summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r874: This patch is a pile of work on NTLMSSP:Andrew Bartlett4-33/+36
Samba's NTLMSSP code is now fully talloc based, which should go a long way to cleaning up the memory leaks in this code. This also avoids a lot of extra copies of data, as we now allocate the 'return' blobs on a caller-supplied context. I have also been doing a lot of work towards NTLM2 signing and sealing. I have this working for sealing, but not for the verifier (MD5 integrity check on the stream) which is still incorrect. (I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the data arrives intact, but the signature check fails. It does however match the test values I have...). The new torture test is cludged in - when we get a unit test suite back, I'll happliy put it in the 'right' place.... Andrew Bartlett (This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
2007-10-10r793: - don't make templates members of any class that would make them showAndrew Tridgell1-0/+3
up in searches like "objectclass=user" - auto-add the computer objectclass for computer accounts on create - added two types of password change call in samr server - reset last_fault_code before each dcerpc call (This used to be commit c1a65f83f6a4c51e60efd204dab89c20cda65d2b)
2007-10-10r610: - Merge the Samba3 'ntlm_auth --diagnostics' testsuite to Samba4.Andrew Bartlett4-23/+17
- This required using NETLOGON_NEG_AUTH2_FLAGS for the SetupCredentials2 negotiation flags, which is what Samba3 does, because otherwise the server uses different crypto. - This tests the returned session keys, which we decrypt. - Update the Samba4 notion of a 'session key' to be a DATA_BLOB in most places. - Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is available. - Remove a useless argument to SMBsesskeygen_ntv1 - move netr_CredentialState from the .idl to the new credentials.h Andrew Bartlett (This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
2007-10-10r390: added my best guess for how session keys are supposed to work when youAndrew Tridgell4-5/+34
use NTLMSSP sign or seal at the RPC layer It doesn't work yet, but then again neither does the old code (which just assumed the SMB session key was used, which of course makes no sense on a ncacn_ip_tcp connection) (This used to be commit e8782329269bc78d36d8ca83fb7a4e38b9c6b167)
2007-10-10r354: Tridge convinced me that writing some wrapper functions by hand was aTim Potter1-393/+0
bad idea. (This used to be commit 6eb0b17015071790fb0108b140936ac81f4c7f92)
2007-10-10r335: added much better handling of servers that die unexpectedly during aAndrew Tridgell2-8/+24
request (a dead socket). I discovered this when testing against Sun's PC-NetLink. cleaned up the naming of some of the samr requests add IDL and test code for samr_QueryGroupMember(), samr_SetMemberAttributesOfGroup() and samr_Shutdown(). (actually, I didn't leave the samr_Shutdown() test in, as its fatal to windows servers due to doing exactly what it says it does). (This used to be commit 925bc2622c105dee4ffff809c6c35cd209a839f8)
2007-10-10r210: More work on DCERPC client functions:Tim Potter1-3/+318
- implement lsa_LookupNames, lsa_LookupSids and lsa_Close - add stubs for remaining functions from idl - fix lsa_OpenPolicy and lsa_OpenPolicy2 to use a temporary talloc context for the rpc call (This used to be commit f8c41bd5216be4a4e657ee5081df60aab5a5d02c)
2007-10-10r152: a quick airport commit ....Andrew Tridgell1-1/+0
added ldbedit, a _really_ useful command added ldbadd, ldbdel, ldbsearch and ldbmodify to build solved lots of timezone issues, we now pass the torture tests with client and server in different zones fixed several build issues I know this breaks the no-LDAP build. Wait till I arrive in San Jose for that fix. (This used to be commit af34710d4da1841653624fe304b1c8d812c0fdd9)
2007-10-10r101: added lsa_SetSecret() and lsa_QuerySecret()Andrew Tridgell1-0/+22
this required some crypto infrastructure and some sid utilities (This used to be commit 37d0efa9c2af8532536bea88412f0dd3ed39ecfc)
2004-04-03This is the start of a C API to the DCERPC client routines. CurrentlyTim Potter1-0/+79
the only way to access this is to cut&paste from torture/rpc/*.c (This used to be commit 3355fec421f82034f433a4b59aa5ad589b070577)
2004-02-21split up the schannel rpc client code into separate key establishmentAndrew Tridgell1-19/+64
and bind calls, but with a combined call that does both. This makes is easier to write a schannel test program that tried different keys. (This used to be commit 9d89928086a7095bbc2218760b12263298af4217)
2004-02-12do not return a value in a void functionStefan Metzmacher1-1/+1
metze (This used to be commit 836612b841ce7f91525c333d81e31dcdb83f533c)
2004-02-11fixed a void return spotted by metzeAndrew Tridgell1-1/+1
(This used to be commit 3f1b7e51c9f18745b6c06c3934ecc4fdd743e1d0)
2004-02-10we can close the netlogon pipe used to setup the schannel session keyAndrew Tridgell1-1/+3
as soon as we are finished with the netlogon negotiation phase. The session key remains valid. (This used to be commit 95a40d4693994edcb2284a2a135d2db426f6addb)
2004-02-10don't always use the same schannel context numberAndrew Tridgell1-1/+1
(This used to be commit 396e0757122614211b535b140d9365ac7b8b880d)
2004-02-10- modified the dcerpc client security code to be generic, so ntlmsspAndrew Tridgell7-153/+469
and schannel are both instances of possible security modules - added schannel sign and sign/seal support to the dcerpc client code. You select it with binding options of "schannel,sign" or "schannel,seal". (This used to be commit 05db0b9d942cad8f1dd574dc35b759e5e79d4195)
2004-02-03- add 'print' to the DCERPC binding stringsStefan Metzmacher1-0/+1
e.g. ncacn_np:myserver:[samr,sign,print] will now enable the packet debugging and the debugging is not bound anymore to the debuglevel >= 2 in the torture tests - also the dcesrv_remote module now supports debugging of the packets use the 'dcerpc_remote:binding' smb.conf parameter. metze (This used to be commit 40abf3c584efed7f977ddd688ea064540e5a5b13)
2004-02-03make more function static, they are still available via the function pointersStefan Metzmacher2-2/+2
metze (This used to be commit 4597643e76a34397cd2344a91d7045163ea7a942)
2004-01-22added a little bit of const magic to get rid of the data in librpc/gen_ndr/*.oAndrew Tridgell1-1/+1
(This used to be commit 866ef2edab91996964c8b43dbdd417f5908a00e1)
2004-01-20added code to the RPC-SPOOLSS test that demonstrates that policyAndrew Tridgell4-3/+61
handles are not shared between open dcerpc connections, even when those connections are on the same SMB socket. I have tested this with w2k3, w2k and NT4. It seems that policy handles have a strict scope of the dcerpc connection on which they were opened. I realise that this goes against existing folk-law in the team, but it seems that the previous testing (I'm not sure who did this?) was wrong. Perhaps clients do send us policy handles from other connections, but if they do then the correct thing to do is to fail the operation with a dcerpc fault. I suspect that failing it with exactly the right dcerpc fault code is important. (This used to be commit 2ed24d29bafd9055d5782acdd595cd0f378a651a)
2003-12-19fixed removal of moe than one ncacn_* option from option listAndrew Tridgell1-0/+1
(This used to be commit 09a9b25c8d916c0467a124d959d5cd911b782dfa)
2003-12-17fixed a segv in RPC-* when debug level > 2Andrew Tridgell1-1/+1
thanks to Kai for spotting this! (This used to be commit 0fc42c33d3b0930fdf1dc71a407f4fcaac69d82d)
2003-12-17Fix typo.Tim Potter1-1/+1
(This used to be commit 3f1b781c5659361d7e9cc3ab2072e1462d40df55)
2003-12-17added a smb.conf flag "rpc big endian" that tells our rpc server toAndrew Tridgell2-13/+12
send packets in bigendian format. (This used to be commit 44df662960e662a55a9f27627f838771503a7a59)
2003-12-16added a define for the DCERPC little-endian data representation flagAndrew Tridgell1-8/+8
(This used to be commit 691f9c1c4448fb54846fcfffeca43601bcd44138)
2003-12-16fixed the RPC-MGMT and RPC-SCANNER tests to work with the newAndrew Tridgell1-24/+75
dcerpc_binding_string code (This used to be commit 1fa68c18facfb6c96d5a274cfd9560cb4b2956f6)
2003-12-16no longer require the pipe name or tcp port number to be the firstAndrew Tridgell1-0/+4
option in the ncacn_* syntax (This used to be commit 74f36d32bb14e94a80e1963cbc95f8fba3f23335)
2003-12-16a fairly large commit!Andrew Tridgell5-21/+91
This adds support for bigendian rpc in the client. I have installed SUN pcnetlink locally and am using it to test the samba4 rpc code. This allows us to easily find places where we have stuffed up the types (such as 2 uint16 versus a uint32), as testing both big-endian and little-endian easily shows which is correct. I have now used this to fix several bugs like that in the samba4 IDL. In order to make this work I also had to redefine a GUID as a true structure, not a blob. From the pcnetlink wire it is clear that it is indeed defined as a structure (the byte order changes). This required changing lots of Samba code to use a GUID as a structure. I also had to fix the if_version code in dcerpc syntax IDs, as it turns out they are a single uint32 not two uint16s. The big-endian support is a bit ugly at the moment, and breaks the layering in some places. More work is needed, especially on the server side. (This used to be commit bb1af644a5a7b188290ce36232f255da0e5d66d2)
2003-12-15more flexible handling of [] in binding stringsAndrew Tridgell1-2/+14
(This used to be commit edc67fffeaee5fe4bbbc6fbd76345d0a9d5b2093)
2003-12-15allow the specification of full dcerpc endpoint binding strings on theAndrew Tridgell2-0/+310
command line. This allows you to (for example) control signing/sealing of smbtorture RPC sessions (This used to be commit a73825eb496d5924012ea926fcbac8c956fe081e)
2003-12-14fixed fragmented signed connections to our rpc server over SMBAndrew Tridgell1-1/+1
(This used to be commit f5df126c254bcb96dfb42096d7247215c7e7a89a)
2003-12-14fixed a bug handling multiple PDUs being read from a socket at oneAndrew Tridgell2-44/+43
time in the rpc server. started on the framework for the dcerpc authentication server code (This used to be commit 74041b6a0a60d792e1b220496d66ec27b9ee6c25)
2003-12-13added a basic dcerpc endpoint mapper to Samba4. Currently onlyAndrew Tridgell1-5/+5
implements the epm_Lookup() call, I'll add the other important calls soon. I was rather pleased to find that epm_Lookup() worked first time, which is particularly surprising given its complexity. This required quite a bit of new infrastructure: * a generic way of handling dcerpc policy handles in the rpc server * added type checked varients of talloc. These are much less error prone. I'd like to move to using these for nearly all uses of talloc. * added more dcerpc fault handling code, and translation from NTSTATUS to a dcerpc fault code * added data_blob_talloc_zero() for allocating an initially zero blob * added a endpoint enumeration hook in the dcerpc endpoint server operations (This used to be commit 3f85f9b782dc17417baf1ca557fcae22f5b6a83a)
2003-12-11the next step in the dcerpc server code. Added the link between theAndrew Tridgell1-1/+1
IPC IO routines and the dcerpc endpoint servers. (This used to be commit 4929c53bc8dddda8a763fdfbcf81a79776d01113)
2003-12-10more portable array of endpoints code from pidlAndrew Tridgell1-1/+1
(This used to be commit c598590a117d4281c530cded4bf9dae16ac1ee76)
2003-12-10the rest of the initial rpc server side infrastructureAndrew Tridgell1-1/+1
(This used to be commit 5fb01b0ec0321724c25669151ea7c20e6ec182d0)
2003-11-28the beginnings of an automated tool for working out IDL properties ofAndrew Tridgell1-0/+14
a pipe. I'm not sure how possible this will be without lots of human intervention, but its an interesting thing to try. (This used to be commit d5afe7c6a8651457da9438fcf0035c792701ac86)
2003-11-28 * added a bunch of placeholder IDL filesAndrew Tridgell1-0/+6
* allow for an interface to list its endpoints in the IDL file, so we can automatically make the server listen on the right pipes, and can scan pipes more easily (I don't take advantage of this yet, just putting the infrastructure in place) (This used to be commit c8b8480244b4ab6204403dc65e92e4317b410a84)
2003-11-27more epmapper and mgmt magicAndrew Tridgell2-1/+43
protocol 0x1f is interesting - its ncacn_http ! (This used to be commit e3d40e3da6e15407162c1d0a29d2cbe86842228e)
2003-11-27added an rpc scanner. This prints messages like this:Andrew Tridgell2-1/+4
uuid 82273fdc-e32a-18c3-3f78-827929dc23ea version 0x0000:0x0000 'eventlog' 24 calls available WARNING: local IDL defines 4 calls when all the WARNINGs are gone then we know we have all the calls :) (This used to be commit f5821b2468a0c46d0e5590de59562926d746c349)
2003-11-27use EPMAPPER_PORT constant instead of 135Andrew Tridgell2-4/+4
(This used to be commit 953ab587dc5a625d0fb557fdcac122a3b2ed0224)
2003-11-27a couple of tidyupsAndrew Tridgell4-3/+23
* don't try to map the epmapper uuid ! * some preliminary support for alter context pdus (This used to be commit f9857e56850cabfac06534fb33ff7a7a04346a9b)
2003-11-26by default sign RPC over TCP but not RPC over SMB. I will add command line ↵Andrew Tridgell3-15/+72
control soon (This used to be commit 215852116c1fb8c0d8ef559155a3dd55346f0c31)
2003-11-26transfer syntax V2 isn't as magic as I thoughtAndrew Tridgell1-4/+2
(This used to be commit bb3bb5dc8d494afd077fa613d064767d7aad90cd)
2003-11-26use the IDL defined NDR version numberAndrew Tridgell1-1/+2
(This used to be commit 00e0c14b76c9b001c7d7b6b18b2cb543a57fe082)
2003-11-26added auto-determination of the DCERPC over TCP port number by askingAndrew Tridgell2-5/+158
the servers endpoint mapper (This used to be commit 4abf5376b00f580eb69196e55a792cc7eb4c9880)
2003-11-26fixed some memory leaks in the dcerpc use of ntlmssp signingAndrew Tridgell2-4/+27
(This used to be commit abbc9993b8f7eb9f57e079db1d0b170d0b9aa443)
2003-11-26signed DCERPC over TCP now works !Andrew Tridgell5-53/+349
* moved ntlmssp code into libcli/auth/, and updated to latest ntlmssp code from samba3 (thanks Andrew! the new interface is great) * added signing/ntlmssp support in the dcerpc code * added a dcerpc_auth.c module for the various dcerpc auth mechanisms (This used to be commit c18c9b5585a3e5f7868562820c14f7cb529cdbcd)
2003-11-24 * fixed byte order in epmapper parsingAndrew Tridgell1-0/+5
* allow rpc transport to be specified on command line in smbtorture (This used to be commit 8a82050fd6f45bcdb31c2c365eaed5fc12599e4f)
2003-11-24initial implementation of dcerpc over tcp. RPC-EPMAPPER works, now toAndrew Tridgell3-4/+206
add epm_Map calls and support the rest of the pipes (This used to be commit 39add481582609ddb9d0b3bae45fde3226ece481)