summaryrefslogtreecommitdiffstats
path: root/source3/rpc_server
Commit message (Collapse)AuthorAgeFilesLines
...
* s3-rpc_server: Remove obsolete process_creds boolean in samlogon server.Günther Deschner2012-12-091-24/+3
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-rpc_server: support AES for interactive netlogon samlogon password ↵Günther Deschner2012-12-091-2/+34
| | | | | | | | | | | decryption. Still need to fix AES support for the returned validation info. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-rpc_server: we need to encrypt OWFs using DES in _netr_ServerGetTrustInfo().Günther Deschner2012-12-091-2/+2
| | | | | | | | | Sumit, please check. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-rpc_server: pass down netlogon cred state in _netr_ServerGetTrustInfo().Günther Deschner2012-12-091-9/+5
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-rpc_server: support AES decryption in netr_ServerPasswordSet2 server.Günther Deschner2012-12-091-1/+6
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* spoolss: fix segfault when "default devmode" is disabledDavid Disseldorp2012-11-291-18/+34
| | | | | | | | | | | | | | | | | | | Currently when "default devmode" is explicitly disabled, and a printer is added with a null device mode, spoolssd crashes in copy_devicemode(). Both construct_printer_info2() and construct_printer_info8() code paths currently unconditionally attempt to copy a printers device mode, without checking whether one is present. This change fixes this regression such that construct_printer_info*() functions check for a null device mode before copying. https://bugzilla.samba.org/show_bug.cgi?id=9433 Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Nov 29 13:03:05 CET 2012 on sn-devel-104
* Change get_nt_acl_no_snum() to return an NTSTATUS, not a struct ↵Andrew Bartlett2012-11-131-4/+7
| | | | | | | | | | | security_descriptor *. Internally change the implementation to use SMB_VFS_GET_NT_ACL() instead of SMB_VFS_FGET_NT_ACL() with a faked-up file struct. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
* s3:rpc_server: avoid a level 0 DEBUG if tstream_npa_connect_recv fails (bug ↵Stefan Metzmacher2012-10-201-1/+5
| | | | | | | | | #9309) metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Oct 20 12:56:23 CEST 2012 on sn-devel-104
* s3: Remove some calls to procid_selfVolker Lendecke2012-10-192-6/+8
| | | | | | | | | The goal is to have procid_self handling completely in the messaging_context. Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Oct 19 20:39:56 CEST 2012 on sn-devel-104
* s3:rpc_server/srvsvc: remove function net_enum_pipes()Gregor Beck2012-10-191-97/+0
| | | | | | | | The relevant records are not written to connections.tdb since commit a781b78417b6d7b875230dd2edcb932445aa4197 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* rpc_server:srvsvc Remove psd variable that was no longer set by ↵Andrew Bartlett2012-10-111-5/+3
| | | | | | | | | | | SMB_VFS_FGET_NT_ACL This fixes up an error introduced by c8ade07760ae0ccfdf2d875c9f3027926e62321b. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Oct 11 07:53:36 CEST 2012 on sn-devel-104
* smbd: Add mem_ctx to {f,}get_nt_acl VFS callAndrew Bartlett2012-10-111-8/+8
| | | | | | | | | | | This makes it clear which context the returned SD is allocated on, as a number of callers do not want it on talloc_tos(). As the ACL transformation allocates and then no longer needs a great deal of memory, a talloc_stackframe() call is used to contain the memory that is not returned further up the stack. Andrew Bartlett
* s3-rpc_server: fix build warningDavid Disseldorp2012-10-101-0/+2
| | | | | | | enum dcerpc_transport_t is undeclared, include required headers. Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Oct 10 12:41:28 CEST 2012 on sn-devel-104
* Make sure the returned sd is on the right context, and if not it's always freed.Jeremy Allison2012-10-091-1/+3
| | | | | Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 9 23:35:50 CEST 2012 on sn-devel-104
* Move setting of psd->dacl->revision and protect against null SD's.Jeremy Allison2012-10-091-2/+4
|
* s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx().Günther Deschner2012-09-281-0/+5
| | | | Guenther
* Fix service control for non-internal services.Vladimir Marek2012-09-181-4/+0
| | | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Sep 18 01:42:23 CEST 2012 on sn-devel-104
* rpcserver: fix useless declaration warningBjörn Jacke2012-09-071-1/+0
| | | | issues by irix compiler
* Change the other two places where we set a security descriptor given by the ↵Jeremy Allison2012-08-301-20/+1
| | | | | | client to got through set_sd(), the canonicalize sd function.
* s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snumAndrew Bartlett2012-08-231-1/+1
| | | | | | | I need to get at the owner, group, DACL and SACL when testing correct ACL storage. Andrew Bartlett
* Correctly check for errors in strlower_m() returns.Jeremy Allison2012-08-092-2/+6
|
* s3:rpc_server/wkssvc: make usage of session_extract_session_key()Stefan Metzmacher2012-08-041-2/+24
| | | | | | This makes sure we return NO_USER_SESSION_KEY if there's no session key. metze
* s3:rpc_server/netlogon: make usage of session_extract_session_key()Stefan Metzmacher2012-08-041-1/+9
| | | | | | This makes sure we return NO_USER_SESSION_KEY if there's no session key. metze
* lib/param: Remove use of lp{cfg,}_socket_address outside the NBT client and ↵Andrew Bartlett2012-07-271-12/+6
| | | | | | | | | server In these other cases, control of the sockets to bind to can be obtained using "bind interfaces only = yes" and "interfaces = ". Andrew Bartlett
* Remove unused variable.Jeremy Allison2012-07-241-1/+0
| | | | | Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 24 02:01:00 CEST 2012 on sn-devel-104
* s3-rpc_server: Remove make_server_info_info3() call from ↵Andrew Bartlett2012-07-191-52/+3
| | | | | | | | | | | | | make_server_pipes_struct() This codepath would only be executed if we provided a partial session_info token across the named pipe forwarding code. The smbd file server always fills this in, and if the ntvfs file server ever wants to use an smbd hosted pipe, it can do the same. Calling create_local_token is always the wrong thing to do. Andrew Bartlett
* loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell2012-07-187-89/+93
| | | | | | | | | | They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* source3/rpc_server/svcctl/srv_svcctl_reg.c: fix stackframe leakRusty Russell2012-07-181-0/+1
| | | | | | | svcctl_init_winreg() doesn't free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* s3:rpc_server: add support for AES bases netlogon schannelStefan Metzmacher2012-07-171-0/+4
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam2012-07-121-7/+7
| | | | | | | | | This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
* s3: rename sid_check_is_domain() to sid_check_is_our_sam()Michael Adam2012-07-121-6/+6
| | | | | | This does not check whether the given sid is the domain sid, but whether it is the sid of the local sam, which is different for a domain member server.
* s3-lsarpc: Enforce a secure connection for LookupSids3 and LookupNames4.Andreas Schneider2012-07-061-8/+14
| | | | http://thread.gmane.org/gmane.network.protocol.cifs.general/291
* s3-lsarpc: Restrict lsa_LookupNames4 to ncacn_ip_tcp connections.Andreas Schneider2012-07-061-12/+23
| | | | See MS-LAT, Section 2.1 Transport.
* s3-lsarpc: Restrict lsa_LookupSids3 to ncacn_ip_tcp connections.Andreas Schneider2012-07-061-12/+23
| | | | See MS-LAT, Section 2.1 Transport.
* s3-lsarpc: Restrict the transport for ncacn_np functions.Andreas Schneider2012-07-061-0/+42
| | | | See MS-LAT, section 2.1 Transport.
* s3-rpc_server: Make it possible to use more rpc exceptions.Andreas Schneider2012-07-0618-376/+348
|
* s3-printing: Remove deprecated lp_printer_admin().Andreas Schneider2012-07-031-42/+14
|
* s3-param: Rename loadparm_s3_context -> loadparm_s3_helpersAndrew Bartlett2012-06-272-6/+6
| | | | | | | | | | | | | | | | | This helps clarify the role of this structure and wrapper function. The purpose here is to provide helper functions to the lib/param loadparm_context that point back at the s3 lp_ functions. This allows a struct loadparm_context to be passed to any point in the code, and always refer to the correct loadparm system. If this has not been set, the variables loaded in the lib/param code will be returned. As requested by Michael Adam. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
* s3-printing: pass a talloc ctx to unpack_pjobDavid Disseldorp2012-06-261-1/+1
| | | | Rather than allocating the devicemode on a null context.
* s3-printing: clean up print_job_pause/resume interfaceDavid Disseldorp2012-06-261-8/+4
| | | | | Currently both return a bool and sometimes set a werr pointer argument, always return werror instead.
* s3-printing: rename queue->job sysjobDavid Disseldorp2012-06-261-8/+8
| | | | | | | | | | | | | | | Print jobs maintain two job identifiers, the jobid allocated by the spoolss layer (pj->jobid), and the job identifier defined by the printing backend (pj->sysjob). Printer job queues currently only contain a single job identifier variable (queue->job), the variable is sometimes representative of the spoolss layer job identifier, and more often representative of the printing backend id. This change renames the queue job identifier from queue->job to queue->sysjob, in preparation for a change to only store the printing backend identifier.
* s3:util: rename procid_equal() to serverid_equal()Michael Adam2012-06-211-1/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* Remove unused variables and code.Jeremy Allison2012-06-191-9/+0
|
* Fix more "set but not used" warnings.Jeremy Allison2012-06-191-6/+3
|
* Fix a bunch of "set but not used" warnings.Jeremy Allison2012-06-191-14/+7
|
* s3:rpc_server/lsasd: remove dependency to libgen.h and basename()Stefan Metzmacher2012-06-191-8/+11
| | | | metze
* auth: Use only security_token_is_system to determine that a user is SYSTEMAndrew Bartlett2012-06-191-1/+1
| | | | | | | | | | This removes the duplication on how to detect that a user is system in Samba now that the smbd system account is also only SID_NT_SYSTEM we can use the same check everywhere. Andrew Bartlett Signed-off-by: Andreas Schneider <asn@samba.org>
* s3-spoolss: delete_drivers should be called as the connecting user.Andreas Schneider2012-06-191-1/+1
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* s3:lib: split things into a conn_tdb.hStefan Metzmacher2012-06-051-0/+1
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jun 5 19:28:35 CEST 2012 on sn-devel-104
* s3:rpc_server: don't do any magic in is_known_pipename() anymoreStefan Metzmacher2012-05-281-12/+3
| | | | | | | | | | The callers have to check if they allow something else than the raw pipe file name. If we allow more than windows allows, we risks Samba specific client behavior. E.g. winbindd only works against Samba servers. metze
generated by cgit (git 2.34.1) at 2025-09-02 21:22:40 +0000