Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
(This used to be commit 2de544181ec75da63fdcd5ecdde9e6a533603a38)
|
|
generate a separate *_send() async function for every RPC call, and
there is a single dcerpc_ndr_request_recv() call that processes the
receive side of any rpc call. The caller can use
dcerpc_event_context() to get a pointer to the event context for the
pipe so that events can be waited for asynchronously.
The only part that remains synchronous is the initial bind
calls. These could also be made async if necessary, although I suspect
most applications won't need them to be.
(This used to be commit f5d004d8eb8c76c03342cace1976b27266cfa1f0)
|
|
--enable-developer warning for when they are missing.
Andrew Bartlett
(This used to be commit 8115e44d47bcd65edba08d10117180ae508cdbc1)
|
|
(This used to be commit 6ffdfd779936ce8c5ca49c5f444e8da2bbeee0a8)
|
|
This version does the following:
1) talloc_free(), talloc_realloc() and talloc_steal() lose their
(redundent) first arguments
2) you can use _any_ talloc pointer as a talloc context to allocate
more memory. This allows you to create complex data structures
where the top level structure is the logical parent of the next
level down, and those are the parents of the level below
that. Then destroy either the lot with a single talloc_free() or
destroy any sub-part with a talloc_free() of that part
3) you can name any pointer. Use talloc_named() which is just like
talloc() but takes the printf style name argument as well as the
parent context and the size.
The whole thing ends up being a very simple piece of code, although
some of the pointer walking gets hairy.
So far, I'm just using the new talloc() like the old one. The next
step is to actually take advantage of the new interface
properly. Expect some new commits soon that simplify some common
coding styles in samba4 by using the new talloc().
(This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
|
|
in pidl. This mechanism should be much easier to extend to the
"retrospective subcontexts" that jelmer needs.
also produced more standards complient full-pointer offsets. This
keeps ethereal happy with decoding our epmapper frames.
(This used to be commit ecb7378bbcd86727aedfa04a9e302e06b0a2ccd9)
|
|
like normal pointers in most cases. This means we can now support
relative pointers to unions, builtin types etc, whereas we could only
previously support relative pointers to structures.
metze needs this for the PAC decoding.
(This used to be commit 0d063725e12f51375b7d0be55a19072a9a54e7e6)
|
|
simpler. This doesn't appear to hurt any of the existing uses of
[relative], but fixes its use for svcctl that jelmer is working on.
(This used to be commit 573f56a44785526d15c0179c5bbdab4c8b9461f1)
|
|
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
|
|
which the offset applies to. In an array of structures containing
relative members, the offset applies to the start of the array element
being marshalled. Previously, there was no way to access the relevant
structure start as by the time we have hit buffers, the head of the
offset list will be the last structure being marshalled.
Interestingly enough, this makes relstrs go away. I think we thought
they were a special case in samba 3 but it turns out they are just
regular relative elements in the idl. This makes spoolss a lot simpler
than I thought it would be.
I've run the samr and lsa tests and this doesn't seem to break anything.
It looks like security descriptors are the only structures that contain
relative members.
Oh yeah, this will probably require a 'make clean && make' otherwise you
will get bizzare errors.
(This used to be commit d379dcdfd5f41e7cf7668354c3011b8ace190953)
|
|
structures.
(This used to be commit 6a39b17f6d8776ae695dc5c6caa0990ab2733e3c)
|
|
coding errors
(This used to be commit f0940f19129f0f2eccc3bb5130b8d2dd0b60f83f)
|
|
- added server side support for schannel type 23. This allows WinXP to establish a schannel connection
to Samba4 as an ADS DC
- added client side support for schannel type 23, but disabled it as currently the client
code has now way of getting the fully qualified domain name (which is needed)
- report dcerpc faults in the server code in the log
(This used to be commit 55e0b014fe14ca8811b55887208a1c3147ddb0d2)
|
|
metze
(This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
(This used to be commit 10844cf925d6a8164191a6dbbcaacc7bf8179933)
|
|
e.g.
ncacn_np:myserver:[samr,sign,print]
will now enable the packet debugging
and the debugging is not bound anymore to the debuglevel >= 2
in the torture tests
- also the dcesrv_remote module now supports debugging of the packets
use the 'dcerpc_remote:binding' smb.conf parameter.
metze
(This used to be commit 40abf3c584efed7f977ddd688ea064540e5a5b13)
|
|
we needed to adjust the alignment of [relative] buffers for this to
work. I wonder if they are always 4 byte aligned?
(This used to be commit 9cd0a0b8b976e62c6da71b7e55cba5b38483620d)
|
|
don't cause fragmented pdus (I'll add fragments shortly)
* change data_blob_talloc() to not zero memory when the 2nd argument
is NULL. The zeroing just masks bugs, and can't even allow a DOS
attack
* modified pidl to ensure that [ref] arguments to the out side of
functions are allocated when parsing the in side. This allows rpc
backends to assume that [ref] variables are all setup. Doesn't work
correctly for [ref] arrays yet
* changed DLIST_ADD_END() to take the type instead of a tmp
variable. This means you don't need to declare a silly tmp variable in
the caller
(This used to be commit 46e0a358198eeb9af1907ee2a29025d3ab23b6d1)
|
|
places that need to be edited when someone adds a new IDL file.
(This used to be commit ccd9ddeed679baa6cbb05ac728b381b50420e00f)
|
|
* moved ntlmssp code into libcli/auth/, and updated to latest ntlmssp
code from samba3 (thanks Andrew! the new interface is great)
* added signing/ntlmssp support in the dcerpc code
* added a dcerpc_auth.c module for the various dcerpc auth mechanisms
(This used to be commit c18c9b5585a3e5f7868562820c14f7cb529cdbcd)
|
|
test suite. The test suite dumps all of the interfaces available on
all pipes. There sure are a lot more interfaces on w2k3 than w2k !
(This used to be commit f94bc079902d725b63155d8d2de5bf408c6e7335)
|
|
according to the current IDL taking the data from a file. In
combination with a little hack to ethereal to extract data this is a
quite powerful IDL development tool.
(This used to be commit 229a325c3cf0d4dc1e910ed32e1d7391040aeba1)
|
|
I have recoded the core dcerpc packet structures (all the PDUs etc) in
terms of IDL, which means we now use pidl to generate all the code for
handling the most basic dcerpc packets. This is not normally possible
as it isn't completely valid NDR, but pidl has a number of extensions
that make it quite easy.
This also means we get the server side dcerpc
marshalling/unmarshalling code for free.
(This used to be commit 92bcad02587c3c1b31b523ee9fa46658a6cef9ff)
|
|
* fixed nested relative offsets in push functions
the spoolss torture test now passes!
(This used to be commit 60ced76160e4f4e2b511ebbeec31130c8ebcdd22)
|
|
* don't consider not doing lsa_QueryInfoPolicy level 11 a failure
(w2k3 doesn't have this level, w2k does)
* on a NDR validation failure dump the failed data at level 3
(This used to be commit 9d5078962f0f8aef3360dea4c4774cf8de1fdc26)
|
|
* added a NDR validator. The way it works is that when the
DCERPC_DEBUG_VALIDATE_* flags are set the dcerpc system will
perform NDR buffer validation. On sending a request the packet is
first marshalled, then unmarahslled, then marshalled again, and it is
confirmed that the two marshalling results are idential. This
ensures that our pull and push routines are absolutely in sync, so
that we can be very confident that if a routine works in the client
then the corresponding routine must work on the server side. A
similar validation is performed on all replies.
* a result of this change is that pidl is fussier about the [ref]
tag. You can only use it on pointers (which is the only place it
makes sense)
* fixed a basic alignment bug in the push side of the NDR code
* added server side pull/push support. Our dcerpc system is now fully
ready to be used on the server side.
* fixed the relative offset pointer list. It must be traversed in
reverse order on push
* added automatic value setting for the size parameter in outgoing
SdBuf structures.
* expanded the ndr debugging code to always give a message on any
failure
* fixed the subcontext push code
* fixed some memory leaks in smbtorture RPC tests
(This used to be commit 8ecf720206a2eef3f8ea7cbdb1f460664a5dba9a)
|
|
(This used to be commit 4022e710755a61a3439f739a78fa6965b9b7788e)
|
|
interface. We now support an arbitrary set of flags to each parser,
and these can be used to control the string types. I have provided
some common IDL string types in librpc/idl/idl_types.h which needs to
be included in every IDL file.
* added IDL for the endpoint mapper. Added a test suite that enumerates
all endpoints on the server.
(This used to be commit d2665f36a75b482ff82733f72ffac938c2acf87a)
|
|
(This used to be commit 63b9d2803c9e5b44680a72b127f6a58eb44a3c60)
|
|
debug level 2 or above. This is more useful for checking that
something hasn't broken without swamping yourself with output.
(This used to be commit 53ff3a572a23c2f45c5d503255bc6b535ca99134)
|
|
(This used to be commit f8397cbc8554b721093b8ae6ac6fb26d0ee9a7cf)
|
|
alignment correctly for unions that have non-uint16 discriminants
fixed the union handling in srvsvc.idl. (metze, please take a look at
the changes, your IDL did match what was one the wire in most cases,
but isn't the way IDL is usually coded)
(This used to be commit 7b5d0287298e8505e0ec7b22d75d9f9a8a610031)
|
|
* use the top-level function argument printing to show more detail in
RPC-* tests
(This used to be commit 33bb8785625b1845750f28f2d810e7096afe9f8e)
|
|
(This used to be commit a5140985d8f57695b4165c72af217092da6fae5f)
|
|
GetPrinter with all info levels on each printer
(This used to be commit 136b3cfc0460315e924c3d9c8328c1850fc21fba)
|
|
this also handles the return of several printers (an array of relative
subcontexts)
(This used to be commit 060421c7dc9aa611fe4160843a4f76498ab16bf4)
|
|
fully
(This used to be commit 69c6017c945bdd7d1945f22fcad49112ba6a2d2d)
|
|
number of "magic" add-ons to IDL to make it less painful, hopefully
this will make IDL generation useful for horrible systems like spoolss
(This used to be commit e18dba7d5a957ef82e8f91733a0bf95d579dcd7a)
|
|
(This used to be commit 05ed2f6dc986111ce448123c91380f9340799ecc)
|
|
also adding printing of security descriptors
(This used to be commit 1f93cbc1d597b973ab1a5005ede093c1bcefff87)
|
|
(This used to be commit f32641f73f7ff12b797378b3b533603ff1d526b5)
|
|
* expanded the rpcecho test
* started adding the NETDFS pipe
(This used to be commit 095ab42cbdd5c1c5ab753e2eb275742ba822c8b9)
|
|
constant sized array of size 1 at the end?
(This used to be commit 2cc354bd82456cb5598eb4acb40a5ada1459d08d)
|
|
(This used to be commit e81040a902f67fd10ca1f9c9ca1c22bc95e36005)
|
|
structure. This allows easy debug and test tool writing without having
to write functions that print every element of complex structures.
(This used to be commit 81d6181172e36c6fbae0907550a29511ce708574)
|
|
(This used to be commit 1b7a7bc4641e4f0e604bc20699c094fa5f49315d)
|
|
(This used to be commit afa1ff5f08fceba3d34b4e0965fe7e0c0143ede9)
|
|
- updated lsa parse code from pidl
(This used to be commit 3983b2aee77b0e093847bfc02e02b83ab281f5dd)
|
|
files around, but also added the first bits of auto-generated code for
the lsa pipe.
I haven't updated the Makefile to call pidl yet, so for now the code
was cut-and-pasted into librpc/ndr/ndr_lsa.c manually
(This used to be commit 6b222d3b6541ee74cf8bf3f0913cd444903ca991)
|