summaryrefslogtreecommitdiff
path: root/source3/include/rpc_misc.h
AgeCommit message (Collapse)AuthorFilesLines
2003-12-22add well known rid for pre win2k compatible access group; bug 897Gerald Carter1-0/+1
(This used to be commit 426a02cf678236f902c143b56eaaf854fca2237f)
2003-12-10Fix UNISTR2 length bug in LsaQueryInfo(3) that cause SID resolution to fail ↵Gerald Carter1-1/+1
on local files on on domain members; bug 875 (This used to be commit a5c5dde1c34ba44f8d9bbb38720a089a6d61806c)
2003-09-29Merge from 3.0:Tim Potter1-4/+4
>Fix for #480. Change the interface for init_unistr2 to not take a length >but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. >This is not the case. Count it after conversion. >Jeremy. (This used to be commit e2ab9e54cd0ec0002175cf18ff364f4aebaf85a0)
2003-09-24Another round of merges from 3.0:Tim Potter1-81/+59
>Reformat - preparing to fix bug #480 (which will be ugly). >Jeremy. (This used to be commit cd91dd9cd8392d1b9cfcbd8ef42237b813dc89b5)
2003-04-28Use NTSTATUS as return value for smb_register_*() functions and init_module()Jelmer Vernooij1-1/+1
function. Patch by metze with some minor modifications. (This used to be commit f4576757d1d52a8f1b96894c869bb76450003fd1)
2003-02-10added the 'lsaenumacctwithright' command to rpcclient. This allows youAndrew Tridgell1-0/+16
to lookup what SIDs have a particular privilege (that is how privileges are stored). (This used to be commit 3ddb5fb0dd33992b7db54a661752551a3fefc0b4)
2003-01-28cleaned up the lsa_enum_acct_rights function and added aAndrew Tridgell1-3/+3
lsa_add_acct_rights function. This allows us to add privileges remotely to accounts using rpcclient. (This used to be commit 2e5e659e095a94b0716d97f673f993f0af99aabe)
2003-01-15added cli_lsa_enum_account_rights() call. Note that this is inAndrew Tridgell1-0/+16
principal similar to the existing cli_lsa_enum_privsaccount() call, except that cli_lsa_enum_account_rights() doesn't require a call to open_account first. There is also the minor matter that cli_lsa_enum_account_rights() works whereas cli_lsa_enum_privsaccount() doesn't! this call can be used to find what privileges an account or group has. This is a first step towards proper privileges support in Samba. (This used to be commit 65bac11d716f873dcdbda528313c33634c26a072)
2002-04-04If compiling with Insure, mallocate a byte of memory and attach it to theTim Potter1-0/+12
POLICY_HND structure when passing new handles back from the appropriate cli_* functions. When closing the policy handle free the memory. Insure (and indeed other memory checkers) should detect handles that have not been closed properly as memory leaks. Unfortunately this can only be done when the program terminates (set insure++.summarize leaks in your .psrc file) rather than when the policy handle falls out of scope. Looks like Jeremy has squished all the policy handle leaks at the moment but more are bound to crop up later. (This used to be commit 6dc80d625752f0a3ce6fd7b2278095529c6ec29f)
2002-03-19second step to gain free uid<->rid mappingSimo Sorce1-0/+15
we still need to free gid<->rid mapping and few other stuff (This used to be commit aa4b6f8181f34196a28951264dd8b631a5deef7f)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-08-28Merge of sam sync code from TNG.Tim Potter1-0/+19
Reverse-engineered the sam replication protocol from staring at hex dumps for a while. It's pretty similar to the sam sync protocol with a couple of different delta header types. I wasn't able to figure out the format of the privilege stuff - needs more time and a whiteboard. (-: The impressive bit is that the sam sync stuff from tng basically just worked thanks mainly to Luke Leighton's efforts in this area. (This used to be commit 3a60cb44f22d5f3f8c78a56ed8f5ea4794cd7ab3)
2001-03-11Moved cruft out of smb.h into ntdomain.h where it belongs. dc structJeremy Allison1-0/+13
now in pipe struct (where used) rather than user_struct. Secured machine account password changing in srv_netlog_nt.c - ensure that only the given machine can change its own password. May need to free this up later for NT admin tools, but this is a fail-safe secure position for now. Jeremy. (This used to be commit 46b12f2275dcd4b3114085160cd456441f9e921e)
2001-03-07Sync up handle creation with 2.2 branch. We can now join AS/U domains andJeremy Allison1-5/+5
authenticate against them. Big/little endian issues fixed. Jeremy. (This used to be commit 0e6a34510ed598eaec7fe71a9c91fda528a4675c)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter1-0/+1
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
2000-08-08All changes related to rpcclient...Gerald Carter1-1/+0
- cleaned up some code - Fixed a few memory leaks of my own making - Add AddPrinterDriver(); I'm missing some of the semantics here as the call is done correctly, but I'm not getting all the information right in the DRIVER_INFO_3 struct I think. Will work on it tomorrow some more... --jerry (This used to be commit 3bf9a29f34ee4ade5180c5a0b0b9ff4aca7f0f08)
2000-08-04After talking with Jeremy and JF (and staring at packet traces betweenGerald Carter1-1/+3
NT <-> NT), I've come to realize that UNISTR2 strings should be NULL terminated. jerry (This used to be commit c8f9e54beafcb0c0668f1510e7693dbf22485aa8)
2000-07-27Ok - this is a *BIG* change - but it fixes the problems with static stringsJeremy Allison1-5/+5
in the RPC code. This change was prompted by trying to save a long (>256) character comment in the printer properties page. The new system associates a TALLOC_CTX with the pipe struct, and frees the pool on return of a complete PDU. A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx code, and is freed in the main loop. This code works with insure, and seems to be free of memory leaks and crashes (so far) but there are probably the occasional problem with code that uses UNISTRxx structs on the stack and expects them to contain storage without doing a init_unistrXX(). This means that rpcclient will probably be horribly broken. A TALLOC_CTX also needed associating with the struct cli_state also, to make the prs_xx code there work. The main interface change is the addition of a TALLOC_CTX to the prs_init calls - used for dynamic allocation in the prs_XXX calls. Now this is in place it should make dynamic allocation of all RPC memory on unmarshall *much* easier to fix. Jeremy. (This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
2000-07-18Fixed some more client SPOOLSS functions. The followingGerald Carter1-1/+36
functions work now: - spoolenum - spoolopen - spoolgetprinter - spoolgetprinterdriver Items todo: - track down memory bug with spoolenumdata - fix spoolgetprinterdriverdir - fix spoolgetdata - fix display_job_info_ctr in spooljobs All part of the ongoing rpcclient work. Also included a new generic list ADT. Cleaner and simplier than the stuff in util_array.c i think (but then that's why I wrote it). --jerry (This used to be commit 381aba2c9a63faa53728f0520ac316478bc7a1c3)
2000-05-12added spool_io_printer_driver_info_level_6()Andrew Tridgell1-0/+6
thsi function and the associated header structure were autogenerated using a little awk based code geerator I wroe ths evening. I'll commit that next ... (This used to be commit 974813f0d4afb6c14ed27c48ab24b19932557f9f)
2000-02-07spoolss include definitionsJean-François Micouleau1-0/+7
J.F. (This used to be commit 853a1a3027dde7608027dc78f6e15789d5fc9152)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-159/+23
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-10-15adding error checking in parsing codeLuke Leighton1-20/+88
(This used to be commit 4c98d71ebd3f1cdaef664d46c998c864af34632a)
1999-10-15return results on prs_xxxxx() and all xxx_io_xxx() routines.Luke Leighton1-0/+37
the whole task is not complete, yet. xxx_io_xxx() routines that _call_ xxx_io_xxx() routines not done. prs_xxxx() covered by macros. considering doing xxx_io_xxxx in the same way. (This used to be commit 3b583f7be51434af98bc52b48dfa42c4602a3094)
1999-04-27rpc_parse/parse_misc.c : defined a new BUFFER5 structJean-François Micouleau1-0/+7
include/ntdomain.h : added rpc_spoolss.h include statement include/proto.h include/rpc_dce.h : added definition of RPC_ALTER_CONTEXT request & reply param/loadparm.c : 2 new options for NT printing support and some changes to initial values in the LPRNG case. rpc_parse/parse_prs.c : added prs_uint16s() rpc_parse/parse_rpc.c : added SYNT_SPOOLSS_V1 and code for the alter-context support. rpc_server/srv_pipe.c : alter-context support smbd/nttrans.c smbd/server.c include/rpc_misc.h Makefile.in include/smb.h Jean Francois (This used to be commit 4c515804b70254248e378a3f90f47e4c32639d29)
1999-04-08Mainly BDC-related changes.Matthew Chapman1-1/+27
* Added SEC_CHAN_BDC * Fix for endianness problem reported by Edan Idzerda <edan@mtu.edu>. A BUFFER2 is really a "unibuf" in my terminology and we should treat it as such. * Added some more common NT structures (BIGINT, BUFHDR2, BUFFER4). * Added NET_SAM_SYNC (-> NetDatabaseSync2) RPC for account replication. Still experimental and incomplete, with a few too many NULL security descriptors lying around (must go look at Jeremy's SD code). Haven't worked out password encryption yet either. However, the XXX_INFO structures I've added to rpc_netlogon.h are quite nice as they give some insight into how these objects are stored in the SAM. (This used to be commit 74d6dec25d6b44e26d3895f789f1958d5f4639ee)
1999-03-25SAM database "set user info".Luke Leighton1-9/+0
---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
1999-03-18Adding LSA_OPENSECRET (-> LsarOpenSecret) and LSA_QUERYSECRETMatthew Chapman1-0/+9
(-> LsarQuerySecret) on client side, including rpcclient command "querysecret" for others to play with. The major obstacle is working out the encryption algorithm used for the secret value. It definitely uses the NT hash as part of the key, and it seems the block size is 64 bits - probably DES based - but I can't work out what's done in between. Help required. (This used to be commit 365fa3b5fbf551670acc91f593138a7e91a5f7fa)
1998-12-02adding group member code, made a start. found that the group members'Luke Leighton1-11/+1
rid is needed not the name (see DOMAIN_GRP_MEMBER) decided to go home. (This used to be commit 9337049dfc98becfa74522d418dae64a97c7a304)
1998-11-29weekend work. user / group database API.Luke Leighton1-5/+14
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-25LsaLookupNames client call (first used as lookupnames command in rpcclient).Luke Leighton1-11/+10
(This used to be commit 68342a29a892e515cf2b22d759476d61944bcd59)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-7/+8
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-10rpcclient registry commands.Luke Leighton1-7/+33
(This used to be commit 36fcb4a6e643a05d06a2a273d74318fee7f2c647)
1998-10-23added domain and local group structures. names may have to be 256 charsLuke Leighton1-16/+0
long not 128 (fstring) length. (This used to be commit 1e96e14e790e733bbd182a828b0db8727fead2a2)
1998-07-16Makefile: Added CC=gcc to DGUX on Intel. Comment from ross@filmworks.com.Jeremy Allison1-11/+0
ipc.c: loadparm.c: printing.c: Added code from <Dirk.DeWachter@rug.ac.be> to implement print queue pausing. New parameters are "queuepause command" and "queueresume command". util.c: Added fix for mount options in autmount map. lib/rpc/include/rpc_misc.h: Removed duplicate pipe names for Jean-Francois. Jeremy. (This used to be commit 559a9bf2bbdeae3e76ba9178779cd3a9537c4e91)
1998-06-09loadparm.c: Removed 'domain other sids' parameter.Jeremy Allison1-13/+13
lib/rpc/include/rpc_lsa.h: Changed #defines for RPC calls - moved some, made LSA_LOOKUPNAMES correct. lib/rpc/include/rpc_misc.h: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx. Changed bitmasks for uid to rid to be 1 bit. lib/rpc/parse/parse_misc.c: Changed make_unistr2 to put length as given, max length as one more. lib/rpc/server/srv_netlog.c: Removed 'domain other sids' parameter. lib/rpc/server/srv_samr.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx. lib/rpc/server/srv_util.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx. Jeremy. (This used to be commit 34c91840a3d8c252715dc2f749b7a3b171a5b74f)
1998-06-01clientutil.c: Don't core dump if no controlling terminal available for password.Jeremy Allison1-0/+13
passdb.c: lib/rpc/include/rpc_misc.h: First cut at automatic uid/gid to rid mapping. We can change this at a later date to make more bits available if neccessary. Jeremy. (This used to be commit 34f40474aba97118e1e80fe6259c686e46dc16b4)
1998-05-14chgpasswd.c: Added comments to #ifdefsJeremy Allison1-0/+4
ipc.c: Caused samba password changing not to be done if UNIX password changing requested and not successful. util.c: Added string_to_sid() and sid_to_string() functions. lib/rpc/client/cli_samr.c: lib/rpc/include/rpc_misc.h: lib/rpc/parse/parse_lsa.c: lib/rpc/parse/parse_misc.c: lib/rpc/parse/parse_net.c: lib/rpc/parse/parse_samr.c: lib/rpc/server/srv_lsa.c: lib/rpc/server/srv_lsa_hnd.c: lib/rpc/server/srv_netlog.c: lib/rpc/server/srv_samr.c: lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs around as char *, they are converted to DOM_SID at the earliest opportunity, and passed around as that. Also added dynamic memory allocation of group sids. Preparing to auto-generate machine sid. Jeremy. (This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
1998-03-24clientgen.c ipc.c smbpasswd.c: Fixes for warnings (from Herb).Jeremy Allison1-3/+3
quotas.c: Linux quota fix. util.c: Ensure smb_read_error is zero in all calls that can set it. lib/rpc/include/rpc_misc.h lib/rpc/include/rpc_netlogon.h lib/rpc/parse/parse_misc.c lib/rpc/parse/parse_net.c lib/rpc/server/srv_netlog.c : Modify Luke's code to call SamOEMhash(). Jeremy. (This used to be commit 7f749708383b8b36c3f23a5fbc5cbdf39bc8e555)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-0/+272
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)