summaryrefslogtreecommitdiff
path: root/source3/smbd/smb2_sesssetup.c
AgeCommit message (Collapse)AuthorFilesLines
2012-08-23s3:smb2_server: use smbXsrv_session->nonce_*Stefan Metzmacher1-0/+3
metze
2012-08-09s3:smb2_sesssetup: setup global->[en|de]cryption_keyStefan Metzmacher1-0/+36
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 9 09:59:02 CEST 2012 on sn-devel-104
2012-08-09s3:smb2_sesssetup: set global->encryption_required and enforce itStefan Metzmacher1-0/+22
This the account or client doesn't support encryption we should reject the session setup. metze
2012-08-08s3:smb2_sesssetup: remove unused code in smbd_smb2_reauth_generic_return()Stefan Metzmacher1-9/+0
A reauth exchange is already signed, with the channel signing key. metze
2012-08-08s3:smb2_sesssetup: remove TALLOC_FREE(session) from ↵Stefan Metzmacher1-9/+0
smbd_smb2_[re]auth_generic_return The caller does this via the smbd_smb2_session_setup_state_destructor() metze
2012-08-05s3:smb2_sesssetup: make use of SMBD_SMB2_* macrosStefan Metzmacher1-8/+6
metze
2012-07-26s3:smb2_sesssetup: reject SMB2_SESSION_FLAG_BINDING requestsStefan Metzmacher1-0/+13
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jul 26 02:08:56 CEST 2012 on sn-devel-104
2012-06-25s3:smb2_sesssetup: make use of smb2srv_session_close_previous_send/recvStefan Metzmacher1-0/+66
metze
2012-06-25s3:smb2_sesssetup: inline gensec_session_info() callStefan Metzmacher1-25/+15
metze
2012-06-25s3:smb2_sesssetup: make use of gensec_update_send/recvStefan Metzmacher1-10/+35
metze
2012-06-25s3:smb2_sesssetup: inline most of smbd_smb2_session_setup()Stefan Metzmacher1-130/+99
metze
2012-06-25s3:smb2_sesssetup: implement dynamic re-authentication and expire sessionsStefan Metzmacher1-1/+85
metze
2012-06-25s3:smbd: make use of smbXsrv_tcon and smbXsrv_session for smb2Stefan Metzmacher1-112/+64
The removes the protocol specific smbd_smb2_session and smbd_smb2_tcon. Pair-Programmed-With: Michael Adam <obnox@samba.org> metze
2012-06-25s3:smb2_sesssetup: add support for SMB 2.24/3.00 signingStefan Metzmacher1-0/+29
metze
2012-06-25s3:smb2_sesssetup: make use of the smbXsrv_session infrastructureStefan Metzmacher1-31/+87
We still have smbd_smb2_session as primary structure, but that will went away once we got rid of smbd_smb2_tcon. metze
2012-06-06s3:smbd: change user_struct->vuid to uint64_tStefan Metzmacher1-2/+2
Only sconn->smb1.sessions.next_vuid remains as uint16_t, so that we do not generate larger values yet. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 6 12:07:33 CEST 2012 on sn-devel-104
2012-06-06s3:smbd: use 'struct user_struct' instead of typedef'ed 'user_struct'Stefan Metzmacher1-1/+1
metze
2012-05-17s3:smb2_sesssetup: make use of nt_status_squash() in ↵Stefan Metzmacher1-1/+1
smbd_smb2_session_setup_recv() metze
2012-05-13s3:smb2_sesssetup: make the top level code async usingStefan Metzmacher1-30/+62
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun May 13 17:59:39 CEST 2012 on sn-devel-104
2012-05-13s3:smb2_sesssetup: add smbd_smb2_session_setup_send/recv as wrapperStefan Metzmacher1-0/+105
This just adds smbd_smb2_session_setup_send/recv as wrapper to the sync smbd_smb2_session_setup function. This will allow us to change to top level code to work async, then we can have a 2nd step where we remove the sync smbd_smb2_session_setup function. metze
2012-05-13s3:smb2_sesssetup: pass down in_flags to smbd_smb2_session_setup()Stefan Metzmacher1-1/+5
metze
2012-05-13s3:smb2_sesssetup: pass down in_previous_session_id to all layersStefan Metzmacher1-2/+15
metze
2012-03-15s3:smbd: call file_close_user() before removing tree connects in ↵Stefan Metzmacher1-0/+2
conn_close_all() This will help later if we have to handle a SMB2TreeDisconnect different compared to a SMB2SessionLogoff and a TCPDisconnect. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Mar 15 21:56:09 CET 2012 on sn-devel-104
2012-03-06s3:smbd: keep 'num_users' and 'users' directly under smbd_server_connectionStefan Metzmacher1-1/+2
The plan is to have users_struct as some kind of low level abstraction for a smb1/smb2 session, that can be used by SMB_VFS modules. metze
2012-02-16s3-smbd Remove unused code now we always have SPNEGO via gensecAndrew Bartlett1-5/+1
This was previously needed because SPNEGO was only available in the AD DC. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31s3:smbd: rework smbd_smb2_*_ntlmssp_auth* to smbd_smb2_auth_generic*Stefan Metzmacher1-22/+28
metze
2012-01-31s3:smbd: always use the gensec code path in smb2_sesssetup.cStefan Metzmacher1-460/+7
The other code pathes are unused, because we always have the spnego gensec module. metze
2012-01-25s3:smb2_sessetup: call set_current_user_info() and reload_services() on successStefan Metzmacher1-0/+11
This matches the smb1 code. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 25 08:39:35 CET 2012 on sn-devel-104
2012-01-12s3:smbd: explicitly ask for GENSEC_FEATURE_UNIX_TOKENStefan Metzmacher1-0/+3
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jan 12 11:22:53 CET 2012 on sn-devel-104
2012-01-05s3-auth Remove ntlmssp_wrap.h which is no longer requiredAndrew Bartlett1-1/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-auth use gensec directly rather than via auth_generic_stateAndrew Bartlett1-20/+20
This is possible because the s3 gensec modules are started as normal gensec modules, so we do not need a wrapper any more. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s3-auth Add TALLOC_CTX * to auth_generic_prepare()Andrew Bartlett1-10/+3
This makes the long term owner of this memory more clear. So far only the clear cases have been moved from NULL however. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3-auth remove auth_ntlmssp_start(), call auth_generic_start() directlyAndrew Bartlett1-3/+3
This makes it clear that this can support more than just NTLMSSP. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-22s3-auth rename auth_ntlmssp_prepare() -> auth_generic_prepare()Andrew Bartlett1-3/+3
This function handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-15s3:smbd: pass smbd_server_connection and a snumused function pointer to ↵Stefan Metzmacher1-1/+1
reload_services() metze
2011-11-03s3:smbd: make use of SMB_SIGNING_* constantsStefan Metzmacher1-2/+2
metze
2011-10-21s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett1-3/+3
We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett1-11/+12
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-auth remove auth_ntlmssp_session_info()Andrew Bartlett1-6/+6
Instead, call gensec_session_info() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett1-1/+1
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-09-23Fix bug #8477 - Map to guest can return uninitialized blob of data.Jeremy Allison1-1/+3
Found by Codenomicon at SNIA SDC. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Sep 23 03:19:46 CEST 2011 on sn-devel-104
2011-09-22s3:smb2_server: fix a logic error, we should sign non guest sessionsStefan Metzmacher1-1/+1
metze
2011-09-21s3:smb2-server: session setup replies should always be signed (except for ↵Michael Adam1-2/+7
guest sessions) not only if the session should be signed Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Sep 21 11:00:09 CEST 2011 on sn-devel-104
2011-09-07s3:smb2_server: use smbd_smb2_request_verify_sizes() in smb2_sesssetup.cStefan Metzmacher1-26/+9
metze
2011-08-03ntlmssp: Add ntlmssp_blob_matches_magic()Andrew Bartlett1-1/+1
This avoids having the same check in 3 different parts of the code Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Aug 3 12:45:04 CEST 2011 on sn-devel-104
2011-08-03s3-auth rename auth_ntlmssp_steal_session_info()Andrew Bartlett1-6/+6
There is no longer any theft of memory as the underlying routines now produce a new auth_session_info for this caller, allocating it on the supplied memory context. Andrew Bartlett
2011-08-03s3-auth use auth_generic_start to get full GENSEC in Samba3 session setupAndrew Bartlett1-7/+18
This tests if the auth_generic_start() hook is available on the auth context during the negprot, and if so it uses auth_generic_start() to hook to GENSEC to handle the full SPNEGO blob. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-smbd Ensure we do not read past the end of a possible NTLMSSP blobAndrew Bartlett1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-auth set session_info->sanitized_username in create_local_token()Andrew Bartlett1-16/+0
Rather than passing this value around the callers, and eventually setting it in register_existing_vuid(), we simply pass it to create_local_token(). This also removes the need for auth_ntlmssp_get_username(). Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Split auth_ntlmssp_start into two functionsAndrew Bartlett1-3/+25
This helps map on to the GENSEC semantics better, and ensures that the full set of desired features are set before the mechanism starts. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>