summaryrefslogtreecommitdiff
path: root/source3/smbd/negprot.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r24809: Consolidate the use of temporary talloc contexts.Volker Lendecke1-1/+1
This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
2007-10-10r24659: Some formatting changes helping to minimize the 3_2_0 diffVolker Lendecke1-5/+4
(This used to be commit c5caea43af154671448df82881efe09a5c982386)
2007-10-10r24309: if no protocol matches, just return choise 0xffffStefan Metzmacher1-0/+2
as we've done before revision 24002 metze (This used to be commit 6014ecbbfd50bc8f4f351dec1f9dd35c3fe62456)
2007-10-10r24308: this needs a better fix that compiles...Stefan Metzmacher1-1/+0
metze (This used to be commit 1a177eb08d4022c1ef7b5400ffdf426bcb9b97ff)
2007-10-10r24307: fill in choise with value -1 on errorStefan Metzmacher1-0/+1
as we've done before revision 24002 metze (This used to be commit 2961a35e90aae44c8560b1f4b56bfa6343c837d7)
2007-10-10r24135: Convert call_trans2open to the new APIVolker Lendecke1-0/+1
This itself won't help much, because send_trans2_replies_new still allocates the big buffers, but stay tuned :-) Also add/update my copyright on stuff I recently touched. Volker (This used to be commit 248f15ff143474db2493cef89ba446892342a361)
2007-10-10r24009: Revert to the 3.0.25 logic for parsing the client's protocols. hpisgr8Volker Lendecke1-13/+5
with gcc still gives timeouts which worry me. Volker (This used to be commit c30835b4f0416b2b2b7d77d31b0fca0606f2387a)
2007-10-10r24006: Some more paranoia in reply_negprotVolker Lendecke1-2/+12
Some hosts see the smb_bufrem(req->inbuf, p) as an unsigned int. And as the p += strlen(p) + 2 went one beyond the buffer, this was a very large positive. Also take the chance to add one more consistency check. (This used to be commit 3673707f9f1a3ba29966ac7cf744e2b6462c8dde)
2007-10-10r24002: Convert reply_negprot to the new APIVolker Lendecke1-90/+114
(This used to be commit bd981f53282573058bf4c2939e0e836499cf38be)
2007-10-10r24001: Separate out the parsing of the client's requested protocolsVolker Lendecke1-29/+66
This way the range checking only needs to be done once (This used to be commit befaa9713adec90088eedcf264f1e396ab150d25)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23510: Tidy calls to smb_panic by removing trailing newlines. Print theJames Peach1-1/+1
failed expression in SMB_ASSERT. (This used to be commit 171dc060e2a576d724eed1ca65636bdafffd7713)
2007-10-10r23168: Move the lp_max_connections() into service.c.Volker Lendecke1-1/+2
(This used to be commit 4afe37d431b6eb475769a2057025da9aa8d1bb14)
2007-10-10r23167: Remove an unused parameterVolker Lendecke1-1/+1
(This used to be commit 3452a870d58cdddf03ddf6ee698bca8416e05cbf)
2007-10-10r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; andVolker Lendecke1-1/+1
replace all data_blob(NULL, 0) calls. (This used to be commit 3d3d61687ef00181f4f04e001d42181d93ac931e)
2007-10-10r22391: Looks bigger than it is. Make "inbuf" availableJeremy Allison1-7/+7
to all callers of smb_setlen (via set_message() calls). This will allow the server to reflect back the correct encryption context. Jeremy. (This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
2007-10-10r21969: Start working on the gss-side of the server negotiation.Jeremy Allison1-0/+4
Jeremy. (This used to be commit fbc569b530104679e47fe743963eb0c4384de6ae)
2007-10-10r21858: Fix typo.Günther Deschner1-1/+1
Guenther (This used to be commit 663514e511982437c09d45334b8d435448347ed6)
2007-10-10r21857: Stop pretending to be Vista in the %a macro towards Samba clients.Günther Deschner1-1/+3
Guenther (This used to be commit f55e1a312e75dc72ea040a35a9c20ccf539c4ae4)
2007-10-10r21250: Partial fix for BUG 4093: Make %a expand to "Vista"Gerald Carter1-8/+37
based on the flags2 values in the negprot request. This also includes some code for testing the dialect strings for "SMB 2.001" but this is unreliable as Vista only sends that in the 1st negprot and caches the fact that we don't support it. Restartnig the WOrkstation service on the client clears the cache. (This used to be commit d781eeb0e4362b7af1497634d26315498a5257d4)
2007-10-10r20368: Fix valgrind report of uninitialized memoryJeremy Allison1-1/+12
being returned (false positive). Up debug level on "open_directory" message. Jeremy. (This used to be commit 71a8b8863f8bdcce082c5971d6489a2da3ff4b2c)
2007-10-10r20237: Replace exit_server with exit_server_cleanly where appropriate. AllJames Peach1-3/+4
send_smb failures should be clean exits. All times when we exit as a matter of policy should also be clean exits. (This used to be commit d6382092e72120a3c89ffe81975e8898d454bf06)
2007-10-10r18773: Change negprot_spnego to return a blobVolker Lendecke1-10/+12
(This used to be commit 28fa772721640a6d3a0f6a30fb56fde18b5f5616)
2007-10-10r18772: Now that we don't have a one-byte keylength in the extended security ↵Volker Lendecke1-4/+0
case anymore, we don't have to truncate the length to 255 anymore. The test I did for this: I sent 50 times the NTLMSSP oid. With truncating Vista said Access Denied, without truncating it liked the response. Volker (This used to be commit f1512cb43c69338d4f2cb806486c4f5db51cf695)
2007-10-10r18771: Sequel to r18761: If we always set the keylen to 0 there's no point ↵Volker Lendecke1-6/+3
in passing a pointer down to negprot_spnego(). Volker (This used to be commit 18f47130b1ccf09873ca684ee0ea986e28f47d78)
2007-10-10r18761: Even if only offering NTLMSSP Windows (tested with Vista & XP) sends ↵Volker Lendecke1-5/+2
0 as the key length in the case of extended security. It does make sense because with SPNEGO our beloved ASN1 structure gives us the length. Next test I did to verify this: I modified the server to put in random garbage, and W2kwks, XP, Vista and W2k3srv still talked to us. Volker (This used to be commit f19bd479cee57f064f63659c533ae108885d54a2)
2007-10-10r18760: Fix typos, remove unneeded codeVolker Lendecke1-10/+2
(This used to be commit 56ccfe98b299e1569d59ef447ac486209aa84ca0)
2007-10-10r16397: Fix Klocwork #11767 and drasticly simplify theJeremy Allison1-0/+1
logic in smbd/process.c. All interested (Volker, Jerry, James etc). PLEASE REVIEW THIS CHANGE. The logic should be identical but *much* easier to follow and change (and shouldn't confuse Klockwork :-). Jeremy. (This used to be commit d357f8b33594472ffa78d0a112accccc2a8b1fe7)
2007-10-10r13647: Fix for standalone Samba servers and XP clients. RevertsJeremy Allison1-4/+15
part of the PocketPC bugfix. I'm trying to get someone who has a pocketpc to test this. Jeremy. (This used to be commit ce25e6b002f39ba084c3430ca832ad4990cf1994)
2007-10-10r11511: A classic "friday night check-in" :-). This moves muchJeremy Allison1-6/+7
of the Samba4 timezone handling code back into Samba3. Gets rid of "kludge-gmt" and removes the effectiveness of the parameter "time offset" (I can add this back in very easily if needed) - it's no longer being looked at. I'm hoping this will fix the problems people have been having with DST transitions. I'll start comprehensive testing tomorrow, but for now all modifications are done. Splits time get/set functions into srv_XXX and cli_XXX as they need to look at different timezone offsets. Get rid of much of the "efficiency" cruft that was added to Samba back in the day when the C library timezone handling functions were slow. Jeremy. (This used to be commit 414303bc0272f207046b471a0364fa296b67c1f8)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-2/+2
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10974: Get closer to trying to fix #1825 (PcoketPC spnego bug). Ensure weJeremy Allison1-4/+11
set keylen to zero if no spnego. Jeremy. (This used to be commit 57ed94e6e4a095422496d92a0095dc48cfecdd68)
2007-10-10r10947: Fix bugs #3133 and #1828 - SPNEGO not working with PocketPC 2003.Jeremy Allison1-9/+10
Our sessionsetup code now handles raw NTLMSSP connects, so we can go back to doing what W2K3 does here which is to send no OID's in the negprot reply when not in a security=ads mode. Jeremy. (This used to be commit 38a70185b7ca20677026103d40f61608e7ad0c90)
2007-10-10r7398: commiting abartlet's patch for kerberos authentication when using a ↵Gerald Carter1-5/+8
keytab and security != ads (This used to be commit 3faaa5c3eb3b2057984586e069a47cb210c99140)
2007-10-10r6225: get rid of warnings from my compiler about nested externsHerb Lewis1-1/+1
(This used to be commit efea76ac71412f8622cd233912309e91b9ea52da)
2007-10-10r6069: Fix for bug #2541. Ensure we recognise LANMAN2.1 as OS/2 and select ↵Jeremy Allison1-0/+1
LANMAN2 protocol, ensure the EA size is always correctly set on a query for a file with no EA's. Jeremy. (This used to be commit d6ad1f8df05e16152d9c95df56e612fde288d3b4)
2007-10-10r4018: * move claim_connection from the netbios session requestGerald Carter1-0/+6
reply code to the negprot reply code to cope with client connections on port 445. Fixes the spurious "register_message_flags: tdb fetch failed" errors. * don't run the backgroup LPQ daemon when we are running in interactive mode. (This used to be commit 88747a7da351261185222e78e9c8d470ff53a246)
2007-10-10r3946: Fix for bugid #2085 reported by Jason Mader <jason@ncac.gwu.edu>. Use ↵Jeremy Allison1-1/+1
consistent enum type for Protocol extern. Jeremy. (This used to be commit 65dfae7ea45d4c9452b2a08efa09b01d870142f3)
2007-10-10r1939: Ensure with my new change we set extended security in flags2 inJeremy Allison1-0/+3
the negprot reply. Jeremy. (This used to be commit 8b80b46b8b76ead72c17dc65f2de4c0cc0b263c7)
2007-10-10r1936: Fix bug noticed by Steve - ensure extended security bit is on onlyJeremy Allison1-0/+1
if we negotiated extended security. Do not merge for 3.0.6. Works with W2K but needs further testing. Jeremy. (This used to be commit 284689aa18d2711a9041598cdf490359466f7f77)
2007-10-10r1154: Change default setting for case sensitivity to "auto". If set to autoJeremy Allison1-3/+16
then is the client supports it (current clients supported are Samba and CIFSVFS - detected by the negprot strings "Samba", "POSIX 2" and a bare "NT LM 0.12" string) then the setting of the per packet flag smb_flag FLAG_CASELESS_PATHNAMES is taken into account per packet. This allows the linux CIFS client to use Samba in a case sensitive manner. Additional command in smbclient "case_sensitive", toggles the flag in subsequent packets. Docs to follow. Jeremy. (This used to be commit cf84c0fe1a061acc0313f7db124b8f947cdf623d)
2004-03-27As I raised (without objection) on the mailing list a while back, thisAndrew Bartlett1-5/+1
patch removes the 'unicode' smb.conf option. Clients are as always free not to negotiate unicode, but Samba will always accept unicode in smbd. Setting 'unicode = no' caused me more client BSODs than any other option I have seen, and I really want to protect some of our more silly users, who will, no matter what, select and change every option... Andrew Bartlett (This used to be commit 3f9177bd5df68809294335a36919994893ff8ead)
2004-03-13Modified fix for bugid #784. Based on a patch from moriyama@miraclelinux.com ↵Jeremy Allison1-3/+7
(MORIYAMA Masayuki). Don't use nstrings to hold workgroup and netbios names. The problem with them is that MB netbios and workgroup names in unix charset (particularly utf8) may be up to 3x bigger than the name when represented in dos charset (ie. cp932). So go back to using fstrings for these but translate into nstrings (ie. 16 byte length values) for transport on the wire. Jeremy. (This used to be commit b4ea493599ab414f7828b83f40a5a8b43479ff64)
2003-07-18Signing so far... the client code fails on a SMBtrans2 secondary transactionJeremy Allison1-5/+13
I think (my changes haven't affected this I believe). Initial support on the server side for smbclient. Still doesn't work for w2k clients I think... Work in progress..... (don't change). Jeremy. (This used to be commit e5714edc233424c2f74edb6d658f32f8e0ec9275)
2003-07-17Putting the framework for server signing in place. Ensure we don't useJeremy Allison1-0/+12
sendfile when signing (I need to add this for readbraw/writebraw too...). Jeremy. (This used to be commit f2e84f1ba67b13ff29e24a38099b559d9033a680)
2003-07-03Removed strupper/strlower macros that automatically map to ↵Jeremy Allison1-1/+1
strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-05-31Got us happy running under valgrind again :-).Jeremy Allison1-0/+1
Jeremy. (This used to be commit b6ab9d73610861d225d72845d4df7cf970155e39)
2003-05-31Fixes to stop valgrind complaining about uninitialised memory when it'sJeremy Allison1-0/+9
copying clobbered buffer areas and doing hashes on them and sending them onto the wire. Jeremy. (This used to be commit 7dfcf714ae2e81fece489640e2341f132c9f567d)
2003-05-21merge LANMAN1/LANMAN2.1 fixes from headAndrew Tridgell1-0/+2
(This used to be commit 73c686ab771b6c3e9a9335032f851083d44701c7)