summaryrefslogtreecommitdiff
path: root/source3/smbd/negprot.c
AgeCommit message (Collapse)AuthorFilesLines
2011-05-04BUGFIX when converting from safe_strcpy to strlcpy.Jeremy Allison1-1/+5
We must have a blob legth > 0 in order to safely copy the (possibly) 16 bytes + 1 byte zero character safely.
2011-04-14s3: only include smb profiling where needed.Günther Deschner1-0/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Apr 14 01:31:39 CEST 2011 on sn-devel-104
2011-03-30s3-messages: only include messages.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-auth: smbd needs auth.hGünther Deschner1-0/+1
Guenther
2011-03-30s3: include smbd/smbd.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-23s3-safe_string: Add checked_strlcpy()Andrew Bartlett1-1/+1
This is strlcpy, just with an extra check of the parameters with sizeof(), use only where that works. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Mar 23 03:39:35 CET 2011 on sn-devel-104
2011-03-02s3-server_id: only include server_id where needed.Günther Deschner1-0/+1
Guenther
2010-12-19s3: Fix some nonempty blank linesVolker Lendecke1-22/+22
2010-12-10s3-smbd Don't send SPNEGO principal (rfc4178 hint) by defaultAndrew Bartlett1-0/+3
This patch, based on the suggestion by Goldberg, Neil R. <ngoldber@mitre.org> turns off the sending of the principal in the negprot by default, matching Windows 2008 behaviour. This slowly works us back from this hack, which from an RFC perspective was never the right thing to do in the first place, but we traditionally follow windows behaviour. It also discourages client implmentations from relying on it, as if they do they are more open to man-in-the-middle attacks. Andrew Bartlett
2010-11-29Fix bug discovered with "encryped passwords = no".Jeremy Allison1-8/+1
message_push_string() and message_push_blob() both update the bcc value, so we don't need the old code that tries to do it manually. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Nov 29 22:24:01 CET 2010 on sn-devel-104
2010-09-26s3: Lift talloc_autofree_context() from make_auth_context_subsystem()Volker Lendecke1-1/+1
2010-08-31s3: use fine grained time in netprot responseBjörn Jacke1-3/+4
2010-08-18s3: Lift smbd_server_fd from reload_services()Volker Lendecke1-2/+2
2010-08-08s3: Lift the smbd_messaging_context from reload_servicesVolker Lendecke1-2/+2
2010-08-08s3:smbd: fix valgrind warning, sizeof(16) != 16...Stefan Metzmacher1-1/+1
metze
2010-07-20Fix one more data_blob -> data_blob_talloc. Move away from implicit NULL ↵Jeremy Allison1-2/+2
context tallocs. Jeremy.
2010-07-19Remove gen_negTokenInit() - change all callers to spnego_gen_negTokenInit().Jeremy Allison1-3/+3
We now have one function to do this in all calling code. More rationalization to follow. Jeremy.
2010-07-19Move the addition of the 16 byte guid out of spnego_gen_negTokenInit() andJeremy Allison1-23/+32
into negprot_spnego() where it belongs (it's not an SPNEGO operation). Add a TALLOC_CTX for callers of negprot_spnego(). Closer to unifying all the gen_negTokenXXX calls. Jeremy.
2010-07-19s3-auth: Simplify how we free the auth_contextSimo Sorce1-2/+1
Turn the freeing function into a destructor and attach it to the auth_context. Make all callers TALLOC_FREE() the auth_context instead of calling the free function. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-05s3: Remove procid_self() from reply_negprot()Volker Lendecke1-1/+1
2010-07-04s3: Remove serverid_[de]register_selfVolker Lendecke1-2/+3
This removes some deep references to procid_self()
2010-06-12s3: Explicitly pass sconn to negprot_spnego()Volker Lendecke1-3/+2
2010-06-12s3: Remove some global references to smbd_server_connVolker Lendecke1-10/+9
2010-03-10s3: Fix a long-standing problem with recycled PIDsVolker Lendecke1-2/+2
When a samba server process dies hard, it has no chance to clean up its entries in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb. For locking.tdb and brlock.tdb Samba is robust by checking every time we read an entry from the database if the corresponding process still exists. If it does not exist anymore, the entry is deleted. This is not 100% failsafe though: On systems with a limited PID space there is a non-zero chance that between the smbd's death and the fresh access, the PID is recycled by another long-running process. This renders all files that had been locked by the killed smbd potentially unusable until the new process also dies. This patch is supposed to fix the problem the following way: Every process ID in every database is augmented by a random 64-bit number that is stored in a serverid.tdb. Whenever we need to check if a process still exists we know its PID and the 64-bit number. We look up the PID in serverid.tdb and compare the 64-bit number. If it's the same, the process still is a valid smbd holding the lock. If it is different, a new smbd has taken over. I believe this is safe against an smbd that has died hard and the PID has been taken over by a non-samba process. This process would not have registered itself with a fresh 64-bit number in serverid.tdb, so the old one still exists in serverid.tdb. We protect against this case by the parent smbd taking care of deregistering PIDs from serverid.tdb and the fact that serverid.tdb is CLEAR_IF_FIRST. CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not work when all smbds are restarted. For this, "net serverid wipe" has to be run before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up sessionid.tdb and connections.tdb. While there, this also cleans up overloading connections.tdb with all the process entries just for messaging_send_all(). Volker
2009-11-23Revert "s3: Move the global variable Protocol to struct smbd_server_connection"Volker Lendecke1-7/+6
This reverts commit c85a4c9ba4a7de65a7850f6f9708df66bd24deea.
2009-11-21s3: Move the global variable Protocol to struct smbd_server_connectionVolker Lendecke1-6/+7
2009-11-04Remove "Protocol" as an extern, and add accessor functions.Jeremy Allison1-7/+6
Jeremy.
2009-09-17spnego: share spnego_parse.Günther Deschner1-0/+1
Guenther
2009-06-03s3:smbd: move max_recv to struct smbd_server_connectionStefan Metzmacher1-3/+4
metze
2009-06-03s3:smbd: move negprot related globals to struct smbd_server_connectionStefan Metzmacher1-26/+43
metze
2009-05-20s3:smbd: allow SMB 2.002 dialect in SMB1 negprotStefan Metzmacher1-0/+1
We create a dummy SMB2 Negotiate inbuf and pass the connection to the SMB2 engine. metze
2009-05-20s3:smbd: make negprot_spnego() non staticStefan Metzmacher1-1/+1
metze
2009-03-23s3:smbd: use new simplified snb_signing code in the serverStefan Metzmacher1-1/+1
We keep the seqnum/mid mapping in the smb_request structure. This also moves one global variable into the smbd_server_connection struct. metze
2009-02-21Remove the static "chal" from ntlmssp.c:get_challenge()Volker Lendecke1-3/+2
2009-02-01Add two new parameters to control how we verify kerberos tickets. Removes ↵Dan Sledz1-1/+1
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket.
2009-01-08s3:smbd: move all globals and static variables in globals.[ch]Stefan Metzmacher1-7/+1
The goal is to move all this variables into a big context structure. metze
2008-11-02Remove a direct inbuf reference in reply_negprotVolker Lendecke1-2/+8
2008-11-02Remove some direct inbuf references by adding smbreq_bufremVolker Lendecke1-1/+1
2008-11-01Remove a bunch of direct inbuf references by adding "buf" to smb_requestVolker Lendecke1-4/+3
2008-05-20Cleanup size_t return values in callers of convert_string_allocateTim Prouty1-2/+3
This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
2008-01-04Now conn is part of smb_request, we don't need it asJeremy Allison1-1/+1
an extra parameter. This cleans up quite a few places we were passing it around without needing it. Jeremy. (This used to be commit 8f36def18e9f980e8db522e1de41e80cfd5f466e)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-4/+4
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r24809: Consolidate the use of temporary talloc contexts.Volker Lendecke1-1/+1
This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
2007-10-10r24659: Some formatting changes helping to minimize the 3_2_0 diffVolker Lendecke1-5/+4
(This used to be commit c5caea43af154671448df82881efe09a5c982386)
2007-10-10r24309: if no protocol matches, just return choise 0xffffStefan Metzmacher1-0/+2
as we've done before revision 24002 metze (This used to be commit 6014ecbbfd50bc8f4f351dec1f9dd35c3fe62456)
2007-10-10r24308: this needs a better fix that compiles...Stefan Metzmacher1-1/+0
metze (This used to be commit 1a177eb08d4022c1ef7b5400ffdf426bcb9b97ff)
2007-10-10r24307: fill in choise with value -1 on errorStefan Metzmacher1-0/+1
as we've done before revision 24002 metze (This used to be commit 2961a35e90aae44c8560b1f4b56bfa6343c837d7)
2007-10-10r24135: Convert call_trans2open to the new APIVolker Lendecke1-0/+1
This itself won't help much, because send_trans2_replies_new still allocates the big buffers, but stay tuned :-) Also add/update my copyright on stuff I recently touched. Volker (This used to be commit 248f15ff143474db2493cef89ba446892342a361)
2007-10-10r24009: Revert to the 3.0.25 logic for parsing the client's protocols. hpisgr8Volker Lendecke1-13/+5
with gcc still gives timeouts which worry me. Volker (This used to be commit c30835b4f0416b2b2b7d77d31b0fca0606f2387a)
2007-10-10r24006: Some more paranoia in reply_negprotVolker Lendecke1-2/+12
Some hosts see the smb_bufrem(req->inbuf, p) as an unsigned int. And as the p += strlen(p) + 2 went one beyond the buffer, this was a very large positive. Also take the chance to add one more consistency check. (This used to be commit 3673707f9f1a3ba29966ac7cf744e2b6462c8dde)