summaryrefslogtreecommitdiff
path: root/source4/libcli/smb_composite/sesssetup.c
AgeCommit message (Collapse)AuthorFilesLines
2012-12-12s4-libcli: Fix comparison of chosen_oid.Andreas Schneider1-1/+1
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-11-01libcli: use cli_credentials_failed_kerberos_login() to cope with server changesAndrew Tridgell1-2/+15
if a server changes while we have a valid ticket we want to retry after removing the ccache entry. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2012-08-01s4:libcli/raw: remove unused smbcli_session->user_session_keyStefan Metzmacher1-14/+0
metze
2012-08-01s4:libcli/smb_composite: make use of smb1cli_session_set_session_key()Stefan Metzmacher1-1/+17
metze
2012-08-01s4:libcli/smb_composite: always use set_user_session_key() helperStefan Metzmacher1-2/+6
metze
2011-11-30s4:libcli/raw: implement on top of smbXcli_conn/reqStefan Metzmacher1-21/+21
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Nov 30 15:13:36 CET 2011 on sn-devel-104
2011-11-29s4:libcli/raw: add transport->ev as copy of transport->socket->event.ctxStefan Metzmacher1-1/+1
We'll remove transport->socket soon, but removing transport->ev will take a bit longer. metze
2011-10-18gensec: move event context from gensec_*_init() to gensec_update()Andrew Bartlett1-2/+4
This avoids keeping the event context around on a the gensec_security context structure long term. In the Samba3 server, the event context we either supply is a NULL pointer as no server-side modules currently use the event context. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-09-19s4:auth - remove unused variablesMatthias Dieter Wallnöfer1-1/+0
Reviewed-by: Jelmer
2011-08-18smb_composite: Integrate prototypes in header file.Jelmer Vernooij1-1/+0
2011-08-03gensec: clarify memory ownership for gensec_session_info() and ↵Andrew Bartlett1-3/+2
gensec_session_key() This is slightly less efficient, because we no longer keep a cache on the gensec structures, but much clearer in terms of memory ownership. Both gensec_session_info() and gensec_session_key() now take a mem_ctx and put the result only on that context. Some duplication of memory in the callers (who were rightly uncertain about who was the rightful owner of the returned memory) has been removed to compensate for the internal copy. Andrew Bartlett
2011-04-14s4/libcli: do not use netbios name in NTLMv2 blobs w/o spnegoChristian Ambach1-4/+22
I have seen domain controllers rejecting NTLMv2 blobs presented to NetrLogonSamLogonEx with LOGON_FAILURE when the MsvAvNbComputerName was a FQDN or an IP address I have not seen this field in NTLMv2 blobs send by Windows clients when extended security was not available, so omitting the field makes Samba similar to Windows. This prevents errors with some smbtorture testcases that disable spnego and when a target name is specified that is not a valid netbios name. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Apr 14 02:19:08 CEST 2011 on sn-devel-104
2009-05-01s4:libcli: remember operating system and lan manager strings from session setupStefan Metzmacher1-0/+21
metze
2009-02-02s4:libcliraw: s/private/private_dataStefan Metzmacher1-1/+1
metze
2008-11-02Fix the build.Jelmer Vernooij1-4/+6
2008-11-02Add gensec_settings structure. This wraps loadparm_context for now, butJelmer Vernooij1-1/+1
should in the future only contain some settings required for gensec.
2008-10-24Remove more usages of global_loadparm.Jelmer Vernooij1-2/+2
2008-10-24Remove iconv_convenience parameter from simple string push/pullJelmer Vernooij1-2/+2
functions.
2008-09-24s4:libcli/smb_composite: we only check the signature when the server return OKStefan Metzmacher1-0/+9
We need to manually free the request, otherwise the timeout handler is triggered later. metze
2008-09-23libcli/smb_composite: for spnego session setups check the smb signature manuallyStefan Metzmacher1-23/+57
We need to start signing when we got NT_STATUS_OK from the server and manually check the signature of the servers response. This is needed as the response might be signed with the krb5 acceptor subkey, which comes within the server response. With NTLMSSP this happens for the session setup: request1 => BSRSPYL seqnum: 0 response1 => BSRSPYL seqnum: 0 request2 => BSRSPYL seqnum: 0 response2 => <SIGNATURE> seqnum: 1 and with krb5: request1 => BSRSPYL seqnum: 0 response1 => <SIGNATURE> seqnum: 1 metze
2008-04-25Make the composite 'connect to server' code useful for security=serverAndrew Bartlett1-1/+1
The ability to short-circuit the connection code to only do a negprot allows us to do the rest once we have the user's password. We return the 8 byte challenge so we can pass it to the client. Andrew Bartlett (This used to be commit 40fe386b0374df8b390b995c332d048dbbc08f1b)
2008-04-02Install public header files again and include required prototypes.Jelmer Vernooij1-0/+2
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
2008-02-21Remove yet more global_loadparm instances.Jelmer Vernooij1-6/+6
(This used to be commit 5de88728ac5c567d3711d1ac6862bbdaced84b75)
2008-02-21Remove more uses of global_loadparm.Jelmer Vernooij1-2/+2
(This used to be commit a1715b1f48ba44bd94844418cc9299649aaf1a5e)
2008-01-06r26676: libcli: Fill in lp_workgroup() again, should fix my breakage of ↵Jelmer Vernooij1-1/+1
cifsdd tests. Thanks to Andrew for catching this. Also fixes a typo in sessetup.c. (This used to be commit b97de4a655b989a481d5d001ce9a5d3969d2909c)
2007-12-21r26260: Store loadparm context in gensec context.Jelmer Vernooij1-1/+2
(This used to be commit b9e3a4862e267be39d603fed8207a237c3d72081)
2007-12-21r26231: Spell check: credentails -> credentials.Jelmer Vernooij1-1/+1
(This used to be commit 4b46888bd0195ab12190f76868719fc018baafd6)
2007-10-10r25446: Merge some changes I made on the way home from SFO:Jelmer Vernooij1-1/+1
2007-09-29 More higher-level passing around of lp_ctx. 2007-09-29 Fix warning. 2007-09-29 Pass loadparm contexts on a higher level. 2007-09-29 Avoid using global loadparm context. (This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-8/+8
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r24994: Fix some C++ warnings.Jelmer Vernooij1-1/+1
(This used to be commit 925abf74fa1ed5ae726bae8781ec549302786b39)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r22628: convert to new composite apiStefan Metzmacher1-29/+28
and free the smbcli_request explicit to fix a crash where the request handler gets called after its private data is already freed metze (This used to be commit 55306c618807f2661090d2189e269cb3e142ee06)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett1-0/+2
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r19481: - reset the vuid before trying a new session setupStefan Metzmacher1-3/+14
- only touch session->vuid when needed - it make no sense to set an .spnego.out.vuid metze (This used to be commit 1940fbed154c89d29214ddf293128a70a97bf923)
2007-10-10r17277: we need to trigger an event when we return directly,Stefan Metzmacher1-1/+1
otherwise the callers callback function will not be called and the caller is hanging forever... metze (This used to be commit e231eba828486e68c9d3a246e1e0c943fdb8301c)
2007-10-10r15741: move smb2 request structures into the main smb request structsStefan Metzmacher1-0/+5
as new levels metze (This used to be commit 91806353174704857dfcc15a730af7232cfde660)
2007-10-10r15416: Point out that this doesn't work, but for servers this old, I justAndrew Bartlett1-0/+2
don't care... Andrew Bartlett (This used to be commit 8abe7ba619a9499229937435b66005e278bcbf38)
2007-10-10r15415: Use Jelmer's new credentials 'wrong password' code to give the user 3Andrew Bartlett1-1/+52
attempts for the password, when talking to a remote CIFS server. Andrew Bartlett (This used to be commit 3a4ddc8f5978210ab3ad79f0332cee80a0d6e6c9)
2007-10-10r14414: added some error checksAndrew Tridgell1-0/+2
(This used to be commit cd9f3adc759f1dc29043c435febfe78e56fece1b)
2007-10-10r14380: Reduce the size of structs.hJelmer Vernooij1-2/+1
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+1
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13850: Test (and fix) not using SPNEGO at all, but instead using raw NTLMSSP.Andrew Bartlett1-13/+25
The switch to turn off SPNEGO in the client is a bit messy, but it works. Andrew Bartlett (This used to be commit 085ba80cc8a954bd84ecf30e5d57a1583f54062f)
2007-10-10r13405: Allow a fallback if SPNEGO is somehow disabled in the client, to ↵Andrew Bartlett1-1/+7
just NTLMSSP. Andrew Bartlett (This used to be commit 3e96975d910496db87e8e34e310f0f6d283210bf)
2007-10-10r13203: Make this comment clearer.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 8e2b461669d2d4d5a789da66b5049ecbddd8fd15)
2007-10-10r11692: added a full composite (async) spnego session setup for SMB2. ThisAndrew Tridgell1-2/+2
simplies the torture code a lot. (This used to be commit 7bf1046fbb7fd83fecb2fa645628ba9a17aab037)
2007-10-10r10981: Pull code to decide between and implement NTLMv2, NTLM and LMAndrew Bartlett1-71/+47
authentication out of the various callers and into the kitchen sink.. err, credentials subsystem. This should ensure consistant logic, as well as get us one step closer to security=server operation in future. Andrew Bartlett (This used to be commit 09c95763301c0f7770d56462e8af4169b8c171fb)
2007-10-10r10598: Factor out common code, in preperation for a move elsewhere.Andrew Bartlett1-11/+7
Andrew Bartlett (This used to be commit 0d757b169a3d521a0d228bed51aa96cf199d5c42)
2007-10-10r10504: - seperate implementation specific stuff, from the generic compositeStefan Metzmacher1-0/+459
stuff. - don't use SMBCLI_REQUEST_* state's in the genreic composite stuff - move monitor_fn to libnet. NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR state in the _send() function. I haven't fixed this bugs in this commit! We may need some composite_trigger_*() functions or so. And maybe some other generic helper functions... metze (This used to be commit 4527815a0a9b96e460f301cb1f0c0b3964c166fc)