summaryrefslogtreecommitdiff
path: root/source3/rpc_parse/parse_net.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r20269: merge -r20264:20267 from SAMBA_3_0_24Herb Lewis1-2/+2
more no previous prototype warnings (This used to be commit 41be182f78762372ae13759ede5d2bd40a71d7f5)
2007-10-10r19161: Add NET_GETANYDCNAME (getdcname only gives the PDC while getanydcnameGünther Deschner1-0/+84
gives just any DC), also make sure to set timeouts in rpcclient accordingly so that we actually get the DC's reply. Guenther (This used to be commit 6091c8152a3998d2503cb0911a217ee904509633)
2007-10-10r19143: getdcname on the NETLOGON pipe returns WERROR, not NTSTATUS.Günther Deschner1-1/+1
Guenther (This used to be commit 44e228ac796fca2db8509915067511ed705032bf)
2007-10-10r18654: Rename "struct uuid" => "struct GUID" for consistency.Jelmer Vernooij1-5/+5
(This used to be commit 5de76767e857e9d159ea46e2ded612ccd6d6bf19)
2007-10-10r18188: merge 3.0-libndr branchJelmer Vernooij1-3/+2
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
2007-10-10r16126: Janitor for Volker..... This looks correct to me.Jeremy Allison1-20/+15
Jeremy. Fix a parsing error that became apparent in 'make test': If we have no group rids in the info3 we set the array buffer pointer to "1" but fail to actually ship the array. Volker. (This used to be commit ee1b9207d3119c2b3e7c1c4e59250dbd323eae6a)
2007-10-10r14061: Some debugging for the new LOGON/ACB-flags.Günther Deschner1-0/+9
Guenther (This used to be commit 7616317f9f45dfbc453a7687e8b8b6ff57ddb0a3)
2007-10-10r14025: Remove unused code. When we want to export samsync, we better first portVolker Lendecke1-80/+0
pidl... Fix Coverity # 15. Volker (This used to be commit 29b4b986cc225a98d263c883fd52e8b210099b9e)
2007-10-10r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.Günther Deschner1-7/+11
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10r13439: Fix NET_SAM_LOGON_EX.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 9437ffc84f4d924ab67f3e16ef507d2aeeeb5f34)
2007-10-10r13433: Get ready to implement NET_SAM_LOGON_EX.Jeremy Allison1-0/+102
Jeremy. (This used to be commit 666b03b4a92800ed704b7f7e4b39f4e01ca47aee)
2007-10-10r13399: Get closer to passing RPC-SCHANNEL test.Jeremy Allison1-6/+8
Jeremy. (This used to be commit 8ae70122b79fbe682c227ec2c4e5a72bf58d76de)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-4/+45
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r12043: It's amazing the warnings you find when compiling on a 64-bitJeremy Allison1-1/+1
box with gcc4 and -O6... Fix a bunch of C99 dereferencing type-punned pointer will break strict-aliasing rules errors. Also added prs_int32 (not uint32...) as it's needed in one place. Find places where prs_uint32 was being used to marshall/unmarshall a time_t (a big no no on 64-bits). More warning fixes to come. Thanks to Volker for nudging me to compile like this. Jeremy. (This used to be commit c65b752604f8f58abc4e7ae8514dc2c7f086271c)
2007-10-10r11853: Add Dsr_GetSiteName (handy for experimenting with GPOs).Günther Deschner1-0/+72
Guenther (This used to be commit c54430a7b5e40d3bdf8afdc813eb722c0a3b861e)
2007-10-10r11706: Implement dsr_getdcname client code. It's handy: It not only gives ↵Volker Lendecke1-0/+236
you the IP address but also the fqdn of the remote dc and site info. Volker (This used to be commit 62d01ce7e6c14971084c208ab61f379cb172cb22)
2007-10-10r11326: Fix alignment in getdc responseVolker Lendecke1-0/+3
(This used to be commit 9741818d2c54240ef1f38762396828adceb92b2a)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-1/+1
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10782: Only parse the group rid_array in net_user_info3() when num_group is ↵Günther Deschner1-8/+20
> 0. This fixes the PAC parsing for win2k DCs up to SP3. (Where full SIDs are stored in the PAC instead of RIDs). Guenther (This used to be commit 3d5d5ddce2d0c602d985438af996e7af5ccef329)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-18/+36
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r10205: fix obvious typo in the NET_USER_INFO_3 parsingGünther Deschner1-1/+1
Guenther (This used to be commit fdba056a2fbcc118e3d0584c280da1ee5f730f22)
2007-10-10r8869: Get rid of a warning.Volker Lendecke1-1/+1
Volker (This used to be commit dbcc1de3f89de9f0b2fa75287e7640e824b58e20)
2007-10-10r6232: more cleanups; remove BUFFER3; rename BUFFER4 -> RPC_DATA_BLOB; ↵Gerald Carter1-14/+7
rename REG_CREATE_VALE -> REG_SET_VALUE (This used to be commit 28d433351cf813c7fb57ebac0e0f4973c85f73e8)
2007-10-10r5536: Avoid intermediate copy of NT and LM responses in NETLOGON client.Andrew Bartlett1-14/+0
This copy was length-limited, which broke when the NTLMv2 response was more than 128 bytes in length. Andrew Bartlett (This used to be commit bae18aaaff7f9eff90db566b9a254a11d281aa01)
2007-10-10r4946: Our notion the other_sids in the info3 SamLogon struct wasVolker Lendecke1-12/+33
...hmmm... completely bogus. This does not affect us as a domain controller, as we never set other_sids, but I have *no* idea how winbind got away with it. Please review thoroughly, samba4 idl looks closer to reality here. Test case: Member of w2k3 domain, authenticate as a user who is member of one or more domain local groups. Easiest review with 'client schannel = no'. Thanks, Volker (This used to be commit a0a6388830d9457de3e42686c64bddeba42954f8)
2007-10-10r4287: Vampire SAM_DELTA_DOMAIN_INFO.Günther Deschner1-12/+34
Based on samba4-idl. The decoding of account-lockout-string is somewhat experimental though. Guenther (This used to be commit 721bf50d7446b8ce18bc1d45e17d4214d5a43d26)
2007-10-10r4286: Give back 8 byte lm_session_key in Netrsamlogon-reply.Günther Deschner1-6/+20
The old #ifdef JRATEST-block was copying 16 bytes and thus overwriting acct_flags with bizarre values, breaking a lot of things. This patch is successfully running in a production environment for quite some time now and is required to finally allow Exchange 5.5 to access another Exchange Server when both are running on NT4 in a samba-controlled domain. This also allows Exchange Replication to take place, Exchange Administrator to access other Servers in the network, etc. Fixes Bugzilla #1136. Thanks abartlet for helping me with that one. Guenther (This used to be commit bd4c5125d6989cebc90152a23e113b345806c660)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-32/+17
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r2396: Fix bug found by Cornelio Bondad Jr <Corny.Bondad@hp.com>.Jeremy Allison1-5/+3
To correct “net rpc vampire” core dump. Jeremy. (This used to be commit cd910ffc510f2007c2619d7a4d31e5e41de7d1d1)
2007-10-10r991: Allow winbindd to use the domain trust account passwordGerald Carter1-6/+61
for setting up an schannel connection. This solves the problem of a Samba DC running winbind, trusting a native mode AD domain, and needing to enumerate AD users via wbinfo -u. (This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
2007-10-10r69: Global rename of 'nt_session_key' -> 'user_session_key'. The session ↵Andrew Bartlett1-3/+3
key could be anything, and may not be based on anything 'NT'. This is also what microsoft calls it. (This used to be commit 724e8d3f33719543146280062435c69a835c491e)
2004-04-02Implement NETLOGON GetDCName client side. You can ask a DC for the name ofVolker Lendecke1-0/+84
a DC it trusts. Volker (This used to be commit ae6840320ff47827c2817549fe3133a57e3fe77f)
2004-01-07commiting jra's fix for Exchange clear test authGerald Carter1-1/+2
(This used to be commit 344e113368cb46fc4d26107d1cd276e4c76a6a9b)
2003-12-29Add the alignment required before all 2-byte quantities in NDR. Allows usAndrew Bartlett1-0/+3
to correctly parse plaintext netlogon calls with odd-length passwords Andrew Bartlett (This used to be commit de3c3cbeeb8b674ffc0dd8fe16913f15edcf9022)
2003-12-05fixed a problem with "net rpc vampire" mis-parsing the alias memberAndrew Tridgell1-4/+4
info reply Thanks to a bug report by 'musb' (This used to be commit 310f90f3689d4acd16368a833f23ea5f9aaa0133)
2003-11-22Changes all over the shop, but all towards:Andrew Bartlett1-3/+8
- NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... (This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
2003-09-25Fix for #480. Change the interface for init_unistr2 to not take a lengthJeremy Allison1-68/+40
but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. This is not the case. Count it after conversion. Jeremy. (This used to be commit f82c273a42f930c7152cfab84394781744815e0e)
2003-09-08Fix for bug #334. We don't unmarshall the trusted domain or secretsTim Potter1-6/+14
info delta correctly and thus crash when doing a net rpc samdump. The easiest thing at the moment it to comment out these functions as they seriously don't correspond with reality (netmon/ethereal) and the data in the containers aren't used anyway. (This used to be commit 695aa39c5d798b112f0a06281b499fcac8a5bf31)
2003-08-15get rid of some sompiler warnings on IRIXHerb Lewis1-1/+1
(This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143)
2003-07-03Removed strupper/strlower macros that automatically map to ↵Jeremy Allison1-1/+1
strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03This patch takes the work the jerry did for beta2, and generalises it:Andrew Bartlett1-17/+2
- The 'not implmented' checks are now done by all auth modules - the ntdomain/trustdomain/winbind modules are more presise as to what domain names they can and cannot handle - The become_root() calls are now around the winbind pipe opening only, not the entire auth call - The unix username is kept seperate from the NT username, removing the need for 'clean off the domain\' in parse_net.c - All sid->uid translations are now validated with getpwuid() to put a very basic stop to logins with 'half deleted' accounts. Andrew Bartlett (This used to be commit 85f88191b9927cc434645ef4c1eaf5ec0e8af2ec)
2003-07-03well this was easy...Gerald Carter1-2/+18
When winbindd is running on a PDC the SAM_ACCOUNT for a trusted user has a username of DOMAIN\user. Make sure to trim the domain part from the username when filling in the net_sam_logon reply. This fixes the browsing issues i was seen across domain trusts. (This used to be commit 62e36e6ede067ace23f5473d04917c7eeedf07e2)
2003-05-26This fixes net rpc vampire when talking to win2k (<sp3). win2k sendsTim Potter1-3/+3
back a different sized blob of encrypted password data then we were expecting. There's an extra 32 bytes of unknown stuff. (This used to be commit 285952fd626b02362fb6732f90c5a3ce0d2d5ae0)
2003-04-18Survive a samdump with an alias that has no descriptionVolker Lendecke1-3/+6
Volker (This used to be commit 5af417a6ba24e6bb09979488511f482efa4894b8)
2003-03-17Merge from HEAD:Andrew Bartlett1-11/+11
signed/unsigned (mostly i counters) a little bit of const. Andrew Bartlett (This used to be commit 50f0ca752e5058c4051f42a9337361373ba1f727)
2003-02-18Check return code of string_to_sid. (Merge from HEAD)Martin Pool1-22/+26
(This used to be commit 5d09aea6f78aa247dbd77617c93c2a1dd2e2702f)
2003-02-14Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison1-14/+14
Needed to move to disk based i/o later. Jeremy. (This used to be commit a823fee5b41a5b6cd4ef05aa1f85f7725bd272a5)
2003-02-02Merge from HEAD: Send the session key to the client, allowing it to perform SMBAndrew Bartlett1-2/+2
signing. Andrew Bartlett (This used to be commit 9bcdb869e53ee8048dd69053b804bdaf55db7b91)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-46/+46
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-14/+17
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)