summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett2-11/+2
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5940: fix schannel against w2k, it skips the confounder in the signature ↵Stefan Metzmacher1-1/+2
(24 bytes) for singed packets but it accepts 32 bytes from the client. (w2k3 accept it the otherway arround too) metze (This used to be commit 08d4c3b9f8558ee40c73a22b3ec110b052f28110)
2007-10-10r5929: Use cli_credentials for the SMB functions as well.Jelmer Vernooij2-25/+12
Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij1-59/+4
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5917: First step in using the new cli_credentials structure. This patchJelmer Vernooij1-1/+1
puts support for it into popt_common, adds a few utility functions (in lib/credentials.c) and the callback functions for the command-line (lib/cmdline/credentials.c). Comments are welcome :-) (This used to be commit 1d49b57c50fe8c2683ea23e9df41ce8ad774db98)
2007-10-10r5902: A rather large change...Andrew Bartlett9-25/+60
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5877: It is not an error to have a zero-length secret, after decryption.Andrew Bartlett1-3/+5
Andrew Bartlett (This used to be commit b484776cc4d48690d45c668f9253015eb0d6207d)
2007-10-10r5866: Add InitShutdown IDL and torture test.Jelmer Vernooij1-0/+2
Implement push side of NDR_LEN4|NDR_NOTERM strings (pull side was already present) (This used to be commit ea61ec1122841716ed5d90085ba79e7bf691bd6a)
2007-10-10r5737: add some error codesStefan Metzmacher1-0/+2
metze (This used to be commit f543eb4ede54ac361017878574b3f4b6ffc9f2d5)
2007-10-10r5668: Add tests to RPC-SAMLOGON to test for user@REALM style logins. TheseAndrew Bartlett1-0/+8
need a NULL domain (or a "" domain, except this breaks NTLMv2, and I need to look into it a bit more). Add support to the Samba4 server for these logins. This will need extension when we handle trusted domains as a DC, as it is a principal name, not just another format for the username. Andrew Bartlett (This used to be commit de02c7c222a32d2b3fb8ee8b715749b96cb647f9)
2007-10-10r5667: Move schannel state into libcli/auth (as it belongs with schannel,Andrew Bartlett3-0/+236
which will move in with the rest of GENSEC shortly). Add the RID as another element in the schannel state. Andrew Bartlett (This used to be commit 69114b4a8e1c937ab5ff12ca91dd22bd83fd9a3b)
2007-10-10r5646: state->loadfile might be NULL after allocation so this is reallyAlexander Bokovoy1-1/+1
should be NT_STATUS_HAVE_NO_MEMORY(state->loadfile) instead of NT_STATUS_NOT_OK_RETURN(status). (This used to be commit eb57a587889611bcf39d75d4e15b627f36899a53)
2007-10-10r5601: add a gsskrb5 backend that uses lorikeet-heimdal's new gssapi withStefan Metzmacher3-0/+598
GSS_C_DCE_STYLE support, it's just a start and does work correctly yet metze (This used to be commit 87ff661703f467db3dfcb33084041c3e2951e0ee)
2007-10-10r5551: Protect against falling off the end of the name resolve order listTim Potter1-1/+1
if a name is not found. (This used to be commit c23f767a9f5dd2dcae31bded540263b08876ecc2)
2007-10-10r5550: Initialise retry count - valgrind was freaking out because this valueTim Potter1-0/+1
was not set. (This used to be commit 328f37a3e8d10f97f361fb041be24f1ac88b6b0a)
2007-10-10r5451: - added separate wrepl_associate(), wrepl_pull_table() and ↵Andrew Tridgell2-0/+313
wrepl_pull_names() functions, with reasonable parameters, so callers don't need to deal directly with wins replication packet structures - converted the NBT-WINSREPLICATION torture test to use the new APIs (This used to be commit cec1672662b7e5b1bdf843e9dee317aa4b03f719)
2007-10-10r5437: Allow Samba4 to be compiled by tcc (www.tinycc.org). It still crashes ↵Jelmer Vernooij1-46/+46
when linking though. (This used to be commit 2e1e8db6dc877eb32b51cfc3d9c8f463d14530ec)
2007-10-10r5414: - added libcli/wins/, a basic client library for WINS replicationAndrew Tridgell3-0/+510
- added a new IDL type "udlongr", which is like udlong, but with the two uint32 halves reversed - modified the winsrepl.idl to cope with a wider range of packets (This used to be commit bc8d60c918f2e268d591aac464fc6a78c38a4cf9)
2007-10-10r5405: try to use NBT name pointers when a netbios name is repeated in a NBTAndrew Tridgell1-7/+25
packet. This allows much longer names to fit within the limits of NBT name packets (rfc1002.txt also says this should be done, although Samba3 never generates them). The main reason for doing this is it means that our NBT name pointer decoding code is tested with the smbtorture tests (This used to be commit 6e2feef125daceb143c44c0c4ab73b010b311792)
2007-10-10r5404: allow spaces in the string representation of nbt namesAndrew Tridgell1-3/+4
(This used to be commit dd3d4ded21e50130243de3b35927368875620d47)
2007-10-10r5398: fixed encoding of *SMBSERVER name (thanks to Karl Melcher for ↵Andrew Tridgell1-1/+1
spotting this) (This used to be commit 76c49851b921c137c59c45084c5dab95f1c16f58)
2007-10-10r5396: fixed parsing of NBT type 0xc0 compressed name pointersAndrew Tridgell1-1/+2
(This used to be commit 666cc65d10012fa2a413dfa619fbc4599f752728)
2007-10-10r5392: added "secure" WINS server processing. Send a WACK on nameAndrew Tridgell1-1/+2
registrations from anyone who isn't a current owner, then query the owner addresses to see if they still want it. (This used to be commit 8dc2a028d3ca0115d3173df435d926d7b6a4d5d5)
2007-10-10r5391: cope with w2k3 getting the timeout wrong in wack repliesAndrew Tridgell1-3/+3
(This used to be commit 75766603e325d515a718b1d1ab0f08160ea1f790)
2007-10-10r5382: another place where we need to uppercase the called name for port 139 ↵Andrew Tridgell1-2/+4
connects (This used to be commit b13cea5b2b55ce3d4109666cf51af6ffd879d15d)
2007-10-10r5371: on port 139 the called name needs to be in uppercaseAndrew Tridgell1-2/+2
(This used to be commit c5aef260c4581bfc0d32ec09fac3414156c40230)
2007-10-10r5358: - added initial WINS server code. It passes most of the NBT-WINS ↵Andrew Tridgell1-2/+2
test, but doesn't yet do secure server WACK responses - added a ldap_string_to_time() function, for converting a LDAP formatted time to a time_t (This used to be commit 9aa3313b3f93e47e3f93028e072f6a23b3c22385)
2007-10-10r5356: fixed the hex coding for nbt namesAndrew Tridgell1-1/+1
(This used to be commit e467715c63624e165b79b37bd21b381d7a99d0fe)
2007-10-10r5352: added a function nbt_name_string() that formats a nbt_name structureAndrew Tridgell2-3/+59
as a human readable string. The format is designed to be able to be used as the DN for the WINS database as well, while coping with arbitrary bytes in the name (except nul bytes) (This used to be commit aac3090e3504ba07124a9d480322a98efb97175e)
2007-10-10r5330: Remove #include <sys/time.h> from includes.h.Andrew Bartlett3-0/+3
Add #include "system/time.h" back (it was removed in some of these places because the definitions were provided by <sys/time.h> on tridge's platform.) Andrew Bartlett (This used to be commit 34b1da730304bed7fee5bae7cbde7fbccecb6af5)
2007-10-10r5328: - allow case sensitive nbt name lookupsAndrew Tridgell2-6/+11
- added --case-sensitive option to nmblookup - added case sensitivity tests to the NBT-WINS test (This used to be commit 80a95d5688e055b36727e5c043cb36322d719763)
2007-10-10r5326: removed the charset conversion from the nbtname code, so we no longerAndrew Tridgell1-33/+4
convert from/to DOS strings in NBT names. This will allow us to support all foreign names as a WINS server, as long as they don't contain a 0 byte. (This used to be commit 8e5d3a74d341de086d850d823cf8a1bfc9387fe8)
2007-10-10r5325: - expanded the NBT-WINS test to include scopesAndrew Tridgell1-3/+6
- fixed the bugs that the new test found (This used to be commit 6d775f12168d51ce92a3f7e17f4bf06357d41a06)
2007-10-10r5322: removed a whole bunch of #include lines that minimal_includes.plAndrew Tridgell16-17/+0
thinks are not needed. Now to see how this fares on the build farm :) (This used to be commit 80ffcc650c9c86141507edd8338b97814a85f868)
2007-10-10r5309: removed ads.h from includes.hAndrew Tridgell1-1/+2
(This used to be commit 196c45b834c39f293b9533cec5cfe5a77382d4e2)
2007-10-10r5308: trimmed back a lot of the old macros from smb_macros.hAndrew Tridgell1-2/+2
(This used to be commit bf43c9bdcf9e654d123f6a2b29feb9189ca9e561)
2007-10-10r5305: removed libcli/ldap/ldap.h from includes.hAndrew Tridgell5-0/+63
(This used to be commit 0df3fdd8178085c40f9cd776cc3e1486ca559c8e)
2007-10-10r5304: removed lib/socket/socket.h from includes.hAndrew Tridgell3-0/+3
(This used to be commit b902ea546d2d1327b23f40ddaeeaa8e7e3662454)
2007-10-10r5300: more uint32 and system/filesys.h build fixes when developer mode is ↵Andrew Tridgell4-4/+6
enabled (This used to be commit 93931b1a741a3722c311ada80c4c9d3d670f91b2)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell11-5/+14
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5294: - added a separate NBT-WINS test for WINS operations (register, ↵Andrew Tridgell5-8/+163
refresh, release and query) - change the iface_n_*() functions to return a "const char *" instead of a "struct ipv4_addr" I think that in general we should move towards "const char *" for all IP addresses, as this makes IPv6 much easier, and is also easier to debug. Andrew, when you get a chance, could you fix some of the auth code to use strings for IPs ? - return a NTSTATUS error on bad name queries and node status instead of using rcode. This makes the calling code simpler. - added low level name release code in libcli/nbt/ - use a real IP in the register and wins nbt torture tests, as w2k3 WINS server silently rejects some operations that don't come from the IP being used (eg. it says "yes" to a release, but does not in fact release the name) (This used to be commit bb1ab11d8e0ea0bd9ae34aebeb565d36fe4b495f)
2007-10-10r5286: Some first steps in making the pidl code somewhat more generic for theJelmer Vernooij1-2/+2
various data types: Add ndr_flags argument to all ndr push/pull scalar functions (This used to be commit ab490c0c882bb13de190546c50a0631ecb8255ad)
2007-10-10r5275: - added support for NBT_OPCODE_MULTI_HOME_REG (opcode 0xf) for WINS ↵Andrew Tridgell4-16/+218
name registrations - fixed a bug in the send queue handling on timeouts - added support for handling unexpected replies (replies to the wrong port) at the nbtsocket layer - added separate layer 2 code for wins refresh and wins registration (This used to be commit 2502b02898407e3262c09a5a4aa573c5f87b8f5f)
2007-10-10r5261: translate nbt rcode errors to NTSTATUS codesAndrew Tridgell3-0/+30
(This used to be commit 554d1b70e73faeb1f5ecf88f31c5810d86d76200)
2007-10-10r5260: - show an error message on nmblookup failureAndrew Tridgell1-4/+2
- always try to enable broadcast on nbt name sockets (this matches samba3 behaviour better) (This used to be commit 919bc14e7bbc04479cf11f7a7fd4c5e46616ef46)
2007-10-10r5250: - added low level support for retrying nbt name queries, rather thanAndrew Tridgell5-63/+297
having the 2nd layer functions do retries themselves. This makes the code simpler, and allows the TRN_ID to be reused in the retry (which is how it is supposed to work). - added support for WACK replies to nbt name requests. A WACK reply specifies a timeout to wait for the real reply. - added WINS name refresh async calls, supporting multiple wins servers and multiple IPs to register (This used to be commit 76be35cb990de830c2451d9e48cb2c40a4befdb7)
2007-10-10r5237: Add error code for "class not registered"Jelmer Vernooij1-0/+1
(This used to be commit b72a0ac654857273eaaf3c5e32d86abed0af3ceb)
2007-10-10r5199: fix some minor configure bugsStefan Metzmacher1-1/+1
metze (This used to be commit 274ef2a206aa00b3155adc27f5b7e35d3fa52bf6)
2007-10-10r5197: moved events code to lib/events/ (suggestion from metze)Andrew Tridgell7-7/+7
(This used to be commit 7f54c8a339f36aa43c9340be70ab7f0067593ef2)
2007-10-10r5195: most events don't need the time of the event, so save a ↵Andrew Tridgell4-5/+4
gettimeofday() call and just use timeval_current() when its actually needed (This used to be commit 236403cc4dc2924ed6a898acae0bb44cc1688dcc)