summaryrefslogtreecommitdiff
path: root/source4/librpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r6065: revert test valueStefan Metzmacher1-1/+1
metze (This used to be commit fca4dc4827c98c02051165c1aedf5bdc5354bdda)
2007-10-10r6061: add start of compression support in our rpc codeStefan Metzmacher5-4/+224
this is not complete cuurently... but I want other people to test it and help me on finishing it. (try to change the #if 0 in torture/rpc/drsuapi.c into #if 1) metze (This used to be commit 335adef37082a78e0426decb715629bd778e6582)
2007-10-10r6032: Fix up SetServerPassword2 on NETLOGON for [bigendian]. Clearly nobodyAndrew Bartlett1-1/+6
has the patience to run test_w2k3.sh to completion :-) It looks to me that the Windows server runs the RC4 over the C struct, not the NDR data. Andrew Bartlett (This used to be commit c324d974134c35b4c50c91d5a932a63c78b67046)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett4-428/+31
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r6000: add some notes about the cases where compression (or what ever this is)Stefan Metzmacher1-0/+14
is used, in the reply. metze (This used to be commit 618dadb7ef092af0f2c13c2e67874041f54f4e98)
2007-10-10r5998: I was wrong with the highwater mark...Stefan Metzmacher2-18/+38
I think I now understand how it works:-) metze (This used to be commit f8add2e66a56896d9bb18991091e1b17c29910b1)
2007-10-10r5986: Fix the build. Metze, could you please verify that this fix is correct?Jelmer Vernooij1-3/+3
(This used to be commit f3006e623bcf65a05238fbd3362ee958b948e70b)
2007-10-10r5980: Fix double free after unexpected disconnect.Jelmer Vernooij1-1/+5
(This used to be commit 6149bd3702a0293fc1f798de7c399e3e6858416d)
2007-10-10r5977: Fix uninitialised memory bug in ndr_pull_ref_ptr(). This fixes theJelmer Vernooij1-2/+1
Test_DoublePointer test failure. (This used to be commit 4089d5f67d6e4121056a63ececb13187fd773636)
2007-10-10r5976: SIDs can't have more then 5 subauths (caught by [validate] andJelmer Vernooij1-0/+3
range()) (This used to be commit ec1eaa274b997197ca6996457229c802f1b76d56)
2007-10-10r5949: give things more meaning, and reuse structs where it is possibleStefan Metzmacher2-90/+96
to make things more clear metze (This used to be commit adefeeb4f362dba06cddacf6f58194ef1f967ec9)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett3-127/+101
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5932: Use cli_credentials somewhat more in the Gtk+ codeJelmer Vernooij1-6/+3
Support ncacn_spx in DCE/RPC bindings. (This used to be commit a0233a3a9a83176ae46873d3a25ed601758a1511)
2007-10-10r5930: Fix initialisation of dcerpc_binding->authserviceJelmer Vernooij1-0/+2
(This used to be commit f8cf161e0e59bd6b2a62135be8511403f4e9ca70)
2007-10-10r5929: Use cli_credentials for the SMB functions as well.Jelmer Vernooij1-6/+4
Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij3-68/+48
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5902: A rather large change...Andrew Bartlett6-165/+197
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5879: Rename SAMR_FIELD_WORKSTATION to SAMR_FIELD_WORKSTATIONS - it is a list.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 7822101cb5213f192f3195648970784a9de4fac4)
2007-10-10r5867: winreg depends on initshutdown now (uses initshutdown_String)Jelmer Vernooij1-1/+1
(This used to be commit ff478d44bed302f4a27edea56e9b7e897e62c769)
2007-10-10r5866: Add InitShutdown IDL and torture test.Jelmer Vernooij4-4/+76
Implement push side of NDR_LEN4|NDR_NOTERM strings (pull side was already present) (This used to be commit ea61ec1122841716ed5d90085ba79e7bf691bd6a)
2007-10-10r5850: enable parsing of revision 4 security acl'sStefan Metzmacher2-16/+40
metze (This used to be commit 2a6a075c7da2da7bb62fb42936252717bb9d0593)
2007-10-10r5839: add LDAP DirSync control idlStefan Metzmacher1-0/+26
metze (This used to be commit 29d898a338e20c76a2270557b0c401a9672af094)
2007-10-10r5830: start to analyse the attribute values, depending on the attribute typeStefan Metzmacher1-20/+163
metze (This used to be commit 63229b9503950847fbecd6ec22171d8c18d7ac91)
2007-10-10r5828: add some idl for DsAddEntry()Stefan Metzmacher2-10/+66
metze (This used to be commit 3e6ec811288d74921bf3e393213e75d928156772)
2007-10-10r5800: fix recursiv printing in ndr_print_DsGetNCChangesInfo1()Stefan Metzmacher3-6/+59
metze (This used to be commit 1084ad4bfce6bc20537f5bfccb5a25b60f503b32)
2007-10-10r5799: more DsGetNCChanges updates, I'm starting to understand it...Stefan Metzmacher2-19/+111
also add a really simple torture test for DsGetNCChanges metze (This used to be commit bcde67a7eff9ad82919e90fd64c02a17610c6f0e)
2007-10-10r5798: limit the size of an sid, 28 bytes complete is the biggest SIDStefan Metzmacher1-1/+1
that can be handled. tridge: do you think it would make sense to change the sub_auth[num_auths] to sub_auth[5], so we can copy the struct by sid1 = sid2; comments please metze (This used to be commit 2fc8a604b003a6c3425eb7bbf77fbe467c956085)
2007-10-10r5797: - add idl property [subcontext_size()]Stefan Metzmacher1-16/+39
this can be used like this [subcontext_size(28),subcontext(0)] dom_sid sid; this descripes a fixed 28 byte buffer which contains a dom_sid, and the rest of the buffer is padded with zero bytes if the dom_sid doesn't need all 28 byte in it's ndr encoding. - only push and pull the subcontext when we are in the NDR_SCALARS section (tridge, jelmer: I hope this is correct for all cases...!?:-) metze (This used to be commit 483bb1418fd5c70c418142ade80c1e286adfa05a)
2007-10-10r5796: add ndr_* function for int8 and int16Stefan Metzmacher1-24/+75
metze (This used to be commit 8ac0928a914c1cee3f0493b515f03c6422a8b71a)
2007-10-10r5783: Test renaming of accounts in the RPC-SAMR test, and add support intoAndrew Bartlett1-1/+2
the SAMR server. Andrew Bartlett (This used to be commit fd748f9d2f8f354f76587d92b94de83bffe1c6dc)
2007-10-10r5775: Remove some unused functions (unions are no longer as special as they ↵Jelmer Vernooij3-25/+9
used to be) Add oxid mapping table support in DCOM (This used to be commit e193555f0eec2dda8c8760e9668181200fef0a1e)
2007-10-10r5766: get some more DsGetNCChanges stuff parsing correctStefan Metzmacher1-16/+83
metze (This used to be commit 1a4560997d99f2401903f8e466208c001d3ab6c1)
2007-10-10r5765: remove unused varStefan Metzmacher1-1/+0
metze (This used to be commit a8f7c3e59f35127b51d4afc551b71f21886f4565)
2007-10-10r5764: add support for embedded ref pointersStefan Metzmacher1-1/+24
metze (This used to be commit 112043b1809a96b1a39ade71ea2885c0d792c79f)
2007-10-10r5742: - add torture test and idl for DsReplicaUpdateRefs()Stefan Metzmacher1-10/+127
(the torture test currently only tests if the idl is correct) - add start for idl for DsGetNCChanges() (if someone didn't noticed the current ethereal trunk code can successful decrypt DCERPC and LDAP gsskrb5 encrypted blobs, when you provide a keytab and have compiled against heimdal :-) - add a view bitmaps and enum's for better debugging metze (This used to be commit cf7c1352ab2857b80256e02f70ab3fbd5177d596)
2007-10-10r5736: fix to avoid endless recursion in ndr_size_*() calculationStefan Metzmacher2-2/+11
metze (This used to be commit eaac0f214703f91f186eb54f97e15e56461762bd)
2007-10-10r5676: Fix some alignment issues and IRemoteActivationJelmer Vernooij2-4/+9
(This used to be commit a9b13f67012d235d98920e639f59411d57a79bd7)
2007-10-10r5675: - More DCOM bug fixesJelmer Vernooij1-1/+0
- Keep COM and DCOM more seperated (This used to be commit f694f484c422d0c86beb58e8f62f134f8676d5e1)
2007-10-10r5674: - Re-enable DCOM support.Jelmer Vernooij3-3/+8
- Always put IID in vtables (useful for asserts) - Add table to keep track of DCOM proxy classes - Bunch of smaller bug fixes (This used to be commit 26d5a0b92c66bc86d0c26f687f83fa712342ac32)
2007-10-10r5672: Use switch_type() and the token storage mechanism for unions:Jelmer Vernooij10-27/+57
- Makes union handling less special - Allows unions in arrays, etc - Compatible with midl - Pidl will warn about switch_type() and the type of the switch_is() variable being different (This used to be commit dc6b4ffc82a191631bc16a4b93a4916a39183ec6)
2007-10-10r5671: Bunch of fixes related to arrays and pointers to arrays.Jelmer Vernooij1-1/+1
(This used to be commit 00ef0feaddc096d8f5e2755feecaec37d589a99c)
2007-10-10r5667: Move schannel state into libcli/auth (as it belongs with schannel,Andrew Bartlett1-7/+0
which will move in with the rest of GENSEC shortly). Add the RID as another element in the schannel state. Andrew Bartlett (This used to be commit 69114b4a8e1c937ab5ff12ca91dd22bd83fd9a3b)
2007-10-10r5663: Revert some changes I didn't mean to commit...Jelmer Vernooij3-32/+2
(This used to be commit 54e0be6f1eccbd870eb0e60ae8cdb90d2dc7f657)
2007-10-10r5662: eventlog uses dom_sid so it depends on securityJelmer Vernooij1-0/+1
(This used to be commit f9e9ff0d8dc9acd80143e15566811830f9993667)
2007-10-10r5661: Be a little stricter on syntax regarding arrays. A pointer to anJelmer Vernooij19-126/+152
array can now only be : type *name[]; rather then : type *name; which was supported in the past. Warnings will be given when the first syntax is used. Reasons for this change in behaviour include improved readability and the fact that the second format makes dealing with multiple levels of pointers harder. (This used to be commit a416de5825c540fd3741731c4be05e9a659a6fdb)
2007-10-10r5603: add "authservice()" property to the interface property listStefan Metzmacher3-5/+26
so we can specify allowed target service names in the idl file the default is "host" metze (This used to be commit bf40d5321f3257bf9354a42d31265f1a9b0d53ad)
2007-10-10r5554: Constants and untested IDL for spoolss_SetPrinter()Tim Potter1-0/+14
(This used to be commit eed816e20f9cfcfc7bc475f1007578dcd2fd8ae0)
2007-10-10r5553: Add idl and test for spoolss_AddPort(). It always seems to returnTim Potter1-0/+3
WERR_NOT_SUPPORTED though. (This used to be commit ba4730a37838f45db1b77b777af8efdb45a06006)
2007-10-10r5537: - make use of bitmaps and enumsStefan Metzmacher1-22/+152
- add and fix some PrinterInfo levels - add and fix some DriverInfo levels - fix EnumPrinterDriver torture test the curent RPC-SPOOLSS now passes on w2k3 metze (This used to be commit 14b88ca20dc64702f1c1b457a09b1f13b1964654)
2007-10-10r5515: fix PrinterInfo3Stefan Metzmacher1-2/+1
metze (This used to be commit 0f5b0ec34984d27a33bed3a5c7c627e9a2d96ccc)