summaryrefslogtreecommitdiffstats
path: root/source/libsmb/cliconnect.c
Commit message (Collapse)AuthorAgeFilesLines
* Removed version number from file header.Tim Potter2002-01-301-2/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* Fix a couple of memory leaks in the cli_establish_connection() code's failureAndrew Bartlett2002-01-201-0/+2
| | | | | | | | case. Thanks to Nigel Williams <nigel@wednesday.demon.co.uk> for spotting these! Andrew Bartlett
* Same fix as went into 2.2 (I'm waiting for jerry to finish some code).Jeremy Allison2002-01-111-18/+18
| | | | Jeremy.
* fixed a crash bug in domain auth caused by an uninitialised nt_statusAndrew Tridgell2002-01-111-0/+2
|
* Fix up 'net ads join' to delete and rejoin if the account already exists.Andrew Bartlett2002-01-111-1/+1
| | | | | | | | This fixes up a problem where a machine would join (or downgrade by trust password change) to NT4 membership and not be able to regain full ADS membership until a 'net ads leave'. Andrew Bartlett
* Check for winbind separator in user name for cli_session_setup()Tim Potter2002-01-061-1/+2
| | | | Patch from Alexander Bokovoy <a.bokovoy@sam-solutions.net>
* Ensure the output cli can't have spurious values if the connection fails...Andrew Bartlett2001-12-311-1/+7
|
* - handle kerberos session setup reply with broken null terminationAndrew Tridgell2001-12-211-4/+5
| | | | - don't display Domain=[] for auth protocols that don't give us a domain
* try to handle end of packet for not null terminated domain stringsAndrew Tridgell2001-12-211-1/+3
|
* handle a NULL hostname in cli_connect()Andrew Tridgell2001-12-111-0/+3
|
* detect attempts to connect to names of the type NAME#xx and do aAndrew Tridgell2001-12-111-1/+11
| | | | | | netbios lookup for name NAME with node type xx. This affects all our client progs. Very useful :)
* when using non-encrypted password ignore the ntpass variable toAndrew Tridgell2001-12-041-2/+2
| | | | session setup
* This change reworkes the connection code for both rpcclient and net newAndrew Bartlett2001-12-031-1/+113
| | | | | | | | | | | 'net' untility. This should make it easier to port rpcclient code across to net. It also allows SPNEGO (the NTLMSSP subsystem in particular) to work, becouse it kills off the early destruction of the clear-text password. Andrew Bartlett
* fixed some krb5 ifdefsAndrew Tridgell2001-11-281-2/+2
|
* fixed a core dump in server level securityAndrew Tridgell2001-11-281-2/+4
|
* fix a bunch of places where we can double-free a cli structureAndrew Tridgell2001-11-281-4/+4
|
* Got medieval on another pointless extern. Removed extern struct ipzeroTim Potter2001-11-261-2/+1
| | | | | | | and replaced with two functions: void zero_ip(struct in_adder *ip); BOOL is_zero_ip(struct in_addr ip);
* use DEBUG() not d_printf() in librariesAndrew Tridgell2001-11-261-2/+2
|
* Add a new torture test to extract a NT->DOS error map from an NT member of aAndrew Bartlett2001-11-251-4/+1
| | | | | | | | | samba domain. The PDC must be running a special authenticaion module that spits out NT errors based on username. Andrew Bartlett
* This is another rather major change to the samba authenticaionAndrew Bartlett2001-11-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett
* - make sure we use a non-zero session id so we can have multiple connsAndrew Tridgell2001-11-201-8/+4
| | | | | | | | open to w2k - fix the string handling in the device name to match NT and smbd - don't pull the domain from negprot if CAP_EXTENDED_SECURITY is set
* Removed the "reestablish" code. Tridge - scream if this was needed....Jeremy Allison2001-11-141-51/+0
| | | | Jeremy.
* free the negTokenInit structureAndrew Tridgell2001-11-051-0/+2
|
* merge from 2.2. Why is STR_CONVERT missing when comparingGerald Carter2001-11-051-1/+1
| | | | 2.2 to HEAD?
* This patch applied, except without the structure changes to nmblib.cAndrew Bartlett2001-10-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Andrew Bartlett. From kai@cmail.ru Mon Oct 29 18:50:42 2001 Date: Fri, 19 Oct 2001 17:26:06 +0300 From: Andrew V. Samoilov <kai@cmail.ru> To: samba-technical@lists.samba.org Subject: [patch]: makes some arrays const to be shared between processes Hi! This patch makes some arrays const. So these arrays go to text/rodata segment and are shared between all of the processes which use shared library with these arrays. Regards, Andrew V. Samoilov. P.S. Please cc your answer to kai@cmail.ru, I don't subscribed to this list. ChangeLog: * cliconnect.c (prots): Make const. * clierror.c (rap_errmap): Likewise. * nmblib.c (nmb_header_opcode_names): Likewise. (lookup_opcode_name): Make opcode_namep const. Eliminate i. * nterr.c (nt_err_code_struct): Typedef const. * smberr.c (err_code_struct): Make const. (err_classes): Likewise.
* more compiler warningsHerb Lewis2001-10-231-2/+2
|
* a quick fix to get rpcclient working again. This just disablesAndrew Tridgell2001-10-221-0/+4
| | | | | | | NTLMSSP in cli_establish_connection() What we really need to do is kill off the pwd_cache code. It is horrible, and assumes the challenge comes in the negprot reply.
* Ok, I know it's a language thing and it shouldn't matter.... but a kerberosJeremy Allison2001-10-211-7/+7
| | | | | name is a "principal", not a principle. English majors will complain :-). Jeremy.
* made smbclient cope better with arbitrary principle formsAndrew Tridgell2001-10-211-0/+4
|
* support both old and new kerberos OIDsAndrew Tridgell2001-10-211-1/+2
|
* the beginnings of kerberos support in smbd. It doesn't work yet, butAndrew Tridgell2001-10-181-0/+4
| | | | | it should give something for others to hack on and possibly find what I'm doing wrong.
* added basic NTLMSSP support in smbd. This is still quite rough, andAndrew Tridgell2001-10-171-12/+20
| | | | | | loses things like username mapping. I wanted to get this in then discuss it a bit to see how we want to split up the existing session setup code
* fixed NTLMSSP with XP servers (who don't send the duplicate challengeAndrew Tridgell2001-10-141-0/+8
| | | | in the asn1 spnego structures)
* fixed two bugs in the NTLMSSP codeAndrew Tridgell2001-10-141-2/+8
| | | | | - handle servers that don't send a kerberos principle (non-member servers) - enable spnego without KRB5
* moved some OIDs to the ASN.1 headerAndrew Tridgell2001-10-121-2/+2
|
* added NTLMSSP authentication to libsmb. It seems to work well so I have ↵Andrew Tridgell2001-10-121-52/+154
| | | | enabled it by default if the server supports it. Let me know if this breaks anything. Choose kerberos with the -k flag to smbclient, otherwise it will use SPNEGO/NTLMSSP/NTLM
* added a ASN.1 parser, so now I can properly parse the negTokenInitAndrew Tridgell2001-10-111-1/+32
| | | | | | | | | packet which means I can extract the service and realm, so we should now work with realms other than the local realm. it also means we now check the list of OIDs given by the server just in case it says that it doesn't support kerberos. In that case we should fall back to NTLMSSP but that isn't written yet.
* initial kerberos/ADS/SPNEGO support in libsmb and smbclient. ToAndrew Tridgell2001-10-111-144/+387
| | | | | | | | | | activate you need to: - install krb5 libraries - run configure - build smbclient - run kinit to get a TGT - run smbclient with the -k option to choose kerberos auth
* use cli_is_error() instead of looking in smb_rcls, otherwise NT statusAndrew Tridgell2001-09-051-7/+5
| | | | codes don't work correctly
* fixed handling of 139/445 in clientsAndrew Tridgell2001-08-241-1/+1
|
* Fixed debug in cli_establish_connection() - print out the called name onTim Potter2001-08-241-1/+1
| | | | connection failure rather than the calling name.
* better error reporting for servers that don't do port 445Andrew Tridgell2001-08-231-1/+4
|
* added port 445 support to our client codeAndrew Tridgell2001-08-221-5/+19
|
* a bunch of fixes from the sflight to seattleAndrew Tridgell2001-08-201-1/+0
| | | | | | in particular: - fixed NT status code for a bunch of ops - fixed handling of protocol levels in ms_fnmatch
* A rewrite of the error handling in the libsmb client code. I've separatedTim Potter2001-08-101-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | out the error handling into a bunch of separate functions rather than all being handled in one big function. Fetch error codes from the last received packet: void cli_dos_error(struct cli_state *cli, uint8 *eclass, uint32 *num); uint32 cli_nt_error(struct cli_state *); Convert errors to UNIX errno values: int cli_errno_from_dos(uint8 eclass, uint32 num); int cli_errno_from_nt(uint32 status); int cli_errno(struct cli_state *cli); Detect different kinds of errors: BOOL cli_is_dos_error(struct cli_state *cli); BOOL cli_is_nt_error(struct cli_state *cli); BOOL cli_is_error(struct cli_state *cli); This also means we now support CAP_STATUS32 as we can decode and understand NT errors instead of just DOS errors. Yay! Ported a whole bunch of files in libsmb to use this new API instead of the just the DOS error.
* formatting fixAndrew Tridgell2001-07-081-1/+1
|
* strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell2001-07-041-1/+1
| | | | can't redefine them. damn.
* The big character set handling changeover!Andrew Tridgell2001-07-041-30/+23
| | | | | | | This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation.
* - make the regresison test mode code build in by default. This shouldAndrew Tridgell2001-06-251-4/+1
| | | | | allow us to have test targets without special configure options - fixed make proto so that it actually does something
* added the ability to test smbd safely as an ordinary user. The way it works isAndrew Tridgell2001-06-221-3/+9
| | | | | | | | | | | | | | | | | | | | | | | that libsmb/ creates a local tcp socket then launches smbd as a subprocess attached to that socket. smbd thinks it is being launched from inetd. to use it do the following: - compile with -DSMB_REGRESSION_TEST - run like this (also works with smbtorture etc) export SMBD_TEST=1 export LIBSMB_PROG=bin/smbd smbclient //server/share -Uuser%pass obviously you need to setup a smb.conf etc. Using --prefix to configure is useful. The aim of all this stuff is to add a decent set of regression tests to the build farm, so we know if smbd actually runs correctly on all the platforms, not just builds. We can run smbtorture, masktest, locktest etc, plus a bunch of smbclient scripts and any new tests we write. This doesn't help much with nmbd (at least not yet) but its a good start.
generated by cgit (git 2.34.1) at 2025-09-26 17:39:52 +0000