summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_pipe.c
AgeCommit message (Collapse)AuthorFilesLines
2003-11-26Merge from 3.0:Andrew Bartlett1-8/+4
- NTLM2 fixes, don't force NTLM2 - Don't use NTLM2 for RPC, it doesn't work yet - Add comments to winbindd_pam.c - Merge 64 bit fixes and better debug messages in winbindd.c Andrew Bartlett (This used to be commit ba94e4a1ab6dc3335bbb29686ca6795d0ffad5b0)
2003-11-24strequal() returns a BOOL, not an int like strcmp(); this fixes a bug in ↵Gerald Carter1-2/+2
check_bind_response() (This used to be commit 84f0e97e5882375b765b818e89a6d96736cd5932)
2003-11-22(merge from 3.0)Andrew Bartlett1-14/+17
Changes all over the shop, but all towards: - NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... Andrew Bartlett (This used to be commit 57a895aaabacc0c9147344d097d333793b77c947)
2003-11-17From 3_0:Volker Lendecke1-1/+2
This fixes a bug when establishing trust against a german W2k3 AD server. In the bind response to WKSSVC it does not send \PIPE\ntsvcs as NT4 (did not check w2k) but \PIPE\wkssvc. I'm not sure whether we should make this check at all, so making it a bit more liberal should hopefully not really hurt. Volker (This used to be commit dbd17dd0366d6cd20a2d5d8247dd5842563da2ca)
2003-10-01commit sign only patch from Andrew; bug 167; tested using 2k & XP ↵Gerald Carter1-17/+12
clientspreviously joined to the Samba domain (This used to be commit 9d2e585e5e6f9066c6901aa8d8308734f8667296)
2003-09-09sync 3.0 into HEAD for the last timeGerald Carter1-10/+15
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
2003-08-02port latest changes from SAMBA_3_0 treeSimo Sorce1-13/+59
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter1-551/+492
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-05-16Merge: clarify secure channel connection comment.Tim Potter1-4/+4
(This used to be commit dd063a298f9d5244d7b79c029c563b4d966019c1)
2003-04-28Fixes from Ronan Waide <waider@waider.ie> for large RPC writes.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 30512b7d3ea3470e4aca08638a5c0ea14791a6e7)
2003-04-16Fixes to make SCHANNEL work against a W2K DC. Still need to fixJeremy Allison1-13/+24
multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC. Jeremy. (This used to be commit ec82e8e9f4a6bf807a91ac265af39a516c7ab631)
2003-04-14Removed unused variables.Tim Potter1-2/+0
(This used to be commit 27a608d6a337e772dce114d73e45f6d0bf3148b4)
2003-04-09This is the netlogon schannel client code. Try aVolker Lendecke1-18/+305
rpcclient -S pdc -U% -c "samlogon user password" and it should work with the schannel. Needs testing platforms different from NT4SP6. Volker (This used to be commit ecd0ee4d248e750168597ccf79c389513bb0f740)
2003-01-17Let's clean up client side ntlmssp!Tim Potter1-10/+0
Removed a dead function. (This used to be commit a1c790b5ea8de120a1d8710ac190955aea28246f)
2003-01-14Added comment about a SMB_ASSERT()Tim Potter1-0/+3
(This used to be commit 056bdfbce73bbd7ddaa198d18e596b94b2224d3d)
2003-01-02BIG patch...Andrew Bartlett1-1/+1
This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
2002-11-15A cool idea from mbp: create a big shared library of all Samba objectsTim Potter1-4/+3
which we can use to link against Samba unit test programs. Now we can compile and link unit tests without having to create 4MB executables for each program It's called libbigballofmud.so both to discourage casual usage and also to reflect what the dependencies within Samba have become. (This used to be commit fdce4be719d7a81f25a4bae05934a5590038ec47)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-10/+8
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-11-07What is wrong with you, Jim? Check in the final version, not an interim one...Jim McDonough1-139/+17
(This used to be commit 1fd6d34526e577b8a5463e3abcfb8fc3682e6473)
2002-11-07Allow multiple fragment RPC's to be sent.Jim McDonough1-18/+175
(This used to be commit d423e6424bc3c61281ad30cd1c66540b522b5d3e)
2002-11-02Display pipe name in rpc bind failure debug.Tim Potter1-1/+2
(This used to be commit 62ab0f8cbe7c517084383bdc9a8c97404ad27147)
2002-11-01Tidyup of some DCERPC pipe connection debugs. The new LSA_DS stuffTim Potter1-4/+3
generates some errors we haven't seen before which are inappropriately logged at level 0. (This used to be commit bd64de3716ffa9c3ebec282aa5cc0f773d3d8096)
2002-10-17Do a SMB_ASSERT() in cli_nt_session_open() when the pipe index is outTim Potter1-2/+3
of range instead of silently failing. (This used to be commit b5111f47b5cf1820550e17663f983674b67bcaff)
2002-10-08merge from APP_HEADGerald Carter1-0/+16
* s/driverlocation/comment * detect native mode domain and enumerate local groups Also * Added sendfile stats from SAMBA_2_2 (This used to be commit 764b58e2c0b3179cffe157c0ab58761b156b8423)
2002-10-04merge native_mode flag in winbindd_domain struct from app-headGerald Carter1-31/+11
(This used to be commit dd948a302ad6bd4307ecdfb10510e12185150eae)
2002-10-04merge of working dsrolegetprimdominfo() client code from APP_HEADGerald Carter1-1/+1
(This used to be commit f70caa25e4ee198151b915cf2bc0a26b2d0e243d)
2002-10-04merge of new client side support the Win2k LSARPC UUID in rpcbindGerald Carter1-29/+78
from APP_HEAD (This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
2002-08-20The "max data count" value in SMB transacts indicates how much the other end canShirish Kalele1-1/+1
send us. As it stands, we incorrectly set it to the number of bytes we are sending. Correcting this by setting a static value of 1024 (This could even be something larger). Improves RPC client performance. (This used to be commit b0bd42c9466f41dc87a11fd6065620f93c8ebc40)
2002-06-18more debug classess activatedSimo Sorce1-0/+3
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-02Add prs_dump_before to dump everything from the start of the prsMartin Pool1-1/+1
buffer up to the current position, and use this to dump pipe buffers just before parsing. (This used to be commit 92a3ab274e6cf09a8ba39b91f8bbacba6de40b37)
2002-01-02Also capture received dataMartin Pool1-0/+5
(This used to be commit 93fadcd1118b390605d2504bee63a1e8b6373ac5)
2002-01-02struct cli_state remembers the pipe name that it's talking to, if any,Martin Pool1-3/+22
so that we can print it in later debug messages. Call prs_dump to dump out requests sent by the client at sufficiently high debug levels. (This used to be commit 9973b22b34dc2a88a20b821d4e69f39d2a6aa6a3)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison1-7/+7
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-1/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-17move to SAFE_FREE()Simo Sorce1-8/+3
(This used to be commit 549fe42bd48b3418e63ba4872bc5992dae46d514)
2001-08-10Use new client error api.Tim Potter1-12/+13
(This used to be commit b196a52483a6e4ac1e4c311ff43d3c07fca031df)
2001-08-10Use the new client error api.Tim Potter1-2/+4
(This used to be commit 688da3c41dd944f7f69083518d25e9edbc55406f)
2001-06-29Use a logical cli_read(), removed the cli_read_one() hack.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 2999eab5abe86bf08e693800c01ad544f04e4d6c)
2001-06-22Use cli_read_one() for reading DCE/RPC reply fragments. We need to checkTim Potter1-29/+36
for and ignore ERRmoredata errors as the client library doesn't support 32-bit error messages. Added some annotations for the RPC pipe code to make it a bit clearer maybe. (This used to be commit f179e0ff61794073aedcf77544865ad2f18c6e6d)
2001-06-02Removed irritating and unecessary debug message.Tim Potter1-3/+0
(This used to be commit b49c4cd441717b0edf4ad3da0edddca474a08748)
2001-05-04Added a SMB_ASSERT() so that two cli_state structures aren't openedTim Potter1-0/+3
on different pipes. This seriously confuses NT. Unfortunately HEAD branch is limited to one rpc pipe per connection as the fnum is stored inside the cli_state structure. It should really be broken out into it's own structure so multiple pipes can be opened on one TCP/IP socket. What a good idea! But look over here! I've already done it in another workarea but it will require a day or two to refactor some of the internal samba rpc client stuff (i.e netlogon requests) so it will remain uncommitted for another while. (This used to be commit 657804f3be2b621c8ee15bdb905879e208f9ca2f)
2001-03-09Serious (and I *mean* serious) attempt to fix little/bigendian RPC issues.Jeremy Allison1-10/+34
We were reading the endainness in the RPC header and then never propagating it to the internal parse_structs used to parse the data. Also removed the "align" argument to prs_init as it was *always* set to 4, and if needed can be set differently on a case by case basis. Now ready for AS/U testing when Herb gets it set up :-). Jeremy. (This used to be commit 0cd37c831d79a12a10e479bf4fa89ffe64c1292a)
2001-02-20pipe opening now works with unicodeAndrew Tridgell1-2/+2
(This used to be commit ba3ce3404e1cd2e9da3ba1708f6fc8a12c085ef2)
2000-12-04fixed a typoAndrew Tridgell1-1/+1
(This used to be commit c9e4dea1cbcf6aa748f5cb10f226345dd2f1adbf)
2000-12-04pass the desired access into cli_nt_create()Andrew Tridgell1-1/+1
(This used to be commit a2d07994e0376a8d530d262573c96710bdff2236)
2000-08-01Tidyup removing many of the 0xC0000000 | NT_STATUS_XXX stuff (only need ↵Jeremy Allison1-7/+7
NT_STATUS_XXX). Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more obscure way. Jeremy. (This used to be commit c55bcec817f47d6162466b193d533c877194124a)
2000-07-27Ok - this is a *BIG* change - but it fixes the problems with static stringsJeremy Allison1-9/+9
in the RPC code. This change was prompted by trying to save a long (>256) character comment in the printer properties page. The new system associates a TALLOC_CTX with the pipe struct, and frees the pool on return of a complete PDU. A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx code, and is freed in the main loop. This code works with insure, and seems to be free of memory leaks and crashes (so far) but there are probably the occasional problem with code that uses UNISTRxx structs on the stack and expects them to contain storage without doing a init_unistrXX(). This means that rpcclient will probably be horribly broken. A TALLOC_CTX also needed associating with the struct cli_state also, to make the prs_xx code there work. The main interface change is the addition of a TALLOC_CTX to the prs_init calls - used for dynamic allocation in the prs_XXX calls. Now this is in place it should make dynamic allocation of all RPC memory on unmarshall *much* easier to fix. Jeremy. (This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
2000-07-17Reverted changes from rpcclient merge - contains memory leak!Tim Potter1-2/+9
(This used to be commit dea06ad7a554089a7394cdcb6bf5a766e8e8a6c3)
2000-07-14More functions merged from TNG for rpcclient. They don't all workGerald Carter1-9/+2
currently as I have to do something about the policy handle caching issues. --jerry (This used to be commit 233b074f490b3b01f3a462284aa8117536df0082)