summaryrefslogtreecommitdiff
path: root/source4/torture/rpc/samsync.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14860: create libcli/security/security.hStefan Metzmacher1-1/+1
metze (This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
2007-10-10r14720: Add torture_context argument to all torture testsJelmer Vernooij1-1/+1
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-1/+0
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+3
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+3
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r14379: Build torture/rpc/ as a seperate smbtorture module. Move helperJelmer Vernooij1-2/+2
functions for rpc out of torture/torture.c (This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+2
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13908: Improve the RPC-SAMSYNC test to cross-check some attributes I wasn'tAndrew Bartlett1-6/+29
sure about. This finds a new ACB_PW_EXPIRED attribute. Andrew Bartlett (This used to be commit 54caf949425cb9a3437bd7051930384167b5e07d)
2007-10-10r13903: Don't generate prototypes for modules and binaries in include/proto.h byJelmer Vernooij1-0/+1
default. (This used to be commit c80a8f1102caf744b66c13bebde38fba74983dc4)
2007-10-10r13583: Realise that the member server name appears in all calls that use theAndrew Bartlett1-1/+1
credentials. Consistantly rename these elements in the IDL to computer_name. Fix the server-side code to always lookup by this name. Add new, even nastier tests to RPC-SCHANNEL to prove this. Andrew Bartlett (This used to be commit 341a0abeb4a9f88d64ffd4681249cb1f643a7a5a)
2007-10-10r13346: use private proto header files for the torture testsStefan Metzmacher1-0/+1
metze (This used to be commit 67837dbd2bcff8ec1917ba02884ee2eaa0776b46)
2007-10-10r12693: Move core data structures out of smb.h into core.hJelmer Vernooij1-0/+1
torture prototypes in seperate header (This used to be commit 73610639b23ca3743077193fa0b1de7c7f65944d)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-1/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-7/+3
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r11968: More warning fixes. We're on track to getting to double digits forTim Potter1-1/+1
the number of warnings generated now. (This used to be commit d479f2d7607adc698d71c5ba26932c72a26dcaab)
2007-10-10r11967: Fix more 64-bit warnings.Tim Potter1-3/+5
(This used to be commit 9c4436a124f874ae240feaf590141d48c33a635f)
2007-10-10r11676: as tridge uses 0x%llx in his latest commits...Stefan Metzmacher1-4/+2
try to use it every where and see how portable it is metze (This used to be commit 66a94de5ddd09df858a515555c01aa3d4f7d3e96)
2007-10-10r11626: Fix unhandled enum in case statement warnings by noting appropriatelyTim Potter1-0/+17
that some values aren't handled. The remaining warnings I think are actual bugs or required functionality that is missing (mostly lack of server side Unix extensions). (This used to be commit 03c7da27a06736f2a27d76e6a00a24ab54453af9)
2007-10-10r10528: Add credentials.h back into includes.h as some compilers don'tJelmer Vernooij1-1/+0
seem to be able to handle incomplete enum types. (This used to be commit 540155fad3c8e3d79fb631bb3f14273f82130a73)
2007-10-10r10510: Decrease the amount of data included by includes.h a bitJelmer Vernooij1-0/+1
(This used to be commit 03647e1321cf6c9bd6ced3945265f635e9468973)
2007-10-10r9792: Rename StrCaseCmp -> strcasecmp_m. All these years I was thinkingJelmer Vernooij1-4/+4
StrCaseCmp was sys_strcasecmp, while it is in fact strcasecmp_m! (This used to be commit 200a8f6652cb2de7a8037a7a4c2a204b50aee2b1)
2007-10-10r9391: Convert all the code to use struct ldb_dn to ohandle ldap like ↵Simo Sorce1-2/+2
distinguished names Provide more functions to handle DNs in this form (This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
2007-10-10r8520: fixed a pile of warnings from the build farm gcc -Wall output onAndrew Tridgell1-2/+2
S390. This is an attempt to avoid the panic we're seeing in the automatic builds. The main fixes are: - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats - use of NULL format statements to perform dn searches. - assumption that sizeof() returns an int (This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
2007-10-10r8430: readd my hack to display the hashes with -d 100Stefan Metzmacher1-0/+9
metze (This used to be commit b3f01ef0df2579decbbb67586157d089f528dd13)
2007-10-10r8232: remove samr_String and netr_String as they are the same as lsa_StringStefan Metzmacher1-1/+1
metze (This used to be commit e601042c07d7b6eed0dc34e5b136d9266b8a0f81)
2007-10-10r7993: Further work on the Krb5 PAC.Andrew Bartlett1-2/+2
We now generate the PAC, and can verifiy both our own PAC and the PAC from Win2k3. This commit adds the PAC generation code, spits out the code to get the information we need from the NETLOGON server back into a auth/ helper function, and adds a number of glue functions. In the process of building the PAC generation code, some hints in the Microsoft PAC specification shed light on other parts of the code, and the updates to samr.idl and netlogon.idl come from those hints. Also in this commit: The Heimdal build package has been split up, so as to only link the KDC with smbd, not the client utils. To enable the PAC to be veified with gensec_krb5 (which isn't quite dead yet), the keyblock has been passed back to the calling layer. Andrew Bartlett (This used to be commit e2015671c2f7501f832ff402873ffe6e53b89466)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell1-2/+2
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r6603: More work on the samdump puzzle. This implements a function pointerAndrew Bartlett1-1/+1
callback interface, so we can start dumping into more than just stdout soon. Also use the enums instead of uint32 where possible and valid. Andrew Bartlett (This used to be commit f0c67a4a24dbd7fc32fc864d61a21eeee587178e)
2007-10-10r6582: Remove the hack that metze needed because Samba4 didn't have a samdumpAndrew Bartlett1-9/+0
command. Andrew Bartlett (This used to be commit adb5a3093ea3ab82e01f488ea780106fee98733b)
2007-10-10r6565: Cludge, cludge, cludge...Andrew Bartlett1-2/+6
We need to pass the 'secure channel type' to the NETLOGON layer, which must match the account type. (Yes, jelmer objects to this inclusion of the kitchen sink ;-) Andrew Bartlett (This used to be commit 8ee208a926d2b15fdc42753b1f9ee586564c6248)
2007-10-10r6544: Use common structures between SAMR, NETLGON and the Krb5 PAC.Andrew Bartlett1-0/+45
Fill out the group list for the SamLogon reply, so clients get the supplementary groups. Andrew Bartlett (This used to be commit d9c31e60a72c345e3a23a7eb742906bcfc18721c)
2007-10-10r6523: Another string that isn't filled in. I wonder why this is, but forAndrew Bartlett1-1/+4
now don't fail the test. Andrew Bartlett (This used to be commit 437aabf15ef7c5eead4bec45eb7e10a77f392b84)
2007-10-10r6206: go baack 10 revisions to get DatabaseDeltas, this shows that the bdc onlyStefan Metzmacher1-1/+5
need one call to get in sync again (except something like NT_STATUS_MORE_ENTRIES is returned) also the pdc only need to know the current state values metze (This used to be commit f4e12b38937bd8c16fd1a8b13401a65565d4bd00)
2007-10-10r5947: print out the password hashes when -d 100 is in use,Stefan Metzmacher1-0/+9
very usefull for creating a keytab file with metze (This used to be commit 15b80a28dbf2004f63648fede61e514e55030018)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-37/+65
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij1-8/+12
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5902: A rather large change...Andrew Bartlett1-16/+27
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5878: Be clear which machine name (We have one worksation, and one BDC) weAndrew Bartlett1-7/+7
are doing logins with. Andrew Bartlett (This used to be commit b7297c44faea0ae8b38fb9a90c22c5be3c8f689f)
2007-10-10r5876: Add a test account for the duration of the samsync - to ensure we haveAndrew Bartlett1-1/+12
a good variety of things to test against. Add code to testjoin to handle this just like test machine accounts Soon I'll remove the 'must change password' flag, so we can do logins with it. Andrew Bartlett (This used to be commit 08b47e2dc067f7e4a52b982d358ff1b0209cc1df)
2007-10-10r5390: use __location__ to make tracking down errors in RPC-SAMSYNC easierAndrew Tridgell1-9/+10
(This used to be commit 40a8340f1b0fdb3b86f6330be4e1cec3959e89ee)
2007-10-10r5364: Rename string fields called 'domain' and 'name' to be 'domain_name'.Tim Potter1-1/+1
(This used to be commit 6749b9404d4e9876ecd964e038c608f05d2c0b69)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-3/+3
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-9/+9
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4776: Add more debugs to SamSync test.Andrew Bartlett1-25/+64
Andrew Bartlett (This used to be commit 70860779ae4d6be6d592e3635b091f0a5f29df6a)
2007-10-10r4708: Comparing with LDAP, it is clear that these 'flags' are in fact theAndrew Bartlett1-1/+1
POSIX offset for the trusted domain. Andrew Bartlett (This used to be commit cd9e795e4004e28dc0184b86f0c44431378fc3ff)
2007-10-10r4683: fix the buildStefan Metzmacher1-1/+1
metze (This used to be commit b020dbec89a85619ae3ee12f4dd0e3828d30ba04)
2007-10-10r4682: A LDB-based secrets implementation in Samba4.Andrew Bartlett1-3/+9
This uses LDB (a local secrets.ldb and the global samdb) to fill out the secrets from an LSA perspective. Some small changes to come, but the bulk of the work is now done. A re-provision is required after this change. Andrew Bartlett (This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
2007-10-10r4673: Fix the IDL for the QuerySecret LSA call.Andrew Bartlett1-6/+65
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned, as the name suggests. Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to validate the behaviour of times, and of the old secrets. Thanks to tridge for spotting the use of HYPER! Andrew Bartlett (This used to be commit 1fed79cb0f2ae7940639d08ef99576559d4cd06e)
2007-10-10r4616: the first phase in the addition of proper support forAndrew Tridgell1-2/+3
dcerpc_alter_context and multiple context_ids in the dcerpc client library. This stage does the following: - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has the context dependent part. This is similar to the layering in libcli_*() for SMB - disable the current dcerpc_alter code. I've used a #warning until i get the 2nd phase finished. I don't know how portable #warning is, but it won't be long before I add full alter context support anyway, so it won't last long - cleanup the allocation of dcerpc_pipe structures. The previous code was quite awkward. (This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell1-1/+1
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)