Age | Commit message (Collapse) | Author | Files | Lines |
|
Remove pstring from libsmb/clidfs.c except for a nasty
hack (that will be removed when pstrings are gone from
client/).
Jeremy.
(This used to be commit cc257b71d13daa47e6f2315d0f07a60eb4aaeca6)
|
|
Michael
(This used to be commit 4ab3b23a630e822e3fdf1ab4d08330625b0e4fb6)
|
|
Jeremy.
(This used to be commit f1680bada913af4eaf5c0d686983018d6c8b3e5f)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
should
have been :-).
Jeremy.
(This used to be commit 41611a22ed852bb74e2ef3f45766c0580ffd3a18)
|
|
vuid that was allocated whilst the connection is
being constructed and after the connection has been set up.
This is what Windows does and at least one client
(and HP printer) depends on this behaviour. As it
depends on the req struct not yet ported to SAMBA_3_2_0
(Volker, hint hint.... :-) I am not yet adding this
to that branch, but will investigate that tomorrow.
Jeremy.
(This used to be commit a54f2805df92c67e74a6764568eedebe394fd500)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
failed expression in SMB_ASSERT.
(This used to be commit 171dc060e2a576d724eed1ca65636bdafffd7713)
|
|
calls. No functional changes. Looks bigger than it is :-).
Jeremy.
(This used to be commit f6fa3080fee1b20df9f1968500840a88cf0ee592)
|
|
talloc_free()'ed at the end of a session.
Rework the passwd cache code to use talloc_unlink and
talloc_reference, to more carefully manage the cache.
Andrew Bartlett
(This used to be commit e3e0ec25e67308de314aa61852905ee42aa2c8fe)
|
|
fragmented into "max xmit" size security blob
chunks. Bug #4400. Needs limits adding, and also
a client-side version.
Jeremy.
(This used to be commit aa69f2481aafee5dccc3783b8a6e23ca4eb0dbfa)
|
|
Vista sends the NTLMv2 blob by default in the tconX
packet. Make sure we save off the workgroup the user
was logged into on the client in the sessionsetupX
and re-use it for the NTLMv2 calc.
Jeremy.
(This used to be commit 45dcf62960c2815c4d8e0c5f4a2d0af24df83290)
|
|
(This used to be commit c065341d3ffc9125514f563c63d416cf7c40375f)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
is broken
right now. r14112 broke it, in 3.0.22 register_vuid for security=share returns
UID_FIELD_INVALID which in current 3_0 is turned into an error condition. This
makes sure that we only call register_vuid if sec!=share and meanwhile also
fixes a little memleak.
Then I also found a crash in smbclient with sec=share and hostmsdfs=yes.
There's another crash with sec=share when coming from w2k3, but I need sleep
now.
Someone (jerry,jra?) please review the sesssetup.c change.
Thanks,
Volker
(This used to be commit 8059d0ae395604503cad3d9f197928305923e3f5)
|
|
(This used to be commit 7945c935bf197afb61286ddeb0e579078362a1fc)
|
|
fail and we would still return success in the SMBsesssetup reply :-(
* Make sure to create the local token for the server_fino struct
in reply_spnego_kerberos() so that register_vuid() does not fail.
(how did this ever work?)
(This used to be commit 8dafa45b97020d1aceb027a85e18401c965bf402)
|
|
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
|
|
macro which sets the freed pointer to NULL.
(This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
|
|
Volker
(This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
(This used to be commit 23f5be1dcbb9e5a1e7f24813c67009056b07d59c)
|
|
(This used to be commit f574e980aac5bae5e1e3cc23ec648b69a87eb04a)
|
|
supporttrunk/source/smbd/sesssetup.c
(This used to be commit aab17a7095a18b243a271f8f3f824facd6932f23)
|
|
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
Bugzilla #1903.
(This used to be commit 1327d83d902b6a39096d387d734e73d85ed53f85)
|
|
Paranoia fix on mangle prefix.
Jeremy.
(This used to be commit cc91bbe20d9cb26e52ad417f279e2d60c85af2dc)
|
|
register_vuid(); add a few extra debug lines
(This used to be commit 02571e7f5040a577840c969ff9c46a1e533edc21)
|
|
<michael@hum.aau.dk> - ensure
home directory service number is correctly reused.
Jeremy.
(This used to be commit 9d6347be8580d092cda0357b5d1a81fc6876ac1f)
|
|
(This used to be commit b27192d8e7a4a1fd0cd737b4fd9190bcecfbb507)
|
|
(This used to be commit 0e1a6b34f2690da32bf568330575651988d0c965)
|
|
I restricted it to 128k max to prevent DOS attacks.
Jeremy.
(This used to be commit 70fb2a196d83c4bde11d27608da27f956f3f19b8)
|
|
ago.
This patch re-adds support for 'optional' SMB signing. It also ensures that
we are much more careful about when we enable signing, particularly with
on-the-fly smb.conf reloads.
The client code will now attempt to use smb signing by default, and disable
it if the server doesn't correctly support it.
Andrew Bartlett
(This used to be commit e27b5cbe75d89ec839dafd52dd33101885a4c263)
|
|
current_user_info struct in register_vuid() -- shouldn't be any more broken than we were
(This used to be commit a90c3bd281e7a62bb8482e42aa3b674eeeb5995a)
|
|
(This used to be commit 11093ecfb7bab1ecb16d19ac00b3e7e38dff43e2)
|
|
exists by the same name
(This used to be commit 6b89a76aa7efaa0ad7a0139aeb3e4ebf5c01cdcb)
|
|
- NTLM2 support in the server
- KEY_EXCH support in the server
- variable length session keys.
In detail:
- NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).
* This is known as 'NTLMv2 session security' *
(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes. We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)
This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed. This also needs to be turned off for
'security=server', which does not support this.
- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.
- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.
- There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation.
- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.
- The other big change is to allow variable length session keys. We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter. However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.
* This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *
- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe. This
should help reduce some of the 'it just doesn't work' issues.
- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer. (just allocate)
REMEMBER to make clean after this commit - I have changed plenty of data structures...
(This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
|
|
Jeremy.
(This used to be commit c7f4e56ad5c25d477f20944e5b404ebafda9e1a8)
|
|
(This used to be commit 62d5611df0cf86c267d7fe820822d4d019ae28bd)
|
|
I think (my changes haven't affected this I believe). Initial support on the
server side for smbclient. Still doesn't work for w2k clients I think...
Work in progress..... (don't change).
Jeremy.
(This used to be commit e5714edc233424c2f74edb6d658f32f8e0ec9275)
|
|
Jeremy.
(This used to be commit 86c5ebcf8f5eb57e9885627b3da4e486ee3f62d9)
|
|
'unix username' from the NT username, in the auth subsystem at least.
Andrew Bartlett
(This used to be commit df1aa2a669edc9f26007595411720742d7dff5d9)
|
|
getpwnam() if need be.
Fixes bug #130
Andrew Bartlett
(This used to be commit a4bc789a3993be4b25955c729b533b86dba666f4)
|
|
idmap-and-the-rest from HEAD.
These are correctness fixes that were already in 3.0, and a memory leak fix.
The pdb_ldap changes are held back at jerry's request (he is also playing
with pdb_ldap ATM).
Andrew Bartlett
(This used to be commit c7d5e336bd91514a02974044742b058be387e490)
|
|
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.
Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.
The code has been tested and seem to work right, more testing is needed for
corner cases.
Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)
Simo.
(This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
|
|
(This used to be commit f59bcb51cfe4e268ba43245d401d212aefdf2b72)
|
|
a pstrcpy/fstrcpy or at most a safe_strcpy().
These have the advantage of being compiler-verifiable.
Get these out of the way, along with a rewrite of 'get_short_archi' in the
spoolss client and server. (This pushes around const string pointers, rather
than copied strings).
Andrew Bartlett
(This used to be commit 32fb801ddc035e8971e9911ed4b6e51892e9d1cc)
|
|
Andrew Bartlett
(This used to be commit 33189b4be0ac79d5e7bc2606f40187118ee506a4)
|