Volker Lendecke
6ee0d866c2
s3: Lift talloc_autofree_context() from make_auth_context_fixed()
2010-09-26 01:12:37 +02:00
Volker Lendecke
242e329610
s3: Lift talloc_autofree_context() from make_auth_context_subsystem()
2010-09-26 01:12:37 +02:00
Jeremy Allison
d8814b1a48
Fix bug 7694 - Crash bug with invalid SPNEGO token.
...
Found by the CodeNomicon test suites at the SNIA plugfest.
http://www.codenomicon.com/
If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server
as we indirect the first returned value OIDs[0], which is returned as NULL.
Jeremy.
2010-09-23 21:44:24 -07:00
Simo Sorce
76f249fb44
s3-dcerps: check auth_type
...
make sure the auth type used throught the auth operation is consistent.
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:25 -07:00
Simo Sorce
b11fff1f48
s3-dcerpc: remove auth_data_free_func
...
Everything is using a talloc pointer now, no need to have an
accessor function to free data anymore.
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:24 -07:00
Simo Sorce
3453bc7b11
s3-dcerpc: make auth context opaque
...
This way we always double check in advance that the context
is of the right type with talloc_get_type_abort instead of
potentially accessing random memory by addressing the wrong
structure in the union.
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:24 -07:00
Simo Sorce
0ec3720573
srv_pipe: reorganize code so that related functions are close to each other
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:23 -07:00
Simo Sorce
d10e192b83
s3-dcerpc: finally remove the legaqcy spnego_type variable from pipe_auth_data
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:23 -07:00
Simo Sorce
b475cfd0b2
s3-dcerpc: use new spnego server code
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:23 -07:00
Simo Sorce
4cdee9b0ed
s3-dcerpc: add spnego server helpers
...
squashed: add michlistMIC signature checks
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:23 -07:00
Simo Sorce
62d7226b78
s3-dcesrv: use gssapi helper in srv_pipe.c
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:22 -07:00
Simo Sorce
28c22d04fb
s3-dcerpc: add server helpers for gssapi auth
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:19 -07:00
Simo Sorce
8efd31ccad
s3-dcesrv: use ntlmssp helper in srv_pipe.c
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:53:46 -07:00
Simo Sorce
bbf535764b
s3-dcerpc: add server helpers for ntlmssp auth
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:53:42 -07:00
Simo Sorce
4194383cfe
gssapi: remove unused function argument
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:36:54 -07:00
Simo Sorce
412ebad02b
gssapi: avoid explicit dependency on dcerpc specific structures
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:36:54 -07:00
Simo Sorce
0e5eb82a6f
s3-dcerpc: move crypto stuff in /librpc/crypto
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:36:54 -07:00
Günther Deschner
a233c0c0d2
s3-lsa: Fix sid in DEBUG in_lsa_EnumAccountRights.
...
Andrew, you removed the sid_copy buit forgot the sid, please check.
Guenther
2010-09-21 21:00:32 -07:00
Michael Adam
4696cd6cbe
s3:registry: move reg_api_regf prototypes to their own header file.
...
These two calls are currently only used in the WINREG rpc server.
And this reqires linking in the regfio code.
2010-09-21 08:52:06 +02:00
Michael Adam
b11cc30508
s3:registry: move the reg_api prototypes to their own header.
2010-09-21 08:52:06 +02:00
Michael Adam
e869af9e0e
s3:rpc_server:ntsvcs: registry is not directly used an more.
2010-09-21 06:53:32 +02:00
Michael Adam
d760e543a1
s3:rpc_server:ntsvcs: use svcctl_lookup_dispname instead of legacy svcctl in _PNP_GetDeviceRegProp
2010-09-21 06:53:32 +02:00
Michael Adam
4cee4bbd02
s3:rpc_server: registry is not direclty used in the svcctl server any more
2010-09-21 06:53:31 +02:00
Michael Adam
3cab109754
s3:srv_ntsvcs_nt: make fill_svc_config() use svcctl_get_string_value()
...
instead of using legacy svcctl_fetch_regvalues()
2010-09-21 06:53:31 +02:00
Michael Adam
9bfd587358
s3:services_db: remove the TALLOC_CTX argument from svcctl_set_secdesc
2010-09-21 06:53:30 +02:00
Günther Deschner
102a70e809
s3-util: use shared dom_sid_dup.
...
Guenther
2010-09-20 14:05:07 -07:00
Günther Deschner
4dbd743e46
s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.
...
Guenther
2010-09-20 14:04:37 -07:00
Michael Adam
0f7e503d21
s3:registry: move higher level function reg_open_path to new module reg_api_util
...
The reg_api.c code should just export functions that direclty relate to winreg
api calls.
2010-09-20 19:58:01 +02:00
Andrew Tridgell
dc59de5627
s4-netlogon: added IDL for netr_DsrUpdateReadOnlyServerDnsRecords
...
this is used by a RODC to do DNS updates, as TSIG updates are not
allowed by RODCs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16 21:09:17 +10:00
Günther Deschner
33d05a85e5
s3-rpc_server: fix some uninitalized variables and c++ build warnings.
...
Guenther
2010-09-15 13:24:44 +02:00
Andreas Schneider
e580c6d88f
s3-rpc_server: Use talloc_stackframe.
2010-09-15 12:53:43 +02:00
Simo Sorce
8ec7aaef48
s3-rpc_server: Moved ncacn_np declarations in common header file.
...
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:42 +02:00
Simo Sorce
390642a9e6
s3-rpc_server: Moved "external" pipe functions to rpc_ncacn_np.c.
...
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:42 +02:00
Andreas Schneider
34225c93af
s3-rpc_server: Added new parametric option 'rpc_server'
...
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:42 +02:00
Simo Sorce
738c843e99
s3-rpc_server: Renamed rpc_ncacn_np_internal.c.
...
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:42 +02:00
Simo Sorce
5685914344
s3-rpc_server: Convert rpc_connect_spoolss_pipe into a generic interface.
...
This way we have one common way to open internal pipes whether they
are shortcircuited or piped to an external process.
2010-09-15 12:53:42 +02:00
Simo Sorce
344260d03e
s3-rpc_server: Added support for internal connections to external daemons.
...
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:42 +02:00
Simo Sorce
e7c4555b7c
s3-rpc_server: Accept connections and process requests.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:42 +02:00
Simo Sorce
f7f9916dc7
s3-rpc_server: Added helper functions to read data from a ncacn socket.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:42 +02:00
Simo Sorce
a1f1da7226
s3-rpc_server: Addded function to create custom pipes_struct.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:41 +02:00
Simo Sorce
b1fdc5a704
s3-rpc_server: Add generic listener callback.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:41 +02:00
Simo Sorce
3c26e95840
s3-rpc_server: Added initial generic RPC server infrastructure.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:41 +02:00
Simo Sorce
11721874c3
s3-rpc_server: Added debug to see how much data has been read out.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:41 +02:00
Simo Sorce
5ccd7a56fa
s3-rpc_server: Make process_incoming_data() public.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:41 +02:00
Simo Sorce
2ef693e3c8
s3-rpc_server: Make pipe destructor public.
...
Signed-off-by: Andreas Schneider <asn@cynapses.org>
2010-09-15 12:53:41 +02:00
Simo Sorce
3f04b54197
s3-rpc_server: Fixed unhandled error condition.
...
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:40 +02:00
Andrew Bartlett
b733d9dee0
s3-samr Explian better the use of two privileges in this call
...
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11 18:46:13 +10:00
Andrew Bartlett
aefe60da8c
s3-util_sid Tidy up global struct security_token
...
This no longer needs to be global, and should be const. We now also
init it with the C99 style initialisers.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11 18:46:12 +10:00
Andrew Bartlett
9883993b66
s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmap
...
This avoids us dealing with the privilege bitmap in the LSA server, and
overhauls much of the rest of the handling to be currnet with the modern
world of talloc.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11 18:46:11 +10:00
Andrew Bartlett
ad5ec58a71
s3-privs Hide the bitmap-based grant_privilege and revoke_privilege
...
The new wrappers avoid anything but the core privileges code
dealing with the bitmap values directly.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11 18:46:11 +10:00