Age | Commit message (Collapse) | Author | Files | Lines |
|
- completed the IDL and test code for the various set user password
mechanisms in samr. Three password mechanisms are now working, the
UserInfo24 method, the OemChangePasswordUser2() method (which only
sets the LM password) and the ChangePasswordUser2() method which sets
both the LM and NT passwords.
- updated some crypto routines to support the password change tests
(This used to be commit 051efa2abf9d1fbbf783df411c02f2714027f813)
|
|
(This used to be commit b10127800a3101769241abf42ed76cbddf71a5fa)
|
|
delete group levels of Deltas
also reworked the Deltas IDL to use an enum to make it a little clearer
(This used to be commit cabf93f8c8f5ad0f6f348e0f7e206b952690995c)
|
|
samr_AddMultipleMembersToAlias(),
samr_RemoveMultipleMembersFromAlias(), samr_OemChangePasswordUser2(),
and samr_ChangePasswordUser2()
The password change functions don't actually work yet (but should
soon). At this stage I have just completed the IDL for them. Next step
is to get the hash verifiers right and the torture test should be able
to do password changes.
(This used to be commit 849d0d314a2add80f2b2be6b503fea05973f998e)
|
|
samr_QueryUserInfo2(), samr_QueryDisplayInfo2() and
samr_GetDisplayEnumerationIndex2()
(This used to be commit fddda52500d482bde79994c14a0a822a1d305ac3)
|
|
samr_GetDisplayEnumerationIndex(), samr_TestPrivateFunctionsDomain(),
samr_TestPrivateFunctionsUser() and samr_RemoveMemberFromForeignDomain()
(This used to be commit 53c66708874f9f8e7868530cd2a780160e2eca01)
|
|
(This used to be commit 747351140b839879abe1a79a005d81ca4b35a658)
|
|
(This used to be commit 0b8203306d9eb61aaec9549d56c40831fcd091c3)
|
|
(This used to be commit fe1fc81ba76515b79069881d2d62f60201314d04)
|
|
test code
(This used to be commit 46185a71ba0e06544cacf117654e4dbf39385378)
|
|
(This used to be commit 9f12fb39dbac886582d0ccce418491522c042fe6)
|
|
(This used to be commit 02ddf78e5563b15cb45ae4bc6234469be0dc0210)
|
|
(This used to be commit 0a67057e9626c1539f964e978537e24544784263)
|
|
(This used to be commit 1d8a6d762aa4dab54bb58959cb1e7957a76e5b6e)
|
|
(This used to be commit 117a82ada32919a91f3bba9c00236fc0112b230c)
|
|
- Start with the LDB backend
- The API is now more windows-like, which should make it easier to use
in rpc_server
- Added a GTK+ front-end
- Added some more IDL
More updates will follow, especially in the RPC field..
(This used to be commit 3adffa021779b26047a20f16a3c0b53d74751560)
|
|
this required some crypto infrastructure and some sid utilities
(This used to be commit 37d0efa9c2af8532536bea88412f0dd3ed39ecfc)
|
|
(This used to be commit 1396db85372af1824592ef66f963603e3f35803c)
|
|
(This used to be commit 9f13b7c60cc7e6edd095eee96625ee02cd0dd73b)
|
|
(This used to be commit 11717ae912449bde596ff6cf7d8fddcc86548f15)
|
|
(This used to be commit 98224f5436695eb265f5d997cf4bc9cf735a4fb9)
|
|
(This used to be commit dd95cd141dc63f16e14f4c9392529653084b5a2a)
|
|
(This used to be commit 4de08b64ddb3851e90a8dadd7d0d0991e933abf5)
|
|
(This used to be commit cdb47511531cb8ef19334088eecb14971e189a4f)
|
|
also tested lsa_Delete() to delete the newly created account
(This used to be commit c4d5d0e9eba6b564e2ce6885d66d644b6612d721)
|
|
and schannel are both instances of possible security modules
- added schannel sign and sign/seal support to the dcerpc client
code. You select it with binding options of "schannel,sign" or
"schannel,seal".
(This used to be commit 05db0b9d942cad8f1dd574dc35b759e5e79d4195)
|
|
(This used to be commit 1f89d89954a3501e08efa97d1276ba9bb2d2305f)
|
|
(This used to be commit 59557a557df6e61af4f01534489691416398fb26)
|
|
we needed to adjust the alignment of [relative] buffers for this to
work. I wonder if they are always 4 byte aligned?
(This used to be commit 9cd0a0b8b976e62c6da71b7e55cba5b38483620d)
|
|
(This used to be commit f740b02ac36780740700909da2bcdf672cb146cb)
|
|
(This used to be commit 691f9c1c4448fb54846fcfffeca43601bcd44138)
|
|
(This used to be commit 1056618b6a70b32fc17a8290f3efa3334fa1b049)
|
|
uint32 followed by a GUID. I needed to fix this to support running in
mixed-mode rpc (where smbtorture is bigendian and w2k3 is
little-endian). Otherwise when you send back a policy handle the
server doesn't recognise it.
(This used to be commit 9b1c76a8e9e953e051072441f8938ee17a674d35)
|
|
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.
In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.
I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.
The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
(This used to be commit bb1af644a5a7b188290ce36232f255da0e5d66d2)
|
|
strangely, the output doesn't seem to contain an info level. Some
programmer stuffed up the IDL :)
(This used to be commit a39ee5d00341e1dbde0b38474ba4d5e980e74538)
|
|
for the server rpc boilerplate to correctly generate for multiple
interfaces on an endpoint
(This used to be commit 56143689ecf623e8a6ef5c453e6ad1ca9404411c)
|
|
pipe.
The server side code gets generated as librpc/gen_ndr/ndr_NAME_s.c and
gets included in the pipe module
(This used to be commit bd3dcfe5820489a838e19b244266bd9126af5eb4)
|
|
(This used to be commit f5df126c254bcb96dfb42096d7247215c7e7a89a)
|
|
server endpoints. We can now successfully setup listening endpoints on
high ports, then use our endpoint mapper redirect incoming clients to
the right port.
also greatly cleanup the rpc over tcp session handling.
(This used to be commit 593bc29bbe0e46d356d001160e8a3332a88f2fa8)
|
|
needs quite a bit more work to get it finished. The biggest missing
feature is the lack of NTLMSSP which is needed for basic
authentication over tcp
(This used to be commit 9fb0f0369356909c99389e2cbc525be27c08793c)
|
|
for some reason the epm_Lookup replies can't be parsed by ethereal,
although w2k parses then fine as does the Samba4 NDR code.
(This used to be commit 097e7ca99d947932df5674c36e628ca6b8f31d3a)
|
|
the RPC-EPMAPPER torture test now passes
(This used to be commit fbdcf9ef548aefb1233cbb22a60bff3eacba996f)
|
|
implements the epm_Lookup() call, I'll add the other important calls
soon. I was rather pleased to find that epm_Lookup() worked first
time, which is particularly surprising given its complexity.
This required quite a bit of new infrastructure:
* a generic way of handling dcerpc policy handles in the rpc server
* added type checked varients of talloc. These are much less error
prone. I'd like to move to using these for nearly all uses of
talloc.
* added more dcerpc fault handling code, and translation from
NTSTATUS to a dcerpc fault code
* added data_blob_talloc_zero() for allocating an initially zero
blob
* added a endpoint enumeration hook in the dcerpc endpoint server
operations
(This used to be commit 3f85f9b782dc17417baf1ca557fcae22f5b6a83a)
|
|
for EnumKey and EnumValue.
(This used to be commit 817a2fe2e5824e6bb9547697d27c66c0c8356181)
|
|
(This used to be commit cc494086e796c0090a92ac36012727c67e3587d1)
|
|
(This used to be commit 6e7c50bcd9929b6b1400b3155f55e6c9a4a730b3)
|
|
don't cause fragmented pdus (I'll add fragments shortly)
* change data_blob_talloc() to not zero memory when the 2nd argument
is NULL. The zeroing just masks bugs, and can't even allow a DOS
attack
* modified pidl to ensure that [ref] arguments to the out side of
functions are allocated when parsing the in side. This allows rpc
backends to assume that [ref] variables are all setup. Doesn't work
correctly for [ref] arrays yet
* changed DLIST_ADD_END() to take the type instead of a tmp
variable. This means you don't need to declare a silly tmp variable in
the caller
(This used to be commit 46e0a358198eeb9af1907ee2a29025d3ab23b6d1)
|
|
makes pidl about 3x faster, and also gives us much better error
reporting and a more standard grammer definition that will be much
easier to code in lex/yacc if we want to do so at a later
date. (Parse::Yapp uses essentially the same grammer file as lex/yacc)
It also means we no longer need Parse::RecDescent, which should make
pidl much more portable.
(This used to be commit 4bbaffeb44dca99ad8c0245beb1fddbe01557215)
|
|
(This used to be commit 5f1cdc4839a1ba0b18bcd4525847f9c284d181ca)
|
|
(This used to be commit 718ee8bccc2357ffa7ea7cdec1bda6103e0fa24f)
|