summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_pipe.c
AgeCommit message (Collapse)AuthorFilesLines
2012-07-17s3-rpc_client: Fix updating netlogon credentials.Andreas Schneider1-8/+7
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s3-rpc_client: Add capabilities check for AES encrypted connections.Andreas Schneider1-1/+158
Signed-off-by: Günther Deschner <gd@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_remote_nameLuk Claes1-2/+3
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-03-24cli_pipe: Avoid sys_connect.Jelmer Vernooij1-1/+3
2012-03-20libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ↵Jelmer Vernooij1-3/+3
ndr_ prefix. This makes the NDR namespace a bit clearer, in preparation of ABI checking.
2012-03-02s3:rpc_client: initialize struct schannel_state to zeroStefan Metzmacher1-2/+1
metze
2012-02-16s3-librpc: Use gensec_spnego for DCE/RPC authenticationAndrew Bartlett1-121/+38
This ensures that we use the same SPNEGO code on session setup and on DCE/RPC binds, and simplfies the calling code as spnego is no longer a special case in cli_pipe.c A special case wrapper function remains to avoid changing the application layer callers in this patch. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-16s3:rpc_client: fix commentStefan Metzmacher1-1/+1
metze
2012-02-16s3-librpc: make gensec result handling more genericAndrew Bartlett1-11/+11
This prepares us for handling SPNEGO via gensec Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc: pass struct ndr_interface_table down to ↵Andrew Bartlett1-8/+7
cli_pipe_open_generic/spnego() This allows the target service (as determined from the IDL) to be passed to GSSAPI (rather than the current, incorrect, "cifs"). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() genericAndrew Bartlett1-86/+11
This also avoids passing NULL as the server to gensec_set_target_hostname() in spnego_generic_init_client(). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Remove special case for spnego session keyAndrew Bartlett1-1/+8
SPNEGO is implemented only in terms of gensec mechanisms now. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensecAndrew Bartlett1-7/+9
This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Call GSSAPI via the auth_generic layer and gensecAndrew Bartlett1-139/+3
This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped when required for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Supply target service and server to spnego_generic_init_client()Andrew Bartlett1-0/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc: Rename spnego_ntlmssp_init_client and make genericAndrew Bartlett1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Set target service and server into gensecAndrew Bartlett1-0/+10
This will allow cli_rpc_pipe_open_generic_auth() to handle kerberos mechanisms. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Rename and rework cli_rpc_pipe_open_ntlmssp() to be genericAndrew Bartlett1-31/+36
This also includes renaming the helper function rpccli_ntlmssp_bind_data, and allows this function to operate on any gensec-supplied auth type. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Rename create_ntlmssp_auth_rpc_bind_req() to be more genericAndrew Bartlett1-6/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-06s3-libsmb Make auth_ntlmssp client more genericAndrew Bartlett1-12/+7
As well as renaming, this allows us to start the mech by DCE/RPC auth type or OID. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3-auth rename auth_ntlmssp_state -> auth_generic_stateAndrew Bartlett1-1/+1
This structure handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-27s3:rpc_client: remove references to auth_ntlmssp_stateStefan Metzmacher1-13/+14
metze Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Oct 27 16:40:15 CEST 2011 on sn-devel-104
2011-10-21s3-ntlmssp Remove auth_ntlmssp_session_key()Andrew Bartlett1-1/+5
We now just call the gensec_session_key() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett1-2/+2
We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett1-3/+4
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18s3-ntlmssp split auth_ntlmssp_client_start() into two partsAndrew Bartlett1-5/+7
This will allow it to be a wrapper around a gensec module, which requires that they options be set on a context, but before the mechanism is started. This also simplfies the callers, by moving the lp_*() calls into one place. Andrew Bartlett
2011-10-18s3-rpc_client remove cli_auth_ntlmssp_data_destructorAndrew Bartlett1-9/+1
This can be an ordinary talloc child without causing any problem. This seems to have been inherited from a time when ntlmssp_client_start() returned malloc() based memory. Andrew Bartlett
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett1-1/+1
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-12s3:utils change data_blob_dup_talloc() to take a DATA_BLOB by valueGregor Beck1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2011-09-14s3:rpc_client: return NT_STATUS_CONNECTION_DISCONNECTEDStefan Metzmacher1-2/+2
We should return the same in all places and don't mix NT_STATUS_INVALID_CONNECTION and NT_STATUS_CONNECTION_INVALID. metze
2011-08-03s3-ntlmssp Remove auth_ntlmssp_and_flags()Andrew Bartlett1-6/+0
There is no need to mask out these flags as they simply are not set yet. The correct abstraction is to ask for NTLMSSP features. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hashAndrew Bartlett1-41/+0
The session key we want here (the only one that is availble to the encryption layer) is the one obtained by cli_get_session_key(), as NTLMSSP creates a per-session session key via key exchange and NTLMv2 negotiation. The key was never directly the NT hash anyway (this is simply a mistake, the extra MD4() was lost during my previous cleanup f28f113d8e76824b080359c90efd9c92de533740 in 2008), but was MD4(NT hash) in early implementations of NTLMSSP. However, regardless this call is not available on domain trusts between AD domains and Windows 2003 R2, making this less useful. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Remove auth_ntlmssp_or_flagsAndrew Bartlett1-3/+2
We now just use auth_ntlmssp_want_feature to get extra flags on the NTLMSSP context Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_updateAndrew Bartlett1-3/+4
This clarifies the lifetime of the returned token. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key()Andrew Bartlett1-2/+2
2011-07-22s3:cli_pipe: make use of cli_state_remote_name()Stefan Metzmacher1-4/+4
metze
2011-07-22s3:cli_pipe: use result->desthost instead of cli->desthostStefan Metzmacher1-3/+3
metze
2011-06-09s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett1-2/+2
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
2011-06-09s3-talloc Change TALLOC_ZERO_P() to talloc_zero()Andrew Bartlett1-5/+5
Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_P isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett1-2/+2
Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
2011-05-06s3-includes: finally only include client.h when libsmb is used.Günther Deschner1-0/+1
Guenther
2011-05-05Fix many const compiler warnings.Jeremy Allison1-1/+1
2011-05-05s3-rpc_client: run minimal_includes.pl.Günther Deschner1-1/+0
Guenther
2011-05-02s3: remove various references to server side dcerpc structs (which are not ↵Günther Deschner1-1/+0
needed). Guenther
2011-04-29s3-tevent: only include ../lib/util/tevent wrappers where needed.Günther Deschner1-0/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Apr 29 14:00:30 CEST 2011 on sn-devel-104
2011-04-24s3:rpc_client: map fault codes to NTSTATUS with dcerpc_fault_to_nt_status()Stefan Metzmacher1-5/+1
Most fault codes have a NTSTATUS representation, so use that. This brings the fault handling in common with the source4/librpc/rpc code, which make it possible to share more highlevel code, between source3 and source4 as the error checking can be the same now. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Apr 24 10:44:53 CEST 2011 on sn-devel-104
2011-04-22s3: Fix Coverity ID 986, BUFFER_SIZE_WARNINGVolker Lendecke1-1/+1
strncpy can leave the destination unterminated
2011-04-13s3-cli_pipe: fix timeout in rpc_pipe_open_tcp_port().Günther Deschner1-1/+1
Make sure we use a timeout of 60 seconds, not 60 milliseconds... This prevented us from successfully using the ncacn_ip_tcp client in a lot of places, I guess. Guenther Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Apr 13 18:59:19 CEST 2011 on sn-devel-104
2011-03-30s3-includes: only include ntdomain.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-23s3-epmapper: Use DCERPC_AUTH_LEVEL_CONNECT for ep ncalrpc.Andreas Schneider1-1/+1