summaryrefslogtreecommitdiff
path: root/source3/rpc_client
AgeCommit message (Collapse)AuthorFilesLines
2012-03-02s3:rpc_client: initialize struct schannel_state to zeroStefan Metzmacher1-2/+1
metze
2012-02-16s3-librpc: Use gensec_spnego for DCE/RPC authenticationAndrew Bartlett1-121/+38
This ensures that we use the same SPNEGO code on session setup and on DCE/RPC binds, and simplfies the calling code as spnego is no longer a special case in cli_pipe.c A special case wrapper function remains to avoid changing the application layer callers in this patch. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-16s3:rpc_client: fix commentStefan Metzmacher1-1/+1
metze
2012-02-16s3-librpc: make gensec result handling more genericAndrew Bartlett1-11/+11
This prepares us for handling SPNEGO via gensec Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-23WERROR type variable being incorrectly checked with a NT_STATUS_IS_XDavid Disseldorp1-1/+1
type macro.
2012-01-18s3-librpc: pass struct ndr_interface_table down to ↵Andrew Bartlett3-11/+10
cli_pipe_open_generic/spnego() This allows the target service (as determined from the IDL) to be passed to GSSAPI (rather than the current, incorrect, "cifs"). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() genericAndrew Bartlett3-104/+25
This also avoids passing NULL as the server to gensec_set_target_hostname() in spnego_generic_init_client(). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Remove special case for spnego session keyAndrew Bartlett1-1/+8
SPNEGO is implemented only in terms of gensec mechanisms now. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensecAndrew Bartlett1-7/+9
This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18s3-librpc Call GSSAPI via the auth_generic layer and gensecAndrew Bartlett1-139/+3
This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped when required for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Supply target service and server to spnego_generic_init_client()Andrew Bartlett1-0/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc: Rename spnego_ntlmssp_init_client and make genericAndrew Bartlett1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Set target service and server into gensecAndrew Bartlett1-0/+10
This will allow cli_rpc_pipe_open_generic_auth() to handle kerberos mechanisms. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Rename and rework cli_rpc_pipe_open_ntlmssp() to be genericAndrew Bartlett2-39/+46
This also includes renaming the helper function rpccli_ntlmssp_bind_data, and allows this function to operate on any gensec-supplied auth type. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Rename create_ntlmssp_auth_rpc_bind_req() to be more genericAndrew Bartlett1-6/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-06s3-libsmb Make auth_ntlmssp client more genericAndrew Bartlett1-12/+7
As well as renaming, this allows us to start the mech by DCE/RPC auth type or OID. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3-auth rename auth_ntlmssp_state -> auth_generic_stateAndrew Bartlett1-1/+1
This structure handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-12s4-lsarpc handle more info levels in SetInfoTrustedDomain callsAndrew Bartlett2-368/+0
This uses the very helpful conversion functions written for the s3 lsa server and places these in common. Andrew Bartlett
2011-10-27s3:rpc_client: remove references to auth_ntlmssp_stateStefan Metzmacher1-13/+14
metze Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Oct 27 16:40:15 CEST 2011 on sn-devel-104
2011-10-24idl: Improve MS-PAC IDLSimo Sorce1-1/+1
Change some misleading variable names to reflect the actual function. Add missing field name/types previously marked as unkown. Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
2011-10-21s3-ntlmssp Remove auth_ntlmssp_session_key()Andrew Bartlett1-1/+5
We now just call the gensec_session_key() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett1-2/+2
We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett1-3/+4
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18s3-ntlmssp split auth_ntlmssp_client_start() into two partsAndrew Bartlett1-5/+7
This will allow it to be a wrapper around a gensec module, which requires that they options be set on a context, but before the mechanism is started. This also simplfies the callers, by moving the lp_*() calls into one place. Andrew Bartlett
2011-10-18s3-rpc_client remove cli_auth_ntlmssp_data_destructorAndrew Bartlett1-9/+1
This can be an ordinary talloc child without causing any problem. This seems to have been inherited from a time when ntlmssp_client_start() returned malloc() based memory. Andrew Bartlett
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett1-1/+1
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-12s3:utils change data_blob_dup_talloc() to take a DATA_BLOB by valueGregor Beck1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2011-09-18s3: Fix two c++ warningsVolker Lendecke1-2/+2
2011-09-14s3:rpc_client: return NT_STATUS_CONNECTION_DISCONNECTEDStefan Metzmacher2-5/+5
We should return the same in all places and don't mix NT_STATUS_INVALID_CONNECTION and NT_STATUS_CONNECTION_INVALID. metze
2011-09-13s3: Fix Coverity ID 2613 -- UNINITVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Sep 13 12:39:10 CEST 2011 on sn-devel-104
2011-09-13s3: Fix Coverity ID 2614 -- UNINITVolker Lendecke1-0/+1
2011-09-12s3-lsa: Add conversion for auth info structsSumit Bose2-0/+366
struct lsa_TrustDomainInfoAuthInfo and struct trustAuthInOutBlob can store the same information for different usage. The added routines can convert one struct into the other. Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Sep 12 15:52:17 CEST 2011 on sn-devel-104
2011-08-05s3:rpc_transport_tstream: only use tstream_cli_np_use_trans() for sync requestsStefan Metzmacher1-0/+6
Currently the caller doesn't cope with multiple async requests anyway, so this is just protection for the future. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Aug 5 22:31:12 CEST 2011 on sn-devel-104
2011-08-03s3-ntlmssp Remove auth_ntlmssp_and_flags()Andrew Bartlett1-6/+0
There is no need to mask out these flags as they simply are not set yet. The correct abstraction is to ask for NTLMSSP features. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hashAndrew Bartlett2-43/+0
The session key we want here (the only one that is availble to the encryption layer) is the one obtained by cli_get_session_key(), as NTLMSSP creates a per-session session key via key exchange and NTLMv2 negotiation. The key was never directly the NT hash anyway (this is simply a mistake, the extra MD4() was lost during my previous cleanup f28f113d8e76824b080359c90efd9c92de533740 in 2008), but was MD4(NT hash) in early implementations of NTLMSSP. However, regardless this call is not available on domain trusts between AD domains and Windows 2003 R2, making this less useful. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Remove auth_ntlmssp_or_flagsAndrew Bartlett1-3/+2
We now just use auth_ntlmssp_want_feature to get extra flags on the NTLMSSP context Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_updateAndrew Bartlett1-3/+4
This clarifies the lifetime of the returned token. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key()Andrew Bartlett1-2/+2
2011-08-01s3:rpc_transport_tstream: call tstream_cli_np_use_trans() before ↵Stefan Metzmacher1-4/+9
tstream_writev_queue_send() This will be needed when tstream_writev_queue_send() changes it's behavior and avoids using an immediate event when the queue is empty. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Aug 1 14:55:00 CEST 2011 on sn-devel-104
2011-07-27s3-rpc_client: Fix memory context in winreg_enum_printer_dataex().Andreas Schneider1-3/+2
2011-07-27s3-rpc_client: Close policy handles before creating defaults.Andreas Schneider1-0/+15
We reopen the hive and key so close them before reopen.
2011-07-27s3-rpc_client: Close the hive handle before we open it again.Andreas Schneider1-9/+13
2011-07-27s3-rpc_client: Close hive if opening of the key fails.Andreas Schneider1-1/+11
2011-07-22s3:cli_pipe_schannel: make use of cli_state_remote_name()Stefan Metzmacher1-6/+6
metze
2011-07-22s3:cli_pipe: make use of cli_state_remote_name()Stefan Metzmacher1-4/+4
metze
2011-07-22s3:cli_pipe: use result->desthost instead of cli->desthostStefan Metzmacher1-3/+3
metze
2011-07-20s3-auth Use the common auth_session_infoAndrew Bartlett2-6/+6
This patch finally has the same structure being used to describe the authorization data of a user across the whole codebase. This will allow of our session handling to be accomplished with common code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use struct auth3_session_info outside the auth subsystemAndrew Bartlett2-6/+6
This seperation between the structure used inside the auth modules and in the wider codebase allows for a gradual migration from struct auth_serversupplied_info -> struct auth_session_info (from auth.idl) The idea here is that we keep a clear seperation between the structure before and after the local groups, local user lookup and the session key modifications have been processed, as the lack of this seperation has caused issues in the past. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-13s3-rpc_server: Removed no longer used functions.Vicentiu Ciorbaru1-281/+0
Removed winreg_printer_delete_subkeys(). Removed winreg_printer_enumvalues(). Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Jul 13 12:42:02 CEST 2011 on sn-devel-104
2011-07-13s3-rpc_client: Migrate to dcerpc_winreg_delete_subkeys_recursive().Vicentiu Ciorbaru1-10/+31
Functions now use dcerpc_winreg_delete_subkeys_recursive() instead of the more specific printer function winreg_printer_delete_subkeys(). Signed-off-by: Andreas Schneider <asn@samba.org>