summaryrefslogtreecommitdiff
path: root/source3/rpc_client
AgeCommit message (Collapse)AuthorFilesLines
2003-05-16Merge: clarify secure channel connection comment.Tim Potter1-4/+4
(This used to be commit dd063a298f9d5244d7b79c029c563b4d966019c1)
2003-05-16Clarify a comment: The secure channel connection must be opened on theTim Potter1-4/+4
same session (TCP connection) as the one the challenge was requested from. (This used to be commit 5cb9b99f0f5dad589ac7def667e354d6f92f8822)
2003-05-12Fix two bugs that were stopping net rpc vampire from working over secureTim Potter1-2/+10
channel: - If the domain name passed to create_rpc_bind_req() is empty, use lp_workgroup() - Correctly set the auth_padding field when the send_size is a multiple of 8 bytes I've tested with nt4sp6 and win2ksp0 and it seems to work, although there are no password hashes transferred from win2k. The empty passwords are being protected by the secure channel encryption though. (This used to be commit a8c11e855611c91e94787387c62ac629232cacfa)
2003-05-11Ok, this is a hack. On a netsec bind reply I did not see anythingVolker Lendecke1-0/+20
useful in the auth verifier yet. So this patch ignores it. Really checking this would be a lot more intrusive: in rpc_api_pipe we would have to distinguish between binds and normal requests, or have more state in the netsec info of cli_state, which is also somewhat hackish. Volker (This used to be commit 8de04fcf680a9bc5054965577eb500e0541ffe66)
2003-05-08This puts real netlogon connection caching to winbind. This becomesVolker Lendecke2-26/+22
important once we start doing schannel, as there would be a lot more roundtrips for the second PIPE open and bind. With this patch logging in to a member server is a matter of two (three if you count the ack...) packets between us and the DC. Volker (This used to be commit 5b3cb7725a974629d0bd8b707bc2940c36b8745e)
2003-05-07Always initialise this - it helps callers who use this in a loop...Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit 97bc047434284527f25e130a72981da704ed1212)
2003-05-01Turn down some DEBUG()s and remove some duplicate code spotted by dfenwick.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 542a8b1817d3930e03e08e16e9711cacceb6df61)
2003-04-28Fixes from Ronan Waide <waider@waider.ie> for large RPC writes.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 30512b7d3ea3470e4aca08638a5c0ea14791a6e7)
2003-04-28Fixes from Ronan Waide <waider@waider.ie> for large RPC writes.Jeremy Allison1-2/+2
Jeremy. (This used to be commit a330bf170eb8e78200367c90833cbc90255642cb)
2003-04-25Minor cleanup of enum domain groups/aliases:Tim Potter1-12/+18
- return NT_STATUS_NO_MEMORY instead of NT_STATUS_UNSUCESSFUL if a talloc fails - don't try and tallocate memory when the number of entries returned was zero - rename some cut&pasted variable names in enum domain aliases function (This used to be commit aa748e1da543f0e59df8a56996ebd9510732507e)
2003-04-25Minor cleanup of enum domain groups/aliases:Tim Potter1-12/+18
- return NT_STATUS_NO_MEMORY instead of NT_STATUS_UNSUCESSFUL if a talloc fails - don't try and tallocate memory when the number of entries returned was zero - rename some cut&pasted variable names in enum domain aliases function (This used to be commit cb94b2b2d141c3df1209b2b389b0cd6752ac2b6b)
2003-04-24Merge from HEAD - always initailise this to zero - helps callers in loops.Andrew Bartlett1-0/+3
(This used to be commit f200a5b85832ac5ec7724d58da7270cd14c565e3)
2003-04-22Always initialise this, to assist callers doing loops over this call.Andrew Bartlett1-0/+3
Andrew Bartlett (This used to be commit 6da9fd157b4e61fe72f569e4657166ca9d9ab6dc)
2003-04-21Merge from HEAD - save the type of channel used to contact the DC.Andrew Bartlett1-18/+0
This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-16Fixes for multi-PDU schannel - based on Volker's code. This code needsJeremy Allison1-9/+36
tidying up. Samsync still doesn't work due to bad parsing of net_io_sam_alias_info with a blank description. Still working on this.... Jeremy. (This used to be commit 942fede9a57a9319cf67388004dd45fa8a045f41)
2003-04-16Fixes to make SCHANNEL work against a W2K DC. Still need to fixJeremy Allison1-13/+24
multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC. Jeremy. (This used to be commit ec82e8e9f4a6bf807a91ac265af39a516c7ab631)
2003-04-16Fixes to make SCHANNEL work in 3.0 against a W2K DC. Still need to fixJeremy Allison1-13/+24
multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC. Jeremy. (This used to be commit ff66d4097088409205b6bad5124a78ef9946010d)
2003-04-16Store the type of 'sec channel' that we establish to the DC. If we are aAndrew Bartlett1-18/+0
workstation, we have to use the workstation type, if we have a BDC account, we must use the BDC type - even if we are pretending to be a workstation at the moment. Also actually store and retreive the last change time, so we can do periodic password changes again (for RPC at least). And finally, a couple of minor fixes to 'net'. Andrew Bartlett (This used to be commit 6e6b7b79edae3efd0197651e9a8ce6775c001cf2)
2003-04-14Merge: remove unused variables.Tim Potter1-2/+0
(This used to be commit dfa9412da567d2477ee5b1e6ecdc96b8dea3c21d)
2003-04-14Merge: incorrect arg to debug.Tim Potter1-1/+1
(This used to be commit 800b79e8364d761bbd8c99016211dfe199eee080)
2003-04-14Removed unused variables.Tim Potter1-2/+0
(This used to be commit 27a608d6a337e772dce114d73e45f6d0bf3148b4)
2003-04-14Fixed incorrect argument to debug.Tim Potter1-1/+1
(This used to be commit a4704754d912e1f704f574b733257bbcb3976141)
2003-04-14Merge of samr lookup domain rpc client call from HEAD.Tim Potter1-0/+46
(This used to be commit 5b1807dddf0e4fb9fcaedcfe6f67dfd78fe117bb)
2003-04-13This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User1-0/+187
used to be commit 381649916ecbaddefbb6ee0e6137b7cc73eb54b1)
2003-04-11A new RPC pipe! The \pipe\echo named pipe is for testing large RPCTim Potter1-0/+187
requests and responses and is only compiled in when --enable-developer is passed to configure. It includes server and client side code for generating and responding to functions on this pipe. The functions are: - AddOne: add one to the uint32 argument and return ig - EchoData: echo back a variable sized char array to the caller - SourceData: request a variable sized char array - SinkData: send a variable sized char array and throw it away There's a win32 implementation of the client and server in the junkcode CVS repository in the rpcecho-win32 subdirectory. (This used to be commit 4ccd34ef836eba05f81dc2da73fd7cfaac201798)
2003-04-09This is the netlogon schannel client code. Try aVolker Lendecke1-18/+305
rpcclient -S pdc -U% -c "samlogon user password" and it should work with the schannel. Needs testing against platforms different from NT4SP6. Volker (This used to be commit eaef0d8aeff1aa5a067679be3f17e08d7434e1e8)
2003-04-09This is the netlogon schannel client code. Try aVolker Lendecke1-18/+305
rpcclient -S pdc -U% -c "samlogon user password" and it should work with the schannel. Needs testing platforms different from NT4SP6. Volker (This used to be commit ecd0ee4d248e750168597ccf79c389513bb0f740)
2003-04-09Auth2, not also Auth3 sends us flags back, although all the callersVolker Lendecke1-4/+5
ignore it. Volker (This used to be commit 1e03e955450af7f05e564793e95258e45e08dabd)
2003-04-09Auth2, not also Auth3 sends us flags back, although all the callersVolker Lendecke1-4/+5
ignore it. Volker (This used to be commit 6ac6b0f4c0df9e09644d8c1f1272c8645642e842)
2003-04-04SAMR lookupdomain rpc client patches from amber palekar <amber@nu3.net>Tim Potter1-0/+46
(This used to be commit 67bc6bccc22e22e2a6e5cae7c57a1b2b53f49dfd)
2003-03-24(merge from HEAD)Andrew Bartlett1-1/+12
NTLM Authentication: - Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This *will* break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit ec071ca3dcbd3881dc08e6a8d7ac2ff0bcd57664)
2003-03-23NTLM Authentication:Andrew Bartlett1-1/+12
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This *will* break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit dcdc75ebd89f504a0f6e3a3bc5b43298858d276b)
2003-03-18This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User1-0/+3
used to be commit f0d009c3e91979b0dc3443e16f3f545bcc64cfda)
2003-03-18Ignore .po and .po32 files.Martin Pool1-0/+3
(This used to be commit 8d64419625dda242fdb7a5d956644b052b43a2ea)
2003-02-26Merge of exit path cleanup for EnumDomainUsers.Tim Potter1-41/+23
(This used to be commit c2e9673328b2d989f13626632442f095727a03c6)
2003-02-25Merge: const fixes.Tim Potter5-19/+24
(This used to be commit a20aba09996e470425a151271237f2d48a8302af)
2003-02-25More const fixes and flow on fixes from yesterday's const-fest.Tim Potter5-19/+24
(This used to be commit 018733eedd7897e6811e8461c07e3acf418c0e09)
2003-02-24Merge:Tim Potter1-7/+5
> Exit path cleanup for cli_samr_enum_dom_users() (This used to be commit 655c1e03519d4fa174a85534c165bdd1ce163ae8)
2003-02-21Exit path cleanup for cli_samr_enum_dom_users()Tim Potter1-34/+18
(This used to be commit 0bc1dfc68b0d411801a4209c9681c735cd7a73cc)
2003-02-19Merge NTSTATUS vs WERROR return for cli_srvsvc_net_srv_get_info()Tim Potter1-11/+7
(This used to be commit 7edaf937963fa1d0f06343969b46ed6e4f39a6ea)
2003-02-17Return a WERROR instead of a NTSTATUS like the rest of the srvsvcTim Potter1-11/+7
rpc calls. (This used to be commit 619af61644ecc221c45e5cf69d562451b5b9f951)
2003-02-14Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison1-10/+10
Needed to move to disk based i/o later. Jeremy. (This used to be commit 4c3ee228fcdb089eaeead95e79532a9cf6cb0de6)
2003-02-14Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison1-10/+10
Needed to move to disk based i/o later. Jeremy. (This used to be commit a823fee5b41a5b6cd4ef05aa1f85f7725bd272a5)
2003-02-12initial server side privileges implementation, using a tdb. This needs to be ↵Andrew Tridgell1-1/+1
hooked into pdb, and we need some access control on changing privileges. That's next (This used to be commit f4f1f84a6bf1d356ccc83f0ecb135bef4a39619e)
2003-02-10added the 'lsaenumacctwithright' command to rpcclient. This allows youAndrew Tridgell1-0/+52
to lookup what SIDs have a particular privilege (that is how privileges are stored). (This used to be commit 3ddb5fb0dd33992b7db54a661752551a3fefc0b4)
2003-02-01One more signed/unsigned fixAndrew Bartlett1-1/+1
(This used to be commit 013fa874733566169ecefb25458d26065190f302)
2003-01-29Merge tpot's changes to request the correct sizes for user dispinfoJeremy Allison1-2/+35
from HEAD. I had to do this for him as he was *so* tired, the poor chap, plus he has this bad leg, plus the dog ate his homework etc. etc. Jeremy. (This used to be commit 1e752b48a12cdcf2cb6343705be83f304e5ee2b6)
2003-01-29Pass down max_size parameter to cli_samr_query_dispinfo() instead ofTim Potter1-2/+35
using a hardcoded value later on. Added a helper function that returns the observed values for max_entries and max_size for each cli_samr_query_dispinfo() call. These values were obtained from watching the NT4 user manager application with ethereal and are the only ones that can enumerate a 60k user domain reliably under Windows 2000. (This used to be commit 2eea2813d9adc414f0a7ea074826b23697f376ee)
2003-01-29Merge tridge's client priv code from HEAD.Jeremy Allison1-4/+49
Jeremy (This used to be commit 49739be1e2f047fa2cc2fd42eadb190a82114485)
2003-01-28added LsaRemoveAccountRightsAndrew Tridgell1-0/+42
this now gives us complete remove privileges control in the client libs, so we are in good shape for starting on the server side. (This used to be commit bf99440398db86f46233eb2f5adddffb61280a1b)