summaryrefslogtreecommitdiff
path: root/librpc/idl
Commit message (Collapse)AuthorAgeFilesLines
* librpc/idl Add some query [getset]info quota related structuresNoel Power2018-08-132-0/+55
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind: Add smbcontrol disconnect-dcVolker Lendecke2018-04-201-0/+1
| | | | | | | | | | Make a winbind child drop all DC connections Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> (backported from commit 0af88b98e7e1bba14827305257e77b63dc82d902)
* winbindd: rename MSG_WINBIND_NEW_TRUSTED_DOMAIN to ↵Ralph Boehme2018-02-111-1/+1
| | | | | | | | | | | | MSG_WINBIND_RELOAD_TRUSTED_DOMAINS This reflects the new implementation in winbindd. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 9f96ede6f500cc1a7c76e67ee785b44a99244d0d)
* dsdb encrypted secrets moduleGary Lockyer2017-12-181-0/+30
| | | | | | | | | | | | | | | | | Encrypt the samba secret attributes on disk. This is intended to mitigate the inadvertent disclosure of the sam.ldb file, and to mitigate memory read attacks. Currently the key file is stored in the same directory as sam.ldb but this could be changed at a later date to use an HSM or similar mechanism to protect the key. Data is encrypted with AES 128 GCM. The encryption uses gnutls where available and if it supports AES 128 GCM AEAD modes, otherwise nettle is used. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nfs4acls: update default NFS4 ACL version to 4.1Ralph Boehme2017-11-081-1/+1
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc/idl: add NFS 4.1 ACL flagsRalph Boehme2017-11-081-0/+5
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc/idl: add versions consts to nfs4acl.idlRalph Boehme2017-11-081-0/+4
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc/idl: rename NFS4 ACL xattr nameRalph Boehme2017-11-081-1/+1
| | | | | | | | | | | | | | | | | | The "system" xattr namespace is reserved for the kernel. Any attempt to use xattrs in that namesspace will fail with EOPNOTSUPP, regardless of priveleges. In autobuild we're using the xattr_tdb VFS module, so it works there. Using the "security" namespace instead makes this module generally usable with Linux filesystem xattrs as storage backend. Additionally prefix the xattr name with "_ndr". This is in preperation of later commits that add a ACL blob marshalling format based on XDR. To avoid xattr name collision, both format will use distinct xattr names by default. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc/idl: rename NFS4 ACL xattr name defineRalph Boehme2017-11-081-1/+1
| | | | | | | No change in behaviour. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* xattr.idl: Don't generate an interface tableVolker Lendecke2017-10-222-7/+2
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sun Oct 22 21:40:16 CEST 2017 on sn-devel-144
* nfs4acls: Don't generate an interface table for nfs4acls.idlVolker Lendecke2017-10-222-6/+3
| | | | | | | | | | | | | Nobody uses the function nfs4acl_test. It took a while to figure out how to get this to build. The "uuid" line in the idl file triggers pidl to generate the function table entry, which in turn then triggers tables.pl to register this interface ./bin/default/source4/librpc/gen_ndr/tables.c. We could for example do the same with xattr_parse_DOSATTRIB. Nobody uses this. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* winbindd: pass domain SID to wbint_UnixIDs2SidsRalph Boehme2017-10-101-0/+1
| | | | | | | | | | | This makes the domain SID available to the idmap child for wbint_UnixIDs2Sids mapping request. It's not used yet anywhere, this comes in the next commit. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* schannel.idl: Fix a typoVolker Lendecke2017-08-251-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 25 04:10:25 CEST 2017 on sn-devel-144
* xattr.id: Fix a typoVolker Lendecke2017-08-181-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Aug 18 20:49:42 CEST 2017 on sn-devel-144
* drepl: Support GET_TGT on periodic replication clientTim Beale2017-08-181-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Update IDL comments to include Microsoft reference doc - Add support for sending v10 GetNCChanges request (needed for the GET_TGT flag, which is in the new 'more_flags' field) - Update to also set the GET_TGT flag in the same place we were setting GET_ANC (I split this logic out into a separate function). - The state struct now needs to hold a 'more_flags' field as well (this flag is different to the GET_ANC replica flag) Note that using the GET_TGT when replicating from a Windows DC could be highly inefficient. Because Samba keeps the GET_TGT flag set throughout the replication cycle, it will basically receive a repeated object from Windows for every single linked attribute that it receives. I believe Windows behaviour only expects the client to set the GET_TGT flag when it actually needs to (i.e. when it receives a target object it doesn't know about), rather than throughout the replication cycle. However, this approach won't work with Samba-to-Samba replication, because when the server receives the GET_TGT flag it restarts the replication cycle from scratch. So if we only set the GET_TGT flag when the client encountered an unknown target then Samba-to-Samba could potentially get into an endless replication loop. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Garming Sam <garming@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12972
* dnsserver: Tighten DNS name checkingGary Lockyer2017-08-151-0/+3
| | | | | | | | | | | Add checks for the maximum permitted length, maximum number of labels and the maximum label length. These extra checks will be used by the DNS wild card handling. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12952
* messaging: Add DLIST pointers to messaging_recVolker Lendecke2017-07-251-0/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* dcerpc.idl Add symbolic constant for /root/ncalrpc_as_systemGary Lockyer2017-07-241-0/+1
| | | | | | | | | | | This is string is used several places in the code and tests, so it should be a constant. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* librpc: use DATA_BLOB in CFDATA structureAurelien Aptel2017-07-191-1/+1
| | | | | | Signed-off-by: Aurelien Aptel <aaptel@suse.com> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* netlogon.idl: mark session keys with NDR_SECRETRalph Boehme2017-07-031-2/+2
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* librpc/idl: make use storage_offload_tokenRalph Boehme2017-07-031-2/+2
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* librpc/idl: fix STORAGE_OFFLOAD_TOKEN_TYPE_ZERO_DATA definitionRalph Boehme2017-07-031-2/+2
| | | | | | | | STORAGE_OFFLOAD_TOKEN_TYPE_ZERO_DATA is defined as 0xffff0001 in MS-FSCC 2.3.79. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* librpc/idl: convert offload flags to a bitmapRalph Boehme2017-07-031-5/+8
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* netlogon.idl: use lsa_TrustType and lsa_TrustAttributes in netr_trust_extensionStefan Metzmacher2017-06-271-2/+2
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* netlogon.idl: make netr_TrustFlags [public]Stefan Metzmacher2017-06-271-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* lsa.idl: make lsa_DnsDomainInfo [public]Stefan Metzmacher2017-06-271-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* idl_types.h: add NDR_SECRET shortcutStefan Metzmacher2017-06-271-0/+6
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* ntprinting.idl: make use of [skip_noinit] for string_flagsStefan Metzmacher2017-06-261-4/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* lsa.String: add String constructor, str and reprGary Lockyer2017-06-221-0/+1
| | | | | | | | | Add a String constructor, str and repr methods to the samba.dcerpc.lsa.String python object Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon.idl: Add netr_LogonSamLogon_flags bitmapStefan Metzmacher2017-06-091-2/+13
| | | | | | | See [MS-NRPC] 3.5.4.5.1 NetrLogonSamLogonEx (Opnum 39). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* netlogon: Implement SendToSam along with its winbind forwardingGarming Sam2017-05-302-1/+43
| | | | | | | | | | | This allows you to forward bad password count resets to 0. Currently, there is a missing access check for the RODC to ensure it only applies to cached users (msDS-Allowed-Password-Replication-Group). (further patches still need to address forcing a RWDC contact) Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* idl drsblobs: add the blobs required for Primary:userPasswordGary Lockyer2017-05-251-0/+44
| | | | | | | | | Add the blobs required to allow the storing of an sha256 or sha512 hash of the password in supplemental credentials Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* drsuapi.idl: Expose GetNCChanges req8 like req10Garming Sam2017-04-131-1/+1
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python: Add bindings for NTLMSSPAndrew Bartlett2017-03-291-6/+6
| | | | | | This is helpful for building NTLMv2 packets in python for testing against the SamLogon server Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* named_pipe_auth: Rename client -> remote_client and server -> local_serverGary Lockyer2017-03-291-6/+6
| | | | | | | | | While these names may have been clear, much of Samba uses remote_address and local_address, and this difference has hidden bugs. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* s3/smbd: move copychunk ioctl limits to IDLRalph Boehme2017-03-281-0/+4
| | | | | | | This will be needed in the next commit in vfs_default. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* python: Provide Python bindings for messaging.idlAndrew Bartlett2017-03-281-6/+1
| | | | | | | | | | This will allow AUTH_EVENT_NAME and MSG_AUTH_LOG to be accessed from python Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Mar 28 13:19:03 CEST 2017 on sn-devel-144
* messaging: Declare well known server name auth_events as AUTH_EVENT_NAME in IDLAndrew Bartlett2017-03-281-0/+3
| | | | | | | This makes it easy to ensure we use the same name in the python and the C Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* messaging.idl: Register a message type for authentication log messagesAndrew Bartlett2017-03-281-0/+3
| | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* lsa.idl: add SID_NAME_LABELStefan Metzmacher2017-03-231-1/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* netlogon.idl: make netr_LogonInfoClass publicStefan Metzmacher2017-03-231-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* drsblobs: Add decode for replPropertyMetaData1Bob Campbell2017-03-131-0/+7
| | | | | | Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
* Revert "winbind: Remove wbint_LookupUserGroups"Volker Lendecke2017-03-061-0/+5
| | | | | | | | | | This reverts commit 256632ed3cc724bab0fc22132ca6b52faf680ab2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12612 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* drsuapi.idl: make drsuapi_DsGetNCChangesRequest10 [public]Stefan Metzmacher2017-02-081-1/+1
| | | | | | | This allows ndr_print to work. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* drsuapi.idl: add drsuapi_DrsMoreOptions with DRSUAPI_DRS_GET_TGTStefan Metzmacher2017-02-081-1/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* librpc/ndr: add [to_null] keyword to szPackageId in spoolss_CorePrinterDriver.Günther Deschner2017-01-241-1/+1
| | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org Reviewed-by: Stefan Metzmacher <metze@samba.org>
* messaging.idl: add ringbuf message typesRalph Boehme2017-01-201-0/+3
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* spoolss: Fix PROCESSOR_AMD_X8664 value in IDLGünther Deschner2017-01-121-5/+5
| | | | | | | | | | | | | Microsoft got their docs wrong in MS-RPRN Section 2.2.1.10.1 (footnote 65): PROCESSOR_AMD_X8664 must be 0x000021D8 and not 0x000022A0. This is what recent windows versions report back from a spoolss getprinter level 0 RPC call. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* winbind: Remove wbint_QueryUserListVolker Lendecke2017-01-041-4/+0
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* winbind: Remove wbint_LookupUserGroupsVolker Lendecke2017-01-041-5/+0
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
View Lorry Controller Status