summaryrefslogtreecommitdiff
path: root/libcli
AgeCommit message (Collapse)AuthorFilesLines
2012-03-02smb2_constants: add SMB2_WATCH_TREEChristian Ambach1-0/+3
2012-02-29libcli/smb/smb2_signing: rename smb2_key_deviration -> smb2_key_derivationMichael Adam3-5/+5
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed Feb 29 09:01:54 CET 2012 on sn-devel-104
2012-02-29libcli/smb/smbXcli: use smb2_key_deviration() to setup SMB 2.24 keysStefan Metzmacher1-2/+41
This uses the key diveration function from "NIST Special Publication 800-108" in counter mode (section 5.1). Thanks to Jeremy, Michael and Volker for the debugging! metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Feb 29 04:54:48 CET 2012 on sn-devel-104
2012-02-29libcli/smb/smb2_signing: implement aes_cmac_128 based signing for SMB 2.24Stefan Metzmacher1-18/+58
metze
2012-02-29libcli/smb/smb2_signing: add smb2_key_deviration()Stefan Metzmacher2-0/+37
This implements a simplified version of "NIST Special Publication 800-108" section 5.1 using hmac-sha256. Thanks to Jeremy, Michael and Volker for the debugging! metze
2012-02-27libcli/smb/smb2_signing: pass down 'protocol' to smb2_signing_[sign|check]_pdu()Stefan Metzmacher4-2/+11
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Feb 27 14:26:32 CET 2012 on sn-devel-104
2012-02-27libcli/smb/smb2_signing: rename session_key to signing_keyStefan Metzmacher2-9/+9
metze
2012-02-27libcli/smb/smbXcli: remove unused if statement from ↵Stefan Metzmacher1-3/+1
smb2cli_conn_dispatch_incoming() metze
2012-02-27libcli/smb/smbXcli: add smb2cli_session_application_key()Stefan Metzmacher2-0/+28
metze
2012-02-27libcli/smb/smbXcli: maintain smb2 channel_signing_key separate from the ↵Stefan Metzmacher2-58/+131
signing_key The signing_key is fix across all channels and is used for session setups on a channel binding. Note: - the last session setup response is signed with the new channel signing key. - the reauth session setups are signed with the channel signing key. It's also not needed to remember the main session key. metze
2012-02-27libcli/smb/smbXcli: remove unused checks from smb2cli_session_create_channel()Stefan Metzmacher1-11/+0
metze
2012-02-25libcli: Remove a pointless checkVolker Lendecke1-3/+1
"n" is size_t, so it is always >=0.
2012-02-22Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER but ↵Richard Sharpe1-0/+5
has no permission for that, but token has SeTakeOwnershipPrivilege Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
2012-02-17auth: Move the rest of the source4 gensec_ntlmssp code to the top levelAndrew Bartlett2-3/+3
The ntlmssp_server code will be in common shortly, and aside from a symbol name or two, moving the client code causes no harm and makes less mess. We will also get the client code in common very soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-17auth/kerberos: Move gse_get_session_key() to common code and use in ↵Andrew Bartlett1-0/+17
gensec_gssapi Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett
2012-01-31libcli/smb: Convert struct smb_trans_enc_state to tallocAndrew Bartlett3-22/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31s3-libsmb: Remove unused enum smb_trans_enc_typeAndrew Bartlett1-7/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-29libcli/util: fix typo in nt_errs[] for NT_STATUS_NETWORK_SESSION_EXPIREDStefan Metzmacher1-1/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Jan 29 14:11:12 CET 2012 on sn-devel-104
2012-01-27libcli/smb: fix smbXcli_negprot(..., PROTOCOL_NT1, PROTOCOL_SMB2_02)Stefan Metzmacher1-3/+6
The SMB1 negprot request already consumed the SMB2 sequence '0'. This also happens for the SMB 2.02 case. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Jan 27 15:27:41 CET 2012 on sn-devel-104
2012-01-23lib: use differing NTSTATUS and WERROR struct membersDavid Disseldorp1-2/+2
This allows the compiler to catch uses of incorrectly typed arguments for [NT_STATUS|W_ERROR]_IS_OK() and [NT_STATUS|W_ERROR]_EQUAL(). I.e. WERROR werr; werr = my_fn(); /* XXX returns WERROR type */ if (NT_STATUS_EQUAL(werr, NT_STATUS_OBJECT_NAME_COLLISION)) {
2012-01-21s3-libsmb: Always allow SMB_TRANS_ENC_GSS to be definedAndrew Bartlett1-4/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Jan 21 01:28:54 CET 2012 on sn-devel-104
2012-01-20s3-libsmb: Remove unused smb_tran_enc_state_gss and gssapi headersAndrew Bartlett1-15/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20s3-libsmb: use struct gensec_security directlyAndrew Bartlett2-7/+5
This is rather than via a now one-element union. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20s3-libcli Change krb5 smb sealing to call via gensec and gensec_gseAndrew Bartlett2-199/+4
This also fixes the support for smb sealing with krb5 in make test, as this now relies on secrets.tdb rather than /etc/krb5.keytab. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-12auth/kerberos: Remove unused TALLOC_CTX argument to check_pac_checksumAndrew Bartlett1-2/+1
2012-01-11Second part of fix for bug #8673 - NT ACL issue.Jeremy Allison1-3/+4
Ensure we process the entire ACE list instead of returning ACCESS_DENIED and terminating the walk - ensure we only return the exact bits that cause the access to be denied. Some of the S3 fileserver needs to know if we are only denied DELETE access before overriding it by looking at the containing directory ACL. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jan 11 19:24:53 CET 2012 on sn-devel-104
2012-01-10krb5: Require krb5_string_to_key be available to build with krb5Andrew Bartlett1-1/+1
2012-01-10krb5: Require krb5_principal_compare_any_realm be available to build with krb5Andrew Bartlett1-28/+0
2012-01-10krb5: Require krb5_c_verify_checksum is available to build with krb5Andrew Bartlett1-63/+20
2012-01-05libcli/smb: Add smbXcli_conn_samba_suicideVolker Lendecke2-0/+105
This is a pure test tool against Samba servers
2012-01-01Fix the build without kerberosVolker Lendecke1-0/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Jan 1 23:56:24 CET 2012 on sn-devel-104
2011-12-28auth/kerberos: Move gssapi_parse.c to the top levelAndrew Bartlett1-0/+4
This will help with writing a gensec module for the s3 gse layer. Andrew Bartlett
2011-12-23lib: Fix NT_STATUS_ALL_SIDS_FILTERED definitionVolker Lendecke1-1/+1
This seems to be more in line with all the other NT_STATUS definitions. Metze, please check. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Dec 23 23:19:17 CET 2011 on sn-devel-104
2011-12-22libcli/smb: add PROTOCOL_SMB2_24 supportStefan Metzmacher2-1/+3
metze
2011-12-22libcli/smb: add SMB2_DIALECT_REVISION_224Stefan Metzmacher1-0/+1
This is specified in the new [MS-SMB2] preview document. metze
2011-12-17libcli/util: add NT_STATUS_NETWORK_SESSION_EXPIRED and ↵Stefan Metzmacher2-0/+4
NT_STATUS_ALL_SIDS_FILTERED metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Dec 17 14:24:40 CET 2011 on sn-devel-104
2011-12-12libcli: Remove an unused variableVolker Lendecke1-1/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Dec 12 23:21:49 CET 2011 on sn-devel-104
2011-12-12s4-lsarpc handle more info levels in SetInfoTrustedDomain callsAndrew Bartlett4-1/+403
This uses the very helpful conversion functions written for the s3 lsa server and places these in common. Andrew Bartlett
2011-11-29smbXcli: add support for SMBreadBrawStefan Metzmacher1-7/+54
metze
2011-11-29smbXcli: add smb1cli_conn_server_{readbraw,writebraw,lockread,writeunlock}()Stefan Metzmacher2-0/+24
metze
2011-11-29smb1cli_trans: add support for tevent_req_cancel()Stefan Metzmacher1-0/+16
metze
2011-11-29smb1cli_trans: return the status from the server if possibleStefan Metzmacher1-1/+16
metze
2011-11-29smbXcli: rebuild smb1.recv_iov array if we expect more than one responseStefan Metzmacher1-0/+29
metze
2011-11-29smbXcli: allow up to 10 iovec elements for the bytes in smb1cli_req_create()Stefan Metzmacher1-1/+1
The smb1cli_trans_* code uses up to 6 elements, which was too much for the current limit of 5. metze
2011-11-29smbXcli: s/smb2cli_writev_done/smb2cli_req_writev_doneStefan Metzmacher1-3/+3
This is a better name and it matches smb1cli_req_writev_done metze
2011-11-29smbXcli: call tevent_queue_stop() for the outgoing queue on disconnectStefan Metzmacher1-0/+2
metze
2011-11-29smbXcli: use talloc_stackframe() instead of talloc_tos() in smb1cli_conn_signv()Stefan Metzmacher1-2/+5
metze
2011-11-29libcli/smb: remove unused smb_signing_set_bsrspyl() prototypeStefan Metzmacher1-1/+0
metze
2011-11-28Fix Coverity ID 2638: OVERRUN_STATICVolker Lendecke1-1/+1
2011-11-28Fix Coverity ID 2639: UNUSED_VALUEVolker Lendecke1-2/+0