1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Commit Graph

1683 Commits

Author SHA1 Message Date
Stefan Metzmacher
838cb53962 s3:cli_pipe: pass down creds->computer_name to NL_AUTH_MESSAGE
We need to use the same computer_name value as in the netr_Authenticate3()
request.

We abuse cli->auth->user_name to pass the value down.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:57 +02:00
Stefan Metzmacher
e96142fc43 s3:cli_pipe: make use of netsec_create_state()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:57 +02:00
Stefan Metzmacher
04938cbeec s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:55 +02:00
Stefan Metzmacher
3302356226 s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind*
It's done in the caller now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:55 +02:00
Stefan Metzmacher
eecb5bafba s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:54 +02:00
Stefan Metzmacher
e9c8e3fb92 s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:54 +02:00
Stefan Metzmacher
90e28c1825 s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:54 +02:00
Stefan Metzmacher
04600634b3 s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:53 +02:00
Stefan Metzmacher
94be8d63cd s3:rpc_client: rename same variables in cli_rpc_pipe_open_schannel_with_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:02 +02:00
Stefan Metzmacher
8a302fc353 s3:rpc_client: use the correct context for netlogon_creds_copy() in rpccli_schannel_bind_data()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:02 +02:00
Stefan Metzmacher
6ce645e03c s3:rpc_client: make rpccli_schannel_bind_data() static
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:02 +02:00
Günther Deschner
a9d5b2fdf0 libcli/auth: also set secure channel type in netlogon_creds_client_init().
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
b19e7e6638 s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init_send().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
c41b6e5c5e s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
7bdcfcb37c s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
0ff8c2d508 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
5c5cff0a72 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
8cd3a06051 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
34cc4b4095 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
9aa99c3cfb s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
9813fe2b04 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
3dc3a6c848 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
7f169474fc s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_ntlmssp_auth_schannel().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
f6d61b571d s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:29:59 +02:00
Günther Deschner
9b4fb5b074 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:29:59 +02:00
Günther Deschner
a1368ca6ef s3-rpc_cli: remove prototype of nonexisting cli_rpc_pipe_open_krb5().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:29:59 +02:00
Volker Lendecke
e322420dc7 rpc_cli: Remove some unnecessary initializations
tevent_req_create already initializes "state" to 0

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul  8 17:04:20 CEST 2013 on sn-devel-104
2013-07-08 17:04:19 +02:00
Andrew Bartlett
fc13489c91 build: Build with system md5.h on OpenIndiana
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5.  I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.

This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-19 21:32:36 +02:00
Christian Ambach
3d29bb2d37 s3:rpc_client fix a crash
state->cli->dc does not have to be set (e.g. when running
net rpc join against an older Samba PDC), so check it before dereferencing it

This fixes Bug 9669 - net rpc join crashes against a Samba 3.0.33 PDC

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9669

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Feb 20 19:00:52 CET 2013 on sn-devel-104
2013-02-20 19:00:52 +01:00
Stefan Metzmacher
f9d0473d02 s3:rpc_client: s/struct event_context/struct tevent_context
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:47:52 +01:00
Stefan Metzmacher
b538c31889 s3:rpc_client: make use of samba_tevent_context_init()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:47:49 +01:00
Günther Deschner
e8feca012e spoolss: make spoolss deal with ndr64 ULONG_PTR of devmode_ptr and secdesc_ptr.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-01-17 17:11:37 +01:00
Günther Deschner
a4dcf7b94d spoolss: Make OpenPrinterEx work with NDR64 by using UserInfo Container.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-16 11:42:13 +01:00
Günther Deschner
563cc67ac6 libcli/auth: rename netlogon_creds_decrypt_samlogon() to netlogon_creds_decrypt_samlogon_validation().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-15 21:50:36 +01:00
Günther Deschner
c6f4745c56 s3-rpc_client: use netlogon_creds_aes_encrypt in interactive netlogon samlogon.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09 19:39:07 +01:00
Günther Deschner
64345018cd s3-rpc_client: support AES encryption in netr_ServerPasswordSet2 client.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09 19:39:07 +01:00
Günther Deschner
ec06c81db3 s3-rpc_client: use netlogon_creds_arcfour_crypt() in init_netr_CryptPassword.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09 19:39:07 +01:00
Günther Deschner
3c486dfee4 s3-rpc_client: make dcerpc_lsa_lookup_names_generic() public.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-30 11:49:41 +01:00
Günther Deschner
2d38154f91 s3-rpc_cli: make dcerpc_lsa_lookup_sids_generic() public.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-30 11:49:38 +01:00
Günther Deschner
457c933ff0 s3-rpc_cli: Remove some unused wrapping code.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-30 11:49:21 +01:00
Günther Deschner
b11ba24883 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426)
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104
2012-11-26 17:36:19 +01:00
Günther Deschner
2032f2746d s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426)
The server name type (0x20) is much more likely to be available in the name cache, as
this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp
code currently.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104
2012-11-23 16:30:56 +01:00
Andreas Schneider
24fc5b46f2 s3-spoolss: Fix builtin forms order to match Windows again.
Thanks to mamachine@gmail.com.

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Sep 26 20:07:44 CEST 2012 on sn-devel-104
2012-09-26 20:07:43 +02:00
Stefan Metzmacher
8e1c6d4232 s3:rpc_client: rename pipe_auth_data->user_session_key to transport_session_key
metze
2012-08-01 14:17:15 +02:00
Stefan Metzmacher
8b42f526f4 s3:rpc_client: make use of smbXcli_session_application_key()
metze
2012-08-01 14:17:14 +02:00
Andreas Schneider
33206b1e24 s3-rpc_client: Fix updating netlogon credentials.
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:53:37 +02:00
Andreas Schneider
572b549063 s3-rpc_client: Add capabilities check for AES encrypted connections.
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:53:37 +02:00
Andreas Schneider
a866dcc4f6 s3-rpc: Return the correct ntstatus depending on the transport. 2012-07-06 10:00:57 +02:00
Volker Lendecke
b9a15f1bfa s3: Give machine password changes 10 minutes of time
This is what we do at domain join time as well, see
lib/netapi/joindomain.c:141

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22 17:28:20 +02:00
Stefan Metzmacher
1e5010fd99 s3:rpc_client: tstream_cli_np_open_send() doesn't expect a leading backslash
This fixes winbindd against a windows server using SMB2.

metze
2012-05-28 19:51:46 +02:00
Luk Claes
4f6f4ea93c s3:libsmb: get rid of cli_state_remote_name
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28 14:49:45 +02:00
Volker Lendecke
9b0b60c67e s3: Fix Coverity ID 242715 Uninitialized scalar variable
In an error path we are closing hive_hnd without opening it
2012-05-10 09:11:58 +02:00
Volker Lendecke
6d5bbb9a4b s3: Fix Coverity ID 242716 Uninitialized scalar variable
In an error path we are closing key_hnd without opening it
2012-05-10 09:11:57 +02:00
Volker Lendecke
05e59739b3 s3: Fix Coverity ID 242691 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:57 +02:00
Volker Lendecke
8c2f826553 s3: Fix Coverity ID 242692 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
318cf16f7b s3: Fix Coverity ID 242693 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
c0471d1d96 s3: Fix Coverity ID 242694 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
39577f1e99 s3: Fix Coverity ID 242695 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
600c4c9c45 s3: Fix Coverity ID 242696 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
995ea20fa2 s3: Fix Coverity ID 242697 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
3a8c4ab2ad s3: Fix Coverity ID 242698 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
75271528f3 s3: Fix Coverity ID 242699 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
f9f4d705c2 s3: Fix Coverity ID 242700 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
a7b23cec6d s3: Fix Coverity ID 242701 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
e0bc3767e3 s3: Fix Coverity ID 242702 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
11085bd93a s3: Fix Coverity ID 242703 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
6c34e1a015 s3: Fix Coverity ID 242704 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
37b7095c8a s3: Fix Coverity ID 242705 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
67e306703b s3: Fix Coverity ID 242706 Dereference before null check
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Jelmer Vernooij
2c9444685d cli_pipe: Avoid sys_connect. 2012-03-24 14:57:47 +01:00
Jelmer Vernooij
95ca5fbadd libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix.
This makes the NDR namespace a bit clearer, in preparation of ABI checking.
2012-03-20 13:54:07 +01:00
Andreas Schneider
034489718c s3-rpc_client: Add debug message for printer dataex errors. 2012-03-14 17:56:14 +01:00
Christian Ambach
7936fb0ab8 Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes when groups has more than 1000 groups
Use correct talloc heirarchy.

Signed-off-by: Jeremy Allison <jra@samba.org>
2012-03-13 12:17:31 -07:00
Volker Lendecke
1bf126c0b3 s3: Remove some superfluous () 2012-03-09 17:21:11 +01:00
Stefan Metzmacher
083d80c502 s3:rpc_client: initialize struct schannel_state to zero
metze
2012-03-02 07:07:10 +01:00
Andrew Bartlett
2b511f0e92 s3-librpc: Use gensec_spnego for DCE/RPC authentication
This ensures that we use the same SPNEGO code on session setup and on
DCE/RPC binds, and simplfies the calling code as spnego is no longer
a special case in cli_pipe.c

A special case wrapper function remains to avoid changing the
application layer callers in this patch.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-16 15:18:42 +01:00
Stefan Metzmacher
0c5cbb557b s3:rpc_client: fix comment
metze
2012-02-16 15:18:41 +01:00
Andrew Bartlett
bd2a7aac2c s3-librpc: make gensec result handling more generic
This prepares us for handling SPNEGO via gensec

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-16 15:18:41 +01:00
David Disseldorp
ec094bf9ac WERROR type variable being incorrectly checked with a NT_STATUS_IS_X
type macro.
2012-01-23 12:18:01 -08:00
Andrew Bartlett
40715e1251 s3-librpc: pass struct ndr_interface_table down to cli_pipe_open_generic/spnego()
This allows the target service (as determined from the IDL) to be
passed to GSSAPI (rather than the current, incorrect, "cifs").

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
c62af4f652 s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() generic
This also avoids passing NULL as the server to
gensec_set_target_hostname() in spnego_generic_init_client().

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:23 +01:00
Andrew Bartlett
f2efb0f6a3 s3-librpc Remove special case for spnego session key
SPNEGO is implemented only in terms of gensec mechanisms now.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:23 +01:00
Andrew Bartlett
0c1b4c2321 s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec
This simplifies a lot of code, as we know we are always dealing
with a struct gensec_security, and allows the gensec module being
used to implement GSSAPI to be swapped for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:22 +01:00
Andrew Bartlett
e012ad9d8b s3-librpc Call GSSAPI via the auth_generic layer and gensec
This simplifies a lot of code, as we know we are always dealing with a
struct gensec_security, and allows the gensec module being used to
implement GSSAPI to be swapped when required for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:22 +01:00
Andrew Bartlett
49bafcfa48 s3-librpc Supply target service and server to spnego_generic_init_client()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:09:43 +01:00
Andrew Bartlett
50a939ad85 s3-librpc: Rename spnego_ntlmssp_init_client and make generic
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:05:01 +01:00
Andrew Bartlett
e574489be4 s3-librpc Set target service and server into gensec
This will allow cli_rpc_pipe_open_generic_auth() to handle kerberos mechanisms.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:04:48 +01:00
Andrew Bartlett
b89a0439b3 s3-librpc Rename and rework cli_rpc_pipe_open_ntlmssp() to be generic
This also includes renaming the helper function
rpccli_ntlmssp_bind_data, and allows this function to operate on any
gensec-supplied auth type.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:04:41 +01:00
Andrew Bartlett
1e5e219a4b s3-librpc Rename create_ntlmssp_auth_rpc_bind_req() to be more generic
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:04:24 +01:00
Andrew Bartlett
a00032a92d s3-libsmb Make auth_ntlmssp client more generic
As well as renaming, this allows us to start the mech by DCE/RPC auth
type or OID.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-06 08:12:49 +01:00
Andrew Bartlett
6391fff9da s3-auth rename auth_ntlmssp_state -> auth_generic_state
This structure handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22 19:25:10 +01:00
Andrew Bartlett
c9d929af8b s4-lsarpc handle more info levels in SetInfoTrustedDomain calls
This uses the very helpful conversion functions written for the s3 lsa server
and places these in common.

Andrew Bartlett
2011-12-12 12:57:07 +01:00
Stefan Metzmacher
790c6b4027 s3:rpc_client: remove references to auth_ntlmssp_state
metze

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Oct 27 16:40:15 CEST 2011 on sn-devel-104
2011-10-27 16:40:15 +02:00
Simo Sorce
8870daeb8d idl: Improve MS-PAC IDL
Change some misleading variable names to reflect the actual function.
Add missing field name/types previously marked as unkown.

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
2011-10-24 19:19:28 +02:00
Andrew Bartlett
0a0839821a s3-ntlmssp Remove auth_ntlmssp_session_key()
We now just call the gensec_session_key() directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21 08:43:38 +02:00
Andrew Bartlett
3f079885b2 s3-ntlmssp Remove auth_ntlmssp_want_feature()
We now just call the gensec_want_feature() directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21 08:43:33 +02:00
Andrew Bartlett
083025ccd5 s3-ntlmssp Remove auth_ntlmssp_update wrapper
We now just call gensec_update directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21 08:43:10 +02:00
Andrew Bartlett
f9b042641f s3-ntlmssp split auth_ntlmssp_client_start() into two parts
This will allow it to be a wrapper around a gensec module, which
requires that they options be set on a context, but before the
mechanism is started.

This also simplfies the callers, by moving the lp_*() calls
into one place.

Andrew Bartlett
2011-10-18 12:25:30 +02:00
Andrew Bartlett
f3333bdade s3-rpc_client remove cli_auth_ntlmssp_data_destructor
This can be an ordinary talloc child without causing any problem.

This seems to have been inherited from a time when ntlmssp_client_start()
returned malloc() based memory.

Andrew Bartlett
2011-10-18 12:25:30 +02:00
Andrew Bartlett
0c6e4adcb2 ntlmssp: Move ntlmssp code to auth/ntlmssp
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18 13:13:31 +11:00
Gregor Beck
85b145d745 s3:utils change data_blob_dup_talloc() to take a DATA_BLOB by value
Signed-off-by: Michael Adam <obnox@samba.org>
2011-10-12 22:45:53 +02:00
Volker Lendecke
dea2bd5b9b s3: Fix two c++ warnings 2011-09-18 17:24:22 +02:00
Stefan Metzmacher
cc5f973884 s3:rpc_client: return NT_STATUS_CONNECTION_DISCONNECTED
We should return the same in all places
and don't mix NT_STATUS_INVALID_CONNECTION and NT_STATUS_CONNECTION_INVALID.

metze
2011-09-14 18:03:17 +02:00
Volker Lendecke
e63d0c5f0c s3: Fix Coverity ID 2613 -- UNINIT
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Sep 13 12:39:10 CEST 2011 on sn-devel-104
2011-09-13 12:39:10 +02:00
Volker Lendecke
67605bfc55 s3: Fix Coverity ID 2614 -- UNINIT 2011-09-13 11:00:15 +02:00
Sumit Bose
456aee80f5 s3-lsa: Add conversion for auth info structs
struct lsa_TrustDomainInfoAuthInfo and struct
trustAuthInOutBlob can store the same information for different usage. The added
routines can convert one struct into the other.

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Sep 12 15:52:17 CEST 2011 on sn-devel-104
2011-09-12 15:52:17 +02:00
Stefan Metzmacher
56319cf1b7 s3:rpc_transport_tstream: only use tstream_cli_np_use_trans() for sync requests
Currently the caller doesn't cope with multiple async requests anyway,
so this is just protection for the future.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Aug  5 22:31:12 CEST 2011 on sn-devel-104
2011-08-05 22:31:12 +02:00
Andrew Bartlett
1231b784a1 s3-ntlmssp Remove auth_ntlmssp_and_flags()
There is no need to mask out these flags as they simply are not set
yet.

The correct abstraction is to ask for NTLMSSP features.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
da4345a8d1 s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hash
The session key we want here (the only one that is availble to the
encryption layer) is the one obtained by cli_get_session_key(), as
NTLMSSP creates a per-session session key via key exchange and NTLMv2
negotiation.

The key was never directly the NT hash anyway (this is simply a
mistake, the extra MD4() was lost during my previous cleanup
f28f113d8e in 2008), but was MD4(NT
hash) in early implementations of NTLMSSP.

However, regardless this call is not available on domain trusts
between AD domains and Windows 2003 R2, making this less useful.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
bba5f0a641 s3-ntlmssp Remove auth_ntlmssp_or_flags
We now just use auth_ntlmssp_want_feature to get extra flags
on the NTLMSSP context

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
6d7ac4f1ad s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_update
This clarifies the lifetime of the returned token.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
dee845eb70 s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key() 2011-08-03 18:48:02 +10:00
Stefan Metzmacher
a833aaf52c s3:rpc_transport_tstream: call tstream_cli_np_use_trans() before tstream_writev_queue_send()
This will be needed when tstream_writev_queue_send() changes it's behavior and
avoids using an immediate event when the queue is empty.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Aug  1 14:55:00 CEST 2011 on sn-devel-104
2011-08-01 14:55:00 +02:00
Andreas Schneider
8831402596 s3-rpc_client: Fix memory context in winreg_enum_printer_dataex(). 2011-07-27 08:49:58 +02:00
Andreas Schneider
5045281e17 s3-rpc_client: Close policy handles before creating defaults.
We reopen the hive and key so close them before reopen.
2011-07-27 08:49:58 +02:00
Andreas Schneider
f8afaa76f2 s3-rpc_client: Close the hive handle before we open it again. 2011-07-27 08:49:58 +02:00
Andreas Schneider
a0597b75e6 s3-rpc_client: Close hive if opening of the key fails. 2011-07-27 08:49:58 +02:00
Stefan Metzmacher
49c8534ae4 s3:cli_pipe_schannel: make use of cli_state_remote_name()
metze
2011-07-22 17:06:09 +02:00
Stefan Metzmacher
efc2c3159e s3:cli_pipe: make use of cli_state_remote_name()
metze
2011-07-22 17:06:09 +02:00
Stefan Metzmacher
ef23fb3412 s3:cli_pipe: use result->desthost instead of cli->desthost
metze
2011-07-22 17:06:09 +02:00
Andrew Bartlett
9fcc617ff5 s3-auth Use the common auth_session_info
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.

This will allow of our session handling to be accomplished with common code.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:13 +10:00
Andrew Bartlett
f16d8f4eb8 s3-auth Use struct auth3_session_info outside the auth subsystem
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)

The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:10 +10:00
Vicentiu Ciorbaru
e858ec6e92 s3-rpc_server: Removed no longer used functions.
Removed winreg_printer_delete_subkeys().
Removed winreg_printer_enumvalues().

Signed-off-by: Andreas Schneider <asn@samba.org>

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Jul 13 12:42:02 CEST 2011 on sn-devel-104
2011-07-13 12:42:02 +02:00
Vicentiu Ciorbaru
0b1ba88f22 s3-rpc_client: Migrate to dcerpc_winreg_delete_subkeys_recursive().
Functions now use dcerpc_winreg_delete_subkeys_recursive() instead of the more
specific printer function winreg_printer_delete_subkeys().

Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 11:31:22 +02:00
Vicentiu Ciorbaru
a336cc44d9 s3-rpc_client: Migrate to dcerpc_winreg_enumvals() function.
The functions that called winreg_printer_enumvalues() function now use
dcerpc_winreg_enumvals().

Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 11:30:55 +02:00
Vicentiu Ciorbaru
4558225cdd s3-rpc_client: Added dcerpc_winreg_delete_subkeys_recursive() function.
This function is set to replace the more specific printer function
winreg_printer_delete_subkeys().

Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 10:09:08 +02:00
Vicentiu Ciorbaru
8b3eff8b36 s3-rpc_client: Added dcerpc_winreg_enumvals() function.
The function is set to replace the more specific printer function
winreg_printer_enumvalues() function.

Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 10:08:56 +02:00
David Disseldorp
2a02f1c4af winreg: Ensure server return status is set on success
Currently cli_winreg.c functions only set the returned server werror
status on failure, if the server request succeeds the value remains
uninitialised.

Signed-off-by: Andreas Schneider <asn@samba.org>

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Fri Jul  8 16:32:39 CEST 2011 on sn-devel-104
2011-07-08 16:32:39 +02:00
David Disseldorp
1271066200 winreg: Use the ntstatus return code for client side errors
cli_winreg.c functions indicate status to the caller in two ways. The
ntstatus return code indicates client side errors, the pwerr argument
carries the server response error code.

Many functions are filling the pwerr argument on client side error, this
change removes these cases.

Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-08 15:22:27 +02:00
Günther Deschner
f2be8378b9 s3-printing: add rpc_client/cli_winreg_spoolss.c
Guenther

Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
2011-07-07 18:06:01 +02:00
Günther Deschner
43cf3a28dc s3-printing: move spoolss_create_default_devmode/secdesc to init_spoolss.h
Guenther

Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
2011-07-07 18:06:01 +02:00
Günther Deschner
74e416031b s3-printing: move driver_info_ctr_to_info8 to init_spoolss.h
Guenther

Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
2011-07-07 18:06:01 +02:00
Andreas Schneider
541f3cf639 s3-rpc_server: Migrate rpc function to tsocket_address.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-04 18:27:58 +10:00
Andreas Schneider
a45120aea7 s3-rpc_client: Fix some valgrind warnings.
These are in/out values and need to be initialized.

Signed-off-by: Günther Deschner <gd@samba.org>
2011-06-21 17:46:37 +02:00
Günther Deschner
cd16a1be93 source3/rpc_client/util_netlogon.h: fix licence/copyright
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Jun 10 16:27:24 CEST 2011 on sn-devel-104
2011-06-10 16:27:23 +02:00
Günther Deschner
4942aeb9b5 source3/rpc_client/init_spoolss.h: fix licence/copyright
Guenther
2011-06-10 15:12:46 +02:00
Günther Deschner
054e54e881 source3/rpc_client/init_samr.h: fix licence/copyright
Guenther
2011-06-10 15:12:45 +02:00
Günther Deschner
f3ca8ff2bf source3/rpc_client/init_netlogon.h: fix licence/copyright
Guenther
2011-06-10 15:12:43 +02:00
Günther Deschner
9284036ce1 source3/rpc_client/init_lsa.h: fix licence/copyright
Guenther
2011-06-10 15:12:41 +02:00
Günther Deschner
b95b1813b9 source3/rpc_client/cli_spoolss.h: fix licence/copyright
Guenther
2011-06-10 15:12:39 +02:00
Günther Deschner
2d10c48259 source3/rpc_client/cli_netlogon.h: fix licence/copyright
Guenther
2011-06-10 15:12:37 +02:00
Andrew Bartlett
74eed8f3ed s3-param Remove special case for global_myname(), rename to lp_netbios_name()
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.

Andrew Bartlett
2011-06-09 12:40:09 +02:00
Andrew Bartlett
ad0a07c531 s3-talloc Change TALLOC_ZERO_P() to talloc_zero()
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
3d15137653 s3-talloc Change TALLOC_ARRAY() to talloc_array()
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
73b377432c s3-talloc Change TALLOC_REALLOC_ARRAY() to talloc_realloc()
Using the standard macro makes it easier to move code into common, as
TALLOC_REALLOC_ARRAY isn't standard talloc.

Andrew Bartlett
2011-06-09 12:40:08 +02:00
Rusty Russell
56e72337b0 lib/util/time.c: timeval_current_ofs_msec
Several places want "milliseconds from current time", and several were
simply doing "msec * 1000" which can (and does in one place) result in
a usec value over 1 a million.

Using a helper to do this is safer and more readable.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-01 10:38:47 +02:00
Günther Deschner
675573d54b s3-includes: finally only include client.h when libsmb is used.
Guenther
2011-05-06 16:37:22 +02:00
Jeremy Allison
4f41be356a Fix many const compiler warnings. 2011-05-05 10:41:59 -07:00
Günther Deschner
bd92826aa8 s3-rpc_client: run minimal_includes.pl.
Guenther
2011-05-05 02:05:27 +02:00
Günther Deschner
0bb4701a74 s3: remove various references to server side dcerpc structs (which are not needed).
Guenther
2011-05-02 15:03:44 +02:00