Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
functions.
|
|
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)
|
|
Prove that a workstation password change does not affect existing schannel
connections
(This used to be commit f72dc52ccc426c8057b91b4699dfeda7d9e9b864)
|
|
(This used to be commit fc3bc3c4a85b0e0ba853f3208a4e934a733cfdc4)
|
|
(This used to be commit f75f95931c15d57b3111db4dff589be06710aea7)
|
|
This tests SamLogonEx() calls on multiple (smb) connections
in parallel. Sadly the smb connect needs to be serialized
because of the reset on zero VC style behavior of windows.
Call it like this:
bin/smbtorture -U administrator%test ncacn_np:w2k3-101 -W W2K3 RPC-BENCH-SCHANNEL
or
bin/smbtorture -U administrator%test ncacn_np:w2k3-101 -W W2K3 -k no RPC-BENCH-SCHANNEL \
--option="torture:nprocs=4" --option="torture:timelimit=1" \
--extra-user SUB1\\sub1user%testsecret --extra-user SUB1\\sub1user%testsecret
or ...
Later we should add more tests, maybe using only one smb connection
and different netlogon pipes.
We should also test using the DCERPC_PFC_FLAG_CONC_MPX flag and just one
rpc connection.
DCERPC_PFC_FLAG_CONC_MPX /* supports concurrent multiplexing of a single connection.*/
metze
(This used to be commit 901426c24c74390f7b1c78bb7a07c020b6ef73eb)
|
|
the code.
Make sure we pass around the event_context where we need it instead.
All test but a few python ones fail. Jelmer promised to fix them.
(This used to be commit 3045d391626fba169aa26be52174883e18d323e9)
|
|
(This used to be commit 5632fe8c61cfd7d69ebdc263dcb5740e72f25b95)
|
|
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
|
|
(This used to be commit a1715b1f48ba44bd94844418cc9299649aaf1a5e)
|
|
(This used to be commit 2833f320de1f1fd39c710ad0a61c3fa1bb1df31f)
|
|
(This used to be commit eeb2251d22b3d6e0379444a73af69d1014692b07)
|
|
(This used to be commit 7280c1e9415daabb2712db1372e23f9846272ede)
|
|
uses of global_loadparm.
(This used to be commit a33a5530545086b81a3b205aa109dff11c546926)
|
|
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
|
|
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
|
|
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
(This used to be commit dadcc4708e1813c0b657f1d357c2ae202ea4ec5a)
|
|
(This used to be commit da3a7ee407a2b41bd01f45072cad12bf29250b33)
|
|
metze
(This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
(This used to be commit 576dbdc8eece5c2fef743835c7cc255f02050ad3)
|
|
metze
(This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
|
|
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
|
|
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
|
|
functions for rpc out of torture/torture.c
(This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
|
|
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
default.
(This used to be commit c80a8f1102caf744b66c13bebde38fba74983dc4)
|
|
credentials.
Consistantly rename these elements in the IDL to computer_name.
Fix the server-side code to always lookup by this name.
Add new, even nastier tests to RPC-SCHANNEL to prove this.
Andrew Bartlett
(This used to be commit 341a0abeb4a9f88d64ffd4681249cb1f643a7a5a)
|
|
Andrew Bartlett
(This used to be commit 04e2fe8b6d293092af86a54215c1fa037bbb20e9)
|
|
The new RPC-SCHANNEL test shows that the full credentials state must
be kept in some shared memory, for some length of time. In
particular, clients will reconnect with SCHANNEL (after loosing all
connections) and expect that the credentials chain will remain in the
same place.
To achive this, we do the server-side crypto in a transaction,
including the fetch/store of the shared state.
Andrew Bartlett
(This used to be commit 982a6aa871c9fce17410a9712cd9fa726025ff90)
|
|
available under schannel, and performs a netlogon authentication.
Andrew Bartlett
(This used to be commit 561a690915f9d3ca2fbb76f16c47cf2f6be1b825)
|
|
the new socket.
We should also test netlogon operations, but there are issues with
what state is expected to be stored (far more than we currently do).
Andrew Bartlett
(This used to be commit 39ddba0d0dc4475f9f7c5b7aa19ffff42c9fd1f5)
|
|
metze
(This used to be commit 67837dbd2bcff8ec1917ba02884ee2eaa0776b46)
|
|
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous. This should better
function with servers that set restrict anonymous.
There are too many parts of Samba that get, parse and modify the
binding parameters. Avoid the extra work, and add a binding element
to the struct dcerpc_pipe
The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern. Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.
To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.
Andrew Bartlett
(This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
Andrew Bartlett
(This used to be commit a328acc8fa73703bba72b94084063906ec63cdc3)
|
|
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.
This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).
This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.
I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
|
|
This also removes dcerpc_bind_auth_password, the only user of
dcerpc_bind_auth. And this was not only passwords anyway.
Andrew Bartlett, as usual: Please take a close look.
Thanks,
Volker
(This used to be commit 2ff2dae3d035af6cb0c131573cfd983fc9a58eee)
|
|
credentials system for password -> NTLM translation.
Andrew Bartlett
(This used to be commit d22cbf1b0cae9ca211c916320754d5edfe360c30)
|
|
converting username/pass into the NTLM responses.
Andrew Bartlett
(This used to be commit 272861b8ede591073cc3a26635fefbc784976764)
|
|
Win2k3 SP1.
Only a few operations are supported (LookupSids3 and LookupNames4),
and these are only supported under schannel. This appears to be the
operations Win2k3 SP1 uses to verify part of the PAC back to the
server.
The test is setup to pass, but not enforce (so far) this new
behaviour.
Andrew Bartlett
(This used to be commit e15e39866e9775ba662f669a19836d33f7633f6f)
|