summaryrefslogtreecommitdiff
path: root/source3/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2000-01-11modified smbd/msrpc credential transfer system. user session keyLuke Leighton1-0/+10
is *missing* from samba cvs main, therefore it is set to all zeros. this will cause, amongst other things, administrator-changing-user-passwords, and setting up new accounts, to fail, as the user's password can only be decoded with the session key (in this case, the administrator's usr sess key). it's never a perfect world, is it? (This used to be commit 3362fcdfa492cfd1d9d4ec35ef2108192302b984)
2000-01-04using read_with_timeout(), min data size 16 bytes (DCE/RPC header), maxLuke Leighton1-1/+5
size of SMBtrans response, timeout of 10 seconds. read_data() _certainly_ doesn't work, as you don't know what size of the data is going to come back that needs to be fed back in the SMBtrans response. yes, oops :-) (This used to be commit 70d6f7635776bba98c9c09405eff6c2087dac590)
2000-01-04oops, must use read_data() not read(), as read() may only provideLuke Leighton1-2/+2
part of the data stream. read_data() is a wrapper to guarantee receiving exactly the requested number of bytes. (This used to be commit 90c27b7bffa9b2121eaed0e07931830c3ba308d7)
2000-01-03simple mods to add msrpc pipe redirection. default behaviour: fall backLuke Leighton3-998/+1167
to using internal msrpc code in smbd. (This used to be commit 8976e26d46cb991710bc77463f7f928ac00dd4d8)
1999-12-132nd phase of head branch sync with SAMBA_2_0 - this delets all the files ↵Andrew Tridgell4-4289/+0
that were in the head branch but weren't in SAMBA_2_0 (This used to be commit d7b208786590b5a28618590172b8d523627dda09)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell11-4481/+3146
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-12final part of "first" phase converting over to msrpc daemon architecture.Luke Leighton4-34/+19
done a minimal amout of clean-up in the Makefile, removing unnecessary modules from the link stage. this is not complete, yet, and will involve some changes, for example to smbd, to remove dependencies on the password database API that shouldn't be there. for example, smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa API. this first implementation has minor problems with not reinstantiating the same services as the caller. the "homes" service is a good example. (This used to be commit caa50525220b0d0250fa139367593c2de2c12135)
1999-12-12delineation between smb and msrpc more marked. smbd now constructsLuke Leighton11-599/+739
pdus, and then feeds them over either a "local" function call or a "remote" function call to an msrpc service. the "remote" msrpc daemon, on the other side of a unix socket, then calls the same "local" function that smbd would, if the msrpc service were being run from inside smbd. this allows a transition from local msrpc services (inside the same smbd process) to remote (over a unix socket). removed reference to pipes_struct in msrpc services. all msrpc processing functions take rpcsrv_struct which is a structure containing state info for the msrpc functions to decode and create pdus. created become_vuser() which does everything not related to connection_struct that become_user() does. removed, as best i could, connection_struct dependencies from the nt spoolss printing code. todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific info on a per-connection basis, and if the connection dies then so does the info, and that's a fairly serious problem. had to put pretty much everything that is in user_struct into parse_creds.c to feed unix user info over to the msrpc daemons. why? because it's expensive to do unix password/group database lookups, and it's definitely expensive to do nt user profile lookups, not to mention pretty difficult and if you did either of these it would introduce a complication / unnecessary interdependency. so, send uid/gid/num_groups/gid_t* + SID+num_rids+domain_group_rids* + unix username + nt username + nt domain + user session key etc. this is the MINIMUM info identified so far that's actually implemented. missing bits include the called and calling netbios names etc. (basically, anything that can be loaded into standard_sub() and standard_sub_basic()...) (This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
1999-12-08ABOUT TIME!!!!!!!!Luke Leighton1-1/+5
damn, this one is bad. started, at least two days ago, to add an authentication mechanism to the smbd<->msrpc redirector/relay, such that sufficient unix / nt information could be transferred across the unix socket to do a become_user() on the other side of the socket. it is necessary that the msrpc daemon inherit the same unix and nt credentials as the smbd process from which it was spawned, until such time as the msrpc daemon receives an authentication request of its own, whereupon the msrpc daemon is responsible for authenticating the new credentials and doing yet another become_user() etc sequence. (This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
1999-12-06the first independent msrpc daemon - lsarpcd.Luke Leighton2-13/+132
one horrible cut / paste job from smbd, plus a code split of shared components between the two. the job is not _yet_ complete, as i need to be able to do a become_user() call for security reasons. i picked lsarpcd first because you don't _need_ security on it (microsoft botched so badly on this one, it's not real. at least they fixed this in nt5 with restrictanonymous=0x2). fixing this involves sending the current smb and unix credentials down the unix pipe so that the daemon it eventually goes to can pick them up at the other end. i can't believe this all worked!!! (This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
1999-11-29attempting to resolve the issue that multiple servers often specified inLuke Leighton1-17/+17
parameters to connect to \PIPE\NETLOGON. (This used to be commit d1986ade30bdcac1f49707221a3e5a5ae597ce62)
1999-11-27further abstraction involving client states. main client-side codeLuke Leighton1-30/+22
is pretty much independent of SMB client states, which will make it easier to add other transports. (This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
1999-11-25cool! completed a samr* API that _would_ look like an msdn samr* api...Luke Leighton1-2/+8
if microsoft bothered to publish it. actually, there are good reasons for not publishing it: people might write programs for it, and then those programs wouldn't work on nt5, for example... (This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
1999-11-24service control manager API completed. svcenum -i works, but does notLuke Leighton1-0/+1
do so twice. possible memory corruption, revolving around getopt(). (This used to be commit 7cacf8bd026f1ee274f1d352c68cf79cf4f3b499)
1999-11-24first stages of removing struct cli_state* and uint16 fnum from allLuke Leighton1-7/+17
msrpc client code. the intent is to hide / abstract / associate connection info behind policy handles. this makes the msrpc functions look more and more like their nt equivalents. who-hou! (This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
1999-11-24WARNING! MOVED rpc_server/srv_lsa_hnd.c TO lib/util_hnd.cLuke Leighton1-4/+3
CVS UPDATE MAY ISSUE WARNING ABOUT lib/util_hnd.c MODIFICATION DATE BEING IN THE FUTURE. CVS CHECKOUT A NEW REPOSITORY MAY BE SAFER. (This used to be commit c26e8a6ac59934ae580077df937439c2c538dbdb)
1999-11-24rewrote policy handle code to be generic (it's needed for client-side too)Luke Leighton5-124/+254
attempted to fix regsetsec command (This used to be commit eaac0923e0e5e3f4c3d944272a71f3235ac2a741)
1999-11-21adding user session key into network netlogon response.Luke Leighton2-11/+37
(This used to be commit c73f6b0d02fa7700319ba696f54296006167e5d1)
1999-11-20dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()Luke Leighton1-0/+2
some of the server-side stuff. Realloc() was being used, so it Realloc()d some random area of memory. oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT() some of the server-side stuff. Realloc() was being used, so it Realloc()d some random area of memory. oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT() some of the server-side stuff. Realloc() was being used, so it Realloc()d some random area of memory. oops. (This used to be commit a51f62f4cf610c23e45251cedb543144747a3e54)
1999-11-19nt5rc2 falling over because the LsaQueryInfoPolicy() response _must_Luke Leighton1-1/+2
have the string max length = string length + 1. if not, then it gets its knickers in a twist over whether the string is NULL-terminated or not. four days. four days i spent on this one. (This used to be commit 9795e5948c698115e34c28993cdb82ba31377f5d)
1999-11-19The First Necessary UNICODE String Support.Luke Leighton1-12/+12
the random workstation trust account password is TOTAL garbage. i mean, complete garbage. it's nowhere CLOSE to being a UNICODE string. therefore we can't just take every second character. created nt_owf_genW() which creates NT#(password) instead of NT#(Unicode(pw)). followed through to the password setting in srv_samr.c (This used to be commit 172601b84ae94044b27ded917d4e0e21e47a5a66)
1999-11-19- bug in nmbd registering DOMAIN_NAME<1c> to WINS server; recursionLuke Leighton2-0/+99
desired flag MUST be set in any NBT UDP packets sent to a WINS server, else they will go to the WINS client side of the NT NetBIOS kernel instead, and will get trashed. - added \PIPE\browser server-side code. (This used to be commit 8e406c1fa296c3f97b1cd7ddde7b5aeb9232b26e)
1999-11-18responses to UDP samquery go back to SERVER<00> not DOMAIN<1c>, theLuke Leighton1-3/+5
request name. modified createuser rpcclient command to examine name being added. if it ends in a $, assume that a workstation trust account is being added. (This used to be commit 4aea261cb0e5f34255ff83271eb5cadb0eb78bc9)
1999-11-18set "key does not exist" response to reg_query_val() (win32 status codeLuke Leighton2-7/+38
of 0x2). [p.s. getting REALLY bored of this nt5rc2->samba domain stuff]. (This used to be commit a8801942f72b2394a54e4a46546029fac70efeed)
1999-11-18added samuserset2 rpcclient command to test ACB_XXX bit-setting onLuke Leighton1-0/+107
samr opcode 0x25. _yet_ another failed attempt to get nt5rc2 to join a samba domain. what _is_ it with this stuff, dammit? (This used to be commit c3913f8ae272c496fc4519141accf01ee9f1e49e)
1999-11-18updating reg_value_info() parsing code to take BUFFER2 instead of justLuke Leighton1-1/+5
a char*. now copes with multiple types. (This used to be commit 3df7c903c5b70f336294a95ad864aedbacf544b0)
1999-11-18added regqueryval command (experimental) to get reg_io_q_info() andLuke Leighton2-17/+41
reg_io_r_info() working properly. previously they weren't well understood (well, they were the first of the registry functions i did, back in december 97, ok??? :-) set ntversion to 0x1 in SAMQUERY, so that we reply same as NT4 srv. (This used to be commit 98ddeaf442cb30972cb281bf0489a6e5f7eb2883)
1999-11-16attempting to get nt5 wksta to join domain.Luke Leighton3-4/+21
1) had to fix samr "create user" and "set user info" (level 23). 2) had to fix netlogon enum trust domains 3) registry key needed \\ in it not \. (This used to be commit 70b2c1ecbb4fbbb86fea676c80754485aae5ab13)
1999-11-16added two new params: "trusted domains" and "trusting domains".Luke Leighton1-3/+7
these _may_ not actually ever get used, as trust relationships really need to be established with shared secrets, and you need to get the SID of the trusted and trusting domains, so this may have to go in a private/xxx.mac file. (This used to be commit 71f12138679251a9ebcada35969d9baea286a3e9)
1999-11-16added another dummy key so that NT5 can check in the registry whetherLuke Leighton1-1/+2
password changes are allowed or not. *dur*!!!! (This used to be commit b51fa05c820c4629b278dc294ad0a405ee470a6e)
1999-11-16Shirish Kalele <kalele@veritas.com> noticed that NT workstations areLuke Leighton1-18/+51
sending anonymous NTLMSSP user credentials to set up \PIPE\samr. added anonymous NTLMSSP sessions. (This used to be commit df5ee2bd427ccd5fcf27fd3c366e06e037bc4f1e)
1999-11-16Changes to implement NET_AUTH based on NET_AUTH2, to get Win2000Richard Sharpe1-2/+74
happier in joining a Samba domain. (This used to be commit 70274b5253182f3541584ecd844f07376a3d3df9)
1999-11-15added server-side samr enum domains. fixed some parsing issues, server-side.Luke Leighton1-1/+71
(This used to be commit 60b0840106a6f5c283a8339428f3cfeb62398355)
1999-11-15- added DCE/RPC "fault" PDU support.Luke Leighton1-1/+42
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be re-enabled but to be replaced with a better mechanism. - added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is sending DCE/RPC over SMBwrite not SMBwriteX. (This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
1999-11-08preparation for doing a spoolss enum jobs command. had to rewriteLuke Leighton1-97/+15
spoolss_enumjobs parsing code to do read / writes not just writes. (This used to be commit bc659a09f9103eee9616279e27fafacf89dcd9b9)
1999-11-06spoolss openprinterex / closeprinter client-code.Luke Leighton1-15/+15
experimental spoolopen <printer name> command added. jean-francois, f.y.i. i changed the #define for SPOOLSS_OPENPRINTEREX from op code 0x44 to 0x45. (This used to be commit ef7fa58fd3c259c765c3bc82424d4c0f192ec90e)
1999-11-02free up memory allocated by enum dom groups / aliasesLuke Leighton1-0/+20
(This used to be commit edb49e754b66ecb59685234338a96d48a53f0161)
1999-10-29more reshuffling of enum groups code. more higher order functions.Luke Leighton1-4/+4
(This used to be commit 497d4231723576390b10f5ea8704bd0af88d76ab)
1999-10-27rewrote api_net_sam_logon() to be a little clearer.Luke Leighton1-140/+136
(This used to be commit 3adc31083b5308e983e057c7b942242209d74f59)
1999-10-25one of those wonderful moments when running against a different MSRPCLuke Leighton1-5/+9
implementation (NT5) when you discover that your code is trash. samr_enum_dom_users(), samr_enum_dom_aliases() and samr_enum_dom_groups() all take a HANDLE for multiple-call enumeration purposes. (This used to be commit 19490d8b4fb8a103f3df4e6104f6f22937b0c518)
1999-10-21the dynamic memory alloc blood-fest goes on...Luke Leighton1-0/+3
(This used to be commit 134b20e2a7b5ddfa4cc9bf100de5025c7b98f594)
1999-10-21various. debug levels changed. nmbd doesn't need libsmb/clienttrust.c.Luke Leighton1-0/+1
samr_lookup_rids() moved to a dynamic memory structure not a static one limited to 32 RIDs. cli_pipe.c reading wasn't checking ERRmoredata when DOS error codes negotiated (this terminates MSRPC code with prejudice). (This used to be commit 8976eca2db43576c32069dcda017e8777048e007)
1999-10-15adding error checking in parsing codeLuke Leighton1-0/+1
(This used to be commit 4c98d71ebd3f1cdaef664d46c998c864af34632a)
1999-09-27don't leak printer handles,Jean-François Micouleau1-3/+14
don't coredump when adding forms, and a small non obvious memory leak in the rpc buffers J.F. (This used to be commit bee11f8889378b9f1cc6e2818fd0f8dd7ddcf10d)
1999-09-25Don't duplicate forms anymore, just update the definition.Jean-François Micouleau1-3/+36
Many memory leaks fixed. J.F. (This used to be commit f328ae8024584599324ae4263bb9fb89a358279f)
1999-09-24Correctly handle the dependent files in the printer_driver_info_3 structJean-François Micouleau1-5/+7
It means complex printer drivers should now download fine. J.F. (This used to be commit a893df5c00189d7e81efd619a4a4ee2bd8ead61f)
1999-09-09allan hourihane sent log 100 in which showed that some really old codeLuke Leighton1-15/+4
for lsa_close response was messing up. fixed by calling lsa_io_r_close() which i've been meaning to do for over eighteen months. (This used to be commit f9a0ea09486b18a130ce1a1e5381ca61e0293c75)
1999-08-31matthew chapman identified 4 previously unknown samr functions.Luke Leighton1-3/+3
(This used to be commit 001b53866c819045bc52330cad5746e1a2f7a4b1)
1999-08-30debugged enumgroups -g optionLuke Leighton1-2/+5
(This used to be commit 1cde47ba6a6409e0ae178ca9f44be2123bef0f9d)
1999-08-18patch from michael glauche to add session enum code into smbd.Luke Leighton1-6/+36
(This used to be commit e90e38c66d51dc1808f716c016299b1604636ce9)