summaryrefslogtreecommitdiffstats
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
* smb2_ioctl: split ioctl handler code on device typeDavid Disseldorp2013-01-161-0/+2
| | | | | | | Add per device type ioctl handler source files for FSCTL_DFS, FSCTL_FILESYSTEM, FSCTL_NAMED_PIPE and FSCTL_NETWORK_FILESYSTEM. Reviewed by: Jeremy Allison <jra@samba.org>
* libcli/security: Ensure to fill in remaining_access for the initial case ↵Andrew Bartlett2013-01-151-0/+1
| | | | | | | | | | | | (bug #9554 - CVE-2013-0172) It is critically important that we initialise this element as otherwise all access is permitted. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a75805490d96a85786287f5d0522dd7671d6816e)
* libcli: Fix smb2cli_ioctl_send() if clause.Andreas Schneider2012-12-211-1/+1
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* libcli: Check schannel state return value of tdb_transaction_commit().Andreas Schneider2012-12-211-1/+5
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* libcli/auth: add netlogon_creds_encrypt_samlogon_validation().Günther Deschner2012-12-152-6/+44
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: rename netlogon_creds_decrypt_samlogon() to ↵Günther Deschner2012-12-152-6/+9
| | | | | | | | | netlogon_creds_decrypt_samlogon_validation(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: calculate the correct inherited_object GUIDStefan Metzmacher2012-12-111-1/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/security: implement object_in_list()Stefan Metzmacher2012-12-111-2/+23
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().Günther Deschner2012-12-091-0/+14
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: remove trailing whitespace.Günther Deschner2012-12-091-38/+38
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.Günther Deschner2012-12-092-0/+30
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/security: remove duplicate aces in se_create_child_secdesc()Stefan Metzmacher2012-12-021-0/+34
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Fix Bug 9422 - large read requests cause server to issue malformed replyVolker Lendecke2012-11-301-1/+1
| | | | | | | Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Nov 30 03:27:07 CET 2012 on sn-devel-104
* libcli/smb: add smbXcli_session_set_disconnect_expired() (bug #9175)Stefan Metzmacher2012-11-012-0/+35
| | | | | | | | This should be a short term hack until the upper layers have implemented re-authentication. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209)Stefan Metzmacher2012-10-271-1/+1
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104
* libcli/dns: Time out requests after a whileKai Blin2012-10-161-0/+8
| | | | | | | | | | | | Time out UDP requests after DNS_REQUEST_TIMEOUT seconds. Currently set to 2 seconds. This should fix bug #8878. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 16 12:58:32 CEST 2012 on sn-devel-104
* libcli/smb: add smb1cli_echo*Stefan Metzmacher2012-09-293-0/+181
| | | | metze
* libcli/smb: add smb2cli_echo*Stefan Metzmacher2012-09-293-0/+130
| | | | metze
* libcli/smb: use an explicit TALLOC_FREE(subreq) in smb2cli_*Stefan Metzmacher2012-09-299-0/+9
| | | | metze
* Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash.Jeremy Allison2012-09-271-3/+2
| | | | | | | | | | Ensure we correctly protect against blobs with data_offset==0 and data_length != 0. Jeremy. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104
* libcli/echo: validate the message lengthStefan Metzmacher2012-09-221-0/+5
| | | | metze
* libcli: add a define for the APP_INSTANCE_ID smb2 create contextMichael Adam2012-09-191-0/+1
|
* libcli/smb: fix padding in smb2_create_blob*Stefan Metzmacher2012-09-191-11/+30
| | | | metze
* waf: Rename nmblookup manpage to nmblookup4.Andreas Schneider2012-09-072-66/+66
|
* Factor out privilege checking code into se_file_access_check() which takes a ↵Jeremy Allison2012-08-312-10/+87
| | | | bool priv_open_requested parameter.
* Fix bug #9124 - Samba fails to set "inherited" bit on inherited ACE's.Jeremy Allison2012-08-301-3/+7
| | | | Change se_create_child_secdesc() to handle inheritance correctly.
* libcli/smb: split out a smb_transport private libraryStefan Metzmacher2012-08-251-3/+15
| | | | metze
* libcli/smb: wscript_build => wscriptStefan Metzmacher2012-08-251-1/+2
| | | | | | We'll need some configure checks in future. metze
* Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen().Jeremy Allison2012-08-243-13/+3
| | | | | | | | The code in SMBNTLMv2encrypt_hash() should not be requesting case changes on the domain name. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104
* Remove useless bool "upper_case_domain" parameter.Jeremy Allison2012-08-241-13/+2
|
* Move uppercasing the domain out of smb_pwd_check_ntlmv2()Jeremy Allison2012-08-241-9/+21
| | | | | | Allows us to remove a silly bool parameter. Based on work done by "Blohm, Guntram (I/FP-37, extern)" <extern.guntram.blohm@audi.de>.
* libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLEBjörn Jacke2012-08-221-1/+1
| | | | | Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Wed Aug 22 01:30:06 CEST 2012 on sn-devel-104
* libcli/smb: make sure the SMB2_TRANSFORM pdu is completeStefan Metzmacher2012-08-171-3/+12
| | | | metze
* libcli/smb: support broken OS/2 error responses bug #9096Stefan Metzmacher2012-08-161-3/+57
| | | | | | | | | OS/2 skips the DATA Block in SMB1 responses. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 16 13:16:49 CEST 2012 on sn-devel-104
* libcli/smb: verify decrypted SMB2 pdus correctlyStefan Metzmacher2012-08-151-2/+38
| | | | | | | | | | | | | | We need to make sure we got a encrypted response if we asked for it. If we don't get a encrypted response, we use a similar logic as with signing to propagated wellknown errors to the higher layer and set state->smb2.signing_skipped = true. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 15 16:26:26 CEST 2012 on sn-devel-104
* libcli/smb: fix parsing of compounded messages within a SMB2_TRANSFORM pduStefan Metzmacher2012-08-151-5/+12
| | | | | | | | | One SMB2_TRANSFORM pdu wraps multiple SMB2 pdus. We inject the SMB2_TRANSFORM header to each response which was wrapped inside. This allows the next layer to verify if the SMB2 pdu was encrypted. metze
* libcli/smb: fix smb2cli_req_compound_submit for multiple encrypted messagesStefan Metzmacher2012-08-151-63/+104
| | | | | | There should be only one SMB2_TRANSFORM header for all compound requests. metze
* libcli/smb: all flags except SMB2_HDR_FLAG_ASYNC should be cleared in a ↵Stefan Metzmacher2012-08-151-0/+6
| | | | | | cancel request. metze
* build: rename security → samba-securityBjörn Jacke2012-08-101-2/+2
| | | | | | | | | there is a libsecurity on OSF1 which clasheѕ with our security lib. see bug #9023. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 10 14:22:21 CEST 2012 on sn-devel-104
* libcli/smb: do not set SMB2_TF_MSG_SIZE in the callerStefan Metzmacher2012-08-081-3/+0
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 8 07:32:55 CEST 2012 on sn-devel-104
* libcli/smb: smb2_signing_[en|de]crypt_pdu() check and set SMB2_TF_MSG_SIZEStefan Metzmacher2012-08-081-6/+16
| | | | metze
* libcli/util: add NT_STATUS_FILE_NOT_AVAILABLEStefan Metzmacher2012-08-072-0/+2
| | | | metze
* libcli/smb: use forward declaration instead of includesStefan Metzmacher2012-08-071-3/+2
| | | | metze
* smbXcli: add some includes to fix compiler warningsChristian Ambach2012-08-061-0/+3
| | | | | if smbXcli_base.h is included on its own, there are various compiler warnings about implicitly declared struct iovec and smb2_create_blobs
* libcli/smb: add smb1cli_session_protect_session_key()Stefan Metzmacher2012-08-042-0/+25
| | | | metze
* libcli/smb: add smb_key_derivation() for ↵Stefan Metzmacher2012-08-042-1/+49
| | | | | | TREE_CONNECT_ANDX_EXTENDED_SIGNATURES support metze
* libcli/smb: pass hdr/len to smb_signing_check/sign_pdu() and skip the nbt headerStefan Metzmacher2012-08-043-17/+25
| | | | metze
* libcli/smb: change smb_signing to skip the NBT_HEADER_SIZE internallyStefan Metzmacher2012-08-041-19/+24
| | | | metze
* libcli/smb: move some TCON related defines to smb_constants.hStefan Metzmacher2012-08-011-0/+13
| | | | metze
* libcli/smb: remove unused smb2cli_session_application_key()Stefan Metzmacher2012-08-012-21/+0
| | | | metze