summaryrefslogtreecommitdiff
path: root/source3/rpc_parse
AgeCommit message (Collapse)AuthorFilesLines
2003-12-29Add the alignment required before all 2-byte quantities in NDR. Allows usAndrew Bartlett1-0/+3
to correctly parse plaintext netlogon calls with odd-length passwords Andrew Bartlett (This used to be commit de3c3cbeeb8b674ffc0dd8fe16913f15edcf9022)
2003-12-10Fix UNISTR2 length bug in LsaQueryInfo(3) that cause SID resolution to fail ↵Gerald Carter1-1/+1
on local files on on domain members; bug 875 (This used to be commit c6594e35573186966a4d57404f1c06b98670db06)
2003-12-05fixed a problem with "net rpc vampire" mis-parsing the alias memberAndrew Tridgell1-4/+4
info reply Thanks to a bug report by 'musb' (This used to be commit 310f90f3689d4acd16368a833f23ea5f9aaa0133)
2003-12-04* fix RemoveSidForeignDomain() ; bug 252Gerald Carter1-6/+6
* don't fall back to unmapped UNIX group for get_local_group_from_sid() * remove an extra become/unbecome_root() pair from group enumeration (This used to be commit da12bbdb0dd9179b1ed457fa009679e2da4a8440)
2003-11-22Add support for variable-length session keys in our client code.Andrew Bartlett1-11/+11
This means that we now support 'net rpc join' with KRB5 (des based) logins. Now, you need to hack 'net' to do that, but the principal is important... When we add kerberos to 'net rpc', it should be possible to still do user management and the like over RPC. (server-side support to follow shortly) Andrew Bartlett (This used to be commit 9ecf9408d98639186b283f1acf0fac46417547d0)
2003-11-22Changes all over the shop, but all towards:Andrew Bartlett2-13/+18
- NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... (This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
2003-11-17Fix from Andrew Bartlett to fix up the munged-dial problem.Jeremy Allison2-6/+16
Jeremy. (This used to be commit 703b1b76e25fc83b3b84767c0e1b64c97c21bf09)
2003-11-13* Fix from SATOH Fumiyasu for bug 660 (failing to view printGerald Carter1-5/+7
jobs) by only enforce the 'max reported print jobs' parameter when it is non-zero. * Fixed bug 338 by making sure that data values are written out when we are marshalling an EnumPrinterDataEx() reply. This probably fixes other bugs reported against point-n-print feature in 3.0.0 (This used to be commit fd98af75d655449a677360f6991da5caabc88b4d)
2003-11-11fix crash bug due to empyrt munged dial string; patch from metzeGerald Carter1-1/+1
(This used to be commit ccd5665a65de6ccfdb9a5f490be1a7b5de486e2a)
2003-11-07Handle munged dial string. Patch from Aur?lien Degr?mont ↵Jeremy Allison2-5/+35
<adegremont@idealx.com>with memory leak fixes by me. Jeremy. (This used to be commit e591854eda8568ed1a4ad6b9de64e523c02b4392)
2003-11-03Fix some uninitialised variable warnings.Tim Potter1-2/+2
(This used to be commit 68945027b5dc6b5e1aee13e4df4d11a34e42a3a9)
2003-10-24Add initshutdown pipe commands to rpcclient. Second part of fix to bugJim McDonough1-0/+10
#534 (This used to be commit 4e86243ea1d4bbe96720caaaf02300f5e15bee5a)
2003-10-24This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User1-0/+163
used to be commit e569418861a867437cd5e2cce87ad82e752da3fb)
2003-10-24New files for support of initshutdown pipe. Win2k doesn't respond properlyJim McDonough1-0/+163
to all requests on the winreg pipe, so we need to handle this new pipe. First part of fix for bug #534 (This used to be commit 532fab74c12d8c55872c2bad2abead2647f919d7)
2003-10-22Be sure referent ID is updated for incoming structures, too.Jim McDonough1-3/+13
(This used to be commit 00e0aba2cf97e686a0b6b4d7bab50afbc5e97ac1)
2003-10-21Fix typoJim McDonough1-1/+1
(This used to be commit 26956cdef902819f94616c33694641752f0f14e9)
2003-10-20Update structures after ethereal showed some marshalling/unmarshallingJim McDonough1-9/+35
errors. (This used to be commit 9d0f322a851f487cea320e57076213435e5c6481)
2003-10-20Several updates:Jim McDonough1-3/+42
- add support for named pipe and netbios queries in parse code - fix map request structure...unknown byte was alignment - add sample of named pipe over netbios query in rpcclient (comment only) (This used to be commit 71dcdf54e60204d6b499d25d8759ed20fc7a021a)
2003-10-18Fix tower length calculations and add some constJim McDonough1-4/+5
(This used to be commit 2f84c6c9a1c292535e73721a8bcdb27aaa2b2b46)
2003-10-17uuid itself might not be aligned (as is the case in epm map requests), soJim McDonough1-3/+3
it needs to be aligned outside the smb_io_rpc_uuid() call if a specific rpc or struct needs it that way. (This used to be commit e9fc15d58c52c12438c1f9c69394c11f76ce72d8)
2003-10-17Add epmapper pipeJim McDonough1-1/+11
(This used to be commit 041c17bd665ea5fa771b111d7008036fb3e7b72f)
2003-10-17Add (un)marshalling code for endpoint mapper map operationJim McDonough1-0/+406
(This used to be commit bdd5158d9a45f4b935ea0fa495c0d83bc5ca96f8)
2003-10-09Merge from 3.0:Tim Potter1-22/+2
>Remove duplicate function (now in rpc_parse/parse_prs.c) and fix a RPC debug >(I renamed the element of the structure). > >Andrew Bartlett (This used to be commit 2aaafa500780f7de0dec5632d53f3347b67fae4a)
2003-10-07Max warnings with gcc.Jeremy Allison1-1/+3
Jeremy. (This used to be commit cdba166e31b3c611652783a2ab63e59f57f41fde)
2003-10-07Tut tut - always run with max warnings on gcc...Jeremy Allison1-1/+3
Jeremy. (This used to be commit 3ebbd67dec2044ed8022491747e65b90f1354602)
2003-10-06split some security related functions in their own files.Simo Sorce2-741/+29
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes couldn't compile to test these due to some kerberos problems wirh 3.0, but on HEAD they're working well, so I suppose it's ok to commit (This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
2003-10-06split some security related functions in their own files.Simo Sorce3-744/+32
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes (This used to be commit 66074d3b097d8cf2a231bf08c7f4db62da68189d)
2003-10-03Grrr. compile patches before you apply !Jeremy Allison1-4/+4
Jeremy. (This used to be commit dfbde4be7191895d79762855b21f5c62d53d5267)
2003-10-03abstract UUID parsing code to an individual function; patch from AnthonyGerald Carter1-7/+26
(This used to be commit 6cbdbdf9e1e76837c8ef03e795db11caa74ccf18)
2003-10-03abstract UUID parsing code to an individual function; patch from AnthonyGerald Carter1-7/+26
(This used to be commit 9365c619d6feb15289d963e9e70e1f947b7f8c3f)
2003-10-01Remove duplicate function (now in rpc_parse/parse_prs.c) and fix a RPC debugAndrew Bartlett1-21/+1
(I renamed the element of the structure). Andrew Bartlett (This used to be commit 641652cad97b761ba11d4e89b7c9ad098c7dd1c2)
2003-10-01commit sign only patch from Andrew; bug 167; tested using 2k & XP ↵Gerald Carter2-63/+90
clientspreviously joined to the Samba domain (This used to be commit 9d2e585e5e6f9066c6901aa8d8308734f8667296)
2003-10-01commit sign only patch from Andrew; bug 167; tested using 2k & XP ↵Gerald Carter2-63/+90
clientspreviously joined to the Samba domain (This used to be commit 3802f5895ee18507c6f467bd11db0b1147a6fdfd)
2003-09-29Merge from 3.0:Tim Potter9-537/+367
>Fix for #480. Change the interface for init_unistr2 to not take a length >but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. >This is not the case. Count it after conversion. >Jeremy. (This used to be commit e2ab9e54cd0ec0002175cf18ff364f4aebaf85a0)
2003-09-25Fix for #480. Change the interface for init_unistr2 to not take a lengthJeremy Allison9-537/+367
but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. This is not the case. Count it after conversion. Jeremy. (This used to be commit f82c273a42f930c7152cfab84394781744815e0e)
2003-09-19Ensure that dup_sec_desc copies the 'type' field correctly. This causedJeremy Allison1-9/+11
me to expose a type arguement to make_sec_desc(). We weren't copying the SE_DESC_DACL_AUTO_INHERITED flag which could cause errors on auto inherited checks. Jeremy. (This used to be commit 546b2271c08735ac1049a453abac996d794aa364)
2003-09-19Ensure that dup_sec_desc copies the 'type' field correctly. This causedJeremy Allison1-9/+11
me to expose a type arguement to make_sec_desc(). We weren't copying the SE_DESC_DACL_AUTO_INHERITED flag which could cause errors on auto inherited checks. Jeremy. (This used to be commit 28b315a7501f42928d73efaa75f74146ba95cf2d)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison1-16/+20
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit 71ecd10181cd35313b79f618c2928c2f45424812)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison1-16/+20
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit cd7bd8c2daff3293d48f3376a7c5a708a140fd94)
2003-09-09sync 3.0 into HEAD for the last timeGerald Carter6-31/+39
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
2003-09-08Fix for bug #334. We don't unmarshall the trusted domain or secretsTim Potter1-6/+14
info delta correctly and thus crash when doing a net rpc samdump. The easiest thing at the moment it to comment out these functions as they seriously don't correspond with reality (netmon/ethereal) and the data in the containers aren't used anyway. (This used to be commit 695aa39c5d798b112f0a06281b499fcac8a5bf31)
2003-08-20Fix bug #252. Implement missing SAMR_REMOVE_USER_FOREIGN_DOMAINGerald Carter1-6/+6
call. (This used to be commit dd2cf4897ec3db25c24a2724ffdef4f905625f6a)
2003-08-15get rid of more compiler warningsHerb Lewis1-7/+7
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
2003-08-15get rid of some sompiler warnings on IRIXHerb Lewis4-11/+11
(This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143)
2003-08-12Fix commentAndrew Bartlett1-1/+1
(This used to be commit 024d32f79390210bee6da8e75c228a4aaa7fe6b0)
2003-08-02port latest changes from SAMBA_3_0 treeSimo Sorce4-135/+207
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
2003-08-01Update my copyrights according to my agreement with IBMJim McDonough2-2/+2
(This used to be commit a2bd8f0bfa12f2a1e33c96bc9dabcc0e2171700d)
2003-08-01Fix copyright statements for various pieces of Anthony Liguori's work.Jim McDonough1-1/+0
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
2003-07-31working on transtive trusts issue:Gerald Carter1-0/+3
* use DsEnumerateDomainTrusts() instead of LDAP search. wbinfo -m now lists all trusted downlevel domains and all domains in the forest. Thnigs to do: o Look at Krb5 connection trusted domains o make sure to initial the trusted domain cache as soon as possible (This used to be commit 0ab00ccaedf204b39c86a9e1c2fcac5f15d0e033)
2003-07-30add support for DsEnumerateDomainTrusted for enumerating all theGerald Carter1-3/+184
trusted domains in a forest. (This used to be commit c691c7f7d9afb8af542dc83cf934df1dfd38ef17)