summaryrefslogtreecommitdiff
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
* libsocket: Add "mem_ctx" to socket_create()Volker Lendecke2018-02-271-3/+2
| | | | | | | | Every caller did a talloc_steal() after socket_create(). Just pass in the correct memory context. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/security: add dom_sid_lookup_predefined_{sid,name}()Stefan Metzmacher2018-02-212-0/+512
| | | | | | | | | | This basically implements [MS-LSAT] 3.1.1.1.1 Predefined Translation Database and Corresponding View. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* libnbt: Apply some constVolker Lendecke2018-02-132-2/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* libnbt: Use TALLOC_FREEVolker Lendecke2018-02-131-4/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Make g_lock_unlock use TDB_DATAVolker Lendecke2018-02-081-2/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Make g_lock_lock_send use TDB_DATAVolker Lendecke2018-02-081-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* smbXcli: Add "force_channel_sequence"Volker Lendecke2018-01-142-1/+18
| | | | | | | | | | | This enables use of the channel sequence number even for non-multi-channel servers. This makes our client invalid, but we need to protect against broken clients with tests. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dnscli: Make a few functions staticVolker Lendecke2018-01-062-56/+18
| | | | | | | | We might want to use the tcp flavor in the future in the forwarder for a single, persistent TCP connection. Then we can easily re-publish it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libdns: Add dns_cli_requestVolker Lendecke2018-01-043-2/+209
| | | | | | First UDP, then TCP if truncation happened Signed-off-by: Volker Lendecke <vl@samba.org>
* libdns: dns/tcp clientVolker Lendecke2018-01-042-0/+229
| | | | | | | | | | | Same signature as the UDP client in the same file. This opens and closes the socket per request. In the future, we might want to create a persistent TCP connection for our internal DNS server's forwarder. That will require proper handling of in-flight requests. Something for another day. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libdns: Fix a typoVolker Lendecke2018-01-041-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib/smbreadline: detect picky compile issue with readline.hUri Simchoni2017-11-241-0/+33
| | | | | | | | | | | | | | readline.h has build issues with clang if -Wstrict-prototypes is enabled. Detect this and also detect whether the known workaround works. Fix suggested by Timur I. Bakeyev <timur@freebsd.org> cf. https://lists.gnu.org/archive/html/bug-readline/2014-04/msg00018.html cf. https://lists.samba.org/archive/samba-technical/2017-November/123923.html Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib: Save a few bytes of .textVolker Lendecke2017-11-131-1/+1
| | | | | | | | Looks surprising, but this does save bytes if you look at the object with "size". Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Fix a signed/unsigned hickupVolker Lendecke2017-11-131-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Fix a typoVolker Lendecke2017-11-101-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Richard Sharpe <sharpe@samba.org>
* vfs_fruit: Add Time Machine supportKevin Anderson2017-10-041-0/+1
| | | | | | | | | Add a configuration option to disable/enable Time Machine support via the FULLSYNC AAPL flag. Signed-off-by: Kevin Anderson <andersonkw2@gmail.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* netlogon_creds_cli: Pass "capabilities" up from creds_cli_checkVolker Lendecke2017-09-252-5/+15
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Protect netlogon_creds_cli_auth by _lckVolker Lendecke2017-09-251-60/+2
| | | | | | | | | This widens the lock range to cover the check for established credentials. Before this patch it could happen that more than one winbind finds no credentials and does the auth3. This can pile up. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Protect netlogon_creds_cli_check by _lckVolker Lendecke2017-09-251-63/+38
| | | | | | | netlogon_creds_cli_lck provides the locking around the operation Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Add netlogon_creds_cli_delete_lckVolker Lendecke2017-09-252-0/+15
| | | | | | | | Like netlogon_creds_cli_delete, protected by netlogon_creds_cli_lck instead of netlogon_creds_cli_lock. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Add netlogon_creds_cli_lckVolker Lendecke2017-09-252-0/+163
| | | | | | | | | | This adds an external locking scheme to protect our netlogon_creds_CredentialState. This is needed because the routines exposed by netlogon_creds_cli.h need a more flexible locking to set up our credentials in a properly protected way. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* rpc_client3: Avoid "cli_credentials" in cli_rpc_pipe_open_schannel_with_credsVolker Lendecke2017-09-251-0/+1
| | | | | | | | | This provides cleaner data dependencies. A netlogon_creds_ctx contains everything required to open an schannel, there is no good reason to require cli_credentials here. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Create cli_credentials from netlogon creds ctxVolker Lendecke2017-09-252-0/+36
| | | | | | | | A netlogon_creds_cli_context holds all information required to do an schannel bind. Used in the next commit. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Factor out netlogon_creds_cli_delete_internalVolker Lendecke2017-09-251-7/+10
| | | | | | | | In a future commit we'll need a version that does not check for context->db.locked_state Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Factor out netlogon_creds_cli_store_internalVolker Lendecke2017-09-251-16/+26
| | | | | | | | In a future commit we'll need a version that does not check for context->db.locked_state Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Print netlogon_creds_CredentialStateVolker Lendecke2017-09-251-0/+8
| | | | | | | Add some debugging for the tdb records Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Simplify netlogon_creds_cli_getVolker Lendecke2017-09-251-70/+11
| | | | | | | | netlogon_creds_cli_get_internal almost does everything needed, only the invalidating for credential chain use is missing. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Rename netlogon_creds_cli_lock_fetch->get_internalVolker Lendecke2017-09-251-4/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Transfer a commentVolker Lendecke2017-09-251-0/+32
| | | | | | | This part of from netlogon_creds_cli_get will go Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Remove tevent_req handling from ↵Volker Lendecke2017-09-251-21/+26
| | | | | | | | | | netlogon_creds_cli_lock_fetch Disentangle concerns, make netlogon_creds_cli_lock_fetch usable for other callers Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Remove unused codeVolker Lendecke2017-09-252-51/+0
| | | | | | | According to metze this was meant for test code that never materialized Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Simplify netlogon_creds_cli_deleteVolker Lendecke2017-09-252-15/+16
| | | | | | | Don't implicitly TALLOC_FREE(creds) in the pure delete routine Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Simplify netlogon_creds_cli_storeVolker Lendecke2017-09-252-17/+18
| | | | | | | | | Don't implicitly TALLOC_FREE(creds) in the pure store routine. This mixes up responsibilities, and there's not enough callers to justify the TALLOC_FREE to be centralized. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Simplify netlogon_creds_cli_context_globalVolker Lendecke2017-09-251-7/+0
| | | | | | | netlogon_creds_cli_open_global_db() already contains the NULL check. Use that. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Fix talloc_stackframe leaksVolker Lendecke2017-09-251-0/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2017-12150: libcli/smb: add smbXcli_conn_signing_mandatory()Stefan Metzmacher2017-09-202-0/+6
| | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* libcli: Apply some constVolker Lendecke2017-09-162-4/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Use data_blob_cmp in netlogon_creds_cli_validateVolker Lendecke2017-09-161-11/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Simplify netlogon_creds_cli_context_globalVolker Lendecke2017-09-161-3/+3
| | | | | | | (require_sign_or_seal == false) looks odd :-) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Simplify netlogon_creds_cli_context_commonVolker Lendecke2017-09-161-11/+2
| | | | | | | | IMHO a full talloc_stackframe is overkill for the one allocation that is left here. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Simplify netlogon_creds_cli_context_commonVolker Lendecke2017-09-161-11/+8
| | | | | | | printf knows to only print part of a string. No need to talloc_strdup. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: A netlogon_creds_cli_context needs a msg_ctxVolker Lendecke2017-09-161-7/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Remove an obsolete commentVolker Lendecke2017-09-161-4/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Avoid a static const structVolker Lendecke2017-09-161-4/+3
| | | | | | | | | | | | | Same number of .text bytes, but simpler code. Yes, this is {{0}} instead of {0}, which I always promote. I've just read a comment on stackoverflow (which I've unfortunately just closed the tab for :-() that {{0}} might actually be the correct way to init a struct to zero if the first struct element is again a struct. I'm lost. 25 years of C coding and I have no clue of the language :-( Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Pass "server_dns_domain" through ↵Volker Lendecke2017-09-162-0/+2
| | | | | | | netlogon_creds_cli_context_global Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* netlogon_creds_cli: Add "dns_domain" to netlogon_creds_cli_contextVolker Lendecke2017-09-161-0/+11
| | | | | | | Used later for creating schannel cli_credentials Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION ↵Jeremy Allison2017-09-141-3/+12
| | | | | | | | | | | | | | flag. This is a SHOULD not, not a MUST not. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13009 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Steve French <sfrench@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 14 14:48:20 CEST 2017 on sn-devel-144
* libcli/security: Move debug message to DBG_DEBUG()Andrew Bartlett2017-09-071-1/+1
| | | | | | | This message shows up a lot at level 6 for no particularly good reason Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* python: Port samba.security to Python 3 compatible form.Lumir Balhar2017-09-062-12/+22
| | | | | | Signed-off-by: Lumir Balhar <lbalhar@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* python: Make generated modules samba.ntstatus and samba.werror Python 3 ↵Lumir Balhar2017-08-221-10/+11
| | | | | | | | | | | compatible. Signed-off-by: Lumir Balhar <lbalhar@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Aug 22 17:38:17 CEST 2017 on sn-devel-144
View Lorry Controller Status