summaryrefslogtreecommitdiff
path: root/source3/libsmb/asn1.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r21460: Fix for server-side processing of SPNEGO authJeremy Allison1-0/+8
fragmented into "max xmit" size security blob chunks. Bug #4400. Needs limits adding, and also a client-side version. Jeremy. (This used to be commit aa69f2481aafee5dccc3783b8a6e23ca4eb0dbfa)
2007-10-10r19070: If there's an error in the data struct, there's no point to continue ↵Volker Lendecke1-0/+4
with asn1_pop_tag. Volker (This used to be commit d18e9f1da9a22aa16860aa2a91e7c788d28d3314)
2007-10-10r17060: Some c++ warningsVolker Lendecke1-3/+4
(This used to be commit 2e7afa9e19b117d7a8ce1238c1b9b80ececec729)
2007-10-10r16306: Error handling in this asn1 code *sucks*. Fix a genericJeremy Allison1-5/+15
class of memory leak bugs on error found by Klocwork (#123). Many of these functions didn't free allocated memory on error exit. Jeremy. (This used to be commit 8ef11a7c6de74024b7d535d959db2d462662a86f)
2007-10-10r16207: Ensure we don't allocate an OID string unlessJeremy Allison1-3/+11
we know we don't have an error. Klocwork #6. Jeremy. (This used to be commit 2c1a2d7b40e7ef353461f97f5c69c2079b5670ab)
2007-10-10r16202: Fix Klocwork #3. Strange - was already fixed in HEAD.Jeremy Allison1-2/+7
Jeremy. (This used to be commit 319f80bbf0455cfaf80eab51313a56db4ed04ac5)
2007-10-10r13915: Fixed a very interesting class of realloc() bugs found by Coverity.Jeremy Allison1-5/+2
realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10r7954: Fix from tridge from Samba4 (same code exists here) :Jeremy Allison1-1/+10
fixed handling of ASN.1 objects bigger than 64k Jeremy. (This used to be commit 0da60e9954b84bac29bb219803f6175b7a30b591)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-5/+5
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r2355: Now we've shipped 3.0.7, add in the DOS fix.Jeremy Allison1-0/+6
Jeremy. (This used to be commit d6b26f9db76e81d65b7630e46af99fe03a982ec6)
2007-10-10r1240: Ensure we don't shadow Heimdal globals.Jeremy Allison1-6/+6
Jeremy. (This used to be commit 464d2e90480c676688a851a141aabddf992e0b0e)
2004-02-11More paranoia checks.Jeremy Allison1-0/+5
Jeremy. (This used to be commit adf8ee3df75b8336d14ad093ad2ebc3a480d0017)
2004-02-11Paranoia fixes :-).Jeremy Allison1-0/+8
Jeremy. (This used to be commit 86b030197db63ac0a04b8ea877d80a3d74a7a187)
2003-07-23convert snprintf() calls using pstrings & fstringsGerald Carter1-3/+3
to pstr_sprintf() and fstr_sprintf() to try to standardize. lots of snprintf() calls were using len-1; some were using len. At least this helps to be consistent. (This used to be commit 9f835b85dd38cbe655eb19021ff763f31886ac00)
2003-02-19Merge minor library fixes from HEAD to 3.0.Andrew Bartlett1-5/+16
- setenv() replacement - mimir's ASN1/SPNEGO typo fixes - (size_t)-1 fixes for push_* returns - function argument signed/unsigned correction - ASN1 error handling (ensure we don't use initiailsed data) - extra net ads join error checking - allow 'set security discriptor' to fail - escape ldap strings in libads. - getgrouplist() correctness fixes (include primary gid) Andrew Bartlett (This used to be commit e9d6e2ea9a3dc01d3849b925c50702cda6ddf225)
2003-01-15merging some rpcclient and net functionality from HEADGerald Carter1-1/+1
(This used to be commit 7a4c87484237308cb3ad0d671687da7e0f6e733b)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-1/+1
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-09-25sync'ing up for 3.0alpha20 releaseGerald Carter1-6/+15
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-05fixed another DATA_BLOB constructorAndrew Tridgell1-6/+1
(This used to be commit c6affae4bf749a67c90468702eb6d4eeb97a4363)
2001-11-20add asn1 integer handling ready for the ldap netjoin codeAndrew Tridgell1-0/+26
(This used to be commit 74303b75e43856bfb127c143d27e5c5fdcf32c91)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison1-11/+18
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-10-18the beginnings of kerberos support in smbd. It doesn't work yet, butAndrew Tridgell1-0/+18
it should give something for others to hack on and possibly find what I'm doing wrong. (This used to be commit 353c290f059347265b9be2aa1010c2956da06485)
2001-10-17added basic NTLMSSP support in smbd. This is still quite rough, andAndrew Tridgell1-6/+22
loses things like username mapping. I wanted to get this in then discuss it a bit to see how we want to split up the existing session setup code (This used to be commit b74fda69bf23207c26d8b2af23910d8f2eb89875)
2001-10-14minor Realloc() fix - pedanticAndrew Tridgell1-2/+5
(This used to be commit 1bcdf9106afacbe18437e87178bc1f219695c1e9)
2001-10-12added NTLMSSP authentication to libsmb. It seems to work well so I have ↵Andrew Tridgell1-0/+27
enabled it by default if the server supports it. Let me know if this breaks anything. Choose kerberos with the -k flag to smbclient, otherwise it will use SPNEGO/NTLMSSP/NTLM (This used to be commit 076aa97bee54d182288d9e93ae160ae22a5f7757)
2001-10-11added a ASN.1 parser, so now I can properly parse the negTokenInitAndrew Tridgell1-18/+168
packet which means I can extract the service and realm, so we should now work with realms other than the local realm. it also means we now check the list of OIDs given by the server just in case it says that it doesn't support kerberos. In that case we should fall back to NTLMSSP but that isn't written yet. (This used to be commit 395cfeea94febb5280ea57027e8a8a3c7c3f9291)
2001-10-11fixed some memory leaks, started adding asn1 decoder for server sideAndrew Tridgell1-8/+36
(This used to be commit 919734c1a6fd8b3bd0e12e96d878f47b6d6ff5e0)
2001-10-11initial kerberos/ADS/SPNEGO support in libsmb and smbclient. ToAndrew Tridgell1-0/+139
activate you need to: - install krb5 libraries - run configure - build smbclient - run kinit to get a TGT - run smbclient with the -k option to choose kerberos auth (This used to be commit d33057585644e1337bac743e25ed7653bfb39eef)