summaryrefslogtreecommitdiffstats
path: root/source/libsmb/cliconnect.c
Commit message (Collapse)AuthorAgeFilesLines
* Fix bug #5675 with a varient of Tim Waugh's patch,Jeremy Allison2008-08-071-3/+2
| | | | | as proposed by James Peach. Jeremy.
* Fix bug reported by David Eisner <deisner@gmail.com>. When allocating cliJeremy Allison2008-06-021-3/+3
| | | | | | buffers for large read/write - make sure we take account of the large read/write SMB headers as well as the buffer space. Jeremy.
* Manually merge Steven Danneman's patch for SPNEGO auth to a trustedGerald W. Carter2008-05-231-20/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Win2008 domain (merged from v3-0-test). commit 8dc4e979776aae0ecaa74b51dc1eac78a7631405 Author: Steven Danneman <sdanneman@isilon.com> Date: Wed May 7 13:34:26 2008 -0700 spnego SPN fix when contacting trusted domains cli_session_setup_spnego() was not taking into consideration the situation where we're connecting to a trusted domain, specifically one (like W2K8) which doesn't return a SPN in the NegTokenInit. This caused two problems: 1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we were always using our default realm, not the realm of the domain we're connecting to. 2) When falling back on NTLMSSP for authentication we were passing the name of the domain we're connecting to for use in our credentials when we should be passing our own workgroup name. The fix for both was to split the single "domain" parameter into "user_domain" and "dest_realm" parameters. We use the "user_domain" parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN if none was returned in the NegTokenInit2 packet. If no "dest_realm" is provided we assume we're connecting to our own domain and use the credentials cache to build the SPN. Since we have a reasonable guess at the SPN, I removed the check that defaults us directly to NTLM when negHint is empty.
* build: fix the build w/o ldap.Günther Deschner2008-05-061-1/+3
| | | | Guenther
* Fix client authentication with -P switch in client tools (Bug 5435).Günther Deschner2008-05-051-2/+20
| | | | Guenther
* Move srv_name_slash from cli_state to rpc_pipe_clientVolker Lendecke2008-04-201-2/+0
|
* Add CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS define.Günther Deschner2008-04-081-0/+5
| | | | | | This allows to switch on the cli->fallback_after_kerberos switch. Guenther
* Fix a misleading debug messageVolker Lendecke2008-04-071-2/+3
|
* When using plaintext ucs2 passwords clistr_push calls ucs2_align, which causesJeremy Allison2008-04-041-3/+9
| | | | | | | | | the space taken by the unicode password to be one byte too long (as we're on an odd byte boundary here). Reduce the count by 1 to cope with this. Fixes smbclient against NetApp servers which can't cope. Fix from bryan.kolodziej@allenlund.com in bug #3840. Jeremy.
* Always uppercase cli->srv_name_slash.Günther Deschner2008-04-041-0/+1
| | | | | | Not that I think it is of any importance... Guenther
* For convenience reasons, always create cli->srv_name_slash in the rpc_client.Günther Deschner2008-03-121-0/+1
| | | | Guenther
* Add explicit buf arg to cli_check_sign_macVolker Lendecke2008-02-281-1/+1
|
* Add explicit buf arg to cli_encrypt_message and cli_calculate_sign_macVolker Lendecke2008-02-281-1/+1
|
* Fix typoVolker Lendecke2008-02-231-2/+2
|
* Add a missing returnVolker Lendecke2008-02-111-1/+1
| | | | | | | | | If I'm not completely blind, we should return here. Not doing it here seems not to be a major flaw, as far as I can see we're only missing the error code. This might account for some of the very unhelpful NT_STATUS_UNSUCCESSFUL error messages people see during joins. All with stake in Samba client, please check!
* Don't leak memory in error path.Jeremy Allison2008-01-231-0/+1
| | | | Jeremy.
* Use strchr_m in seaching for '.' in the hostname to make sure we're mb safe.Jeremy Allison2008-01-231-1/+1
| | | | Jeremy.
* Fix Windows 2008 (Longhorn) join.Andreas Schneider2008-01-231-1/+15
| | | | | | During 'net ads join' the cli->desthost is a hostname (e.g. rupert.galaxy.site). Check if we have a hostname and use only the first part, the machine name, of the string.
* Add SMB encryption. Still fixing client decrypt butJeremy Allison2007-12-261-11/+11
| | | | | negotiation works. Jeremy.
* Use ADS_IGNORE_PRINCIPAL define.Günther Deschner2007-12-211-2/+1
| | | | Guenther
* Fix debug messagesVolker Lendecke2007-12-191-8/+9
| | | | | When warning that "client plaintext auth" is not enabled where the server requested them we should not talk about "client use plaintext auth"
* Added patch originally by Andreas Schneider <anschneider@suse.de>Jeremy Allison2007-12-151-8/+42
| | | | | | to cause us to behave like Vista when looking for remote machine principal. Modified by me. Jeremy.
* Allow cliconnect to loop through multiple ip addressesJeremy Allison2007-12-121-23/+49
| | | | | | | for a server. We should have been doing this for a while, but it's more critical with IPv6. Original patch fixed up by James. Jeremy.
* Don't build rpctorture anymore - not maintained. Just remove.Jeremy Allison2007-12-071-4/+6
| | | | | | Remove all vestiges of pstring (except for smbctool as noted in previous commit). Jeremy
* Remove PSTRING_LEN from smbd/ nmbd/.Jeremy Allison2007-11-291-3/+12
| | | | | | | Remove pstring from libsmb/clidfs.c except for a nasty hack (that will be removed when pstrings are gone from client/). Jeremy.
* Remove the explicit TALLOC_CTX * from cli_struct.Jeremy Allison2007-11-291-4/+14
| | | | | | Make us very explicit about how long a talloc ctx should last. Jeremy.
* Remove a static fstringVolker Lendecke2007-11-111-1/+1
| | | | | | | | | | | I'm not sure why this used to be static, to me it seems that every time this variable is overwritten. I just don't see how name_status_find() could return true and not overwrite name. Can someone please review this and potentially check it in? Thanks, Volker
* Remove the silly "user_socket_options" global variableVolker Lendecke2007-11-091-4/+2
| | | | This is better done with a 'lp_do_parameter(-1, "socket options", ..);
* Remove more pstring/fstrings.Jeremy Allison2007-11-081-4/+1
| | | | Jeremy.
* Remove the smb_read_error global variable and replaceJeremy Allison2007-11-031-1/+1
| | | | | it with accessor functions. "One global or pstring a day...." :-). Jeremy.
* Change all occurrences of zero_addr(&ss,AF_INET) toJeremy Allison2007-10-271-1/+1
| | | | | | | | zero_addr(&ss). All current uses were always of the AF_INET form, so simplify the call. If in the future we need to zero an addr to AF_INET6 this can be done separately. Jeremy.
* This is a large patch (sorry). Migrate from struct in_addrJeremy Allison2007-10-241-65/+87
| | | | | | | | | | | | | to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy.
* RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison2007-10-181-15/+15
| | | | | | | bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy.
* Add start of IPv6 implementation. Currently most of this is avoidingJeremy Allison2007-10-101-4/+4
| | | | | | | | | | IPv6 in winbindd, but moves most of the socket functions that were wrongly in lib/util.c into lib/util_sock.c and provides generic IPv4/6 independent versions of most things. Still lots of work to do, but now I can see how I'll fix the access check code. Nasty part that remains is the name resolution code which is used to returning arrays of in_addr structs. Jeremy.
* [GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.samba-misc-tags/initial-v3-2-testGerald (Jerry) Carter2007-10-101-12/+13
|
* r25407: Revert Longhorn join patch as it is not correct for the 3.2 tree.Gerald Carter2007-10-101-28/+10
| | | | | | The translate_name() used by cli_session_setup_spnego() cann rely Winbindd since it is needed by the join process (and hence before Winbind can be run).
* r25400: Windows 2008 (Longhorn) Interop fixes for AD specific auth2 flags,Gerald Carter2007-10-101-10/+28
| | | | and client fixes. Patch from Todd Stetcher <todd.stetcher@isilon.com>.
* r24737: Remove older TODO: Convert internal_resolve_name() and friends to ↵Günther Deschner2007-10-101-1/+2
| | | | | | NTSTATUS. Guenther
* r24281: Fix bug found by Herb. The vuid entry in the cli_state structure getsJeremy Allison2007-10-101-0/+4
| | | | | | | | | | left as nonzero as returned by the failed cli_session_setup_spnego. When we then try to authenticate as the user in cli_session_setup this returns an error "Bad userid" (as seen in wireshark). "We should only leave cli->vuid != 0 on success. Looks like it's getting set in the cli_session_setup_blob_receive() call and not cleared again on error." Jeremy.
* r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell2007-10-101-2/+1
|
* r23779: Change from v2 or later to v3 or later.Jeremy Allison2007-10-101-1/+1
| | | | Jeremy.
* r23554: Fix bug #4711 by makeing cli_connect return an NTSTATUS.Jeremy Allison2007-10-101-13/+12
| | | | | Long overdue fix.... Jeremy.
* r22950: Fix the issue Volker reported here :Jeremy Allison2007-10-101-1/+1
| | | | | | | | | | | | | | | | | | | | "Attempt to fix some build farm failures: On port 139 the first successful packet gives len==0 from the server, so the = in if (len <= 0) { in line 136 of clientgen.c throws a failure." The irritating thing is that I already had it correct in SAMBA_3_0_26 and forgot to merge the change across. len == 0 is a valid return - I messed that up when converting client_receive_smb() to return a length rather than a BOOL. Doh ! Jeremy.
* r22929: Attempt to fix some build farm failures: On port 139 the firstVolker Lendecke2007-10-101-1/+1
| | | | | | | | | | | | | successful packet gives len==0 from the server, so the = in if (len <= 0) { in line 136 of clientgen.c throws a failure. Jeremy, please fix this properly, I'm not merging this to 3_0_26 so that you can filter it when you merge. Volker
* r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; andVolker Lendecke2007-10-101-15/+15
| | | | replace all data_blob(NULL, 0) calls.
* r22644: Fix memleak.Günther Deschner2007-10-101-1/+3
| | | | Guenther
* r22391: Looks bigger than it is. Make "inbuf" availableJeremy Allison2007-10-101-11/+11
| | | | | | | to all callers of smb_setlen (via set_message() calls). This will allow the server to reflect back the correct encryption context. Jeremy.
* r22122: Start to fix csc issue with Vista. Make smbd supportJeremy Allison2007-10-101-0/+1
| | | | | | the extended 7 word response for tconX rather than the 3 word one we supported previously. Jeremy.
* r22092: - make spnego_parse_auth_response() more generic andStefan Metzmacher2007-10-101-1/+1
| | | | | | | | | not specific for NTLMSSP - it's possible that the server sends a mechOID and authdata if negResult != SPNEGO_NEG_RESULT_INCOMPLETE, but we still force the mechOID to be present if negResult == SPNEGO_NEG_RESULT_INCOMPLETE metze
* r21990: Stop messing with the signing engine just becauseJeremy Allison2007-10-101-10/+10
| | | | | | we're encrypted. This will make further changes and spec much more clear. Jeremy.
generated by cgit (git 2.34.1) at 2025-09-04 06:51:15 +0000