| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- added start of QueryDomainInfo in samr server
"net rpc info" from samba3 now works against a samba4 server. I
suspect join will work fairly soon.
(This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
|
|
(This used to be commit b3c00acdf0e85563b5d5ce1f9bc86cc2e781d53e)
|
|
metze
(This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
|
|
metze
(This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
Andrew Bartlett
(This used to be commit 6b91ab152d7bfadc113b6f206fcce4db54429871)
|
|
Samba's NTLMSSP code is now fully talloc based, which should go a long
way to cleaning up the memory leaks in this code. This also avoids a
lot of extra copies of data, as we now allocate the 'return' blobs on
a caller-supplied context.
I have also been doing a lot of work towards NTLM2 signing and
sealing. I have this working for sealing, but not for the verifier
(MD5 integrity check on the stream) which is still incorrect.
(I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the
data arrives intact, but the signature check fails. It does however
match the test values I have...).
The new torture test is cludged in - when we get a unit test suite
back, I'll happliy put it in the 'right' place....
Andrew Bartlett
(This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
|
|
structures. This was suggested by metze recently.
I checked on the build farm and all the machines we have support 64
bit ints, and support the LL suffix for 64 bit constants. I suspect
some won't support strtoll() and related functions, so we will
probably need replacements for those.
(This used to be commit 9a9244a1c66654c12abe4379661cba83a73c4c21)
|
|
up in searches like "objectclass=user"
- auto-add the computer objectclass for computer accounts on create
- added two types of password change call in samr server
- reset last_fault_code before each dcerpc call
(This used to be commit c1a65f83f6a4c51e60efd204dab89c20cda65d2b)
|
|
(This used to be commit 446808ae4dbdcd0c64387c54b7d49649971e36d0)
|
|
test
(This used to be commit 6a254e26f17c2b3175023764c02dc73615d585d6)
|
|
(This used to be commit 93977055939c5282dbf218f3a6739fa17ebfc641)
|
|
to the main SAMBA_4_0 tree.
NOTE: that it's not completely ready, but it's functional:-)
metze
(This used to be commit c78a2ddb28ec50d6570a83b1f66f18a5c3621731)
|
|
binds succesful to an interface
metze
(This used to be commit c39e450702cfa2b577c64e14ba1428fd95db7ade)
|
|
metze
(This used to be commit 75bca5dcfa68de0d18a144a221260d2f728e0bfc)
|
|
- This required using NETLOGON_NEG_AUTH2_FLAGS for the
SetupCredentials2 negotiation flags, which is what Samba3 does,
because otherwise the server uses different crypto.
- This tests the returned session keys, which we decrypt.
- Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
most places.
- Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
available.
- Remove a useless argument to SMBsesskeygen_ntv1
- move netr_CredentialState from the .idl to the new credentials.h
Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
|
|
samr_QueryUserInfo levels except for the password
set levels.
This means that a large part of the RPC-SAMR torture test now runs correctly against Samba4
(This used to be commit ec0a51898f543578e755207d81ed5c1524861c64)
|
|
samr_EnumDomainUsers
(This used to be commit 252b11112ce22152de3d53d0ba657879346ff243)
|
|
samr_SetUserInfo and samr_QueryUserInfo
(This used to be commit e0db9659a85b59e52fbe033a94b411d6c64d9f9c)
|
|
added test code for SamLogon validation level 2 and 3, so we test both
SamInfo and SamInfo2
(This used to be commit 321dbb61cc0743379ceb6b8fff6a0ca37f308bc2)
|
|
(This used to be commit 2cb06b39d91ef18b21c18e9376ccbd8076aeecf8)
|
|
(This used to be commit be94cc4032b23fd99823902ddcd1472a72314a88)
|
|
from abartlet
(This used to be commit 5f30c3b077b59fc7ec40644e3af7236292100c6b)
|
|
servers. Previously the server pipe code needed to return the RPC
level status (nearly always "OK") and separately set the function call
return using r->out.result. All the programmers writing servers
(metze, jelmer and me) were often getting this wrong, by doing things
like "return NT_STATUS_NO_MEMORY" which was really quite meaningless
as there is no code like that at the dcerpc level.
I have now modified pidl to generate the necessary boilerplate so that
just returning the status you want from the function will work. So for
a NTSTATUS function you return NT_STATUS_XXX and from a WERROR
function you return WERR_XXX. If you really want to generate a DCERPC
level fault rather than just a return value in your function then you
should use the DCESRV_FAULT() macro which will correctly generate a
fault for you.
As a side effect, this also adds automatic type checking of all of our
server side rpc functions, which was impossible with the old API. When
I changed the API I found and fixed quite a few functions with the
wrong type information, so this is definately useful.
I have also changed the server side template generation to generate a
DCERPC "operation range error" by default when you have not yet filled
in a server side function. This allows us to correctly implement
functions in any order in our rpc pipe servers and give the client the
right information about the fault.
(This used to be commit a4df5c7cf88891a78d82c8d6d7f058d8485e73f0)
|
|
added tests for the level 23 and 25 password change methods
(This used to be commit d49f7a6a0d1895de3d654a5b46c6aec3a57fde76)
|
|
Richard Renard
(This used to be commit 2d8772ec9607c4e06bbc559b35979e27d4b988d9)
|
|
use NTLMSSP sign or seal at the RPC layer
It doesn't work yet, but then again neither does the old code (which
just assumed the SMB session key was used, which of course makes no
sense on a ncacn_ip_tcp connection)
(This used to be commit e8782329269bc78d36d8ca83fb7a4e38b9c6b167)
|
|
password). That makes 8 ways to change a password just on the SAMR
pipe!
Thanks to Luke Howard from PADL for this.
(This used to be commit c8a49a7e004468d13f656f67eac4b7b4e1759022)
|
|
(This used to be commit 4b4f025504cb5b92c8b119259f1df622cd72ec7c)
|
|
yay!
(This used to be commit 0221566cf5ff7dc5ce0de9af451b935ed8615f4e)
|
|
I'd like to see more protocol defininitions in the IDL files and less
in smb.h where possible.
(This used to be commit 854b875bbe447955fb0c3876f046931d0bfde06c)
|
|
(This used to be commit a946315193443feab786a588f371ad2a560327d4)
|
|
bad idea.
(This used to be commit 6eb0b17015071790fb0108b140936ac81f4c7f92)
|
|
possibly destructive tests. Use with care!
Added IDL and test code for samr_Shutdown() and samr_SetDsrmPassword()
(This used to be commit 84de0b7e58c69e0817b9d475de0895a54cc95927)
|
|
request (a dead socket). I discovered this when testing against Sun's
PC-NetLink.
cleaned up the naming of some of the samr requests
add IDL and test code for samr_QueryGroupMember(),
samr_SetMemberAttributesOfGroup() and samr_Shutdown(). (actually, I
didn't leave the samr_Shutdown() test in, as its fatal to windows
servers due to doing exactly what it says it does).
(This used to be commit 925bc2622c105dee4ffff809c6c35cd209a839f8)
|
|
(This used to be commit 10844cf925d6a8164191a6dbbcaacc7bf8179933)
|
|
(for example, not filling in extra
fields in level21 setuserinfo)
(This used to be commit d06ed158f9aef94159bfc09065ca5ad0c4c99de3)
|
|
Also added much better handling of random password generation in the
password change test code
(This used to be commit 67ae0b2a9851c1e77fdaa9f317a83bd54950618f)
|
|
metze
(This used to be commit d0aa749667cf0d9e7c290982d2b4232c27ced706)
|
|
samr_GetBootKeyInformation() and samr_Connect3()
also added some stub IDL for samr_SetBootKeyInformation() although I
don't yet have working test code. This one is tricky, as if you get it
wrong then the target system won't boot any more :)
(This used to be commit 118b6fc292ba3257511b1b83846582013fb59b23)
|
|
(This used to be commit 3c8d580d2c2ae528c5725145d81761296b8be04d)
|
|
- completed the IDL and test code for the various set user password
mechanisms in samr. Three password mechanisms are now working, the
UserInfo24 method, the OemChangePasswordUser2() method (which only
sets the LM password) and the ChangePasswordUser2() method which sets
both the LM and NT passwords.
- updated some crypto routines to support the password change tests
(This used to be commit 051efa2abf9d1fbbf783df411c02f2714027f813)
|
|
(This used to be commit b10127800a3101769241abf42ed76cbddf71a5fa)
|
|
delete group levels of Deltas
also reworked the Deltas IDL to use an enum to make it a little clearer
(This used to be commit cabf93f8c8f5ad0f6f348e0f7e206b952690995c)
|
|
samr_AddMultipleMembersToAlias(),
samr_RemoveMultipleMembersFromAlias(), samr_OemChangePasswordUser2(),
and samr_ChangePasswordUser2()
The password change functions don't actually work yet (but should
soon). At this stage I have just completed the IDL for them. Next step
is to get the hash verifiers right and the torture test should be able
to do password changes.
(This used to be commit 849d0d314a2add80f2b2be6b503fea05973f998e)
|
|
samr_QueryUserInfo2(), samr_QueryDisplayInfo2() and
samr_GetDisplayEnumerationIndex2()
(This used to be commit fddda52500d482bde79994c14a0a822a1d305ac3)
|
|
samr_GetDisplayEnumerationIndex(), samr_TestPrivateFunctionsDomain(),
samr_TestPrivateFunctionsUser() and samr_RemoveMemberFromForeignDomain()
(This used to be commit 53c66708874f9f8e7868530cd2a780160e2eca01)
|
|
(This used to be commit 747351140b839879abe1a79a005d81ca4b35a658)
|
|
(This used to be commit 0b8203306d9eb61aaec9549d56c40831fcd091c3)
|
|
(This used to be commit fe1fc81ba76515b79069881d2d62f60201314d04)
|
