Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This falls out of the removal of security=share, because we now require that
a session setup has been performed before (essentially) all other operations.
Andrew Bartlett
|
|
This will represent a transport connection for SMB 1 or 2
in the server. smbd_server_connection will slowly be moved
to the SMB_VFS layer to satisfy the existing modules,
but it will hopefully be protocol independend in future.
metze
|
|
The performance of these is minimal (these days) and they can return
invalid results when used as part of applications that do not use
sys_fork().
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104
|
|
This patch ensures consistency in behaviour between NTLMSSP and NTLM
session setup handlers. By calling the same layer that auth_ntlmssp
calls, we can not only allow redirection of all authentication to the
AD DC, we ensure that map to guest and username map handling is
consistent, even in the file server alone.
Andrew Bartlett
|
|
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.
The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok. This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server
At the same time, this closes the door on one of the most arcane areas
of Samba authentication.
Naturally, full user-name/password authentication remain available in
security=user and above.
This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.
Andrew Bartlett
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| SEC_SHARE |
| security=share |
| |
| |
| 5 March |
| |
| 2012 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
|
|
This adds an alisas to ensure that both our loadparm systems know all
the names.
I would like to move to the 'server ..' name as canonical, and this
will be raised on the list.
Andrew Bartlett
|
|
This was previously needed because SPNEGO was only available in the AD DC.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This is possible because the s3 gensec modules are started as
normal gensec modules, so we do not need a wrapper any more.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This makes the long term owner of this memory more clear. So far only the
clear cases have been moved from NULL however.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This function handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This structure handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
|
|
reload_services()
metze
|
|
We should map from lp_server_signing() just once in srv_init_signing().
metze
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov 16 18:59:49 CET 2011 on sn-devel-104
|
|
This matches W2K (at least sp4) and higher.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Nov 4 15:50:06 CET 2011 on sn-devel-104
|
|
metze
|
|
We now just call gensec_update directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Sep 14 09:41:02 CEST 2011 on sn-devel-104
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Sep 10 00:34:50 CEST 2011 on sn-devel-104
|
|
This adds support for the 2 stage negprot, from SMB 1 to SMB 2.1.
Support for this of for now and "max protocol = SMB2" still maps
to "max protocol = SMB2_02" PROTOCOL_SMB2_02.
In order to activate smb2.1, you need to use "max protocol = SMB2_10".
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Sep 5 19:30:58 CEST 2011 on sn-devel-104
|
|
metze
|
|
If a smb1 negprot negotiated smb2 we forked the echo responder. This will
eventually lead to a panic from
[2011/08/30 10:33:29.212578, 0, pid=3846917] smbd/smb2_server.c:243(smbd_smb2_request_create)
Invalid SMB packet: first request: 0x0009
because from the echo responder we always read using the normal smb1 protocol
handling routine. If that is a bit down the smb2 stream, we get a non-negprot
packet and panic.
BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed
that it probes the server liveness using TCP keepalives and not smb2 echo
requests.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104
|
|
This tests if the auth_generic_start() hook is available on the auth
context during the negprot, and if so it uses auth_generic_start() to
hook to GENSEC to handle the full SPNEGO blob.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
metze
|
|
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_REALLOC_ARRAY isn't standard talloc.
Andrew Bartlett
|
|
This enables activating the echo responder also if SMB2 is enabled, albeit it
will only be used for SMB1 at this moment.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri May 20 15:06:03 CEST 2011 on sn-devel-104
|
|
We must have a blob legth > 0 in order to safely copy
the (possibly) 16 bytes + 1 byte zero character safely.
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Apr 14 01:31:39 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
This is strlcpy, just with an extra check of the parameters with
sizeof(), use only where that works.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Mar 23 03:39:35 CET 2011 on sn-devel-104
|
|
Guenther
|
|
|
|
This patch, based on the suggestion by Goldberg, Neil R. <ngoldber@mitre.org>
turns off the sending of the principal in the negprot by default, matching
Windows 2008 behaviour.
This slowly works us back from this hack, which from an RFC
perspective was never the right thing to do in the first place, but we
traditionally follow windows behaviour. It also discourages client
implmentations from relying on it, as if they do they are more open to
man-in-the-middle attacks.
Andrew Bartlett
|
|
message_push_string() and message_push_blob() both update
the bcc value, so we don't need the old code that tries to
do it manually.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Nov 29 22:24:01 CET 2010 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
metze
|
|
context tallocs.
Jeremy.
|
|
We now have one function to do this in all calling code. More rationalization
to follow.
Jeremy.
|
|
into negprot_spnego() where it belongs (it's not an SPNEGO operation).
Add a TALLOC_CTX for callers of negprot_spnego(). Closer to unifying all
the gen_negTokenXXX calls.
Jeremy.
|
|
Turn the freeing function into a destructor and attach it to the
auth_context.
Make all callers TALLOC_FREE() the auth_context instead of calling
the free function.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
This removes some deep references to procid_self()
|