summaryrefslogtreecommitdiff
path: root/source3/librpc
AgeCommit message (Collapse)AuthorFilesLines
2012-01-06s3-libsmb Make auth_ntlmssp client more genericAndrew Bartlett1-12/+13
As well as renaming, this allows us to start the mech by DCE/RPC auth type or OID. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-librpc remove unused headersAndrew Bartlett1-2/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3:gse: MIT krb5 1.8.1 has a bug in gss_wrap_iov()Stefan Metzmacher1-1/+1
gss_krb5int_make_seal_token_v3_iov() doesn't set '*conf_state'. metze
2012-01-05s3-librpc store the sign/seal flags we got in the gssapi clientAndrew Bartlett1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-libads Factor out a new routine ↵Andrew Bartlett1-3/+11
kerberos_get_principal_from_service_hostname() This is now used in the GSE GSSAPI client, so that when we connect to a target server at the CIFS level, we use the same name to connect at the DCE/RPC level. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-librpc Use gsskrb5_get_subkey() where available to get the session keyAndrew Bartlett1-0/+15
This allows gse_get_session_key() to work against Heimdal. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3-librpc Use gensec_sig_size() instead of a fixed NTLMSSP_SIG_SIZEAndrew Bartlett1-2/+7
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Dec 22 20:57:27 CET 2011 on sn-devel-104
2011-12-22s3-auth rename auth_ntlmssp_state -> auth_generic_stateAndrew Bartlett1-1/+1
This structure handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-13s3: Convert open_files.idl to tab indentsVolker Lendecke1-34/+34
2011-12-13s3:messaging.idl: obsolete unused MSG_SMB_SAM_*Stefan Metzmacher1-2/+2
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Dec 13 14:13:38 CET 2011 on sn-devel-104
2011-12-02s3: Use autogenerated open_files.idlVolker Lendecke2-1/+6
2011-12-02s3: Add open_files.idlVolker Lendecke1-0/+48
2011-10-31s3: Remove some leftovers of old ctdb tdb2 codeVolker Lendecke1-16/+1
2011-10-21s3-ntlmssp Remove references to auth_ntlmssp_context from the rpc codeAndrew Bartlett3-32/+35
We always dereferenced auth_ntlmssp_state->gensec_security, so now we do not bother passing around the whole auth_ntlmssp_state. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_session_key()Andrew Bartlett1-2/+7
We now just call the gensec_session_key() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett1-4/+4
We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp use gensec_{seal,unseal,sign,check}_packetAndrew Bartlett2-50/+51
This avoids the indirection via the auth_ntlmsssp wrapper functions. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett1-2/+3
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18s3-ntlmssp split auth_ntlmssp_client_start() into two partsAndrew Bartlett1-4/+7
This will allow it to be a wrapper around a gensec module, which requires that they options be set on a context, but before the mechanism is started. This also simplfies the callers, by moving the lp_*() calls into one place. Andrew Bartlett
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett2-2/+2
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-09-30s3: Remove an unused variableVolker Lendecke1-2/+0
2011-08-21s3-id_cache: Use better names for id cache management opsAndreas Schneider1-3/+3
The IDMAP term is normally associated with Winbind's idmap stuff. These functions deal with id caching not id mapping. Signed-off-by: Simo Sorce <idra@samba.org>
2011-08-21s3-messaging: Add preforked child-parent message typesSimo Sorce1-0/+3
Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Simo Sorce <idra@samba.org>
2011-08-21s3-rpc_server: Use rpc_epmapper_mode() in ep_register()Simo Sorce1-6/+5
Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Simo Sorce <idra@samba.org>
2011-08-19Revert "s3-messaging: IDMAP_ messages belongs to the Winbind range"Simo Sorce1-4/+4
This reverts commit 102f39ae3e7df26faf81595c8e0120b2e2a45bbd. These messages are handled by smbd not winbind, and could potentially be of general interest. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Fri Aug 19 16:16:05 CEST 2011 on sn-devel-104
2011-08-16s3-messaging: IDMAP_ messages belongs to the Winbind rangeSimo Sorce1-4/+4
Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue Aug 16 22:27:05 CEST 2011 on sn-devel-104
2011-08-11s3-messaging: Change classification of MSG_SMB_CONF_UPDATED.Simo Sorce1-1/+4
smbd is not the only daemon interested in smb.conf changes. Move this message to the GENERAL class so that all interested partied (nmbd, winbindd, spoolssd, etc..) can receive this notification. Signed-off-by: Andreas Schneider <asn@samba.org>
2011-08-11s3-messaging: Fix messaging classes.Simo Sorce1-1/+1
This has been broken since ff0ac5b0 (May 2007). Basically all messages were belonging to the General class except for CTDB messages. This fixed the message_send_all() function to correctly compute the class, and fixes registrations to include all they need to cope with the fact not all messages are of calss general (registrations rotted a bit because as long as FLAG_MSG_GENERAL was defined the process woould receive all messages). Signed-off-by: Andreas Schneider <asn@samba.org>
2011-08-11s3-messaging: Remove obsolete class.Simo Sorce1-1/+1
The FLAG_MSG_PRINT_NOTIFY class is actually obsolete and never used, as the only message belonging to it is not used either. Signed-off-by: Andreas Schneider <asn@samba.org>
2011-08-03selftest: test plugin_s4_dc against all ncacn_np testsAndrew Bartlett1-0/+2
Changes to the s3 epmapper behaviour seem to have fixed the rest of these tests. Andrew Bartlett
2011-08-03s3-ntlmssp Remove auth_ntlmssp_and_flags()Andrew Bartlett1-7/+0
There is no need to mask out these flags as they simply are not set yet. The correct abstraction is to ask for NTLMSSP features. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Remove auth_ntlmssp_or_flagsAndrew Bartlett1-5/+4
We now just use auth_ntlmssp_want_feature to get extra flags on the NTLMSSP context Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Remove calls to auth_ntlmssp_and_flags from the serverAndrew Bartlett1-0/+1
This is changed so that the callers ask for the additional flags that they need, starting with no additional flags. This helps to create a proper abstraction layer in ntlmssp_wrap/auth_ntlmssp. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_updateAndrew Bartlett1-1/+1
This clarifies the lifetime of the returned token. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key()Andrew Bartlett1-3/+2
2011-08-03gensec: Remove mem_ctx from calls that do not return memoryAndrew Bartlett1-2/+2
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-01s3-librpc: Remove obsolete dcerpc_binding_vector_create().Andreas Schneider2-111/+0
2011-08-01s3-librpc: Add dcerpc_binding_vector_replace_iface().Andreas Schneider2-0/+27
2011-08-01s3-librpc: Add dcerpc_binding_vector_dup().Andreas Schneider2-0/+45
2011-08-01s3-librpc: Add dcerpc_binding_vector_add_unix().Andreas Schneider2-0/+68
2011-08-01s3-librpc: Add dcerpc_binding_vector_add_port().Andreas Schneider2-0/+75
2011-08-01s3-librpc: Add dcerpc_binding_vector_add_np_default().Andreas Schneider2-0/+79
2011-08-01s3-librpc: Add dcerpc_binding_vector_new().Andreas Schneider2-2/+53
2011-07-31s3-secrets: add lsa_secret struct to secrets IDL.Günther Deschner1-0/+12
Guenther
2011-07-20s3-gse Work around the MIT 1.9 gss_krb5_import_credAndrew Bartlett1-6/+16
We detect this function at configure time, but it currently fails to operate the way we need - that is, when the principal is not specified, it gives this error. When the principal is specified we get 'wrong principal in request' in the GSS acceptor, so for now the best option is to fall back to the alternate approach. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Jul 20 06:35:05 CEST 2011 on sn-devel-104
2011-07-20s3-gse Allow printing the partial error stringAndrew Bartlett1-6/+6
We may not be able to obtain the full error string, so print what we can get. This is required when the error is the the GSSAPI layer, not the mechanism. Andrew Bartlett
2011-07-14s3-librpc: Pass messaging context to dcerpc register functions.Andreas Schneider2-3/+13
2011-07-04s3-auth: Added remote_address to ntlmssp server.Andreas Schneider1-0/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-04s3-rpc_server: Migrate rpc function to tsocket_address.Andreas Schneider1-5/+13
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-06-27s3: explicitly pass domain_sid to wbint_LookupRids() (bug #7841)Volker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Jun 27 18:21:30 CEST 2011 on sn-devel-104