IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
decided to clean it up a little.
We now use SPNEGO for authentication if possible, and common routines
shared with the rest of the librpc codebase. Rather than make a
connection to IPC$, then connect the pipes to it, we instead have the
lsa and samr pipes as 'secondary connections'.
Andrew Bartlett
(This used to be commit 86654056b2)
This change in particular catches winbind up with the next
composite_create() function.
We also needed to remove an unused flags field, and fill in the lm
response.
Andrew Bartlett
(This used to be commit bd26e4ffaf)
using the pattern in the clilsa code, it didn't fill in the p->binding
structure. This affects nearly all users of dcerpc_pipe_open_smb(), so
the simplest fix is to ensure that dcerpc_pipe_open_smb() initialises
the binding if its not already there.
- re-enable the RAW-ACLS test
(This used to be commit d8875c286d)
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous. This should better
function with servers that set restrict anonymous.
There are too many parts of Samba that get, parse and modify the
binding parameters. Avoid the extra work, and add a binding element
to the struct dcerpc_pipe
The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern. Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.
To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.
Andrew Bartlett
(This used to be commit d65b354959)
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.
This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).
This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.
I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e)
This also removes dcerpc_bind_auth_password, the only user of
dcerpc_bind_auth. And this was not only passwords anyway.
Andrew Bartlett, as usual: Please take a close look.
Thanks,
Volker
(This used to be commit 2ff2dae3d0)
--user-sids required the extension to trusted domains.
Implement "winbind sealed pipes" parameter for debugging purposes.
Volker
(This used to be commit 3821a17bdb)
first. And if a request is being processed, queue it. This correctly survived
3 endless loops with wbinfo's doing different things while starting up smbd.
The number of indirections starts to become a bit scary, but what can you do
without a decent programming language that provides closures :-)
One thing that we might consider is to auto-generate async rpc requests that
return composite_context structs instead of rpc_requests. Otherwise I'd have
to write a lot of wrappers like composite_netr_LogonSamLogon_send.
The alternative would be to write two versions of wb_queue_domain_send which I
would like to avoid. This is cluttered enough already.
Volker
(This used to be commit 66c1b674f9)
* rename the composite helper functions from comp_* to composite_*
* Move the lsa initialization to wb_connect_lsa.c
* Equip smb_composite_connect with a fallback_to_anonymous
The latter two simplify wb_init_domain.c quite a bit.
Volker
(This used to be commit deb127e04e)
