summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell5-16/+16
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4962: add infrastructure to use raw krb5 auth in dcerpc client codeStefan Metzmacher2-1/+7
Note this doesn't work currently because the gensec_modules are not ready for that yet metze (This used to be commit 7b09a3f725baca5d4483b7ec24a9cb6151557bb5)
2007-10-10r4944: every event_add_*() caller was having to call talloc_steal() to takeAndrew Tridgell1-1/+1
control of the event, so instead build that into the function. If you pass NULL as mem_ctx then it leaves it as a child of the events structure. (This used to be commit 7f981b9ed96f39027cbfd500f41e0c2be64cbb50)
2007-10-10r4886: fixed two places where we process the send side of a socket after theAndrew Tridgell1-0/+1
recv side in the same event. That's a bad idea, as the first callback could decide to destroy the socket. (This used to be commit bf74ea34fc0e3c31e220c8f5a9217c95f3ca1d52)
2007-10-10r4758: - added async support to the session request codeAndrew Tridgell1-7/+6
- added async support to the negprot client code - removed two unused parameters from smbcli_full_connection() code - converted smbclient to use smbcli_full_connection() rather than reinventing everything itself (This used to be commit 71cbe2873473e039b4511511302cb63f1c50bce8)
2007-10-10r4757: added the ability of the clisocket level of libcli to handle asyncAndrew Tridgell1-1/+1
socket connections. This was complicated by a few factors: - it meant moving the event context from clitransport to clisocket, so lots of structures changed - we need to asynchronously handle connection to lists of port numbers, not just one port number. The code internally tries each port in the list in turn, without ever blocking - the man page on how connect() is supposed to work asynchronously doesn't work in practice (now why doesn't this surprise me?). The getsockopt() for SOL_ERROR is supposed to retrieve the error, but in fact the next (unrelated) connect() call on the same socket also gets an error, though not the right error. To work around this I need to tear down the whole socket between each attempted port. I hate posix. Note that clisocket.c still does a blocking name resolution call in smbcli_sock_connect_byname(). That will be fixed when we add the async NBT resolution code. Also note that I arranged things so that every SMB connection is now async internally, so using plain smbclient or smbtorture tests all the async features of this new code. (This used to be commit 468f8ebbfdbdf37c757fdc4863626aa9946a8870)
2007-10-10r4691: Make the DCE-RPC bind code compleatly generic to the number of passesAndrew Bartlett1-6/+14
that the GENSEC mechanism wishes to select. It is of course up to the GENSEC mech and the remote server to actually support this however... Andrew Bartlett (This used to be commit 7200a01545e14a8b0c90fadf3c27933dd1f4359f)
2007-10-10r4636: Per tridge's wish (and probably correct behaviour), don't key off aAndrew Bartlett1-1/+3
specific GENSEC mech type, but on the behaviour of the mech. Andrew Bartlett (This used to be commit f2bd7a5a699b91d99d7dc2a0b3b6c7006274a59c)
2007-10-10r4635: Fix NTLMSSP to return NT_STATUS_OK when it has constructed the authAndrew Bartlett4-198/+101
token in the client (the final token in the negotiation). Consequential fixes in the SPNEGO code, which now uses the out.length as the indicator of 'I need to send something to the other side'. Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client. Fix the RPC-MULTIBIND test consequent to this merge. Andrew Bartlett (This used to be commit 43e3516fc03008e97ebb4ad1a0cde464303f43c6)
2007-10-10r4630: for ncacn_np if we don't have an explicit request for one of theAndrew Tridgell2-2/+6
advanced auth types we should do a plain bind. This fixes rpc connections to ancient servers (like sun cascade) (This used to be commit 59a5a0b218f7182c541a06ffc4528c1160699033)
2007-10-10r4627: - simplified the dcerpc auth code using a common functionAndrew Tridgell6-118/+93
- added support for "spnego" in binding strings. This enables SPNEGO auth in the dcerpc client code, using as many allter_context calls as are needed To try SPNEGO do this: smbtorture ncacn_ip_tcp:SERVER[spnego,seal] -Uadministrator%password RPC-SAMR (This used to be commit 9c0a3423f03111c110d21c0d3910e16aa1a8bf87)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher1-14/+3
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4619: Remove extern declaration of dcerpc_pipes, which is now staticJelmer Vernooij1-3/+0
(This used to be commit 95e849bf94160ae4807a54b28e351539c1119215)
2007-10-10r4618: - tidied up the alter_context client code a bitAndrew Tridgell5-103/+35
- there is no alter_nak or alter_ack packet, its all done in an alter_response - auto-allocated the contex_ids - tried to fix up the dcom code to work again with alter_context. Jelmer, please take a look :) (This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
2007-10-10r4617: basic alter_context requests now work in our client library. The testAndrew Tridgell2-4/+127
just does a simple LSA/DSSETUP combo, which is what w2k does in the ACL editor rpc calls that triggered this work (This used to be commit 0129ec947aa1fa5a7104dc3a666af3cb9bd104f1)
2007-10-10r4616: the first phase in the addition of proper support forAndrew Tridgell9-525/+560
dcerpc_alter_context and multiple context_ids in the dcerpc client library. This stage does the following: - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has the context dependent part. This is similar to the layering in libcli_*() for SMB - disable the current dcerpc_alter code. I've used a #warning until i get the 2nd phase finished. I don't know how portable #warning is, but it won't be long before I add full alter context support anyway, so it won't last long - cleanup the allocation of dcerpc_pipe structures. The previous code was quite awkward. (This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell3-2/+3
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4588: fixed the double bind in ncalrpc with dcerpc_secondary_connection()Andrew Tridgell1-1/+1
(This used to be commit b65a95c11778fd778ad3c013664aea7d038e16ae)
2007-10-10r4587: fixed dcerpc_secondary_connection() for ncacn_ip_tcpAndrew Tridgell1-3/+1
this fixes RPC-SAMLOGON and some other tests on ncacn_ip_tcp (This used to be commit 244370d62424ab3c0f9d6689b0e674d057b3fc09)
2007-10-10r4549: got rid of a lot more uses of plain talloc(), instead usingAndrew Tridgell1-2/+2
talloc_size() or talloc_array_p() where appropriate. also fixed a memory leak in pvfs_copy_file() (failed to free a memory context) (This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10r4526: - much simpler (and more accurate!) ndr_size_*() code generation. ItAndrew Tridgell2-3/+11
is less efficient, but I really doubt that matters. - use enum in epmapper.idl for protocol type - added support for "enum8bit" flag, used in epmapper.idl (This used to be commit 1a24a50384b7f588844cd012f1218ca242ca4507)
2007-10-10r4504: SettingAndrew Bartlett1-1/+2
.enabled = True on modules we know are good (and we want on be default) seems neater. Andrew Bartlett (This used to be commit 18850c66b7c8ac5e8caf08151dbb9b72cf93230f)
2007-10-10r4479: added the function talloc_autofree_context() which returns a talloc ↵Andrew Tridgell1-4/+5
context that will automatically be freed on program exit. This is useful for reducing clutter in leak reports (This used to be commit cf73dda652e0a121901f22771104be6751c0fcb9)
2007-10-10r4459: GENSEC refinements:Andrew Bartlett1-4/+13
In developing a GSSAPI plugin for GENSEC, it became clear that the API needed to change: - GSSAPI exposes only a wrap() and unwrap() interface, and determines the location of the signature itself. - The 'have feature' API did not correctly function in the recursive SPNEGO environment. As such, NTLMSSP has been updated to support these methods. The LDAP client and server have been updated to use the new wrap() and unwrap() methods, and now pass the LDAP-* tests in our smbtorture. (Unfortunely I still get valgrind warnings, in the code that was previously unreachable). Andrew Bartlett (This used to be commit 9923c3bc1b5a6e93a5996aadb039bd229e888ac6)
2007-10-10r4360: destroy the gensec contextStefan Metzmacher1-0/+1
metze (This used to be commit a25770983b34bac5bd7dcce69241716386dc8509)
2007-10-10r4358: At metze's request, the Christmas elves have removed gensec_end inAndrew Bartlett3-8/+9
favor of talloc_free(). Andrew Bartlett (This used to be commit 1933cd12fbaed56e13f2386b19de6ade99bf9478)
2007-10-10r4355: More work from the elves on Christmas eve:Andrew Bartlett1-15/+14
- Update Samba4's kerberos code to match the 'salting' changes in Samba3 (and many other cleanups by jra). - Move GENSEC into the modern era of talloc destructors. This avoids many of the memory leaks in this code, as we now can't somehow 'forget' to call the end routine. - This required fixing some of the talloc hierarchies. - The new krb5 seems more sensitive to getting the service name right, so start actually setting the service name on the krb5 context. Andrew Bartlett (This used to be commit 278bf1a61a6da6ef955a12c13d7b1a0357cebf1f)
2007-10-10r4115: check for gensec errors before calling memcpy on a set of credentials,Andrew Tridgell1-0/+6
otherwise the creds structure might be invalid (This used to be commit 76285b3390f20366d53c7b2509ac07e1f88f7309)
2007-10-10r4114: added have_features bits to gensec schannel code. This fixes ourAndrew Tridgell1-0/+4
schannel code. I would also like to give a gentle reminder to everyone to please run the appropriate test scripts when you change a subsystem. It's a shame to have this test code and not use it, and it takes much longer for another developer to track down a bug in your new code than it would take for you fix to it at the time you first add it. - for rpc changes run test_rpc.sh - for CIFS changes run test_posix.sh - for ldb changes run test-tdb in lib/ldb/ (This used to be commit 0c58b254cabd236911021aff87c73183356fa8e3)
2007-10-10r4086: - make dcerpc_ndr_request_table_send() the default and rename it to justStefan Metzmacher2-46/+33
dcerpc_ndr_request_send() - this allows us to call dcerpc_log_packet() when we receive a packet we can't parse correctly metze (This used to be commit a7a6cea112a180a28188997ca99f30d8dd286bb8)
2007-10-10r4081: use clearer namesStefan Metzmacher1-2/+2
metze (This used to be commit 5d7d6f02cf1aa731d371c97054480d83d85102cb)
2007-10-10r4055: fixed more places to use type safe allocation macrosAndrew Tridgell1-2/+2
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
2007-10-10r4052: fixed a bunch of code to use the type safe _p allocation macrosAndrew Tridgell1-2/+2
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
2007-10-10r4042: fix segfault on server schannel connectionsStefan Metzmacher1-1/+4
metze (This used to be commit 57bd26f9c528687ca2ca9bbaa56f7f36efd2231f)
2007-10-10r4037: fixed a bunch of "might be uninitialised" warnings after enabling -O1 ↵Andrew Tridgell1-1/+1
in my compile (This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)
2007-10-10r4011: get rid of rpc_secdes.h and replace it with a single sane set ofAndrew Tridgell1-5/+6
definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
2007-10-10r4001: fix segfault fix auth failedStefan Metzmacher1-0/+1
metze (This used to be commit 6a7eee1d9917e0884072354dddae568645798da5)
2007-10-10r3972: use GUID_* naming context and move GUID_* functions to one placeStefan Metzmacher1-1/+1
metze (This used to be commit 523e6acf4fec5d4946fa7c0c89f40d7d712c9f3a)
2007-10-10r3941: make sure we don't keep pounding on a ncacn_ip_tcp connection after ↵Andrew Tridgell1-0/+6
it is dead (This used to be commit f0263672fd1eb79bfa3a94663de1cea996c92880)
2007-10-10r3861: - Put ndr and rpc client code in seperate filesJelmer Vernooij1-2/+19
- Add some const (This used to be commit a00bda88e1b6abdc36e5aa8c2a35f64855f67c96)
2007-10-10r3792: improved the posix -> nt error mapping, so we get things likeAndrew Tridgell1-1/+2
NT_STATUS_HOST_UNREACHABLE instead of NT_STATUS_UNSUCCESSFUL (This used to be commit f2a488e5668ab5d262269f1bab1b33a63265cbe9)
2007-10-10r3790: use a registration function that is called from dcerpc_*_init functionsJelmer Vernooij3-24/+41
rather then a large table in librpc/gen_ndr/tables.c. This will allow us to only link in only the required gen_ndr files (speeds up linking quite a bit, makes binaries smaller). Each gen_ndr_* file now has a init function that calls the init functions of the interfaces it contains. I did it this way to keep pidl's code simple, though it might hurt startup time a bit. I'd be happy to change it if people like one function better. (This used to be commit 3c436590ae95b58ad6d00e72d6fdd08a4d80f208)
2007-10-10r3737: - Get rid of the register_subsystem() and register_backend() functions.Jelmer Vernooij1-1/+1
- Re-disable tdbtool (it was building fine on my Debian box but other machines were having problems) (This used to be commit 0d7bb2c40b7a9ed59df3f8944133ea562697e814)
2007-10-10r3686: The results of some work on the NETLOGON pipe:Andrew Bartlett1-38/+29
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC, that will cross-verify all the values. Add support for the way netlogon credentials are shared between the pipe that sets up schannel and the pipe that is encrypted with it. Test this support, by calling both NETLOGON and SAMR operations in the RPC-SCHANNEL test. Move some of the Netlogon NEG flags into the .idl, now we have an idea what a few of them really are. Rename the sam_pwd_hash into a name that has meaning (all other crypto functions were renamed in Samba4 ages ago). Break out NTLMv2 functionality for operation on the NT hash - I intend to do NTLMv2 logins in the samsync test in future, and naturally I only have the hash. Andrew Bartlett (This used to be commit 6e6cc6fb9842113a1b0c7f6904dac709b320a6e5)
2007-10-10r3660: This simulates the logon sequence of a XP login session I'm currently ↵Volker Lendecke1-24/+42
tuning Samba3/OpenLDAP for. For a concrete situation you have to adapt the domain, pdcname and usernames/passwords. Sorry, not parametrized yet, but this should be doable if necessary. Volker (This used to be commit 02f52058722fc1aea02d4fe237c97404d8e4f491)
2007-10-10r3611: DCOM client support works!!Jelmer Vernooij2-2/+11
The torture test DCOM-SIMPLE now successfully does an IStream_Read and a IStream_Write call. This test can now be run successfully against the "Simple DCOM" Visual Studio example. (You have to quote out line 337 in pidl. pidl complains if the variable that contains the array size follows the array. I still need to fix this properly) Next goals: - Clean up code - Server side support - Support custom marshalling - Support DCOM interfaces in files other then dcom.idl (This used to be commit 8693344772a9b700533179f4bacfe27ec27dfcfe)
2007-10-10r3606: More DCOM fixes:Jelmer Vernooij1-5/+6
- OXID tables work now. IOXIDResolver is used if there is used for getting a STRINGBINDING if none is known yet - Add custom dissectors for STRINGARRAY and DUALSTRINGARRAY. If there's a way to get rid of these later on (by supporting them thru pidl somehow), I'd be happy to use that instead of doing it manually. I can now get to the point where we have created an object and are connected to it. The only thing left to do is being able to set the Object UUID properly.. (This used to be commit 54e1e5edca50d3cd496c080715e84ec62cb2a10c)
2007-10-10r3602: Add looking up transport by endpoint protocolJelmer Vernooij1-0/+16
(This used to be commit 76c02ecbe8581fbf07bb59dd22ba88eb97b4fd04)
2007-10-10r3601: Lots of smaller DCOM updates and fixes. Adds oxid tables, properJelmer Vernooij1-3/+3
use of contexts. (This used to be commit 93eb3cd99c4fb065a69eabcead0c33804259c976)
2007-10-10r3600: fixed two debug typosAndrew Tridgell1-2/+2
(This used to be commit d0149b173f70cf012e6ed2382394985fb4950af6)