sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
115,882 Commits 60 Branches 1,145 Tags 452 MiB
2f2da0966b
Commit Graph

1747 Commits

Author SHA1 Message Date
Stefan Metzmacher
c3b7e6e218 s3:rpc_client: use cli_credentials based functions in cli_rpc_pipe_open_schannel() 
This simplifies the code and allows the previous password to be passed
through the stack.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2015-03-12 17:13:43 +01:00
Stefan Metzmacher
0994e0a3e3 s3:rpc_client: remove unused auth_level paramter of cli_rpc_pipe_open_schannel() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2015-03-12 17:13:43 +01:00
Stefan Metzmacher
8d73127462 s3:cli_netlogon: cli_credentials_get_old_nt_hash() in rpccli_setup_netlogon_creds_with_creds() 
This way we'll fallback to use the previous machine/trust account password
if required.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2015-03-12 17:13:42 +01:00
Stefan Metzmacher
fb42b02c9f s3:rpc_client: add cli_rpc_pipe_open_schannel_with_creds() helper function 
This will simplify the callers and add potential support for SEC_CHAN_DNS_DOMAIN
as cli_credentials_get_realm() will return the correct value compared to
cli_credentials_get_domain().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-12-19 13:15:13 +01:00
Stefan Metzmacher
995cf54b31 s3:cli_netlogon: add rpccli_{create,setup}_netlogon_creds_with_creds() helper functions 
This simplifies the callers, then can just pass in a cli_credentials structure.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-12-19 13:15:13 +01:00
Andrew Bartlett
295b323b1c s3-librpc: Add cli_rpc_pipe_open_with_creds() 
This provides a credentials-based interface.  In the long term, we
will want to change this not to reference the credentials, but for now
this suits the caller in winbindd_cm.c

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-10-17 12:57:07 +02:00
Andrew Bartlett
ae72733874 s3-winbindd: Attempt to connect to NETLOGON over NCACN_IP_TCP if we can 
This is very helpful in the trusted domain situation, as we may not
have a two-way trust but we can use our domain trust account to set up
a connection to NETLOGON

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct  8 12:48:15 CEST 2014 on sn-devel-104
 2014-10-08 12:48:15 +02:00
Andrew Bartlett
6f97237edb s3-rpc_client: Migrate to cli_rpc_pipe_open_generic_auth and remove cli_rpc_pipe_open_spnego 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct  8 03:36:52 CEST 2014 on sn-devel-104
 2014-10-08 03:36:52 +02:00
Andrew Bartlett
8166ecaaa0 s3-rpc_client: Adapt cli_rpc_pipe_open_generic_auth to use enum credentials_kerberos_state 
This allows us to pass this value in directly from the cli_credentials structure in winbindd, once we merge this with cli_rpc_pipe_open_spnego().

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-10-08 01:09:51 +02:00
Andrew Bartlett
74dcde5347 s3-rpc_client: Adapt cli_rpc_pipe_open_spnego to use enum credentials_kerberos_state 
This allows us to pass this value in directly from the cli_credentials
structure in winbindd.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-10-08 01:09:51 +02:00
Andrew Bartlett
d0a0af3550 librpc: gensec is our security provider abstraction, remove a void * 
Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-09-27 01:35:36 +02:00
Andrew Bartlett
f8643b9f5f librpc: Remove user/domain from struct pipe_auth_data 
This does require that we always fill in the gensec pointer, but the
simplification is worth the extra allocations.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-09-27 01:35:36 +02:00
Andrew Bartlett
8485cc9448 s3-rpc_client: Do not give NT_STATUS_NO_MEMORY when the source string was NULL 
Change-Id: I25a4dcc2239267ee7c219e965693027ca2981983
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
 2014-09-01 00:36:42 +02:00
Günther Deschner
b722167b2c s3-rpc_client: return info3 in rpccli_netlogon_password_logon(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-07-15 16:00:40 +02:00
Stefan Metzmacher
6a5cd1857f s3:rpc_client: Use gensec for NCALRPC_AS_SYSTEM. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-04-24 11:21:05 +02:00
Stefan Metzmacher
2ed1789e4d s3:rpc_client: pass everything to gensec by default 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-04-24 11:21:05 +02:00
Stefan Metzmacher
2103c373b4 auth/gensec: remove tevent_context argument from gensec_update() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-03-27 00:36:32 +01:00
David Disseldorp
ebe6627c1f rpc_client: retry open on STATUS_PIPE_NOT_AVAILABLE 
Windows Server starts some named pipe services on demand, and responds
to initial open requests with STATUS_PIPE_NOT_AVAILABLE. The FssagentRpc
named pipe on Windows Server 2012 exhibits this behaviour.

This change sees rpcclient retry named pipe open requests when the
server responds with STATUS_PIPE_NOT_AVAILABLE. The retry logic is
contained in an asynchronous tevent_timer callback, to allow for
non-blocking callers.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-03-04 03:03:24 +01:00
Stefan Metzmacher
a1e013505c s3:rpc_client: avoid using dcerpc_binding internals in rpc_pipe_get_tcp_port() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2014-02-13 11:54:16 +01:00
Stefan Metzmacher
ded957614b s3:rpc_client: use address "0.0.0.0" and port "135" for epmapper requests 
Note: binding->host = NULL lets dcerpc_binding_build_tower()
use "0.0.0.0".

This matches Windows clients.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2014-02-11 16:20:31 +01:00
Stefan Metzmacher
aeab9602c0 s3:librpc/rpc: only propose header signing if we use sign or seal 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2014-02-11 16:02:14 +01:00
Michael Adam
020fab300d s3:rpc_client: optimize the netlogon_creds_cli.tdb for read-only access 
Usually a record in this DB will be written once and then read
many times by winbindd processes on multiple nodes (when run in
a cluster). In order not to introduce a big performance penalty
with the increased correctness achieved by storing the netlogon
creds, in a cluster setup, we should activate ctdb's read only
record copies on this db.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-02-07 16:06:06 +01:00
Michael Adam
cf0cb0add9 dbwrap: add a dbwrap_flags argument to db_open() 
This is in preparation to support handing flags to backends,
in particular activating read only record support for ctdb
databases. For a start, this does nothing but adding the
parameter, and all databases use DBWRAP_FLAG_NONE.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-02-07 16:06:06 +01:00
Stefan Metzmacher
8cf4eff201 s3:rpc_client: use db_open() to open "netlogon_creds_cli.tdb" 
This uses dbwrap_ctdb if running in a cluster.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-22 17:11:54 +01:00
Stefan Metzmacher
dc561b7e2d dcerpc.idl: make use of union dcerpc_bind_ack_reason and fix all callers. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Jan 16 18:21:40 CET 2014 on sn-devel-104
 2014-01-16 18:21:40 +01:00
Stefan Metzmacher
c0761c3eae s3:rpc_client: finally remove unused rpc_pipe_client->netlogon_creds 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:16 +01:00
Stefan Metzmacher
3f41b58384 s3:rpc_client: remove unused rpccli_netlogon_sam_network_logon() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:16 +01:00
Stefan Metzmacher
e4fea80693 s3:rpc_client: remove unused rpccli_netlogon_sam_logon() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:16 +01:00
Stefan Metzmacher
a4faf57b47 s3:rpc_client: remove unused rpccli_netlogon_setup_creds() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:15 +01:00
Stefan Metzmacher
6d457ad9c1 s3:rpc_client: remove unused rpccli_netlogon_set_trust_password() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:15 +01:00
Stefan Metzmacher
660150b12a s3:rpc_client: make cli_rpc_pipe_open_schannel() more flexible 
It expects a messaging_context now
and returns a netlogon_creds_cli_context.

This way we can finally avoid having a rpc_pipe_client->netlogon_creds.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:15 +01:00
Stefan Metzmacher
94caf7e190 s3:rpc_client: use rpccli_{create,setup}_netlogon_creds() in cli_rpc_pipe_open_schannel() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:10 +01:00
Stefan Metzmacher
b7dc3fb204 s3:rpc_client: add rpccli_netlogon_password_logon() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:08 +01:00
Stefan Metzmacher
5196493c9e s3:rpc_client: add rpccli_netlogon_network_logon() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:08 +01:00
Stefan Metzmacher
a07cc9a1c6 s3:rpc_client: remove unused rpccli_netlogon_sam_network_logon_ex() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:08 +01:00
Stefan Metzmacher
3c025af657 s3:rpc_client: add rpccli_pre_open_netlogon_creds() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:07 +01:00
Stefan Metzmacher
14ceb7b501 s3:rpc_client: add rpccli_{create,setup}_netlogon_creds() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:07 +01:00
Stefan Metzmacher
5adfc5f9f7 s3:rpc_client: use netlogon_creds_cli_auth_level() in cli_rpc_pipe_open_schannel_with_key() 
This means the auth level is now based on the "winbindd sealed pipes" option,
defaulting to "yes" and DCERPC_AUTH_LEVEL_PRIVACY.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:07 +01:00
Stefan Metzmacher
38d4dba374 s3:rpc_client: make use of the new netlogon_creds_cli_context 
This exchanges rpc_pipe_client->dc with rpc_pipe_client->netlogon_creds
and lets the secure channel session state be stored in node local database.

This is the proper fix for a large number of bugs:
https://bugzilla.samba.org/show_bug.cgi?id=6563
https://bugzilla.samba.org/show_bug.cgi?id=7944
https://bugzilla.samba.org/show_bug.cgi?id=7945
https://bugzilla.samba.org/show_bug.cgi?id=7568
https://bugzilla.samba.org/show_bug.cgi?id=8599

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:06 +01:00
Stefan Metzmacher
0059929601 libcli/smb: s/tstream_cli_np/tstream_smbXcli_np 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 08:37:42 +01:00
Stefan Metzmacher
024fc73047 libcli/smb: move source3/libsmb/cli_np_tstream.c to tstream_smbXcli_np.c 
This code is generic enough to have it in the top level now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 08:37:42 +01:00
Gregor Beck
46d29d46bc s3:libsmb: do not use cli_state internally within cli_np_tstream 
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 08:37:41 +01:00
Stefan Metzmacher
6ab9164c74 s3:rpc_client: send a dcerpc_sec_verification_trailer if needed 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan  7 02:24:42 CET 2014 on sn-devel-104
 2014-01-07 02:24:41 +01:00
Stefan Metzmacher
f0532fe0cd s3:rpc_client: fill alloc_hint with the remaining data not the total data. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 00:27:12 +01:00
Stefan Metzmacher
61bdbc23cd s3:rpc_client: implement DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 00:27:11 +01:00
Stefan Metzmacher
f7bf7e705e s3:rpc_client: handle DCERPC_AUTH_TYPE_SCHANNEL as any other gensec backend 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 00:27:11 +01:00
Stefan Metzmacher
4d3376e919 s3:rpc_client: add some const to rpc_api_pipe_req_send() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 00:27:11 +01:00
Stefan Metzmacher
946e29dbc1 s3:rpc_client: make rpc_api_pipe_req_send/recv static 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 00:27:11 +01:00
Stefan Metzmacher
5b39a351a8 s3:rpc_client: talloc_zero pipe_auth_data 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 00:27:11 +01:00
Jeremy Allison
0dc6181894 CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked. 
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
 2013-12-09 07:05:46 +01:00
Jeremy Allison
b0ba4a5621 CVE-2013-4408:s3:Ensure LookupSids replies arrays are range checked. 
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
 2013-12-09 07:05:46 +01:00
Jeremy Allison
a516ae6868 CVE-2013-4408:s3:Ensure we always check call_id when validating an RPC reply. 
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-12-09 07:05:46 +01:00
Stefan Metzmacher
8b7c862bab CVE-2013-4408:s3:rpc_client: verify frag_len at least contains the header size 
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2013-12-09 07:05:45 +01:00
Gregor Beck
412af28e1e s3:rpc_client: fix a leaked talloc_stackframe 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10241

Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-11-04 10:38:50 +01:00
Andreas Schneider
5990de5d89 s3-rpc_client: Make data pointer const in trans_send(). 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 30 01:32:08 CET 2013 on sn-devel-104
 2013-10-30 01:32:08 +01:00
Gregor Beck
1974dbe30c s3:rpc_client: remove unused rpc_pipe_np_smb_conn() 
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-10-17 08:48:50 +13:00
Stefan Metzmacher
872486bbd0 s3:rpc_client: pass object and table to rpccli_bh_create() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-10-17 08:48:45 +13:00
Stefan Metzmacher
f773ed2cf7 s3:rpc_client: implement dcerpc_binding_handle_auth_info() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-10-17 08:48:44 +13:00
Günther Deschner
b73e2d927b s3-rpc: use dcerpc_default_transport_endpoint function. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-20 13:07:30 +02:00
Günther Deschner
a94e278883 s3-rpc: use table->name directly in DEBUG contexts. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-20 13:07:10 +02:00
Günther Deschner
45949d7218 s3-rpc_cli: remove unused schannel calls from cli_pipe.c 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-19 11:09:55 +02:00
Günther Deschner
89d0b89b5d s3-rpc_cli: use gensec for schannel bind. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-19 11:09:36 +02:00
Günther Deschner
7b570b4128 s3-rpc_cli: allow to pass down a netlogon CredentialState struct to gensec. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-19 11:09:27 +02:00
Stefan Metzmacher
af4dc30684 s3:cli_pipe.c: return NO_USER_SESSION_KEY in cli_get_session_key() for schannel 
SCHANNEL connections don't have a user session key,
they're like anonymous connections.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:58 +02:00
Stefan Metzmacher
838cb53962 s3:cli_pipe: pass down creds->computer_name to NL_AUTH_MESSAGE 
We need to use the same computer_name value as in the netr_Authenticate3()
request.

We abuse cli->auth->user_name to pass the value down.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:57 +02:00
Stefan Metzmacher
e96142fc43 s3:cli_pipe: make use of netsec_create_state() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:57 +02:00
Stefan Metzmacher
04938cbeec s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:55 +02:00
Stefan Metzmacher
3302356226 s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind* 
It's done in the caller now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:55 +02:00
Stefan Metzmacher
eecb5bafba s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:54 +02:00
Stefan Metzmacher
e9c8e3fb92 s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:54 +02:00
Stefan Metzmacher
90e28c1825 s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:54 +02:00
Stefan Metzmacher
04600634b3 s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:53 +02:00
Stefan Metzmacher
94be8d63cd s3:rpc_client: rename same variables in cli_rpc_pipe_open_schannel_with_key() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Stefan Metzmacher
8a302fc353 s3:rpc_client: use the correct context for netlogon_creds_copy() in rpccli_schannel_bind_data() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Stefan Metzmacher
6ce645e03c s3:rpc_client: make rpccli_schannel_bind_data() static 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Günther Deschner
a9d5b2fdf0 libcli/auth: also set secure channel type in netlogon_creds_client_init(). 
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
b19e7e6638 s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init_send(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
c41b6e5c5e s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
7bdcfcb37c s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
0ff8c2d508 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
5c5cff0a72 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
8cd3a06051 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
34cc4b4095 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9aa99c3cfb s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9813fe2b04 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
3dc3a6c848 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
7f169474fc s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_ntlmssp_auth_schannel(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
f6d61b571d s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:29:59 +02:00
Günther Deschner
9b4fb5b074 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:29:59 +02:00
Günther Deschner
a1368ca6ef s3-rpc_cli: remove prototype of nonexisting cli_rpc_pipe_open_krb5(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:29:59 +02:00
Volker Lendecke
e322420dc7 rpc_cli: Remove some unnecessary initializations 
tevent_req_create already initializes "state" to 0

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul  8 17:04:20 CEST 2013 on sn-devel-104
 2013-07-08 17:04:19 +02:00
Andrew Bartlett
fc13489c91 build: Build with system md5.h on OpenIndiana 
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5.  I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.

This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
 2013-06-19 21:32:36 +02:00
Christian Ambach
3d29bb2d37 s3:rpc_client fix a crash 
state->cli->dc does not have to be set (e.g. when running
net rpc join against an older Samba PDC), so check it before dereferencing it

This fixes Bug 9669 - net rpc join crashes against a Samba 3.0.33 PDC

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9669

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Feb 20 19:00:52 CET 2013 on sn-devel-104
 2013-02-20 19:00:52 +01:00
Stefan Metzmacher
f9d0473d02 s3:rpc_client: s/struct event_context/struct tevent_context 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2013-02-19 23:47:52 +01:00
Stefan Metzmacher
b538c31889 s3:rpc_client: make use of samba_tevent_context_init() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2013-02-19 23:47:49 +01:00
Günther Deschner
e8feca012e spoolss: make spoolss deal with ndr64 ULONG_PTR of devmode_ptr and secdesc_ptr. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
 2013-01-17 17:11:37 +01:00
Günther Deschner
a4dcf7b94d spoolss: Make OpenPrinterEx work with NDR64 by using UserInfo Container. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-01-16 11:42:13 +01:00
Günther Deschner
563cc67ac6 libcli/auth: rename netlogon_creds_decrypt_samlogon() to netlogon_creds_decrypt_samlogon_validation(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2012-12-15 21:50:36 +01:00
Günther Deschner
c6f4745c56 s3-rpc_client: use netlogon_creds_aes_encrypt in interactive netlogon samlogon. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2012-12-09 19:39:07 +01:00
Günther Deschner
64345018cd s3-rpc_client: support AES encryption in netr_ServerPasswordSet2 client. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2012-12-09 19:39:07 +01:00
Günther Deschner
ec06c81db3 s3-rpc_client: use netlogon_creds_arcfour_crypt() in init_netr_CryptPassword. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2012-12-09 19:39:07 +01:00
Günther Deschner
3c486dfee4 s3-rpc_client: make dcerpc_lsa_lookup_names_generic() public. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2012-11-30 11:49:41 +01:00
Günther Deschner
2d38154f91 s3-rpc_cli: make dcerpc_lsa_lookup_sids_generic() public. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2012-11-30 11:49:38 +01:00
Günther Deschner
457c933ff0 s3-rpc_cli: Remove some unused wrapping code. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2012-11-30 11:49:21 +01:00
Günther Deschner
b11ba24883 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104
 2012-11-26 17:36:19 +01:00
Günther Deschner
2032f2746d s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426) 
The server name type (0x20) is much more likely to be available in the name cache, as
this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp
code currently.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104
 2012-11-23 16:30:56 +01:00
Andreas Schneider
24fc5b46f2 s3-spoolss: Fix builtin forms order to match Windows again. 
Thanks to mamachine@gmail.com.

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Sep 26 20:07:44 CEST 2012 on sn-devel-104
 2012-09-26 20:07:43 +02:00
Stefan Metzmacher
8e1c6d4232 s3:rpc_client: rename pipe_auth_data->user_session_key to transport_session_key 
metze
 2012-08-01 14:17:15 +02:00
Stefan Metzmacher
8b42f526f4 s3:rpc_client: make use of smbXcli_session_application_key() 
metze
 2012-08-01 14:17:14 +02:00
Andreas Schneider
33206b1e24 s3-rpc_client: Fix updating netlogon credentials. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2012-07-17 13:53:37 +02:00
Andreas Schneider
572b549063 s3-rpc_client: Add capabilities check for AES encrypted connections. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2012-07-17 13:53:37 +02:00
Andreas Schneider
a866dcc4f6 s3-rpc: Return the correct ntstatus depending on the transport. 2012-07-06 10:00:57 +02:00
Volker Lendecke
b9a15f1bfa s3: Give machine password changes 10 minutes of time 
This is what we do at domain join time as well, see
lib/netapi/joindomain.c:141

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-06-22 17:28:20 +02:00
Stefan Metzmacher
1e5010fd99 s3:rpc_client: tstream_cli_np_open_send() doesn't expect a leading backslash 
This fixes winbindd against a windows server using SMB2.

metze
 2012-05-28 19:51:46 +02:00
Luk Claes
4f6f4ea93c s3:libsmb: get rid of cli_state_remote_name 
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-05-28 14:49:45 +02:00
Volker Lendecke
9b0b60c67e s3: Fix Coverity ID 242715 Uninitialized scalar variable 
In an error path we are closing hive_hnd without opening it
 2012-05-10 09:11:58 +02:00
Volker Lendecke
6d5bbb9a4b s3: Fix Coverity ID 242716 Uninitialized scalar variable 
In an error path we are closing key_hnd without opening it
 2012-05-10 09:11:57 +02:00
Volker Lendecke
05e59739b3 s3: Fix Coverity ID 242691 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:57 +02:00
Volker Lendecke
8c2f826553 s3: Fix Coverity ID 242692 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
318cf16f7b s3: Fix Coverity ID 242693 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
c0471d1d96 s3: Fix Coverity ID 242694 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
39577f1e99 s3: Fix Coverity ID 242695 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
600c4c9c45 s3: Fix Coverity ID 242696 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
995ea20fa2 s3: Fix Coverity ID 242697 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
3a8c4ab2ad s3: Fix Coverity ID 242698 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
75271528f3 s3: Fix Coverity ID 242699 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
f9f4d705c2 s3: Fix Coverity ID 242700 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
a7b23cec6d s3: Fix Coverity ID 242701 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
e0bc3767e3 s3: Fix Coverity ID 242702 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
11085bd93a s3: Fix Coverity ID 242703 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
6c34e1a015 s3: Fix Coverity ID 242704 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
37b7095c8a s3: Fix Coverity ID 242705 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Volker Lendecke
67e306703b s3: Fix Coverity ID 242706 Dereference before null check 
winreg_printer_openkey above already dereferences winreg_handle
 2012-05-10 09:11:56 +02:00
Jelmer Vernooij
2c9444685d cli_pipe: Avoid sys_connect. 2012-03-24 14:57:47 +01:00
Jelmer Vernooij
95ca5fbadd libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix. 
This makes the NDR namespace a bit clearer, in preparation of ABI checking.
 2012-03-20 13:54:07 +01:00
Andreas Schneider
034489718c s3-rpc_client: Add debug message for printer dataex errors. 2012-03-14 17:56:14 +01:00
Christian Ambach
7936fb0ab8 Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes when groups has more than 1000 groups 
Use correct talloc heirarchy.

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-03-13 12:17:31 -07:00
Volker Lendecke
1bf126c0b3 s3: Remove some superfluous () 2012-03-09 17:21:11 +01:00
Stefan Metzmacher
083d80c502 s3:rpc_client: initialize struct schannel_state to zero 
metze
 2012-03-02 07:07:10 +01:00
Andrew Bartlett
2b511f0e92 s3-librpc: Use gensec_spnego for DCE/RPC authentication 
This ensures that we use the same SPNEGO code on session setup and on
DCE/RPC binds, and simplfies the calling code as spnego is no longer
a special case in cli_pipe.c

A special case wrapper function remains to avoid changing the
application layer callers in this patch.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-02-16 15:18:42 +01:00
Stefan Metzmacher
0c5cbb557b s3:rpc_client: fix comment 
metze
 2012-02-16 15:18:41 +01:00
Andrew Bartlett
bd2a7aac2c s3-librpc: make gensec result handling more generic 
This prepares us for handling SPNEGO via gensec

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-02-16 15:18:41 +01:00
David Disseldorp
ec094bf9ac WERROR type variable being incorrectly checked with a NT_STATUS_IS_X 
type macro.
 2012-01-23 12:18:01 -08:00
Andrew Bartlett
40715e1251 s3-librpc: pass struct ndr_interface_table down to cli_pipe_open_generic/spnego() 
This allows the target service (as determined from the IDL) to be
passed to GSSAPI (rather than the current, incorrect, "cifs").

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:24 +01:00
Andrew Bartlett
c62af4f652 s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() generic 
This also avoids passing NULL as the server to
gensec_set_target_hostname() in spnego_generic_init_client().

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:23 +01:00
Andrew Bartlett
f2efb0f6a3 s3-librpc Remove special case for spnego session key 
SPNEGO is implemented only in terms of gensec mechanisms now.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:23 +01:00
Andrew Bartlett
0c1b4c2321 s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec 
This simplifies a lot of code, as we know we are always dealing
with a struct gensec_security, and allows the gensec module being
used to implement GSSAPI to be swapped for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:22 +01:00
Andrew Bartlett
e012ad9d8b s3-librpc Call GSSAPI via the auth_generic layer and gensec 
This simplifies a lot of code, as we know we are always dealing with a
struct gensec_security, and allows the gensec module being used to
implement GSSAPI to be swapped when required for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:22 +01:00
Andrew Bartlett
49bafcfa48 s3-librpc Supply target service and server to spnego_generic_init_client() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-11 09:09:43 +01:00
Andrew Bartlett
50a939ad85 s3-librpc: Rename spnego_ntlmssp_init_client and make generic 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-11 09:05:01 +01:00