summaryrefslogtreecommitdiff
path: root/libcli
AgeCommit message (Collapse)AuthorFilesLines
2013-01-17libcli/security: don't look at the inherited type in get_ace_object_type()Stefan Metzmacher1-2/+0
The inherited_type is only used to decide if aces should be inherited effectively or not (INHERIT_ONLY) for the specified object. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net>
2013-01-16smb2_ioctl: split ioctl handler code on device typeDavid Disseldorp1-0/+2
Add per device type ioctl handler source files for FSCTL_DFS, FSCTL_FILESYSTEM, FSCTL_NAMED_PIPE and FSCTL_NETWORK_FILESYSTEM. Reviewed by: Jeremy Allison <jra@samba.org>
2013-01-15libcli/security: Ensure to fill in remaining_access for the initial case ↵Andrew Bartlett1-0/+1
(bug #9554 - CVE-2013-0172) It is critically important that we initialise this element as otherwise all access is permitted. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a75805490d96a85786287f5d0522dd7671d6816e)
2012-12-21libcli: Fix smb2cli_ioctl_send() if clause.Andreas Schneider1-1/+1
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-21libcli: Check schannel state return value of tdb_transaction_commit().Andreas Schneider1-1/+5
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-15libcli/auth: add netlogon_creds_encrypt_samlogon_validation().Günther Deschner2-6/+44
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-15libcli/auth: rename netlogon_creds_decrypt_samlogon() to ↵Günther Deschner2-6/+9
netlogon_creds_decrypt_samlogon_validation(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-11libcli/security: calculate the correct inherited_object GUIDStefan Metzmacher1-1/+7
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-12-11libcli/security: implement object_in_list()Stefan Metzmacher1-2/+23
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-12-09libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().Günther Deschner1-0/+14
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09libcli/auth: remove trailing whitespace.Günther Deschner1-38/+38
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.Günther Deschner2-0/+30
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-02libcli/security: remove duplicate aces in se_create_child_secdesc()Stefan Metzmacher1-0/+34
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-30Fix Bug 9422 - large read requests cause server to issue malformed replyVolker Lendecke1-1/+1
Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Nov 30 03:27:07 CET 2012 on sn-devel-104
2012-11-01libcli/smb: add smbXcli_session_set_disconnect_expired() (bug #9175)Stefan Metzmacher2-0/+35
This should be a short term hack until the upper layers have implemented re-authentication. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-10-27libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209)Stefan Metzmacher1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104
2012-10-16libcli/dns: Time out requests after a whileKai Blin1-0/+8
Time out UDP requests after DNS_REQUEST_TIMEOUT seconds. Currently set to 2 seconds. This should fix bug #8878. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 16 12:58:32 CEST 2012 on sn-devel-104
2012-09-29libcli/smb: add smb1cli_echo*Stefan Metzmacher3-0/+181
metze
2012-09-29libcli/smb: add smb2cli_echo*Stefan Metzmacher3-0/+130
metze
2012-09-29libcli/smb: use an explicit TALLOC_FREE(subreq) in smb2cli_*Stefan Metzmacher9-0/+9
metze
2012-09-27Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash.Jeremy Allison1-3/+2
Ensure we correctly protect against blobs with data_offset==0 and data_length != 0. Jeremy. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104
2012-09-22libcli/echo: validate the message lengthStefan Metzmacher1-0/+5
metze
2012-09-19libcli: add a define for the APP_INSTANCE_ID smb2 create contextMichael Adam1-0/+1
2012-09-19libcli/smb: fix padding in smb2_create_blob*Stefan Metzmacher1-11/+30
metze
2012-09-07waf: Rename nmblookup manpage to nmblookup4.Andreas Schneider2-66/+66
2012-08-31Factor out privilege checking code into se_file_access_check() which takes a ↵Jeremy Allison2-10/+87
bool priv_open_requested parameter.
2012-08-30Fix bug #9124 - Samba fails to set "inherited" bit on inherited ACE's.Jeremy Allison1-3/+7
Change se_create_child_secdesc() to handle inheritance correctly.
2012-08-25libcli/smb: split out a smb_transport private libraryStefan Metzmacher1-3/+15
metze
2012-08-25libcli/smb: wscript_build => wscriptStefan Metzmacher1-1/+2
We'll need some configure checks in future. metze
2012-08-24Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen().Jeremy Allison3-13/+3
The code in SMBNTLMv2encrypt_hash() should not be requesting case changes on the domain name. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104
2012-08-24Remove useless bool "upper_case_domain" parameter.Jeremy Allison1-13/+2
2012-08-24Move uppercasing the domain out of smb_pwd_check_ntlmv2()Jeremy Allison1-9/+21
Allows us to remove a silly bool parameter. Based on work done by "Blohm, Guntram (I/FP-37, extern)" <extern.guntram.blohm@audi.de>.
2012-08-22libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLEBjörn Jacke1-1/+1
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Wed Aug 22 01:30:06 CEST 2012 on sn-devel-104
2012-08-17libcli/smb: make sure the SMB2_TRANSFORM pdu is completeStefan Metzmacher1-3/+12
metze
2012-08-16libcli/smb: support broken OS/2 error responses bug #9096Stefan Metzmacher1-3/+57
OS/2 skips the DATA Block in SMB1 responses. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 16 13:16:49 CEST 2012 on sn-devel-104
2012-08-15libcli/smb: verify decrypted SMB2 pdus correctlyStefan Metzmacher1-2/+38
We need to make sure we got a encrypted response if we asked for it. If we don't get a encrypted response, we use a similar logic as with signing to propagated wellknown errors to the higher layer and set state->smb2.signing_skipped = true. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 15 16:26:26 CEST 2012 on sn-devel-104
2012-08-15libcli/smb: fix parsing of compounded messages within a SMB2_TRANSFORM pduStefan Metzmacher1-5/+12
One SMB2_TRANSFORM pdu wraps multiple SMB2 pdus. We inject the SMB2_TRANSFORM header to each response which was wrapped inside. This allows the next layer to verify if the SMB2 pdu was encrypted. metze
2012-08-15libcli/smb: fix smb2cli_req_compound_submit for multiple encrypted messagesStefan Metzmacher1-63/+104
There should be only one SMB2_TRANSFORM header for all compound requests. metze
2012-08-15libcli/smb: all flags except SMB2_HDR_FLAG_ASYNC should be cleared in a ↵Stefan Metzmacher1-0/+6
cancel request. metze
2012-08-10build: rename security → samba-securityBjörn Jacke1-2/+2
there is a libsecurity on OSF1 which clasheѕ with our security lib. see bug #9023. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 10 14:22:21 CEST 2012 on sn-devel-104
2012-08-08libcli/smb: do not set SMB2_TF_MSG_SIZE in the callerStefan Metzmacher1-3/+0
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 8 07:32:55 CEST 2012 on sn-devel-104
2012-08-08libcli/smb: smb2_signing_[en|de]crypt_pdu() check and set SMB2_TF_MSG_SIZEStefan Metzmacher1-6/+16
metze
2012-08-07libcli/util: add NT_STATUS_FILE_NOT_AVAILABLEStefan Metzmacher2-0/+2
metze
2012-08-07libcli/smb: use forward declaration instead of includesStefan Metzmacher1-3/+2
metze
2012-08-06smbXcli: add some includes to fix compiler warningsChristian Ambach1-0/+3
if smbXcli_base.h is included on its own, there are various compiler warnings about implicitly declared struct iovec and smb2_create_blobs
2012-08-04libcli/smb: add smb1cli_session_protect_session_key()Stefan Metzmacher2-0/+25
metze
2012-08-04libcli/smb: add smb_key_derivation() for ↵Stefan Metzmacher2-1/+49
TREE_CONNECT_ANDX_EXTENDED_SIGNATURES support metze
2012-08-04libcli/smb: pass hdr/len to smb_signing_check/sign_pdu() and skip the nbt headerStefan Metzmacher3-17/+25
metze
2012-08-04libcli/smb: change smb_signing to skip the NBT_HEADER_SIZE internallyStefan Metzmacher1-19/+24
metze
2012-08-01libcli/smb: move some TCON related defines to smb_constants.hStefan Metzmacher1-0/+13
metze