Michael Adam
f37030b33a
libcli/security: fix sddl.c to be able to build it from source3
2010-03-03 09:16:34 +01:00
Michael Adam
15b60a7e3f
s4:move the sddl code down to the top level
...
Michael
2010-03-03 09:16:34 +01:00
Stefan Metzmacher
d671b80cf5
libcli/auth: print the error in the debug message
...
metze
2010-02-26 10:43:46 +01:00
Simo Sorce
805f7507e2
s4:cleanup remove unused schannel ldb code
2010-02-23 12:46:51 -05:00
Simo Sorce
1203de99b1
s4:schannel merge code with s3
...
After looking at the s4 side of the (s)channel :) I found out that it makes
more sense to simply make it use the tdb based code than redo the same changes
done to s3 to simplify the interface.
Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet
that does not solve the lookup speed, with ldb it is always going to be slower.
Looking through the history it is evident that the schannel database doesn't
really need greate expanadability. And lookups are always done with a single
Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated.
The schannel database is not really a persistent one. It can be discared during
an upgrade without causing any real issue. all it contains is temproary session
data.
2010-02-23 12:46:50 -05:00
Simo Sorce
1d0938c629
schannel_tdb: make code compilable in both trees
2010-02-23 12:46:50 -05:00
Simo Sorce
3b12c38ac0
s3:schannel streamline interface
...
Make calling schannel much easier by removing the need to explicitly open the
database. Let the abstraction do it instead.
2010-02-23 12:46:50 -05:00
Simo Sorce
e5ab64a799
s3:schannel fix memory hierarchy
...
passing mem_ctx was causing creds->sid to be allocated on mem_ctx and not be
child of creds as expected. When later in schannel_check_creds_state() we
stole the creds on a different memory context the sid was left behind and the
memory it points to freed when the temporary context was freed.
2010-02-23 12:46:50 -05:00
Simo Sorce
bb9014d5cb
schannel: merge header files
...
One almost empty header file was simply including another not included by
anything else. Just merge them together.
2010-02-23 12:46:50 -05:00
Simo Sorce
8e2f5fe7c5
s4:schannel more readable check logic
...
Make the initial schannel check logic more understandable.
Make it easy to define different policies depending on the caller's
security requirements (Integrity/Privacy/Both/None)
This is the same change applied to s3
2010-02-23 12:46:50 -05:00
Simo Sorce
b4c9dc3724
s3:schannel more readable check logic
...
Make the initial schannel check logic more understandable.
Make it easy to define different policies depending on ther caller's security
requirements (Integrity/Privacy/Both/None)
2010-02-23 12:46:50 -05:00
Andreas Schneider
975a7a3d1b
tstream: Added a typedef for the function prototype.
2010-02-23 13:48:22 +01:00
Andrew Tridgell
76a7382346
lib: use TYPESAFE_QSORT() in lib/ and libcli/
2010-02-14 18:44:20 +11:00
Andrew Tridgell
6b01ca95a8
nbt: don't reference the event_ctx in nbtsock
...
This causes talloc_free with references errors
2010-02-08 11:04:59 +11:00
Matt Kraai
aa6a507e76
Change uint_t to unsigned int in libcli
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-02-02 07:18:17 +01:00
Stefan Metzmacher
e37dc56e97
libcli/nbt: fix ndr_push_nbt_string() string labels with a length of 63 (0x3F) are allowed
...
metze
2010-02-01 15:23:32 +01:00
Matthias Dieter Wallnöfer
dfd93fc7e3
s4:libcli/util/tstream.c - Need to include "system/network.h"
...
Otherwise I don't get "struct iovec" through "<sys/uio.h>" on CentOS 4.
2010-01-29 20:01:34 +01:00
Stefan Metzmacher
6442b0fcc1
libcli/nbt: fix off-by-one bug in ndr_pull_wrepl_nbt_name()
...
The scope starts at byte 17 with index 16.
metze
2010-01-29 15:55:11 +01:00
Stefan Metzmacher
c50a17cc8d
libcli/nbt: fix ndr_pull/push_wrepl_nbt_name()
...
[MS-WINSRA] — v20091104 was wrong
regarding section "2.2.10.1 Name Record"
If the name buffer is already 4 byte aligned
Windows (at least 2003 SP1 and 2008) add 4 extra
bytes. This can happen when the name has a scope.
metze
2010-01-29 15:55:10 +01:00
Volker Lendecke
005bbd0826
Revert "libcli/security: Remove a call to strncasecmp"
...
This reverts commit 7c687665ea
.
2010-01-25 16:45:32 +01:00
Volker Lendecke
d86d5be636
Revert "libcli/security: Convert some strtol calls to strtoul"
...
This reverts commit 7fe66e06c4
.
2010-01-25 16:45:32 +01:00
Volker Lendecke
fa47dbb57a
Revert "libcli/security: Fix a valgrind error in dom_sid_parse"
...
This reverts commit f1c889a4e6
.
2010-01-25 16:45:31 +01:00
Volker Lendecke
a53a8ec452
Revert "libcli/security: Prohibit SID formats like S-1-5-32-+545"
...
This reverts commit 1fbeae4165
.
Apparently this breaks the build of Samba4
2010-01-25 12:40:51 +01:00
Volker Lendecke
1fbeae4165
libcli/security: Prohibit SID formats like S-1-5-32-+545
2010-01-23 16:28:11 +01:00
Volker Lendecke
f1c889a4e6
libcli/security: Fix a valgrind error in dom_sid_parse
2010-01-23 16:28:11 +01:00
Volker Lendecke
7fe66e06c4
libcli/security: Convert some strtol calls to strtoul
...
This tightens the dom_sid_parse syntax check a bit: "--" would have been
allowed in sid string
2010-01-23 16:28:11 +01:00
Volker Lendecke
7c687665ea
libcli/security: Remove a call to strncasecmp
2010-01-23 16:28:11 +01:00
Stefan Metzmacher
bbaec01b37
libcli/util: add tstream_read_pdu_blob_send/recv
...
This will take the some full_request callback function
as the Samba4 packet code.
metze
2010-01-08 14:36:43 +01:00
Volker Lendecke
be05d71b9e
Simplify E_md5hash a bit
2010-01-07 11:07:55 +01:00
Andrew Bartlett
ba2cfceb96
libcli/auth Make gd's NDR NTLMSSP parsers helpers common
...
(but not built in Samba4 for now)
2009-12-22 21:07:51 +01:00
Andrew Tridgell
f9302f9e08
ldap: give a debug error when we don't know a control
...
This interface should really have a proper error interface, but at
least a DEBUG() gives the user a chance of finding the error
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-16 20:56:23 +11:00
Andrew Tridgell
1b20002cc2
libcli: use GUID_to_ndr_blob()
2009-12-10 17:51:28 +11:00
Andrew Tridgell
6eb262f0e8
libcli: allow ntstatus.h to be used by openchange
...
apparently ntstatus.h is used by openchange, but they don't include
replace.h. This makes that possible again.
2009-11-25 15:30:20 +11:00
Andrew Bartlett
b5ce97511a
libcli/nbt Move more of lmhosts lookup into common code
...
This aims to eventually share this with Samba4.
Andrew Bartlett
2009-11-04 14:58:25 +11:00
Stefan Metzmacher
dc8e681755
libcli/auth: initialize creds in netlogon_creds_client_init_session_key()
...
metze
2009-10-24 11:59:15 +02:00
Stefan Metzmacher
f2da9c8c1a
libcli/auth: fix memory leak in schannel_creds_server_step_check_ldb()
...
metze
2009-10-24 11:59:14 +02:00
Stefan Metzmacher
5ae1d700eb
libcli/auth: don't leak the ldb_msg in schannel_store_session_key_ldb()
...
metze
2009-10-24 11:59:13 +02:00
Andrew Tridgell
3050f83288
s4-python: we need to include Python.h first
...
If we don't include Python.h first then we get a pile of warnings due
to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23 16:23:01 +11:00
Andrew Tridgell
b6a1beb131
added NT_STATUS_NOT_OK_RETURN_AND_FREE()
...
Try to make it a bit easier to avoid leaks in common code
2009-10-17 13:01:02 +11:00
Matthias Dieter Wallnöfer
19302db6cb
s3/s4 common: fix up header file
2009-10-04 20:18:28 +02:00
Kamen Mazdrashki
1f2490e7d8
w32err: Importing auto-generated Win32 errors and descriptions
...
Error codes and their descriptions are generated
using w32err_code.py script.
Error are downloaded from MS site:
http://msdn.microsoft.com/en-us/library/cc231199%28PROT.10%29.aspx
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:41 +03:00
Kamen Mazdrashki
0e1840b84a
w32err: WERR_GROUP_NOT_FOUND renamed to WERR_GROUPNOTFOUND
...
In Win 32 we have
NERR_GroupNotFound which maps to WERR_GROUP_NOT_FOUND currently
and we have
ERROR_GROUP_NOT_FOUND which maps to nothing, so it is to be added
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:41 +03:00
Kamen Mazdrashki
948cd70bad
w32err: WERR_USER_EXISTS replace with WERR_USEREXISTS name
...
In Win32 we have
NERR_UserExists which maps to WERR_USER_EXISTS currently
and there is
ERROR_USER_EXISTS which maps to WERR_USER_ALREADY_EXISTS
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Kamen Mazdrashki
d9994a604b
w32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUND
...
It turns out in win32 ERROR_DC_NOT_FOUND exists and it is
an error for Device Context (DC), not Domain Controller
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Kamen Mazdrashki
0e64fcb18f
w32err: FRS_ group of errors replaced with numeric values
...
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Kamen Mazdrashki
e669113900
w32err: WERR_DOMAIN_CONTROLLER_NOT_FOUND error value fixed
...
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Nadezhda Ivanova
6283f2caaa
Initial implementation of security descriptor creation in DS
...
TODO's:
ACE sorting and clarifying the inheritance of object specific ace's.
2009-09-20 15:16:17 -07:00
Andrew Bartlett
59bea84362
libcli:nbt move prototypes of lmhosts functions to libnbt.h
2009-09-19 14:34:16 -07:00
Stefan Metzmacher
825484ee6d
libcli/named_pipe_auth: pass gssapi delegated credentials through the named pipe
...
metze
2009-09-18 20:34:42 +02:00
Andrew Tridgell
ec422edab5
util: use likely/unlikely for NT_STATUS_* macros
2009-09-17 21:52:24 -07:00
Kouhei Sutou
f8dae40fc8
spnego: Support ASN.1 BIT STRING and use it in SPNEGO.
...
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 20:10:54 +02:00
Kamen Mazdrashki
8bebce45d3
w32err: Set hex format values for all errors
...
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:46 +02:00
Kamen Mazdrashki
3f835eb947
w32err: Re-define errors with numeric values
...
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:41 +02:00
Kamen Mazdrashki
91d3d3c6a2
w32err: Sorting error codes in ascending order
...
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:36 +02:00
Kamen Mazdrashki
fc1ac736d6
w32err: NERR_ codes grouped together
...
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:31 +02:00
Kamen Mazdrashki
1cfac63fa4
w32err: WERR_CLASS_NOT_REGISTERED updated
...
Error code move to COM/OLE group.
Error value changed to as REGDB_E_CLASSNOTREG in Windows
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:29 +02:00
Günther Deschner
43e198c188
spnego: add spnego_proto.h.
...
Guenther
2009-09-17 01:39:12 +02:00
Günther Deschner
503d035814
spnego: share spnego_parse.
...
Guenther
2009-09-17 01:12:20 +02:00
Günther Deschner
83023462f9
libcli/auth: remove trailing whitespace.
...
Guenther
2009-09-16 18:00:16 +02:00
Nadezhda Ivanova
d70e171719
Owner and group defaulting.
...
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-16 07:52:05 -07:00
Stefan Metzmacher
033ced60ac
libcli/auth: rewrite schannel sign/seal code to be more generic
...
This prepares support for HMAC-SHA256/AES.
metze
2009-09-16 12:29:06 +02:00
Günther Deschner
5b86a0ac01
schannel: remove last traces of gensec.
...
Guenther
2009-09-16 03:23:05 +02:00
Günther Deschner
799f8d7e13
schannel: fully share schannel sign/seal between s3 and 4.
...
Guenther
2009-09-16 01:55:06 +02:00
Günther Deschner
f3979b50a9
schannel: move schannel_sign to main directory.
...
Guenther
2009-09-16 01:54:59 +02:00
Andrew Bartlett
5a01071692
libcli:nbt put util_net.c protos in new header file
...
This fixed a very odd build problem due to util.h importing
system/network.h being imported before the uid_wapper code.
Andrew Bartlett
2009-09-15 10:38:53 -07:00
Andrew Bartlett
668470c992
libcli:nbt make the lmhosts parsing code and dependicies common
...
This starts the process to have Samba4 use lmhosts.
Andrew Bartlett
2009-09-15 07:42:54 -07:00
Günther Deschner
cac5e64c00
s3-errors: add NT_STATUS_RPC_NT_PROCNUM_OUT_OF_RANGE.
...
Guenther
2009-09-11 02:58:34 +02:00
Andrew Tridgell
2ff4764f8f
libcli: added a drsuapi attribute encryption function
2009-09-10 17:42:13 +10:00
Andrew Bartlett
5283ad11bd
libcli:drsuapi Add function to encrypt data for transport over DRSUAPI
...
This is for the server side of the GetNCChanges call.
Andrew Bartlett
2009-09-10 15:50:32 +10:00
Günther Deschner
5f2ec4b202
s3-nterr: add NT_STATUS_RPC_NT_CALL_FAILED.
...
Guenther
2009-09-08 23:21:14 +02:00
Günther Deschner
2287849074
s4: fix the build after ntlmssp header change.
...
Guenther
2009-08-28 11:37:44 +02:00
Günther Deschner
b7a5e7a5d6
libcli/auth: remove unused NTLMSSP_NAME_TYPE_ flags.
...
Guenther
2009-08-28 10:09:19 +02:00
Stefan Metzmacher
8d58472706
libcli/auth: add netlogon_creds_step_crypt() and netlogon_creds_first_step()
...
This abstracts the usage of crypto functions instead of directly calling
des_crypt112().
metze
Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-27 15:55:20 +02:00
Stefan Metzmacher
a69d8ab35c
libcli/auth: remove some useless lines
...
metze
Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-27 15:55:20 +02:00
Stefan Metzmacher
e115cb5cb1
libcli/auth: remember schannel type in netlogon_creds_server_init()
...
metze
Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-27 15:55:20 +02:00
Günther Deschner
04310cc1c5
libcli/auth: add tdb backend for schannel state.
...
Guenther
2009-08-27 15:55:19 +02:00
Günther Deschner
699266920b
libcli/auth: move netlogon_creds_CredentialState out of libcli.
...
Guenther
2009-08-27 15:55:18 +02:00
Günther Deschner
17d3800e92
s4-schannel: add ldb suffix to schannel functions.
...
Guenther
2009-08-27 15:55:18 +02:00
Günther Deschner
a18d6839ac
libcli/auth: rename schannel_state.c to schannel_state_ldb.c.
...
Guenther
2009-08-27 15:55:18 +02:00
Stefan Metzmacher
e2845b8089
libcli/smb: add smb2_create_blob_find()
...
metze
2009-08-15 10:46:35 +02:00
Stefan Metzmacher
1d75a6e224
libcli/smb: move smb2_create_blob code to libcli/smb/
...
I want to use this in source3/smbd/
metze
2009-08-12 19:22:06 +02:00
Stefan Metzmacher
1df883aa39
libcli: move some common SMB and SMB2 stuff into libcli/smb/
...
This will hold code that's shared between source3 and source4.
metze
2009-08-12 18:28:32 +02:00
Matthias Dieter Wallnöfer
a08bffa358
Adds new error codes (needed for enhancing error messages for SAMBA 4 AD LDAP server)
2009-07-31 17:40:46 +02:00
Volker Lendecke
72da71acf9
Create a correct talloc hierarchy in make_sec_acl()
2009-07-14 20:49:06 +02:00
Günther Deschner
a45ec4db73
doserrors: print out some more werrors.
...
Guenther
2009-07-02 22:00:41 +02:00
Matthias Dieter Wallnöfer
a8e757ba4c
A fix in the ACL code used by both SAMBA 3 and 4
...
This fixes an uninitialised structure. It has been found through valgrind
in the RAW-ACLs test suite (Bug #6397 ).
2009-06-19 11:32:01 +10:00
Andrew Kroeger
71515ba190
s4: Call va_end() after all va_start()/va_copy() calls.
...
This corrects the issues reaised in bug #6129 , and some others that were not
originally identified. It also accounts for some code that was in the original
bug report but appears to have since been made common between S3 and S4.
Thanks to Erik Hovland <erik@hovland.org> for the original bug report.
2009-06-18 13:49:25 +10:00
Andrew Bartlett
f666da6940
Add const to cast, to fix warning
2009-06-18 13:49:25 +10:00
Andrew Tridgell
ddce3b5ac8
two more NT status codes that we get on DRS with w2k8-R2
2009-06-12 12:23:46 +10:00
Jeremy Allison
4b0658d448
Replace the "ipv4" specific strings in libcli/cldap/cldap.c with "ip". CLDAP can
...
run over IPv4/IPv6, even though some of the netlogon messages are IPv4 specific.
Fix the new ads_cldap_netlogon() to be IPv6/IPv4 agnostic. This compiles but
I don't have a good test env. for this (although as the previous code was
*completely* broken over IPv6 this will expose previously hidden bugs if it's broken :-).
Jeremy.
2009-06-08 15:21:48 -07:00
Andrew Tridgell
da3ee27900
add NT_STATUS_HAVE_NO_MEMORY_AND_FREE()
...
In many places we use NT_STATUS_HAVE_NO_MEMORY() to auto-return when a
memory allocation fails. In quite a few places where we use this, we
end up leaving a tmp_ctx behind, which creates a memory leak.
This macro takes a memory context to free when returning the error
2009-06-04 14:10:10 +10:00
Jelmer Vernooij
88876ac571
errormap: Remove wbc -> NTSTATUS error map for now. It is not used.
...
This was breaking the Samba 4 installation since it added dependencies
on header files we weren't installing.
Confirmed with Kai.
2009-05-15 16:05:37 +02:00
Günther Deschner
aa84ca6e6b
error-codes: add some more WERRORs to table.
...
These tables really should be auto-generated at some point...
Guenther
2009-05-12 23:52:43 +02:00
Volker Lendecke
831b73ec82
Fix an unitialized variable warning
2009-05-10 07:43:24 +02:00
Günther Deschner
e7a8577df1
error-codes: add some more group specific windows error codes.
...
Guenther
2009-05-05 21:10:02 +02:00
Tim Prouty
72bd5ff983
libcli: Fix shadowed name in header also
2009-05-04 14:38:59 -07:00
Tim Prouty
032bb807c7
libcli: Fix shadowed variable warning
2009-05-04 08:52:26 -07:00
Stefan Metzmacher
92a1890b90
libcli/named_pipe_auth: add tstream_npa_connect_send/recv()
...
Add a tstream client implemenation for the named pipe auth
code. This supports byte and message mode.
metze
2009-05-01 17:42:08 +02:00
Volker Lendecke
2146310fb7
Fix a couple of warnings
2009-04-23 14:35:50 +02:00
Kai Blin
7a9be21916
errormap: Add wbcErr to NTSTATUS mappings
2009-04-22 00:14:45 +02:00
Jelmer Vernooij
7a0a134e0c
Fix includes for security_descriptor file for the non-merged build.
2009-04-21 17:19:22 +02:00
Jelmer Vernooij
0bd8b7c5ff
Fix make install; don't install drsuapi.h and fix the location of
...
credentials.h
2009-04-21 16:50:20 +02:00
Jelmer Vernooij
2eff2de2f8
Move the security_descriptor utility code to the top-level.
2009-04-21 15:14:35 +02:00
Jelmer Vernooij
3e75c9bd33
Use a static copy of the samsync header file as Samba3 doesn't generate
...
prototype headers.
2009-04-21 15:14:34 +02:00
Jeremy Allison
4e1b633dab
Stop autogenerated files from being created.
...
Jeremy.
2009-04-20 09:06:21 -07:00
Jeremy Allison
fe77eac5f3
Add previously generated header files now needed in merged build.
...
Jeremy.
2009-04-20 08:48:07 -07:00
Andrew Bartlett
8a5d94e329
libcli/auth Ensure we cancel the transaction when schannel not detected
...
(found by jra on code review)
Andrew Bartlett
2009-04-20 13:55:04 +02:00
Andrew Bartlett
02ecdd8f29
libcli/auth: Don't pass back lm_sess_key as the same pointer as user_sess_key
...
This ensures that a talloc_free() of both pointers won't double-free
(sharing pointers like this is evil anyway).
Andrew Bartlett
2009-04-20 10:54:57 +02:00
Andrew Bartlett
fa37dbf960
Fix building the now common msrpc_parse code
2009-04-16 10:17:57 +10:00
Andrew Bartlett
0879cbaf2b
Fix building the common libcli/samsync code
2009-04-16 10:17:34 +10:00
Andrew Bartlett
86b50a0e6e
Add missing header, remove generated header
...
(This isn't a rename, honest :-)
2009-04-15 14:23:33 +10:00
Andrew Bartlett
0b4e9ce45a
common:libcli/auth Add missing samsync config.mk
2009-04-15 14:00:24 +10:00
Andrew Bartlett
53afa1adac
libcli/auth Push schannel check into common libcli/auth
...
This means we have a single choke point to ensure the remote client is
using schannel.
Andrew Bartlett
2009-04-14 16:23:44 +10:00
Andrew Bartlett
5095d7b1c8
Rework Samba4 to use the new common libcli/auth code
...
In particular, this is the rename from creds_ to netlogon_creds_, as
well as other links to use the new common crypto.
Andrew Bartlett
2009-04-14 16:23:44 +10:00
Andrew Bartlett
eed0c4f6c9
Rework netlogon credentials for the top level
...
This makes constructor functions that return the allocated structure,
rather than having the caller pass them in, and makes the server init
function also check the first credential.
The rename of creds_ to netlogon_creds should make it more clear what
this code works with.
Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Bartlett
f23eea294a
Push schannel_state.c into the top level.
...
This is the server side state for netlogon credential chaining
Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Bartlett
df8e1908ef
Use common samsync delta decryption functions in libnet_samsync.c
...
Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Bartlett
7cff049e7e
libcli/auth Don't compile against un-needed Samba4 headers
2009-04-14 16:23:42 +10:00
Andrew Bartlett
6c8f7e4005
Port Samba4 to the new combined libcli/auth functions
...
For example, some of the new shared functionality was previously in the wkssvc
torture test.
Andrew Bartlett
2009-04-14 16:23:41 +10:00
Andrew Bartlett
a19966375a
Move ntlm_check.h into the common libcli/auth
2009-04-14 16:23:41 +10:00
Andrew Bartlett
f28f113d8e
Rework Samba3 to use new libcli/auth code (partial)
...
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
2009-04-14 16:23:35 +10:00
Andrew Bartlett
fd3be5c4e5
Merge smbencrypt.c between Samba3 and Samba4
2009-04-14 14:19:42 +10:00
Andrew Bartlett
8e73b652f9
Rework trivial msrpc parser to use convert_string_talloc()
...
Also avoid still string conversions when trying to match NTLMSSP in
the header of the NTLMSSP packet.
This also changes a few things to avoid const warnings.
Andrew Bartlett
2009-04-14 14:19:40 +10:00
Andrew Bartlett
9feea7fa4c
Move MSRPC-PARSE into the common libcli/auth
...
This is a depenceny of smbencrypt.c
2009-04-14 14:19:39 +10:00
Andrew Bartlett
872cb0257c
Move DRSUAPI per-attribute decryption into a common file
...
This file (contining metze's decryption routines) is now also be used by
Samba3's DRSUAPI implementation
Andrew Bartlett
2009-04-14 14:19:39 +10:00
Andrew Bartlett
927a8b3304
Move libcli/auth to the top level
2009-04-14 14:19:39 +10:00
Günther Deschner
43eb50655e
error-codes: add WERR_CM_INVALID_POINTER.
...
Guenther
2009-04-10 01:06:55 +02:00
Günther Deschner
cc98d3ae9f
error-codes: add some service related error codes.
...
Patch initially from: Danny Tylman <danny.tylman@insightix.com>
Guenther
2009-04-08 21:54:28 +02:00
Stefan Metzmacher
7e1411b5c7
libcli/cldap: convert to tsocket_* function to tdgram_*
...
metze
2009-04-02 21:54:02 +02:00
Zach Loafman
9d95f8704d
s/NT_STATUS_WIN7_INVALID_RANGE/NT_STATUS_INVALID_LOCK_RANGE/g
2009-04-01 20:59:52 -07:00
Stefan Metzmacher
794525f342
libcli/cldap: fix memory/resource leak
...
We need to remove the message id, when a search request is finished
metze
2009-04-01 16:41:14 +02:00
Jelmer Vernooij
30a3dec549
Merge branch 'master' of ssh://git.samba.org/data/git/samba into displaysec
2009-03-26 15:28:18 +01:00
Günther Deschner
5603c0f2ba
error-codes: add WERR_DS_DRA_SOURCE_DISABLED.
...
Guenther
2009-03-26 14:52:22 +01:00
Jelmer Vernooij
c42fc5e103
display_sec: Move to common libcli/security directory.
2009-03-25 21:29:13 +01:00
Stefan Metzmacher
84a140f187
move source4/libcli/cldap => libcli/cldap
...
metze
2009-03-19 16:25:59 +01:00
Günther Deschner
db728c1ade
error-codes: add WERR_DEVICE_NOT_CONNECTED.
...
Guenther
2009-03-02 14:24:57 +01:00
Stefan Metzmacher
84b57a5dba
libcli/security: fix the source4 build
...
metze
2009-03-02 12:05:43 +01:00
Stefan Metzmacher
ae1a69f3ea
libcli/security: fix the source3 build
...
metze
2009-03-02 08:56:22 +01:00
Jelmer Vernooij
8568b4fa9f
Add header files for secace and secacl.
2009-03-01 20:06:55 +01:00
Jelmer Vernooij
da6721e323
Move secacl to top-level.
2009-03-01 18:15:36 +01:00
Jelmer Vernooij
e9bba3e288
dom_sid.h: Include dependency security.h that provides the dom_sid struct.
2009-03-01 18:15:15 +01:00
Jelmer Vernooij
99b288156f
Move secace.c to top-level.
2009-03-01 18:00:26 +01:00
Michael Adam
51795b723e
libcli/util/werror.h: add macro W_ERROR_NOT_OK_GOTO(x, y)
...
a goto destination can be specified as a second parameter.
Michael
2009-02-26 13:22:54 +01:00
Michael Adam
6c197ffa30
s3: move definition of W_ERROR_NOT_OK_GOTO_DONE down to libcli/util/werror.h
...
Michael
2009-02-26 13:22:54 +01:00
Günther Deschner
28fb708ba0
error-codes: print out WERR_UNKNOWN_PRINT_MONITOR.
...
Guenther
2009-02-24 23:57:52 +01:00
Stefan Metzmacher
f6b0a99cef
libcli/ldap: move generic ldap control encoding code to ldap_message.c
...
As they can we static there, we pass the specific handlers as parameter
where we need to support controls.
metze
2009-02-24 17:55:41 +01:00
Stefan Metzmacher
18b30e5646
libcli/ldap: move ldap_ndr from source4/ to toplevel
...
metze
2009-02-24 17:55:40 +01:00
Stefan Metzmacher
7aaec963c1
libcli/ldap: fix compiler warnings
...
metze
2009-02-24 17:55:40 +01:00
Stefan Metzmacher
ef0fa403f1
libcli/ldap: move ldap_errors.h to the toplevel and install it
...
metze
2009-02-24 17:55:39 +01:00
Stefan Metzmacher
536318549f
libcli/ldap: move ldap_message.[ch] from source4/ to the toplevel
...
metze
2009-02-24 17:55:39 +01:00
Günther Deschner
1a9bb33a7d
error-codes: add WERR_INVALID_USER_BUFFER.
...
Guenther
2009-02-24 01:01:57 +01:00
Volker Lendecke
e304a623f1
Add missing include to shut up missing prototype warnings
2009-02-14 22:00:44 +01:00
Zack Kirsch
4e1a4cbe1f
s4 torture: Smbtorture additions for Windows BRL
...
- Adds a few new BRL tests to RAW-LOCK
- Adds a "win7" target to allow torture to handle protocol changes in
windows 7
2009-02-11 12:23:52 -08:00
Stefan Metzmacher
f956dddf57
libcli/nbt: s/private/private_data
...
metze
2009-02-02 13:09:09 +01:00
Kai Blin
d936be23cd
s3: Fix the non-merged build.
2009-02-01 20:49:07 +01:00
Kai Blin
07aa05f678
shared: Move dom_sid_* utility functions to top level
2009-02-01 19:42:30 +01:00
Volker Lendecke
b0c92548d8
Attempt to fix the merged build
2009-01-19 11:40:43 +01:00
Stefan Metzmacher
ebab6d6ce4
libcli/nbt: add nbt_name_socket_handle_response_packet()
...
Move the last part of nbt_name_socket_recv() into
a new function nbt_name_socket_handle_response_packet()
so that it can be reused by an unexpected handler.
metze
(from samba4wins tree cb0377f3b95e50c84fac999a49dde80acc933124)
2009-01-19 07:05:42 +01:00
Stefan Metzmacher
26c48098e6
libcli/nbt: add nbt_set_unexpected_handler()
...
metze
(from samba4wins tree 74232901d1e7ea9ebcb3bd8d584dda36fac37223)
2009-01-19 07:05:27 +01:00
Stefan Metzmacher
bbd74f2f76
libcli/nbt: fix wack timeout handling
...
If the client gets a WACK response, the server
sends a timeout to the client. Possible
values are between 9 and 105 seconds.
Because w2k3 servers have a bug and always return
a value of 5 seconds, we need a workarround.
Always using a fixed value of 30 seconds is bad
as we could timeout to early.
Now we use the value from the server if it's in the
valid range and otherwise we use the upper limit
of the valid range (105s).
metze
(from samba4wins tree 40ef7739f4141598a6392c203e4a2d52d972fe06)
2009-01-19 07:05:23 +01:00
Stefan Metzmacher
9d4f766ae3
Revert "Remove another use of global_loadparm."
...
This reverts commit ee7c2170a7
.
A much more correct fix will come soon.
(40ef7739f4141598a6392c203e4a2d52d972fe06 from the samba4wins tree)
metze
2009-01-19 07:05:20 +01:00
Jelmer Vernooij
ba5d6e6d70
Avoid using a utility header for Python replacements included in Samba,
...
since this will not be shipped with talloc/tdb/tevent/etc.
2009-01-08 12:20:20 +01:00
Tim Prouty
61a23c5eea
s3/s4 build: Fix Py_RETURN_NONE to work with python versions < 2.4
2009-01-07 15:03:16 -08:00
Jelmer Vernooij
d2c70d24e1
py: Properly increase the reference counter of Py_None.
2009-01-06 04:13:57 +01:00
Jelmer Vernooij
08259c1c52
Add iconv_convenience argument to size functions.
2009-01-01 04:45:33 +01:00
Stefan Metzmacher
183c379fe5
s4:lib/tevent: rename structs
...
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
2008-12-29 20:46:40 +01:00
Jelmer Vernooij
dcc4081f75
Fix more compiler warnings.
2008-12-23 23:22:57 +01:00
Michael Adam
b416135f6b
libcli/nbt: fix some extrasemi compile warnings.
...
Michael
2008-11-23 23:01:04 +01:00
Günther Deschner
aa6af1fe26
errors: add WERR_CM_BUFFER_SMALL.
...
Guenther
2008-11-12 10:17:46 +01:00
Günther Deschner
0474c8665d
nterrors: add NT_STATUS_DS_BUSY.
...
Guenther
2008-11-10 21:46:24 +01:00
Günther Deschner
0be668f147
doserr: add WERR_NO_TRUST_SAM_ACCOUNT.
...
Guenther
2008-11-06 13:40:47 +01:00
Jelmer Vernooij
b45caa44e1
Fix the build.
2008-11-02 23:58:49 +01:00
Jelmer Vernooij
ee7c2170a7
Remove another use of global_loadparm.
2008-11-02 18:27:24 +01:00
Jelmer Vernooij
62c57cb400
Remove use of global_loadparm when comparing nt status error - use
...
global variable instead.
2008-11-02 17:11:20 +01:00
Jelmer Vernooij
7ec720af71
Use shared doserr.c.
2008-11-01 17:28:16 +01:00
Jelmer Vernooij
0b0b11e3d9
Fix the build.
2008-10-24 16:52:25 +02:00
Jelmer Vernooij
23302413b3
Remove unused include param/param.h.
2008-10-24 16:37:56 +02:00
Jelmer Vernooij
f7692d16e3
Remove more global_loadparm instances, fix syntax errors.
2008-10-24 16:12:14 +02:00
Tim Prouty
0b68762af7
Fix "parameter has incomplete type" build warning.
...
When libcli-util was moved to the top level
(3be0f6ea56
) it introduced a build
warning. Since ndr_map_error2ntstatus depends on the definition of
enum ndr_err_code and libndr.h can't be easily included in error.h, I
moved the definition of enum ndr_err_code to libndr.h.
This also eliminates the need for the duplicate definition in proto.h
2008-10-23 12:21:44 -07:00
Jelmer Vernooij
44b728958a
Use common error definitions.
2008-10-23 15:35:21 +02:00
Jelmer Vernooij
94c522b1ab
Import NTSTATUS defines from Samba 3.
2008-10-23 03:29:20 +02:00
Jelmer Vernooij
e56dff3f7b
Import WERROR defines from Samba 3.
2008-10-23 03:25:00 +02:00
Jelmer Vernooij
90bfd9d9e1
Import new DOS error codes from Samba 3.
2008-10-23 03:13:08 +02:00
Jelmer Vernooij
3be0f6ea56
Move libcli-util error code to top-level.
2008-10-23 03:11:19 +02:00
Jelmer Vernooij
87ec1d2532
Make sure prototypes are always included, make some functions static and
...
remove some unused functions.
2008-10-20 18:59:51 +02:00
Jelmer Vernooij
3994c42f19
Fix number of arguments for file_load() functions.
2008-10-12 19:46:38 +02:00
Jelmer Vernooij
652f0e601d
Move nmblookup to same location as the rest of the NBT client library.
2008-10-12 17:34:28 +02:00
Jelmer Vernooij
218f482fbf
Use common strlist implementation in Samba 3 and Samba 4.
2008-10-12 00:56:56 +02:00
Jelmer Vernooij
9565999755
Fix include paths to new location of libutil.
2008-10-11 21:31:42 +02:00
Volker Lendecke
af1c802791
The IRIX compiler does not like embedded unnamed unions
2008-10-02 08:09:25 +02:00
Simo Sorce
3eb122069b
Temporary build fix for the merged build
2008-09-24 19:23:05 -04:00
Günther Deschner
4962a4459b
libcli: add nbt_proto.h that is no longer autogenerated.
...
Guenther
2008-09-24 03:51:25 +02:00
Günther Deschner
3ee016be9c
libcli: add some basic debugging functions for netlogon helper.
...
Guenther
2008-09-24 03:34:23 +02:00
Günther Deschner
7baaa87b93
libcli: add autogenerated libcli netlogon helper protos.
...
Guenther
2008-09-24 01:20:56 +02:00
Günther Deschner
9d541f314f
s4-libcli: move nbt/netlogon helper functions up one level.
...
Guenther
2008-09-23 23:17:51 +02:00
Günther Deschner
6f33f3e4c2
s4-nbt: move libcli/nbt up one level.
...
Guenther
2008-09-23 09:37:24 +02:00