| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(This used to be commit 71dfc27b8efb3057c4b7383feca0ba35ab5768a4)
|
|
- Support binding strings like :
ncacn_np:[sign]
ncacn_np:myhost[seal,sign,endpoint]
again
(This used to be commit b53f4cd1697345065c7d979ba63237bf828dc07f)
|
|
(This used to be commit 1161c33794cdb16a3d09a66258f46e0020c4aeef)
|
|
(This used to be commit 45a3e2a9815058a3a828c573573c5eee605f9129)
|
|
options[0].
(This used to be commit 18582083af800abd3d8de40eb73255c8ae6598dd)
|
|
nicely :-)
The various interface that support ncalrpc work nicely when tested
with smbtorture and ncalrpc.
Running RPC-SAMR against local smbd here is slightly faster using ncalrpc:
ncalrpc: 1.8 sec
ncacn_ip_tcp: 1.9 sec
ncacn_np: 2.5 sec
(This used to be commit 2cfc8f24ce209f47153d3a5bd7007dd1b0578b26)
|
|
transports.
ncalrpc uses the new config option "ncalrpc dir" for creating unix sockets.
(This used to be commit b15cfbe2512961a199ecb069730d9a19787579f5)
|
|
(This used to be commit a0c4138edf919ee0c4b236f201c09fc4deb2cc09)
|
|
protocol towers
(This used to be commit f41dfc6c5a85bf241e4bcc0669f6191bf531e89a)
|
|
- Make sure a epm_tower struct is completely initialized
- Some more minor fixes
(This used to be commit d560dcbdb85cb2c6915bdb9e2f82f1872b0f5a52)
|
|
dcerpc_binding)
Let test fail if messaging_init() fails instead of generating segfault in the LOCAL-MESSAGING test
(This used to be commit 0609f410ef756501d50c04b544387ae547fcd63c)
|
|
Add tests for dcerpc_binding_from_tower()
(This used to be commit 88c6d34bba1a409127b26f86bd963bfab30a804c)
|
|
Add local test for testing the functions dcerpc_parse_binding(),
dcerpc_binding_string() and dcerpc_binding_build_tower()
(This used to be commit 7a07c2c769b8e51178789eed4a31577f5d39f63a)
|
|
- Add protocol sequence to dcerpc transports (will be used later on)
- Add more transports to the list
(This used to be commit ab110192e6e2c1e5a3b2befe7b61158744f15d18)
|
|
(This used to be commit 53567a83cbca9df60bef76a15df24d2cd89a16b0)
|
|
it is removed from the pending list.
(This used to be commit 33176e9751374de3b5dc3f5f9b19c6824140d90a)
|
|
ensure we don't segfault on the cleanup from an incomplete schannel
bind.
Andrew Bartlett
(This used to be commit 173f29a1d8db111d5adb258eead5379d681d3bb2)
|
|
backslash works, but is not like Windows does it.
(This used to be commit f6deb3d065e1a88f92bcb8a4a138453650c97b0b)
|
|
(This used to be commit 7771b5d8fa3db759487474eb7172df45bb3221ae)
|
|
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The
default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]",
where ifacename is the name of the interface.
Examples:
[
uuid(60a15ec5-4de8-11d7-a637-005056a20182),
endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:")
]
interface rpcecho
{
void dummy();
}
dcerpc_binding is now converted to ep_description in the server, but I hope to
completely eliminate ep_description later on.
The eventual goal of all these changes is to make it easier to add
transports as I'm going to add support for
ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets).
(This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
|
|
[] is now mandatory
: after the hostname is no longer allowed
examples of allowed binding strings:
ncacn_np:myhost[samr]
ncacn_ip_tcp:10.0.0.1[1045]
ncacn_ip_tcp:2001:7b8:37b:1:210:dcff:fecb:a9e3[1024,sign,seal]
ncacn_np:myhost
ncacn_ip_tcp:192.168.4.2
308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:192.168.4.2
308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:192.168.4.2[,print]
Note that the last two lines are not recognized by smbtorture as a binding
string yet. dcerpc_parse_binding() does accept them though.
(This used to be commit c15862e778507287bddef7967383d4b5d22eaee9)
|
|
- added the new messaging system, based on unix domain sockets. It
gets over 10k messages/second on my laptop without any socket
cacheing, which is better than I expected.
- added a LOCAL-MESSAGING torture test
(This used to be commit 3af06478da7ab34a272226d8d9ac87e0a4940cfb)
|
|
the [gensize] property to a struct or union will make pidl generate a
ndr_size_*() function.
(not all nasty bits of NDR are completely covered yet by the
ndr_size*() functions, support for those will be added when necessary)
I also have a local patch (not applied now) that simplifies the pidl output
and eliminates the number of functions required. It would, however, make
pidl more complex.
(This used to be commit 7c823f886afd0c4c6ee838f17882ca0658417011)
|
|
that can generate these kinds of functions
(This used to be commit ebca2516502560edfd4056fbb4cfc9718a108efa)
|
|
(This used to be commit 273d0049b5339e3288b264e5a4393bfab1d4e239)
|
|
the current ones. It took me three hours to realise that the DCOM standard
contains false protocol numbers (apparently someone converted the protocol
numbers to hex twice, i.e. 13 -> 0c and 14 to 0d). There are no longer
duplicates in the list with protocol numbers now.
(This used to be commit f355cd426462a72575ef3c3b769f676334976986)
|
|
"sign", "seal" or "connect"
(This used to be commit f3adabf6896b75f5293dbde3f9de737f35d95a10)
|
|
possible to a structure creation routine. This makes for much easier
global cleanup.
(This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
|
|
simplifies things quite a bit
(This used to be commit c82a9cf750829c4f6982ca3133295c8599023c4e)
|
|
a const pointer really means that "the data pointed to by this pointer
won't change", and that is certainly true of talloc(). The fact that
some behind-the-scenes meta-data can change doesn't matter from the
point of view of const.
this fixes a number of const warnings caused by const data structures
being passed as talloc contexts. That will no longer generate a
warning.
also changed the talloc leak reporting option from --leak-check to
--leak-report, as all it does is generate a report on exit. A new
--leak-report-full option has been added that shows the complete tree
of memory allocations, which is is quite useful in tracking things down.
NOTE: I find it quite useful to insert talloc_report_full(ptr, stderr)
calls at strategic points in the code while debugging memory
allocation problems, particularly before freeing a major context (such
as the connection context). This allows you to see if that context has
been accumulating too much data, such as per-request data, which
should have been freed when the request finished.
(This used to be commit c60ff99c3129c26a9204bac1c6e5fb386114a923)
|
|
taking a context (so when you pass a NULL pointer you end up with
memory in a top level context). Fixed it by changing the API to take a
context. The context is only used if the pointer you are reallocing is
NULL.
(This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
|
|
the cli context too
(This used to be commit 417d0c0ba182aab3a3a23db76ff7ac7cbc663cb6)
|
|
rather than manual reference counts
- properly support SMBexit in the cifs and posix backends
- added a logoff method to all backends
With these changes the RAW-CONTEXT test now passes against the posix backend
(This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
|
|
also fixes a memory leak found with --leak-check.
(This used to be commit f19201ea274f0a542314c61c4af676197bf154ad)
|
|
(This used to be commit 56ecda2178e33508c55c6195ccec41c06e099d6f)
|
|
by making our gensec structures a talloc child of the open connection
we can be sure that it will be destroyed when the connection is
dropped.
(This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
|
|
hierarchical memory allocation
(This used to be commit 26da45a8019a2d6c9ff2ac2a6739c7d0b42b00de)
|
|
name in our code
(This used to be commit 458f85328850905db8e9808d02898c69b5f9b872)
|
|
server. CONNECT security uses NTLMSSP, but does not do any signing or
sealing (or equivalently, its like signing, but with a zero filled
checksum).
(This used to be commit f4660857bc708db7f5aa7487bf7ab04bffe68928)
|
|
Implemented using the POSIX getaddrinfo() call (specified by POSIX 1003.1-2003 and 2553)
I'm not sure how portable this function is, so we might have to add a sys_getaddrinfo() later on.
(This used to be commit 0fb0530389751c6fb4ca58f5e9a0f23491699f17)
|
|
server
closes the connetion and we got EBADF from select() and event_loop_once() fails
metze
(This used to be commit 9c0e50a6f3d628156b4543d5ded89e06be696f64)
|
|
(This used to be commit 04aec4c0a3f559f6a9ccfaf990f3a2ff2e6f48df)
|
|
recently, and this broke the autoidl code)
(This used to be commit 01d66f68f6b21dc9b5c0702edcd4f56daeae9b9d)
|
|
(This used to be commit 09651b831d085345dd385bc9777f97e1c0d57c6f)
|
|
NTLM sign
NTLM sign+seal
NTLM2 sign
NTLM2 sign+seal
and all of the above both with and without key exchange
the NTLM2 seal case is ugly and involves an extra data copy, which
some API changes in gensec or the ndr layer might avoid in future.
(This used to be commit fce7a4218b3136d880dd1a123e8525e3091bbed8)
|
|
Andrew Bartlett
(This used to be commit 49171e420337136d3e66300f99fa1885051e5b61)
|
|
This means that 'require NTLMv2 session security' now works for RPC
pipe signing. We don't yet have sealing, but it can't be much further.
This is almost all tridge's code, munged into a form that can work
with the GENSEC API.
This commit also includes more lsakey fixes - that key is used for all
DCE-RPC level authenticated connections, even over CIFS/ncacn_np.
No doubt I missed something, but I'm going to get some sleep :-)
Andrew Bartlett
(This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)
|
|
(This used to be commit 22a6e5d50d2d40c2dfc5e36bce1132b92723dd81)
|
|
(This used to be commit f6ea24296acaaadcd2d59740bc88ef1a93fb1c28)
|
|
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
|
