sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
64,517 Commits 60 Branches 1,145 Tags 452 MiB
32a2bbb44b
Commit Graph

3139 Commits

Author SHA1 Message Date
Andreas Schneider
77d1b73a3e s3-spoolss: Added a delete_printer_dataex function using the winreg pipe. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-04-07 15:16:52 +02:00
Andreas Schneider
e498338f6f s3-spoolss: Added a enum_printer_dataex function using the winreg pipe. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-04-07 15:16:52 +02:00
Andreas Schneider
511dba5ae8 s3-spoolss: Added a get_printer_dataex function using the winreg pipe. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-04-07 15:16:52 +02:00
Andreas Schneider
bc23545909 s3-spoolss: Added a set_printer_dataex function using the winreg pipe. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-04-07 15:16:52 +02:00
Andreas Schneider
4f3893f814 s3-spoolss: Added a function to open a regkey using the winreg pipe. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-04-07 15:16:52 +02:00
Günther Deschner
dcec932279 s3-spoolss: return info for the correct printjob in _spoolss_GetJob(). 
Guenther
 2010-03-26 14:36:47 +01:00
Stefan Metzmacher
dee63fe4ca s3:ntlmssp: use client.netbios_name instead of workstation 
metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:56 +01:00
Günther Deschner
e46d3d9475 s3-winreg: change notify call has no meaning when called remotely. 
Just return not supported to make smbtorture happy.

Guenther
 2010-03-16 15:29:14 +01:00
Günther Deschner
ce8c622ffb s3-lsa: fix _lsa_lsaRSetForestTrustInformation server stub. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-16 15:12:19 +01:00
Günther Deschner
c9cc26ef62 s3-spoolss: Fix _spoolss_EnumPrinterData. 
Guenther
 2010-03-15 14:41:58 +01:00
Günther Deschner
5e48aa7ebb s3-spoolss: wrap _spoolss_EnumPrinterData() around _spoolss_EnumPrinterDataEx(). 
This removes some dependencies to registry code.

Guenther
 2010-03-13 01:12:22 +01:00
Günther Deschner
8194fc3757 s3-netlogon: Fix bug #7237: _netr_SamLogon segfaults for clients sending NULL domain. 
Thanks to Marc Muehlfeld <muehlfeld@medizinische-genetik.de>.

Guenther
 2010-03-12 00:37:30 +01:00
Günther Deschner
24a7f8f2db s3-winreg: make QueryValue pass RPC-WINREG test again. 
Guenther
 2010-03-11 20:48:24 +01:00
Günther Deschner
96a38e387e s3-winreg: fix some function names in debug statements. 
Guenther
 2010-03-11 20:23:47 +01:00
Günther Deschner
cddc542ba5 s3-winreg: Fix _winreg_QueryValue crash bugs and implement windows behavior. 
Found by RPC-WINREG smbtorture test.

Guenther
 2010-03-11 12:48:43 +01:00
Jeremy Allison
59545276f2 Try and fix bug #7233 - print fails with jobs >4GB from Win7 clients. 
Remove an arbitrarty 4G B limit that *doesn't need to be there* !
Jeremy.
 2010-03-10 17:46:09 -08:00
Günther Deschner
c5ba525748 s3-winreg: add some debug statements to _winreg_QueryValue(). 
Guenther
 2010-03-10 16:12:22 +01:00
Jeremy Allison
c61c9c3a4c Fix for bug #7189 - Open txt files with notepad on samba shares creates problem. 
Ensure we don't use any of the create_options for Samba private
use. Add a new parameter to the VFS_CREATE call (private_flags)
which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code).
Rev. the VFS interface to version 28.

Jeremy.
 2010-03-05 15:13:37 -08:00
Andreas Schneider
f405503350 s3-rpc_server: Document rpc_pipe_open_internal. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-05 21:25:54 +01:00
Günther Deschner
5532654985 s3-spoolss: fix _spoolss_EnumPrinterDataEx after idl 
Guenther
 2010-03-05 15:18:01 +01:00
Günther Deschner
fbb6d00eed s3-spoolss: fix _spoolss_GetPrinterDataEx after IDL change. 
Guenther
 2010-03-05 15:18:00 +01:00
Günther Deschner
9a93483279 s3-spoolss: fix _spoolss_SetPrinterData{Ex} after IDL change. 
Guenther
 2010-03-05 15:17:59 +01:00
Jeremy Allison
cb06eee86a srv_pipe.c doesn't reference current_user anymore. Remove it. 
Jeremy.
 2010-03-04 14:59:29 -08:00
Günther Deschner
3ca8d28bb7 spoolss: fix build and version in spoolss_PrinterInfo0 (aka PRINTER_INFO_STRESS). 
Guenther
 2010-02-26 17:39:21 +01:00
Günther Deschner
10c8b0fb73 s3-spoolss: Save entire devicemode. 
found by RPC-SPOOLSS-PRINTER torture test.

Guenther
 2010-02-25 14:35:41 +01:00
Simo Sorce
1d0938c629 schannel_tdb: make code compilable in both trees 2010-02-23 12:46:50 -05:00
Simo Sorce
3b12c38ac0 s3:schannel streamline interface 
Make calling schannel much easier by removing the need to explicitly open the
database. Let the abstraction do it instead.
 2010-02-23 12:46:50 -05:00
Simo Sorce
b4c9dc3724 s3:schannel more readable check logic 
Make the initial schannel check logic more understandable.
Make it easy to define different policies depending on ther caller's security
requirements (Integrity/Privacy/Both/None)
 2010-02-23 12:46:50 -05:00
Stefan Metzmacher
a2cd203982 s3:spoolss: construct the devmode the same way for level 2 and 8 
metze
 2010-02-23 16:41:26 +01:00
Simo Sorce
0c8608bbab s3 Fix the build 
I didn't mean to puch the GetForestTrustInformation patch just yet,
now that it is in fix the s3 build ...
 2010-02-22 21:18:07 -05:00
Jeremy Allison
91a4db6358 More fixes for bug #7146 - Samba miss-parses authenticated RPC packets. 
Alignment space calculations are tricky :-).

Jeremy.
 2010-02-18 16:12:04 -08:00
Günther Deschner
13533e12fd s3-spoolss: add support for _spoolss_SetPrinter level 8. 
Guenther
 2010-02-19 00:42:25 +01:00
Jeremy Allison
11a87cd31e More fixes for bug #7146 - Samba miss-parses authenticated RPC packets. 
Ensure we calculate the space correctly (including the ss_padding_len)
when constructing reply packets.

Jeremy.
 2010-02-18 15:03:30 -08:00
Günther Deschner
b3c2b2260a s3-spoolss: Fix _spoolss_EnumPrinters servername handling. 
Guenther
 2010-02-18 12:40:36 +01:00
Günther Deschner
43e3d8f51d s3-spoolss: fix return code of spoolss_DeletePrinter. 
When the printer has been removed by the "deleteprinter command", we need to
check if it is still there and then fail, not fail if we successfully removed
it (found by RPC-SPOOLSS-PRINTER).

Guenther
 2010-02-18 02:19:59 +01:00
Günther Deschner
8ce66fba03 s3-spoolss: in spoolss_EnumPrinters r->in.server is a *unique* pointer! 
Guenther
 2010-02-18 02:19:50 +01:00
Günther Deschner
2d2db2a822 s3-spoolss: more AddPrinter{Ex} checks. 
Windows will allow to add a non-shared printer that is returned by EnumPrinters.
Samba has no notion of non-shared local printers yet, so just make sure to
behave like we do elsewhere: a printer autoloaded by samba or added to samba is
shared.

Guenther
 2010-02-18 02:19:42 +01:00
Günther Deschner
5cff7e1692 s3-spoolss: add some printer info validation for AddPrinter calls. 
Guenther
 2010-02-18 02:19:33 +01:00
Jeremy Allison
7b4387f765 Fix bug #7146 - Samba miss-parses authenticated RPC packets. 
Parts of the Samba RPC client and server code misinterpret authenticated
packets.

DCE authenticated packets actually look like this :

+--------------------------+
|header                    |
| ... frag_len (packet len)|
| ... auth_len             |
+--------------------------+
|                          |
| Data payload             |
...                     ....
|                          |
+--------------------------+
|                          |
| auth_pad_len bytes       |
+--------------------------+
|                          |
| Auth footer              |
| auth_pad_len value       |
+--------------------------+
|                          |
| Auth payload             |
| (auth_len bytes long)    |
+--------------------------+

That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).

The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).

Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.

This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).

This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.

Jeremy
 2010-02-17 15:27:59 -08:00
Simo Sorce
d14c3756e8 s3:rpc streamline memory handling 2010-02-16 19:15:56 -05:00
Günther Deschner
ddbda92f87 spoolss: disable GetPrinterDriver level 101 (as called by XP). 
We still dont get the marshalling right, disable and XP will just fall back to
level 6.

Guenther
 2010-02-15 11:17:29 +01:00
Andrew Tridgell
bc5d203eeb s3-rpc: convert wkssvc to use TYPESAFE_QSORT() 2010-02-14 18:44:21 +11:00
Günther Deschner
a16e974593 spoolss: allow to set server architecture via parametric option. 
This allows to set "spoolss:architecture = 'Windows x64'" for debugging purpose.

Guenther
 2010-02-11 13:29:59 +01:00
Günther Deschner
25001bbd1b s3-spoolss: implement spoolss_EnumJobs level 3. 
Level 3 has been added with NT 4.0 and Windows 7 (at least 64bit version) makes
use of it in order to display queued jobs. Windows 7 will *not* fall back to
level 2 if we just return WERR_UNKNOWN_LEVEL, instead there will be no printjobs
displayed at all.

Guenther
 2010-02-11 13:27:46 +01:00
Jeremy Allison
a056eb85ff Missed one check on the memcpy for bug #7063. 
Jeremy.
 2010-02-09 14:56:12 -08:00
Jeremy Allison
539bbf8653 Second part of fix for bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps. 
Ensure we have no naked memcpy calls. This isn't a crash bug (it's
already checked in the data_blob_talloc_zero() above, but I want to
get into the pattern of having all memcpy's covered by safety checks.

Jeremy.
 2010-02-09 14:48:15 -08:00
Jeremy Allison
110a6f29f0 Fix bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps. 
Reported and found by Martin Hochreiter <linuxbox@wavenet.at>.
Ensure we copy the right amount of registry data into the outgoing
buffer.

Jeremy.
 2010-02-02 16:32:51 -08:00
Volker Lendecke
0beac794b6 s3: Fix some DEBUG messages 2010-01-31 15:40:59 +01:00
Günther Deschner
f720f7512e s3-spoolss: stricter name checks when opening back-channel notify connection. 
Make sure to always check if the name the client passed in
spoolss_RemoteFindFirstPrinterChangeNotifyEx is not one of our names.

Guenther
 2010-01-19 14:14:30 +01:00
Volker Lendecke
86a73e6eba s3: Use sid_check_is_domain instead of a direct sid_equal 2010-01-10 20:56:16 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Volker Lendecke
081573091b s3: Remove the typedef for "auth_serversupplied_info" 2010-01-10 20:56:16 +01:00
Volker Lendecke
9bb4766bba s3: Remove the typedef for "auth_usersupplied_info" 2010-01-10 20:56:16 +01:00
Volker Lendecke
8289b46173 s3: Lock down some srvsvc calls according to what w2k3 seems to do 2010-01-07 12:05:33 +01:00
Jeremy Allison
d5995eec7e Second part of the fix for bug #7020 - smbd using 2G memory. 
There was a second leak in the processing of the out_data.frag
prs_struct. It needs freeing once the current pdu has been returned
asynchronously.

Jeremy.
 2010-01-06 13:11:00 -08:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Volker Lendecke
20bcdf85f1 s3: Fix _samr_GetAliasMembership for results with 0 rids 2009-12-15 20:28:47 +01:00
Günther Deschner
f20effc437 s3-spoolss: fix enumprinter key client and server. 
Guenther
 2009-12-10 17:48:50 +01:00
Günther Deschner
e14fb8f913 s3-spoolss: use SPOOLSS_ARCHITECTURE_ALL in driver enum server code. 
Guenther
 2009-12-08 16:20:51 +01:00
Günther Deschner
7770d1492b s3-spoolss: cleanup _spoolss_EnumPrinterDrivers(). 
Guenther
 2009-12-08 11:51:02 +01:00
Günther Deschner
0efbd932b6 s3-spoolss: remove unused architecture from fill_printer_driver_info1(). 
Guenther
 2009-12-08 11:50:54 +01:00
Günther Deschner
af08962c94 s3-spoolss: remove ridiculous amount of duplicate driver code. 
Guenther
 2009-12-08 11:50:47 +01:00
Günther Deschner
1c9eba40ae s3-spoolss: fully support level 8 drivers. 
Guenther
 2009-12-08 11:50:40 +01:00
Günther Deschner
35c50dcce3 s3-spoolss: use driver level info8 everywhere in spoolss server internally. 
Guenther
 2009-12-08 11:05:21 +01:00
Günther Deschner
ef9d6580ef s3-spoolss: let _spoolss_DeletePrinterData call into _spoolss_DeletePrinterDataEx. 
Guenther
 2009-12-07 14:42:13 +01:00
Günther Deschner
167dca0cbf s3-spoolss: let _spoolss_SetPrinterData call into _spoolss_SetPrinterDataEx. 
Guenther
 2009-12-07 14:42:13 +01:00
Günther Deschner
778124ea32 s3-spoolss: let _spoolss_GetPrinterData call into _spoolss_GetPrinterDataEx. 
Guenther
 2009-12-07 14:42:12 +01:00
Günther Deschner
1bc83b984d s3-winreg: fill in some inline comments. 
Guenther
 2009-12-07 14:41:15 +01:00
Günther Deschner
5d46530053 s3-winreg: remove trailing whitespace. 
Guenther
 2009-12-07 14:41:15 +01:00
Volker Lendecke
da8b405065 s3: Fix a const discard warning 2009-12-06 13:07:04 +01:00
Volker Lendecke
3b8e85d68f s3: talloc_array_length deals file with a NULL argument 2009-12-06 13:07:04 +01:00
Volker Lendecke
1ba91c0a51 s3: Small simplification: qsort deals fine with just one entry 2009-12-06 13:07:04 +01:00
Volker Lendecke
449045e75d s3: Simplify usr_info_cmp by calling timeval_compare() 2009-12-06 13:07:04 +01:00
Ian Puleston
bbffd79f1c s3: Complete support for NetWkstaGetInfo/NetWkstaEnumUsers 2009-12-06 13:07:04 +01:00
Volker Lendecke
7eaff9b300 s3: First cut at _wkssvc_NetWkstaEnumUsers 
This needs access checks!
 2009-12-06 13:07:04 +01:00
Volker Lendecke
a902c4cc50 s3: Support NetWkstaGetInfo 101 and 102 2009-12-06 13:07:03 +01:00
Günther Deschner
459a968fb4 s3-spoolss: handle SEC_FLAG_MAXIMUM_ALLOWED in spoolss_OpenPrinterEx. 
In case someone (smbtorture4) requests SEC_FLAG_MAXIMUM_ALLOWED, translate it
to a request of PRINTER_ACCESS_ADMINISTER.

Guenther
 2009-12-03 23:49:03 +01:00
Günther Deschner
5f60855ba2 samba-spoolss: use spoolss_StringArray2 in spoolss_EnumPrinterKey. 
This should finally resolve the endian issues we were seeing on sparc and is
much cleaner for spoolss clients and servers.

Guenther
 2009-12-02 14:56:17 +01:00
Günther Deschner
753b9c6d56 s3-spoolss: fix fstrings in convert_devicemode() function. 
Guenther
 2009-11-30 23:29:29 +01:00
Günther Deschner
e512ccb5b6 s3-spoolss: simplify _spoolss_EnumPrinterKey a little more. 
Guenther
 2009-11-27 18:31:13 +01:00
Günther Deschner
49e464cef5 s3-spoolss: use macros to fillup driver levels. 
Guenther
 2009-11-27 01:09:10 +01:00
Günther Deschner
5d706a2fd4 s3-rpc: running minimal_includes.pl on rpc_client and rpc_server. 
Guenther
 2009-11-26 20:17:07 +01:00
Günther Deschner
3d679a3b5f s3-rpc: Avoid including every pipe's client and server stubs everywhere in samba. 
Guenther
 2009-11-26 20:03:17 +01:00
Günther Deschner
85b6461174 s3-spoolss: pre cosmetics: reorder levels in construct_printer_info levels. 
Guenther
 2009-11-26 19:21:10 +01:00
Günther Deschner
e92470d442 s3-spoolss: re-arrange driver info level fillup functions. 
Guenther
 2009-11-24 16:48:19 +01:00
Günther Deschner
846aa18648 s3-spoolss: fixes for _spoolss_EnumPrinterKey client and server. 
Thanks Metze for review!

Guenther
 2009-11-24 15:49:35 +01:00
Günther Deschner
a6142987ac s3-spoolss: Fix GetPrinter level 101. 
Guenther
 2009-11-23 16:56:03 +01:00
Günther Deschner
ec56895bde s3-printing: use spoolss types and structs while getting and deleting drivers. 
Guenther
 2009-11-23 12:19:11 +01:00
Günther Deschner
68cc1166d9 s3-printing: use spoolss types and structs while adding drivers. 
Guenther
 2009-11-23 12:19:04 +01:00
Günther Deschner
d464151f3b s3-spoolss: fix spoolss_EnumPrinterKey client and server code. 
Guenther
 2009-11-23 11:44:43 +01:00
Günther Deschner
bbff69384e s3-samr: implement _samr_ValidatePassword(). 
Guenther
 2009-11-10 13:08:29 +01:00
Günther Deschner
d7ce873391 s3-netlogon: enable RPC-NETLOGON-ADMIN test against s3. 
Guenther
 2009-11-09 17:36:53 +01:00
Volker Lendecke
e181b88978 Revert "s3: Do not reference ndr_table_<pipe> in the cli_ routines directly" 
This reverts commit daa964013b.
 2009-11-08 19:43:47 +01:00
Volker Lendecke
27847e8386 Revert "s3: Consolidate getting the name out of a pipes_struct" 
This reverts commit 9621306351.
 2009-11-08 19:43:47 +01:00
Volker Lendecke
47455b4d1a Revert "s3: Do not reference the ndr_tables in the server calls directly" 
This reverts commit 98fb71782e.
 2009-11-08 19:43:46 +01:00
Volker Lendecke
82c35e460e Revert "s3: Do not reference ndr_table when calling rpc_srv_register" 
This reverts commit 494b2aff88.
 2009-11-08 19:43:46 +01:00
Volker Lendecke
494b2aff88 s3: Do not reference ndr_table when calling rpc_srv_register 2009-11-08 13:12:15 +01:00
Volker Lendecke
98fb71782e s3: Do not reference the ndr_tables in the server calls directly 
This involves storing the interface table in the pipes_struct
 2009-11-08 13:12:14 +01:00
Volker Lendecke
9621306351 s3: Consolidate getting the name out of a pipes_struct 2009-11-08 13:12:14 +01:00
Volker Lendecke
daa964013b s3: Do not reference ndr_table_<pipe> in the cli_ routines directly 2009-11-08 13:12:13 +01:00
Volker Lendecke
2aa0af9867 s3: get_pipe_name_from_iface -> get_pipe_name_from_syntax 2009-11-07 09:14:15 +01:00
Günther Deschner
53d49bb728 s3-netlogon: implement _netr_GetDcName and _netr_GetAnyDcName. 
Guenther
 2009-11-06 15:01:39 +01:00
Günther Deschner
ccdd1462cc s3-netlogon: make sure we protect some function codes in _netr_LogonControl2Ex(). 
Guenther
 2009-11-04 00:55:49 +01:00
Günther Deschner
bb2e1ff631 s3-netlogon: let s3 pass against RPC-NETLOGON-S3 again. 
Guenther
 2009-11-04 00:55:45 +01:00
Günther Deschner
40f3f456bc s3-netlogon: implement _netr_NETLOGON_INFO_4 in netr_LogonControl2Ex() and friends as well. 
Guenther
 2009-11-04 00:55:18 +01:00
Günther Deschner
b3a2147497 s3-netlogon: implement remote trust account changing in netr_LogonControl2Ex() and friends. 
Guenther
 2009-11-04 00:55:09 +01:00
Günther Deschner
97496bb3ca s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy(). 
Add dummys (just like s4 does) and fill in some more appropriate error codes.

Guenther
 2009-11-03 22:19:26 +01:00
Günther Deschner
a98832189a s3-lsa: expand struct lsa_info to carry name and sd. 
Guenther
 2009-10-30 12:28:48 +01:00
Günther Deschner
820b2f4cfa s3-lsa: use switch in _lsa_QuerySecurity(). 
Guenther
 2009-10-30 12:28:48 +01:00
Günther Deschner
abe9417303 s3-lsa: add lsa_trusted_domain_mapping. 
Guenther
 2009-10-28 12:37:38 +01:00
Günther Deschner
7791d29c79 s3-lsa: add lsa_secret_mapping. 
Guenther
 2009-10-28 12:37:34 +01:00
Günther Deschner
880666cd94 s3-lsa: use correct function name in_lsa_RemoveAccountRights(). 
Guenther
 2009-10-28 12:24:25 +01:00
Günther Deschner
c352a73bad s3-lsa: pure cosmetic indentation fixes. 
Guenther
 2009-10-28 12:24:17 +01:00
Günther Deschner
6937e01e3e s3-lsa: use enum lsa_LookupNamesLevel in lsa_lookup_level_to_flags(). 
Guenther
 2009-10-28 12:24:08 +01:00
Günther Deschner
209a65bc6f s3-lsa: Fix _lsa_EnumTrustDom() and avoid infite windows client loop. 
Found by RPC-LSA-TRUSTED-DOMAIN torture test.

Guenther
 2009-10-21 03:13:59 +02:00
Günther Deschner
32f2cc4487 s3-lsa: make s3 pass against RPC-LSA-LOOKUPNAMES again. 
Do what W2k8 does and return the builtin domain for a NULL name.

Guenther
 2009-10-21 02:57:08 +02:00
Günther Deschner
49a1323495 s3-lsa: Fix _lsa_EnumTrustDom(). 
Windows clients were showing a lot of duplicates in their list of trusted
domains.

Found by RPC-LSA-TRUSTED-DOMAIN torture test.

Guenther
 2009-10-20 21:46:06 +02:00
Günther Deschner
a5a7b9ebc2 s3-lsa: Fix _lsa_CreateAccount() for usage of SEC_FLAG_MAXIMUM_ALLOWED. 
Found by RPC-LSA-PRIVILEGES torture test.

Guenther
 2009-10-20 15:57:06 +02:00
Günther Deschner
18dd626160 s3-lsa: When looking up domains in LookupNames, do not strip the sid. 
Found by RPC-LSA-LOOKUPNAMES torture test.

Guenther
 2009-10-20 15:28:31 +02:00
Günther Deschner
b6d97a00b1 s3-lsa: allow to have NULL strings in lsa LookupName queries. 
Found by RPC-LSA-LOOKUPNAMES torture test.

Guenther
 2009-10-20 15:28:30 +02:00
Karolin Seeger
fa08d0b44b Fix typo. 
privilage -> privilege

Karolin
 2009-10-19 09:47:33 +02:00
Matthias Dieter Wallnöfer
fef032fac7 s3:srv_samr_nt - another fix for the reject reason 2009-10-16 15:26:14 +02:00
Günther Deschner
8267564e1c s3-netlogon: Fix _netr_ServerPasswordSet2 cleartext blob handling. 
Following Andrew's advice, let's straight md4 the plaintext blob and avoid
trying to get a paintext string out of the input the client sends.

Guenther
 2009-10-16 14:54:57 +02:00
Volker Lendecke
f3869f90f5 s3:rpc: Fix is_known_pipename for dynamically loaded pipes 2009-10-13 20:34:25 +02:00
Günther Deschner
ebe0e64ba9 s3: use enum netr_SchannelType all over the place. 
Guenther
 2009-10-13 10:21:46 +02:00
Matthias Dieter Wallnöfer
607ceff234 s3/s4 - Adapt the IDL changes on various locations 2009-10-08 09:50:19 +02:00
Günther Deschner
3d3134a7d6 s3-netlogon: pure cosmetic indent fixes in _netr_LogonControl2Ex(). 
Guenther
 2009-10-07 10:36:22 +02:00
Günther Deschner
6c0abbdd35 s3-netlogon: properly implement _netr_NetrEnumerateTrustedDomains(). 
Guenther
 2009-09-30 00:37:13 +02:00
Günther Deschner
2d6e5e160b s3: use push_reg_multi_sz(). 
Guenther
 2009-09-30 00:30:25 +02:00
Günther Deschner
2c11b73391 s3-registry: use push_reg_sz(). 
Guenther
 2009-09-30 00:29:49 +02:00
Stefan Metzmacher
9ef39406d8 s3:rpc_server: we need to make a copy of my_name in serverinfo_to_SamInfo_base() 
This is important for the case the server_info already contains a logon_server.

metze
 2009-09-24 06:41:13 +02:00
Günther Deschner
503d035814 spnego: share spnego_parse. 
Guenther
 2009-09-17 01:12:20 +02:00
Günther Deschner
44e44310d1 s3-netlogon: support validation level 6 in netr_SamLogon calls. 
Guenther
 2009-09-16 18:00:03 +02:00
Günther Deschner
5ddde4e19d s3-netlogon: match all logon levels in netr_SamLogon calls. 
Guenther
 2009-09-16 17:59:56 +02:00
Stefan Metzmacher
033ced60ac libcli/auth: rewrite schannel sign/seal code to be more generic 
This prepares support for HMAC-SHA256/AES.

metze
 2009-09-16 12:29:06 +02:00
Günther Deschner
37bc806453 s3-dcerpc: remove more obsolete or duplicate headers. 
Guenther
 2009-09-16 08:55:51 +02:00
Günther Deschner
c5c04fcf90 s3-schannel: add dump_NL_AUTH_SIGNATURE. 
Guenther
 2009-09-16 07:54:02 +02:00
Günther Deschner
799f8d7e13 schannel: fully share schannel sign/seal between s3 and 4. 
Guenther
 2009-09-16 01:55:06 +02:00
Günther Deschner
231b2fa261 s3-dcerpc: really fix remaining old auth level constants. sorry... 
Guenther
 2009-09-15 19:34:18 +02:00
Günther Deschner
c2d7c7a9dd s3-dcerpc: fix remaining old auth level constants. 
Guenther
 2009-09-15 18:30:44 +02:00
Günther Deschner
7b36ea55ea s3-dcerpc: remove duplicate RPC_AUTH_LEVEL flags. 
Guenther
 2009-09-15 17:49:43 +02:00
Günther Deschner
d3af0346c8 s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags. 
Guenther
 2009-09-15 17:49:34 +02:00
Günther Deschner
c3da2056ec s3-samr: Fix Coverity #934 UNINIT. 
Guenther
 2009-09-13 21:33:00 +02:00
Günther Deschner
15bbae5fd8 s3-netlogon: Fix Coverity #945 UNINIT. 
Guenther
 2009-09-13 21:32:48 +02:00
Günther Deschner
f900e61cf8 s3-schannel: fix api_pipe_schannel_process(), was using incorrect buffer length. 
Found by RPC-SCHANNEL torture test.

Guenther
 2009-09-13 06:46:55 +02:00
Günther Deschner
1d4bf02993 lsa: fill in more unknowns in lsa_LookupSid calls. 
Guenther
 2009-09-11 13:59:56 +02:00
Günther Deschner
d258fb4d0d s3-schannel: use NL_AUTH_SIGNATURE for schannel sign & seal (client & server). 
Guenther
 2009-09-11 03:00:35 +02:00
Günther Deschner
9ab5d9be8d s3-schannel: use NL_AUTH_MESSAGE for schannel bind reply. 
Guenther
 2009-09-11 02:57:27 +02:00
Günther Deschner
3984738646 s3-rpc_server: use NL_AUTH_MESSAGE in pipe_schannel_auth_bind(). 
Guenther
 2009-09-08 17:07:03 +02:00
Günther Deschner
a0b1968167 s3-netlogon: use WERRORs in NETLOGON_INFO structures. 
Guenther
 2009-09-02 15:29:44 +02:00
Günther Deschner
2b8afd2257 s3-netlogon: implement _netr_ServerPasswordSet2. 
Guenther
 2009-09-02 10:47:36 +02:00
Günther Deschner
71e9dfc0cd s3-netlogon: rework _netr_ServerPasswordSet. 
Guenther
 2009-09-02 10:47:35 +02:00
Günther Deschner
931771138a s3-netlogon: implement _netr_LogonSamLogonWithFlags(). 
Guenther
 2009-09-02 10:23:28 +02:00
Günther Deschner
21a93c2ddc s3-netlogon: use shared credential and schannel storage infrastructure for netlogon server. 
Guenther
 2009-08-27 15:55:19 +02:00
Günther Deschner
2d8157fb9e s3-netlogon: add netr_creds_server_step_check() convenience wrapper. 
Guenther
 2009-08-27 15:55:19 +02:00
Günther Deschner
2cbacd5e10 s3-netlogon: let get_md4pw() return a struct dom_sid. 
Guenther
 2009-08-26 15:45:09 +02:00
Günther Deschner
a77b036f3b s3-netlogon: fix default case when _netr_LogonSamLogon is called from other opcodes. 
Guenther
 2009-08-26 01:06:36 +02:00
Günther Deschner
87ce535243 Revert "s3: Fix uninitialized const char *" 
Tim, I am reverting this as this eliminates "_netr_LogonSamLogonEx" from the
debug messages completely. Followup fix to come immediately.

This reverts commit add9b4afb1.
 2009-08-26 01:06:22 +02:00
Günther Deschner
e460c211b0 s3-netlogon: get rid of init_net_r_req_chal(). 
Guenther
 2009-08-26 00:48:13 +02:00
Günther Deschner
5b46e5985e s3-netlogon: let get_md4pw() return a struct samr_Password. 
(in preparation of credential merge).

Guenther
 2009-08-26 00:48:04 +02:00
Günther Deschner
1a53b61771 s3-netlogon: make _netr_ServerAuthenticate a callback to _netr_ServerAuthenticate3. 
Guenther
 2009-08-26 00:47:55 +02:00
Günther Deschner
4799020e9f s3-netlogon: Only hand out rid when netlogon credential chain has been setup sucessfully. 
Guenther
 2009-08-24 23:09:57 +02:00
Jeremy Allison
9b261a1211 Fix bug 6638 - ADS Domain Member: Computer Mgr can not set share ACLs 
Add good error message for share modification denial.
Jeremy.
 2009-08-20 11:08:21 -07:00
Günther Deschner
062d26d57b s3-spoolss: add stubs for new idl opcodes in spoolss server. 
Guenther
 2009-08-20 14:25:41 +02:00
Günther Deschner
53196955d4 s3-spoolss: remove another duplicate copy of print_architecture_table. 
Guenther
 2009-08-17 18:09:11 +02:00
Stefan Metzmacher
70afd419a6 s3:smbd: conn_free_internal() can be static now 
metze
 2009-08-07 14:18:15 +02:00
Günther Deschner
5b50e506d0 s3-wkssvcs: fix check for BUILTIN\Administrators membership in wkssvc_Netr{Join,Unjoin}Domain2. 
Guenther
 2009-08-07 09:59:14 +02:00
Günther Deschner
74454cc731 s3-spoolss: Fix Bug #6568: _spoolss_GetPrintProcessorDirectory() implementation. 
We should always return a local path so that users are not forced to setup a
[prnproc$] share on the server. This restores pre-3.4.0 spoolss behaviour.

Guenther
 2009-08-04 18:50:59 +02:00
Günther Deschner
75030ff2b1 s3-spoolss: fix crash bug in spoolss_addprinterex_level_2. 
Guenther
 2009-08-04 00:16:37 +02:00
Volker Lendecke
e4d276f737 Fix some nonempty blank lines 2009-08-03 21:27:44 +02:00
Jeremy Allison
5d05d22999 Added prefer_ipv4 bool parameter to resolve_name(). 
W2K3 DC's can have IPv6 addresses but won't serve
krb5/ldap or cldap on those addresses. Make sure when
we're asking for DC's we prefer IPv4.
If you have an IPv6-only network this prioritizing code
will be a no-op. And if you have a mixed network then you
need to prioritize IPv4 due to W2K3 DC's.
Jeremy.
 2009-07-28 11:51:58 -07:00
Volker Lendecke
fb03bbfa09 Fix valgrind errors in DeleteDomainGroup and DeleteDomAlias 2009-07-26 22:05:41 +02:00
Volker Lendecke
1a6aaee050 Fix a valgrind error in _samr_DeleteUser 
The close_handle invalidates uinfo
 2009-07-26 15:47:31 +02:00
Volker Lendecke
df0731d6e9 Fix a 32/64bit stack corruption bug 2009-07-25 13:23:44 -04:00
Tim Prouty
10324b177e s3: Allow filename_convert() to pass through unix_convert_flags and let the caller know if the path has a wildcard 
This also eliminates the need for resolve_dfspath().
 2009-07-24 15:10:45 -07:00
Tim Prouty
00e267008d s3: Remove the now unused fname parameter from filename_convert() 2009-07-21 12:04:59 -07:00
Jeremy Allison
6a9e003910 Fix bug #6564 - SetPrinter fails (panics) as non root. 
Missing become_root()/unbecome_root() around reload_services.
Jeremy.
 2009-07-17 17:36:26 -07:00
Günther Deschner
3e661d4c8e s3-lsa: let _lsa_Delete return NT_STATUS_NOT_SUPPORTED as w2k3 does. 
Guenther
 2009-07-17 13:55:29 +02:00
Günther Deschner
2a26b2ac87 s3-lsa: Fix access_mask calculation for new handle in _lsa_CreateAccount(). 
Guenther
 2009-07-17 13:50:34 +02:00
Günther Deschner
3eea254e5b s3-lsa: add (not yet activate) level specific access checks for _lsa_QueryInfoPolicy. 
Guenther
 2009-07-17 13:50:34 +02:00
Günther Deschner
864e809752 s3-lsa: also implement level 13 in lsa_QueryInfoPolicy. 
Guenther
 2009-07-17 13:50:34 +02:00
Günther Deschner
d1903cb7f2 s3-lsa: Fix policy handle memleak and handle type check in _lsa_DeleteObject(). 
Guenther
 2009-07-17 13:50:34 +02:00
Günther Deschner
4faef0da76 s3-lsa: Fix pointless check for sec_info flags in _lsa_QuerySecurity(). 
Guenther
 2009-07-17 00:13:29 +02:00
Günther Deschner
35e45fb841 s3-lsa: implement _lsa_LookupPrivName(). 
Guenther
 2009-07-17 00:12:56 +02:00
Günther Deschner
3b899af422 s3-lsa: implement _lsa_EnumAccountsWithUserRight(). 
Guenther
 2009-07-17 00:11:14 +02:00
Günther Deschner
33768fea07 s3-spoolss: make some of the command hooks static. 
Guenther
 2009-07-16 03:05:45 +02:00
Bo Yang
86865365ce S3: Small fix to get rid of annoying log message. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-07-15 17:05:46 +08:00
Günther Deschner
9f15ef11bd s3-account_policy: add pdb_policy_type enum. 
Guenther
 2009-07-14 12:12:18 +02:00
Günther Deschner
f7ff6bd142 s3-rpc_server: pass down full unix token to map_max_allowed_access(). 
Also use unix_token->uid instead of geteuid() when checking for mapping of the
SEC_FLAG_MAXIMUM_ALLOWED flag.

Guenther
 2009-07-13 15:38:20 +02:00
Tim Prouty
0f6e10886f s3: Change some filename_convert to pass in NULL for char **fname argument 2009-07-06 15:38:41 -07:00
Volker Lendecke
880c286bc9 Use null_ndr_syntax_id instead of zeroing null_interface manually 2009-07-05 23:50:12 +02:00
Volker Lendecke
58fbf7420c Remove "typedef struct ndr_syntax_id RPC_IFACE;" 2009-07-05 23:50:12 +02:00
Volker Lendecke
30dd96e819 Make check_bind_req static to rpc_server/srv_pipe.c 2009-07-05 23:50:12 +02:00
Volker Lendecke
f169772d93 Handle LSA_POLICY_INFO_DNS 2009-07-04 12:54:22 +02:00
Volker Lendecke
8666e79f8f Implement QueryInfoPolicy2 similar to s4: Make it the same as QueryInfoPolicy 
Don't reply to it for non-pdb-ads to keep up our old behaviour
 2009-07-04 12:54:22 +02:00
Volker Lendecke
66152d29b3 Attempt to fix the build 2009-07-03 22:33:21 +02:00
Günther Deschner
bee0421f4c s3-spoolss: implement _spoolss_AddPrinter. 
Guenther
 2009-07-03 22:05:21 +02:00
Günther Deschner
78519b6500 s3-netlogon: remove unneeded fstrings from netlogon server. 
Guenther
 2009-06-30 22:21:09 +02:00
Günther Deschner
b85b93dcff s3-spoolss: Bug #6512. Fix support for enumerating user forms. 
Found while testing Xerox WorkCentre 133 PCL driver, now also tested with
torture test.

Guenther
 2009-06-30 13:34:51 +02:00
Volker Lendecke
8414048557 _lsa_QueryInfoPolicy: Use symbolic info level names 2009-06-28 22:13:50 +02:00