1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Commit Graph

695 Commits

Author SHA1 Message Date
Stefan Metzmacher
c5a93fd897 r22464: remove double code and use a function
metze
(This used to be commit aa28bcc466)
2007-10-10 12:19:35 -05:00
Stefan Metzmacher
eceb926df9 r22092: - make spnego_parse_auth_response() more generic and
not specific for NTLMSSP
- it's possible that the server sends a mechOID and authdata
  if negResult != SPNEGO_NEG_RESULT_INCOMPLETE, but we still
  force the mechOID to be present if negResult == SPNEGO_NEG_RESULT_INCOMPLETE

metze
(This used to be commit e9f2aa22f9)
2007-10-10 12:19:10 -05:00
Stefan Metzmacher
56ba447668 r22001: change prototype of dump_data(), so that it takes unsigned char * now,
which matches what samba4 has.

also fix all the callers to prevent compiler warnings

metze
(This used to be commit fa322f0cc9)
2007-10-10 12:18:59 -05:00
Jelmer Vernooij
1052cadbae r21462: Fix EnumValue (?)
(This used to be commit e73a418b5b)
2007-10-10 12:18:06 -05:00
Günther Deschner
ca072a9998 r21382: Important fix for winbind when using non-AD domains.
Jeremy, I'm afraid you removed the "domain->initialized" from the
set_dc_types_and_flags() call when the connect to PI_LSARPC_DS failed
(with rev. 19148).

This causes now that init_dc_connection_network is called again and
again which in turn rescans the DC each time (which of course fails each
time with NT_STATUS_BUFFER_TOO_SMALL). Just continue with the
non-PI_LSARPC_DS scan so that the domain is initialized properly.

Guenther
(This used to be commit c6f63a08f5)
2007-10-10 12:17:59 -05:00
Günther Deschner
69cee2a3ec r21240: Fix longstanding Bug #4009.
For the winbind cached ADS LDAP connection handling
(ads_cached_connection()) we were (incorrectly) assuming that the
service ticket lifetime equaled the tgt lifetime. For setups where the
service ticket just lives 10 minutes, we were leaving hundreds of LDAP
connections in CLOSE_WAIT state, until we fail to service entirely with
"Too many open files".

Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP
connection after the ads_do_search_retry() has failed to submit the
search request (although the bind succeeded (returning an expired
service ticket that we cannot delete from the memory cred cache - this
will get fixed later)).

Guenther
(This used to be commit 7e1a84b722)
2007-10-10 12:17:50 -05:00
Günther Deschner
aeb834036d r20970: Allow to define workstation for samlogon in rpcclient (for testing).
Guenther
(This used to be commit 5d4747fdf2)
2007-10-10 12:17:22 -05:00
Volker Lendecke
c63be3a4e7 r19818: Remove reg_split_hive, make use of registry_openkey
(This used to be commit 7fd1578a90)
2007-10-10 12:15:58 -05:00
Günther Deschner
dbcb4b1266 r19355: Add getdispenumindex2 wrapper for rpcclient.
Guenther
(This used to be commit 27c35848eb)
2007-10-10 12:15:31 -05:00
Günther Deschner
7b84b133fe r19161: Add NET_GETANYDCNAME (getdcname only gives the PDC while getanydcname
gives just any DC), also make sure to set timeouts in rpcclient
accordingly so that we actually get the DC's reply.

Guenther
(This used to be commit 6091c8152a)
2007-10-10 12:15:18 -05:00
Günther Deschner
adc299bd08 r19143: getdcname on the NETLOGON pipe returns WERROR, not NTSTATUS.
Guenther
(This used to be commit 44e228ac79)
2007-10-10 12:15:16 -05:00
Gerald Carter
18d4176633 r18981: * cleanup some vestiges of old cli_reg.c code and mark some TODO
items in cac_winreg.c
* Get 'net rpc registry enumerate' to list values again
* Fix winreg.idl QueryInfoKey().  The max_subkeysize is the
  max_classlen (we previously had this correct in Samba3")
* fix valgrind error about uninitialized memory and use-before-set
  on size value inmemset() call
* Fix key enumeration in 'net rpc registry enumerate'
* regenerate gen_dir files based on local pidl patches

Please note that the generated ndr files are from my local
copy of pidl.  If you need to regenerate, please apply the
patch that I posted to the samba-technical list earlier today.
(This used to be commit 5d843612a1)
2007-10-10 12:14:53 -05:00
Gerald Carter
49c73b5734 r18931: * Fix the IDL for QueryInfoKey. teh Classname in an
in,out ref pointer
* Clarify variable names in EnumValue IDL
* Fix server code for _winreg_EnumValue() and _winreg_QueryInfoKe()
(This used to be commit f520a9d0fb)
2007-10-10 12:14:48 -05:00
Gerald Carter
bbaa0b178d r18919: * Get the new rpccli_winreg_XXXX() functions into the tree
There some broken functionality here that I'm still working on.
* remove unneeded parsing routines
(This used to be commit cbfe1a4b49)
2007-10-10 12:14:46 -05:00
Gerald Carter
d56c3dfdaa r18803: remove unused function
(This used to be commit 964d95bce6)
2007-10-10 12:00:59 -05:00
Jelmer Vernooij
7ba2554d88 r18802: Use the pidl-generated code for the srvsvc interface, both client and server code.
This has had some basic testing. I'll do more during the next couple of days and hopefully also
make RPC-SRVSVC from Samba4 pass against it.
(This used to be commit ef10672399)
2007-10-10 12:00:59 -05:00
Günther Deschner
1b7b6e54db r18799: Prepare query_disp_info to use the next idx from the last result entry
for the enumeration loop (following msdn docs of that call).

Guenther
(This used to be commit 138a921f82)
2007-10-10 12:00:59 -05:00
Gerald Carter
05ba38f754 r18747: replace rpccli_lsa_close() with rpccli_lsa_Close()
(This used to be commit 50d74ce048)
2007-10-10 12:00:54 -05:00
Jelmer Vernooij
4db7642caa r18745: Use the Samba4 data structures for security descriptors and security descriptor
buffers.

Make security access masks simply a uint32 rather than a structure
with a uint32 in it.
(This used to be commit b41c52b9db)
2007-10-10 12:00:54 -05:00
Gerald Carter
b7d069097b r18739: * Get the wkssvc patch right this time.
* Remove the old wkssvc server, client, & parsing code.
* Update srv_wkssvc_nt.c with stubs for the remaining
  stubs
(This used to be commit 0cb79ee13f)
2007-10-10 12:00:53 -05:00
Gerald Carter
8711b490e2 r18729: readd missing files
(This used to be commit a2d61ca85c)
2007-10-10 12:00:53 -05:00
Gerald Carter
9dda6cdf4c r18725: Replace out one wkssvc call (wkssrv_GetInfo()) with autogenerated
code.  Removed first rpc_parse/*.c file.  w00t!
(This used to be commit bb9b7a058d)
2007-10-10 12:00:52 -05:00
Gerald Carter
a6ddf9bf5d r18711: Replace the following hand code client routines:
* rpccli_reg_abort_shutdown()
* rpccli_reg_flush_key()
Remove the cmd_reg.c from rpcclient since the entire file
was unused
(This used to be commit c4788f0c13)
2007-10-10 12:00:51 -05:00
Günther Deschner
5864fb9fc5 r18677: quickly add samr_GetDisplayEnumerationIndex for debugging to rpcclient.
Guenther
(This used to be commit bd546edc48)
2007-10-10 12:00:46 -05:00
Jelmer Vernooij
4e7d11449a r18654: Rename "struct uuid" => "struct GUID" for consistency.
(This used to be commit 5de76767e8)
2007-10-10 11:52:19 -05:00
Günther Deschner
a812e2d7db r18619: Add rpcclient helper for samr_querydispinfo2|3 for testing.
Guenther
(This used to be commit 1a307954e5)
2007-10-10 11:52:00 -05:00
Jelmer Vernooij
e5db7fee0f r18572: Use the autogenerated client and server for the echo interface and implement
some of the missing functions. RPC-ECHO now passes against Samba3.
(This used to be commit 9e9a053661)
2007-10-10 11:51:51 -05:00
Gerald Carter
c4013df0c1 r18560: * Add in the winreg and initshutdown IDL files
* rename PI_SHUTDOWN from include/smb.h to PI_INITSHUTDOWN
  for compatibility with pidl libndr output
(This used to be commit 23a8828613)
2007-10-10 11:51:50 -05:00
Jelmer Vernooij
8be112a81b r18469: Use new pidl-generated DFS client code.
(This used to be commit e277fb067b)
2007-10-10 11:51:43 -05:00
Gerald Carter
40892266f6 r18405: Now that POLICY_HND == struct policy_handle, we can
make rpccli_lsa_close() a real one line wrapper for
rpccli_lsa_Close().

I'm still keeping the wrapper for now because I'm not sure
what we will do about a usable client API.  I don't think
calling the autogenerated client code directly is a good idea
as the IDL is still evolving.
(This used to be commit 47f0c71218)
2007-10-10 11:51:22 -05:00
Gerald Carter
5e1146ab58 r18404: * swap from POLICY_HND to the struct policy_handle from ndr/misc.h
* move OUR_HANDLE macro to include/rpc_misc.h
(This used to be commit 2b37079af2)
2007-10-10 11:51:22 -05:00
Gerald Carter
e397e2f22a r18397: Change rpccli_lsa_close() as a wrapper for the autogenerated
rpccli_lsa_Close().
(This used to be commit 365c75603d)
2007-10-10 11:51:21 -05:00
Gerald Carter
4f024ad3d1 r18395: have the ndr layer alloc outgoing structure members for us
(This used to be commit 4fb35eeb44)
2007-10-10 11:51:21 -05:00
Gerald Carter
2b27c93a9a r18271: Big change:
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
  gen_ndr/ndr_security.c in SAMBA_4_0

The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28)
2007-10-10 11:51:18 -05:00
Jelmer Vernooij
1779e3f104 r18233: Use the autogenerated cli_unixinfo rather than the old one.
(This used to be commit eec8b915d1)
2007-10-10 11:51:17 -05:00
Gerald Carter
82ed086618 r18193: Not quite to autogenerated NDR but closer thanks to Jelmer's
initial work.  I'm including the librpc/gen_ndr directory
in svn temporarily just to get some compile issues straightened
out.
(This used to be commit cf271aa433)
2007-10-10 11:51:08 -05:00
Jelmer Vernooij
995205fc60 r18188: merge 3.0-libndr branch
(This used to be commit 1115745cae)
2007-10-10 11:43:56 -05:00
Günther Deschner
72c605b4fc r17454: Adding dfs_EnumEx for rpcclient (Samba4 IDL to follow).
Guenther
(This used to be commit 8c1198c159)
2007-10-10 11:38:35 -05:00
Günther Deschner
11673dc07a r17453: Fix msdfs RPC management (this broke with the autogenerated dfs rpcs).
* Remove "unknown" from dfs_Enum (samba4 dfs IDL updates to follow).

* When encountering an unsupported infolevel the rpc server must reply
with a dfs_info_0 structure and WERR_OK (observed from w2k3 when talking
to nt4).

Guenther
(This used to be commit f9bef1f08f)
2007-10-10 11:38:34 -05:00
Volker Lendecke
e23781b3b3 r17316: More C++ warnings -- 456 left
(This used to be commit 1e4ee728df)
2007-10-10 11:38:25 -05:00
Andrew Bartlett
0dc8f720e1 r17005: Add a new helper mode to ntlm_auth: ntlm-change-password-1
This mode proxies pre-calculated blobs from a remote (probably VPN)
client into the domain.  This allows clients to change their password
over a PPTP connection (where they would not be able to connect to
SAMR directly).

The precalculated blobs do not reveal the plaintext password.

Original patch by Alexey Kobozev <cobedump@gmail.com>
(This used to be commit 967292b713)
2007-10-10 11:19:17 -05:00
Jeremy Allison
fbdcf2663b r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need
to do the upper layer directories but this is what
everyone is waiting for....

Jeremy.
(This used to be commit 9dafb7f48c)
2007-10-10 11:19:14 -05:00
Jeremy Allison
2b8abc030b r16644: Fix bug #3887 reported by jason@ncac.gwu.edu
by converting the lookup_XX functions to correctly
return SID_NAME_TYPE enums.
Jeremy.
(This used to be commit ee2b2d96b6)
2007-10-10 11:19:05 -05:00
Volker Lendecke
ee4ee4c541 r16335: Fix Klocwork IDs 107 108 109 111 112 113 114 116 117 118 121
(This used to be commit 555984ea77)
2007-10-10 11:17:34 -05:00
Gerald Carter
22b52b818b r16255: Fix 'net ads join' when the workgroup is set incorrectly
in smb.conf.  This did work before the join rewrite.
Samba will have problems if you try to run any of the daemons
with an incorrect workgroup but it should not fail to join.

The summary is that a member server should always use it's
own machine name when setting up schannel since that is
the only account it has.  Thanks to Volker for the discussion.
(This used to be commit 95763b94f7)
2007-10-10 11:17:28 -05:00
Günther Deschner
a6e662f556 r16253: Fix another host/ UPN case in (the currently unused)
cli_rpc_pipe_open_krb5.

Guenther
(This used to be commit fa19099112)
2007-10-10 11:17:28 -05:00
Günther Deschner
4137c63d02 r15455: Add rpccli_samr_query_dom_info2() and return the comment string in
samr_query_domain_info(2) for consistency reasons.

Guenther
(This used to be commit 870495e2c8)
2007-10-10 11:16:48 -05:00
Günther Deschner
c5e2804762 r15452: Again purely cosmetic reformat of the samr query domain info calls.
Guenther
(This used to be commit 6ed7d7fa70)
2007-10-10 11:16:47 -05:00
Jeremy Allison
0498f3b889 r15129: Separate out mechanism and policy for NTLMSSP auth/sign/seal.
With this change (and setting lanman auth = no in smb.conf)
we have *identical* NTLMSSP flags to W2K3 in SPNEGO auth.
Jeremy
(This used to be commit 93ca3eee55)
2007-10-10 11:16:25 -05:00
Günther Deschner
655b04e4f8 r15041: Adding rpc client calls to manipulate auditing policies on remote CIFS
servers. Also add a new "net rpc audit" tool. The lsa query infolevels
were taken from samb4 IDL, the lsa policy flags and categories are
partly documented on msdn. I need to cleanup the double
lsa_query_info_policy{2}{_new} calls next.

Guenther
(This used to be commit 0fed66926f)
2007-10-10 11:15:59 -05:00