| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
names rather than our crazy naming scheme. So DES is now called
des_crypt() rather than smbhash()
- added the code from the solution of the ADS crypto challenge that
allows Samba to correctly handle a 128 bit session key in all of the
netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard
from PADL for solving this one!
- restructured the server side rpc authentication to allow for other
than NTLMSSP sign and seal. This commit just adds the structure, the
next commit will add schannel server side support.
- added 128 bit session key support to our client side code, and
testing against w2k3 with smbtorture. Works well.
(This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
(This used to be commit 6ac547fa5fe4b1926bafc46e500b51486c7d500d)
|
|
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
|
|
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.
In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.
I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.
The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
(This used to be commit bb1af644a5a7b188290ce36232f255da0e5d66d2)
|
|
pipe.
The server side code gets generated as librpc/gen_ndr/ndr_NAME_s.c and
gets included in the pipe module
(This used to be commit bd3dcfe5820489a838e19b244266bd9126af5eb4)
|
|
server endpoints. We can now successfully setup listening endpoints on
high ports, then use our endpoint mapper redirect incoming clients to
the right port.
also greatly cleanup the rpc over tcp session handling.
(This used to be commit 593bc29bbe0e46d356d001160e8a3332a88f2fa8)
|
|
needs quite a bit more work to get it finished. The biggest missing
feature is the lack of NTLMSSP which is needed for basic
authentication over tcp
(This used to be commit 9fb0f0369356909c99389e2cbc525be27c08793c)
|
|
for some reason the epm_Lookup replies can't be parsed by ethereal,
although w2k parses then fine as does the Samba4 NDR code.
(This used to be commit 097e7ca99d947932df5674c36e628ca6b8f31d3a)
|
|
the RPC-EPMAPPER torture test now passes
(This used to be commit fbdcf9ef548aefb1233cbb22a60bff3eacba996f)
|
|
implements the epm_Lookup() call, I'll add the other important calls
soon. I was rather pleased to find that epm_Lookup() worked first
time, which is particularly surprising given its complexity.
This required quite a bit of new infrastructure:
* a generic way of handling dcerpc policy handles in the rpc server
* added type checked varients of talloc. These are much less error
prone. I'd like to move to using these for nearly all uses of
talloc.
* added more dcerpc fault handling code, and translation from
NTSTATUS to a dcerpc fault code
* added data_blob_talloc_zero() for allocating an initially zero
blob
* added a endpoint enumeration hook in the dcerpc endpoint server
operations
(This used to be commit 3f85f9b782dc17417baf1ca557fcae22f5b6a83a)
|
