summaryrefslogtreecommitdiff
path: root/source4/librpc/ndr/ndr_sec.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7865: changed pidl to take a "const void *" instead of a "void *" for theAndrew Tridgell1-2/+2
structure in ndr_push_*() and ndr_print_*(). The push and print functions really should not modify the structure. metze, to make this work I had to change your spoolss hand marshaller. Can you please check it is OK? I think that the IN and OUT sides of that function are not ever called on the same structure, so I think that attempt at remembering the value by assigning to r->in._offered was not doing anything anyway, but please correct me if I have misunderstood it. If you really do need to remember something on those structures I'd suggest the ndr_token_store() and ndr_token_retrieve() functions, which are used by pidl for just this sort of thing. (This used to be commit eee528be97fa43ca53bdc5652b4d29a0a2caf563)
2007-10-10r6973: Merge new version of pidl into the main SAMBA_4_0 branch.Jelmer Vernooij1-2/+2
The main difference in this new version is the extra data structure generated between the IDL data structure and the NDR parser: IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc } This makes the ndr_parser.pm internals much more sane. Other changes include: - Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags. - Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc.. - Use if() {} rather then if () goto foo; everywhere - NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC - By default, top level pointers are now "ref" (as is the default in most other IDL compilers). This can be overridden using the default_pointer_top() property. - initial work on new ethereal parser generators by Alan DeKok and me - pidl now writes errors in the standard format used by compilers, which is parsable by most editors - ability to warn about the fact that pidl extension(s) have been used, useful for making sure IDL files work with other IDL compilers. oh, and there's probably some other things I can't think of right now.. (This used to be commit 13cf227615f6b9e0e5fa62e59197024410254f01)
2007-10-10r6287: sorted out a small but surprisingly tricky dependency problem with theAndrew Tridgell1-77/+0
ndr code for handling sids and security descriptors now that we have a sid in the nbt IDL (This used to be commit f8e77fcdeac704aed5e501aa9108f3ed0ab26ca4)
2007-10-10r6134: add a new type dom_sid28 which is a 28 byte fixed buffer with a ↵Stefan Metzmacher1-1/+65
dom_sid in it metze (This used to be commit 460d1b089e494efaeb0c8c7fd4601a9ef57123c5)
2007-10-10r5799: more DsGetNCChanges updates, I'm starting to understand it...Stefan Metzmacher1-0/+10
also add a really simple torture test for DsGetNCChanges metze (This used to be commit bcde67a7eff9ad82919e90fd64c02a17610c6f0e)
2007-10-10r5286: Some first steps in making the pidl code somewhat more generic for theJelmer Vernooij1-2/+2
various data types: Add ndr_flags argument to all ndr push/pull scalar functions (This used to be commit ab490c0c882bb13de190546c50a0631ecb8255ad)
2007-10-10r4772: fixed checking of the conformant size for dom_sid2Andrew Tridgell1-1/+7
(This used to be commit 0d31523aaed7a8995970dc9933a6a9d9b8536ee0)
2007-10-10r3810: create a LIB_SECURITY subsystemStefan Metzmacher1-15/+1
- move dom_sid, security_descriptor, security_* funtions to one place and rename some of them metze (This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
2007-10-10r3358: Try to put all the basic struct dom_sid manipulation functions in oneAndrew Bartlett1-57/+0
place. (I always have trouble finding one half or the other). Andrew Bartlett (This used to be commit 224b59edba7c00ad515b4c5e3e9a886700247ad4)
2007-10-10r1985: take advantage of the new talloc in a few more placesAndrew Tridgell1-1/+1
(This used to be commit 6ffdfd779936ce8c5ca49c5f444e8da2bbeee0a8)
2007-10-10r1770: here's the krb5 server code,Stefan Metzmacher1-0/+1
there're some cleanups needed and we need to verify the PAC correctly and create the auth_session_info correctly... metze (This used to be commit d8fe497097ee49611bb05c4a2fed36912d8e16b4)
2007-10-10r960: convert 'unsigned int' to uint_t in the most placesStefan Metzmacher1-1/+1
metze (This used to be commit 18062d2ed9fc9224c43143c10efbf2f6f1f5bbe0)
2007-10-10r884: convert samba4 to use [u]int32_t instead of [u]int32Stefan Metzmacher1-5/+5
metze (This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
2007-10-10r511: fix some const handlingAndrew Tridgell1-3/+3
(This used to be commit be94cc4032b23fd99823902ddcd1472a72314a88)
2004-01-11added dom_sid_string() functionAndrew Tridgell1-7/+15
(This used to be commit 399f95536bf64890284a51e4a2bbb7a15c91c3be)
2004-01-08This patch adds a better dcerpc server infastructure.Stefan Metzmacher1-27/+41
1.) We now register endpoint servers add startup via register_backend() and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context 2.) each endpoint server can register at context creation time as much interfaces as it wants (multiple interfaces on one endpoint are supported!) (NOTE: there's a difference between 'endpoint server' and 'endpoint'! for details look at rpc_server/dcesrv_server.h) 3.) one endpoint can have a security descriptor registered to it self this will be checked in the future when a client wants to connect to an smb pipe endpoint. 4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module it takes this options in the [globals] section: dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper dcerpc remote:binding = ... dcerpc remote:user = ... dcerpc remote:password = ... 5.) we currently have tree endpoint servers: epmapper, rpcecho and remote the default for the 'dcerpc endpiont servers = epmapper, rpcecho' for testing you can also do dcerpc endpoint servers = rpcecho, remote, epmapper dcerpc remote:interfaces = srvsvc, samr, netlogon 6,) please notice the the epmapper now only returns NO_ENTRIES (but I think we'll find a solution for this too:-) 7.) also there're some other stuff left, but step by step :-) This patch also includes updates for the register_subsystem() , ntvfs_init(), and some other funtions to check for duplicate subsystem registration metze (hmmm, my first large commit...I hope it works as supposed :-) (This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2003-12-19fixed the AddAliasMem test codeAndrew Tridgell1-0/+23
(This used to be commit abe7ffcece5fcb75b0cf5633dd5871fa3e3c1723)
2003-11-22a fairly major upgrade to the dcerpc systemAndrew Tridgell1-0/+50
* added a NDR validator. The way it works is that when the DCERPC_DEBUG_VALIDATE_* flags are set the dcerpc system will perform NDR buffer validation. On sending a request the packet is first marshalled, then unmarahslled, then marshalled again, and it is confirmed that the two marshalling results are idential. This ensures that our pull and push routines are absolutely in sync, so that we can be very confident that if a routine works in the client then the corresponding routine must work on the server side. A similar validation is performed on all replies. * a result of this change is that pidl is fussier about the [ref] tag. You can only use it on pointers (which is the only place it makes sense) * fixed a basic alignment bug in the push side of the NDR code * added server side pull/push support. Our dcerpc system is now fully ready to be used on the server side. * fixed the relative offset pointer list. It must be traversed in reverse order on push * added automatic value setting for the size parameter in outgoing SdBuf structures. * expanded the ndr debugging code to always give a message on any failure * fixed the subcontext push code * fixed some memory leaks in smbtorture RPC tests (This used to be commit 8ecf720206a2eef3f8ea7cbdb1f460664a5dba9a)
2003-11-17security descriptors are no longer a "special" type, they are handledAndrew Tridgell1-345/+9
using the [relative] property this also fixes level3 of PrinterInfo (a relative secdesc) (This used to be commit d5a15257fdd5f6cfe2706765a7c29f623ec1c6f8)
2003-11-16use the "subcontext" magic flag for sec_desc_bufAndrew Tridgell1-49/+0
(This used to be commit 05ed2f6dc986111ce448123c91380f9340799ecc)
2003-11-15added lsa_QuerySecObj() and the necessary sec_desc_buf supporting codeAndrew Tridgell1-2/+109
also adding printing of security descriptors (This used to be commit 1f93cbc1d597b973ab1a5005ede093c1bcefff87)
2003-11-14* added levels 4, 200 and 300 to NetDfsEnum. 200 and 300 don't workAndrew Tridgell1-2/+2
properly, I'm still investigating that. * changed dcerpc fault status code to NT_STATUS_NETWORK_WRITE_FAULT, which I think is a better mapping (This used to be commit 9ad28f6ddbb777de7cac11e71c392b508c81b741)
2003-11-11added 9 more info levels to lsa_QueryInfoPolicyAndrew Tridgell1-6/+5
(This used to be commit b2ced24fc0be4944dd96f160e435f4c6773debcd)
2003-11-11automatically generate ndr_print_*() functions for every IDLAndrew Tridgell1-0/+53
structure. This allows easy debug and test tool writing without having to write functions that print every element of complex structures. (This used to be commit 81d6181172e36c6fbae0907550a29511ce708574)
2003-11-08- corrected some lsa idlAndrew Tridgell1-9/+16
- updated lsa parse code from pidl (This used to be commit 3983b2aee77b0e093847bfc02e02b83ab281f5dd)
2003-11-06another major bit of restructuring of rpc in Samba4. Mostly movingAndrew Tridgell1-0/+309
files around, but also added the first bits of auto-generated code for the lsa pipe. I haven't updated the Makefile to call pidl yet, so for now the code was cut-and-pasted into librpc/ndr/ndr_lsa.c manually (This used to be commit 6b222d3b6541ee74cf8bf3f0913cd444903ca991)