1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Commit Graph

2296 Commits

Author SHA1 Message Date
Michael Adam
f37030b33a libcli/security: fix sddl.c to be able to build it from source3 2010-03-03 09:16:34 +01:00
Michael Adam
15b60a7e3f s4:move the sddl code down to the top level
Michael
2010-03-03 09:16:34 +01:00
Stefan Metzmacher
d671b80cf5 libcli/auth: print the error in the debug message
metze
2010-02-26 10:43:46 +01:00
Simo Sorce
805f7507e2 s4:cleanup remove unused schannel ldb code 2010-02-23 12:46:51 -05:00
Simo Sorce
1203de99b1 s4:schannel merge code with s3
After looking at the s4 side of the (s)channel :) I found out that it makes
more sense to simply make it use the tdb based code than redo the same changes
done to s3 to simplify the interface.

Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet
that does not solve the lookup speed, with ldb it is always going to be slower.

Looking through the history it is evident that the schannel database doesn't
really need greate expanadability. And lookups are always done with a single
Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated.

The schannel database is not really a persistent one. It can be discared during
an upgrade without causing any real issue. all it contains is temproary session
data.
2010-02-23 12:46:50 -05:00
Simo Sorce
1d0938c629 schannel_tdb: make code compilable in both trees 2010-02-23 12:46:50 -05:00
Simo Sorce
3b12c38ac0 s3:schannel streamline interface
Make calling schannel much easier by removing the need to explicitly open the
database. Let the abstraction do it instead.
2010-02-23 12:46:50 -05:00
Simo Sorce
e5ab64a799 s3:schannel fix memory hierarchy
passing mem_ctx was causing creds->sid to be allocated on mem_ctx and not be
child of creds as expected. When later in schannel_check_creds_state() we
stole the creds on a different memory context the sid was left behind and the
memory it points to freed when the temporary context was freed.
2010-02-23 12:46:50 -05:00
Simo Sorce
bb9014d5cb schannel: merge header files
One almost empty header file was simply including another not included by
anything else. Just merge them together.
2010-02-23 12:46:50 -05:00
Simo Sorce
8e2f5fe7c5 s4:schannel more readable check logic
Make the initial schannel check logic more understandable.
Make it easy to define different policies depending on the caller's
security requirements (Integrity/Privacy/Both/None)

This is the same change applied to s3
2010-02-23 12:46:50 -05:00
Simo Sorce
b4c9dc3724 s3:schannel more readable check logic
Make the initial schannel check logic more understandable.
Make it easy to define different policies depending on ther caller's security
requirements (Integrity/Privacy/Both/None)
2010-02-23 12:46:50 -05:00
Andreas Schneider
975a7a3d1b tstream: Added a typedef for the function prototype. 2010-02-23 13:48:22 +01:00
Andrew Tridgell
76a7382346 lib: use TYPESAFE_QSORT() in lib/ and libcli/ 2010-02-14 18:44:20 +11:00
Andrew Tridgell
6b01ca95a8 nbt: don't reference the event_ctx in nbtsock
This causes talloc_free with references errors
2010-02-08 11:04:59 +11:00
Matt Kraai
aa6a507e76 Change uint_t to unsigned int in libcli
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-02-02 07:18:17 +01:00
Stefan Metzmacher
e37dc56e97 libcli/nbt: fix ndr_push_nbt_string() string labels with a length of 63 (0x3F) are allowed
metze
2010-02-01 15:23:32 +01:00
Matthias Dieter Wallnöfer
dfd93fc7e3 s4:libcli/util/tstream.c - Need to include "system/network.h"
Otherwise I don't get "struct iovec" through "<sys/uio.h>" on CentOS 4.
2010-01-29 20:01:34 +01:00
Stefan Metzmacher
6442b0fcc1 libcli/nbt: fix off-by-one bug in ndr_pull_wrepl_nbt_name()
The scope starts at byte 17 with index 16.

metze
2010-01-29 15:55:11 +01:00
Stefan Metzmacher
c50a17cc8d libcli/nbt: fix ndr_pull/push_wrepl_nbt_name()
[MS-WINSRA] — v20091104 was wrong
regarding section "2.2.10.1 Name Record"

If the name buffer is already 4 byte aligned
Windows (at least 2003 SP1 and 2008) add 4 extra
bytes. This can happen when the name has a scope.

metze
2010-01-29 15:55:10 +01:00
Volker Lendecke
005bbd0826 Revert "libcli/security: Remove a call to strncasecmp"
This reverts commit 7c687665ea.
2010-01-25 16:45:32 +01:00
Volker Lendecke
d86d5be636 Revert "libcli/security: Convert some strtol calls to strtoul"
This reverts commit 7fe66e06c4.
2010-01-25 16:45:32 +01:00
Volker Lendecke
fa47dbb57a Revert "libcli/security: Fix a valgrind error in dom_sid_parse"
This reverts commit f1c889a4e6.
2010-01-25 16:45:31 +01:00
Volker Lendecke
a53a8ec452 Revert "libcli/security: Prohibit SID formats like S-1-5-32-+545"
This reverts commit 1fbeae4165.

Apparently this breaks the build of Samba4
2010-01-25 12:40:51 +01:00
Volker Lendecke
1fbeae4165 libcli/security: Prohibit SID formats like S-1-5-32-+545 2010-01-23 16:28:11 +01:00
Volker Lendecke
f1c889a4e6 libcli/security: Fix a valgrind error in dom_sid_parse 2010-01-23 16:28:11 +01:00
Volker Lendecke
7fe66e06c4 libcli/security: Convert some strtol calls to strtoul
This tightens the dom_sid_parse syntax check a bit: "--" would have been
allowed in sid string
2010-01-23 16:28:11 +01:00
Volker Lendecke
7c687665ea libcli/security: Remove a call to strncasecmp 2010-01-23 16:28:11 +01:00
Stefan Metzmacher
bbaec01b37 libcli/util: add tstream_read_pdu_blob_send/recv
This will take the some full_request callback function
as the Samba4 packet code.

metze
2010-01-08 14:36:43 +01:00
Volker Lendecke
be05d71b9e Simplify E_md5hash a bit 2010-01-07 11:07:55 +01:00
Andrew Bartlett
ba2cfceb96 libcli/auth Make gd's NDR NTLMSSP parsers helpers common
(but not built in Samba4 for now)
2009-12-22 21:07:51 +01:00
Andrew Tridgell
f9302f9e08 ldap: give a debug error when we don't know a control
This interface should really have a proper error interface, but at
least a DEBUG() gives the user a chance of finding the error

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-16 20:56:23 +11:00
Andrew Tridgell
1b20002cc2 libcli: use GUID_to_ndr_blob() 2009-12-10 17:51:28 +11:00
Andrew Tridgell
6eb262f0e8 libcli: allow ntstatus.h to be used by openchange
apparently ntstatus.h is used by openchange, but they don't include
replace.h. This makes that possible again.
2009-11-25 15:30:20 +11:00
Andrew Bartlett
b5ce97511a libcli/nbt Move more of lmhosts lookup into common code
This aims to eventually share this with Samba4.

Andrew Bartlett
2009-11-04 14:58:25 +11:00
Stefan Metzmacher
dc8e681755 libcli/auth: initialize creds in netlogon_creds_client_init_session_key()
metze
2009-10-24 11:59:15 +02:00
Stefan Metzmacher
f2da9c8c1a libcli/auth: fix memory leak in schannel_creds_server_step_check_ldb()
metze
2009-10-24 11:59:14 +02:00
Stefan Metzmacher
5ae1d700eb libcli/auth: don't leak the ldb_msg in schannel_store_session_key_ldb()
metze
2009-10-24 11:59:13 +02:00
Andrew Tridgell
3050f83288 s4-python: we need to include Python.h first
If we don't include Python.h first then we get a pile of warnings due
to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23 16:23:01 +11:00
Andrew Tridgell
b6a1beb131 added NT_STATUS_NOT_OK_RETURN_AND_FREE()
Try to make it a bit easier to avoid leaks in common code
2009-10-17 13:01:02 +11:00
Matthias Dieter Wallnöfer
19302db6cb s3/s4 common: fix up header file 2009-10-04 20:18:28 +02:00
Kamen Mazdrashki
1f2490e7d8 w32err: Importing auto-generated Win32 errors and descriptions
Error codes and their descriptions are generated
using w32err_code.py script.
Error are downloaded from MS site:
http://msdn.microsoft.com/en-us/library/cc231199%28PROT.10%29.aspx

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:41 +03:00
Kamen Mazdrashki
0e1840b84a w32err: WERR_GROUP_NOT_FOUND renamed to WERR_GROUPNOTFOUND
In Win 32 we have
NERR_GroupNotFound which maps to WERR_GROUP_NOT_FOUND currently
and we have
ERROR_GROUP_NOT_FOUND which maps to nothing, so it is to be added

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:41 +03:00
Kamen Mazdrashki
948cd70bad w32err: WERR_USER_EXISTS replace with WERR_USEREXISTS name
In Win32 we have
NERR_UserExists which maps to WERR_USER_EXISTS currently
and there is
ERROR_USER_EXISTS which maps to WERR_USER_ALREADY_EXISTS

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Kamen Mazdrashki
d9994a604b w32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUND
It turns out in win32 ERROR_DC_NOT_FOUND exists and it is
an error for Device Context (DC), not Domain Controller

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Kamen Mazdrashki
0e64fcb18f w32err: FRS_ group of errors replaced with numeric values
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Kamen Mazdrashki
e669113900 w32err: WERR_DOMAIN_CONTROLLER_NOT_FOUND error value fixed
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2009-09-30 15:48:40 +03:00
Nadezhda Ivanova
6283f2caaa Initial implementation of security descriptor creation in DS
TODO's:
ACE sorting and clarifying the inheritance of object specific ace's.
2009-09-20 15:16:17 -07:00
Andrew Bartlett
59bea84362 libcli:nbt move prototypes of lmhosts functions to libnbt.h 2009-09-19 14:34:16 -07:00
Stefan Metzmacher
825484ee6d libcli/named_pipe_auth: pass gssapi delegated credentials through the named pipe
metze
2009-09-18 20:34:42 +02:00
Andrew Tridgell
ec422edab5 util: use likely/unlikely for NT_STATUS_* macros 2009-09-17 21:52:24 -07:00
Kouhei Sutou
f8dae40fc8 spnego: Support ASN.1 BIT STRING and use it in SPNEGO.
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 20:10:54 +02:00
Kamen Mazdrashki
8bebce45d3 w32err: Set hex format values for all errors
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:46 +02:00
Kamen Mazdrashki
3f835eb947 w32err: Re-define errors with numeric values
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:41 +02:00
Kamen Mazdrashki
91d3d3c6a2 w32err: Sorting error codes in ascending order
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:36 +02:00
Kamen Mazdrashki
fc1ac736d6 w32err: NERR_ codes grouped together
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:31 +02:00
Kamen Mazdrashki
1cfac63fa4 w32err: WERR_CLASS_NOT_REGISTERED updated
Error code move to COM/OLE group.
Error value changed to as REGDB_E_CLASSNOTREG in Windows

Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17 07:18:29 +02:00
Günther Deschner
43e198c188 spnego: add spnego_proto.h.
Guenther
2009-09-17 01:39:12 +02:00
Günther Deschner
503d035814 spnego: share spnego_parse.
Guenther
2009-09-17 01:12:20 +02:00
Günther Deschner
83023462f9 libcli/auth: remove trailing whitespace.
Guenther
2009-09-16 18:00:16 +02:00
Nadezhda Ivanova
d70e171719 Owner and group defaulting.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-16 07:52:05 -07:00
Stefan Metzmacher
033ced60ac libcli/auth: rewrite schannel sign/seal code to be more generic
This prepares support for HMAC-SHA256/AES.

metze
2009-09-16 12:29:06 +02:00
Günther Deschner
5b86a0ac01 schannel: remove last traces of gensec.
Guenther
2009-09-16 03:23:05 +02:00
Günther Deschner
799f8d7e13 schannel: fully share schannel sign/seal between s3 and 4.
Guenther
2009-09-16 01:55:06 +02:00
Günther Deschner
f3979b50a9 schannel: move schannel_sign to main directory.
Guenther
2009-09-16 01:54:59 +02:00
Andrew Bartlett
5a01071692 libcli:nbt put util_net.c protos in new header file
This fixed a very odd build problem due to util.h importing
system/network.h being imported before the uid_wapper code.

Andrew Bartlett
2009-09-15 10:38:53 -07:00
Andrew Bartlett
668470c992 libcli:nbt make the lmhosts parsing code and dependicies common
This starts the process to have Samba4 use lmhosts.

Andrew Bartlett
2009-09-15 07:42:54 -07:00
Günther Deschner
cac5e64c00 s3-errors: add NT_STATUS_RPC_NT_PROCNUM_OUT_OF_RANGE.
Guenther
2009-09-11 02:58:34 +02:00
Andrew Tridgell
2ff4764f8f libcli: added a drsuapi attribute encryption function 2009-09-10 17:42:13 +10:00
Andrew Bartlett
5283ad11bd libcli:drsuapi Add function to encrypt data for transport over DRSUAPI
This is for the server side of the GetNCChanges call.

Andrew Bartlett
2009-09-10 15:50:32 +10:00
Günther Deschner
5f2ec4b202 s3-nterr: add NT_STATUS_RPC_NT_CALL_FAILED.
Guenther
2009-09-08 23:21:14 +02:00
Günther Deschner
2287849074 s4: fix the build after ntlmssp header change.
Guenther
2009-08-28 11:37:44 +02:00
Günther Deschner
b7a5e7a5d6 libcli/auth: remove unused NTLMSSP_NAME_TYPE_ flags.
Guenther
2009-08-28 10:09:19 +02:00
Stefan Metzmacher
8d58472706 libcli/auth: add netlogon_creds_step_crypt() and netlogon_creds_first_step()
This abstracts the usage of crypto functions instead of directly calling
des_crypt112().

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-27 15:55:20 +02:00
Stefan Metzmacher
a69d8ab35c libcli/auth: remove some useless lines
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-27 15:55:20 +02:00
Stefan Metzmacher
e115cb5cb1 libcli/auth: remember schannel type in netlogon_creds_server_init()
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-27 15:55:20 +02:00
Günther Deschner
04310cc1c5 libcli/auth: add tdb backend for schannel state.
Guenther
2009-08-27 15:55:19 +02:00
Günther Deschner
699266920b libcli/auth: move netlogon_creds_CredentialState out of libcli.
Guenther
2009-08-27 15:55:18 +02:00
Günther Deschner
17d3800e92 s4-schannel: add ldb suffix to schannel functions.
Guenther
2009-08-27 15:55:18 +02:00
Günther Deschner
a18d6839ac libcli/auth: rename schannel_state.c to schannel_state_ldb.c.
Guenther
2009-08-27 15:55:18 +02:00
Stefan Metzmacher
e2845b8089 libcli/smb: add smb2_create_blob_find()
metze
2009-08-15 10:46:35 +02:00
Stefan Metzmacher
1d75a6e224 libcli/smb: move smb2_create_blob code to libcli/smb/
I want to use this in source3/smbd/

metze
2009-08-12 19:22:06 +02:00
Stefan Metzmacher
1df883aa39 libcli: move some common SMB and SMB2 stuff into libcli/smb/
This will hold code that's shared between source3 and source4.

metze
2009-08-12 18:28:32 +02:00
Matthias Dieter Wallnöfer
a08bffa358 Adds new error codes (needed for enhancing error messages for SAMBA 4 AD LDAP server) 2009-07-31 17:40:46 +02:00
Volker Lendecke
72da71acf9 Create a correct talloc hierarchy in make_sec_acl() 2009-07-14 20:49:06 +02:00
Günther Deschner
a45ec4db73 doserrors: print out some more werrors.
Guenther
2009-07-02 22:00:41 +02:00
Matthias Dieter Wallnöfer
a8e757ba4c A fix in the ACL code used by both SAMBA 3 and 4
This fixes an uninitialised structure. It has been found through valgrind
in the RAW-ACLs test suite (Bug #6397).
2009-06-19 11:32:01 +10:00
Andrew Kroeger
71515ba190 s4: Call va_end() after all va_start()/va_copy() calls.
This corrects the issues reaised in bug #6129, and some others that were not
originally identified.  It also accounts for some code that was in the original
bug report but appears to have since been made common between S3 and S4.

Thanks to Erik Hovland <erik@hovland.org> for the original bug report.
2009-06-18 13:49:25 +10:00
Andrew Bartlett
f666da6940 Add const to cast, to fix warning 2009-06-18 13:49:25 +10:00
Andrew Tridgell
ddce3b5ac8 two more NT status codes that we get on DRS with w2k8-R2 2009-06-12 12:23:46 +10:00
Jeremy Allison
4b0658d448 Replace the "ipv4" specific strings in libcli/cldap/cldap.c with "ip". CLDAP can
run over IPv4/IPv6, even though some of the netlogon messages are IPv4 specific.
Fix the new ads_cldap_netlogon() to be IPv6/IPv4 agnostic. This compiles but
I don't have a good test env. for this (although as the previous code was
*completely* broken over IPv6 this will expose previously hidden bugs if it's broken :-).
Jeremy.
2009-06-08 15:21:48 -07:00
Andrew Tridgell
da3ee27900 add NT_STATUS_HAVE_NO_MEMORY_AND_FREE()
In many places we use NT_STATUS_HAVE_NO_MEMORY() to auto-return when a
memory allocation fails. In quite a few places where we use this, we
end up leaving a tmp_ctx behind, which creates a memory leak.

This macro takes a memory context to free when returning the error
2009-06-04 14:10:10 +10:00
Jelmer Vernooij
88876ac571 errormap: Remove wbc -> NTSTATUS error map for now. It is not used.
This was breaking the Samba 4 installation since it added dependencies
on header files we weren't installing.

Confirmed with Kai.
2009-05-15 16:05:37 +02:00
Günther Deschner
aa84ca6e6b error-codes: add some more WERRORs to table.
These tables really should be auto-generated at some point...

Guenther
2009-05-12 23:52:43 +02:00
Volker Lendecke
831b73ec82 Fix an unitialized variable warning 2009-05-10 07:43:24 +02:00
Günther Deschner
e7a8577df1 error-codes: add some more group specific windows error codes.
Guenther
2009-05-05 21:10:02 +02:00
Tim Prouty
72bd5ff983 libcli: Fix shadowed name in header also 2009-05-04 14:38:59 -07:00
Tim Prouty
032bb807c7 libcli: Fix shadowed variable warning 2009-05-04 08:52:26 -07:00
Stefan Metzmacher
92a1890b90 libcli/named_pipe_auth: add tstream_npa_connect_send/recv()
Add a tstream client implemenation for the named pipe auth
code. This supports byte and message mode.

metze
2009-05-01 17:42:08 +02:00
Volker Lendecke
2146310fb7 Fix a couple of warnings 2009-04-23 14:35:50 +02:00
Kai Blin
7a9be21916 errormap: Add wbcErr to NTSTATUS mappings 2009-04-22 00:14:45 +02:00
Jelmer Vernooij
7a0a134e0c Fix includes for security_descriptor file for the non-merged build. 2009-04-21 17:19:22 +02:00
Jelmer Vernooij
0bd8b7c5ff Fix make install; don't install drsuapi.h and fix the location of
credentials.h
2009-04-21 16:50:20 +02:00
Jelmer Vernooij
2eff2de2f8 Move the security_descriptor utility code to the top-level. 2009-04-21 15:14:35 +02:00
Jelmer Vernooij
3e75c9bd33 Use a static copy of the samsync header file as Samba3 doesn't generate
prototype headers.
2009-04-21 15:14:34 +02:00
Jeremy Allison
4e1b633dab Stop autogenerated files from being created.
Jeremy.
2009-04-20 09:06:21 -07:00
Jeremy Allison
fe77eac5f3 Add previously generated header files now needed in merged build.
Jeremy.
2009-04-20 08:48:07 -07:00
Andrew Bartlett
8a5d94e329 libcli/auth Ensure we cancel the transaction when schannel not detected
(found by jra on code review)

Andrew Bartlett
2009-04-20 13:55:04 +02:00
Andrew Bartlett
02ecdd8f29 libcli/auth: Don't pass back lm_sess_key as the same pointer as user_sess_key
This ensures that a talloc_free() of both pointers won't double-free
(sharing pointers like this is evil anyway).

Andrew Bartlett
2009-04-20 10:54:57 +02:00
Andrew Bartlett
fa37dbf960 Fix building the now common msrpc_parse code 2009-04-16 10:17:57 +10:00
Andrew Bartlett
0879cbaf2b Fix building the common libcli/samsync code 2009-04-16 10:17:34 +10:00
Andrew Bartlett
86b50a0e6e Add missing header, remove generated header
(This isn't a rename, honest :-)
2009-04-15 14:23:33 +10:00
Andrew Bartlett
0b4e9ce45a common:libcli/auth Add missing samsync config.mk 2009-04-15 14:00:24 +10:00
Andrew Bartlett
53afa1adac libcli/auth Push schannel check into common libcli/auth
This means we have a single choke point to ensure the remote client is
using schannel.

Andrew Bartlett
2009-04-14 16:23:44 +10:00
Andrew Bartlett
5095d7b1c8 Rework Samba4 to use the new common libcli/auth code
In particular, this is the rename from creds_ to netlogon_creds_, as
well as other links to use the new common crypto.

Andrew Bartlett
2009-04-14 16:23:44 +10:00
Andrew Bartlett
eed0c4f6c9 Rework netlogon credentials for the top level
This makes constructor functions that return the allocated structure,
rather than having the caller pass them in, and makes the server init
function also check the first credential.

The rename of creds_ to netlogon_creds should make it more clear what
this code works with.

Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Bartlett
f23eea294a Push schannel_state.c into the top level.
This is the server side state for netlogon credential chaining

Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Bartlett
df8e1908ef Use common samsync delta decryption functions in libnet_samsync.c
Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Bartlett
7cff049e7e libcli/auth Don't compile against un-needed Samba4 headers 2009-04-14 16:23:42 +10:00
Andrew Bartlett
6c8f7e4005 Port Samba4 to the new combined libcli/auth functions
For example, some of the new shared functionality was previously in the wkssvc
torture test.

Andrew Bartlett
2009-04-14 16:23:41 +10:00
Andrew Bartlett
a19966375a Move ntlm_check.h into the common libcli/auth 2009-04-14 16:23:41 +10:00
Andrew Bartlett
f28f113d8e Rework Samba3 to use new libcli/auth code (partial)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett
2009-04-14 16:23:35 +10:00
Andrew Bartlett
fd3be5c4e5 Merge smbencrypt.c between Samba3 and Samba4 2009-04-14 14:19:42 +10:00
Andrew Bartlett
8e73b652f9 Rework trivial msrpc parser to use convert_string_talloc()
Also avoid still string conversions when trying to match NTLMSSP in
the header of the NTLMSSP packet.

This also changes a few things to avoid const warnings.

Andrew Bartlett
2009-04-14 14:19:40 +10:00
Andrew Bartlett
9feea7fa4c Move MSRPC-PARSE into the common libcli/auth
This is a depenceny of smbencrypt.c
2009-04-14 14:19:39 +10:00
Andrew Bartlett
872cb0257c Move DRSUAPI per-attribute decryption into a common file
This file (contining metze's decryption routines) is now also be used by
Samba3's DRSUAPI implementation

Andrew Bartlett
2009-04-14 14:19:39 +10:00
Andrew Bartlett
927a8b3304 Move libcli/auth to the top level 2009-04-14 14:19:39 +10:00
Günther Deschner
43eb50655e error-codes: add WERR_CM_INVALID_POINTER.
Guenther
2009-04-10 01:06:55 +02:00
Günther Deschner
cc98d3ae9f error-codes: add some service related error codes.
Patch initially from: Danny Tylman <danny.tylman@insightix.com>

Guenther
2009-04-08 21:54:28 +02:00
Stefan Metzmacher
7e1411b5c7 libcli/cldap: convert to tsocket_* function to tdgram_*
metze
2009-04-02 21:54:02 +02:00
Zach Loafman
9d95f8704d s/NT_STATUS_WIN7_INVALID_RANGE/NT_STATUS_INVALID_LOCK_RANGE/g 2009-04-01 20:59:52 -07:00
Stefan Metzmacher
794525f342 libcli/cldap: fix memory/resource leak
We need to remove the message id, when a search request is finished

metze
2009-04-01 16:41:14 +02:00
Jelmer Vernooij
30a3dec549 Merge branch 'master' of ssh://git.samba.org/data/git/samba into displaysec 2009-03-26 15:28:18 +01:00
Günther Deschner
5603c0f2ba error-codes: add WERR_DS_DRA_SOURCE_DISABLED.
Guenther
2009-03-26 14:52:22 +01:00
Jelmer Vernooij
c42fc5e103 display_sec: Move to common libcli/security directory. 2009-03-25 21:29:13 +01:00
Stefan Metzmacher
84a140f187 move source4/libcli/cldap => libcli/cldap
metze
2009-03-19 16:25:59 +01:00
Günther Deschner
db728c1ade error-codes: add WERR_DEVICE_NOT_CONNECTED.
Guenther
2009-03-02 14:24:57 +01:00
Stefan Metzmacher
84b57a5dba libcli/security: fix the source4 build
metze
2009-03-02 12:05:43 +01:00
Stefan Metzmacher
ae1a69f3ea libcli/security: fix the source3 build
metze
2009-03-02 08:56:22 +01:00
Jelmer Vernooij
8568b4fa9f Add header files for secace and secacl. 2009-03-01 20:06:55 +01:00
Jelmer Vernooij
da6721e323 Move secacl to top-level. 2009-03-01 18:15:36 +01:00
Jelmer Vernooij
e9bba3e288 dom_sid.h: Include dependency security.h that provides the dom_sid struct. 2009-03-01 18:15:15 +01:00
Jelmer Vernooij
99b288156f Move secace.c to top-level. 2009-03-01 18:00:26 +01:00
Michael Adam
51795b723e libcli/util/werror.h: add macro W_ERROR_NOT_OK_GOTO(x, y)
a goto destination can be specified as a second parameter.

Michael
2009-02-26 13:22:54 +01:00
Michael Adam
6c197ffa30 s3: move definition of W_ERROR_NOT_OK_GOTO_DONE down to libcli/util/werror.h
Michael
2009-02-26 13:22:54 +01:00
Günther Deschner
28fb708ba0 error-codes: print out WERR_UNKNOWN_PRINT_MONITOR.
Guenther
2009-02-24 23:57:52 +01:00
Stefan Metzmacher
f6b0a99cef libcli/ldap: move generic ldap control encoding code to ldap_message.c
As they can we static there, we pass the specific handlers as parameter
where we need to support controls.

metze
2009-02-24 17:55:41 +01:00
Stefan Metzmacher
18b30e5646 libcli/ldap: move ldap_ndr from source4/ to toplevel
metze
2009-02-24 17:55:40 +01:00
Stefan Metzmacher
7aaec963c1 libcli/ldap: fix compiler warnings
metze
2009-02-24 17:55:40 +01:00
Stefan Metzmacher
ef0fa403f1 libcli/ldap: move ldap_errors.h to the toplevel and install it
metze
2009-02-24 17:55:39 +01:00
Stefan Metzmacher
536318549f libcli/ldap: move ldap_message.[ch] from source4/ to the toplevel
metze
2009-02-24 17:55:39 +01:00
Günther Deschner
1a9bb33a7d error-codes: add WERR_INVALID_USER_BUFFER.
Guenther
2009-02-24 01:01:57 +01:00
Volker Lendecke
e304a623f1 Add missing include to shut up missing prototype warnings 2009-02-14 22:00:44 +01:00
Zack Kirsch
4e1a4cbe1f s4 torture: Smbtorture additions for Windows BRL
- Adds a few new BRL tests to RAW-LOCK
- Adds a "win7" target to allow torture to handle protocol changes in
  windows 7
2009-02-11 12:23:52 -08:00
Stefan Metzmacher
f956dddf57 libcli/nbt: s/private/private_data
metze
2009-02-02 13:09:09 +01:00
Kai Blin
d936be23cd s3: Fix the non-merged build. 2009-02-01 20:49:07 +01:00
Kai Blin
07aa05f678 shared: Move dom_sid_* utility functions to top level 2009-02-01 19:42:30 +01:00
Volker Lendecke
b0c92548d8 Attempt to fix the merged build 2009-01-19 11:40:43 +01:00
Stefan Metzmacher
ebab6d6ce4 libcli/nbt: add nbt_name_socket_handle_response_packet()
Move the last part of nbt_name_socket_recv() into
a new function nbt_name_socket_handle_response_packet()
so that it can be reused by an unexpected handler.

metze
(from samba4wins tree cb0377f3b95e50c84fac999a49dde80acc933124)
2009-01-19 07:05:42 +01:00
Stefan Metzmacher
26c48098e6 libcli/nbt: add nbt_set_unexpected_handler()
metze
(from samba4wins tree 74232901d1e7ea9ebcb3bd8d584dda36fac37223)
2009-01-19 07:05:27 +01:00
Stefan Metzmacher
bbd74f2f76 libcli/nbt: fix wack timeout handling
If the client gets a WACK response, the server
sends a timeout to the client. Possible
values are between 9 and 105 seconds.

Because w2k3 servers have a bug and always return
a value of 5 seconds, we need a workarround.

Always using a fixed value of 30 seconds is bad
as we could timeout to early.

Now we use the value from the server if it's in the
valid range and otherwise we use the upper limit
of the valid range (105s).

metze
(from samba4wins tree 40ef7739f4141598a6392c203e4a2d52d972fe06)
2009-01-19 07:05:23 +01:00
Stefan Metzmacher
9d4f766ae3 Revert "Remove another use of global_loadparm."
This reverts commit ee7c2170a7.

A much more correct fix will come soon.
(40ef7739f4141598a6392c203e4a2d52d972fe06 from the samba4wins tree)

metze
2009-01-19 07:05:20 +01:00
Jelmer Vernooij
ba5d6e6d70 Avoid using a utility header for Python replacements included in Samba,
since this will not be shipped with talloc/tdb/tevent/etc.
2009-01-08 12:20:20 +01:00
Tim Prouty
61a23c5eea s3/s4 build: Fix Py_RETURN_NONE to work with python versions < 2.4 2009-01-07 15:03:16 -08:00
Jelmer Vernooij
d2c70d24e1 py: Properly increase the reference counter of Py_None. 2009-01-06 04:13:57 +01:00
Jelmer Vernooij
08259c1c52 Add iconv_convenience argument to size functions. 2009-01-01 04:45:33 +01:00
Stefan Metzmacher
183c379fe5 s4:lib/tevent: rename structs
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"

for s in $list; do
	o=`echo $s | cut -d ':' -f1`
	n=`echo $s | cut -d ':' -f2`
	r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
	files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
	for f in $files; do
		cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
		mv $f.tmp $f
	done
done

metze
2008-12-29 20:46:40 +01:00
Jelmer Vernooij
dcc4081f75 Fix more compiler warnings. 2008-12-23 23:22:57 +01:00
Michael Adam
b416135f6b libcli/nbt: fix some extrasemi compile warnings.
Michael
2008-11-23 23:01:04 +01:00
Günther Deschner
aa6af1fe26 errors: add WERR_CM_BUFFER_SMALL.
Guenther
2008-11-12 10:17:46 +01:00
Günther Deschner
0474c8665d nterrors: add NT_STATUS_DS_BUSY.
Guenther
2008-11-10 21:46:24 +01:00
Günther Deschner
0be668f147 doserr: add WERR_NO_TRUST_SAM_ACCOUNT.
Guenther
2008-11-06 13:40:47 +01:00
Jelmer Vernooij
b45caa44e1 Fix the build. 2008-11-02 23:58:49 +01:00
Jelmer Vernooij
ee7c2170a7 Remove another use of global_loadparm. 2008-11-02 18:27:24 +01:00
Jelmer Vernooij
62c57cb400 Remove use of global_loadparm when comparing nt status error - use
global variable instead.
2008-11-02 17:11:20 +01:00
Jelmer Vernooij
7ec720af71 Use shared doserr.c. 2008-11-01 17:28:16 +01:00
Jelmer Vernooij
0b0b11e3d9 Fix the build. 2008-10-24 16:52:25 +02:00
Jelmer Vernooij
23302413b3 Remove unused include param/param.h. 2008-10-24 16:37:56 +02:00
Jelmer Vernooij
f7692d16e3 Remove more global_loadparm instances, fix syntax errors. 2008-10-24 16:12:14 +02:00
Tim Prouty
0b68762af7 Fix "parameter has incomplete type" build warning.
When libcli-util was moved to the top level
(3be0f6ea56) it introduced a build
warning.  Since ndr_map_error2ntstatus depends on the definition of
enum ndr_err_code and libndr.h can't be easily included in error.h, I
moved the definition of enum ndr_err_code to libndr.h.

This also eliminates the need for the duplicate definition in proto.h
2008-10-23 12:21:44 -07:00
Jelmer Vernooij
44b728958a Use common error definitions. 2008-10-23 15:35:21 +02:00
Jelmer Vernooij
94c522b1ab Import NTSTATUS defines from Samba 3. 2008-10-23 03:29:20 +02:00
Jelmer Vernooij
e56dff3f7b Import WERROR defines from Samba 3. 2008-10-23 03:25:00 +02:00
Jelmer Vernooij
90bfd9d9e1 Import new DOS error codes from Samba 3. 2008-10-23 03:13:08 +02:00
Jelmer Vernooij
3be0f6ea56 Move libcli-util error code to top-level. 2008-10-23 03:11:19 +02:00
Jelmer Vernooij
87ec1d2532 Make sure prototypes are always included, make some functions static and
remove some unused functions.
2008-10-20 18:59:51 +02:00
Jelmer Vernooij
3994c42f19 Fix number of arguments for file_load() functions. 2008-10-12 19:46:38 +02:00
Jelmer Vernooij
652f0e601d Move nmblookup to same location as the rest of the NBT client library. 2008-10-12 17:34:28 +02:00
Jelmer Vernooij
218f482fbf Use common strlist implementation in Samba 3 and Samba 4. 2008-10-12 00:56:56 +02:00
Jelmer Vernooij
9565999755 Fix include paths to new location of libutil. 2008-10-11 21:31:42 +02:00
Volker Lendecke
af1c802791 The IRIX compiler does not like embedded unnamed unions 2008-10-02 08:09:25 +02:00
Simo Sorce
3eb122069b Temporary build fix for the merged build 2008-09-24 19:23:05 -04:00
Günther Deschner
4962a4459b libcli: add nbt_proto.h that is no longer autogenerated.
Guenther
2008-09-24 03:51:25 +02:00
Günther Deschner
3ee016be9c libcli: add some basic debugging functions for netlogon helper.
Guenther
2008-09-24 03:34:23 +02:00
Günther Deschner
7baaa87b93 libcli: add autogenerated libcli netlogon helper protos.
Guenther
2008-09-24 01:20:56 +02:00
Günther Deschner
9d541f314f s4-libcli: move nbt/netlogon helper functions up one level.
Guenther
2008-09-23 23:17:51 +02:00
Günther Deschner
6f33f3e4c2 s4-nbt: move libcli/nbt up one level.
Guenther
2008-09-23 09:37:24 +02:00