sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
80,591 Commits 60 Branches 1,145 Tags 452 MiB
da74d5462d
Commit Graph

1534 Commits

Author SHA1 Message Date
Günther Deschner
f60398d7b2 s3-winbindd: let winbind try to use samlogon validation level 6. (bug #7945) 
The benefit of this that it makes us more robust to secure channel resets
triggered from tools outside the winbind process. Long term we need to have a
shared tdb secure channel store though as well.

Guenther

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Feb  4 18:11:04 CET 2011 on sn-devel-104
 2011-02-04 18:11:04 +01:00
Günther Deschner
ac4127a9f4 s3-auth: add copy_netr_SamBaseInfo(). 
Guenther

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-02-04 16:57:32 +01:00
Günther Deschner
50be0b2c1e s3: Remove superfluous ; 
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Feb  2 15:44:21 CET 2011 on sn-devel-104
 2011-02-02 15:44:21 +01:00
Günther Deschner
1232fb5a1e s3-rpc_client: remove some more obsolete cli_X.h header files. 
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Jan 28 11:18:44 CET 2011 on sn-devel-104
 2011-01-28 11:18:44 +01:00
Günther Deschner
99437614fa s3-rpcclient: allow to define validation level for samlogon. 
Guenther
 2011-01-24 16:56:00 +01:00
Günther Deschner
6923cc8016 s3-rpc_client: fix dcerpc_try_samr_connects(). 
Only return when both results are ok.

Guenther
 2011-01-21 16:10:15 +01:00
Günther Deschner
e873ce9b65 s3-rpc_client: no need to include gen_ndr/cli_samr.h anymore. 
Guenther
 2011-01-21 16:10:15 +01:00
Günther Deschner
1f26b101ed s3-rpc_client: fix uninitialized variable found by -O3. 
Guenther
 2011-01-21 16:10:15 +01:00
Günther Deschner
e94ffc790e s3-rpc_client: prefer dcerpc_spoolss_X functions. 
Guenther
 2011-01-21 15:20:22 +01:00
Andreas Schneider
5db115a304 s3-rpc_client: Added dcerpc_try_samr_connects. 
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Fri Jan 21 15:19:01 CET 2011 on sn-devel-104
 2011-01-21 15:19:01 +01:00
Andreas Schneider
089c25cbbb s3-rpc_client: Rename get_query_dispinfo_params. 2011-01-21 14:34:18 +01:00
Andreas Schneider
e6475f2151 s3-rpc_client: Added dcerpc_samr_chgpasswd_user3. 2011-01-21 14:34:18 +01:00
Andreas Schneider
200772653a s3-rpc_client: Added dcerpc_samr_chng_pswd_auth_crap. 2011-01-21 14:34:18 +01:00
Andreas Schneider
3de564b9b6 s3-rpc_client: Added dcerpc_samr_chgpasswd_user2. 2011-01-21 14:34:17 +01:00
Andreas Schneider
78c4f72c31 s3-rpc_client: Added dcerpc_samr_chgpasswd_user. 2011-01-21 14:34:17 +01:00
Andreas Schneider
8b1ffc770c s3-rpc_client: Added header information to cli_samr.h. 2011-01-21 14:34:17 +01:00
Andreas Schneider
1efa9b1cbd s3-rpc_client: Added header information to cli_lsarpc.h. 2011-01-21 14:34:17 +01:00
Günther Deschner
5efe6566a0 s3-rpc_client: no need to include ../librpc/gen_ndr/ndr_lsa_c.h anymore. 
Guenther
 2011-01-18 23:54:31 +01:00
Andreas Schneider
93da0aab97 s3-rpc_client: Fixed status check of dcerpc_lsa_lookup_sids_noalloc. 
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Mon Jan 17 17:35:50 CET 2011 on sn-devel-104
 2011-01-17 17:35:50 +01:00
Andreas Schneider
296a958c57 s3-rpc_client: Fixed return values of dcerpc_lsa_lookup_sids_generic. 2011-01-17 16:50:55 +01:00
Günther Deschner
232378c6e5 s3-rpc_client: prefer dcerpc_netr_X functions. 
Guenther

Signed-off-by: Andreas Schneider <asn@samba.org>
 2011-01-13 12:36:54 +01:00
Andreas Schneider
3f21b971a9 s3-rpc_client: Fixed the dcerpc_lsa_LookupNames4 client_revision. 
The spec states that the ClientRevision value MUST be one of the
following: LSA_CLIENT_REVISION_1 or LSA_CLIENT_REVISION_2.

LSA_CLIENT_REVISION_2 means Windows 2000 and newer.

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Jan 10 19:05:31 CET 2011 on sn-devel-104
 2011-01-10 19:05:31 +01:00
Andreas Schneider
b1df95cbc5 s3-rpc_client: Fixed the dcerpc_lsa_LookupNames4 lookup_options. 
Use the enum value in dcerpc_lsa_LookupNames4 for _lookup_options.

Signed-off-by: Günther Deschner <gd@samba.org>
 2011-01-10 18:20:55 +01:00
Andreas Schneider
e02916c453 s3-rpc_client: Fixed the dcerpc_lsa_LookupSids3 client_revision. 
The spec states that the ClientRevision value MUST be one of the
following: LSA_CLIENT_REVISION_1 or LSA_CLIENT_REVISION_2.

LSA_CLIENT_REVISION_2 means Windows 2000 and newer.

Signed-off-by: Günther Deschner <gd@samba.org>
 2011-01-10 18:20:55 +01:00
Andreas Schneider
a53e0831d2 s3-rpc_client: Fixed the dcerpc_lsa_LookupSids3 lookup_options. 
Use the enum value in dcerpc_lsa_LookupSids3 for _lookup_options.

Signed-off-by: Günther Deschner <gd@samba.org>
 2011-01-10 18:20:55 +01:00
Andreas Schneider
fd1fff608c s3-rpc_client: Added dcerpc_lsa_lookup_names. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2011-01-10 18:20:55 +01:00
Andreas Schneider
c91e756f8d s3-rpc_client: Added dcerpc_lsa_lookup_sids and dcerpc_lsa_lookup_sids3. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2011-01-10 18:20:55 +01:00
Andreas Schneider
8f14229b28 s3-rpc_client: Added dcerpc_lsa_open_policy2. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2011-01-10 18:20:55 +01:00
Andreas Schneider
2f819505af s3-rpc_client: Added dcerpc_lsa_open_policy. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2011-01-10 18:20:54 +01:00
Stefan Metzmacher
fba2fdf265 s3:rpc_client: use dcerpc_epm_Map() and don't ignore 'result' anymore. 
metze
 2011-01-04 21:28:49 +01:00
Stefan Metzmacher
8b47fcea04 s3:rpc_client: implement rpc_transport_np_init() on top of rpc_transport_tstream_init() 
This also makes use of tstream_cli_np_open() to get the tstream.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Dec 15 16:12:30 CET 2010 on sn-devel-104
 2010-12-15 16:12:30 +01:00
Stefan Metzmacher
0342ed3ee0 s3:rpc_client: implement rpc_transport_sock_init() on top of rpc_transport_tstream_init() 
metze
 2010-12-15 15:26:05 +01:00
Stefan Metzmacher
122dc1e213 s3:rpc_client/rpc_transport_tstream.c: add some logic to handle cli_np tstreams 
metze
 2010-12-15 15:26:05 +01:00
Stefan Metzmacher
9a14dace22 s3:rpc_client/rpc_transport_tstream: timeout should be unsigned int 
metze
 2010-12-15 15:26:05 +01:00
Stefan Metzmacher
e55426fe79 s3:rpc_client: let rpc_transport_tstream_init() create read and write queue 
metze
 2010-12-15 15:26:05 +01:00
Volker Lendecke
8d28ae10d2 s3: Correctly calculate the wbinfo -s result 2010-11-24 16:07:55 +01:00
Andrew Bartlett
f768b32e37 libcli/security Provide a common, top level libcli/security/security.h 
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.

This includes (along with other security headers) dom_sid.h and
security_token.h

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
 2010-10-12 05:54:10 +00:00
Simo Sorce
3453bc7b11 s3-dcerpc: make auth context opaque 
This way we always double check in advance that the context
is of the right type with talloc_get_type_abort instead of
potentially accessing random memory by addressing the wrong
structure in the union.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:24 -07:00
Simo Sorce
d10e192b83 s3-dcerpc: finally remove the legaqcy spnego_type variable from pipe_auth_data 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:23 -07:00
Simo Sorce
2c9f420d75 s3-dcerpc: move client spnego stuff in /librpc/crypto 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:22 -07:00
Simo Sorce
59722ef2fb spnego: avoid explicit dependency on dcerpc specific structures 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:54:22 -07:00
Simo Sorce
412ebad02b gssapi: avoid explicit dependency on dcerpc specific structures 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:36:54 -07:00
Simo Sorce
0e5eb82a6f s3-dcerpc: move crypto stuff in /librpc/crypto 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-09-23 10:36:54 -07:00
Günther Deschner
102a70e809 s3-util: use shared dom_sid_dup. 
Guenther
 2010-09-20 14:05:07 -07:00
Günther Deschner
c7fe04abc7 s3-build: only include async headers where needed. 
Guenther
 2010-09-20 13:54:42 -07:00
Stefan Metzmacher
78b6265ac2 s3:rpc_client: remove unused rpc_pipe_set_hnd_state() 
metze
 2010-09-17 15:42:36 +02:00
Stefan Metzmacher
fde3412ccb s3:rpc_client: use rpc_api_pipe_send() for auth3 
metze
 2010-09-17 15:42:35 +02:00
Stefan Metzmacher
6ecf8d16bc s3:rpc_client: rpc_pipe_bind_step_one_done() doesn't need reply_pdu 
metze
 2010-09-17 15:42:35 +02:00
Stefan Metzmacher
de6254d3d6 s3:rpc_client: allow DCERPC_PKT_AUTH3 via rpc_api_pipe_send/recv 
metze
 2010-09-17 15:42:34 +02:00
Simo Sorce
7b1748d959 s3-rpc_client: Added a tstream based transport. 
Signed-off-by: Andreas Schneider <asn@cynapses.org>
 2010-09-15 12:53:41 +02:00
Stefan Metzmacher
a510b9de39 s3:rpc_client: implement rpccli_bh_set_timeout() 
metze
 2010-09-04 09:01:15 +02:00
Günther Deschner
7b6fc9f414 s3-dcerpc: only include rpc_dce.h where needed. 
Guenther
 2010-08-26 00:20:29 +02:00
Günther Deschner
0ed16e94c3 s3: separate out cli schannel functions that depend on cli_netlogon. 
Guenther
 2010-08-26 00:16:57 +02:00
Günther Deschner
e978a3d3f4 s3-lsa: separate out init_lsa headers. 
Guenther
 2010-08-25 22:50:39 +02:00
Günther Deschner
898c612335 s3-dcerpc: avoid talloc_move on schannel creds in cli_rpc_pipe_open_schannel_with_key(). 
Initially, the schannel creds were talloc memduped, then, during the netlogon
creds client merge (baf7274fed) they were first
talloc_referenced and then later (53765c81f7)
talloc_moved.

The issue with using talloc_move here is that users of that function in winbind
will only be able to have two schanneled connections, as the cached schannel
credentials pointer from the netlogon pipe will be set to NULL. Do a deep copy
of the struct instead.

Guenther
 2010-08-24 02:04:27 +02:00
Simo Sorce
a782a80d2f s3-dcerpc: Allocate structure members on the right context 2010-08-23 17:11:32 -04:00
Günther Deschner
35052d71d3 s3-dcerpc: fix uninitialized variable in cli_get_session_key(). 
Simo, please check.

Guenther
 2010-08-17 13:06:13 +02:00
Simo Sorce
f40ef7e24c s3-dcerpc: Use common send functions for ntlmssp too 
Remove unused function.
 2010-08-17 06:33:14 -04:00
Simo Sorce
86914b8fab s3-dcerpc: properly implement gse/spnego_get_session_key 2010-08-17 06:33:13 -04:00
Simo Sorce
26a3ba60e6 s3-dcerpc: Check data and return appropriate error 2010-08-17 06:33:13 -04:00
Simo Sorce
9a9a38c666 Change debug statements to use __location__ 2010-08-17 06:33:13 -04:00
Simo Sorce
72a0098415 s3-dcerpc: Pull packet in the caller, before validation 2010-08-17 06:33:13 -04:00
Simo Sorce
558320cf58 Add my (c) 2010-08-17 06:33:13 -04:00
Stefan Metzmacher
745f63fd1e s3:rpc_client: remove unused cli_do_rpc_ndr* functions 
metze
 2010-08-16 14:30:18 +02:00
Stefan Metzmacher
dd16d3b2d6 s3:rpc_client: remove unused rpc_pipe_open_local() 
metze
 2010-08-16 14:30:17 +02:00
Stefan Metzmacher
2c0e296dd7 s3:rpc_client: add dcerpc_binding_handle backend 
metze
 2010-08-12 14:31:21 +02:00
Volker Lendecke
0a224bc77b s3: Save the received trans2 from the inbuf in cli_trans 2010-08-05 13:57:29 +02:00
Günther Deschner
64b26affe0 s3-dcerpc: fix some uninitialized variables build warnings. 
Guenther
 2010-08-03 15:57:56 +02:00
Günther Deschner
813fbbd68c s3-build: avoid to globally include printing and spoolss headers. 
This shrinks precompiled headers by 3MB and will slightly speed up any build.

Guenther
 2010-07-31 00:50:31 +02:00
Simo Sorce
4c64e4d4af s3-dceprc: Improve dcerpc_guess_sizes() interface 
Make it possible to pass in the NDR padding size so that theoretically
client and server code can decide to use a different alignment.

Pass in the header length as a parameter so that this function can be used for
different type of packets.

Make sure padding size will not make the fragment exceed the maximum length.

Calculate padding taking in account the header length.
 2010-07-30 14:55:28 -04:00
Simo Sorce
a9d3a596a7 s3-dcerpc: Make function to guess pdu sizes common. 2010-07-30 14:55:27 -04:00
Simo Sorce
9329a9fe84 s3-dceprc: consolidate use of dcerpc_push_dcerpc_auth() 2010-07-30 14:55:27 -04:00
Simo Sorce
da6c246aac s3-dcerpc: Remove unused functions 2010-07-30 14:55:27 -04:00
Simo Sorce
186f93633b s3-dcerpc: use common spengo wrapper code for client SPNEGO/NTLMSSP 2010-07-30 14:55:27 -04:00
Simo Sorce
984438ca15 s3-dcerpc: add sign/seal support when using SPNEGO/KRB5 2010-07-30 14:55:27 -04:00
Simo Sorce
0b24e8e869 s3-dcerpc: Add SPNEGO incapsulation for KRB5 auth 2010-07-30 14:55:27 -04:00
Simo Sorce
7c9c075987 Do not refernece pipe_auth_data directly in dcerpc_gssapi.c 2010-07-28 15:53:56 -04:00
Simo Sorce
d17abc69f6 s3-dcerpc: Avoid ifdef, it is handled within dcerpc_gssapi.c already 2010-07-28 15:35:59 -04:00
Simo Sorce
7eaa15af2c s3-dcerpc: Add sign/seal with gssapi 2010-07-28 12:42:15 -04:00
Simo Sorce
1abcbd70ae s3-dcerpc: Add next authentication step with gssapi 2010-07-28 12:24:44 -04:00
Simo Sorce
135a82e78f s3-decrpc: Introduce gssapi support for dcerpc krb5 auth 2010-07-28 12:24:44 -04:00
Simo Sorce
183e0a0d9f s3-dcerpc: Refactor calculate_data_len_tosend() 2010-07-28 12:23:22 -04:00
Simo Sorce
c08d684f4e s3-dcerpc: Add auth trailer only when appropriate. 2010-07-28 12:23:00 -04:00
Simo Sorce
866f85e319 s3-dcerpc: consolidate unmarshalling of dcerpc_auth 2010-07-28 12:22:31 -04:00
Simo Sorce
146af48d48 s3-dcerpc: revive cli_rpc_pipe_open_krb5() 2010-07-28 12:21:29 -04:00
Simo Sorce
2463a87177 s3-dcerpc: Use dcerpc_AuthType in pipe_auth_data 2010-07-28 12:19:32 -04:00
Simo Sorce
1e915d231d s3-dcerpc: Cleanup and refactor create_rpc_bind_req() 2010-07-28 12:18:45 -04:00
Simo Sorce
7407c979a1 s3-dcerpc: Use dcerpc_check_auth in client code too 2010-07-28 12:17:56 -04:00
Simo Sorce
3139333419 s3-dcerpc: Move dcerpc_add_auth_footer() to the common helpers file 2010-07-28 12:15:13 -04:00
Simo Sorce
6f5cdf9ae9 s3-dcerpc: Introduce generic helper function to add auth trailer 2010-07-28 12:14:59 -04:00
Simo Sorce
1b572493e2 s3-dcerpc: Pass explicit arguments so that this is not client specific 2010-07-28 12:14:36 -04:00
Simo Sorce
e2b0e43da9 s3-dcerpc: Move marshalling of dcerpc_auth_header in the callers 2010-07-28 12:14:19 -04:00
Simo Sorce
636de433ac cleaup: Reformat cli_get_session_key() 
merge cli_get_session_key
 2010-07-21 19:14:23 -04:00
Simo Sorce
26f1218a36 s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys 2010-07-20 20:02:09 -04:00
Jeremy Allison
5002b3a90d Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL contexts. 
Jeremy.
 2010-07-20 16:17:58 -07:00
Jeremy Allison
cce19c5162 Fix one more data_blob -> data_blob_talloc. Move away from implicit NULL context tallocs. 
Jeremy.
 2010-07-20 14:59:31 -07:00
Simo Sorce
4581902553 s3-dcerpc: Unifiy cli_pipe_auth_data and pipe_auth_data 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-20 15:52:37 +10:00
Jeremy Allison
0bb8d133c9 Remove gen_negTokenInit() - change all callers to spnego_gen_negTokenInit(). 
We now have one function to do this in all calling code. More rationalization
to follow.

Jeremy.
 2010-07-19 17:14:26 -07:00
Simo Sorce
cdcdaaa6dd s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it. 
All the members are children of ntlmssp_state anyway.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-19 14:19:47 +10:00
Andreas Schneider
898fd584a4 s3-rpc_client: Fixed a segfault in rpccli_samr_chng_pswd_auth_crap(). 
This fixes the WINBIND-WBCLIENT test. The test set
old_lm_hash_enc_blob.length to 0 and we don't check the length here. So
the memcpy segfaulted.
 2010-07-18 15:09:24 +02:00
Simo Sorce
628b57ca37 s3-dcerpc: Move common cli/srv functions into a common file 2010-07-17 15:01:11 -04:00
Volker Lendecke
3925411de4 s3: Really fix the 64-bit warnings 
Hmm. Forgot to git commit this piece, sorry :-(
 2010-07-17 20:21:19 +02:00
Volker Lendecke
32fd6e3c25 s3: Fix some 64-bit warnings 2010-07-17 19:58:21 +02:00
Günther Deschner
c5e85a4987 s3-dcerpc: rename SCHANNEL_SIG_SIZE to NL_AUTH_SIGNATURE_SIZE and move to IDL. 
Guenther
 2010-07-16 23:09:54 +02:00
Simo Sorce
65116adceb s3-dcerpc: Fix ability to receive Big Endian PDUs 2010-07-16 16:02:39 -04:00
Günther Deschner
7cf4797dd3 s3-dcerpc: fix c++ warning. 
Guenther
 2010-07-16 01:51:18 +02:00
Simo Sorce
8f2bfa88b5 s3-dcerpc: Use DATA_BLOB instead of prs_struct for req_data 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:18 +02:00
Simo Sorce
8e9cd4144e s3-dcerpc: Use DATA_BLOB instead of prs_struct for rpc_out 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:18 +02:00
Simo Sorce
3b83211cd8 s3-dcerpc: Avoid unnecessary memory allocation for dcerpc_ctx_list 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:18 +02:00
Simo Sorce
ff121c89d3 s3-dcerpc: Use DATA_BLOB instead of prs_struct for reply_pdu 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
b44a91b220 s3-dcerpc: Use DATA_BLOB instead of prs_struct for incoming fragments 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
cc15396c8a s3-dcerpc: Read a pdu in 2 steps, header first the payload 
We can't really cope with receiving more data than expected anyway
as there is code that checks if the size of the buffer is consistent with
pkt->frag_length and throws an error if not.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
79c207ed62 s3-dceprc: Use IDL defined constants for length calculations 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
84c50a248e Reformat and cleanup 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
bd19c964d5 s3-dcerpc: Move common helpers into a common file 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
cb3725a931 dcerpc: remove ncacn_packet_header and related functions 
ncacn_packet_header was an artifact and it is not necessary anymore

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
f9a15d1d94 s3-dcerpc: Refactor code and stop using ncacn_packet_header 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:17 +02:00
Simo Sorce
2452a7a4c1 s3-dcerpc: consolidate respones packet creation code 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
f0626d14f0 s3-dcerpc: Stop using hand marshalling in rpc_finish_auth3_bind_send() 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
7d9c62c646 s3-dcerpc: Do not parse the packet twice. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
282db1f5d2 s3-dcerpc: Remove unused function 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:16 +02:00
Simo Sorce
137743fac2 s3-dcerpc: Do not reparse the header 
Instead pass back and use the packet we have already parsed.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:15 +02:00
Simo Sorce
459c8e32fd s3-dcerpc: Pull the whole packet at once instead of fetching just the header 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:15 +02:00
Simo Sorce
602e10f3fd s3-dcerpc: Delay parsing rpc header in client code 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-16 01:51:15 +02:00
Simo Sorce
87605e2030 s3-dcerpc: fix dcerpc_push_ncacn_packet, pass arg by address 
There is no need to copy the whole structure twice by passing it in by value.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 14:44:11 +02:00
Simo Sorce
77699c777e sr-dcerpc: add dcerpc_push_ncacn_packet_header() 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 14:44:10 +02:00
Simo Sorce
cf664b73a4 s3-dcerpc: Use dcerpc_set_frag_length() 
Automatically calculate the fragment length where possible.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 14:44:09 +02:00
Simo Sorce
25d487bebf s3-dcerpc: Fix ntlmssp sign/seal. 
Header calculation was misplaced.

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 01:35:16 +02:00
Simo Sorce
6555307aa1 s3-dceprc: Fix auth_length in auth3 response 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-07-13 01:35:05 +02:00
Simo Sorce
1b51ddd370 s3-dcerpc: Fix miscalculation of buffer start address 
This was breaking schannel
 2010-07-12 15:10:45 -04:00
Simo Sorce
1796767a36 s3-dcerpc: make dcerpc_pull_dcerpc_auth() public 2010-07-08 18:38:56 -04:00
Simo Sorce
a054832f4f s3-dcerpc: make dceprc_push_dcerpc_auth public 2010-07-08 18:38:56 -04:00
Simo Sorce
aca60c29e7 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in rpc_finish_spnego_ntlmssp_bind_send() 2010-07-08 18:38:55 -04:00
Simo Sorce
5591135964 s3-dcerpc: use dcerpc_push_dcerpc_auth in add_schannel_auth_footer() 2010-07-08 18:38:55 -04:00
Simo Sorce
1febe9de6b s3-dcerpc: use dcerpc_push_dcerpc_auth() in add_ntlmssp_auth_footer() 2010-07-08 18:38:55 -04:00
Simo Sorce
c609e84170 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_schannel() 2010-07-08 18:38:55 -04:00
Simo Sorce
91cb2aed54 s3-dcerpc: use dcerpc_push_ncacn_packet() in create_rpc_bind_auth3() 2010-07-08 18:38:55 -04:00
Jeremy Allison
7e134f179f Change one more use of "struct rpc_hdr_info" -> "struct ncacn_packet_header" 
Jeremy
 2010-07-08 15:18:30 -07:00
Günther Deschner
d57ecf920c s3-dcerpc: use dcerpc_pull_ncacn_packet() for rpc_pipe_bind_step_one_done(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:56:16 -04:00
Günther Deschner
5351a8919d s3-dcerpc: use dcerpc_push_ncacn_packet() in push_next_frag(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:53:10 -04:00
Günther Deschner
e8e2fa586b s3-dcerpc: use dcerpc_pull_ncacn_packet() in cli_pipe_validate_current_pdu(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:53:01 -04:00
Günther Deschner
dbeaa5efc7 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_ntlmssp(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:52:38 -04:00
Günther Deschner
49c5293492 s3-dcerpc: add dcerpc_pull_dcerpc_auth(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:52:34 -04:00
Günther Deschner
fe9ce4b60c s3-dcerpc: use struct ncacn_packet_header instead of struct rpc_hdr_info. 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:47:53 -04:00
Günther Deschner
77e3fffd09 s3-dcerpc: add dcerpc_pull_ncacn_packet_header(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-08 00:29:33 -04:00
Günther Deschner
eeb034e72a s3-dcerpc: use dcerpc_push_dcerpc_auth() for all authenticated binds. 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
4b56e6e95b s3-dcerpc: add dcerpc_push_schannel_bind(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
0f02dda915 s3-dcerpc: add dcerpc_push_dcerpc_auth(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
5aabd9af8e s3-dcerpc: use dcerpc_push_ncacn_packet() for create_bind_or_alt_ctx_internal(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:51 -04:00
Günther Deschner
d6de820480 s3-dcerpc: use dcerpc_pull_ncacn_packet() for pulling a RPC fault pdu. 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:50 -04:00
Günther Deschner
cb9eddb312 s3-dcerpc: add dcerpc_pull_ncacn_packet(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:50 -04:00
Günther Deschner
3d9a12dca7 s3-dcerpc: add dcerpc_push_ncacn_packet(). 
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-07-07 23:45:50 -04:00
Andreas Schneider
30d25210a9 s3-rpc_client: Use the right memory context for array elements. 2010-07-05 15:59:05 +02:00
Volker Lendecke
dee72d807f s3: Remove an unreachable line of code 2010-06-21 15:03:59 +02:00
Jeremy Allison
2e8c563961 Second part of fix converting prs_XX struct and functions to talloc. Remove unneeded prs_mem_free calls. 
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-06-18 07:42:05 -04:00
Jeremy Allison
f4e7d9d38e Convert the prs_XXX struct and functions to use talloc instead of malloc. Passes valgrind and make tests for client and server. Second version of this patch after splitting up at Simo's request. Patch to follow will delete extraneous prs_mem_free() calls. 
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
 2010-06-18 07:41:47 -04:00
Günther Deschner
30a9ddccff s3-spoolss: add and use spoolss_printerinfo2_to_setprinterinfo2(). 
This fixes some invalid typecasts.

Guenther
 2010-06-03 16:32:49 +02:00
Günther Deschner
84a8f0451d s3-build: only include generated spoolss headers (not ndr headers). 
Guenther
 2010-06-03 11:00:27 +02:00
Andrew Bartlett
d6fa371b92 s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet() 
This ensures the results can't be easily left to leak.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:11:27 +02:00
Andrew Bartlett
ebae21f023 ntlmssp: Make the ntlmssp.h from source3/ a common header 
The code is not yet in common, but I hope to fix that soon.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:10:56 +02:00
Günther Deschner
30eeb1e3d9 s3-rpc_client: move protos to init_netlogon.h 
Guenther
 2010-05-28 02:49:36 +02:00
Andrew Bartlett
cba7f8b827 s3:dom_sid Global replace of DOM_SID with struct dom_sid 
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-21 10:39:59 +02:00
Günther Deschner
8478770c35 s3-rpc_client: move protos to init_samr.h 
Guenther
 2010-05-18 21:42:57 +02:00
Günther Deschner
5a6f3a0666 s3-rpc_client: move protos to init_spoolss.h 
Guenther
 2010-05-18 21:42:48 +02:00
Günther Deschner
cc06133b0a s3-rpc_client: move protos to cli_spoolss.h 
Guenther
 2010-05-18 21:42:45 +02:00
Günther Deschner
230b880d14 s3-rpc_client: move protos to cli_lsarpc.h 
Guenther
 2010-05-18 21:42:41 +02:00
Günther Deschner
5ed3654112 s3-rpc_client: move protos to cli_netlogon.h 
Guenther
 2010-05-18 21:42:37 +02:00
Günther Deschner
3f2719c202 s3-rpc_client: move protos to cli_samr.h 
Guenther
 2010-05-18 21:42:32 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Günther Deschner
1d2dd47d31 s3-crypto: only include crypto headers when crypto is done. 
Guenther
 2010-05-18 00:44:27 +02:00
Simo Sorce
3c1e9a8c33 s3-spoolss: Make spoolss_Time_to_time_t public. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-09 23:33:40 +02:00
Günther Deschner
c6ebab846d s3: only include gen_ndr headers where needed. 
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:

ccache build w/o patch
real    4m21.529s
ccache build with patch
real    3m6.402s

pch build w/o patch
real    4m26.318s
pch build with patch
real    3m6.932s

Guenther
 2010-05-06 00:22:59 +02:00
Stefan Metzmacher
cac9981b1a s3:rpc_client: remove more unused code 
metze
 2010-03-29 18:11:20 +02:00
Stefan Metzmacher
13cf592bb8 s3:rpc_client: remove unused code, we handle transport failures in the transport layer now 
metze
 2010-03-29 18:11:19 +02:00
Stefan Metzmacher
3e70da3f47 s3:rpc_client: return at least 10 sec as old timeout in rpccli_set_timeout() instead of 0 
metze
 2010-03-29 18:11:17 +02:00
Stefan Metzmacher
99664ad154 s3:rpc_client: add set_timeout hook to rpc_cli_transport 
metze
 2010-03-29 18:11:17 +02:00
Stefan Metzmacher
4f41b53487 s3:rpc_client: add rpccli_is_connected() 
metze
 2010-03-29 18:11:16 +02:00
Stefan Metzmacher
dc09b12681 s3:rpc_client: don't mix layers and keep a reference to cli_state in the caller 
We should not rely on the backend to have a reference to the cli_state.
This will make it possible for the backend to set its cli_state reference
to NULL, when the transport is dead.

metze
 2010-03-29 18:11:16 +02:00
Stefan Metzmacher
5f8fc63515 s3:rpc_transport_np: add comment about bad usage in a destructor 
metze
 2010-03-29 18:11:15 +02:00
Stefan Metzmacher
b862351da8 s3:rpc_transport_np: use cli_state_is_connected() helper 
metze
 2010-03-29 18:11:15 +02:00
Stefan Metzmacher
7d977da925 s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them 
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:55 +01:00
Günther Deschner
7643afa70e s3-rpcclient: fix rpcclient after spoolss_GetPrinterData{Ex} IDL change. 
Guenther
 2010-03-05 15:18:00 +01:00
Stefan Metzmacher
911287285c s3:rpc_transport_np: handle trans rdata like the output of a normal read 
Inspired by bug #7159.

metze
 2010-02-24 11:55:36 +01:00
Stefan Metzmacher
1e9df26ef9 s3:cli_netlogon: keep the the correct negotiate_flags on the cli->dc structure 
This should fix the rpccli_netlogon_set_trust_password() against DC's
without netr_ServerPasswordSet2 support.

This fixes bug #7160.

metze
 2010-02-23 16:19:58 +01:00
Jeremy Allison
0055e33dbe Second part of fix for bug #7159 - client rpc_transport doesn't cope with bad server data returns. 
If server returns zero on a NP read. Report pipe broken.
Prevents client from looping if it thinks there should be
more data.

Jeremy.
 2010-02-19 14:26:22 -08:00
Jeremy Allison
ad77ae1d58 First part of fix for bug #7159 - client rpc_transport doesn't cope with bad server data returns. 
Ensure that subreq is *always* talloc_free'd in the _done
function, as it has an event timeout attached. If the
read requests look longer than the cli->timeout, then
the timeout fn is called with already freed data.

Jeremy.
 2010-02-19 14:26:12 -08:00
Jeremy Allison
7b4387f765 Fix bug #7146 - Samba miss-parses authenticated RPC packets. 
Parts of the Samba RPC client and server code misinterpret authenticated
packets.

DCE authenticated packets actually look like this :

+--------------------------+
|header                    |
| ... frag_len (packet len)|
| ... auth_len             |
+--------------------------+
|                          |
| Data payload             |
...                     ....
|                          |
+--------------------------+
|                          |
| auth_pad_len bytes       |
+--------------------------+
|                          |
| Auth footer              |
| auth_pad_len value       |
+--------------------------+
|                          |
| Auth payload             |
| (auth_len bytes long)    |
+--------------------------+

That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).

The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).

Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.

This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).

This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.

Jeremy
 2010-02-17 15:27:59 -08:00
Volker Lendecke
81a848be6d s3: Remove some unused variables 2010-01-10 22:43:02 +01:00
Bo Yang
36493bf2f6 s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2010-01-06 19:19:35 +08:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Andrew Bartlett
5b37cd23bf s3:ntlmssp: remove the typedef NTLMSSP_STATE 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Günther Deschner
f20effc437 s3-spoolss: fix enumprinter key client and server. 
Guenther
 2009-12-10 17:48:50 +01:00
Günther Deschner
5f60855ba2 samba-spoolss: use spoolss_StringArray2 in spoolss_EnumPrinterKey. 
This should finally resolve the endian issues we were seeing on sparc and is
much cleaner for spoolss clients and servers.

Guenther
 2009-12-02 14:56:17 +01:00
Günther Deschner
04f8c229de s3-kerberos: only use krb5 headers where required. 
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.

Guenther
 2009-11-27 16:36:00 +01:00
Günther Deschner
5d706a2fd4 s3-rpc: running minimal_includes.pl on rpc_client and rpc_server. 
Guenther
 2009-11-26 20:17:07 +01:00
Günther Deschner
3d679a3b5f s3-rpc: Avoid including every pipe's client and server stubs everywhere in samba. 
Guenther
 2009-11-26 20:03:17 +01:00
Günther Deschner
846aa18648 s3-spoolss: fixes for _spoolss_EnumPrinterKey client and server. 
Thanks Metze for review!

Guenther
 2009-11-24 15:49:35 +01:00
Günther Deschner
d464151f3b s3-spoolss: fix spoolss_EnumPrinterKey client and server code. 
Guenther
 2009-11-23 11:44:43 +01:00
Volker Lendecke
f4cf1c56a2 s3: Add min_setup, min_param and min_data to cli_trans_recv 
Every caller that expects to receive something needs to check if enough was
sent. Make this check mandatory for everyone.

Yes, this makes the parameter list for cli_trans a bit silly, but that's just
the way it is: A silly protocol request :-)

While there, convert some _done functions to tevent_req_simple_finish_ntstatus.
 2009-11-14 12:20:12 +01:00
Volker Lendecke
92a16b91e8 fix bogus "out of memory" winbind msg 
Signed-off-by: Michael Adam <obnox@samba.org>
 2009-11-13 11:36:06 +01:00