summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_pipe.c
AgeCommit message (Collapse)AuthorFilesLines
2009-09-13s3-schannel: fix api_pipe_schannel_process(), was using incorrect buffer length.Günther Deschner1-1/+3
Found by RPC-SCHANNEL torture test. Guenther
2009-09-11s3-schannel: use NL_AUTH_SIGNATURE for schannel sign & seal (client & server).Günther Deschner1-8/+31
Guenther
2009-09-11s3-schannel: use NL_AUTH_MESSAGE for schannel bind reply.Günther Deschner1-10/+17
Guenther
2009-09-08s3-rpc_server: use NL_AUTH_MESSAGE in pipe_schannel_auth_bind().Günther Deschner1-6/+23
Guenther
2009-08-27s3-netlogon: use shared credential and schannel storage infrastructure for ↵Günther Deschner1-7/+11
netlogon server. Guenther
2009-07-05Use null_ndr_syntax_id instead of zeroing null_interface manuallyVolker Lendecke1-6/+2
2009-07-05Remove "typedef struct ndr_syntax_id RPC_IFACE;"Volker Lendecke1-4/+6
2009-07-05Make check_bind_req static to rpc_server/srv_pipe.cVolker Lendecke1-2/+2
2009-03-05Get the sense of the integer wrap test the right way around. Sorry.Jeremy Allison1-1/+1
Jeremy.
2009-03-05Now we're allowing a lower bound for auth_len, ensure weJeremy Allison1-1/+5
also check for an upper one (integer wrap). Jeremy.
2009-03-05Complete the fix for bug 6100Volker Lendecke1-1/+1
According to [MS-RPCE].pdf, section 2.2.2.11: ---- A client or a server that (during composing of a PDU) has allocated more space for the authentication token than the security provider fills in SHOULD fill in the rest of the allocated space with zero octets. These zero octets are still considered to belong to the authentication token part of the PDU.<36> ---- RPC implementations are allowed to send padding bytes at the end of an auth footer. Windows 7 makes use of this. Thanks to Nick Meier <nmeier@microsoft.com> Volker
2009-02-08Make prs_struct->out_data.current_pdu dynamically allocatedVolker Lendecke1-113/+98
Another 4k per open pipe
2009-02-01Add two new parameters to control how we verify kerberos tickets. Removes ↵Dan Sledz1-1/+1
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket.
2009-02-01Replace pipe names in pipes_struct by ndr_syntax_idVolker Lendecke1-29/+52
This was mainly used for debugging output
2009-01-21Memory leaks and other fixes found by Coveritytodd stecher1-1/+3
2009-01-09Remove the rpc_srv_register wrapper around rpc_pipe_register_commandsVolker Lendecke1-15/+4
2009-01-09Pass the full ndr_interface_table into the s3 rpcserver when registeringVolker Lendecke1-0/+10
2009-01-09Simplify find_pipe_fns_by_context slightlyVolker Lendecke1-8/+4
2009-01-09Fix some nonempty blank linesVolker Lendecke1-17/+17
2008-11-24Get rid of pipes_struct->pipe_user, we have server_info now --- YESSS!Volker Lendecke1-49/+1
2008-10-22s3: use shared asn1 code.Günther Deschner1-1/+1
Guenther
2008-07-26Make api_rpcTNP static to srv_pipe.cVolker Lendecke1-2/+5
(This used to be commit 256c93a8b3d4d9a4e52a656c91b89a043a087066)
2008-07-19Introduce is_known_pipenameVolker Lendecke1-0/+33
This scans the list of pipes registered via rpc_pipe_register_commands instead of using static tables. (This used to be commit 283e6039989adea1c8921b3600b410cb67b6492a)
2008-07-18Simplify the RPC servers: remove get_pipe_fnsVolker Lendecke1-97/+25
The per-server xxx_get_pipe_fns functions can go once all the RPC servers are converted (This used to be commit 6aa2391cbe1cbda8269ded767117f53d83b243e1)
2008-07-16In api_pipe_bind_req(), check for the iface id, not the pipe nameVolker Lendecke1-3/+14
This requires to store the rpc_interface in "struct rpc_table" (This used to be commit 654f8de8497aff29f9b1f1822b6a8e734ff329e0)
2008-07-16In api_pipe_bind_req(), decode the bind request before checking the pipeVolker Lendecke1-8/+10
(This used to be commit 8be41382ed9bb4fb44a1846fff2c7652388e4f28)
2008-06-26Now that we have p->server_info, use p->server_info->user_session_keyVolker Lendecke1-18/+29
(This used to be commit aefad64e3a5c86d2f988d47e6215ed2085b8fc47)
2008-06-26Fix typoVolker Lendecke1-1/+1
(This used to be commit 41d2daeaa5a87da82a0debc4c9cfe14976215bd8)
2008-06-26Add server_info to pipes_structVolker Lendecke1-0/+10
(This used to be commit d621867bb8767e1c4236d28dd9294a61db6cbb10)
2008-06-21Make pipes_struct its own talloc ctxVolker Lendecke1-1/+1
(This used to be commit 829b1ad4697f2f1ea008377d591456722dccd025)
2008-06-19Wrap the unix token info in a unix_user_token in auth_serversupplied_infoVolker Lendecke1-5/+6
No functional change, this is a preparation for more current_user ref removal (This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
2008-04-17rpc_parse: Use UUIDs from librpc/gen_ndr/ when possible to reduceJelmer Vernooij1-4/+4
duplication. (This used to be commit 428654b473ba44b2f5340eefef0d4fcd51aff558)
2008-04-15Reconcile ndr_syntax_id used by pidl-generated code and Samba3's RFC_IFACE.Jelmer Vernooij1-2/+2
(This used to be commit 7bea00dca1ee08ef731dfa73110ef9c190a29919)
2008-04-11Remove some write-only fstringsVolker Lendecke1-12/+3
(This used to be commit aacb07b1b0f674b8cb92347ef4b4dd1e7808dde8)
2008-03-23Fix Coverity ID 514Volker Lendecke1-0/+2
Not exactly an uninitialized variable, but having Coverity figure out that we're only UNMARSHALLING here is probably asking for a bit too much. (This used to be commit 07a9f7daa83c94afefe0d81db4812135121862c2)
2008-03-21Remove remaining old srvsvc client and server rpc code entirely.Günther Deschner1-1/+1
Guenther (This used to be commit a5f0186f70abe8dba650265219e69ce5ca2fb642)
2008-03-17Coverity fixesMarc VanHeyningen1-8/+8
(This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
2008-02-27Cosmetics: make check_bind_req() debug statements a little nicer.Günther Deschner1-1/+1
Guenther (This used to be commit 997a0a4a12d97595ff4df963601cf2c24d612972)
2008-02-19Yippie! LSARPC server-side migration to pidl finished.Günther Deschner1-1/+1
Guenther (This used to be commit aa7023b88d3161897b9616d950c2a99624d81931)
2008-02-17Build the generated ntsvcs server (not at all useable yet).Günther Deschner1-1/+1
Guenther (This used to be commit acce1092d90db1f90265de44fd340d7df73e4e0e)
2008-02-16YES! NETLOGON rpc server side migration to pidl finished.Günther Deschner1-1/+1
Guenther (This used to be commit 7845a0d9a8f938c1be888ab2d9aa6c35d6f1dbad)
2008-02-14Currently we don't SPNEGO negotiate back to NTLMSSP. Note this.Jeremy Allison1-20/+35
Jeremy. (This used to be commit 67768fc71f9bd7ff3d61acc50360356b524ae923)
2008-02-12w00t! SAMR server-side conversion to pidl is finished.Günther Deschner1-1/+1
Guenther (This used to be commit c6d9650930510982ef4e4759272dba573fc81067)
2008-01-31Let _samr_Close() use pidl generated server code.Günther Deschner1-1/+1
Guenther (This used to be commit 2df3408079fc382d00d01a0b82b0b8e1ffeba6e4)
2008-01-25Use generated DSSETUP client & server rpc functions and remove the ↵Günther Deschner1-2/+2
hand-written ones. Guenther (This used to be commit d5ebfccebb1f1b56b45673a506fcdb414103c43b)
2007-12-09Don't copy the rpc function pointersVolker Lendecke1-7/+3
This actually shows up in a valgrind massif run with 4.1% of allocated memory. I don't see why we would have to make a copy here. Metze? (This used to be commit 616d6b97e594a846e9b3ac4cbe48538d649462e9)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-26/+26
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-18r16050: Set the session key "SystemLibraryDTC" on ntlmssp binds. We only do ↵Volker Lendecke1-2/+22
INTEGRITY and PRIVACY, so no other cases to take care of so far... Andrew B., if you have time, could you take a look? This makes us survive the RPC-SAMBA3SESSIONKEY test. Volker (cherry picked from commit 25cc1e7ff15675b70001d1cb8d8584880650dd2e) (This used to be commit b4746009735bf66b2578b884973c505b0363a79d)
2007-10-10[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.Gerald (Jerry) Carter1-62/+49
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-10r24809: Consolidate the use of temporary talloc contexts.Volker Lendecke1-2/+2
This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)