summaryrefslogtreecommitdiff
path: root/source4/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2008-10-17Fix errrors in new password handling code found by RPC-SAMR.Andrew Bartlett1-2/+15
I'm very glad we have such a comprehensive testsuite for the SAMR password change process, as it makes this a much easier task to get right. Andrew Bartlett
2008-10-16Create a 'straight paper path' for UTF16 passwords.Andrew Bartlett3-66/+70
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett
2008-10-15Merge branch 'master' of git://git.samba.org/sambaJelmer Vernooij1-1/+1
2008-10-15s4: merge from s3 samr.idl.Günther Deschner1-1/+1
Guenther
2008-10-15Sync parameter names with samba 3.Jelmer Vernooij1-6/+6
2008-10-15winreg.idl: Sync ref change from Samba 3.Jelmer Vernooij1-1/+1
2008-10-15Fix includes.Jelmer Vernooij1-1/+1
2008-10-12Use common strlist implementation in Samba 3 and Samba 4.Jelmer Vernooij1-1/+1
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij8-8/+8
2008-10-06Start implementing AD-style trusted domains in Samba4's NETLOGON serverAndrew Bartlett1-2/+50
2008-10-06Store trusted domain passwords in the LSA serverAndrew Bartlett1-4/+64
2008-10-06s4:rpc_server: tell the gensec layer that we want to do header signingStefan Metzmacher1-0/+4
Note: header signing is still off by default, as the gensec backends don't support it together with seal yet. metze
2008-10-05remove dependencies on my home domainAndrew Tridgell1-2/+3
(in other words, don't do commits in airports)
2008-10-05removed some debug lines I left in the last commitAndrew Tridgell1-4/+0
2008-10-03updated the LSA and NETLOGON servers with fixes resulting from the ADAndrew Tridgell3-20/+113
plugfest in Redmond
2008-10-02fixed a talloc error in the rpc handle desctructor - destructorsAndrew Tridgell1-1/+0
should not try to free the ptr they are given
2008-09-30fixed a number of places in our LSA server where we should return theAndrew Tridgell1-11/+13
sid/name array even when all are unmapped. If we don't fill in the array then the windows client runtime crashes
2008-09-30Merge branch 'master' of ssh://git.samba.org/data/git/sambaAndrew Tridgell4-34/+40
2008-09-30check call status not rpc fault code when calling to different levelsAndrew Tridgell1-4/+4
of calls
2008-09-30cope with NULL attrAndrew Tridgell1-1/+3
2008-09-30Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij3-15/+21
2008-09-29Rework to match new trustDomainPasswords IDLAndrew Bartlett1-5/+5
2008-09-29Fix parsing of the trust passwords in LSA CreateTrustedDomainEx*Andrew Bartlett1-4/+4
2008-09-30s4:rpc_server: correctly handle dcerpc requests with object uuidsStefan Metzmacher2-6/+12
metze
2008-09-30dcesrv: Remove use of global_loadparm.Jelmer Vernooij1-19/+19
2008-09-29WSPP docs say we need to check that root_dir is NULLAndrew Tridgell1-0/+6
2008-09-29we need to return NT_STATUS_INVALID_PARAMETER for bad levels inAndrew Tridgell1-0/+5
lsalookupnames2
2008-09-29unmapped SIDs should be rid 0 not rid -1Andrew Tridgell1-1/+4
2008-09-29added some more well known SIDs - thanks to the WSPP LSAT test suiteAndrew Tridgell1-1/+42
2008-09-24Move source4/lib/crypto to lib/crypto.Jelmer Vernooij2-2/+2
2008-09-24Rename smbd -> samba.Jelmer Vernooij1-1/+1
This reverts commit 05ea5e23cf4e70de0bd658b1c5c0ead133967091. Conflicts: source4/smbd/server.c
2008-09-23Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.Simo Sorce3-20/+19
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-09-22Remove unused parameter from decode_pw_buffer and fail on invalidAndrew Bartlett2-8/+5
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett
2008-09-21Revert "Rename smbd -> samba."Jelmer Vernooij1-1/+1
This reverts commit 0e9008be35a5b334bd65e6417193d4b8f27bdc36.
2008-09-21Rename smbd -> samba.Jelmer Vernooij1-1/+1
2008-09-13rpc_server: don't send auth trailers in level connectStefan Metzmacher2-89/+80
Also ignore auth trailers in level connect on receive. This fixes [krb5,connect] against windows. TODO: maybe the gensec mech need to decide if signatures are needed in level connect. metze (This used to be commit 2e3629719790e7631d9de383b565dc8a0997bcfb)
2008-09-13rpc_server: correctly calculate the auth paddingStefan Metzmacher1-3/+8
metze (This used to be commit e82468a8f538aa0cf6d477fb54cc0178c0d64574)
2008-09-08Simplfy SetSecrets behaviour in line with RPC-LSA and Win2008.Andrew Bartlett1-51/+64
(This used to be commit 07cb8db799cc22685af4bb63285fa10115790ce1)
2008-09-08More work towards trusted domains support in Samba4's LSAAndrew Bartlett1-50/+323
Make 'lsar_CreateTrustedDomain' consistant with lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle Implement LSA server logic to create the cn=users trust account for incoming trusts. Andrew Bartlett (This used to be commit d87b655e20b7c38756774cec2e5898af38c46786)
2008-09-05Update copyright, I've been working here many long years...Andrew Bartlett1-1/+1
(This used to be commit 842ab594124198453fc88f46ab83b712a7d34dc1)
2008-09-03Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett1-1/+44
(This used to be commit 9590805bcbdd1924eda5a69978ffac7ec7603451)
2008-09-03Implement NETLOGON PAC verfication on the server-sideAndrew Bartlett1-31/+29
This is implemented by means of a message to the KDC, to avoid having to link most of the KDC into netlogon. Andrew Bartlett (This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
2008-09-01Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.Andrew Bartlett1-0/+6
Also check we get the defaults correct with a query in the torture suite. Andrew Bartlett (This used to be commit b55a1b63cc2f7de889f046e975e3414bc5000613)
2008-08-29Start implementing the server-sde NETLOGON PAC verification.Andrew Bartlett1-1/+46
(This used to be commit 8741e8fee619cccd84f2f10e00426df1d4f34074)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett3-40/+92
(This used to be commit b706708210a05d6f10474a3cd2bbc550704d4356)
2008-08-26More LSA server and testuite work.Andrew Bartlett1-1/+38
- Implement QueryDomainInformationPolicy in Samba4 - Allow RPC-LSA to pass against Windows 2008 (which does not allow the Audit privilage to be removed) Andrew Bartlett (This used to be commit d94c7bbcd6eee6d975eac32a1d172f4164c97137)
2008-08-26Implement matching logic to Windows 2008 on handling of secrets.Andrew Bartlett1-16/+8
This is enforced by the new RPC-LSA test. Andrew Bartlett (This used to be commit da200ac64485fd9531b1aa048570c682b680b012)
2008-08-26Fix LSA server to pass more of RPC-LSA and match Windows 2008Andrew Bartlett1-17/+32
This fixes some info levels in the QueryTrustedDomainInfo call, and changes from implementing lsa_Delete to lsa_DeleteObject (which has an explicit close and reutrns a NULL handle). Andrew Bartlett (This used to be commit 1f12c368b2566b378a6c521c389b8b1bafbcf916)
2008-08-12Add GenericInfo level for SamLogon calls from the WSPP IDL.Andrew Bartlett1-5/+13
Andrew Bartlett (This used to be commit ea58b650a81b48b0477edbcda1e4e26a3b2a9b9e)
2008-08-11rpc_server: correct the chunk_size depending on the signature sizeStefan Metzmacher2-6/+14
metze (This used to be commit 20fc0d7bfdaa60d6a8ac939dc64733a91652587e)