Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-07-13 | s3-dcerpc: use dceprc_push_ncacn_packet_header in create_next_pdu_noauth() | Simo Sorce | 1 | -17/+23 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-07-13 | s3-dcerpc: Use dcerpc_push_ncacn_packet_header() in create_next_pdu_schannel() | Simo Sorce | 1 | -15/+27 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-07-13 | s3-dcerpc: use dcerpc_push_ncacn_packet_header() in create_next_pdu_ntlmssp() | Simo Sorce | 1 | -21/+26 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-07-13 | s3-dcerpc: Use dcerpc_set_frag_length() | Simo Sorce | 1 | -4/+5 | |
Automatically calculate the fragment length where possible. Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-07-08 | s3-dcerpc: Use dcerpc_pull_dcerpc_auth in api_pipe_bind_auth3() | Simo Sorce | 1 | -19/+13 | |
2010-07-08 | s3-dcerpc: Use dcerpc_auth in api_pipe_bind_req() | Simo Sorce | 1 | -82/+85 | |
2010-07-08 | s3:dcerpc Use prs_parse_dcerpc_bind | Simo Sorce | 1 | -27/+36 | |
2010-07-08 | s3:rpc user idl define dcerpc_ctx_list instead of custom RPC_CONTEXT | Simo Sorce | 1 | -9/+13 | |
2010-07-07 | s3-dcerpc: use dcerpc_push_ncacn_packet() for setup_fault_pdu(). | Günther Deschner | 1 | -28/+18 | |
Guenther Signed-off-by: Simo Sorce <idra@samba.org> | |||||
2010-07-07 | s3-dcerpc: use dcerpc_push_ncacn_packet() for setup_bind_nak(). | Günther Deschner | 1 | -14/+16 | |
Guenther Signed-off-by: Simo Sorce <idra@samba.org> | |||||
2010-07-01 | s3:auth Fix switch statement referencing a uninitialized variable | Simo Sorce | 1 | -1/+1 | |
Looking at the original commit (9a747d500fad699038ecf75615c680a9fd9e4cc7) this seem the right solution. Andrew please check. | |||||
2010-06-16 | Remove an unused chunk of code (will make it easier to talloc'ize prs_XXX). | Jeremy Allison | 1 | -49/+0 | |
Jeremy. | |||||
2010-06-08 | Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS" | Volker Lendecke | 1 | -4/+3 | |
This reverts commit edba46ce94c335411ab337eeb4ef6f88fb3aae80. Conflicts: source3/auth/auth_ntlmssp.c | |||||
2010-06-07 | s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSP | Andrew Bartlett | 1 | -0/+21 | |
This allows the right hooks to be called in GENSEC when s3compat implements the auth_ntlmssp interface. Otherwise, we can't do the signing or sealing as we have not negoitated it's use. Andrew Bartlett | |||||
2010-06-07 | s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS | Andrew Bartlett | 1 | -3/+4 | |
It's nicer to have an NTSTATUS return, and in s3compat there may be a reason other than 'no memory' why this can fail. Andrew Bartlett | |||||
2010-06-04 | s3-rpc: Seperate rpc_srv_register for plain connection. | Andreas Schneider | 1 | -125/+32 | |
This will make it possible to create plain rpc named pipe connnections. Reviewed-by: Simo Sorce <idra@samba.org> | |||||
2010-05-31 | s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet() | Andrew Bartlett | 1 | -7/+9 | |
This ensures the results can't be easily left to leak. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-31 | ntlmssp: Make the ntlmssp.h from source3/ a common header | Andrew Bartlett | 1 | -1/+1 | |
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-31 | s3:auth Remove AUTH_NTLMSSP_STATE typedef. | Andrew Bartlett | 1 | -7/+7 | |
typedefs are no longer preferred Samba style. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-31 | s3:auth Make AUTH_NTLMSSP_STATE a private structure. | Andrew Bartlett | 1 | -26/+27 | |
This makes it a little easier for it to writen in terms of GENSEC in future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-18 | s3: Remove use of iconv_convenience. | Jelmer Vernooij | 1 | -5/+4 | |
2010-03-24 | s3:ntlmssp: use client.netbios_name instead of workstation | Stefan Metzmacher | 1 | -1/+2 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-04 | srv_pipe.c doesn't reference current_user anymore. Remove it. | Jeremy Allison | 1 | -2/+0 | |
Jeremy. | |||||
2010-02-23 | schannel_tdb: make code compilable in both trees | Simo Sorce | 1 | -1/+1 | |
2010-02-23 | s3:schannel streamline interface | Simo Sorce | 1 | -1/+1 | |
Make calling schannel much easier by removing the need to explicitly open the database. Let the abstraction do it instead. | |||||
2010-02-18 | More fixes for bug #7146 - Samba miss-parses authenticated RPC packets. | Jeremy Allison | 1 | -16/+31 | |
Alignment space calculations are tricky :-). Jeremy. | |||||
2010-02-18 | More fixes for bug #7146 - Samba miss-parses authenticated RPC packets. | Jeremy Allison | 1 | -14/+16 | |
Ensure we calculate the space correctly (including the ss_padding_len) when constructing reply packets. Jeremy. | |||||
2010-02-17 | Fix bug #7146 - Samba miss-parses authenticated RPC packets. | Jeremy Allison | 1 | -120/+311 | |
Parts of the Samba RPC client and server code misinterpret authenticated packets. DCE authenticated packets actually look like this : +--------------------------+ |header | | ... frag_len (packet len)| | ... auth_len | +--------------------------+ | | | Data payload | ... .... | | +--------------------------+ | | | auth_pad_len bytes | +--------------------------+ | | | Auth footer | | auth_pad_len value | +--------------------------+ | | | Auth payload | | (auth_len bytes long) | +--------------------------+ That's right. The pad bytes come *before* the footer specifying how many pad bytes there are. In order to read this you must seek to the end of the packet and subtract the auth_len (in the packet header) and the auth footer length (a known value). The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long as the pad alignment is on an 8 byte boundary (there are some special cases in the code for this). Tridge discovered there are some (DRS replication) cases where on 64-bit machines where the pad alignment is on a 16-byte boundary. This breaks the existing S3 hand-optimized rpc code. This patch removes all the special cases in client and server code, and allows the pad alignment for generated packets to be specified by changing a constant in include/local.h (this doesn't affect received packets, the new code always handles them correctly whatever pad alignment is used). This patch also works correctly with rpcclient using sign+seal from the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow) so even as a server it should still work with older libsmbclient and winbindd code. Jeremy | |||||
2009-12-22 | s3:ntlmssp: only include ntlmssp.h where actually needed | Andrew Bartlett | 1 | -0/+1 | |
Andrew Bartlett | |||||
2009-11-26 | s3-rpc: running minimal_includes.pl on rpc_client and rpc_server. | Günther Deschner | 1 | -2/+0 | |
Guenther | |||||
2009-11-08 | Revert "s3: Consolidate getting the name out of a pipes_struct" | Volker Lendecke | 1 | -15/+29 | |
This reverts commit 9621306351cdb469ef393a6d8cbeea456bc4bd9f. | |||||
2009-11-08 | Revert "s3: Do not reference ndr_table when calling rpc_srv_register" | Volker Lendecke | 1 | -7/+2 | |
This reverts commit 494b2aff8826947e3bd556aecb175746163da485. | |||||
2009-11-08 | s3: Do not reference ndr_table when calling rpc_srv_register | Volker Lendecke | 1 | -2/+7 | |
2009-11-08 | s3: Consolidate getting the name out of a pipes_struct | Volker Lendecke | 1 | -29/+15 | |
2009-11-07 | s3: get_pipe_name_from_iface -> get_pipe_name_from_syntax | Volker Lendecke | 1 | -17/+27 | |
2009-10-13 | s3:rpc: Fix is_known_pipename for dynamically loaded pipes | Volker Lendecke | 1 | -1/+22 | |
2009-09-17 | spnego: share spnego_parse. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2009-09-16 | libcli/auth: rewrite schannel sign/seal code to be more generic | Stefan Metzmacher | 1 | -17/+27 | |
This prepares support for HMAC-SHA256/AES. metze | |||||
2009-09-16 | s3-dcerpc: remove more obsolete or duplicate headers. | Günther Deschner | 1 | -15/+15 | |
Guenther | |||||
2009-09-16 | s3-schannel: add dump_NL_AUTH_SIGNATURE. | Günther Deschner | 1 | -23/+3 | |
Guenther | |||||
2009-09-16 | schannel: fully share schannel sign/seal between s3 and 4. | Günther Deschner | 1 | -25/+60 | |
Guenther | |||||
2009-09-15 | s3-dcerpc: really fix remaining old auth level constants. sorry... | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2009-09-15 | s3-dcerpc: fix remaining old auth level constants. | Günther Deschner | 1 | -13/+13 | |
Guenther | |||||
2009-09-15 | s3-dcerpc: remove duplicate RPC_AUTH_LEVEL flags. | Günther Deschner | 1 | -5/+5 | |
Guenther | |||||
2009-09-15 | s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags. | Günther Deschner | 1 | -15/+15 | |
Guenther | |||||
2009-09-13 | s3-schannel: fix api_pipe_schannel_process(), was using incorrect buffer length. | Günther Deschner | 1 | -1/+3 | |
Found by RPC-SCHANNEL torture test. Guenther | |||||
2009-09-11 | s3-schannel: use NL_AUTH_SIGNATURE for schannel sign & seal (client & server). | Günther Deschner | 1 | -8/+31 | |
Guenther | |||||
2009-09-11 | s3-schannel: use NL_AUTH_MESSAGE for schannel bind reply. | Günther Deschner | 1 | -10/+17 | |
Guenther | |||||
2009-09-08 | s3-rpc_server: use NL_AUTH_MESSAGE in pipe_schannel_auth_bind(). | Günther Deschner | 1 | -6/+23 | |
Guenther | |||||
2009-08-27 | s3-netlogon: use shared credential and schannel storage infrastructure for ↵ | Günther Deschner | 1 | -7/+11 | |
netlogon server. Guenther |