summaryrefslogtreecommitdiffstats
path: root/source3/libsmb/cliconnect.c
Commit message (Collapse)AuthorAgeFilesLines
* s3: Remove unused "retry" from cli_start_connectionVolker Lendecke2010-12-201-11/+2
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Dec 20 17:58:33 CET 2010 on sn-devel-104
* s3: Remove unused "retry" from cli_full_connectionVolker Lendecke2010-12-201-5/+3
|
* s3-libsmb Improve error message when denying LM encryptionAndrew Bartlett2010-12-141-9/+9
| | | | | | | Now that 'client ntlmv2 auth = yes' is the default, make it more clear what options a user may need to enable to get this to work. Andrew Bartlett
* s3-libsmb Don't ever ask for machine$ principals as a target.Andrew Bartlett2010-12-101-30/+6
| | | | | | | | | | | | It is never correct to ask for a machine$ principal as the target of a kerberos connection. You should always connect via the servicePrincipalName. This current code appears to have built up from a series of minimal changes, as the codebase adapted the to lack of a SPNEGO principal from Windows 2008. Andrew Bartlett
* s3-libads Default to NOT using the server-supplied principal from SPNEGOAndrew Bartlett2010-12-101-3/+2
| | | | | | | | | | | | | | | | | This principal is not supplied by later versions of windows, and using it opens up some oportunities for man in the middle attacks. (Becuase it isn't the name being contacted that is verified with the KDC). This adds the option 'client use spnego principal' to the smb.conf (as used in Samba4) to control this behaivour. As in Samba4, this defaults to false. Against 2008 servers, this will not change behaviour. Against earlier servers, it may cause a downgrade to NTLMSSP more often, in environments where server names are not registered with the KDC as servicePrincipalName values. Andrew Bartlett
* Fix bug #7698 - Assert causes smbd to panic on invalid NetBIOS session request.Jeremy Allison2010-09-261-4/+11
| | | | | | | | | | | | | | Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid NetBIOS session request is received the code in name_len() in libsmb/nmblib.c can hit an assert. Re-write name_len() and name_extract() to use "buf/len" pairs and always limit reads. Jeremy.
* Fix bug 7694 - Crash bug with invalid SPNEGO token.Jeremy Allison2010-09-231-1/+2
| | | | | | | | | | | Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server as we indirect the first returned value OIDs[0], which is returned as NULL. Jeremy.
* s3-build: only include async headers where needed.Günther Deschner2010-09-201-0/+1
| | | | Guenther
* Fix array size of a memmber of struct cli_ulogoff_stateSumit Bose2010-09-171-1/+1
| | | | | | | The too small array makes UID-REGRESSION-FIX fail on 32bit architectures. Signed-off-by: Günther Deschner <gd@samba.org>
* Fox missing SMB_MALLOC return checks noticed by "Andreas Moroder ↵Jeremy Allison2010-09-091-0/+5
| | | | | | <andreas.moroder@gmx.net>". Jeremy.
* s3-build: only include krb5 environment variables where required.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* s3: Remove some pointless wrapper functionsVolker Lendecke2010-08-051-2/+2
|
* s3-popt: Only include popt-common.h when needed.Andreas Schneider2010-08-051-0/+1
|
* s3: avoid global include of ads.h.Günther Deschner2010-08-051-0/+1
| | | | Guenther
* Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL ↵Jeremy Allison2010-07-201-3/+3
| | | | | | contexts. Jeremy.
* Fix one more data_blob -> data_blob_talloc. Move away from implicit NULL ↵Jeremy Allison2010-07-201-2/+2
| | | | | | context tallocs. Jeremy.
* Add TALLOC_CTX argument to spnego_parse_negTokenInit, reduceJeremy Allison2010-07-201-1/+3
| | | | | | use of malloc, and data_blob(). Jeremy.
* Rename spnego_gen_negTokenTarg() -> spnego_gen_krb5_negTokenInit()Jeremy Allison2010-07-201-3/+3
| | | | | | as this correctly describes what this function does. Jeremy.
* Remove gen_negTokenInit() - change all callers to spnego_gen_negTokenInit().Jeremy Allison2010-07-191-1/+2
| | | | | | | We now have one function to do this in all calling code. More rationalization to follow. Jeremy.
* Remove parse_negTokenTarg(), as it's actually incorrect. We're processingJeremy Allison2010-07-191-1/+1
| | | | | | negTokenInit's here. Use common code in spnego_parse_negTokenInit(). Jeremy.
* s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it.Simo Sorce2010-07-191-3/+3
| | | | | | All the members are children of ntlmssp_state anyway. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett2010-05-311-1/+1
| | | | | | | | | The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store themStefan Metzmacher2010-03-241-1/+5
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: remove server_name from ntlmssp_state and fill the server.* ↵Stefan Metzmacher2010-03-241-1/+1
| | | | | | | | | | fields also for the client Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3: Explicitly handle inbuf in cli_negprot_doneVolker Lendecke2010-02-221-2/+3
|
* s3: Explicitly handle inbuf in cli_tcon_andx_doneVolker Lendecke2010-02-221-3/+6
|
* s3: Explicitly handle inbuf in cli_sesssetup_blob_doneVolker Lendecke2010-02-221-5/+4
|
* s3: Explicitly handle inbuf in cli_session_setup_guest_doneVolker Lendecke2010-02-221-5/+4
|
* s3: Add a talloc_move for the inbuf to cli_smb_recvVolker Lendecke2010-02-221-6/+10
|
* Fix bug #7079 - cliconnect gets realm wrong with trusted domains.Jeremy Allison2010-01-301-3/+22
| | | | | | | | | | | Passing NULL as dest_realm for cli_session_setup_spnego() was always using our own realm (as for a NetBIOS name). Change this to look for the mapped realm using krb5_get_host_realm() if the destination machine name is a DNS name (contains a '.'). Could get fancier with DNS name detection (length, etc.) but this will do for now. Jeremy.
* s3: Add CLI_FULL_CONNECTION_USE_CCACHEVolker Lendecke2010-01-241-0/+3
|
* s3: Add ccache use to cli_session_setup_ntlmsspVolker Lendecke2010-01-241-0/+4
|
* s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd ↵Tim Prouty2010-01-071-0/+5
| | | | with security=share
* s3: Convert cli_ulogoff to the async APIVolker Lendecke2010-01-031-14/+77
|
* s3: Convert cli_tdis to the async APIVolker Lendecke2010-01-031-13/+72
|
* s3: Fix some nonempty blank linesVolker Lendecke2010-01-031-14/+14
|
* s3: Remove some unused codeVolker Lendecke2010-01-031-95/+0
|
* s3: Convert cli_sesssetup_ntlmssp to the async APIVolker Lendecke2010-01-031-92/+196
|
* s3: Convert cli_session_setup_kerberos to the async APIVolker Lendecke2010-01-031-83/+285
| | | | | This is still cheated, acquiring the ticket is not async yet, but the SMB part is
* s3:ntlmssp: only include ntlmssp.h where actually neededAndrew Bartlett2009-12-221-0/+1
| | | | Andrew Bartlett
* s3: Fix an error case in cli_negprotVolker Lendecke2009-12-201-0/+1
|
* s3-kerberos: only use krb5 headers where required.Günther Deschner2009-11-271-0/+1
| | | | | | | This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther
* spnego: share spnego_parse.Günther Deschner2009-09-171-0/+1
| | | | Guenther
* s3:libsmb: Attempt to fix bug 6665Volker Lendecke2009-09-031-0/+6
| | | | | | Before the async libsmb rewrites, we sent tid==0 on negprot. With the rewrite, we send 0xffff. This *should* not matter, but this is one difference in the sniffs I see.
* s3/debug: make SPENGO OID list appear under one debug headerSteven Danneman2009-08-261-1/+4
|
* Fix bug #6419 - smbclient -L 127.0.0.1" displays "netbios name" instead of ↵Jeremy Allison2009-06-011-3/+26
| | | | | | | | "workgroup" Unify the handling of the sessionsetup parsing so we don't get different results when parsing a guest reply than an ntlmssp reply. Jeremy.
* s3: return proper error code in cli_smb_req_sendBo Yang2009-05-131-4/+15
| | | | Signed-off-by: Bo Yang <boyang@samba.org>
* Clean up assignments to iov_base, ensure it's always cast to void *. This ↵Jeremy Allison2009-05-121-2/+2
| | | | | | should quieten some warnings with picky compilers on the buildfarm. Jeremy.
* Make cli_tcon_andx chainableVolker Lendecke2009-05-071-15/+42
|
* Make cli_session_setup_guest chainableVolker Lendecke2009-05-071-9/+31
|
generated by cgit (git 2.34.1) at 2025-09-25 11:58:46 +0000