Age | Commit message (Collapse) | Author | Files | Lines |
|
multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC.
Jeremy.
(This used to be commit ff66d4097088409205b6bad5124a78ef9946010d)
|
|
(This used to be commit dfa9412da567d2477ee5b1e6ecdc96b8dea3c21d)
|
|
rpcclient -S pdc -U% -c "samlogon user password"
and it should work with the schannel. Needs testing against platforms
different from NT4SP6.
Volker
(This used to be commit eaef0d8aeff1aa5a067679be3f17e08d7434e1e8)
|
|
(This used to be commit 648307ab3d16cb557cead27d6799a741a266c0d5)
|
|
(This used to be commit 7a4c87484237308cb3ad0d671687da7e0f6e733b)
|
|
warnings. (Adds a lot of const).
Andrew Bartlett
(This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
|
|
Jeremy.
(This used to be commit ddd70995951c072a02fc3bddd7a94ccbf301f62c)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
|
|
Jeremy.
(This used to be commit 121c456d4347bbefd9b2ce0141e3f53a21f37066)
|
|
(This used to be commit 70838b33a61a10e9bd1622611a6be3b0cac08479)
|
|
generates some errors we haven't seen before which are inappropriately
logged at level 0.
(This used to be commit 40d5112048ab0943caef7149b7a0d9dee5256b87)
|
|
(This used to be commit 1094e1ffde09b0393b11d2cce148b6da893348c1)
|
|
(This used to be commit 09c6f6329d6ae9327b7ef06de0ea78d24d805456)
|
|
* add some files missing from a previous commit
(This used to be commit 29159c97371c75327e377f9d13406dad46095568)
|
|
(This used to be commit 028477e35208e76fedbc7c743426fd9be94b7cf0)
|
|
from APP_HEAD
(This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
buffer up to the current position, and use this to dump pipe buffers
just before parsing.
(This used to be commit 92a3ab274e6cf09a8ba39b91f8bbacba6de40b37)
|
|
(This used to be commit 93fadcd1118b390605d2504bee63a1e8b6373ac5)
|
|
so that we can print it in later debug messages.
Call prs_dump to dump out requests sent by the client at sufficiently
high debug levels.
(This used to be commit 9973b22b34dc2a88a20b821d4e69f39d2a6aa6a3)
|
|
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
(This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit 549fe42bd48b3418e63ba4872bc5992dae46d514)
|
|
(This used to be commit b196a52483a6e4ac1e4c311ff43d3c07fca031df)
|
|
(This used to be commit 688da3c41dd944f7f69083518d25e9edbc55406f)
|
|
Jeremy.
(This used to be commit 2999eab5abe86bf08e693800c01ad544f04e4d6c)
|
|
for and ignore ERRmoredata errors as the client library doesn't support
32-bit error messages.
Added some annotations for the RPC pipe code to make it a bit clearer
maybe.
(This used to be commit f179e0ff61794073aedcf77544865ad2f18c6e6d)
|
|
(This used to be commit b49c4cd441717b0edf4ad3da0edddca474a08748)
|
|
on different pipes. This seriously confuses NT. Unfortunately HEAD
branch is limited to one rpc pipe per connection as the fnum is stored
inside the cli_state structure. It should really be broken out into
it's own structure so multiple pipes can be opened on one TCP/IP socket.
What a good idea! But look over here! I've already done it in another
workarea but it will require a day or two to refactor some of the internal
samba rpc client stuff (i.e netlogon requests) so it will remain uncommitted
for another while.
(This used to be commit 657804f3be2b621c8ee15bdb905879e208f9ca2f)
|
|
We were reading the endainness in the RPC header and then never propagating
it to the internal parse_structs used to parse the data.
Also removed the "align" argument to prs_init as it was *always* set to
4, and if needed can be set differently on a case by case basis.
Now ready for AS/U testing when Herb gets it set up :-).
Jeremy.
(This used to be commit 0cd37c831d79a12a10e479bf4fa89ffe64c1292a)
|
|
(This used to be commit ba3ce3404e1cd2e9da3ba1708f6fc8a12c085ef2)
|
|
(This used to be commit c9e4dea1cbcf6aa748f5cb10f226345dd2f1adbf)
|
|
(This used to be commit a2d07994e0376a8d530d262573c96710bdff2236)
|
|
NT_STATUS_XXX).
Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more
obscure way.
Jeremy.
(This used to be commit c55bcec817f47d6162466b193d533c877194124a)
|
|
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.
The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.
A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.
This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().
This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.
The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.
Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.
Jeremy.
(This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
|
|
(This used to be commit dea06ad7a554089a7394cdcb6bf5a766e8e8a6c3)
|
|
currently as I have to do something about the policy handle caching
issues.
--jerry
(This used to be commit 233b074f490b3b01f3a462284aa8117536df0082)
|
|
* fixes some readline bugs from the merge
* first attempt at commands (spoolenum almost works)
* no changes to existing functions in HEAD; only additions
of new functions. I'll weed out what I can as I go.
--jerry
(This used to be commit 61d2aad5dc2b212b11c981f1eca47efa627e9fc8)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
|
|
(This used to be commit 44dd3efa6380544e9a515e91960f9271498cefaf)
|
|
is pretty much independent of SMB client states, which will make it
easier to add other transports.
(This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
|
|
if microsoft bothered to publish it. actually, there are good reasons
for not publishing it: people might write programs for it, and then
those programs wouldn't work on nt5, for example...
(This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
|
|
verified that lsaquery, lsalookupsids work, and found some bugs in the
parameters of these commands :-)
soo... we now have an lsa_* api that has the same arguments as the nt
Lsa* api! cool!
the only significant coding difference is the introduction of a
user_credentials structure, containing user, domain, pass and ntlmssp
flags.
(This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
|
|
msrpc client code. the intent is to hide / abstract / associate
connection info behind policy handles.
this makes the msrpc functions look more and more like their nt equivalents.
who-hou!
(This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
|
|
have we got. and what data do we have. hmm.. i wonder what the NTLMv2
user session key can be... hmmm... weell.... there's some hidden data
here, generated from the user password that doesn't go over-the-wire,
so that's _got_ to be involved. and... that bit of data took a lot of
computation to produce, so it's probably _also_ involved... and md4 no, md5?
no, how about hmac_md5 yes let's try that one (the other's didn't work)
oh goodie, it worked!
i love it when this sort of thing happens. took all of fifteen minutes to
guess it. tried concatenating client and server challenges. tried
concatenating _random_ bits of client and server challenges. tried
md5 of the above. tried hmac_md5 of the above. eventually, it boils down
to this:
kr = MD4(NT#,username,domainname)
hmacntchal=hmac_md5(kr, nt server challenge)
sess_key = hmac_md5(kr, hmacntchal);
(This used to be commit ab174759cd210fe1be888d0c589a5b2669f7ff1e)
|
|
to mention, there's a spooljobs <printer name> command, and it uses
command-line completion? prints out NT print jobs really nicely, too.
(This used to be commit e6e5caf16c8d120f0c11fa63061f2786098e3357)
|
|
(This used to be commit 0f9d661ca2560e88a04bc529ba41ac4cf1579fa4)
|