1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

725 Commits

Author SHA1 Message Date
Andrew Bartlett
e49656e2ee auth: Use only security_token_is_system to determine that a user is SYSTEM
This removes the duplication on how to detect that a user is system in Samba
now that the smbd system account is also only SID_NT_SYSTEM we can use the same
check everywhere.

Andrew Bartlett

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-06-19 10:38:13 +02:00
Stefan Metzmacher
8d3a2914d8 auth.idl: mark confidential attributes as [noprint]
We should allow NDR_PRINT_DEBUG() to log them.

TODO: we could add some more magic which logs it at level 100.

metze
2012-06-15 07:17:42 +02:00
David Disseldorp
2836787daa idl: add File Server Remote VSS Protocol idl
MS-FSRVP preview documents used as reference.
H_ERROR codes should be moved to a more generic file.
2012-06-08 13:34:31 +02:00
Kai Blin
74206984da s4 dns: Add TSIG and TKEY records to idl 2012-05-08 13:57:39 +02:00
Andrew Bartlett
f10c638100 s4-messaging: Fill in the whole server_id in all use cases
This started per https://bugzilla.samba.org/show_bug.cgi?id=8872#c4
and avoids any possible collision with a different process.

We also need to ensure that across a Samba installation on a single
node that id.vnn is the same.  Samba4 previously used 0, while Samba3
used NONCLUSTER_VNN.  When a message is sent between these 'different'
nodes, the error NT_STATUS_INVALID_DEVICE_REQUEST is raised.

Andrew Bartlett
2012-04-30 17:55:11 +10:00
Matthieu Patou
78aaffce2f idl: fix the charset for the source_dsa_address in DsReplicaDel call
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sun Apr 22 03:00:06 CEST 2012 on sn-devel-104
2012-04-22 03:00:06 +02:00
Volker Lendecke
843432d56f s3: New notify implementation
From notify_internal.c:

        /*
         * The notify database is split up into two databases: One
         * relatively static index db and the real notify db with the
         * volatile entries.
         */

This change is necessary to make notify scale better in a cluster
2012-04-17 10:21:02 +02:00
David Disseldorp
e5ebe67e38 idl: add offload data transfer ioctl types
For future use in handling FSCTL_OFFLOAD_READ, FSCTL_OFFLOAD_WRITE and
IOCTL_STORAGE_QUERY_PROPERTY requests new to Windows 8.

Based on preliminary data structure documentation from:
http://msdn.microsoft.com/en-us/library/windows/hardware/hh451101%28v=vs.85%29.aspx
http://msdn.microsoft.com/en-us/library/windows/hardware/hh451122%28v=vs.85%29.aspx
http://msdn.microsoft.com/en-us/library/windows/desktop/hh449428%28v=vs.85%29.aspx
http://msdn.microsoft.com/en-us/library/windows/hardware/hh451469%28v=vs.85%29.aspx

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Lars Müller <lars@samba.org>

Autobuild-User: David Disseldorp <ddiss@samba.org>
Autobuild-Date: Thu Mar 15 18:40:11 CET 2012 on sn-devel-104
2012-03-15 18:40:11 +01:00
Amitay Isaacs
e15fc28e6b idl: dnsserver: Add DNS_RPC_RECORD_STRING data type for TXT DNS record 2012-03-02 00:24:50 +11:00
Amitay Isaacs
db79126288 idl: dnsp: Add dnsp_string_list data type for TXT DNS record 2012-03-02 00:24:49 +11:00
Andrew Tridgell
a9e2b620ca idl: wmi and dcom don't need python bindings
the python generation for these IDL files is currently broken
2012-02-08 13:11:05 +11:00
Andrew Bartlett
697a6e9504 auth: provide private pointer and do not return original PAC signatures
There is no need to return the PAC signatures via the special-purpose
torture element.  Instead, use a private pointer on the auth_context
in conjunction with the private PAC processing method.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun Jan 29 23:52:50 CET 2012 on sn-devel-104
2012-01-29 23:52:50 +01:00
David Disseldorp
94f925c815 idl: add to_null attribute to the spoolss devicename array
OpenPrinterEx requests have also been observed in the wild carrying
non-utf16 garbage after the device mode devicename field null
terminator.

Signed-off-by: Jeremy Allison <jra@samba.org>
2012-01-13 09:37:37 -08:00
David Disseldorp
0df5d0608e idl: add to_null attribute to the spoolss formname array
OpenPrinterEx requests have been observed in the wild carrying a device
mode formname "A4" followed by non-utf16 garbage after the null
terminator. Such requests currently fail during unmarshalling in the
ndr_pull_charset() codepath, causing intermittent print job failures.

This change ensures that garbage after the device mode formname null
terminator is not processed in unmarshalling.

https://bugzilla.samba.org/show_bug.cgi?id=8606

Signed-off-by: Jeremy Allison <jra@samba.org>
2012-01-13 09:37:37 -08:00
Amitay Isaacs
dbf5df5f8f idl:dnsserver: Add DNS_DP_STATE enumeration for diretory partition state 2011-12-23 16:17:10 +11:00
Volker Lendecke
53d54f99b0 idl: Avoid c++ style comments
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Dec 21 13:36:01 CET 2011 on sn-devel-104
2011-12-21 13:36:01 +01:00
Kai Blin
c191ad7e13 s4 dns: Implement RFC-compatible update prescan 2011-12-17 02:46:08 +01:00
Dave Craft
b58cb7ea93 Add DRSUAPI_DRS_UPDATE_(x) flags
DRSUAPI_DRS_UPDATE flags are used in
DRS_MSG_REPMOD_V1 message structure when repsFrom
is modified via RPC.  The RPCs are currently uncoded but
samba_kcc maintains the flags (and uses them to identify
what repsFrom changes are to be executed).  These are currently
helpful to samba_kcc and are intended to ultimately be used in
RPCs.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-12-08 11:48:17 +11:00
Dave Craft
bc03cba552 Add NTDSConnection schedule attr blob
Add schedule blob to drsblobs to allow
NDR unpacking into a python class.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-12-08 11:48:17 +11:00
Matthias Dieter Wallnöfer
2c73eb4204 idl:netlogon.idl - add the Active Directory Web Service bit (DS_SERVER_WEBSERV)
MS-NRPC 2.2.1.2.1

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-26 10:16:16 +01:00
Günther Deschner
8a18edf1c2 samr: filterModuleName is a lsa_String in userPwdChangeFailureInformation.
The entire marshalling of samr_ChangePasswordUser3 broke with c2685cdedb.

Matthias, the bad effect of this change was that actually all failed password
change attempts will always return NT_STATUS_OK because the last 4 bytes (the
resulting status code) were not marshalled anymore.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov  9 00:41:13 CET 2011 on sn-devel-104
2011-11-09 00:41:13 +01:00
Kai Blin
a243473b49 s4 dns: the opcode is called OPCODE_UPDATE in the RFC, not OPCODE_REGISTER 2011-11-04 15:51:59 +01:00
Günther Deschner
185b94eefa nbt: trim down header dependencies of nbt.idl.
Guenther
2011-11-03 18:35:08 +01:00
Günther Deschner
2d390991bd s4: add some missing header dependencies.
Guenther
2011-11-03 18:35:08 +01:00
Günther Deschner
0de2bf97ff nbt: move nbt_string ndr functions to ndr/ndr_nbt.c helper.
Guenther
2011-11-03 18:35:08 +01:00
Günther Deschner
72879f491f nbt: merge in LIBCLI_NDR_NETLOGON helper into NDR_NBT.
Guenther
2011-11-03 18:35:08 +01:00
Günther Deschner
2417ea4923 librpc: remove nbt dependency to svcctl.
Guenther
2011-11-03 18:35:08 +01:00
Günther Deschner
2ecd50116c librpc: remove nbt dependency to samr.
Guenther
2011-11-03 18:35:08 +01:00
David Disseldorp
8abaafadde s4-torture: Add tests for the smb2 copychunk ioctl
Add idls for parsing of copychunk ioctl args.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-31 17:55:05 +01:00
David Disseldorp
2e1168d0a8 idl: add copychunk and request_resume_key ioctl definitions 2011-10-31 17:55:05 +01:00
Simo Sorce
8870daeb8d idl: Improve MS-PAC IDL
Change some misleading variable names to reflect the actual function.
Add missing field name/types previously marked as unkown.

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
2011-10-24 19:19:28 +02:00
Amitay Isaacs
65f9a13dc3 s4-dns: Added support for multiple DNS_RPC_RECORDS structures
Windows returns multiple DNS_RPC_RECORDS structures, but there is
no well defined structure in [MS-DNSP] doc. Added hand-written
code to parse ndr.

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-10-20 05:53:05 +02:00
Amitay Isaacs
0f84c634fc s4-dns: Added more data types for dnsserver implementation
Windows uses WERROR on dnsserver pipe.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-10-20 05:53:05 +02:00
Amitay Isaacs
3193e142d4 dnsp: Added typedefs to interpret dnsProperty attribute for dnsZone objectclass
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-10-20 05:53:05 +02:00
Stefan Metzmacher
ee4f418288 dnsserver.idl: avoid '//' comments
The compiler on openindiana doesn't like them.

metze
2011-10-08 07:24:13 +02:00
Andrew Tridgell
004f8c6e97 drsuapi: added ncName attid in enum 2011-10-04 15:08:56 +11:00
Andrew Tridgell
ff482bc836 dns: filled in dnsserver.idl
this fills in the functions and structures for the dnsserver RPC
protocol. This protocol is used during a subdomain join to add the NS
glue record to the parent domain
2011-10-04 15:08:56 +11:00
Kai Blin
1dbcb61c79 dns: Move the dns_srv_record to the correct place in the idl file
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Sun Oct  2 13:35:49 CEST 2011 on sn-devel-104
2011-10-02 13:35:49 +02:00
Kai Blin
f163bd1dac dns: Add support for TXT record to idl file 2011-10-02 12:00:27 +02:00
Kai Blin
f98ebcf43f dns: The QCLASS is called IN, not IP 2011-09-28 02:02:36 +02:00
Jeremy Allison
893497ee16 Fix bug #8458] - IE9 on Windows 7 cannot download files to samba 3.5.11 share
Handle the SECINFO_LABEL flag in the same was as Win2k3.
2011-09-21 13:34:50 -07:00
Christian Ambach
b43c69bedf security.idl add new well-known SIDs
http://support.microsoft.com/kb/243330/en-us lists some new
well-known SIDS in the BUILTIN domain
2011-08-31 09:53:31 +02:00
Matthieu Patou
593c9328fd idl: We don't need a context for FRSRPC_COMM_PKT_CHUNK_CO_EXTENTION_2 and avoid colision on bop attribute
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Aug  6 00:50:47 CEST 2011 on sn-devel-104
2011-08-06 00:50:47 +02:00
Stefan Metzmacher
eb9aa9b9f4 eventlog6.idl: fix definition of eventlog6_StringArray
This is an array of string, not an array of characters.

metze
2011-08-01 15:46:10 +02:00
Andrew Bartlett
b782b5ed7c nbt: Add comment explaining that these responses are manually encoded
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-29 04:24:06 +02:00
Andrew Bartlett
9cde691b87 nbt: fix WinXP S3 domain join: alignment of nbt_netlogon_response_from_pdc
This fixes WinXP joining a Samba3 domain, which was broken on hosts
with an even number of characters in the host name.  The alignment
requested in the structure was ignored because of the overall
NDR_NOALIGN set on the packet.

Andrew Bartlett

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jul 28 00:30:26 CEST 2011 on sn-devel-104
2011-07-28 00:30:26 +02:00
Andrew Bartlett
42e40140ae security.idl: Use gid_t for gid in security_unix_token 2011-07-20 09:17:14 +10:00
Andrew Bartlett
6622821063 s3-auth Remove seperate guest boolean
Instead, we base our guest calculations on the presence or absense of the
authenticated users group in the token, ensuring that we have only
one canonical source of this important piece of authorization data

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:14 +10:00
Andrew Bartlett
af47f7cd22 auth: remove now unused auth3_session_info from auth.idl
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:14 +10:00
Andrew Bartlett
128ae06a61 s3-auth use auth_user_info not netr_SamInfo3 in auth3_session_info
This makes auth3_session_info identical to auth_session_info

The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:13 +10:00