summaryrefslogtreecommitdiff
path: root/source3/libsmb
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r21926: Fix missing enum specifier pointed out by Don McCall @ HP.Jeremy Allison2-13/+13
Thanks Don ! Jeremy. (This used to be commit 662344d1ec3593689de7602afa518ed98e10dc37)
2007-10-10r21923: Add in the gss decrypt.Jeremy Allison1-3/+45
Jeremy. (This used to be commit 00f58951b4cace06e51e7eb404605c7f3d366f38)
2007-10-10r21922: Fixed the build by rather horrid means. I really needJeremy Allison4-68/+46
to restructure libsmb/smb_signing.c so it isn't in the base libs path but lives in libsmb instead (like smb_seal.c does). Jeremy. (This used to be commit 1b828f051d0782201f697de15ff973bd6b097d5b)
2007-10-10r21917: Start to do the gss versions of sign+seal.Jeremy Allison1-20/+77
Jeremy. (This used to be commit a226645353a40047b72de1b96c3a7676a2bf1034)
2007-10-10r21916: Fix couple of "return" calls on void functions.Jeremy Allison1-2/+10
Ensure we ignore reqests to free keepalive buffers as we only copied these. Jeremy. (This used to be commit a184bdbe3c7bf0c44a8141898bfcb9971a332312)
2007-10-10r21912: There's no point checksumming the packet lengthJeremy Allison1-4/+4
this already has to be right. This makes the signed+sealed area the same as it will be with gss calls. Now to go implement them. Jeremy. (This used to be commit 80810af7d1137b3ddd3073581d5ec99fadaa81a5)
2007-10-10r21903: Get the length calculations right (I always forgetJeremy Allison1-16/+18
the 4 byte length isn't included in the length :-). We now have working NTLMSSP transport encryption with sign+seal. W00t! Jeremy. (This used to be commit d34584cb5c53c194693ce7236020ab83f60cd235)
2007-10-10r21902: Don't free the thing you're trying to set in the cli state.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 1639366561bd63d7023c54f811e2f87dcbbd0a31)
2007-10-10r21899: At least we're getting to stage 2 of the blobJeremy Allison1-4/+10
exchange. Still not working but closer. Jeremy. (This used to be commit 2fde5c703d2390bc6685f34713dc996e69732f1a)
2007-10-10r21898: Added test command, fixed first valgrind bugs.Jeremy Allison1-3/+4
Now to investigate why it doesn't work :-). Jeremy. (This used to be commit 73f7c6cef8371ad63eb1dc3e79bfc78503dbd7a4)
2007-10-10r21897: Add in a basic raw NTLM encrypt request. NowJeremy Allison3-16/+159
for testing. Jeremy. (This used to be commit 783a7b3085a155d9652cd725bf2960cd272cb554)
2007-10-10r21894: Some refactoring of server side encryption context. SupportJeremy Allison2-2/+13
"raw" NTLM auth (no spnego). Jeremy. (This used to be commit 6b5ff7bd591b4f65e2eb767928db50ddf445f09a)
2007-10-10r21893: Update comments so they actually reflect reality...Rafal Szczesniak1-3/+3
rafal (This used to be commit 8f313061a4cbc69d8dd17aa282d79d07a9275242)
2007-10-10r21883: Try and fix the build by removing the prototypes forJeremy Allison1-2/+2
functions that take a gss context handle in includes.h Jeremy. (This used to be commit 638b03242d4a6b1df2477dad19240ed61a14a5a3)
2007-10-10r21882: The server part of the code has to use an AUTH_NTLMSSP struct,Jeremy Allison1-78/+24
not just an NTLMSSP - grr. This complicates the re-use of common client and server code but I think I've got it right. Not turned on of valgrinded yet, but you can see it start to take shape ! Jeremy. (This used to be commit 60fc9c0aedf42dcd9df2ef9f1df07eaf3bca9bce)
2007-10-10r21880: Make client and server calls into encryption code symetrical,Jeremy Allison2-91/+221
depending on encryption context pointer. Jeremy. (This used to be commit d3f3ced6c8a03d971143baf878158d671dfcbc3b)
2007-10-10r21876: Start adding in the seal implementation - prototype codeJeremy Allison1-2/+176
for the server side enc. (doesn't break anything). I'll keep updating this until I've got NTLM seal working on both client and server, then add in the gss level seal. Jeremy. (This used to be commit 530ac29abf23e920baa549e7cec55199edd8bd74)
2007-10-10r21865: Add in the stubs for SMB transport encryption. Will fleshJeremy Allison3-5/+77
these out as I implement. Don't add to SAMBA_3_0_25, this is experimental code. NFSv4 you're now officially on notice... :-). Jeremy. (This used to be commit 5bfe638f2172e272741997100ee5ae8ff280494d)
2007-10-10r21864: Reformatting.Jeremy Allison1-92/+92
Jeremy. (This used to be commit f18e87ba6b6a3f4c16777cb5b6bf93a656800247)
2007-10-10r21846: Try and fix the Darwin build which seems to have a strange krb5.Jeremy Allison1-0/+6
Jeremy. (This used to be commit 1e32b44bfcf7676b3a9f208054fa853e7066eafc)
2007-10-10r21845: Refactor the sessionsetupX code a little to allow usJeremy Allison1-0/+33
to return a NT_STATUS_TIME_DIFFERENCE_AT_DC error to a client when there's clock skew. Will help people debug this. Prepare us for being able to return the correct sessionsetupX "NT_STATUS_MORE_PROCESSING_REQUIRED" error with associated krb5 clock skew error to allow clients to re-sync time with us when we're eventually able to be a KDC. Jeremy. (This used to be commit c426340fc79a6b446033433b8de599130adffe28)
2007-10-10r21831: Back out r21823 for a while, this is going into a bzr tree first.Volker Lendecke1-4/+1
Volker (This used to be commit fd0ee6722ddfcb64b5cc9c699375524ae3d8709b)
2007-10-10r21823: Let secrets_store_machine_password() also store the account name. ↵Volker Lendecke1-1/+4
Not used yet, the next step will be a secrets_fetch_machine_account() function that also pulls the account name to be used in the appropriate places. Volker (This used to be commit f94e5af72e282f70ca5454cdf3aed510b747eb93)
2007-10-10r21800: Check-in the DFS rewrite. I am still testing this but itJeremy Allison1-140/+148
works from smbclient and Windows, and I am promising to support and fix both client and server code moving forward. Still need to test the RPC admin support but I haven't changed that code. Jeremy. (This used to be commit 7a7862c01d07796ef206b255c676ad7dc2cc42fc)
2007-10-10r21778: Wrap calls to krb5_get_init_creds_opt_free to handle the differentJames Peach1-6/+23
calling convention in the latest MIT changes. Apparantly Heimdal is also changing to this calling convention. (This used to be commit c29c69d2df377fabb88a78e6f5237de106d5c2c5)
2007-10-10r21777: As Stevef requested and the Apple guys agreed, makeJeremy Allison1-3/+4
mode_t in posix_open/posix_mkdir -> 8 bytes to match the SET_UNIX_INFO_BASIC call. Steve is updating the Wikki. Jeremy. (This used to be commit 2f1c95ac7718c1d2a75367ba712edd6b57069432)
2007-10-10r21768: Fix the client dfs code such that smbclient canJeremy Allison4-50/+62
process deep dfs links (ie. links that go to non root parts of a share). Make the directory handling conanonical in POSIX and Windows pathname processing. dfs should not be fully working in client tools. Please bug me if not. Jeremy. (This used to be commit 1c9e10569cd97ee41de39f9f012bea4e4c932b5d)
2007-10-10r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>.Jeremy Allison1-2/+3
Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-10-10r21750: Sync up with SAMBA_3_0_25. Only client changes are in libsmbclientJeremy Allison1-2/+11
right now. Jeremy. (This used to be commit 6dd5f0ef0fe3a673081e16e656ca579bf50457ff)
2007-10-10r21703: fix build when O_SYNC not definedHerb Lewis1-0/+2
(This used to be commit 73b7a25ba8a2f7471c07a912da8b6968b41b4f1d)
2007-10-10r21644: Allow mkdir on platforms with no O_DIRECTORY.Jeremy Allison1-9/+17
Add proper debug to all possible setfilepathinfo functions. Jeremy. (This used to be commit 3c47a5ef258d536504759a02f6d84c0ab0af7224)
2007-10-10r21643: Put the correct bits on the wire for posix_mkdir.Jeremy Allison1-1/+2
We're not yet deleting open files on unlink. Investigating... Jeremy. (This used to be commit 334b34f131578c2a889caa90aa2425f41883cafd)
2007-10-10r21640: Fix the build for broken platoforms without O_DIRECT or O_DIRECTORY.Jeremy Allison1-0/+9
Jeremy. (This used to be commit 6a0f6fde0a19bfb4af4c7fa6f29d7015e884d86e)
2007-10-10r21639: Add in implementations of POSIX open/mkdir/unlink/rmdir.Jeremy Allison1-0/+176
Jeremy. (This used to be commit 6457d66b9a04c421fc43e131c825c7555c16a1ea)
2007-10-10r21609: Fix memory leaks in error code paths (and one in winbindd_group.c).Jeremy Allison2-1/+5
Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-10-10r21604: I got this wrong also in libsmb :-(.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 4a04555e23b5fa53fbeb5b65a7c83cff1b0f9640)
2007-10-10r21581: Add an error code I just gotVolker Lendecke1-0/+1
(This used to be commit 5ef0286b56b368abd4da2cbe3d826a3438f3acc3)
2007-10-10r21577: Remove unneeded #define (part of earlier patch that wasJeremy Allison1-2/+0
removed). Jeremy. (This used to be commit 645b0438dde0dad26e950b3184cc412d3d87560a)
2007-10-10r21576: Patch based on work from Todd Stecher <todd.stecher@isilon.com>Jeremy Allison2-16/+83
to allow client to fragment large SPNEGO blobs (large krb5 tickets). Tested against W2K3R2. Should fix bug #4400. Jeremy. (This used to be commit b81c5c6adce51cec06df0e993534064b20666a8e)
2007-10-10r21460: Fix for server-side processing of SPNEGO authJeremy Allison1-0/+8
fragmented into "max xmit" size security blob chunks. Bug #4400. Needs limits adding, and also a client-side version. Jeremy. (This used to be commit aa69f2481aafee5dccc3783b8a6e23ca4eb0dbfa)
2007-10-10r21240: Fix longstanding Bug #4009.Günther Deschner3-8/+20
For the winbind cached ADS LDAP connection handling (ads_cached_connection()) we were (incorrectly) assuming that the service ticket lifetime equaled the tgt lifetime. For setups where the service ticket just lives 10 minutes, we were leaving hundreds of LDAP connections in CLOSE_WAIT state, until we fail to service entirely with "Too many open files". Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP connection after the ads_do_search_retry() has failed to submit the search request (although the bind succeeded (returning an expired service ticket that we cannot delete from the memory cred cache - this will get fixed later)). Guenther (This used to be commit 7e1a84b7226fb8dcd5d34c64a3478a6d886a9a91)
2007-10-10r21239: if the workgroup name is longer than 16 chars we get garbage in the ↵Simo Sorce1-6/+7
string server_len is usually 256 (fstring). Correctly terminate saving the lenght (This used to be commit e7e44554bf7c61020e2c5c652e3f8f37a296d3aa)
2007-10-10r21191: Add in the POSIX open/mkdir/unlink calls.Jeremy Allison1-0/+1
Move more error code returns to NTSTATUS. Client test code to follow... See if this passes the build-farm before I add it into 3.0.25. Jeremy. (This used to be commit 83dbbdff345fa9e427c9579183f4380004bf3dd7)
2007-10-10r21133: - Apply patch from ages ago, which should allow following ↵Derrell Lipman1-10/+27
\\server\share\path DFS referrals. This doesn't appear to break anything in the non-DFS case, but I don't have an environment to test DFS referrals. Need confirmation from OP that this solves the problem. (This used to be commit e479a9c094fa42354aad7aa76a712bf67d3d4d45)
2007-10-10r21132: - Fixes bug 4366. Documentation for smbc_utimes() was incorrect.Derrell Lipman1-3/+31
- Should fix bug 4115 (but needs confirmation from OP). If the kerberos use flag is set in the context, then also pass it to smbc_attr_server for use by cli_full_connection() - Should fix bug 4309 (but needs confirmation from OP). We no longer send a keepalive packet unconditionally. Instead, we assume (yes, possibly incorrectly, but it's the best guess we can make) that if the connection is on port 139, it's netbios and otherwise, it isn't. If netbios is in use, we send a keepalive packet. Otherwise, we check that the connection is alive using getpeername(). (This used to be commit 2f9be59c10ef991a51cc858ab594187b5ca61382)
2007-10-10r21115: notify_internal.c needs to remove the table entry if a process has ↵Volker Lendecke1-2/+3
crashed. So it needs the specific error message. Make messages.c return NTSTATUS and specificially NT_STATUS_INVALID_HANDLE if sending to a non-existent process. Volker (This used to be commit 3f620d181da0c356c8ffbdb5b380ccab3645a972)
2007-10-10r21110: Fix kinit with Heimdal (Bug #4226).Günther Deschner1-0/+26
Guenther (This used to be commit ea38e1f8362d75e7ac058a7c4aa06f1ca92ec108)
2007-10-10r21046: Backing out svn r20403 (Andrew's krb5 ticket cleanupGerald Carter1-0/+42
as this is causing the WRONG_PASSWORD error in the SetUserInfo() call during net ads join). We are now back to always list RC4-HMAC first if supported by the krb5 libraries. (This used to be commit 4fb57bce87588ac4898588ea4988eadff3a7f435)
2007-10-10r20883: W00t! I now understand how "delete on close" reallyJeremy Allison1-1/+0
works - even with the strange "initial delete on close" semantics. The "initial delete on close" flag isn't committed to the share mode db until the handle is closed, and is discarded if any real "delete on close" was set. This allows me to remove the "initial_delete_on_close" flag from the share db, and move it into a BOOL in files_struct. Warning ! You must do a make clean after this. Cope with the wrinkle in directory delete on close which is done differently from files. We now pass all Samba4 smbtortute BASE-DELETE tests except for the one checking that files can't be created in a directory which has the delete on close set (possibly expensive to fix). Jeremy. (This used to be commit f2df77a1497958c1ea791f1d2f4446b5fc3389b3)
2007-10-10r20874: We need to distinguish client sitenames per realm. We were overwritingGünther Deschner2-4/+6
the stored client sitename with the sitename from each sucessfull CLDAP connection. Guenther (This used to be commit 6a13e878b5d299cb3b3d7cb33ee0d51089d9228d)