Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
metze
|
|
|
|
Also ignore auth trailers in level connect on receive.
This fixes [krb5,connect] against windows.
TODO: maybe the gensec mech need to decide if signatures
are needed in level connect.
metze
(This used to be commit eca0502b8620f2110a303b84def4f0bf48cc4ea5)
|
|
metze
(This used to be commit 50eb0e726405580dc5ca3a8a3b15f3bd674f722a)
|
|
You can trigger it like this:
ncacn_ip_tcp:172.31.9.234[sign,hdrsign]
or
ncacn_ip_tcp:172.31.9.234[seal,hdrsign]
metze
(This used to be commit 54f1fca582b1474693b5ee11b7b847086d27f75f)
|
|
metze
(This used to be commit 60b3523da485d845b1d930d990688d8434d39ef3)
|
|
the code.
Make sure we pass around the event_context where we need it instead.
All test but a few python ones fail. Jelmer promised to fix them.
(This used to be commit 3045d391626fba169aa26be52174883e18d323e9)
|
|
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
|
|
(This used to be commit a1280252ce924df69d911e597b7f65d8038abef9)
|
|
library, so it can be overridden by OpenChange.
(This used to be commit 2f29f80e07adef1f020173f2cd6d947d0ef505ce)
|
|
(This used to be commit 28b1d36551b75241c1cf9fca5d74f45a6dc884ab)
|
|
(This used to be commit 7352206f4450fdf881b95bda064cedd9d2477e4c)
|
|
(This used to be commit 700887c7f1b874682a71daec2741b0329cded53c)
|
|
dcerpc_server_name()
(This used to be commit c5196831d5fc6190a54e2f684ff506bc243b8dae)
|
|
(This used to be commit 6cbce47a3eaef76a89db7cd0ab0d4f6441fc720d)
|
|
lib/messaging/
lib/registry/
lib/ldb-samba/
librpc/rpc/
auth/auth_winbind.c
auth/gensec/
auth/kerberos/
dsdb/repl/
dsdb/samdb/
dsdb/schema/
torture/
cluster/ctdb/
kdc/
ntvfs/ipc/
torture/rap/
ntvfs/
utils/getntacl.c
ntptr/
smb_server/
libcli/wrepl/
wrepl_server/
libcli/cldap/
libcli/dgram/
libcli/ldap/
libcli/raw/
libcli/nbt/
libnet/
winbind/
rpc_server/
metze
(This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
|
|
- return an error if strings doesn't match on validate
metze
(This used to be commit 4f5ad8cd447f8b44df1bd40f5ee3045d5ab2c3dc)
|
|
- make the success case some clear by returning NT_STATUS_OK
metze
(This used to be commit 2b570f96fcf537c1269237e1067ea7801b563b7e)
|
|
(This used to be commit 80d1dd41d4b224c46ad545f0afd97a847b99860b)
|
|
(This used to be commit 5085c53fcfade614e83d21fc2c1a5bc43bb2a729)
|
|
(This used to be commit 08bb1ef643ab906f1645cf6f32763dc73b1884e4)
|
|
(This used to be commit 925abf74fa1ed5ae726bae8781ec549302786b39)
|
|
(This used to be commit 31993cf67b816a184a4a4e92ef8ca2532c797190)
|
|
rename dcerpc_interface_list -> ndr_interface_list
and move them to libndr.h
metze
(This used to be commit 4adbebef5df2f833d2d4bfcdda72a34179d52f5c)
|
|
and move it to librpc/ndr/libndr.h
metze
(This used to be commit abd5551aabae1820baaa52a963e8c7aa9605914e)
|
|
and move it into misc.idl
The goal is to get rid a all dcerpc specific stuff in the
generated ndr layer.
metze
(This used to be commit 2ed014cfb894cccab1654e3f7d5876393e2b52d7)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
qsort().
Andrew Bartlett
(This used to be commit 96ef5259c63ad6245c94c40d6059d736b1534183)
|
|
rename private -> private_data
metze
(This used to be commit 58551f2f28fce8f1fcd04736c47ecd7458f32ea2)
|
|
the connection on timeout
metze
(This used to be commit 6b23ab1fd265e2a92456701fb02bd1838c098874)
|
|
to the rpc client code
we need to always ask for read events on the socket otherwise we never
get the connection error reported.
shutdown the transport when a request timeout.
metze
(This used to be commit 3403c0cb15e08ec838b0bc834f941051fb94d124)
|
|
dcerpc_ship_next_request() logic was added the penidng queue was split
in two, but we also needed to update the code which removes requests
from the queue to know about the two queues. Following the pattern
used in other client libs, I based which queue to remove from on
req->state, and added a new state RPC_REQUEST_QUEUED. This fixes a
crash that happens when rpc requests time out.
This patch also fixes the handling of timed out bind requests, and the
talloc_reference handling in dcerpc_ndr_request_recv().
(This used to be commit f51a129b52d53059cc1567538f986400c0ea5602)
|
|
using the pattern in the clilsa code, it didn't fill in the p->binding
structure. This affects nearly all users of dcerpc_pipe_open_smb(), so
the simplest fix is to ensure that dcerpc_pipe_open_smb() initialises
the binding if its not already there.
- re-enable the RAW-ACLS test
(This used to be commit d8875c286d2be49c01703d8fd58bbc1842054bd9)
|
|
also make it possible to pass and get the assoc_group_id for
a pipe.
also make it possible to pass the DCERPC_PFC_FLAG_CONC_MPX flag
in bind requests. From the spec it triggers support for
concurrent multiplexing on a single connection.
w2k3 uses the assoc_group_id feature when it becomes a domain controller
of an existing domain. Know the ugly part, with this it's possible to
use a policy handle from one connection on a different one...
typically the DsBind() call is on the 1st connection while DsGetNCChanges()
call using the first connections bind handle are on the 2nd connection.
The second connection also has the DCERPC_PFC_FLAG_CONC_MPX flag attached,
but that doesn't seem to be related to the cross connection handle usage
Can anyone think of a nice way to implement the assoc_group_id stuff in our server?
metze
(This used to be commit 2d8c85397d9027485ed6dbdcca87cc1ec84c7b76)
|
|
metze
(This used to be commit bbd086f2edf81028f2370be8ce0739144cd64b02)
|
|
(This used to be commit 8768bec81f57131a0c9754e8121b345c0be4a5d0)
|
|
as well?
The server side change is needed to fix a valgrind error, which was
possibly exploitable if the client sent deliberately bad data
(This used to be commit e3c04cf165fe15739197b2713e78046399aa7653)
|
|
a RPC-SECRETS on kerberos test still fails, but I'll let andrew take a
look at that later :)
(This used to be commit c260b175682c1cd95eaba958bfd9f054cb2547ea)
|
|
abstractions now.
Andrew Bartlett
(This used to be commit df31237c0cac0213c4f32fc491bcec2ea9f885c3)
|
|
length, use the amount the wapped message expanded by.
This works, because GSSAPI doesn't do AEAD (signing of headers), and
so changing the signature length after the fact is valid.
Andrew Bartlett
(This used to be commit bd1e0f679c8f2b9755051b8d34114fa127a7cf26)
|
|
(This used to be commit fcf6d827199eac83fa424f2eb87a72ed8463e150)
|
|
* Move dlinklist.h, smb.h to subsystem-specific directories
* Clean up ads.h and move what is left of it to dsdb/
(only place where it's used)
(This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
|
|
hierachy
metze
(This used to be commit a0aa61a8d583ef626d082c47377c87008874e235)
|
|
metze
(This used to be commit 8e87b79ce73931376b5852bc734f982f57aad4f3)
|
|
(This used to be commit 61c6100617589ac6df4f527877241464cacbf8b3)
|
|
requests. The fix involves using the same packet queue mechanism for
these requests as normal requests, which also simplifies the code
somewhat
(This used to be commit 2e7f5add13da3061d2f2e2869d10df06b3a98f40)
|