summaryrefslogtreecommitdiff
path: root/source3/libsmb/smb_signing.c
AgeCommit message (Collapse)AuthorFilesLines
2007-12-04Fix signing bug found by Volker. That one was *subtle*.Jeremy Allison1-74/+5
Jeremy (This used to be commit 816aea6c1a426eb2450061b847729e22bdac33a0)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-32/+32
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r23991: Some constVolker Lendecke1-1/+1
(This used to be commit 804be77e4695eb923048948dbc6e223967fdef94)
2007-10-10r23986: Some constVolker Lendecke1-5/+13
(This used to be commit dc6f4bdb7f5fc0fd4cd9f687c47af3719985da8b)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r22920: Add in the UNIX capability for 24-bit readX, as discussedJeremy Allison1-0/+10
with the Apple guys and Linux kernel guys. Still looking at how to do writeX as there's no recvfile(). Jeremy. (This used to be commit a53268fb2082de586e2df250d8ddfcff53379102)
2007-10-10r22001: change prototype of dump_data(), so that it takes unsigned char * now,Stefan Metzmacher1-10/+10
which matches what samba4 has. also fix all the callers to prevent compiler warnings metze (This used to be commit fa322f0cc9c26a9537ba3f0a7d4e4a25941317e7)
2007-10-10r21922: Fixed the build by rather horrid means. I really needJeremy Allison1-30/+1
to restructure libsmb/smb_signing.c so it isn't in the base libs path but lives in libsmb instead (like smb_seal.c does). Jeremy. (This used to be commit 1b828f051d0782201f697de15ff973bd6b097d5b)
2007-10-10r21897: Add in a basic raw NTLM encrypt request. NowJeremy Allison1-4/+34
for testing. Jeremy. (This used to be commit 783a7b3085a155d9652cd725bf2960cd272cb554)
2007-10-10r19659: Fix bug #4187. Possible crash in signing on/off code.Jeremy Allison1-0/+8
Jeremy. (This used to be commit 78c1c43523d787825bdb6d52e128bf0af5eccaae)
2007-10-10r17595: Fix from Ben Winslow <rain@bluecherry.net> to allowJeremy Allison1-0/+4
client smb signing to be correctly turned off. Jeremy. (This used to be commit 61f052b0a67b8a05b5d925bf8bbad73369ac03bd)
2007-10-10r17431: Fix bug #4003, reported by dale-keyword-samba.c7b741@codefu.org.Jeremy Allison1-0/+3
NTcancel doesn't send a reply, so in this case the signing sequence number is only incremented by 1, not 2. Jeremy. (This used to be commit 85841a01987e653a085af00c7c437145686a332b)
2007-10-10r17333: Some C++ warningsVolker Lendecke1-5/+10
(This used to be commit be9aaffdaccae06c8c035eaf31862e34b7cfbe38)
2007-10-10r17292: Try and fix bug #3967 - signing problems on transJeremy Allison1-3/+66
calls introduced by signing code simplification. Please test if you've seen signing problems with 3.0.23a. Jeremy. (This used to be commit f462daf02c12cfba634f92e681eb23a09e7d0acf)
2007-10-10r16696: Fix the multiple-outstanding write and trans clientJeremy Allison1-2/+22
signing bug. Jeremy. (This used to be commit 3b7fbe856cea7cbb5bf91844f94f221be0a2c627)
2007-10-10r16630: Fix bug #3881, reported by jason@ncac.gwu.edu.Jeremy Allison1-3/+0
Jeremy. (This used to be commit ec0a47b94c12b64d351ca8e6bdd467578528f3da)
2007-10-10r15018: Merge Volker's ipc/trans2/nttrans changes overJeremy Allison1-218/+16
into 3.0. Also merge the new POSIX lock code - this is not enabled unless -DDEVELOPER is defined. This doesn't yet map onto underlying system POSIX locks. Updates vfs to allow lock queries. Jeremy. (This used to be commit 08e52ead03304ff04229e1bfe544ff40e2564fc7)
2007-10-10r14355: Try and fix Coverity #158 by making the pointerJeremy Allison1-6/+8
aliasing clearer. This isn't a bug but a code clarification. Jeremy. (This used to be commit 7ada96a1cfb1e928b7dfde101ca250b20024243f)
2007-10-10r5806: * fix a couple more segvs in spoolssGerald Carter1-0/+3
* comment out unused variable after jra's change to revert the 56bit des smb signing changes (This used to be commit 13ed08cd2a1097021cc44f4109859ba89db7df81)
2007-10-10r5804: Revert the signing change by Nalin Dahyabhai <nalin@redhat.com>.Jeremy Allison1-1/+4
Seems to be incorrect (several user reports). Jeremy. (This used to be commit 0abfb67c79dde280b3dae14a7c7bcdb5f4d58e44)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-5/+5
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r3294: Fix for SMB signing with 56-bit DES session keys. From Nalin ↵Jeremy Allison1-2/+9
Dahyabhai <nalin@redhat.com>. Jeremy. (This used to be commit 55d23cb253d869e58bd51cf179c6dc0f3cfab9d2)
2007-10-10r1487: Remove unused parameter for the client-side signing functions.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 6d594d5bb119b6bc3f4c7699752666ac24d04745)
2007-10-10r1121: Fix memory leak in the trans2 signing code.Andrew Bartlett1-2/+10
We would start the trans2 state, which is fine, but never pull the expected reply off the packet queue. I'm not sure if this is still a major problem after jra's recent 'no duplicate mids on the list' change, but I think this is correct anyway. (This used to be commit ee23a4237d427ce72d6a8c5f180ef48d6454cddc)
2007-10-10r1117: Doh ! Remember to turn off signing when sending a "break to level II" ↵Jeremy Allison1-10/+24
oplock message, or we mess up the signing sequence number.... Also improve sign error reporting. Also when deferring an open that had been deferred due to an oplock break, don't re-add the mid to the pending sign queue or we increment the sequence number twice and mess up signing again... I can now bounce between 2 WinXP/Win2003 boxes opening Excel spreadsheets with signing turned on and get correct "file in use" messages. Jeremy. (This used to be commit 1745ce4e2cf7fcb4c27c077973258d157cd241b1)
2007-10-10r1115: Fix for #1427. Catch bad path errors at the right point. Ensure allJeremy Allison1-2/+2
our pathname parsing is consistent. Jeremy. (This used to be commit 5e8237e306f0bb0e492f10fb6487938132899384)
2004-03-27Let the comment match the function...Andrew Bartlett1-2/+1
Andrew Bartlett (This used to be commit 43c71b3202e909cca7c41c54d0b340aea1323db6)
2004-03-27Make it clearer that this error refers to the peer, as this code is in bothAndrew Bartlett1-2/+2
the client and server. Andrew Bartlett (This used to be commit 414d3fdc753b44262e9a281170d1058608d01bdf)
2004-03-27Merge from HEAD the SMB signing patch that I developed a couple of weeksAndrew Bartlett1-44/+76
ago. This patch re-adds support for 'optional' SMB signing. It also ensures that we are much more careful about when we enable signing, particularly with on-the-fly smb.conf reloads. The client code will now attempt to use smb signing by default, and disable it if the server doesn't correctly support it. Andrew Bartlett (This used to be commit e27b5cbe75d89ec839dafd52dd33101885a4c263)
2004-01-17Fix for a signing bug when the mid wraps.Jeremy Allison1-3/+11
Found by Fran Fabrizio <fran@cis.uab.edu>. Add to the *start* of the list not the end of the list. This ensures that the *last* send sequence with this mid is returned by preference. This can happen if the mid wraps and one of the early mid numbers didn't get a reply and is still lurking on the list. Jeremy. (This used to be commit 25d739978fe9081ba0946c36901492127248e3e0)
2003-12-27Preliminary fix for our signing problem with failed NTLMSSP logins. This patchVolker Lendecke1-2/+4
solves the problem for me here, I can still successfully set up signing using NTLMSSP against w2k3 and it does not show a signing error anymoe when the password was wrong. Jeremy, you might want to take a further look at it as this is not particularly elegant. Volker (This used to be commit f5afaafd61dc7bd191225ffa8eee184125dd97c3)
2003-12-01Fix spurious error msg. when seq=0.Jeremy Allison1-0/+2
Jeremy (This used to be commit 4912ad8f18041c9c3abe2cfa67dd26a324c9c31e)
2003-12-01Better fix for client signing bug. Ensure we don't malloc/free trans signingJeremy Allison1-6/+14
state info each packet. Jeremy. (This used to be commit 818cf32d6330f7e7855ce662326003e75d4a1d46)
2003-11-25If signing starts successfully, don't just turn it off automatically ifJeremy Allison1-5/+5
it fails later. Only turn it off automatically if it fails at the start. Jeremy. (This used to be commit 4a145531c2b6353291cd25f14f5572aa31e86594)
2003-11-25When server signing is set to "auto", if the client doesn't sign justJeremy Allison1-2/+23
ignore it. Only fail if signing is set to "required". Jeremy. (This used to be commit 8916ddfc39c3e70265188926f24034152f0e7b6b)
2003-11-22Changes all over the shop, but all towards:Andrew Bartlett1-11/+15
- NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... (This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
2003-10-21Fix signing miss-sequence noticed by Stefan Metzmacher <metze@metzemix.de>Jeremy Allison1-46/+27
Jeremy. (This used to be commit 63f331564396e7a4f16dce95bb98d3b6c4b75351)
2003-10-14Enable us to see what sequence number we were expecting when we fail a signJeremy Allison1-4/+4
(should help track down out of sequence bugs). Jeremy. (This used to be commit 6e21261fe40698b2ee46c802bd1c044a909f8e5d)
2003-08-15get rid of more compiler warningsHerb Lewis1-18/+18
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
2003-08-07An oplock break reply from the client causes the sequence number to beJeremy Allison1-1/+40
updated by 2 if there is no open reply outstanding, else by one.... Yes - this makes no sense.... Jeremy. (This used to be commit b43ce1ff6109f6422a621329ceb713b42df40040)
2003-08-07Turns out I had my packet sequences wrong for oplock break code.Jeremy Allison1-46/+19
I was storing the mid of the oplock break - I should have been storing the mid from the open. There are thus 2 types of deferred packet sequence returns - ones that increment the sequence number (returns from oplock causing opens) and ones that don't (change notify returns etc). Running with signing forced on does lead to some interesting tests :-). Jeremy. (This used to be commit 85907f02cec566502d9e4adabbd414020a26064d)
2003-08-03Fix oplock break detection code on incoming oplock break responses. ThisJeremy Allison1-7/+15
fixes signing for oplocks. Jeremy. (This used to be commit 69c56ee8bce122839a8fec4e59198f84b0757166)
2003-08-02Ensure we don't leak any sign records on cancel of pending requests.Jeremy Allison1-0/+27
Jeremy. (This used to be commit 9a8ffc239c0f1aada713de7e9e007066738d8874)
2003-08-02Only look for mid sign records on incoming packets for oplock break replies.Jeremy Allison1-20/+28
Otherwise we find spurious mid sign records on reply_ntcancel calls (they cancel by mid). That took a *lot* of tracking down. I still need to remove the mid records from the sign state on reply_ntcancel to avoid leaking memory.... Jeremy. (This used to be commit 270bf20fe3e226ab5cfc689bd20ed4c22b2fa7e6)
2003-08-02More fixes for client and server side signing. Ensure sequence numbersJeremy Allison1-15/+42
are updated correctly on returning an error for server trans streams. Ensure we turn off client trans streams on error. Jeremy. (This used to be commit 3a789cb7f01115c37404e5a696de363287cb0e5f)
2003-08-02Leave the packet sequence checkers enabled whilst I track down a smbclient ↵Jeremy Allison1-2/+2
-> smbd sequence number problem. Jeremy. (This used to be commit 844898dbd8e99837ef1621aa73024714aa819ce4)
2003-08-02Add the same signing code to the server. Ensure we use identical sessionJeremy Allison1-12/+64
numbers and MIDs when in trans/trans2/nttrans code. Jeremy. (This used to be commit 901544b29b4d815709b3dbad3012f1d2c419d904)
2003-08-02Correct fix (removed the earlier band-aid) for what I thought was a signingJeremy Allison1-2/+65
bug with w2k. Turns out that when we're doing a trans/trans2/nttrans call the MID and send_sequence_number and reply_sequence_number must remain constant. This was something we got very wrong in earlier versions of Samba. I can now get a directory listing from WINNT\SYSTEM32 with the older earlier parameters for clilist.c This still needs to be fixed for the server side of Samba, client appears to be working happily now (I'm doing a signed smbtar download of an entire W2K3 image to test this :-). Jeremy. (This used to be commit 2093a3130d4087d0659b497eebd580e7a66e5aa3)
2003-07-31Turn the 'doing_signing' variable on - fix bug where it was only being setJeremy Allison1-1/+1
on when signing was mandatory. Jeremy. (This used to be commit 7c58673a103195435ca75ebb2684880d1f7242d3)