summaryrefslogtreecommitdiff
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
* libcli: Fix debug message, print sid string for new_ace trustee.Noel Power2016-02-161-1/+1
| | | | | | Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* dlist: remove unneeded type argument from DLIST_ADD_END()Michael Adam2016-02-063-8/+7
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* spnego: Some simplificationsVolker Lendecke2016-02-031-4/+3
| | | | | | | | asn1_tag_remaining already checks for has_error and only returns positive if there is error-free space left Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* ldap: Correctly check asn1_tag_remaining retvalVolker Lendecke2016-02-031-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* libcli/smb: add define SMB_ENCRYPTION_GSSAPI for CIFS encryption typeRalph Boehme2016-01-221-1/+1
| | | | | | | | | | | | | | | Add a define for the CIFS UNIX extensions encryption type. We store this in smbXsrv_channel and use it in smbstatus for showing the CIFS/SMB2/SMB3 encryption cipher used. The SMB3 encryption cipher constants start at 1, carefully choosing the highest available bit for the CIFS UNIX extensions encryption cipher should avoid collisions and leaves room for many SMB3 ciphers in the future. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* security: Add Asserted Identity sids (S-1-18)Günther Deschner2016-01-152-0/+11
| | | | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=11677 definitions taken from [MS-DTYP]: Windows Data Types, 2.4.2.4 Well-Known SID Structures. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Rename 'errors' to 'samba-errors' and make it public.Jelmer Vernooij2016-01-134-5/+7
| | | | | | | | | | | This is necessary because it has public headers. Signed-off-by: Jelmer Vernooij <jelmer@jelmer.uk> Reviewed-By: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Wed Jan 13 07:47:04 CET 2016 on sn-devel-144
* libcli: Make headers for private libraries private.Jelmer Vernooij2016-01-132-5/+4
| | | | | | Signed-off-by: Jelmer Vernooij <jelmer@jelmer.uk> Reviewed-By: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Stefan Metzmacher <metze@samba.org>
* Add a new header file for functions in lib/util/util.c.Jelmer Vernooij2016-01-131-0/+2
| | | | | | | | | This allows public headers to not include samba_util.h, but rather specific header files under lib/util. Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-By: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Stefan Metzmacher <metze@samba.org>
* Avoid including libds/common/roles.h in public loadparm.h header.Jelmer Vernooij2016-01-131-0/+1
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-By: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Stefan Metzmacher <metze@samba.org>
* samdb: Add explicit dependency on ldb.Jelmer Vernooij2016-01-131-1/+1
| | | | | | This is needed to pull in the right -I flags. Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
* libcli: Remove a reference to asn1->ofsVolker Lendecke2016-01-061-7/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use asn1_current_ofs()Volker Lendecke2016-01-061-2/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use asn1_has_nestingVolker Lendecke2016-01-061-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use asn1_extract_blob()Volker Lendecke2016-01-062-6/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use asn1_set_error()Volker Lendecke2016-01-061-10/+10
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use asn1_has_error()Volker Lendecke2016-01-062-17/+21
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* asn1: Make asn1_peek_full_tag return 0/errnoVolker Lendecke2016-01-061-1/+8
| | | | | | | | We don't need the full power of NTSTATUS here. This was the only NTSTATUS in asn1.h, so I think it's worth removing it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* CVE-2015-5296: libcli/smb: make sure we require signing when we demand ↵Stefan Metzmacher2015-12-161-0/+11
| | | | | | | | | encryption on a session BUG: https://bugzilla.samba.org/show_bug.cgi?id=11536 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libdns: Small cleanupVolker Lendecke2015-12-081-2/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libdns: Convert dns_udp_request to 0/errnoVolker Lendecke2015-12-082-21/+20
| | | | | | | Replaces 5 calls to unix_to_werror with just one Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libdns: Properly set ENOMEMVolker Lendecke2015-12-081-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libdns: tsocket returns -1 and sets errnoVolker Lendecke2015-12-081-3/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: fix BUFFER_OVERFLOW handling in tstream_smbXcli_npStefan Metzmacher2015-12-011-3/+10
| | | | | | | | | | | | | | | | | | The special error is not NT_STATUS_BUFFER_TOO_SMALL, but STATUS_BUFFER_OVERFLOW. Tested using TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE == 20 and running the following commands against a Windows 2012R2 server: bin/smbtorture ncacn_np:SERVER[] rpc.lsa-getuser bin/smbtorture ncacn_np:SERVER[smb2] rpc.lsa-getuser BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 1 03:42:52 CET 2015 on sn-devel-104
* libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb1cli_readx*Stefan Metzmacher2015-12-011-18/+35
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_query_info*Stefan Metzmacher2015-12-011-5/+19
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_read*Stefan Metzmacher2015-12-011-5/+21
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: make sure we have a body size of 0x31 before dereferencing an ↵Stefan Metzmacher2015-12-011-37/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ioctl response Found by valgrind, reported by Noel Power <nopower@suse.com>: ==7913== Invalid read of size 1 ==7913== at 0xC4F23EE: smb2cli_ioctl_done (smb2cli_ioctl.c:245) ==7913== by 0x747A744: _tevent_req_notify_callback (tevent_req.c:112) ==7913== by 0x747A817: tevent_req_finish (tevent_req.c:149) ==7913== by 0x747A93C: tevent_req_trigger (tevent_req.c:206) ==7913== by 0x7479B2B: tevent_common_loop_immediate (tevent_immediate.c:135) ==7913== by 0xA9CB4BE: run_events_poll (events.c:192) ==7913== by 0xA9CBB32: s3_event_loop_once (events.c:303) ==7913== by 0x7478C72: _tevent_loop_once (tevent.c:533) ==7913== by 0x747AACD: tevent_req_poll (tevent_req.c:256) ==7913== by 0x505315D: tevent_req_poll_ntstatus (tevent_ntstatus.c:109) ==7913== by 0xA7201F2: cli_tree_connect (cliconnect.c:2764) ==7913== by 0x165FF7: cm_prepare_connection (winbindd_cm.c:1276) ==7913== Address 0x16ce24ec is 764 bytes inside a block of size 813 alloc'd ==7913== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==7913== by 0x768A0C1: __talloc_with_prefix (talloc.c:668) ==7913== by 0x768A27E: _talloc_pool (talloc.c:721) ==7913== by 0x768A41E: _talloc_pooled_object (talloc.c:790) ==7913== by 0x747A594: _tevent_req_create (tevent_req.c:66) ==7913== by 0xCF6E2FA: read_packet_send (async_sock.c:414) ==7913== by 0xCF6EB54: read_smb_send (read_smb.c:54) ==7913== by 0xC4DA146: smbXcli_conn_receive_next (smbXcli_base.c:1027) ==7913== by 0xC4DA02D: smbXcli_req_set_pending (smbXcli_base.c:978) ==7913== by 0xC4DF776: smb2cli_req_compound_submit (smbXcli_base.c:3166) ==7913== by 0xC4DFC1D: smb2cli_req_send (smbXcli_base.c:3268) ==7913== by 0xC4F2210: smb2cli_ioctl_send (smb2cli_ioctl.c:149) ==7913== BUG: https://bugzilla.samba.org/show_bug.cgi?id=11622 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: Use helper function for finding sessionChristof Schmitt2015-11-181-19/+18
| | | | | | | | | | This removes some duplicated code. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Nov 18 04:04:17 CET 2015 on sn-devel-104
* repl: Give an error if we get a secret when not expecting oneAndrew Bartlett2015-10-262-0/+7
| | | | | | | | | We should never get a secret from a server when we specify DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING This asserts that this is the case. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* lib: cli: Add accessor function smb2cli_tcon_flags() to get tcon flags.Jeremy Allison2015-10-142-0/+6
| | | | | | | | | We need this to see if a share supports access-based enumeration. https://bugzilla.samba.org/show_bug.cgi?id=10252 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libdap: Fix a '\0' vs NULL mixupVolker Lendecke2015-10-141-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Change the libreadline word-break character set to only space, TAB and NL so ↵Richard Sharpe2015-10-071-0/+6
| | | | | | | | | | | | | that we can attempt to do tab completion across backslashes. This turned out to be all that was needed to enable cd to handle multiple directory levels. Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Oct 7 04:16:24 CEST 2015 on sn-devel-104
* lib: Remove unused sid_blob_parseVolker Lendecke2015-08-262-15/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Make sid_parse take a uint8_tVolker Lendecke2015-08-262-2/+2
| | | | | | | | sid_parse takes a binary blob, uint8_t reflects this a bit better than char * does Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use dom_sid_equal where appropriateVolker Lendecke2015-08-201-1/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* libcli/smb: prefer AES128_CCMStefan Metzmacher2015-08-171-2/+6
| | | | | | | | | | | | Callgrind showed that we use 28,165,720,719 cpu cycles to send a 100MB file to a client using aes-ccm. With aes-gcm this is raises up to 723,094,413,831 cpu cycles. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* libcli: Use iov_buflen in smb2_signing.cVolker Lendecke2015-08-141-6/+11
| | | | | | | | | | This gives us overflow protection. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Aug 14 13:56:49 CEST 2015 on sn-devel-104
* lib: Remove some unused codeVolker Lendecke2015-08-142-20/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* lib: Remove some unused codeVolker Lendecke2015-08-142-24/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* Introduce setting "desired" for 'smb encrypt' and 'client/server signing'Michael Adam2015-07-072-0/+7
| | | | | | | | | | | This should trigger the behaviour where the server requires signing when the client supports it, but does not reject clients that don't support it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* libcli/smb: let tstream_smbXcli_np report connection errors as EPIPE instead ↵Stefan Metzmacher2015-07-031-4/+4
| | | | | | | | | | | | | of EIO This maps to NT_STATUS_CONNECTION_DISCONNECTED instead of NT_STATUS_IO_DEVICE_ERROR. EPIPE, NT_STATUS_CONNECTION_DISCONNECTED matches what other tstream backends e.g. tcp and unix report. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* libsmb: Streamline smb1cli_trans a bitVolker Lendecke2015-06-261-3/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* lib: ldap: Properly check talloc error returns.Jeremy Allison2015-06-161-1/+10
| | | | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jun 16 04:16:13 CEST 2015 on sn-devel-104
* libcli/smb: make sure we remove the writev_send() request when a request is ↵Stefan Metzmacher2015-06-121-0/+14
| | | | | | | | | | | | destroyed This way smbXcli_conn_disconnect() removes all tevent_fd structures attached to the sock_fd before closing it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/smb: add smb1 requests to the pending array before writev_send()Stefan Metzmacher2015-06-121-12/+6
| | | | | | | | | | This way we have a change to destroy the pending writev_send request before closing the socket in smbXcli_conn_disconnect(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/smb: make sure the writev_send of smbXcli_conn_samba_suicide() is ↵Stefan Metzmacher2015-06-121-0/+53
| | | | | | | | | removed before closing the socket BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/smb: remove unused split of read_fd and write_fdStefan Metzmacher2015-06-121-26/+12
| | | | | | | | | | The tevent epoll backend supports separate read and write tevent_fd structure on a single fd, so there's no need for a dup() anymore. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/smb: close the socket fd at the end of smbXcli_conn_disconnect()Stefan Metzmacher2015-06-121-6/+9
| | | | | | | | | | We need to cancel all pending requests before closing the socket fds, otherwise we cause problem with the interaction with the epoll event backend. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/smb: use tevent_req_received(req) in read_smb_recv()Stefan Metzmacher2015-06-121-0/+2
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
View Lorry Controller Status