1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Commit Graph

822 Commits

Author SHA1 Message Date
Andrew Tridgell
39b1d2b4c4 r8286: it makes more sense to combine the refresh count with the register count, as they
are really the same packet (you can register with a refresh)
(This used to be commit 5006528554)
2007-10-10 13:19:31 -05:00
Andrew Tridgell
146c854109 r8268: added the 'needed' logic to ehs generation, so we don't generate
functions we don't need. That is a lot of functions, as ejs is only
client side, so it only needs push functions for [out] vars, and pull
functions for [in] vars

added irpc and srvsvc IDL to list of available pipes.
(This used to be commit c7a9dbe70a)
2007-10-10 13:19:28 -05:00
Andrew Tridgell
7efeb8f451 r8256: - allow rpc calls from non-command line ejs contexts by creating a set
of null credentials to use if cmdline_credentials is not setup

- hide the length and size elements of a lsa_String from js scripts,
  so you can use a lsa_String just as an ordinary string without
  knowing its a structure. We won't do this with all structures, just
  a few core ones that are used often enough to warrant it.

- make sure returned ldb arrays have a length property
(This used to be commit 12d2092dd8)
2007-10-10 13:19:26 -05:00
Andrew Bartlett
e75c7ff39f r8252: Steal metze's thunder, and prove that with a few small tweaks, we can
now push/pull a sample PAC, and still have the same byte buffer.
(Metze set up the string code, and probably already has a similar
patch).

Unfortunetly win2k3 still doesn't like what we provide, but every step helps.

Also use data_blob_const() when we are just wrapping data for API
reasons.

Andrew Bartlett
(This used to be commit e7c8076fc1)
2007-10-10 13:19:25 -05:00
Andrew Bartlett
c0a78453a7 r8250: More PAC work. We now sucessfully verify the KDC signature from my DC
(I have included the krbtgt key from my test network).

It turns out the krbtgt signature is over the 16 (or whatever,
enc-type dependent) bytes of the signature, not the entire structure.

Also do not even try to use Kerberos or GSSAPI on an IP address, it
will only fail.

Andrew Bartlett
(This used to be commit 3b9558e82f)
2007-10-10 13:19:25 -05:00
Andrew Tridgell
f55b2b9610 r8233: - added support for more base types in pidl ejs
- added auto generation of a header with prototypes for public ejs functions

- make public functions non-static

- fixed allocation of fixed sized arrays

- added 'noejs' flag indicating that a typedef will be handled manually by ejs

- added manual functions for sid and GUID, so they show up as nice
  strings in ejs scripts

This allows ejs to bring in samr, security, lsa and misc IDL functions
(This used to be commit a8cb2dbdcc)
2007-10-10 13:19:23 -05:00
Stefan Metzmacher
0b92507760 r8232: remove samr_String and netr_String as they are the same as lsa_String
metze
(This used to be commit e601042c07)
2007-10-10 13:19:22 -05:00
Stefan Metzmacher
3d3a86f95d r8227: add STR_LARGE_SIZE flag, to support strings where the size is length+1,
metze
(This used to be commit cdd03fe87d)
2007-10-10 13:19:22 -05:00
Stefan Metzmacher
06a4e5688e r8223: fix the values of nt_version and type we reply in the server code,
also name the struct like the nt_version number

metze
(This used to be commit 1e3af5cc1f)
2007-10-10 13:19:21 -05:00
Tim Potter
372f3fae88 r8171: According to Samba 3 and Ethereal, the winreg_OpenUnkown stuff is
actually a uint16 * without the [string] attribute, a la the the
system_name argument to samr_Connect().

Initialising the pointer to NULL is sufficient and we still pass the
RPC-WINREG test against win2k3.
(This used to be commit 407d962dac)
2007-10-10 13:19:16 -05:00
Stefan Metzmacher
a7fd68286a r8168: after testing I saw that w2k3 uses unique pointers on the mgmt pipe
that also matches the spec at http://www.opengroup.org/onlinepubs/9629399/apdyq.htm

metze
(This used to be commit 117e678bde)
2007-10-10 13:19:16 -05:00
Stefan Metzmacher
4a993c5241 r8167: - use the same algorithm than w2k3 for 'unique' pointer values
- add a new 'sptr' (simple-full) pointer type to simulate what we need to support pipes
  like epmapper and mgmt that uses 'ptr' full pointer in their spec

- I runned make test and test_w2k3.sh with this, all fine

does we have any other pipe using 'unique' pointer where we need 'ptr'?

btw: jelmer, what does 'ignore' pointers do? they are allowed in pidl but not implemented!

metze
(This used to be commit d19068bfb2)
2007-10-10 13:19:16 -05:00
Stefan Metzmacher
a33178fc72 r8156: I found out that the unknown[2] field of the unknown[4] array is a length too,
it's always 16 bytes smaller than the size in the PAC_BUFFER

we now dump the blob's on LOCAL-PAC with -d 10

metze
(This used to be commit 4ef721ce53)
2007-10-10 13:19:13 -05:00
Stefan Metzmacher
148235a009 r8148: - make the PAC generation code a bit more readable and add some outof memory checks
- move to handmodified pull/push code for PAC_BUFFER
  to get the _ndr_size field and the subcontext size right

- after looking closely to the sample w2k3 PAC in our torture test (and some more in my archive)
  I found out that the first uint32 before the netr_SamInfo3 was also a pointer,
  (and we passed a NULL pointer there before, so I think that was the reason why the windows clients doesn't want our PAC)

  w2k3 uses this for unique pointers:

  ptr = ndr->ptr_count * 4;
  ptr |= 0x00020000;
  ndr->ptr_count;

- do one more pull/push round with the sample PAC

metze
(This used to be commit 0eee179415)
2007-10-10 13:19:13 -05:00
Andrew Bartlett
dbd2688c90 r8110: More PAC work. I still can't get WinXP to accept the PAC, but we are
much closer.

This changes PIDL to allow a subcontext to have a pad8 flag, saying to
pad behind to an 8 byte boundary.  This is the only way I can explain
the 4 trainling zeros in the signature struct.

Far more importantly, the PAC code is now under self-test, both in
creating/parsing our own PAC, but also a PAC from my win2k3 server.
This required changing auth_anonymous, because I wanted to reuse the
anonymous 'server_info' generation code.

I'm still having trouble with PIDL, particulary as surrounds value(),
but I'll follow up on the list.

Andrew Bartlett
(This used to be commit 50a54bf4e9)
2007-10-10 13:19:09 -05:00
Stefan Metzmacher
ccaf752e35 r8054: add OSVersion, OSVersionEx, DNSMachineName PrintServerData
metze
(This used to be commit 47781fccbc)
2007-10-10 13:19:03 -05:00
Andrew Tridgell
4354bebda7 r8053: requests from mmc show that the auth info for a bind should be 4 byte aligned, not
8 byte aligned
(This used to be commit c112a2b23e)
2007-10-10 13:19:03 -05:00
Stefan Metzmacher
88df3c81ee r8050: - make use of more [value()] properties
- the out subcontext's need to have a fixed size of r->in.offered,
  to make windows clients happy

metze
(This used to be commit 054e1ca434)
2007-10-10 13:19:02 -05:00
Jelmer Vernooij
d6acd2fb16 r8012: Add UUID for NDR64 transfer syntax.
(This used to be commit 6a3f622222)
2007-10-10 13:18:58 -05:00
Andrew Bartlett
ddffc922df r8001: Also fill in the krbtgt checksum, and make sure to put the right
checksum in the right place...

Andrew Bartlett
(This used to be commit 90d0f502da)
2007-10-10 13:18:57 -05:00
Andrew Bartlett
9a7481bcfe r7993: Further work on the Krb5 PAC.
We now generate the PAC, and can verifiy both our own PAC and the PAC
from Win2k3.

This commit adds the PAC generation code, spits out the code to get
the information we need from the NETLOGON server back into a auth/
helper function, and adds a number of glue functions.

In the process of building the PAC generation code, some hints in the
Microsoft PAC specification shed light on other parts of the code, and
the updates to samr.idl and netlogon.idl come from those hints.

Also in this commit:

The Heimdal build package has been split up, so as to only link the
KDC with smbd, not the client utils.

To enable the PAC to be veified with gensec_krb5 (which isn't quite
dead yet), the keyblock has been passed back to the calling layer.

Andrew Bartlett
(This used to be commit e2015671c2)
2007-10-10 13:18:57 -05:00
Andrew Tridgell
f04545f5d2 r7872: another place we were relying on the old behaviour of value()
(This used to be commit 25a64f8946)
2007-10-10 13:18:46 -05:00
Andrew Tridgell
7fc49243f3 r7870: fixed the RPC-SCHANNEL test. It turned out it was my const changes, as
they slightly changed the semantics of value() in pidl, which broke
a optimisation hack in some of our IDL files.

I've changed the idl files to remove the hack for now. Sometime we
need to find a better way to handle these :-)
(This used to be commit 765f75ea63)
2007-10-10 13:18:45 -05:00
Jelmer Vernooij
327a9ac650 r7729: Small fixes to the charset stuff.
(This used to be commit 5122b9f608)
2007-10-10 13:18:27 -05:00
Jelmer Vernooij
82dfe0b29b r7702: Implement [charset()] attribute.
(This used to be commit 7012e10bb6)
2007-10-10 13:18:23 -05:00
Stefan Metzmacher
19c9f032fd r7644: - remove some dublicate structures SetForm and AddForm uses the same struct
- fix some typos in EnumPrintServerForms()/GetPrintServerForms()
- add AddPrintServerForms()/SetPrintServerForms() and DeletePrintServerForms

metze
(This used to be commit 7390638842)
2007-10-10 13:18:17 -05:00
Stefan Metzmacher
8f85427d6d r7643: This patch adds a new NTPTR subsystem:
- this is an abstraction layer for print services,
  like out NTVFS subsystem for file services

- all protocol specific details are still in rpc_server/spoolss/
  - like the stupid in and out Buffer handling
  - checking of the r->in.server_name
  - ...

- this subsystem can have multiple implementation
  selected by the "ntptr providor" global-section parameter

- I currently added a "simple_ldb" backend,
  that stores Printers, Forms, Ports, Monitors, ...
  in the spoolss.db, and does no real printing
  this backend is basicly for testing, how the spoolss protocol
  works

- the interface is just a prototype and will be changed a bit
  the next days or weeks, till the simple_ldb backend can
  handle all calls that are used by normal w2k3/xp clients

- I'll also make the api async, as the ntvfs api
  this will make things like the RemoteFindFirstPrinterChangeNotifyEx(),
  that opens a connection back to the client, easier to implement,
  as we should not block the whole smbd for that

- the idea is to later implement a "unix" backend
  that works like the current samba3 code

- and maybe some embedded print server vendors can write there own
  backend that can directly talk to a printer without having cups or something like this

- the default settings are (it currently makes no sense to change them :-):

ntptr providor = simple_ldb
spoolss database = $private_dir/spoolss.db

metze
(This used to be commit 455b5536d4)
2007-10-10 13:18:16 -05:00
Stefan Metzmacher
056d63c62f r7580: - add GetPrinterDriverDirectory() idl, torture test and server code
- add EnumMonitors() server code and return "Standard TCP/IP Port"
- add parsing for opening Ports and Monitors with OpenPrinterEx()

metze
(This used to be commit 08e6de37bc)
2007-10-10 13:18:11 -05:00
Stefan Metzmacher
bc1f32b8ad r7575: - fix GetPrinterData() push side
- add somemore checks in the Emun*() pull/push glue code

metze
(This used to be commit 075fe1eb4b)
2007-10-10 13:18:11 -05:00
Stefan Metzmacher
04c3bbe053 r7574: - seperate [in] and [out] buffers and buf_sizes
- use the same names as etherel (offered,needed) for the buffer sizes
  (and they are really independently used)

metze
(This used to be commit f5532a5b74)
2007-10-10 13:18:11 -05:00
Jelmer Vernooij
c420c5a4c4 r7552: Use ParseExpr() for [value] attributes; allows
us somewhat cleaner IDL.
(This used to be commit b7b01bccd1)
2007-10-10 13:18:07 -05:00
Stefan Metzmacher
9ef145424a r7546: fix comment
metze
(This used to be commit de69d87ded)
2007-10-10 13:18:07 -05:00
Volker Lendecke
7104da3e8f r7399: Try to get the AIX compile one step further.
Volker
(This used to be commit 75dbd20693)
2007-10-10 13:17:50 -05:00
Günther Deschner
070a0631e1 r7394: rename LSA_TRUSTED_DOMAIN_INFO_5 to LSA_TRUSTED_DOMAIN_INFO_BASIC.
Guenther
(This used to be commit aec0d99da1)
2007-10-10 13:17:49 -05:00
Jelmer Vernooij
7c9d76d30c r7377: Integrate browse service stuff more nicely
Add notes on mailslots
Add TODO list for pidl, including some plans on switching
over to using [string] attributes for pidl.
(This used to be commit fca195ce07)
2007-10-10 13:17:48 -05:00
Stefan Metzmacher
f028d37c37 r7357: some minor updates
metze
(This used to be commit a547f2c2a1)
2007-10-10 13:17:46 -05:00
Stefan Metzmacher
3da5d18fe1 r7345: add WritePrinter(), AbortPrinter() and ReadPrinter() idl
metze
(This used to be commit 1fc617e871)
2007-10-10 13:17:45 -05:00
Stefan Metzmacher
56257df1d4 r7341: fix StartDocPrinter() idl
metze
(This used to be commit 08d28e5d20)
2007-10-10 13:17:44 -05:00
Stefan Metzmacher
bd1dc11f04 r7337: - fix SetJob() idl
- add StartDocPrinter() idl
- add EndDocPrinter() idl

metze
(This used to be commit c635a623bc)
2007-10-10 13:17:44 -05:00
Stefan Metzmacher
8423835521 r7331: fix parsing of spoolss_SetPrinter()
metze
(This used to be commit b0e7092bc5)
2007-10-10 13:17:43 -05:00
Stefan Metzmacher
9a831a3963 r7328: fix GetPrinterData and SetPrinterData, with zero length subcontexts
metze
(This used to be commit 73d597bacf)
2007-10-10 13:17:42 -05:00
Stefan Metzmacher
5b8c972c5b r7326: fix [validate]
metze
(This used to be commit 08eb591034)
2007-10-10 13:17:42 -05:00
Jelmer Vernooij
c8b8212a83 r7314: the various ncacn and ncadg PDU's share the same namespace
(This used to be commit 58fee22e0b)
2007-10-10 13:17:41 -05:00
Jelmer Vernooij
430dc36c1a r7312: Add IDL for ncadg packets.
(This used to be commit 2009a430b0)
2007-10-10 13:17:40 -05:00
Andrew Tridgell
b1381947bf r7309: started adding IDL for nbt management calls. This adds a
nbtd_information() call that has just one level for now, a
NBTD_STATISTICS level for packet statistics
(This used to be commit d0772eb5a7)
2007-10-10 13:17:40 -05:00
Andrew Tridgell
bf1ffa283c r7294: implemented the irpc messaging system. This is the core of the
management system I proposed on samba-technical a couple of days
ago. Essentially it is a very lightweight way for any code in Samba to
make IDL based rpc calls to anywhere else in the code, without the
client or server having to go to the trouble of setting up a full rpc
service.

It can be used with any of our existing IDL, but I expect it will
mostly be used for a new set of Samba specific management calls.

The LOCAL-IRPC torture test demonstrates how it can be used by calling
the echo_AddOne() call over this transport.
(This used to be commit 3d589a0995)
2007-10-10 13:17:37 -05:00
Tim Potter
b82d8c9928 r7212: Disambiguate dummy functions to avoid linker problemos.
(This used to be commit 61537301a3)
2007-10-10 13:17:26 -05:00
Jelmer Vernooij
a115c3e1e2 r7198: Add IDL for browse service
(This used to be commit c04fca198a)
2007-10-10 13:17:25 -05:00
Stefan Metzmacher
01fb2de4dc r7188: make use of the new relative_base property for the spoolss_Enum* functions
metze
(This used to be commit 870ed3a2b5)
2007-10-10 13:17:25 -05:00
Stefan Metzmacher
8618c6a906 r7182: remove current support for RELATIVE_CURRENT, this will be replaced with a better aproach later
metze
(This used to be commit 9a4e9f68fb)
2007-10-10 13:17:23 -05:00
Jelmer Vernooij
03c2d642a6 r7159: Improve the messages from pidl's validator module.
Change the IDL file for the echo interface to match the one we use for
Windows. The only thing different between the two files currently is the
names of the scalar types and the handling of strings.
(This used to be commit b264c61061)
2007-10-10 13:17:21 -05:00
Tim Potter
5ec5e7aa29 r7138: Doh - fix some typos.
(This used to be commit 20e1ed965a)
2007-10-10 13:17:21 -05:00
Tim Potter
b4540e5399 r7137: Add a couple more dummy idl files for the DNS server and Windows
Terminal Server remote management.
(This used to be commit 6838607893)
2007-10-10 13:17:21 -05:00
Stefan Metzmacher
62480f1252 r7120: make use of the new 'noopnum' property and get rid of handwritten
parsing code for the spoolss_Enum* functions, there still same handwritten code needed
but just to stack the autogenerated code into the correct way

metze
(This used to be commit 155d18e8b7)
2007-10-10 13:17:19 -05:00
Jelmer Vernooij
aa2580cab2 r7110: Remove invalid use of id()
(This used to be commit 9fe7e0f770)
2007-10-10 13:17:17 -05:00
Jelmer Vernooij
8017286589 r7037: Add enough pointers in the header file as well
Fix a couple of warnings.
(This used to be commit fcaa9d495c)
2007-10-10 13:17:07 -05:00
Jelmer Vernooij
55781cdce6 r7036: Allow more operations in several properties (such as size_is, length_is,
switch_is, etc) and simplify the code involved
(This used to be commit 86de98ee09)
2007-10-10 13:17:07 -05:00
Jelmer Vernooij
50d2bf0066 r7029: Make array support in pidl similar to that in other IDL compilers. We should
now able to use constructions like these:

[size_is(20)] int *x; -> Pointer to array of 20 ints
[size_is(20)] int x[]; -> Array of 20 ints
[size_is(20)] int *x[]; -> Array of 20 pointers to ints
[size_is(20,)] int *x[] -> Array of 20 pointers to ints
[size_is(,20)] int *x[]; -> Pointer to array of 20 ints
[size_is(,20)] int **x; -> Pointer to pointer to array of 20 ints
[size_is(20)] int x[][30]; -> 20 blocks of 30 ints
(This used to be commit ecf583da71)
2007-10-10 13:17:07 -05:00
Jelmer Vernooij
e427f58622 r6973: Merge new version of pidl into the main SAMBA_4_0 branch.
The main difference in this new version is the extra data structure generated
between the IDL data structure and the NDR parser:

IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc }

This makes the ndr_parser.pm internals much more sane.

Other changes include:

- Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags.
- Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc..
- Use if() {} rather then if () goto foo; everywhere
- NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC
- By default, top level pointers are now "ref" (as is the default in
  most other IDL compilers). This can be overridden using the
  default_pointer_top() property.
- initial work on new ethereal parser generators by Alan DeKok and me
- pidl now writes errors in the standard format used by compilers, which
  is parsable by most editors
- ability to warn about the fact that pidl extension(s) have been used,
  useful for making sure IDL files work with other IDL compilers.

oh, and there's probably some other things I can't think of right now..
(This used to be commit 13cf227615)
2007-10-10 13:17:01 -05:00
Volker Lendecke
283991e1ff r6907: Unixinfo for samba4, not activated by default.
Volker
(This used to be commit 81ddffde36)
2007-10-10 13:16:56 -05:00
Andrew Tridgell
eb77bb7416 r6814: fill in two more unknown values in cldap responses
(This used to be commit 5ee46b44be)
2007-10-10 13:16:47 -05:00
Stefan Metzmacher
6f76065690 r6781: -add some comments on how attributes and objectClasses are identified in DRSUAPI
-and some comments on what the attribute syntaxes matches what internal datatypes

metze
(This used to be commit 58c6887da4)
2007-10-10 13:16:43 -05:00
Andrew Tridgell
2f2fc84a7c r6720: added support for the remaining 2 types of CLDAP netlogon
response.

To work around the fact that the type of the returned data is not
encoded in the packet, this required adding ndr_pull_union_blob()
which allows us to pull a blob into a union with a specified switch
value, in this case the switch value comes from the calling NtVer field.
(This used to be commit bd27e626c2)
2007-10-10 13:16:37 -05:00
Andrew Tridgell
398a3130f5 r6719: pidl need to be told that the external type netr_SchannelType is an enum, otherwise
it will assume its a struct
(This used to be commit 9a8f3e3c4c)
2007-10-10 13:16:37 -05:00
Andrew Tridgell
0ac02ed7c3 r6693: first version of cldap client library, with async interface
(This used to be commit cbeffe830b)
2007-10-10 13:16:35 -05:00
Andrew Tridgell
f597d6df59 r6620: the type 23 schannel bind uses a workstation name, not an account name
(This used to be commit 250f1f69dd)
2007-10-10 13:16:31 -05:00
Jelmer Vernooij
bd638ea71c r6577: Make test works without installation now.
Running as a non-root user using socket_wrapper is possible by simple
export SOCKET_WRAPPER_DIR before running 'make test'
(This used to be commit 6d93fcc407)
2007-10-10 13:16:27 -05:00
Stefan Metzmacher
591ff7675d r6572: add "string_array" as new scalar type for handling SPOOLSS string array's
metze
(This used to be commit 23b529ee09)
2007-10-10 13:16:26 -05:00
Andrew Bartlett
85e9412c47 r6565: Cludge, cludge, cludge...
We need to pass the 'secure channel type' to the NETLOGON layer, which
must match the account type.

(Yes, jelmer objects to this inclusion of the kitchen sink ;-)

Andrew Bartlett
(This used to be commit 8ee208a926)
2007-10-10 13:16:26 -05:00
Andrew Tridgell
d448b73b5c r6557: make srvsvc available on ncalrpc and ncacn_ip_tcp so we can do each
comparitive benchmarks
(This used to be commit d4e702da77)
2007-10-10 13:16:25 -05:00
Andrew Bartlett
bb6e2059ee r6544: Use common structures between SAMR, NETLGON and the Krb5 PAC.
Fill out the group list for the SamLogon reply, so clients get the
supplementary groups.

Andrew Bartlett
(This used to be commit d9c31e60a7)
2007-10-10 13:16:24 -05:00
Andrew Bartlett
6b6bb89c91 r6526: Rename this RPC fault. Everybody else calls this ACCESS_DENIED, and
it certainly doesn't make sense as LOGON_FAILURE.

Andrew Bartlett
(This used to be commit 4bec3d3f37)
2007-10-10 13:16:22 -05:00
Stefan Metzmacher
b5c8b7e7dd r6518: fix formatting
metze
(This used to be commit 44f943f881)
2007-10-10 13:16:21 -05:00
Tim Potter
909087085e r6504: Fix incorrect value for SERVICE_STATE_ALL found by Karl Melcher.
(This used to be commit f705136558)
2007-10-10 13:16:20 -05:00
Andrew Tridgell
fdbc094c3e r6341: fixed the schannel idl to handle dotted names correctly
(This used to be commit 2873c0e917)
2007-10-10 13:11:33 -05:00
Andrew Tridgell
e284a26294 r6338: ADS style GETDC response now works well enough that WinXP can join
Samba4 without Samba3 nmbd
(This used to be commit f4d07d7d3b)
2007-10-10 13:11:33 -05:00
Andrew Tridgell
8d0a36366c r6331: added IDL and test suite for the ADS style response to a datagram netlogon query.
Note that this response is almost identical to the CLDAP netlogon
response, so adding that will now be quite easy.
(This used to be commit 1ea4ed4ad1)
2007-10-10 13:11:32 -05:00
Tim Potter
6bb0231229 r6325: Rename aliasname -> alias_name in CreateDomAlias function.
(This used to be commit 63dfa9b806)
2007-10-10 13:11:32 -05:00
Andrew Tridgell
63ddff3d7b r6323: added server side support for dgram NTLOGON requests. NT4 workstations can now login
to a Samba4 domain.
(This used to be commit df146d64eb)
2007-10-10 13:11:31 -05:00
Andrew Tridgell
f06e39e308 r6321: added IDL and test suite for NBT dgram 'sam logon' request (sent by
clients when a user tries to login)
(This used to be commit 08ded62156)
2007-10-10 13:11:31 -05:00
Andrew Tridgell
b6fd09d805 r6320: some minor netlogon datagram fixes - NT4 can now join a Samba4 domain without
Samba3 nmbd
(This used to be commit 4507bdc339)
2007-10-10 13:11:31 -05:00
Stefan Metzmacher
b95914cd82 r6295: - add idl for EcDoRpc from the exchange_emsmdb interface
this one uses a obfuscation(0xA5) subcontext

this is taken from the openchange.org project

metze
(This used to be commit 4632b37d0c)
2007-10-10 13:11:30 -05:00
Stefan Metzmacher
0af9ba9179 r6293: fix formating
metze
(This used to be commit f5424d2dad)
2007-10-10 13:11:29 -05:00
Andrew Tridgell
e7dd6a1291 r6287: sorted out a small but surprisingly tricky dependency problem with the
ndr code for handling sids and security descriptors now that we have a
sid in the nbt IDL
(This used to be commit f8e77fcdea)
2007-10-10 13:11:29 -05:00
Andrew Tridgell
ce7eb41930 r6248: added parsing of type 10 UAS announce netlogon packets
(This used to be commit d7e6e395ce)
2007-10-10 13:11:28 -05:00
Andrew Tridgell
b0ca8ed455 r6247: added the server side code for receiving mailslot requests, and
parsing incoming netlogon requests. No replies are sent yet.
(This used to be commit 3b34df6a67)
2007-10-10 13:11:28 -05:00
Andrew Tridgell
f83e6ded9d r6245: receive and parse the GETDC response in the NBT-DGRAM test. The test
now tries to bind to port 138 if possible, so if you run it as root
and smbd/nmbd is not running then it works against windows servers
(This used to be commit 52ccdb79bc)
2007-10-10 13:11:28 -05:00
Andrew Tridgell
7c6c366150 r6223: added a bit more datagram infrastructure and the beginnings of a test
suite. The NBT-DGRAM test does a UDP/138 netlogon request, to which a
windows server sends a reply, but the windows server sends the reply
to the wrong port (it always sends to 138), so the test suite doesn't
see it.
(This used to be commit a7634625db)
2007-10-10 13:11:27 -05:00
Andrew Tridgell
769070d502 r6209: started added code to support mailslot requests over UDP/138
datagrams. This adds the IDL to parse mailslot packets, plus mailslot
dispatch and listener registration code.

mailslots are used for UDP/138 browse and netlogon packets
(This used to be commit f20e7e5200)
2007-10-10 13:11:26 -05:00
Stefan Metzmacher
746bb14367 r6194: - fix some spoolss_*Form names and types
- fix GetPrinterData(), look inside the datablob

- add idl for RemoteFindFirstChangeNotify(), without meaning yet, just to not return a DCERPC_FAULT
  when receiving this request

metze
(This used to be commit 92f3d5bd9c)
2007-10-10 13:11:25 -05:00
Andrew Tridgell
a47cb58c2f r6184: the beginnings of the libcli/dgram/ library, and the dgram
server. Currently just listens on port 138 and parses the packets
(using IDL like the rest of NBT). This allows me to develop the
structures and test with real packets
(This used to be commit 10d64a5253)
2007-10-10 13:11:24 -05:00
Stefan Metzmacher
3abce73193 r6179: - add new spoolss tests for all spoolss_Enum*() calls which didn't need
a handle as parameter,

  EnumPorts
  EnumPrinterDrivers
  EnumMonitors
  EnumPrintProcessors
  EnumPrinters

  we now do cross checks between the different info levels
  and sore the results in a global context,
  so that we later can add cross checks between the different object types

- add idl for EnumMonitors and EnumPrintProcessors

metze
(This used to be commit 92a3721bc7)
2007-10-10 13:11:23 -05:00
Stefan Metzmacher
2d0349614c r6135: - make use of the new dom_sid28 type
(this fixes parsing of w2k blob, which some times have random gargabe data in the sid buffer)

- make the names of the DsReplicaCoursor*Ctr* 's more consistent
  and fix DsGetNCchangesCtr6 parsing

metze
(This used to be commit 75e427dca9)
2007-10-10 13:11:21 -05:00
Stefan Metzmacher
59b2ffb89f r6132: allow up to 15 sub_auth in a dom_sid
(tridge: asked me for that commit)

metze
(This used to be commit 2791de069a)
2007-10-10 13:11:21 -05:00
Stefan Metzmacher
e6772edd4b r6131: decompression of DsGetNCChanges level 2 responses works now
(and the push side isn't used currently...)

metze
(This used to be commit 2d121c8431)
2007-10-10 13:11:21 -05:00
Stefan Metzmacher
dfbd1752a1 r6115: don't try to decompress level 7 buffers yet
metze
(This used to be commit bbc0f6c552)
2007-10-10 13:11:20 -05:00
Stefan Metzmacher
4931dfc8c6 r6100: - fix nondiscriminant -> nodiscriminant (that takes me 2 days to find...:-( )
- use a DATA_BLOB for the driver specific data in the devmode

metze
(This used to be commit 87d48b2076)
2007-10-10 13:11:19 -05:00
Stefan Metzmacher
5a9ceee7a5 r6061: add start of compression support in our rpc code
this is not complete cuurently...

but I want other people to test it and help me on finishing it.
(try to change the #if 0 in torture/rpc/drsuapi.c into #if 1)

metze
(This used to be commit 335adef370)
2007-10-10 13:11:16 -05:00
Andrew Bartlett
a19d002cee r6032: Fix up SetServerPassword2 on NETLOGON for [bigendian]. Clearly nobody
has the patience to run test_w2k3.sh to completion :-)

It looks to me that the Windows server runs the RC4 over the C struct,
not the NDR data.

Andrew Bartlett
(This used to be commit c324d97413)
2007-10-10 13:11:16 -05:00
Stefan Metzmacher
3ec2c008b8 r6000: add some notes about the cases where compression (or what ever this is)
is used, in the reply.

metze
(This used to be commit 618dadb7ef)
2007-10-10 13:11:14 -05:00
Stefan Metzmacher
01ab1128ce r5998: I was wrong with the highwater mark...
I think I now understand how it works:-)

metze
(This used to be commit f8add2e66a)
2007-10-10 13:11:14 -05:00
Stefan Metzmacher
1bb3e99d06 r5949: give things more meaning, and reuse structs where it is possible
to make things more clear

metze
(This used to be commit adefeeb4f3)
2007-10-10 13:11:11 -05:00
Andrew Bartlett
df64302213 r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.

With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind.  This changes a lot of files, and these will again
be changed when jelmer does the credentials work.

I also correct some schannel IDL to distinguish between workstation
names and account names.  The distinction matters for domain trust
accounts.

Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.

In the schannel DB, we now store both the domain and computername, and
query on both.  This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.

In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.

This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.

The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.

The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests.  This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.

In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL.  This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc2)
2007-10-10 13:11:07 -05:00
Andrew Bartlett
5aa2646be8 r5879: Rename SAMR_FIELD_WORKSTATION to SAMR_FIELD_WORKSTATIONS - it is a list.
Andrew Bartlett
(This used to be commit 7822101cb5)
2007-10-10 13:11:06 -05:00
Jelmer Vernooij
ef213b0248 r5866: Add InitShutdown IDL and torture test.
Implement push side of NDR_LEN4|NDR_NOTERM strings (pull side was already present)
(This used to be commit ea61ec1122)
2007-10-10 13:11:05 -05:00
Stefan Metzmacher
85e0b90cf3 r5850: enable parsing of revision 4 security acl's
metze
(This used to be commit 2a6a075c7d)
2007-10-10 13:11:05 -05:00
Stefan Metzmacher
c2875e51e8 r5839: add LDAP DirSync control idl
metze
(This used to be commit 29d898a338)
2007-10-10 13:11:05 -05:00
Stefan Metzmacher
c638a8380d r5830: start to analyse the attribute values, depending on the attribute type
metze
(This used to be commit 63229b9503)
2007-10-10 13:11:05 -05:00
Stefan Metzmacher
d7b5a565ef r5828: add some idl for DsAddEntry()
metze
(This used to be commit 3e6ec81128)
2007-10-10 13:11:04 -05:00
Stefan Metzmacher
55546176c6 r5800: fix recursiv printing in ndr_print_DsGetNCChangesInfo1()
metze
(This used to be commit 1084ad4bfc)
2007-10-10 13:11:04 -05:00
Stefan Metzmacher
cead12981f r5799: more DsGetNCChanges updates, I'm starting to understand it...
also add a really simple torture test for DsGetNCChanges

metze
(This used to be commit bcde67a7ef)
2007-10-10 13:11:04 -05:00
Stefan Metzmacher
9743bdf86f r5798: limit the size of an sid, 28 bytes complete is the biggest SID
that can be handled.

tridge: do you think it would make sense to change the sub_auth[num_auths] to sub_auth[5],
        so we can copy the struct by sid1 = sid2;
	comments please

metze
(This used to be commit 2fc8a604b0)
2007-10-10 13:11:04 -05:00
Andrew Bartlett
d830fcd7d1 r5783: Test renaming of accounts in the RPC-SAMR test, and add support into
the SAMR server.

Andrew Bartlett
(This used to be commit fd748f9d2f)
2007-10-10 13:11:03 -05:00
Jelmer Vernooij
e9ca6e48ff r5775: Remove some unused functions (unions are no longer as special as they used to be)
Add oxid mapping table support in DCOM
(This used to be commit e193555f0e)
2007-10-10 13:11:02 -05:00
Stefan Metzmacher
768f82cbc6 r5766: get some more DsGetNCChanges stuff parsing correct
metze
(This used to be commit 1a4560997d)
2007-10-10 13:11:01 -05:00
Stefan Metzmacher
4b83366b6c r5742: - add torture test and idl for DsReplicaUpdateRefs()
(the torture test currently only tests if the idl is correct)

- add start for idl for DsGetNCChanges()
  (if someone didn't noticed the current ethereal trunk code can
   successful decrypt DCERPC and LDAP gsskrb5 encrypted blobs,
   when you provide a keytab and have compiled against heimdal :-)

- add a view bitmaps and enum's for better debugging

metze
(This used to be commit cf7c1352ab)
2007-10-10 13:11:01 -05:00
Jelmer Vernooij
d892500e73 r5676: Fix some alignment issues and IRemoteActivation
(This used to be commit a9b13f6701)
2007-10-10 13:10:59 -05:00
Jelmer Vernooij
77ec3f684d r5674: - Re-enable DCOM support.
- Always put IID in vtables (useful for asserts)
- Add table to keep track of DCOM proxy classes
- Bunch of smaller bug fixes
(This used to be commit 26d5a0b92c)
2007-10-10 13:10:59 -05:00
Jelmer Vernooij
ffae01d432 r5672: Use switch_type() and the token storage mechanism for unions:
- Makes union handling less special
 - Allows unions in arrays, etc
 - Compatible with midl
 - Pidl will warn about switch_type() and the type of the switch_is() variable being different
(This used to be commit dc6b4ffc82)
2007-10-10 13:10:58 -05:00
Jelmer Vernooij
5658167806 r5671: Bunch of fixes related to arrays and pointers to arrays.
(This used to be commit 00ef0feadd)
2007-10-10 13:10:58 -05:00
Jelmer Vernooij
363f99d0b8 r5662: eventlog uses dom_sid so it depends on security
(This used to be commit f9e9ff0d8d)
2007-10-10 13:10:57 -05:00
Jelmer Vernooij
631aa1f0ef r5661: Be a little stricter on syntax regarding arrays. A pointer to an
array can now only be :

 type *name[];

rather then :

 type *name;

which was supported in the past. Warnings will be given when the first
syntax is used. Reasons for this change in behaviour include improved
readability and the fact that the second format makes dealing with multiple
levels of pointers harder.
(This used to be commit a416de5825)
2007-10-10 13:10:57 -05:00
Tim Potter
23076eaa80 r5554: Constants and untested IDL for spoolss_SetPrinter()
(This used to be commit eed816e20f)
2007-10-10 13:10:54 -05:00
Tim Potter
04d3e8046a r5553: Add idl and test for spoolss_AddPort(). It always seems to return
WERR_NOT_SUPPORTED though.
(This used to be commit ba4730a378)
2007-10-10 13:10:54 -05:00
Stefan Metzmacher
68ce448fbd r5537: - make use of bitmaps and enums
- add and fix some PrinterInfo levels

- add and fix some DriverInfo levels

- fix EnumPrinterDriver torture test

the curent RPC-SPOOLSS now passes on w2k3

metze
(This used to be commit 14b88ca20d)
2007-10-10 13:10:53 -05:00
Stefan Metzmacher
6fbcb3534c r5515: fix PrinterInfo3
metze
(This used to be commit 0f5b0ec349)
2007-10-10 13:10:53 -05:00
Stefan Metzmacher
001dfe73dd r5505: make usage of bitmap's :-)
metze
(This used to be commit bc31e19f38)
2007-10-10 13:10:52 -05:00
Stefan Metzmacher
4926b8f5c0 r5498: fix OpenPrinter() idl and torture test
metze
(This used to be commit fd7950abe6)
2007-10-10 13:10:51 -05:00
Jelmer Vernooij
9c6ad1f762 r5492: Update example coclass, autogenerate some parts.
(This used to be commit 3c31cbaac0)
2007-10-10 13:10:50 -05:00
Jelmer Vernooij
80d3047333 r5490: The big (D)COM commit! :-) Contains most of the changes described in the
DCOM paper in lorikeet. This is the result of 1.5 months work (mainly
figuring out how things *really* work) at the end of 2004.

In general:
- Clearer distinction between COM and DCOM. DCOM is now merely
  the glue between DCE/RPC+ORPC and COM. COM can also work without
  DCOM now. This makes the code a lot clearer.
- Clearer distinction between NDR and DCOM. Before, NDR had a couple of
  "if"s to cope with DCOM, which are now gone.
- Use "real" arguments rather then structures for function arguments in
  COM, mainly because most of these calls are local so packing/unpacking
  data for every call is too much overhead (both speed- and code-wise)
- Support several mechanisms to load class objects:
  - from memory (e.g. part of the current executable, registered at start-up)
  - from shared object files
  - remotely
- Most things are now also named COM rather then DCOM because that's what it
  really is. After an object is created, it no longer matters whether it
  was created locally or remotely.

There is a very simple example class that contains
both a class factory and a class that implements the IStream interface.
It can be tested (locally only, remotely is broken at the moment)
by running the COM-SIMPLE smbtorture test.

Still to-do:
 - Autogenerate parts of the class implementation code (using the coclass definitions in IDL)
 - Test server-side
 - Implement some of the common classes, add definitions for common interfaces.
(This used to be commit 71fd3e5c3a)
2007-10-10 13:10:50 -05:00
Stefan Metzmacher
6b4cac2c00 r5489: hide handwritten pull/push/print code from the caller
for the spoolss_Enum* functions

metze
(This used to be commit bfcc86e706)
2007-10-10 13:10:50 -05:00
Jelmer Vernooij
600c49e772 r5486: - Use references to interfaces in coclasses rather then
full interfaces.
- Couple of bugfixes in odl.pm
- First use of multiple pointers in dcom.idl
(This used to be commit 3110c2ec44)
2007-10-10 13:10:49 -05:00
Jelmer Vernooij
d3996e944d r5476: Move ORPC extensions to DCE/RPC into seperate file.
(This used to be commit 75d8fc8338)
2007-10-10 13:10:49 -05:00
Jelmer Vernooij
64112074e9 r5465: Add support to multiple levels of pointers in pidl.
Also add a new function to echo.idl that tests this behaviour.
(This used to be commit e5eb5e847e)
2007-10-10 13:10:48 -05:00
Jelmer Vernooij
8ce2133e2c r5450: Add test function for "embedded" conformant arrays
(This used to be commit 900477226d)
2007-10-10 13:10:47 -05:00
Stefan Metzmacher
00da7414d7 r5445: move FormInfo1 struct to the place where it's used
metze
(This used to be commit 748c456641)
2007-10-10 13:10:46 -05:00
Andrew Tridgell
a6878f6c6e r5414: - added libcli/wins/, a basic client library for WINS replication
- added a new IDL type "udlongr", which is like udlong, but with the
  two uint32 halves reversed

- modified the winsrepl.idl to cope with a wider range of packets
(This used to be commit bc8d60c918)
2007-10-10 13:10:43 -05:00
Andrew Tridgell
b1db7877e2 r5402: a initial attempt at a IDL definition of the WINS replication protocol
on tcp port 42. This is enough to reasonably decode (with ndrdump) all
the packets I have seen on the wire. It will need some fine tuning
once I understand the protocol a bit more.
(This used to be commit 3f90bc1321)
2007-10-10 13:10:42 -05:00
Tim Potter
abc28d66e9 r5364: Rename string fields called 'domain' and 'name' to be 'domain_name'.
(This used to be commit 6749b9404d)
2007-10-10 13:09:46 -05:00
Jelmer Vernooij
e90c93402b r5362: Add pointer_default() support to pidl. pointer_default()
is assumed to be "ptr" if not specified (just like midl).

The validator will warn when "ptr" is used at the moment, because
pidl only supports unique, ref and relative at the moment.
(This used to be commit 31bed62a9a)
2007-10-10 13:09:46 -05:00
Jelmer Vernooij
51a6f7b227 r5361: Rename some functions, add tests to validator.
(This used to be commit c9d7b88756)
2007-10-10 13:09:46 -05:00
Andrew Tridgell
e199f4cef2 r5358: - added initial WINS server code. It passes most of the NBT-WINS test, but doesn't yet
do secure server WACK responses

- added a ldap_string_to_time() function, for converting a LDAP
  formatted time to a time_t
(This used to be commit 9aa3313b3f)
2007-10-10 13:09:45 -05:00
Andrew Tridgell
2513ac33de r5275: - added support for NBT_OPCODE_MULTI_HOME_REG (opcode 0xf) for WINS name registrations
- fixed a bug in the send queue handling on timeouts

- added support for handling unexpected replies (replies to the wrong
  port) at the nbtsocket layer

- added separate layer 2 code for wins refresh and wins registration
(This used to be commit 2502b02898)
2007-10-10 13:09:36 -05:00
Jelmer Vernooij
60d9b40ba4 r5209: Fix the endpoint mapper to work with IPX endpoints (which
accidently have the same protocol id as UUID's)
Before this, Samba would give NDR errors when contacting
a remote server that has IPX support enabled.

This one was on my long due bugs list.
(This used to be commit 7b847de64f)
2007-10-10 13:09:31 -05:00
Andrew Tridgell
9b9c23b19b r5155: define ipv4address as a based IDL type, mapped to a "const char *" in
the header, and defined on the wire as a 4 byte network byte order
IP. This means the calling code doesn't have to worry about network
byte order conversions.
(This used to be commit 72048e3717)
2007-10-10 13:09:28 -05:00
Stefan Metzmacher
c4f115aa1b r5148: use ipv4_addr also in epmapper idl
metze
(This used to be commit cbc1f17282)
2007-10-10 13:09:28 -05:00
Stefan Metzmacher
ca3f70256a r5145: define struct ipv4_addr in misc.idl,
so we can use it in nbt.idl and
get a nicer debug output

metze
(This used to be commit abacbc9192)
2007-10-10 13:09:27 -05:00
Andrew Tridgell
aa985bdee0 r5118: added support for node status replies in nbtd. nmblookup -S now works against Samba4.
Also added support for the '*' wildcard name
(This used to be commit 2dd7ccf724)
2007-10-10 13:09:24 -05:00
Andrew Tridgell
414f6c80b2 r5114: the nbtd task can now act as a basic B-node server. It registers its
names on the network and answers name queries. Lots of details are
still missing, but at least this now means you don't need a Samba3
nmbd to use Samba4.

missing pieces include:

 - name registrations should be "shout 3 times, then demand"

 - no WINS server yet

 - no master browser code
(This used to be commit d7d31fdc66)
2007-10-10 13:09:23 -05:00
Andrew Bartlett
5045bdc2a4 r5090: Fix up the IDL for LogonGetDomainInfo in NETLOGON.
Andrew Bartlett
(This used to be commit e5afc36093)
2007-10-10 13:09:21 -05:00
Andrew Tridgell
2c0a1f5391 r5084: - handle arbitrary data in the NULL record reply type for nbt name queries
- fixed unaligned pulls at the end of the packet in the ndr lib
(This used to be commit 61c43509f7)
2007-10-10 13:09:20 -05:00
Andrew Tridgell
465e089dd3 r5080: patch from ronnie to make our samr IDL a little more consistent
(This used to be commit 7607ddda3f)
2007-10-10 13:09:20 -05:00
Andrew Tridgell
e6ea227235 r5054: added a nmblookup tool, based on the new nbt library
(This used to be commit 9587cbcb9e)
2007-10-10 13:09:18 -05:00
Andrew Tridgell
1e42cacf6a r5036: changed HYPER_T to the more standard "hyper"
(This used to be commit 1d1a9c11ee)
2007-10-10 13:09:15 -05:00
Andrew Tridgell
3dd17f1288 r5034: - added a type mapping function in pidl, so the type names in our IDL
files don't need to match the type names in the generated headers

- with this type mapping we no longer need definitions for the
  deprecated "int32", "uint8" etc form of types. We can now force
  everyone to use the standard types int32_t, uint8_t etc.

- fixed all the code that used the deprecated types

- converted the IDL types "int64" and "uint64" to "dlong" and
  "udlong". These are the 4 byte aligned 64 bit integers that
  Microsoft internally define as two 32 bit integers in a
  structure. After discussions with Ronnie Sahlberg we decided that
  calling these "int64" was confusing, as it implied a true 8 byte
  aligned type

- fixed all the cases where we incorrectly used things like
  "NTTIME_hyper" in our C code. The generated API now uses a NTTIME for
  those. The fact that it is hyper-aligned on the wire is not relevant
  to the API, and should remain just a IDL property
(This used to be commit f86521677d)
2007-10-10 13:09:15 -05:00
Andrew Tridgell
5f78514676 r5027: added the IDL license to the IDL directory
(This used to be commit 765ede8ca6)
2007-10-10 13:09:14 -05:00
Tim Potter
9eea1eb94f r5005: Add missing size specifiers to various bitmaps.
(This used to be commit 19a907cb58)
2007-10-10 13:09:12 -05:00
Stefan Metzmacher
c108689bf6 r4962: add infrastructure to use raw krb5 auth in dcerpc client code
Note this doesn't work currently because the gensec_modules are not ready for that yet

metze
(This used to be commit 7b09a3f725)
2007-10-10 13:09:10 -05:00
Andrew Tridgell
ea923fb4a2 r4885: added a new NBT client library. Features include:
- structures defined using IDL in nbt.idl
 - build around our events structure, and talloc
 - fully async
 - supports all NBT packet fields as per rfc1002
 - easy interfaces for name query and status

For the moment there are just a couple of test functions in
namequery.c, test_name_query() and test_name_status(). These will be
removed when we hook the new library into libcli/ fully

The new library will also be a fairly good basis for a nbt
server. Although it can't be a server as-is, I wrote it with the needs
of a server in mind (for example, extremely scalable idtree based
packet handling)
(This used to be commit ae7e625bfa)
2007-10-10 13:09:01 -05:00
Stefan Metzmacher
3c9a2e225a r4804: add more emuns and bitmaps
metze
(This used to be commit 3381617a03)
2007-10-10 13:08:57 -05:00
Andrew Bartlett
2e33042aa7 r4774: It appears the SensitiveData contains the password history, as the
remaining data.  Pity - I was looking for kerberos keys :-)

Andrew Bartlett
(This used to be commit 37a81aad74)
2007-10-10 13:08:53 -05:00
Andrew Bartlett
4da8abcf0d r4768: Until I can prove it, we should not have these elements marked as
size_is() base arrays.

Andrew Bartlett
(This used to be commit 3d3063b1f6)
2007-10-10 13:08:52 -05:00
Andrew Bartlett
17725e5fd1 r4720: Reformat, rename, and convert to enums parts of the LSA IDL specification.
Andrew Bartlett
(This used to be commit d360f30948)
2007-10-10 13:08:48 -05:00
Andrew Bartlett
7ea2317e97 r4708: Comparing with LDAP, it is clear that these 'flags' are in fact the
POSIX offset for the trusted domain.

Andrew Bartlett
(This used to be commit cd9e795e40)
2007-10-10 13:08:46 -05:00
Stefan Metzmacher
894b6890b4 r4705: use an enum for reject_reason
metze
(This used to be commit 57bf3d7a83)
2007-10-10 13:08:45 -05:00
Andrew Bartlett
e54964c618 r4703: Add support for EnumTrustDomain, and expand the testsuite.
Add my copyright to the SAMR server.

Andrew Bartlett
(This used to be commit 51e94fa26c)
2007-10-10 13:08:45 -05:00
Stefan Metzmacher
516dbfd5ed r4702: implment idl, torture test and server code for netr_ServerPasswordSet2()
metze
(This used to be commit 7d8ba92da2)
2007-10-10 13:08:45 -05:00
Andrew Bartlett
c0571f6234 r4698: - Initial implementation of trusted domains in LSA.
- Use templates for Secrets and the new trusted domains

 - Auto-add modifiedTime, createdTime and objectGUID to records in the
   samdb layer.

Andrew Bartlett
(This used to be commit 271c8faadf)
2007-10-10 13:08:44 -05:00
Andrew Bartlett
a249198d53 r4682: A LDB-based secrets implementation in Samba4.
This uses LDB (a local secrets.ldb and the global samdb) to fill out
the secrets from an LSA perspective.

Some small changes to come, but the bulk of the work is now done.

A re-provision is required after this change.

Andrew Bartlett
(This used to be commit ded3303352)
2007-10-10 13:08:42 -05:00
Andrew Bartlett
462ef44745 r4673: Fix the IDL for the QuerySecret LSA call.
This call uses a new IDL type, NTTIME_hyper.  This is 8-byte aligned,
as the name suggests.

Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to
validate the behaviour of times, and of the old secrets.

Thanks to tridge for spotting the use of HYPER!

Andrew Bartlett
(This used to be commit 1fed79cb0f)
2007-10-10 13:08:40 -05:00
Stefan Metzmacher
fd4831f1f0 r4650: - make more use of bitmap and enum's
- move some structs out of misc.idl

metze
(This used to be commit b6543a6e30)
2007-10-10 13:08:39 -05:00
Stefan Metzmacher
860a3fb216 r4649: make more use of bitmap and enum's
metze
(This used to be commit fa798fe1f0)
2007-10-10 13:08:39 -05:00
Andrew Tridgell
cab7e90ae5 r4644: allow DSSETUP on ncacn_ip_tcp
(This used to be commit 6f2019c307)
2007-10-10 13:08:38 -05:00
Andrew Tridgell
0c75667594 r4638: expose lsa and drsuapi on ncalrpc
(This used to be commit 4e62bd2a34)
2007-10-10 13:08:37 -05:00
Andrew Tridgell
e74b3ed6f1 r4618: - tidied up the alter_context client code a bit
- there is no alter_nak or alter_ack packet, its all done in an
  alter_response

- auto-allocated the contex_ids

- tried to fix up the dcom code to work again with
  alter_context. Jelmer, please take a look :)
(This used to be commit dd1c54add8)
2007-10-10 13:08:34 -05:00
Andrew Tridgell
ab9ca55926 r4617: basic alter_context requests now work in our client library. The test
just does a simple LSA/DSSETUP combo, which is what w2k does in the
ACL editor rpc calls that triggered this work
(This used to be commit 0129ec947a)
2007-10-10 13:08:34 -05:00
Stefan Metzmacher
1ec6416a35 r4568: make use of SidType and move it to lsa.idl
metze
(This used to be commit c2523adc0a)
2007-10-10 13:08:28 -05:00
Andrew Tridgell
8943299838 r4564: added a comment on lsa_EnumAccounts IDL
(This used to be commit 08d7b77efc)
2007-10-10 13:08:28 -05:00
Stefan Metzmacher
d62a44c447 r4558: more use of bitmaps and enums
metze
(This used to be commit 2a859fbc90)
2007-10-10 13:08:27 -05:00
Stefan Metzmacher
5204a551be r4554: create svcctl_ServerType bitmap
metze
(This used to be commit ed1c98cb9d)
2007-10-10 13:08:27 -05:00
Stefan Metzmacher
678038a0f2 r4552: use samr_AcctFlags in netlogon.idl
metze
(This used to be commit 3e224575e5)
2007-10-10 13:08:26 -05:00
Stefan Metzmacher
895bc15672 r4542: use bitmap for samr_FieldsPresent and samr_AcctFlags
metze
(This used to be commit 109c91650a)
2007-10-10 13:08:20 -05:00
Stefan Metzmacher
922f196442 r4541: make use of new enum and bitmap features
metze
(This used to be commit fd96a07c5a)
2007-10-10 13:08:19 -05:00
Stefan Metzmacher
4a49604e6c r4536: make use of the new enum and bitmap feature of pidl
metze
(This used to be commit 7702d0f977)
2007-10-10 13:08:19 -05:00
Stefan Metzmacher
a4fc930235 r4532: - rename bitmap -> bits
the next commit is support for typedef bitmap {...}; in pidl

metze
(This used to be commit bd06a85cb7)
2007-10-10 13:08:19 -05:00
Andrew Tridgell
58d9adf409 r4526: - much simpler (and more accurate!) ndr_size_*() code generation. It
is less efficient, but I really doubt that matters.

- use enum in epmapper.idl for protocol type

- added support for "enum8bit" flag, used in epmapper.idl
(This used to be commit 1a24a50384)
2007-10-10 13:08:18 -05:00
Andrew Tridgell
d9ab65a8b4 r4524: converted a few bits of samr.idl to use enum properly
(This used to be commit 82313fb79e)
2007-10-10 13:08:18 -05:00
Andrew Tridgell
7588a01cb6 r4520: added a enum test function to the echo pipe
(This used to be commit f9e0aa1ab1)
2007-10-10 13:08:17 -05:00
Stefan Metzmacher
fd6aa0ecd3 r4507: this default is unnneded because the switch level is in the r->in
metze
(This used to be commit d60b2f094e)
2007-10-10 13:08:16 -05:00
Stefan Metzmacher
fa010c9676 r4483: - rename same structs, enums and uninons of the dssetup pipe
to match the style we are using in other pipes

- first fillin local vars and only set the out parameter on success

- for the server code only to the samdb lookup when it's needed

NOTE: the DsRoleGetPrimaryDomainInformation() code with DS_ROLE_MEMBER_SERVER
      is not tested yet, does someone has a w2k3 member server to test with?

metze
(This used to be commit e6d1136497)
2007-10-10 13:08:11 -05:00
Andrew Tridgell
c8541d041f r4462: - enable DSSETUP on ncalrpc
- add DSSETUP to the list of tests run in test_rpc.sh
(This used to be commit 73c3cdc8ed)
2007-10-10 13:07:53 -05:00
Andrew Tridgell
d487cca5cb r4461: finished the remaining information levels in the DSSETUP pipe. The pipe is now complete!
The only glitch is that I am returning DS_ROLE_MEMBER_SERVER when I
should be returning DS_ROLE_PRIMARY_DC. This is needed for the moment
or ACL editing doesn't work from w2k3. Once we have some more ADS
calls we should be able to fix this.
(This used to be commit 6566dc2805)
2007-10-10 13:07:53 -05:00
Jelmer Vernooij
2e4466344a r4457: Fix IDL + add torture test for InqObject
(This used to be commit dbcaff7c71)
2007-10-10 13:07:52 -05:00
Volker Lendecke
05720e4c17 r4456: NT4 usrmgr.exe asks for 4096 accounts, allow twice that.
Volker
(This used to be commit f8588a769c)
2007-10-10 13:07:52 -05:00
Andrew Tridgell
09d708e27e r4452: the beginnings of a dssetup rpc server.
(This used to be commit 1c2170ae21)
2007-10-10 13:07:52 -05:00
Andrew Tridgell
4ad7acbbee r4450: the beginnings of IDL for the dssetup pipe. I need this pipe for ACL editing from w2k3
when we present ourselves as a DC in the registry
(This used to be commit 9651901791)
2007-10-10 13:07:51 -05:00
Andrew Tridgell
502490b467 r4449: fixed the helpstring for LSA IDL
(This used to be commit 40a68a160e)
2007-10-10 13:07:51 -05:00
Andrew Tridgell
6c8df6db8f r4442: fix lsa_TranslatedSid3 (its a dom_sid2 not a dom_sid)
(This used to be commit 0dd2587095)
2007-10-10 13:07:50 -05:00
Andrew Tridgell
835d231cee r4437: added IDL and test code for lsa_LookupSids3() and lsa_LookupNames3().
For some reason I am getting ACCESS_DENIED from w2k3 on
lsa_LookupSids3(). I will investigate.
(This used to be commit c759fa0000)
2007-10-10 13:07:50 -05:00
Stefan Metzmacher
6b59b37744 r4436: add one more flag
metze
(This used to be commit 7886000e03)
2007-10-10 13:07:49 -05:00