summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett1-2/+2
Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2007-10-10r9702: r9680@blu: tridge | 2005-08-27 18:45:08 +1000Andrew Tridgell2-3/+4
- fixed ncacn_ip_tcp to use the generic async name resolution methods, so NBT names now work (as requested several times by abartlet!) - changed resolve_name() to take an event_context, so it doesn't cause the whole process to block - cleaned up the talloc_find_parent_bytype() calls to go via a cleaner event_context_find() call (This used to be commit b3d491b210a8b889a25efcb273e70fefbd01b7f7)
2007-10-10r9638: add error code that you get when you call DsGetNCChanges() with a ↵Stefan Metzmacher1-0/+1
tmp_highest_usn which is higher than the real highest of the source dsa metze (This used to be commit e4424d2a6dc7a783e8b3af4a164f8dc801130e44)
2007-10-10r9573: fixed a commentAndrew Tridgell1-1/+1
(This used to be commit d151a9459dcbfc88b0dc2ec9dd1cafa18ad5b8f8)
2007-10-10r9514: add some new error codes I was getting with DsGetNCChanges() and ↵Stefan Metzmacher1-0/+2
DsAddEntry() metze (This used to be commit 2cbbb8ace215f56e4e9affd54027bbd74309ae3a)
2007-10-10r9511: - fix the memory treesStefan Metzmacher2-7/+8
- add a note about a possible talloc_free() metze (This used to be commit 550e3030f0e02720b527f3b4923457f05f484e6e)
2007-10-10r9510: fix the memory treeStefan Metzmacher1-1/+1
metze (This used to be commit 6d412cf0a4186ec04cee61dd5387903de051fde7)
2007-10-10r9505: Work on GENSEC and the code that calls it, for tighter interfaceAndrew Bartlett3-63/+121
requirements, and for better error reporting. In particular, the composite session setup (extended security/SPNEGO) code now returns errors, rather than NT_STATUS_NO_MEMORY. This is seen particularly when GENSEC fails to start. The tighter interface rules apply to NTLMSSP, which must be called exactly the right number of times. This is to match some of our other less-tested modules, where adding flexablity is harder. (and this is security code, so let's just get it right). As such, the DCE/RPC and LDAP clients have been updated. Andrew Bartlett (This used to be commit 134550cf752b9edad66c3368750bfb4bbd9d55d1)
2007-10-10r9479: More fixes for explicit ignoring of returned result to fix Coverity ↵Alexander Bokovoy2-2/+2
warnings (This used to be commit 4f9f4312e98cce7589fc8e094d08e76cc697ab3d)
2007-10-10r9476: Make intention to ignore result of receiving excplicit. Fixes warning ↵Alexander Bokovoy1-1/+1
found by Coverity (This used to be commit d1b7a4a24c3af1bfcc289a3476c9fb33ed2fb840)
2007-10-10r9421: Move arcfour code into it's own file, in lib/crypto.Andrew Bartlett1-67/+0
Andrew Bartlett (This used to be commit ca6cf462708810637544d4b4bef0f404fb89a002)
2007-10-10r9291: Add a stub for smb_raw_lpq() which is in smb_interfaces.h but doesn'tTim Potter2-1/+50
seem to be used anywhere yet. (This used to be commit 9e5ce3a28892241e2b080c0fa187ee99042c2330)
2007-10-10r9240: - move struct security_token to the idl file, with this we canStefan Metzmacher7-46/+10
the ndr_pull/push/print functions for it in the ntacl-lsm module - fix compiler warnings in the ldap_encode_ndr_* code metze (This used to be commit 83d65d0d7ed9c240ad44aa2c881c1f07212bfda4)
2007-10-10r9223: Rename smb_raw_session_setup() to smb_raw_sesssetup().Tim Potter3-14/+15
(This used to be commit 5e6d330e7388e47e1b2bfc96fff07682e90f63a5)
2007-10-10r9222: Rename smb_tree_connect() to smb_raw_tcon() to match other raw functionTim Potter4-13/+13
names. (This used to be commit 26b191b3c9529b2dae5d004819dab46657064408)
2007-10-10r9048: added a new DOS error code (thanks to EMC)Andrew Tridgell1-0/+1
(This used to be commit 1936c20939a6e1311665b44a71a31ab231ba7b28)
2007-10-10r8917: Better support for extended ldap search operationsSimo Sorce1-17/+49
Try to follow the RFC where possible and adapt to openLdap and AD way of handling this structure (This used to be commit d844d45d87b4114bc1b9af2e40f8c27ba3e219de)
2007-10-10r8825: Move list of object files to .mk fileJelmer Vernooij2-23/+24
(This used to be commit 604422b1f967733b009a6e93520cb196d1eb5a89)
2007-10-10r8811: Fix the build..Jelmer Vernooij3-0/+3
(This used to be commit fac77f5fa267da57a55e88cad8993897e80741a0)
2007-10-10r8788: New monitor messages.Rafal Szczesniak1-0/+2
rafal (This used to be commit 40061d7bd66be702d92c80da2c5f955b640eda22)
2007-10-10r8777: make sure that the tree connect is a child of the return cli state ↵Andrew Tridgell1-8/+3
structure. This fixes the BASE-DISCONNECT test (This used to be commit 86fe5817b1abc754763eede64b615dc8c9db5362)
2007-10-10r8776: fixed SMB connections for IP addresses, even when name resolve orderAndrew Tridgell1-4/+11
doesn't include 'host' (This used to be commit 77a1e3076a8d5c711fc96a69dd1a58c00d1f9604)
2007-10-10r8760: Rework monitor messaging code a bit, as Metze once suggested.Rafal Szczesniak1-26/+11
enum type has now been replaced with unsigned 32-bit field and message data is passed as void pointer. This allows various extension implementers to plug their monitor messages in more easily. rafal (This used to be commit 4a6ab58133a59d3da3209b3e46c2a8cf848d25e7)
2007-10-10r8699: removed invalid commentAndrew Bartlett1-2/+0
(This used to be commit f5910ceef5e1ec3fe40b4589e919fe502593b582)
2007-10-10r8628: add retries to the normal paths of nbt name resolution. UDP ↵Andrew Tridgell1-2/+2
broadcasts are not 100% reliable :) (This used to be commit 0f8f1cd18e20ea4f3a06bb093b00b930cfd005b2)
2007-10-10r8585: add to ldb and ldap comparison functionalitySimo Sorce1-9/+96
better pares filters Approx is currently only a stub need to dig more info to understand what it really means and how it works exactly (This used to be commit a9e8cd0bad27ed2b3c6a12302e787ba3c9a70a3c)
2007-10-10r8530: Now our ldap server is able to fullfill present and substring searchesSimo Sorce1-36/+184
(This used to be commit a910671bd8c6d2d8d5b6ff30fc07ead244e696f1)
2007-10-10r8523: match a zero message id in ldap replies to the last request sent. ↵Andrew Tridgell1-0/+8
Thanks to simo for noticing that this is needed to catch the server sending a "can't decode request" error reply (This used to be commit 6e81e866dc7a5dc014d2d9f2e09803c6adfd1830)
2007-10-10r8520: fixed a pile of warnings from the build farm gcc -Wall output onAndrew Tridgell13-20/+20
S390. This is an attempt to avoid the panic we're seeing in the automatic builds. The main fixes are: - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats - use of NULL format statements to perform dn searches. - assumption that sizeof() returns an int (This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
2007-10-10r8414: Some C++ friendlyness fixes - 'not' is apparently a keyword in C++.Tim Potter1-3/+3
(This used to be commit bcfb3a45e4a5962fe763f8071d4458f4bd11605b)
2007-10-10r8407: fixed a bug left over from our old socket code.Andrew Tridgell2-46/+41
Thanks to lha for giving me a login on a netbsd machine to see this (This used to be commit 4e66f682e4f1c31bbe9441a13af2c245db31433d)
2007-10-10r8394: Make sure the argument to ctype is*(3) macros are unsigned char asLove Hörnquist Åstrand1-1/+1
required by ISO C99. (This used to be commit 56fd21c806e816cf4c3d23881f26474f858b45e2)
2007-10-10r8247: remove the free of fullname in nbtname.c for now.Andrew Tridgell1-1/+5
Metze, the ndr_token_store() code is storing temporary pointers into this string in the token list, which means we are referring to freed memory when we scan the token list. A better key might be a pointer into the ndr buffer? (This used to be commit 6a4e8cc991613773a65545eb308cf4ead75844e8)
2007-10-10r8212: fix pushing of nbt_string's:Stefan Metzmacher1-35/+49
- we now use an ndr_token_list, for the nbt string label pointer offsets this avoids to scan the whole buffer - we need to check for already send string on a per component basis not only for the fullname e.g. w2k3 response this in the CLDAP netlogon replies forest: w2k3.vmnet1.vm.base dns_name: sub1. pdc_dns_name: w2k3-104. and this will be interpreted like forest: w2k3.vmnet1.vm.base dns_name: sub1.w2k3.vmnet1.vm.base pdc_dns_name: w2k3-104.w2k3.vmnet1.vm.base metze (This used to be commit d18303a0e27643285ffaf100eeddea2f9555c9db)
2007-10-10r8174: Check DOS error codes in torture chkpath test.Jeremy Allison1-0/+1
Jeremy. (This used to be commit ff58ecad044dc7a3cdb4c010ea5cc1ea5e2e4b3b)
2007-10-10r8134: remove unused varStefan Metzmacher1-1/+0
metze (This used to be commit f308b72b19ab1e0e2f5a732bd1bc13082a634a9c)
2007-10-10r8125: fixed an error code mapping based on the updated torture testsAndrew Tridgell1-1/+1
(This used to be commit a3b8a00d7f67da5bc1187ce271a8df1601411dbc)
2007-10-10r8115: added support for 2 more dos error codes found during testingAndrew Tridgell1-0/+2
(This used to be commit 97cb70571377e3b4e5eb0b7ca516e4af349fdfea)
2007-10-10r8111: fixed the client library to work against w2k3 with nt status codesAndrew Tridgell2-271/+31
disabled. The main change is to turn off spnego, which cannot work at all without nt status codes (w2k3 gives a ERRHRD:ERRgeneral error when you try) I also modified NT_STATUS_EQUAL() to allow for nt->dos code equality, but only when nt status codes are disabled in smb.conf. That keeps all the existing torture code working, while still allowing us to correctly catch the cases where forced dos error codes are needed The dos->ntstatus mapping table has been removed completely, as it doesn't really make sense, is impossible to get right, and with the new dos status handling isn't needed. When matching a nt status code to a dos status code it makes far more sense to map from the nt code to the dos code and compare, rather than the reverse, as the nt->dos mapping is what windows has to do internally, so there really is a valid mapping table. (This used to be commit f21274e07b361ef40fdc0fe23e96f1c9c63a091c)
2007-10-10r8106: the use of a static string for dos error codes was causing problems inAndrew Tridgell3-186/+121
the torture code. To fix this, get rid of dos_errstr() and instead move the strings into the nt_errstr() table, using cpp to generate the strings (This used to be commit 3136ad9634f0a5ab46e4f83e093df87fdd36484d)
2007-10-10r8104: - added support for our client library to not negotiate nt status ↵Andrew Tridgell5-53/+32
codes, controlled with 'nt status support' option. - make nt_errstr() display nice strings for dos status codes encoded using NT_STATUS_DOS() - no longer map between dos and nt status codes in the client library, instead return using NT_STATUS_DOS() - fixed the RAW-CONTEXT test to look for NT_STATUS_DOS(ERRSRV, ERRbaduid) instead of NT_STATUS_INVALID_HANDLE (This used to be commit ff5549e87ffae9f062394f30d8fd1ae95b614735)
2007-10-10r8003: ensure that we don't try to send a trans request with more than 64k ↵Andrew Tridgell1-0/+8
data or params (This used to be commit b4f2d17ace6a609ec87da103a89e36edee8903f9)
2007-10-10r8002: favor addresses on our local interfaces in NBT name resolution ifAndrew Tridgell1-1/+14
possible. This is needed because w2k3 will return bogus IPs in its name resolution replies when it has an unplugged network interface. (This used to be commit 2fafc230520fb5bbe9f763de94aaba87b56f5411)
2007-10-10r7970: This SMB signing code (merged from 3.0) turned out to be bogus.Andrew Bartlett1-8/+0
Andrew Bartlett (This used to be commit 817160ec1a85724c8bf482f128ea687396de0888)
2007-10-10r7941: fixed handling of ASN.1 objects bigger than 64kAndrew Tridgell1-1/+10
(This used to be commit f88a6018821163a52bdf384142c7d16f5011ab4e)
2007-10-10r7865: changed pidl to take a "const void *" instead of a "void *" for theAndrew Tridgell1-1/+1
structure in ndr_push_*() and ndr_print_*(). The push and print functions really should not modify the structure. metze, to make this work I had to change your spoolss hand marshaller. Can you please check it is OK? I think that the IN and OUT sides of that function are not ever called on the same structure, so I think that attempt at remembering the value by assigning to r->in._offered was not doing anything anyway, but please correct me if I have misunderstood it. If you really do need to remember something on those structures I'd suggest the ndr_token_store() and ndr_token_retrieve() functions, which are used by pidl for just this sort of thing. (This used to be commit eee528be97fa43ca53bdc5652b4d29a0a2caf563)
2007-10-10r7860: switch our ldb storage format to use a NDR encoded objectSid. This isAndrew Tridgell1-1/+1
quite a large change as we had lots of code that assumed that objectSid was a string in S- format. metze and simo tried to convince me to use NDR format months ago, but I didn't listen, so its fair that I have the pain of fixing all the code now :-) This builds on the ldb_register_samba_handlers() and ldif handlers code I did earlier this week. There are still three parts of this conversion I have not finished: - the ltdb index records need to use the string form of the objectSid (to keep the DNs sane). Until that it done I have disabled indexing on objectSid, which is a big performance hit, but allows us to pass all our tests while I rejig the indexing system to use a externally supplied conversion function - I haven't yet put in place the code that allows client to use the "S-xxx-yyy" form for objectSid in ldap search expressions. w2k3 supports this, presumably by looking for the "S-" prefix to determine what type of objectSid form is being used by the client. I have been working on ways to handle this, but am not happy with them yet so they aren't part of this patch - I need to change pidl to generate push functions that take a "const void *" instead of a "void*" for the data pointer. That will fix the couple of new warnings this code generates. Luckily it many places the conversion to NDR formatted records actually simplified the code, as it means we no longer need as many calls to dom_sid_parse_talloc(). In some places it got more complex, but not many. (This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
2007-10-10r7856: fixed warning of 'methods' shadowed variableAndrew Tridgell1-4/+4
(This used to be commit c435843c66a5dcc003d157374529c3c5ac733e36)
2007-10-10r7855: fixed a typoAndrew Tridgell1-1/+1
(This used to be commit a1155651e722e28496be02b729c950afae5db9a9)
2007-10-10r7814: Propagate the change in resolve_name_send function.Rafal Szczesniak1-1/+1
(This used to be commit 7abd634701e2f07ad0497cdbb41467b8911369c7)