Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Aug 5 14:51:51 UTC 2025 on atb-devel-224
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1dbafcc4e4ff8f39af5ca737b30e9821413dd1f2)
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d88268102ade07fab345e04109818d97d8843a14)
Pavel Filipenský [Wed, 23 Jul 2025 13:09:21 +0000 (15:09 +0200)]
s3:winbindd: Resolve dc name using CLDAP also for ROLE_IPA_DC
server role ROLE_IPA_DC (introduced in e2d5b4d) needs special handling
in dcip_check_name(). We should resolve the DC name using:
- CLDAP in dcip_check_name_ads()
instead of:
- NETBIOS in nbt_getdc() that fails if Windows is not providing netbios.
The impacted environment has:
domain->alt_name = example.com
domain->active_directory = 1
security = USER
server role = ROLE_IPA_DC
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org>
Pair-programmed-with: Andreas Schneider <asn@samba.org>
Add check for the GPO link to have at least two attributes separated by semicolumn. Allows to handle empty links.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15877
RN: Fix handling of empty GPO link
Singed-off-by: Alex Sharov (kororland@gmail.com) Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 10 18:55:33 UTC 2025 on atb-devel-224
Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jul 7 10:44:37 UTC 2025 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 18 12:10:03 UTC 2025 on atb-devel-224
Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 17 18:33:15 UTC 2025 on atb-devel-224
s3:rpc_client: remember the local/remote ipv4 or ipv6 addresses
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit b6123197d13b5350b8fc88e9c8d59f0f05c3aed6)
s3:rpc_client: split out cli_rpc_pipe_client_auth_schannel()
This will allow us to use it without creating a new
association group and transport connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 14fe854ec5379c422e805cde6ed6290f86ad66db)
This will allow to do an alter context if security context multiplexing
is negotiated or opening a new connection in the same association group.
The old connection will be kept open, but not used anymore...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit dd7980841593d18081216e6eb3e1b0fb9bd9c757)
s3:rpc_client: make real use of rpc_client_{association,connection}
This will allow NCACN_NP and NCACN_IP_TCP to support
alter_context with security context multiplexing
or otherwise more than one connection per association group.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 899c9f2d6836c3b63acb6f261690c087e287afde)
s3:rpc_client: let cli_rpc_pipe_open() use rpc_client_connection_np()
This way cli_rpc_pipe_open() uses the same flow for
rpc_client_connection_np() and rpc_pipe_open_tcp_port().
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit fab0d27c5cf4885c31d7ed04ea69eda7992ea209)
s3:rpc_client: convert rpc_pipe_open_np() to rpc_client_{association,connection}
This split out rpc_client_connection_np_send/recv, which will
be used as shortcut in a later commit.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 7b9cef2a29333c6338520754927ee37027738010)
s3:rpc_client: convert rpc_pipe_open_tcp_port() to rpc_client_{association,connection}
Note that cli_rpc_pipe_open() calls rpc_client_association_create()
without a need for NCACN_NP, but that will change in the next commits...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 637a8e5270fefaea5c61921d4b6ecfc4455a91aa)
s3:rpc_client: convert rpc_pipe_open_local_np() to rpc_client_{association,connection}
For rpc_pipe_open_local_np() it's not really important to abstract
these out, but we want to have these for all...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 338dd71cc39195fcf25977b40b9772775972bc9f)
s3:rpc_client: convert rpc_pipe_open_ncalrpc() to rpc_client_{association,connection}
For rpc_pipe_open_ncalrpc() it's not really important to abstract these
out, but we want to have these for all...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5e9c2ebb37b276d7c90b4cc8397c4853f62aa189)
s3:rpc_client: add struct rpc_client_{association,connection} and helpers
They will be every useful for NCACN_NP and NCACN_IP_TCP,
so that we can support alter_context or more than one connection
per association group.
We mark the helpers as _UNUSED_ for now in order to compile...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 327fe920d07e5bcbcaa0f09f276aad2b99d68235)
s3:rpc_client: only pass the pipe_name to rpc_transport_np_init_send()
There's no need to have the ndr_interface_table at that stage...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5b3573135b222755cd897d4539c0e5a89f7cdf5b)
s3:rpc_client: make most of rpc_pipe_client internal struct members
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit ae88941c8a2e4e9c7d0deb9c39dcbb2f9fab0ebb)
s3:librpc/rpc: split out dcerpc_internal.h for struct pipe_auth_data
This should be anonymous for callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit b874619b5ed5d29a939f13d8064a47c8aca45b8c)
s3:libsmb: make use of dcerpc_binding_get_abstract_syntax()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 8d666e18f8d254124967e7ac56fc5b171963c02f)
s3:lib/netapi: make use of dcerpc_binding_get_abstract_syntax()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit fe94230f7ebedfdcc5f087b442ee91d9c44b734f)
s3:rpcclient: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit e5c09e041d1517649616d0d4b072422802a69f08)
s3:winbindd: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 504906e60f9a09518202397f0aa0782242dbe3bb)
s3:rpc_client: remove references to rpc_pipe_client from wsp_cli.c
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit dc6d3c96c33797163ac578675b255872deca9b98)
This is ugly, but it's less ugly than doing it deep
inside of cli_spoolss.c and other code.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 344e45507e122137c357fc177bb024f09fff8b01)
s4:librpc: make all but dcerpc_pipe->binding_handle internal struct members
We could use a dcerpc_internal.h for struct dcecli_security and
struct dcecli_connection, but in struct dcerpc_pipe we still
expose binding_handle and changing that would require way too
much work for now...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 353af4b70559be1665df345655af43a61177c710)
s4:torture/rpc: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 382ece66063bd8ef465e989857394e6f412df6d3)
s4:tortore/rpc: make use of dcerpc_binding_get_abstract_syntax() and dcerpc_binding_get_flags()
We should not use p->syntax nor p->transfer_syntax...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 1713ad96a42e9245697a29d4899924cfbf636fc5)
s4:torture/rpc: make use of dcerpc_binding_handle_get_binding() and dcerpc_binding_get_flags()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 7ed9867fa82ae61a4522a724580900adce7e2bb5)
s4:libnet: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit a4b1845f4c5202afedd65b9d0db2866de75420a5)
s4:libnet: make use of dcerpc_binding_handle_get_binding()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit ad20c6656aa6798541b71b172534054c172d3aa5)
It returns an alloced string so it should not be marked as
const...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9fe85a93539adb73ae59247d044746073915684a)
librpc/rpc: add dcerpc_binding_handle_get_transport() helper function
This will allow callers to avoid the dcerpc_binding_handle_get_binding()
dcerpc_binding_get_transport() dance...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0e751215b349e10cc796065d6d01de35f52b41fd)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit a038e7d8cf7a93ecf9a3e0c906f0d0db81ecee54)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit fffc6e0f37a2d6a6612e17ad6fa777ae6a8eb3b6)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0ef5d79eb6feefa2b7c5821ced98773d6d8fdd3a)
s4:librpc/rpc: call dcerpc_binding_set_abstract_syntax after bind or alter context
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit e8d59ca3361bcdaf4db729eeb4a71f714bd9feda)
s3:winbindd: implement wbint_bh_get_binding() in winbindd_dual_ndr.c
We use NCACN_INTERNAL here too...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 8c2aa56c7003e690252dfb05f78fd083c0c13dab)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit a6034592faf0676532c97a79b9c542bcd2de9537)
We just create an dummy binding handle here
as it's not really dcerpc...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 66411b96b88fbb7b405efa87015e4af1f2988fad)
librpc/rpc: add get_binding() to dcerpc_binding_handle_ops
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 1adf226e74375b2fb0932380f13bf19d8d856ea4)
s3:rpc_client: header signing is negotiated per transport connection
All gensec backends support GENSEC_FEATURE_SIGN_PKT_HEADER, so there's
no point in negotiating header signing based on the
auth context used during the DCERPC Bind.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 72b79a771fdbf54aa73b4c1b0372b9dffd81bfa6)
s3:rpc_client: make use of struct samba_sockaddr in rpc_pipe_open_ncalrpc()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit d406f9fffede27220f4d589c8ab3c7210ca01b74)
s3:rpcclient: make use of dcerpc_binding_handle_auth_info()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 8dcbbebe56d3dad3650eca79322150e9d397e227)
s3:rpc_client: the transport_session_key is per connection!
It's not per auth_context_id, currently there's no difference
but that will change in future...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 1a311df3d61d3f3dbb986cc35470df6445802ff6)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 3a3338bd184e3c51eab48fb1a03b1b3e749f2dc6)
s3:rpcclient/cli_drsuapi: make use of dcerpc_binding_handle_auth_session_key()
Note we only need to call this once per connection, not after
each request...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit f75189dee9db486d393cd17c25f5a84ce2d0b889)
s3:libnet_dssync: make use of dcerpc_binding_handle_auth_session_key()
Note we only need to call this once per connection, not after
each request...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 099c8d904ece0edbefecbaa51fa50256fd2ea7c0)
s3:rpc_client: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 77da0914d5cccd7116ca3b6f75cb4d0cd0107239)
s3:utils/net_rpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit a14ac349deca11cda4159266cb3119fb3024999c)
s3:libnet_join: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 56175a0947fbb56d151fca057cf9696d55ea5d82)
s3:lib/netapi: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 2cb726e92c819d60509419a33cd8da265e1c99e7)
s4:torture/drs: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit bbe529a2f6090d2b9df0f361aee9b0a28523cefe)
s4:pyrpc: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 38874d28404f49a075bab71fb7357d266173791a)
s4:py_net: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5d3faa86fd47d6bc887e182f3eb5a51144339549)
s4:libnet: make use of dcerpc_binding_handle_auth_session_key() in libnet_become_dc.c
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit bf888b59e34169e1f6b9fd1d211cb8ff973cf333)
s4:drepl: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 51f5eefcd119b5981281924a45380d99f9158a88)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit af16ecece870846323956c37d3e15abe24e336fd)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 64467157479c04cb4bafa6c4ec19213009f0643f)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5e34173041eb04e30f3f6f81a3269d621220b09c)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit d9bf23f971dd8f426424f05076e76be587d42087)
s4:torture/rpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 4ccd2dd8a2f78bcd53c047889b8043e8d95a6d55)
xss4:pyrpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 57905603e066e2d1ca60268b1b1e8166868d60e5)
s4:libnet: make use of dcerpc_binding_handle_transport_session_key() in libnet_passwd.c
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 93e8d58736e53d8d360ef2ee40f1619bd917c054)
s4:libnet: add struct dcerpc_binding_handle helper variables in libnet_passwd.c
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 2d1c182bf512666606b8192b2021d571a47d2f58)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 3cc6ddeb589f0357c436d1caa70130f053ddcba0)
s4:pyrpc: let py_iface_transport_encrypted() use dcerpc_binding_handle_transport_encrypted()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9567d753ac0fcffb50f3710f3329334afb7595cd)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5bb35cc7cca101390e58256e9b38e31113211e4f)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9b50ab08c16c197291835c8e66cd064ca0bb6579)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 3dc3f9cf1b6fc47baea329863e31ff140cf89550)
s4:torture/rpc: avoid using DCERPC_NDR_REF_ALLOC in fsrvp.c
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 061267e0e4de5c6379205a09376ec21374a87a3d)
projects / thirdparty / samba.git / log
