Andrew Bartlett [Mon, 25 Apr 2005 06:33:20 +0000 (06:33 +0000)]
r6460: Push the client credentials into NTLMSSP, allowing logins of the form
user@REALM for the first time.
Fix the build for smbencrypt.c
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 05:03:50 +0000 (05:03 +0000)]
r6458: Split up NTLMSSP into a new directory, and into seperate files for the
client and server logic code. In future, this may allow us to build
only the NTLMSSP client, and not the server, but in the short-term, it
allows me greater sainity in moving around these files.
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 04:06:59 +0000 (04:06 +0000)]
r6457: Simply the RPC server code for the choice of GENSEC mech - it's just
one function call now, so no need for a wrapper function.
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 04:05:41 +0000 (04:05 +0000)]
r6456: The RPC-SCHANNEL test is an important test that passes against Win2k3 (well, not SP1, but we are working on that detail).
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 03:48:02 +0000 (03:48 +0000)]
r6455: Remove wrapper functions, and ntlmssp_end (which is well handed by talloc() now).
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 03:37:37 +0000 (03:37 +0000)]
r6454: Start to migrate NTLMSSP away from it's own API to just use GENSEC.
The aim here is to remove the extra layer of abstraction, and to then
use the credentials code directly in the NTLMSSP layer.
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 03:28:17 +0000 (03:28 +0000)]
r6453: Move verbose errors for the schannel 'not in the DB, or DB corrupt' error cases.
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 03:03:28 +0000 (03:03 +0000)]
r6452: This particular credentials feature needs to be NULL by default.
Andrew Bartlett
Andrew Bartlett [Mon, 25 Apr 2005 03:02:30 +0000 (03:02 +0000)]
r6451: Ensure we correctly initialise the credentials structure in the schannel test.
Andrew Bartlett
Jelmer Vernooij [Sat, 23 Apr 2005 04:30:58 +0000 (04:30 +0000)]
r6442: Add mechanism for configuring ldb independantly of the rest of
Samba using the autoconf tools.
Rafal Szczesniak [Sat, 23 Apr 2005 03:01:21 +0000 (03:01 +0000)]
r6440: Adding libcli composite functions dependency, as we need to locate
a host and connect to its services prior to doing administrative tasks
via rpc calls.
rafal
Rafal Szczesniak [Sat, 23 Apr 2005 02:59:53 +0000 (02:59 +0000)]
r6439: Clarify the comment.
rafal
Rafal Szczesniak [Fri, 22 Apr 2005 15:13:01 +0000 (15:13 +0000)]
r6432: Restorin previous construction of conditions after a little discussion
with Richard and Andrew.
rafal
Rafal Szczesniak [Fri, 22 Apr 2005 05:11:53 +0000 (05:11 +0000)]
r6430: Delete existing test account if, for some reason, it hasn't been
deleted last time running the test.
rafal
Rafal Szczesniak [Fri, 22 Apr 2005 00:32:37 +0000 (00:32 +0000)]
r6426: DCE/RPC bind string parsing is not needed anymore, as we use
lp_workgroup parameter as domain name to operate on.
rafal
Rafal Szczesniak [Fri, 22 Apr 2005 00:22:11 +0000 (00:22 +0000)]
r6425: Yet another comment.
rafal
Rafal Szczesniak [Thu, 21 Apr 2005 23:25:38 +0000 (23:25 +0000)]
r6424: More comments and fixes to existing ones.
rafal
Rafal Szczesniak [Thu, 21 Apr 2005 12:22:48 +0000 (12:22 +0000)]
r6420: Close user account handle before calling tested function to better
simulate real conditions of calling the function.
rafal
Rafal Szczesniak [Thu, 21 Apr 2005 12:21:14 +0000 (12:21 +0000)]
r6419: Fix strange behaviour of NET-USERDEL where account doesn't actually
gets deleted.
rafal
Rafal Szczesniak [Thu, 21 Apr 2005 07:25:16 +0000 (07:25 +0000)]
r6415: Added NET-USERDEL torture test which proves something's wrong
with user del function.
rafal
Rafal Szczesniak [Thu, 21 Apr 2005 07:24:16 +0000 (07:24 +0000)]
r6414: Added composite user del function. Slightly broken still, but I don't
want it to hang around not commited.
rafal
Rafal Szczesniak [Thu, 21 Apr 2005 01:01:26 +0000 (01:01 +0000)]
r6406: Include new NET-USERADD test in torture suite.
rafal
Rafal Szczesniak [Thu, 21 Apr 2005 01:00:30 +0000 (01:00 +0000)]
r6405: Complete NET-USERADD torture test for user add composite function.
rafal
Rafal Szczesniak [Tue, 19 Apr 2005 15:13:18 +0000 (15:13 +0000)]
r6390: A couple of changes in useradd function regarding pointers.
rafal
Rafal Szczesniak [Tue, 19 Apr 2005 15:11:58 +0000 (15:11 +0000)]
r6389: Incomplete test of composite useradd function.
rafal
Rafal Szczesniak [Tue, 19 Apr 2005 03:57:57 +0000 (03:57 +0000)]
r6384: Formatting fixes.
rafal
Rafal Szczesniak [Tue, 19 Apr 2005 03:57:23 +0000 (03:57 +0000)]
r6383: Add user management file to build.
rafal
Rafal Szczesniak [Tue, 19 Apr 2005 03:56:44 +0000 (03:56 +0000)]
r6382: New structure for useradd call.
rafal
Rafal Szczesniak [Tue, 19 Apr 2005 03:55:58 +0000 (03:55 +0000)]
r6381: Started working on user account management functions.
rafal
Tim Potter [Sun, 17 Apr 2005 00:45:49 +0000 (00:45 +0000)]
r6361: Update howto and provisioning script with the moves made in r6207.
Tim Potter [Sun, 17 Apr 2005 00:07:40 +0000 (00:07 +0000)]
r6360: Quieten unused variable warning.
Tim Potter [Sun, 17 Apr 2005 00:06:46 +0000 (00:06 +0000)]
r6359: Fix compiler warning with struct sockaddr. I'm sure I fixed this a few
weeks ago - weird.
Stefan Metzmacher [Fri, 15 Apr 2005 15:36:53 +0000 (15:36 +0000)]
r6353: we need the english output from the svn commands
metze
Alexander Bokovoy [Fri, 15 Apr 2005 14:45:00 +0000 (14:45 +0000)]
r6352: Two new composite calls:
- qfsinfo (query file system information)
- appendacl (append an ACL to existing file's security descriptor and get new
full ACL)
The second one also includes an improvement to security descriptor handling
which allows to copy security descriptor. Written by Peter Novodvorsky
<peter.novodvorsky@ru.ibm.com>
Both functions have corresponding torture tests added. Tested under valgrind and
work against Samba 4 and Windows XP.
ToDo: document composite call creation process in prog_guide.txt
Tim Potter [Fri, 15 Apr 2005 07:15:45 +0000 (07:15 +0000)]
r6350: Add a newline to make things look prettier.
Andrew Tridgell [Thu, 14 Apr 2005 13:19:40 +0000 (13:19 +0000)]
r6342: fixed a bad union assumption that caused ACLs to fail on 64 bit machines
Thanks to lars and agruen for finding this
Andrew Tridgell [Thu, 14 Apr 2005 08:44:28 +0000 (08:44 +0000)]
r6341: fixed the schannel idl to handle dotted names correctly
Andrew Tridgell [Thu, 14 Apr 2005 08:24:36 +0000 (08:24 +0000)]
r6340: - added an easy to use function to initialise a temporary ldb with some ldif
- init the schannel.ldb with some CASE_INSENSITIVE attributes
Andrew Tridgell [Thu, 14 Apr 2005 08:00:45 +0000 (08:00 +0000)]
r6339: set the NBT_SERVER_LDAP and NBT_SERVER_KDC bits based on config
(andrew, please fix the method of sseeing if we do krb5, if you can
think of a better one)
Andrew Tridgell [Thu, 14 Apr 2005 07:40:23 +0000 (07:40 +0000)]
r6338: ADS style GETDC response now works well enough that WinXP can join
Samba4 without Samba3 nmbd
Andrew Tridgell [Thu, 14 Apr 2005 05:55:32 +0000 (05:55 +0000)]
r6335: at debug level 10, save netlogon and ntlogon packets that fail to parse
Andrew Tridgell [Thu, 14 Apr 2005 05:52:54 +0000 (05:52 +0000)]
r6333: removed an extraneous line (pointed out by metze)
Andrew Tridgell [Thu, 14 Apr 2005 02:36:30 +0000 (02:36 +0000)]
r6331: added IDL and test suite for the ADS style response to a datagram netlogon query.
Note that this response is almost identical to the CLDAP netlogon
response, so adding that will now be quite easy.
Tim Potter [Wed, 13 Apr 2005 07:15:43 +0000 (07:15 +0000)]
r6329: Write tests for newly implemented alias functions.
Tim Potter [Wed, 13 Apr 2005 07:14:33 +0000 (07:14 +0000)]
r6328: Fix bug in OpenAlias.
Implement DeleteDomAlias, QueryAliasInfo, SetAliasInfo,
AddAliasMember, and AddMultipleMembersToAlias.
Fix one of those annoying large integer warnings.
Tim Potter [Wed, 13 Apr 2005 07:13:00 +0000 (07:13 +0000)]
r6327: Add LSA objects to dcerpc swig library.
Tim Potter [Wed, 13 Apr 2005 07:12:17 +0000 (07:12 +0000)]
r6326: Add %array_functions for struct lsa_SidPtr.
Pull in the auto-generated interface file for the lsa pipe
(whaddayaknow it compiled first go!)
Tim Potter [Wed, 13 Apr 2005 06:26:43 +0000 (06:26 +0000)]
r6325: Rename aliasname -> alias_name in CreateDomAlias function.
Tim Potter [Wed, 13 Apr 2005 05:57:51 +0000 (05:57 +0000)]
r6324: Pass server name instead of binding string on command line (always use
ncacn_np for the moment).
Fix rpcclient to work with struct cli_credentials.
Andrew Tridgell [Wed, 13 Apr 2005 05:50:02 +0000 (05:50 +0000)]
r6323: added server side support for dgram NTLOGON requests. NT4 workstations can now login
to a Samba4 domain.
Tim Potter [Wed, 13 Apr 2005 05:42:07 +0000 (05:42 +0000)]
r6322: Fix compile warning for struct sockaddr.
Andrew Tridgell [Wed, 13 Apr 2005 05:07:04 +0000 (05:07 +0000)]
r6321: added IDL and test suite for NBT dgram 'sam logon' request (sent by
clients when a user tries to login)
Andrew Tridgell [Wed, 13 Apr 2005 03:43:17 +0000 (03:43 +0000)]
r6320: some minor netlogon datagram fixes - NT4 can now join a Samba4 domain without
Samba3 nmbd
Andrew Bartlett [Tue, 12 Apr 2005 07:56:56 +0000 (07:56 +0000)]
r6315: Allow sane session setup behaviour on SPNEGO regarding VUIDs.
Andrew Bartlett
Andrew Bartlett [Tue, 12 Apr 2005 07:43:38 +0000 (07:43 +0000)]
r6314: A more complete RAW-CONTEXT test. This Samba4 currently fails, but it
now tests areas in extended security handling (SPNEGO) that are just
plain odd...
Andrew Bartlett
Andrew Bartlett [Tue, 12 Apr 2005 07:29:12 +0000 (07:29 +0000)]
r6313: Much better handling of LogoffAndX when the vuid is invalid (ie, don't
segfault). This should fix another of the issues that Richard came up
with last week.
Andrew Bartlett
Andrew Bartlett [Tue, 12 Apr 2005 06:51:36 +0000 (06:51 +0000)]
r6312: Metze reminds me this header is no longer required.
Andrew Bartlett
Andrew Bartlett [Tue, 12 Apr 2005 05:36:28 +0000 (05:36 +0000)]
r6310: Rename password.c to session.c, and remove the linked list of all
outstanding sessions, as we don't use it.
Andrew Bartlett
Andrew Bartlett [Tue, 12 Apr 2005 05:21:38 +0000 (05:21 +0000)]
r6309: Remove this file it is empty and unreferenced. (In preperation for
renaming password.c over the top, as it deals with sessions, not
passwords).
Andrew Bartlett
Jelmer Vernooij [Tue, 12 Apr 2005 01:14:54 +0000 (01:14 +0000)]
r6306: Add simple WMI client test script
Stefan Metzmacher [Mon, 11 Apr 2005 13:28:22 +0000 (13:28 +0000)]
r6295: - add idl for EcDoRpc from the exchange_emsmdb interface
this one uses a obfuscation(0xA5) subcontext
this is taken from the openchange.org project
metze
Stefan Metzmacher [Mon, 11 Apr 2005 13:25:38 +0000 (13:25 +0000)]
r6294: - add obfuscate support, which is used in MAPI rpc's, (the ^= 0xA5 stuff),
based on a patch from j.kerihuel@openchange.org
- remove unused $ndr_flags argument for the ParseCompression*Start() function's
metze
Stefan Metzmacher [Mon, 11 Apr 2005 12:38:00 +0000 (12:38 +0000)]
r6293: fix formating
metze
Andrew Tridgell [Sun, 10 Apr 2005 23:09:38 +0000 (23:09 +0000)]
r6288: the nbt dgram server now responds to GETDC requests. It works with our
test suite, but doesn't yet seem to satisfy a nt4 client. I'm
investigating.
Andrew Tridgell [Sun, 10 Apr 2005 23:08:04 +0000 (23:08 +0000)]
r6287: sorted out a small but surprisingly tricky dependency problem with the
ndr code for handling sids and security descriptors now that we have a
sid in the nbt IDL
Andrew Bartlett [Sun, 10 Apr 2005 22:23:02 +0000 (22:23 +0000)]
r6286: Add back metze's test of setting a trust password to ''. I removed
this because I don't want our torture suite to leave behind accounts
with known passwords if it is stopped in the wrong place. It is now
run behind the -X (dangerous) wrapper.
Andrew Bartlett
Andrew Bartlett [Sun, 10 Apr 2005 10:13:57 +0000 (10:13 +0000)]
r6272: For 'programmed' use of an anonymous account, we should use
cli_credentials_set_conf(), not cli_credentials_guess().
Also, clarify why for particular flags, we don't do a DCERPC-level
authentication.
Andrew Bartlett
Andrew Bartlett [Sun, 10 Apr 2005 10:11:36 +0000 (10:11 +0000)]
r6271: Don't zero the cli_credentials structure - instead allow valgrind to
track the use of un-initialised values.
This change will require a recompile from clean, as the enum
describing the status of each element now has a default of
CRED_UNINITIALISED.
Andrew Bartlett
Andrew Bartlett [Sun, 10 Apr 2005 07:39:51 +0000 (07:39 +0000)]
r6270: Move the VUID handling to a IDR tree. This should avoid O(n)
behaviour on session setups, and because we no longer need do deal
with the linked list as much, the code is much simpiler too.
We may be able to compleatly remove the tid and vuid linked lists, but
I need to check.
This patch also tries to clean up the VUID handling and session setups
in general. To avoid security issues, we now have a distinction
between VUIDs allocated for the session setup (to tie togeather the
multiple round trips) and those used after authentication.
Andrew Bartlett
Andrew Tridgell [Fri, 8 Apr 2005 09:38:16 +0000 (09:38 +0000)]
r6248: added parsing of type 10 UAS announce netlogon packets
Andrew Tridgell [Fri, 8 Apr 2005 08:57:09 +0000 (08:57 +0000)]
r6247: added the server side code for receiving mailslot requests, and
parsing incoming netlogon requests. No replies are sent yet.
Andrew Tridgell [Fri, 8 Apr 2005 05:46:00 +0000 (05:46 +0000)]
r6246: stop waiting when we get a reply
Andrew Tridgell [Fri, 8 Apr 2005 05:34:13 +0000 (05:34 +0000)]
r6245: receive and parse the GETDC response in the NBT-DGRAM test. The test
now tries to bind to port 138 if possible, so if you run it as root
and smbd/nmbd is not running then it works against windows servers
Jeremy Allison [Thu, 7 Apr 2005 19:50:54 +0000 (19:50 +0000)]
r6238: Ensure if realloc fails on an internal
tdb we fail gracefully.
Jeremy.
Richard Sharpe [Wed, 6 Apr 2005 23:22:52 +0000 (23:22 +0000)]
r6229: Back out these changes ...
Richard Sharpe [Wed, 6 Apr 2005 16:48:28 +0000 (16:48 +0000)]
r6226: A couple of small typos ...
Andrew Tridgell [Wed, 6 Apr 2005 11:17:08 +0000 (11:17 +0000)]
r6223: added a bit more datagram infrastructure and the beginnings of a test
suite. The NBT-DGRAM test does a UDP/138 netlogon request, to which a
windows server sends a reply, but the windows server sends the reply
to the wrong port (it always sends to 138), so the test suite doesn't
see it.
Andrew Tridgell [Wed, 6 Apr 2005 10:06:08 +0000 (10:06 +0000)]
r6222: fixed the socket wrapper code for getsockname()
Richard Sharpe [Tue, 5 Apr 2005 19:53:07 +0000 (19:53 +0000)]
r6219: This change allows us to fall back to authenticating without
DCERPC_SCHANNEL_128 if we fail. Thus, it allows us to work with Windows
NT DCs ...
Tim Potter [Tue, 5 Apr 2005 11:54:53 +0000 (11:54 +0000)]
r6215: Add test for LookupNames. Fix CreateUser2 test.
Tim Potter [Tue, 5 Apr 2005 11:50:47 +0000 (11:50 +0000)]
r6214: Fix typo in DomainHandle.OpenUser() function.
Implement DomainHandle.LookupNames() function.
UserHandle.DeleteUser() closes the handle so don't try and close it
when the GC destroys the class instance.
Tim Potter [Tue, 5 Apr 2005 11:48:16 +0000 (11:48 +0000)]
r6213: Add %array_functions for struct samr_String so we can create and
access arrays of them.
Tim Potter [Tue, 5 Apr 2005 11:47:21 +0000 (11:47 +0000)]
r6212: Treat uint8 and int8's as integers instead of chars. Swig maps a char
to a string when we really want an integer.
Tim Potter [Tue, 5 Apr 2005 09:38:51 +0000 (09:38 +0000)]
r6211: Use cli_credentials_set_{domain,username,password}() to fill in
command line arguments for credentials typemap. Neat!
Tim Potter [Tue, 5 Apr 2005 09:18:36 +0000 (09:18 +0000)]
r6210: Call cli_credentials_set_conf() when initialising credentials in
cli_credentials typemap.
Andrew Tridgell [Tue, 5 Apr 2005 08:35:02 +0000 (08:35 +0000)]
r6209: started added code to support mailslot requests over UDP/138
datagrams. This adds the IDL to parse mailslot packets, plus mailslot
dispatch and listener registration code.
mailslots are used for UDP/138 browse and netlogon packets
Tim Potter [Tue, 5 Apr 2005 07:58:02 +0000 (07:58 +0000)]
r6208: Add cli_credentials support for swig wrappers. For the moment it
only does anonymous connections.
Stefan Metzmacher [Tue, 5 Apr 2005 07:03:31 +0000 (07:03 +0000)]
r6207: - clean up source topdir
- move provision stuff to setup/
- remove unused scripts
metze
Stefan Metzmacher [Tue, 5 Apr 2005 06:55:10 +0000 (06:55 +0000)]
r6206: go baack 10 revisions to get DatabaseDeltas, this shows that the bdc only
need one call to get in sync again (except something like NT_STATUS_MORE_ENTRIES is returned)
also the pdc only need to know the current state values
metze
Stefan Metzmacher [Mon, 4 Apr 2005 17:04:03 +0000 (17:04 +0000)]
r6197: fix for my last commit, I removed SPOOLSS_ARCHITECTURE, which was "Architecture"
(sorry richard:-)
disable lookup for DefaultSpoolDirectory until, I have fixed the parsing when WERR_MORE_DATA
is returned
metze
Richard Sharpe [Mon, 4 Apr 2005 16:42:31 +0000 (16:42 +0000)]
r6196: Make the comparisons consistent with in the same expression.
Richard Sharpe [Mon, 4 Apr 2005 16:40:23 +0000 (16:40 +0000)]
r6195: I think Metze meant SPOOLSS_ARCHITECTURE_NT_X86, but I could be wrong.
Stefan Metzmacher [Mon, 4 Apr 2005 15:19:27 +0000 (15:19 +0000)]
r6194: - fix some spoolss_*Form names and types
- fix GetPrinterData(), look inside the datablob
- add idl for RemoteFindFirstChangeNotify(), without meaning yet, just to not return a DCERPC_FAULT
when receiving this request
metze
Stefan Metzmacher [Mon, 4 Apr 2005 15:15:18 +0000 (15:15 +0000)]
r6193: we don't need to store the handle type here,
it's in handle->wire_handle.handle_type
metze
Stefan Metzmacher [Mon, 4 Apr 2005 14:58:52 +0000 (14:58 +0000)]
r6192: remove handle->destroy function pointer, this should be done by talloc destructors now
metze
Stefan Metzmacher [Mon, 4 Apr 2005 14:25:29 +0000 (14:25 +0000)]
r6191: fix spoolss_Enum* push code
metze
Stefan Metzmacher [Mon, 4 Apr 2005 14:23:34 +0000 (14:23 +0000)]
r6190: fix gensize on unions
metze
Stefan Metzmacher [Mon, 4 Apr 2005 14:22:28 +0000 (14:22 +0000)]
r6189: move function to the right place
metze
Stefan Metzmacher [Mon, 4 Apr 2005 05:52:53 +0000 (05:52 +0000)]
r6188: correct fix for rev 6182
we should start with an empty switch_list
in ndr_print as we do for ndr_pull/ndr_push
metze
Richard Sharpe [Sun, 3 Apr 2005 21:37:13 +0000 (21:37 +0000)]
r6187: 1. Make sure that we don't try to delete . and .. in a more portable way.
2. Also, don't try to delete directories.
I am not entirely happy with this patch, and the fact that there is a
define for HAVE_SYS_STAT_H suggests that there are some systems for which
stat will not be defined, which means that the patch is not entirely
portable.