summaryrefslogtreecommitdiff
path: root/source4/torture/rpc/lsa.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4308: [out,ref] pointer needs to set (don't corrupt the stack and segfault)Stefan Metzmacher1-0/+2
metze PS: <tridge> "silly tridge forgot a out [ref] var" :-) (This used to be commit a46c68a80001f5fe9d37cc4ce374071b6fe63076)
2007-10-10r4279: added IDL and test code for lsa_AddPrivilegesToAccount() and ↵Andrew Tridgell1-3/+70
lsa_RemovePrivilegesFromAccount() (This used to be commit 705b870c73995609c8d3ebb24418538bfe20c05b)
2007-10-10r4277: - added server support for lsa_EnumAccounts()Andrew Tridgell1-16/+21
- expanded the lsa test suite to better test lsa_EnumAccounts() (This used to be commit bafdb1772977d98fd57bb31a328af7cb1deee788)
2007-10-10r4195: added IDL, test suite and server side code for lsa_LookupPrivValueAndrew Tridgell1-3/+24
(This used to be commit 7bddd4740332017bb5f4bddcc9ba0234d05378bd)
2007-10-10r4052: fixed a bunch of code to use the type safe _p allocation macrosAndrew Tridgell1-2/+2
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
2007-10-10r4035: more effort on consistent naming of the access mask bits.Andrew Tridgell1-9/+9
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and SEC_RIGHTS_FULL_CONTROL, which are just other names for SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names match the new naming conventions in security.idl Also added names for the generic->specific mappings for files are directories (This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
2007-10-10r3978: added IDL and test code for lsa_LookupSids2() and lsa_LookupNames2()Andrew Tridgell1-0/+89
(This used to be commit 9da455ed56ebc167f295b231c2730e3ff9c94617)
2007-10-10r3919: Add more info levels to the QueryTrustedDomainInfo structures, withAndrew Bartlett1-1/+1
names and other assistance from the ethereal sources. More work needs to be done to validate some of the levels, which do not appear in the query - perhaps they are modification levels. Andrew Bartlett (This used to be commit 63635533693fa364b0c697a3fe1010b3eb8b17d3)
2007-10-10r3917: A few more LSA RPCs found in my wanderings (for trusted domains, theseAndrew Bartlett1-14/+61
seem to be 'shortcut' RPCs, that just avoid an open/query pair). Rename a few others to give us a slightly sensible pattern. Andrew Bartlett (This used to be commit d6a7ab57e74ab89dd163d5f9f5f901e586b0aad4)
2007-10-10r3907: * Rename lsa_Name to lsa_StringAndrew Bartlett1-13/+28
* Add new IDL to LSA, to query information about trusted domains (for cross-check with SamSync). Andrew Bartlett (This used to be commit 174c0778421b5154ff2ba809688ea6ef38a1478b)
2007-10-10r3904: * Add new LSA calls to open trusted domainsAndrew Bartlett1-7/+61
* Add new tests for ACCOUNTs in SamSync * Clean up names in NETLOGON and LSA * Verify Security Descriptors against LSA, as well as SamR Andrew Bartlett (This used to be commit 7094502fe0346255a89667f702289b4c8dc9fa08)
2007-10-10r3428: switched to using minimal includes for the auto-generated RPC code.Andrew Tridgell1-0/+1
The thing that finally convinced me that minimal includes was worth pursuing for rpc was a compiler (tcc) that failed to build Samba due to reaching internal limits of the size of include files. Also the fact that includes.h.gch was 16MB, which really seems excessive. This patch brings it back to 12M, which is still too large, but better. Note that this patch speeds up compile times for both the pch and non-pch case. This change also includes the addition iof a "depends()" option in our IDL files, allowing you to specify that one IDL file depends on another. This capability was needed for the auto-includes generation. (This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
2007-10-10r3324: made the smbtorture code completely warning freeAndrew Tridgell1-1/+1
(This used to be commit 7067bb9b52223cafa28470f264f0b60646a07a01)
2007-10-10r2266: yay! LSA session keys on TCP now work!Andrew Tridgell1-150/+0
(This used to be commit f6ea24296acaaadcd2d59740bc88ef1a93fb1c28)
2007-10-10r2203: delete the key after testing, so as not to clutter the server with ↵Andrew Tridgell1-0/+2
random keys (This used to be commit d98ed1fbe52b547c461f1b6a859504e96e0e3ee7)
2007-10-10r2202: don't close the smb pipe after the puzzle testAndrew Tridgell1-2/+0
(This used to be commit 591ee2308c95982caf5453d35ebf6530208037fd)
2007-10-10r2201: removed an exit I accidentially left inAndrew Tridgell1-1/+0
(This used to be commit e1d13631f0163b69401a07c51e449ea1e32239bf)
2007-10-10r2200: solved another piece of the lsakey puzzle - the session key for lsaAndrew Tridgell1-0/+152
encryption on ncacn_ip_tcp is a fixed buffer! I don't yet know what the buffer is, but this code proves its the same buffer for different w2k3 servers and different user passwords, plus it is independent of the negotiated NTLMSSP session key. (This used to be commit 05fd38f3cfd9476bc1cf7fed838a942a75569c0a)
2007-10-10r2199: the unknown 16 bit number in lsa_LookupPrivDisplayName() is a languageAndrew Tridgell1-1/+8
ID, so the client can choose what language they get the privilege description in. this is the first time I've seen a language ID on the wire in CIFS. (This used to be commit e99d88915fbfcfb50b04330cd1a32b90222fbca3)
2007-10-10r2186: setting [ref] output pointers in dcerpc calls is pointless. Removed itAndrew Tridgell1-4/+0
for test_LookupPrivDisplayName (This used to be commit 2d8f4005926e15dcb56a6501091a56475a99712d)
2007-10-10r2179: two more lsa torture tests from Richard Renard. Thanks!Andrew Tridgell1-1/+70
(This used to be commit 25f85efd75bd54ff142027a8741edaa94725ca9a)
2007-10-10r2031: add a check for a blank secret return in lsa secret testsAndrew Tridgell1-8/+13
(This used to be commit eddb31d19654853189d1c3c52105a6240d100456)
2007-10-10r1637: - w2k3 can't handle more than 1000 names in a LookupNames requestAndrew Tridgell1-3/+3
- use a SID that w2k3 likes in CreateTrustedDomain (This used to be commit b5f25fdb7440ba21f073f4ca7fa9a8771a6ebaf4)
2007-10-10r1342: When fixing _lsa_lookupsids in samba3 I wanted to find out the number ↵Volker Lendecke1-0/+54
of SIDs w2k3 can handle in a single request. With the samba3 client rpc libs I can do about 21000 SIDs in a single request. test_many_LookupSIDs with 10000 SIDs fails on the subsequent request with a NET_WRITE_FAULT. Maybe the Samba4 DCE people want to take a look at this -- I don't see the problem. Bug fix: SID components should be treated as unsigned when parsing Volker (This used to be commit 8c997a2ad2e89a640f854b556ef76a3d52c15963)
2007-10-10r962: convert 'unsigned' and 'unsigned int' to uint_tStefan Metzmacher1-1/+1
metze (This used to be commit 57151e80eb1090281401930c8fe25b20a8cf3a38)
2007-10-10r919: - added lsa_QueryInfoPolicy2() to IDL, test suite and serverAndrew Tridgell1-0/+38
- added lsa_OpenPolicy2() to server - added guid handling in samdb - added a couple more info policy levels in lsa server - added some DNS info in the provisioning template and script With the above changes WinXP professional can join a Samba4 domain (This used to be commit d6dca96352144d6061175c964069ed54d942b9c2)
2007-10-10r917: - added the start of a LSA server to samba4.Andrew Tridgell1-7/+7
- added start of QueryDomainInfo in samr server "net rpc info" from samba3 now works against a samba4 server. I suspect join will work fairly soon. (This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
2007-10-10r889: convert samba4 to use [u]int16_t instead of [u]int16Stefan Metzmacher1-1/+1
metze (This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
2007-10-10r884: convert samba4 to use [u]int32_t instead of [u]int32Stefan Metzmacher1-5/+5
metze (This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
2007-10-10r611: Fix breakage from my last commit:Andrew Bartlett1-4/+4
Now that all session keys are DATA_BLOBs, fix the callers. This assumes some things about the behaviour of certain crypto algorithms, without the ability to test it on session keys != 16 bytes in length. We will just need to retest when we get the KRB5 support in (DES keys are 8 bytes). Andrew Bartlett (This used to be commit e4355a7ec1eba92bdecef8cc478272897276dbae)
2007-10-10r101: added lsa_SetSecret() and lsa_QuerySecret()Andrew Tridgell1-70/+80
this required some crypto infrastructure and some sid utilities (This used to be commit 37d0efa9c2af8532536bea88412f0dd3ed39ecfc)
2004-04-03added IDL and test for lsa_OpenSecret()Andrew Tridgell1-1/+23
(This used to be commit dd95cd141dc63f16e14f4c9392529653084b5a2a)
2004-04-03added IDL and test suite for lsa_CreateSecret()Andrew Tridgell1-0/+33
(This used to be commit 4de08b64ddb3851e90a8dadd7d0d0991e933abf5)
2004-04-03added idl and test suite for lsa_CreateTrustedDomain()Andrew Tridgell1-1/+45
(This used to be commit cdb47511531cb8ef19334088eecb14971e189a4f)
2004-03-31added lsaCreateAccount() and a test in the RPC-LSA test suiteAndrew Tridgell1-21/+114
also tested lsa_Delete() to delete the newly created account (This used to be commit c4d5d0e9eba6b564e2ce6885d66d644b6612d721)
2004-02-03- add 'print' to the DCERPC binding stringsStefan Metzmacher1-2/+0
e.g. ncacn_np:myserver:[samr,sign,print] will now enable the packet debugging and the debugging is not bound anymore to the debuglevel >= 2 in the torture tests - also the dcesrv_remote module now supports debugging of the packets use the 'dcerpc_remote:binding' smb.conf parameter. metze (This used to be commit 40abf3c584efed7f977ddd688ea064540e5a5b13)
2003-12-02 * netr_ServerPasswordSet() now works - the test suite changes theAndrew Tridgell1-5/+0
machine account password. * neater handling on value() options in IDL. The auto-print code will now display the right value so you don't need to initialise it in your C code (This used to be commit 3dd978b12bb5571fba4e1839c0f7ee60cf729aa2)
2003-11-22 * fixed NDR flag inheritance across push subcontextsAndrew Tridgell1-2/+2
* don't consider not doing lsa_QueryInfoPolicy level 11 a failure (w2k3 doesn't have this level, w2k does) * on a NDR validation failure dump the failed data at level 3 (This used to be commit 9d5078962f0f8aef3360dea4c4774cf8de1fdc26)
2003-11-22 * enable RPC/NDR validation in all smbtorture codeAndrew Tridgell1-1/+1
* allow us to distinguish between null arrays and zero length arrays, by making the allocation size a minimum of 1 on array pull (This used to be commit 11c0fe548ecfb03424f51e1354b86d4692e8f07c)
2003-11-22a fairly major upgrade to the dcerpc systemAndrew Tridgell1-1/+3
* added a NDR validator. The way it works is that when the DCERPC_DEBUG_VALIDATE_* flags are set the dcerpc system will perform NDR buffer validation. On sending a request the packet is first marshalled, then unmarahslled, then marshalled again, and it is confirmed that the two marshalling results are idential. This ensures that our pull and push routines are absolutely in sync, so that we can be very confident that if a routine works in the client then the corresponding routine must work on the server side. A similar validation is performed on all replies. * a result of this change is that pidl is fussier about the [ref] tag. You can only use it on pointers (which is the only place it makes sense) * fixed a basic alignment bug in the push side of the NDR code * added server side pull/push support. Our dcerpc system is now fully ready to be used on the server side. * fixed the relative offset pointer list. It must be traversed in reverse order on push * added automatic value setting for the size parameter in outgoing SdBuf structures. * expanded the ndr debugging code to always give a message on any failure * fixed the subcontext push code * fixed some memory leaks in smbtorture RPC tests (This used to be commit 8ecf720206a2eef3f8ea7cbdb1f460664a5dba9a)
2003-11-20some errors are expected in SAMR and LSA tests - don't fail the testAndrew Tridgell1-0/+12
when they are given (This used to be commit 6e2d3aa433cc77f2ac9f2a7c807bc2668a8b7a9a)
2003-11-19init samr and lsa names so the debug display looks rightAndrew Tridgell1-3/+11
(This used to be commit 343728fad47f46e404be15d44c5b66f870302d9d)
2003-11-18use the auto-generated UUID, version and name rather than listing themAndrew Tridgell1-1/+4
in the dcerpc core code (This used to be commit 16ffeb7c80bfe7f1bfbfce8c98066e9ddbca7686)
2003-11-18* use the new auto-generated debug code method.Andrew Tridgell1-22/+2
* add a couple more info levels to wkssvc (This used to be commit c69161bdb13745f271b0cfa9a9af349f7a95edc6)
2003-11-17 * add another WERR err codeAndrew Tridgell1-29/+11
* use the top-level function argument printing to show more detail in RPC-* tests (This used to be commit 33bb8785625b1845750f28f2d810e7096afe9f8e)
2003-11-15added the first couple of calls from samr as IDLAndrew Tridgell1-63/+4
samr_EnumDomains() works nicely (This used to be commit 7c162eaf3bb0195f9a2da05d6acd3c8e620f08d1)
2003-11-15added lsa_QuerySecObj() and the necessary sec_desc_buf supporting codeAndrew Tridgell1-0/+29
also adding printing of security descriptors (This used to be commit 1f93cbc1d597b973ab1a5005ede093c1bcefff87)
2003-11-14it turns out that all MS servers ignore the artifact struct_len fieldsAndrew Tridgell1-0/+4
in OpenPolicy and OpenPolicy2, so we don't in fact need the [struct_len] attribute. This makes our IDL much closer to the MS IDL. (This used to be commit f0a8f063a680b5d0a68c5ac7cccf9c9a13adfb81)
2003-11-14* fixed lsa_LookupPrivNameAndrew Tridgell1-2/+1
* added levels 2 and 3 of dfs_Enum (This used to be commit 3fa61c19826cd1415f561e1e5c40adcc59d4abf2)
2003-11-13* fixed conformant arrays in structuresAndrew Tridgell1-2/+2
* expanded the rpcecho test * started adding the NETDFS pipe (This used to be commit 095ab42cbdd5c1c5ab753e2eb275742ba822c8b9)