summaryrefslogtreecommitdiff
path: root/source3/include/rpc_dce.h
AgeCommit message (Collapse)AuthorFilesLines
2009-09-08s3: remove unused RPC_AUTH_SCHANNEL_NEG struct and parsing functions.Günther Deschner1-10/+0
Guenther
2009-09-08s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.Günther Deschner1-1/+1
The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56 byte). We should just ignore the remaining 12 zeroed bytes and proceed. Guenther
2009-08-28s3-ntlmssp: use NTLMSSP headers from IDL and remove duplicate constants.Günther Deschner1-3/+0
Guenther
2009-07-05Remove "typedef struct ndr_syntax_id RPC_IFACE;"Volker Lendecke1-6/+3
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett1-45/+0
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-03-24s3: use generated dcerpc code.Günther Deschner1-10/+0
Guenther
2009-03-18s3-spoolss: remove custom syntax_spoolss and use the syntax defined in IDL.Günther Deschner1-2/+0
Guenther
2008-07-20Refactoring: Change calling conventions for cli_rpc_pipe_open_noauthVolker Lendecke1-0/+2
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS (This used to be commit 9abc9dc4dc13bd3e42f98eff64eacf24b51f5779)
2008-07-20Simplify pipe_names: we only do ndr_transfer_syntax anywayVolker Lendecke1-10/+0
(This used to be commit b808403af55a37f2ec0e87e60450505ddfc2edda)
2008-04-17rpc_parse: Use UUIDs from librpc/gen_ndr/ when possible to reduceJelmer Vernooij1-2/+2
duplication. (This used to be commit 428654b473ba44b2f5340eefef0d4fcd51aff558)
2008-04-15Reconcile ndr_syntax_id used by pidl-generated code and Samba3's RFC_IFACE.Jelmer Vernooij1-4/+1
(This used to be commit 7bea00dca1ee08ef731dfa73110ef9c190a29919)
2008-04-02Fix NETLOGON credential chain with Windows 2008 all over the place.Günther Deschner1-4/+40
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8 netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate flags everywhere (not only when running in security=ads). Only for NT4 we need to do a downgrade to the returned negotiate flags. Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6. Guenther (This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
2008-01-23Windows 2008 (Longhorn) auth2 flag fixes.Andreas Schneider1-0/+2
Interop fixes for AD specific flags. Original patch from Todd Stetcher. (This used to be commit 5aadfcdaacd6f136eab9e107a88b8544e6d2105f)
2008-01-17Finally enable pidl generated SAMR & NETLOGON headers and clients.Günther Deschner1-5/+0
Guenther (This used to be commit f7100156a7df7ac3ae84e45a47153b38d9375215)
2007-10-10r25407: Revert Longhorn join patch as it is not correct for the 3.2 tree.Gerald Carter1-2/+0
The translate_name() used by cli_session_setup_spnego() cann rely Winbindd since it is needed by the join process (and hence before Winbind can be run). (This used to be commit 00a93ed336c5f36643e6e33bd277608eaf05677c)
2007-10-10r25400: Windows 2008 (Longhorn) Interop fixes for AD specific auth2 flags,Gerald Carter1-0/+2
and client fixes. Patch from Todd Stetcher <todd.stetcher@isilon.com>. (This used to be commit 8304ccba7346597425307e260e88647e49081f68)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r18654: Rename "struct uuid" => "struct GUID" for consistency.Jelmer Vernooij1-1/+1
(This used to be commit 5de76767e857e9d159ea46e2ded612ccd6d6bf19)
2007-10-10r14597: Merge DCERPC_FAULT constants from Samba 4.Günther Deschner1-0/+10
Guenther (This used to be commit 3f195f8248c88ec8bf8ceb195575ce6bb49d7fc4)
2007-10-10r14368: Remove redundant set of logon flags (now in rpc_netlogon.h).Günther Deschner1-2/+0
Guenther (This used to be commit 8d4290cb8ed75cf12fa45bcf3e93cfe1a5567919)
2007-10-10r13407: Change the credentials code to be more like the Samba4 structure,Jeremy Allison1-2/+9
makes fixes much easier to port. Fix the size of dc->sess_key to be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd store in secrets.tdb though. Should fix some uses of the dc->sess_key where we where assuming we could read 16 bytes. Jeremy. (This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f)
2007-10-10r11950: If we got a connection oriented cancel pdu we would spin processing it.Jeremy Allison1-9/+21
Fix that, and also add in comments for all possible CL and CO PDU types. Make sure we process them correctly. Jeremy. (This used to be commit 672113a627aa9060795871bc2ea3a02e696d7d7d)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-98/+33
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r8805: Merge a duplicate struct. Get ready to support SPNEGO rpc binds.Jeremy Allison1-20/+16
Jeremy. (This used to be commit fd6e342746edfda2f25df1ae0067d359b756e0cd)
2007-10-10r7696: Don't try and be clever and read an 8 byte int and 3 pad bytesJeremy Allison1-1/+1
as a uint32 - you'll just get it wrong (as I did :-). Second attempt to fix the Apple client issues. Jeremy. (This used to be commit d2aa5bc7aaa9fe11fa4748f99e4ba49be08aa639)
2007-10-10r7385: Rewrite the RPC bind parsing functions to follow the spec. I haven't yetJeremy Allison1-106/+73
tested this so I may have screwed this up - however it now follows the DCE spec. valgrinded tests to follow.... Jeremy. (This used to be commit 877e0a61f5821c89149b1403d08675dd7db8039e)
2007-10-10r991: Allow winbindd to use the domain trust account passwordGerald Carter1-1/+2
for setting up an schannel connection. This solves the problem of a Samba DC running winbind, trusting a native mode AD domain, and needing to enumerate AD users via wbinfo -u. (This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
2007-10-10r704: BUG 1315: fix for schannel client connections to server's that don't ↵Gerald Carter1-1/+3
support 128 bit encryption (This used to be commit 316ba5ad89ddfa445d44d28141c5901fc64aec90)
2007-10-10r196: merging struct uuid from trunkGerald Carter1-16/+2
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
2003-10-01commit sign only patch from Andrew; bug 167; tested using 2k & XP ↵Gerald Carter1-2/+9
clientspreviously joined to the Samba domain (This used to be commit 3802f5895ee18507c6f467bd11db0b1147a6fdfd)
2003-08-14Attempt at fixing bug #283. There however is no solution.Gerald Carter1-2/+2
There is a workaround documented in the bug report. This patch does: * add server support for the LSA_DS UUID on the lsarpc pipe * store a list of context_ids/api_structs in the pipe_struct so that we don't have to lookup the function table for a pipe. We just match the context_id. Note that a dce/rpc alter_context does not destroy the previous context so it is possible to have multiple bindings active on the same pipe. Observed from standalone win2k sp4 client. * added server code for DsROleGetPrimaryDOmainInfo() but disabled it since it causes problems enumerating users and groups from a 2ksp4 domain member in a Samba domain. (This used to be commit 96bc2abfcb0dd0912696fad76e43cb217b33e061)
2003-08-08RPC fix from Ronan Waide <waider@waider.ie>. Tested with rpcecho.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 68590b9e2266cf76b46a68cca0acaa47733811fe)
2003-07-14Jeremy requested that I get my NTLMSSP patch into CVS. He didn't requestAndrew Bartlett1-6/+20
the schannel code, but I've included that anyway. :-) This patch revives the client-side NTLMSSP support for RPC named pipes in Samba, and cleans up the client and server schannel code. The use of the new code is enabled by the 'sign', 'seal' and 'schannel' commands in rpcclient. The aim was to prove that our separate NTLMSSP client library actually implements NTLMSSP signing and sealing as per Microsoft's NTLMv1 implementation, in the hope that knowing this will assist us in correctly implementing NTLMSSP signing for SMB packets. (Still not yet functional) This patch replaces the NTLMSSP implementation in rpc_client/cli_pipe.c with calls to libsmb/ntlmssp.c. In the process, we have gained the ability to use the more secure NT password, and the ability to sign-only, instead of having to seal the pipe connection. (Previously we were limited to sealing, and could only use the LM-password derived key). Our new client-side NTLMSSP code also needed alteration to cope with our comparatively simple server-side implementation. A future step is to replace it with calls to the same NTLMSSP library. Also included in this patch is the schannel 'sign only' patch I submitted to the team earlier. While not enabled (and not functional, at this stage) the work in this patch makes the code paths *much* easier to follow. I have also included similar hooks in rpccleint to allow the use of schannel on *any* pipe. rpcclient now defaults to not using schannel (or any other extra per-pipe authenticiation) for any connection. The 'schannel' command enables schannel for all pipes until disabled. This code is also much more secure than the previous code, as changes to our cli_pipe routines ensure that the authentication footer cannot be removed by an attacker, and more error states are correctly handled. (The same needs to be done to our server) Andrew Bartlett (This used to be commit 5472ddc9eaf4e79c5b2e1c8ee8c7f190dc285f19)
2003-04-16Fixes to make SCHANNEL work in 3.0 against a W2K DC. Still need to fixJeremy Allison1-2/+2
multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC. Jeremy. (This used to be commit ff66d4097088409205b6bad5124a78ef9946010d)
2003-04-09A little clarification in the rpc auth header struct.Volker Lendecke1-4/+3
Volker (This used to be commit 36362c602ba03ae5e89956b16820d5dff580bee7)
2003-04-06Merge the TNG netlogon schannel from HEAD.Volker Lendecke1-2/+37
No more XP requiresignorseal anymore! Thanks again to Luke :-) Volker (This used to be commit 6b2b55901d66cab0c0c0c90bd0585c870be6e468)
2003-01-15*lots of small merges form HEADGerald Carter1-32/+0
*sync up configure.in *don't build torture tools in make all *make sure to remove torture tools as part of make clean (This used to be commit 0fb724b3216eeeb97e61ff12755ca3a31bcad6ef)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-2/+2
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-10-04merge of working dsrolegetprimdominfo() client code from APP_HEADGerald Carter1-0/+1
(This used to be commit 028477e35208e76fedbc7c743426fd9be94b7cf0)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-7/+14
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-1/+1
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2000-07-18Fixed some more client SPOOLSS functions. The followingGerald Carter1-1/+2
functions work now: - spoolenum - spoolopen - spoolgetprinter - spoolgetprinterdriver Items todo: - track down memory bug with spoolenumdata - fix spoolgetprinterdriverdir - fix spoolgetdata - fix display_job_info_ctr in spooljobs All part of the ongoing rpcclient work. Also included a new generic list ADT. Cleaner and simplier than the stuff in util_array.c i think (but then that's why I wrote it). --jerry (This used to be commit 381aba2c9a63faa53728f0520ac316478bc7a1c3)
2000-02-29Fixes from Luke, back-ported from TNG to Win2k. Correctly return FAULT_PDU onJeremy Allison1-0/+10
unknown rpc calls. Win2k now correctly shows the owners of files. Jeremy. (This used to be commit 066898689f496dc655c3f0a553ac5e884e078022)
2000-02-07spoolss include definitionsJean-François Micouleau1-0/+2
J.F. (This used to be commit 853a1a3027dde7608027dc78f6e15789d5fc9152)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-21/+53
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-11-15- added DCE/RPC "fault" PDU support.Luke Leighton1-0/+9
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be re-enabled but to be replaced with a better mechanism. - added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is sending DCE/RPC over SMBwrite not SMBwriteX. (This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
1999-07-26renaming AUTH VERIFIER to AUTH NTLMSSP VERIFIER. ready for addingLuke Leighton1-4/+3
another RPC authentication system. (This used to be commit 1a211bafebad8c63d98b5ef275a6272013527c65)
1999-06-29improving authentication code (tidyup).Luke Leighton1-2/+2
(This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)