Age | Commit message (Collapse) | Author | Files | Lines |
|
- Add protocol sequence to dcerpc transports (will be used later on)
- Add more transports to the list
(This used to be commit ab110192e6e2c1e5a3b2befe7b61158744f15d18)
|
|
[] is now mandatory
: after the hostname is no longer allowed
examples of allowed binding strings:
ncacn_np:myhost[samr]
ncacn_ip_tcp:10.0.0.1[1045]
ncacn_ip_tcp:2001:7b8:37b:1:210:dcff:fecb:a9e3[1024,sign,seal]
ncacn_np:myhost
ncacn_ip_tcp:192.168.4.2
308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:192.168.4.2
308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:192.168.4.2[,print]
Note that the last two lines are not recognized by smbtorture as a binding
string yet. dcerpc_parse_binding() does accept them though.
(This used to be commit c15862e778507287bddef7967383d4b5d22eaee9)
|
|
server. CONNECT security uses NTLMSSP, but does not do any signing or
sealing (or equivalently, its like signing, but with a zero filled
checksum).
(This used to be commit f4660857bc708db7f5aa7487bf7ab04bffe68928)
|
|
This means that 'require NTLMv2 session security' now works for RPC
pipe signing. We don't yet have sealing, but it can't be much further.
This is almost all tridge's code, munged into a form that can work
with the GENSEC API.
This commit also includes more lsakey fixes - that key is used for all
DCE-RPC level authenticated connections, even over CIFS/ncacn_np.
No doubt I missed something, but I'm going to get some sleep :-)
Andrew Bartlett
(This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)
|
|
(This used to be commit f6ea24296acaaadcd2d59740bc88ef1a93fb1c28)
|
|
a dcerpc_pipe structure as we discussed this morning.
(This used to be commit 79969dc8daf5fdaacd26135a200ecec0b4d7663c)
|
|
also add a demonstration of its use in the netlogon async example
(This used to be commit f2a0438c66b999189c1a2ad726e91efd0748eb90)
|
|
bytes to make sure they are zero. Non-zero values usually indicate one
of two things:
- the server is leaking data through sending uninitialised memory
- we have mistaken a real field in the IDL for padding
to differentiate between the two you really need to run with
"print,padcheck" and look carefully at whether the non-zero pad bytes
are random or appear to be deliberate.
(This used to be commit 7fdb778f81f14aaab75ab204431e4342a462957a)
|
|
use readx/writex instead of the more efficient SMBtrans calls. This
patch restores the efficiency by using SMBtrans when possible.
(This used to be commit 83fbe080e7fcdf4168d85f654b802dc4538b8984)
|
|
generate a separate *_send() async function for every RPC call, and
there is a single dcerpc_ndr_request_recv() call that processes the
receive side of any rpc call. The caller can use
dcerpc_event_context() to get a pointer to the event context for the
pipe so that events can be waited for asynchronously.
The only part that remains synchronous is the initial bind
calls. These could also be made async if necessary, although I suspect
most applications won't need them to be.
(This used to be commit f5d004d8eb8c76c03342cace1976b27266cfa1f0)
|
|
(This used to be commit 85fb26a05d57e58795b0c0ffa93dc9e0fa902431)
|
|
instead of auth3
metze
(This used to be commit 19b0567ee533744a0f2778bf8549636a25d96526)
|
|
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
|
|
This layer is used for DCERPC security, as well as ntlm_auth at this
time. It expect things like SASL and the CIFS layer to use it as
well.
The particular purpose of this layer is to introduce SPENGO, which
needs generic access to the actual implementation mechanisms.
Schannel, due to it's 'interesting' setup properties is in GENSEC, but
is only in the RPC code.
Andrew Bartlett
(This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)
|
|
metze
(This used to be commit 1706ff88a72c6578a109c2cf24f2f009812c3892)
|
|
(This used to be commit 96fc2b6f1e7372cc3646bd52172187b8a689c15a)
|
|
separate utility function, to allow
multiple torture tests to temporarily join a domain
- fixed a session key size problem
- added a schannel test suite
- allow schannel to work with ncacn_ip_tcp
(This used to be commit 36f05e4d575099fcb957b8a55781c38dcd2e1177)
|
|
metze
(This used to be commit 57151e80eb1090281401930c8fe25b20a8cf3a38)
|
|
metze
(This used to be commit 9f914e4af99e18b469d4cf9d8b1514a2bd28ddec)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
Samba's NTLMSSP code is now fully talloc based, which should go a long
way to cleaning up the memory leaks in this code. This also avoids a
lot of extra copies of data, as we now allocate the 'return' blobs on
a caller-supplied context.
I have also been doing a lot of work towards NTLM2 signing and
sealing. I have this working for sealing, but not for the verifier
(MD5 integrity check on the stream) which is still incorrect.
(I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the
data arrives intact, but the signature check fails. It does however
match the test values I have...).
The new torture test is cludged in - when we get a unit test suite
back, I'll happliy put it in the 'right' place....
Andrew Bartlett
(This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
|
|
- This required using NETLOGON_NEG_AUTH2_FLAGS for the
SetupCredentials2 negotiation flags, which is what Samba3 does,
because otherwise the server uses different crypto.
- This tests the returned session keys, which we decrypt.
- Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
most places.
- Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
available.
- Remove a useless argument to SMBsesskeygen_ntv1
- move netr_CredentialState from the .idl to the new credentials.h
Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
|
|
use NTLMSSP sign or seal at the RPC layer
It doesn't work yet, but then again neither does the old code (which
just assumed the SMB session key was used, which of course makes no
sense on a ncacn_ip_tcp connection)
(This used to be commit e8782329269bc78d36d8ca83fb7a4e38b9c6b167)
|
|
and schannel are both instances of possible security modules
- added schannel sign and sign/seal support to the dcerpc client
code. You select it with binding options of "schannel,sign" or
"schannel,seal".
(This used to be commit 05db0b9d942cad8f1dd574dc35b759e5e79d4195)
|
|
(This used to be commit 866ef2edab91996964c8b43dbdd417f5908a00e1)
|
|
handles are not shared between open dcerpc connections, even when
those connections are on the same SMB socket. I have tested this with
w2k3, w2k and NT4. It seems that policy handles have a strict scope of
the dcerpc connection on which they were opened.
I realise that this goes against existing folk-law in the team, but it
seems that the previous testing (I'm not sure who did this?) was
wrong. Perhaps clients do send us policy handles from other
connections, but if they do then the correct thing to do is to fail
the operation with a dcerpc fault. I suspect that failing it with
exactly the right dcerpc fault code is important.
(This used to be commit 2ed24d29bafd9055d5782acdd595cd0f378a651a)
|
|
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.
In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.
I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.
The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
(This used to be commit bb1af644a5a7b188290ce36232f255da0e5d66d2)
|
|
command line. This allows you to (for example) control signing/sealing
of smbtorture RPC sessions
(This used to be commit a73825eb496d5924012ea926fcbac8c956fe081e)
|
|
(This used to be commit c598590a117d4281c530cded4bf9dae16ac1ee76)
|
|
* allow for an interface to list its endpoints in the IDL file, so we
can automatically make the server listen on the right pipes, and
can scan pipes more easily (I don't take advantage of this yet,
just putting the infrastructure in place)
(This used to be commit c8b8480244b4ab6204403dc65e92e4317b410a84)
|
|
uuid 82273fdc-e32a-18c3-3f78-827929dc23ea version 0x0000:0x0000 'eventlog'
24 calls available
WARNING: local IDL defines 4 calls
when all the WARNINGs are gone then we know we have all the calls :)
(This used to be commit f5821b2468a0c46d0e5590de59562926d746c349)
|
|
* don't try to map the epmapper uuid !
* some preliminary support for alter context pdus
(This used to be commit f9857e56850cabfac06534fb33ff7a7a04346a9b)
|
|
control soon
(This used to be commit 215852116c1fb8c0d8ef559155a3dd55346f0c31)
|
|
* moved ntlmssp code into libcli/auth/, and updated to latest ntlmssp
code from samba3 (thanks Andrew! the new interface is great)
* added signing/ntlmssp support in the dcerpc code
* added a dcerpc_auth.c module for the various dcerpc auth mechanisms
(This used to be commit c18c9b5585a3e5f7868562820c14f7cb529cdbcd)
|
|
* fixed a uninitialised variable bug in pidl (found by valgrind)
(This used to be commit 8bce61b8af6351c72c0dd84dc61b49d8aeb1fbbd)
|
|
according to the current IDL taking the data from a file. In
combination with a little hack to ethereal to extract data this is a
quite powerful IDL development tool.
(This used to be commit 229a325c3cf0d4dc1e910ed32e1d7391040aeba1)
|
|
I have recoded the core dcerpc packet structures (all the PDUs etc) in
terms of IDL, which means we now use pidl to generate all the code for
handling the most basic dcerpc packets. This is not normally possible
as it isn't completely valid NDR, but pidl has a number of extensions
that make it quite easy.
This also means we get the server side dcerpc
marshalling/unmarshalling code for free.
(This used to be commit 92bcad02587c3c1b31b523ee9fa46658a6cef9ff)
|
|
* added a NDR validator. The way it works is that when the
DCERPC_DEBUG_VALIDATE_* flags are set the dcerpc system will
perform NDR buffer validation. On sending a request the packet is
first marshalled, then unmarahslled, then marshalled again, and it is
confirmed that the two marshalling results are idential. This
ensures that our pull and push routines are absolutely in sync, so
that we can be very confident that if a routine works in the client
then the corresponding routine must work on the server side. A
similar validation is performed on all replies.
* a result of this change is that pidl is fussier about the [ref]
tag. You can only use it on pointers (which is the only place it
makes sense)
* fixed a basic alignment bug in the push side of the NDR code
* added server side pull/push support. Our dcerpc system is now fully
ready to be used on the server side.
* fixed the relative offset pointer list. It must be traversed in
reverse order on push
* added automatic value setting for the size parameter in outgoing
SdBuf structures.
* expanded the ndr debugging code to always give a message on any
failure
* fixed the subcontext push code
* fixed some memory leaks in smbtorture RPC tests
(This used to be commit 8ecf720206a2eef3f8ea7cbdb1f460664a5dba9a)
|
|
interop with the opengroup dcerpc code
(This used to be commit 8d9061dcd097ed7eee8d9ec531db65b1df8ac8e6)
|
|
in the dcerpc core code
(This used to be commit 16ffeb7c80bfe7f1bfbfce8c98066e9ddbca7686)
|
|
* add a couple more info levels to wkssvc
(This used to be commit c69161bdb13745f271b0cfa9a9af349f7a95edc6)
|
|
files around, but also added the first bits of auto-generated code for
the lsa pipe.
I haven't updated the Makefile to call pidl yet, so for now the code
was cut-and-pasted into librpc/ndr/ndr_lsa.c manually
(This used to be commit 6b222d3b6541ee74cf8bf3f0913cd444903ca991)
|