summaryrefslogtreecommitdiff
path: root/source4/libcli/raw/smb_signing.c
AgeCommit message (Collapse)AuthorFilesLines
2009-08-07s4:libcli/raw: we don't need to include "smb.h" explicitStefan Metzmacher1-1/+0
metze
2008-10-24Remove unused include param/param.h.Jelmer Vernooij1-1/+0
2008-09-24Move source4/lib/crypto to lib/crypto.Jelmer Vernooij1-1/+1
2008-09-23libcli/raw: real signing starts at seqnumber 2Stefan Metzmacher1-0/+1
metze
2008-09-23libcli/raw: in SMB_SIGNING_ENGINE_BSRSPYL state it's ok to accept any signatureStefan Metzmacher1-0/+2
Even if signing is mandatory. With NTLMSSP this happens for the session setup: request1 => BSRSPYL response1 => BSRSPYL request2 => BSRSPYL response2 => <SIGNATURE> and with krb5: request1 => BSRSPYL response1 => <SIGNATURE> metze
2008-09-23libcli/raw: give the caller the chance to do the signing checks on its own.Stefan Metzmacher1-0/+7
metze
2008-09-06Make SMB signing work with Windows 2008 and kerberos.Andrew Bartlett1-4/+1
Pinched from b53e6387e30010509034835acf88b91b380ff44a by metze. Andrew Bartlett (This used to be commit d55602e23e7947462cb402b20b2d354b96aa7ba3)
2008-04-02Install public header files again and include required prototypes.Jelmer Vernooij1-0/+1
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
2008-02-14Convert SMB and SMB2 code to use a common buffer handling structureAndrew Tridgell1-3/+3
This converts our SMB and SMB2 code to use a common structure "struct request_bufinfo" for information on the buffer bounds of a packet, alignment information and string handling. This allows us to use a common backend for SMB and SMB2 code, while still using all the same string and blob handling functions. Up to now we had been passing a NULL req handle into these common routines from the SMB2 side of the server, which meant that we failed any operation which did a bounds checked string extraction (such as a RenameInformation setinfo call, which is what Vista uses for renaming files) There is still some more work to be done on this - for example we can now remove many of the SMB2 specific buffer handling functions that we had, and use the SMB ones. (This used to be commit ca6d9be6cb6a403a81b18fa6e9a6a0518d7f0f68)
2008-01-03r26651: libsmb: Allow specifying signing policy from higher up.Jelmer Vernooij1-1/+1
The number of arguments is getting a bit excessive now, so it probably makes sense to pass in the smbcli_options struct rather than all members individually and add a convenience function for obtaining a smbcli_options struct from a loadparm context. (This used to be commit 9f64213463b5bf3bcbf36913139e9a5042e967a2)
2007-10-10r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij1-44/+44
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-1/+1
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r25001: Fix more C++ and other warnings, fix some of the indentation with ↵Jelmer Vernooij1-1/+1
ts=4 lines that I accidently added earlier. (This used to be commit 0bcb21ed740fcec0f48ad36bbc2deee2948e8fc7)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r15191: Avoid uint_t as it's not standard.Jelmer Vernooij1-1/+1
(This used to be commit 7af59357b94e3819415b3a9257be0ced745ce130)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-0/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r8134: remove unused varStefan Metzmacher1-1/+0
metze (This used to be commit f308b72b19ab1e0e2f5a732bd1bc13082a634a9c)
2007-10-10r7970: This SMB signing code (merged from 3.0) turned out to be bogus.Andrew Bartlett1-8/+0
Andrew Bartlett (This used to be commit 817160ec1a85724c8bf482f128ea687396de0888)
2007-10-10r4063: - change char * -> uint8_t in struct request_bufferStefan Metzmacher1-1/+1
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2) all this fixes a lot of gcc-4 warnings metze (This used to be commit b94f92bc6637f748d6f7049f4f9a30b0b8d18a7a)
2007-10-10r3462: separate out the crypto includesAndrew Tridgell1-0/+1
(This used to be commit 3f75117db921e493bb77a5dc14b8ce91a6288f30)
2007-10-10r3419: moved the libcli/raw structures into libcli/raw/libcliraw.hAndrew Tridgell1-0/+1
and made them private (This used to be commit 386ac565c452ede1d74e06acb401ca9db99d3ff3)
2007-10-10r3380: - changed the default behaviour of server signing. We now have a defaultAndrew Tridgell1-0/+1
setting of "server signing = auto", which means to offer signing only if we have domain logons enabled (ie. we are a DC). This is a better match for what windows clients want, as unfortunately windows clients always use signing if it is offered, and when they use signing they not only go slower because of the signing itself, they also disable large readx/writex support, so they end up sending very small IOs for. - changed the default max xmit again, this time matching longhorn, which uses 12288. That seems to be a fairly good compromise value. (This used to be commit e63edc81716fefd58a3be25deb3b25e45471f196)
2007-10-10r3295: Fix for SMB signing with 56-bit DES session keys. From Nalin ↵Jeremy Allison1-2/+11
Dahyabhai <nalin@redhat.com>. Jeremy. (This used to be commit afed78f359a15809b2d9b7566e16ade294944fa9)
2007-10-10r2664: fixed the final server leak for normal operation. We now get a clean ↵Andrew Tridgell1-4/+6
report from --leak-check (This used to be commit 1ff41bbcae8dc7514a85d69679e44dc7c5b0342f)
2007-10-10r1796: Enable server-side SPNEGO, now that I have fixed the server-side SMBAndrew Bartlett1-43/+66
signing code to be able to cope. Andrew Bartlett (This used to be commit cb74d52b563730a50e33c92d868c45ee96a598e8)
2007-10-10r1768: Add some debugs to assist in SMB signing debugging.Andrew Bartlett1-0/+12
Andrew Bartlett (This used to be commit 32b45fc9e8ff1d0b73bbec1eb1d249af3ec52e46)
2007-10-10r1746: Remove more cruft from the SMB signing code.Andrew Bartlett1-36/+20
Andrew Bartlett (This used to be commit b176151b7294b03534921a26db4fb4be1e5d617c)
2007-10-10r1745: More work on cleaning up SMB signing.Andrew Bartlett1-179/+109
This removes the function pointer mess from the SMB signing code. Andrew Bartlett (This used to be commit 8830603e4bc821a11db87072a32a51b076a28e06)
2007-10-10r1735: Clean up SMB signing - we don't have more than one 'real' way to signAndrew Bartlett1-31/+14
a packet, so don't pretend we do... Andrew Bartlett (This used to be commit 68a6d5aeb35e8972182fffbb6cc506f89584b2d5)
2007-10-10r1729: Make the SMB signing code more generic (to share more between client ↵Andrew Bartlett1-42/+57
and servers). Andrew Bartlett (This used to be commit b90b04e84bc8add235cf9ee7797a608ff48c4ca0)
2007-10-10r1725: Remove a silly 'utility' function.Andrew Bartlett1-16/+4
Andrew Bartlett (This used to be commit 4d563d7e4afad1c5f583aca3f42087bfff0fb895)
2007-10-10r1686: Don't use a void* for the context inside the SMB signing code.Andrew Bartlett1-5/+0
Andrew Bartlett (This used to be commit 64fcd8ecebabdd09fed6b65e3c436bffc1da9de7)
2007-10-10r1654: rename cli_ -> smbcli_Stefan Metzmacher1-31/+31
rename CLI_ -> SMBCLI_ metze (This used to be commit 8441750fd9427dd6fe477f27e603821b4026f038)
2007-10-10r1633: fixed a couple of async oplock handling errorsAndrew Tridgell1-1/+1
(This used to be commit d7e2f39b90122088e94d4a8e8c7ffa7c91d7d664)
2007-10-10r1604: Samba4 avoids memcpy() as much as possible - we don't need to make a ↵Andrew Bartlett1-2/+2
copy here. Andrew Bartlett (This used to be commit 9efc94eeafbf0eb4488c53a1456cc7026c937f9f)
2007-10-10r1521: Updates to our SMB signing code.Andrew Bartlett1-66/+86
- This causes our client and server code to use the same core code, with the same debugs etc. - In turn, this will allow the 'mandetory/fallback' signing algorithms to be shared, and only written once. Updates to the SPNEGO code - Don't wrap an empty token to the server, if we are actually already finished. Andrew Bartlett (This used to be commit 35b83eb329482ac1b3bc67285854cc47844ff353)
2007-10-10r1494: fix debug messageStefan Metzmacher1-1/+1
metze (This used to be commit 463982bf3f37bac67e1aaa488e4142d0ecc23307)
2007-10-10r1462: GENSEC Kerberos and SPENGO work:Andrew Bartlett1-26/+75
- Spelling - it's SPNEGO, not SPENGO - SMB signing - Krb5 logins are now correctly signed - SPNEGO - Changes to always tell GENSEC about incoming packets, empty or not. Andrew Bartlett (This used to be commit cea578d6f39a2ea4a24e7a0064c95193ab6f6df7)
2007-10-10r1345: add extended security spnego support to the smb clientStefan Metzmacher1-0/+50
code set lp_use_spnego = False, because I can't get it working yet but I commit it so others can help me metze (This used to be commit 2445cceba9ab9bd928c8bc50927a39509e4526b0)
2007-10-10r1091: Added in timing tests for deferred opens. Added extra debug info to ↵Jeremy Allison1-1/+1
signing mistakes. Jeremy. (This used to be commit 5c3a2417cfe1bdbdfb35d933d49f77f6696790b3)
2007-10-10r943: change samba4 to use 'uint8_t' instead of 'unsigned char'Stefan Metzmacher1-4/+4
metze (This used to be commit b5378803fdcb3b3afe7c2932a38828e83470f61a)
2007-10-10r889: convert samba4 to use [u]int16_t instead of [u]int16Stefan Metzmacher1-1/+1
metze (This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
2007-10-10r884: convert samba4 to use [u]int32_t instead of [u]int32Stefan Metzmacher1-1/+1
metze (This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
2007-10-10r610: - Merge the Samba3 'ntlm_auth --diagnostics' testsuite to Samba4.Andrew Bartlett1-4/+8
- This required using NETLOGON_NEG_AUTH2_FLAGS for the SetupCredentials2 negotiation flags, which is what Samba3 does, because otherwise the server uses different crypto. - This tests the returned session keys, which we decrypt. - Update the Samba4 notion of a 'session key' to be a DATA_BLOB in most places. - Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is available. - Remove a useless argument to SMBsesskeygen_ntv1 - move netr_CredentialState from the .idl to the new credentials.h Andrew Bartlett (This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
2003-08-13first public release of samba4 codeAndrew Tridgell1-0/+341
(This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f)