summaryrefslogtreecommitdiff
path: root/source3/libsmb/cliconnect.c
AgeCommit message (Collapse)AuthorFilesLines
2002-07-15more bug updates from headAndrew Tridgell1-5/+0
(This used to be commit 8b769bf5bbbe54b1a39fd85cc24db09c1ab7faab)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-302/+226
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-01The 17-bit length field in the header contains the number ofChristopher R. Hertel1-1/+8
bytes which follow the header, not the full packet size. [Yes, the length field is either 17-bits, or (per the RFCs) it is a 16-bit length field preceeded by an 8-bit flags field of which only the low-order bit may be used. If that bit is set, then add 65536 to the 16-bit length field. (In other words, it's a 17-bit unsigned length field.) ...unless, of course, the transport is native TCP [port 445] in which case the length field *might* be 24-bits wide.] Anyway, the change is a very minor one. We were including the four bytes of the header in the length count and, as a result, sending four bytes of garbage at the end of the SESSION REQUEST packet. Small fix in function cli_session_request(). (This used to be commit d08471688b65371eb3de73b03a8ffaee86659ba0)
2002-04-06Always pass NT password as well as Lanman.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 146fb9d12bd3621087193f439e99c13d609ff658)
2002-03-06Removed duplicate \n from debug message.Tim Potter1-21/+13
Small tidyups. (This used to be commit 252da94ebb279c47263dfae36fd016d0a29a6dbf)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-20Fix a couple of memory leaks in the cli_establish_connection() code's failureAndrew Bartlett1-0/+2
case. Thanks to Nigel Williams <nigel@wednesday.demon.co.uk> for spotting these! Andrew Bartlett (This used to be commit 20e0b562283f75606ac9a36f3f104c6aaa294c40)
2002-01-11Same fix as went into 2.2 (I'm waiting for jerry to finish some code).Jeremy Allison1-18/+18
Jeremy. (This used to be commit 01ff6ce4963e1daff019f2b936cef218e1c93f67)
2002-01-11fixed a crash bug in domain auth caused by an uninitialised nt_statusAndrew Tridgell1-0/+2
(This used to be commit 0b0b937b58f4bf4e005fb622f0db19175fc46a47)
2002-01-11Fix up 'net ads join' to delete and rejoin if the account already exists.Andrew Bartlett1-1/+1
This fixes up a problem where a machine would join (or downgrade by trust password change) to NT4 membership and not be able to regain full ADS membership until a 'net ads leave'. Andrew Bartlett (This used to be commit ab8ff85f03b25a0dfe4ab63886a10da81207393c)
2002-01-06Check for winbind separator in user name for cli_session_setup()Tim Potter1-1/+2
Patch from Alexander Bokovoy <a.bokovoy@sam-solutions.net> (This used to be commit 6c42bf208976ed3020e57efff6281f984d9fe893)
2001-12-31Ensure the output cli can't have spurious values if the connection fails...Andrew Bartlett1-1/+7
(This used to be commit 2d1612dd3560bb5ef35fa1eeee00e3d7976bcd62)
2001-12-21- handle kerberos session setup reply with broken null terminationAndrew Tridgell1-4/+5
- don't display Domain=[] for auth protocols that don't give us a domain (This used to be commit 20368455ea59e6e9b85632848bbe92069e7b0f38)
2001-12-21try to handle end of packet for not null terminated domain stringsAndrew Tridgell1-1/+3
(This used to be commit 1da988456dbd885820093ae43c74e0ac66f72802)
2001-12-11handle a NULL hostname in cli_connect()Andrew Tridgell1-0/+3
(This used to be commit a181f49b4269baa1752ce6ed4f9093e38d2d3ce5)
2001-12-11detect attempts to connect to names of the type NAME#xx and do aAndrew Tridgell1-1/+11
netbios lookup for name NAME with node type xx. This affects all our client progs. Very useful :) (This used to be commit b4304c5231159fc6295c445f2eb4470c179b8d5e)
2001-12-04when using non-encrypted password ignore the ntpass variable toAndrew Tridgell1-2/+2
session setup (This used to be commit c7665706cd5633ede710afe41413624124038238)
2001-12-03This change reworkes the connection code for both rpcclient and net newAndrew Bartlett1-1/+113
'net' untility. This should make it easier to port rpcclient code across to net. It also allows SPNEGO (the NTLMSSP subsystem in particular) to work, becouse it kills off the early destruction of the clear-text password. Andrew Bartlett (This used to be commit eee925861a3af3aa16efa3b1700a980c9510c14e)
2001-11-28fixed some krb5 ifdefsAndrew Tridgell1-2/+2
(This used to be commit 23ef22f11700bbaa5778a9678a990a2b041fcefe)
2001-11-28fixed a core dump in server level securityAndrew Tridgell1-2/+4
(This used to be commit e790bb21d3895bef97522b68c6f00812e6c286f2)
2001-11-28fix a bunch of places where we can double-free a cli structureAndrew Tridgell1-4/+4
(This used to be commit e2ba2383c9f679c076749a8f4fccefc3559e37ec)
2001-11-26Got medieval on another pointless extern. Removed extern struct ipzeroTim Potter1-2/+1
and replaced with two functions: void zero_ip(struct in_adder *ip); BOOL is_zero_ip(struct in_addr ip); (This used to be commit 778f5f77a66cda76348a7c6f64cd63afe2bfe077)
2001-11-26use DEBUG() not d_printf() in librariesAndrew Tridgell1-2/+2
(This used to be commit 5100ae4ae032545edaf525de1dfbe5dc9dafecfc)
2001-11-25Add a new torture test to extract a NT->DOS error map from an NT member of aAndrew Bartlett1-4/+1
samba domain. The PDC must be running a special authenticaion module that spits out NT errors based on username. Andrew Bartlett (This used to be commit adc7a6048c13342b79b6228beafb5142c50f318d)
2001-11-24This is another rather major change to the samba authenticaionAndrew Bartlett1-1/+1
subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
2001-11-20- make sure we use a non-zero session id so we can have multiple connsAndrew Tridgell1-8/+4
open to w2k - fix the string handling in the device name to match NT and smbd - don't pull the domain from negprot if CAP_EXTENDED_SECURITY is set (This used to be commit 618989b386b5564ba140afdc17ce7a07040c3c4e)
2001-11-14Removed the "reestablish" code. Tridge - scream if this was needed....Jeremy Allison1-51/+0
Jeremy. (This used to be commit e6afe40f85d7dbe79322c82dac735d901e7e71df)
2001-11-05free the negTokenInit structureAndrew Tridgell1-0/+2
(This used to be commit 5b1c942a5cab828ebfcf2e8f5decb754c4cdb70e)
2001-11-05merge from 2.2. Why is STR_CONVERT missing when comparingGerald Carter1-1/+1
2.2 to HEAD? (This used to be commit 4f47daf97b9e74ec75287f46e2c4aeddc944779e)
2001-10-29This patch applied, except without the structure changes to nmblib.cAndrew Bartlett1-1/+1
Andrew Bartlett. From kai@cmail.ru Mon Oct 29 18:50:42 2001 Date: Fri, 19 Oct 2001 17:26:06 +0300 From: Andrew V. Samoilov <kai@cmail.ru> To: samba-technical@lists.samba.org Subject: [patch]: makes some arrays const to be shared between processes Hi! This patch makes some arrays const. So these arrays go to text/rodata segment and are shared between all of the processes which use shared library with these arrays. Regards, Andrew V. Samoilov. P.S. Please cc your answer to kai@cmail.ru, I don't subscribed to this list. ChangeLog: * cliconnect.c (prots): Make const. * clierror.c (rap_errmap): Likewise. * nmblib.c (nmb_header_opcode_names): Likewise. (lookup_opcode_name): Make opcode_namep const. Eliminate i. * nterr.c (nt_err_code_struct): Typedef const. * smberr.c (err_code_struct): Make const. (err_classes): Likewise. (This used to be commit cb84485a2b0e1fdcb6fa90e0bfb97e125ae1b3dd)
2001-10-23more compiler warningsHerb Lewis1-2/+2
(This used to be commit 12c10e876ea528fdf33e8ecfe42ab0ebb346b143)
2001-10-22a quick fix to get rpcclient working again. This just disablesAndrew Tridgell1-0/+4
NTLMSSP in cli_establish_connection() What we really need to do is kill off the pwd_cache code. It is horrible, and assumes the challenge comes in the negprot reply. (This used to be commit 3f919b4360b3bfcc133f7d88bc5177e9d93f2db2)
2001-10-21Ok, I know it's a language thing and it shouldn't matter.... but a kerberosJeremy Allison1-7/+7
name is a "principal", not a principle. English majors will complain :-). Jeremy. (This used to be commit b668d7d656cdd066820fb8044f24bcd4fda29524)
2001-10-21made smbclient cope better with arbitrary principle formsAndrew Tridgell1-0/+4
(This used to be commit d1341d74b7aa5f6b3f72e5409b245f87f1ad670b)
2001-10-21support both old and new kerberos OIDsAndrew Tridgell1-1/+2
(This used to be commit eac164c7e650a8f855e7b662b126a5dfc5516927)
2001-10-18the beginnings of kerberos support in smbd. It doesn't work yet, butAndrew Tridgell1-0/+4
it should give something for others to hack on and possibly find what I'm doing wrong. (This used to be commit 353c290f059347265b9be2aa1010c2956da06485)
2001-10-17added basic NTLMSSP support in smbd. This is still quite rough, andAndrew Tridgell1-12/+20
loses things like username mapping. I wanted to get this in then discuss it a bit to see how we want to split up the existing session setup code (This used to be commit b74fda69bf23207c26d8b2af23910d8f2eb89875)
2001-10-14fixed NTLMSSP with XP servers (who don't send the duplicate challengeAndrew Tridgell1-0/+8
in the asn1 spnego structures) (This used to be commit 131010e9fb842b4d5a8660c538a3313c95fadae7)
2001-10-14fixed two bugs in the NTLMSSP codeAndrew Tridgell1-2/+8
- handle servers that don't send a kerberos principle (non-member servers) - enable spnego without KRB5 (This used to be commit b218d465a1968a11d2d6a42afa7e552fea8b7f5e)
2001-10-12moved some OIDs to the ASN.1 headerAndrew Tridgell1-2/+2
(This used to be commit 7092beef9d7a68018ede569883b22c822300c7ff)
2001-10-12added NTLMSSP authentication to libsmb. It seems to work well so I have ↵Andrew Tridgell1-52/+154
enabled it by default if the server supports it. Let me know if this breaks anything. Choose kerberos with the -k flag to smbclient, otherwise it will use SPNEGO/NTLMSSP/NTLM (This used to be commit 076aa97bee54d182288d9e93ae160ae22a5f7757)
2001-10-11added a ASN.1 parser, so now I can properly parse the negTokenInitAndrew Tridgell1-1/+32
packet which means I can extract the service and realm, so we should now work with realms other than the local realm. it also means we now check the list of OIDs given by the server just in case it says that it doesn't support kerberos. In that case we should fall back to NTLMSSP but that isn't written yet. (This used to be commit 395cfeea94febb5280ea57027e8a8a3c7c3f9291)
2001-10-11initial kerberos/ADS/SPNEGO support in libsmb and smbclient. ToAndrew Tridgell1-144/+387
activate you need to: - install krb5 libraries - run configure - build smbclient - run kinit to get a TGT - run smbclient with the -k option to choose kerberos auth (This used to be commit d33057585644e1337bac743e25ed7653bfb39eef)
2001-09-05use cli_is_error() instead of looking in smb_rcls, otherwise NT statusAndrew Tridgell1-7/+5
codes don't work correctly (This used to be commit 55d5828e608671f070a9e96938be0d16d50aeb26)
2001-08-24fixed handling of 139/445 in clientsAndrew Tridgell1-1/+1
(This used to be commit 22b372f8a7996a19bebb8cdb411df999cffa32a4)
2001-08-24Fixed debug in cli_establish_connection() - print out the called name onTim Potter1-1/+1
connection failure rather than the calling name. (This used to be commit 946f6eb9320c9897942adee8b513d8caaa3232c0)
2001-08-23better error reporting for servers that don't do port 445Andrew Tridgell1-1/+4
(This used to be commit a896dc299eba12886d800e6c88309d534232cabc)
2001-08-22added port 445 support to our client codeAndrew Tridgell1-5/+19
(This used to be commit 0c3120ae475fb53662d6ab9f0d96a832c3c90625)
2001-08-20a bunch of fixes from the sflight to seattleAndrew Tridgell1-1/+0
in particular: - fixed NT status code for a bunch of ops - fixed handling of protocol levels in ms_fnmatch (This used to be commit 3eba9606f71f90bfd9820af26f8676277ed22390)
2001-08-10A rewrite of the error handling in the libsmb client code. I've separatedTim Potter1-0/+9
out the error handling into a bunch of separate functions rather than all being handled in one big function. Fetch error codes from the last received packet: void cli_dos_error(struct cli_state *cli, uint8 *eclass, uint32 *num); uint32 cli_nt_error(struct cli_state *); Convert errors to UNIX errno values: int cli_errno_from_dos(uint8 eclass, uint32 num); int cli_errno_from_nt(uint32 status); int cli_errno(struct cli_state *cli); Detect different kinds of errors: BOOL cli_is_dos_error(struct cli_state *cli); BOOL cli_is_nt_error(struct cli_state *cli); BOOL cli_is_error(struct cli_state *cli); This also means we now support CAP_STATUS32 as we can decode and understand NT errors instead of just DOS errors. Yay! Ported a whole bunch of files in libsmb to use this new API instead of the just the DOS error. (This used to be commit 6dbdb0d813f3c7ab20b38baa1223b0b479aadec9)