summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r2921: Add a few more protocols and fix the numbers associated with some ofJelmer Vernooij1-3/+3
the current ones. It took me three hours to realise that the DCOM standard contains false protocol numbers (apparently someone converted the protocol numbers to hex twice, i.e. 13 -> 0c and 14 to 0d). There are no longer duplicates in the list with protocol numbers now. (This used to be commit f355cd426462a72575ef3c3b769f676334976986)
2007-10-10r2763: use no-auth bind on ncacn_np unless we specify at least one of ↵Andrew Tridgell1-1/+2
"sign", "seal" or "connect" (This used to be commit f3adabf6896b75f5293dbde3f9de737f35d95a10)
2007-10-10r2710: continue with the new style of providing a parent context wheneverAndrew Tridgell2-4/+4
possible to a structure creation routine. This makes for much easier global cleanup. (This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
2007-10-10r2680: switched the libcli/raw/ code over to use talloc_reference(), which ↵Andrew Tridgell1-15/+7
simplifies things quite a bit (This used to be commit c82a9cf750829c4f6982ca3133295c8599023c4e)
2007-10-10r2674: I have realised that talloc() should have its context marked const, asAndrew Tridgell1-2/+7
a const pointer really means that "the data pointed to by this pointer won't change", and that is certainly true of talloc(). The fact that some behind-the-scenes meta-data can change doesn't matter from the point of view of const. this fixes a number of const warnings caused by const data structures being passed as talloc contexts. That will no longer generate a warning. also changed the talloc leak reporting option from --leak-check to --leak-report, as all it does is generate a report on exit. A new --leak-report-full option has been added that shows the complete tree of memory allocations, which is is quite useful in tracking things down. NOTE: I find it quite useful to insert talloc_report_full(ptr, stderr) calls at strategic points in the code while debugging memory allocation problems, particularly before freeing a major context (such as the connection context). This allows you to see if that context has been accumulating too much data, such as per-request data, which should have been freed when the request finished. (This used to be commit c60ff99c3129c26a9204bac1c6e5fb386114a923)
2007-10-10r2671: we're getting too many errors caused by the talloc_realloc() API notAndrew Tridgell3-3/+4
taking a context (so when you pass a NULL pointer you end up with memory in a top level context). Fixed it by changing the API to take a context. The context is only used if the pointer you are reallocing is NULL. (This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
2007-10-10r2668: steal the cli pointer into the pipe context so a single free destroys ↵Andrew Tridgell1-1/+2
the cli context too (This used to be commit 417d0c0ba182aab3a3a23db76ff7ac7cbc663cb6)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell2-3/+3
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2643: convert more of the auth subsyystem to the new talloc methods. ThisAndrew Tridgell1-10/+3
also fixes a memory leak found with --leak-check. (This used to be commit f19201ea274f0a542314c61c4af676197bf154ad)
2007-10-10r2634: use discard_const_p() in a few placesAndrew Tridgell1-2/+2
(This used to be commit 56ecda2178e33508c55c6195ccec41c06e099d6f)
2007-10-10r2629: convert gensec to the new talloc modelAndrew Tridgell4-5/+5
by making our gensec structures a talloc child of the open connection we can be sure that it will be destroyed when the connection is dropped. (This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
2007-10-10r2628: got rid of some warnings and converted a few more places to use ↵Andrew Tridgell3-4/+3
hierarchical memory allocation (This used to be commit 26da45a8019a2d6c9ff2ac2a6739c7d0b42b00de)
2007-10-10r2626: the symbol gai_error is defined in /usr/include, so don't use that ↵Andrew Tridgell1-4/+4
name in our code (This used to be commit 458f85328850905db8e9808d02898c69b5f9b872)
2007-10-10r2614: support CONNECT level DCE/RPC security in both client andAndrew Tridgell4-21/+67
server. CONNECT security uses NTLMSSP, but does not do any signing or sealing (or equivalently, its like signing, but with a zero filled checksum). (This used to be commit f4660857bc708db7f5aa7487bf7ab04bffe68928)
2007-10-10r2538: Support IPv6 as transport for MSRPC. Tested against Win2k3Jelmer Vernooij2-11/+35
Implemented using the POSIX getaddrinfo() call (specified by POSIX 1003.1-2003 and 2553) I'm not sure how portable this function is, so we might have to add a sys_getaddrinfo() later on. (This used to be commit 0fb0530389751c6fb4ca58f5e9a0f23491699f17)
2007-10-10r2443: check return code of event_loop_once() to catch thet cases where the ↵Stefan Metzmacher1-2/+6
server closes the connetion and we got EBADF from select() and event_loop_once() fails metze (This used to be commit 9c0e50a6f3d628156b4543d5ded89e06be696f64)
2007-10-10r2399: Display text description of rpc fault in debug message.Tim Potter1-1/+1
(This used to be commit 04aec4c0a3f559f6a9ccfaf990f3a2ff2e6f48df)
2007-10-10r2383: fixed the handling of sending zero length dcerpc packets (I broke thisAndrew Tridgell1-1/+3
recently, and this broke the autoidl code) (This used to be commit 01d66f68f6b21dc9b5c0702edcd4f56daeae9b9d)
2007-10-10r2304: fixed a bug in old style NTLM signingAndrew Tridgell1-1/+1
(This used to be commit 09651b831d085345dd385bc9777f97e1c0d57c6f)
2007-10-10r2294: this fixes the NTLM2 sign+seal combination. I have now tested:Andrew Tridgell1-5/+8
NTLM sign NTLM sign+seal NTLM2 sign NTLM2 sign+seal and all of the above both with and without key exchange the NTLM2 seal case is ugly and involves an extra data copy, which some API changes in gensec or the ndr layer might avoid in future. (This used to be commit fce7a4218b3136d880dd1a123e8525e3091bbed8)
2007-10-10r2287: Add static.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 49171e420337136d3e66300f99fa1885051e5b61)
2007-10-10r2284: Thanks to some great detective work by tridge, NTLM2 signing now works.Andrew Bartlett7-80/+109
This means that 'require NTLMv2 session security' now works for RPC pipe signing. We don't yet have sealing, but it can't be much further. This is almost all tridge's code, munged into a form that can work with the GENSEC API. This commit also includes more lsakey fixes - that key is used for all DCE-RPC level authenticated connections, even over CIFS/ncacn_np. No doubt I missed something, but I'm going to get some sleep :-) Andrew Bartlett (This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)
2007-10-10r2275: don't crash on a rpc BIND_NAK response ...Andrew Tridgell1-1/+6
(This used to be commit 22a6e5d50d2d40c2dfc5e36bce1132b92723dd81)
2007-10-10r2266: yay! LSA session keys on TCP now work!Andrew Tridgell4-15/+33
(This used to be commit f6ea24296acaaadcd2d59740bc88ef1a93fb1c28)
2007-10-10r2247: talloc_destroy -> talloc_freeTim Potter1-1/+1
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
2007-10-10r2234: Tridge, this is a patch to allow people to set the REF_ALLOC flag onTim Potter2-0/+7
a dcerpc_pipe structure as we discussed this morning. (This used to be commit 79969dc8daf5fdaacd26135a200ecec0b4d7663c)
2007-10-10r2185: add a callback function to the dcerpc async APIAndrew Tridgell2-0/+25
also add a demonstration of its use in the netlogon async example (This used to be commit f2a0438c66b999189c1a2ad726e91efd0748eb90)
2007-10-10r2184: use the smb.conf socket options for client code tooAndrew Tridgell1-0/+2
(This used to be commit 7256945b526a1ee68d18eb579e592f7389740c22)
2007-10-10r2180: added RPC flags "padcheck" which enables checking of all received padAndrew Tridgell3-14/+37
bytes to make sure they are zero. Non-zero values usually indicate one of two things: - the server is leaking data through sending uninitialised memory - we have mistaken a real field in the IDL for padding to differentiate between the two you really need to run with "print,padcheck" and look carefully at whether the non-zero pad bytes are random or appear to be deliberate. (This used to be commit 7fdb778f81f14aaab75ab204431e4342a462957a)
2007-10-10r2118: fixed the receipt of bigendian rpc packets with the new async code.Andrew Tridgell1-3/+10
The fix uses the new talloc_increase_ref_count() function in an interesting way. I suspect this sort of technique will become quite common. (This used to be commit a86e629a39baf0ba2a6bb347eb9b72551c1477ff)
2007-10-10r2103: in the conversion to async rpc I simplified the smb backend to onlyAndrew Tridgell4-46/+153
use readx/writex instead of the more efficient SMBtrans calls. This patch restores the efficiency by using SMBtrans when possible. (This used to be commit 83fbe080e7fcdf4168d85f654b802dc4538b8984)
2007-10-10r2100: rework the dcerpc client side library so that it is async. We nowAndrew Tridgell8-423/+747
generate a separate *_send() async function for every RPC call, and there is a single dcerpc_ndr_request_recv() call that processes the receive side of any rpc call. The caller can use dcerpc_event_context() to get a pointer to the event context for the pipe so that events can be waited for asynchronously. The only part that remains synchronous is the initial bind calls. These could also be made async if necessary, although I suspect most applications won't need them to be. (This used to be commit f5d004d8eb8c76c03342cace1976b27266cfa1f0)
2007-10-10r2041: Fix NTLMSSP RPC sealing, client -> win2k3 server.Andrew Bartlett5-26/+32
The bug (found by tridge) is that Win2k3 is being tighter about the NTLMSSP flags. If we don't negotiate sealing, we can't use it. We now have a way to indicate to the GENSEC implementation mechanisms what things we want for a connection. Andrew Bartlett (This used to be commit 86f61568ea44c5719f9b583beeeefb12e0c26f4c)
2007-10-10r2029: changed our client side dcerpc padding to match what w2k3 does - a 16Andrew Tridgell1-2/+4
byte padding of the payload portion of the packet. (This used to be commit 271831f97f3952838557bf5034c1e435b33cb14a)
2007-10-10r1993: Allow WinXP domain logon to progress a bit further (it seems broken ↵Andrew Bartlett1-3/+4
for me). Fix indent, and add a few more useful debug messages. Send a fault, if the bind is not accepted - don't just leave the client hanging. Andrew Bartlett (This used to be commit 486215edc1148ad754632be37760dc0d38b0340d)
2007-10-10r1983: a completely new implementation of tallocAndrew Tridgell2-4/+3
This version does the following: 1) talloc_free(), talloc_realloc() and talloc_steal() lose their (redundent) first arguments 2) you can use _any_ talloc pointer as a talloc context to allocate more memory. This allows you to create complex data structures where the top level structure is the logical parent of the next level down, and those are the parents of the level below that. Then destroy either the lot with a single talloc_free() or destroy any sub-part with a talloc_free() of that part 3) you can name any pointer. Use talloc_named() which is just like talloc() but takes the printf style name argument as well as the parent context and the size. The whole thing ends up being a very simple piece of code, although some of the pointer walking gets hairy. So far, I'm just using the new talloc() like the old one. The next step is to actually take advantage of the new interface properly. Expect some new commits soon that simplify some common coding styles in samba4 by using the new talloc(). (This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
2007-10-10r1874: add dcerpc_errstr() function to display a fault code by name,Stefan Metzmacher1-0/+59
this should be used in the torture tests when we got NT_STATU_NET_WRITE_FAULT metze (This used to be commit 964748389bb7560ba141d71bb9256a8552c7db92)
2007-10-10r1872: revert -r 1845 because the caling function should look at the fault_codeStefan Metzmacher1-12/+2
when it gets NT_STATUS_NET_WRITE_FAULT metze (This used to be commit 084845c1ab5e8acdb91f1d93b87d3f58e5de1bfd)
2007-10-10r1850: when we have a username and use sign or seal on a dcerpc over npStefan Metzmacher1-1/+2
use dcerpc auth instead off smb auth metze (This used to be commit 6b429234968da7e51de95b6ede2afe3c1605debb)
2007-10-10r1845: map DCERPC_FAULT_LOGON_FAILURE to NT_STATUS_LOGON_FAILUREStefan Metzmacher1-2/+11
metze (This used to be commit 0cf0c3646038574e73c77a0b7adbdf6d04fe7207)
2007-10-10r1821: fixed reference to "status" that should be "result"Andrew Tridgell1-1/+1
(This used to be commit bdf7d66d299b0956fbf17b38291089585b2b54bf)
2007-10-10r1786: Add support for the 'helpstring' attribute on interfacesJelmer Vernooij1-0/+1
(This used to be commit 85fb26a05d57e58795b0c0ffa93dc9e0fa902431)
2007-10-10r1703: - Lots of RPC updates, adding new pipes and protocols.Jelmer Vernooij1-3/+3
- More updates/fixes to the ethereal parser generator (This used to be commit 547f860285b117e291bf3dbaca0707dc268b214e)
2007-10-10r1654: rename cli_ -> smbcli_Stefan Metzmacher2-16/+16
rename CLI_ -> SMBCLI_ metze (This used to be commit 8441750fd9427dd6fe477f27e603821b4026f038)
2007-10-10r1645: added a debug when a RPC fault is receivedAndrew Tridgell1-0/+1
(This used to be commit cb1830909952dd0d0fed2090e820f1ee2552a7a2)
2007-10-10r1509: in order to interoperate with NT3.1 we need to ignore extra data at ↵Andrew Tridgell1-3/+7
the end of RPC PDUs. It turns out that NT3.1 adds junk onto the end of every PDU. (This used to be commit a4a89cffd85c213a4d751c24ccda438e44df4d2e)
2007-10-10r1498: (merge from 3.0)Andrew Bartlett1-1/+1
Rework our random number generation system. On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). This also requires that we start the secrets subsystem, as that is where the reseed value is stored, for systems without /dev/urandom. In order to aviod identical streams in forked children, the random state is re-initialised after the fork(), at the same point were we do that to the tdbs. Andrew Bartlett (This used to be commit b97d3cb2efd68310b1aea8a3ac40a64979c8cdae)
2007-10-10r1475: More kerberos workAndrew Bartlett1-0/+7
- We can now connect to hosts that follow the SPNEGO RFC, and *do not* give us their principal name in the mechListMIC. - The client code now remembers the hostname it connects to - We now kinit for a user, if there is not valid ticket already - Re-introduce clock skew compensation TODO: - See if the username in the ccache matches the username specified - Use a private ccache, rather then the global one, for a 'new' kinit - Determine 'default' usernames. - The default for Krb5 is the one in the ccache, then $USER - For NTLMSSP, it's just $USER Andrew Bartlett (This used to be commit de5da669397db4ac87c6da08d3533ca3030da2b0)
2007-10-10r1419: spnego inside of dcerpc using alter_context/alter_context_respStefan Metzmacher6-11/+170
instead of auth3 metze (This used to be commit 19b0567ee533744a0f2778bf8549636a25d96526)
2007-10-10r1354: Make it clear that the first gensec_update takes a NULL data_blob.Andrew Bartlett1-2/+3
Andrew Bartlett (This used to be commit 842a5dfc1f313b771fef14a484be6eea8c6eedf8)