sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-07 17:18:11 +03:00
Code
139,126 Commits 60 Branches 1,144 Tags 452 MiB
910a331f3e
Commit Graph

696 Commits

Author SHA1 Message Date
Stefan Metzmacher
8a302fc353 s3:rpc_client: use the correct context for netlogon_creds_copy() in rpccli_schannel_bind_data() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Stefan Metzmacher
6ce645e03c s3:rpc_client: make rpccli_schannel_bind_data() static 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Günther Deschner
c41b6e5c5e s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
7bdcfcb37c s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
0ff8c2d508 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
5c5cff0a72 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
8cd3a06051 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
34cc4b4095 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9aa99c3cfb s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9813fe2b04 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
3dc3a6c848 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9b4fb5b074 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:29:59 +02:00
Volker Lendecke
e322420dc7 rpc_cli: Remove some unnecessary initializations 
tevent_req_create already initializes "state" to 0

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul  8 17:04:20 CEST 2013 on sn-devel-104
 2013-07-08 17:04:19 +02:00
Christian Ambach
3d29bb2d37 s3:rpc_client fix a crash 
state->cli->dc does not have to be set (e.g. when running
net rpc join against an older Samba PDC), so check it before dereferencing it

This fixes Bug 9669 - net rpc join crashes against a Samba 3.0.33 PDC

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9669

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Feb 20 19:00:52 CET 2013 on sn-devel-104
 2013-02-20 19:00:52 +01:00
Stefan Metzmacher
f9d0473d02 s3:rpc_client: s/struct event_context/struct tevent_context 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2013-02-19 23:47:52 +01:00
Stefan Metzmacher
b538c31889 s3:rpc_client: make use of samba_tevent_context_init() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2013-02-19 23:47:49 +01:00
Günther Deschner
b11ba24883 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104
 2012-11-26 17:36:19 +01:00
Günther Deschner
2032f2746d s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426) 
The server name type (0x20) is much more likely to be available in the name cache, as
this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp
code currently.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104
 2012-11-23 16:30:56 +01:00
Stefan Metzmacher
8e1c6d4232 s3:rpc_client: rename pipe_auth_data->user_session_key to transport_session_key 
metze
 2012-08-01 14:17:15 +02:00
Stefan Metzmacher
8b42f526f4 s3:rpc_client: make use of smbXcli_session_application_key() 
metze
 2012-08-01 14:17:14 +02:00
Andreas Schneider
33206b1e24 s3-rpc_client: Fix updating netlogon credentials. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2012-07-17 13:53:37 +02:00
Andreas Schneider
572b549063 s3-rpc_client: Add capabilities check for AES encrypted connections. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2012-07-17 13:53:37 +02:00
Luk Claes
4f6f4ea93c s3:libsmb: get rid of cli_state_remote_name 
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-05-28 14:49:45 +02:00
Jelmer Vernooij
2c9444685d cli_pipe: Avoid sys_connect. 2012-03-24 14:57:47 +01:00
Jelmer Vernooij
95ca5fbadd libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix. 
This makes the NDR namespace a bit clearer, in preparation of ABI checking.
 2012-03-20 13:54:07 +01:00
Stefan Metzmacher
083d80c502 s3:rpc_client: initialize struct schannel_state to zero 
metze
 2012-03-02 07:07:10 +01:00
Andrew Bartlett
2b511f0e92 s3-librpc: Use gensec_spnego for DCE/RPC authentication 
This ensures that we use the same SPNEGO code on session setup and on
DCE/RPC binds, and simplfies the calling code as spnego is no longer
a special case in cli_pipe.c

A special case wrapper function remains to avoid changing the
application layer callers in this patch.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-02-16 15:18:42 +01:00
Stefan Metzmacher
0c5cbb557b s3:rpc_client: fix comment 
metze
 2012-02-16 15:18:41 +01:00
Andrew Bartlett
bd2a7aac2c s3-librpc: make gensec result handling more generic 
This prepares us for handling SPNEGO via gensec

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-02-16 15:18:41 +01:00
Andrew Bartlett
40715e1251 s3-librpc: pass struct ndr_interface_table down to cli_pipe_open_generic/spnego() 
This allows the target service (as determined from the IDL) to be
passed to GSSAPI (rather than the current, incorrect, "cifs").

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:24 +01:00
Andrew Bartlett
c62af4f652 s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() generic 
This also avoids passing NULL as the server to
gensec_set_target_hostname() in spnego_generic_init_client().

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:23 +01:00
Andrew Bartlett
f2efb0f6a3 s3-librpc Remove special case for spnego session key 
SPNEGO is implemented only in terms of gensec mechanisms now.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:23 +01:00
Andrew Bartlett
0c1b4c2321 s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec 
This simplifies a lot of code, as we know we are always dealing
with a struct gensec_security, and allows the gensec module being
used to implement GSSAPI to be swapped for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:22 +01:00
Andrew Bartlett
e012ad9d8b s3-librpc Call GSSAPI via the auth_generic layer and gensec 
This simplifies a lot of code, as we know we are always dealing with a
struct gensec_security, and allows the gensec module being used to
implement GSSAPI to be swapped when required for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:22 +01:00
Andrew Bartlett
49bafcfa48 s3-librpc Supply target service and server to spnego_generic_init_client() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-11 09:09:43 +01:00
Andrew Bartlett
50a939ad85 s3-librpc: Rename spnego_ntlmssp_init_client and make generic 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-11 09:05:01 +01:00
Andrew Bartlett
e574489be4 s3-librpc Set target service and server into gensec 
This will allow cli_rpc_pipe_open_generic_auth() to handle kerberos mechanisms.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-11 09:04:48 +01:00
Andrew Bartlett
b89a0439b3 s3-librpc Rename and rework cli_rpc_pipe_open_ntlmssp() to be generic 
This also includes renaming the helper function
rpccli_ntlmssp_bind_data, and allows this function to operate on any
gensec-supplied auth type.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-11 09:04:41 +01:00
Andrew Bartlett
1e5e219a4b s3-librpc Rename create_ntlmssp_auth_rpc_bind_req() to be more generic 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-11 09:04:24 +01:00
Andrew Bartlett
a00032a92d s3-libsmb Make auth_ntlmssp client more generic 
As well as renaming, this allows us to start the mech by DCE/RPC auth
type or OID.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-06 08:12:49 +01:00
Andrew Bartlett
6391fff9da s3-auth rename auth_ntlmssp_state -> auth_generic_state 
This structure handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-12-22 19:25:10 +01:00
Stefan Metzmacher
790c6b4027 s3:rpc_client: remove references to auth_ntlmssp_state 
metze

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Oct 27 16:40:15 CEST 2011 on sn-devel-104
 2011-10-27 16:40:15 +02:00
Andrew Bartlett
0a0839821a s3-ntlmssp Remove auth_ntlmssp_session_key() 
We now just call the gensec_session_key() directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:43:38 +02:00
Andrew Bartlett
3f079885b2 s3-ntlmssp Remove auth_ntlmssp_want_feature() 
We now just call the gensec_want_feature() directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:43:33 +02:00
Andrew Bartlett
083025ccd5 s3-ntlmssp Remove auth_ntlmssp_update wrapper 
We now just call gensec_update directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:43:10 +02:00
Andrew Bartlett
f9b042641f s3-ntlmssp split auth_ntlmssp_client_start() into two parts 
This will allow it to be a wrapper around a gensec module, which
requires that they options be set on a context, but before the
mechanism is started.

This also simplfies the callers, by moving the lp_*() calls
into one place.

Andrew Bartlett
 2011-10-18 12:25:30 +02:00
Andrew Bartlett
f3333bdade s3-rpc_client remove cli_auth_ntlmssp_data_destructor 
This can be an ordinary talloc child without causing any problem.

This seems to have been inherited from a time when ntlmssp_client_start()
returned malloc() based memory.

Andrew Bartlett
 2011-10-18 12:25:30 +02:00
Andrew Bartlett
0c6e4adcb2 ntlmssp: Move ntlmssp code to auth/ntlmssp 
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-18 13:13:31 +11:00
Gregor Beck
85b145d745 s3:utils change data_blob_dup_talloc() to take a DATA_BLOB by value 
Signed-off-by: Michael Adam <obnox@samba.org>
 2011-10-12 22:45:53 +02:00
Stefan Metzmacher
cc5f973884 s3:rpc_client: return NT_STATUS_CONNECTION_DISCONNECTED 
We should return the same in all places
and don't mix NT_STATUS_INVALID_CONNECTION and NT_STATUS_CONNECTION_INVALID.

metze
 2011-09-14 18:03:17 +02:00
Andrew Bartlett
1231b784a1 s3-ntlmssp Remove auth_ntlmssp_and_flags() 
There is no need to mask out these flags as they simply are not set
yet.

The correct abstraction is to ask for NTLMSSP features.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-08-03 18:48:03 +10:00
Andrew Bartlett
da4345a8d1 s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hash 
The session key we want here (the only one that is availble to the
encryption layer) is the one obtained by cli_get_session_key(), as
NTLMSSP creates a per-session session key via key exchange and NTLMv2
negotiation.

The key was never directly the NT hash anyway (this is simply a
mistake, the extra MD4() was lost during my previous cleanup
f28f113d8e in 2008), but was MD4(NT
hash) in early implementations of NTLMSSP.

However, regardless this call is not available on domain trusts
between AD domains and Windows 2003 R2, making this less useful.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-08-03 18:48:03 +10:00
Andrew Bartlett
bba5f0a641 s3-ntlmssp Remove auth_ntlmssp_or_flags 
We now just use auth_ntlmssp_want_feature to get extra flags
on the NTLMSSP context

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-08-03 18:48:03 +10:00
Andrew Bartlett
6d7ac4f1ad s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_update 
This clarifies the lifetime of the returned token.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-08-03 18:48:03 +10:00
Andrew Bartlett
dee845eb70 s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key() 2011-08-03 18:48:02 +10:00
Stefan Metzmacher
efc2c3159e s3:cli_pipe: make use of cli_state_remote_name() 
metze
 2011-07-22 17:06:09 +02:00
Stefan Metzmacher
ef23fb3412 s3:cli_pipe: use result->desthost instead of cli->desthost 
metze
 2011-07-22 17:06:09 +02:00
Andrew Bartlett
74eed8f3ed s3-param Remove special case for global_myname(), rename to lp_netbios_name() 
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.

Andrew Bartlett
 2011-06-09 12:40:09 +02:00
Andrew Bartlett
ad0a07c531 s3-talloc Change TALLOC_ZERO_P() to talloc_zero() 
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
 2011-06-09 12:40:08 +02:00
Andrew Bartlett
3d15137653 s3-talloc Change TALLOC_ARRAY() to talloc_array() 
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
 2011-06-09 12:40:08 +02:00
Günther Deschner
675573d54b s3-includes: finally only include client.h when libsmb is used. 
Guenther
 2011-05-06 16:37:22 +02:00
Jeremy Allison
4f41be356a Fix many const compiler warnings. 2011-05-05 10:41:59 -07:00
Günther Deschner
bd92826aa8 s3-rpc_client: run minimal_includes.pl. 
Guenther
 2011-05-05 02:05:27 +02:00
Günther Deschner
0bb4701a74 s3: remove various references to server side dcerpc structs (which are not needed). 
Guenther
 2011-05-02 15:03:44 +02:00
Günther Deschner
50883cfeb4 s3-tevent: only include ../lib/util/tevent wrappers where needed. 
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Apr 29 14:00:30 CEST 2011 on sn-devel-104
 2011-04-29 14:00:30 +02:00
Stefan Metzmacher
f7bc84409a s3:rpc_client: map fault codes to NTSTATUS with dcerpc_fault_to_nt_status() 
Most fault codes have a NTSTATUS representation, so use that.

This brings the fault handling in common with the source4/librpc/rpc code,
which make it possible to share more highlevel code, between source3 and
source4 as the error checking can be the same now.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Apr 24 10:44:53 CEST 2011 on sn-devel-104
 2011-04-24 10:44:53 +02:00
Volker Lendecke
9a0676d5c9 s3: Fix Coverity ID 986, BUFFER_SIZE_WARNING 
strncpy can leave the destination unterminated
 2011-04-22 10:06:34 +02:00
Günther Deschner
4b3fe5247a s3-cli_pipe: fix timeout in rpc_pipe_open_tcp_port(). 
Make sure we use a timeout of 60 seconds, not 60 milliseconds...

This prevented us from successfully using the ncacn_ip_tcp client in a lot of
places, I guess.

Guenther

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Apr 13 18:59:19 CEST 2011 on sn-devel-104
 2011-04-13 18:59:19 +02:00
Günther Deschner
6e3f0d28a4 s3-includes: only include ntdomain.h where needed. 
Guenther
 2011-03-30 01:13:09 +02:00
Andreas Schneider
da718a5961 s3-epmapper: Use DCERPC_AUTH_LEVEL_CONNECT for ep ncalrpc. 2011-03-23 17:19:22 +01:00
Volker Lendecke
889e03617d s3: Fix Coverity ID 2232, REVERSE_INULL 
No point checking for !cli after dereferencing it
 2011-03-16 22:07:24 +01:00
Andreas Schneider
038042363a s3-rpc_client: Don't ask endpoint mapper for its own port. 2011-03-09 09:28:42 +01:00
Andreas Schneider
d343409d6b s3-rpc_client: Added DCERPC_AUTH_TYPE_NCALRPC bind. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2011-03-08 11:41:29 +01:00
Andreas Schneider
bf18403c81 s3-rpc_client: Move client pipe functions to own header. 2011-02-28 18:15:04 +01:00
Stefan Metzmacher
f915dd5dd4 s3:rpc_client: make rpccli_bh_create() non-static for now 
metze
 2011-02-09 11:46:20 +01:00
Günther Deschner
1232fb5a1e s3-rpc_client: remove some more obsolete cli_X.h header files. 
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Jan 28 11:18:44 CET 2011 on sn-devel-104
 2011-01-28 11:18:44 +01:00
Günther Deschner
1f26b101ed s3-rpc_client: fix uninitialized variable found by -O3. 
Guenther
 2011-01-21 16:10:15 +01:00
Stefan Metzmacher
fba2fdf265 s3:rpc_client: use dcerpc_epm_Map() and don't ignore 'result' anymore. 
metze
 2011-01-04 21:28:49 +01:00
Simo Sorce
3453bc7b11 s3-dcerpc: make auth context opaque 
This way we always double check in advance that the context
is of the right type with talloc_get_type_abort instead of
potentially accessing random memory by addressing the wrong
structure in the union.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:24 -07:00
Simo Sorce
d10e192b83 s3-dcerpc: finally remove the legaqcy spnego_type variable from pipe_auth_data 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:23 -07:00
Simo Sorce
2c9f420d75 s3-dcerpc: move client spnego stuff in /librpc/crypto 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:22 -07:00
Simo Sorce
59722ef2fb spnego: avoid explicit dependency on dcerpc specific structures 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:22 -07:00
Simo Sorce
412ebad02b gssapi: avoid explicit dependency on dcerpc specific structures 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:36:54 -07:00
Simo Sorce
0e5eb82a6f s3-dcerpc: move crypto stuff in /librpc/crypto 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:36:54 -07:00
Stefan Metzmacher
78b6265ac2 s3:rpc_client: remove unused rpc_pipe_set_hnd_state() 
metze
 2010-09-17 15:42:36 +02:00
Stefan Metzmacher
fde3412ccb s3:rpc_client: use rpc_api_pipe_send() for auth3 
metze
 2010-09-17 15:42:35 +02:00
Stefan Metzmacher
6ecf8d16bc s3:rpc_client: rpc_pipe_bind_step_one_done() doesn't need reply_pdu 
metze
 2010-09-17 15:42:35 +02:00
Stefan Metzmacher
de6254d3d6 s3:rpc_client: allow DCERPC_PKT_AUTH3 via rpc_api_pipe_send/recv 
metze
 2010-09-17 15:42:34 +02:00
Stefan Metzmacher
a510b9de39 s3:rpc_client: implement rpccli_bh_set_timeout() 
metze
 2010-09-04 09:01:15 +02:00
Günther Deschner
7b6fc9f414 s3-dcerpc: only include rpc_dce.h where needed. 
Guenther
 2010-08-26 00:20:29 +02:00
Günther Deschner
0ed16e94c3 s3: separate out cli schannel functions that depend on cli_netlogon. 
Guenther
 2010-08-26 00:16:57 +02:00
Günther Deschner
898c612335 s3-dcerpc: avoid talloc_move on schannel creds in cli_rpc_pipe_open_schannel_with_key(). 
Initially, the schannel creds were talloc memduped, then, during the netlogon
creds client merge (baf7274fed) they were first
talloc_referenced and then later (53765c81f7)
talloc_moved.

The issue with using talloc_move here is that users of that function in winbind
will only be able to have two schanneled connections, as the cached schannel
credentials pointer from the netlogon pipe will be set to NULL. Do a deep copy
of the struct instead.

Guenther
 2010-08-24 02:04:27 +02:00
Simo Sorce
a782a80d2f s3-dcerpc: Allocate structure members on the right context 2010-08-23 17:11:32 -04:00
Günther Deschner
35052d71d3 s3-dcerpc: fix uninitialized variable in cli_get_session_key(). 
Simo, please check.

Guenther
 2010-08-17 13:06:13 +02:00
Simo Sorce
f40ef7e24c s3-dcerpc: Use common send functions for ntlmssp too 
Remove unused function.
 2010-08-17 06:33:14 -04:00
Simo Sorce
86914b8fab s3-dcerpc: properly implement gse/spnego_get_session_key 2010-08-17 06:33:13 -04:00
Simo Sorce
26a3ba60e6 s3-dcerpc: Check data and return appropriate error 2010-08-17 06:33:13 -04:00
Simo Sorce
9a9a38c666 Change debug statements to use __location__ 2010-08-17 06:33:13 -04:00
Simo Sorce
72a0098415 s3-dcerpc: Pull packet in the caller, before validation 2010-08-17 06:33:13 -04:00
Simo Sorce
558320cf58 Add my (c) 2010-08-17 06:33:13 -04:00
Stefan Metzmacher
745f63fd1e s3:rpc_client: remove unused cli_do_rpc_ndr* functions 
metze
 2010-08-16 14:30:18 +02:00
Stefan Metzmacher
dd16d3b2d6 s3:rpc_client: remove unused rpc_pipe_open_local() 
metze
 2010-08-16 14:30:17 +02:00
Stefan Metzmacher
2c0e296dd7 s3:rpc_client: add dcerpc_binding_handle backend 
metze
 2010-08-12 14:31:21 +02:00
Günther Deschner
64b26affe0 s3-dcerpc: fix some uninitialized variables build warnings. 
Guenther
 2010-08-03 15:57:56 +02:00
Simo Sorce
4c64e4d4af s3-dceprc: Improve dcerpc_guess_sizes() interface 
Make it possible to pass in the NDR padding size so that theoretically
client and server code can decide to use a different alignment.

Pass in the header length as a parameter so that this function can be used for
different type of packets.

Make sure padding size will not make the fragment exceed the maximum length.

Calculate padding taking in account the header length.
 2010-07-30 14:55:28 -04:00
Simo Sorce
a9d3a596a7 s3-dcerpc: Make function to guess pdu sizes common. 2010-07-30 14:55:27 -04:00
Simo Sorce
9329a9fe84 s3-dceprc: consolidate use of dcerpc_push_dcerpc_auth() 2010-07-30 14:55:27 -04:00
Simo Sorce
da6c246aac s3-dcerpc: Remove unused functions 2010-07-30 14:55:27 -04:00
Simo Sorce
186f93633b s3-dcerpc: use common spengo wrapper code for client SPNEGO/NTLMSSP 2010-07-30 14:55:27 -04:00
Simo Sorce
984438ca15 s3-dcerpc: add sign/seal support when using SPNEGO/KRB5 2010-07-30 14:55:27 -04:00
Simo Sorce
0b24e8e869 s3-dcerpc: Add SPNEGO incapsulation for KRB5 auth 2010-07-30 14:55:27 -04:00
Simo Sorce
7c9c075987 Do not refernece pipe_auth_data directly in dcerpc_gssapi.c 2010-07-28 15:53:56 -04:00
Simo Sorce
d17abc69f6 s3-dcerpc: Avoid ifdef, it is handled within dcerpc_gssapi.c already 2010-07-28 15:35:59 -04:00
Simo Sorce
7eaa15af2c s3-dcerpc: Add sign/seal with gssapi 2010-07-28 12:42:15 -04:00
Simo Sorce
1abcbd70ae s3-dcerpc: Add next authentication step with gssapi 2010-07-28 12:24:44 -04:00
Simo Sorce
135a82e78f s3-decrpc: Introduce gssapi support for dcerpc krb5 auth 2010-07-28 12:24:44 -04:00
Simo Sorce
183e0a0d9f s3-dcerpc: Refactor calculate_data_len_tosend() 2010-07-28 12:23:22 -04:00
Simo Sorce
c08d684f4e s3-dcerpc: Add auth trailer only when appropriate. 2010-07-28 12:23:00 -04:00
Simo Sorce
866f85e319 s3-dcerpc: consolidate unmarshalling of dcerpc_auth 2010-07-28 12:22:31 -04:00
Simo Sorce
146af48d48 s3-dcerpc: revive cli_rpc_pipe_open_krb5() 2010-07-28 12:21:29 -04:00
Simo Sorce
2463a87177 s3-dcerpc: Use dcerpc_AuthType in pipe_auth_data 2010-07-28 12:19:32 -04:00
Simo Sorce
1e915d231d s3-dcerpc: Cleanup and refactor create_rpc_bind_req() 2010-07-28 12:18:45 -04:00
Simo Sorce
7407c979a1 s3-dcerpc: Use dcerpc_check_auth in client code too 2010-07-28 12:17:56 -04:00
Simo Sorce
3139333419 s3-dcerpc: Move dcerpc_add_auth_footer() to the common helpers file 2010-07-28 12:15:13 -04:00
Simo Sorce
6f5cdf9ae9 s3-dcerpc: Introduce generic helper function to add auth trailer 2010-07-28 12:14:59 -04:00
Simo Sorce
1b572493e2 s3-dcerpc: Pass explicit arguments so that this is not client specific 2010-07-28 12:14:36 -04:00
Simo Sorce
e2b0e43da9 s3-dcerpc: Move marshalling of dcerpc_auth_header in the callers 2010-07-28 12:14:19 -04:00
Simo Sorce
636de433ac cleaup: Reformat cli_get_session_key() 
merge cli_get_session_key
 2010-07-21 19:14:23 -04:00
Simo Sorce
26f1218a36 s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys 2010-07-20 20:02:09 -04:00
Jeremy Allison
5002b3a90d Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL contexts. 
Jeremy.
 2010-07-20 16:17:58 -07:00
Jeremy Allison
cce19c5162 Fix one more data_blob -> data_blob_talloc. Move away from implicit NULL context tallocs. 
Jeremy.
 2010-07-20 14:59:31 -07:00
Simo Sorce
4581902553 s3-dcerpc: Unifiy cli_pipe_auth_data and pipe_auth_data 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-20 15:52:37 +10:00
Jeremy Allison
0bb8d133c9 Remove gen_negTokenInit() - change all callers to spnego_gen_negTokenInit(). 
We now have one function to do this in all calling code. More rationalization
to follow.

Jeremy.
 2010-07-19 17:14:26 -07:00
Simo Sorce
cdcdaaa6dd s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it. 
All the members are children of ntlmssp_state anyway.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-19 14:19:47 +10:00
Simo Sorce
628b57ca37 s3-dcerpc: Move common cli/srv functions into a common file 2010-07-17 15:01:11 -04:00
Volker Lendecke
3925411de4 s3: Really fix the 64-bit warnings 
Hmm. Forgot to git commit this piece, sorry :-(
 2010-07-17 20:21:19 +02:00
Volker Lendecke
32fd6e3c25 s3: Fix some 64-bit warnings 2010-07-17 19:58:21 +02:00
Günther Deschner
c5e85a4987 s3-dcerpc: rename SCHANNEL_SIG_SIZE to NL_AUTH_SIGNATURE_SIZE and move to IDL. 
Guenther
 2010-07-16 23:09:54 +02:00
Simo Sorce
65116adceb s3-dcerpc: Fix ability to receive Big Endian PDUs 2010-07-16 16:02:39 -04:00
Günther Deschner
7cf4797dd3 s3-dcerpc: fix c++ warning. 
Guenther
 2010-07-16 01:51:18 +02:00
Simo Sorce
8f2bfa88b5 s3-dcerpc: Use DATA_BLOB instead of prs_struct for req_data 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:18 +02:00
Simo Sorce
8e9cd4144e s3-dcerpc: Use DATA_BLOB instead of prs_struct for rpc_out 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:18 +02:00
Simo Sorce
3b83211cd8 s3-dcerpc: Avoid unnecessary memory allocation for dcerpc_ctx_list 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:18 +02:00
Simo Sorce
ff121c89d3 s3-dcerpc: Use DATA_BLOB instead of prs_struct for reply_pdu 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
b44a91b220 s3-dcerpc: Use DATA_BLOB instead of prs_struct for incoming fragments 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
cc15396c8a s3-dcerpc: Read a pdu in 2 steps, header first the payload 
We can't really cope with receiving more data than expected anyway
as there is code that checks if the size of the buffer is consistent with
pkt->frag_length and throws an error if not.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
79c207ed62 s3-dceprc: Use IDL defined constants for length calculations 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
84c50a248e Reformat and cleanup 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
bd19c964d5 s3-dcerpc: Move common helpers into a common file 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
cb3725a931 dcerpc: remove ncacn_packet_header and related functions 
ncacn_packet_header was an artifact and it is not necessary anymore

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
f9a15d1d94 s3-dcerpc: Refactor code and stop using ncacn_packet_header 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
2452a7a4c1 s3-dcerpc: consolidate respones packet creation code 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
f0626d14f0 s3-dcerpc: Stop using hand marshalling in rpc_finish_auth3_bind_send() 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
7d9c62c646 s3-dcerpc: Do not parse the packet twice. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
282db1f5d2 s3-dcerpc: Remove unused function 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
137743fac2 s3-dcerpc: Do not reparse the header 
Instead pass back and use the packet we have already parsed.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:15 +02:00
Simo Sorce
459c8e32fd s3-dcerpc: Pull the whole packet at once instead of fetching just the header 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:15 +02:00
Simo Sorce
602e10f3fd s3-dcerpc: Delay parsing rpc header in client code 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:15 +02:00
Simo Sorce
87605e2030 s3-dcerpc: fix dcerpc_push_ncacn_packet, pass arg by address 
There is no need to copy the whole structure twice by passing it in by value.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 14:44:11 +02:00
Simo Sorce
77699c777e sr-dcerpc: add dcerpc_push_ncacn_packet_header() 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 14:44:10 +02:00
Simo Sorce
cf664b73a4 s3-dcerpc: Use dcerpc_set_frag_length() 
Automatically calculate the fragment length where possible.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 14:44:09 +02:00
Simo Sorce
25d487bebf s3-dcerpc: Fix ntlmssp sign/seal. 
Header calculation was misplaced.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 01:35:16 +02:00
Simo Sorce
6555307aa1 s3-dceprc: Fix auth_length in auth3 response 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 01:35:05 +02:00
Simo Sorce
1b51ddd370 s3-dcerpc: Fix miscalculation of buffer start address 
This was breaking schannel
 2010-07-12 15:10:45 -04:00
Simo Sorce
1796767a36 s3-dcerpc: make dcerpc_pull_dcerpc_auth() public 2010-07-08 18:38:56 -04:00
Simo Sorce
a054832f4f s3-dcerpc: make dceprc_push_dcerpc_auth public 2010-07-08 18:38:56 -04:00
Simo Sorce
aca60c29e7 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in rpc_finish_spnego_ntlmssp_bind_send() 2010-07-08 18:38:55 -04:00
Simo Sorce
5591135964 s3-dcerpc: use dcerpc_push_dcerpc_auth in add_schannel_auth_footer() 2010-07-08 18:38:55 -04:00
Simo Sorce
1febe9de6b s3-dcerpc: use dcerpc_push_dcerpc_auth() in add_ntlmssp_auth_footer() 2010-07-08 18:38:55 -04:00
Simo Sorce
c609e84170 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_schannel() 2010-07-08 18:38:55 -04:00
Simo Sorce
91cb2aed54 s3-dcerpc: use dcerpc_push_ncacn_packet() in create_rpc_bind_auth3() 2010-07-08 18:38:55 -04:00
Jeremy Allison
7e134f179f Change one more use of "struct rpc_hdr_info" -> "struct ncacn_packet_header" 
Jeremy
 2010-07-08 15:18:30 -07:00
Günther Deschner
d57ecf920c s3-dcerpc: use dcerpc_pull_ncacn_packet() for rpc_pipe_bind_step_one_done(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:56:16 -04:00
Günther Deschner
5351a8919d s3-dcerpc: use dcerpc_push_ncacn_packet() in push_next_frag(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:53:10 -04:00
Günther Deschner
e8e2fa586b s3-dcerpc: use dcerpc_pull_ncacn_packet() in cli_pipe_validate_current_pdu(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:53:01 -04:00
Günther Deschner
dbeaa5efc7 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_ntlmssp(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:52:38 -04:00
Günther Deschner
49c5293492 s3-dcerpc: add dcerpc_pull_dcerpc_auth(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:52:34 -04:00
Günther Deschner
fe9ce4b60c s3-dcerpc: use struct ncacn_packet_header instead of struct rpc_hdr_info. 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:47:53 -04:00
Günther Deschner
77e3fffd09 s3-dcerpc: add dcerpc_pull_ncacn_packet_header(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:29:33 -04:00
Günther Deschner
eeb034e72a s3-dcerpc: use dcerpc_push_dcerpc_auth() for all authenticated binds. 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
4b56e6e95b s3-dcerpc: add dcerpc_push_schannel_bind(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
0f02dda915 s3-dcerpc: add dcerpc_push_dcerpc_auth(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
5aabd9af8e s3-dcerpc: use dcerpc_push_ncacn_packet() for create_bind_or_alt_ctx_internal(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
d6de820480 s3-dcerpc: use dcerpc_pull_ncacn_packet() for pulling a RPC fault pdu. 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:50 -04:00
Günther Deschner
cb9eddb312 s3-dcerpc: add dcerpc_pull_ncacn_packet(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:50 -04:00
Günther Deschner
3d9a12dca7 s3-dcerpc: add dcerpc_push_ncacn_packet(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:50 -04:00
Volker Lendecke
dee72d807f s3: Remove an unreachable line of code 2010-06-21 15:03:59 +02:00
Jeremy Allison
2e8c563961 Second part of fix converting prs_XX struct and functions to talloc. Remove unneeded prs_mem_free calls. 
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-06-18 07:42:05 -04:00
Jeremy Allison
f4e7d9d38e Convert the prs_XXX struct and functions to use talloc instead of malloc. Passes valgrind and make tests for client and server. Second version of this patch after splitting up at Simo's request. Patch to follow will delete extraneous prs_mem_free() calls. 
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-06-18 07:41:47 -04:00
Andrew Bartlett
d6fa371b92 s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet() 
This ensures the results can't be easily left to leak.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:11:27 +02:00
Andrew Bartlett
ebae21f023 ntlmssp: Make the ntlmssp.h from source3/ a common header 
The code is not yet in common, but I hope to fix that soon.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:10:56 +02:00
Günther Deschner
5ed3654112 s3-rpc_client: move protos to cli_netlogon.h 
Guenther
 2010-05-18 21:42:37 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Günther Deschner
c6ebab846d s3: only include gen_ndr headers where needed. 
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:

ccache build w/o patch
real    4m21.529s
ccache build with patch
real    3m6.402s

pch build w/o patch
real    4m26.318s
pch build with patch
real    3m6.932s

Guenther
 2010-05-06 00:22:59 +02:00
Stefan Metzmacher
3e70da3f47 s3:rpc_client: return at least 10 sec as old timeout in rpccli_set_timeout() instead of 0 
metze
 2010-03-29 18:11:17 +02:00
Stefan Metzmacher
99664ad154 s3:rpc_client: add set_timeout hook to rpc_cli_transport 
metze
 2010-03-29 18:11:17 +02:00
Stefan Metzmacher
4f41b53487 s3:rpc_client: add rpccli_is_connected() 
metze
 2010-03-29 18:11:16 +02:00
Stefan Metzmacher
dc09b12681 s3:rpc_client: don't mix layers and keep a reference to cli_state in the caller 
We should not rely on the backend to have a reference to the cli_state.
This will make it possible for the backend to set its cli_state reference
to NULL, when the transport is dead.

metze
 2010-03-29 18:11:16 +02:00
Stefan Metzmacher
7d977da925 s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them 
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:55 +01:00
Jeremy Allison
7b4387f765 Fix bug #7146 - Samba miss-parses authenticated RPC packets. 
Parts of the Samba RPC client and server code misinterpret authenticated
packets.

DCE authenticated packets actually look like this :

+--------------------------+
|header                    |
| ... frag_len (packet len)|
| ... auth_len             |
+--------------------------+
|                          |
| Data payload             |
...                     ....
|                          |
+--------------------------+
|                          |
| auth_pad_len bytes       |
+--------------------------+
|                          |
| Auth footer              |
| auth_pad_len value       |
+--------------------------+
|                          |
| Auth payload             |
| (auth_len bytes long)    |
+--------------------------+

That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).

The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).

Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.

This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).

This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.

Jeremy
 2010-02-17 15:27:59 -08:00