summaryrefslogtreecommitdiff
path: root/source4/libcli/cliconnect.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7455: Remove some talloc contexts that aren't used.Tim Potter1-11/+0
(This used to be commit b0ad51f2ce6c3646d664773aaa32fe55172ad88b)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-12/+4
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-5/+0
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5929: Use cli_credentials for the SMB functions as well.Jelmer Vernooij1-19/+7
Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
2007-10-10r5322: removed a whole bunch of #include lines that minimal_includes.plAndrew Tridgell1-1/+0
thinks are not needed. Now to see how this fares on the build farm :) (This used to be commit 80ffcc650c9c86141507edd8338b97814a85f868)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-1/+1
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4952: removed a bogus talloc_steal() that was trying to cope with theAndrew Tridgell1-1/+0
inverted memory hierarchy. Now the memory hierarchy is logical its not needed (and can cause a double free in RPC-SCHANNEL) (This used to be commit f8a950b57d7137c6fd0a77d063d946b4f9b3f014)
2007-10-10r4951: some of the code dealing with libcli was getting too complex trying toAndrew Tridgell1-6/+3
handle the inverted memory hierarchy that a normal session establishment gave. The inverted hierarchy came from that fact that you first establish a socket, then a transport, then a session and finally a tree. That leads to the socket being at the top of the memory hierarchy and the tree at the bottom, which makes no sense from the users point of view, as they want to be able to free the tree and have everything disappear. The core problem was that the libcli interface didn't distinguish between establishing a primary context and a secondary context. If you establish a 2nd session on a transport then you want the transport to be referenced by the session, whereas if you establish a primary session then you want the transport to be a child of the session. To fix this I have added "parent_ctx" and "primary" arguments to the libcli intialisation functions. This makes using the library much easier, and gives us a memory hierarchy that makes much more sense. I was prompted to do this by a bug in the cifs backend, which was caused by the socket not being properly torn down on a disconnect due to the inverted memory hierarchy. (This used to be commit 5e8fd5f70178992e249805c2e1ddafaf6840739b)
2007-10-10r4938: allow the caller to supply an existing event_context if they want toAndrew Tridgell1-1/+1
in smb_composite_connect_send(). This makes doing parallel calls much easier. (This used to be commit 442308970c123b9fb25615673049e1c1c234a0b9)
2007-10-10r4891: - added a generic resolve_name() async interface in libcli/resolve/,Andrew Tridgell1-3/+5
which will eventually try all resolution methods setup in smb.conf - only resolution backend at the moment is bcast, which does a parallel broadcast to all configured network interfaces, and takes the first reply that comes in (this nicely demonstrates how to do parallel requests using the async APIs) - converted all the existing code to use the new resolve_name() api - removed all the old nmb code (yay!) (This used to be commit 239c310f255e43dd2d1c2433f666c9faaacbdce3)
2007-10-10r4777: added a smb_composite_sesssetup() async composite function. ThisAndrew Tridgell1-14/+14
encapsulates all the different session setup methods, including the multi-pass spnego code. I have hooked this into all the places that previously used the RAW_SESSSETUP_GENERIC method, and have removed the old RAW_SESSSETUP_GENERIC code from clisession.c and clitree.c. A nice side effect is that these two modules are now very simple again, back to being "raw" session setup handling, which was what was originally intended. I have also used this to replace the session setup code in the smb_composite_connect() code, and used that to build a very simple replacement for smbcli_tree_full_connection(). As a result, smbclient, smbtorture and all our other SMB connection code now goes via these composite async functions. That should give them a good workout! (This used to be commit 080d0518bc7d6fd4bc3ef783e7d4d2e3275d0799)
2007-10-10r4758: - added async support to the session request codeAndrew Tridgell1-5/+30
- added async support to the negprot client code - removed two unused parameters from smbcli_full_connection() code - converted smbclient to use smbcli_full_connection() rather than reinventing everything itself (This used to be commit 71cbe2873473e039b4511511302cb63f1c50bce8)
2007-10-10r4726: - use the name tcon and tid instead of conn and cnumStefan Metzmacher1-1/+1
- make use of talloc destructors metze (This used to be commit 8308da6ce4a95f8c10e22949ef00e9e64f2dbb85)
2007-10-10r4073: - added a set of lsa helper routines to make lsa lookups that areAndrew Tridgell1-1/+1
related to filesharing. For example, in order to manipulate ACLs properly its important to be able to call LookupSids, and to be able to lookup what privileges a SID has. - added 3 new commands to smbclient "lookupname", "lookupsid" and "privileges" (This used to be commit 8780c40f0539da72652d17455e98fcaee6d197d1)
2007-10-10r3453: - split out the auth and popt includesAndrew Tridgell1-0/+1
- tidied up some of the system includes - moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl knows about inter-IDL dependencies (This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
2007-10-10r3443: the next stage in the include files re-organisation.Andrew Tridgell1-1/+1
I have created the include/system/ directory, which will contain the wrappers for the system includes for logical subsystems. So far I have created include/system/kerberos.h and include/system/network.h, which contain all the system includes for kerberos code and networking code. These are the included in subsystems that need kerberos or networking respectively. Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C file, instead each C module includes the include/system/XXX.h file for the logical system support it needs, and the details are kept isolated in include/system/ This patch also creates a "struct ipv4_addr" which replaces "struct in_addr" in our code. That avoids every C file needing to import all the system networking headers. (This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
2007-10-10r3419: moved the libcli/raw structures into libcli/raw/libcliraw.hAndrew Tridgell1-0/+1
and made them private (This used to be commit 386ac565c452ede1d74e06acb401ca9db99d3ff3)
2007-10-10r2710: continue with the new style of providing a parent context wheneverAndrew Tridgell1-19/+22
possible to a structure creation routine. This makes for much easier global cleanup. (This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
2007-10-10r2680: switched the libcli/raw/ code over to use talloc_reference(), which ↵Andrew Tridgell1-7/+8
simplifies things quite a bit (This used to be commit c82a9cf750829c4f6982ca3133295c8599023c4e)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell1-9/+3
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2654: fixed some more server memory leaks. We are now down to a single leakAndrew Tridgell1-1/+1
of 16 bytes, caused by the 16 byte data_blob in the smb_signing code. (This used to be commit 2f1b788e09686e065d22f621f5c0c585192c6740)
2007-10-10r2494: fixed connecting to a share mode server (tested and really works now)Andrew Tridgell1-3/+10
(This used to be commit 25f725c9be8fe5a7fd85488214b598bc431d4c7f)
2007-10-10r2463: make sure we don't send the password in a tconx unless we really have toAndrew Tridgell1-6/+14
(This used to be commit 3e84c06f4c76d62f4f2606b457d9a76b6c1a061d)
2007-10-10r2247: talloc_destroy -> talloc_freeTim Potter1-3/+3
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
2007-10-10r1985: take advantage of the new talloc in a few more placesAndrew Tridgell1-9/+5
(This used to be commit 6ffdfd779936ce8c5ca49c5f444e8da2bbeee0a8)
2007-10-10r1897: added a choose_called_name() function that allows us to more sanelyAndrew Tridgell1-2/+2
handle connections using the IP as the server name, while not trying for NBT name resolution on names like "192" and "192.168.1.2". also removed the ip address argument to smbcli_socket_connect() as it isn't used and doesn't really make sense. (This used to be commit 2ce4028842556328da4da0de9bee942bed02cc62)
2007-10-10r1654: rename cli_ -> smbcli_Stefan Metzmacher1-29/+29
rename CLI_ -> SMBCLI_ metze (This used to be commit 8441750fd9427dd6fe477f27e603821b4026f038)
2007-10-10r1429: enable spnego in smbclient too.Stefan Metzmacher1-6/+11
metze (This used to be commit ae2e6b58629397d75a3e446ff0c50b594d029206)
2004-02-10Convert libcli routines to return NTSTATUS instead of BOOL. Again, theTim Potter1-22/+17
only users are smbclient and smbtorture. (This used to be commit 54cb508c78e5c1faa3ade46b46b165983c880d10)
2003-08-15don't leak memory if cli->tree is NULLHerb Lewis1-3/+5
(This used to be commit b034c4b86e2faddf0928810a3e56c03d6aaef9f5)
2003-08-15don't dereference null pointerHerb Lewis1-1/+1
(This used to be commit ba5d1cde98f9146ffc889ac89ec79331e2bfae18)
2003-08-13- added SMBntrename test suiteAndrew Tridgell1-1/+14
- allow username of form DOMAIN\username or DOMAIN/username - added ntrename to gentest (This used to be commit 2b464472c17b791eb5b117f89d5aaea2bf60f6ad)
2003-08-13first public release of samba4 codeAndrew Tridgell1-0/+207
(This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f)