as supported VFS functionsHolger Hetterich2010-03-161-9/+87
|
* The format of data we are sending over the network will be flexible when ↵Holger Hetterich2010-03-161-4/+74
| | | | | | | sending over the network in protocol v2. To be able to do this, we create a new va-list function that is creating the buffer to send. Also it makes it easier for the receiver to parse the data; it sends an initial header containing the full length of the buffer to be send. For the individual strings, it sends sub headers containing the length of the upcoming substring to be send. With the header-data-header-data [..] structure we don't need to quote the sub strings finally enabling having all possible character sets in filenames etc.. In the sending function, implement mkdir to actually send it's data for testing.
* Create structs carrying the data of individual VFS functions, and hand those ↵Holger Hetterich2010-03-161-33/+47
| | | | over to the send function, which then casts the void pointer to the struct required by looking at the id. This allows us to return different result data depending on the VFS function that is running. Make the protocol v1 sender compatible to this. Adapt the existing VFS functions to use the new data structures. Make use of the new functionality and extend the mkdir VFS logger function to return the creation mode additionally.
* Introduce smb_traffic_analyzer protocol v2.Holger Hetterich2010-03-161-7/+62
| | | | | | | From Holger: Make smb_traffic_analyzer differ the protocol versions to enable the development of version 2 of the protocol. To do this, a new parameter "protocol_version" has been introduced, which can be set to "V1", "V2", or nothing. If protocol_version is not set, V1 will be chosen automatically. Created an enum for identifying VFS functions in the upcoming protocol v2. Converted the existing VFS functions to use the identifier, and set the read/write bool used in protocol v1 accordingly, also ignore any other VFS functions except read/write/pread/pwrite in v1. Added a first new VFS function for mkdir, which I use for testing and implementing both the sender and receiver for v2.
* s4:idl change level to type in lsa_ForestTrustRecord.Simo Sorce2010-03-164-12/+12
|
* s4-smbtorture: avoid printf calls in RPC-WINREG test.Günther Deschner2010-03-161-41/+33
| | | | Guenther
* Added a net acl ds command for modification of ACLs on directory objectsNadezhda Ivanova2010-03-167-3/+260
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At present the command supports only addition of control access rigts, done so DRS access checks can be tested. It will be expanded to deal with most ways to modify and view a DS ACL. Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed to this, which is "net acl ds" ./bin/net acl ds set --help Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn Options: -h, --help show this help message and exit --host=HOST LDB URL for database or target server --car=CAR The access control right to allow or deny --action=ACTION Deny or allow access --objectdn=OBJECTDN DN of the object whose SD to modify --trusteedn=TRUSTEEDN DN of the entity that gets access Samba Common Options: -s FILE, --configfile=FILE Configuration file Credentials Options: --simple-bind-dn=DN DN to use for a simple bind --password=PASSWORD Password -U USERNAME, --username=USERNAME Username -W WORKGROUP, --workgroup=WORKGROUP Workgroup -N, --no-pass Don't ask for a password -k KERBEROS, --kerberos=KERBEROS Use Kerberos
* s3-spoolss: be very strict on OpenPrinter{Ex} failures for bad names.Günther Deschner2010-03-161-8/+4
| | | | Guenther
* s4:dsdb - fix up warningsMatthias Dieter Wallnöfer2010-03-162-4/+8
|
* s4:registry - use a macro for reverse byte orderMatthias Dieter Wallnöfer2010-03-162-10/+4
|
* s4:dsdb Show more detail in failure to compute the aggregate DN.Andrew Bartlett2010-03-161-1/+1
| | | | Andrew Bartlett
* s4:dsdb Change dsdb_get_schema() callers to use new talloc argumentAndrew Bartlett2010-03-1622-52/+125
| | | | | | | | This choses an appropriate talloc context to attach the schema too, long enough lived to ensure it does not go away before the operation compleates. Andrew Bartlett
* s4:dsdb Fix warnings in DEBUG() by casting to unsigned long intAndrew Bartlett2010-03-161-4/+4
|
* s4:dsdb/acl Reduce calls to dsdb_get_schema() and add memory contextAndrew Bartlett2010-03-161-24/+46
| | | | | | | | | | dsdb_get_schema() isn't a very cheap call, due to the use of LDB opaque pointers. We need to call it less, and instead pass it as a parameter where possible. This also changes to the new API with a talloc context. Andrew Bartlett
* s4:dsdb Add a memory context for dsdb_get_schema()Andrew Bartlett2010-03-161-3/+9
| | | | | | | | When specified, we talloc_reference onto this context to ensure that pointers found in it are valid for the life of the objects they are placed into. (Such as the string form of LDAP attributes). Andrew Bartlett
* s4:dsdb Don't error out if we can't get the Aggregate schema DN yetAndrew Bartlett2010-03-161-9/+16
| | | | | | | | It's easier to just set it up when we can, then to deal with the ordering issues in ldb startup. As long as we have it ready if a real client ever asks for it, then we should be happy. Andrew Bartlett
* s4:registry - check also for other registry value types in the generic testMatthias Dieter Wallnöfer2010-03-161-0/+16
|
* s4:registry - add a test for the "REG_DWORD_BIG_ENDIAN" datatypeMatthias Dieter Wallnöfer2010-03-161-0/+14
|
* s4:registry - introduce the "REG_DWORD_BIG_ENDIAN" datatypeMatthias Dieter Wallnöfer2010-03-162-4/+26
| | | | It's like the normal REG_DWORD type but the byte order swapped
* s4:dsdb/kcc/*.c - fix up wrong typed countersMatthias Dieter Wallnöfer2010-03-165-20/+22
|
* s4-drs: Torture testcase for DS_REPL_INFO_METADATA_2_FOR_OBJ infoType of ↵Erick Nogueira do Nascimento2010-03-161-46/+104
| | | | | | | | | DsGetReplInfo() This torture testcase considers both cases for this infoType: when the flag DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE is enabled and when not. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-drs: DsGetReplInfo(), infoType = DS_REPL_INFO_METADATA_2_FOR_OBJErick Nogueira do Nascimento2010-03-161-80/+284
| | | | | | Implementation of the DS_REPL_INFO_METADATA_2_FOR_OBJ infoType for DsGetReplInfo() Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Fix bug #7191 - WINS doesn't respond after > 86 #1c registrations.Craig Miskell2010-03-151-4/+115
|
* s3:registry-legacy: use talloc_stackframe() instead of NULL in ↵Michael Adam2010-03-161-2/+3
| | | | | | regkey_open_internal() Michael
* s3:smbcacls: also honour the "--sddl" flag when setting ACLs.Michael Adam2010-03-161-2/+6
| | | | Michael
* s3: Fix an uninitialized variable readVolker Lendecke2010-03-151-1/+1
| | | | | | | | Found by Laurent Gaffie <laurent.gaffie@gmail.com> Thanks for that, Volker
* Remove the bool admin_user from conn struct. We no longer look at this to ↵Jeremy Allison2010-03-154-9/+5
| | | | | | make access decisions. Jeremy.
* Fix bug #7188 - Logic error in check of total_data for call_trans2mkdir()Jeremy Allison2010-03-151-16/+13
| | | | | | Make ea data checks identical for trans2open and trans2mkdir. Jeremy.
* Remove reference to conn->admin_user in preparation for removal.Jeremy Allison2010-03-151-9/+13
| | | | | | | We use (uid_t)0 here not sec_initial_uid() as make test uses a single user context. I will revisit this when all the uid check changes are complete. Jeremy.
* Simplify processing of "admin user". If a user is an admin_user ensure their ↵Jeremy Allison2010-03-151-15/+14
| | | | | | | | | conn token is uid 0. This simplifies change_to_user() and removes special processing of the assignments we pass to set_sec_ctx(). Jeremy.
* Switch over to using get_currect_XXX() accessor functions.Jeremy Allison2010-03-155-33/+38
| | | | Jeremy.
* Pass "connection_struct *conn" into functions that currently use ↵Jeremy Allison2010-03-153-20/+22
| | | | | | | | "current_user.XXX" Will allow me to replace them with accessor functions. Jeremy.
* Add accessor functions for current uid, gid, unix token, NT token and vuid.Jeremy Allison2010-03-152-0/+48
| | | | Jeremy.
* We don't need to treat the token differently in the conn->admin_user case, ↵Jeremy Allison2010-03-151-11/+0
| | | | | | it should already be pointing to a token with uid == 0. Jeremy.
* Rever e80ceb1d7355c8c46a2ed90d5721cf367640f4e8 "Remove more uses of "extern ↵Jeremy Allison2010-03-1510-129/+78
| | | | | | | | struct current_user current_user;"." As requested by Volker, split this into smaller commits. Jeremy.
* s4-smbtorture: add simple printer rename test to RPC-SPOOLSS-PRINTER.Günther Deschner2010-03-151-1/+95
| | | | Guenther
* testprogs: add EnumPrinterData test to win32 spoolss test.Günther Deschner2010-03-152-0/+67
| | | | Guenther
* s4-smbtorture: fill PrinterDriverData with more values for consistency test.Günther Deschner2010-03-151-3/+22
| | | | Guenther
* s3:smbd: make sure we always have a valid talloc stackframeStefan Metzmacher2010-03-151-0/+3
| | | | metze
* talloc_stack: reset stackframe pointers to NULLStefan Metzmacher2010-03-151-0/+2
| | | | | | This makes it easier to debug the code in future. metze
generated by cgit (git 2.34.1) at 2025-09-26 15:20:29 +0000