1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

831 Commits

Author SHA1 Message Date
Stefan Metzmacher
f08adbb4d6 libcli/smb: maintain smb2.should_sign on smbXcli_req_state
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
92811c6f5f libcli/smb: make use of SMB2_HDR_BODY as header size
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
be8e33ec54 libcli/smb: parse the SMB2_TRANSFORM header and decrypt the SMB2 pdu
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
c2b0a48513 libcli/smb: create 4 iovecs per request in smb2cli_inbuf_parse_compound()
The first one might hold the SMB2_TRANSFORM Header later.

metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
5863107cd3 libcli/smb: prepare [en|de]cryption_key for SMB3
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
d333edbe14 libcli/smb: copy the application_key in smb2cli_session_create_channel()
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
077eb578be libcli/smb: check the buffer length in smbXcli_negprot_dispatch_incoming()
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
1c144b07f6 libcli/smb: only pass the smb2 buffer to smb2cli_inbuf_parse_compound()
We should hide the transport as much as possible.

metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
fd736f7f18 libcli/smb: add smb2_signing_[en|e]crypt_pdu()
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
7e0982421b libcli/smb: construct the signing_key before forming the message
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
4628e2878f libcli/smb: add SMB2_SESSION_FLAG_ENCRYPT_DATA
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
d7285672b4 libcli/smb: add SMB2_TRANSFORM macros
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
a7208de06a libcli/auth: add support for AES/HMAC-SHA256 to the netlogon schannel sign/seal
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
99e5241d36 libcli/auth: add support for AES/HMAC-SHA256 schannel session key support
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
342a2e6181 s4:librpc/rpc/dcerpc_schannel: just append NETLOGON_NEG_RODC_PASSTHROUGH as rodc
The RODC stuff doesn't depend on the schannel algorithm.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:38 +02:00
Stefan Metzmacher
cbf44e8d2f libcli/smb: add SMB2_CAP_DIRECTORY_LEASING to SMB2_CAP_ALL
metze

Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-29 15:21:12 +02:00
Jeremy Allison
9b212d8df5 Fix warning: variable ‘XX’ set but not used. 2012-06-19 10:27:23 -07:00
Rusty Russell
13ac664a6d libcli: use tdb directly, not tdb_compat.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-19 05:38:07 +02:00
Stefan Metzmacher
ba44bd353d libcli/nbt: remove unused system/network.h from libnbt.h
This is not needed and breaks the build on AIX:

[ 988/3309] Compiling source4/smb_server/smb/reply.c
"../source4/smb_server/smb/reply.c", line 1093.42: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
"../source4/smb_server/smb/reply.c", line 1093.42: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
"../source4/smb_server/smb/reply.c", line 1093.42: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
"../source4/smb_server/smb/reply.c", line 1093.42: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
"../source4/smb_server/smb/reply.c", line 1109.13: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
"../source4/smb_server/smb/reply.c", line 1110.13: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
"../source4/smb_server/smb/reply.c", line 1111.13: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
"../source4/smb_server/smb/reply.c", line 1113.38: 1506-022 (S) "lseek64" is not a member of "union smb_seek".
Waf: Leaving directory `/opt/home/build/build_farm/samba_4_0_test/bin'
Build failed:  -> task failed (err #1):
	{task: cc reply.c -> reply_1.o}

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 11 10:32:51 CEST 2012 on sn-devel-104
2012-06-11 10:32:50 +02:00
Michael Adam
52e1bba861 build: rename build targets nmblookup -> nmblookup4 and nmblookup3 -> nmblookup 2012-05-31 04:46:06 +02:00
Kai Blin
aa0190825d libcli/dns: Rename UDP-based calls to reflect their use
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Wed May 30 02:35:27 CEST 2012 on sn-devel-104
2012-05-30 02:35:24 +02:00
Stefan Metzmacher
f61c24166e libcli/smb: add some more FSCTL_* defines
metze
2012-05-29 10:16:24 +02:00
Stefan Metzmacher
244cf059f0 s3:smb2cli_ioctl: fix requests without output_buffer.length > 0 against windows
This fixes DCERPC over SMB2 against windows servers.

metze
2012-05-29 10:16:23 +02:00
Alexander Bokovoy
518484af8d dns_hosts_file: move to a separate subsystem
After discussion with Kai move dns_hosts_file to a separate subsystem
and merge it into libaddns private library for s3/s4 client use.

Also remove dependency in libcli/nbt, the code from libcli/dns subsystems
is not used there at all.

Autobuild-User: Alexander Bokovoy <ab@samba.org>
Autobuild-Date: Fri May 25 22:22:44 CEST 2012 on sn-devel-104
2012-05-25 22:22:44 +02:00
Alexander Bokovoy
744f9910c8 libcli/dns: make 'clidns' private library out of DNS code in WAF build
After consolidating DNS resolver code to lib/addns, there is one piece
that still needs to be moved into a common DNS resolver library: DNS_HOSTS_FILE
subsystem. Unfortunately, direct move would require lib/addns to depend on
libcli/util/{ntstatus.h,werror.h} (provided by errors subsystem).

In addition, moving libcli/dns/* code to lib/addns/ would make conflicting
the dns_tkey_record struct. The conflict comes from source4/dns_server/ and is due
to use of IDL to define the struct. lib/addns/ library also provides its own definition
so we either need to keep them in sync (rewrite code in lib/addns/ a bit) or
depend on generated IDL headers.

Thus, making a private library and subsystem clidns is an intermediate step
that allows to buy some time fore refactoring.
2012-05-23 17:51:50 +03:00
Simo Sorce
34a65739d3 Move source3/libads/dns.c to lib/addns 2012-05-23 17:51:48 +03:00
Matthieu Patou
a9b4d7e7de libcli: make it easier to understand that a control was not correctly encoded 2012-05-19 09:35:28 -07:00
Björn Baumbach
5f494c424c libcli/smb: move smb2cli_ioctl.c from source3 to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 15 20:17:01 CEST 2012 on sn-devel-104
2012-05-15 20:17:01 +02:00
Björn Baumbach
c16e263d0e libcli/smb: move smb2cli_query_directory.c from source3 to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15 18:26:00 +02:00
Björn Baumbach
b2d9c02665 libcli/smb: move smb2cli_query_info.c from source3 to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15 18:26:00 +02:00
Björn Baumbach
22b76de2ff libcli/smb: move smb2cli_set_info.c from source3 to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15 18:26:00 +02:00
Björn Baumbach
1d7c6bfd7a libcli/smb: move smb2cli_flush.c from source3 to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15 18:26:00 +02:00
Björn Baumbach
f50fc00306 libcli/smb: move smb2cli_write.c from source3 to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15 18:26:00 +02:00
Björn Baumbach
269000b1b3 libcli/smb: move smb2cli_read.c from source3 to the toplevel
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15 18:26:00 +02:00
Stefan Metzmacher
4022edc906 libcli/smb: move smb2cli_close.c from source3 to the toplevel
metze
2012-05-15 18:25:59 +02:00
Stefan Metzmacher
2674d0c458 libcli/smb: move smb2cli_create.c from source3 to the toplevel
metze
2012-05-15 18:25:59 +02:00
Stefan Metzmacher
aca64f642d libcli/smb: move smb2cli_logoff_* from source3 to the top level
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon May 14 17:02:46 CEST 2012 on sn-devel-104
2012-05-14 17:02:46 +02:00
Stefan Metzmacher
ce0d6d89ee libcli/smb: git mv smb2_session.c smb2cli_session.c
metze
2012-05-14 15:12:35 +02:00
Stefan Metzmacher
99a72e913b libcli/nbt: no longer use old 'event_' tevent compat symbols
metze
2012-05-14 15:12:33 +02:00
Stefan Metzmacher
7e7c4ba6f8 libcli/smb/smb_constants: add FSCTL_VALIDATE_NEGOTIATE_INFO*
metze
2012-05-11 18:19:51 +02:00
Stefan Metzmacher
43085e9b82 libcli/smb/smbXcli: add support for PROTOCOL_SMB3_00
metze
2012-05-06 14:50:39 +02:00
Stefan Metzmacher
abd801714c libcli/smb: add #define PROTOCOL_LATEST PROTOCOL_SMB3_00
metze
2012-05-06 14:50:39 +02:00
Stefan Metzmacher
7ae2c16f0f libcli/smb: add PROTOCOL_SMB3_00
metze
2012-05-06 14:50:39 +02:00
Stefan Metzmacher
44dcad7310 libcli/smb: add SMB3_DIALECT_REVISION_300
metze
2012-05-06 14:50:39 +02:00
Jelmer Vernooij
d3b4c2c771 UTIL_TDB: lowercase name.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu May  3 20:18:22 CEST 2012 on sn-devel-104
2012-05-03 20:18:22 +02:00
Stefan Metzmacher
42b403c19f libcli/smb: move SMB2_IOCTL_FLAG_IS_FSCTL to smb2_constants.h
metze
2012-04-27 08:31:37 +02:00
Volker Lendecke
5a100a4b1b libcli: Use data_blob_null
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Wed Apr 25 18:54:51 CEST 2012 on sn-devel-104
2012-04-25 18:54:51 +02:00
Alexander Bokovoy
594e316181 lib/replace: split out GSSAPI from lib/replace/system/kerberos.h into lib/replace/system/gssapi.h
With waf build include directories are defined by dependencies specified to subsystems.
Without proper dependency <gssapi/gssapi.h> cannot be found for embedded Heimdal builds
when there are no system-wide gssapi/gssapi.h available.

Split out GSSAPI header includes in a separate replacement header and use that explicitly
where needed.

Autobuild-User: Alexander Bokovoy <ab@samba.org>
Autobuild-Date: Wed Apr 25 00:18:33 CEST 2012 on sn-devel-104
2012-04-25 00:18:32 +02:00
Simo Sorce
08c733d75f Make krb5 wrapper library common so they can be used all over 2012-04-23 19:20:38 -04:00
Stefan Metzmacher
b0939c5774 libcli/smb: move smb2cli_session_setup_*() prototypes to the code.
metze
2012-04-16 12:54:53 +02:00
Stefan Metzmacher
6054e9a48b libcli/smb: add smb2cli_session_get_flags()
metze
2012-04-16 12:54:52 +02:00
Stefan Metzmacher
c60c2c5d94 libcli/smb: we should not force a session key for anonymous connections
smb2cli_session_set_session_key() should not check for a valid session
key, if the connection is a guest or null session.

metze
2012-04-16 12:54:52 +02:00
Stefan Metzmacher
b23f5a9418 libcli/smb: make use of data_blob_string_const_null()
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Apr 16 12:21:17 CEST 2012 on sn-devel-104
2012-04-16 12:21:17 +02:00
Simo Sorce
c13c065a9b krb5_wrap: krb5_string_to_key / krb5_encrypt_block are deprecated.
Remove checks and replace with krb5_c_string_to_key().

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12 12:06:43 +02:00
Simo Sorce
70c303a7f3 auth-krb: Move pac related util functions in a single place.
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12 12:06:43 +02:00
Simo Sorce
3fd6deda7d auth-krb: Make functions static.
The remaining gssapi_parse functions were used exclusively in
gensec_krb5.  Move them there and make them static.

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12 12:06:43 +02:00
Simo Sorce
88d5d5c4b4 auth-krb: Nove oid packet check to gensec_util.
This is clearly a utiliy function generic to gensec.  Also the 3 callers
had identical implementations. Provide a generic implementation for all
of them and avoid duplicating the code everywhere.

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12 12:06:42 +02:00
Simo Sorce
6ab0dfe0d9 krb5_wrap: remove duplicate declaration and dead ifdef
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12 12:06:41 +02:00
Kai Blin
7566e6a534 s4 dns: Add a simple async client library 2012-03-27 16:03:07 +02:00
Jelmer Vernooij
a8c066b023 smb2: Move smb2cli session setup code to cli_smb_common. 2012-03-25 17:14:56 +02:00
Jelmer Vernooij
5283aa5356 libcli/smb: Stop generating unused proto file. 2012-03-25 17:14:14 +02:00
Jeremy Allison
2d35fd7259 Fix bug #8811 - sd_has_inheritable_components segfaults on an SD that se_access_check accepts.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 14 05:08:03 CET 2012 on sn-devel-104
2012-03-14 05:08:03 +01:00
Richard Sharpe
44590c1b70 Fix bug #8795 - Samba does not handle the Owner Rights permissions at all
Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 14 02:26:34 CET 2012 on sn-devel-104
2012-03-14 02:26:34 +01:00
Jelmer Vernooij
ce4531ee31 tdb_wrap: Move to specific directory.
It's a bit confusing to mix low-level and high-level libraries.  We had
multiple libraries in one directory, and there were have circular
dependencies with other libraries outside that directory (in this case,
samba-hostconfig).

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 10 23:13:01 CET 2012 on sn-devel-104
2012-03-10 23:13:01 +01:00
Richard Sharpe
1e8141f40a Fix bug #8797 - Samba does not correctly handle DENY ACEs when privileges apply.
Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Mar 10 01:33:45 CET 2012 on sn-devel-104
2012-03-10 01:33:44 +01:00
Michael Adam
4a8dfa48dd libcli:smb: define SMB2_HDR_FLAG_REPLAY_OPERATION
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Sun Mar  4 15:10:38 CET 2012 on sn-devel-104
2012-03-04 15:10:38 +01:00
Michael Adam
ac43937ce4 smbXcli: add the possiblilty to negotiate client capabilites in smb >= 2.2
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2012-03-03 17:03:07 +01:00
Michael Adam
76e6733344 libcli:smb: define SMB2_DHANDLE_FLAG_PERSISTENT 2012-03-03 17:03:06 +01:00
Michael Adam
db632fdd2c libcli:smb: add new SMB2 share flags
* FORCE_LEVELII_OPLOCKS
* ENABLE_HASH_V1
* ENABLE_HASH_V2
* ENCRYPT_DATA
2012-03-03 17:03:06 +01:00
Michael Adam
6f860837e5 libcli:smb: upgrade SMB2_CAP_ALL to include the newly known caps 2012-03-03 17:03:06 +01:00
Michael Adam
8c5d288ecf libcli:smb: add defines for SMB2.2 share capabilities
* continuous avaliability
* cluster
* scaleout
2012-03-03 17:03:06 +01:00
Michael Adam
29eed6359a libcli:smb: add defines for SMB2.2 global capabilities
* multi channel
* persistent handles
* directory leasing
* encryption
2012-03-03 17:03:06 +01:00
Michael Adam
0bdd18efc9 libcli:smb: define DH2Q and DH2C tags for smb2 extra create blobs
These are the tags for the SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2
and SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2, the second version
of the SMB2_CREATE_DURABLE_HANDLE_REQUEST (DHnQ) and
SMB2_CREATE_DURABLE_HANDLE_RECONNECT (DHnC), which are only
available for SMB 2.2 (and newer).
2012-03-03 17:03:06 +01:00
Christian Ambach
dc24e229a5 smb2_constants: fix a typo
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Sat Mar  3 09:04:40 CET 2012 on sn-devel-104
2012-03-03 09:04:40 +01:00
Christian Ambach
583a53835b smb2_constants: add SMB2_WATCH_TREE 2012-03-02 21:47:09 -08:00
Michael Adam
f981257240 libcli/smb/smb2_signing: rename smb2_key_deviration -> smb2_key_derivation
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Feb 29 09:01:54 CET 2012 on sn-devel-104
2012-02-29 09:01:54 +01:00
Stefan Metzmacher
c9219fe585 libcli/smb/smbXcli: use smb2_key_deviration() to setup SMB 2.24 keys
This uses the key diveration function from "NIST Special Publication 800-108"
in counter mode (section 5.1).

Thanks to Jeremy, Michael and Volker for the debugging!

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Feb 29 04:54:48 CET 2012 on sn-devel-104
2012-02-29 04:54:46 +01:00
Stefan Metzmacher
39ae4737e0 libcli/smb/smb2_signing: implement aes_cmac_128 based signing for SMB 2.24
metze
2012-02-29 03:16:23 +01:00
Stefan Metzmacher
7f5e56971f libcli/smb/smb2_signing: add smb2_key_deviration()
This implements a simplified version of "NIST Special Publication 800-108" section 5.1
using hmac-sha256.

Thanks to Jeremy, Michael and Volker for the debugging!

metze
2012-02-29 03:16:23 +01:00
Stefan Metzmacher
615c41ce12 libcli/smb/smb2_signing: pass down 'protocol' to smb2_signing_[sign|check]_pdu()
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Feb 27 14:26:32 CET 2012 on sn-devel-104
2012-02-27 14:26:32 +01:00
Stefan Metzmacher
7309e11ad5 libcli/smb/smb2_signing: rename session_key to signing_key
metze
2012-02-27 12:51:34 +01:00
Stefan Metzmacher
910251e8ed libcli/smb/smbXcli: remove unused if statement from smb2cli_conn_dispatch_incoming()
metze
2012-02-27 12:51:34 +01:00
Stefan Metzmacher
a1ef9c761a libcli/smb/smbXcli: add smb2cli_session_application_key()
metze
2012-02-27 12:51:34 +01:00
Stefan Metzmacher
aa4331be9e libcli/smb/smbXcli: maintain smb2 channel_signing_key separate from the signing_key
The signing_key is fix across all channels and is used for session setups
on a channel binding.

Note:
 - the last session setup response is signed with the new channel signing key.
 - the reauth session setups are signed with the channel signing key.

It's also not needed to remember the main session key.

metze
2012-02-27 12:51:33 +01:00
Stefan Metzmacher
b93f6ac79c libcli/smb/smbXcli: remove unused checks from smb2cli_session_create_channel()
metze
2012-02-27 12:51:33 +01:00
Volker Lendecke
bd6ff4dbab libcli: Remove a pointless check
"n" is size_t, so it is always >=0.
2012-02-25 22:14:38 +01:00
Richard Sharpe
1082532500 Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER but has no permission for that, but token has SeTakeOwnershipPrivilege
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
2012-02-22 19:19:32 +01:00
Andrew Bartlett
52ac479764 auth: Move the rest of the source4 gensec_ntlmssp code to the top level
The ntlmssp_server code will be in common shortly, and aside from a
symbol name or two, moving the client code causes no harm and makes
less mess.  We will also get the client code in common very soon.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-17 10:48:09 +01:00
Andrew Bartlett
674278d5b0 auth/kerberos: Move gse_get_session_key() to common code and use in gensec_gssapi
Thie ensures that both code bases use the same logic to determine the use
of NEW_SPNEGO.

Andrew Bartlett
2012-02-17 17:36:38 +11:00
Andrew Bartlett
5ad7665b63 libcli/smb: Convert struct smb_trans_enc_state to talloc
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31 20:17:10 +01:00
Andrew Bartlett
fce53e0e79 s3-libsmb: Remove unused enum smb_trans_enc_type
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31 20:17:10 +01:00
Stefan Metzmacher
f6fb55aeae libcli/util: fix typo in nt_errs[] for NT_STATUS_NETWORK_SESSION_EXPIRED
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Jan 29 14:11:12 CET 2012 on sn-devel-104
2012-01-29 14:11:12 +01:00
Stefan Metzmacher
c543ce1028 libcli/smb: fix smbXcli_negprot(..., PROTOCOL_NT1, PROTOCOL_SMB2_02)
The SMB1 negprot request already consumed the SMB2 sequence '0'.
This also happens for the SMB 2.02 case.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jan 27 15:27:41 CET 2012 on sn-devel-104
2012-01-27 15:27:40 +01:00
David Disseldorp
af6bf7714d lib: use differing NTSTATUS and WERROR struct members
This allows the compiler to catch uses of incorrectly typed arguments
for [NT_STATUS|W_ERROR]_IS_OK() and [NT_STATUS|W_ERROR]_EQUAL(). I.e.

WERROR werr;

werr = my_fn();        /* XXX returns WERROR type */

if (NT_STATUS_EQUAL(werr, NT_STATUS_OBJECT_NAME_COLLISION)) {
2012-01-23 12:18:20 -08:00
Andrew Bartlett
e175d25c68 s3-libsmb: Always allow SMB_TRANS_ENC_GSS to be defined
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Jan 21 01:28:54 CET 2012 on sn-devel-104
2012-01-21 01:28:53 +01:00
Andrew Bartlett
58916c047d s3-libsmb: Remove unused smb_tran_enc_state_gss and gssapi headers
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20 23:55:55 +01:00
Andrew Bartlett
41ed715d42 s3-libsmb: use struct gensec_security directly
This is rather than via a now one-element union.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20 23:55:55 +01:00
Andrew Bartlett
06f7105490 s3-libcli Change krb5 smb sealing to call via gensec and gensec_gse
This also fixes the support for smb sealing with krb5 in make test, as
this now relies on secrets.tdb rather than /etc/krb5.keytab.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20 23:55:54 +01:00
Andrew Bartlett
b69c40ffce auth/kerberos: Remove unused TALLOC_CTX argument to check_pac_checksum 2012-01-12 18:02:54 +11:00
Jeremy Allison
f15cf9176d Second part of fix for bug #8673 - NT ACL issue.
Ensure we process the entire ACE list instead of returning ACCESS_DENIED
and terminating the walk - ensure we only return the exact bits that cause
the access to be denied. Some of the S3 fileserver needs to know if we
are only denied DELETE access before overriding it by looking at the
containing directory ACL.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jan 11 19:24:53 CET 2012 on sn-devel-104
2012-01-11 19:24:53 +01:00
Andrew Bartlett
19deda26d0 krb5: Require krb5_string_to_key be available to build with krb5 2012-01-10 21:50:07 +01:00
Andrew Bartlett
0c6af1e2da krb5: Require krb5_principal_compare_any_realm be available to build with krb5 2012-01-10 21:50:07 +01:00
Andrew Bartlett
6b2e742d6c krb5: Require krb5_c_verify_checksum is available to build with krb5 2012-01-10 21:50:07 +01:00
Volker Lendecke
f1432d14a4 libcli/smb: Add smbXcli_conn_samba_suicide
This is a pure test tool against Samba servers
2012-01-05 13:09:36 +01:00
Volker Lendecke
48804e40d4 Fix the build without kerberos
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Jan  1 23:56:24 CET 2012 on sn-devel-104
2012-01-01 23:56:24 +01:00
Andrew Bartlett
9a085b0b80 auth/kerberos: Move gssapi_parse.c to the top level
This will help with writing a gensec module for the s3 gse layer.

Andrew Bartlett
2011-12-28 22:39:19 +11:00
Volker Lendecke
d4e834ec6c lib: Fix NT_STATUS_ALL_SIDS_FILTERED definition
This seems to be more in line with all the other NT_STATUS definitions.

Metze, please check.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Dec 23 23:19:17 CET 2011 on sn-devel-104
2011-12-23 23:19:17 +01:00
Stefan Metzmacher
2bd2f3880e libcli/smb: add PROTOCOL_SMB2_24 support
metze
2011-12-22 15:58:45 +01:00
Stefan Metzmacher
5bc242f4a2 libcli/smb: add SMB2_DIALECT_REVISION_224
This is specified in the new [MS-SMB2] preview document.

metze
2011-12-22 15:58:45 +01:00
Stefan Metzmacher
23a034335c libcli/util: add NT_STATUS_NETWORK_SESSION_EXPIRED and NT_STATUS_ALL_SIDS_FILTERED
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Dec 17 14:24:40 CET 2011 on sn-devel-104
2011-12-17 14:24:40 +01:00
Volker Lendecke
a77b0dd7b8 libcli: Remove an unused variable
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Dec 12 23:21:49 CET 2011 on sn-devel-104
2011-12-12 23:21:49 +01:00
Andrew Bartlett
c9d929af8b s4-lsarpc handle more info levels in SetInfoTrustedDomain calls
This uses the very helpful conversion functions written for the s3 lsa server
and places these in common.

Andrew Bartlett
2011-12-12 12:57:07 +01:00
Stefan Metzmacher
13dbef241b smbXcli: add support for SMBreadBraw
metze
2011-11-29 16:00:08 +01:00
Stefan Metzmacher
e450c45e67 smbXcli: add smb1cli_conn_server_{readbraw,writebraw,lockread,writeunlock}()
metze
2011-11-29 16:00:08 +01:00
Stefan Metzmacher
51a7201a12 smb1cli_trans: add support for tevent_req_cancel()
metze
2011-11-29 16:00:08 +01:00
Stefan Metzmacher
524d06615f smb1cli_trans: return the status from the server if possible
metze
2011-11-29 16:00:08 +01:00
Stefan Metzmacher
f0d8038ed8 smbXcli: rebuild smb1.recv_iov array if we expect more than one response
metze
2011-11-29 16:00:07 +01:00
Stefan Metzmacher
8c7e7ee91b smbXcli: allow up to 10 iovec elements for the bytes in smb1cli_req_create()
The smb1cli_trans_* code uses up to 6 elements, which was too much for
the current limit of 5.

metze
2011-11-29 16:00:07 +01:00
Stefan Metzmacher
3453665bcb smbXcli: s/smb2cli_writev_done/smb2cli_req_writev_done
This is a better name and it matches smb1cli_req_writev_done

metze
2011-11-29 16:00:07 +01:00
Stefan Metzmacher
c9ca3bb492 smbXcli: call tevent_queue_stop() for the outgoing queue on disconnect
metze
2011-11-29 16:00:07 +01:00
Stefan Metzmacher
91cb09fa0c smbXcli: use talloc_stackframe() instead of talloc_tos() in smb1cli_conn_signv()
metze
2011-11-29 16:00:07 +01:00
Stefan Metzmacher
9f6454af39 libcli/smb: remove unused smb_signing_set_bsrspyl() prototype
metze
2011-11-29 16:00:07 +01:00
Volker Lendecke
7491bd78d6 Fix Coverity ID 2638: OVERRUN_STATIC 2011-11-28 14:52:32 +01:00
Volker Lendecke
f094cc3ade Fix Coverity ID 2639: UNUSED_VALUE 2011-11-28 14:52:31 +01:00
Volker Lendecke
d287fe5399 s3:libsmb: Fix a typo 2011-11-24 19:02:33 +01:00
Stefan Metzmacher
a210d9fa05 s3:smbXcli: keep two fd per connection in order to work with the epoll tevent backend
metze
2011-11-24 19:02:33 +01:00
Stefan Metzmacher
da2027faf7 smbXcli: rework smb1cli_trans.c to use smbXcli_conn/smbXcli_req
metze
2011-11-24 19:02:32 +01:00
Stefan Metzmacher
c1db4a0d9f smbXcli: cp source3/libsmb/clitrans.c libcli/smb/smb1cli_trans.c
metze
2011-11-24 19:02:32 +01:00
Stefan Metzmacher
bda3d491b4 smbXcli: add smb2cli_req_set_notify_async()
That can be used if the caller wants to be notified if
the async interim response arrives.

metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
0995d68d59 smbXcli: add support for tevent_req_cancel() on smbXcli_req
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
91ffe696aa smbXcli: fix smb signing for SMBntcancel
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
c2a39f4ecd smbXcli: add smb2cli_session_create_channel()
This makes it possible to implement SMB 2.22 Multi-Channel
for testing.

metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
99b3d57fc3 s3:smb2cli: make use of smbXcli_session and setup the session key for SMB2 signing
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
396d7a7dd3 smbXcli: add support for smb2 signing
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
3fd54b57c1 smbXcli: add smbXcli_session infrastructure
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
4435dad827 smbXcli: add support for PROTOCOL_SMB2_22 in smbXcli_negprot()
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
9d06e0fcc7 smbXcli: add support for SMB2 multi-credit requests
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
d533543166 smbXcli: add support for 2.??? negprot and PROTOCOL_SMB2_10
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
1cfeb3f8a0 smbXcli: pass client_guid to smbXcli_conn_create()
metze
2011-11-24 19:02:31 +01:00
Stefan Metzmacher
ceb063ca7d smbXcli: add smbXcli_negprot_*
This supports negotiation of any SMB1 or SMB2 dialect.

metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
b958498c2a smbXcli: add helper functions to access the negotiated features
metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
1a0ce02a23 smbXcli: also notify chained requests about broken connections
metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
4d8e151779 smbXcli: simplify smb1cli_req_chain_submit()
We should hang everything on the first request in the chain,
as that's the one that gets added to the pending array.

metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
e2912fa853 smbXcli: remove unused smb1cli_have_andx_command()
metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
fee3a0a657 smbXcli: reorder smb1cli_conn_dispatch_incoming() to avoid too much nesting
metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
0f194e35a6 smbXcli: rework smb1cli_req_recv() to expose an iov with 3 elements
Each smb1cli_req has 3 iov elements
[SMB HDR, SMB Parameter Block, SMB Data Block].

The 'inbuf' is still exposed if the caller requires it
(until we fix all legacy callers).

The can now pass an array of expected [status,wct] combinations,
instead of just one expected min_wct.

metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
ce224f4d25 smbXcli: use smb1cli_inbuf_parse_chain() and remember more details per chain response
metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
7c5651c3f6 smbXcli: add smb1cli_inbuf_parse_chain()
metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
94cb738dd4 smbXcli: pass hdr to smb1cli_pull_raw_error()
metze
2011-11-24 19:02:30 +01:00
Stefan Metzmacher
4529395d3c smbXcli: add state->smb1.recv_{cmd,status,iov}
In the following commits we will need to remember a few more things.

metze
2011-11-24 19:02:30 +01:00