summaryrefslogtreecommitdiff
path: root/source4/smb_server/reply.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-6/+6
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r4927: parse the NBT session request in the smb server. This gets rid of thatAndrew Tridgell1-7/+41
annoying "not parsing session request" message on each SMB connection (This used to be commit b06b8dd2f4f4fea750b05fd29d68372828159f16)
2007-10-10r4726: - use the name tcon and tid instead of conn and cnumStefan Metzmacher1-5/+5
- make use of talloc destructors metze (This used to be commit 8308da6ce4a95f8c10e22949ef00e9e64f2dbb85)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell1-1/+1
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4549: got rid of a lot more uses of plain talloc(), instead usingAndrew Tridgell1-3/+3
talloc_size() or talloc_array_p() where appropriate. also fixed a memory leak in pvfs_copy_file() (failed to free a memory context) (This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10r4382: check for bad tid in SMBtdisAndrew Tridgell1-0/+5
(This used to be commit 44ca3f41cc835e22e6adca48ddfd84f246b22bfb)
2007-10-10r4364: - added support for testing of chained SMB operations in smbtortureAndrew Tridgell1-0/+4
- added test for chained OpenX/ReadX, simulating the OS/2 workplace shell - fixed a bug in handling chained fnum in openx and ntcreatex in the server (yes, I'm on holiday, but this bug was annoying me ....) (This used to be commit b3b8958a18e302b815d98c0e3879e404bced6a08)
2007-10-10r4173: - new t2open code, that can cope with "create with EAs". Many thanksAndrew Tridgell1-1/+1
to kukks on #samba-technical for the sniffs that allowed me to work this out - much simpler ntvfs open generic mapping code - added t2open create with EA torture test to RAW-OPEN test (This used to be commit a56d95ad89b4f32a05974c4fe9a816d67aa369e3)
2007-10-10r4159: fixed error return for writebrawAndrew Tridgell1-2/+1
(This used to be commit 13c7794e02b0d5c83baa5efbe93e46defd38c8e1)
2007-10-10r4101: ignore secondary session requests to cope with a OS/2 bug reported byAndrew Tridgell1-2/+1
Guenter Kukkukk (This used to be commit 49c8df5648eae1e8222c0dd2859fd2ff62ef34ce)
2007-10-10r4095: smbsrv_terminate_connection() doesn't exit() in single processor ↵Andrew Tridgell1-2/+5
mode, so after we call it we need to return, and not continue processing packets (This used to be commit 33e4cee17dbfbb79e5ae68fda893a4d313865eb5)
2007-10-10r4069: better error code for SMBwriteBMPXAndrew Tridgell1-4/+2
(This used to be commit eef066175f98f38eff465f941a7bd747173e8db9)
2007-10-10r4063: - change char * -> uint8_t in struct request_bufferStefan Metzmacher1-10/+10
- change smbcli_read/write to take void * for the buffers to match read(2)/write(2) all this fixes a lot of gcc-4 warnings metze (This used to be commit b94f92bc6637f748d6f7049f4f9a30b0b8d18a7a)
2007-10-10r3806: added support to smb_server and pvfs for the NTTRANS Create call. ThisAndrew Tridgell1-0/+2
call has an optional sec_desc and ea_list. (This used to be commit 8379ad14e3d51a848a99865d9ce8d56a301e8a3c)
2007-10-10r3756: Fix netbios session request reply. The buffer should not be a stack-basedVolker Lendecke1-1/+1
variable that is overwritten later. Samba3 smbclient still does not like Samba4. In ntlmssp samba3 smbclient expects an mechlistmic that 4 does not send. Volker (This used to be commit 614dbd8fec09a5e4c63e4b7774aa38335e030a42)
2007-10-10r3573: added trans2open support to smbd and pvfs, and fine-tuned the ↵Andrew Tridgell1-1/+1
open->generic ntvfs mapping code. (This used to be commit ed844192d7f7ed487290f719df65f256a5b0b9bc)
2007-10-10r3531: add support for RAW_OPEN_MKNEW, RAW_OPEN_CREATE and RAW_OPEN_CTEMP in ↵Andrew Tridgell1-1/+5
pvfs (This used to be commit 1d2f0a55c1de01cbbf6552371584847223841bc3)
2007-10-10r3529: fixed signing support for SMBntcancel requests (no reply means seqAndrew Tridgell1-0/+1
number rises by 1, not 2) (This used to be commit 201ff734d47cb0c335820f11e2629cb3bd18162f)
2007-10-10r3528: added support for the SMBntcancel() operation, which cancels anyAndrew Tridgell1-1/+3
outstanding async operation (triggering an immediate timeout). pvfs now passes the RAW-MUX test (This used to be commit 3423e2f41461d054067ef168b9b986f62cc8f77c)
2007-10-10r3493: fixed a bug in readx reply where the client specifies an invalid highAndrew Tridgell1-1/+7
part of the maxcnt. This caused an allocation failure and server exit. Note: we need to go back over all the places in the core smb_server that can cause allocation failures based on user input and fix them to instead produce a SMB error. Thanks to Susan for finding this bug. (This used to be commit 4aed1b7921a3bfef460f8602467ac0dca9561032)
2007-10-10r3466: split out request.h, signing.h, and smb_server.hAndrew Tridgell1-0/+2
(This used to be commit 7c4e6ebf05790dd6e29896dd316db0fff613aa4e)
2007-10-10r3461: another place where "open" was used as a structure elementAndrew Tridgell1-6/+6
(This used to be commit 1087ea830e7aead86d54a1836512e88554afc919)
2007-10-10r3458: more solaris portability fixes, the main one being that we can't use aAndrew Tridgell1-11/+11
structure element called "open" as its a macro on solaris. (This used to be commit 4e92e15c4e396b1d8cd211192888fea68c2cf0f9)
2007-10-10r3441: some include file cleanups and general housekeepingAndrew Tridgell1-1/+1
(This used to be commit 73ea8ee6c268371d05cf74160f2ad451dd2ae699)
2007-10-10r3350: fixed a bug with sending multiple replies for the one request, asAndrew Tridgell1-3/+7
happens with trans2, trans and echo. Now that smbd is async we queue the multiples replies all at once, and now need a way to ensure each reply gets it own smbsrv_request buffer. I have added req_setup_secondary() to cope with this. (This used to be commit 2dbd2abc5f197ee21d7dceeda2922c7449c46d99)
2007-10-10r3336: use a struct ntvfs_async_state to be able to do async chaning of ↵Stefan Metzmacher1-152/+152
ntvfs modules the idea is that a passthru module can use ntvfs_async_state_push() before calling ntvfs_next_*() and in the _send function it calls ntvfs_async_state_pop() and then call the upper layer send_fn itself - ntvfs_nbench is now fully async - the ntvfs_map_*() functions and the trans(2) mapping functions are not converted yet metze (This used to be commit fde64c0dc142b53d128c8ba09af048dc58d8ef3a)
2007-10-10r3243: read the high offset count in SMBreadx in the serverAndrew Tridgell1-0/+1
(This used to be commit 977bc87d18d2ea8c6967bd8c1b953b09fff9b434)
2007-10-10r3234: in SMBreadx, if the client asks for exactly 65535 bytes then don't tryAndrew Tridgell1-3/+13
to align the buffer, as that would make the read reply not fit (This used to be commit 70be45de05993d386ceaf54325d1c3023008eaed)
2007-10-10r3084: mincnt and maxcnt were the wrong way around in readbraw server codeAndrew Tridgell1-2/+2
(This used to be commit e11b000319953dfeeb84fed142e857a5247a93e9)
2007-10-10r3081: several updates to ntvfs and server side async request handling inAndrew Tridgell1-3/+38
preparation for the full share modes and ntcreatex code that I am working on. highlights include: - changed the way a backend determines if it is allowed to process a request asynchronously. The previous method of looking at the send_fn caused problems when an intermediate ntvfs module disabled it, and the caller then wanted to finished processing using this function. The new method is a REQ_CONTROL_MAY_ASYNC flag in req->control_flags, which is also a bit easier to read - fixed 2 bugs in the readbraw server code. One related to trying to answer a readbraw with smb signing (which can't work, and crashed our signing code), the second related to error handling, which attempted to send a normal SMB error packet, when readbraw must send a 0 read reply (as it has no header) - added several more ntvfs_generic.c generic mapping functions. This means that backends no longer need to implement such esoteric functions as SMBwriteunlock() if they don't want to. The backend can just request the mapping layer turn it into a write followed by an unlock. This makes the backends considerably simpler as they only need to implement one style of each function for lock, read, write, open etc, rather than the full host of functions that SMB provides. A backend can still choose to implement them individually, of course, and the CIFS backend does that. - simplified the generic structures to make them identical to the principal call for several common SMB calls (such as RAW_WRITE_GENERIC now being an alias for RAW_WRITE_WRITEX). - started rewriting the pvfs_open() code in preparation for the full ntcreatex semantics. - in pvfs_open and ipc_open, initially allocate the open file structure as a child of the request, so on error we don't need to clean up. Then when we are going to succeed the open steal the pointer into the long term backend context. This makes for much simpler error handling (and fixes some bugs) - use a destructor in the ipc backend to make sure that everthing is cleaned up on receive error conditions. - switched the ipc backend to using idtree for fnum allocation - in the ntvfs_generic mapping routines, use a allocated secondary structure not a stack structure to ensure the request pointer remains valid even if the backend replies async. (This used to be commit 3457c1836c09c82956697eb21627dfa2ed37682e)
2007-10-10r2751: this is a new ntvfs design which tries to solve:Stefan Metzmacher1-39/+39
- the stacking of modules - finding the modules private data - hide the ntvfs details from the calling layer - I set NTVFS_INTERFACE_VERSION 0 till we are closer to release (because we need to solve some async problems with the module stacking) metze (This used to be commit 3ff03b5cb21bb79afdd3b1609be9635f6688a539)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell1-14/+26
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)
2007-10-10r2618: before we had refererence counts in talloc I added a hack in theAndrew Tridgell1-6/+2
server side request structure to prevent a structing being freed in some circumstances. This change replaces this with the much more robust mechanism of talloc_increase_ref_count(). (This used to be commit 3f7741f178b359f81cc98ef18cd69bf976123e9f)
2007-10-10r2541: Add a TODO: This is one place we can grab the remote netbios name.Andrew Bartlett1-1/+2
Andrew Bartlett (This used to be commit cd2f97530b2846bdb98ef36fabdc0a1cdd9e69fd)
2007-10-10r2469: complete overhaul of the old-style RAW_SEARCH_ calls (the OS/2 andAndrew Tridgell1-1/+1
original core level calls). The old code was completely wrong in many respects. also fixed the EA_SIZE level in the server extended the RAW-SEARCH test suite to test the new code properly (This used to be commit 71480271ad84b57fcdde264a54bb2408cf783255)
2007-10-10r2460: fixed the spnego code that I recently brokeAndrew Tridgell1-0/+4
(This used to be commit 9a708e2281b87e41032e8a0b12bb5ac3b0e151ce)
2007-10-10r2455: don't use the uninitialised sess structure when auth failsAndrew Tridgell1-4/+6
(This used to be commit 93d444e6fd6b0e86a17a9aa8fa72408435cab3e0)
2007-10-10r2249: got rid of some more mem_ctx elements in structuresAndrew Tridgell1-3/+3
(This used to be commit 21ef338cbbe96acc8594ffc550ef60c6a40fb951)
2007-10-10r1727: SPNEGO session setup replies need to include the blob, even on errorAndrew Bartlett1-5/+4
cases, so don't shorten them back to 0 byte data length. Andrew Bartlett (This used to be commit 66c54fe7ebdbe1348731191d86ac4804e99d114e)
2007-10-10r1499: combine struct user_struct and struct smbsrv_userStefan Metzmacher1-1/+1
to a struct smbsrv_session that the same as cli_session for the client we need a gensec_security pointer there (spnego support will follow) prefix some related functions with smbsrv_ metze (This used to be commit f276378157bb9994c4c91ce46150a510de5c33f8)
2007-10-10r1486: commit the start of the generic server infastructureStefan Metzmacher1-1/+1
the idea is to have services as modules (smb, dcerpc, swat, ...) the process_model don't know about the service it self anymore. TODO: - the smbsrv should use the smbsrv_send function - the service subsystem init should be done like for other modules - we need to have a generic socket subsystem, which handle stream, datagram, and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server , or for smb or dcerpc or whatever to connect to a server wide auth service) - and other fixes... NOTE: process model pthread seems to be broken( but also before this patch!) metze (This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
2007-10-10r1479: print out domain tooStefan Metzmacher1-0/+1
(This used to be commit 2758c26ac96a62d7e0853e5d5fa95925ddce3420)
2007-10-10r1291: rename struct smbsrv_context to smbsrv_connectionStefan Metzmacher1-21/+21
because this is the connection state per transport layer (tcp) connection I also moved the substructs directly into smbsrv_connection, because they don't need a struct name and we should allway pass the complete smbsrv_connection struct into functions metze (This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
2007-10-10r1280: rename struct request_context to smbsrv_requestStefan Metzmacher1-81/+81
metze (This used to be commit a85d2db5826a84b812ea5162a11f54edd25f74e3)
2007-10-10r1279: rename struct tcon_context to smbsrv_tconStefan Metzmacher1-41/+41
metze (This used to be commit 99473fab4b1ff87a795f3c08f4c521d9beb504c0)
2007-10-10r1277: rename struct server_context to smbsrv_ontextStefan Metzmacher1-21/+21
because I need server_context fot the generic server infastructure metze (This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
2007-10-10r1268: varient -> variantTim Potter1-6/+6
(This used to be commit de5984c95602ca67e8ac3139c3aa4330b74266e0)
2007-10-10r890: convert samba4 to use [u]int8_t instead of [u]int8Stefan Metzmacher1-1/+1
metze (This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
2007-10-10r889: convert samba4 to use [u]int16_t instead of [u]int16Stefan Metzmacher1-8/+8
metze (This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
2007-10-10r884: convert samba4 to use [u]int32_t instead of [u]int32Stefan Metzmacher1-5/+5
metze (This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)