summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2008-09-24added the structure for LINK_INFORMATION setfileinfo callAndrew Tridgell1-0/+13
2008-09-24be friendlier in smb2_deltree to some of the SMB2 implementations thatAndrew Tridgell1-1/+1
don't handle SEC_FLAG_MAXIMUM_ALLOWED
2008-09-24fixed uninitialised variable bugAndrew Tridgell1-0/+1
2008-09-24Merge branch 'master' of ssh://git.samba.org/data/git/samba into cryptoJelmer Vernooij2-9/+13
2008-09-24Move source4/lib/crypto to lib/crypto.Jelmer Vernooij4-4/+4
2008-09-24Fix nasty bug that would come up only if a client connection to a remoteSimo Sorce2-9/+13
ldap server suddenly dies. We were creating a wrong talloc hierarchy, so the event.fde was not freed automatically as expected. This in turn made the event system call the ldap io handlers with a null packet structure, causing a segfault. Fix also the ordering in ldap_connection_dead() Thanks to Metze for the huge help in tracking down this one.
2008-09-24s4:libcli/smb_composite: we only check the signature when the server return OKStefan Metzmacher1-0/+9
We need to manually free the request, otherwise the timeout handler is triggered later. metze
2008-09-24s3: fix merged_build.Günther Deschner1-6/+6
Guenther
2008-09-24s4: remove autogeneration of libcli/netlogon protos.Günther Deschner1-6/+0
we do need to have them around for samba3. Guenther
2008-09-23s4-nbt: use moved libcli netlogon helpers.Günther Deschner3-6/+6
Guenther
2008-09-23s4-libcli: move nbt/netlogon helper functions up one level.Günther Deschner3-502/+0
Guenther
2008-09-23fixed problem with ACLs with an empty DACL listAndrew Tridgell1-1/+14
2008-09-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaAndrew Tridgell20-3086/+101
2008-09-23libcli/smb_composite: for spnego session setups check the smb signature manuallyStefan Metzmacher1-23/+57
We need to start signing when we got NT_STATUS_OK from the server and manually check the signature of the servers response. This is needed as the response might be signed with the krb5 acceptor subkey, which comes within the server response. With NTLMSSP this happens for the session setup: request1 => BSRSPYL seqnum: 0 response1 => BSRSPYL seqnum: 0 request2 => BSRSPYL seqnum: 0 response2 => <SIGNATURE> seqnum: 1 and with krb5: request1 => BSRSPYL seqnum: 0 response1 => <SIGNATURE> seqnum: 1 metze
2008-09-23libcli/raw: real signing starts at seqnumber 2Stefan Metzmacher1-0/+1
metze
2008-09-23libcli/raw: in SMB_SIGNING_ENGINE_BSRSPYL state it's ok to accept any signatureStefan Metzmacher1-0/+2
Even if signing is mandatory. With NTLMSSP this happens for the session setup: request1 => BSRSPYL response1 => BSRSPYL request2 => BSRSPYL response2 => <SIGNATURE> and with krb5: request1 => BSRSPYL response1 => <SIGNATURE> metze
2008-09-23libcli/raw: give the caller the chance to do the signing checks on its own.Stefan Metzmacher2-0/+10
metze
2008-09-23libcli/raw: give the caller the chance to prevent the talloc_free(req) in ↵Stefan Metzmacher2-1/+8
the _recv functions metze
2008-09-23s4-nbt: use ../libcli/nbtGünther Deschner6-10/+10
Guenther
2008-09-23s4-nbt: move libcli/nbt up one level.Günther Deschner8-3042/+0
Guenther
2008-09-23s4-nbt: merge some fixes from samba3 nbt helper.Günther Deschner2-24/+24
Guenther
2008-09-23s4-nbt: use private_data instead of private.Günther Deschner7-20/+20
Guenther
2008-09-23s4-nbt: remove unrequired include.Günther Deschner1-1/+0
Guenther
2008-09-23added FULL_EA_INFORMATION setea callAndrew Tridgell2-1/+20
2008-09-23fixed readonly handling in deltreeAndrew Tridgell2-1/+22
2008-09-22Remove unused parameter from decode_pw_buffer and fail on invalidAndrew Bartlett1-5/+9
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett
2008-09-19Add test for Sid.__repr__.Jelmer Vernooij1-0/+4
2008-09-18Generate with 1.3.36.Jelmer Vernooij5-37/+48
2008-09-18Implement __repr__ for Sid.Jelmer Vernooij1-2/+6
2008-09-16Remove more hand-written marshallers.Jelmer Vernooij1-0/+1
2008-09-06Make SMB signing work with Windows 2008 and kerberos.Andrew Bartlett1-4/+1
Pinched from b53e6387e30010509034835acf88b91b380ff44a by metze. Andrew Bartlett (This used to be commit d55602e23e7947462cb402b20b2d354b96aa7ba3)
2008-09-05Add a new error codeAndrew Bartlett2-0/+2
(This used to be commit b52fba5b2c63a24acbfc7e3e989c16b691d98162)
2008-08-27Add definition for NT_STATUS_DOWNGRADE_DETECTEDAndrew Bartlett2-0/+2
(This used to be commit f6e227b72bb56d12cb270d76f7f458136c4ca160)
2008-08-25Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett1-0/+15
(This used to be commit a555334db67527b57bc6172e3d08f65caf1e6760)
2008-08-21Don't walk past the end of ldb values.Andrew Bartlett1-0/+15
This is a partial fix towards bugs due to us walking past the end of what we think are strings in ldb. There is much more work to do in this area. Andrew Bartlett (This used to be commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2)
2008-08-15Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett5-28/+41
(This used to be commit b337369d5c86b37d93ee1c62880068e14d6c09f6)
2008-08-14libcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASKStefan Metzmacher1-1/+3
SMB2 returns NOT_SUPPORTED to some more NTCREATE_OPTIONS. metze (This used to be commit 3ea08d430370717463ffab44fed9c42db1002d97)
2008-08-14libcli/raw: fix the special NTCREATE_OPTIONS_*_MASK valuesStefan Metzmacher1-7/+20
We now reuse ignored values for the ntvfs backend private flags. metze (This used to be commit 14eda93aeface307e1ffd1ea012d8f236fa78290)
2008-08-14libcli/smb2: use smb2 signing in auto mode if the server supports itStefan Metzmacher1-1/+7
metze (This used to be commit fe74faf13dc64eaa58d757de156aedcb24abed1f)
2008-08-14libcli/smb2: we don't need check the same thing twice...Stefan Metzmacher1-6/+0
metze (This used to be commit 1380fb954a7d9d4b543c4650a060fef9f357af7b)
2008-08-14libcli/smb2: async replies with STATUS_PENDING are not signedStefan Metzmacher1-13/+11
metze (This used to be commit 3f6cbece4a199a42ad6583ea4bd4302629399625)
2008-08-13Rework the trustAuthInOutBlob with the help of a hand parser.Andrew Bartlett3-0/+215
This produces a C structure that is sane, while still parsing the wire blobs (as far as I can tell). Andrew Bartlett (This used to be commit b5dbe815e5dd3f865c7735bc76e02017a869f09b)
2008-07-28libcli/smb2: the session key for SMB2 signing is truncated to 16 bytesStefan Metzmacher2-7/+6
To make that work (as a client) with aes128 and aes256 krb5 keys we need to use gsskrb5_get_subkey(). metze (This used to be commit 0c6d988f2083067e1ac7b07a492f88cefd3ba906)
2008-07-28libcli/smb2: fix per session signing stateStefan Metzmacher4-17/+12
metze (This used to be commit 8bc12dc77a59e792830d96e84a4e8d1b2c651505)
2008-07-28libcli/smb2: sign SMB2 Logoff requestsStefan Metzmacher1-0/+2
metze (This used to be commit 35ee165b146b9157b0cff49e1139a0cb37d98926)
2008-07-18More 'must be ignored' options from the MS-SMB doc.Andrew Bartlett1-20/+26
Also in particular the 'sync' flags (which Samba has traditionally ignored). Thanks to Olivier Salamin <olivier.salamin@gmail.com> for pointing out more flags that needed to be handled. Andrew Bartlett (This used to be commit 370bb39cd79fe49efd36a1ceb3e896d386e6d3ce)
2008-07-16Ignore and handle more NT Create & X options.Andrew Bartlett1-3/+8
The MS-SMB document explains that some of these options should be ignored. The test proves it. /* Must be ignored by the server, per MS-SMB 2.2.8 */ /* Must be ignored by the server, per MS-SMB 2.2.8 */ If we implement HSM in samba4 (likely) we should honour this bit. /* Don't pull this file off tape in a HSM system */ Andrew Bartlett (This used to be commit 502739ff90d56d2c9aabe8e224317f6ceb175c17)
2008-07-15Make up a full hostname for ldapi connections.Andrew Bartlett1-2/+7
The DIGEST-MD5 SASL method requires a hostname, so provide one. Andrew Bartlett (This used to be commit edfb2ed1f22bc735af5a0c3d3ae6ab6771d28f2c)
2008-07-15Cleanup ldap_bind_sasl.Andrew Bartlett1-4/+3
With these changes, we don't leak the LDAP socket, and don't reset all credentials feature flags, just the ones we are actually incompatible with. Andrew Bartlett (This used to be commit 72e52a301102941c41ab423e0212fe9a1aed0405)
2008-07-07libcli/raw: remove unused smb_raw_max_trans_data() functionStefan Metzmacher1-12/+0
metze (This used to be commit d235ce673705641e06b4ad5f5679e146b59a19e1)