| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
an ADS join, particularly as a DC. This represents the bulk of his
Google SOC work, and I'm very pleased to intergrate it into the tree.
(Metze will intergrate the DRSUAPI work later).
Both metze and myself have also put a lot of time into this patch, and
in mentoring Brad in general. In return, Brad has been a very good
student, and has taken the comments well.
Since it's last appearance on samba-technical@, I have made
correctness and valgrind fixups, as well as adding a new 'BINDING'
mode to the libnet_rpc routines. This allows the exact binding string
to be passed down from the torture code, including options and exact
target host.
Andrew Bartlett
(This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
|
|
metze
(This used to be commit d75c97b8476357bee4d3ba5f8464193c8d296cdd)
|
|
rafal
(This used to be commit 88e7b9c2371383c469e2db73d4c8dca70aca7586)
|
|
rafal
(This used to be commit 9885749e36435b301c992e50d0a189860cfa4b5e)
|
|
rafal
(This used to be commit 6736ab102f60f8e14d10f430f3e5a0eef478bc81)
|
|
implementers of more complex function might need to use it.
Also simplify io structure which essentially does the same thing
when connecting arbitrary rpc server or a domain pdc.
rafal
(This used to be commit b28d2e96392e89e39f2499f54b6e549a8f3cfb4b)
|
|
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.
Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.
There were 3 places where I punted:
- abartlet wanted me to add a gensec_set_event_context() call
instead of adding it to the gensec init calls. Andrew, my
apologies for not doing this. I didn't do it as adding a new
parameter allowed me to catch all the callers with the
compiler. Now that its done, we could go back and use
gensec_set_event_context()
- the ejs code calls auth initialisation, which means it should pass
in the event context from the web server. I punted on that. Needs fixing.
- I used a NULL event context in dcom_get_pipe(). This is equivalent
to what we did already, but should be fixed to use a callers event
context. Jelmer, can you think of a clean way to do that?
I also cleaned up a couple of things:
- libnet_context_destroy() makes no sense. I removed it.
- removed some unused vars in various places
(This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
|
|
libnet context.
rafal
(This used to be commit 702a4dd2dcb776e18acb294c87b8f460516d1383)
|
|
(This used to be commit b896daf11c3efb1b3ca939575da9dab82b395777)
|
|
metze needs a working tree...
The main volume of this patch was what I started working on today:
- Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context.
- Uses sepereate inner loops for some of the DCE/RPC tests
The other and more important part of this patch fixes issues
surrounding the new credentials framwork:
This makes the struct cli_credentials always a talloc() structure,
rather than on the stack. Parts of the cli_credentials code already
assumed this.
There were other issues, particularly in the DCERPC over SMB handling,
as well as little things that had to be tidied up before test_w2k3.sh
would start to pass.
Andrew Bartlett
(This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
|
|
- gtk+ (returned by GtkHostBindingDialog as well now)
- torture/
- librpc/
- lib/com/dcom/
(This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
|
|
(This used to be commit e5bc6f4f1716568ae7022d61b5b35ee047b58414)
|
|
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
|
|
rafal
(This used to be commit 38ac6b8d570fa02bc32899521d42ba7237f77024)
|
|
which will eventually try all resolution methods setup in smb.conf
- only resolution backend at the moment is bcast, which does a
parallel broadcast to all configured network interfaces, and takes
the first reply that comes in (this nicely demonstrates how to do
parallel requests using the async APIs)
- converted all the existing code to use the new resolve_name() api
- removed all the old nmb code (yay!)
(This used to be commit 239c310f255e43dd2d1c2433f666c9faaacbdce3)
|
|
(This used to be commit 8e9212ecfc61c509f686363d8ec412ce54bc1c8d)
|
|
I have created the include/system/ directory, which will contain the
wrappers for the system includes for logical subsystems. So far I have
created include/system/kerberos.h and include/system/network.h, which
contain all the system includes for kerberos code and networking code.
These are the included in subsystems that need kerberos or networking
respectively.
Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C
file, instead each C module includes the include/system/XXX.h file for
the logical system support it needs, and the details are kept isolated
in include/system/
This patch also creates a "struct ipv4_addr" which replaces "struct
in_addr" in our code. That avoids every C file needing to import all
the system networking headers.
(This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
|
|
metze
(This used to be commit 56e21d0ce29b13808bbbd2a6c0464948886d317d)
|
|
- add LIB_RPC_CONNECT_STANDARD level which takes a server name
and the PIPE NAME,UUID and VERSION
metze
(This used to be commit 6aeaa6aca39c8c2a9edf8d4b3e538bebb68070d7)
|
|
metze
(This used to be commit d0e518e7d0edcf64a3d7173ff8d38f221db1ce6e)
|
|
and fallback to a workstation name
metze
(This used to be commit 2012d90f268f69a3a4e5890a0f3615237853bd0b)
|
|
but we need to find the real pdc for the users domain
and fallback to other levels
metze
(This used to be commit f1b9c1f3dd0fb927c065541da900ae43e0018a62)
|
|
doing a
password change
- add start of libnet_SetPassword
- use KRB5 and LDAP instead of ADS as ADS isn't a protocol
- add start of lib_rpc_connect()
metze
(This used to be commit 05c40dca8ad1ab020aa75282da046f1dbce2a52a)
|
