1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

27 Commits

Author SHA1 Message Date
Andrew Bartlett
13dbee3ffe r19598: Ahead of a merge to current lorikeet-heimdal:
Break up auth/auth.h not to include the world.

Add credentials_krb5.h with the kerberos dependent prototypes.

Andrew Bartlett
(This used to be commit 2b569c42e0)
2007-10-10 14:25:00 -05:00
Andrew Bartlett
9ce0de670b r19261: Fix use of unitialised variables. (The binding string is used, if not
NULL).

This showed up in a manual pre-TP3 test of the 'net samdump' code, and
shows the critical need for the windows testing infrustructure on the
build farm.

Andrew Bartlett
(This used to be commit 9cef40779a)
2007-10-10 14:20:59 -05:00
Günther Deschner
e7ede84c33 r18609: error_string should not contain newlines.
Guenther
(This used to be commit 5566667564)
2007-10-10 14:18:56 -05:00
Rafal Szczesniak
4010a61fd8 r15489: Typo fixes.
rafal
(This used to be commit 221907fc0d)
2007-10-10 14:05:41 -05:00
Rafal Szczesniak
538adbf677 r15435: Turn libnet_RpcConnectDCInfo into another level of libnet_RpcConnect
and make it async. Also, update any other usages of old function.
Build goes fine and so do tests, comments to follow.

rafal
(This used to be commit aef0a2de9d)
2007-10-10 14:05:36 -05:00
Jelmer Vernooij
35349a58df r14542: Remove librpc, libndr and libnbt from includes.h
(This used to be commit 51b4270513)
2007-10-10 13:58:42 -05:00
Jelmer Vernooij
8528016978 r14464: Don't include ndr_BASENAME.h files unless strictly required, instead
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca51)
2007-10-10 13:57:27 -05:00
Jelmer Vernooij
1060f6b3f6 r14402: Generate seperate headers for RPC client functions.
(This used to be commit 7054ebf024)
2007-10-10 13:57:19 -05:00
Jelmer Vernooij
e3f2414cf9 r14380: Reduce the size of structs.h
(This used to be commit 1a16a6f1df)
2007-10-10 13:57:16 -05:00
Jelmer Vernooij
3f16241a1d r14363: Remove credentials.h from the global includes.
(This used to be commit 98c4c30513)
2007-10-10 13:57:14 -05:00
Jelmer Vernooij
4ac2be9958 r13924: Split more prototypes out of include/proto.h + initial work on header
file dependencies
(This used to be commit 1228358767)
2007-10-10 13:52:24 -05:00
Jelmer Vernooij
ba564a901e r13903: Don't generate prototypes for modules and binaries in include/proto.h by
default.
(This used to be commit c80a8f1102)
2007-10-10 13:52:21 -05:00
Andrew Bartlett
dcd63b9770 r12926: Syncronsise GUIDs on users and domains from the server. These also
appear in DNS, so need to match.

Andrew Bartlett
(This used to be commit d092b0493d)
2007-10-10 13:51:07 -05:00
Andrew Bartlett
b15582ed81 r12903: Factor out a new routine libnet_RpcConnectDCInfo, to both connect to
the remote sever, and to query it for domain information.

Provide and use this information in the SamSync/Vampire callbacks, to allow a
parallel connection to LDAP, if we are talking to AD.  This allows us
to get at some important attributes not exposed in the old protocol.

With this, we are able to do a all-GUI vampire of a AD domain from
SWAT, including getting all the SIDs, servicePrincipalNames and the
like correct.

Andrew Bartlett
(This used to be commit 918358cee0)
2007-10-10 13:51:00 -05:00
Andrew Bartlett
e0f69bf1d3 r12872: Add some more detail to debug message.
Andrew Bartlett
(This used to be commit cefba10bd5)
2007-10-10 13:50:56 -05:00
Andrew Bartlett
a5a79e8b8c r12865: Upgrade the librpc and libnet code.
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous.  This should better
function with servers that set restrict anonymous.

There are too many parts of Samba that get, parse and modify the
binding parameters.  Avoid the extra work, and add a binding element
to the struct dcerpc_pipe

The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern.  Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.

To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.

Andrew Bartlett
(This used to be commit d65b354959)
2007-10-10 13:50:55 -05:00
Andrew Bartlett
b135f4467f r12858: This moves the libnet_LookupPdc code to use a GetDC request to find
the remote server's name, or in the absence of a local nbt_server to
communicate with (or without root access), a node status request.

The result is that we are in a better position to use kerberos, as well
as to remove the 'password server' mandatory parameter for the samsync
and samdump commands.  (I need this to put these into SWAT).

The only problem I have is that I must create a messaging context, which
requires a server ID.  As a client process, I don't expect to get
messages, but it is currently required for replies, so I generate a
random() number.  We probably need the servers to accept connections on
streamed sockets too, for client-only tasks that want IRPC.

Because I wanted to test this code, I have put the NET-API-* tests into
our test scripts, to ensure they pass and keep passing.  They are good
frontends onto the libnet system, and I see no reason not to test them.

In doing so the NET-API-RPCCONNECT test was simplified to take a
binding string on the command line, removing duplicate code, and
testing the combinations in the scripts instead.

(I have done a bit of work on the list shares code in libnet_share.c
to make it pass 'make test')

In the future, I would like to extend the libcli/findds.c code (based
off volker's winbind/wb_async_helpers.c, which is why it shows up a bit
odd in the patch) to handle getting multiple name replies, sending a
getdc request to each in turn.

(posted to samba-technical for review, and I'll happily update with
any comments)

Andrew Bartlett
(This used to be commit 7ccddfd351)
2007-10-10 13:50:54 -05:00
Jelmer Vernooij
d4de4c2d21 r12608: Remove some unused #include lines.
(This used to be commit 70e7449318)
2007-10-10 13:49:03 -05:00
Jelmer Vernooij
acd6a086b3 r12510: Change the DCE/RPC interfaces to take a pointer to a
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.

This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).

This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.

I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e)
2007-10-10 13:47:48 -05:00
Andrew Bartlett
4e65f39ca9 r11409: The use of 'password server = ' here is still bogus, but for now at
least don't allow binding to become uninitialised.

Andrew Bartlett
(This used to be commit e754234a17)
2007-10-10 13:45:33 -05:00
Andrew Bartlett
82f96542fa r8744: Split 'net samdump' out into a separate file
Work on the talloc memory tree, as I think talloc_reference and other
things were biting me.

Crush unions in the name of code reform. ;-)

Andrew Bartlett
(This used to be commit 2eadcf4669)
2007-10-10 13:30:01 -05:00
Andrew Bartlett
44ff3305f8 r8741: Kill warnings about enums not fully enumerated, as we will never use
all the branches.

Andrew Bartlett
(This used to be commit 258e5e302e)
2007-10-10 13:30:00 -05:00
Andrew Tridgell
af237084ec r7633: this patch started as an attempt to make the dcerpc code use a given
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.

Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.

There were 3 places where I punted:

  - abartlet wanted me to add a gensec_set_event_context() call
    instead of adding it to the gensec init calls. Andrew, my
    apologies for not doing this. I didn't do it as adding a new
    parameter allowed me to catch all the callers with the
    compiler. Now that its done, we could go back and use
    gensec_set_event_context()

  - the ejs code calls auth initialisation, which means it should pass
    in the event context from the web server. I punted on that. Needs fixing.

  - I used a NULL event context in dcom_get_pipe(). This is equivalent
    to what we did already, but should be fixed to use a callers event
    context. Jelmer, can you think of a clean way to do that?

I also cleaned up a couple of things:

 - libnet_context_destroy() makes no sense. I removed it.

 - removed some unused vars in various places
(This used to be commit 3a3025485b)
2007-10-10 13:18:15 -05:00
Andrew Bartlett
c214a612df r6928: Add support for printing trusted domain names, sids and passwords in
the Samba4 'net samdump'.

Andrew Bartlett
(This used to be commit b7eeea53b2)
2007-10-10 13:16:57 -05:00
Andrew Bartlett
ed8144154a r6927: Make it easier to program with the SamSync callback interface, perform
the decryption seperate to the callback functions.

Andrew Bartlett
(This used to be commit 4209f813ad)
2007-10-10 13:16:57 -05:00
Andrew Bartlett
35a05d1dc0 r6603: More work on the samdump puzzle. This implements a function pointer
callback interface, so we can start dumping into more than just stdout
soon.

Also use the enums instead of uint32 where possible and valid.

Andrew Bartlett
(This used to be commit f0c67a4a24)
2007-10-10 13:16:29 -05:00
Andrew Bartlett
8bf57cf8f5 r6573: Start on my project to implement an NT4 compatible BDC in Samba4.
This brings in a compatability layer for Samba3 in Samba4 - where we
will start to define file formats and similar details.

The 'net samdump' command uses 'password server = ' for now, and
performs a similar task to Samba3's 'net rpc samsync'.

Andrew Bartlett
(This used to be commit 550f17f992)
2007-10-10 13:16:27 -05:00