Samba4/Andrew and Jelmers Fantasy Page/2010

From SambaWiki
Revision as of 00:08, 28 August 2008 by JelmerVernooij (talk | contribs) (Update)

Plans for fortnight ending 6 september 2008

  • wmi integration (Jelmer)
  • upload samba-gtk into Debian (Jelmer)
  • hdb_samba4 (Jelmer)
  • send out patch for merged franky build (Jelmer)
  • eliminate last EJS (minschema.js, samba3sam.js (Jelmer))

Plans for fortnight ending 23 august 2008

slacking off

Plans for fortnight ending 9 August 2008

  • Fix AES compatability with Windows 2008/Vista. (Andrew)
    • It turns out that Metze was starting to chase the same bug
    • The fix is to implement gss_wrap_ex() - ie AEAD, the signing of headers in DCE/RPC packets.
    • Earlier 'use Heimdal for SPNEGO' work is forming a very useful basis for this work
  • Look at smartcard login again (Andrew)
    • Bugs in Dogtag have been allegedly fixed.
  • Trusted domains (Andrew)
    • Add support for trusted domains in our KDC

Achieved so far

Plans for fortnight ending 26 July 2008

Achieved so far

  • Fix LDAP backend to be secure (not anonymous access) (Andrew)
  • Partially Fix vista join bugs due to AES and GSSAPI CFX (Andrew with Tridge)
    • Session keys for smb signing are original length (ie, 32 in this case)
    • Session keys for SAMR encryption are 16 (ie, truncated)
    • Still need to fix GSSAPI encryption for the AES case (it uses AEAD, as seen in NTLM2)
  • Phone calls with Microsoft (Andrew)
    • I now have a regular phone hookup with Microsoft to go over pending issues in the WSPP process
  • Fix 'file not found' errors from clients (Andrew with Tridge)
    • Due to an uninitialised variable, introduced in some recent SMB2 work
    • shows up on systems with extended attributes (typically those using SeLinux, such as Fedora)
    • Perhaps a good reason to push out a new alpha soon

Plans for fortnight ending 12 July 2008

  • wmi integration (Jelmer)
  • upload openchange and samba-gtk into Debian (Jelmer)
  • hdb_samba4 (Jelmer)
  • eliminate last EJS (minschema.js, samba3sam.js)
  • Improve LDAP backend from a technology preview to a deployable system (Andrew)

Achieved so far

  • Continue packaging of OpenChange and Samba4 for Fedora
  • Start work on smart card login (Andrew)
    • Including setting up DogTag certificate system (Andrew)
    • At least to the stage of the first crashes...
  • Rework schema handling to know about auxillary classes (Andrew)
    • Try to do this in common between ad2OLschema and the kludge_acl and objectclass modules.

Plans for fortnight ending 28 June 2008

  • external Heimdal use (Andrew)


  • Created Samba 4 and OpenChange RPM packages (Andrew)
  • test TEST_LDAP=yes (Andrew)
  • Fixed Franky build for odd make versions (Jelmer)

Plans for fortnight ending 14 June 2008

  • Linked attributes for 'net vampire' (Andrew)
  • AES Key support (check with docs and Win2008 on format) in samdb (Andrew)
  • Work to make ldb merge easier for Simo (andrew)
  • Any work required to merge NTP patch with distribution (Andrew)
  • Work with alpha testers on any issues that come up in production deployments of Samba4 (Andrew)

Achieved so far

  • Samba4 alpha4 release (andrew)
    • without LDB merge, which seems a while off yet
  • Sync test with it's (now obsolete) ldap.js predecessor (andrew)
  • Add python bindings for NetBIOS (Jelmer)
  • Improve portability of Franky build (Jelmer)
  • Asked Microsoft about AES key formats (Andrew)
    • Just getting the data from Win2008 failed due to other reasons
  • Continued the battle with Microsoft over NTP documentation (Andrew)
  • Worked on package of Heimdal for Fedora (Andrew)
    • As a preview to packaging Samba4 for Fedora

Plans for fortnight ending 31 May 2008

  • Linked attributes for 'net vampire' (andrew)
  • Make a Samba 4.0 alpha4 release if the ldb branch gets merged (Jelmer)

Achieved so far

  • Implement NTP signing (andrew)
  • Finish CLDAP and NBT netlogon parsing. (Andrew)
    • Including expected value tests (critical to ensuring we return the *right* answer)
    • This should help things like Group Policy, which rely on this 'DC ping' functionality
  • Merge Simo's ldb branch with current v4-0-test (abartlet)
    • Should make Simo's merge task easier.
  • Removed smbpython and restructured Python modules hierarchy to not clutter Python namespace (Jelmer)
  • Merged improvements made by Wilco and Jelmer to the registry during SambaXP (Jelmer)
  • Added documentation to most Python modules and improved descriptions. (Jelmer)
  • Fixed memory bug in autogenerated DCE/RPC Python bindings (Jelmer)
  • Several test infrastructure improvements. (Jelmer)
    • Print full test path for easy inclusion in knownfail lists
    • Make test case name part of test name to allow a test to have different results against different test cases
    • Set PYTHONPATH during test runs
  • Removed unused old EJS DCE/RPC bindings and testscripts (Jelmer)
  • Make it easier to use various libraries externally without including all of Samba 4's build system (Jelmer)
  • Updated Samba 4, OpenChange and Samba-Gtk Debian packages, now passes lintian. (Jelmer)
  • Added Python bindings for IRPC / Messaging interfaces (Jelmer)
    • Rewrote smbstatus in Python
  • Added mechanism for doing "raw" DCE/RPC requests from Python (Jelmer)
    • Also initial work on a script that should attempt to figure out IDL by probing
  • Exposed more DCE/RPC internals from Python bindings (Jelmer)
  • Initial work on WSGI implementation in web_server/ (Jelmer)
  • Added combined buildsystem for Franky

Plans for fortnight ending 17 May 2008

  • Fix our CLDAP netlogon processing to match description in [MS-ADTS] 7.3.3 (andrew)
    • Use this to fix and test group policy handling on Win2000 and WinXP clients

Achieved so far

  • Partial security=server implementation, awaiting VFS proxy merge for testing (Andrew)
  • Removed a large number of dead build farm hosts in response to automated mails (Andrew)
  • Brought back old (D)COM code and made it compile again (Jelmer)
  • Merged GNU make branch (Jelmer)
    • Now allows using system Python with Samba Python modules
  • Finished Samba 4 Debian package together with Christian (Jelmer)
  • Updated Debian packages for OpenChange and Samba-Gtk (Jelmer)
  • Most of the parsing work towards the CLDAP/NBT netlogon consolidation (Andrew)

Plans for fortnight ending 3 May 2008

  • Build Farm improvements
    • See if we can use SQLite to get a bit more done
    • make build farm summary page use sqlite
    • host list, by last reported time
    • last reported time on host individual page
  • Finish security=server re-implementation in Samba4
  • Finish ncacn_http implementation

Achieved so far

  • Very useful Visit to Sam's home company for 2 days
    • Chat with principals to encourage them
    • Jelmer prepared WAFS branch for merging
      • Looks like further development will be upstream, which is great
    • Jelmer did some initial work on tests for proxy code
    • Andrew Started work on 'security=server' re-implementation for Samba4
      • This will allow WAFS to hijack an unsigned connection as a man in the middle attack.
    • Andrew fixed 'make test' to fail if PIDL tests fail
  • Build Farm
    • make build farm send e-mails to dead hosts (based on SQLite database)

Achievements for fortnight ending ending 19 April 2008


  • Successfully gave 3 presentations
    • Samba4 status report (Both)
    • Samba4 and the LDAP backend / Little barber shop of horrors (Andrew)
    • RPC Scripting using Python (Jelmer)
  • Worked with Sam Liddicott
    • He has implemented the start of a WAFS (latency reducing) proxy for Samba4
    • Organised to visit his companies office
  • Improved code coverage to give better 'headline' figure for presentation (Andrew)
    • Working with Kai's winbind work to run metze's structure based tests
    • Kai worked on blackbox tests
    • Required fixing up parts of winbind (untested code is broken code, Andrew)
  • Fixed bugs in Pidl reported by Volker (Jelmer)
  • Added knownfailure support in test code (Jelmer)
  • Split out policy library into separate git repository (Jelmer)
  • Worked with Wilco on more registry tests (Jelmer)
  • Fixed several Python usability bits (Jelmer)
  • Fixed duplication in blackbox tests (Jelmer)
  • Initial work on ncacn_http support (Jelmer)
  • Discussions with Guenther, Michael about reconciling registry, libsmbdotconf and smbdotconf in Samba 3 and 4 (Jelmer)