summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r17197: This patch moves the encryption of bulk data on SASL negotiated securityAndrew Bartlett4-95/+26
contexts from the application layer into the socket layer. This improves a number of correctness aspects, as we now allow LDAP packets to cross multiple SASL packets. It should also make it much easier to write async LDAP tests from windows clients, as they use SASL by default. It is also vital to allowing OpenLDAP clients to use GSSAPI against Samba4, as it negotiates a rather small SASL buffer size. This patch mirrors the earlier work done to move TLS into the socket layer. Unusual in this pstch is the extra read callback argument I take. As SASL is a layer on top of a socket, it is entirely possible for the SASL layer to drain a socket dry, but for the caller not to have read all the decrypted data. This would leave the system without an event to restart the read (as the socket is dry). As such, I re-invoke the read handler from a timed callback, which should trigger on the next running of the event loop. I believe that the TLS code does require a similar callback. In trying to understand why this is required, imagine a SASL-encrypted LDAP packet in the following formation: +-----------------+---------------------+ | SASL Packet #1 | SASL Packet #2 | ----------------------------------------+ | LDAP Packet #1 | LDAP Packet #2 | ----------------------------------------+ In the old code, this was illegal, but it is perfectly standard SASL-encrypted LDAP. Without the callback, we would read and process the first LDAP packet, and the SASL code would have read the second SASL packet (to decrypt enough data for the LDAP packet), and no data would remain on the socket. Without data on the socket, read events stop. That is why I add timed events, until the SASL buffer is drained. Another approach would be to add a hack to the event system, to have it pretend there remained data to read off the network (but that is ugly). In improving the code, to handle more real-world cases, I've been able to remove almost all the special-cases in the testnonblock code. The only special case is that we must use a deterministic partial packet when calling send, rather than a random length. (1 + n/2). This is needed because of the way the SASL and TLS code works, and the 'resend on failure' requirements. Andrew Bartlett (This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2007-10-10r17083: - implement SMB2 Cancel in the clientStefan Metzmacher5-5/+105
- the 0xffffffffffffffff seqnum is reserved for SMB2 Break (oplock breaks) so don't use it in a request. we should someday try to test this... metze (This used to be commit 730cdc4475822e28cb400116641294a7f98ad0b5)
2007-10-10r17082: Add a test that walks and tests denying tconX access via the share ↵Volker Lendecke1-0/+18
security descriptor. This is something that W2k3 does _not_ pass and probably is not expected to, it seems the don't check access at tconX time. Thanks to metze for the hint how in the srvsvc_NetShareInfo1501 struct the length of the sd can be encoded in idl. As metze says, there's probably more to the share secdesc, this needs more testing. This one is here to walk the samba3 code. Volker (This used to be commit 67185508229a8d7f144c22cb194f573c932d6de5)
2007-10-10r17081: add idle handler support to the smb2 client lib tooStefan Metzmacher2-0/+45
metze (This used to be commit 1f48e7dca6a06078f3655a7f7a8f109bd6c0cb8e)
2007-10-10r17020: pass the real error to the failing requestsStefan Metzmacher2-8/+16
metze (This used to be commit 49b96ac44a883c020c69df7a12df154dc4faa4d5)
2007-10-10r17019: don't timeout on notifiesStefan Metzmacher1-0/+4
metze (This used to be commit 8d4fd35b10b176d31f986bbca5848091dffcd657)
2007-10-10r16980: - make struct smb_notify a union and add levels ↵Stefan Metzmacher4-53/+103
RAW_NOTIFY_NTTRANS,RAW_NOTIFY_SMB2 - parse SMB2 Notify reponse metze (This used to be commit de50e0ccddfad16ad7b254770f4c52c1abe707b9)
2007-10-10r16975: implement SMB2 Notify call in the client libStefan Metzmacher3-0/+106
metze (This used to be commit a455dc7a8392230395c0e444f76a4ca13192f871)
2007-10-10r16949: add and fix some NOTIFY return codesStefan Metzmacher2-1/+4
metze (This used to be commit e40d62363c2123fff37b35c1c7004e85a6786c2a)
2007-10-10r16918: the SMB2 Ioctls are sometimes called with a wildcard handleStefan Metzmacher2-1/+4
the operation doesn't need a valid file handle in that case metze (This used to be commit d41a83d55945b07020349339888f3a34ac4eff4e)
2007-10-10r16875: implement SMB2 Find in the frontendStefan Metzmacher2-4/+9
metze (This used to be commit 58bed7322c7e552d0462a11ce5d46a282c31f8f7)
2007-10-10r16873: - grow the buffer with the correct size, we maybe had 1 byte ↵Stefan Metzmacher1-8/+8
preallocated - body_size doesn't contain the preallocated byte so don't remove it metze (This used to be commit 3cf50e26b7dc11d85c46ef81a36c74acf97085c0)
2007-10-10r16871: zero padding bytesStefan Metzmacher1-0/+1
(found by valgrind) metze (This used to be commit 283bec8295b6302dfe3dc12c82d7870bdfee8b37)
2007-10-10r16834: split the level's of smb_search_first/smb_search_next and the levelsStefan Metzmacher4-109/+156
of smb_search_data metze (This used to be commit 78c201db8a47a71908698c4dda2add4cf85694d9)
2007-10-10r16801: Adding WERR_DS_DRA_ACCESS_DENIED.Günther Deschner2-0/+2
Guenther (This used to be commit 075242b97614202ee265577c9e5dd499e56bd768)
2007-10-10r16791: Typo fix in a comment.Rafal Szczesniak1-1/+1
rafal (This used to be commit 48a9f822442c8b115fd61d9c6781d8100df2bf9e)
2007-10-10r16734: the 2 bytes after the opcode and before the flags,Stefan Metzmacher2-15/+15
is no padding... the following patch is needed for vista beta2 to connect to samba4 metze (This used to be commit 58baae8fc463cd2c4e4ce532c153ad80313b03eb)
2007-10-10r16708: the packet format of SMB2 SessionSetup has changed,Stefan Metzmacher2-9/+16
there're 8 more unknown bytes... Note: - vista-CTP also support this as a server, but uses the old format as client - but vista-beta2 only uses and accept the new format metze (This used to be commit b3bdd4afdefc9ad3550f86a0aa6e6c90bf8ab416)
2007-10-10r16705: fix a bug found by valgrind...Stefan Metzmacher3-10/+29
as we setup the 1 padding byte for non present dynamic part, we need to overwrite it when we're getting a real dynamic part, so we need to remove the buf->size +=1 when we do the first push to the dynamic part (when buf->dynamic is still but->body + buf->body_fixed) metze (This used to be commit f309209629ad1b63a76fc06163a3eeb07dce4c86)
2007-10-10r16699: the layout of SMB2 Read and Write is identical...Stefan Metzmacher3-7/+3
so we know that the 9th bytes is just uninitialized padding metze (This used to be commit f97a21b970ed23973cced2c67b5bc9ecd7afee88)
2007-10-10r16669: this calls don't expect any valid error codes than NT_STATUS_OKStefan Metzmacher6-6/+6
metze (This used to be commit 429215113bd999466141df0a2e3b3097d677df1f)
2007-10-10r16667: - use ndr_pull_struct_blob() to make the RAW_FILEINFO_SEC_DESC pull codeStefan Metzmacher2-13/+22
simpler - use ndr_push_struct_blob() for RAW_SFILEINFO_SEC_DESC metze (This used to be commit 79e51f033e680303431e56e818346b66a836d044)
2007-10-10r16569: - use push_string()Stefan Metzmacher1-3/+3
metze (This used to be commit f099fcb6e3a38d6df22cb3a0c7c666333e41f11b)
2007-10-10r16566: add pull function for a site32/offset32 blobStefan Metzmacher1-0/+24
metze (This used to be commit 81702c36c28e9e32860c5d91887d2ad2121ce306)
2007-10-10r16464: split client and server min/max protocol settingsStefan Metzmacher2-2/+2
metze (This used to be commit 6164d1e22e0545f558315591d49f862de06ea945)
2007-10-10r16406: use the generic smb_handle in smb2_getinfo/smb2_setinfoStefan Metzmacher3-7/+7
metze (This used to be commit dcc02df8297162a7fd913560194d9e821798dbe0)
2007-10-10r16100: Patch from Michael Wood <mwood@icts.uct.ac.za>: s/then/than/ for ↵Gerald Carter1-2/+2
correct grammar (This used to be commit 26a2fa97e4c819e630bc9b50e11c8d5328c7b8c8)
2007-10-10r16091: Without this patch Samba3 will not accept this, and simply setting ↵Volker Lendecke1-2/+3
the "92" to "100" will give funny permissions... Volker (This used to be commit b76a3d4f590963d48eae8a9899d17ae3833c3dfa)
2007-10-10r16073: On an incoming wildcard search, it is critical that the size beAndrew Bartlett1-2/+2
correct, or we try and do a memcmp on the trailing '\0'. This happens because we now use memcmp for the prefix matching. I just wish I had a test other than a particular invocation of the OSX client. (I've tried and failed so far) Andrew Bartlett (This used to be commit 36aa8390807581442c68ac3ee9dd6eb05d89b86d)
2007-10-10r15854: more talloc_set_destructor() typesafe fixesAndrew Tridgell8-29/+13
(This used to be commit 61c6100617589ac6df4f527877241464cacbf8b3)
2007-10-10r15835: fixed locking in the client libraryAndrew Tridgell1-0/+1
(This used to be commit 7ea51fb624ded55f69f235a6791de871f754e8fa)
2007-10-10r15834: fixed a memory leak in the session codeAndrew Tridgell1-1/+1
(This used to be commit 8a7047c102cdbcf746dcdf8a52554816b7770026)
2007-10-10r15820: this line was just for testingStefan Metzmacher1-2/+0
metze (This used to be commit 1a9bfa2ac96d09d34d3c974ec5d89dc23bf3e153)
2007-10-10r15815: add SMB2 Lock client codeStefan Metzmacher2-0/+78
metze (This used to be commit 4a307d7185862675fee23f55d3f85950a76f551d)
2007-10-10r15814: add SMB2 Lock interface structureStefan Metzmacher2-1/+35
metze (This used to be commit 8f1850ef65dc8c860912639d787d82399d015f13)
2007-10-10r15794: fixed a problem with DOS status codes - found by kukks (thanks!)Andrew Tridgell1-0/+5
(This used to be commit 1a57b16715bf8b82e8f9118c3ab401acf081d02c)
2007-10-10r15775: add some privilege related WERROR codesStefan Metzmacher2-0/+4
metze (This used to be commit 4e8c9bbd768a0d3f8719d8f2005d9b1b527c44fd)
2007-10-10r15770: when there's a dynamic body, we need to send the first byte even if theStefan Metzmacher1-0/+1
dynamic size if 0 metze (This used to be commit c7e8e79d75fd53fa37e9220e5bc9cac7ab574ff6)
2007-10-10r15756: handle RAW_OPEN_SMB2Stefan Metzmacher1-0/+3
metze (This used to be commit 8aebd7adc9a0288ebf6b8d84fc376d699054a520)
2007-10-10r15744: convert_string_talloc() handles src_len == 0 as errorStefan Metzmacher1-0/+8
but it's valid in this case metze (This used to be commit 92c19b1ba4e89bd1e973e084b254087c98ceac18)
2007-10-10r15741: move smb2 request structures into the main smb request structsStefan Metzmacher16-291/+403
as new levels metze (This used to be commit 91806353174704857dfcc15a730af7232cfde660)
2007-10-10r15740: add TODO, that we should check if the server supportsStefan Metzmacher1-0/+4
large offsets, before sending large offset requests metze (This used to be commit b9ba2b8c5a314ba9e559e50bea4deb692dc0f3ec)
2007-10-10r15737: fix a typos and commentStefan Metzmacher2-3/+3
metze (This used to be commit 1f50b2e0534ee25861b6812b64d91f63cbb118ad)
2007-10-10r15718: - split the SMBflush with the 0xFFFF wildcard fnum into a different ↵Stefan Metzmacher2-1/+18
level metze (This used to be commit 95bf41b4d4ec96349802955e364fe44ef85f9077)
2007-10-10r15688: windows sends 4 as max_setup count on NT IOCTLStefan Metzmacher1-1/+1
metze (This used to be commit 0d983fa46fff588cf94e58732e36e324e2f0478a)
2007-10-10r15661: add NT_STATUS_OBJECTID_NOT_FOUNDStefan Metzmacher2-0/+2
metze (This used to be commit 2c9db9429106094b8ee9fa45e6f9a89af7c3725f)
2007-10-10r15656: for NT IOCTL's we need to control the max_data field for some callsStefan Metzmacher2-1/+2
metze (This used to be commit 3cab02f6f513cf7eb3d8863e62952766bb4d908f)
2007-10-10r15643: add some FSCTL_ codesStefan Metzmacher1-5/+32
metze (This used to be commit 47dc1ed25323e76b93d9cef2a389726734d2e735)
2007-10-10r15640: - NT IOCTL calls also have an 'in' data_blobStefan Metzmacher2-7/+17
- fix the receive code of NT IOCTL's we only need the NTTRANS data payload not the SMB payload here metze (This used to be commit 358d03143f0a78344c1af720e33ebe2619df09df)
2007-10-10r15638: add a usefull macro to get a pointer the smb_handle unionStefan Metzmacher1-1/+43
of smb_open, as it's not nicely alligned for all levels, If someone has an idea for a better solution where we can access it via op->generic.out.file.* please let me know:-) metze (This used to be commit d0a7408280c35dc4a5a21cbbded895c6c83819e6)