diff options
Diffstat (limited to 'source4/smb_server')
-rw-r--r-- | source4/smb_server/sesssetup.c | 68 |
1 files changed, 21 insertions, 47 deletions
diff --git a/source4/smb_server/sesssetup.c b/source4/smb_server/sesssetup.c index 0dfdb488a6..5533eca607 100644 --- a/source4/smb_server/sesssetup.c +++ b/source4/smb_server/sesssetup.c @@ -51,14 +51,10 @@ static NTSTATUS sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *s struct auth_session_info *session_info; struct smbsrv_session *smb_sess; const char *remote_machine = NULL; - TALLOC_CTX *mem_ctx; - sess->old.out.vuid = UID_FIELD_INVALID; + sess->old.out.vuid = 0; sess->old.out.action = 0; - mem_ctx = talloc_named(req, 0, "OLD session setup"); - NT_STATUS_HAVE_NO_MEMORY(mem_ctx); - if (!req->smb_conn->negotiate.done_sesssetup) { req->smb_conn->negotiate.max_send = sess->old.in.bufsize; } @@ -68,14 +64,11 @@ static NTSTATUS sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *s } if (!remote_machine) { - remote_machine = socket_get_peer_addr(req->smb_conn->connection->socket, mem_ctx); + remote_machine = socket_get_peer_addr(req->smb_conn->connection->socket, req); } - user_info = talloc(req->smb_conn, struct auth_usersupplied_info); - if (!user_info) { - talloc_free(mem_ctx); - return NT_STATUS_NO_MEMORY; - } + user_info = talloc(req, struct auth_usersupplied_info); + NT_STATUS_HAVE_NO_MEMORY(user_info); user_info->mapped_state = False; user_info->logon_parameters = 0; @@ -83,7 +76,7 @@ static NTSTATUS sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *s user_info->client.account_name = sess->old.in.user; user_info->client.domain_name = sess->old.in.domain; user_info->workstation_name = remote_machine; - user_info->remote_host = socket_get_peer_addr(req->smb_conn->connection->socket, mem_ctx); + user_info->remote_host = socket_get_peer_addr(req->smb_conn->connection->socket, user_info); user_info->password_state = AUTH_PASSWORD_RESPONSE; user_info->password.response.lanman = sess->old.in.password; @@ -91,15 +84,13 @@ static NTSTATUS sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *s user_info->password.response.nt = data_blob(NULL, 0); status = auth_check_password(req->smb_conn->negotiate.auth_context, - mem_ctx, user_info, &server_info); + req, user_info, &server_info); if (!NT_STATUS_IS_OK(status)) { - talloc_free(mem_ctx); return auth_nt_status_squash(status); } /* This references server_info into session_info */ status = auth_generate_session_info(req, server_info, &session_info); - talloc_free(mem_ctx); if (!NT_STATUS_IS_OK(status)) { return auth_nt_status_squash(status); } @@ -133,21 +124,16 @@ static NTSTATUS sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *s static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess) { NTSTATUS status; - const char *remote_machine = NULL; - struct auth_context *auth_context; - struct smbsrv_session *smb_sess; struct auth_usersupplied_info *user_info = NULL; struct auth_serversupplied_info *server_info = NULL; struct auth_session_info *session_info; - TALLOC_CTX *mem_ctx; + struct smbsrv_session *smb_sess; + const char *remote_machine = NULL; - sess->nt1.out.vuid = UID_FIELD_INVALID; + sess->nt1.out.vuid = 0; sess->nt1.out.action = 0; - mem_ctx = talloc_named(req, 0, "NT1 session setup"); - NT_STATUS_HAVE_NO_MEMORY(mem_ctx); - if (!req->smb_conn->negotiate.done_sesssetup) { req->smb_conn->negotiate.max_send = sess->nt1.in.bufsize; req->smb_conn->negotiate.client_caps = sess->nt1.in.capabilities; @@ -155,20 +141,16 @@ static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *s if (req->smb_conn->negotiate.spnego_negotiated) { if (sess->nt1.in.user && *sess->nt1.in.user) { - talloc_free(mem_ctx); /* We can't accept a normal login, because we * don't have a challenge */ return NT_STATUS_LOGON_FAILURE; } /* TODO: should we use just "anonymous" here? */ - status = auth_context_create(mem_ctx, lp_auth_methods(), + status = auth_context_create(req, lp_auth_methods(), &auth_context, req->smb_conn->connection->event.ctx); - if (!NT_STATUS_IS_OK(status)) { - talloc_free(mem_ctx); - return status; - } + NT_STATUS_NOT_OK_RETURN(status); } else { auth_context = req->smb_conn->negotiate.auth_context; } @@ -178,14 +160,11 @@ static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *s } if (!remote_machine) { - remote_machine = socket_get_peer_addr(req->smb_conn->connection->socket, mem_ctx); + remote_machine = socket_get_peer_addr(req->smb_conn->connection->socket, req); } - user_info = talloc(req->smb_conn, struct auth_usersupplied_info); - if (!user_info) { - talloc_free(mem_ctx); - return NT_STATUS_NO_MEMORY; - } + user_info = talloc(req, struct auth_usersupplied_info); + NT_STATUS_HAVE_NO_MEMORY(user_info); user_info->mapped_state = False; user_info->logon_parameters = 0; @@ -193,7 +172,7 @@ static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *s user_info->client.account_name = sess->nt1.in.user; user_info->client.domain_name = sess->nt1.in.domain; user_info->workstation_name = remote_machine; - user_info->remote_host = socket_get_peer_addr(req->smb_conn->connection->socket, mem_ctx); + user_info->remote_host = socket_get_peer_addr(req->smb_conn->connection->socket, user_info); user_info->password_state = AUTH_PASSWORD_RESPONSE; user_info->password.response.lanman = sess->nt1.in.password1; @@ -201,22 +180,18 @@ static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *s user_info->password.response.nt = sess->nt1.in.password2; user_info->password.response.nt.data = talloc_steal(user_info, sess->nt1.in.password2.data); - status = auth_check_password(auth_context, - mem_ctx, user_info, &server_info); + status = auth_check_password(auth_context, req, user_info, &server_info); if (!NT_STATUS_IS_OK(status)) { - talloc_free(mem_ctx); return auth_nt_status_squash(status); } /* This references server_info into session_info */ - status = auth_generate_session_info(mem_ctx, server_info, &session_info); + status = auth_generate_session_info(req, server_info, &session_info); if (!NT_STATUS_IS_OK(status)) { - talloc_free(mem_ctx); return auth_nt_status_squash(status); } smb_sess = smbsrv_register_session(req->smb_conn, session_info, NULL); - talloc_free(mem_ctx); if (!smb_sess) { return NT_STATUS_ACCESS_DENIED; } @@ -234,13 +209,11 @@ static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *s &sess->nt1.out.os, &sess->nt1.out.lanman, &sess->nt1.out.domain); - - req->session = smbsrv_session_find(req->smb_conn, sess->nt1.out.vuid); + if (!session_info->server_info->authenticated) { return NT_STATUS_OK; } - if (!srv_setup_signing(req->smb_conn, &session_info->session_key, &sess->nt1.in.password2)) { /* Already signing, or disabled */ return NT_STATUS_OK; @@ -248,6 +221,7 @@ static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *s /* Force check of the request packet, now we know the session key */ req_signing_check_incoming(req); +/* TODO: why don't we check the result here? */ /* Unfortunetly win2k3 as a client doesn't sign the request * packet here, so we have to force signing to start again */ @@ -269,7 +243,7 @@ static NTSTATUS sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup struct auth_session_info *session_info = NULL; uint16_t vuid; - sess->spnego.out.vuid = UID_FIELD_INVALID; + sess->spnego.out.vuid = 0; sess->spnego.out.action = 0; sesssetup_common_strings(req, @@ -321,7 +295,7 @@ static NTSTATUS sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup status = gensec_session_key(gensec_ctx, &session_key); - +/* TODO: what if getting the session key failed? */ if (NT_STATUS_IS_OK(status) && session_info->server_info->authenticated && srv_setup_signing(req->smb_conn, &session_key, NULL)) { |