summaryrefslogtreecommitdiff
path: root/libcli
AgeCommit message (Collapse)AuthorFilesLines
2010-03-03libcli/security: fix sddl.c to be able to build it from source3Michael Adam1-1/+1
2010-03-03s4:move the sddl code down to the top levelMichael Adam3-1/+659
Michael
2010-02-26libcli/auth: print the error in the debug messageStefan Metzmacher1-1/+2
metze
2010-02-23s4:cleanup remove unused schannel ldb codeSimo Sorce2-339/+0
2010-02-23s4:schannel merge code with s3Simo Sorce1-2/+2
After looking at the s4 side of the (s)channel :) I found out that it makes more sense to simply make it use the tdb based code than redo the same changes done to s3 to simplify the interface. Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet that does not solve the lookup speed, with ldb it is always going to be slower. Looking through the history it is evident that the schannel database doesn't really need greate expanadability. And lookups are always done with a single Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated. The schannel database is not really a persistent one. It can be discared during an upgrade without causing any real issue. all it contains is temproary session data.
2010-02-23schannel_tdb: make code compilable in both treesSimo Sorce2-51/+98
2010-02-23s3:schannel streamline interfaceSimo Sorce2-42/+181
Make calling schannel much easier by removing the need to explicitly open the database. Let the abstraction do it instead.
2010-02-23s3:schannel fix memory hierarchySimo Sorce1-1/+1
passing mem_ctx was causing creds->sid to be allocated on mem_ctx and not be child of creds as expected. When later in schannel_check_creds_state() we stole the creds on a different memory context the sid was left behind and the memory it points to freed when the temporary context was freed.
2010-02-23schannel: merge header filesSimo Sorce2-48/+34
One almost empty header file was simply including another not included by anything else. Just merge them together.
2010-02-23s4:schannel more readable check logicSimo Sorce2-12/+0
Make the initial schannel check logic more understandable. Make it easy to define different policies depending on the caller's security requirements (Integrity/Privacy/Both/None) This is the same change applied to s3
2010-02-23s3:schannel more readable check logicSimo Sorce2-17/+0
Make the initial schannel check logic more understandable. Make it easy to define different policies depending on ther caller's security requirements (Integrity/Privacy/Both/None)
2010-02-23tstream: Added a typedef for the function prototype.Andreas Schneider2-9/+19
2010-02-14lib: use TYPESAFE_QSORT() in lib/ and libcli/Andrew Tridgell1-5/+4
2010-02-08nbt: don't reference the event_ctx in nbtsockAndrew Tridgell1-1/+1
This causes talloc_free with references errors
2010-02-02Change uint_t to unsigned int in libcliMatt Kraai5-5/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-02-01libcli/nbt: fix ndr_push_nbt_string() string labels with a length of 63 ↵Stefan Metzmacher1-2/+2
(0x3F) are allowed metze
2010-01-29s4:libcli/util/tstream.c - Need to include "system/network.h"Matthias Dieter Wallnöfer1-0/+1
Otherwise I don't get "struct iovec" through "<sys/uio.h>" on CentOS 4.
2010-01-29libcli/nbt: fix off-by-one bug in ndr_pull_wrepl_nbt_name()Stefan Metzmacher1-2/+2
The scope starts at byte 17 with index 16. metze
2010-01-29libcli/nbt: fix ndr_pull/push_wrepl_nbt_name()Stefan Metzmacher1-0/+25
[MS-WINSRA] — v20091104 was wrong regarding section "2.2.10.1 Name Record" If the name buffer is already 4 byte aligned Windows (at least 2003 SP1 and 2008) add 4 extra bytes. This can happen when the name has a scope. metze
2010-01-25Revert "libcli/security: Remove a call to strncasecmp"Volker Lendecke1-1/+5
This reverts commit 7c687665eaf16b0c6f83c130f6d9e5459e0b2a32.
2010-01-25Revert "libcli/security: Convert some strtol calls to strtoul"Volker Lendecke1-2/+2
This reverts commit 7fe66e06c4df575c410d4d70ff38f120c2f4363b.
2010-01-25Revert "libcli/security: Fix a valgrind error in dom_sid_parse"Volker Lendecke1-4/+0
This reverts commit f1c889a4e61d6d751cbabd8014b4345b8051b97c.
2010-01-25Revert "libcli/security: Prohibit SID formats like S-1-5-32-+545"Volker Lendecke1-13/+0
This reverts commit 1fbeae41655b8305834f2149b1268077eba8633d. Apparently this breaks the build of Samba4
2010-01-23libcli/security: Prohibit SID formats like S-1-5-32-+545Volker Lendecke1-0/+13
2010-01-23libcli/security: Fix a valgrind error in dom_sid_parseVolker Lendecke1-0/+4
2010-01-23libcli/security: Convert some strtol calls to strtoulVolker Lendecke1-2/+2
This tightens the dom_sid_parse syntax check a bit: "--" would have been allowed in sid string
2010-01-23libcli/security: Remove a call to strncasecmpVolker Lendecke1-5/+1
2010-01-08libcli/util: add tstream_read_pdu_blob_send/recvStefan Metzmacher2-0/+246
This will take the some full_request callback function as the Samba4 packet code. metze
2010-01-07Simplify E_md5hash a bitVolker Lendecke1-6/+2
2009-12-22libcli/auth Make gd's NDR NTLMSSP parsers helpers commonAndrew Bartlett2-0/+189
(but not built in Samba4 for now)
2009-12-16ldap: give a debug error when we don't know a controlAndrew Tridgell1-0/+2
This interface should really have a proper error interface, but at least a DEBUG() gives the user a chance of finding the error Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-10libcli: use GUID_to_ndr_blob()Andrew Tridgell1-4/+3
2009-11-25libcli: allow ntstatus.h to be used by openchangeAndrew Tridgell1-0/+8
apparently ntstatus.h is used by openchange, but they don't include replace.h. This makes that possible again.
2009-11-04libcli/nbt Move more of lmhosts lookup into common codeAndrew Bartlett2-0/+85
This aims to eventually share this with Samba4. Andrew Bartlett
2009-10-24libcli/auth: initialize creds in netlogon_creds_client_init_session_key()Stefan Metzmacher1-2/+3
metze
2009-10-24libcli/auth: fix memory leak in schannel_creds_server_step_check_ldb()Stefan Metzmacher1-24/+37
metze
2009-10-24libcli/auth: don't leak the ldb_msg in schannel_store_session_key_ldb()Stefan Metzmacher1-1/+1
metze
2009-10-23s4-python: we need to include Python.h firstAndrew Tridgell1-1/+1
If we don't include Python.h first then we get a pile of warnings due to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-17added NT_STATUS_NOT_OK_RETURN_AND_FREE()Andrew Tridgell1-0/+7
Try to make it a bit easier to avoid leaks in common code
2009-10-04s3/s4 common: fix up header fileMatthias Dieter Wallnöfer1-2/+1
2009-09-30w32err: Importing auto-generated Win32 errors and descriptionsKamen Mazdrashki2-1/+7222
Error codes and their descriptions are generated using w32err_code.py script. Error are downloaded from MS site: http://msdn.microsoft.com/en-us/library/cc231199%28PROT.10%29.aspx Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30w32err: WERR_GROUP_NOT_FOUND renamed to WERR_GROUPNOTFOUNDKamen Mazdrashki2-2/+2
In Win 32 we have NERR_GroupNotFound which maps to WERR_GROUP_NOT_FOUND currently and we have ERROR_GROUP_NOT_FOUND which maps to nothing, so it is to be added Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30w32err: WERR_USER_EXISTS replace with WERR_USEREXISTS nameKamen Mazdrashki2-3/+3
In Win32 we have NERR_UserExists which maps to WERR_USER_EXISTS currently and there is ERROR_USER_EXISTS which maps to WERR_USER_ALREADY_EXISTS Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30w32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUNDKamen Mazdrashki2-3/+3
It turns out in win32 ERROR_DC_NOT_FOUND exists and it is an error for Device Context (DC), not Domain Controller Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30w32err: FRS_ group of errors replaced with numeric valuesKamen Mazdrashki1-3/+3
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30w32err: WERR_DOMAIN_CONTROLLER_NOT_FOUND error value fixedKamen Mazdrashki1-1/+1
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-20Initial implementation of security descriptor creation in DSNadezhda Ivanova2-0/+54
TODO's: ACE sorting and clarifying the inheritance of object specific ace's.
2009-09-19libcli:nbt move prototypes of lmhosts functions to libnbt.hAndrew Bartlett1-1/+6
2009-09-18libcli/named_pipe_auth: pass gssapi delegated credentials through the named pipeStefan Metzmacher2-22/+32
metze
2009-09-17util: use likely/unlikely for NT_STATUS_* macrosAndrew Tridgell1-3/+3