summaryrefslogtreecommitdiff
path: root/source3/libsmb/cliconnect.c
AgeCommit message (Collapse)AuthorFilesLines
2009-02-24Convert name_mangle() to use tallocVolker Lendecke1-4/+21
2009-02-10Do not use strlen if not necessary... :-)Volker Lendecke1-4/+2
2009-02-03Fix Coverity ID 870Volker Lendecke1-0/+4
2009-02-01Split up async_req into a generic and a NTSTATUS specific partVolker Lendecke1-4/+4
2009-01-30Make cli_tcon_andx asyncVolker Lendecke1-50/+147
2009-01-30Make cli_session_setup_guest asyncVolker Lendecke1-37/+103
2009-01-29Add the strlen to push to smb_bytes_push_str, return the converted sizeVolker Lendecke1-1/+4
The pushed strlen replaces the STR_TERMINATE flag which I personally always find very confusing.
2009-01-26Decouple clistr_pull from struct cli_state->inbufVolker Lendecke1-13/+25
2009-01-15s3: make better use of ccache by not including version.h in every C-file.Michael Adam1-1/+1
version.h changes rather frequently. Since it is included via includes.h, this means each C file will be a cache miss. This applies to the following situations: * When building a new package with a new Samba version * building in a git branch after calling mkversion.sh after a new commit (i.e. virtually always) This patch improves the situation in the following way: * remove inlude "version.h" from includes.h * Use samba_version_string() instead of SAMBA_VERSION_STRING in files that use no other macro from version.h instead of SAMBA_VERSION_STRING. * explicitly include "version.h" in those files that use more macros from "version.h" than just SAMBA_VERSION_STRING. Michael
2009-01-14Remove smbclient globals that bled into clidfs.c. Now we only haveJeremy Allison1-5/+1
the connections list and authentication structures to worry about. Jeremy
2009-01-12s3:libsmb: handle the smb signing states the same in the krb5 and ntlmssp casesStefan Metzmacher1-16/+35
SMB signing works the same regardless of the used auth mech. We need to start with the temp signing ("BSRSPYL ") and the session setup response with NT_STATUS_OK is the first signed packet. Now we set the krb5 session key if we got the NT_STATUS_OK from the server and then recheck the packet. All this is needed to make the fallback from krb5 to ntlmssp possible. This commit also resets the cli->vuid value to 0, if the krb5 auth didn't succeed. Otherwise the server handles NTLMSSP packets as krb5 packets. The restructuring of the SMB signing code is needed to make sure the krb5 code only starts the signing engine on success. Otherwise the NTLMSSP fallback could not initialize the signing engine (again). metze
2009-01-04Simulate the Windows behaviour to fire 445 and after a timeout 139Volker Lendecke1-14/+76
2009-01-04Async wrapper for open_socket_out_send/recvVolker Lendecke1-8/+15
2009-01-03open_socket_out is always used with SOCK_STREAM, remove argument "type"Volker Lendecke1-7/+5
2008-12-19Pass "bytes_alignment" up through cli_request_sendVolker Lendecke1-1/+1
This parameter makes smb_spice_chain add padding before the bytes field
2008-12-19Make cli_negprot asyncVolker Lendecke1-50/+97
2008-12-19Make cli_negprot return NTSTATUS instead of boolVolker Lendecke1-16/+17
2008-12-19cli_negprot_send -> cli_negprot_sendsyncVolker Lendecke1-1/+1
2008-12-13Remove a pointless static variableVolker Lendecke1-7/+7
Every sane compiler will only allocate "*SMBSERVER" once
2008-12-13Micro-Optimize cliconnect.cVolker Lendecke1-22/+27
In this form, the prots array is fully read-only in the text segment and thus can be shared between processes. Probably pointless, but I had fun doing it :-)
2008-12-07Slightly simplify cli_session_setup_ntlmsspVolker Lendecke1-10/+2
Remove three pointless variables
2008-12-03s3: Change sockaddr util function names for consistencyTim Prouty1-1/+1
Also eliminates name conflicts with OneFS system libraries
2008-11-30Do not build the session request if it si not used anywayVolker Lendecke1-4/+4
2008-11-30fix nonempty blank linesVolker Lendecke1-19/+19
2008-11-01Make use of smb_bufrem()Volker Lendecke1-1/+1
2008-10-23Use sockaddr_storage only where we rely on the size, use sockaddrJelmer Vernooij1-1/+1
otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in).
2008-10-22s3: use shared asn1 code.Günther Deschner1-7/+8
Guenther
2008-08-07Fix bug #5675 with a varient of Tim Waugh's patch,Jeremy Allison1-3/+2
as proposed by James Peach. Jeremy. (This used to be commit 5c27ad75836136c39774c9456d63f46fa62e281f)
2008-06-02Fix bug reported by David Eisner <deisner@gmail.com>. When allocating cliJeremy Allison1-3/+3
buffers for large read/write - make sure we take account of the large read/write SMB headers as well as the buffer space. Jeremy. (This used to be commit 19519bca9b64b736d2fe0447b7cd495f00dba60a)
2008-05-23Manually merge Steven Danneman's patch for SPNEGO auth to a trustedGerald W. Carter1-20/+21
Win2008 domain (merged from v3-0-test). commit 8dc4e979776aae0ecaa74b51dc1eac78a7631405 Author: Steven Danneman <sdanneman@isilon.com> Date: Wed May 7 13:34:26 2008 -0700 spnego SPN fix when contacting trusted domains cli_session_setup_spnego() was not taking into consideration the situation where we're connecting to a trusted domain, specifically one (like W2K8) which doesn't return a SPN in the NegTokenInit. This caused two problems: 1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we were always using our default realm, not the realm of the domain we're connecting to. 2) When falling back on NTLMSSP for authentication we were passing the name of the domain we're connecting to for use in our credentials when we should be passing our own workgroup name. The fix for both was to split the single "domain" parameter into "user_domain" and "dest_realm" parameters. We use the "user_domain" parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN if none was returned in the NegTokenInit2 packet. If no "dest_realm" is provided we assume we're connecting to our own domain and use the credentials cache to build the SPN. Since we have a reasonable guess at the SPN, I removed the check that defaults us directly to NTLM when negHint is empty. (This used to be commit b78b14c88e8354aadf9ba7644bdb1c29245fe419)
2008-05-06build: fix the build w/o ldap.Günther Deschner1-1/+3
Guenther (This used to be commit a159ec5f1f3ec8e9232b8f3230a996a3f9986bc1)
2008-05-05Fix client authentication with -P switch in client tools (Bug 5435).Günther Deschner1-2/+20
Guenther (This used to be commit d077ef64cd1d9bbaeb936566c2c70da508de829f)
2008-04-20Move srv_name_slash from cli_state to rpc_pipe_clientVolker Lendecke1-2/+0
(This used to be commit a9061e52e1ff8e31aa480f4a30cda64c9d93214e)
2008-04-08Add CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS define.Günther Deschner1-0/+5
This allows to switch on the cli->fallback_after_kerberos switch. Guenther (This used to be commit 15ba45e567d910c1b2336dcc0c475e12b082f30f)
2008-04-07Fix a misleading debug messageVolker Lendecke1-2/+3
(This used to be commit 494b32197f0872b115f0cd1a35421d00a89360a6)
2008-04-04When using plaintext ucs2 passwords clistr_push calls ucs2_align, which causesJeremy Allison1-3/+9
the space taken by the unicode password to be one byte too long (as we're on an odd byte boundary here). Reduce the count by 1 to cope with this. Fixes smbclient against NetApp servers which can't cope. Fix from bryan.kolodziej@allenlund.com in bug #3840. Jeremy. (This used to be commit 1e7e7d86a1ae1cd2c3cc3de9f36b7326ad249b82)
2008-04-04Always uppercase cli->srv_name_slash.Günther Deschner1-0/+1
Not that I think it is of any importance... Guenther (This used to be commit 352f8440c74bc22416e21783e1dc5fecf5869902)
2008-03-12For convenience reasons, always create cli->srv_name_slash in the rpc_client.Günther Deschner1-0/+1
Guenther (This used to be commit 6363c383d6989d2dfb2ee488ffa7aeb128c5385b)
2008-02-28Add explicit buf arg to cli_check_sign_macVolker Lendecke1-1/+1
(This used to be commit ffc1c8cc03e6bad40ed2be91392074b4f038a1bf)
2008-02-28Add explicit buf arg to cli_encrypt_message and cli_calculate_sign_macVolker Lendecke1-1/+1
(This used to be commit db6ae9ed2326e6cd68475375d049084cf1d5a98c)
2008-02-23Fix typoVolker Lendecke1-2/+2
(This used to be commit 621db68f32f7007de8b2c4d7cf604a5778725615)
2008-02-11Add a missing returnVolker Lendecke1-1/+1
If I'm not completely blind, we should return here. Not doing it here seems not to be a major flaw, as far as I can see we're only missing the error code. This might account for some of the very unhelpful NT_STATUS_UNSUCCESSFUL error messages people see during joins. All with stake in Samba client, please check! (This used to be commit eadd15c9363a57c214ede3c489057646baca48f8)
2008-01-23Don't leak memory in error path.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 2df0cdaafdced798f81e30d34371aa1d8e963208)
2008-01-23Use strchr_m in seaching for '.' in the hostname to make sure we're mb safe.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 090061b73a1c086ff8a7797e1a63532eacd91148)
2008-01-23Fix Windows 2008 (Longhorn) join.Andreas Schneider1-1/+15
During 'net ads join' the cli->desthost is a hostname (e.g. rupert.galaxy.site). Check if we have a hostname and use only the first part, the machine name, of the string. (This used to be commit 5f60ed4af680ba2811db8d9f8267348ce05f26d2)
2007-12-26Add SMB encryption. Still fixing client decrypt butJeremy Allison1-11/+11
negotiation works. Jeremy. (This used to be commit d78045601af787731f0737b8627450018902b104)
2007-12-21Use ADS_IGNORE_PRINCIPAL define.Günther Deschner1-2/+1
Guenther (This used to be commit 763e13315fc71237b14a186810bc201e725648f5)
2007-12-19Fix debug messagesVolker Lendecke1-8/+9
When warning that "client plaintext auth" is not enabled where the server requested them we should not talk about "client use plaintext auth" (This used to be commit 7799e18994354b2705ee8c64ae8c75e062ace460)
2007-12-15Added patch originally by Andreas Schneider <anschneider@suse.de>Jeremy Allison1-8/+42
to cause us to behave like Vista when looking for remote machine principal. Modified by me. Jeremy. (This used to be commit d0e33840fb4cfc85990d3ee327428b0854a22722)
2007-12-12Allow cliconnect to loop through multiple ip addressesJeremy Allison1-23/+49
for a server. We should have been doing this for a while, but it's more critical with IPv6. Original patch fixed up by James. Jeremy. (This used to be commit 5c7f7629a97ef0929e00e52f1fae4386c984000b)