1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Commit Graph

528 Commits

Author SHA1 Message Date
Simo Sorce
1febe9de6b s3-dcerpc: use dcerpc_push_dcerpc_auth() in add_ntlmssp_auth_footer() 2010-07-08 18:38:55 -04:00
Simo Sorce
c609e84170 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_schannel() 2010-07-08 18:38:55 -04:00
Simo Sorce
91cb2aed54 s3-dcerpc: use dcerpc_push_ncacn_packet() in create_rpc_bind_auth3() 2010-07-08 18:38:55 -04:00
Jeremy Allison
7e134f179f Change one more use of "struct rpc_hdr_info" -> "struct ncacn_packet_header"
Jeremy
2010-07-08 15:18:30 -07:00
Günther Deschner
d57ecf920c s3-dcerpc: use dcerpc_pull_ncacn_packet() for rpc_pipe_bind_step_one_done().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:56:16 -04:00
Günther Deschner
5351a8919d s3-dcerpc: use dcerpc_push_ncacn_packet() in push_next_frag().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:53:10 -04:00
Günther Deschner
e8e2fa586b s3-dcerpc: use dcerpc_pull_ncacn_packet() in cli_pipe_validate_current_pdu().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:53:01 -04:00
Günther Deschner
dbeaa5efc7 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_ntlmssp().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:52:38 -04:00
Günther Deschner
49c5293492 s3-dcerpc: add dcerpc_pull_dcerpc_auth().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:52:34 -04:00
Günther Deschner
fe9ce4b60c s3-dcerpc: use struct ncacn_packet_header instead of struct rpc_hdr_info.
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:47:53 -04:00
Günther Deschner
77e3fffd09 s3-dcerpc: add dcerpc_pull_ncacn_packet_header().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:29:33 -04:00
Günther Deschner
eeb034e72a s3-dcerpc: use dcerpc_push_dcerpc_auth() for all authenticated binds.
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
4b56e6e95b s3-dcerpc: add dcerpc_push_schannel_bind().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
0f02dda915 s3-dcerpc: add dcerpc_push_dcerpc_auth().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
5aabd9af8e s3-dcerpc: use dcerpc_push_ncacn_packet() for create_bind_or_alt_ctx_internal().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
d6de820480 s3-dcerpc: use dcerpc_pull_ncacn_packet() for pulling a RPC fault pdu.
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:50 -04:00
Günther Deschner
cb9eddb312 s3-dcerpc: add dcerpc_pull_ncacn_packet().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:50 -04:00
Günther Deschner
3d9a12dca7 s3-dcerpc: add dcerpc_push_ncacn_packet().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:50 -04:00
Volker Lendecke
dee72d807f s3: Remove an unreachable line of code 2010-06-21 15:03:59 +02:00
Jeremy Allison
2e8c563961 Second part of fix converting prs_XX struct and functions to talloc. Remove unneeded prs_mem_free calls.
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
2010-06-18 07:42:05 -04:00
Jeremy Allison
f4e7d9d38e Convert the prs_XXX struct and functions to use talloc instead of malloc. Passes valgrind and make tests for client and server. Second version of this patch after splitting up at Simo's request. Patch to follow will delete extraneous prs_mem_free() calls.
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
2010-06-18 07:41:47 -04:00
Andrew Bartlett
d6fa371b92 s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()
This ensures the results can't be easily left to leak.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31 15:11:27 +02:00
Andrew Bartlett
ebae21f023 ntlmssp: Make the ntlmssp.h from source3/ a common header
The code is not yet in common, but I hope to fix that soon.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31 15:10:56 +02:00
Günther Deschner
5ed3654112 s3-rpc_client: move protos to cli_netlogon.h
Guenther
2010-05-18 21:42:37 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Günther Deschner
c6ebab846d s3: only include gen_ndr headers where needed.
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:

ccache build w/o patch
real    4m21.529s
ccache build with patch
real    3m6.402s

pch build w/o patch
real    4m26.318s
pch build with patch
real    3m6.932s

Guenther
2010-05-06 00:22:59 +02:00
Stefan Metzmacher
3e70da3f47 s3:rpc_client: return at least 10 sec as old timeout in rpccli_set_timeout() instead of 0
metze
2010-03-29 18:11:17 +02:00
Stefan Metzmacher
99664ad154 s3:rpc_client: add set_timeout hook to rpc_cli_transport
metze
2010-03-29 18:11:17 +02:00
Stefan Metzmacher
4f41b53487 s3:rpc_client: add rpccli_is_connected()
metze
2010-03-29 18:11:16 +02:00
Stefan Metzmacher
dc09b12681 s3:rpc_client: don't mix layers and keep a reference to cli_state in the caller
We should not rely on the backend to have a reference to the cli_state.
This will make it possible for the backend to set its cli_state reference
to NULL, when the transport is dead.

metze
2010-03-29 18:11:16 +02:00
Stefan Metzmacher
7d977da925 s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24 17:34:55 +01:00
Jeremy Allison
7b4387f765 Fix bug #7146 - Samba miss-parses authenticated RPC packets.
Parts of the Samba RPC client and server code misinterpret authenticated
packets.

DCE authenticated packets actually look like this :

+--------------------------+
|header                    |
| ... frag_len (packet len)|
| ... auth_len             |
+--------------------------+
|                          |
| Data payload             |
...                     ....
|                          |
+--------------------------+
|                          |
| auth_pad_len bytes       |
+--------------------------+
|                          |
| Auth footer              |
| auth_pad_len value       |
+--------------------------+
|                          |
| Auth payload             |
| (auth_len bytes long)    |
+--------------------------+

That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).

The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).

Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.

This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).

This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.

Jeremy
2010-02-17 15:27:59 -08:00
Bo Yang
36493bf2f6 s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
Signed-off-by: Bo Yang <boyang@samba.org>
2010-01-06 19:19:35 +08:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed
Andrew Bartlett
2009-12-22 21:07:53 +01:00
Andrew Bartlett
5b37cd23bf s3:ntlmssp: remove the typedef NTLMSSP_STATE
Andrew Bartlett
2009-12-22 21:07:53 +01:00
Günther Deschner
04f8c229de s3-kerberos: only use krb5 headers where required.
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.

Guenther
2009-11-27 16:36:00 +01:00
Günther Deschner
5d706a2fd4 s3-rpc: running minimal_includes.pl on rpc_client and rpc_server.
Guenther
2009-11-26 20:17:07 +01:00
Jeremy Allison
0363713031 Remove erroneous 'presult = NULL' changes. Now presult only gets set
if NTSTATUS == OK.
Jeremy.
2009-11-12 13:59:25 -08:00
Jeremy Allison
496d147dc4 Revert "Ensure every return path initializes presult as NULL."
Vl is correct, this is the wrong way to fix this.

This reverts commit 83c2c177a5.
2009-11-12 13:57:13 -08:00
Jeremy Allison
5363d6e62c Ensure all callers to the rpc_client/cli_pipe functions correctly
initialize return variables.
Jeremy.
2009-11-12 13:56:33 -08:00
Jeremy Allison
83c2c177a5 Ensure every return path initializes presult as NULL.
Ensures no crashes in calling code that forgets to
init return as null.
Jeremy.
2009-11-12 11:49:54 -08:00
Günther Deschner
d241b9ae4c s3-rpc_client: make sure cli_rpc_pipe_open_schannel() does not always return NT_STATUS_OK.
Guenther
2009-11-10 13:10:12 +01:00
Volker Lendecke
bb283af16f Revert "s3: Do not directly reference the ndr_table_* in rpcclient"
This reverts commit 70c698fd54.
2009-11-08 19:43:47 +01:00
Volker Lendecke
70c698fd54 s3: Do not directly reference the ndr_table_* in rpcclient 2009-11-08 00:28:36 +01:00
Volker Lendecke
cd16e38e32 s3: Register the ndr_interfaces dynamically 2009-11-07 09:14:16 +01:00
Volker Lendecke
268df12ab6 s3: Get rid of a NULL terminator 2009-11-07 09:14:16 +01:00
Volker Lendecke
a32c425f91 s3: Get rid of explicit pipe names 2009-11-07 09:14:16 +01:00
Volker Lendecke
2aa0af9867 s3: get_pipe_name_from_iface -> get_pipe_name_from_syntax 2009-11-07 09:14:15 +01:00
Günther Deschner
60bf0eb607 s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg.
Guenther
2009-11-06 13:31:17 +01:00
Volker Lendecke
b067a5e4e8 s3: Remove debug_ctx()
smbd just crashed on me: In a debug message I called a routine preparing a
string that itself used debug_ctx. The outer routine also used it after the
inner routine had returned. It was still referencing the talloc context
that the outer debug_ctx() had given us, which the inner DEBUG had already
freed.
2009-11-03 11:30:00 +01:00
Günther Deschner
ebe0e64ba9 s3: use enum netr_SchannelType all over the place.
Guenther
2009-10-13 10:21:46 +02:00
Volker Lendecke
84de81b478 s3: Remove a scary error message -- talloc_move can not fail :-)
Signed-off-by: Günther Deschner <gd@samba.org>
2009-10-05 12:14:08 +02:00
Stefan Metzmacher
68b8149d1f s3:rpc_client: don't randomly fragment rpc pdu's in developer mode
This is really confusing and also breaks against windows,
as it doesn't accept fragmented bind requests.

metze
2009-09-25 05:20:16 +02:00
Günther Deschner
503d035814 spnego: share spnego_parse.
Guenther
2009-09-17 01:12:20 +02:00
Stefan Metzmacher
033ced60ac libcli/auth: rewrite schannel sign/seal code to be more generic
This prepares support for HMAC-SHA256/AES.

metze
2009-09-16 12:29:06 +02:00
Günther Deschner
37bc806453 s3-dcerpc: remove more obsolete or duplicate headers.
Guenther
2009-09-16 08:55:51 +02:00
Günther Deschner
c5c04fcf90 s3-schannel: add dump_NL_AUTH_SIGNATURE.
Guenther
2009-09-16 07:54:02 +02:00
Günther Deschner
799f8d7e13 schannel: fully share schannel sign/seal between s3 and 4.
Guenther
2009-09-16 01:55:06 +02:00
Günther Deschner
f8014d30e7 s3-schannel: fix blob length when pulling off a NL_AUTH_SIGNATURE in
cli_pipe_verify_schannel().

Guenther
2009-09-16 00:11:23 +02:00
Günther Deschner
c2d7c7a9dd s3-dcerpc: fix remaining old auth level constants.
Guenther
2009-09-15 18:30:44 +02:00
Günther Deschner
fdf3bd6203 s3-dcerpc: remove unsed auth type defines as seen on the wire.
Guenther
2009-09-15 17:50:00 +02:00
Günther Deschner
d3af0346c8 s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags.
Guenther
2009-09-15 17:49:34 +02:00
Günther Deschner
bea8e5fa60 s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_schannel().
Guenther
2009-09-11 09:59:04 +02:00
Günther Deschner
032e01e7c1 s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_spnego_ntlmssp and cli_rpc_pipe_open_ntlmssp.
Guenther
2009-09-11 09:59:04 +02:00
Günther Deschner
87f61a144b s3-rpc_client: add cli_rpc_pipe_open_noauth_transport.
Guenther
2009-09-11 09:59:03 +02:00
Günther Deschner
d258fb4d0d s3-schannel: use NL_AUTH_SIGNATURE for schannel sign & seal (client & server).
Guenther
2009-09-11 03:00:35 +02:00
Günther Deschner
393a1f594d s3-rpc_client: add enum dcerpc_transport_t to rpc_cli_transport struct.
Guenther
2009-09-11 00:26:24 +02:00
Günther Deschner
de0bf36493 s3-rpc_client: use NL_AUTH_MESSAGE in create_schannel_auth_rpc_bind_req().
Guenther
2009-09-08 17:07:02 +02:00
Günther Deschner
5b2b5abf4f s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.
The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a
W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56
byte). We should just ignore the remaining 12 zeroed bytes and proceed.

Guenther
2009-09-08 12:34:10 +02:00
Stefan Metzmacher
dcdefc17b9 s3:rpc_client: add dispatch_send/recv() to struct rpc_pipe_client
metze
2009-07-31 12:49:45 +02:00
Jeremy Allison
5d05d22999 Added prefer_ipv4 bool parameter to resolve_name().
W2K3 DC's can have IPv6 addresses but won't serve
krb5/ldap or cldap on those addresses. Make sure when
we're asking for DC's we prefer IPv4.
If you have an IPv6-only network this prioritizing code
will be a no-op. And if you have a mixed network then you
need to prioritize IPv4 due to W2K3 DC's.
Jeremy.
2009-07-28 11:51:58 -07:00
Volker Lendecke
3532882d02 Lift the event loop in rpc_api_pipe_req() one level into cli_do_rpc_ndr 2009-07-27 16:15:54 +02:00
Volker Lendecke
58fbf7420c Remove "typedef struct ndr_syntax_id RPC_IFACE;" 2009-07-05 23:50:12 +02:00
Volker Lendecke
795b896ab0 Fix a type-punned warning 2009-05-18 07:13:04 +02:00
Andrew Bartlett
53765c81f7 Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key() 2009-04-20 16:50:49 +02:00
Andrew Bartlett
baf7274fed Make Samba3 use the new common libcli/auth code
This is particuarly in the netlogon client (but not server at this
stage)
2009-04-14 16:23:44 +10:00
Andrew Bartlett
f28f113d8e Rework Samba3 to use new libcli/auth code (partial)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett
2009-04-14 16:23:35 +10:00
Volker Lendecke
1c4027678e Correct sync wrappers in cli_pipe.c 2009-04-06 21:32:08 +02:00
Volker Lendecke
5f753e22f1 Convert rpc_pipe_bind to tevent_req 2009-03-24 13:23:41 +01:00
Volker Lendecke
fa62836839 Convert rpc_cli_transport->trans to tevent_req 2009-03-24 13:23:41 +01:00
Volker Lendecke
8e0d9d002a Convert rpc_cli_transport->write to tevent_req 2009-03-24 13:23:41 +01:00
Volker Lendecke
22badee4bf Convert rpc_cli_transport->read to tevent_req 2009-03-24 13:23:40 +01:00
Volker Lendecke
1724f2ff31 Convert rpc_api_pipe_req to tevent_req 2009-03-24 13:23:40 +01:00
Volker Lendecke
f88990ec7e Convert rpc_api_pipe to tevent_req 2009-03-24 13:23:40 +01:00
Volker Lendecke
545ed5b52e Convert cli_api_pipe to tevent_req 2009-03-24 13:23:40 +01:00
Volker Lendecke
7a429fb369 Convert get_complete_frag to tevent_req 2009-03-24 13:23:40 +01:00
Volker Lendecke
7573bb758e Convert rpc_write to tevent_req 2009-03-24 13:23:40 +01:00
Volker Lendecke
1dd0883458 Convert rpc_read to tevent_req 2009-03-24 13:23:40 +01:00
Günther Deschner
9fdeb7f7b3 s3-spoolss: remove custom syntax_spoolss and use the syntax defined in IDL.
Guenther
2009-03-18 14:18:42 +01:00
Jeremy Allison
f48a345e4a Remove pwd_cache.c, it was doing nothing. Make user_name, domain, and
password talloc'ed strings within the cli_struct.
Jeremy.
2009-03-13 17:49:24 -07:00
Volker Lendecke
0844cca1d5 Replace get_myname() with the talloc version from v3-3-test 2009-02-13 12:15:03 +01:00
Volker Lendecke
d3f9b0fab6 Next step disentangling async_req from NTSTATUS
Now I need to document this :-)
2009-02-02 20:15:03 +01:00
Volker Lendecke
c14b7e648b Split up async_req into a generic and a NTSTATUS specific part 2009-02-01 19:05:39 +01:00
Volker Lendecke
7967d8c779 Move rpc_pipe_open_internal to srv_pipe_hnd.c
This is a smbd-only function
2009-02-01 14:34:23 +01:00
Volker Lendecke
57de60a83f cli_get_pipe_name_from_interface does not really need a talloc_ctx 2009-02-01 14:34:22 +01:00
Volker Lendecke
f6d08849e1 Fix memleaks 2009-01-30 21:29:35 +01:00
Volker Lendecke
aef749b53f pass NULL to prs_give_memory, that is a pointer 2009-01-30 21:29:35 +01:00
Volker Lendecke
22e3004829 Add the "SMBD" rpc transport
The idea of this is that all client utils like smbpasswd and also for example
"net join" do not access our internal databases like passdb and secrets.tdb
directly anymore but pass everything throught the well-established RPC
interfaces.

The way you use this is the following: With rpc_cli_smbd_conn_init() or its
async variant you initialize a "struct rpc_cli_smbd_conn". This structure is
the link to a freshly forked smbd, ready to be used for RPC services. You
should only ever have one such structure in your program. More don't hurt, but
are plainly unnecessary.

If you want to use the SAMR pipe to change a passwort, you connect to that pipe
with rpc_pipe_open_local. Do you normal rpccli_samr calls on that and your
locally forked smbd will connect to passdb for you.

GD, this might make the distinction between the _l and _r calls in libnetapi
mostly unnecessary. At least it is intended to do so... :-)
2009-01-30 12:48:00 +01:00
Volker Lendecke
b7094c0b80 Abstract away the transport in cli_pipe.c
Sorry for the monster checkin, I could not really find a way to do this in
steps.
2009-01-22 22:59:54 +01:00
Volker Lendecke
031f246941 Fix a segfault: rpccli_* expect the reply_pdu to always be initialized 2009-01-22 17:54:16 +01:00
Volker Lendecke
3662c2b0f6 cli_get_pipe_name_from_iface does not need the cli_state
I leave the TALLOC_CTX in, we might have to allocate it in the future
2009-01-22 11:38:00 +01:00
Jelmer Vernooij
11a25f9050 Allow calling DCE/RPC server implementations directly using
rpc_pipe_client.
2009-01-21 14:05:51 +01:00
Volker Lendecke
0dbd396862 Add a macro async_req_setup()
This streamlines setting up a multi-step async request a bit
2009-01-18 16:45:07 +01:00
Volker Lendecke
c45b6ec29a Add code to torture the fragmentation code a bit 2009-01-18 15:40:45 +01:00
Volker Lendecke
a158ebbe49 Remove unused functions 2009-01-18 15:40:45 +01:00
Volker Lendecke
28c35b4c04 Make rpc_pipe_bind async 2009-01-18 15:40:45 +01:00
Volker Lendecke
ecb5184ce5 Fix an uninitialized variable 2009-01-18 15:40:45 +01:00
Volker Lendecke
3f9f188877 Remove sync rpc_api_pipe_req 2009-01-18 15:40:45 +01:00
Volker Lendecke
396ed3b363 Add async rpc_api_pipe_req 2009-01-18 15:40:45 +01:00
Volker Lendecke
c655f19e1f Add rpc_write_send/recv 2009-01-18 15:40:44 +01:00
Volker Lendecke
f96335afc0 Remove unused sync functions 2009-01-18 15:40:44 +01:00
Volker Lendecke
f6740aa7ad Make rpc_api_pipe async 2009-01-18 15:40:44 +01:00
Volker Lendecke
761d164420 Rename the async version of get_complete_pdu to get_complete_frag 2009-01-18 15:40:44 +01:00
Volker Lendecke
5e6f3eaae9 Move initialization of the reply prs_struct to rpc_api_pipe 2009-01-18 15:40:44 +01:00
Volker Lendecke
5987c82697 Always check the max send sizein rpc_api_pipe, not just with DEVELOPER 2009-01-18 15:40:44 +01:00
Volker Lendecke
6d47418bc1 Make cli_api_pipe async
Also move the transport switch to this routine
2009-01-18 15:40:43 +01:00
Volker Lendecke
173d6c84a6 Remove sync rpc_read wrapper 2009-01-18 15:40:43 +01:00
Volker Lendecke
5d71fe8043 Make cli_pipe_get_current_pdu async, rename it to get_current_pdu 2009-01-18 15:40:43 +01:00
Volker Lendecke
30413f12b9 Make rpc_read async 2009-01-18 15:40:43 +01:00
Volker Lendecke
9b3c38f4af Slightly simplify the paths after rpc_api_pipe() 2009-01-17 11:27:32 +01:00
Volker Lendecke
8c983af56d Make rpc_read look like a real read call
It doesn't really need to know about prs_structs
2009-01-14 17:08:40 +01:00
Volker Lendecke
e1aeb486e8 Make rpc_read() match the control flow normally used in Samba
Replace do { .. } while () with a while () { .. }
2009-01-14 17:08:40 +01:00
Volker Lendecke
11e3388083 Simplify rpc_read a bit
rpc_read always reads the whole bytes it was asked to read. So it is not really
necessary for it to update the current_pdu_offset, for clarity this can better
be done in the caller.
2009-01-14 17:08:39 +01:00
Volker Lendecke
15dd11b31e Remove an unnecessary size check
rpc_read is only ever called with at most fraglen-RPC_HEADER_SIZE length
2009-01-14 17:08:39 +01:00
Volker Lendecke
274f575b24 Check the fragment size the server has sent us 2009-01-14 17:08:39 +01:00
Volker Lendecke
583d7913c8 Slightly simplify rpc_read: It should not do the resize 2009-01-14 17:08:39 +01:00
Volker Lendecke
87f9f0b01a Always read with offset 0 from a named pipe 2009-01-14 17:08:39 +01:00
Volker Lendecke
ce5eded7e0 Move cli_api_pipe() to its only user cli_pipe.c 2009-01-11 22:53:24 +01:00
Volker Lendecke
19b783cce9 Async wrapper for open_socket_out_send/recv 2009-01-04 16:42:40 +01:00
Volker Lendecke
fafb9ecc61 open_socket_out is always used with SOCK_STREAM, remove argument "type" 2009-01-03 19:22:06 +01:00
Günther Deschner
b883bcd4ff s3: store user session key in cli_rpc_pipe_open_noauth().
Guenther
2008-12-05 14:27:03 +01:00
Günther Deschner
7f8bc6a2d9 errors: share dcerpc error function.
Guenther
2008-10-31 12:42:09 +01:00
Jelmer Vernooij
2d89b52be8 Use separate make variables for libutil and libcrypto. 2008-10-18 14:28:40 +02:00
Jeremy Allison
969a2fc4dd Don't use debug level 1 to log a trivial message.
Jeremy.
2008-10-15 18:07:15 -07:00
Volker Lendecke
29dd253e69 Tiny logic simplification: remove an else branch
(This used to be commit 9c4905ed67)
2008-09-03 13:52:13 +02:00
Günther Deschner
a77c9285b7 fix another build warning.
Guenther
(This used to be commit 43693ce6c6)
2008-08-20 22:07:40 +02:00
Volker Lendecke
a20c498310 Remove unused function rpccli_is_pipe_idx
(This used to be commit 287ffc17a0)
2008-07-21 14:36:31 +02:00
Volker Lendecke
303f98af2f Remove now unused cli_get_pipe_name
(This used to be commit ed4a447103)
2008-07-21 14:36:30 +02:00
Volker Lendecke
346a8d1bdc Remove now unused cli_get_pipe_idx
(This used to be commit e02a550527)
2008-07-21 14:36:29 +02:00
Volker Lendecke
9664f24ecf Remove now unused cli_get_iface
(This used to be commit 2e60701e8d)
2008-07-21 14:36:28 +02:00
Volker Lendecke
798b56edae Refactoring: libnetapi_open_pipe takes an interface instead of pipe_idx
(This used to be commit 726e56c72f)
2008-07-21 14:36:27 +02:00
Volker Lendecke
55f84c05bd Refactoring: Change calling conventions for cli_rpc_pipe_open_krb5
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit f2656e5c2e)
2008-07-20 17:37:14 +02:00
Volker Lendecke
99526d391d Refactoring: Change calling conventions for cli_rpc_pipe_open_schannel
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 1fcfca007f)
2008-07-20 17:37:14 +02:00
Volker Lendecke
52ff49600e Refactoring: Change calling conventions for cli_rpc_pipe_open_ntlmssp_auth_schannel
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit ff87127baf)
2008-07-20 17:37:13 +02:00
Volker Lendecke
ba2cb35ca5 Refactoring: Change calling conventions for cli_rpc_pipe_open_schannel_with_key
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 78e9c937ff)
2008-07-20 17:37:13 +02:00
Volker Lendecke
44bdc98823 Refactoring: Make get_schannel_session_key_auth_ntlmssp return NTSTATUS
(This used to be commit ab3d80d476)
2008-07-20 17:37:12 +02:00
Volker Lendecke
b8fc15be95 Refactoring: Make get_schannel_session_key return NTSTATUS
(This used to be commit a0793cc853)
2008-07-20 17:37:12 +02:00
Volker Lendecke
1f854d1db7 Refactoring: Make get_schannel_session_key_common return NTSTATUS
(This used to be commit 513e695076)
2008-07-20 17:37:12 +02:00
Volker Lendecke
e0be03d8d5 Refactoring: Change calling conventions for cli_rpc_pipe_open_ntlmssp
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit a13f059955)
2008-07-20 17:37:11 +02:00
Volker Lendecke
1335da2a7c Refactoring: Change calling conventions for cli_rpc_pipe_open_noauth
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 9abc9dc4dc)
2008-07-20 17:37:11 +02:00
Volker Lendecke
18fb7e0977 Refactoring: Change calling conventions for cli_rpc_pipe_open
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 6c122457ff)
2008-07-20 17:06:22 +02:00
Volker Lendecke
eb68e95d9a Refactoring: Change calling conventions for rpc_pipe_open_np
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 9249fe9e91)
2008-07-20 17:06:22 +02:00
Volker Lendecke
2e905d2cd1 Allocate rpc_cli->dc in rpccli_netlogon_setup_creds()
The general cli_pipe routines should not have to know about this NETLOGON
speciality.
(This used to be commit d30237598d)
2008-07-20 17:06:21 +02:00
Volker Lendecke
65dfc40a4a Store copies of the syntax ids in rpc_pipe_client
(This used to be commit 848a3497e3)
2008-07-20 17:06:21 +02:00
Volker Lendecke
66669bad43 Simplify pipe_names: we only do ndr_transfer_syntax anyway
(This used to be commit b808403af5)
2008-07-20 17:06:21 +02:00
Volker Lendecke
867b61d0a1 The PIPE_ pipename macros are only used in cli_pipe.c
(This used to be commit 03f7af26f2)
2008-07-19 21:07:14 +02:00
Volker Lendecke
bf6c11fea3 Make the pipe_names[] array static to cli_pipe.c
(This used to be commit ab7ab35059)
2008-07-19 20:40:27 +02:00
Jeremy Allison
799252f635 Fix the non-LDAP, non-krb5 build, fix gcc -O3 warnings.
Jeremy.
(This used to be commit 9e2ab30d3c)
2008-06-26 19:46:18 -07:00
Günther Deschner
92bd665aea rpc_client: let cli_get_session_key() return talloced session key.
Thanks, Volker, for pointing this out.

Guenther
(This used to be commit b47899195e)
2008-06-25 09:51:31 +02:00
Günther Deschner
07f06eec21 rpc_client: add cli_get_session_key().
Guenther
(This used to be commit 93b56755f7)
2008-06-24 23:47:58 +02:00
Karolin Seeger
1178287eeb rpc_client: Avoid warning in builds without krb5 headers.
warning: ‘cli_auth_kerberos_data_destructor’ defined but not used

Karolin
(This used to be commit b5f9176b6c)
2008-06-24 16:30:32 +02:00
Günther Deschner
95a1f88d93 rpc_client: fix some valgrind warnings.
Guenther
(This used to be commit 0352682a35)
2008-06-11 10:47:21 +02:00
Volker Lendecke
f1d160f333 Fix a const warning
Jelmer, would it be possible to make the rpc client functions take const
pointers for pure [in] arguments?
(This used to be commit d893b2ea13)
2008-05-25 13:53:44 +02:00
Günther Deschner
1a16a2cf97 drsuapi: always use tcp for drsuapi.
cli_rpc_pipe_open() now uses tcp transport for drsuapi and named pipe
transport for all other pipes.

This finally allows rpcclient to call dscracknames on windows
(don't forget to call "seal" in advance).

Guenther
(This used to be commit b243a03602)
2008-05-24 01:29:13 +02:00
Volker Lendecke
34104dfc21 Fix a (bogus) uninitialized variable warning
(This used to be commit 6106d48a5c)
2008-05-23 15:37:05 +02:00
Michael Adam
a8045b1339 rpc_client: make rpc_pipe_open_tcp_port and rpc_pipe_get_tcp_port static.
Slim the interface...

Michael
(This used to be commit 9971118c23)
2008-05-22 11:30:04 +02:00
Michael Adam
b398a96b09 rpc_client: use endpoint mapper to get the port for rpc_pipe_open_tcp().
Michael
(This used to be commit f7db445c82)
2008-05-22 11:29:57 +02:00
Volker Lendecke
36e94197d0 rpc_client: add a destructor to close the socket for pipes over tcp.
used in rpc_pipe_open_tcp() and rpc_pipe_open_ncalrpc().
(This used to be commit a0bdd56c75)
2008-05-21 23:35:26 +02:00
Volker Lendecke
e8d25443c1 Add client support for NCACN_UNIX_STREAM
(This used to be commit 24ac40518f)
2008-05-21 23:35:25 +02:00
Volker Lendecke
78022953e7 rpccli_schannel_bind_data only needs the schannel key
(This used to be commit be5d54a363)
2008-05-21 23:35:25 +02:00
Volker Lendecke
ec70996fc7 Rename rpc_pipe_client.tcp.sock to rpc_pipe_client.sock.fd
(This used to be commit 2ff908a902)
2008-05-21 23:35:24 +02:00
Volker Lendecke
9a6b1f4b5f Fix a comment
(This used to be commit 8ae39c1339)
2008-05-21 23:35:24 +02:00
Volker Lendecke
2c00ff5407 Fix two uninitialized variable warnings
(This used to be commit 48fd7b3635)
2008-05-05 11:17:19 +02:00
Volker Lendecke
9de291e671 Attempt to fix the non-krb build
(This used to be commit 31d80a4767)
2008-04-25 12:36:39 +02:00
Volker Lendecke
79fae5082a Add basic ncacn_ip_tcp client infrastructure
(This used to be commit 11072ccc7a)
2008-04-25 11:12:52 +02:00
Volker Lendecke
63e0884df5 Introduce a redirection for ncacn_np and ncacn_ip_tcp in rpc_pipe_client
Should be no functional change, just a change in the data structure
(This used to be commit 3433f430b0)
2008-04-25 11:12:52 +02:00
Volker Lendecke
cf182c0a76 Introduce rpccli_pipe_txt(), describing a pipe for debug messages
(This used to be commit 83892d51de)
2008-04-25 11:12:52 +02:00
Volker Lendecke
eb5582d28a cli_rpc_pipe_open_noauth must take the user/domain from the smb session
(This used to be commit 6f08128cf2)
2008-04-25 11:12:52 +02:00
Volker Lendecke
324e92ea67 Make use of rpccli_xxx_bind_data
(This used to be commit f9bc336aff)
2008-04-25 11:12:51 +02:00
Volker Lendecke
253b0b8868 Create rpccli_xxx_bind_data functions
These functions create the auth data for the later bind
(This used to be commit 630b9c241c)
2008-04-25 11:12:51 +02:00
Volker Lendecke
862d7e32b9 Move user/domain from rpc_pipe_client to cli_pipe_auth_data
(This used to be commit 42de50d2cd)
2008-04-25 11:12:50 +02:00
Volker Lendecke
9e9d40d097 Refactoring: Make cli_pipe_auth_data a pointer off rpc_pipe_client
(This used to be commit f665afaaa3)
2008-04-25 11:12:50 +02:00
Volker Lendecke
b78453326b Remove the "pwd" struct from rpc_pipe_client
The only user of this was decrypt_trustdom_secret, and this only needs the NT
hash anyway.
(This used to be commit 3d8c2a47e6)
2008-04-21 23:36:05 +02:00
Volker Lendecke
712e40dad2 Fix some empty lines with just spaces
(This used to be commit f8fb9b7e37)
2008-04-20 16:23:48 +02:00
Volker Lendecke
b9cc055062 Introduce rpc_pipe_np_smb_conn()
This abstracts away all references to rpc_pipe_client->cli, the only reference
is now in cli_pipe.c.
(This used to be commit c56e1c08ce)
2008-04-20 14:08:16 +02:00
Volker Lendecke
e73e8297f5 Replace cli_rpc_pipe_close by a talloc destructor on rpc_pipe_struct
(This used to be commit 99fc3283c4)
2008-04-20 14:08:16 +02:00
Volker Lendecke
33592bdcb9 Refactoring: Move stuff around for creating a pipe
(This used to be commit 45be749ed6)
2008-04-20 14:08:10 +02:00
Volker Lendecke
f56eedb95c Remove the pipe_idx variable from rpc_pipe_client
(This used to be commit 4840febcd4)
2008-04-20 11:47:33 +02:00
Volker Lendecke
ff8aa642f3 Remove some unused code referencing pipe_names[]
(This used to be commit d8a04b798c)
2008-04-20 11:27:24 +02:00
Volker Lendecke
cf2442bdcb Use rpc_pipe_client->user_name instead of rpc_pipe_client->cli->user_name
Also make sure that rpc_pipe_client->user_name is always talloced.
(This used to be commit 3f6c5b9966)
2008-04-20 00:14:40 +02:00
Volker Lendecke
e1102b8f48 Introduce rpccli_set_timeout()
Reduce dependency on "cli" member of rpc_pipe_client struct
(This used to be commit 2e4c1ba389)
2008-04-20 00:14:26 +02:00
Volker Lendecke
9048cafbea Move srv_name_slash from cli_state to rpc_pipe_client
(This used to be commit a9061e52e1)
2008-04-20 00:14:13 +02:00
Volker Lendecke
2a2188591b Add "desthost" to rpc_pipe_client
This reduces the dependency on cli_state
(This used to be commit 783afab9c8)
2008-04-20 00:13:09 +02:00
Volker Lendecke
b46d340fd5 Refactoring: Make struct rpc_pipe_client its own talloc parent
(This used to be commit a6d74a5a56)
2008-04-20 00:12:52 +02:00
Volker Lendecke
fb73de3b92 Set the right domain\user in cli_rpc_pipe_open_ntlmssp_internal
This probably does not matter in current code, but without this it's not
possible to do the bind as a different user than the underlying smb user.

Jeremy, please check!

Thanks,

Volker
(This used to be commit b90062e33c)
2008-04-19 23:54:01 +02:00
Jelmer Vernooij
a4c60b2696 rpc_parse: Use UUIDs from librpc/gen_ndr/ when possible to reduce
duplication.
(This used to be commit 428654b473)
2008-04-17 17:54:32 +02:00
Jelmer Vernooij
28fd4f6fcb Reconcile ndr_syntax_id used by pidl-generated code and Samba3's RFC_IFACE.
(This used to be commit 7bea00dca1)
2008-04-15 20:26:52 +02:00
Günther Deschner
99d3590455 Fix NETLOGON credential chain with Windows 2008 all over the place.
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8
netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate
flags everywhere (not only when running in security=ads). Only for NT4 we need
to do a downgrade to the returned negotiate flags.

Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6.

Guenther
(This used to be commit 0970369ca0)
2008-04-02 11:12:47 +02:00
Marc VanHeyningen
e06aa46b9f Coverity fixes
(This used to be commit 3fc85d2259)
2008-03-17 20:52:25 +01:00
Steven Danneman
6fb37ae672 Closed memory leak on error path.
(This used to be commit 376de8a0e4)
2008-02-27 07:23:28 +01:00