summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_pipe.c
AgeCommit message (Collapse)AuthorFilesLines
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-1/+0
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-13Makefile.in configure configure.in include/config.h.in: Changes for DGUX and ↵Jeremy Allison1-1/+1
UNIXWARE. groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf. include/includes.h: Fix YP problem. include/smb.h: Fix ZERO_STRUCTP. lib/util_sock.c: Added strerror() in debugs. passdb/ldap.c: Don't use snprinf, use slprintf. rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf. script/installman.sh: DGUX changes. smbd/open.c smbd/oplock.c: Fixed gcc warnings. web/swat.c: Changes USER to SWAT_USER. (This used to be commit 4c2b5a00983501e5d4aad1456ba8b5ab0dfd9b4c)
1998-11-12cleaning up conflicts between group code not yet committed andLuke Leighton1-1/+1
changes from yesterday by me, jeremy and andrew. jeremy, your ACB_PWNOTREQ mod would have caused a crash if the user didn't exist (first check should be for smb_pass != NULL) (This used to be commit cbac0f165d351ba9497c222e55e453d781376e58)
1998-11-12Moved some code (NTLMSSPcalc) out of smbdes and inline for paranioaJeremy Allison1-4/+31
resons and my own piece of mind... Jeremy. (This used to be commit 45131501f23ce1eec2f23fe2c1060cd5a2736ec9)
1998-10-22libsmb/smbdes.c: #ifdef'ed out code prior to removal.Jeremy Allison1-1/+30
rpc_client/cli_pipe.c: Inlined code removed from smbdes.c rpc_server/srv_samr.c: Fixed unused variable warning. rpc_server/srv_util.c: Inlined code removed from smbdes.c Luke - the above changes are the first part of the changes you and I discussed as being neccessary at the CIFS conference. *PLEASE REVIEW THESE CHANGES* - make sure I haven't broken any of the authenticated DCE/RPC code. smbd/nttrans.c: Fixed to allow NT5.0beta2 to use Samba shares with NT SMB support. smbd/open.c: Fixed mkdir when called from nttrans calls. smbd/server.c: Set correct size for strcpy of global_myworkgroup. Jeremy. (This used to be commit d891421d16ff80998dee429227bd391455f9d1a1)
1998-10-21Fixed mainly signed/unsigned issues found by SGI cc in -fullwarn mode.Jeremy Allison1-3/+1
smbd/chgpasswd.c: Fixed (my) stupid bug where I was returning stack based variables. Doh ! smbd/trans2.c: Allows SETFILEINFO as well as QFILEINFO on directory handles. Jeremy. (This used to be commit 0b44d27d0b5cc3948a6c2d78370ccddf1a84cd80)
1998-10-21oops!Luke Leighton1-1/+1
(This used to be commit 500e5536bee8ea8e58d5991bfab2cff923068926)
1998-10-21signed / unsigned issuesLuke Leighton1-1/+1
(This used to be commit bd2fc6bb85739cb8e7ed2254e2a553486daed054)
1998-10-21fixing smbd encrypted rpcs (data lens, alloc hints, sequence nums argh).Luke Leighton1-1/+2
put unicode strings after SAMLOGON query regardless of whether it's an NT mailslot or a non-NT mailslot, after having observed this behaviour out of NT machines. (This used to be commit c101113ec20ed0ba633e78e4ee45596cdccaf1b5)
1998-10-20signed / unsigned warnings (found by herb).Luke Leighton1-2/+2
how do i switch on these warnings in gcc????? (This used to be commit 39db385a0c47c11adb6bf3bac89c4bb76f675049)
1998-10-20some quite important bug-fixes i missed because i transferred the wrongLuke Leighton1-6/+7
smb.tgz file from my portable. particularly the call to mem_data followed by a realloc of that data in cli_pipe.c's rpc_read() function. smbd responses now use p->rdata_i which is a faked-up pointer into p->rdata's response data. rdata can be very long; rdata_i is limited to point to no more than max_tsize - 0x18 in length. this will make it an almost trivial task to add the encrypted rpc headers after rdata_i, and mem_buf_copy will cope admirably with rhdr chained to rdata_i chained to auth_verifier etc etc... (This used to be commit 05a297e3a98c14360782af4ad0d851638fb5da9a)
1998-10-19- dce/rpc codeLuke Leighton1-18/+25
- removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
1998-10-17Small tidyups for gcc in 'preen' mode....Jeremy Allison1-1/+1
Jeremy. (This used to be commit 60dc1a4a00a22088d33369588b0d5eb292cf084a)
1998-10-16made pass_check_smb() available for dce/rpc use.Luke Leighton1-1/+1
(This used to be commit 95e8a910c5d9ba0ef57669fb1256eaa932e0bb09)
1998-10-16rpc client mods (ntlmssp flags)Luke Leighton1-20/+11
(This used to be commit 16256f86bf451535c7955b8f51a9b88fc33a8e4d)
1998-10-15bug-fixing against:Luke Leighton1-4/+22
AS/U: it returns dce/rpc "first" and "last" bits _clear_ in a bind/ack response, when they should be set in a (small) packet. they also, in the bind/ack do not set a secondary address string at all, so we can't check against that... Win95: client-side dce/rpc code is a bit odd. it does a "WaitNamedPipeState" and has slightly different pipe-naming (\PIPE\LANMAN is joined by \PIPE\SRVSVC, \PIPE\WINREG etc whereas nt just has \PIPE\LANMAN and \PIPE\). Win95-USRMGR.EXE: added LsaOpenPolicy (renamed existing to LsaOpenPolicy2). added SamrConnect (renamed existing to SamrConnect2). (This used to be commit a7fccd807b938cbb51002ebae8c7a48b40dbb655)
1998-10-14warnings spotted by ./configure.developer optionsLuke Leighton1-20/+10
(This used to be commit 29434bf195b438f4ab41a10ac5ce03f9c2d2ac2f)
1998-10-14dce/rpcLuke Leighton1-41/+125
(This used to be commit 69f5f9f88935de1f63ffc9aa19c0629b395e66e6)
1998-10-09signed / unsigned issues spotted by herbLuke Leighton1-2/+2
(This used to be commit 0b90442021aa3adb5ae7f09c53c9e54c7655d8c5)
1998-10-09dce/rpc.Luke Leighton1-2/+11
(This used to be commit e0445419b2d50ae6efef36f4f295ebcfdbf1ad82)
1998-10-09basic client-side ntcreateX function (hard-wired values except filename)Luke Leighton1-12/+27
(This used to be commit caeb99201a1471bd709b4e8f07c57e5caabf0795)
1998-10-09dce/rpcLuke Leighton1-8/+12
(This used to be commit 32d0f5e4a564686ad6b270dd24423ee49a81f223)
1998-10-08dce/rpcLuke Leighton1-24/+234
(This used to be commit 62fdeef1b79c5c4c9bf0e860881651711bb80b9a)
1998-10-07dce/rpcLuke Leighton1-29/+58
(This used to be commit 6677b888bdb45df00646eb7cc13005b9465ff971)
1998-10-06dce/rpcLuke Leighton1-9/+15
(This used to be commit eb279cabd059603b6c8d9b74e4fd31c4ffe87593)
1998-10-02Makefile.in :Luke Leighton1-474/+467
- added srvsvc client files clientgen.c : - replaced cli_error(cli, int *cls, int *err) with cli_error(cli, uint8 cls, uint32 *err). this version detects 32 bit status messages. the DOS error "MORE_DATA", the equivalent of the 32 bit *warning* 0x8000 0005 (STATUS_BUFFER_OVERFLOW), was being processed as an error, terminating the cli_receive_trans() call. cli_pipe.c : - replaced calls that had been incorrectly modified from 32 bit warnings (0x8000 0005 - STATUS_BUFFER_OVERFLOW) to 8 bit DOS errors (0x01 0xEA - MORE_DATA). the use of the old version of cli_error (DOS only) instead of the new one (DOS and 32 bit) caused the dce/rpc client code to fail. - replaced 2 space indentation with tab indentation in all functions. cli_srvsvc.c : cmd_srvsvc.c : - added these files back in, fixing them up to use jeremy's modified versions of the dce/rpc client functions. parse_srv.c : - added back in some "unused" functions required by dce/rpc client-side code. it would be helpful if all such "unused" functions could be added back in. rpcclient.c : - added "session", "file", "share", "connection" enumeration functions back in. these are equivalent to nt's "NetXXXXXEnum" Win32 (MSDN) functions. - added "srvinfo" function back in. this is equivalent to nt's NetServerGetInfo Win32 (MSDN) function. (This used to be commit bcf39ffdcc64e049bca2d70a394a99976291e81d)
1998-10-02microsoft is slowly fixing some buffer overflow errors in dce/rpc code (SP4).Luke Leighton1-2/+2
therefore, they are being more strict, first in the server-side code, and now in the client-side code. this fixes a bind-request that was too short by 16 bytes, and an rpc-request that was too long by 24 bytes. (This used to be commit a69ed7846a1e1403ea51d76d6962b97e8c768b29)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-5/+4
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-05-12This is a security audit change of the main source.Jeremy Allison1-3/+6
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-4/+4
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-04-29clientgen.c: Fixed null session setup bug.Jeremy Allison1-9/+15
password.c: Stopped cli_nt_logout call (we don't have it correct yet). Added Luke object-orientation fix :-). smb.h: Added clnt_name_slash to cli_state. lib/rpc/client/cli_login.c: Changed global_myname to clnt_name_slash where needed. lib/rpc/client/cli_netlogon.c: Fixed debug messages, don't check creds on error. lib/rpc/client/cli_pipe.c: Fixed debug messages, Added Luke object-orientation fix. lib/rpc/parse/parse_misc.c: Fixed STRING2 linearization bug that was adding 1. Jeremy. (This used to be commit c6c22df20196cb7f0ae84b1a1dd202a87adb8d4e)
1998-04-28First version that compiles. Much more to do.....Jeremy Allison1-16/+20
Jeremy. (This used to be commit 45393a19adb31820725fbdfaaf7ab64793fc9bc5)
1998-04-25This looks like a big change but really isn't.Jeremy Allison1-64/+36
It is changing the global variables "myname" and "myworkgroup" to "global_myname" and "global_myworkgroup" respectively. This is to make it very explicit when we are messing with a global (don't ask - it makes the domain client code much clearer :-). Jeremy. (This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
1998-04-24cli_pipe.c: Corrected cli_api_pipe() calls.Jeremy Allison1-30/+41
Jeremy. (This used to be commit 2571ba0213c0630a96657fd6591e19adce1d9304)
1998-04-23These don't compile yet - but they are the core code in whatJeremy Allison1-478/+486
will be DOMAIN_CLIENT called code. Jeremy. (This used to be commit ad81735fa1ce02937f6aae3d6518c1cd6156b090)
1998-04-21put server-side long dce/rpc code in main branch.Luke Leighton1-41/+54
(This used to be commit 2e1a08b28c1c0c9ea988a09067cd149926f25c69)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-0/+683
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)