summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc/dcerpc_util.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r3280: fixed byte order of rhs IPAndrew Tridgell1-1/+1
(This used to be commit 29fab12d0b1649046ab2abb08b51f9845c8f8116)
2007-10-10r3278: - rewrote the client side rpc connection code to use lib/socket/Andrew Tridgell1-4/+5
rather than doing everything itself. This greatly simplifies the code, although I really don't like the socket_recv() interface (it always allocates memory for you, which means an extra memcpy in this code) - fixed several bugs in the socket_ipv4.c code, in particular client side code used a non-blocking connect but didn't handle EINPROGRESS, so it had no chance of working. Also fixed the error codes, using map_nt_error_from_unix() - cleaned up and expanded map_nt_error_from_unix() - changed interpret_addr2() to not take a mem_ctx. It makes absolutely no sense to allocate a fixed size 4 byte structure like this. Dozens of places in the code were also using interpret_addr2() incorrectly (precisely because the allocation made no sense) (This used to be commit 7f2c771b0e0e98c5c9e5cf662592d64d34ff1205)
2007-10-10r3277: don't use the non-portable getaddrinfo() function, instead useAndrew Tridgell1-18/+3
interpret_addr() and if someone wants to add support to that function for ipv6 then they are welcome to. (This used to be commit 50377db11bb727b407744e0c50805c8f90810c16)
2007-10-10r3211: Add a graphical endpoint mapper view toolJelmer Vernooij1-8/+8
(This used to be commit 71dfc27b8efb3057c4b7383feca0ba35ab5768a4)
2007-10-10r3209: - Create directory for ncalrpc with correct modeJelmer Vernooij1-8/+11
- Support binding strings like : ncacn_np:[sign] ncacn_np:myhost[seal,sign,endpoint] again (This used to be commit b53f4cd1697345065c7d979ba63237bf828dc07f)
2007-10-10r3205: Create ncalrpc directory if it didn't exist yetJelmer Vernooij1-1/+1
(This used to be commit 1161c33794cdb16a3d09a66258f46e0020c4aeef)
2007-10-10r3168: Use generic function for looking up endpointsJelmer Vernooij1-203/+3
(This used to be commit 45a3e2a9815058a3a828c573573c5eee605f9129)
2007-10-10r3167: Add a member 'endpoint' to the dcerpc_binding struct to use instead ofJelmer Vernooij1-36/+136
options[0]. (This used to be commit 18582083af800abd3d8de40eb73255c8ae6598dd)
2007-10-10r3164: Look up ncalrpc identifiers using the EPMAPPER. ncalrpc now works ↵Jelmer Vernooij1-8/+117
nicely :-) The various interface that support ncalrpc work nicely when tested with smbtorture and ncalrpc. Running RPC-SAMR against local smbd here is slightly faster using ncalrpc: ncalrpc: 1.8 sec ncacn_ip_tcp: 1.9 sec ncacn_np: 2.5 sec (This used to be commit 2cfc8f24ce209f47153d3a5bd7007dd1b0578b26)
2007-10-10r3162: Add client-side support for the ncalrpc: and ncacn_unix_stream: ↵Jelmer Vernooij1-0/+108
transports. ncalrpc uses the new config option "ncalrpc dir" for creating unix sockets. (This used to be commit b15cfbe2512961a199ecb069730d9a19787579f5)
2007-10-10r3157: Add ncacn_httpJelmer Vernooij1-0/+2
(This used to be commit a0c4138edf919ee0c4b236f201c09fc4deb2cc09)
2007-10-10r3156: Couple of fixes in the conversion functions between binding structs andJelmer Vernooij1-24/+29
protocol towers (This used to be commit f41dfc6c5a85bf241e4bcc0669f6191bf531e89a)
2007-10-10r3136: - Allow specifying socket type when adding smbd serviceJelmer Vernooij1-19/+19
- Make sure a epm_tower struct is completely initialized - Some more minor fixes (This used to be commit d560dcbdb85cb2c6915bdb9e2f82f1872b0f5a52)
2007-10-10r3125: Store object UUID directly instead of using a pointer (struct ↵Jelmer Vernooij1-16/+7
dcerpc_binding) Let test fail if messaging_init() fails instead of generating segfault in the LOCAL-MESSAGING test (This used to be commit 0609f410ef756501d50c04b544387ae547fcd63c)
2007-10-10r3124: Add dcerpc_binding_from_tower()Jelmer Vernooij1-2/+134
Add tests for dcerpc_binding_from_tower() (This used to be commit 88c6d34bba1a409127b26f86bd963bfab30a804c)
2007-10-10r3123: Add dcerpc_binding_build_tower()Jelmer Vernooij1-10/+184
Add local test for testing the functions dcerpc_parse_binding(), dcerpc_binding_string() and dcerpc_binding_build_tower() (This used to be commit 7a07c2c769b8e51178789eed4a31577f5d39f63a)
2007-10-10r3114: - More work on merging the various structs that describe endpointsJelmer Vernooij1-11/+36
- Add protocol sequence to dcerpc transports (will be used later on) - Add more transports to the list (This used to be commit ab110192e6e2c1e5a3b2befe7b61158744f15d18)
2007-10-10r3111: Add a few more protocol identifiers, rhs for ncalrpcJelmer Vernooij1-22/+22
(This used to be commit 53567a83cbca9df60bef76a15df24d2cd89a16b0)
2007-10-10r3047: Always include a \ again before the pipe name we're opening. Without aJelmer Vernooij1-0/+4
backslash works, but is not like Windows does it. (This used to be commit f6deb3d065e1a88f92bcb8a4a138453650c97b0b)
2007-10-10r3046: \\PIPE\\ is internal (not actually included on the wire)Jelmer Vernooij1-5/+2
(This used to be commit 7771b5d8fa3db759487474eb7172df45bb3221ae)
2007-10-10r3043: Use binding strings for specifying endpoints. The property forJelmer Vernooij1-9/+28
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]", where ifacename is the name of the interface. Examples: [ uuid(60a15ec5-4de8-11d7-a637-005056a20182), endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:") ] interface rpcecho { void dummy(); } dcerpc_binding is now converted to ep_description in the server, but I hope to completely eliminate ep_description later on. The eventual goal of all these changes is to make it easier to add transports as I'm going to add support for ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets). (This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
2007-10-10r3032: Somewhat stricter syntax for binding strings:Jelmer Vernooij1-43/+56
[] is now mandatory : after the hostname is no longer allowed examples of allowed binding strings: ncacn_np:myhost[samr] ncacn_ip_tcp:10.0.0.1[1045] ncacn_ip_tcp:2001:7b8:37b:1:210:dcff:fecb:a9e3[1024,sign,seal] ncacn_np:myhost ncacn_ip_tcp:192.168.4.2 308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:192.168.4.2 308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:192.168.4.2[,print] Note that the last two lines are not recognized by smbtorture as a binding string yet. dcerpc_parse_binding() does accept them though. (This used to be commit c15862e778507287bddef7967383d4b5d22eaee9)
2007-10-10r2990: Add support to pidl for autogenerating ndr_size_*() functions. AddingJelmer Vernooij1-52/+0
the [gensize] property to a struct or union will make pidl generate a ndr_size_*() function. (not all nasty bits of NDR are completely covered yet by the ndr_size*() functions, support for those will be added when necessary) I also have a local patch (not applied now) that simplifies the pidl output and eliminates the number of functions required. It would, however, make pidl more complex. (This used to be commit 7c823f886afd0c4c6ee838f17882ca0658417011)
2007-10-10r2956: Fix towers_length for now. I'm currently working on a pidl extensionJelmer Vernooij1-0/+52
that can generate these kinds of functions (This used to be commit ebca2516502560edfd4056fbb4cfc9718a108efa)
2007-10-10r2938: Use IDL to dissect the RHS of floors in protocol towersJelmer Vernooij1-34/+7
(This used to be commit 273d0049b5339e3288b264e5a4393bfab1d4e239)
2007-10-10r2921: Add a few more protocols and fix the numbers associated with some ofJelmer Vernooij1-3/+3
the current ones. It took me three hours to realise that the DCOM standard contains false protocol numbers (apparently someone converted the protocol numbers to hex twice, i.e. 13 -> 0c and 14 to 0d). There are no longer duplicates in the list with protocol numbers now. (This used to be commit f355cd426462a72575ef3c3b769f676334976986)
2007-10-10r2763: use no-auth bind on ncacn_np unless we specify at least one of ↵Andrew Tridgell1-1/+2
"sign", "seal" or "connect" (This used to be commit f3adabf6896b75f5293dbde3f9de737f35d95a10)
2007-10-10r2710: continue with the new style of providing a parent context wheneverAndrew Tridgell1-3/+2
possible to a structure creation routine. This makes for much easier global cleanup. (This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
2007-10-10r2668: steal the cli pointer into the pipe context so a single free destroys ↵Andrew Tridgell1-1/+2
the cli context too (This used to be commit 417d0c0ba182aab3a3a23db76ff7ac7cbc663cb6)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell1-1/+1
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2634: use discard_const_p() in a few placesAndrew Tridgell1-2/+2
(This used to be commit 56ecda2178e33508c55c6195ccec41c06e099d6f)
2007-10-10r2614: support CONNECT level DCE/RPC security in both client andAndrew Tridgell1-8/+3
server. CONNECT security uses NTLMSSP, but does not do any signing or sealing (or equivalently, its like signing, but with a zero filled checksum). (This used to be commit f4660857bc708db7f5aa7487bf7ab04bffe68928)
2007-10-10r2538: Support IPv6 as transport for MSRPC. Tested against Win2k3Jelmer Vernooij1-2/+2
Implemented using the POSIX getaddrinfo() call (specified by POSIX 1003.1-2003 and 2553) I'm not sure how portable this function is, so we might have to add a sys_getaddrinfo() later on. (This used to be commit 0fb0530389751c6fb4ca58f5e9a0f23491699f17)
2007-10-10r2284: Thanks to some great detective work by tridge, NTLM2 signing now works.Andrew Bartlett1-5/+12
This means that 'require NTLMv2 session security' now works for RPC pipe signing. We don't yet have sealing, but it can't be much further. This is almost all tridge's code, munged into a form that can work with the GENSEC API. This commit also includes more lsakey fixes - that key is used for all DCE-RPC level authenticated connections, even over CIFS/ncacn_np. No doubt I missed something, but I'm going to get some sleep :-) Andrew Bartlett (This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)
2007-10-10r2266: yay! LSA session keys on TCP now work!Andrew Tridgell1-15/+1
(This used to be commit f6ea24296acaaadcd2d59740bc88ef1a93fb1c28)
2007-10-10r2180: added RPC flags "padcheck" which enables checking of all received padAndrew Tridgell1-0/+1
bytes to make sure they are zero. Non-zero values usually indicate one of two things: - the server is leaking data through sending uninitialised memory - we have mistaken a real field in the IDL for padding to differentiate between the two you really need to run with "print,padcheck" and look carefully at whether the non-zero pad bytes are random or appear to be deliberate. (This used to be commit 7fdb778f81f14aaab75ab204431e4342a462957a)
2007-10-10r2100: rework the dcerpc client side library so that it is async. We nowAndrew Tridgell1-11/+11
generate a separate *_send() async function for every RPC call, and there is a single dcerpc_ndr_request_recv() call that processes the receive side of any rpc call. The caller can use dcerpc_event_context() to get a pointer to the event context for the pipe so that events can be waited for asynchronously. The only part that remains synchronous is the initial bind calls. These could also be made async if necessary, although I suspect most applications won't need them to be. (This used to be commit f5d004d8eb8c76c03342cace1976b27266cfa1f0)
2007-10-10r1850: when we have a username and use sign or seal on a dcerpc over npStefan Metzmacher1-1/+2
use dcerpc auth instead off smb auth metze (This used to be commit 6b429234968da7e51de95b6ede2afe3c1605debb)
2007-10-10r1821: fixed reference to "status" that should be "result"Andrew Tridgell1-1/+1
(This used to be commit bdf7d66d299b0956fbf17b38291089585b2b54bf)
2007-10-10r1703: - Lots of RPC updates, adding new pipes and protocols.Jelmer Vernooij1-3/+3
- More updates/fixes to the ethereal parser generator (This used to be commit 547f860285b117e291bf3dbaca0707dc268b214e)
2007-10-10r1654: rename cli_ -> smbcli_Stefan Metzmacher1-8/+8
rename CLI_ -> SMBCLI_ metze (This used to be commit 8441750fd9427dd6fe477f27e603821b4026f038)
2007-10-10r1294: A nice, large, commit...Andrew Bartlett1-2/+4
This implements gensec for Samba's server side, and brings gensec up to the standards of a full subsystem. This means that use of the subsystem is by gensec_* functions, not function pointers in structures (this is internal). This causes changes in all the existing gensec users. Our RPC server no longer contains it's own generalised security scheme, and now calls gensec directly. Gensec has also taken over the role of auth/auth_ntlmssp.c An important part of gensec, is the output of the 'session_info' struct. This is now reference counted, so that we can correctly free it when a pipe is closed, no matter if it was inherited, or created by per-pipe authentication. The schannel code is reworked, to be in the same file for client and server. ntlm_auth is reworked to use gensec. The major problem with this code is the way it relies on subsystem auto-initialisation. The primary reason for this commit now.is to allow these problems to be looked at, and fixed. There are problems with the new code: - I've tested it with smbtorture, but currently don't have VMware and valgrind working (this I'll fix soon). - The SPNEGO code is client-only at this point. - We still do not do kerberos. Andrew Bartlett (This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2007-10-10r1200: Add 'gensec', our generic security layer.Andrew Bartlett1-2/+2
This layer is used for DCERPC security, as well as ntlm_auth at this time. It expect things like SASL and the CIFS layer to use it as well. The particular purpose of this layer is to introduce SPENGO, which needs generic access to the actual implementation mechanisms. Schannel, due to it's 'interesting' setup properties is in GENSEC, but is only in the RPC code. Andrew Bartlett (This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)
2007-10-10r1136: - added IDL for netr_LogonGetDomainInfo()Andrew Tridgell1-0/+35
- added workstation to auth_session_info in rpc servers - added session key fetch hook in crypto backends in dcesrv - store and fetch seed as well as a session key in schannel ldb - when a client uses schannel to setup a netlogon pipe connection we also need to setup the credentials from the schannel negotiation so credentials chaining works - added server side netr_LogonGetDomainInfo() call (This used to be commit a35459387de3b6a422c5af6f658338fc7e4314b0)
2007-10-10r1077: fix segfault in schannel over ncacn_ip_tcpStefan Metzmacher1-13/+13
metze (This used to be commit 9e9a52692ebe9d47f1a08740ea1dcb8f46041211)
2007-10-10r1068: make the dcerpc client side auth/crypto code much more genericStefan Metzmacher1-2/+2
metze (This used to be commit 1706ff88a72c6578a109c2cf24f2f009812c3892)
2007-10-10r1041: - pulled the domain join code out of the netlogon test and made it a ↵Andrew Tridgell1-32/+52
separate utility function, to allow multiple torture tests to temporarily join a domain - fixed a session key size problem - added a schannel test suite - allow schannel to work with ncacn_ip_tcp (This used to be commit 36f05e4d575099fcb957b8a55781c38dcd2e1177)
2007-10-10r1030: added server side schannel supportAndrew Tridgell1-4/+4
(This used to be commit 2ac79dfba0e64056a680f21d7dd0c007f79d4a70)
2007-10-10r962: convert 'unsigned' and 'unsigned int' to uint_tStefan Metzmacher1-1/+1
metze (This used to be commit 57151e80eb1090281401930c8fe25b20a8cf3a38)
2007-10-10r884: convert samba4 to use [u]int32_t instead of [u]int32Stefan Metzmacher1-10/+10
metze (This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)