Stefan Metzmacher
838cb53962
s3:cli_pipe: pass down creds->computer_name to NL_AUTH_MESSAGE
...
We need to use the same computer_name value as in the netr_Authenticate3()
request.
We abuse cli->auth->user_name to pass the value down.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:57 +02:00
Stefan Metzmacher
e96142fc43
s3:cli_pipe: make use of netsec_create_state()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:57 +02:00
Stefan Metzmacher
04938cbeec
s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:55 +02:00
Stefan Metzmacher
3302356226
s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind*
...
It's done in the caller now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:55 +02:00
Stefan Metzmacher
eecb5bafba
s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:54 +02:00
Stefan Metzmacher
e9c8e3fb92
s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:54 +02:00
Stefan Metzmacher
90e28c1825
s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:54 +02:00
Stefan Metzmacher
04600634b3
s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:53 +02:00
Stefan Metzmacher
94be8d63cd
s3:rpc_client: rename same variables in cli_rpc_pipe_open_schannel_with_key()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:02 +02:00
Stefan Metzmacher
8a302fc353
s3:rpc_client: use the correct context for netlogon_creds_copy() in rpccli_schannel_bind_data()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:02 +02:00
Stefan Metzmacher
6ce645e03c
s3:rpc_client: make rpccli_schannel_bind_data() static
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:02 +02:00
Günther Deschner
a9d5b2fdf0
libcli/auth: also set secure channel type in netlogon_creds_client_init().
...
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
b19e7e6638
s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init_send().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
c41b6e5c5e
s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
7bdcfcb37c
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
0ff8c2d508
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
5c5cff0a72
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
8cd3a06051
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
34cc4b4095
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
9aa99c3cfb
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
9813fe2b04
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
3dc3a6c848
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
7f169474fc
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_ntlmssp_auth_schannel().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Günther Deschner
f6d61b571d
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:29:59 +02:00
Günther Deschner
9b4fb5b074
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:29:59 +02:00
Günther Deschner
a1368ca6ef
s3-rpc_cli: remove prototype of nonexisting cli_rpc_pipe_open_krb5().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:29:59 +02:00
Volker Lendecke
e322420dc7
rpc_cli: Remove some unnecessary initializations
...
tevent_req_create already initializes "state" to 0
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul 8 17:04:20 CEST 2013 on sn-devel-104
2013-07-08 17:04:19 +02:00
Andrew Bartlett
fc13489c91
build: Build with system md5.h on OpenIndiana
...
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5. I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.
This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-19 21:32:36 +02:00
Christian Ambach
3d29bb2d37
s3:rpc_client fix a crash
...
state->cli->dc does not have to be set (e.g. when running
net rpc join against an older Samba PDC), so check it before dereferencing it
This fixes Bug 9669 - net rpc join crashes against a Samba 3.0.33 PDC
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9669
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Feb 20 19:00:52 CET 2013 on sn-devel-104
2013-02-20 19:00:52 +01:00
Stefan Metzmacher
f9d0473d02
s3:rpc_client: s/struct event_context/struct tevent_context
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:47:52 +01:00
Stefan Metzmacher
b538c31889
s3:rpc_client: make use of samba_tevent_context_init()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:47:49 +01:00
Günther Deschner
e8feca012e
spoolss: make spoolss deal with ndr64 ULONG_PTR of devmode_ptr and secdesc_ptr.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-01-17 17:11:37 +01:00
Günther Deschner
a4dcf7b94d
spoolss: Make OpenPrinterEx work with NDR64 by using UserInfo Container.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-16 11:42:13 +01:00
Günther Deschner
563cc67ac6
libcli/auth: rename netlogon_creds_decrypt_samlogon() to netlogon_creds_decrypt_samlogon_validation().
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-15 21:50:36 +01:00
Günther Deschner
c6f4745c56
s3-rpc_client: use netlogon_creds_aes_encrypt in interactive netlogon samlogon.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09 19:39:07 +01:00
Günther Deschner
64345018cd
s3-rpc_client: support AES encryption in netr_ServerPasswordSet2 client.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09 19:39:07 +01:00
Günther Deschner
ec06c81db3
s3-rpc_client: use netlogon_creds_arcfour_crypt() in init_netr_CryptPassword.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09 19:39:07 +01:00
Günther Deschner
3c486dfee4
s3-rpc_client: make dcerpc_lsa_lookup_names_generic() public.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-30 11:49:41 +01:00
Günther Deschner
2d38154f91
s3-rpc_cli: make dcerpc_lsa_lookup_sids_generic() public.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-30 11:49:38 +01:00
Günther Deschner
457c933ff0
s3-rpc_cli: Remove some unused wrapping code.
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-30 11:49:21 +01:00
Günther Deschner
b11ba24883
s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426 )
...
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104
2012-11-26 17:36:19 +01:00
Günther Deschner
2032f2746d
s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426 )
...
The server name type (0x20) is much more likely to be available in the name cache, as
this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp
code currently.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104
2012-11-23 16:30:56 +01:00
Andreas Schneider
24fc5b46f2
s3-spoolss: Fix builtin forms order to match Windows again.
...
Thanks to mamachine@gmail.com .
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Sep 26 20:07:44 CEST 2012 on sn-devel-104
2012-09-26 20:07:43 +02:00
Stefan Metzmacher
8e1c6d4232
s3:rpc_client: rename pipe_auth_data->user_session_key to transport_session_key
...
metze
2012-08-01 14:17:15 +02:00
Stefan Metzmacher
8b42f526f4
s3:rpc_client: make use of smbXcli_session_application_key()
...
metze
2012-08-01 14:17:14 +02:00
Andreas Schneider
33206b1e24
s3-rpc_client: Fix updating netlogon credentials.
...
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:53:37 +02:00
Andreas Schneider
572b549063
s3-rpc_client: Add capabilities check for AES encrypted connections.
...
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:53:37 +02:00
Andreas Schneider
a866dcc4f6
s3-rpc: Return the correct ntstatus depending on the transport.
2012-07-06 10:00:57 +02:00
Volker Lendecke
b9a15f1bfa
s3: Give machine password changes 10 minutes of time
...
This is what we do at domain join time as well, see
lib/netapi/joindomain.c:141
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22 17:28:20 +02:00
Stefan Metzmacher
1e5010fd99
s3:rpc_client: tstream_cli_np_open_send() doesn't expect a leading backslash
...
This fixes winbindd against a windows server using SMB2.
metze
2012-05-28 19:51:46 +02:00
Luk Claes
4f6f4ea93c
s3:libsmb: get rid of cli_state_remote_name
...
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28 14:49:45 +02:00
Volker Lendecke
9b0b60c67e
s3: Fix Coverity ID 242715 Uninitialized scalar variable
...
In an error path we are closing hive_hnd without opening it
2012-05-10 09:11:58 +02:00
Volker Lendecke
6d5bbb9a4b
s3: Fix Coverity ID 242716 Uninitialized scalar variable
...
In an error path we are closing key_hnd without opening it
2012-05-10 09:11:57 +02:00
Volker Lendecke
05e59739b3
s3: Fix Coverity ID 242691 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:57 +02:00
Volker Lendecke
8c2f826553
s3: Fix Coverity ID 242692 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
318cf16f7b
s3: Fix Coverity ID 242693 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
c0471d1d96
s3: Fix Coverity ID 242694 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
39577f1e99
s3: Fix Coverity ID 242695 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
600c4c9c45
s3: Fix Coverity ID 242696 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
995ea20fa2
s3: Fix Coverity ID 242697 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
3a8c4ab2ad
s3: Fix Coverity ID 242698 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
75271528f3
s3: Fix Coverity ID 242699 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
f9f4d705c2
s3: Fix Coverity ID 242700 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
a7b23cec6d
s3: Fix Coverity ID 242701 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
e0bc3767e3
s3: Fix Coverity ID 242702 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
11085bd93a
s3: Fix Coverity ID 242703 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
6c34e1a015
s3: Fix Coverity ID 242704 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
37b7095c8a
s3: Fix Coverity ID 242705 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Volker Lendecke
67e306703b
s3: Fix Coverity ID 242706 Dereference before null check
...
winreg_printer_openkey above already dereferences winreg_handle
2012-05-10 09:11:56 +02:00
Jelmer Vernooij
2c9444685d
cli_pipe: Avoid sys_connect.
2012-03-24 14:57:47 +01:00
Jelmer Vernooij
95ca5fbadd
libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix.
...
This makes the NDR namespace a bit clearer, in preparation of ABI checking.
2012-03-20 13:54:07 +01:00
Andreas Schneider
034489718c
s3-rpc_client: Add debug message for printer dataex errors.
2012-03-14 17:56:14 +01:00
Christian Ambach
7936fb0ab8
Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes when groups has more than 1000 groups
...
Use correct talloc heirarchy.
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-03-13 12:17:31 -07:00
Volker Lendecke
1bf126c0b3
s3: Remove some superfluous ()
2012-03-09 17:21:11 +01:00
Stefan Metzmacher
083d80c502
s3:rpc_client: initialize struct schannel_state to zero
...
metze
2012-03-02 07:07:10 +01:00
Andrew Bartlett
2b511f0e92
s3-librpc: Use gensec_spnego for DCE/RPC authentication
...
This ensures that we use the same SPNEGO code on session setup and on
DCE/RPC binds, and simplfies the calling code as spnego is no longer
a special case in cli_pipe.c
A special case wrapper function remains to avoid changing the
application layer callers in this patch.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-16 15:18:42 +01:00
Stefan Metzmacher
0c5cbb557b
s3:rpc_client: fix comment
...
metze
2012-02-16 15:18:41 +01:00
Andrew Bartlett
bd2a7aac2c
s3-librpc: make gensec result handling more generic
...
This prepares us for handling SPNEGO via gensec
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-16 15:18:41 +01:00
David Disseldorp
ec094bf9ac
WERROR type variable being incorrectly checked with a NT_STATUS_IS_X
...
type macro.
2012-01-23 12:18:01 -08:00
Andrew Bartlett
40715e1251
s3-librpc: pass struct ndr_interface_table down to cli_pipe_open_generic/spnego()
...
This allows the target service (as determined from the IDL) to be
passed to GSSAPI (rather than the current, incorrect, "cifs").
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
c62af4f652
s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() generic
...
This also avoids passing NULL as the server to
gensec_set_target_hostname() in spnego_generic_init_client().
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:23 +01:00
Andrew Bartlett
f2efb0f6a3
s3-librpc Remove special case for spnego session key
...
SPNEGO is implemented only in terms of gensec mechanisms now.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:23 +01:00
Andrew Bartlett
0c1b4c2321
s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec
...
This simplifies a lot of code, as we know we are always dealing
with a struct gensec_security, and allows the gensec module being
used to implement GSSAPI to be swapped for AD-server operation.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:22 +01:00
Andrew Bartlett
e012ad9d8b
s3-librpc Call GSSAPI via the auth_generic layer and gensec
...
This simplifies a lot of code, as we know we are always dealing with a
struct gensec_security, and allows the gensec module being used to
implement GSSAPI to be swapped when required for AD-server operation.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:22 +01:00
Andrew Bartlett
49bafcfa48
s3-librpc Supply target service and server to spnego_generic_init_client()
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:09:43 +01:00
Andrew Bartlett
50a939ad85
s3-librpc: Rename spnego_ntlmssp_init_client and make generic
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:05:01 +01:00
Andrew Bartlett
e574489be4
s3-librpc Set target service and server into gensec
...
This will allow cli_rpc_pipe_open_generic_auth() to handle kerberos mechanisms.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:04:48 +01:00
Andrew Bartlett
b89a0439b3
s3-librpc Rename and rework cli_rpc_pipe_open_ntlmssp() to be generic
...
This also includes renaming the helper function
rpccli_ntlmssp_bind_data, and allows this function to operate on any
gensec-supplied auth type.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:04:41 +01:00
Andrew Bartlett
1e5e219a4b
s3-librpc Rename create_ntlmssp_auth_rpc_bind_req() to be more generic
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11 09:04:24 +01:00
Andrew Bartlett
a00032a92d
s3-libsmb Make auth_ntlmssp client more generic
...
As well as renaming, this allows us to start the mech by DCE/RPC auth
type or OID.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-06 08:12:49 +01:00
Andrew Bartlett
6391fff9da
s3-auth rename auth_ntlmssp_state -> auth_generic_state
...
This structure handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22 19:25:10 +01:00
Andrew Bartlett
c9d929af8b
s4-lsarpc handle more info levels in SetInfoTrustedDomain calls
...
This uses the very helpful conversion functions written for the s3 lsa server
and places these in common.
Andrew Bartlett
2011-12-12 12:57:07 +01:00
Stefan Metzmacher
790c6b4027
s3:rpc_client: remove references to auth_ntlmssp_state
...
metze
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Oct 27 16:40:15 CEST 2011 on sn-devel-104
2011-10-27 16:40:15 +02:00
Simo Sorce
8870daeb8d
idl: Improve MS-PAC IDL
...
Change some misleading variable names to reflect the actual function.
Add missing field name/types previously marked as unkown.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
2011-10-24 19:19:28 +02:00
Andrew Bartlett
0a0839821a
s3-ntlmssp Remove auth_ntlmssp_session_key()
...
We now just call the gensec_session_key() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21 08:43:38 +02:00
Andrew Bartlett
3f079885b2
s3-ntlmssp Remove auth_ntlmssp_want_feature()
...
We now just call the gensec_want_feature() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21 08:43:33 +02:00
Andrew Bartlett
083025ccd5
s3-ntlmssp Remove auth_ntlmssp_update wrapper
...
We now just call gensec_update directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21 08:43:10 +02:00
Andrew Bartlett
f9b042641f
s3-ntlmssp split auth_ntlmssp_client_start() into two parts
...
This will allow it to be a wrapper around a gensec module, which
requires that they options be set on a context, but before the
mechanism is started.
This also simplfies the callers, by moving the lp_*() calls
into one place.
Andrew Bartlett
2011-10-18 12:25:30 +02:00
Andrew Bartlett
f3333bdade
s3-rpc_client remove cli_auth_ntlmssp_data_destructor
...
This can be an ordinary talloc child without causing any problem.
This seems to have been inherited from a time when ntlmssp_client_start()
returned malloc() based memory.
Andrew Bartlett
2011-10-18 12:25:30 +02:00
Andrew Bartlett
0c6e4adcb2
ntlmssp: Move ntlmssp code to auth/ntlmssp
...
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18 13:13:31 +11:00
Gregor Beck
85b145d745
s3:utils change data_blob_dup_talloc() to take a DATA_BLOB by value
...
Signed-off-by: Michael Adam <obnox@samba.org>
2011-10-12 22:45:53 +02:00
Volker Lendecke
dea2bd5b9b
s3: Fix two c++ warnings
2011-09-18 17:24:22 +02:00
Stefan Metzmacher
cc5f973884
s3:rpc_client: return NT_STATUS_CONNECTION_DISCONNECTED
...
We should return the same in all places
and don't mix NT_STATUS_INVALID_CONNECTION and NT_STATUS_CONNECTION_INVALID.
metze
2011-09-14 18:03:17 +02:00
Volker Lendecke
e63d0c5f0c
s3: Fix Coverity ID 2613 -- UNINIT
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Sep 13 12:39:10 CEST 2011 on sn-devel-104
2011-09-13 12:39:10 +02:00
Volker Lendecke
67605bfc55
s3: Fix Coverity ID 2614 -- UNINIT
2011-09-13 11:00:15 +02:00
Sumit Bose
456aee80f5
s3-lsa: Add conversion for auth info structs
...
struct lsa_TrustDomainInfoAuthInfo and struct
trustAuthInOutBlob can store the same information for different usage. The added
routines can convert one struct into the other.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Sep 12 15:52:17 CEST 2011 on sn-devel-104
2011-09-12 15:52:17 +02:00
Stefan Metzmacher
56319cf1b7
s3:rpc_transport_tstream: only use tstream_cli_np_use_trans() for sync requests
...
Currently the caller doesn't cope with multiple async requests anyway,
so this is just protection for the future.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Aug 5 22:31:12 CEST 2011 on sn-devel-104
2011-08-05 22:31:12 +02:00
Andrew Bartlett
1231b784a1
s3-ntlmssp Remove auth_ntlmssp_and_flags()
...
There is no need to mask out these flags as they simply are not set
yet.
The correct abstraction is to ask for NTLMSSP features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
da4345a8d1
s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hash
...
The session key we want here (the only one that is availble to the
encryption layer) is the one obtained by cli_get_session_key(), as
NTLMSSP creates a per-session session key via key exchange and NTLMv2
negotiation.
The key was never directly the NT hash anyway (this is simply a
mistake, the extra MD4() was lost during my previous cleanup
f28f113d8e
in 2008), but was MD4(NT
hash) in early implementations of NTLMSSP.
However, regardless this call is not available on domain trusts
between AD domains and Windows 2003 R2, making this less useful.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
bba5f0a641
s3-ntlmssp Remove auth_ntlmssp_or_flags
...
We now just use auth_ntlmssp_want_feature to get extra flags
on the NTLMSSP context
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
6d7ac4f1ad
s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_update
...
This clarifies the lifetime of the returned token.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:03 +10:00
Andrew Bartlett
dee845eb70
s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key()
2011-08-03 18:48:02 +10:00
Stefan Metzmacher
a833aaf52c
s3:rpc_transport_tstream: call tstream_cli_np_use_trans() before tstream_writev_queue_send()
...
This will be needed when tstream_writev_queue_send() changes it's behavior and
avoids using an immediate event when the queue is empty.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Aug 1 14:55:00 CEST 2011 on sn-devel-104
2011-08-01 14:55:00 +02:00
Andreas Schneider
8831402596
s3-rpc_client: Fix memory context in winreg_enum_printer_dataex().
2011-07-27 08:49:58 +02:00
Andreas Schneider
5045281e17
s3-rpc_client: Close policy handles before creating defaults.
...
We reopen the hive and key so close them before reopen.
2011-07-27 08:49:58 +02:00
Andreas Schneider
f8afaa76f2
s3-rpc_client: Close the hive handle before we open it again.
2011-07-27 08:49:58 +02:00
Andreas Schneider
a0597b75e6
s3-rpc_client: Close hive if opening of the key fails.
2011-07-27 08:49:58 +02:00
Stefan Metzmacher
49c8534ae4
s3:cli_pipe_schannel: make use of cli_state_remote_name()
...
metze
2011-07-22 17:06:09 +02:00
Stefan Metzmacher
efc2c3159e
s3:cli_pipe: make use of cli_state_remote_name()
...
metze
2011-07-22 17:06:09 +02:00
Stefan Metzmacher
ef23fb3412
s3:cli_pipe: use result->desthost instead of cli->desthost
...
metze
2011-07-22 17:06:09 +02:00
Andrew Bartlett
9fcc617ff5
s3-auth Use the common auth_session_info
...
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:13 +10:00
Andrew Bartlett
f16d8f4eb8
s3-auth Use struct auth3_session_info outside the auth subsystem
...
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:10 +10:00
Vicentiu Ciorbaru
e858ec6e92
s3-rpc_server: Removed no longer used functions.
...
Removed winreg_printer_delete_subkeys().
Removed winreg_printer_enumvalues().
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Jul 13 12:42:02 CEST 2011 on sn-devel-104
2011-07-13 12:42:02 +02:00
Vicentiu Ciorbaru
0b1ba88f22
s3-rpc_client: Migrate to dcerpc_winreg_delete_subkeys_recursive().
...
Functions now use dcerpc_winreg_delete_subkeys_recursive() instead of the more
specific printer function winreg_printer_delete_subkeys().
Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 11:31:22 +02:00
Vicentiu Ciorbaru
a336cc44d9
s3-rpc_client: Migrate to dcerpc_winreg_enumvals() function.
...
The functions that called winreg_printer_enumvalues() function now use
dcerpc_winreg_enumvals().
Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 11:30:55 +02:00
Vicentiu Ciorbaru
4558225cdd
s3-rpc_client: Added dcerpc_winreg_delete_subkeys_recursive() function.
...
This function is set to replace the more specific printer function
winreg_printer_delete_subkeys().
Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 10:09:08 +02:00
Vicentiu Ciorbaru
8b3eff8b36
s3-rpc_client: Added dcerpc_winreg_enumvals() function.
...
The function is set to replace the more specific printer function
winreg_printer_enumvalues() function.
Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-13 10:08:56 +02:00
David Disseldorp
2a02f1c4af
winreg: Ensure server return status is set on success
...
Currently cli_winreg.c functions only set the returned server werror
status on failure, if the server request succeeds the value remains
uninitialised.
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Fri Jul 8 16:32:39 CEST 2011 on sn-devel-104
2011-07-08 16:32:39 +02:00
David Disseldorp
1271066200
winreg: Use the ntstatus return code for client side errors
...
cli_winreg.c functions indicate status to the caller in two ways. The
ntstatus return code indicates client side errors, the pwerr argument
carries the server response error code.
Many functions are filling the pwerr argument on client side error, this
change removes these cases.
Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-08 15:22:27 +02:00
Günther Deschner
f2be8378b9
s3-printing: add rpc_client/cli_winreg_spoolss.c
...
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
2011-07-07 18:06:01 +02:00
Günther Deschner
43cf3a28dc
s3-printing: move spoolss_create_default_devmode/secdesc to init_spoolss.h
...
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
2011-07-07 18:06:01 +02:00
Günther Deschner
74e416031b
s3-printing: move driver_info_ctr_to_info8 to init_spoolss.h
...
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
2011-07-07 18:06:01 +02:00
Andreas Schneider
541f3cf639
s3-rpc_server: Migrate rpc function to tsocket_address.
...
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-04 18:27:58 +10:00
Andreas Schneider
a45120aea7
s3-rpc_client: Fix some valgrind warnings.
...
These are in/out values and need to be initialized.
Signed-off-by: Günther Deschner <gd@samba.org>
2011-06-21 17:46:37 +02:00
Günther Deschner
cd16a1be93
source3/rpc_client/util_netlogon.h: fix licence/copyright
...
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Jun 10 16:27:24 CEST 2011 on sn-devel-104
2011-06-10 16:27:23 +02:00
Günther Deschner
4942aeb9b5
source3/rpc_client/init_spoolss.h: fix licence/copyright
...
Guenther
2011-06-10 15:12:46 +02:00
Günther Deschner
054e54e881
source3/rpc_client/init_samr.h: fix licence/copyright
...
Guenther
2011-06-10 15:12:45 +02:00
Günther Deschner
f3ca8ff2bf
source3/rpc_client/init_netlogon.h: fix licence/copyright
...
Guenther
2011-06-10 15:12:43 +02:00
Günther Deschner
9284036ce1
source3/rpc_client/init_lsa.h: fix licence/copyright
...
Guenther
2011-06-10 15:12:41 +02:00
Günther Deschner
b95b1813b9
source3/rpc_client/cli_spoolss.h: fix licence/copyright
...
Guenther
2011-06-10 15:12:39 +02:00
Günther Deschner
2d10c48259
source3/rpc_client/cli_netlogon.h: fix licence/copyright
...
Guenther
2011-06-10 15:12:37 +02:00
Andrew Bartlett
74eed8f3ed
s3-param Remove special case for global_myname(), rename to lp_netbios_name()
...
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
2011-06-09 12:40:09 +02:00
Andrew Bartlett
ad0a07c531
s3-talloc Change TALLOC_ZERO_P() to talloc_zero()
...
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
3d15137653
s3-talloc Change TALLOC_ARRAY() to talloc_array()
...
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
73b377432c
s3-talloc Change TALLOC_REALLOC_ARRAY() to talloc_realloc()
...
Using the standard macro makes it easier to move code into common, as
TALLOC_REALLOC_ARRAY isn't standard talloc.
Andrew Bartlett
2011-06-09 12:40:08 +02:00
Rusty Russell
56e72337b0
lib/util/time.c: timeval_current_ofs_msec
...
Several places want "milliseconds from current time", and several were
simply doing "msec * 1000" which can (and does in one place) result in
a usec value over 1 a million.
Using a helper to do this is safer and more readable.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-01 10:38:47 +02:00
Günther Deschner
675573d54b
s3-includes: finally only include client.h when libsmb is used.
...
Guenther
2011-05-06 16:37:22 +02:00
Jeremy Allison
4f41be356a
Fix many const compiler warnings.
2011-05-05 10:41:59 -07:00
Günther Deschner
bd92826aa8
s3-rpc_client: run minimal_includes.pl.
...
Guenther
2011-05-05 02:05:27 +02:00
Günther Deschner
0bb4701a74
s3: remove various references to server side dcerpc structs (which are not needed).
...
Guenther
2011-05-02 15:03:44 +02:00