summaryrefslogtreecommitdiff
path: root/source4/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2010-03-10s4-spoolss: remove unsed iconv handle from dcesrv_spoolss_GetPrinterData().Günther Deschner1-1/+0
Guenther
2010-03-10s4:winreg RPC - don't crash when incoming data wasn't correctly specifiedMatthias Dieter Wallnöfer1-2/+8
Also found by the WINREG torture test enhancements by gd.
2010-03-09s4:netlogon RPC - "LogonGetDomainInfo" - make the call compatible with >= ↵Matthias Dieter Wallnöfer1-23/+62
Windows 2008 Add more security checks and other corrections to imitate Windows Server >= 2008.
2010-03-06s4:lsa RPC - fix up "gendb_*" result codesMatthias Dieter Wallnöfer2-33/+34
Make the resultcodes consistent: that means: result < 0 -> NT_STATUS_INTERNAL_DB_CORRUPTION since our DB had a critical error result >= 0 -> depends on the function usage. I tried to let the logic always as it was before.
2010-03-06s4:lsa RPC - Change some counters to be "unsigned" where neededMatthias Dieter Wallnöfer2-21/+24
The "count" size specifiers I typed "uint32_t" since they're often returned as an "uint32_t" (consider the IDL file). LDB counters need to be "signed" if they count till a limit of a "gendb*" call or "unsigned" if they count directly the number of objects.
2010-03-06s4:samr RPC - Change some counters to be "unsigned" where neededMatthias Dieter Wallnöfer1-9/+14
The "count" size specifiers I typed "uint32_t" since they're often returned as an "uint32_t" (consider the IDL file). LDB counters need to be "signed" if they count till a limit of a "gendb*" call or "unsigned" if they count directly the number of objects.
2010-03-05s4:drsuapi RPC - Change also here counters to "unsigned"Matthias Dieter Wallnöfer3-7/+8
No need to have "signed" counters at those places.
2010-03-05s4-spoolss: fix dcesrv_spoolss_GetPrinterData build.Günther Deschner1-1/+1
really not my day today... Guenther
2010-03-05s4-spoolss: fix spoolss_GetPrinterData implementation after IDL change.Günther Deschner1-2/+1
Guenther
2010-03-05s4:dcesrv_samr_AddAliasMember - wrap a long "DEBUG" statementMatthias Dieter Wallnöfer1-1/+2
2010-03-03s4:srvsvc RPC - "srvsvc_create_ntvfs_connect"Matthias Dieter Wallnöfer1-1/+1
Previous commit was incomplete. The "service" parameter in the "tcon" structure should point to "scfg->name". I'm not sure if "share" is right but the first was used before commit f390daef475126b4ff5a3d0ffd2babbd87d4c22b.
2010-03-03s4:srvsvc RPC - fix up the "ntvfs_connect" in "srvsvc_create_ntvfs_connect"Matthias Dieter Wallnöfer1-3/+5
This should be the right fix (set the service name in the tcon union to the share name/path). That should be the solution for bug #6784.
2010-03-03s4:dcesrv_samr - Also "OpenGroup" needs to support universal groupsMatthias Dieter Wallnöfer1-2/+3
2010-03-03s4:dcesrv_samr - Fix up "EnumDomainGroups" and "QueryDisplayInfo" callsMatthias Dieter Wallnöfer1-3/+6
We need to look for both global and universal group types when querying them. Found by ekacnet (http://lists.samba.org/archive/samba-technical/2010-March/069777.html).
2010-03-02s4:echo RPC - make this one "signed-safe"Matthias Dieter Wallnöfer1-1/+1
"i" needs to be unsigned here since it counts until "r->in.len" which itself is unsigned and not signed.
2010-03-01s4:srvsvc RPC - revert one unsigned integer "i" back to signedMatthias Dieter Wallnöfer1-1/+1
This is needed since this particular "i" counts until "count" which itself is signed. "count" is set through a signed integer variable parameter from the "share_list_all" call.
2010-03-01s4:rpc_server/remote: do async callsStefan Metzmacher1-6/+42
metze
2010-03-01s4:srvsvc RPC - make this one "signed-safe"Matthias Dieter Wallnöfer1-19/+20
2010-03-01s4:unixinfo RPC - make this one "signed-safe"Matthias Dieter Wallnöfer1-1/+1
2010-03-01s4:spoolss RPC - make this one "signed-safe"Matthias Dieter Wallnöfer1-1/+1
2010-03-01s4:remote RPC - make this one "signed-safe"Matthias Dieter Wallnöfer1-2/+2
2010-03-01s4:epmapper RPC - make this one "signed-safe"Matthias Dieter Wallnöfer1-2/+2
2010-03-01s4/rodc: Implement samdb_rodc with ldb contextAnatoliy Atanasov1-1/+1
2010-02-26s4:dcesrv_samr.c - Remove unused variableMatthias Dieter Wallnöfer1-3/+1
2010-02-24s4:lsa use the correct way to store a domain sidSimo Sorce1-7/+5
Converting the sid to a string and then storing a string does not save the sid in the right format. Causing following retrievals to fail to read back a sid with samdb_result_dom_sid().
2010-02-24s4:lsa avoid confusing ourselves over sam_ldbSimo Sorce1-39/+41
Do not use policy_state->sam_ldb and trusted_domain_state->policy->sam_ldb interchangeably all over the place. Just use sam_ldb everywhere and make the code slightly more readable.
2010-02-24s4:lsa cleanup trailing spaces and tabsSimo Sorce1-35/+35
2010-02-24s4:netlogon remove wrong ZERO_STRUCT of outputSimo Sorce1-6/+0
This was causing marshalling faults when we returned errors.
2010-02-23s4:schannel merge code with s3Simo Sorce1-24/+15
After looking at the s4 side of the (s)channel :) I found out that it makes more sense to simply make it use the tdb based code than redo the same changes done to s3 to simplify the interface. Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet that does not solve the lookup speed, with ldb it is always going to be slower. Looking through the history it is evident that the schannel database doesn't really need greate expanadability. And lookups are always done with a single Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated. The schannel database is not really a persistent one. It can be discared during an upgrade without causing any real issue. all it contains is temproary session data.
2010-02-23s4:schannel more readable check logicSimo Sorce1-12/+44
Make the initial schannel check logic more understandable. Make it easy to define different policies depending on the caller's security requirements (Integrity/Privacy/Both/None) This is the same change applied to s3
2010-02-23s4:netlogon RPC - fix the indentationMatthias Dieter Wallnöfer1-15/+15
Simo, I'm not really sure that those checks are valid. I read MS-NRPC section 3.5.4.1 about LOGONSRV_HANDLEs ("server_name" is of this type). There isn't stated that the server name has necessarily to be in the DNS form and should also be valid when it's NULL (if DCE server and client are the same - I don't know if me make use of it in s4).
2010-02-22s4:netlogon GetTrustedDomainInformationSimo Sorce1-6/+172
start implementing calls related to trusted domain information
2010-02-22s4:netlogon fix segfaultSimo Sorce1-12/+19
2010-02-21s4:netlogon enhance DsrEnumerateDomainTrustsSimo Sorce1-27/+178
Actually return trust relationships by searching the appropriate entries in the SAM database. Add checks and return the correct flags, type and attributes.
2010-02-21cleanupSimo Sorce1-133/+131
remove trailing spaces, tabs and blank lines
2010-02-19s4:lsa open trusted domain also with dns nameSimo Sorce1-3/+7
When searching for a trusted domain object to open, search also the DNS Name attributes for a match. W2K8R2 uses the DNS domain if available.
2010-02-19remove trailing tabs and spacesSimo Sorce1-9/+9
2010-02-19readability reformattingSimo Sorce1-28/+36
stop this function from maiking my eyes bleed
2010-02-20s4:rpc_server Add a 'if_version' parameter to the bind operation.Andrew Bartlett3-4/+6
This allows the interface version to be forwarded to the remote server in the RPC proxy, both in the endpoint lookup and the subsequent bind. Andrew Bartlett
2010-02-19s4:rpc_server Record the remote connections association group IDAndrew Bartlett2-6/+39
By recording the association group the remote server assigned to our proxied RPC connection, we can ensure we use the same value when the client wishes to use it. This isn't stored in a private pointer, as mapiproxy will want to use this feature too. Andrew Bartlett
2010-02-16s4-dcerpc: fixed auth padding to be relative to the stub, not packetAndrew Tridgell1-5/+10
The recent dcerpc padding changes made our padding relative to the packet header, instead of the start of the stub. Surprisingly, this broke w2k8r2 doing a dcpromo join to a s4 server. It seems that w2k8r2 is very fussy about the padding it gets in some circumstances.
2010-02-16s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flagsAndrew Tridgell4-8/+8
This allows for controls to be added easily where they are needed.
2010-02-16s4-dsdb: replace dsdb_modify_permissive() with dsdb_modify() and dsdb_flagsAndrew Tridgell2-2/+4
2010-02-15s4-drs: replace manual checks with dsdb_modify_permissive()Andrew Tridgell1-32/+1
Much simpler to use the permissive control instead of manually munging the SPN list.
2010-02-15s4-drs: use a permissive modify in addentryAndrew Tridgell1-1/+1
It is not an error if entries already exist.
2010-02-14s4:dcesrv_lsa.c - remove a superfluous empty lineMatthias Dieter Wallnöfer1-1/+0
One empty line is enough for code part divisions.
2010-02-14s4-rpcserver: teach the rpc server to cope with bad sig_size estimatesAndrew Tridgell1-18/+14
2010-02-14a4-dcerpc: another attempt at dcerpc auth paddingAndrew Tridgell1-4/+4
The last change broke net vampire against w2k8r2
2010-02-13s4-rpc: be more careful about DCERPC auth paddingAndrew Tridgell1-55/+24
Cope with a wider range of auth padding in dcerpc bind_ack and alter_context packets. We now use a helper function that calculates the right auth padding.
2010-02-13s4: use LDB_TYPESAFE_QSORT() instead of ldb_qsort()Andrew Tridgell1-3/+2