summaryrefslogtreecommitdiff
path: root/source4/rpc_server/drsuapi
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r19832: better prototypes for the linearization functions:Simo Sorce1-1/+1
- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10r19831: Big ldb_dn optimization and interfaces enhancement patchSimo Sorce1-2/+2
This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10r19761: This may need work, but here is an initial implementation ofAndrew Bartlett1-1/+64
DsWriteAccountSpn(). It passes the client toture test. Andrew Bartlett (This used to be commit a1e80eeb9561a856ac5aa1f5a991dcd648b152ff)
2007-10-10r16796: Fill in dsr_GetMemberships() / dsr_GetMemberships2().Günther Deschner1-8/+6
This intersting call is apparently used to construct the user token, collect memberships from other DSAs and to retrieve (nested) memberships of a given group. Torture test to follow (once I cleaned it up). Guenther (This used to be commit ca5e133e8c6fca188fcaa834cdcd4cb2cd801d79)
2007-10-10r15319: remove unneeded macrosStefan Metzmacher1-4/+4
metze (This used to be commit 9611c8aa9ce0eba1703d5eecc52e67a9e5fba15f)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-1/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12542: Move some more prototypes out to seperate headersJelmer Vernooij1-0/+1
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
2007-10-10r11270: Move the core CrackNames code from rpc_server/drsuapi to dsdb/samdb.Andrew Bartlett2-833/+50
I'm sure this will not be the final resting place, but it will do for now. Use the cracknames code in auth/ for creating a server_info given a principal name only (should avoid assumtions about spliting a user@realm principal). Andrew Bartlett (This used to be commit c9d5d8e45dd7b7c99b6cf35b087bc18012f31222)
2007-10-10r11239: Use ${REALM} for the realm in rootdse.ldifAndrew Bartlett1-0/+60
Add the kpasswd server to our KDC, implementing the 'original' and Microsoft versions of the protocol. This works with the Heimdal kpasswd client, but not with MIT, I think due to ordering issues. It may not be worth the pain to have this code go via GENSEC, as it is very, very tied to krb5. This gets us one step closer to joins from Apple, Samba3 and other similar implementations. Andrew Bartlett (This used to be commit ab5dbbe10a162286aa6694c7e08de43b48e34cdb)
2007-10-10r11223: Only pass around the ldb handle (make this code easier to seperateAndrew Bartlett1-21/+21
into a general lib). Andrew Bartlett (This used to be commit e3abbfca4ae3c06f34774edab5ed38ebd5ebc097)
2007-10-10r11194: Use the special ldb attribute "canonicalName" (therefore testing thatAndrew Bartlett1-11/+20
codepath) in DRSUAPI CrackNames. Fix the NT4 account return value. Andrew Bartlett (This used to be commit 2513c02c64b489ebf167e33fdb4ac51ce8783c04)
2007-10-10r10953: Add a new function to form a canonicalName out of a DN to ldb_dn.cAndrew Bartlett1-35/+119
Use this new function in the client and server for the CrackNames case, where we particularly need it. Andrew Bartlett (This used to be commit 380037ee09ef8293bdb288d6c015e7c80f180a30)
2007-10-10r10894: make the handling of dn/distinguishedName much closer to realAndrew Tridgell1-1/+1
ldap. Also ensure we put a objectclass on our private ldb's, so they have some chance of being stored in ldap if you want to (This used to be commit 1af2cc067f70f6654d08387fc28def67229bb06a)
2007-10-10r10811: Revert accidental commit, I still need to finish the displayName andAndrew Bartlett1-55/+0
syntatical mapping work. Andrew Bartlett (This used to be commit 7ec5084f63148d748b6bc87d6817363b079eebe1)
2007-10-10r10810: This adds the hooks required to communicate the current user from theAndrew Bartlett2-1/+57
authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
2007-10-10r10286: This patch is ugly and disgusting, but for now it works better than ↵Andrew Bartlett1-1/+1
the other ideas I have had. When I get a full list of things I want to do to a krb5_context I'll either add gsskrb5_ wrappers, or a way of speicfying the krb5 context per gssapi context. (I want to ensure that the only krb5_context variables created while executing Samba4 are via our wrapper). Andrew Bartlett (This used to be commit 8a22d46e70e9f863831aba0c9913d195f833d625)
2007-10-10r10045: metze reminded me to use the correct enum entry, rather than 0 for theAndrew Bartlett1-1/+1
return here. Andrew Bartlett (This used to be commit 73bd6c75343808952d97e32be9f624aba11c78d1)
2007-10-10r9980: Fix some warnings.Tim Potter1-3/+2
(This used to be commit 716011dd92d65caacb31ae399b580defa4e6fb2d)
2007-10-10r9942: CN=Configuration is always under the database-wide base dn, so don'tAndrew Bartlett1-5/+2
try and pass it down as a parameter. Andrew Bartlett (This used to be commit 530d91de7ca4d3763326bc9f5b0e79e77b823778)
2007-10-10r9941: Update the CrackNames test, and provide a much improved server-sideAndrew Bartlett1-119/+515
DRSUAPI CrackNames. We can't pass the full cracknames test until the initial provision is updated, the seperate DomainControllerInfo and canonical names support is added. Andrew Bartlett (This used to be commit ed24d88f0e8c6371acf6638a1c5f2112bc0bf285)
2007-10-10r9391: Convert all the code to use struct ldb_dn to ohandle ldap like ↵Simo Sorce1-3/+3
distinguished names Provide more functions to handle DNs in this form (This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
2007-10-10r8998: More work on the RPC server code to avoid abusing the name attributeAndrew Bartlett1-8/+9
as a netbios name. Andrew Bartlett (This used to be commit 242db48b98a04eed46bb35946dcd68b579bffe00)
2007-10-10r8984: Use the correct cross-reference search in DRSUAPI, rather than makingAndrew Bartlett1-9/+10
assumptions about the behaviour of "name" as a NETBIOS domain name. Andrew Bartlett (This used to be commit ba5fe07b97a99c34256f849dfbdd9a307a7d238d)
2007-10-10r8371: the objectGUID is now stored in binary...Stefan Metzmacher1-5/+4
metze (This used to be commit b920b306b3813ba4a220249dbd7e443605074c9b)
2007-10-10r5988: Fix the -P option (use machine account credentials) to use the Samba4Andrew Bartlett1-2/+2
secrets system, and not the old system from Samba3. This allowed the code from auth_domain to be shared - we now only lookup the secrets.ldb in lib/credentials.c. In order to link the resultant binary, samdb_search() has been moved from deep inside rpc_server into lib/gendb.c, along with the existing gendb_search_v(). The vast majority of this patch is the simple rename that followed, (Depending on the whole SAMDB for just this function seemed pointless, and brought in futher dependencies, such as smbencrypt.c). Andrew Bartlett (This used to be commit e13c671619bd290a8b3cae8555cb281a9a185ee0)
2007-10-10r5742: - add torture test and idl for DsReplicaUpdateRefs()Stefan Metzmacher1-9/+9
(the torture test currently only tests if the idl is correct) - add start for idl for DsGetNCChanges() (if someone didn't noticed the current ethereal trunk code can successful decrypt DCERPC and LDAP gsskrb5 encrypted blobs, when you provide a keytab and have compiled against heimdal :-) - add a view bitmaps and enum's for better debugging metze (This used to be commit cf7c1352ab2857b80256e02f70ab3fbd5177d596)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-1/+1
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell2-4/+4
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4640: first stage in the server side support for multiple context_ids on ↵Andrew Tridgell1-16/+4
one pipe this stage does the following: - simplifies the dcerpc_handle handling, and all the callers of it - split out the context_id depenent state into a linked list of established contexts - fixed some talloc handling in several rpc servers that i noticed while doing the above (This used to be commit fde042b3fc609c94e2c7eedcdd72ecdf489cf63b)
2007-10-10r4203: the bind_info blob isn't a const.Stefan Metzmacher1-9/+14
here's the idl to parse it, because we don't want the callers to manually de/encode this metze (This used to be commit 983f74c3651759991378b0d7b13b0952d77b3544)
2007-10-10r4087: - add idl and torture tests for drsuapi_DsReplicaGetInfo()Stefan Metzmacher1-3/+3
(NOTE: that the drsuapi_DsReplicaObjMetaData2 struct is not corrently parsed yet and there're some unknown fields left in someother infotypes) metze (This used to be commit 4fd57d5e7cff085a8c003ea82f282e26dc1346d9)
2007-10-10r3999: - reply with the same DsBindInfo blob as w2k3 in the server functionStefan Metzmacher1-4/+17
- add idl for drsuapi_DsReplicaSync() not yet complete - just return WERR_OK for the drsuapi_DsReplicaSync() server function metze (This used to be commit e896925ac0b58bd48b5b9cc2d675682409d09ae1)
2007-10-10r3920: - it seem that we need to send a magic bind_guid in DsBind()Stefan Metzmacher1-3/+3
to make DsWriteAccountSpn() work - add idl and torture test for DsWriteAccountSpn() metze (This used to be commit 625826ad9050c68407ae5e8abfee13699986303c)
2007-10-10r3789: - fix error handlingStefan Metzmacher2-21/+41
- formating changes metze (This used to be commit 7bb3e3751b1193cd16e6ff8aa468b36c823c1cd5)
2007-10-10r3784: do a samdb lookup for the DsCrackNames serverStefan Metzmacher3-16/+154
metze (This used to be commit a2776eca83117131f8316ca222a2f385ffa5d7d5)
2007-10-10r3468: split out dcerpc_server.hAndrew Tridgell2-0/+2
(This used to be commit 729e0026e4408f74f140375537d4fe48c1fc3242)
2007-10-10r3428: switched to using minimal includes for the auto-generated RPC code.Andrew Tridgell2-0/+2
The thing that finally convinced me that minimal includes was worth pursuing for rpc was a compiler (tcc) that failed to build Samba due to reaching internal limits of the size of include files. Also the fact that includes.h.gch was 16MB, which really seems excessive. This patch brings it back to 12M, which is still too large, but better. Note that this patch speeds up compile times for both the pch and non-pch case. This change also includes the addition iof a "depends()" option in our IDL files, allowing you to specify that one IDL file depends on another. This capability was needed for the auto-includes generation. (This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
2007-10-10r2992: drsuapi uses WERROR not NTSTATUSStefan Metzmacher2-50/+48
metze (This used to be commit 757f67c08b0b1309d8a0b900539111c7bc430b0e)
2007-10-10r2991: add drsuapi_DsGetDomainControllerInfo() idl and torture testStefan Metzmacher1-3/+3
metze (This used to be commit 98ca7640c59aa8694abde03f5661b8908cf088bb)
2007-10-10r2974: fix the buildStefan Metzmacher1-1/+1
metze (This used to be commit 1bb71e7a8699bfd32d171a48c4c3b5f35faf3e51)
2007-10-10r2970: - give somefields names and typdef enums for the possible valuesStefan Metzmacher2-47/+131
- do more crackname tests in the torture test - move server code for cracknames to a different file metze (This used to be commit 18050ea6037b3c0c7cfe975eb9c872368b9e3328)
2007-10-10r2954: add server cracknames code:Stefan Metzmacher1-1/+41
- we currently only do it for our REALM metze (This used to be commit e2df8c4285d3430085594a3a3b5534c514acd1f9)
2007-10-10r2952: add idl and torture test for DsCrackNamesStefan Metzmacher1-3/+3
(I need to find out what the fields mean but it works) metze (This used to be commit eff51fc623f2e7b57e7e53eb81760684815db2f4)
2007-10-10r2889: add DRSUAPI serverStefan Metzmacher2-0/+358
- with DsBind and DsUnbind implmented :-) the RPC-DRSUAPI test works metze (This used to be commit 536af87ef12024615728ce0060b557f6f504e33f)