summaryrefslogtreecommitdiff
path: root/source3/rpc_server/netlogon
AgeCommit message (Collapse)AuthorFilesLines
2013-08-06s3-netlogon: Connecting with the system token should be sufficient.Andreas Schneider1-2/+0
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Aug 6 18:22:06 CEST 2013 on sn-devel-104
2013-08-05s3:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()Stefan Metzmacher1-24/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-04-09s3-netlogon: enumerate UPN suffixes from PASSDB when availableAlexander Bokovoy1-12/+94
Optionally append list of UPN suffixes if PDB module returns non-empty one. Refactor fill_forest_trust_array() in source3 to allow reuse of the code between _netr_DsRGetForestTrustInformation() and _netr_GetForestTrustInformation() Implement a special case of _netr_DsRGetForestTrustInformation in smbd when trusted_domain_name is NULL (covered by test_DsrEnumerateDomainTrusts() in rpc.netlogon torture tests, see comment in source4/torture/rpc/netlogon.c). Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Apr 9 22:19:34 CEST 2013 on sn-devel-104
2013-02-18srv_netlog_nt.c: Fix typo in comment.Karolin Seeger1-1/+1
redundent -> redundant Signed-off-by: Karolin Seeger <kseeger@samba.org>
2013-02-07s3-rpc_server: Fix password encoding in _netr_ServerGetTrustInfo().Sumit Bose1-14/+8
Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-02-07s3-rpc_server: Dont wipe out ref pointers in _netr_ServerGetTrustInfo().Günther Deschner1-13/+4
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2012-12-15s3-rpc_server: use netlogon_creds_encrypt_samlogon().Günther Deschner1-20/+3
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-09s3-auth: remove crypto from serverinfo_to_SamInfoX calls.Günther Deschner1-4/+28
All crypto is dealt with within the netlogon samlogon server now. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: Remove obsolete process_creds boolean in samlogon server.Günther Deschner1-24/+3
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: support AES for interactive netlogon samlogon password ↵Günther Deschner1-2/+34
decryption. Still need to fix AES support for the returned validation info. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: we need to encrypt OWFs using DES in _netr_ServerGetTrustInfo().Günther Deschner1-2/+2
Sumit, please check. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: pass down netlogon cred state in _netr_ServerGetTrustInfo().Günther Deschner1-9/+5
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: support AES decryption in netr_ServerPasswordSet2 server.Günther Deschner1-1/+6
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-08-04s3:rpc_server/netlogon: make usage of session_extract_session_key()Stefan Metzmacher1-1/+9
This makes sure we return NO_USER_SESSION_KEY if there's no session key. metze
2012-07-17s3:rpc_server: add support for AES bases netlogon schannelStefan Metzmacher1-0/+4
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-06s3-rpc_server: Make it possible to use more rpc exceptions.Andreas Schneider1-30/+30
2012-06-27s3-param: Rename loadparm_s3_context -> loadparm_s3_helpersAndrew Bartlett1-5/+5
This helps clarify the role of this structure and wrapper function. The purpose here is to provide helper functions to the lib/param loadparm_context that point back at the s3 lp_ functions. This allows a struct loadparm_context to be passed to any point in the code, and always refer to the correct loadparm system. If this has not been set, the variables loaded in the lib/param code will be returned. As requested by Michael Adam. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
2012-05-10s3: Fix Coverity ID 242714 Uninitialized scalar variableVolker Lendecke1-1/+2
In an error path we are closing domain_handle without opening it
2012-03-08s3-auth: Remove single-implementation plugin layerAndrew Bartlett1-2/+2
The ->get_ntlm_challenge and ->check_ntlm_password elements of struct auth_context were only ever initialised to a single value. Make it easier to follow by just calling the function directly. Andrew Bartlett
2011-12-22s3-netlogon: use dsgetdcname() instead of get_dc_name()Sumit Bose1-2/+7
Sometimes the domain parameter might not contain the NetBIOS name of the remote domain but the DNS name. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Thu Dec 22 19:21:21 CET 2011 on sn-devel-104
2011-12-22s3-netlogon: Add support to authenticate trusted domains.Sumit Bose1-0/+13
2011-12-22s3-rpc_server: Pass in our flags to netlogon_creds_server_init().Stefan Metzmacher1-1/+1
metze
2011-12-22s3-netlogon: Add support for LogonGetCapabilities.Stefan Metzmacher1-1/+21
This is also needed to support AES. metze
2011-12-13s3:rpc_server/netlogon: remove unused send_sync_message()Stefan Metzmacher1-14/+0
metze
2011-11-04Fix bug #8562 - talloc: double free error.Jeremy Allison1-2/+9
Ensure we don't access an undefined pointer. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Nov 4 00:09:46 CET 2011 on sn-devel-104
2011-10-27s3: Include uid_wrapper where it is missing.Andreas Schneider1-0/+1
2011-10-27s3-netlogon: Fix setting the machinge account password.Andreas Schneider1-0/+4
This bug has been found with uid wrapper.
2011-10-13libcli/auth: Provide a struct loadparm_context to schannel callsAndrew Bartlett1-6/+49
This will allow us to pass this down to the tdb_wrap layer. Andrew Bartlett
2011-07-31s3-build: remove some unused/duplicate headers.Günther Deschner1-1/+0
Guenther
2011-07-20s3-auth Use the common auth_session_infoAndrew Bartlett1-2/+2
This patch finally has the same structure being used to describe the authorization data of a user across the whole codebase. This will allow of our session handling to be accomplished with common code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth use auth_user_info not netr_SamInfo3 in auth3_session_infoAndrew Bartlett1-1/+1
This makes auth3_session_info identical to auth_session_info The logic to convert the info3 to a struct auth_user_info is essentially moved up the stack from the named pipe proxy in source3/rpc_server to create_local_token(). Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use struct auth3_session_info outside the auth subsystemAndrew Bartlett1-2/+2
This seperation between the structure used inside the auth modules and in the wider codebase allows for a gradual migration from struct auth_serversupplied_info -> struct auth_session_info (from auth.idl) The idea here is that we keep a clear seperation between the structure before and after the local groups, local user lookup and the session key modifications have been processed, as the lack of this seperation has caused issues in the past. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-04s3-auth: Pass the remote_address down to user_info.Andreas Schneider1-0/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-04s3-rpc_server: Migrate rpc function to tsocket_address.Andreas Schneider1-9/+27
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-06-09s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett1-1/+1
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
2011-06-09s3-talloc Change TALLOC_ZERO_P() to talloc_zero()Andrew Bartlett1-7/+7
Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_P isn't standard talloc.
2011-05-05s3-rpc_server: run minimal_includes.pl.Günther Deschner1-2/+0
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu May 5 03:04:38 CEST 2011 on sn-devel-104
2011-05-02s3: include ntdomain.h before including generated srv_ headers.Günther Deschner1-1/+1
Guenther
2011-04-05s3-auth Rename user_session_key -> session_key to match auth_session_infoAndrew Bartlett1-1/+1
2011-03-30s3-includes: only include ntdomain.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-messages: make ndr_messaging.h part of messages.h.Günther Deschner1-1/+0
Guenther
2011-03-30s3-messages: only include messages.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-auth: rpc_server needs auth.hGünther Deschner1-0/+1
Guenther
2011-03-30s3-passdb: add passdb.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30registry: create and use shared libcli/registry/util_reg.h header.Günther Deschner1-0/+1
Guenther
2011-03-30s3-winbind: remove global inclusion of libwbclient.Günther Deschner1-0/+1
Guenther
2011-03-16s3: Fix Coverity ID 2233, REVERSE_INULLVolker Lendecke1-1/+1
We have dereferenced h already in dcerpc_lsa_open_policy2 in line 425
2011-03-16s3: Fix Coverity ID 2234: REVERSE_INULLVolker Lendecke1-2/+2
We have dereferenced "b" already in dcerpc_samr_Connect2 in line 521
2011-02-22s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_infoAndrew Bartlett1-12/+12
These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-02-16s3-netlogon: Implement NetrServerGetTrustInfo and NetrGetForestTrustInformationSumit Bose1-4/+257
Signed-off-by: Günther Deschner <gd@samba.org>