Age | Commit message (Collapse) | Author | Files | Lines |
|
This adds support for the nd464 binding string option
|
|
We need to pass down flags to the DCE/RPC layer to allow fallback to
anonymous connections, as we can't log in with an expired password.
The anonymous connection can then change the password with SAMR.
Andrew Bartlett
|
|
The caller should decide if async is desired it should be harcoded per call.
metze
|
|
metze
|
|
|
|
|
|
|
|
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
|
|
should in the future only contain some settings required for gensec.
|
|
|
|
install.
|
|
Conflicts:
source4/Makefile
|
|
|
|
You can trigger it like this:
ncacn_ip_tcp:172.31.9.234[sign,hdrsign]
or
ncacn_ip_tcp:172.31.9.234[seal,hdrsign]
metze
(This used to be commit 54f1fca582b1474693b5ee11b7b847086d27f75f)
|
|
(This used to be commit 717ce0b640a5c3aa62804b9869ef4dcc0f71b7ba)
|
|
Use base class for pidl-generated DCE/RPC interface Python bindings.
(This used to be commit 25e7fc8a2c7a5914c4db4bfe428fd0a8efbf0784)
|
|
(This used to be commit 2073346828ffa1d9c35105eadd7afddd3a76a045)
|
|
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
|
|
(This used to be commit 7bfe359c73aac96f8e983e8d5e9621235cf79a3a)
|
|
library, so it can be overridden by OpenChange.
(This used to be commit 2f29f80e07adef1f020173f2cd6d947d0ef505ce)
|
|
(This used to be commit 459e1466a411d6f83b7372e248566e6e71c745fc)
|
|
(This used to be commit 38fa08310ce573e9b46e76c840ddda6f18863573)
|
|
(This used to be commit ff6684adfd96b59381dd941e54070ab9f8984912)
|
|
(This used to be commit f7051d3a84486ed9d0a1689c10a693521ec63528)
|
|
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
|
|
rename dcerpc_interface_list -> ndr_interface_list
and move them to libndr.h
metze
(This used to be commit 4adbebef5df2f833d2d4bfcdda72a34179d52f5c)
|
|
into ndr_interface_string_array and move it to libndr.h
metze
(This used to be commit 473bca74dc9d9dc54a239c9b5d3dc5fcf5a117a9)
|
|
and move it to librpc/ndr/libndr.h
metze
(This used to be commit abd5551aabae1820baaa52a963e8c7aa9605914e)
|
|
and move it into misc.idl
The goal is to get rid a all dcerpc specific stuff in the
generated ndr layer.
metze
(This used to be commit 2ed014cfb894cccab1654e3f7d5876393e2b52d7)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
rename private -> private_data
metze
(This used to be commit 58551f2f28fce8f1fcd04736c47ecd7458f32ea2)
|
|
the connection on timeout
metze
(This used to be commit 6b23ab1fd265e2a92456701fb02bd1838c098874)
|
|
to the rpc client code
we need to always ask for read events on the socket otherwise we never
get the connection error reported.
shutdown the transport when a request timeout.
metze
(This used to be commit 3403c0cb15e08ec838b0bc834f941051fb94d124)
|
|
dcerpc_ship_next_request() logic was added the penidng queue was split
in two, but we also needed to update the code which removes requests
from the queue to know about the two queues. Following the pattern
used in other client libs, I based which queue to remove from on
req->state, and added a new state RPC_REQUEST_QUEUED. This fixes a
crash that happens when rpc requests time out.
This patch also fixes the handling of timed out bind requests, and the
talloc_reference handling in dcerpc_ndr_request_recv().
(This used to be commit f51a129b52d53059cc1567538f986400c0ea5602)
|
|
also make it possible to pass and get the assoc_group_id for
a pipe.
also make it possible to pass the DCERPC_PFC_FLAG_CONC_MPX flag
in bind requests. From the spec it triggers support for
concurrent multiplexing on a single connection.
w2k3 uses the assoc_group_id feature when it becomes a domain controller
of an existing domain. Know the ugly part, with this it's possible to
use a policy handle from one connection on a different one...
typically the DsBind() call is on the 1st connection while DsGetNCChanges()
call using the first connections bind handle are on the 2nd connection.
The second connection also has the DCERPC_PFC_FLAG_CONC_MPX flag attached,
but that doesn't seem to be related to the cross connection handle usage
Can anyone think of a nice way to implement the assoc_group_id stuff in our server?
metze
(This used to be commit 2d8c85397d9027485ed6dbdcca87cc1ec84c7b76)
|
|
to perform a lookup once, resolve the name to an IP, while still
communicating the full name to the lower layers, for kerberos etc.
This fixes 'net samdump', which was failing due to the schannel target
name being *smbserver.
Andrew Bartlett
(This used to be commit 0546f487f4cc99b5549dc1e457ea243d4bd66333)
|
|
requests. The fix involves using the same packet queue mechanism for
these requests as normal requests, which also simplifies the code
somewhat
(This used to be commit 2e7f5add13da3061d2f2e2869d10df06b3a98f40)
|
|
this isn't supported, fallback to NTLM.
Also, where we get a failure as 'logon failure', try and do a '3
tries' for the password, like we already do for CIFS. (Incomplete:
needs a mapping between RPC errors and the logon failure NTSTATUS).
Because we don't yet support Kerberos sign/seal to win2k3 SP1 for
DCE/RPC, disable this (causing SPNEGO to negotiate NTLM) when kerberos
isn't demanded.
Andrew Bartlett
(This used to be commit b3212d1fb91b26c1d326a289560106dffe1d2e80)
|
|
(This used to be commit a316b33057f3ec8532677980e093cd327d33f257)
|
|
for Kerberos. It must be the full name contacted, not the 'called
name' we might want to use for \\server things, so add another function.
Andrew Bartlett
(This used to be commit 6d57d1dbb76e7d1ca2fd4f1a6c0bacfa7a189e2b)
|
|
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
|
|
Generate different #include lines in pidl depending on whether
we're building inside or outside of the Samba tree (useful for
3rd-party projects).
(This used to be commit 0c188833154c1fe565cb1735909e408a4a1a6049)
|
|
(This used to be commit 1ffb82a7596f989c90df69573083a2c2e28f8808)
|
|
(This used to be commit 4fced6dbbdc06233e5cf69f90c099fafee9baa34)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous. This should better
function with servers that set restrict anonymous.
There are too many parts of Samba that get, parse and modify the
binding parameters. Avoid the extra work, and add a binding element
to the struct dcerpc_pipe
The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern. Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.
To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.
Andrew Bartlett
(This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
|
|
(This used to be commit 63917616016133c623fc6ff59454bc313ee7dd8f)
|
|
torture prototypes in seperate header
(This used to be commit 73610639b23ca3743077193fa0b1de7c7f65944d)
|