summaryrefslogtreecommitdiff
path: root/source4/libcli
AgeCommit message (Collapse)AuthorFilesLines
2013-09-20libcli: continue to read from the socket even if the size is 0Matthieu Patou1-1/+1
This is an issue found by Codenomicon, with a malicious packet with 0 bytes UDP payload we will continiously be looping trying to react from the socket event and continiously do nothing as we will bail out thinking that we had a memory allocation error. Original fix comes from Volker Lendecke <vl@samba.org> Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Sep 20 04:46:47 CEST 2013 on sn-devel-104
2013-09-18Prepare for SASL/EXTERNAL supportHoward Chu1-2/+11
Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2013-08-23libsmb2: Fix opening the rootdirectory, part 1Volker Lendecke1-0/+15
[MS-SMB2], 2.2.13 says: In the request, the Buffer field MUST be at least one byte in length. Implement that for the 0-length filename without create blobs. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-15libcli/smb: pass max_dyn_len to smb2cli_req_send()Stefan Metzmacher1-3/+6
This way we can calculate the correct credit charge for requests with large output buffers. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-12libcli: Fix improper use of tevent_req_simple_recv_ntstatusVolker Lendecke1-6/+10
tevent_req_simple_recv_ntstatus is just for the simple return without anything to do after it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12s4:libcli: avoid talloc_reference() in finddcs_nbt_send()Stefan Metzmacher1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10auth/gensec: introduce gensec_internal.hStefan Metzmacher1-0/+1
We should treat most gensec related structures private. It's a long way, but this is a start. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05Fix bug #10010 - Missing integer wrap protection in EA list reading can ↵Jeremy Allison1-2/+5
cause server to loop with DOS. Fix client-side parsing also. Found by David Disseldorp <ddiss@suse.de> Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Aug 5 14:39:04 CEST 2013 on sn-devel-104
2013-06-19build: Build with system md5.h on OpenIndianaAndrew Bartlett1-2/+2
This changes (again...) our system md5 detection to cope with how OpenIndiana does md5. I'm becoming increasingly convinced this isn't worth our while (we should have just done samba_md5...), but for now this change seems to work on FreeBSD, OpenIndiana and Linux with libbsd. This needs us to rename struct MD5Context -> MD5_CTX, but we provide a config.h define to rename the type bad if MD5_CTX does not exist (it does however exist in the md5.h from libbsd). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-04-30libsmb: Use sizeof instead of explicit numbersVolker Lendecke1-6/+6
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Apr 30 16:02:19 CEST 2013 on sn-devel-104
2013-04-30libsmb: Use smb2_lease_push in smb2_create_sendVolker Lendecke1-12/+10
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-04-30libsmb: Move "struct smb2_lease" to commonVolker Lendecke1-17/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-04-24source4/libcli: Only set ctemp set on successSam Lang1-7/+8
If open fails ctemp.out.name probably won't be valid and strdup will cause a segv. Only set the path if open succeeds. Signed-off-by: Sam Lang <sam.lang@inktank.com> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 24 23:58:44 CEST 2013 on sn-devel-104
2013-04-18s4:torture/smb2: add smb2_lease_v2_create_share() helperStefan Metzmacher1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-04-18s4:libcli/smb2: add support for SMB2 LEASES v2Stefan Metzmacher2-6/+49
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-02-22s4-libcli: Check return value of smbcli_request_setup().Andreas Schneider3-0/+15
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2013-02-22s4-libcli: Check return code of smbcli_request_setup().Andreas Schneider1-0/+3
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2013-02-22s4-libcli: Add null check for ndr functions in rap.Andreas Schneider1-0/+8
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2013-02-17s4-nbt: Ensure source4/ nbt client and server honour 'disable netbios'Andrew Bartlett1-2/+6
Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Feb 17 11:25:34 CET 2013 on sn-devel-104
2013-02-17Fallback to the internal resolver on EAI_FAIL.Landon Fuller1-1/+3
On Linux, non-RFC 1034-complaint names (such as gc._msdsc.example.org) will result in the resolver returning the non-POSIX EAI_NODATA. In that case, the case statement here would fall back on the internal resolver, allowing resolution to complete successfully. On FreeBSD, the libc resolver uses the same validation code, but the POSIX result of EAI_FAIL is returned instead of EAI_NODATA. Since there was no case for this error code, no fallback to the internal resolver would occur. This led to replication failing on FreeBSD. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Feb 17 07:06:36 CET 2013 on sn-devel-104
2013-01-16smb2_ioctl: remove ioctl error response assumptionsDavid Disseldorp1-3/+34
MS-SMB2 3.3.4.4 documents cases where a ntstatus indicating an error should not be considered a failure. In such a case the output data buffer should be sent to the client rather than an error response packet. Add a new fsctl copy_chunk test to confirm field limits are sent back in response to an oversize chunk request. Reviewed by: Jeremy Allison <jra@samba.org>
2013-01-12s4-resolve: Fix parsing of IPv6/AAAA in dns_lookup (bug #9555)Arvid Requate1-0/+1
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21s4-libcli: Use a do-while loop.Andreas Schneider1-3/+3
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-12s4-libcli: Fix comparison of chosen_oid.Andreas Schneider1-1/+1
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-02s4:libcli/finddcs_cldap: allow io->in.server_address as hostnameStefan Metzmacher1-3/+58
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-12-02s4:libcli/finddcs_cldap: try all NBT#1C addressesStefan Metzmacher1-12/+8
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-13smbd: Remove NT4 compatability handling in posix -> NT ACL conversionAndrew Bartlett1-3/+4
NT4 is long dead, and we should not change which ACL we return based on what we think the client is. The reason we should not do this, is that if we are using vfs_acl_xattr then the hash will break if we do. Additionally, it would require that the python VFS interface set the global remote_arch to fake up being a modern client. This instead seems cleaner and removes untested code (the tests are updated to then handle the results of the modern codepath). The supporting 'acl compatability' parameter is also removed. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
2012-11-01s4-ldapclient: cope with logon failure retry in LDAPAndrew Tridgell1-37/+79
similar to what was done for rpc and cifs, we now retry once on logon failure for ldap, allowing for a new ticket to be fetched when a server password changes while we have a valid ticket for the old password Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2012-11-01libcli: use cli_credentials_failed_kerberos_login() to cope with server changesAndrew Tridgell1-2/+15
if a server changes while we have a valid ticket we want to retry after removing the ccache entry. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2012-09-19s4:libci: add a SMB2_CREATE_APP_INSTANCE_ID blob to the request if the ↵Michael Adam1-0/+25
in.app_instance_id is present
2012-09-19s4:libcli: add a app_instance_id member to the smb2_create input structMichael Adam1-1/+3
2012-08-22s4:dsdb - always fail if a search filter could not be parsedMatthias Dieter Wallnöfer1-1/+5
A NULL string/expression returns the generic "(objectClass=*)" filter Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-17s4:libcli/smb2: reset trsnport->compound.related when a compound chain is ↵Stefan Metzmacher1-0/+1
finished metze
2012-08-10build: rename security → samba-securityBjörn Jacke1-3/+3
there is a libsecurity on OSF1 which clasheѕ with our security lib. see bug #9023. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 10 14:22:21 CEST 2012 on sn-devel-104
2012-08-06s4:libcli/smb2/write correct error checkingChristian Ambach1-1/+1
Server might return STATUS_BUFFER_OVERFLOW, which is not caught by NT_STATUS_IS_ERR Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Mon Aug 6 20:01:01 CEST 2012 on sn-devel-104
2012-08-06s4:libcli/pyerrors: add PyErr_NTSTATUS_NOT_OK_RAISE()Stefan Metzmacher1-0/+6
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Aug 6 18:06:50 CEST 2012 on sn-devel-104
2012-08-06s4:libcli/pyerrors: s/PyErr_WERROR_IS_ERR_RAISE/PyErr_WERROR_NOT_OK_RAISE/Stefan Metzmacher1-1/+1
metze
2012-08-04s4:libcli: add support for SMB_EXTENDED_SIGNATURES during SMBtconXStefan Metzmacher3-0/+18
metze
2012-08-02s4:libcli: send the TCONX_FLAG_EXTENDED_RESPONSE flagStefan Metzmacher3-4/+4
metze
2012-08-01libcli/smb: move some TCON related defines to smb_constants.hStefan Metzmacher1-4/+0
metze
2012-08-01s4:libcli/raw: remove unused smbcli_session->user_session_keyStefan Metzmacher3-17/+0
metze
2012-08-01s4:libcli/smb_composite: make use of smb1cli_session_set_session_key()Stefan Metzmacher1-1/+17
metze
2012-08-01s4:libcli/smb_composite: always use set_user_session_key() helperStefan Metzmacher1-2/+6
metze
2012-07-25libcli/smb: pass smbXcli_session to smb2cli_tcon_set_values()Stefan Metzmacher1-0/+1
metze
2012-07-25s4:libcli/smb2: remove unused smb2_session->pidStefan Metzmacher3-4/+0
metze
2012-07-25s4:libcli/smb2: remove unused variableStefan Metzmacher1-2/+0
metze
2012-07-25libcli/smb: there's no PID field in the SMB2/3 header anymoreStefan Metzmacher1-4/+0
It's a reserved field... metze
2012-07-25libcli/smb: pass smbXcli_tcon to smb2cli_req_create/send()Stefan Metzmacher1-4/+8
metze
2012-07-25s4:libcli/smb2: remove unused elements from smb2_treeStefan Metzmacher3-6/+0
metze
2012-07-24s4:libcli/smb2: setup a smbXcli_tcon for each smb2_treeStefan Metzmacher3-0/+16
metze