summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_rpc.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r17472: Remove unused variable.Rafal Szczesniak1-1/+0
rafal (This used to be commit 04c94e4a52b9253c6d2ae6e8376338f0b20dd070)
2007-10-10r17079: Remove an attempt to connect on ncacn_ip_tcp transport after failureRafal Szczesniak1-38/+0
on ncacn_np, as abartlet suggested. Also, named pipe remains the default transport for all kinds of servers to be contacted. rafal (This used to be commit 76888c74a66317a9888ea4c0965f0d33124c222f)
2007-10-10r17026: Make rpc connect routine a bit smarter. Try to connect againRafal Szczesniak1-7/+86
using different transport and possibly address type, when the first attempt fails (only if it makes any sense, of course). This may be especially useful when connecting DCs and PDCs in mixed environments. Also, add monitor messages issuing. rafal (This used to be commit d69b31230dd01efadd9c0cc6ef31c794c6165881)
2007-10-10r16694: Store lsa rpc pipe pointer in a right place.Rafal Szczesniak1-7/+12
rafal (This used to be commit fa6b52dbf7321d1a7f0fdea32ab2605951c2b35a)
2007-10-10r16226: Fixes for various segfault bugs found against a buggy Samba4. WithAndrew Bartlett1-0/+13
the current API we need to check both that the RPC didn't fault, and that the query succeeded. Also print the right things in debug messages. Andrew Bartlett (This used to be commit d18e515391f8f5038e9aaaba596099052011b53a)
2007-10-10r15858: - initialize s->r.outStefan Metzmacher1-13/+23
- don't check for mem_ctx, ctx and r, we should crash when they're wrong as it's a programmer error! - pass the error string to the caller metze (This used to be commit 5f65447f5dfafa6771a532c86fe2f87287c5467d)
2007-10-10r15625: Partial commit of my current work. It makes libnet api functionsRafal Szczesniak1-3/+28
a bit more smart and more aware of what libnet_context can offer. The context is a help when some of the arguments are not passed (programmer counts on using sensible defaults) and stores some of results so that similar subsequent calls don't need to reopen some of policy handles, pipes, etc. again. It also helps to hide some of details the library user don't really want to know much about. Also, change domain open function to be part of public api, as it is going to be used in ejsnet interface. Note, this is work in progress. Comments are welcome. rafal (This used to be commit 1ed80c594c2f466e364a11194d6fdc30ac4a8f27)
2007-10-10r15487: More comments and a few minor changes (not even fixes).Rafal Szczesniak1-13/+31
rafal (This used to be commit 12d0faf9bc4c97b61879e8f7bb0419f4553bb340)
2007-10-10r15459: Add forgotten guid retrieval among other data and thus preventRafal Szczesniak1-1/+4
from returning uninitialised structure member. Thank heavens for build farm and valgrind :) rafal (This used to be commit daca283990c7a8b6efc952c9308c43b68dd49f06)
2007-10-10r15439: Reorder the code a bit to be like in other calls. More commentsRafal Szczesniak1-142/+170
and comment-fixes. rafal (This used to be commit d35f1e07bed594dfae5421209c4318fe5e66a5aa)
2007-10-10r15435: Turn libnet_RpcConnectDCInfo into another level of libnet_RpcConnectRafal Szczesniak1-166/+272
and make it async. Also, update any other usages of old function. Build goes fine and so do tests, comments to follow. rafal (This used to be commit aef0a2de9d2f01a6f619e3fccc8715288f5c37a3)
2007-10-10r14591: More comments.Rafal Szczesniak1-1/+27
rafal (This used to be commit 44b89cd47a1eb635f09ef97e6a828c40962c2322)
2007-10-10r14568: Remove unused function.Rafal Szczesniak1-10/+0
rafal (This used to be commit 473d6c8e685a0c730c57534cfa079e465de9b233)
2007-10-10r14566: Remove unnecessary headers.Rafal Szczesniak1-3/+0
rafal (This used to be commit 1ba4245fcbe808b4537eff74792d1bc7b94108b9)
2007-10-10r14560: Finally! Start working on async libnet_RpcConnect and otherRafal Szczesniak1-57/+273
rpc-related calls. rafal (This used to be commit 860f9bcb1ef76ccee59187aa182d4fb765ef5ecd)
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-1/+0
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+1
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r12926: Syncronsise GUIDs on users and domains from the server. These alsoAndrew Bartlett1-0/+7
appear in DNS, so need to match. Andrew Bartlett (This used to be commit d092b0493d7c61112ef132c8fb259c15f189c5f6)
2007-10-10r12903: Factor out a new routine libnet_RpcConnectDCInfo, to both connect toAndrew Bartlett1-2/+189
the remote sever, and to query it for domain information. Provide and use this information in the SamSync/Vampire callbacks, to allow a parallel connection to LDAP, if we are talking to AD. This allows us to get at some important attributes not exposed in the old protocol. With this, we are able to do a all-GUI vampire of a AD domain from SWAT, including getting all the SIDs, servicePrincipalNames and the like correct. Andrew Bartlett (This used to be commit 918358cee0b4a1b2c9bc9e68d9d53428a634281e)
2007-10-10r12865: Upgrade the librpc and libnet code.Andrew Bartlett1-2/+2
In librpc, always try SMB level authentication, even if trying schannel, but allow fallback to anonymous. This should better function with servers that set restrict anonymous. There are too many parts of Samba that get, parse and modify the binding parameters. Avoid the extra work, and add a binding element to the struct dcerpc_pipe The libnet vampire code has been refactored, to reduce extra layers and to better conform with the standard argument pattern. Also, take advantage of the new libnet_Lookup code, so we don't require the silly 'password server' smb.conf parameter. To better support forcing traffic to be sealed for the vampire operation, the dcerpc_bind_auth() function now takes an auth level parameter. Andrew Bartlett (This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
2007-10-10r12858: This moves the libnet_LookupPdc code to use a GetDC request to findAndrew Bartlett1-11/+34
the remote server's name, or in the absence of a local nbt_server to communicate with (or without root access), a node status request. The result is that we are in a better position to use kerberos, as well as to remove the 'password server' mandatory parameter for the samsync and samdump commands. (I need this to put these into SWAT). The only problem I have is that I must create a messaging context, which requires a server ID. As a client process, I don't expect to get messages, but it is currently required for replies, so I generate a random() number. We probably need the servers to accept connections on streamed sockets too, for client-only tasks that want IRPC. Because I wanted to test this code, I have put the NET-API-* tests into our test scripts, to ensure they pass and keep passing. They are good frontends onto the libnet system, and I see no reason not to test them. In doing so the NET-API-RPCCONNECT test was simplified to take a binding string on the command line, removing duplicate code, and testing the combinations in the scripts instead. (I have done a bit of work on the list shares code in libnet_share.c to make it pass 'make test') In the future, I would like to extend the libcli/findds.c code (based off volker's winbind/wb_async_helpers.c, which is why it shows up a bit odd in the patch) to handle getting multiple name replies, sending a getdc request to each in turn. (posted to samba-technical for review, and I'll happily update with any comments) Andrew Bartlett (This used to be commit 7ccddfd3515fc2c0d6f447c768ccbf7a220c3380)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-5/+3
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r11815: A bit more comments and spaces for better readability.Rafal Szczesniak1-1/+10
rafal (This used to be commit 1e831aead17b399289b8161e521e1afd5873c556)
2007-10-10r11794: - fixed a valgrind error in libnet, caused by using a stack variableAndrew Tridgell1-3/+2
after the function has returned (the *address variable was assigned into the state). - changed libnet to use event_context_find() instead of event_context_init(), so it works as a child of existing code that uses a event context (This used to be commit 47ceb2d3558304b4c4fb00582fb25a885cea2ef5)
2007-10-10r10486: This is a merge of Brad Henry's 'net join' rework, to better performAndrew Bartlett1-2/+10
an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2007-10-10r8136: remove unused varStefan Metzmacher1-2/+0
metze (This used to be commit d75c97b8476357bee4d3ba5f8464193c8d296cdd)
2007-10-10r8098: Add my copyright and remove unecessary header dependency.Rafal Szczesniak1-2/+2
rafal (This used to be commit 88e7b9c2371383c469e2db73d4c8dca70aca7586)
2007-10-10r8096: Remove function that has became libnet_Lookup fuction.Rafal Szczesniak1-55/+0
rafal (This used to be commit 9885749e36435b301c992e50d0a189860cfa4b5e)
2007-10-10r8095: Fix compiler warning.Rafal Szczesniak1-1/+1
rafal (This used to be commit 6736ab102f60f8e14d10f430f3e5a0eef478bc81)
2007-10-10r8075: Make rpc connect function part of libnet api, as I suppose manyRafal Szczesniak1-31/+36
implementers of more complex function might need to use it. Also simplify io structure which essentially does the same thing when connecting arbitrary rpc server or a domain pdc. rafal (This used to be commit b28d2e96392e89e39f2499f54b6e549a8f3cfb4b)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell1-1/+1
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r7247: User shorter and more convenient name for credentials inRafal Szczesniak1-1/+2
libnet context. rafal (This used to be commit 702a4dd2dcb776e18acb294c87b8f460516d1383)
2007-10-10r6933: Add a couple of helper functions for creating nbt names.Tim Potter1-3/+1
(This used to be commit b896daf11c3efb1b3ca939575da9dab82b395777)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-1/+2
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij1-4/+1
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5924: Use cli_credentials in libnet/.Jelmer Vernooij1-3/+3
(This used to be commit e5bc6f4f1716568ae7022d61b5b35ee047b58414)
2007-10-10r5902: A rather large change...Andrew Bartlett1-6/+7
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5256: More verbose description of functions (as I learn the code).Rafal Szczesniak1-5/+49
rafal (This used to be commit 38ac6b8d570fa02bc32899521d42ba7237f77024)
2007-10-10r4891: - added a generic resolve_name() async interface in libcli/resolve/,Andrew Tridgell1-11/+16
which will eventually try all resolution methods setup in smb.conf - only resolution backend at the moment is bcast, which does a parallel broadcast to all configured network interfaces, and takes the first reply that comes in (this nicely demonstrates how to do parallel requests using the async APIs) - converted all the existing code to use the new resolve_name() api - removed all the old nmb code (yay!) (This used to be commit 239c310f255e43dd2d1c2433f666c9faaacbdce3)
2007-10-10r3478: split out some more pieces of includes.hAndrew Tridgell1-0/+1
(This used to be commit 8e9212ecfc61c509f686363d8ec412ce54bc1c8d)
2007-10-10r3443: the next stage in the include files re-organisation.Andrew Tridgell1-2/+2
I have created the include/system/ directory, which will contain the wrappers for the system includes for logical subsystems. So far I have created include/system/kerberos.h and include/system/network.h, which contain all the system includes for kerberos code and networking code. These are the included in subsystems that need kerberos or networking respectively. Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C file, instead each C module includes the include/system/XXX.h file for the logical system support it needs, and the details are kept isolated in include/system/ This patch also creates a "struct ipv4_addr" which replaces "struct in_addr" in our code. That avoids every C file needing to import all the system networking headers. (This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
2007-10-10r2346: fix some minor stuffStefan Metzmacher1-1/+1
metze (This used to be commit 56e21d0ce29b13808bbbd2a6c0464948886d317d)
2007-10-10r2061: - split libnet header filesStefan Metzmacher1-11/+41
- add LIB_RPC_CONNECT_STANDARD level which takes a server name and the PIPE NAME,UUID and VERSION metze (This used to be commit 6aeaa6aca39c8c2a9edf8d4b3e538bebb68070d7)
2007-10-10r1927: allow the domain to be a ip addressStefan Metzmacher1-0/+5
metze (This used to be commit d0e518e7d0edcf64a3d7173ff8d38f221db1ce6e)
2007-10-10r1925: now we lookup the domain controllerStefan Metzmacher1-9/+42
and fallback to a workstation name metze (This used to be commit 2012d90f268f69a3a4e5890a0f3615237853bd0b)
2007-10-10r1919: paasword change basicly works now:-)Stefan Metzmacher1-1/+33
but we need to find the real pdc for the users domain and fallback to other levels metze (This used to be commit f1b9c1f3dd0fb927c065541da900ae43e0018a62)
2007-10-10r1836: - as abartlet said to me, we need to contact the users domain pdcfor ↵Stefan Metzmacher1-0/+27
doing a password change - add start of libnet_SetPassword - use KRB5 and LDAP instead of ADS as ADS isn't a protocol - add start of lib_rpc_connect() metze (This used to be commit 05c40dca8ad1ab020aa75282da046f1dbce2a52a)