summaryrefslogtreecommitdiff
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
* libcli:smb: Fix a typo in a debug messageAndreas Schneider2021-01-191-1/+1
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Jan 19 16:15:21 UTC 2021 on sn-devel-184
* libcli/smb: allow unexpected padding in SMB2 IOCTL responsesStefan Metzmacher2021-01-151-1/+18
| | | | | | | | | | | | | | | | A NetApp Ontap 7.3.7 SMB server add 8 padding bytes to an offset that's already 8 byte aligned. RN: Work around special SMB2 IOCTL response behavior of NetApp Ontap 7.3.7 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607 Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Jan 15 08:36:34 UTC 2021 on sn-devel-184
* s4:torture/smb2: add samba3.smb2.ioctl.bug14607Stefan Metzmacher2021-01-151-0/+2
| | | | | | | | | | FSCTL_SMBTORTURE_IOCTL_RESPONSE_BODY_PADDING8 will be used to trigger an SMB2 IOCTL response with extra padding. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/smb: split out smb2cli_ioctl_parse_buffer()Stefan Metzmacher2021-01-151-80/+110
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607 Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org>
* libcli/smb: Allow smb2cli_validate_negotiate_info_done() to ignore ↵Jeremy Allison2021-01-151-0/+25
| | | | | | | | | | | | | | | | NT_STATUS_INVALID_PARAMETER. This can be returned from NetApp Ontap 7.3.7 SMB server implementations. Now we have ensured smb2_signing_check_pdu() cannot return NT_STATUS_INVALID_PARAMETER on a signing error it's safe to check this error code here. Windows 10 clients ignore this error from the NetApp. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/smb: Change some checks to SMB_ASSERTSStefan Metzmacher2021-01-151-7/+2
| | | | | | | | | | If we end up here, it's definitely a programming error in the basic parsing layer of the SMB2 packet. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/smb: add smbXcli_conn_send_queue()Stefan Metzmacher2020-12-172-0/+6
| | | | | | | | | This is useful in order to test async requests tevent_queue_wait_send/recv() can be used to block the queue between requests or wait for the queue to be flushed. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Add required #includes to libcli/dns/dns.hVolker Lendecke2020-12-111-0/+8
| | | | | | | Also, make it safe against being included twice Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Align integer typesVolker Lendecke2020-11-301-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Align a few integer typesVolker Lendecke2020-11-303-4/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli:smb: Check return code of set_blockingAndreas Schneider2020-11-261-1/+4
| | | | | | | Found by covscan. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib: Remove unused security_descriptor_append()Volker Lendecke2020-11-192-14/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: smb2: Never print length if smb2_signing_key_valid() fails for ↵Jeremy Allison2020-11-161-6/+3
| | | | | | | | | | | | | | crypto blob. Blob could be NULL. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14210 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Nov 16 09:47:38 UTC 2020 on sn-devel-184
* http_conn.c: fix "void function cannot return value" errorBjörn Jacke2020-11-101-2/+1
| | | | | | | this made the studio compiler build break Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Add smb2cli_session_get_encryption_cipher()Isaac Boukris2020-11-062-0/+14
| | | | | | | | | When 'session->smb2->should_encrypt' is true, the client MUST encrypt all transport messages (see also MS-SMB2 3.2.4.1.8). Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* libcli: Use GUID_to_ndr_buf() in smb2cli_validate_negotiate_info_send()Volker Lendecke2020-10-021-4/+4
| | | | | | | | | | Avoid a talloc/free Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Oct 2 22:50:43 UTC 2020 on sn-devel-184
* libcli: Use GUID_to_ndr_buf() in smbXcli_negprot_smb2_subreq()Volker Lendecke2020-10-021-4/+4
| | | | | | | Avoid a talloc/free Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Use GUID_to_ndr_buf() in ldap_encode_ndr_GUID()Volker Lendecke2020-10-021-3/+3
| | | | | | | Avoid a talloc/free Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Align some integer typesVolker Lendecke2020-10-021-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Don't leave a pointer uninitializedVolker Lendecke2020-10-021-4/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Remove a pointless if-expressionVolker Lendecke2020-10-021-3/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in ↵Stefan Metzmacher2020-09-182-2/+17
| | | | | | | | | | | | | | | | | | | netlogon_creds_server_init() This implements the note from MS-NRPC 3.1.4.1 Session-Key Negotiation: 7. If none of the first 5 bytes of the client challenge is unique, the server MUST fail session-key negotiation without further processing of the following steps. It lets ./zerologon_tester.py from https://github.com/SecuraBV/CVE-2020-1472.git report: "Attack failed. Target is probably patched." BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* CVE-2020-1472(ZeroLogon): libcli/auth: add ↵Stefan Metzmacher2020-09-182-1/+23
| | | | | | | | | | | | netlogon_creds_is_random_challenge() to avoid weak values This is the check Windows is using, so we won't generate challenges, which are rejected by Windows DCs (and future Samba DCs). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* CVE-2020-1472(ZeroLogon): libcli/auth: make use of ↵Stefan Metzmacher2020-09-181-2/+1
| | | | | | | | | | | | netlogon_creds_random_challenge() in netlogon_creds_cli.c This will avoid getting rejected by the server if we generate a weak challenge. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()Stefan Metzmacher2020-09-182-0/+8
| | | | | | | | | | | It's good to have just a single isolated function that will generate random challenges, in future we can add some logic in order to avoid weak values, which are likely to be rejected by a server. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* libcli: nbt: Fix resolve_lmhosts_file_as_sockaddr() to return size_t * count ↵Jeremy Allison2020-09-152-7/+2
| | | | | | | of addresses. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* libcli: nbt: cleanup resolve_lmhosts_file_as_sockaddr() - don't change ↵Jeremy Allison2020-09-151-10/+21
| | | | | | | return values on fail. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
* lib/util: remove extra safe_string.h fileMatthew DeVore2020-08-284-0/+9
| | | | | | | | | | | | | | | | | | lib/util/safe_string.h is similar to source3/include/safe_string.h, but the former has fewer checks. It is missing bcopy, strcasecmp, and strncasecmp. Add the missing elements to lib/util/safe_string.h remove the other safe_string.h which is in the source3-specific path. To accomodate existing uses of str(n?)casecmp, add #undef lines to source files where they are used. Signed-off-by: Matthew DeVore <matvore@google.com> Reviewed-by: David Mulder <dmulder@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 28 02:18:40 UTC 2020 on sn-devel-184
* libcli:smb: Add smb_encryption_setting_translate()Andreas Schneider2020-08-193-0/+40
| | | | | | | | Add encryption enum and function to avoid confusion when reading the code. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli:smb: Add smb_signing_setting_translate()Andreas Schneider2020-08-194-0/+96
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* param: Create and use enum_smb_encryption_valsAndreas Schneider2020-08-191-0/+9
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli:smb2: Use talloc NULL context if we don't have a stackframeAndreas Schneider2020-08-191-4/+26
| | | | | | | | | | | If we execute this code from python we don't have a talloc stackframe around and segfault with talloc_tos(). To fix the crash we use the NULL context as we take care for freeing the memory as soon as possible. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli:smb2: Do not leak ptext on errorAndreas Schneider2020-08-191-0/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/ldap: Fix CID 1462695 Resource leakVolker Lendecke2020-08-061-0/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/ldap: Fix CID 1462696 Resource leakVolker Lendecke2020-08-061-0/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/ldap: Fix CID 1465278 Resource leakVolker Lendecke2020-08-061-0/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3/s4: Cleanup. Move TALLOC_CTX * parameter to be first in ↵Jeremy Allison2020-08-042-6/+8
| | | | | | | | | resolve_lmhosts_file_as_sockaddr() to match modern conventions. No logic changes. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Isaac Boukris <iboukris@samba.org>
* lib: relicense smb_strtoul(l) under LGPLv3Ralph Boehme2020-08-031-0/+1
| | | | | | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Aug 3 22:21:04 UTC 2020 on sn-devel-184
* libcli/ldap: Fix decoding struct ldap_ExtendedResponseVolker Lendecke2020-07-091-2/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/ldap: Test decoding an exop responseVolker Lendecke2020-07-092-0/+43
| | | | | | | | ldap-starttls-response.dat is a reply to a starttls extended operation. Right now ldap_decode() does not handle this correctly. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/smb: define FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUTStefan Metzmacher2020-07-081-0/+8
| | | | | | | | | | This will be used by smbtorture in order to simulate channel failures without relying on iptables. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* CVE-2020-14303: s4 nbt: fix busy loop on empty UDP packetGary Lockyer2020-07-021-1/+16
| | | | | | | | | | | | An empty UDP packet put the nbt server into a busy loop that consumes 100% of a cpu. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14417 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Thu Jul 2 10:26:24 UTC 2020 on sn-devel-184
* libcli ldap tests: remove use of zero length arrayGary Lockyer2020-06-231-1/+1
| | | | | | | | | | | | | | libcli/ldap/tests/ldap_message_test.c defines a zero length array (uint8_t buf[0]), which is a GCC extension and breaks the build with some strict compilers like xlc. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14387 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Jun 23 02:15:35 UTC 2020 on sn-devel-184
* libcli: Remove define STATUS_EA_LIST_INCONSISTENTChristof Schmitt2020-06-222-2/+0
| | | | | | | | | | | The auto-generated define NT_STATUS_EA_LIST_INCONSISTENT is still available. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jun 22 13:30:51 UTC 2020 on sn-devel-184
* libcli: Remove define STATUS_STOPPED_ON_SYMLINKChristof Schmitt2020-06-222-2/+0
| | | | | | | The auto-generated define NT_STATUS_STOPPED_ON_SYMLINK is still available. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* libcli: Remove define for STATUS_PENDINGChristof Schmitt2020-06-221-1/+0
| | | | | | The auto-generated define NT_STATUS_PENDING is still available. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* libcli: Use NT_STATUS_PENDING instead of STATUS_PENDINGChristof Schmitt2020-06-221-3/+3
| | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* libcli: Remove define for STATUS_NOTIFY_ENUM_DIRChristof Schmitt2020-06-222-2/+0
| | | | | | The auto-generated define NT_STATUS_NOTIFY_ENUM_DIR is still available. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* libcli: Remove define for STATUS_NOTIFY_CLEANUPChristof Schmitt2020-06-222-2/+0
| | | | | | The auto-generated NT_STATUS_NOTIFY_CLEANUP is still available. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* libcli: Remove define for STATUS_INVALID_EA_FLAGChristof Schmitt2020-06-222-2/+0
| | | | | | The auto-generated define NT_STATUS_INVALID_EA_FLAG is still available. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
View Lorry Controller Status