summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc/dcerpc.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r21535: - fixed a crash in the RAW-ACLS test. When a dcerpc_pipe is createdAndrew Tridgell1-0/+1
using the pattern in the clilsa code, it didn't fill in the p->binding structure. This affects nearly all users of dcerpc_pipe_open_smb(), so the simplest fix is to ensure that dcerpc_pipe_open_smb() initialises the binding if its not already there. - re-enable the RAW-ACLS test (This used to be commit d8875c286d2be49c01703d8fd58bbc1842054bd9)
2007-10-10r21515: add some more PFC_FLAGS from the DCERPC spec, and fix some namesStefan Metzmacher1-5/+14
also make it possible to pass and get the assoc_group_id for a pipe. also make it possible to pass the DCERPC_PFC_FLAG_CONC_MPX flag in bind requests. From the spec it triggers support for concurrent multiplexing on a single connection. w2k3 uses the assoc_group_id feature when it becomes a domain controller of an existing domain. Know the ugly part, with this it's possible to use a policy handle from one connection on a different one... typically the DsBind() call is on the 1st connection while DsGetNCChanges() call using the first connections bind handle are on the 2nd connection. The second connection also has the DCERPC_PFC_FLAG_CONC_MPX flag attached, but that doesn't seem to be related to the cross connection handle usage Can anyone think of a nice way to implement the assoc_group_id stuff in our server? metze (This used to be commit 2d8c85397d9027485ed6dbdcca87cc1ec84c7b76)
2007-10-10r20323: allow empty dcerpc reqeusts, this fixes the RPC-COUNTCALLS testStefan Metzmacher1-1/+1
metze (This used to be commit bbd086f2edf81028f2370be8ce0739144cd64b02)
2007-10-10r19676: Fix some more dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 8768bec81f57131a0c9754e8121b345c0be4a5d0)
2007-10-10r19502: fixed the RPC-SECRETS test with kerberos. Andrew, can you look at thisAndrew Tridgell1-1/+14
as well? The server side change is needed to fix a valgrind error, which was possibly exploitable if the client sent deliberately bad data (This used to be commit e3c04cf165fe15739197b2713e78046399aa7653)
2007-10-10r19501: fix the hangs in the build farm in RPC-SECRETSAndrew Tridgell1-20/+6
a RPC-SECRETS on kerberos test still fails, but I'll let andrew take a look at that later :) (This used to be commit c260b175682c1cd95eaba958bfd9f054cb2547ea)
2007-10-10r19479: Remove more unused functions. These are handled via authenticationAndrew Bartlett1-52/+1
abstractions now. Andrew Bartlett (This used to be commit df31237c0cac0213c4f32fc491bcec2ea9f885c3)
2007-10-10r19465: Rather than use the non-standard API for determining the signatureAndrew Bartlett1-2/+33
length, use the amount the wapped message expanded by. This works, because GSSAPI doesn't do AEAD (signing of headers), and so changing the signature length after the fact is valid. Andrew Bartlett (This used to be commit bd1e0f679c8f2b9755051b8d34114fa127a7cf26)
2007-10-10r18716: put in a commented out useful hack for some RPC serversAndrew Tridgell1-0/+8
(This used to be commit fcf6d827199eac83fa424f2eb87a72ed8463e150)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij1-1/+1
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r17323: make better use of the composite api and fix the memoryStefan Metzmacher1-52/+24
hierachy metze (This used to be commit a0aa61a8d583ef626d082c47377c87008874e235)
2007-10-10r17321: give better error codesStefan Metzmacher1-2/+2
metze (This used to be commit 8e87b79ce73931376b5852bc734f982f57aad4f3)
2007-10-10r15854: more talloc_set_destructor() typesafe fixesAndrew Tridgell1-4/+2
(This used to be commit 61c6100617589ac6df4f527877241464cacbf8b3)
2007-10-10r15524: fix a problem with rpc faults from bind and alter contextAndrew Tridgell1-85/+91
requests. The fix involves using the same packet queue mechanism for these requests as normal requests, which also simplifies the code somewhat (This used to be commit 2e7f5add13da3061d2f2e2869d10df06b3a98f40)
2007-10-10r15504: Revert -r 15500 and -r 15503 until I'm awake, and can get my headAndrew Bartlett1-40/+20
around the mess that is composite functions... Async might be all the rage, but it's bloody painful to debug. Andrew Bartlett (This used to be commit 756e1dad7ce54b83f8170db3434bfcfc4afe7e65)
2007-10-10r15500: Add support for interactive prompting on bad passwords to the RPC ↵Andrew Bartlett1-20/+40
libraries. This support requires that the bind_ack and alter_ack recv functions also be send the DCE/RPC fault. This would be best done by having the ack run as a normal RPC reply callback, but this isn't easily possible for now. Andrew Bartlett (This used to be commit be6dde22fe728d64d47875699d3421c6d8d872a4)
2007-10-10r15482: Don't shadow the global function pipe() with a local variable name.Andrew Bartlett1-10/+8
Andrew Bartlett (This used to be commit ed4ab63c2dd811d07594ba397ed22f9d02eeb63a)
2007-10-10r14735: Use dcerpc_syntax_id rather then seperate GUID + if_version everywhereJelmer Vernooij1-2/+2
(This used to be commit a316b33057f3ec8532677980e093cd327d33f257)
2007-10-10r14715: Correct the definition of the DCE/RPC bind_nak, per the OpenGroup spec.Andrew Bartlett1-0/+7
This allows us to correctly parse the bind_nak from NT4, when we use an invalid auth type (the unsupported SPNEGO).. Andrew Bartlett (This used to be commit ce0c7f86fd5eeeacad885d732b66c65ac9103ace)
2007-10-10r14542: Remove librpc, libndr and libnbt from includes.hJelmer Vernooij1-1/+2
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
2007-10-10r12634: make the [validate] binding string switch also check to see if theAndrew Tridgell1-3/+17
string form of the structure we receive matches the generated form. This has the effect of checking things like value() attributes. (This used to be commit f2e68ec649658976e5bf4887713a92c14850c277)
2007-10-10r12620: Get rid of automatically generated lists of init functions of ↵Jelmer Vernooij1-0/+7
subsystems. This allows Samba libraries to be used by other projects (and parts of Samba to be built as shared libraries). (This used to be commit 44f0aba715bfedc7e1ee3d07e9a101a91dbd84b3)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-1/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12574: Bring tables.pl back to life and move registration of interfacesJelmer Vernooij1-26/+0
now completely to a new subsystem. (This used to be commit bbacfaaea5819e0ecadf81e8fbb424916284c809)
2007-10-10r12542: Move some more prototypes out to seperate headersJelmer Vernooij1-0/+1
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
2007-10-10r12514: Move DCE/RPC interface table to a seperate fileJelmer Vernooij1-15/+12
Be a bit more strict when checking for duplicate interfaces (This used to be commit b1286a6d27e2b5aa26f288f6aff70601b0d8ae74)
2007-10-10r12513: Similar change as my previous commit, but now for transfer syntaxes.Jelmer Vernooij1-6/+1
Avoids converting a static string to GUID every time we check whether a transfer syntax is equal to that of NDR. (This used to be commit 8dcfcaf75ab8cf4a54cf5e56f6be25acc68e3989)
2007-10-10r12512: Use GUID structs in API functions everywhere rather then converting ↵Jelmer Vernooij1-3/+1
back and forth between GUID structs and strings in several places. (This used to be commit 3564e2f967ef72d6301b4f7e9a311cebcded4d75)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-5/+5
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r12116: got rid of composite_trigger_done() and composite_trigger_error(), andAndrew Tridgell1-2/+2
instead make the normal composite_done() and composite_error() functions automatically trigger a delayed callback if the caller has had no opportunity to setup a async callback this removes one of the common mistakes in writing a composite function (This used to be commit f9413ce792ded682e05134b66d433eeec293e6f1)
2007-10-10r11970: fixed a valgrind error. The auth info from the alter_context reply wasAndrew Tridgell1-1/+1
being freed before being given to gensec_update() (This used to be commit cf2cb4279e2b31989eee2fec848982b10fcc2136)
2007-10-10r11889: added support for dcerpc ncacn_np over SMB2. You use it by giving theAndrew Tridgell1-0/+5
flag 'smb2' in the dcerpc binding string. This gives a pretty good test to the new SMB2 trans call. (This used to be commit f99bef585d4c1e52becc06b581bd5aaa62cf9dd7)
2007-10-10r11872: another attempt at fixing the data_blob_free in async dcerpc bind,Andrew Tridgell1-14/+9
after volker gently pointed out that I should be wearing a paper bag over my head for the last attempt :-) (This used to be commit 7e132761fce75f64d3e7d42f650c45a483e37e3e)
2007-10-10r11871: fixed a problem volker found with the async bind code, and a callbackAndrew Tridgell1-2/+5
destroying the dcerpc pipe (This used to be commit 0b91602fa4b9a8b40331d088bdaac76381eac7ef)
2007-10-10r11819: simplified the async rpc bind code a little.Andrew Tridgell1-205/+220
- removed the struct dcerpc_request_state as all the state information is already available on the dcerpc_pipe structure, so just use that - added a single dcerpc_recv_data() handler for receiving packets from the transport layer. This then does the initial decoding of the dcerpc packet, and then looks at the packet type in order to work out who to dispatch it to. This should allow in-flight async rpc requests to still work while a new bind or alter context is happening - ensure that if the transport indicates the connection is dead that any in-flight bind or alter context requests are given an error - removed full_request_private and instead use separate bind_private and alter_private pointers - added a few comments for some bits I found hard to understand (This used to be commit 938e372bffbee1982ad8268b83c43514fd2e5633)
2007-10-10r11810: Fix talloc hierarchyVolker Lendecke1-2/+2
(This used to be commit e1bf1c326f297321a6c8fdf9679130dba102669e)
2007-10-10r11809: Make dcerpc_bind_auth async.Volker Lendecke1-5/+4
This also removes dcerpc_bind_auth_password, the only user of dcerpc_bind_auth. And this was not only passwords anyway. Andrew Bartlett, as usual: Please take a close look. Thanks, Volker (This used to be commit 2ff2dae3d035af6cb0c131573cfd983fc9a58eee)
2007-10-10r11807: Make dcerpc_alter_context async. Same thing: Please look at thisVolker Lendecke1-149/+140
closely. Survives RPC-ALTERCONTEXT. Volker (This used to be commit 1875c4808f8c30a6f750b88e166d43a736d5edc7)
2007-10-10r11804: Asyncify the anonymous bind, convert the calls in xplogin.c.Volker Lendecke1-68/+180
Tridge et al, please take a close look at this. It survives my basic rpc-login test as well as rpc-lsa, but this is critical I think. Volker (This used to be commit bf1a55f44c84d9bb8b2f83f5d25727550ca8fcf2)
2007-10-10r11516: Fix a valgrind bug I introduce with queued requestsVolker Lendecke1-3/+6
(This used to be commit 3e4ab756f421acd747e9ea4c48b0f61d48dfa8fd)
2007-10-10r11473: Based on work by Jelmer, implement the [async] flag for rpc ↵Volker Lendecke1-28/+82
requests. If it's not there (it's not yet on *any* call... :-)), the rpc client strictly sequences calls to an rpc pipe. Might need some more work on the exact sequencing semantics when a pipe with both sync and async calls is actually deployed, but I want it in for winbind simplification. Volker (This used to be commit b8f324e4f000971b7dafc263c16dd4af958ee7f9)
2007-10-10r10699: fixed the dcerpc code so that you can shutdown the pipe safely fromAndrew Tridgell1-29/+17
within a callback on the pipe. This should fix a problem volker encountered with winbind. The fix invoolves making the recv_data handler free the memory for a packet, instead of having the transport layer free it after calling recv_data. When the transport layer freed it, it had no way of knowing if the callback had shutdown the pipe, so it had no way of knowing if it could safely use the pointer. Also changed the pipe shutdown hook for the smb transport to use an async SMB close. This ensures that when you shutdown the pipe, you don't block waiting for the server to ack the close of the pipe fnum. (This used to be commit c87d7f580e39245db181605f50883de07dd9632e)
2007-10-10r10153: This patch adds a new parameter to gensec_sig_size(), the size of theAndrew Bartlett1-5/+8
data to be signed/sealed. We can use this to split the data from the signature portion of the resultant wrapped packet. This required merging the gsskrb5_wrap_size patch from lorikeet-heimdal, and fixes AES encrption issues on DCE/RPC (we no longer use a static 45 byte value). This fixes one of the krb5 issues in my list. Andrew Bartlett (This used to be commit e4f2afc34362953f56a026b66ae1aea81e9db104)
2007-10-10r8811: Fix the build..Jelmer Vernooij1-0/+1
(This used to be commit fac77f5fa267da57a55e88cad8993897e80741a0)
2007-10-10r8057: use our defined push/pull types in the validate code (fixes a warning)Andrew Tridgell1-2/+2
(This used to be commit 4e14ebf51e871d6d70a194e2725c2158675dc6fc)
2007-10-10r7865: changed pidl to take a "const void *" instead of a "void *" for theAndrew Tridgell1-2/+2
structure in ndr_push_*() and ndr_print_*(). The push and print functions really should not modify the structure. metze, to make this work I had to change your spoolss hand marshaller. Can you please check it is OK? I think that the IN and OUT sides of that function are not ever called on the same structure, so I think that attempt at remembering the value by assigning to r->in._offered was not doing anything anyway, but please correct me if I have misunderstood it. If you really do need to remember something on those structures I'd suggest the ndr_token_store() and ndr_token_retrieve() functions, which are used by pidl for just this sort of thing. (This used to be commit eee528be97fa43ca53bdc5652b4d29a0a2caf563)
2007-10-10r7653: when a dcerpc request times out, we need to ensure that if the serverAndrew Tridgell1-1/+11
does finally answer the request and it is on the smb transport that we don't die in the callback code as the rpc request state is gone. (This used to be commit d47477c5c3acbaa7242fa3a06d4095258db86297)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell1-9/+20
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r7497: add timeouts to all rpc requests. The default timeout is 60Andrew Tridgell1-0/+42
seconds. This should prevent the problem I am seeing on a solaris box where a rpc request gets stuck forever (This used to be commit c24ab34813d675b9b81f3062fb6f30aae5697805)
2007-10-10r7313: Prefix a few functions with ncacn_ rather then dcerpc_ because they areJelmer Vernooij1-18/+18
ncacn_ specific (This used to be commit 875cce126878172eedb43b4ecab3970ea9d82e4a)