1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

1778 Commits

Author SHA1 Message Date
Garming Sam
acc66d91b2 drsuapi.idl: Expose GetNCChanges req8 like req10
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-04-13 07:29:16 +02:00
Andrew Bartlett
493d886163 python: Add bindings for NTLMSSP
This is helpful for building NTLMv2 packets in python for testing against the SamLogon server

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:29 +02:00
Gary Lockyer
68200d0d88 named_pipe_auth: Rename client -> remote_client and server -> local_server
While these names may have been clear, much of Samba uses
remote_address and local_address, and this difference has hidden bugs.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:28 +02:00
Ralph Boehme
dc4bd3f751 s3/smbd: move copychunk ioctl limits to IDL
This will be needed in the next commit in vfs_default.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-03-28 17:45:20 +02:00
Andrew Bartlett
0837d0b9dc python: Provide Python bindings for messaging.idl
This will allow AUTH_EVENT_NAME and MSG_AUTH_LOG to be accessed from python

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 28 13:19:03 CEST 2017 on sn-devel-144
2017-03-28 13:19:03 +02:00
Andrew Bartlett
a3c9ad53a2 messaging: Declare well known server name auth_events as AUTH_EVENT_NAME in IDL
This makes it easy to ensure we use the same name in the python and the C

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-03-28 09:23:11 +02:00
Andrew Bartlett
6e87aa38c4 messaging.idl: Register a message type for authentication log messages
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-28 09:23:11 +02:00
Stefan Metzmacher
1161e11d48 lsa.idl: add SID_NAME_LABEL
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-03-23 09:01:21 +01:00
Stefan Metzmacher
3a5d76f092 netlogon.idl: make netr_LogonInfoClass public
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-03-23 09:01:21 +01:00
Bob Campbell
380b56e38a drsblobs: Add decode for replPropertyMetaData1
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
2017-03-13 05:10:11 +01:00
Volker Lendecke
a34c0a8638 Revert "winbind: Remove wbint_LookupUserGroups"
This reverts commit 256632ed3c.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12612

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-03-06 15:09:17 +01:00
Douglas Bagnall
70923b7521 ndr: Use resizing array instead of linked lists (breaking ABI)
The ndr token code keeps a temporary store of tokens which are
referred to a small number of times (often once) before being
discarded. The access patterns are somewhat stack-like, with recently
placed tokens being accessed most often.

The old code kept these tokens in a linked list, which we replace with
a self-resizing array.

This keeps everything roughly the same in big-O terms, but makes it
all faster in practice by vastly reducing the amount of tallocing and
pointer-chasing.

The peak memory use is strictly reduced. On a 64 bit machine each core
token struct fits in 16 bytes (after padding) while the two pointers
used by the DLIST add another 16 bytes, so the overall list allocation
is the same as the peak 2n array allocation -- except in the list case
it is dwarfed by the talloc and malloc metadata overhead.

Before settling on the resized arrays, we tried red-black trees, which
are bound to be better for large ndr structures. As it happens, we
don't deal with large structures (the size of replication clumps is
limited to 400 objects) and the asymptotic benefits of the trees are
not realised in practice.

With luck you should find graphs comparing the performance of these
various techniques at:

https://www.samba.org/~dbagnall/perf-tests/ndr-token/

This necessarily breaks the ABI because the linked list implementation
was publicly exposed.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Mar  2 08:38:22 CET 2017 on sn-devel-144
2017-03-02 08:38:21 +01:00
Douglas Bagnall
4bd8e63165 ndr: fix whitespace in libndr.h, ndr.c
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-03-02 04:35:14 +01:00
Andreas Schneider
79a49dc19a ndrdump: Fix a possible NULL pointer dereference
Found by covscan.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12592

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-02-23 03:18:10 +01:00
Stefan Metzmacher
c97e39b34f librpc/rpc: fix regression in NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping
Commit 1eef708729 changed the mapping for
DCERPC_NCA_S_FAULT_INVALID_TAG from NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE
to NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12585

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-02-21 16:09:21 +01:00
Cody Harrington
4940661658 ndrdump: Add the option --hex-input for hexdump parsing
This allows the user to input a hexdump that has been generated by the dump option.

Signed-off-by: Cody Harrington <cody@harringtonca.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-02-14 09:46:23 +01:00
Stefan Metzmacher
f5d3b863c7 drsuapi.idl: make drsuapi_DsGetNCChangesRequest10 [public]
This allows ndr_print to work.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-02-08 23:20:18 +01:00
Stefan Metzmacher
0c77567a4e drsuapi.idl: add drsuapi_DrsMoreOptions with DRSUAPI_DRS_GET_TGT
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-02-08 23:20:18 +01:00
Günther Deschner
db7b812149 librpc/ndr: add [to_null] keyword to szPackageId in spoolss_CorePrinterDriver.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2017-01-24 10:53:17 +01:00
Günther Deschner
303ae2a023 librpc/ndr: add ndr_push_charset_to_null and increase library version (abi change)
We were crashing earlier when calculating the length of NULL strings in
fixed size arrays (noticed while replying with an empty
spoolss_CorePrinterDriver struct within the spoolss_GetCorePrinterDrivers
call).

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2017-01-24 10:53:17 +01:00
Ralph Boehme
bdff81348d messaging.idl: add ringbuf message types
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2017-01-20 18:48:26 +01:00
Günther Deschner
0e7302dd10 spoolss: Fix PROCESSOR_AMD_X8664 value in IDL
Microsoft got their docs wrong in MS-RPRN Section 2.2.1.10.1 (footnote
65): PROCESSOR_AMD_X8664 must be 0x000021D8 and not 0x000022A0.

This is what recent windows versions report back from a spoolss
getprinter level 0 RPC call.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-12 15:35:13 +01:00
Volker Lendecke
67c0696761 winbind: Remove wbint_QueryUserList
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-04 12:22:13 +01:00
Volker Lendecke
256632ed3c winbind: Remove wbint_LookupUserGroups
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-04 12:22:12 +01:00
Volker Lendecke
5b2d74bd11 winbind: Remove wbint_QueryUser
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-04 12:22:12 +01:00
Volker Lendecke
f46932abfc librpc: Use "all_zero" where appropriate
... Saves a few bytes of footprint

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-01-03 16:04:28 +01:00
Volker Lendecke
901d2bd99b winbind: Add wbint_QueryUserRidList
This is an equivalent of QueryUserList with simpler output. The next
commit will use it to go through wb_getpwsid for getent passwd, to
make sure we get the same results. Eventually, this might get a simpler
backend.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-02 18:04:14 +01:00
Volker Lendecke
2022ec8770 winbind: Add a GetNssInfo parent/child call
This call will be done in the idmap child. It is not 100% the right place,
but there is no better one available to me. It will become a replacement
for the "winbind nss info" parameter: This global parameter is good
for just one domain. It might be possible to have idmap backend AD for
different domains, and the NSS info like primary gid, homedir and shell
might be done with different policies per domain. As we already have a
domain-specific idmap configuration, doing the NSS info configuration
there also is the closest way to do it.

The alternative, if we did not want to put this call into the idmap child
would be to establish an equivalent engine like the whole "idmap config
*" just for the nss info. But as I believe this is closely related,
I'll just keep it in the idmap child.

This also extends the wbint_userinfo structure with pretty much all user
related fields. The idea is that the GetNssInfo call can do whatever it
wants with it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-02 18:04:13 +01:00
Volker Lendecke
9079dc4f45 idmap: Pass up the xid2sids unix-ids from the idmap child
When asking for gid2sid with an idmap backend that does ID_TYPE_BOTH
and the sid in question is actually a user, the parent winbind needs
to know about it. The next commit will prime the gencache also after
xid2sid calls, and if we filled it with a ID_TYPE_GID entry, a later
sid2uid call would fail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12484

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-12-27 20:20:27 +01:00
Volker Lendecke
b26d441dea idl: Fix a comment typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-12-27 14:21:27 +01:00
Volker Lendecke
ce9e4a3501 CVE-2016-2123: Fix DNS vuln ZDI-CAN-3995
Thanks to Trend Micro's Zero Day Initiative and Frederic Besler for finding
this vulnerability with a PoC and a good analysis.

Signed-off-by: Volker Lendecke <vl@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12409
2016-12-20 07:51:14 +01:00
Andrew Bartlett
fee6bb7ca6 idl: Do not listen for lsarpc on \\pipe\netlogon
This prevents making the netlogon process multi-threaded.

This works on Windows becuase NETLOGON is part of lsad

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-12-15 08:21:11 +01:00
Douglas Bagnall
a7598fb53b rpc_server:netlogon Move from memcache to a tdb cache
This allows the netlogon server to be moved into a multi-process model
while still supporting clients that use a challenge from a different
network connection.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Dec 14 20:12:14 CET 2016 on sn-devel-144
2016-12-14 20:12:13 +01:00
Douglas Bagnall
91d5ea2ae9 librpc/ndr/uuid.c: improve speed and accuracy of GUID string parsing
GUID_from_data_blob() was relying on sscanf to parse strings, which was
slow and quite accepting of invalid GUIDs. Instead we directly read a
fixed number of hex bytes for each field.

This now passes the samba4.local.ndr.*.guid_from_string_invalid tests.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Dec 14 08:55:42 CET 2016 on sn-devel-144
2016-12-14 08:55:42 +01:00
Jeremy Allison
446851c861 librpc: cab: Fix ndr_size_cab_file() to detect integer wrap.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Dec  1 05:53:43 CET 2016 on sn-devel-144
2016-12-01 05:53:43 +01:00
Jeremy Allison
d2fe23ae0a librpc: cab: Integer wrap protection for ndr_count_cfdata().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-12-01 02:02:19 +01:00
Günther Deschner
e91895f411 librpc: Add ndr_cab_get_compression() for Cabinet compression evaluation
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-24 20:24:26 +01:00
Günther Deschner
983dac44f2 librpc: Add autogenerated file offset calculation for Cabinet files
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-24 20:24:26 +01:00
Günther Deschner
59ae0e5f34 librpc: Add autogenerated total cabinet size for Cabinet files
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-24 20:24:26 +01:00
Günther Deschner
4cc4fca23e librpc: Add autogenerated checksum calculation for Cabinet files
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-24 20:24:26 +01:00
Günther Deschner
88e1c4dc44 librpc: Introduce cab.idl
This allows processing of Windows Cabinet files (required for the MS-PAR
print protocol implementation)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-24 20:24:26 +01:00
Günther Deschner
73f664710a spoolss: Use correct values for secdesc and devmode pointers
ULONG_PTR needs to be decoded as a uint3264 and not as a 'uint32 *'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11197

Guenther

Pair-Programmed-With: Andreas Schneider <asn@samba.org>

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-11-11 22:57:22 +01:00
Andreas Schneider
790fbd62f9 idl: Remove unused DCERPC_FAULT_UNK_IF
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 26 15:06:44 CEST 2016 on sn-devel-144
2016-10-26 15:06:44 +02:00
Stefan Metzmacher
47d89002a4 librpc/rpc: verify the passed table against the table on the handle
Now that all callers of dcerpc_binding_handle_create() are fixed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:18 +02:00
Stefan Metzmacher
4dd06fb721 librpc/rpc: make sure we use the object from the handle in dcerpc_binding_handle_raw_call_send()
If there's an object set on the binding handle, we need to use that
and disallow per request passing of object.

The normal client code will always have the object on the binding handle.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:18 +02:00
Stefan Metzmacher
47221b2f95 librpc/rpc: no longer set FLAG_OBJECT_PRESENT and FLAG_BIGENDIAN for ndr_{pull,push}_ncacn_packet()
This is no longer required, it's done inside.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:18 +02:00
Stefan Metzmacher
e2f2250456 dcerpc.idl: set LIBNDR_FLAG_* flags based on DCERPC_PFC_FLAG_OBJECT_UUID and DCERPC_DREP_LE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:18 +02:00
Günther Deschner
6f642eb306 librpc: support "packet" for packet level authentication in binding strings
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:16 +02:00
Stefan Metzmacher
857b96cafc librpc: add dcerpc_ncacn_push_pkt_auth() helper function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:15 +02:00
Stefan Metzmacher
875d0111b4 librpc: add dcerpc_ncacn_pull_pkt_auth() helper function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:15 +02:00
Stefan Metzmacher
1c34351afc librpc/rpc: make use of dcerpc_pull_ncacn_packet() in dcerpc_read_ncacn_packet_done()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:13 +02:00
Stefan Metzmacher
fc65e48cbe librpc/rpc: move dcerpc_pull_ncacn_packet() from source3/librpc/rpc/ to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:13 +02:00
Stefan Metzmacher
3c6781ee4e dcerpc.idl: add DCERPC_FAULT_SERVER_UNAVAILABLE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:13 +02:00
Stefan Metzmacher
4400d3bde5 dcerpc.idl: remove unused dcerpc_request._pad
typedef struct {
        uint32 alloc_hint;
        uint16 context_id;
        uint16 opnum;
        /*
         * NDR_DCERPC_REQUEST_OBJECT_PRESENT
         * is defined differently for ndr_dcerpc.c and py_dcerpc.c
         */
        [switch_is(NDR_DCERPC_REQUEST_OBJECT_PRESENT)] dcerpc_object object;
        [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier;
} dcerpc_request;

- the generic dcerpc header has a size of 16 bytes.

- alloc_hint, context_id and opnum are 8 bytes together.

- dcerpc_object is 0 or 16 bytes.

That means stub_and_verifier is always aligned to 8 bytes
(either at offset 24 or 40).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:13 +02:00
Stefan Metzmacher
81d730edb5 dcerpc.idl: replace dcerpc_response._pad with a uint8 reserved
typedef struct {
        uint32 alloc_hint;
        uint16 context_id;
        uint8 cancel_count;
        [value(0)] uint8 reserved;
        [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier;
} dcerpc_response;

- the generic dcerpc header has a size of 16 bytes

- alloc_hint, context_id, cancel_count and reserved are 8 bytes together

So stub_and_verifier is 8 byte aligned at offset 24.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:13 +02:00
Stefan Metzmacher
96d317def1 dcerpc.idl: add dcerpc_fault_flags bitmap
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:13 +02:00
Stefan Metzmacher
4464896167 dcerpc.idl: split the padding from a possible fault buffer in dcerpc_fault
The 4 bytes of padding are always present and part of the header.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:12 +02:00
Stefan Metzmacher
0bc10e7c46 dcerpc.idl: remove unused DCERPC_AUTH_LEVEL_DEFAULT
Also the default should not be DCERPC_AUTH_LEVEL_CONNECT

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:12 +02:00
Stefan Metzmacher
001e23fd62 ntlmssp.idl: don't generate python bindings for ntlmssp_NTLM_RESPONSE and ntlmssp_LM_RESPONSE
ntlmssp_NTLM_RESPONSE and NTLM_RESPONSE will both result in
"ntlmssp.NTLM_RESPONSE".

The same applies to ntlmssp_LM_RESPONSE and LM_RESPONSE.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Oct 13 21:56:27 CEST 2016 on sn-devel-144
2016-10-13 21:56:27 +02:00
Stefan Metzmacher
0f1859b85e spoolss.idl: use access mask defines from security.idl
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-10-13 18:14:15 +02:00
Stefan Metzmacher
63686a1c82 nfs4acl.idl: rename interface to nfs4acl.idl to avoid naming clash in the python bindings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-10-13 18:14:15 +02:00
Steve French
cad43f2cd4 lib: Annotate well known SID names
Add Samba specific well known SIDs for
Unix UID and GID owner.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
2016-09-29 08:02:18 +02:00
Günther Deschner
3a33b6652d werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in librpc/idl/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:22 +02:00
Günther Deschner
b7e1a770dd librpc: fix some variable names in winspool protocol IDL
never undestimate the power of sed...

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-09-26 20:24:18 +02:00
David Disseldorp
0ad260e8f0 idl/ioctl: fix DUPLICATE_EXTENTS_TO_FILE fid field
This idl was based on an earlier draft documentation version. The
current documentation now shows:
"SourceFileID (16 bytes): An SMB2_FILEID structure, as specified in
[MS-SMB2] section 2.2.14.1, that is an identifier of the open to the
source file.".

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-22 20:40:08 +02:00
Günther Deschner
5b1cc2c9c7 s4-torture: add IRemoteWinspool ndr testsuite.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:28 +02:00
Günther Deschner
ac5e69b868 idl: compile iremotewinspool.idl.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:28 +02:00
Günther Deschner
a13c58574b librpc: add IRemoteWinspool idl
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:28 +02:00
Günther Deschner
c6d700ee1f spoolss: rename RPC_PrintNamedProperty to spoolss_PrintNamedProperty
We should try to avoid the RPC_ prefix in structs, enums for spoolss.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:27 +02:00
Günther Deschner
1e4ea50a4c spoolss: rename spoolss_RpcSendRecvBidiData to spoolss_SendRecvBidiData
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:27 +02:00
Günther Deschner
6476153069 spoolss: rename spoolss_RpcEnumJobNamedProperties to spoolss_EnumJobNamedProperties
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:27 +02:00
Günther Deschner
cdf958824e spoolss: rename spoolss_RpcDeleteJobNamedProperty to spoolss_DeleteJobNamedProperty
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:27 +02:00
Günther Deschner
17d94d0531 spoolss: rename spoolss_RpcSetJobNamedProperty to spoolss_SetJobNamedProperty
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:26 +02:00
Günther Deschner
d64b316fed spoolss: rename spoolss_RpcGetJobNamedPropertyValue to spoolss_GetJobNamedPropertyValue
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:26 +02:00
Günther Deschner
23f404b7f5 spoolss: rename spoolss_EnumPrintProcDataTypes to spoolss_EnumPrintProcessorDataTypes
This change makes automatic mapping for PAR->RPRN opcodes easier.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-09-22 12:29:26 +02:00
Günther Deschner
0d2dd7eb9b spoolss: add IDL for spoolss_LogJobInfoForBranchOffice.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-11 19:57:25 +02:00
Günther Deschner
d978e058a5 librpc: add clusapi_ResourceControlCode to IDL.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-07 23:56:16 +02:00
Günther Deschner
8142b38c02 librpc: add ClusterResTypeEnumType to IDL.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-07 23:56:16 +02:00
Günther Deschner
de11f1b32b librpc: add CLUS_RESOURCE_CLASS_INFO to IDL
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-07 23:56:16 +02:00
Günther Deschner
6fe2a2bb9d librpc: add ClusterGroupEnumType enum to IDL.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-07 23:56:15 +02:00
Günther Deschner
04d5a228c0 librpc: add clusapi_ResourceTypeControlCode enum.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-07 23:56:15 +02:00
Günther Deschner
b57da250a6 librpc/tools: support ndr64 in the validate path of ndrdump
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-08-25 01:38:28 +02:00
Günther Deschner
2d4107f9e1 librpc: fix IDL for spoolss_GetPrinterDriverPackagePath()
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-23 01:06:24 +02:00
Günther Deschner
bb8267ce49 librpc: fix spoolss_GetCorePrinterDrivers IDL.
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-23 01:06:24 +02:00
Günther Deschner
4b75b49816 spoolss: add various well known core printer driver file GUIDs to IDL.
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-23 01:06:24 +02:00
Andrew Bartlett
1246904d41 librpc: Add ndr_push_struct_into_fixed_blob() and use it in GUID_to_ndr_blob()
This allows us to allocate only the correct size, not a default of 1024 bytes
per push.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-07-28 10:06:12 +02:00
Stefan Metzmacher
8d64999d1c drsblobs.idl: add package_PrimarySambaGPGBlob
This will be used to store the cleartext utf16 password
GPG encrypted in the supplementalCredentials attribute.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-07-22 16:03:27 +02:00
Stefan Metzmacher
0e201ecdc5 krb5pac/netlogon: add a comment regarding PAC_LOGON_INFO unique pointers on push
This difference is the reason why we can't fully (ndr)validate some
PAC blobs.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-07-20 21:27:19 +02:00
Stefan Metzmacher
38527702fd krb5pac.idl: implement PAC_UPN_DNS_INFO correct
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-07-20 21:27:18 +02:00
Stefan Metzmacher
8e458360b4 krb5pac: fix push/pull of subcontexts in PAC_BUFFER
We need to have two subcontexts to get the padding right,
the outer subcontext uses NDR_ROUND(_ndr_size, 8), while
the inner subcontext only uses _ndr_size.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-07-20 21:27:18 +02:00
Günther Deschner
4f5dde6730 krb5pac: no need for a noprint PAC_BUFFER.
Guenther

@@ -1,6 +1,7 @@
 _PUBLIC_ void ndr_print_PAC_BUFFER(struct ndr_print *ndr, const char *name, const struct PAC_BUFFER *r)
 {
        ndr_print_struct(ndr, name, "PAC_BUFFER");
+       if (r == NULL) { ndr_print_null(ndr); return; }
        ndr->depth++;
        ndr_print_PAC_TYPE(ndr, "type", r->type);
        ndr_print_uint32(ndr, "_ndr_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?_ndr_size_PAC_INFO(r->info,r->type,0):r->_ndr_size);
@@ -11,7 +12,7 @@
                ndr_print_PAC_INFO(ndr, "info", r->info);
        }
        ndr->depth--;
-       ndr_print_uint32(ndr, "_pad", r->_pad);
+       ndr_print_uint32(ndr, "_pad", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0:r->_pad);
        ndr->depth--;
 }

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-07-20 21:27:18 +02:00
Stefan Metzmacher
26d2ea389b drsblobs.idl: supplementalCredentialsSubBlob make it possible to parse strange blobs
Windows omits the uint16 num_packages field when the packages array is empty.
This happens if the UF_SMARTCARD_REQUIRED flag is set for an account.

A user was created with a password and then userAccountControl was changed to
UF_NORMAL_ACCOUNT|UF_SMARTCARD_REQUIRED. In that case I'm getting
(as the whole supplementalCredentialsBlob):

[0000] 00 00 00 00 62 00 00 00   00 00 00 00 20 00 20 00   ....b... .... . .
[0010] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0020] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0030] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0040] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0050] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0060] 20 00 20 00 20 00 20 00   20 00 20 00 50 00 30       . . . .  . .P.0

I've also got cases (where I created an account with
UF_NORMAL_ACCOUNT|UF_ACCOUNTDISABLE|UF_SMARTCARD_REQUIRED
in the LDAP add) with the following strange blobs:

One time:
[0000] 00 00 00 00 00 00 00 00   00 00 00 00 00
and once:
[0000] 00 00 00 00 00 00 00 00   00 00 00 00 53

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-07-20 21:27:17 +02:00
Stefan Metzmacher
e9c9615a1f drsblobs.idl: mark supplementalCredentialsSubBlob as nopull,nopush
This commit moves the autogenerated ndr_{pull,push}_supplementalCredentialsSubBlob()
function to the handwritten librpc/ndr/ndr_drsblobs.c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-07-20 21:27:17 +02:00
Volker Lendecke
fa96452f9c smbd: Re-register notify requests
When notifyd is restarted, the parent will broadcast that fact to all workers.
They will then re-register their notify requests.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-20 05:21:07 +02:00
Stefan Metzmacher
49cd4c9853 drsuapi.idl: add DRSUAPI_ATTID_operatorCount and DRSUAPI_ATTID_adminCount
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-07-09 15:06:19 +02:00
Stefan Metzmacher
68879fd18a security.idl: add SID_NT_NFS S-1-5-88* sids
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-07-06 19:07:16 +02:00
Garming Sam
1a2427d97e typo: componemt => component
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-07-05 00:00:15 +02:00
Günther Deschner
8b7d92bb73 librpc: add decode_netlogon_samlogon_response_packet for mailslot debugging.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul  1 01:29:42 CEST 2016 on sn-devel-144
2016-07-01 01:29:42 +02:00
Stefan Metzmacher
4406cf792a krb5pac.idl: introduce PAC_DOMAIN_GROUP_MEMBERSHIP to handle the resource groups
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 30 07:16:45 CEST 2016 on sn-devel-144
2016-06-30 07:16:45 +02:00
Stefan Metzmacher
0fd4943ea1 netlogon.idl: make netr_SidAttr public
It will be used in krb5pac.idl soon.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:27 +02:00