summaryrefslogtreecommitdiff
path: root/source4/librpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r3904: * Add new LSA calls to open trusted domainsAndrew Bartlett2-10/+24
* Add new tests for ACCOUNTs in SamSync * Clean up names in NETLOGON and LSA * Verify Security Descriptors against LSA, as well as SamR Andrew Bartlett (This used to be commit 7094502fe0346255a89667f702289b4c8dc9fa08)
2007-10-10r3896: Correct header files in rpc server templates plusJelmer Vernooij2-0/+27
some other minor fixes (This used to be commit 9fca748fe3c12af83a006f1d0821aa560d08fc95)
2007-10-10r3891: Add rot (Running Object Table) interfaceJelmer Vernooij2-1/+55
(This used to be commit 4840eaeed3cfd72026babb382f26929c29702713)
2007-10-10r3885: Add security descriptor comparison to our RPC-SAMSYNC test. We nowAndrew Bartlett3-12/+7
verify that the security descriptor found in the SamSync is the same as what is available over SAMR. Unfortunately, the administrator seems unable to retrieve the SACL on the security descriptor, so I've added a new function to compare with a mask. Andrew Bartlett (This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
2007-10-10r3881: Split up the LIBNDR_GEN subsystem into NDR_* and RPC_NDR_* subsystems.Jelmer Vernooij1-136/+446
This reduces the total size of the samba binaries from 119 Mb to 73 Mb. Next step will be to have the build system obtain some of this information by itself, so that we don't have to write ~10 lines per interface manually. (This used to be commit 16d905f6b0cbec591eebc44ee2ac9516a5730378)
2007-10-10r3869: in the NDR encoded replPropertyMetaData attribute in ADSStefan Metzmacher1-1/+29
I see a new 64 bit time field which are seconds since 1601, this will be mapped to NTTIME by th eparsing code +#define NTTIME_1sec NTTIME metze (This used to be commit db35f3b0f99943311ff8b797e8336616dab28220)
2007-10-10r3861: - Put ndr and rpc client code in seperate filesJelmer Vernooij3-4/+64
- Add some const (This used to be commit a00bda88e1b6abdc36e5aa8c2a35f64855f67c96)
2007-10-10r3838: use "security.NTACL" instead of "security.NTAcl" for the xattr name ↵Andrew Tridgell1-1/+1
for ACLs (This used to be commit db72290bbe87644a89385c465855629a1f881e4f)
2007-10-10r3837: added support for LsaLookupSids in the LSA rpc server. This allows ↵Andrew Tridgell1-7/+7
the GUI ACL editor on w2k to correctly display names instead of SIDs. (This used to be commit fdaa753578c7b80806d4040ed131f87ddbf988e0)
2007-10-10r3833: NTACL is a better xattr name than DosAcl (tpot suggested this)Andrew Tridgell1-7/+6
(This used to be commit 17911eea5995c12a2300dd3928612c77f8f0883e)
2007-10-10r3832: added NT ACL query/set to the posix NTVFS backend. The default ACL isAndrew Tridgell1-0/+23
based on the current nttoken, which is completely wrong, but works as a start. The ACL is stored in the xattr system.DosAcl, using a NDR encoded IDL union with a version number to allow for future expansion. pvfs does not yet check the ACL for file access. At the moment the ACL is just query/set. We also need to do some RPC work to allow the windows ACL editor to be used. At the moment is queries the ACL fine, but displays an error when it fails to map the SIDs via rpc. (This used to be commit 3a1f20d874ab2d8b2a2f2485b7a705847abf1263)
2007-10-10r3830: unified the query/set security descriptor code with the rest of theAndrew Tridgell1-56/+0
queryfileinfo/setfileinfo logic, so querying/setting a security descriptor is treated as just another file query/set operation. This will allow NTVFS backends to see the query/set security descriptor operations as RAW_FILEINFO_SEC_DESC and RAW_SFILEINFO_SEC_DESC operations. (This used to be commit f68a6b6b915c37e48c42390c1e74c2d1c2636fa9)
2007-10-10r3829: added a RAW-ACLS test suite that tests query/set of ACLs on a fileAndrew Tridgell1-2/+21
(This used to be commit 2ff9816ae0ae41e0e63e4276a70d292888346dc7)
2007-10-10r3810: create a LIB_SECURITY subsystemStefan Metzmacher9-116/+133
- move dom_sid, security_descriptor, security_* funtions to one place and rename some of them metze (This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
2007-10-10r3807: Cross-check the basic attributes for groups and aliases in RPC-SAMSYNC.Andrew Bartlett2-5/+6
Andrew Bartlett (This used to be commit 90398fda41dd15480899e3628df186eb02fdc139)
2007-10-10r3806: added support to smb_server and pvfs for the NTTRANS Create call. ThisAndrew Tridgell1-0/+2
call has an optional sec_desc and ea_list. (This used to be commit 8379ad14e3d51a848a99865d9ce8d56a301e8a3c)
2007-10-10r3804: Add more comparison tests in RPC-SAMSYNC.Andrew Bartlett2-17/+15
This compares values for the domain and for secrets. We still have some problems we need to sort out for secrets. Also rename a number of structures in samr.idl and netlogon.idl, to better express their consistancy. Andrew Bartlett (This used to be commit 3f52fa3a42b030c9aef21c8bd88aad87a0aae078)
2007-10-10r3798: added support for alternate data streams in xattrs into pvfs.Andrew Tridgell1-2/+6
The trickiest part about this was getting the sharing and locking rules right, as alternate streams are separate locking spaces from the main file for the purposes of byte range locking, and separate for most share violation rules. I suspect there are still problems with delete on close with alternate data streams. I'll look at that next. (This used to be commit b6452c4a2068cf7e837778559da002ae191b508a)
2007-10-10r3792: improved the posix -> nt error mapping, so we get things likeAndrew Tridgell1-1/+2
NT_STATUS_HOST_UNREACHABLE instead of NT_STATUS_UNSUCCESSFUL (This used to be commit f2a488e5668ab5d262269f1bab1b33a63265cbe9)
2007-10-10r3790: use a registration function that is called from dcerpc_*_init functionsJelmer Vernooij4-27/+84
rather then a large table in librpc/gen_ndr/tables.c. This will allow us to only link in only the required gen_ndr files (speeds up linking quite a bit, makes binaries smaller). Each gen_ndr_* file now has a init function that calls the init functions of the interfaces it contains. I did it this way to keep pidl's code simple, though it might hurt startup time a bit. I'd be happy to change it if people like one function better. (This used to be commit 3c436590ae95b58ad6d00e72d6fdd08a4d80f208)
2007-10-10r3787: a function to generate a random GUIDStefan Metzmacher1-0/+10
metze (This used to be commit 8bd2e3cb4e5123a3e26965b8535e16ee18005714)
2007-10-10r3785: this strings are not constStefan Metzmacher1-2/+2
metze (This used to be commit 436da375a2a815926aaa0565120a4750ead37cb0)
2007-10-10r3747: - added some of the infrastructure needed for streams support in pvfsAndrew Tridgell1-0/+19
(the IDL, and the load/save meta-data logic) - changed pvfs_resolve_name() to default to non-wildcard, needing PVFS_RESOLVE_WILDCARD to enable wildcards. Most callers don't want wildcards, so defaulting this way makes more sense. - fixed deletion of EAs (This used to be commit e7afd4403cc1b7e0928776929f8988aa6f15640b)
2007-10-10r3740: Convert more files to .mk, fix the buildJelmer Vernooij1-2/+2
(This used to be commit a7c3c8cb6256acf672996fc6bf6128865a9ba0a9)
2007-10-10r3737: - Get rid of the register_subsystem() and register_backend() functions.Jelmer Vernooij1-1/+1
- Re-disable tdbtool (it was building fine on my Debian box but other machines were having problems) (This used to be commit 0d7bb2c40b7a9ed59df3f8944133ea562697e814)
2007-10-10r3734: Fix some incorrect dependenciesJelmer Vernooij1-0/+1
(This used to be commit 3add9e7de52496b135a230cccfd2d99a8b77ddd0)
2007-10-10r3733: More build system fixes/features:Jelmer Vernooij2-8/+1
- Use .mk files directly (no need for a SMB_*_MK() macro when adding a new SUBSYSTEM, MODULE or BINARY). This allows addition of new modules and subsystems without running configure - Add support for generating .dot files with the Samba4 dependency tree (as used by the graphviz and springgraph utilities) (This used to be commit 64826da834e26ee0488674e27a0eae36491ee179)
2007-10-10r3724: Rename a number of structures, for better consistance between SAMR andAndrew Bartlett2-106/+106
NETLOGON. In particular, rename samr_Name to samr_String - given that many strings in this pipe are not 'names', the previous was just confusing. (I look forward to PIDL turning these into simple char * some day...). Also export out a few changes from testjoin.c to allow for how I have written the new RPC-SAMSYNC test. Andrew Bartlett (This used to be commit 9cd666bcfb1fc752a4717010a7c4f05131dc728e)
2007-10-10r3716: Improvements in the RPC-SAMSYNC tests:Andrew Bartlett1-9/+33
We now (for the first time) start to parse the 'user sensitive info' field, which reveals the user's NT and LM passwords from Win2k3. Using this, the 'validate samsync against netlogon' portion of the tests works for accounts. Trusted domains and secrets are now retreived, but like users, require further cross-validation work. Andrew Bartlett (This used to be commit c1d3794cad8b001661b48ecb05df5c38a69be92c)
2007-10-10r3689: Large number of COM updates:Jelmer Vernooij1-18/+13
- Work on server side and local COM support (should work, just no example classes yet) - Use vtables so that local and remote calls can be used transparently - Generate 'proxies and stubs' rather then heavily modified code in client.pm and server.pm. proxies (client side code) are generated in proxy.pm, stubs (server side dispatchers) are generated in stubs.pm - Support registering classes and interfaces - DCOM interfaces no longer have to be in the same IDL file as their base interface, which will allow us to split up dcom.idl (This used to be commit 7466947a23985f9bb15209b67880f7b94dc515c8)
2007-10-10r3686: The results of some work on the NETLOGON pipe:Andrew Bartlett2-48/+51
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC, that will cross-verify all the values. Add support for the way netlogon credentials are shared between the pipe that sets up schannel and the pipe that is encrypted with it. Test this support, by calling both NETLOGON and SAMR operations in the RPC-SCHANNEL test. Move some of the Netlogon NEG flags into the .idl, now we have an idea what a few of them really are. Rename the sam_pwd_hash into a name that has meaning (all other crypto functions were renamed in Samba4 ages ago). Break out NTLMv2 functionality for operation on the NT hash - I intend to do NTLMv2 logins in the samsync test in future, and naturally I only have the hash. Andrew Bartlett (This used to be commit 6e6cc6fb9842113a1b0c7f6904dac709b320a6e5)
2007-10-10r3667: Small COM fixesJelmer Vernooij1-11/+12
(This used to be commit 7484b9be7423ccd7e37432951700939e8a53d513)
2007-10-10r3660: This simulates the logon sequence of a XP login session I'm currently ↵Volker Lendecke1-24/+42
tuning Samba3/OpenLDAP for. For a concrete situation you have to adapt the domain, pdcname and usernames/passwords. Sorry, not parametrized yet, but this should be doable if necessary. Volker (This used to be commit 02f52058722fc1aea02d4fe237c97404d8e4f491)
2007-10-10r3629: A bit of work on the DCOM server architecture, small fixesJelmer Vernooij1-3/+1
(This used to be commit e7b67ff22fe0a76afc93ee522b253eaf5dccb11d)
2007-10-10r3626: More minor DCOM fixesJelmer Vernooij1-60/+21
(This used to be commit 709f279b192c8f9eeea04749169c00f2d57b20d3)
2007-10-10r3611: DCOM client support works!!Jelmer Vernooij5-18/+34
The torture test DCOM-SIMPLE now successfully does an IStream_Read and a IStream_Write call. This test can now be run successfully against the "Simple DCOM" Visual Studio example. (You have to quote out line 337 in pidl. pidl complains if the variable that contains the array size follows the array. I still need to fix this properly) Next goals: - Clean up code - Server side support - Support custom marshalling - Support DCOM interfaces in files other then dcom.idl (This used to be commit 8693344772a9b700533179f4bacfe27ec27dfcfe)
2007-10-10r3606: More DCOM fixes:Jelmer Vernooij5-20/+215
- OXID tables work now. IOXIDResolver is used if there is used for getting a STRINGBINDING if none is known yet - Add custom dissectors for STRINGARRAY and DUALSTRINGARRAY. If there's a way to get rid of these later on (by supporting them thru pidl somehow), I'd be happy to use that instead of doing it manually. I can now get to the point where we have created an object and are connected to it. The only thing left to do is being able to set the Object UUID properly.. (This used to be commit 54e1e5edca50d3cd496c080715e84ec62cb2a10c)
2007-10-10r3602: Add looking up transport by endpoint protocolJelmer Vernooij1-0/+16
(This used to be commit 76c02ecbe8581fbf07bb59dd22ba88eb97b4fd04)
2007-10-10r3601: Lots of smaller DCOM updates and fixes. Adds oxid tables, properJelmer Vernooij3-11/+10
use of contexts. (This used to be commit 93eb3cd99c4fb065a69eabcead0c33804259c976)
2007-10-10r3600: fixed two debug typosAndrew Tridgell1-2/+2
(This used to be commit d0149b173f70cf012e6ed2382394985fb4950af6)
2007-10-10r3586: Fix some of the issues with the module init functions.Jelmer Vernooij2-0/+7
Both subsystems and modules can now have init functions, which can be specified in .mk files (INIT_FUNCTION = ...) The build system will define : - SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal - BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on This removes the hack with the "static bool Initialised = " and the "lazy_init" functions (This used to be commit 7a8244761bfdfdfb48f8264d76951ebdfbf7bd8a)
2007-10-10r3582: more gcc-4.0 signedness fixesStefan Metzmacher1-5/+5
metze (This used to be commit 07405f1c67e9df8a972e17f5bdaf312977960474)
2007-10-10r3573: added trans2open support to smbd and pvfs, and fine-tuned the ↵Andrew Tridgell1-1/+0
open->generic ntvfs mapping code. (This used to be commit ed844192d7f7ed487290f719df65f256a5b0b9bc)
2007-10-10r3572: Thanks to tridge for his patience with my build breakage.Andrew Bartlett1-1/+1
This concludes the proper fixes. Andrew Bartlett (This used to be commit c1d025793f2994c8f1cab304c3394ab186654071)
2007-10-10r3558: We don't seem to need these as [public] any more.Andrew Bartlett1-3/+3
Andrew Bartlett (This used to be commit f1d0bb409a481aeb094c586458f2b05576d2bef8)
2007-10-10r3549: added support for DOS extended attribute lists (name/value pairs)Andrew Tridgell4-4/+39
stored in posix xattrs (This used to be commit bad6a88371264cffce2bf5d6ce904b7b357081de)
2007-10-10r3545: initial support for using extended attributes to hold extended dos ↵Andrew Tridgell4-84/+105
attributes of files. I decided to use IDL/NDR to encode the attribute, as it gives us a simple way to describe and extend the saved attributes. The xattr code needs to hook into quite a few more places in the pvfs code, but this at least gets the basics done. I will start encoding alternate data streams streams, DOS EAs etc soon using the same basic mechanism. I'll probably stick to "version 1" for the xattr.idl for quite a while even though it will be changing, as I don't expect anyone to be deploying this in production just yet. Once we have production users we will need to keep compatibility by supporting all the old version numbers in xattr.idl. (This used to be commit c54253ed1b7dce1d14f43e747da61089aea87094)
2007-10-10r3542: Re-indent, and fix a use-after-free by doing the talloc_destroy just aAndrew Bartlett1-4/+4
little later. Andrew Bartlett (This used to be commit b7c2a4fc34ef09b177508dcf475055523b84587c)
2007-10-10r3536: Some minor IDL updates/fixes/additionsJelmer Vernooij2-14/+17
(This used to be commit 6fab01df000a126d2d01c41ead952d027f755309)
2007-10-10r3517: Fix the build - Sorry!Jelmer Vernooij1-4/+0
(This used to be commit a5c9e0a1854fdde14342e6bba511e4190122c2e1)