summaryrefslogtreecommitdiff
path: root/source4/librpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r10705: fixed a crash bug in the getdcname irpc server for winbind. TheAndrew Tridgell1-1/+1
problem was that the return string was declared as: [out] astring dcname which means "this is a non-NULL string". The server code sometimes returned NULL however (on getdc lookup failure), which caused the NDR marshalling code to crash. When you declare a non-pointer return value you are promising that the value can never be NULL. The trivial fix is to use: [out] astring *dcname which leaves the API alone, but includes a pointer in the wire format, which in turn means it is valid to send a NULL string as a response. (This used to be commit e39bac61960f6ce8957f148a482e39499a8e9096)
2007-10-10r10699: fixed the dcerpc code so that you can shutdown the pipe safely fromAndrew Tridgell3-35/+36
within a callback on the pipe. This should fix a problem volker encountered with winbind. The fix invoolves making the recv_data handler free the memory for a packet, instead of having the transport layer free it after calling recv_data. When the transport layer freed it, it had no way of knowing if the callback had shutdown the pipe, so it had no way of knowing if it could safely use the pointer. Also changed the pipe shutdown hook for the smb transport to use an async SMB close. This ensures that when you shutdown the pipe, you don't block waiting for the server to ack the close of the pipe fnum. (This used to be commit c87d7f580e39245db181605f50883de07dd9632e)
2007-10-10r10683: Samba3's wbinfo -t should give the correct answer now.Volker Lendecke1-1/+1
Tridge, if you have time, you might want to look at the segfault I was still seeing. Now I store the handle to the netlogon pipe in the global winbind state and free it on the next entry into check_machacc. The problem seems to be that talloc_free()ing a pipe struct from within a callback function on that pipe is not possible. I think I can live with that, but it has been not really obvious. To reproduce the segfault you might want to look at putting a talloc_free(state->getcreds->out.netlogon) into wbsrv_samba3_check_machacc_receive_creds. This is called from a dcerpc callback function. In particular if the check failed it would be nice if I could delete the pipe directly and not post a different event to some winbind queue. I tried to delete the pipe from a timed event triggered immediately, but this also fails because the inner loop seems to hit the same event again, calling it twice. Volker (This used to be commit 5436d7764812bb632ba865e633005ed07923b57f)
2007-10-10r10681: Convert dcerpc_open_smb to a composite function.Volker Lendecke1-42/+113
Volker (This used to be commit 42ff218ac98fab00bd58c4f50f11843ef32b4698)
2007-10-10r10653: give unknown levels a name basicly the *2 levels meanStefan Metzmacher1-4/+4
that the update or inform should be propagaded to all servers metze (This used to be commit 33c7c101c024818694830ac11fefe70bd2edb1d4)
2007-10-10r10637: use the correct memory context in the ndr_pull_* functionStefan Metzmacher2-17/+29
to build the talloc hierachie correct metze (This used to be commit afd9dda5773d381550bdb061a8e345b33e1fc371)
2007-10-10r10627: - use a wrepl specific enum for the node typeStefan Metzmacher1-1/+8
- the unknown flag 0x10 seems to mean that this name was localy registered on this currently asked server, that flag is not present in replica records metze (This used to be commit ba3685c41dc934692bd653f4fe9c0ee451146c40)
2007-10-10r10610: forgot one file in the last commit:Stefan Metzmacher1-5/+37
make wrepl_nbt_name a scalar type that is another wire representation of struct nbt_name give wrepl_name->flags a meaning metze (This used to be commit 5fa13d6c2bd4cff9540ee97b3aa4c8a9c8e51fc5)
2007-10-10r10586: Add MergedObject() builder. Default to Library() ratherJelmer Vernooij1-3/+3
then StaticLibrary() (This used to be commit b53313dc517986c69a4e4cb8fe3885b696f8faa1)
2007-10-10r10491: First step towards wbinfo -t: This issues a name request for the primaryVolker Lendecke1-1/+11
domain and gets the DC's name via a mailslot call. Metze, I renamed wbsrv_queue_reply to wbsrv_send_reply in accordance with irpc_send_reply. Having _queue_ here and _send_ there is a bit confusing. And as everything is async anyway, the semantics should not be too much of a problem. Volker (This used to be commit 4637964b19c6e9f7d201b287e2d409d029fced01)
2007-10-10r10478: More work on proto headers; we now generate a couple of smaller onesJelmer Vernooij1-3/+3
that are then included by include/proto.h (This used to be commit 703ffbaaaca11f3d8781cfe9e7542fcaa626d991)
2007-10-10r10452: Couple of small scons updates - ignore .sconsign filesJelmer Vernooij1-623/+2
(This used to be commit b2d2b4f23393c727ae3feeaf4b4b65bc03a673f7)
2007-10-10r10446: Add ndr_base and rpc_base sources to proto.hTim Potter1-10/+16
Generate NDR mashalling code for all idl files (why isn't this automatically by the scanner when it finds librpc/gen_ndr/{misc,dcerpc,orpc}.h in includes.h?) (This used to be commit 01eb22b9dac4f7d06c7e760ce5f1f4b4049e41c9)
2007-10-10r10442: Build librpc/libndr_misc.a from librpc/idl/misc.idl. Doesn't quite workTim Potter1-0/+2
yet as scons somehow thinks it needs to put a directory called ndr_idl in the command line. (This used to be commit e4a54a4c49b958b56dc7822c800a3f5ff7eb0b60)
2007-10-10r10438: Move portability functions to lib/replace/; replace now simply ensuresJelmer Vernooij1-1/+1
that a given set of (working) POSIX functions are available (without prefixes to their names, etc). See lib/replace/README for a list. Functions that behave different from their POSIX specification (such as sys_select, sys_read, etc) have kept the sys_ prefix. (This used to be commit 29919a71059b29fa27a49b1f5b84bb8881de65fc)
2007-10-10r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.Andrew Bartlett1-2/+2
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own test for the moment, but I'm working on these issues :-) This required a change to the credentials API, so that the special case for NTLM logins using a principal was indeed handled as a special, not general case. Also don't set the realm from a ccache, as then it overrides --option=realm=. Andrew Bartlett (This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
2007-10-10r10377: Save configuration stuff to sconf.cache so it isn't annoyingly runTim Potter1-1/+2
at every single build. Run 'scons configure=1' or delete sconf.cache to force checks to be re-run. Jelmer, I think this stuff is cached in the .sconf_cache directory but the message is still displayed and it looks like it caches the compiled test object file not the actual result of the test. (This used to be commit 9d001dc083937bbf5642af90bc8a8b1a27825de0)
2007-10-10r10368: when building the epm tower, don't put host names in the ip addressAndrew Tridgell1-1/+12
field, instead put a zero address. Note that zero is correct (ie. we shouldn't do the lookup) as in the client we want to send a zero for the server to fill in. When we make this call from the server we fill in a real IP. (This used to be commit e54c8b5658761c33d50a1a557d2ec77229b07b47)
2007-10-10r10348: Add scons scripts for remaining subsystems. Most subsystems build now,Jelmer Vernooij1-1/+0
but final linking still fails (as does generating files asn1, et, idl and proto files) (This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
2007-10-10r10346: here are only real ip-addresses valid, prevent dns lookups,Stefan Metzmacher1-1/+3
when the input is invalid metze (This used to be commit 1083204c1f89d9b918015113b6cc2ea423372fe0)
2007-10-10r10339: fix ndr_push_udlongrStefan Metzmacher1-2/+2
metze (This used to be commit a34d0771ce60d4c590c8bc14449cc23d31a6dd2c)
2007-10-10r10336: Add sconscript for a couple more subsystems.Jelmer Vernooij1-0/+634
(This used to be commit 59d4450453c25f5cce9b67b808ff0c4433c1d194)
2007-10-10r10238: Add a entry for sec_info to treat it as a uint32 for now.Tim Potter1-0/+2
(This used to be commit 8a0a8d259dfc517a96053404985f2996b7342713)
2007-10-10r10184: Fix a stack of unhandled enumeration warnings.Tim Potter1-0/+6
(This used to be commit aeb42a446b3c28c5cf6800606b3f9b70c49cb94b)
2007-10-10r10181: Fix the buildJelmer Vernooij1-1/+1
(This used to be commit 231d01a3e79b26884409d24d8e25fc4ab8567d89)
2007-10-10r10171: This seems to work for encoding/decoding a PAC at the buffers onlyAndrew Bartlett1-0/+21
level (required for signature verification). Andrew Bartlett (This used to be commit 76c224f28885759daae45e02a7637f2451dc84d3)
2007-10-10r10153: This patch adds a new parameter to gensec_sig_size(), the size of theAndrew Bartlett1-5/+8
data to be signed/sealed. We can use this to split the data from the signature portion of the resultant wrapped packet. This required merging the gsskrb5_wrap_size patch from lorikeet-heimdal, and fixes AES encrption issues on DCE/RPC (we no longer use a static 45 byte value). This fixes one of the krb5 issues in my list. Andrew Bartlett (This used to be commit e4f2afc34362953f56a026b66ae1aea81e9db104)
2007-10-10r10145: Allow a variable length signature, so we can support signing withAndrew Bartlett1-1/+1
other than arcfour-hmac-md5. Currently we still fail to verify other signatures however. Andrew Bartlett (This used to be commit 2e5884fc2472c6bcc7e6e083c28a4da6b2f72af1)
2007-10-10r10141: if some of the LIBNDR_ALIGN_* flags and LIBNDR_FLAG_REMAINING are set,Stefan Metzmacher1-0/+6
ndr_pull_data_blob() doesn't work correct. so make them exclute each other. jelmer, tridge: does that look correct? it fixes a problem, abartlet had with krb5pac.idl, where the align flags are inherited from the parent, and we want to get the [flag(NDR_REMAINING)] DATA_BLOB signature; metze (This used to be commit b9ea3e8f9f85098b63081bf12e2be65687921874)
2007-10-10r10129: fix sinple ip's in wins replication, packetsStefan Metzmacher1-2/+2
metze (This used to be commit 7492afa48db68ee29048f8e1a56ccff712a3d162)
2007-10-10r10126: WREPL_REPL_UPDATE also takes a wrepl_tableStefan Metzmacher1-1/+1
metze (This used to be commit b897ad39bb063ee9ca963bd9848837307739f792)
2007-10-10r10085: decode level 5 and 9 tooStefan Metzmacher1-1/+5
(this is taken from the ethereal dissector) metze (This used to be commit c50f5fe33b0025edbf473d7c166dea9655e2d42f)
2007-10-10r10048: Dissect a security_secinfo as a uint32 just to get the winregTim Potter1-0/+1
dissector compiling and linking. It's really an enum defined in security.idl. (This used to be commit b62811afcb85accf9ea0cf12f4b659cd9898e275)
2007-10-10r10046: Don't generate any ethereal dissectors for security.idlTim Potter1-0/+1
(This used to be commit 5b8b956887f80e99894e5732568ee65d670aaa72)
2007-10-10r9888: add IDL for lsa_QueryDomainInformationPolicy to query Kerberos Settings.Günther Deschner1-2/+37
Guenther (This used to be commit d717e878bdc05b06adcc50c3527c339be8164145)
2007-10-10r9797: - let us parse replication packets with linked attributes fine,Stefan Metzmacher1-2/+16
- also resolve the 0x1f ('member') attid for nicer debugging metze (This used to be commit f6cf38d608d727e2065035604b537e07cb88ded9)
2007-10-10r9795: fix the ndr_pull_string code to handle, some special cases,Stefan Metzmacher1-51/+51
where the idl was something like this: uint32 size; [size_is(size+1)] wchar_t *string; we always need a pair of NDR_PULL_NEEDED_BYTES() and ndr_pull_advance(), with the same size passed in. metze (This used to be commit 8eb75bd5ac5869f11f930ec872ec8a46fba9361b)
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett1-2/+2
Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2007-10-10r9577: Fix some indentation.Tim Potter1-2/+2
(This used to be commit 2759c91b811511d34f276631378fe6c1cf139760)
2007-10-10r9576: Couple of small fixes. Generate notice indicatingJelmer Vernooij1-1/+1
that the parsers were autogenerated. (This used to be commit a37e2134e61eb38e9cbc54f8533113622f013037)
2007-10-10r9574: - made the sec_info fields in lsa and samr use a IDL bitmapAndrew Tridgell4-12/+26
- fixed winreg_GetKeySecurity() to use a sec_info field correctly - simplied the winreg torture code, removing the separate opens for each hive - added torture cleanup code in winreg test - added 'create with security descriptor' in the winreg torture test (This used to be commit f20695decd587f7b6bbdbd4861441bd19ab85078)
2007-10-10r9567: fixed the winreg IDL for CreateKey, including a securityAndrew Tridgell1-12/+20
descriptor. To keep it simple I just use normal IDL buffers for now, avoiding the complex methods metze used in spoolss. We might change that later Also added decoding of the security_descriptor in winreg_GetKeySecurity() in smbtorture (This used to be commit 439f34a9621e2e96329c30cfed8d78b8fdfbd8a2)
2007-10-10r9550: Adjust some indentation.Tim Potter1-18/+18
(This used to be commit 781df1691cec6ed59f94313f5ffd40a60f75a0fd)
2007-10-10r9527: add the magic Bind GUID's, that are needed to fetch the wholeStefan Metzmacher1-0/+5
tree with DsGeNCChanges(), this is possible as administrator without having a DC account joined to the domain metze (This used to be commit e6f92444d26734ed984ff1b15a359ef94193945a)
2007-10-10r9519: Use the value() value of an element when that element is used inJelmer Vernooij1-1/+1
limited expressions (size_is,length_is,subcontext_size,etc) (This used to be commit 886780c298a794f304b0fce851bbb58c53605d17)
2007-10-10r9518: - remove the subcontext_size() hack from rev 9509Stefan Metzmacher2-29/+44
as it isn't needed - parse some more DsAddEntry() errors - add some more attid constands so that all attribute that are needed for a DsAddEntry in the DC Domain Join are mapped - add value() for __ndr_size, to more attribute container, so that the caller doesn't need to fill them in, that was the reason for getting an NDR_FAULT metze (This used to be commit a9a1a6f861c8db626b3232f057ef0b9c3d0ad1b0)
2007-10-10r9513: - let us parse some more replies of DsAddEntryStefan Metzmacher1-5/+31
- give some stuff a meening metze (This used to be commit 6d9b8d300829f1dcb3faee666c471c40c24c8aaa)
2007-10-10r9509: start to fix the pushing of drsuapi_DsAttributeValueDNString structs,Stefan Metzmacher2-4/+19
this uses a trick with talloc_get_type() to workaround using [value()] vars in [subcontext_size()] metze (This used to be commit 93065f2d3439bceeaa7c2a09679cc6d81472150d)
2007-10-10r9505: Work on GENSEC and the code that calls it, for tighter interfaceAndrew Bartlett1-28/+31
requirements, and for better error reporting. In particular, the composite session setup (extended security/SPNEGO) code now returns errors, rather than NT_STATUS_NO_MEMORY. This is seen particularly when GENSEC fails to start. The tighter interface rules apply to NTLMSSP, which must be called exactly the right number of times. This is to match some of our other less-tested modules, where adding flexablity is harder. (and this is security code, so let's just get it right). As such, the DCE/RPC and LDAP clients have been updated. Andrew Bartlett (This used to be commit 134550cf752b9edad66c3368750bfb4bbd9d55d1)
2007-10-10r9495: - added an enum for winreg key types, making it easier to read the ↵Andrew Tridgell1-10/+20
debug logs - got rid of winreg_Time, as its just a NTTIME (This used to be commit 198aff894eb63e6731daf68474d23a2abe21fbb9)