Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
|
|
|
|
We need to pass down flags to the DCE/RPC layer to allow fallback to
anonymous connections, as we can't log in with an expired password.
The anonymous connection can then change the password with SAMR.
Andrew Bartlett
|
|
The client side code was not falling back to older routines correctly
as it didn't check for the operation range error appropriately. It
also used the old rpc semantics.
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
|
|
metze
(This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
password set'
metze
(This used to be commit 9bbe4733562a8fc6fe49377a47e482a14a6efc61)
|
|
libnet_SetPassword()
- as the SetUserInfo2() levels 26/25 and 24/23 have the same encryption
but 26 and 24 change only the password and 25 and 23 take a info21 and change the password,
we now use 26 with fallback to 24 or 25 with fallback to 23.
- use samr_SetUserInfo2() to match what w2k3 does (works also against nt4)
- pass the info21 to libnet_SetPassword() to set acct_flags and full_name
together with the password (to match what w2k3 does)
metze
(This used to be commit 1b86af32f3069cc75ae645698d3f92a0798e38f7)
|
|
Guenther
(This used to be commit 556666756418ad50c533199c736fe3696a7e20cb)
|
|
* Move dlinklist.h, smb.h to subsystem-specific directories
* Clean up ads.h and move what is left of it to dsdb/
(only place where it's used)
(This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
|
|
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
|
|
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
|
|
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
|
|
Andrew Bartlett
(This used to be commit 0aa7160a66ee6951311fd7076faa2d27e25d620d)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
the remote server's name, or in the absence of a local nbt_server to
communicate with (or without root access), a node status request.
The result is that we are in a better position to use kerberos, as well
as to remove the 'password server' mandatory parameter for the samsync
and samdump commands. (I need this to put these into SWAT).
The only problem I have is that I must create a messaging context, which
requires a server ID. As a client process, I don't expect to get
messages, but it is currently required for replies, so I generate a
random() number. We probably need the servers to accept connections on
streamed sockets too, for client-only tasks that want IRPC.
Because I wanted to test this code, I have put the NET-API-* tests into
our test scripts, to ensure they pass and keep passing. They are good
frontends onto the libnet system, and I see no reason not to test them.
In doing so the NET-API-RPCCONNECT test was simplified to take a
binding string on the command line, removing duplicate code, and
testing the combinations in the scripts instead.
(I have done a bit of work on the list shares code in libnet_share.c
to make it pass 'make test')
In the future, I would like to extend the libcli/findds.c code (based
off volker's winbind/wb_async_helpers.c, which is why it shows up a bit
odd in the patch) to handle getting multiple name replies, sending a
getdc request to each in turn.
(posted to samba-technical for review, and I'll happily update with
any comments)
Andrew Bartlett
(This used to be commit 7ccddfd3515fc2c0d6f447c768ccbf7a220c3380)
|
|
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.
This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).
This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.
I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
|
|
metze
(This used to be commit 5933b00461e6e7c7f0ab60d61f9be215aa68c317)
|
|
metze
(This used to be commit e601042c07d7b6eed0dc34e5b136d9266b8a0f81)
|
|
(it's quite common).
rafal
(This used to be commit 798b00c24ae30a08ac81342d13130a6a2f9d3a08)
|
|
NT4 apparently returns this.
Andrew Bartlett
(This used to be commit 06b1416c3162a525eac9626957dd3e4adf1d257e)
|
|
metze needs a working tree...
The main volume of this patch was what I started working on today:
- Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context.
- Uses sepereate inner loops for some of the DCE/RPC tests
The other and more important part of this patch fixes issues
surrounding the new credentials framwork:
This makes the struct cli_credentials always a talloc() structure,
rather than on the stack. Parts of the cli_credentials code already
assumed this.
There were other issues, particularly in the DCERPC over SMB handling,
as well as little things that had to be tidied up before test_w2k3.sh
would start to pass.
Andrew Bartlett
(This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
|
|
(This used to be commit 6749b9404d4e9876ecd964e038c608f05d2c0b69)
|
|
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
|
|
Andrew Bartlett
(This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
|
|
RPC client libs, and to make the fallback between the various SAMR
levels easier to manage.
I'm starting to enjoy the structure that libnet has actually, and I'm
about to build 'net join' on that basis (and I didn't want to have to
duplicate the password set code).
Andrew Bartlett
(This used to be commit f1dd179a50d2c9c81b90a621459c93b0d60e2609)
|
|
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and
SEC_RIGHTS_FULL_CONTROL, which are just other names for
SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names
match the new naming conventions in security.idl
Also added names for the generic->specific mappings for files are
directories
(This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
|
|
NETLOGON.
In particular, rename samr_Name to samr_String - given that many
strings in this pipe are not 'names', the previous was just confusing.
(I look forward to PIDL turning these into simple char * some day...).
Also export out a few changes from testjoin.c to allow for how I have
written the new RPC-SAMSYNC test.
Andrew Bartlett
(This used to be commit 9cd666bcfb1fc752a4717010a7c4f05131dc728e)
|
|
(This used to be commit 8e9212ecfc61c509f686363d8ec412ce54bc1c8d)
|
|
(This used to be commit 3f75117db921e493bb77a5dc14b8ce91a6288f30)
|
|
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.
This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
(This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
|
|
These two functions do exactly the same thing, I'll be removing
str_charnum shortly.
Andrew Bartlett
(This used to be commit 5eaa4c97488671a0b7ff539d4d392cbaa29fa489)
|
|
have the handle type implied by the parameter name. There are four
types of handle: connect, domain, user and group handles. The
various samr_Connect functions return a connect handle, and the
samr_OpenFoo functions return a foo handle.
There is one exception - the samr_{Get,Set}Security function can
take any type of handle.
Fix up all C callers.
(This used to be commit 32f0f3154a8eb63de83145cbc8806b8906ccdc3e)
|
|
metze
(This used to be commit 56e21d0ce29b13808bbbd2a6c0464948886d317d)
|
|
metze
(This used to be commit 85ba7b4d60be3f771364aebc9c803da26d2c090b)
|
|
metze
(This used to be commit d31405ff2f379e9627cc9ee3acaf61e2ccc0f6e4)
|
|
because we may have other rpc levels in future
add more comments about what's going on
check the rsult of samr_OpenUser
metze
(This used to be commit 741f95909b42eb55a251e5de991e5b3185714e3e)
|
|
this currently tries only SetUserInfo26
the fallback is not yet done
metze
(This used to be commit af6b5673b05e7fc1c876a248f99bc71faeec9538)
|
|
metze
(This used to be commit 1c72f30650655b03fb04a34188a959dfe917b5ec)
|
|
(NOTE: this code pass isn't called yet,
because pidl mixes the NTSTATUS of transport and request layer,
and will be fixed soon)
metze
(This used to be commit 84c06d9ab0366772f71be088c53da9618e2555fe)
|