Andrew Bartlett [Mon, 10 Jan 2005 12:30:13 +0000 (12:30 +0000)]
r4641: Push a few more details into the schannel ldb, and into the
credentials struct it maintains.
Clearly much of this will be replaced with some system to pass and
store the session_info, as that is the 'right way' to handle this.
Andrew Bartlett
Andrew Tridgell [Mon, 10 Jan 2005 12:15:26 +0000 (12:15 +0000)]
r4640: first stage in the server side support for multiple context_ids on one pipe
this stage does the following:
- simplifies the dcerpc_handle handling, and all the callers of it
- split out the context_id depenent state into a linked list of established contexts
- fixed some talloc handling in several rpc servers that i noticed while doing the above
Stefan Metzmacher [Mon, 10 Jan 2005 12:14:26 +0000 (12:14 +0000)]
r4639: initialize all struct members!
tridge: sorry for making you such a pain...
could you check if that fixes your bugs
metze
Andrew Tridgell [Mon, 10 Jan 2005 12:12:44 +0000 (12:12 +0000)]
r4638: expose lsa and drsuapi on ncalrpc
Stefan Metzmacher [Mon, 10 Jan 2005 11:14:13 +0000 (11:14 +0000)]
r4637: log packets when the server code returns an DCERPC_FAULT
metze
Andrew Bartlett [Mon, 10 Jan 2005 11:09:31 +0000 (11:09 +0000)]
r4636: Per tridge's wish (and probably correct behaviour), don't key off a
specific GENSEC mech type, but on the behaviour of the mech.
Andrew Bartlett
Andrew Bartlett [Mon, 10 Jan 2005 10:48:19 +0000 (10:48 +0000)]
r4635: Fix NTLMSSP to return NT_STATUS_OK when it has constructed the auth
token in the client (the final token in the negotiation).
Consequential fixes in the SPNEGO code, which now uses the out.length
as the indicator of 'I need to send something to the other side'.
Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client.
Fix the RPC-MULTIBIND test consequent to this merge.
Andrew Bartlett
Stefan Metzmacher [Mon, 10 Jan 2005 10:45:39 +0000 (10:45 +0000)]
r4634: disable sign and seal in ldap_server for now.
metze
Andrew Tridgell [Mon, 10 Jan 2005 08:58:53 +0000 (08:58 +0000)]
r4632: added spnego testing and no-auth testing in test_w2k3.sh
Andrew Tridgell [Mon, 10 Jan 2005 08:57:54 +0000 (08:57 +0000)]
r4631: don't consider an epmapper insert as a failure for the moment
Andrew Tridgell [Mon, 10 Jan 2005 08:56:55 +0000 (08:56 +0000)]
r4630: for ncacn_np if we don't have an explicit request for one of the
advanced auth types we should do a plain bind. This fixes rpc
connections to ancient servers (like sun cascade)
Stefan Metzmacher [Mon, 10 Jan 2005 08:54:31 +0000 (08:54 +0000)]
r4629: we now have a global macro NT_STATUS_HAVE_NO_MEMORY()
so don't use a local one
metze
Stefan Metzmacher [Mon, 10 Jan 2005 08:30:44 +0000 (08:30 +0000)]
r4628: this function should be static
metze
Andrew Tridgell [Mon, 10 Jan 2005 07:14:12 +0000 (07:14 +0000)]
r4627: - simplified the dcerpc auth code using a common function
- added support for "spnego" in binding strings. This enables SPNEGO
auth in the dcerpc client code, using as many allter_context calls as
are needed
To try SPNEGO do this:
smbtorture ncacn_ip_tcp:SERVER[spnego,seal] -Uadministrator%password RPC-SAMR
Andrew Tridgell [Mon, 10 Jan 2005 07:12:13 +0000 (07:12 +0000)]
r4626: Jelmer, can you look at why this init is failing? It is preventing all tools from working
Andrew Tridgell [Mon, 10 Jan 2005 03:48:19 +0000 (03:48 +0000)]
r4625: added a test that demonstrates that once a context_id is established,
it can't be changed (so you have to create a new context_id, not
change the interface bound to an existing one)
Jelmer Vernooij [Sun, 9 Jan 2005 21:35:37 +0000 (21:35 +0000)]
r4624: Several crash fixes for DCOM
More work on the example class implementation
Jelmer Vernooij [Sun, 9 Jan 2005 19:06:49 +0000 (19:06 +0000)]
r4623: Convert values from UTF8 to UTF16 in gconf registry backend (caught
by Andrew Bartlett)
Volker Lendecke [Sun, 9 Jan 2005 18:53:54 +0000 (18:53 +0000)]
r4622: Clarify a comment a bit
Jelmer Vernooij [Sun, 9 Jan 2005 14:24:51 +0000 (14:24 +0000)]
r4621: Add torture tests for epm_Insert and epm_Delete
Stefan Metzmacher [Sun, 9 Jan 2005 12:55:25 +0000 (12:55 +0000)]
r4620: - add interface functions to the auth subsystem so that callers doesn't need to
use function pointers anymore
- make the module init much easier
- a lot of cleanups
don't try to read the diff in auth/ better read the new files
it passes test_echo.sh and test_rpc.sh
abartlet: please fix spelling fixes
metze
Jelmer Vernooij [Sun, 9 Jan 2005 11:50:45 +0000 (11:50 +0000)]
r4619: Remove extern declaration of dcerpc_pipes, which is now static
Andrew Tridgell [Sun, 9 Jan 2005 11:32:12 +0000 (11:32 +0000)]
r4618: - tidied up the alter_context client code a bit
- there is no alter_nak or alter_ack packet, its all done in an
alter_response
- auto-allocated the contex_ids
- tried to fix up the dcom code to work again with
alter_context. Jelmer, please take a look :)
Andrew Tridgell [Sun, 9 Jan 2005 09:38:16 +0000 (09:38 +0000)]
r4617: basic alter_context requests now work in our client library. The test
just does a simple LSA/DSSETUP combo, which is what w2k does in the
ACL editor rpc calls that triggered this work
Andrew Tridgell [Sun, 9 Jan 2005 08:34:05 +0000 (08:34 +0000)]
r4616: the first phase in the addition of proper support for
dcerpc_alter_context and multiple context_ids in the dcerpc client
library.
This stage does the following:
- split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which
contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has
the context dependent part. This is similar to the layering in libcli_*() for SMB
- disable the current dcerpc_alter code. I've used a #warning until i
get the 2nd phase finished. I don't know how portable #warning is, but
it won't be long before I add full alter context support anyway, so it won't last long
- cleanup the allocation of dcerpc_pipe structures. The previous code
was quite awkward.
Andrew Tridgell [Sun, 9 Jan 2005 08:27:35 +0000 (08:27 +0000)]
r4615: added acl checking on directory search in pvfs
Andrew Bartlett [Sun, 9 Jan 2005 07:39:31 +0000 (07:39 +0000)]
r4614: Fix RPC-SAMLOGON, to use the workstation context (forgot to globally replace).
Andrew Bartlett
Tim Potter [Sun, 9 Jan 2005 05:31:59 +0000 (05:31 +0000)]
r4613: Fix stuff I broke in the last commit with the /x regexp flag.
Andrew Tridgell [Sun, 9 Jan 2005 04:31:32 +0000 (04:31 +0000)]
r4612: make the output for the w2k3 acl bug a bit clearer
Andrew Tridgell [Sun, 9 Jan 2005 04:18:14 +0000 (04:18 +0000)]
r4611: - renamed add_socket() to smb_add_socket() as that is less confusing
- removed the spurious call to set_blocking() in the smb server setup.
Andrew Bartlett [Sun, 9 Jan 2005 03:04:45 +0000 (03:04 +0000)]
r4610: You can't join as a BDC and test against trusted domains. This test
only needs WS privilages anyway.
Andrew Bartlett
Stefan Metzmacher [Sun, 9 Jan 2005 02:37:24 +0000 (02:37 +0000)]
r4609: add a usefull data_blob_dup_talloc() macro
metze
Stefan Metzmacher [Sun, 9 Jan 2005 02:33:16 +0000 (02:33 +0000)]
r4608: - use better error codes
- use new NT_STATUS_* macros for error checking return
- don't use talloc_p anymore
metze
Stefan Metzmacher [Sun, 9 Jan 2005 02:30:01 +0000 (02:30 +0000)]
r4607: add some usefull macros to make the code more readable
metze
Tim Potter [Sun, 9 Jan 2005 02:03:59 +0000 (02:03 +0000)]
r4606: Start adding some more comments and some indentation for the eparser
regexps. Hopefully this will make things a bit easier to understand
later on.
Volker Lendecke [Sun, 9 Jan 2005 01:14:26 +0000 (01:14 +0000)]
r4605: Fix a confusing comment :-)
Andrew Bartlett [Sat, 8 Jan 2005 02:00:28 +0000 (02:00 +0000)]
r4603: Test creating local and global secrets over LSA.
Andrew Bartlett
Tim Potter [Fri, 7 Jan 2005 23:23:28 +0000 (23:23 +0000)]
r4600: Remove Data::Dumper import leftover from debugging.
Return more ethereal types and bases for hf fields. Currently we
assume that enums always fit into a uint16 which will probably have to
change soon.
Tim Potter [Fri, 7 Jan 2005 22:27:18 +0000 (22:27 +0000)]
r4599: Remove some duplicated code in pidl.pl.
Start working on adding support for bitmaps and enums.
In progress tweaks for arrays of structures.
Volker Lendecke [Fri, 7 Jan 2005 18:13:53 +0000 (18:13 +0000)]
r4597: Recently I've come across a case where I suspect the GetAnyDCName request to
kill the domain controller I'm asking. In samba4 torturing the DC is just so
easy, commit the test to randomized ask for DCs for all trusted domains.
Volker
Andrew Tridgell [Fri, 7 Jan 2005 06:59:53 +0000 (06:59 +0000)]
r4596: added a dynamic inheritance ACLs test. As far as I can tell w2k3 does not do
dynamic inheritance
Andrew Tridgell [Fri, 7 Jan 2005 05:24:38 +0000 (05:24 +0000)]
r4595: on create check access against parent not child ...
Andrew Bartlett [Fri, 7 Jan 2005 05:02:48 +0000 (05:02 +0000)]
r4594: Add more testes to the standard 'passes against win2k3' script.
Andrew Bartlett
Andrew Tridgell [Fri, 7 Jan 2005 04:47:58 +0000 (04:47 +0000)]
r4593: don't use the _p function in the testsuite, as when built standalone it doesn't
use TALLOC_DEPRECATED
Andrew Tridgell [Fri, 7 Jan 2005 04:45:11 +0000 (04:45 +0000)]
r4592: fixed typo from talloc testsuite fixup for the new syntax
Andrew Tridgell [Fri, 7 Jan 2005 04:39:16 +0000 (04:39 +0000)]
r4591: - converted the other _p talloc functions to not need _p
- added #if TALLOC_DEPRECATED around the _p functions
- fixes the code that broke from the above
while doing this I fixed quite a number of places that were
incorrectly using the non type-safe talloc functions to use the type
safe ones. Some were even doing multiplies for array allocation, which
is potentially unsafe.
Andrew Bartlett [Fri, 7 Jan 2005 04:09:45 +0000 (04:09 +0000)]
r4590: Make RPC-SAMSYNC pass againt Win2k3.
Andrew Bartlett
Andrew Tridgell [Fri, 7 Jan 2005 03:43:59 +0000 (03:43 +0000)]
r4589: forgot to commit the new NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED error code
Andrew Tridgell [Fri, 7 Jan 2005 03:38:36 +0000 (03:38 +0000)]
r4588: fixed the double bind in ncalrpc with dcerpc_secondary_connection()
Andrew Tridgell [Fri, 7 Jan 2005 03:33:39 +0000 (03:33 +0000)]
r4587: fixed dcerpc_secondary_connection() for ncacn_ip_tcp
this fixes RPC-SAMLOGON and some other tests on ncacn_ip_tcp
Andrew Tridgell [Fri, 7 Jan 2005 03:12:30 +0000 (03:12 +0000)]
r4586: RPC-LSA now passes against w2k3
Andrew Tridgell [Fri, 7 Jan 2005 03:11:18 +0000 (03:11 +0000)]
r4585: don't consider LookupSids3 failing with NT_STATUS_ACCESS_DENIED (as w2k3 does) or
NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED (as longhorn does) to be an error.
fixed the CreateTrustedDomain test to cope with the "torturedomain" being left over
from a previous aborted run
Andrew Tridgell [Fri, 7 Jan 2005 02:14:34 +0000 (02:14 +0000)]
r4584: fix pvfs backend to pass the new enhanced RAW-ACLS test. Easy once I really the
strange behaviour I saw was a w2k3 bug :-)
Andrew Tridgell [Fri, 7 Jan 2005 02:13:07 +0000 (02:13 +0000)]
r4583: print which bit failed in the owner bits check
Andrew Tridgell [Fri, 7 Jan 2005 01:56:19 +0000 (01:56 +0000)]
r4582: finally worked out what is going on with the inherited ACLs test and win2003. It is a
win2003 bug!
This new test code works against w2k, and against longhorn, but fails
against w2k3. When tested against w2k3 it allows a open with an access
mask that should be denied by the given ACL, after setting up the ACL
using inheritance. Note that only the very specific
SEC_RIGHTS_FILE_ALL mask incorrectly succeeds, so they must have a
special case for that mask. Maybe its an optimisation gone wrong?
I don't know if there are any serious security implications to this,
but it is pretty clearly wrong, and has been fixed in longhorn.
Tim Potter [Thu, 6 Jan 2005 23:08:30 +0000 (23:08 +0000)]
r4578: Minor cleanup of ndr_pull_array() and ndr_pull_array_foo() regexps.
Stefan Metzmacher [Thu, 6 Jan 2005 17:21:57 +0000 (17:21 +0000)]
r4572: remove configure and include/config.h*
before running autoheader && autoconf
this fixes bug where configure didn't get correctly updated
(I assume autoconf uses some caching...)
metze
Stefan Metzmacher [Thu, 6 Jan 2005 13:34:18 +0000 (13:34 +0000)]
r4568: make use of SidType and move it to lsa.idl
metze
Andrew Bartlett [Thu, 6 Jan 2005 12:22:20 +0000 (12:22 +0000)]
r4567: Fix the build for metze.
Andrew Bartlett
Andrew Bartlett [Thu, 6 Jan 2005 12:13:31 +0000 (12:13 +0000)]
r4566: Fix Samba4 to pass it's own RPC-SAMLOGON torture test.
Include RPC-SAMLOGON in the list of tests expected to pass
Remove silly extra loops from the RPC-SAMLOGON test, which mostly just
slowed htings down.
Andrew Bartlett
Andrew Bartlett [Thu, 6 Jan 2005 12:10:54 +0000 (12:10 +0000)]
r4565: Make the order of the initialisation more sensible.
Andrew Bartlett
Andrew Tridgell [Thu, 6 Jan 2005 12:02:39 +0000 (12:02 +0000)]
r4564: added a comment on lsa_EnumAccounts IDL
Andrew Tridgell [Thu, 6 Jan 2005 12:01:11 +0000 (12:01 +0000)]
r4563: fixed lsa_EnumAccounts() server side to return all accounts that have privileges, as
volker discovered
Andrew Tridgell [Thu, 6 Jan 2005 09:26:14 +0000 (09:26 +0000)]
r4560: - fixed crash bugs in the RPC-SCHANNEL and RPC-NETLOGON tests
- disabled the async netlogon tests for now until we better understand async rpc
- added a test_w2k3.sh script that runs rpc tests that a w2k3 DC
should pass. This is useful for regression testing when PIDL changes
are made.
Andrew Tridgell [Thu, 6 Jan 2005 09:24:41 +0000 (09:24 +0000)]
r4559: prevent the RPC-EPMAPPER test from looping forever against w2k3
Stefan Metzmacher [Thu, 6 Jan 2005 07:34:14 +0000 (07:34 +0000)]
r4558: more use of bitmaps and enums
metze
Stefan Metzmacher [Thu, 6 Jan 2005 07:29:55 +0000 (07:29 +0000)]
r4557: support for [flags()] on typedef enum|bitmap
NDR_PAHEX is handled by ndr_print_enum() now
metze
Andrew Tridgell [Thu, 6 Jan 2005 07:22:47 +0000 (07:22 +0000)]
r4556: neater (and faster) way of doing alignments and scalars
Stefan Metzmacher [Thu, 6 Jan 2005 07:02:46 +0000 (07:02 +0000)]
r4555: fix some dependencies
metze
Stefan Metzmacher [Thu, 6 Jan 2005 07:00:54 +0000 (07:00 +0000)]
r4554: create svcctl_ServerType bitmap
metze
Stefan Metzmacher [Thu, 6 Jan 2005 06:59:14 +0000 (06:59 +0000)]
r4553: fix typo
metze
Stefan Metzmacher [Thu, 6 Jan 2005 06:34:07 +0000 (06:34 +0000)]
r4552: use samr_AcctFlags in netlogon.idl
metze
Stefan Metzmacher [Thu, 6 Jan 2005 06:32:07 +0000 (06:32 +0000)]
r4551: add support for a pidl extensions
'declare bitmap foo1;'
'declare enum foo2;'
and also allow
typedef [public] bitmap ...
typedef [public] enum ...
you need to a forward declaration of bitmaps and enums
when you want to use them in another idl file,
and you need to make the real declaration to be public
see the next commit to samr.idl and netlogon.idl
metze
Andrew Tridgell [Thu, 6 Jan 2005 03:20:56 +0000 (03:20 +0000)]
r4550: talloc() is now typesafe. It is exactly equivalent to the old talloc_p() macro. Use
talloc_size() if you want the old behaviour.
I have kept talloc_p() as an alias for now. Once we change all calls
to be plain talloc() then we can remove it.
Andrew Tridgell [Thu, 6 Jan 2005 03:06:58 +0000 (03:06 +0000)]
r4549: got rid of a lot more uses of plain talloc(), instead using
talloc_size() or talloc_array_p() where appropriate.
also fixed a memory leak in pvfs_copy_file() (failed to free a memory
context)
Tim Potter [Thu, 6 Jan 2005 02:36:59 +0000 (02:36 +0000)]
r4548: Convert to talloc_p() and talloc_array_p() where appropriate.
(swig stuff seems broken atm though)
Andrew Tridgell [Thu, 6 Jan 2005 02:32:43 +0000 (02:32 +0000)]
r4547: - added talloc_new(ctx) macro that is a neater form of the common talloc(ctx, 0) call.
- cleaned up some talloc usage in various files
I'd like to get to the point that we have no calls to talloc(), at
which point we will rename talloc_p() to talloc(), to encourage
everyone to use the typesafe functions.
Tim Potter [Thu, 6 Jan 2005 02:10:33 +0000 (02:10 +0000)]
r4546: Use talloc_p() instad of talloc()
Stefan Metzmacher [Wed, 5 Jan 2005 16:54:51 +0000 (16:54 +0000)]
r4542: use bitmap for samr_FieldsPresent and samr_AcctFlags
metze
Stefan Metzmacher [Wed, 5 Jan 2005 16:48:58 +0000 (16:48 +0000)]
r4541: make use of new enum and bitmap features
metze
Stefan Metzmacher [Wed, 5 Jan 2005 16:31:05 +0000 (16:31 +0000)]
r4540: sync enum and bitmap code
metze
Stefan Metzmacher [Wed, 5 Jan 2005 15:37:43 +0000 (15:37 +0000)]
r4536: make use of the new enum and bitmap feature of pidl
metze
Stefan Metzmacher [Wed, 5 Jan 2005 15:36:26 +0000 (15:36 +0000)]
r4535: add full support for
typedef bitmap {
FLAG1 = 0x01
} fooflags;
typedef struct {
fooflags flags;
}
metze
Stefan Metzmacher [Wed, 5 Jan 2005 15:28:10 +0000 (15:28 +0000)]
r4534: update the yapp generated code
metze
Stefan Metzmacher [Wed, 5 Jan 2005 15:26:48 +0000 (15:26 +0000)]
r4533: parsing support for:
typedef [bitmap16bit] bitmap {
FLAG1 = 0x0001,
FLAG2 = 0x8000
} fooflags;
metze
Stefan Metzmacher [Wed, 5 Jan 2005 15:24:20 +0000 (15:24 +0000)]
r4532: - rename bitmap -> bits
the next commit is support for typedef bitmap {...}; in pidl
metze
Andrew Bartlett [Wed, 5 Jan 2005 10:21:08 +0000 (10:21 +0000)]
r4531: Include the OID locally, as it seems to be hard to get the includes
right.
Andrew Bartlett
Andrew Bartlett [Wed, 5 Jan 2005 03:21:45 +0000 (03:21 +0000)]
r4530: Start adding a bit of Doxygen compatible documentation comments to GENSEC.
Andrew Bartlett
Andrew Tridgell [Wed, 5 Jan 2005 02:01:19 +0000 (02:01 +0000)]
r4526: - much simpler (and more accurate!) ndr_size_*() code generation. It
is less efficient, but I really doubt that matters.
- use enum in epmapper.idl for protocol type
- added support for "enum8bit" flag, used in epmapper.idl
Andrew Tridgell [Wed, 5 Jan 2005 00:41:49 +0000 (00:41 +0000)]
r4524: converted a few bits of samr.idl to use enum properly
Andrew Tridgell [Wed, 5 Jan 2005 00:31:28 +0000 (00:31 +0000)]
r4523: the PROPERTIES change for typedef was not quite as simple as I thought. This puts in a workaround
that fixes things for now
Andrew Tridgell [Wed, 5 Jan 2005 00:14:29 +0000 (00:14 +0000)]
r4522: PROPERTIES are now handled at the typedef level
Andrew Tridgell [Wed, 5 Jan 2005 00:09:29 +0000 (00:09 +0000)]
r4521: fixed up the handling of PROPERTIES elements after the change to support enum
Andrew Tridgell [Tue, 4 Jan 2005 23:27:12 +0000 (23:27 +0000)]
r4520: added a enum test function to the echo pipe
Andrew Tridgell [Tue, 4 Jan 2005 23:26:12 +0000 (23:26 +0000)]
r4519: added the enum print function in ndr_basic.c
Andrew Tridgell [Tue, 4 Jan 2005 23:25:25 +0000 (23:25 +0000)]
r4518: added proper support for "typedef enum" in pidl. We can now use enums as types in switch
statements and variable types, and the value will be printed with its string name and value
Tim Potter [Tue, 4 Jan 2005 23:15:33 +0000 (23:15 +0000)]
r4517: Revert previous commit about giving arrays of scalars their own subtree.
Generate code to display using proto_tree_add_bytes() instead.
Simo Sorce [Tue, 4 Jan 2005 15:18:50 +0000 (15:18 +0000)]
r4513: add experimental modification attribute checking
still not complete but works with add and replace, not tested with delete
lot of duplicated code to remove
Tim Potter [Tue, 4 Jan 2005 06:35:53 +0000 (06:35 +0000)]
r4512: Give arrays of scalar types their own subtree.
Tim Potter [Tue, 4 Jan 2005 05:21:24 +0000 (05:21 +0000)]
r4511: Remove a crapload of dead code.