sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Code
73,007 Commits 60 Branches 1,144 Tags 452 MiB
55916e273f
Commit Graph

1763 Commits

Author SHA1 Message Date
Andrew Tridgell
785410c493 s4-drs: fixed comment in getncchanges code 
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Sep 27 04:54:43 UTC 2010 on sn-devel-104
 2010-09-27 04:54:43 +00:00
Andrew Tridgell
f33fc39f37 s4-drs: use the system sam_ctx for updaterefs 
this is needed for RODC clients calling updaterefs
 2010-09-26 06:29:06 +00:00
Andrew Tridgell
d72dbe847e s4-repl: make getncchanges a bit less verbose 
this should reduce some of the clutter in make test
 2010-09-25 10:38:45 -07:00
Matthias Dieter Wallnöfer
80f3e92d0a s4:rpc_server/dcerpc_server.c - fix a "const" warning 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-09-24 09:25:41 +10:00
Anatoliy Atanasov
859f3cdd4a s4/eventlog6: Add dummy implementation for calls 0x5 and 0xB 
The code is enough to let us run all dcdiag tests against samba4 server
 2010-09-23 13:34:09 -07:00
Anatoliy Atanasov
411e6bc3f2 s4/eventlog6: Build and hook EventLog6 RPC endpont mapper and idl 2010-09-23 13:34:08 -07:00
Anatoliy Atanasov
b23609812a s4/eventlog6: Add endpoint server for EventLog6 RPC 
The file is generated using PIDL --template command.
 2010-09-23 13:34:08 -07:00
Anatoliy Atanasov
b4eba4268d s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders test 2010-09-20 09:46:10 -07:00
Andrew Tridgell
dc59de5627 s4-netlogon: added IDL for netr_DsrUpdateReadOnlyServerDnsRecords 
this is used by a RODC to do DNS updates, as TSIG updates are not
allowed by RODCs

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 21:09:17 +10:00
Andrew Tridgell
5958997a9b s4-rpcserver: allow saving of bad RPC packets 
use:
	dcesrv:stubs directory = .

to save files like this:

  RPC-netlogon-48-pullfail.dat

when a RPC packet can't be parsed or is unknown. Only enabled in
developer builds

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 21:09:17 +10:00
Andrew Tridgell
377ffcb029 s4-drs: make debugging DsUpdateRefs a bit easier 2010-09-16 16:08:46 +10:00
Andrew Tridgell
e5cd023a41 s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} calls 2010-09-16 16:08:46 +10:00
Andrew Tridgell
4cf53c6d0b s4-drs: removed a debug print in repl secret 2010-09-16 16:08:46 +10:00
Andrew Tridgell
e2b6d171d4 s4-drs: get lpcfg_dnsdomain() instead of lpcfg_realm() 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:01 +10:00
Kamen Mazdrashki
7f1db0d8df s4-drs: Wait DsReplicaSync for as long as it takes to complete 
In case the caller wants sync execution, we should
not cancel the call for internal timeout reason,
but rather wait for its execution
 2010-09-16 00:15:38 +03:00
Kamen Mazdrashki
ee169d7347 s4-irpc: Add 'timeout' param for dcesrv_irpc_forward_rpc_call() call 
It is to be used when caller wants to explicitly
specify the timeout for the call
 2010-09-16 00:15:38 +03:00
Andrew Tridgell
e7f21fa941 s4-rpcserver: set unbind method to NULL in remote server 
this prevents a possible crash on disconnect
 2010-09-15 23:08:18 +10:00
Anatoliy Atanasov
4608721935 s4/fsmo: Remove empty new lines 2010-09-15 14:00:27 +03:00
Andrew Tridgell
a498ab90fb s4-rpc: fixed double free in RPC proxy 
the unbind method is only called when the dcesrv_connection_context is
being destroyed (its called from the destructor). That means that priv
is either already free, or is about to be freed, so don't free it
again
 2010-09-15 15:39:36 +10:00
Jelmer Vernooij
48976ac497 rpc_server: Remove unnecessary dependency on server modules, build 
system will take care of that.
 2010-09-14 17:24:05 +02:00
Matthias Dieter Wallnöfer
7e710c4de9 s4:rpc_server/common/common.h - introduce two forward declarations to suppress parameter declaration warnings 
Always Tru64 in file "param/loadparm.c" and possibly others.
 2010-09-11 18:04:48 +02:00
Matthias Dieter Wallnöfer
83cd3f7630 s4:dcesrv_samr_GetGroupsForUser - also universal group memberships are returned here 
Tested using User Manager for Domains against Windows Server 2008.
MS-SAMR 3.1.5.9.1 is wrong in this case therefore I've informed the dochelp team.
 2010-09-11 14:34:37 +02:00
Andrew Bartlett
e84ab1b35f s4-privs Fix enum privileges in LSARPC server 
We were returning the index, not the LUID value

Andrew Bartlett
 2010-09-11 22:32:43 +10:00
Andrew Bartlett
0eea8ecfe2 s4-privs Seperate rights and privileges 
These are related, but slightly different concepts.  The biggest difference
is that rights are not enumerated as a system-wide list.

This moves the rights to security.idl due to dependencies.

Andrew Bartlett
 2010-09-11 18:46:13 +10:00
Andrew Bartlett
da9bca6282 s4-rpc_server Put all 'logon failure' messages at the same debug level 4 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:12 +10:00
Andrew Tridgell
45aecc2833 s4-lsa: privilege IDs should use the enum, not an int 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-11 18:46:12 +10:00
Andrew Bartlett
a32cdadb7c libcli/security Make sec_privilege_from_index() return SEC_PRIV_INVALID on failure 
This is clearer and more consistent than using a magic -1 return

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
6d78e11e17 libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure. 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:10 +10:00
Andrew Bartlett
9abfd8fe3b s4-privs Add a lookup by index of privilages 
Now that privileges are no longer given luid values sequentially,
we need another way to look them up for enumeration.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:05 +10:00
Matthias Dieter Wallnöfer
4fc1319db9 s4:getncchanges_change_master - also in this call "i" needs to be unsigned 2010-09-10 20:20:26 +02:00
Kamen Mazdrashki
25dd9fae66 s4-drs: return DRSUAPI_EXOP_ERR_SUCCESS in extended_ret 
in case we are handling extended operation.

It seems that windows accept both DRSUAPI_EXOP_ERR_SUCCESS
and DRSUAPI_EXOP_ERR_NONE, but Samba is a little bit
more picky on this.
 2010-09-10 13:08:25 +03:00
Kamen Mazdrashki
611cd51096 s4-drs: Hanlde extended operations only once 
Most of extended operations I know of work like:
1. do extended operation
2. collect a set of objects to return and start replication cycle
3. continue returning object as we have no more to give

This way we ensure we are doing 1. only once
 2010-09-10 13:08:24 +03:00
Nadezhda Ivanova
5ba2858b02 s4-rpc: Added handling of fsmo role transfer to GetNCChanges 
This adds support for DRSUAPI_EXOP_FSMO_REQ_ROLE, DRSUAPI_EXOP_FSMO_RID_REQ_ROLE
and DRSUAPI_EXOP_FSMO_REQ_PDC.
Developed in collaboration with Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
 2010-09-10 13:08:18 +03:00
Kamen Mazdrashki
3f109f8fd7 s4-drs: Dump exact error when failure occurs during DsReplicaUpdateRefs call 2010-09-07 17:09:34 +03:00
Stefan Metzmacher
5c73c84f29 s4:rpc_server/netlogon: use irpc_binding_handle_by_name() 
metze
 2010-09-03 17:00:20 +02:00
Stefan Metzmacher
f2422a0faa s4:rpc_server/common: use irpc_binding_handle_by_name() in dcesrv_irpc_forward_rpc_call() 
metze
 2010-09-03 17:00:19 +02:00
Kamen Mazdrashki
fdffa90ef9 s4-drs: A quick fix for DRSUAPI_EXOP_FSMO_RID_ALLOC extended_op handling 
When DRSUAPI_EXOP_FSMO_RID_ALLOC extended op is handled
in DsGetNCChanges() stub, we need to returned a well know set of
object - see: [ms-adts], 3.1.1.5.1.7

With this hack we are going to return just objects modified
during RID allocation procedure - i.e. "RID Manager$", "RID Set" for
computer object and computer object itself.

Which is a close approximation of what we are expected to return.
 2010-09-03 13:23:48 +03:00
Günther Deschner
e2f15d2a25 s4-trusts: fix trustDomainPasswords drsblobs IDL and server side support. 
Also remove bogus trustCurrentPasswords struct which we just had because our IDL
was incorrect.

Guenther
 2010-08-25 13:27:50 +02:00
Matthias Dieter Wallnöfer
2d80364f1b s4:getncchanges.c - fix some counter variable types 
They should be "unsigned" since they count LDB objects. And also the SID array
can be counted as "unsigned".
 2010-08-23 18:05:52 +02:00
Andrew Tridgell
635c41ab82 s4-drs: show the user sid that does the GetNCChanges call 
this is useful when debugging replication

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-23 15:55:39 +10:00
Andrew Tridgell
826177bd24 s4-drs: removed the warning on WRIT_REP being set 
we just need to clear this flag
 2010-08-23 15:55:39 +10:00
Andrew Bartlett
6cf29b3e4f s4:security Change struct security_token->sids from struct dom_sid * to struct dom_sid 
This makes the structure much more like NT_USER_TOKEN in the source3/
code.  (The remaining changes are that privilages still need to be merged)

Andrew Bartlett
 2010-08-23 08:50:55 +10:00
Stefan Metzmacher
fe7819ae6f librpc/rpc: move dcerpc_read_ncacn_packet_send/recv() to dcerpc_util.c 
metze
 2010-08-20 18:09:25 +02:00
Andrew Tridgell
f1c6bab60e s4-drs: fixed the error code for EXOP_REPL_SECRET getncchanges calls 
when we deny a EXOP_REPL_SECRET call we should set the exop error code
to NONE, and the main return code to WERR_DS_DRA_ACCESS_DENIED (based
on observing windows server behaviour)

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-20 20:34:11 +10:00
Andrew Tridgell
4cc6b5a69b s4-drs: bring us much closer to the docs for DRS secret replication 
The rules for when a RODC can replicate secrets are:

 - it can always replicate its own acct
 - it can also replicate its krbtgt acct
 - it can't replicate other krbtgt accts
 - it can't replicate interdomain trust accounts
 - it can't replicate users in the denied group list
 - it can replicate users in the allowed group list

otherwise it can't replicate

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-20 20:34:11 +10:00
Andrew Tridgell
c122939919 s4-drs: implement RODC attribute filtering override 
When a RODC uses extended getncchanges operation
DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to
replicate the secret attributes.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-20 20:34:11 +10:00
Andrew Tridgell
dc7cf47371 s4-drs: added sam_ctx_system on DRS bind state 
The getncchanges call needs to be able to access the sam as the system
user for RODC clients. To do this it needs a sam_ctx connection with
system credentials

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-20 20:34:11 +10:00
Kamen Mazdrashki
89899f55dc s4-drs: ATTIDs for deleted attributes should be based on msDs-IntId value if it exists 2010-08-19 03:34:05 +03:00
Kamen Mazdrashki
6a51afcfdb s4-drs: GetNCChanges() to return correct (in AD-way) ATTIDs 
Depending on which NC is being replicated, GetNCChanges() returns
either ATTID based on local prefixMap or msDs-IntId value of
the attributeSchema class for the attribute being replicated.

If set, msDs-IntId value is always returned when replicating
object form NC other than Schema NC.
Objects in Schema NC replica always use prefixMap based ATTIDs.
 2010-08-19 03:34:03 +03:00
Andrew Bartlett
7c6ca95bec s4:security Remove use of user_sid and group_sid from struct security_token 
This makes the structure more like Samba3's NT_USER_TOKEN
 2010-08-18 09:50:38 +10:00
Matthias Dieter Wallnöfer
786c41b095 s4:netlogon RPC server - "ServerPasswordSet" operations - introduce also here the new password change syntax 2010-08-17 19:24:23 +02:00
Matthias Dieter Wallnöfer
cd711da6ca s4:samr RPC server - samr_password.c - make real user password changes work 
Now it's finally possible that the user can change his password with a DSDB
connection using his credentials.
 2010-08-17 18:45:34 +02:00
Matthias Dieter Wallnöfer
2a423e0547 s4:kdc/rpc server - adapt the "samdb_set_password" calls which perform password sets 2010-08-17 18:45:34 +02:00
Andrew Tridgell
8835a360ca s4-rpcserver: log unknown RPC calls at debug level 3 
This was added as we are occasionally getting an encrypted unknown
netlogon call, and I'm having trouble looking at it in wireshark
 2010-08-17 21:21:51 +10:00
Andrew Tridgell
2688375ffe s4-netlogon: added SEC_CHAN_RODC 
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
 2010-08-17 21:21:51 +10:00
Andrew Tridgell
21729b63f0 s4-drs: allow getncchanges from RODC with WRIT_REP set 
w2k8r2 is setting this bit as a RODC. Instead of refusing the
replication, we now remove the bit from req8, which means other places
in the code that check this bit can stay the same

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-17 21:21:50 +10:00
Andrew Tridgell
45a2b408ba s4-drs: added domain_sid to DRS security checks 
we need the domain_sid to determine if the account is a RODC for our
domain

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-17 21:21:50 +10:00
Andrew Tridgell
6baa834ebe s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messages 
The flags field of message elements is part of a set of flags. We had
LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely
being used (only 1 call used it correctly). This adds
LDB_FLAG_MOD_MASK() to make it more obvious what is going on.

This will allow us to use some of the other flags bits for internal
markers on elements

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-17 21:21:50 +10:00
Andrew Bartlett
272e49e85c s4:auth Move struct auth_usersupplied_info to a common location 
This also changes the calling convention slightly - we should always
allocate this with talloc_zero() to allow some elements to be
optional.  Some elements may only make sense in Samba3, which I hope
will use this common structure.

Andrew Bartlett
 2010-08-14 11:58:13 +10:00
Andrew Tridgell
952ef310b5 s4-build: fixed library name in dcerpc_server.pc.in 
Thanks to Metze for spotting this
 2010-08-14 11:58:13 +10:00
Andreas Schneider
46bcb62780 s4-rpc_server: Fixed the build of the dcerpc_server library. 
Brad please check!
 2010-08-09 15:57:59 +02:00
Andrew Tridgell
56db40d5fd s4-build: use @PACKAGE_VERSION@ in s4 pc.in files 
this gets replaced by vnum from the build rule
 2010-08-09 12:27:23 +10:00
Brad Hards
ebd4ea7338 s4-build: added dcerpc_server library 
OpenChange needs this for dcerpc_register_ep_server()

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-08-09 12:27:23 +10:00
Stefan Metzmacher
6598d6dc41 s4:rpc_server/lsa: better include a .h file don't include a .c file 
This fixes the build with --nonshared-binary=smbtorture,
as use by the source3/ make test.

metze
 2010-08-07 18:16:29 +02:00
Matthias Dieter Wallnöfer
67b1e1b8f3 s3:dcesrv_lsa.c - use the RELAX control in order to create LSA objects 2010-08-07 14:22:42 +02:00
Matthias Dieter Wallnöfer
f5f236a4b9 s4:dcesrv_netr_LogonGetDomainInfo - improve the client OS informations update 
As ekacnet pointed out on the mailing list we don't need to do a delete if we
(re)set the values afterwards - only if we don't set any new ones.
 2010-07-31 20:44:29 +02:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion 
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-16 18:24:27 +10:00
Stefan Metzmacher
02a627e719 s4:drsuapi: don't return all linked attributes at the same time 
Windows gives them in chunks, but I don't know the correct
rule to calculate the chunk size.

For now I'll use 1500 as the max size.

Windows isn't happy when it gets ~ 100000 linked attributes in one
response. It corrupts its directory index and later moves some objects
to the LostAndFound folder.

metze
 2010-07-09 16:43:17 +02:00
Matthias Dieter Wallnöfer
38896f3362 s4:drsuapi RPC server - "result_site_name" - fix variable denomination 2010-07-08 19:28:44 +02:00
Matthias Dieter Wallnöfer
b03040c5a9 s4:SAMR rpc server - "SetUserInfo" - fix the implementation of the expire flag 
It has to consider the "password_expires" flag to known if the "pwdLastSet" has
to be updated or to be resetted.
 2010-07-06 21:54:21 +02:00
Matthias Dieter Wallnöfer
7f15ca4427 s4:SAMR rpc server - "QueryUserInfo" - send back the password expired flag on level 21 
Taken from the s3 server code
 2010-07-06 21:54:21 +02:00
Sumit Bose
4efa1081aa s4:rpc_server/lsa/dcesrv_lsa.c - fix typo 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-06 17:22:42 +02:00
Matthias Dieter Wallnöfer
afcf18f3c9 s4:samr RPC server - "SetUserInfo" - allow some more informations to be set 
Taken from the s3 implementation.
 2010-07-05 15:36:12 +02:00
Matthias Dieter Wallnöfer
95127b3f5f s4:rpc_server/browser.c - remove unused code 
Spotted by the Solaris 10 compiler
 2010-06-29 22:32:05 +02:00
Matthias Dieter Wallnöfer
e5c5d371d1 s4:dcesrv_drsuapi.c - fix a counter variable 2010-06-28 14:51:09 +02:00
Matthias Dieter Wallnöfer
4826fdf95f s4:lsa RPC server - Fix up "dcesrv_lsa_DeleteObject" 
- Return always "NT_STATUS_OK" on success
- Remove "talloc_free"s on handles since the frees are automatically performed by
  the DCE/RPC server code
 2010-06-28 14:51:08 +02:00
Matthias Dieter Wallnöfer
d6098de507 s4:dcesrv_samr_SetUserInfo - implement right "pwdLastSet" behaviour 
Behaviour as the torture SAMR passwords tests show.
 2010-06-28 14:51:05 +02:00
Matthias Dieter Wallnöfer
3c1a9fb87f s4:dcesrv_samr_SetUserInfo - deny operations when "fields_present" is 0 
Taken from s3
 2010-06-28 14:51:05 +02:00
Matthias Dieter Wallnöfer
ea83d21341 s4:dcesrv_samr_SetUserInfo - port the "SAMR_FIELD_LAST_PWD_CHANGE" check from s3 to s4 2010-06-28 14:51:04 +02:00
Matthias Dieter Wallnöfer
4c63bb312f s4:dcesrv_samr_SetUserInfo - implement password set level 21 2010-06-28 14:51:04 +02:00
Matthias Dieter Wallnöfer
b705026771 s4:dcesrv_samr_SetUserInfo - implement case 18 which allows to reset the user password 2010-06-28 14:51:04 +02:00
Matthias Dieter Wallnöfer
8feda76d4f s4:OemChangePasswordUser2 - return "NT_STATUS_WRONG_PASSWORD" when we haven't activated the the lanman auth 
This is what s3 does.
 2010-06-28 14:51:03 +02:00
Matthias Dieter Wallnöfer
8f20a5512a s4:samr_password.c - add a function which sets the password through encrypted password hashes 
Used for password sets on "samr_SetUserInfo" level 18 and 21.
 2010-06-28 14:51:03 +02:00
Matthias Dieter Wallnöfer
6f6365daba s4:rpc_server/srvsvc/dcesrv_srvsvc.c - remove unreachable code 2010-06-26 20:08:47 +02:00
Matthias Dieter Wallnöfer
f12dab8e00 s4:rpc_server/wkssvc/dcesrv_wkssvc.c - remove unreachable code 2010-06-26 20:08:47 +02:00
Matthias Dieter Wallnöfer
3c3ecf40e5 s4:rpc_server/lsa/dcesrv_lsa.c - remove unreachable code 2010-06-26 20:08:46 +02:00
Matthias Dieter Wallnöfer
d85d6054c9 s4:lsa/lsa_lookup.c - use a better type for the "rtype" of the wellknown SIDs 
To suppress warnings on Solaris 10
 2010-06-26 20:08:45 +02:00
Matthias Dieter Wallnöfer
3f2e9ce2b4 s4:rpc_server/drsuapi/drsutil.c - remove unreachable code 2010-06-26 19:46:33 +02:00
Matthias Dieter Wallnöfer
e5e4184e5a s4:rpc_server/dcesrv_auth.c - remove unreachable code 2010-06-26 19:45:45 +02:00
Matthias Dieter Wallnöfer
eff7d2db31 s4:samr RPC server - make use of LDB constants in macros 2010-06-22 22:21:12 +02:00
Matthias Dieter Wallnöfer
2f49c8f58e s4:samr RPC server - fix Solaris build warning 2010-06-20 22:33:01 +02:00
Matthias Dieter Wallnöfer
871cdec414 s4:registry RPC server - quite some build warnings on Solaris 2010-06-20 22:33:01 +02:00
Matthias Dieter Wallnöfer
82fd483758 s4:lsa_lookup.c - fix type argument 2010-06-20 22:33:00 +02:00
Matthias Dieter Wallnöfer
0bf26edf6c s4:rpc_server/service_rpc.c - fix warnings on Solaris 2010-06-20 22:32:59 +02:00
Matthias Dieter Wallnöfer
c972e6ec23 s4:rpc_server/service_rpc.c - deactivate the 0-length struct 
This should fix the build on Solaris
 2010-06-20 22:32:59 +02:00
Matthias Dieter Wallnöfer
56e4822566 s4:dcesrv_netr_DsRAddressToSitenamesExW - fix the detection of the address family in a better way 
Obviously the last attempt wasn't enough. Now we do really only read the first
byte in the address buffer which on little endian transmission does always
contain the address family (MS-NRPC 2.2.1.2.4.1).
This should now be working platform-independently.
 2010-06-18 10:03:08 +02:00
Matthias Dieter Wallnöfer
d9c81e3ea5 s4:dcesrv_netr_DsRAddressToSitenamesExW - fix the read of the IP packet version 
This should make it clearer by the use of the standardised "sa_family_t" type
and hopefully fixes the problems on platforms other than Linux (NetBSD in the
buildfarm for example).
 2010-06-16 21:47:22 +02:00
Matthias Dieter Wallnöfer
1137e8e95e s4:SAMR server - cosmetic fix 2010-06-14 11:41:32 +02:00
Matthias Dieter Wallnöfer
f0ab520f6e s4:SAMR server - on alias search operations do never use the domain DN as base dn 
Aliases (especially in the "builtin" domain) are often domain-independant.
 2010-06-14 11:37:11 +02:00
Matthias Dieter Wallnöfer
731b4469cb s4:dcesrv_samr_GetGroupsForUser - return error code if a SID wasn't found 
This shouldn't happen since SIDs are mandatory for security objects
 2010-06-12 17:50:52 +02:00
Matthias Dieter Wallnöfer
a67fa2db3b s4:dcesrv_samr_QueryGroupMember/GetMembersInAlias - unify the structure 
Mostly cosmetic fixes
 2010-06-12 17:45:14 +02:00
Matthias Dieter Wallnöfer
d2c25e1b11 s4:dcesrv_samr_GetAliasMembership - provide a correct implementation 
We could also have no valid SID specified at all and also then we have to
return an empty array with "NT_STATUS_OK". This shows the torture testsuite.
 2010-06-12 16:45:48 +02:00
Matthias Dieter Wallnöfer
4a8ee9a333 s4:dcesrv_samr_EnumDomainGroups/Aliases - when we don't get a SID then the database is corrupted 
Group/User/Alias entries do always have a SID (it's a mandatory attribute in the
SAM directory)!
 2010-06-12 16:45:48 +02:00
Matthias Dieter Wallnöfer
4659b3c4fd s4:dcesrv_samr_QueryAliasInfo - return "NT_STATUS_NO_SUCH_ALIAS" when it wasn't found 2010-06-12 16:45:48 +02:00
Matthias Dieter Wallnöfer
d2099a1def s4:dcesrv_samr_QueryGroupInfo - make it more like "QueryAliasInfo" 2010-06-12 16:45:48 +02:00
Matthias Dieter Wallnöfer
776eb25ef7 s4:dcesrv_samr_QueryUserInfo - minor fixes 
Return  "NT_STATUS_NO_SUCH_USER" when user account doesn't exist.
 2010-06-12 16:45:47 +02:00
Matthias Dieter Wallnöfer
cdecae6c03 s4:dcesrv_samr_QueryDomainInfo - allocate the "info" structure only when really needed 
That means the allocation should move after the lookup (as it is on
"QueryUserInfo"). Return "NT_STATUS_NO_SUCH_DOMAIN" on an invalid domain.
 2010-06-12 16:45:47 +02:00
Matthias Dieter Wallnöfer
0171f714b4 s4:dcesrv_samr_EnumDomainGroups - mostly small fixes 2010-06-12 16:45:47 +02:00
Matthias Dieter Wallnöfer
f2c3d39e72 s4:dcesrv_samr_EnumDomainAliases - return an empty array also when no entry was returned 2010-06-12 16:45:46 +02:00
Matthias Dieter Wallnöfer
5a1cb7029c s4:dcesrv_samr_EnumDomainAliases - mostly small fixes 
The biggest change consists in the implementation of the Windows Server
return size formula MIN(*r->out.num_entries, 1+(r->in.max_size/SAMR_ENUM_USERS_MULTIPLIER).
 2010-06-12 16:45:46 +02:00
Matthias Dieter Wallnöfer
84bda98066 s4:dcesrv_samr_EnumDomainUsers - make this call look more similar to "EnumDomainGroups" and "EnumDomainAliases" 
That means that the lookup is now also done by "samdb_search_domain" to be more
consistent.
 2010-06-12 16:45:46 +02:00
Matthias Dieter Wallnöfer
9f95298864 s4:dcesrv_samr_Add/DeleteAliasMember - provide better NTSTATUS return codes when something didn't work 2010-06-10 16:22:08 +02:00
Matthias Dieter Wallnöfer
7374cd0358 s4:dcesrv_samr_GetAliasMembership - fix type of counter variables 2010-06-10 16:22:07 +02:00
Matthias Dieter Wallnöfer
34b43a8642 s4:dcesrv_samr_DeleteAliasMember - add more braces to fit better the coding styles 2010-06-10 16:22:07 +02:00
Matthias Dieter Wallnöfer
305f2c7043 s4:dcesrv_samr_AddAliasMembership - Merge the two error blocks into one 2010-06-10 16:22:07 +02:00
Matthias Dieter Wallnöfer
13b1f7a2b3 s4:dcesrv_samr_Add/DelGroupMember - remove the account type check 
MS-SAMR 3.1.5.8 speaks from accounts which are not necessarely only users.
 2010-06-10 16:22:06 +02:00
Matthias Dieter Wallnöfer
f95634dbe0 s4:dcesrv_samr_AddGroupMember - also the error code "LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS" is allowed 
This is returned when the group is the primary group of the specified entry.
 2010-06-10 16:22:06 +02:00
Matthias Dieter Wallnöfer
11e2608ba9 s3/s4:netrEnumerateTrustedDomains - this call returns a "NTSTATUS" result 
See MS-NRPC 3.5.5.6.3.
 2010-05-31 12:08:59 +02:00
Matthias Dieter Wallnöfer
0eec33417e s4:dcesrv_netr_DsrEnumerateDomainTrusts - fix an integer type 2010-05-31 12:08:58 +02:00
Matthias Dieter Wallnöfer
55df7606e3 Revert "s4:rpc_server/dcesrv_auth.c - Fix a RPC issue in conjunction with Windows 2000" 
This reverts commit 1cf5be39e3.

My fix approach isn't such appreciated therefore revert this.
 2010-05-30 14:53:36 +02:00
Matthias Dieter Wallnöfer
1cf5be39e3 s4:rpc_server/dcesrv_auth.c - Fix a RPC issue in conjunction with Windows 2000 
Windows 2000 does strictly request header signing on some requests also if the
server doesn't provide it. But there is a small trick (don't reset the actual
session info) to make these special RPC operations work without a full header
signing implementation.

This fixes for example the list of domain groups in local groups when displayed
sing the local user/group management tool.

And this should finally fix bug #7113.

The patch was inspired by another one by tridge and abartlet: http://gitweb.samba.org/samba.git/?p=tridge/samba.git;a=commitdiff;h=2dc19e2878371264606575d3fc09176776be7729
 2010-05-30 12:39:30 +02:00
Simo Sorce
3c8dc5cd21 s4:smbd: Use tstream_npa_accept_existing to accept named pipe connections 
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
 2010-05-26 09:24:05 +02:00
Matthias Dieter Wallnöfer
189950ce06 s4:dsdb_enum_group_mem - use "unsigned" counters 
"size_t" counters aren't really needed here (we don't check data lengths).
And we save the result in a certain "num_sids" variable which is of type
"unsigned".
 2010-05-24 22:01:36 +02:00
Andrew Bartlett
285647664c s4:idmap Adjust code to new idmap structure names and layout. 
Andrew Bartlett
 2010-05-24 23:08:56 +10:00
Andrew Bartlett
f6aa090202 s4:samr Push most of samr_LookupRids into a helper function 
This is a rewrite of the lookup_rids code, using a query based on the
extended DN for a clearer interface.

By splitting this out, the logic is able to be shared, rather than
copied, into a passdb wrapper.

Andrew Bartlett
 2010-05-24 23:08:56 +10:00
Andrew Bartlett
c6ffd884d9 s4:samr Push most of samr_QueryGroupMember into a helper function 
This is a rewrite of the group membership lookup code, using the
stored extended DNs to avoid doing the lookup into each member to find
the SID

By splitting this out, the logic is able to be shared, rather than
copied, into a passdb wrapper.

Andrew Bartlett
 2010-05-24 23:08:49 +10:00
Andrew Bartlett
20d2847492 s4:samr Move most of samr_CreateDomAlias into a helper function 
This allows this logic to be shared, rather than copied, into a passdb
wrapper.

Andrew Bartlett
 2010-05-24 23:08:11 +10:00
Andrew Bartlett
fc04e565b0 s4:samr Split most of samr_CreateDomainGroup into a helper function 
This allows this logic to be shared, rather than copied, into a passdb
wrapper.

Andrew Bartlett
 2010-05-24 23:08:11 +10:00
Andrew Bartlett
43c931b2d4 s4:samr Split the guts of samr_CreateUser2 into a helper function 
This allows this logic to be shared, rather than copied, into a passdb
wrapper.

Andrew Bartlett
 2010-05-24 23:08:11 +10:00
Matthias Dieter Wallnöfer
8e1e6b0112 s4:LogonGetDomainInfo - allow to set DNS hostname for the first time 
Otherwise it obviously can never be set.
 2010-05-24 14:01:06 +02:00
Jelmer Vernooij
f9ca9e46ad Finish removal of iconv_convenience in public API's. 2010-05-18 11:45:30 +02:00
Matthias Dieter Wallnöfer
6e8098b261 s4:samdb_set_password/samdb_set_password_sid - Rework 
Adapt the two functions for the restructured "password_hash" module. This
means that basically all checks are now performed in the mentioned module.

An exception consists in the SAMR password change calls since they need very
precise NTSTATUS return codes on wrong constraints ("samr_password.c") file
 2010-05-10 19:07:46 +02:00
Matthias Dieter Wallnöfer
a4e35df3f5 s4:LogonGetDomainInfo - fix a potential crash source 2010-05-03 17:25:03 +02:00
Matthias Dieter Wallnöfer
e8a001c516 s4:LogonGetDomainInfo - fix indentation 2010-05-03 17:25:02 +02:00
Matthias Dieter Wallnöfer
8ed5e8ac9d s4:LogonGetDomainInfo - remove singular "dNSHostName" check - this doesn't belong here 
I'm not really sure if this check is really done on Windows Server. And if it
is done, then it's on the LDB level (module).
 2010-05-03 17:25:02 +02:00
Anatoliy Atanasov
dbbbc7d1f8 s4/rodc: RODC FAS initial implementation 2010-04-29 10:18:06 +03:00
Kamen Mazdrashki
bf49ac99c9 s4/dsdb: dsdb_validate_invocation_id() should validate by objectGUID 
This function is used in DRSUpdateRefs() implementation where we
get DSA's objectGUID rather than invocationId
 2010-04-28 12:11:03 +03:00
Stefan Metzmacher
7ca576e5c4 s4:rpc_server: remove unused socket_address based functions 
metze
 2010-04-27 17:05:30 +02:00
Andrew Tridgell
91bb4893c4 s4-netlogon: fixed getDcNameEx2 for blank inputs 
w2k8r2 returns the local DC information on no inputs for
getDcNameEx2. This is needed for starting dsa.msc (ADUC) on
Win7.

CDLAP on the same call returns an error. This uses a parameter
fill_on_blank_request to distinguish the two cases.
 2010-04-28 00:19:30 +10:00
Stefan Metzmacher
7bbaab8dff s4:rpc_server: remove 'socket_address' based functions 
metze
 2010-04-27 13:00:25 +02:00
Stefan Metzmacher
32bcc73cf8 s4:rpc_server/srvsvc: pass tsocket_address to the ntvfs layer 
metze
 2010-04-27 13:00:25 +02:00
Stefan Metzmacher
772cf15eb9 s4:rpc_server/spoolss: use tsocket_address in dcesrv_spoolss_check_server_name() 
metze
 2010-04-27 13:00:25 +02:00
Stefan Metzmacher
606025f11d s4:rpc_server/netlogon: use tsocket_address in dcesrv_netr_DsRGetDCNameEx2() 
metze
 2010-04-27 13:00:25 +02:00
Stefan Metzmacher
c42bb8e49c s4:rpc_server: remember the local and remote address 
metze
 2010-04-27 13:00:25 +02:00
Matthias Dieter Wallnöfer
2654e34cf0 s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the client site information 
This behaviour should be similar to the one of Windows Server (in my case 2008)
 2010-04-27 08:09:12 +02:00
Matthias Dieter Wallnöfer
bb91afe50c Revert "s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the client site information" 
This reverts commit 908d982980.

I need to merge the improved version of this commit.
 2010-04-27 08:08:42 +02:00
Matthias Dieter Wallnöfer
581f86ba73 Revert "s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch" 
This reverts commit e88a54a87e.

This isn't the correct behaviour. See MS-NRPC documentation under the
"GetAnyDCName" section.
 2010-04-27 08:07:19 +02:00
Andrew Tridgell
e88a54a87e s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch 
We should respond when we are the PDC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-27 15:24:43 +10:00
Matthias Dieter Wallnöfer
cfbd5ef8c4 s4:netlogon RPC server - we don't need "are we DC" proofs 
When we aren't a DC we shouldn't have the netlogon pipe available.
[MS-NRPC 1.3] says that we can only have DCs on the server side.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-27 15:24:43 +10:00
Matthias Dieter Wallnöfer
4686305feb s4:dcesrv_netr_DsrGetDcSiteCoverageW - provide a basic implementation 
Does for now only return DC's primary site.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-27 15:24:42 +10:00
Matthias Dieter Wallnöfer
3b4137c7be s4:dcesrv_netr_DsRGetSiteName - provide an implementation according to the MS-NRPC docs 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-27 15:24:41 +10:00
Matthias Dieter Wallnöfer
5fc7118675 s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC documentation 
This implementation checks if the domainname is valid for us or a trusted domain.

Then I've also added the PDC location functionality. That means that we should
return "WERR_NO_SUCH_DOMAIN"  (MS-NRPC 3.5.5.2.5).

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-27 15:24:41 +10:00
Matthias Dieter Wallnöfer
908d982980 s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the client site information 
This behaviour should be similar to the one of Windows Server (in my case 2008)

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-27 15:24:41 +10:00
Andrew Tridgell
c375b90f5d s4-getncchanges: honor DRSUAPI_DRS_REF_GCSPN 
this is an alternative way of establishing repsTo
 2010-04-27 10:38:58 +10:00
Andrew Tridgell
6ee1c503bf s4-drs: don't send uninstantiated objects in getncchanges 
This includes deleted partitions

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-26 19:06:07 +10:00
Andrew Tridgell
e7262b51d1 s4-drs: validate RODC credentials via the user_sid 
This checks whether a replication client is a RODC by inclusion of the
the DOMAIN_RID_ENTERPRISE_READONLY_DCS sid in the users token

Pair-Programmed-With: Rusty Russell <rusty@samba.org>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-22 19:36:16 +10:00
Andrew Tridgell
bb1ba4ff76 s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level 
This is used for allowing operations by RODCs, and denying them
operations that should only be allowed for a full DC

This required a new domain_sid argument to
security_session_user_level()

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Rusty Russell <rusty@samba.org>
 2010-04-22 19:36:16 +10:00
Andrew Tridgell
90230ce27e s4-drs: only allow replication with the right invocationId 
Non-administrator replication checks the invocationId matches
the sid of the user token being used

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-22 19:36:16 +10:00
Fernando J V da Silva
73513fb7e7 s4-drs: Use new samdb_rodc() function in s4 code 
This patch fits the calling to the new samdb_rodc() function and
fix a little bug in this function.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-22 19:36:15 +10:00
Fernando J V da Silva
d940a44496 s4-drs: Do not send RODC filtered attributes to RODCs on GetNCChanges reply 
During building an object to send it on a GetNCChanges reply, it checks
the attributes and if any of them is a RODC filtered and the recipient
is a RODC, then such attribute is not sent.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-22 19:36:15 +10:00
Fernando J V da Silva
57bcdf008f s4-drs: samdb_is_rodc() function and new samdb_rodc() function 
This patch creates the samdb_is_rodc() function, which looks for
the NTDSDSA object for a DC that has a specific invocationId
and if msDS-isRODC is present on such object and it is TRUE, then
consider the DC as a RODC.
The new samdb_rodc() function uses the samdb_is_rodc() function
for the local server.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-22 19:36:15 +10:00
Matthias Dieter Wallnöfer
3a8b67fd36 s4:netlogon RPC server - fix a counter variable type 2010-04-21 18:06:17 +02:00
Stefan Metzmacher
135208d990 s4:rpc_server/netlogon: add no memory checks 
metze
 2010-04-20 16:02:14 +02:00
Andrew Tridgell
b4b43fcb4c s4-netlogon: fixed dc_unc and dc_address_type 
These are needed for dcpromo from w2k8r2
 2010-04-20 23:43:33 +10:00
Matthias Dieter Wallnöfer
41716a8c13 s4:netlogon RPC - "fill_one_domain_info" - use "lp_workgroup" for the DC short domainname discovery 
Here we don't need to use "lp_sam_name" since in this function we are always a
DC.
 2010-04-20 09:33:46 +02:00
Matthias Dieter Wallnöfer
84c901a619 s4:"samdb_server_site_name" uses - proof for out of memory 2010-04-13 15:45:29 +02:00
Matthias Dieter Wallnöfer
aa02f44255 s4:dcesrv_netr_DsRGetDCNameEx2 - provide a much better implementation 
On the base of the "fill_netlogon_samlogon_response" call.

This removes duplicated code.
 2010-04-13 15:26:54 +02:00
Matthias Dieter Wallnöfer
0dffa9caec s4:use "samdb_forest_name" for the forest DNS domainname lookup 2010-04-13 09:32:33 +02:00
Matthias Dieter Wallnöfer
ad9e407357 Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions" 
We should use the "ldb_get_*_basedn" calls since they are available in the LDB
library.
 2010-04-13 08:55:15 +02:00
Matthias Dieter Wallnöfer
1a27343366 s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" attribute 
According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the
forest one.
 2010-04-12 18:49:01 +02:00
Matthias Dieter Wallnöfer
98ce053efd s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions 
Purely cosmetic change.
 2010-04-12 18:49:01 +02:00
Andrew Bartlett
2c193fe91a s4:auth Remove event context from anonymous_session() 
This should always return a simple structure with no need to consult a
DB, so remove the event context, and simplfy to call helper functions
that don't look at privilages.

Andrew Bartlett
 2010-04-11 13:36:04 +10:00
Andrew Bartlett
4b27cc0ea6 s4:rpc_server Fix segfault in modified SamLogon handling 2010-04-10 21:41:00 +10:00
Andrew Bartlett
0340826772 s4:rpc_server Add all SIDs into the netlogon SamLogon reply 
We were missing the SIDs that are not in the domain.
 2010-04-10 21:41:00 +10:00
Günther Deschner
35ef60918b s4-winreg: Fix dcesrv_winreg_CreateKey after rename. 
Guenther
 2010-04-09 13:57:18 +02:00
Günther Deschner
846813797d s4-winreg: add winreg_DeleteKeyEx stub. 
Guenther
 2010-04-09 00:27:58 +02:00
Andrew Tridgell
f9eae32f4b s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them 2010-04-06 20:27:11 +10:00
Andrew Tridgell
aa5e08eb83 s4-waf: install the rest of the headers 2010-04-06 20:27:09 +10:00
Andrew Tridgell
844acb2260 build: waf quicktest nearly works 
Rewrote wafsamba using a new dependency handling system, and started
adding the waf test code
 2010-04-06 20:26:48 +10:00
Andrew Tridgell
845e0cbe6f build: commit all the waf build files in the tree 2010-04-06 20:26:48 +10:00
Simo Sorce
4b249a616b s4:lsa implement lsaRSetForestTrustInformation 2010-03-30 17:46:52 -04:00
Matthias Dieter Wallnöfer
90d2902c73 s4:registry - move the UTF16 length calculation for "reg_key_get_info" into the RPC server code 
It does fit better there.
 2010-03-29 20:36:32 +02:00
Kamen Mazdrashki
00fce797e8 s4/drs: drsuapi_DsAddEntry_ErrData propagate structure def in source code 2010-03-24 17:34:37 +02:00
Simo Sorce
d9e311ddce s4:lsa Functions to set Domain Trust Information 2010-03-22 21:49:40 -04:00
Simo Sorce
668e7db9d6 s4:lsa move code to add trusted domain user into its own function 2010-03-22 21:49:40 -04:00
Simo Sorce
650a62d1cb s4:lsa Abstract crypto (un)wrapping in separate functions 2010-03-22 21:49:39 -04:00
Matthias Dieter Wallnöfer
0c10703c75 s4:WINREG RPC - add also here a "W_ERROR_HAVE_NO_MEMORY" 2010-03-22 22:31:06 +01:00
Matthias Dieter Wallnöfer
43170dafbc s4:registry - adaptions for "add memory contexts for delete value/key functions" 2010-03-22 22:31:00 +01:00
Matthias Dieter Wallnöfer
2bbdb2cd34 s4:WINREG RPC server - don't check for the "name" size in "EnumValue" 
This isn't needed at all since:
1.) a new name object is created and sent back to the client
2.) the "size" seems to be the size of the "name" pointer. On my test with the
    "regedt32" program this has always been "4".
 2010-03-21 15:12:37 +01:00
Matthias Dieter Wallnöfer
811c601ae0 s4:WINREG RPC - we support only non-volatile keys 2010-03-21 14:30:45 +01:00
Matthias Dieter Wallnöfer
1cdeb0c0d2 s4:WINREG RPC - specify the performed create action for "CreateKey" 
To make the WINREG RPC testsuite happy.
 2010-03-21 14:03:58 +01:00
Günther Deschner
a5ad510fc4 s4-lsa: fix dcesrv_lsa_lsaRSetForestTrustInformation server stub. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-16 15:12:19 +01:00
Simo Sorce
8353aa39b6 s4:idl change level to type in lsa_ForestTrustRecord. 2010-03-16 14:48:40 +01:00
Andrew Bartlett
2de07761e0 s4:dsdb Change dsdb_get_schema() callers to use new talloc argument 
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.

Andrew Bartlett
 2010-03-16 19:26:03 +11:00
Stefan Metzmacher
580d491faa s4:rpc_server/spoolss: make use of dcerpc_binding_handle stubs 
metze
 2010-03-12 15:25:50 +01:00
Günther Deschner
9e80fe6675 s4-winreg: continue processing in WERR_MORE_DATA case in dcesrv_winreg_QueryValue(). 
Matthias, please check.

Guenther
 2010-03-11 20:17:48 +01:00
Stefan Metzmacher
b71bbbab8b s4:rpc_server/drsuapi: don't reset [out,ref] pointer to NULL in dcesrv_drsuapi_DsRemoveDSServer() 
metze
 2010-03-11 13:31:39 +01:00
Andrew Bartlett
5ed18fad00 s4/rpc_server Don't segfault over replPropertyMetaData contents 
The replPropertyMetaData may contain attrid values that we don't yet
have in the local schema.  We need to deal with this - it is a serious
error, but we should not segfault.

Andrew Bartlett
 2010-03-11 11:27:47 +11:00
Matthias Dieter Wallnöfer
5d10676b3b s4:winreg RPC - fix up the "QueryValue" call to work against the enhanced torture test 
Found out by gd's updated torture test.
 2010-03-10 19:49:25 +01:00
Stefan Metzmacher
bb1d81bab7 s4:rpc_server/wkssvc: don't reset [out,ref] pointer to 0 
r->out.total_entries = 0; should be *r->out.total_entries = 0;

Otherwise we fail to marshall the reponse or crash if we run with
log level = 10 and trigger the ndr_print functions.

All out elements are already setup and initialized by the pidl generated code.

metze
 2010-03-10 17:12:11 +01:00