summaryrefslogtreecommitdiff
path: root/source4/librpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4682: A LDB-based secrets implementation in Samba4.Andrew Bartlett1-6/+6
This uses LDB (a local secrets.ldb and the global samdb) to fill out the secrets from an LSA perspective. Some small changes to come, but the bulk of the work is now done. A re-provision is required after this change. Andrew Bartlett (This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
2007-10-10r4676: NTTIME_1sec is a standard NTTIME for the calling codeStefan Metzmacher1-1/+4
as it's already converted in the pull/push code metze (This used to be commit 0d2286ba56fa8d25244a5554e75b5be24eba28b0)
2007-10-10r4673: Fix the IDL for the QuerySecret LSA call.Andrew Bartlett2-4/+27
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned, as the name suggests. Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to validate the behaviour of times, and of the old secrets. Thanks to tridge for spotting the use of HYPER! Andrew Bartlett (This used to be commit 1fed79cb0f2ae7940639d08ef99576559d4cd06e)
2007-10-10r4650: - make more use of bitmap and enum'sStefan Metzmacher3-53/+55
- move some structs out of misc.idl metze (This used to be commit b6543a6e3057b5588ec50a2ebf6c7c932209efe6)
2007-10-10r4649: make more use of bitmap and enum'sStefan Metzmacher1-41/+53
metze (This used to be commit fa798fe1f0c39dfee7d4c86a8cd5924be8a32922)
2007-10-10r4644: allow DSSETUP on ncacn_ip_tcpAndrew Tridgell1-1/+1
(This used to be commit 6f2019c307161953291f6bb5401eefaa7edc3857)
2007-10-10r4638: expose lsa and drsuapi on ncalrpcAndrew Tridgell2-2/+2
(This used to be commit 4e62bd2a349c0cce8cb82a401fdf1cc33828af6f)
2007-10-10r4636: Per tridge's wish (and probably correct behaviour), don't key off aAndrew Bartlett1-1/+3
specific GENSEC mech type, but on the behaviour of the mech. Andrew Bartlett (This used to be commit f2bd7a5a699b91d99d7dc2a0b3b6c7006274a59c)
2007-10-10r4635: Fix NTLMSSP to return NT_STATUS_OK when it has constructed the authAndrew Bartlett5-200/+101
token in the client (the final token in the negotiation). Consequential fixes in the SPNEGO code, which now uses the out.length as the indicator of 'I need to send something to the other side'. Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client. Fix the RPC-MULTIBIND test consequent to this merge. Andrew Bartlett (This used to be commit 43e3516fc03008e97ebb4ad1a0cde464303f43c6)
2007-10-10r4630: for ncacn_np if we don't have an explicit request for one of theAndrew Tridgell2-2/+6
advanced auth types we should do a plain bind. This fixes rpc connections to ancient servers (like sun cascade) (This used to be commit 59a5a0b218f7182c541a06ffc4528c1160699033)
2007-10-10r4627: - simplified the dcerpc auth code using a common functionAndrew Tridgell6-118/+93
- added support for "spnego" in binding strings. This enables SPNEGO auth in the dcerpc client code, using as many allter_context calls as are needed To try SPNEGO do this: smbtorture ncacn_ip_tcp:SERVER[spnego,seal] -Uadministrator%password RPC-SAMR (This used to be commit 9c0a3423f03111c110d21c0d3910e16aa1a8bf87)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher1-14/+3
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4619: Remove extern declaration of dcerpc_pipes, which is now staticJelmer Vernooij1-3/+0
(This used to be commit 95e849bf94160ae4807a54b28e351539c1119215)
2007-10-10r4618: - tidied up the alter_context client code a bitAndrew Tridgell6-113/+45
- there is no alter_nak or alter_ack packet, its all done in an alter_response - auto-allocated the contex_ids - tried to fix up the dcom code to work again with alter_context. Jelmer, please take a look :) (This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
2007-10-10r4617: basic alter_context requests now work in our client library. The testAndrew Tridgell3-13/+136
just does a simple LSA/DSSETUP combo, which is what w2k does in the ACL editor rpc calls that triggered this work (This used to be commit 0129ec947aa1fa5a7104dc3a666af3cb9bd104f1)
2007-10-10r4616: the first phase in the addition of proper support forAndrew Tridgell9-525/+560
dcerpc_alter_context and multiple context_ids in the dcerpc client library. This stage does the following: - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has the context dependent part. This is similar to the layering in libcli_*() for SMB - disable the current dcerpc_alter code. I've used a #warning until i get the 2nd phase finished. I don't know how portable #warning is, but it won't be long before I add full alter context support anyway, so it won't last long - cleanup the allocation of dcerpc_pipe structures. The previous code was quite awkward. (This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell5-4/+5
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4588: fixed the double bind in ncalrpc with dcerpc_secondary_connection()Andrew Tridgell1-1/+1
(This used to be commit b65a95c11778fd778ad3c013664aea7d038e16ae)
2007-10-10r4587: fixed dcerpc_secondary_connection() for ncacn_ip_tcpAndrew Tridgell1-3/+1
this fixes RPC-SAMLOGON and some other tests on ncacn_ip_tcp (This used to be commit 244370d62424ab3c0f9d6689b0e674d057b3fc09)
2007-10-10r4568: make use of SidType and move it to lsa.idlStefan Metzmacher2-19/+18
metze (This used to be commit c2523adc0a0807979fb21b8ba77d556bac82e435)
2007-10-10r4564: added a comment on lsa_EnumAccounts IDLAndrew Tridgell1-0/+3
(This used to be commit 08d7b77efc05571146c54322e684753ccd4cd2d6)
2007-10-10r4558: more use of bitmaps and enumsStefan Metzmacher2-21/+40
metze (This used to be commit 2a859fbc90a6b043bac318196e42c2949958d57f)
2007-10-10r4557: support for [flags()] on typedef enum|bitmapStefan Metzmacher1-1/+5
NDR_PAHEX is handled by ndr_print_enum() now metze (This used to be commit c3b2d2cca37193fead0df1a8808c3ffcd5180a89)
2007-10-10r4555: fix some dependenciesStefan Metzmacher1-3/+3
metze (This used to be commit a4d94034239980d8a7ab38dfe2b19936b15d23df)
2007-10-10r4554: create svcctl_ServerType bitmapStefan Metzmacher1-30/+33
metze (This used to be commit ed1c98cb9d1adbc2616cb26376927c6dee1b579b)
2007-10-10r4552: use samr_AcctFlags in netlogon.idlStefan Metzmacher2-3/+5
metze (This used to be commit 3e224575e58436fef71897e62f57bfcf120c0da8)
2007-10-10r4550: talloc() is now typesafe. It is exactly equivalent to the old ↵Andrew Tridgell1-2/+2
talloc_p() macro. Use talloc_size() if you want the old behaviour. I have kept talloc_p() as an alias for now. Once we change all calls to be plain talloc() then we can remove it. (This used to be commit 2011bbeb841fd6bfccf3d44a49f79203f7f55baa)
2007-10-10r4549: got rid of a lot more uses of plain talloc(), instead usingAndrew Tridgell2-3/+3
talloc_size() or talloc_array_p() where appropriate. also fixed a memory leak in pvfs_copy_file() (failed to free a memory context) (This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10r4542: use bitmap for samr_FieldsPresent and samr_AcctFlagsStefan Metzmacher1-35/+38
metze (This used to be commit 109c91650ac8b4ad28151bdb6debf73ad6a94bfb)
2007-10-10r4541: make use of new enum and bitmap featuresStefan Metzmacher1-71/+75
metze (This used to be commit fd96a07c5a1f4969bfd04ffd3b6990a2dad41cf4)
2007-10-10r4536: make use of the new enum and bitmap feature of pidlStefan Metzmacher1-15/+17
metze (This used to be commit 7702d0f9775878c4d7535d9135f41d156146f8d1)
2007-10-10r4535: add full support forStefan Metzmacher1-2/+11
typedef bitmap { FLAG1 = 0x01 } fooflags; typedef struct { fooflags flags; } metze (This used to be commit 052a7d4f9a3a178149c65a616fdfd87152dff7eb)
2007-10-10r4532: - rename bitmap -> bitsStefan Metzmacher1-1/+1
the next commit is support for typedef bitmap {...}; in pidl metze (This used to be commit bd06a85cb747aea29a400050cb9d25a3240ef1cc)
2007-10-10r4526: - much simpler (and more accurate!) ndr_size_*() code generation. ItAndrew Tridgell6-10/+39
is less efficient, but I really doubt that matters. - use enum in epmapper.idl for protocol type - added support for "enum8bit" flag, used in epmapper.idl (This used to be commit 1a24a50384b7f588844cd012f1218ca242ca4507)
2007-10-10r4524: converted a few bits of samr.idl to use enum properlyAndrew Tridgell1-7/+7
(This used to be commit 82313fb79eb361d7cee06ada21c537a7cc57970e)
2007-10-10r4520: added a enum test function to the echo pipeAndrew Tridgell1-0/+26
(This used to be commit f9e0aa1ab1faac039893db241819907c9c4bb510)
2007-10-10r4519: added the enum print function in ndr_basic.cAndrew Tridgell1-0/+6
(This used to be commit 29955004aa256d5ac27b941f48384ab97ff5e4b8)
2007-10-10r4507: this default is unnneded because the switch level is in the r->inStefan Metzmacher1-1/+0
metze (This used to be commit d60b2f094e89462b435063142a290034675a1132)
2007-10-10r4504: SettingAndrew Bartlett1-1/+2
.enabled = True on modules we know are good (and we want on be default) seems neater. Andrew Bartlett (This used to be commit 18850c66b7c8ac5e8caf08151dbb9b72cf93230f)
2007-10-10r4483: - rename same structs, enums and uninons of the dssetup pipeStefan Metzmacher1-36/+42
to match the style we are using in other pipes - first fillin local vars and only set the out parameter on success - for the server code only to the samdb lookup when it's needed NOTE: the DsRoleGetPrimaryDomainInformation() code with DS_ROLE_MEMBER_SERVER is not tested yet, does someone has a w2k3 member server to test with? metze (This used to be commit e6d1136497f501fe0687bfb34a155db6a9d87bde)
2007-10-10r4479: added the function talloc_autofree_context() which returns a talloc ↵Andrew Tridgell1-4/+5
context that will automatically be freed on program exit. This is useful for reducing clutter in leak reports (This used to be commit cf73dda652e0a121901f22771104be6751c0fcb9)
2007-10-10r4462: - enable DSSETUP on ncalrpcAndrew Tridgell1-1/+1
- add DSSETUP to the list of tests run in test_rpc.sh (This used to be commit 73c3cdc8ed8dafd544ce4dcac9141124d2b85670)
2007-10-10r4461: finished the remaining information levels in the DSSETUP pipe. The ↵Andrew Tridgell1-2/+49
pipe is now complete! The only glitch is that I am returning DS_ROLE_MEMBER_SERVER when I should be returning DS_ROLE_PRIMARY_DC. This is needed for the moment or ACL editing doesn't work from w2k3. Once we have some more ADS calls we should be able to fix this. (This used to be commit 6566dc2805a9f6473ebab70b0dbd381c4dbd42c8)
2007-10-10r4459: GENSEC refinements:Andrew Bartlett1-4/+13
In developing a GSSAPI plugin for GENSEC, it became clear that the API needed to change: - GSSAPI exposes only a wrap() and unwrap() interface, and determines the location of the signature itself. - The 'have feature' API did not correctly function in the recursive SPNEGO environment. As such, NTLMSSP has been updated to support these methods. The LDAP client and server have been updated to use the new wrap() and unwrap() methods, and now pass the LDAP-* tests in our smbtorture. (Unfortunely I still get valgrind warnings, in the code that was previously unreachable). Andrew Bartlett (This used to be commit 9923c3bc1b5a6e93a5996aadb039bd229e888ac6)
2007-10-10r4457: Fix IDL + add torture test for InqObjectJelmer Vernooij1-1/+1
(This used to be commit dbcaff7c71c9b7ee984a2ed458b6c3ce27772740)
2007-10-10r4456: NT4 usrmgr.exe asks for 4096 accounts, allow twice that.Volker Lendecke1-1/+1
Volker (This used to be commit f8588a769c185f871fdcd5db35428ad587bdfad3)
2007-10-10r4455: LSADS was a duplicate of DSSETUP, and is now goneAndrew Tridgell1-12/+1
(This used to be commit 05c8fd81ddec969ed5280e2fe9f838ac4399f1c9)
2007-10-10r4452: the beginnings of a dssetup rpc server.Andrew Tridgell1-12/+12
(This used to be commit 1c2170ae21d60c22ee3053fbf249dba59de576ba)
2007-10-10r4450: the beginnings of IDL for the dssetup pipe. I need this pipe for ACL ↵Andrew Tridgell2-27/+40
editing from w2k3 when we present ourselves as a DC in the registry (This used to be commit 9651901791e0553f106ab957c5787c109098248b)
2007-10-10r4449: fixed the helpstring for LSA IDLAndrew Tridgell1-1/+1
(This used to be commit 40a68a160e43b2e5d018e393ddecdfc50bad5360)