summaryrefslogtreecommitdiffstats
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
...
* libcli/security: add init_mask to existing children in insert_in_object_treeStefan Metzmacher2013-01-211-0/+1
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: handle node initialisation in one spot in ↵Andrew Bartlett2013-01-212-38/+37
| | | | | | | | | | | | | | | | | | | | | | | insert_in_object_tree() This removes special-case for initalising the children array in insert_in_object_tree(). talloc_realloc() handles the intial allocate case perfectly well, so there is no need to have this duplicated. This also restores having just one place were the rest of the elements are intialised, to ensure uniform behaviour. To do this, we have to rework insert_in_object_tree to have only one output variable, both because having both root and new_node as output variables was too confusing, and because otherwise the two pointers were being allowed to point at the same memory. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: avoid usage of dom_sid_parse_talloc() in sec_access_check_ds()Stefan Metzmacher2013-01-211-8/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: simplify get_ace_object_type()Stefan Metzmacher2013-01-211-8/+4
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: fix formating in access_check.cStefan Metzmacher2013-01-211-8/+12
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: fix whitespaces in access_check.cStefan Metzmacher2013-01-211-98/+100
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: don't look at the inherited type in get_ace_object_type()Stefan Metzmacher2013-01-171-2/+0
| | | | | | | | The inherited_type is only used to decide if aces should be inherited effectively or not (INHERIT_ONLY) for the specified object. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net>
* smb2_ioctl: split ioctl handler code on device typeDavid Disseldorp2013-01-161-0/+2
| | | | | | | Add per device type ioctl handler source files for FSCTL_DFS, FSCTL_FILESYSTEM, FSCTL_NAMED_PIPE and FSCTL_NETWORK_FILESYSTEM. Reviewed by: Jeremy Allison <jra@samba.org>
* libcli/security: Ensure to fill in remaining_access for the initial case ↵Andrew Bartlett2013-01-151-0/+1
| | | | | | | | | | | | (bug #9554 - CVE-2013-0172) It is critically important that we initialise this element as otherwise all access is permitted. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a75805490d96a85786287f5d0522dd7671d6816e)
* libcli: Fix smb2cli_ioctl_send() if clause.Andreas Schneider2012-12-211-1/+1
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* libcli: Check schannel state return value of tdb_transaction_commit().Andreas Schneider2012-12-211-1/+5
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* libcli/auth: add netlogon_creds_encrypt_samlogon_validation().Günther Deschner2012-12-152-6/+44
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: rename netlogon_creds_decrypt_samlogon() to ↵Günther Deschner2012-12-152-6/+9
| | | | | | | | | netlogon_creds_decrypt_samlogon_validation(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: calculate the correct inherited_object GUIDStefan Metzmacher2012-12-111-1/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/security: implement object_in_list()Stefan Metzmacher2012-12-111-2/+23
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().Günther Deschner2012-12-091-0/+14
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: remove trailing whitespace.Günther Deschner2012-12-091-38/+38
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.Günther Deschner2012-12-092-0/+30
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/security: remove duplicate aces in se_create_child_secdesc()Stefan Metzmacher2012-12-021-0/+34
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Fix Bug 9422 - large read requests cause server to issue malformed replyVolker Lendecke2012-11-301-1/+1
| | | | | | | Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Nov 30 03:27:07 CET 2012 on sn-devel-104
* libcli/smb: add smbXcli_session_set_disconnect_expired() (bug #9175)Stefan Metzmacher2012-11-012-0/+35
| | | | | | | | This should be a short term hack until the upper layers have implemented re-authentication. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209)Stefan Metzmacher2012-10-271-1/+1
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104
* libcli/dns: Time out requests after a whileKai Blin2012-10-161-0/+8
| | | | | | | | | | | | Time out UDP requests after DNS_REQUEST_TIMEOUT seconds. Currently set to 2 seconds. This should fix bug #8878. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 16 12:58:32 CEST 2012 on sn-devel-104
* libcli/smb: add smb1cli_echo*Stefan Metzmacher2012-09-293-0/+181
| | | | metze
* libcli/smb: add smb2cli_echo*Stefan Metzmacher2012-09-293-0/+130
| | | | metze
* libcli/smb: use an explicit TALLOC_FREE(subreq) in smb2cli_*Stefan Metzmacher2012-09-299-0/+9
| | | | metze
* Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash.Jeremy Allison2012-09-271-3/+2
| | | | | | | | | | Ensure we correctly protect against blobs with data_offset==0 and data_length != 0. Jeremy. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104
* libcli/echo: validate the message lengthStefan Metzmacher2012-09-221-0/+5
| | | | metze
* libcli: add a define for the APP_INSTANCE_ID smb2 create contextMichael Adam2012-09-191-0/+1
|
* libcli/smb: fix padding in smb2_create_blob*Stefan Metzmacher2012-09-191-11/+30
| | | | metze
* waf: Rename nmblookup manpage to nmblookup4.Andreas Schneider2012-09-072-66/+66
|
* Factor out privilege checking code into se_file_access_check() which takes a ↵Jeremy Allison2012-08-312-10/+87
| | | | bool priv_open_requested parameter.
* Fix bug #9124 - Samba fails to set "inherited" bit on inherited ACE's.Jeremy Allison2012-08-301-3/+7
| | | | Change se_create_child_secdesc() to handle inheritance correctly.
* libcli/smb: split out a smb_transport private libraryStefan Metzmacher2012-08-251-3/+15
| | | | metze
* libcli/smb: wscript_build => wscriptStefan Metzmacher2012-08-251-1/+2
| | | | | | We'll need some configure checks in future. metze
* Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen().Jeremy Allison2012-08-243-13/+3
| | | | | | | | The code in SMBNTLMv2encrypt_hash() should not be requesting case changes on the domain name. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104
* Remove useless bool "upper_case_domain" parameter.Jeremy Allison2012-08-241-13/+2
|
* Move uppercasing the domain out of smb_pwd_check_ntlmv2()Jeremy Allison2012-08-241-9/+21
| | | | | | Allows us to remove a silly bool parameter. Based on work done by "Blohm, Guntram (I/FP-37, extern)" <extern.guntram.blohm@audi.de>.
* libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLEBjörn Jacke2012-08-221-1/+1
| | | | | Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Wed Aug 22 01:30:06 CEST 2012 on sn-devel-104
* libcli/smb: make sure the SMB2_TRANSFORM pdu is completeStefan Metzmacher2012-08-171-3/+12
| | | | metze
* libcli/smb: support broken OS/2 error responses bug #9096Stefan Metzmacher2012-08-161-3/+57
| | | | | | | | | OS/2 skips the DATA Block in SMB1 responses. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 16 13:16:49 CEST 2012 on sn-devel-104
* libcli/smb: verify decrypted SMB2 pdus correctlyStefan Metzmacher2012-08-151-2/+38
| | | | | | | | | | | | | | We need to make sure we got a encrypted response if we asked for it. If we don't get a encrypted response, we use a similar logic as with signing to propagated wellknown errors to the higher layer and set state->smb2.signing_skipped = true. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 15 16:26:26 CEST 2012 on sn-devel-104
* libcli/smb: fix parsing of compounded messages within a SMB2_TRANSFORM pduStefan Metzmacher2012-08-151-5/+12
| | | | | | | | | One SMB2_TRANSFORM pdu wraps multiple SMB2 pdus. We inject the SMB2_TRANSFORM header to each response which was wrapped inside. This allows the next layer to verify if the SMB2 pdu was encrypted. metze
* libcli/smb: fix smb2cli_req_compound_submit for multiple encrypted messagesStefan Metzmacher2012-08-151-63/+104
| | | | | | There should be only one SMB2_TRANSFORM header for all compound requests. metze
* libcli/smb: all flags except SMB2_HDR_FLAG_ASYNC should be cleared in a ↵Stefan Metzmacher2012-08-151-0/+6
| | | | | | cancel request. metze
* build: rename security → samba-securityBjörn Jacke2012-08-101-2/+2
| | | | | | | | | there is a libsecurity on OSF1 which clasheѕ with our security lib. see bug #9023. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 10 14:22:21 CEST 2012 on sn-devel-104
* libcli/smb: do not set SMB2_TF_MSG_SIZE in the callerStefan Metzmacher2012-08-081-3/+0
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 8 07:32:55 CEST 2012 on sn-devel-104
* libcli/smb: smb2_signing_[en|de]crypt_pdu() check and set SMB2_TF_MSG_SIZEStefan Metzmacher2012-08-081-6/+16
| | | | metze
* libcli/util: add NT_STATUS_FILE_NOT_AVAILABLEStefan Metzmacher2012-08-072-0/+2
| | | | metze
* libcli/smb: use forward declaration instead of includesStefan Metzmacher2012-08-071-3/+2
| | | | metze
generated by cgit (git 2.34.1) at 2025-09-01 18:50:29 +0000