Age | Commit message (Collapse) | Author | Files | Lines |
|
the Samba4 'net samdump'.
Andrew Bartlett
(This used to be commit b7eeea53b2f0e7b3a25a739e6b4774e2505735d3)
|
|
the decryption seperate to the callback functions.
Andrew Bartlett
(This used to be commit 4209f813add258bf7d805494fc0220696880a0b0)
|
|
(This used to be commit 14510a0ce9edeabbff99c234fd6fee8e2635a805)
|
|
rafal
(This used to be commit a784c46dd40ee2ea00fb67caeb358e76cdc0712f)
|
|
rafal
(This used to be commit b3fce5b94be2f9491a53673b1baecf0c8fe5b7c4)
|
|
(This used to be commit 7417f6fa8be637ccf04f8608e67174d6d5624662)
|
|
any possibility to pass such pointer from calling function... :)
rafal
(This used to be commit 08a8878436f3ba21666f43e9abafb27055a02e8a)
|
|
composite call.
rafal
(This used to be commit 227c9fb45bdba5ac795ee14f7e51ccaa18a2a0e1)
|
|
callback interface, so we can start dumping into more than just stdout
soon.
Also use the enums instead of uint32 where possible and valid.
Andrew Bartlett
(This used to be commit f0c67a4a24dbd7fc32fc864d61a21eeee587178e)
|
|
This brings in a compatability layer for Samba3 in Samba4 - where we
will start to define file formats and similar details.
The 'net samdump' command uses 'password server = ' for now, and
performs a similar task to Samba3's 'net rpc samsync'.
Andrew Bartlett
(This used to be commit 550f17f9924fe783917318753de7d1a388423908)
|
|
Andrew Bartlett
(This used to be commit 7c8a0d86d4c486198ed2cf52fad2a878ed635c8b)
|
|
a host and connect to its services prior to doing administrative tasks
via rpc calls.
rafal
(This used to be commit 84f5836d9012fb66c8aa5706a57af575711693cf)
|
|
rafal
(This used to be commit 96c3838d51c71318fdda3d1691552eba1feafb7d)
|
|
rafal
(This used to be commit de3409d6e5f7d199654e0511ed61a4b0808bf48d)
|
|
rafal
(This used to be commit 25dd10cedb7247ec90dface59df8704c97e667b8)
|
|
gets deleted.
rafal
(This used to be commit f78d1e4b35c7cb3d983da0bcb2717627b787d9f9)
|
|
want it to hang around not commited.
rafal
(This used to be commit 98d98b9bc7437e744e1e730fa8005b43fb1b672b)
|
|
rafal
(This used to be commit d40a6703f5b1987c08cf47f83ca0079dfcb4b151)
|
|
rafal
(This used to be commit ebf151ca6e740fb7939161de14a0adfc47f80010)
|
|
rafal
(This used to be commit c40e754700ff4068569ed2d3f8a8117d5d2f281c)
|
|
rafal
(This used to be commit 7f3aafca07126f2c42670041020b2b7dfb17fa5f)
|
|
- talloc should always be done in the right context. For example, when creating
the userinfo_state structure, place it inside the composite
structure, not directly on the pipe. If this isn't done then
correct cleanup can't happen on errors (as cleanup destroys the top
level composite context only)
- define private structures like userinfo_state in the userinfo.c
code, not in the public header
- only keep the parameters we need in the state structure. For
example, the domain_handle is only needed in the first call, so we
don't need to keep it around in the state structure, but the level is
needed in later calls, so we need to keep it
- always initialise [out,ref] parameters in RPC calls. The [ref] part
means that the call assumes the pointer it has been given is
valid. If you don't initialise it then you will get a segv on
recv. This is why the code was dying.
- don't use internal strucrure elements like the pipe
pipe->conn->pending outside of the internal rpc implementation. That
is an internal list, trying to use it from external code will cause crashes.
- rpc calls assume that rpc call strucrures remain valid for the
duration of the call. This means you need to keep the structures
(such as "struct samr_Close") in the userinfo_state strucrure,
otherwise it will go out of scope during the async processing
- need to remember to change c->state to SMBCLI_REQUEST_DONE when the
request has finished in the close handler, otherwise it will loop
forever trying to close
Mimir, please look at the diff carefully for more detailed info on the fixes
(This used to be commit 01ea1e7762e214e87e74d6f28d6efeb6cdea9736)
|
|
rafal
(This used to be commit 01cbed98b32c2050a665aec51a99288e4afb29c1)
|
|
secrets system, and not the old system from Samba3.
This allowed the code from auth_domain to be shared - we now only
lookup the secrets.ldb in lib/credentials.c.
In order to link the resultant binary, samdb_search() has been moved
from deep inside rpc_server into lib/gendb.c, along with the existing
gendb_search_v(). The vast majority of this patch is the simple
rename that followed,
(Depending on the whole SAMDB for just this function seemed pointless,
and brought in futher dependencies, such as smbencrypt.c).
Andrew Bartlett
(This used to be commit e13c671619bd290a8b3cae8555cb281a9a185ee0)
|
|
This adds the auth_domain module to the auth subsystem, and cleans up
some small details around the join process (ensuring all the right
info is in the DB).
Andrew Bartlett
(This used to be commit 858cbfb8210239aa85a01da95e5beb9546a998a5)
|
|
metze needs a working tree...
The main volume of this patch was what I started working on today:
- Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context.
- Uses sepereate inner loops for some of the DCE/RPC tests
The other and more important part of this patch fixes issues
surrounding the new credentials framwork:
This makes the struct cli_credentials always a talloc() structure,
rather than on the stack. Parts of the cli_credentials code already
assumed this.
There were other issues, particularly in the DCERPC over SMB handling,
as well as little things that had to be tidied up before test_w2k3.sh
would start to pass.
Andrew Bartlett
(This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
|
|
- gtk+ (returned by GtkHostBindingDialog as well now)
- torture/
- librpc/
- lib/com/dcom/
(This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
|
|
(This used to be commit e5bc6f4f1716568ae7022d61b5b35ee047b58414)
|
|
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
|
|
uses for trusted domain records) in the secrets join records.
Andrew Bartlett
(This used to be commit a6c502832c4ef471bd423b795f210abf3bb96ca5)
|
|
used to be)
Add oxid mapping table support in DCOM
(This used to be commit e193555f0eec2dda8c8760e9668181200fef0a1e)
|
|
metze
(This used to be commit bb2622a0c94127a31855adc41d90289219a1ddd7)
|
|
rafal
(This used to be commit ec177c92266713e9a486e536c2d81af4eaa2425e)
|
|
changes:
- ldb_wrap disappears from code and become a private structure of db_wrap.c
thanks to our move to talloc in ldb code, we do not need to expose it anymore
- removal of ldb_close() function form the code
thanks to our move to talloc in ldb code, we do not need it anymore
use talloc_free() to close and free an ldb database
- some minor updates to ldb modules code to cope with the change and fix some
bugs I found out during the process
(This used to be commit d58be9e74b786a11a57e89df36081d55730dfe0a)
|
|
rafal
(This used to be commit e5daf6911b49cd4aa0bff050fe8c559d6604859e)
|
|
rafal
(This used to be commit bfb4dfaa8c039378b4c29f130cbcdc89eac951b9)
|
|
It does only compile. Completely untested yet, so almost certainly
broken, but I don't want it to lay on my laptop only.
rafal
(This used to be commit dcab843da35f5dd2ffc694922ee762b3c36dbd35)
|
|
It doesn't do anything useful yet, but at least doesn't break
the build.
rafal
(This used to be commit b9dbf17366f543194f420e7e3c56c8086fb7bf1d)
|
|
rafal
(This used to be commit c5fdc38b176acc70bfc163fbf1e6cf4ef67197f5)
|
|
(This used to be commit 6749b9404d4e9876ecd964e038c608f05d2c0b69)
|
|
less likely that anyone will use pstring for new code
- got rid of winbind_client.h from includes.h. This one triggered a
huge change, as winbind_client.h was including system/filesys.h and
defining the old uint32 and uint16 types, as well as its own
pstring and fstring.
(This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
|
|
rafal
(This used to be commit 38ac6b8d570fa02bc32899521d42ba7237f77024)
|
|
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
|
|
rafal
(This used to be commit 97d40f1603eeed1b5ff3f2c7d668858fef20f130)
|
|
which will eventually try all resolution methods setup in smb.conf
- only resolution backend at the moment is bcast, which does a
parallel broadcast to all configured network interfaces, and takes
the first reply that comes in (this nicely demonstrates how to do
parallel requests using the async APIs)
- converted all the existing code to use the new resolve_name() api
- removed all the old nmb code (yay!)
(This used to be commit 239c310f255e43dd2d1c2433f666c9faaacbdce3)
|
|
Like Samba3, the storage of the primary domain password is keyed off
the domain name, so we can join multiple domains, and just swap
'workgroup =' around.
Andrew Bartlett
(This used to be commit 54a231780e028c6433cac296f2fbc64e39632dfd)
|
|
Andrew Bartlett
(This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
|
|
RPC client libs, and to make the fallback between the various SAMR
levels easier to manage.
I'm starting to enjoy the structure that libnet has actually, and I'm
about to build 'net join' on that basis (and I didn't want to have to
duplicate the password set code).
Andrew Bartlett
(This used to be commit f1dd179a50d2c9c81b90a621459c93b0d60e2609)
|
|
metze
(This used to be commit 0c6d4246a45f649e7373606f12db74c2acd0f538)
|
|
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and
SEC_RIGHTS_FULL_CONTROL, which are just other names for
SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names
match the new naming conventions in security.idl
Also added names for the generic->specific mappings for files are
directories
(This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
|