summaryrefslogtreecommitdiffstats
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
* libcli/auth: only expose creds to the caller on successStefan Metzmacher2011-11-031-3/+4
| | | | metze
* libcli/auth: debug the given computer name creds might be NULLStefan Metzmacher2011-11-031-1/+1
| | | | metze
* libcli/auth: let spnego_write_mech_types() check the asn1_load() returnStefan Metzmacher2011-09-281-0/+4
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Dec 7 18:23:41 CET 2010 on sn-devel-104
* Fix a valgrind errorVolker Lendecke2011-01-051-2/+4
| | | | | | | Thanks to Tridge for the hint. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Jan 2 10:58:51 CET 2011 on sn-devel-104
* Fix bug #7669.Jeremy Allison2010-09-152-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in Samba4). CVE-2010-3069: =========== Description =========== All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. A connection to a file share is needed to exploit this vulnerability, either authenticated or unauthenticated (guest connection). (cherry picked from commit a34c3e999bb1ea61da31c5b3e845b19663039358)
* s3-dcerpc: avoid talloc_move on schannel creds in ↵Günther Deschner2010-09-062-1/+47
| | | | | | | | | | | | | | | | | cli_rpc_pipe_open_schannel_with_key(). Initially, the schannel creds were talloc memduped, then, during the netlogon creds client merge (baf7274fed2f1ae7a9e3a57160bf5471566e636c) they were first talloc_referenced and then later (53765c81f726a8c056cc4e57004592dd489975c9) talloc_moved. The issue with using talloc_move here is that users of that function in winbind will only be able to have two schanneled connections, as the cached schannel credentials pointer from the netlogon pipe will be set to NULL. Do a deep copy of the struct instead. Guenther (cherry picked from commit 898c6123355a3a11ec17f0396c4cb3018c75c184)
* Fix what looks like a cut-and-paste error in our read_negTokenInit() function.Jeremy Allison2010-05-251-4/+4
| | | | | | | | | | | | | We should never be calling asn1_push_XXX functions inside an asn1 reading function. Change asn1_push_tag() -> asn1_start_tag() and asn1_pop_tag() -> asn1_end_tag(). This allows us to connect to a NetApp filer at the Microsoft plugfest. Andrew PLEASE CHECK ! Jeremy. Fix bug #7449 (spnego data mis-parsed - returns incorrect mechListMIC string).
* Simplify E_md5hash a bitVolker Lendecke2010-01-251-6/+2
|
* w32err: WERR_DOMAIN_CONTROLLER_NOT_FOUND error value fixedKamen Mazdrashki2009-10-021-1/+1
| | | | | Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> (cherry picked from commit e66911390005f377196d49dffb06cd4ae25ddc5f)
* w32err: FRS_ group of errors replaced with numeric valuesKamen Mazdrashki2009-10-021-3/+3
| | | | | Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> (cherry picked from commit 0e64fcb18f22f31b9004e43f701ea109cef6075d)
* w32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUNDKamen Mazdrashki2009-10-022-3/+3
| | | | | | | | It turns out in win32 ERROR_DC_NOT_FOUND exists and it is an error for Device Context (DC), not Domain Controller Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> (cherry picked from commit d9994a604bd51949a9869927bdc2cb512fba9171)
* w32err: WERR_USER_EXISTS replace with WERR_USEREXISTS nameKamen Mazdrashki2009-10-022-3/+3
| | | | | | | | | | In Win32 we have NERR_UserExists which maps to WERR_USER_EXISTS currently and there is ERROR_USER_EXISTS which maps to WERR_USER_ALREADY_EXISTS Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> (cherry picked from commit 948cd70bad6600a4e4e1493469efc0ccd9399c18)
* w32err: WERR_GROUP_NOT_FOUND renamed to WERR_GROUPNOTFOUNDKamen Mazdrashki2009-10-022-2/+2
| | | | | | | | | | In Win 32 we have NERR_GroupNotFound which maps to WERR_GROUP_NOT_FOUND currently and we have ERROR_GROUP_NOT_FOUND which maps to nothing, so it is to be added Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> (cherry picked from commit 0e1840b84a892d31cbc45191b2965db5c931670b)
* w32err: Importing auto-generated Win32 errors and descriptionsKamen Mazdrashki2009-10-022-1/+7222
| | | | | | | | | | Error codes and their descriptions are generated using w32err_code.py script. Error are downloaded from MS site: http://msdn.microsoft.com/en-us/library/cc231199%28PROT.10%29.aspx Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> (cherry picked from commit 1f2490e7d8b5a64caf75143041ce07bd2968839e)
* Initial implementation of security descriptor creation in DSNadezhda Ivanova2009-09-202-0/+54
| | | | | TODO's: ACE sorting and clarifying the inheritance of object specific ace's.
* libcli:nbt move prototypes of lmhosts functions to libnbt.hAndrew Bartlett2009-09-191-1/+6
|
* libcli/named_pipe_auth: pass gssapi delegated credentials through the named pipeStefan Metzmacher2009-09-182-22/+32
| | | | metze
* util: use likely/unlikely for NT_STATUS_* macrosAndrew Tridgell2009-09-171-3/+3
|
* spnego: Support ASN.1 BIT STRING and use it in SPNEGO.Kouhei Sutou2009-09-172-8/+9
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* w32err: Set hex format values for all errorsKamen Mazdrashki2009-09-171-90/+90
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* w32err: Re-define errors with numeric valuesKamen Mazdrashki2009-09-171-46/+46
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* w32err: Sorting error codes in ascending orderKamen Mazdrashki2009-09-171-10/+8
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* w32err: NERR_ codes grouped togetherKamen Mazdrashki2009-09-171-9/+9
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* w32err: WERR_CLASS_NOT_REGISTERED updatedKamen Mazdrashki2009-09-172-2/+7
| | | | | | | Error code move to COM/OLE group. Error value changed to as REGDB_E_CLASSNOTREG in Windows Signed-off-by: Günther Deschner <gd@samba.org>
* spnego: add spnego_proto.h.Günther Deschner2009-09-172-1/+29
| | | | Guenther
* spnego: share spnego_parse.Günther Deschner2009-09-172-0/+477
| | | | Guenther
* libcli/auth: remove trailing whitespace.Günther Deschner2009-09-161-72/+72
| | | | Guenther
* Owner and group defaulting.Nadezhda Ivanova2009-09-162-1/+4
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: rewrite schannel sign/seal code to be more genericStefan Metzmacher2009-09-162-162/+156
| | | | | | This prepares support for HMAC-SHA256/AES. metze
* schannel: remove last traces of gensec.Günther Deschner2009-09-161-2/+0
| | | | Guenther
* schannel: fully share schannel sign/seal between s3 and 4.Günther Deschner2009-09-161-0/+1
| | | | Guenther
* schannel: move schannel_sign to main directory.Günther Deschner2009-09-163-0/+351
| | | | Guenther
* libcli:nbt put util_net.c protos in new header fileAndrew Bartlett2009-09-151-0/+1
| | | | | | | This fixed a very odd build problem due to util.h importing system/network.h being imported before the uid_wapper code. Andrew Bartlett
* libcli:nbt make the lmhosts parsing code and dependicies commonAndrew Bartlett2009-09-152-0/+206
| | | | | | This starts the process to have Samba4 use lmhosts. Andrew Bartlett
* s3-errors: add NT_STATUS_RPC_NT_PROCNUM_OUT_OF_RANGE.Günther Deschner2009-09-111-0/+1
| | | | Guenther
* libcli: added a drsuapi attribute encryption functionAndrew Tridgell2009-09-102-11/+78
|
* libcli:drsuapi Add function to encrypt data for transport over DRSUAPIAndrew Bartlett2009-09-101-0/+102
| | | | | | This is for the server side of the GetNCChanges call. Andrew Bartlett
* s3-nterr: add NT_STATUS_RPC_NT_CALL_FAILED.Günther Deschner2009-09-081-0/+1
| | | | Guenther
* s4: fix the build after ntlmssp header change.Günther Deschner2009-08-281-0/+1
| | | | Guenther
* libcli/auth: remove unused NTLMSSP_NAME_TYPE_ flags.Günther Deschner2009-08-282-8/+3
| | | | Guenther
* libcli/auth: add netlogon_creds_step_crypt() and netlogon_creds_first_step()Stefan Metzmacher2009-08-271-10/+21
| | | | | | | | | This abstracts the usage of crypto functions instead of directly calling des_crypt112(). metze Signed-off-by: Günther Deschner <gd@samba.org>
* libcli/auth: remove some useless linesStefan Metzmacher2009-08-271-3/+0
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* libcli/auth: remember schannel type in netlogon_creds_server_init()Stefan Metzmacher2009-08-271-0/+1
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* libcli/auth: add tdb backend for schannel state.Günther Deschner2009-08-273-0/+239
| | | | Guenther
* libcli/auth: move netlogon_creds_CredentialState out of libcli.Günther Deschner2009-08-272-13/+1
| | | | Guenther
* s4-schannel: add ldb suffix to schannel functions.Günther Deschner2009-08-272-33/+33
| | | | Guenther
* libcli/auth: rename schannel_state.c to schannel_state_ldb.c.Günther Deschner2009-08-272-14/+14
| | | | Guenther
* libcli/smb: add smb2_create_blob_find()Stefan Metzmacher2009-08-152-0/+23
| | | | metze
* libcli/smb: move smb2_create_blob code to libcli/smb/Stefan Metzmacher2009-08-124-0/+249
| | | | | | I want to use this in source3/smbd/ metze
* libcli: move some common SMB and SMB2 stuff into libcli/smb/Stefan Metzmacher2009-08-122-0/+202
| | | | | | This will hold code that's shared between source3 and source4. metze
generated by cgit (git 2.34.1) at 2025-08-28 22:11:28 +0000