Age | Commit message (Collapse) | Author | Files | Lines |
|
We were reading the endainness in the RPC header and then never propagating
it to the internal parse_structs used to parse the data.
Also removed the "align" argument to prs_init as it was *always* set to
4, and if needed can be set differently on a case by case basis.
Now ready for AS/U testing when Herb gets it set up :-).
Jeremy.
(This used to be commit 0cd37c831d79a12a10e479bf4fa89ffe64c1292a)
|
|
Jeremy.
(This used to be commit c3a1904564175a7a5cf71e88540b96f7daa59730)
|
|
Jeremy.
(This used to be commit 94fdffb3557fa68d634d6c402751f5bcb1f6a656)
|
|
rpc_parse/parse_dfs.c: Had to add buffer overrun checking ! HOW DID THIS GET IN HERE !
rpc_parse/parse_prs.c: Ensure prs_alloc_mem does a memset of zero before returning.
Jeremy.
(This used to be commit c9a6a17025f4a6850cd2b9a9ddb48bdeec8b3ffe)
|
|
rewrote unistr2_to_ascii() to correct a bug seen on SGI boxes.
rpc_parse/parse_misc.c:
rpc_parse/parse_prs.c:
rewrote of BUFFER5 handling to NOT byteswap when it was already in
network byte order.
rpc_parse/parse_samr.c:
cleanup of samr_io_q_lookup_domain(), remove the over-parsing by 2
bytes.
rpc_server/srv_lsa.c:
UNISTR2 strings need to be NULL terminated to pleased W2K.
rpc_server/srv_spoolss_nt.c:
use snprintf instead of safe_strcpy as we want the string
truncated at 32 chars.
That should fix SUN and SGI box not able to act as printserver and the
problem with joining from a W2K wks.
J.F.
(This used to be commit 69fe739303b105f2c488f266f13977da1b6b201d)
|
|
(This used to be commit 71e5e802b78b22af9be7d3e84e869f311937e542)
|
|
the trust domain list reply on netlogon pipe was wrong, interim hack until
we have full trust relationships.
changed some unistr2 to parse the ending NULL char.
added a prs_align_needed() function. much like a prs_align but with a
condition. needed for the unistr2 parsing.
J.F.
(This used to be commit d8bf81553c17d9ee3419d8150b96119ebb0b8fa9)
|
|
string.
J.F.
(This used to be commit 83bfe94771e0afbffbb4a1a741cd9983ef612362)
|
|
Jeremy.
(This used to be commit d131ad1ce3f6e72e295f865a463f8dcbfa6f8d42)
|
|
Jeremy.
(This used to be commit 3d9b163655f684f2b98aa72f976379cee869db05)
|
|
I think we have a lot more of these bugs lurking (i'm fairly
confident of it).
jerry
(This used to be commit 3b14487c7e5218ff3e0ff3118ca1afd706e05247)
|
|
of 0 bytes.
jerry
(This used to be commit 3fcc59ba928250759bbf3ef46d7c118950a5ba6f)
|
|
jerry
(This used to be commit 26a73a70e282a5e46cc2b6fe7bc09b406724c9dd)
|
|
fix for the Win9x printer drivers.
Changed command names to add "command" string on the end for some consistancy
with the other scripting commands.
Added '%P' option to tdbpack/unpack to store long comment string.
Made port name be "Samba Printer Port" if no enum port script given.
Fixed prs_uint32_pre code to cope with null args.
Jeremy.
(This used to be commit 902ada63799cf27924c72e24e7593a8c9fb5eba9)
|
|
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.
The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.
A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.
This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().
This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.
The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.
Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.
Jeremy.
(This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
|
|
- changed the default forms flag to 2
- all short architecture name are uppercased
- get_short_archi() is now case unsensitive
- the drivers TDB is indexed by archi/version/name
- implemented code to move drivers from the upload area to the download
area. Someone else need to look at that code.
- don't return anymore a default driver if it doesn't exist in the TDB.
Instead return an error.
- cleaned prs_unistr.
- #ifdef out jeremy's new SD parsing in printer_info_2
- removed the unused MANGLE_CODE
- #ifdef out the security checking in update_printer() as it doesn't work
for me.
Zap your ntdrivers.tdb, it won't work anymore.
J.F.
(This used to be commit ac0a145acc0953a6f362497abbf4dfe70aa522a6)
|
|
rpc_parse/parse_spoolss.c: Fixed the security descriptor marshalling in a INFO_2 struct.
for some reason SD's should be done inline after the info2, not
as the last buffer marshall.
rpc_server/srv_spoolss_nt.c: Removed extraneous ()'s.
Jeremy.
(This used to be commit f038a24e9f624fdb04cd52769d45783248ce8a38)
|
|
as these were unneeded and replaced by the real functions
already in HEAD.
Added a few more functions to parse_spoolss.c to help with the
rpcclient merge from TNG.
(This used to be commit 3bc9af4c1dbdb664970541f6091982ffccc87b31)
|
|
use old prs_unistr()
#else
use new prs_unistr() which handles UNMARSHALL
#endif /* RPCCLIENT_TEST */
jerry
(This used to be commit fb0e1fb9e31db135eeb8e949a7ad0826906ba1ff)
|
|
by RPCCLIENT_TEST) in order to not break anything in the smbd
code (and to give time to review it). Originally written by JF.
In effect, this checkin makes no changes to parse_prs.c at all.
jerry
(This used to be commit 4f431ea1f5d1d3b868d0bb56a299070e608c2512)
|
|
* fixes some readline bugs from the merge
* first attempt at commands (spoolenum almost works)
* no changes to existing functions in HEAD; only additions
of new functions. I'll weed out what I can as I go.
--jerry
(This used to be commit 61d2aad5dc2b212b11c981f1eca47efa627e9fc8)
|
|
security descriptors is disabled (as it is in this code).
If get/set sd's is enabled spooler.exe crashes on NT.
I'll investigate and fix that issue next.
Jeremy.
(This used to be commit 8c9ed874363e6a710bc0fe521bb8c4f7ee219587)
|
|
to prevent builkd breaking.
Jeremy.
(This used to be commit 6c7adeab0f92844ecefbcb923d0d4763d4c3eaa5)
|
|
Removed ugly hack for NT printing.
Fixed up tdb parse stuff memory leaks.
Jeremy.
(This used to be commit 8ef41f31c53e14ad057d883810a1cd2301fede2a)
|
|
"no driver" issue. I'm banging my head against comparitive packet
dumps right now...
Jeremy.
(This used to be commit 03cd4aa1443acd958593f37c61ff9c90a43c660b)
|
|
This is *horrible* code :-(.
Jeremy.
(This used to be commit ac383bb765ea606fc1105aa91470fcdf453d9335)
|
|
Problem in prs_set_buffer_size() was Realloc returns a NULL when newsize is zero (equivalent to a free()). We were returning a failure here without resetting the buffer_size or the data_p pointer in the prs_struct. And we weren't checking for a failure from prs_set_buffer_size(). So realloc's to zero size were not reflected in the prs_struct: memory leak.
(This used to be commit 590d9ece8449b1feecfe1aa13e61bcd8fea4e5bf)
|
|
buffer size to exact size of incoming data to prevent read overruns into slop
space.
Jeremy.
(This used to be commit aa1a4f46da9584240cd6cee6fb652aa73e77015c)
|
|
incoming packet. Ensure new alloced memory is zeroed before use.
Jeremy.
(This used to be commit 1c3193aa1c1137734dc34ef2e6d62abb0609c30e)
|
|
(This used to be commit a42da205361bb70778913c8bd9facbb6b9a24937)
|
|
(This used to be commit 0e7819bb4562a840ecb9b7ef12706572b6b60202)
|
|
thsi function and the associated header structure were autogenerated
using a little awk based code geerator I wroe ths evening. I'll commit
that next ...
(This used to be commit 974813f0d4afb6c14ed27c48ab24b19932557f9f)
|
|
fixed typo in SPOOLSS_SYNT
some cleanup of unused functions
wrote make_spoolss_enumprinter and make_spoolss_openprinterex for
rpcclient as I'm trying to keep in sync the parsing code between HEAD and
TNG.
Will commit changes to TNG after lunch.
J.F.
(This used to be commit 025cdb345f6de287a41d4449b2662dbc5e762bf2)
|
|
OpenPrinterEx is now decoding correctly the query
most of the EnumXXX use the new_buffer struct.
check the (un)marshalling return code.
conclusion: still a long way to go. all the client code has to be
rewritten, and I still wonder how to implement correctly the notify stuff.
(This used to be commit 3d6d3863751787b08d40268c83221add1487a5c9)
|
|
also added some prs_struct functions, 'cause I'm handling buffers as
prs_struct.
J.F.
(This used to be commit 81e375bbbe0fb022a44a2aaaa3729a9518b7a854)
|
|
to using internal msrpc code in smbd.
(This used to be commit 8976e26d46cb991710bc77463f7f928ac00dd4d8)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
|
|
damn, this one is bad.
started, at least two days ago, to add an authentication mechanism to
the smbd<->msrpc redirector/relay, such that sufficient unix / nt
information could be transferred across the unix socket to do a
become_user() on the other side of the socket.
it is necessary that the msrpc daemon inherit the same unix and nt
credentials as the smbd process from which it was spawned, until
such time as the msrpc daemon receives an authentication request
of its own, whereupon the msrpc daemon is responsible for authenticating
the new credentials and doing yet another become_user() etc sequence.
(This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
|
|
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.
the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons. i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real. at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.
i can't believe this all worked!!!
(This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
|
|
- signed / unsigned issues.
(This used to be commit c8fd555179314baf1672a23db34dc8ad9f2d02bf)
|
|
data is handled.
(This used to be commit b4ba49c5c114764247802bd8b0a6dbc0a7f5c2a1)
|
|
(This used to be commit 4c98d71ebd3f1cdaef664d46c998c864af34632a)
|
|
the whole task is not complete, yet. xxx_io_xxx() routines that
_call_ xxx_io_xxx() routines not done.
prs_xxxx() covered by macros. considering doing xxx_io_xxxx in the same way.
(This used to be commit 3b583f7be51434af98bc52b48dfa42c4602a3094)
|
|
(This used to be commit 144fd01f37bde420234ca474014b0f378d9f8975)
|
|
(This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d)
|
|
include/ntdomain.h : added rpc_spoolss.h include statement
include/proto.h
include/rpc_dce.h : added definition of RPC_ALTER_CONTEXT request &
reply
param/loadparm.c : 2 new options for NT printing support and some
changes to initial values in the LPRNG case.
rpc_parse/parse_prs.c : added prs_uint16s()
rpc_parse/parse_rpc.c : added SYNT_SPOOLSS_V1 and code for the
alter-context support.
rpc_server/srv_pipe.c : alter-context support
smbd/nttrans.c
smbd/server.c
include/rpc_misc.h
Makefile.in
include/smb.h
Jean Francois
(This used to be commit 4c515804b70254248e378a3f90f47e4c32639d29)
|
|
* Added SEC_CHAN_BDC
* Propagate sec_chan into the various functions which change trust account
passwords, so they can be used for domain control and inter-domain
trusts.
* Fix for endianness problem reported by Edan Idzerda <edan@mtu.edu>. A
BUFFER2 is really a "unibuf" in my terminology and we should treat it as
such.
* Added some more common NT structures (BIGINT, BUFHDR2, BUFFER4).
* Added NET_SAM_SYNC (-> NetDatabaseSync2) RPC for account replication.
Still experimental and incomplete, with a few too many NULL security
descriptors lying around (must go look at Jeremy's SD code). Haven't
worked out password encryption yet either.
However, the XXX_INFO structures I've added to rpc_netlogon.h are quite
nice as they give some insight into how these objects are stored in the
SAM.
(This used to be commit 7b830350eb54dc9d357c115e12ddf9a0633527ac)
|
|
(This used to be commit dacf5b152bf74cc3ee9a816911384a5eb0e77afa)
|
|
security descriptor testing. hey wow, you can get a SD then send it back!
(This used to be commit 7466c3113ef8f8a89b8496efadfeb611c9f3e069)
|