summaryrefslogtreecommitdiff
path: root/source4/torture/rpc/schannel.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-3/+0
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+2
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+3
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r14379: Build torture/rpc/ as a seperate smbtorture module. Move helperJelmer Vernooij1-2/+2
functions for rpc out of torture/torture.c (This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+2
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13903: Don't generate prototypes for modules and binaries in include/proto.h byJelmer Vernooij1-0/+1
default. (This used to be commit c80a8f1102caf744b66c13bebde38fba74983dc4)
2007-10-10r13583: Realise that the member server name appears in all calls that use theAndrew Bartlett1-3/+27
credentials. Consistantly rename these elements in the IDL to computer_name. Fix the server-side code to always lookup by this name. Add new, even nastier tests to RPC-SCHANNEL to prove this. Andrew Bartlett (This used to be commit 341a0abeb4a9f88d64ffd4681249cb1f643a7a5a)
2007-10-10r13404: Comments, whitespace.Andrew Bartlett1-3/+4
Andrew Bartlett (This used to be commit 04e2fe8b6d293092af86a54215c1fa037bbb20e9)
2007-10-10r13402: Make Samba4 pass a nastier RPC-SCHANNEL test.Andrew Bartlett1-4/+7
The new RPC-SCHANNEL test shows that the full credentials state must be kept in some shared memory, for some length of time. In particular, clients will reconnect with SCHANNEL (after loosing all connections) and expect that the credentials chain will remain in the same place. To achive this, we do the server-side crypto in a transaction, including the fetch/store of the shared state. Andrew Bartlett (This used to be commit 982a6aa871c9fce17410a9712cd9fa726025ff90)
2007-10-10r13381: Test the SamLogonEx SamLogon call in the schannel test. This is onlyAndrew Bartlett1-0/+117
available under schannel, and performs a netlogon authentication. Andrew Bartlett (This used to be commit 561a690915f9d3ca2fbb76f16c47cf2f6be1b825)
2007-10-10r13380: Drop the socket, then try SAMR operations secured with netlogon on ↵Andrew Bartlett1-0/+29
the new socket. We should also test netlogon operations, but there are issues with what state is expected to be stored (far more than we currently do). Andrew Bartlett (This used to be commit 39ddba0d0dc4475f9f7c5b7aa19ffff42c9fd1f5)
2007-10-10r13346: use private proto header files for the torture testsStefan Metzmacher1-0/+1
metze (This used to be commit 67837dbd2bcff8ec1917ba02884ee2eaa0776b46)
2007-10-10r12865: Upgrade the librpc and libnet code.Andrew Bartlett1-0/+2
In librpc, always try SMB level authentication, even if trying schannel, but allow fallback to anonymous. This should better function with servers that set restrict anonymous. There are too many parts of Samba that get, parse and modify the binding parameters. Avoid the extra work, and add a binding element to the struct dcerpc_pipe The libnet vampire code has been refactored, to reduce extra layers and to better conform with the standard argument pattern. Also, take advantage of the new libnet_Lookup code, so we don't require the silly 'password server' smb.conf parameter. To better support forcing traffic to be sealed for the vampire operation, the dcerpc_bind_auth() function now takes an auth level parameter. Andrew Bartlett (This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-2/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12597: One less void *Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit a328acc8fa73703bba72b94084063906ec63cdc3)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-14/+5
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r11809: Make dcerpc_bind_auth async.Volker Lendecke1-10/+10
This also removes dcerpc_bind_auth_password, the only user of dcerpc_bind_auth. And this was not only passwords anyway. Andrew Bartlett, as usual: Please take a close look. Thanks, Volker (This used to be commit 2ff2dae3d035af6cb0c131573cfd983fc9a58eee)
2007-10-10r11298: Consolidate the 'short' samlogon tests, and move to using theAndrew Bartlett1-89/+0
credentials system for password -> NTLM translation. Andrew Bartlett (This used to be commit d22cbf1b0cae9ca211c916320754d5edfe360c30)
2007-10-10r11297: Move the RPC-SCHANNEL test to using the credentials system forAndrew Bartlett1-14/+45
converting username/pass into the NTLM responses. Andrew Bartlett (This used to be commit 272861b8ede591073cc3a26635fefbc784976764)
2007-10-10r11287: Understand the new behaviour of the LSA pipe on ncacn_ip_tcp in ↵Andrew Bartlett1-64/+70
Win2k3 SP1. Only a few operations are supported (LookupSids3 and LookupNames4), and these are only supported under schannel. This appears to be the operations Win2k3 SP1 uses to verify part of the PAC back to the server. The test is setup to pass, but not enforce (so far) this new behaviour. Andrew Bartlett (This used to be commit e15e39866e9775ba662f669a19836d33f7633f6f)
2007-10-10r10764: To match Win2k3 SP1, we need to set an anonymous user token forAndrew Bartlett1-2/+2
schannel connections. Test for Win2k3 SP1 behaviour in RPC-SCHANNEL. Andrew Bartlett (This used to be commit 1c3911374ec65e4770c2fe9109d7b7d3ecd99f6a)
2007-10-10r10763: PROOF of the single, easily understood cause of all of our schannel ↵Andrew Bartlett1-4/+87
PAIN! This test currently passes against Win2k3 SP0, but not SP1. The problem was not a convoluted series of changes in policy handles, but a simple rule that schannel logins would be regarded as ANONYMOUS not SYSTEM. Andrew Bartlett (This used to be commit e843a7fcba496b91b014ec1bff2f2dfb2a2fcdb1)
2007-10-10r10697: Change the torture join code to return a credentials structure, asAndrew Bartlett1-21/+1
that is what most of the callers want anyway. Remove and re-add the account for the torture case, rather than just modify it. Test with a user account (needs work to change the password). Andrew Bartlett (This used to be commit 38bebef02454164cbe882347d80e03abee656205)
2007-10-10r10564: Make the RPC-SCHANNEL test use the libnet_join code via ↵Andrew Bartlett1-2/+2
torture_join_domain Handle error cases in torture_create_testuser, where we can't connect to the target server (we were segfaulting due to an untested error path). Andrew Bartlett (This used to be commit 7afe14becbcfa8742740431884f9de92b72ed3e1)
2007-10-10r10528: Add credentials.h back into includes.h as some compilers don'tJelmer Vernooij1-1/+0
seem to be able to handle incomplete enum types. (This used to be commit 540155fad3c8e3d79fb631bb3f14273f82130a73)
2007-10-10r10510: Decrease the amount of data included by includes.h a bitJelmer Vernooij1-0/+1
(This used to be commit 03647e1321cf6c9bd6ced3945265f635e9468973)
2007-10-10r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.Andrew Bartlett1-2/+2
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own test for the moment, but I'm working on these issues :-) This required a change to the credentials API, so that the special case for NTLM logins using a principal was indeed handled as a special, not general case. Also don't set the realm from a ccache, as then it overrides --option=realm=. Andrew Bartlett (This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett1-1/+1
Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2007-10-10r8939: Do an open domain in the schannel SAMR test. This should test some ofAndrew Bartlett1-0/+27
the win2k3 SP1 interactions. Andrew Bartlett (This used to be commit ebd96e68d6d7f92b781df0c43970e0dab4a30d6e)
2007-10-10r8232: remove samr_String and netr_String as they are the same as lsa_StringStefan Metzmacher1-1/+1
metze (This used to be commit e601042c07d7b6eed0dc34e5b136d9266b8a0f81)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell1-2/+2
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r6565: Cludge, cludge, cludge...Andrew Bartlett1-8/+18
We need to pass the 'secure channel type' to the NETLOGON layer, which must match the account type. (Yes, jelmer objects to this inclusion of the kitchen sink ;-) Andrew Bartlett (This used to be commit 8ee208a926d2b15fdc42753b1f9ee586564c6248)
2007-10-10r6451: Ensure we correctly initialise the credentials structure in the ↵Andrew Bartlett1-2/+3
schannel test. Andrew Bartlett (This used to be commit 7e554e31d93c6f0c3968dfcb774b3135573d97b1)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-4/+5
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5942: A couple of small changes to fix things up with the new credentialsAndrew Bartlett1-3/+3
infrustructure. Andrew Bartlett (This used to be commit d51718ab8a3771ada4e342a384b744edb803db40)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-17/+22
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij1-4/+6
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5902: A rather large change...Andrew Bartlett1-20/+30
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5364: Rename string fields called 'domain' and 'name' to be 'domain_name'.Tim Potter1-2/+2
(This used to be commit 6749b9404d4e9876ecd964e038c608f05d2c0b69)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-5/+5
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5089: Fix indentation.Andrew Bartlett1-1/+1
(This used to be commit 2e31694f9e133ffee793de52b78a813b441acbc2)
2007-10-10r4616: the first phase in the addition of proper support forAndrew Tridgell1-1/+1
dcerpc_alter_context and multiple context_ids in the dcerpc client library. This stage does the following: - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has the context dependent part. This is similar to the layering in libcli_*() for SMB - disable the current dcerpc_alter code. I've used a #warning until i get the 2nd phase finished. I don't know how portable #warning is, but it won't be long before I add full alter context support anyway, so it won't last long - cleanup the allocation of dcerpc_pipe structures. The previous code was quite awkward. (This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
2007-10-10r4560: - fixed crash bugs in the RPC-SCHANNEL and RPC-NETLOGON testsAndrew Tridgell1-2/+2
- disabled the async netlogon tests for now until we better understand async rpc - added a test_w2k3.sh script that runs rpc tests that a w2k3 DC should pass. This is useful for regression testing when PIDL changes are made. (This used to be commit f7d4d3db489ad79457de70a85ad990159f6e74f8)
2007-10-10r4549: got rid of a lot more uses of plain talloc(), instead usingAndrew Tridgell1-2/+2
talloc_size() or talloc_array_p() where appropriate. also fixed a memory leak in pvfs_copy_file() (failed to free a memory context) (This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10r3724: Rename a number of structures, for better consistance between SAMR andAndrew Bartlett1-3/+3
NETLOGON. In particular, rename samr_Name to samr_String - given that many strings in this pipe are not 'names', the previous was just confusing. (I look forward to PIDL turning these into simple char * some day...). Also export out a few changes from testjoin.c to allow for how I have written the new RPC-SAMSYNC test. Andrew Bartlett (This used to be commit 9cd666bcfb1fc752a4717010a7c4f05131dc728e)
2007-10-10r3686: The results of some work on the NETLOGON pipe:Andrew Bartlett1-0/+98
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC, that will cross-verify all the values. Add support for the way netlogon credentials are shared between the pipe that sets up schannel and the pipe that is encrypted with it. Test this support, by calling both NETLOGON and SAMR operations in the RPC-SCHANNEL test. Move some of the Netlogon NEG flags into the .idl, now we have an idea what a few of them really are. Rename the sam_pwd_hash into a name that has meaning (all other crypto functions were renamed in Samba4 ages ago). Break out NTLMv2 functionality for operation on the NT hash - I intend to do NTLMv2 logins in the samsync test in future, and naturally I only have the hash. Andrew Bartlett (This used to be commit 6e6cc6fb9842113a1b0c7f6904dac709b320a6e5)
2007-10-10r3678: Remove testing code accidentily commited.Andrew Bartlett1-18/+0
Andrew Bartlett (This used to be commit cd23ddd0a7e87e217a93af499122e97e8dae4dd7)
2007-10-10r3677: Seperate the SamLogon tests from the main RPC-NETLOGON test into aAndrew Bartlett1-0/+18
RPC-SAMLOGON of their own. I have expanded the tests to validate the use of various flags, which change some of the crypto behaviour. Andrew Bartlett (This used to be commit 3a140a3691ce49ebf4d1efcb99cfffd26c68a28f)
2007-10-10r3428: switched to using minimal includes for the auto-generated RPC code.Andrew Tridgell1-0/+1
The thing that finally convinced me that minimal includes was worth pursuing for rpc was a compiler (tcc) that failed to build Samba due to reaching internal limits of the size of include files. Also the fact that includes.h.gch was 16MB, which really seems excessive. This patch brings it back to 12M, which is still too large, but better. Note that this patch speeds up compile times for both the pch and non-pch case. This change also includes the addition iof a "depends()" option in our IDL files, allowing you to specify that one IDL file depends on another. This capability was needed for the auto-includes generation. (This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)