Age | Commit message (Collapse) | Author | Files | Lines |
|
specific GENSEC mech type, but on the behaviour of the mech.
Andrew Bartlett
(This used to be commit f2bd7a5a699b91d99d7dc2a0b3b6c7006274a59c)
|
|
token in the client (the final token in the negotiation).
Consequential fixes in the SPNEGO code, which now uses the out.length
as the indicator of 'I need to send something to the other side'.
Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client.
Fix the RPC-MULTIBIND test consequent to this merge.
Andrew Bartlett
(This used to be commit 43e3516fc03008e97ebb4ad1a0cde464303f43c6)
|
|
metze
(This used to be commit 872c687184e5317b4477a184e0a954e6de0b8e9e)
|
|
(This used to be commit 4f30220a5aafb2843e486be4a743e0fe9e9f462c)
|
|
(This used to be commit ba6caa99a454cb3393c8898f1e5be4a432b820c4)
|
|
advanced auth types we should do a plain bind. This fixes rpc
connections to ancient servers (like sun cascade)
(This used to be commit 59a5a0b218f7182c541a06ffc4528c1160699033)
|
|
so don't use a local one
metze
(This used to be commit dd217f7916c885e1395f6f2a78e38e10f56e5f0f)
|
|
metze
(This used to be commit 590afa88f15c32bc14b2c23e2c57b3401d9c3de7)
|
|
- added support for "spnego" in binding strings. This enables SPNEGO
auth in the dcerpc client code, using as many allter_context calls as
are needed
To try SPNEGO do this:
smbtorture ncacn_ip_tcp:SERVER[spnego,seal] -Uadministrator%password RPC-SAMR
(This used to be commit 9c0a3423f03111c110d21c0d3910e16aa1a8bf87)
|
|
all tools from working
(This used to be commit e59c5adf39c2c840a40a62485195167f80b9ef53)
|
|
it can't be changed (so you have to create a new context_id, not
change the interface bound to an existing one)
(This used to be commit 5f10a8f8d04d627927d9870c87d6e7d8b98d563c)
|
|
More work on the example class implementation
(This used to be commit 1f8f4dd179d5aa0472c676d115dc2fc1749ce32d)
|
|
by Andrew Bartlett)
(This used to be commit da3c7712d234291f9c5a3c48daae02bdf0878bf0)
|
|
(This used to be commit e76d486b04ee114087a69a659fbc47e585e71510)
|
|
(This used to be commit b1ff60667038aa1e2d7c6ad2015ba33ac5a90dc6)
|
|
doesn't need to
use function pointers anymore
- make the module init much easier
- a lot of cleanups
don't try to read the diff in auth/ better read the new files
it passes test_echo.sh and test_rpc.sh
abartlet: please fix spelling fixes
metze
(This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
|
|
(This used to be commit 95e849bf94160ae4807a54b28e351539c1119215)
|
|
- there is no alter_nak or alter_ack packet, its all done in an
alter_response
- auto-allocated the contex_ids
- tried to fix up the dcom code to work again with
alter_context. Jelmer, please take a look :)
(This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
|
|
just does a simple LSA/DSSETUP combo, which is what w2k does in the
ACL editor rpc calls that triggered this work
(This used to be commit 0129ec947aa1fa5a7104dc3a666af3cb9bd104f1)
|
|
dcerpc_alter_context and multiple context_ids in the dcerpc client
library.
This stage does the following:
- split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which
contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has
the context dependent part. This is similar to the layering in libcli_*() for SMB
- disable the current dcerpc_alter code. I've used a #warning until i
get the 2nd phase finished. I don't know how portable #warning is, but
it won't be long before I add full alter context support anyway, so it won't last long
- cleanup the allocation of dcerpc_pipe structures. The previous code
was quite awkward.
(This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
|
|
(This used to be commit 0e61a422bd9a1596a284c176f033e958bbeaa8ce)
|
|
replace).
Andrew Bartlett
(This used to be commit ddb54d4ea1610b38e011e2f217ded7b6278d5290)
|
|
(This used to be commit 20f9143221021ab050802d6aed359677bee978ed)
|
|
(This used to be commit 24ec8c4274241576683f1f6c86c33a2dfa43848c)
|
|
- removed the spurious call to set_blocking() in the smb server setup.
(This used to be commit 76d905d12e6f65a3670e4167ec79d8876b772ca6)
|
|
only needs WS privilages anyway.
Andrew Bartlett
(This used to be commit a093c4f98e833198ee59064b2cb9b9b45a188a59)
|
|
metze
(This used to be commit 11e006df1689d4b4b202bca640106fd789495284)
|
|
- use new NT_STATUS_* macros for error checking return
- don't use talloc_p anymore
metze
(This used to be commit 372a8eeeefc2ebff50211985372888b5b6d4eb65)
|
|
metze
(This used to be commit 62c45635ff8a158acefd4ae2aae2ffc352a97113)
|
|
regexps. Hopefully this will make things a bit easier to understand
later on.
(This used to be commit c325859eb6a0972638bbbb83ebb2dfda489ac8ee)
|
|
(This used to be commit fbd2a90bcdb7426c9a15bd8dc09da9008a0bc1bf)
|
|
Andrew Bartlett
(This used to be commit 96806136ead3d1949516b2cfe7350a4e10681c28)
|
|
Return more ethereal types and bases for hf fields. Currently we
assume that enums always fit into a uint16 which will probably have to
change soon.
(This used to be commit 25f6e11f3156e21c1dc03afa879e9cda2f5dd341)
|
|
Start working on adding support for bitmaps and enums.
In progress tweaks for arrays of structures.
(This used to be commit d39cb7ecb4c193cbba628ee6d6f9b5c5bbf89d33)
|
|
request to
kill the domain controller I'm asking. In samba4 torturing the DC is just so
easy, commit the test to randomized ask for DCs for all trusted domains.
Volker
(This used to be commit edb918762e1e46909520f13e28dcf8cedb2919b1)
|
|
not do
dynamic inheritance
(This used to be commit ebe6b002843196bc6d6fadfa646aa3bc8eb27af8)
|
|
(This used to be commit 5a1a17d3fc771b1e1c61297067f38c87901891d3)
|
|
Andrew Bartlett
(This used to be commit 07295b3b07984ec3d1de9ed27835dbda7b4b7d0f)
|
|
it doesn't
use TALLOC_DEPRECATED
(This used to be commit 2fe0e2528f14627832942f6404a4b1be4b556c97)
|
|
(This used to be commit 1177200dd9392c088f5b009f55390ad31c367e5f)
|
|
- added #if TALLOC_DEPRECATED around the _p functions
- fixes the code that broke from the above
while doing this I fixed quite a number of places that were
incorrectly using the non type-safe talloc functions to use the type
safe ones. Some were even doing multiplies for array allocation, which
is potentially unsafe.
(This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
|
|
Andrew Bartlett
(This used to be commit 7bb00a80ac55252b8c05b33fd576b8606470e9be)
|
|
(This used to be commit f4337c988c15dc84e3cfd77b628e92a0996717ea)
|
|
(This used to be commit b65a95c11778fd778ad3c013664aea7d038e16ae)
|
|
this fixes RPC-SAMLOGON and some other tests on ncacn_ip_tcp
(This used to be commit 244370d62424ab3c0f9d6689b0e674d057b3fc09)
|
|
(This used to be commit e252f80f2bc5de4a3de84acf232f5334b5d448f6)
|
|
w2k3 does) or
NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED (as longhorn does) to be an error.
fixed the CreateTrustedDomain test to cope with the "torturedomain" being left over
from a previous aborted run
(This used to be commit 429d79815c260781fae6eed28160d7507e780f34)
|
|
really the
strange behaviour I saw was a w2k3 bug :-)
(This used to be commit e729061bcde25d0565a72222e4720ca8074ef23f)
|
|
(This used to be commit f893ad9c45d6d06fa1b6f1f949a7834e7bf99ba7)
|
|
win2003. It is a
win2003 bug!
This new test code works against w2k, and against longhorn, but fails
against w2k3. When tested against w2k3 it allows a open with an access
mask that should be denied by the given ACL, after setting up the ACL
using inheritance. Note that only the very specific
SEC_RIGHTS_FILE_ALL mask incorrectly succeeds, so they must have a
special case for that mask. Maybe its an optimisation gone wrong?
I don't know if there are any serious security implications to this,
but it is pretty clearly wrong, and has been fixed in longhorn.
(This used to be commit 4f9fd767dbb5e47f3786f5acda17267d57e839e0)
|