Age | Commit message (Collapse) | Author | Files | Lines |
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 5 18:29:24 CEST 2011 on sn-devel-104
|
|
|
|
|
|
This avoids having the same check in 3 different parts of the code
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Aug 3 12:45:04 CEST 2011 on sn-devel-104
|
|
There is no longer any theft of memory as the underlying routines now
produce a new auth_session_info for this caller, allocating it
on the supplied memory context.
Andrew Bartlett
|
|
The NTLMSSP code always specified "" as the username, and this makes
guest logins via the old-style session setup do the same.
Andrew Bartlett
|
|
This tests if the auth_generic_start() hook is available on the auth
context during the negprot, and if so it uses auth_generic_start() to
hook to GENSEC to handle the full SPNEGO blob.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token(). This also removes the need for
auth_ntlmssp_get_username().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This helps map on to the GENSEC semantics better, and ensures that the
full set of desired features are set before the mechanism starts.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is changed so that the callers ask for the additional flags
that they need, starting with no additional flags.
This helps to create a proper abstraction layer in
ntlmssp_wrap/auth_ntlmssp.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This clarifies the lifetime of the returned token.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This allows auth_ntlmssp_get_ntlmssp_state() to be removed.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This means we no longer need two different map to guest functions
and have consistent logic with fewer layering violations.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
have already called check_name.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Aug 3 03:00:55 CEST 2011 on sn-devel-104
|
|
Found when reading with aio_fork beyond the end of file.
Metze, Jeremy, please check!
Without this we get
[2011/08/02 21:02:54.082661, 0] lib/util.c:778(smb_panic_s3)
PANIC (pid 2302): smbd/smb2_read.c:593: Type mismatch: name[NULL] expected[struct smbd_smb2_read_state]
[2011/08/02 21:02:54.094316, 0] lib/util.c:882(log_stack_trace)
BACKTRACE: 23 stack frames:
#0 bin/smbd(log_stack_trace+0x2d) [0xb72873d8]
#1 bin/smbd(smb_panic_s3+0x7c) [0xb7287529]
#2 bin/smbd(smb_panic+0x2f) [0xb7277e1f]
#3 /root/git/s3-work/source3/bin/libtalloc.so.2 [0xb6c6bc48]
#4 /root/git/s3-work/source3/bin/libtalloc.so.2 [0xb6c6ec79]
#5 /root/git/s3-work/source3/bin/libtalloc.so.2(_talloc_get_type_abort+0x34) [0xb6c6ecb3]
#6 bin/smbd [0xb6fbc405]
#7 bin/smbd(_tevent_req_notify_callback+0x4a) [0xb729a85a]
#8 bin/smbd [0xb729a888]
#9 bin/smbd(_tevent_req_done+0x19) [0xb729aa73]
#10 bin/smbd [0xb6fae517]
#11 bin/smbd [0xb6fad258]
#12 bin/smbd(smbd_aio_complete_aio_ex+0xf5) [0xb6fad6e8]
#13 /root/git/inst/modules/vfs/aio_fork.so [0xb66d4992]
#14 bin/smbd(run_events_poll+0x400) [0xb7297df2]
#15 bin/smbd(smbd_process+0xd75) [0xb6f9d3a7]
#16 bin/smbd [0xb756f07b]
#17 bin/smbd(run_events_poll+0x400) [0xb7297df2]
#18 bin/smbd [0xb7298254]
#19 bin/smbd(_tevent_loop_once+0x9e) [0xb72986ac]
#20 bin/smbd(main+0x185c) [0xb7570e59]
#21 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb6b08455]
#22 bin/smbd [0xb6f14e01]
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Aug 2 22:33:15 CEST 2011 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Aug 2 17:37:44 CEST 2011 on sn-devel-104
|
|
This way we can properly deal with pcap updates in the background queue process
if it is enabled (on by default) and not perform these actions in the main
smbd process.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
Remove embedded mode cause this will not work. It was only there for
testing.
|
|
|
|
smb2_validate_message_id: bad message_id
Modify the credit granting algorithm to closer to what I believe
Windows does.
Split up max_credits into 1/16ths, and then scale
the requested credits by how many 16ths have been
currently granted. Less than 1/16th == grant all
requested (100%), scale down as more have been
granted. Never ask for less than 1 if the client
asked for at least 1.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jul 29 20:37:42 CEST 2011 on sn-devel-104
|
|
|
|
|
|
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
|
|
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
|
|
Without this, an active client connection can starve the echo responder. This
leads to apparently "lost" SMBs.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Jul 28 18:53:38 CEST 2011 on sn-devel-104
|
|
|
|
|
|
Read a SMB packet in the echo responder, giving the parent one second to step
in
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jul 28 02:09:20 CEST 2011 on sn-devel-104
|
|
Put InternalPipes related functions in rpc_handles.c and out of rpc_ncacn_np.c
rpc_handles.c is the only file that really uses them after all and ncacn_np.c
is the wrong place for that stuff.
While ther remove unnecessary wrapper functions now that the InternalPipes
static variable is directly accessible.
Also move all pipes_struct related header stuff in its own rpc_pipes.h header.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Instead, we base our guest calculations on the presence or absense of the
authenticated users group in the token, ensuring that we have only
one canonical source of this important piece of authorization data
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This makes auth3_session_info identical to auth_session_info
The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is closer to the layout of struct auth_session_info in auth.idl
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This brings this structure one step closer to the struct auth_session_info.
A few SMB_ASSERT calls are added in some key places to ensure that
this pointer is initialised, to make tracing any bugs here easier in
future.
NOTE: Many of the users of this structure should be reviewed, as unix
and NT access checks are mixed in a way that should just be done using
the NT ACL. This patch has not changed this behaviour however.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The --log-stdout option was compromised by the log file descriptors being
closed once the file process forked.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Remove
int toupper_ascii(int c);
int tolower_ascii(int c);
int isupper_ascii(int c);
int islower_ascii(int c);
and replace with their _m equivalents, as they are identical.
|
|
|