summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| | | * r17215: Prepare the SASL socket before actually settting it. This allowsAndrew Bartlett2006-07-241-29/+51
| | | | | | | | | | | | | | | | | | | | | | | | errors to be reported corectly, rather than just dropping the socket. Andrew Bartlett
| | | * r17210: I wonder how I missed this, build farm caught it.Simo Sorce2006-07-231-1/+1
| | | |
| | | * r17209: Add dependency over the new share configuration module into smbdSimo Sorce2006-07-231-1/+2
| | | | | | | | | | | | | | | | Should fix some build farm machine
| | | * r17208: Add a away to test the ldb module.Simo Sorce2006-07-232-0/+257
| | | | | | | | | | | | | | | | | | | | Actually you can't test both classic and ldb together, but you can replace the standard script/tests/mktestsetup.sh file with this one and run make test to see share_ldb in action
| | | * r17207: Add the ldb based shares configuration moduleSimo Sorce2006-07-232-0/+291
| | | |
| | | * r17206: Add a modular API for share configuration.Simo Sorce2006-07-2330-230/+1005
| | | | | | | | | | | | | | | | Commit the classic backwards compatible module which is the default one
| | | * r17205: Even if this makes me look foolish, at least start to scratch on the ↵Volker Lendecke2006-07-232-24/+308
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | surface of spoolss. If snum is to be removed, then we should make at least the attempt to walk parts of the code before and after the changes. This walks GetPrinterInfo level 0-7. Volker
| | | * r17197: This patch moves the encryption of bulk data on SASL negotiated securityAndrew Bartlett2006-07-2318-248/+639
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | contexts from the application layer into the socket layer. This improves a number of correctness aspects, as we now allow LDAP packets to cross multiple SASL packets. It should also make it much easier to write async LDAP tests from windows clients, as they use SASL by default. It is also vital to allowing OpenLDAP clients to use GSSAPI against Samba4, as it negotiates a rather small SASL buffer size. This patch mirrors the earlier work done to move TLS into the socket layer. Unusual in this pstch is the extra read callback argument I take. As SASL is a layer on top of a socket, it is entirely possible for the SASL layer to drain a socket dry, but for the caller not to have read all the decrypted data. This would leave the system without an event to restart the read (as the socket is dry). As such, I re-invoke the read handler from a timed callback, which should trigger on the next running of the event loop. I believe that the TLS code does require a similar callback. In trying to understand why this is required, imagine a SASL-encrypted LDAP packet in the following formation: +-----------------+---------------------+ | SASL Packet #1 | SASL Packet #2 | ----------------------------------------+ | LDAP Packet #1 | LDAP Packet #2 | ----------------------------------------+ In the old code, this was illegal, but it is perfectly standard SASL-encrypted LDAP. Without the callback, we would read and process the first LDAP packet, and the SASL code would have read the second SASL packet (to decrypt enough data for the LDAP packet), and no data would remain on the socket. Without data on the socket, read events stop. That is why I add timed events, until the SASL buffer is drained. Another approach would be to add a hack to the event system, to have it pretend there remained data to read off the network (but that is ugly). In improving the code, to handle more real-world cases, I've been able to remove almost all the special-cases in the testnonblock code. The only special case is that we must use a deterministic partial packet when calling send, rather than a random length. (1 + n/2). This is needed because of the way the SASL and TLS code works, and the 'resend on failure' requirements. Andrew Bartlett
| | | * r17196: Clarify that SSL is used for LDAP as well as SWAT.Andrew Bartlett2006-07-231-1/+1
| | | | | | | | | | | | | | | | Andrew Bartlett
| | | * r17195: Start thinking how to implement extended operations.Simo Sorce2006-07-222-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ad supports three extended operations: - start tls - dynamic objects - fast binds none of these are a priority.
| | | * r17193: Remove ancient stuff never really usedSimo Sorce2006-07-222-364/+0
| | | |
| | | * r17189: Add the new LDAP rfc seriesSimo Sorce2006-07-2224-0/+27176
| | | |
| | | * r17187: Beginnings of a little lsa walker for Samba3, if only to prevent theVolker Lendecke2006-07-222-0/+78
| | | | | | | | | | | | | | | | | | | | | | | | regression we had in 3.0.23... Volker
| | | * r17186: "async" word abuse clean-up part 2Simo Sorce2006-07-2223-286/+272
| | | |
| | | * r17185: Oh, I wanted to do this for sooo long time.Simo Sorce2006-07-2224-427/+427
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Finally acknowledge that ldb is inherently async and does not have a dual personality anymore Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply to reflect the real function of this structure. Simo.
| | | * r17176: remove off_t from talloc. size_t is large enough to holdStefan Metzmacher2006-07-215-13/+11
| | | | | | | | | | | | | | | | | | | | | | | | the max amount of memory of one process metze
| | | * r17174: Enable gnutls code, which requires the HAVE_GNUTLS CPP macro.Andrew Bartlett2006-07-211-0/+3
| | | | | | | | | | | | | | | | Andrew Bartlett
| | | * r17173: Check for oversize output, not oversize input, and fix the GSSAPI mechAndrew Bartlett2006-07-211-10/+11
| | | | | | | | | | | | | | | | | | | | | | | | to work (it broke it in the previous commit). Andrew Bartlett
| | | * r17171: Add a gensec function to determine the maximum negotiated buffer size,Andrew Bartlett2006-07-213-34/+134
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and the maximum amount of user data that may be fitted into that. This is used in the new SASL code, to correctly honour SASL buffer sizes. Andrew Bartlett
| | | * r17170: Catch some more out-of-memory cases, and provide some clues whenAndrew Bartlett2006-07-211-7/+18
| | | | | | | | | | | | | | | | | | | | | | | | chasing down bad signatures that may be due to data truncation. Andrew Bartlett
| | | * r17169: Test LDAP with testnonblock.Andrew Bartlett2006-07-211-1/+1
| | | | | | | | | | | | | | | | Andrew Bartlett
| | | * r17168: Now that TLS (and soon SASL) is below the socket layer, we need toAndrew Bartlett2006-07-214-14/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | make the testnonblock skip some things. The socket *under* the tls socket is still tested. Andrew Bartlett
| | | * r17167: indentAndrew Bartlett2006-07-211-1/+1
| | | |
| | | * r17157: bail out if sizeof(size_t) < sizeof(void *)Stefan Metzmacher2006-07-201-0/+4
| | | | | | | | | | | | | | | | metze
| | | * r17156: check for the size of a pointerStefan Metzmacher2006-07-201-0/+1
| | | | | | | | | | | | | | | | metze
| | | * r17141: Prove that create dispositions with truncate and Jeremy Allison2006-07-191-0/+71
| | | | | | | | | | | | | | | | | | | | overwrite break oplocks. Jeremy.
| | | * r17139: Checking in Volker's extended oplock test.Jeremy Allison2006-07-192-87/+121
| | | | | | | | | | | | | | | | Jeremy
| | | * r17114: print some sizes for debuggingStefan Metzmacher2006-07-181-0/+3
| | | | | | | | | | | | | | | | metze
| | | * r17113: build tdb and ldb standalone with the same sizes of 'off_t' as from ↵Stefan Metzmacher2006-07-182-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | samba metze
| | | * r17112: - fix the build of the ldap ldb backend with newer openldap header ↵Stefan Metzmacher2006-07-181-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | files. - use the correct timeout variable (simo you should do a standalone build before commiting:-) metze
| | | * r17109: - use AC_SYS_LARGEFILE so that type sizes are the same when tallocStefan Metzmacher2006-07-182-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | is build standalone and inside samba - add configure checks for the some type sizes for debugging metze
| | | * r17104: Rename function parameters and variables to avoid shadowing globalAndrew Bartlett2006-07-181-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | declarations. Andrew Bartlett
| | | * r17103: Big updates to the not-yet-enabled partitions module. It now servicesAndrew Bartlett2006-07-171-4/+189
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the Global Catalog port 'correctly' (in a very simple sense) in that it should be no worse than what we had before. We now combine partitions together to search over the whole tree, when we are marked as 'global catalog'. Andrew Bartlett
| | | * r17099: Samba3 now passes RAW-LOCK completely, no need forJeremy Allison2006-07-171-10/+0
| | | | | | | | | | | | | | | | | | | | parameters to protect it. Jeremy.
| | | * r17088: add ntvfs mapping function for notifyStefan Metzmacher2006-07-172-1/+65
| | | | | | | | | | | | | | | | metze
| | | * r17087: - make pvfs_notify_next_send staticStefan Metzmacher2006-07-171-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - fix double free: a talloc_reference(a,b) when a is a child of b doesn't prevent talloc_free(b) from destroiying a and b. metze
| | | * r17085: reuse the existing sec_desc_buf structStefan Metzmacher2006-07-172-8/+4
| | | | | | | | | | | | | | | | metze
| | | * r17084: implement SMB2 Cancel in the server,Stefan Metzmacher2006-07-174-11/+125
| | | | | | | | | | | | | | | | | | | | | | | | | | | | that makes it possible for clients to cancel async requests, like NOTIFY... metze
| | | * r17083: - implement SMB2 Cancel in the clientStefan Metzmacher2006-07-175-5/+105
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - the 0xffffffffffffffff seqnum is reserved for SMB2 Break (oplock breaks) so don't use it in a request. we should someday try to test this... metze
| | | * r17082: Add a test that walks and tests denying tconX access via the share ↵Volker Lendecke2006-07-175-20/+312
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | security descriptor. This is something that W2k3 does _not_ pass and probably is not expected to, it seems the don't check access at tconX time. Thanks to metze for the hint how in the srvsvc_NetShareInfo1501 struct the length of the sd can be encoded in idl. As metze says, there's probably more to the share secdesc, this needs more testing. This one is here to walk the samba3 code. Volker
| | | * r17081: add idle handler support to the smb2 client lib tooStefan Metzmacher2006-07-172-0/+45
| | | | | | | | | | | | | | | | metze
| | | * r17079: Remove an attempt to connect on ncacn_ip_tcp transport after failureRafal Szczesniak2006-07-161-38/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | on ncacn_np, as abartlet suggested. Also, named pipe remains the default transport for all kinds of servers to be contacted. rafal
| | | * r17074: Extend the rpc-samba3-getusername test: This creates a normal user ↵Volker Lendecke2006-07-151-49/+275
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and we check if we can actually see the user SID on a fresh sessionsetup. This also gives us the simple create_user, which can lead to more fun tests :-) Volker
| | | * r17069: Make us pass RPC-NETLOGSAMBA3 against w2k3 againVolker Lendecke2006-07-151-2/+5
| | | |
| | | * r17065: NT4 does not like "0" here, W2k3 does not care...Volker Lendecke2006-07-151-1/+1
| | | |
| | | * r17064: lsa_GetUserName needs to return the name for S-1-5-7 on an anonymous ↵Volker Lendecke2006-07-152-23/+265
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | login. Found that because I want to play around with setsharesecurity, for this I need the "whoami" call figuring out the SID of the currently connected user. Not activating this test yet until the build farm has picked up the new samba4 revision. Volker
| | | * r17062: make correct use of talloc destructors, and make the code much simplerStefan Metzmacher2006-07-151-14/+12
| | | | | | | | | | | | | | | | | | | | | | | | should I merge that aslo to samba3? metze
| | | * r17061: - remove the currect talloc chunk from it's parent before freeing ↵Stefan Metzmacher2006-07-152-7/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the children this fixes an endless loop bug! - reenable the test for this should I merge this to samba3? metze
| | | * r17031: When I first revived the objectclass sorting module, simo complainedAndrew Bartlett2006-07-141-151/+293
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | that it should handle the add without a search. Now that I'm working on better behaviour with an LDAP backend, I've fixed the module to do just that. For an ADD, and a MODIFY with the REPLACE flag, we do not need the search step. Andrew Bartlett
| | | * r17028: Remove extra newline.Rafal Szczesniak2006-07-131-1/+0
| | | | | | | | | | | | | | | | rafal
generated by cgit (git 2.34.1) at 2025-10-03 09:09:59 +0000