summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2008-09-23s4-libcli: move nbt/netlogon helper functions up one level.Günther Deschner3-502/+0
Guenther
2008-09-23fixed problem with ACLs with an empty DACL listAndrew Tridgell1-1/+14
2008-09-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaAndrew Tridgell20-3086/+101
2008-09-23libcli/smb_composite: for spnego session setups check the smb signature manuallyStefan Metzmacher1-23/+57
We need to start signing when we got NT_STATUS_OK from the server and manually check the signature of the servers response. This is needed as the response might be signed with the krb5 acceptor subkey, which comes within the server response. With NTLMSSP this happens for the session setup: request1 => BSRSPYL seqnum: 0 response1 => BSRSPYL seqnum: 0 request2 => BSRSPYL seqnum: 0 response2 => <SIGNATURE> seqnum: 1 and with krb5: request1 => BSRSPYL seqnum: 0 response1 => <SIGNATURE> seqnum: 1 metze
2008-09-23libcli/raw: real signing starts at seqnumber 2Stefan Metzmacher1-0/+1
metze
2008-09-23libcli/raw: in SMB_SIGNING_ENGINE_BSRSPYL state it's ok to accept any signatureStefan Metzmacher1-0/+2
Even if signing is mandatory. With NTLMSSP this happens for the session setup: request1 => BSRSPYL response1 => BSRSPYL request2 => BSRSPYL response2 => <SIGNATURE> and with krb5: request1 => BSRSPYL response1 => <SIGNATURE> metze
2008-09-23libcli/raw: give the caller the chance to do the signing checks on its own.Stefan Metzmacher2-0/+10
metze
2008-09-23libcli/raw: give the caller the chance to prevent the talloc_free(req) in ↵Stefan Metzmacher2-1/+8
the _recv functions metze
2008-09-23s4-nbt: use ../libcli/nbtGünther Deschner6-10/+10
Guenther
2008-09-23s4-nbt: move libcli/nbt up one level.Günther Deschner8-3042/+0
Guenther
2008-09-23s4-nbt: merge some fixes from samba3 nbt helper.Günther Deschner2-24/+24
Guenther
2008-09-23s4-nbt: use private_data instead of private.Günther Deschner7-20/+20
Guenther
2008-09-23s4-nbt: remove unrequired include.Günther Deschner1-1/+0
Guenther
2008-09-23added FULL_EA_INFORMATION setea callAndrew Tridgell2-1/+20
2008-09-23fixed readonly handling in deltreeAndrew Tridgell2-1/+22
2008-09-22Remove unused parameter from decode_pw_buffer and fail on invalidAndrew Bartlett1-5/+9
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett
2008-09-19Add test for Sid.__repr__.Jelmer Vernooij1-0/+4
2008-09-18Generate with 1.3.36.Jelmer Vernooij5-37/+48
2008-09-18Implement __repr__ for Sid.Jelmer Vernooij1-2/+6
2008-09-16Remove more hand-written marshallers.Jelmer Vernooij1-0/+1
2008-09-06Make SMB signing work with Windows 2008 and kerberos.Andrew Bartlett1-4/+1
Pinched from b53e6387e30010509034835acf88b91b380ff44a by metze. Andrew Bartlett (This used to be commit d55602e23e7947462cb402b20b2d354b96aa7ba3)
2008-09-05Add a new error codeAndrew Bartlett2-0/+2
(This used to be commit b52fba5b2c63a24acbfc7e3e989c16b691d98162)
2008-08-27Add definition for NT_STATUS_DOWNGRADE_DETECTEDAndrew Bartlett2-0/+2
(This used to be commit f6e227b72bb56d12cb270d76f7f458136c4ca160)
2008-08-25Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett1-0/+15
(This used to be commit a555334db67527b57bc6172e3d08f65caf1e6760)
2008-08-21Don't walk past the end of ldb values.Andrew Bartlett1-0/+15
This is a partial fix towards bugs due to us walking past the end of what we think are strings in ldb. There is much more work to do in this area. Andrew Bartlett (This used to be commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2)
2008-08-15Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett5-28/+41
(This used to be commit b337369d5c86b37d93ee1c62880068e14d6c09f6)
2008-08-14libcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASKStefan Metzmacher1-1/+3
SMB2 returns NOT_SUPPORTED to some more NTCREATE_OPTIONS. metze (This used to be commit 3ea08d430370717463ffab44fed9c42db1002d97)
2008-08-14libcli/raw: fix the special NTCREATE_OPTIONS_*_MASK valuesStefan Metzmacher1-7/+20
We now reuse ignored values for the ntvfs backend private flags. metze (This used to be commit 14eda93aeface307e1ffd1ea012d8f236fa78290)
2008-08-14libcli/smb2: use smb2 signing in auto mode if the server supports itStefan Metzmacher1-1/+7
metze (This used to be commit fe74faf13dc64eaa58d757de156aedcb24abed1f)
2008-08-14libcli/smb2: we don't need check the same thing twice...Stefan Metzmacher1-6/+0
metze (This used to be commit 1380fb954a7d9d4b543c4650a060fef9f357af7b)
2008-08-14libcli/smb2: async replies with STATUS_PENDING are not signedStefan Metzmacher1-13/+11
metze (This used to be commit 3f6cbece4a199a42ad6583ea4bd4302629399625)
2008-08-13Rework the trustAuthInOutBlob with the help of a hand parser.Andrew Bartlett3-0/+215
This produces a C structure that is sane, while still parsing the wire blobs (as far as I can tell). Andrew Bartlett (This used to be commit b5dbe815e5dd3f865c7735bc76e02017a869f09b)
2008-07-28libcli/smb2: the session key for SMB2 signing is truncated to 16 bytesStefan Metzmacher2-7/+6
To make that work (as a client) with aes128 and aes256 krb5 keys we need to use gsskrb5_get_subkey(). metze (This used to be commit 0c6d988f2083067e1ac7b07a492f88cefd3ba906)
2008-07-28libcli/smb2: fix per session signing stateStefan Metzmacher4-17/+12
metze (This used to be commit 8bc12dc77a59e792830d96e84a4e8d1b2c651505)
2008-07-28libcli/smb2: sign SMB2 Logoff requestsStefan Metzmacher1-0/+2
metze (This used to be commit 35ee165b146b9157b0cff49e1139a0cb37d98926)
2008-07-18More 'must be ignored' options from the MS-SMB doc.Andrew Bartlett1-20/+26
Also in particular the 'sync' flags (which Samba has traditionally ignored). Thanks to Olivier Salamin <olivier.salamin@gmail.com> for pointing out more flags that needed to be handled. Andrew Bartlett (This used to be commit 370bb39cd79fe49efd36a1ceb3e896d386e6d3ce)
2008-07-16Ignore and handle more NT Create & X options.Andrew Bartlett1-3/+8
The MS-SMB document explains that some of these options should be ignored. The test proves it. /* Must be ignored by the server, per MS-SMB 2.2.8 */ /* Must be ignored by the server, per MS-SMB 2.2.8 */ If we implement HSM in samba4 (likely) we should honour this bit. /* Don't pull this file off tape in a HSM system */ Andrew Bartlett (This used to be commit 502739ff90d56d2c9aabe8e224317f6ceb175c17)
2008-07-15Make up a full hostname for ldapi connections.Andrew Bartlett1-2/+7
The DIGEST-MD5 SASL method requires a hostname, so provide one. Andrew Bartlett (This used to be commit edfb2ed1f22bc735af5a0c3d3ae6ab6771d28f2c)
2008-07-15Cleanup ldap_bind_sasl.Andrew Bartlett1-4/+3
With these changes, we don't leak the LDAP socket, and don't reset all credentials feature flags, just the ones we are actually incompatible with. Andrew Bartlett (This used to be commit 72e52a301102941c41ab423e0212fe9a1aed0405)
2008-07-07libcli/raw: remove unused smb_raw_max_trans_data() functionStefan Metzmacher1-12/+0
metze (This used to be commit d235ce673705641e06b4ad5f5679e146b59a19e1)
2008-07-07libcli/raw: make multi fragmented nttrans requests possibleStefan Metzmacher1-17/+178
metze (This used to be commit a6aa055097313975299f214d8ebe8d45aa51d10a)
2008-07-07libcli/raw: trans(2) setup count is uint8_tStefan Metzmacher1-4/+6
metze (This used to be commit 48ccb51caf7976ec07c8a9bfc1afd3076bf4ee22)
2008-07-07libcli/raw: remove unused smbcli_request_receive_more() functionStefan Metzmacher1-13/+0
metze (This used to be commit e1d81388fcabba9a947ed0be9ccae875e2b19135)
2008-07-07libcli/raw: use the new recv_helper infrastructure for trans/trans2 repliesStefan Metzmacher1-184/+313
metze (This used to be commit ec67c61b6a82e4f39a15f37a98ae3fe93bb81316)
2008-07-07libcli/raw: use the new recv_helper infrastructure for nttrans repliesStefan Metzmacher1-102/+145
metze (This used to be commit 5bf136e233e26b4372155f494bae5118ef777a76)
2008-07-07libcli/raw: add a recv_helper hook infrastructureStefan Metzmacher2-1/+23
The recv helper will be called when a response comes and the recv helper can decide to let the request on the SMBCLI_REQUEST_RECV when more reponse packets are expected. It's up to the helper function to keep a reference to the in buffers, each incoming response overwrites req->in. metze (This used to be commit 6d84af89ba96627abe142ba7080c24ae2421ed6c)
2008-07-07libcli/raw: the nttrans setup count is only 8-bitStefan Metzmacher1-1/+1
metze (This used to be commit a65599cc83a12ec61e5a6ba6ad9628619a0dc8a3)
2008-06-27pynbt: eliminate "initialization from incompatible pointer type" warningMichael Adam1-1/+1
by fixing the signature of py_nbt_node_init(). Jelmer - please check! Michael (This used to be commit a7ee17a10f330297dc4d9d15499276b3985c7a51)
2008-06-17Use friendly NTSTATUS message in python code when possible.Jelmer Vernooij1-1/+1
(This used to be commit 09cf8c7dd82bb95e2f8782782286869654d96375)
2008-06-14Use a custom init function for samba4 that sets a samba4Simo Sorce2-2/+2
specific debug function. By default do not debug, this is the most appropriate action for a library as we cannot assume what stderr is use for in the main app. The main app is responsible to set ev_debug_stderr if they so desire. (This used to be commit e566a2f308ac6fb4b526a744f7059b565670aea5)