IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
a good variety of things to test against.
Add code to testjoin to handle this just like test machine accounts
Soon I'll remove the 'must change password' flag, so we can do logins with it.
Andrew Bartlett
(This used to be commit 08b47e2dc067f7e4a52b982d358ff1b0209cc1df)
to a new ndr.pm.
Add function that can generate a "OrderTable" describing the order
in which the NDR data will be pushed/pulled.
(This used to be commit 2603a7326d7e54a012a95e37fd54433b85d8acc4)
I'm going to add a ndr.pm later on that'll generate a
tree with necessary information for the two NDR backends
(eparser, ndr_parser) containing alignment info, etc.
(This used to be commit 5162daa9464cd64930f5a8fd0d7b381b122c931d)
that can be handled.
tridge: do you think it would make sense to change the sub_auth[num_auths] to sub_auth[5],
so we can copy the struct by sid1 = sid2;
comments please
metze
(This used to be commit 2fc8a604b003a6c3425eb7bbf77fbe467c956085)
this can be used like this
[subcontext_size(28),subcontext(0)] dom_sid sid;
this descripes a fixed 28 byte buffer which contains a dom_sid,
and the rest of the buffer is padded with zero bytes if the dom_sid doesn't
need all 28 byte in it's ndr encoding.
- only push and pull the subcontext when we are in the NDR_SCALARS section
(tridge, jelmer: I hope this is correct for all cases...!?:-)
metze
(This used to be commit 483bb1418fd5c70c418142ade80c1e286adfa05a)
(the torture test currently only tests if the idl is correct)
- add start for idl for DsGetNCChanges()
(if someone didn't noticed the current ethereal trunk code can
successful decrypt DCERPC and LDAP gsskrb5 encrypted blobs,
when you provide a keytab and have compiled against heimdal :-)
- add a view bitmaps and enum's for better debugging
metze
(This used to be commit cf7c1352ab2857b80256e02f70ab3fbd5177d596)
