summaryrefslogtreecommitdiffstats
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
* libcli: Add smb2_lease marshallingVolker Lendecke2013-04-303-0/+94
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libsmb: Move "struct smb2_lease" to commonVolker Lendecke2013-04-303-0/+45
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/smb: add SMB2_LEASE_FLAG_* definesStefan Metzmacher2013-04-181-0/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* schannel_store.tdb: make it schannel_store.ntdb if 'use ntdb'.Rusty Russell2013-04-121-1/+1
| | | | | Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/auth: convert to dbwrap.Rusty Russell2013-04-123-39/+37
| | | | | Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add a comment about why we are removing the INHERITED bit so people understand.Richard Sharpe2013-04-021-0/+9
| | | | | | | | Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Apr 2 20:05:13 CEST 2013 on sn-devel-104
* Make sure that we only propogate the INHERITED flag when we are allowed to.Richard Sharpe2013-03-281-1/+2
| | | | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Mar 28 19:43:41 CET 2013 on sn-devel-104
* libcli/auth: avoid using transactions a chainlock is enoughStefan Metzmacher2013-03-281-10/+26
| | | | | | | | | | | | | We're just writting a single record into a CLEAR_IF_FIRST|TDB_NOSYNC tdb. We just need to make sure we lock the record between reading and writting. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Mar 28 14:52:14 CET 2013 on sn-devel-104
* libcli/smb: smb1cli_inbuf_parse_chain() and smb1cli_conn_dispatch_incoming() ↵Jeremy Allison2013-03-201-2/+2
| | | | | | | | | | should use smb_len_tcp. They have to cope with large READX call replies that have a length greater than smb_len_nbt() can handle. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/smb: defer failing for missing NEGOTIATE_SECURITY_SIGNATURES_ENABLEDStefan Metzmacher2013-03-201-0/+9
| | | | | | | | Windows servers take a look at the FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED flag during a session setup and turn on signing if the client requires it. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: add SMB_CAP_LEGACY_CLIENT_MASK defineStefan Metzmacher2013-03-201-0/+10
| | | | | | | | | Older Samba releases (<= 3.6.x) expect the client to send CAP_LARGE_READX in order to let the client use large reads. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Move python modules from source4/scripting/python/ to python/.Jelmer Vernooij2013-03-021-1/+1
| | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 2 03:57:34 CET 2013 on sn-devel-104
* Fix bug #9674 - Samba denies owner Read Control when there is a DENY entry ↵Richard Sharpe2013-02-231-3/+3
| | | | | | | | | | while W2K08 does not. Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Feb 23 19:28:15 CET 2013 on sn-devel-104
* libcli/smb: make use of samba_tevent_context_init()Stefan Metzmacher2013-02-1914-15/+15
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/cldap: make use of samba_tevent_context_init()Stefan Metzmacher2013-02-191-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Add new function smbXcli_session_copy(), to be used when creating compound ↵Jeremy Allison2013-01-302-0/+29
| | | | | | | | | | SMB2 requests. Copies the signing state needed to make client compound requests work on signed connections. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
* libcli/security: calculate INHERIT_ONLY correcty for AUDIT and ALARM aces ↵Stefan Metzmacher2013-01-271-4/+16
| | | | | | | (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: fix void function cannot return value errorAndrew Bartlett2013-01-221-2/+2
| | | | | | | Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 22 22:32:31 CET 2013 on sn-devel-104
* libcli-acl: add documentationMatthieu Patou2013-01-221-1/+19
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* security: Add documentationMatthieu Patou2013-01-211-0/+9
| | | | | | | Names seems to be a bit cryptic and misleading (at least for me). So documenting them should remove at least partially this problem. Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli-security: Add documentation for object_tree_modify_accessMatthieu Patou2013-01-211-2/+12
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: remove useless if (root->num_of_children > 0) statementsAndrew Bartlett2013-01-211-8/+4
| | | | | | | | | | The for loop does this implicitly when comparing for (i = 0; i < root->num_of_children; i++) Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: add init_mask to existing children in insert_in_object_treeStefan Metzmacher2013-01-211-0/+1
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: handle node initialisation in one spot in ↵Andrew Bartlett2013-01-212-38/+37
| | | | | | | | | | | | | | | | | | | | | | | insert_in_object_tree() This removes special-case for initalising the children array in insert_in_object_tree(). talloc_realloc() handles the intial allocate case perfectly well, so there is no need to have this duplicated. This also restores having just one place were the rest of the elements are intialised, to ensure uniform behaviour. To do this, we have to rework insert_in_object_tree to have only one output variable, both because having both root and new_node as output variables was too confusing, and because otherwise the two pointers were being allowed to point at the same memory. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: avoid usage of dom_sid_parse_talloc() in sec_access_check_ds()Stefan Metzmacher2013-01-211-8/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: simplify get_ace_object_type()Stefan Metzmacher2013-01-211-8/+4
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: fix formating in access_check.cStefan Metzmacher2013-01-211-8/+12
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: fix whitespaces in access_check.cStefan Metzmacher2013-01-211-98/+100
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: don't look at the inherited type in get_ace_object_type()Stefan Metzmacher2013-01-171-2/+0
| | | | | | | | The inherited_type is only used to decide if aces should be inherited effectively or not (INHERIT_ONLY) for the specified object. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net>
* smb2_ioctl: split ioctl handler code on device typeDavid Disseldorp2013-01-161-0/+2
| | | | | | | Add per device type ioctl handler source files for FSCTL_DFS, FSCTL_FILESYSTEM, FSCTL_NAMED_PIPE and FSCTL_NETWORK_FILESYSTEM. Reviewed by: Jeremy Allison <jra@samba.org>
* libcli/security: Ensure to fill in remaining_access for the initial case ↵Andrew Bartlett2013-01-151-0/+1
| | | | | | | | | | | | (bug #9554 - CVE-2013-0172) It is critically important that we initialise this element as otherwise all access is permitted. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a75805490d96a85786287f5d0522dd7671d6816e)
* libcli: Fix smb2cli_ioctl_send() if clause.Andreas Schneider2012-12-211-1/+1
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* libcli: Check schannel state return value of tdb_transaction_commit().Andreas Schneider2012-12-211-1/+5
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* libcli/auth: add netlogon_creds_encrypt_samlogon_validation().Günther Deschner2012-12-152-6/+44
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: rename netlogon_creds_decrypt_samlogon() to ↵Günther Deschner2012-12-152-6/+9
| | | | | | | | | netlogon_creds_decrypt_samlogon_validation(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: calculate the correct inherited_object GUIDStefan Metzmacher2012-12-111-1/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/security: implement object_in_list()Stefan Metzmacher2012-12-111-2/+23
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().Günther Deschner2012-12-091-0/+14
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: remove trailing whitespace.Günther Deschner2012-12-091-38/+38
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.Günther Deschner2012-12-092-0/+30
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/security: remove duplicate aces in se_create_child_secdesc()Stefan Metzmacher2012-12-021-0/+34
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Fix Bug 9422 - large read requests cause server to issue malformed replyVolker Lendecke2012-11-301-1/+1
| | | | | | | Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Nov 30 03:27:07 CET 2012 on sn-devel-104
* libcli/smb: add smbXcli_session_set_disconnect_expired() (bug #9175)Stefan Metzmacher2012-11-012-0/+35
| | | | | | | | This should be a short term hack until the upper layers have implemented re-authentication. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209)Stefan Metzmacher2012-10-271-1/+1
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104
* libcli/dns: Time out requests after a whileKai Blin2012-10-161-0/+8
| | | | | | | | | | | | Time out UDP requests after DNS_REQUEST_TIMEOUT seconds. Currently set to 2 seconds. This should fix bug #8878. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 16 12:58:32 CEST 2012 on sn-devel-104
* libcli/smb: add smb1cli_echo*Stefan Metzmacher2012-09-293-0/+181
| | | | metze
* libcli/smb: add smb2cli_echo*Stefan Metzmacher2012-09-293-0/+130
| | | | metze
* libcli/smb: use an explicit TALLOC_FREE(subreq) in smb2cli_*Stefan Metzmacher2012-09-299-0/+9
| | | | metze
* Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash.Jeremy Allison2012-09-271-3/+2
| | | | | | | | | | Ensure we correctly protect against blobs with data_offset==0 and data_length != 0. Jeremy. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104
* libcli/echo: validate the message lengthStefan Metzmacher2012-09-221-0/+5
| | | | metze