summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-07-16s3-dcerpc: Read a pdu in 2 steps, header first the payloadSimo Sorce1-18/+8
We can't really cope with receiving more data than expected anyway as there is code that checks if the size of the buffer is consistent with pkt->frag_length and throws an error if not. Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dceprc: Use IDL defined constants for length calculationsSimo Sorce3-51/+47
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16Reformat and cleanupSimo Sorce1-75/+75
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Move common helpers into a common fileSimo Sorce5-165/+241
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Padding is never done on a DCERPC_PKT_BIND_ACK packet.Simo Sorce1-24/+2
Empirically verified against Windows. It never pads the auth credentials on this packet type. Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16dcerpc: remove ncacn_packet_header and related functionsSimo Sorce3-80/+0
ncacn_packet_header was an artifact and it is not necessary anymore Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Refactor code and stop using ncacn_packet_headerSimo Sorce1-202/+164
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: consolidate respones packet creation codeSimo Sorce4-452/+236
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Convert frag from prs_struct to a simple DATA_BLOBSimo Sorce3-210/+134
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Convert rdata from prs_struct to a simple DATA_BLOBSimo Sorce8-68/+47
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Remove unused functions and headersSimo Sorce5-175/+6
parse_rpc.c is dead, long live parse_rpc.c ! Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Stop using hand marshalling in create_next_pdu_noauth()Simo Sorce1-24/+14
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Stop using hand marshalling in create_next_pdu_schannel()Simo Sorce1-87/+81
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Stop using hand marshalling in create_next_pdu_ntlmssp()Simo Sorce1-38/+38
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Stop using hand marshalling in rpc_finish_auth3_bind_send()Simo Sorce1-15/+9
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Do not parse the packet twice.Simo Sorce1-17/+7
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Remove unused functionSimo Sorce1-36/+0
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Do not reparse the headerSimo Sorce1-26/+15
Instead pass back and use the packet we have already parsed. Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Pull the whole packet at once instead of fetching just the headerSimo Sorce1-57/+68
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16s3-dcerpc: Delay parsing rpc header in client codeSimo Sorce1-19/+21
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-15Fix bug - 7551 smbclient does not return proper exit code.Jeremy Allison1-0/+1
Catch error in cli_push. Jeremy.
2010-07-16s4:testprogs Operate the blackbox kinit and net tests using the :local configAndrew Bartlett3-8/+5
This :local tells selftest.pl to use the local smb.conf for the test environment, not the generic client smb.conf This then makes the rest work properly - otherwise, it may attempt to connect to the wrong KDC for example. The only problem is that we can't test the 'net join' with this set, so this is removed from the test. The member server test environment checks this anyway. Andrew Bartlett
2010-07-15s4:testprogs Show that we no longer delete the old keytab entriesAndrew Bartlett1-3/+5
By using a CCACHE obtained while the old password was still valid, we can tell if the server still accepts incoming Kerberos connections with the old password. Andrew Bartlett
2010-07-15s4:provision Handle machine account password changes while keeping keytabAndrew Bartlett1-15/+23
The challenge here is to update the existing record if it already exists, rather than deleting the old record. This ensures that the secrets.keytab handling code keeps the previous password in the keytab. Andrew Bartlett
2010-07-15s4:pyldb whitespace fixAndrew Bartlett1-1/+1
2010-07-15s4:pyldb Fix memory handling for ldb_message_elementAndrew Bartlett1-5/+10
The problem here is that we need to use the array, not the individual message element as the memory context. Andrew Bartlett
2010-07-15s4:testprogs Prove kerberos still works after a password changeAndrew Bartlett1-0/+25
Changing the machine account password should not prevent connections with a current, valid CCACHE. This is because when the password is changed, the server-side keytab keeps one old password around. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: Adapt the list of attribute modifiedMatthieu Patou1-4/+25
* isMemberOfPartialAttributeSet is now allowed to be deleted (on schema objects) * attributeDisplayNames is now allowed to be added and modified (used on display specifiers) * spnMapping is now allowed to be altered on Directory Service objects * minPwdAge is now modified if the previous value was 0 We issue a clear information about the userControl attribute for administrator to invite the user to modify himself the value. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 ldb modules: relax some tests about attributes that should not be hereMatthieu Patou1-0/+9
For attributes that we know that are harmless and that used to be stored in the ldb we relax the tests on the existance in a given objectclass. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: Synchronize the calculated keyversionnumber with the ↵Matthieu Patou1-1/+22
one previously stored Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: do not copy RID Set it's automaticaly created by the ↵Matthieu Patou1-24/+34
RID manager Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: add function to backup the provision before updatingMatthieu Patou1-152/+268
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: fix whitespacesMatthieu Patou1-13/+13
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4: Add unit test for increment_calculated_keyversion_numberMatthieu Patou1-1/+25
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: introduce a new function to update the field use for ↵Matthieu Patou1-3/+37
calculating msds-keyversionnumber This function change the version field of the unicodePwd in the replPropertyMetaData so that the version is equal or superior to the reference value passed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 python: Add functions to samdb to manipulate version of ↵Matthieu Patou2-1/+128
replPropertyMetaData attribute This change contains also helpers for attribute id to attribute oid conversion and from attribute id to attribute name. It brings also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 dsdb: Use the changereplmetadata controlMatthieu Patou2-72/+222
This control allow to specify the replPropertyMetaData attribute to be specified on modify request. It can be used for very specific needs to tweak the content of the replication data. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 dsdb: create a new control: changereplmetadataMatthieu Patou2-0/+7
This control is designed to allow replmetadata to be specified Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15ldb: allow ldb_sequence_number to be called in pythonMatthieu Patou1-0/+26
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4: Unit test update_machine_account_password through kinitMatthieu Patou2-0/+40
This patch is for testing the chgdcpass script which is mostly a call to update_machine_account_password. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4: Add a simple script to change dc passwordMatthieu Patou1-0/+63
This script will mostly be used by unit test (blackbox type) to test the change of the dc password Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 provision: move update_machine_account_password to helpersMatthieu Patou2-49/+51
This is to allow reuse of this function and also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s3: Fix crashes in the printing codeVolker Lendecke1-0/+3
create_conn_struct did not create the conn->sconn!=NULL assumption we now depend on. Thanks to Andreas Schneider for testing!
2010-07-14s3-dcerpc: Break memory hierarchy for shared structureSimo Sorce1-1/+1
Handles are shared among multiple pipes_struct. We cannot allocate them on any specific pipes_struct or it will vanish for all others as soon as that pipes_struct is freed, leaving back dangling pointers. Signed-off-by: Andreas Schneider <asn@samba.org>
2010-07-14s4: Added acl search tests for anonymous connection.Nadezhda Ivanova1-83/+68
The tests make sure that we comply with dsHeuristics setting and restrict anonymous access to rootDSE. They will be enabled when the implementation is pushed. tests are verified against win2k8.
2010-07-14s3-dcerpc: fix crash bug in error path of process_complete_pdu().Günther Deschner1-1/+1
Guenther
2010-07-14Fixed system_session_anon to actually make an anonymous sessionNadezhda Ivanova1-1/+1
It seems that because the flag is false, this always used the supplied credentials rhather than establish anonymous connection.
2010-07-14s3:auth Change auth_ntlmssp_server_info API to return NTSTATUSAndrew Bartlett5-13/+19
This fixes a bug where register_existing_vuid() could be called with a NULL server_info if the alloction failed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-07-14s3:smbd Give the kerberos session key a parentAndrew Bartlett1-0/+2
Nothing will free this, so this prevents a memory leak. Andrew Bartlett Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-07-14s3:smbd Fix segfault if register_existing_vuid() failsAndrew Bartlett1-4/+12
The register_existing_vuid() call will handle both the ntlmssp_end and vuid invalidation internally, so we don't want to do it again. Andrew Bartlett Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Signed-off-by: Andrew Tridgell <tridge@samba.org>