Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-03-02 | smb2_constants: add SMB2_WATCH_TREE | Christian Ambach | 1 | -0/+3 | |
2012-02-29 | libcli/smb/smb2_signing: rename smb2_key_deviration -> smb2_key_derivation | Michael Adam | 3 | -5/+5 | |
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed Feb 29 09:01:54 CET 2012 on sn-devel-104 | |||||
2012-02-29 | libcli/smb/smbXcli: use smb2_key_deviration() to setup SMB 2.24 keys | Stefan Metzmacher | 1 | -2/+41 | |
This uses the key diveration function from "NIST Special Publication 800-108" in counter mode (section 5.1). Thanks to Jeremy, Michael and Volker for the debugging! metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Feb 29 04:54:48 CET 2012 on sn-devel-104 | |||||
2012-02-29 | libcli/smb/smb2_signing: implement aes_cmac_128 based signing for SMB 2.24 | Stefan Metzmacher | 1 | -18/+58 | |
metze | |||||
2012-02-29 | libcli/smb/smb2_signing: add smb2_key_deviration() | Stefan Metzmacher | 2 | -0/+37 | |
This implements a simplified version of "NIST Special Publication 800-108" section 5.1 using hmac-sha256. Thanks to Jeremy, Michael and Volker for the debugging! metze | |||||
2012-02-27 | libcli/smb/smb2_signing: pass down 'protocol' to smb2_signing_[sign|check]_pdu() | Stefan Metzmacher | 4 | -2/+11 | |
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Feb 27 14:26:32 CET 2012 on sn-devel-104 | |||||
2012-02-27 | libcli/smb/smb2_signing: rename session_key to signing_key | Stefan Metzmacher | 2 | -9/+9 | |
metze | |||||
2012-02-27 | libcli/smb/smbXcli: remove unused if statement from ↵ | Stefan Metzmacher | 1 | -3/+1 | |
smb2cli_conn_dispatch_incoming() metze | |||||
2012-02-27 | libcli/smb/smbXcli: add smb2cli_session_application_key() | Stefan Metzmacher | 2 | -0/+28 | |
metze | |||||
2012-02-27 | libcli/smb/smbXcli: maintain smb2 channel_signing_key separate from the ↵ | Stefan Metzmacher | 2 | -58/+131 | |
signing_key The signing_key is fix across all channels and is used for session setups on a channel binding. Note: - the last session setup response is signed with the new channel signing key. - the reauth session setups are signed with the channel signing key. It's also not needed to remember the main session key. metze | |||||
2012-02-27 | libcli/smb/smbXcli: remove unused checks from smb2cli_session_create_channel() | Stefan Metzmacher | 1 | -11/+0 | |
metze | |||||
2012-02-25 | libcli: Remove a pointless check | Volker Lendecke | 1 | -3/+1 | |
"n" is size_t, so it is always >=0. | |||||
2012-02-22 | Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER but ↵ | Richard Sharpe | 1 | -0/+5 | |
has no permission for that, but token has SeTakeOwnershipPrivilege Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104 | |||||
2012-02-17 | auth: Move the rest of the source4 gensec_ntlmssp code to the top level | Andrew Bartlett | 2 | -3/+3 | |
The ntlmssp_server code will be in common shortly, and aside from a symbol name or two, moving the client code causes no harm and makes less mess. We will also get the client code in common very soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2012-02-17 | auth/kerberos: Move gse_get_session_key() to common code and use in ↵ | Andrew Bartlett | 1 | -0/+17 | |
gensec_gssapi Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett | |||||
2012-01-31 | libcli/smb: Convert struct smb_trans_enc_state to talloc | Andrew Bartlett | 3 | -22/+2 | |
Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2012-01-31 | s3-libsmb: Remove unused enum smb_trans_enc_type | Andrew Bartlett | 1 | -7/+0 | |
Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2012-01-29 | libcli/util: fix typo in nt_errs[] for NT_STATUS_NETWORK_SESSION_EXPIRED | Stefan Metzmacher | 1 | -1/+1 | |
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Jan 29 14:11:12 CET 2012 on sn-devel-104 | |||||
2012-01-27 | libcli/smb: fix smbXcli_negprot(..., PROTOCOL_NT1, PROTOCOL_SMB2_02) | Stefan Metzmacher | 1 | -3/+6 | |
The SMB1 negprot request already consumed the SMB2 sequence '0'. This also happens for the SMB 2.02 case. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Jan 27 15:27:41 CET 2012 on sn-devel-104 | |||||
2012-01-23 | lib: use differing NTSTATUS and WERROR struct members | David Disseldorp | 1 | -2/+2 | |
This allows the compiler to catch uses of incorrectly typed arguments for [NT_STATUS|W_ERROR]_IS_OK() and [NT_STATUS|W_ERROR]_EQUAL(). I.e. WERROR werr; werr = my_fn(); /* XXX returns WERROR type */ if (NT_STATUS_EQUAL(werr, NT_STATUS_OBJECT_NAME_COLLISION)) { | |||||
2012-01-21 | s3-libsmb: Always allow SMB_TRANS_ENC_GSS to be defined | Andrew Bartlett | 1 | -4/+2 | |
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Jan 21 01:28:54 CET 2012 on sn-devel-104 | |||||
2012-01-20 | s3-libsmb: Remove unused smb_tran_enc_state_gss and gssapi headers | Andrew Bartlett | 1 | -15/+0 | |
Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2012-01-20 | s3-libsmb: use struct gensec_security directly | Andrew Bartlett | 2 | -7/+5 | |
This is rather than via a now one-element union. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2012-01-20 | s3-libcli Change krb5 smb sealing to call via gensec and gensec_gse | Andrew Bartlett | 2 | -199/+4 | |
This also fixes the support for smb sealing with krb5 in make test, as this now relies on secrets.tdb rather than /etc/krb5.keytab. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2012-01-12 | auth/kerberos: Remove unused TALLOC_CTX argument to check_pac_checksum | Andrew Bartlett | 1 | -2/+1 | |
2012-01-11 | Second part of fix for bug #8673 - NT ACL issue. | Jeremy Allison | 1 | -3/+4 | |
Ensure we process the entire ACE list instead of returning ACCESS_DENIED and terminating the walk - ensure we only return the exact bits that cause the access to be denied. Some of the S3 fileserver needs to know if we are only denied DELETE access before overriding it by looking at the containing directory ACL. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jan 11 19:24:53 CET 2012 on sn-devel-104 | |||||
2012-01-10 | krb5: Require krb5_string_to_key be available to build with krb5 | Andrew Bartlett | 1 | -1/+1 | |
2012-01-10 | krb5: Require krb5_principal_compare_any_realm be available to build with krb5 | Andrew Bartlett | 1 | -28/+0 | |
2012-01-10 | krb5: Require krb5_c_verify_checksum is available to build with krb5 | Andrew Bartlett | 1 | -63/+20 | |
2012-01-05 | libcli/smb: Add smbXcli_conn_samba_suicide | Volker Lendecke | 2 | -0/+105 | |
This is a pure test tool against Samba servers | |||||
2012-01-01 | Fix the build without kerberos | Volker Lendecke | 1 | -0/+2 | |
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Jan 1 23:56:24 CET 2012 on sn-devel-104 | |||||
2011-12-28 | auth/kerberos: Move gssapi_parse.c to the top level | Andrew Bartlett | 1 | -0/+4 | |
This will help with writing a gensec module for the s3 gse layer. Andrew Bartlett | |||||
2011-12-23 | lib: Fix NT_STATUS_ALL_SIDS_FILTERED definition | Volker Lendecke | 1 | -1/+1 | |
This seems to be more in line with all the other NT_STATUS definitions. Metze, please check. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Dec 23 23:19:17 CET 2011 on sn-devel-104 | |||||
2011-12-22 | libcli/smb: add PROTOCOL_SMB2_24 support | Stefan Metzmacher | 2 | -1/+3 | |
metze | |||||
2011-12-22 | libcli/smb: add SMB2_DIALECT_REVISION_224 | Stefan Metzmacher | 1 | -0/+1 | |
This is specified in the new [MS-SMB2] preview document. metze | |||||
2011-12-17 | libcli/util: add NT_STATUS_NETWORK_SESSION_EXPIRED and ↵ | Stefan Metzmacher | 2 | -0/+4 | |
NT_STATUS_ALL_SIDS_FILTERED metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Dec 17 14:24:40 CET 2011 on sn-devel-104 | |||||
2011-12-12 | libcli: Remove an unused variable | Volker Lendecke | 1 | -1/+0 | |
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Dec 12 23:21:49 CET 2011 on sn-devel-104 | |||||
2011-12-12 | s4-lsarpc handle more info levels in SetInfoTrustedDomain calls | Andrew Bartlett | 4 | -1/+403 | |
This uses the very helpful conversion functions written for the s3 lsa server and places these in common. Andrew Bartlett | |||||
2011-11-29 | smbXcli: add support for SMBreadBraw | Stefan Metzmacher | 1 | -7/+54 | |
metze | |||||
2011-11-29 | smbXcli: add smb1cli_conn_server_{readbraw,writebraw,lockread,writeunlock}() | Stefan Metzmacher | 2 | -0/+24 | |
metze | |||||
2011-11-29 | smb1cli_trans: add support for tevent_req_cancel() | Stefan Metzmacher | 1 | -0/+16 | |
metze | |||||
2011-11-29 | smb1cli_trans: return the status from the server if possible | Stefan Metzmacher | 1 | -1/+16 | |
metze | |||||
2011-11-29 | smbXcli: rebuild smb1.recv_iov array if we expect more than one response | Stefan Metzmacher | 1 | -0/+29 | |
metze | |||||
2011-11-29 | smbXcli: allow up to 10 iovec elements for the bytes in smb1cli_req_create() | Stefan Metzmacher | 1 | -1/+1 | |
The smb1cli_trans_* code uses up to 6 elements, which was too much for the current limit of 5. metze | |||||
2011-11-29 | smbXcli: s/smb2cli_writev_done/smb2cli_req_writev_done | Stefan Metzmacher | 1 | -3/+3 | |
This is a better name and it matches smb1cli_req_writev_done metze | |||||
2011-11-29 | smbXcli: call tevent_queue_stop() for the outgoing queue on disconnect | Stefan Metzmacher | 1 | -0/+2 | |
metze | |||||
2011-11-29 | smbXcli: use talloc_stackframe() instead of talloc_tos() in smb1cli_conn_signv() | Stefan Metzmacher | 1 | -2/+5 | |
metze | |||||
2011-11-29 | libcli/smb: remove unused smb_signing_set_bsrspyl() prototype | Stefan Metzmacher | 1 | -1/+0 | |
metze | |||||
2011-11-28 | Fix Coverity ID 2638: OVERRUN_STATIC | Volker Lendecke | 1 | -1/+1 | |
2011-11-28 | Fix Coverity ID 2639: UNUSED_VALUE | Volker Lendecke | 1 | -2/+0 | |