summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r18021: Add ldapi support to our LDAP client. To be used for testing anAndrew Bartlett1-34/+93
OpenLDAP backend. Andrew Bartlett (This used to be commit da66b53e6ac39c5f020781830ee69d460aa0cae5)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij16-14/+607
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r17848: Ok, this did not do it. Still got the same problem.Volker Lendecke1-8/+1
(This used to be commit bb393603707ada3d4b917f8374b7738f16c78f46)
2007-10-10r17846: Ok, this is a patch that needs further discussion. On Solaris, ↵Volker Lendecke1-1/+8
snprintf seems to be broken. The %lu modifies apparently can not cope with the high bit==1. In dom_sid_string I added some printfs and got: auth: 21 auth: 2666793276 auth: 679821296 auth: 2310223117 auth: 1206 sid=S-1-5-21-8446744072081377596-679821296-8446744071724807437-1206 The "auth:" values are direct printfs, the sid= is the resulting code from dom_sid_string. I could not reproduce it with a simple test program, and #ifdef'ing out HAVE_SNPRINTF in config.h manually does not help either, probably because the dynamic linker overwrites the symbol in lib/replace. Checking it in because it fixes the RPC-SAMBA3-SHARESEC test directly on host "sunx", I would like to see whether it also fixes IRIX and AIX. Volker (This used to be commit 1a9401738f652a87d377a32086342f5f98525fc2)
2007-10-10r17586: merge lib/netif into lib/socket and use -lnsl -lsocket on theStefan Metzmacher3-3/+3
configure check for the interfaces. should fix the build on some old sun boxes metze (This used to be commit f20e251bfd9f1eb7ce5c00739631b1625a2aa467)
2007-10-10r17567: add error code I got from DsGetNCChangesStefan Metzmacher2-0/+4
when I don't use the DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION flag on DsBind metze (This used to be commit 8458ee72c5c1005ab80b9f7ea6efe617e5c76106)
2007-10-10r17430: implement the LDAP_SERVER_PERMISSIVE_MODIFY control in the clientStefan Metzmacher1-0/+20
metze (This used to be commit 96259f0f24b114e505241c9d2deb702a8b40f1b6)
2007-10-10r17429: implement the LDAP_SERVER_SHOW_DELETED control in the clientStefan Metzmacher1-0/+20
metze (This used to be commit 40dc7c1787c16bfc15ac87fee81d2d2d1f3d2fde)
2007-10-10r17420: add client support for the LDAP_SERVER_DOMAIN_SCOPE controlStefan Metzmacher1-0/+20
metze (This used to be commit 84e74a759cfa49ebc8b4ba1b8e729d6d920fc55a)
2007-10-10r17419: add client support for the LDAP_SERVER_SEARCH_OPTIONS support.Stefan Metzmacher1-0/+59
with this you can limit a search to a specific partitions or a search over all partitions without getting referrals. (Witch is the default behavior on the Global Catalog Port) metze (This used to be commit 4ccd0f8171f3748ee6efe1abd3f894d2cdf46bf4)
2007-10-10r17418: add client support for the LDAP_SERVER_SD_FLAGS controlStefan Metzmacher1-0/+59
metze (This used to be commit 23759a1e9b05c4fde475a9016cb0b7447656d7e7)
2007-10-10r17414: add new error codeStefan Metzmacher2-0/+2
metze (This used to be commit e15a015a1d9aa3872271c0c5542e7d055a6f673a)
2007-10-10r17319: make better usage of the composite apiStefan Metzmacher1-28/+20
metze (This used to be commit 8f9e201b9a797c0772672efab0f8e6a7a6312eb0)
2007-10-10r17318: make better usage of the composite apiStefan Metzmacher2-51/+13
metze (This used to be commit 683fc25f6524a3821ba70529251aabe97bad9370)
2007-10-10r17317: - add a composite_create() function that allocates and initializeStefan Metzmacher2-0/+29
the composite_context structue, we should try to convert all code to use this because there're a lot of places where the we have bugs with this task... - add a composite_continue_smb2() helper We should try to hide the internals of the composite code from the users to avoid errors (and I found a lot of them... and will fix then step by step) metze (This used to be commit a16180f20246844d05996d385fcb71893e08f589)
2007-10-10r17278: fix un uninitialized value found by valgrindStefan Metzmacher1-0/+1
metze (This used to be commit fe463bc568e8ac78ca161bcba3e867d33bb828b3)
2007-10-10r17277: we need to trigger an event when we return directly,Stefan Metzmacher1-1/+1
otherwise the callers callback function will not be called and the caller is hanging forever... metze (This used to be commit e231eba828486e68c9d3a246e1e0c943fdb8301c)
2007-10-10r17230: don't overwrite the error with NT_STATUS_NO_MEMORYStefan Metzmacher1-10/+7
metze (This used to be commit f2196bf9b662d3f38d59eceb8c54f9d2e3f7b505)
2007-10-10r17222: Change the function prototypes for the GENSEc and TLS socket creationAndrew Bartlett2-14/+18
routines to return an NTSTATUS. This should help track down errors. Use a bit of talloc_steal and talloc_unlink to get the real socket to be a child of the GENSEC or TLS socket. Always return a new socket, even for the 'pass-though' case. Andrew Bartlett (This used to be commit 003e2ab93c87267ba28cd67bd85975bad62a8ea2)
2007-10-10r17197: This patch moves the encryption of bulk data on SASL negotiated securityAndrew Bartlett4-95/+26
contexts from the application layer into the socket layer. This improves a number of correctness aspects, as we now allow LDAP packets to cross multiple SASL packets. It should also make it much easier to write async LDAP tests from windows clients, as they use SASL by default. It is also vital to allowing OpenLDAP clients to use GSSAPI against Samba4, as it negotiates a rather small SASL buffer size. This patch mirrors the earlier work done to move TLS into the socket layer. Unusual in this pstch is the extra read callback argument I take. As SASL is a layer on top of a socket, it is entirely possible for the SASL layer to drain a socket dry, but for the caller not to have read all the decrypted data. This would leave the system without an event to restart the read (as the socket is dry). As such, I re-invoke the read handler from a timed callback, which should trigger on the next running of the event loop. I believe that the TLS code does require a similar callback. In trying to understand why this is required, imagine a SASL-encrypted LDAP packet in the following formation: +-----------------+---------------------+ | SASL Packet #1 | SASL Packet #2 | ----------------------------------------+ | LDAP Packet #1 | LDAP Packet #2 | ----------------------------------------+ In the old code, this was illegal, but it is perfectly standard SASL-encrypted LDAP. Without the callback, we would read and process the first LDAP packet, and the SASL code would have read the second SASL packet (to decrypt enough data for the LDAP packet), and no data would remain on the socket. Without data on the socket, read events stop. That is why I add timed events, until the SASL buffer is drained. Another approach would be to add a hack to the event system, to have it pretend there remained data to read off the network (but that is ugly). In improving the code, to handle more real-world cases, I've been able to remove almost all the special-cases in the testnonblock code. The only special case is that we must use a deterministic partial packet when calling send, rather than a random length. (1 + n/2). This is needed because of the way the SASL and TLS code works, and the 'resend on failure' requirements. Andrew Bartlett (This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2007-10-10r17083: - implement SMB2 Cancel in the clientStefan Metzmacher5-5/+105
- the 0xffffffffffffffff seqnum is reserved for SMB2 Break (oplock breaks) so don't use it in a request. we should someday try to test this... metze (This used to be commit 730cdc4475822e28cb400116641294a7f98ad0b5)
2007-10-10r17082: Add a test that walks and tests denying tconX access via the share ↵Volker Lendecke1-0/+18
security descriptor. This is something that W2k3 does _not_ pass and probably is not expected to, it seems the don't check access at tconX time. Thanks to metze for the hint how in the srvsvc_NetShareInfo1501 struct the length of the sd can be encoded in idl. As metze says, there's probably more to the share secdesc, this needs more testing. This one is here to walk the samba3 code. Volker (This used to be commit 67185508229a8d7f144c22cb194f573c932d6de5)
2007-10-10r17081: add idle handler support to the smb2 client lib tooStefan Metzmacher2-0/+45
metze (This used to be commit 1f48e7dca6a06078f3655a7f7a8f109bd6c0cb8e)
2007-10-10r17020: pass the real error to the failing requestsStefan Metzmacher2-8/+16
metze (This used to be commit 49b96ac44a883c020c69df7a12df154dc4faa4d5)
2007-10-10r17019: don't timeout on notifiesStefan Metzmacher1-0/+4
metze (This used to be commit 8d4fd35b10b176d31f986bbca5848091dffcd657)
2007-10-10r16980: - make struct smb_notify a union and add levels ↵Stefan Metzmacher4-53/+103
RAW_NOTIFY_NTTRANS,RAW_NOTIFY_SMB2 - parse SMB2 Notify reponse metze (This used to be commit de50e0ccddfad16ad7b254770f4c52c1abe707b9)
2007-10-10r16975: implement SMB2 Notify call in the client libStefan Metzmacher3-0/+106
metze (This used to be commit a455dc7a8392230395c0e444f76a4ca13192f871)
2007-10-10r16949: add and fix some NOTIFY return codesStefan Metzmacher2-1/+4
metze (This used to be commit e40d62363c2123fff37b35c1c7004e85a6786c2a)
2007-10-10r16918: the SMB2 Ioctls are sometimes called with a wildcard handleStefan Metzmacher2-1/+4
the operation doesn't need a valid file handle in that case metze (This used to be commit d41a83d55945b07020349339888f3a34ac4eff4e)
2007-10-10r16875: implement SMB2 Find in the frontendStefan Metzmacher2-4/+9
metze (This used to be commit 58bed7322c7e552d0462a11ce5d46a282c31f8f7)
2007-10-10r16873: - grow the buffer with the correct size, we maybe had 1 byte ↵Stefan Metzmacher1-8/+8
preallocated - body_size doesn't contain the preallocated byte so don't remove it metze (This used to be commit 3cf50e26b7dc11d85c46ef81a36c74acf97085c0)
2007-10-10r16871: zero padding bytesStefan Metzmacher1-0/+1
(found by valgrind) metze (This used to be commit 283bec8295b6302dfe3dc12c82d7870bdfee8b37)
2007-10-10r16834: split the level's of smb_search_first/smb_search_next and the levelsStefan Metzmacher4-109/+156
of smb_search_data metze (This used to be commit 78c201db8a47a71908698c4dda2add4cf85694d9)
2007-10-10r16801: Adding WERR_DS_DRA_ACCESS_DENIED.Günther Deschner2-0/+2
Guenther (This used to be commit 075242b97614202ee265577c9e5dd499e56bd768)
2007-10-10r16791: Typo fix in a comment.Rafal Szczesniak1-1/+1
rafal (This used to be commit 48a9f822442c8b115fd61d9c6781d8100df2bf9e)
2007-10-10r16734: the 2 bytes after the opcode and before the flags,Stefan Metzmacher2-15/+15
is no padding... the following patch is needed for vista beta2 to connect to samba4 metze (This used to be commit 58baae8fc463cd2c4e4ce532c153ad80313b03eb)
2007-10-10r16708: the packet format of SMB2 SessionSetup has changed,Stefan Metzmacher2-9/+16
there're 8 more unknown bytes... Note: - vista-CTP also support this as a server, but uses the old format as client - but vista-beta2 only uses and accept the new format metze (This used to be commit b3bdd4afdefc9ad3550f86a0aa6e6c90bf8ab416)
2007-10-10r16705: fix a bug found by valgrind...Stefan Metzmacher3-10/+29
as we setup the 1 padding byte for non present dynamic part, we need to overwrite it when we're getting a real dynamic part, so we need to remove the buf->size +=1 when we do the first push to the dynamic part (when buf->dynamic is still but->body + buf->body_fixed) metze (This used to be commit f309209629ad1b63a76fc06163a3eeb07dce4c86)
2007-10-10r16699: the layout of SMB2 Read and Write is identical...Stefan Metzmacher3-7/+3
so we know that the 9th bytes is just uninitialized padding metze (This used to be commit f97a21b970ed23973cced2c67b5bc9ecd7afee88)
2007-10-10r16669: this calls don't expect any valid error codes than NT_STATUS_OKStefan Metzmacher6-6/+6
metze (This used to be commit 429215113bd999466141df0a2e3b3097d677df1f)
2007-10-10r16667: - use ndr_pull_struct_blob() to make the RAW_FILEINFO_SEC_DESC pull codeStefan Metzmacher2-13/+22
simpler - use ndr_push_struct_blob() for RAW_SFILEINFO_SEC_DESC metze (This used to be commit 79e51f033e680303431e56e818346b66a836d044)
2007-10-10r16569: - use push_string()Stefan Metzmacher1-3/+3
metze (This used to be commit f099fcb6e3a38d6df22cb3a0c7c666333e41f11b)
2007-10-10r16566: add pull function for a site32/offset32 blobStefan Metzmacher1-0/+24
metze (This used to be commit 81702c36c28e9e32860c5d91887d2ad2121ce306)
2007-10-10r16464: split client and server min/max protocol settingsStefan Metzmacher2-2/+2
metze (This used to be commit 6164d1e22e0545f558315591d49f862de06ea945)
2007-10-10r16406: use the generic smb_handle in smb2_getinfo/smb2_setinfoStefan Metzmacher3-7/+7
metze (This used to be commit dcc02df8297162a7fd913560194d9e821798dbe0)
2007-10-10r16100: Patch from Michael Wood <mwood@icts.uct.ac.za>: s/then/than/ for ↵Gerald Carter1-2/+2
correct grammar (This used to be commit 26a2fa97e4c819e630bc9b50e11c8d5328c7b8c8)
2007-10-10r16091: Without this patch Samba3 will not accept this, and simply setting ↵Volker Lendecke1-2/+3
the "92" to "100" will give funny permissions... Volker (This used to be commit b76a3d4f590963d48eae8a9899d17ae3833c3dfa)
2007-10-10r16073: On an incoming wildcard search, it is critical that the size beAndrew Bartlett1-2/+2
correct, or we try and do a memcmp on the trailing '\0'. This happens because we now use memcmp for the prefix matching. I just wish I had a test other than a particular invocation of the OSX client. (I've tried and failed so far) Andrew Bartlett (This used to be commit 36aa8390807581442c68ac3ee9dd6eb05d89b86d)
2007-10-10r15854: more talloc_set_destructor() typesafe fixesAndrew Tridgell8-29/+13
(This used to be commit 61c6100617589ac6df4f527877241464cacbf8b3)
2007-10-10r15835: fixed locking in the client libraryAndrew Tridgell1-0/+1
(This used to be commit 7ea51fb624ded55f69f235a6791de871f754e8fa)