summaryrefslogtreecommitdiff
path: root/source3/libsmb
AgeCommit message (Collapse)AuthorFilesLines
2010-12-10s3-libsmb Don't ever ask for machine$ principals as a target.Andrew Bartlett1-30/+6
It is never correct to ask for a machine$ principal as the target of a kerberos connection. You should always connect via the servicePrincipalName. This current code appears to have built up from a series of minimal changes, as the codebase adapted the to lack of a SPNEGO principal from Windows 2008. Andrew Bartlett
2010-12-10s3-libads Default to NOT using the server-supplied principal from SPNEGOAndrew Bartlett1-3/+2
This principal is not supplied by later versions of windows, and using it opens up some oportunities for man in the middle attacks. (Becuase it isn't the name being contacted that is verified with the KDC). This adds the option 'client use spnego principal' to the smb.conf (as used in Samba4) to control this behaivour. As in Samba4, this defaults to false. Against 2008 servers, this will not change behaviour. Against earlier servers, it may cause a downgrade to NTLMSSP more often, in environments where server names are not registered with the KDC as servicePrincipalName values. Andrew Bartlett
2010-11-30s3: Add cli_shadow_copy_dataVolker Lendecke1-0/+149
2010-11-20s3: Remove a #define used just onceVolker Lendecke1-2/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Nov 20 15:28:26 CET 2010 on sn-devel-104
2010-11-18s3: Make winbind recover from a signing errorVolker Lendecke1-0/+2
When winbind sees a signing error on the smb connection to a DC (for whatever reason, our bug, network glitch, etc) it should recover properly. The "old" code in clientgen.c just closed the socket in this case. This is the right thing to do, this connection is spoiled anyway. The new, async code did not do this so far, which led to the code in winbindd_cm.c not detect that we need to reconnect.
2010-11-14s3: Convert cli_get_posix_fs_info() to cli_trans()Volker Lendecke2-55/+36
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Nov 14 10:24:02 UTC 2010 on sn-devel-104
2010-11-14Fix the unexpected.tdb database problem. Change nmbd to store theJeremy Allison5-15/+179
transaction id of packets it was requested to send via a client, and only store replies that match these ids. On the client side change clients to always attempt to ask nmbd first for name_query and node_status calls, and then fall back to doing socket calls if we can't talk to nmbd (either nmbd is not running, or we're not root and cannot open the messaging tdb's). Fix readers of unexpected.tdb to delete packets they've successfully read. This should fix a long standing problem of unexpected.tdb growing out of control in noisy NetBIOS envioronments with lots of bradcasts, yet still allow unprivileged client apps to work mostly as well as they already did (nmblookup for example) in an environment when nmbd isn't running. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sun Nov 14 05:22:45 UTC 2010 on sn-devel-104
2010-11-11s3: Well... Fix a stupid errorVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Nov 11 18:54:00 UTC 2010 on sn-devel-104
2010-11-11s3: Make cli_set_ea_fnum return NTSTATUSVolker Lendecke1-5/+5
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Nov 11 16:59:27 UTC 2010 on sn-devel-104
2010-11-11s3: Make cli_set_ea_path return NTSTATUSVolker Lendecke1-3/+5
2010-11-11s3: Remove two pointless variablesVolker Lendecke1-5/+4
2010-11-11s3: Convert cli_set_ea() to cli_trans()Volker Lendecke1-40/+35
2010-11-11s3: Convert cli_dfs_get_referral to cli_transVolker Lendecke1-31/+30
2010-11-11s3: cli_dfs_check_error does not need to depend on cli->inbufVolker Lendecke1-10/+13
2010-11-11s3: Make split_dfs_path return boolVolker Lendecke1-11/+27
2010-11-11s3: Remove some dead codeVolker Lendecke1-3/+0
2010-11-11s3: Untangle an if-expressionVolker Lendecke1-1/+2
2010-11-11Fix bug #7791 - gvfsd-smb (Gnome vfs) fails to copy files from a SMB share ↵Jeremy Allison1-5/+2
using SMB signing. The underlying problem is that the old code invoked by cli_write() increments cli->mid directly when issuing outstanding writes. This should now be done only in libsmb/clientgen.c to make metze's new signing engine works correctly. Just deleting this code fixes the problem. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Nov 11 02:50:08 UTC 2010 on sn-devel-104
2010-11-04s3: Remove the use of cli_send_trans from cli_get_fs_full_size_infoVolker Lendecke2-49/+35
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Nov 4 22:08:53 UTC 2010 on sn-devel-104
2010-11-02s3-libsmbclient Don't store 'debug_stderr' on the libsmbclient contextAndrew Bartlett2-12/+10
Following the review of this patch series by Derrell Lipman, remove the seperate storage of the debug_stderr variable from the libsmbclient SMBC_internal_data context. Andrew Bartlett
2010-11-02s3-libsmbclient Add comments to describe the behaviour of DEBUG()Andrew Bartlett2-5/+15
This isn't quite what you would expect from this interface, but actually avoids some really nasty situations if you ever have more than one libsmbclient context in a process. In the real world, if you have asked for DEBUG() to stderr in one part of the code, you will want it globally, even in a different thread (which in the past would have rest everything to stdout again, at least while starting up). Andrew Bartlett
2010-11-02s3-debug Remove last direct assignements to DEBUGLEVELAndrew Bartlett1-1/+3
All future assignments of the debug level should go via lp_set_cmdline("log level", "x") because this will ensure the value is not overwritten in an smb.conf load. Andrew Bartlett
2010-11-02s3-debug Impove setup_logging() to specify logging to stderrAndrew Bartlett1-3/+2
This change improves the setup_logging() API so that callers which wish to set up logging to stderr can simply ask for it, rather than directly modify the dbf global variable. Andrew Bartlett
2010-10-29Fix bug #7700 - Improvement of return code of smbclientJeremy Allison2-17/+25
Based on an initial patch from H Hasegawa <hasegawa.hiroyuki@fujixerox.co.jp>. Convert cli_list and associated functions to take calls that return NTSTATUS. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 29 19:40:16 UTC 2010 on sn-devel-104
2010-10-27Fix for bug 7755 - SMBC_getdents_ctx() ignores struct alignment rulesJeremy Allison1-6/+13
Based on a fix from Sven Neumann <s.neumann@raumfeld.com>. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 27 22:02:11 UTC 2010 on sn-devel-104
2010-10-24s3: Use cli_setpathinfo in cli_posix_unlink_internalVolker Lendecke1-47/+15
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Oct 24 21:28:08 UTC 2010 on sn-devel-104
2010-10-24s3: Avoid passing down a boolean to cli_posix_unlink_internal_sendVolker Lendecke1-5/+7
2010-10-24s3: Use cli_setpathinfo in cli_posix_chown_chmod_internalVolker Lendecke1-54/+16
2010-10-24s3: Use cli_setpathinfo in cli_posix_link_internalVolker Lendecke1-49/+16
2010-10-24s3: Use tevent_req_simple_recv_ntstatus where appropriateVolker Lendecke1-66/+11
2010-10-24s3: Pass down a level instead of a flag to cli_posix_link_internalVolker Lendecke1-7/+7
2010-10-24s3: Add async cli_setpathinfoVolker Lendecke1-0/+78
2010-10-24s3: Initialize output vars in parse_ea_blobVolker Lendecke1-0/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Oct 24 12:22:22 UTC 2010 on sn-devel-104
2010-10-24s3: Remove unused cli_get_ea_list_fnumVolker Lendecke1-62/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Oct 24 10:23:29 UTC 2010 on sn-devel-104
2010-10-24s3: Replace cli_qfileinfo_test with a call to cli_qfileinfoVolker Lendecke1-55/+0
2010-10-24s3: Convert cli_qfileinfo_basic to cli_qfileinfoVolker Lendecke3-40/+31
2010-10-24s3: Convert cli_qfilename to cli_qfileinfoVolker Lendecke1-35/+13
2010-10-24s3: Add async cli_qfileinfoVolker Lendecke1-0/+133
2010-10-24s3: Rename cli_fileinfo() to cli_fileinfo_basic()Volker Lendecke3-15/+15
2010-10-18s3:libsmb: add pipe related NT_STATUS_RPC_* codesStefan Metzmacher1-0/+6
metze
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett5-2/+5
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-03s3: Remove talloc_autofree_context() from unexpected.cVolker Lendecke1-2/+1
Same argument as in 997a64f6fb11e19d78c: If tdb_close() was needed at exit time, we'd have more severe problems by now.
2010-10-01samba: share select wrappers.Günther Deschner1-0/+1
Guenther
2010-09-28s3: Remove talloc_autofree_context() from receive_unexpected()Volker Lendecke1-2/+2
This is freed in this routine a few lines down
2010-09-27Change to using TDB_INCOMPATIBLE_HASH (the jenkins hash) on allJeremy Allison3-4/+4
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt this is still safe to use as if opening an existing tdb the new hash will be ignored - it's only used on creating a new tdb not opening an old one. Jeremy.
2010-09-26Fix bug #7698 - Assert causes smbd to panic on invalid NetBIOS session request.Jeremy Allison2-33/+68
Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid NetBIOS session request is received the code in name_len() in libsmb/nmblib.c can hit an assert. Re-write name_len() and name_extract() to use "buf/len" pairs and always limit reads. Jeremy.
2010-09-26s3: Remove two talloc_autofree_context() callsVolker Lendecke1-2/+2
Both allocated blobs are freed in their routines
2010-09-23Fix bug 7694 - Crash bug with invalid SPNEGO token.Jeremy Allison1-1/+2
Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server as we indirect the first returned value OIDs[0], which is returned as NULL. Jeremy.
2010-09-23s3-dcerpc: add spnego server helpersSimo Sorce1-4/+75
squashed: add michlistMIC signature checks Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23s3-dsgetdcname: always pass in messaging context.Günther Deschner1-26/+2
Volker, please check. Guenther