Age | Commit message (Collapse) | Author | Files | Lines |
|
Found by RPC-SCHANNEL torture test.
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
netlogon server.
Guenther
|
|
|
|
|
|
|
|
Jeremy.
|
|
also check for an upper one (integer wrap).
Jeremy.
|
|
According to [MS-RPCE].pdf, section 2.2.2.11:
----
A client or a server that (during composing of a PDU) has allocated more space
for the authentication token than the security provider fills in SHOULD fill in
the rest of the allocated space with zero octets. These zero octets are still
considered to belong to the authentication token part of the PDU.<36>
----
RPC implementations are allowed to send padding bytes at the end of an auth
footer. Windows 7 makes use of this.
Thanks to Nick Meier <nmeier@microsoft.com>
Volker
|
|
Another 4k per open pipe
|
|
lp_use_kerberos_keytab parameter.
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum. Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab
For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only
The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.
The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode. This keytab is only used in
ads_verify_ticket.
|
|
This was mainly used for debugging output
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Guenther
|
|
(This used to be commit 256c93a8b3d4d9a4e52a656c91b89a043a087066)
|
|
This scans the list of pipes registered via rpc_pipe_register_commands instead
of using static tables.
(This used to be commit 283e6039989adea1c8921b3600b410cb67b6492a)
|
|
The per-server xxx_get_pipe_fns functions can go once all the RPC servers are
converted
(This used to be commit 6aa2391cbe1cbda8269ded767117f53d83b243e1)
|
|
This requires to store the rpc_interface in "struct rpc_table"
(This used to be commit 654f8de8497aff29f9b1f1822b6a8e734ff329e0)
|
|
(This used to be commit 8be41382ed9bb4fb44a1846fff2c7652388e4f28)
|
|
(This used to be commit aefad64e3a5c86d2f988d47e6215ed2085b8fc47)
|
|
(This used to be commit 41d2daeaa5a87da82a0debc4c9cfe14976215bd8)
|
|
(This used to be commit d621867bb8767e1c4236d28dd9294a61db6cbb10)
|
|
(This used to be commit 829b1ad4697f2f1ea008377d591456722dccd025)
|
|
No functional change, this is a preparation for more current_user ref removal
(This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
|
|
duplication.
(This used to be commit 428654b473ba44b2f5340eefef0d4fcd51aff558)
|
|
(This used to be commit 7bea00dca1ee08ef731dfa73110ef9c190a29919)
|
|
(This used to be commit aacb07b1b0f674b8cb92347ef4b4dd1e7808dde8)
|
|
Not exactly an uninitialized variable, but having Coverity figure out that
we're only UNMARSHALLING here is probably asking for a bit too much.
(This used to be commit 07a9f7daa83c94afefe0d81db4812135121862c2)
|
|
Guenther
(This used to be commit a5f0186f70abe8dba650265219e69ce5ca2fb642)
|
|
(This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
|
|
Guenther
(This used to be commit 997a0a4a12d97595ff4df963601cf2c24d612972)
|
|
Guenther
(This used to be commit aa7023b88d3161897b9616d950c2a99624d81931)
|
|
Guenther
(This used to be commit acce1092d90db1f90265de44fd340d7df73e4e0e)
|
|
Guenther
(This used to be commit 7845a0d9a8f938c1be888ab2d9aa6c35d6f1dbad)
|
|
Jeremy.
(This used to be commit 67768fc71f9bd7ff3d61acc50360356b524ae923)
|
|
Guenther
(This used to be commit c6d9650930510982ef4e4759272dba573fc81067)
|
|
Guenther
(This used to be commit 2df3408079fc382d00d01a0b82b0b8e1ffeba6e4)
|
|
hand-written ones.
Guenther
(This used to be commit d5ebfccebb1f1b56b45673a506fcdb414103c43b)
|
|
This actually shows up in a valgrind massif run with 4.1% of allocated memory.
I don't see why we would have to make a copy here.
Metze?
(This used to be commit 616d6b97e594a846e9b3ac4cbe48538d649462e9)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
INTEGRITY
and PRIVACY, so no other cases to take care of so far...
Andrew B., if you have time, could you take a look? This makes us survive the
RPC-SAMBA3SESSIONKEY test.
Volker
(cherry picked from commit 25cc1e7ff15675b70001d1cb8d8584880650dd2e)
(This used to be commit b4746009735bf66b2578b884973c505b0363a79d)
|
|
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
|
|
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
(This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
|