summaryrefslogtreecommitdiff
path: root/source4/smb_server/sesssetup.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11778: - remove unused memory contexts as req is already the temporary ↵Stefan Metzmacher1-47/+21
context for the current request - just use '0', I'll remove the UID_FIELD_INVALID macro completly later - why search for the session we have just create - add TODO notices, I need to dicuss them with abartlet... metze (This used to be commit 4bceb94749fba3138c492bed2733fad006affcc5)
2007-10-10r11367: Ensure to intialise the new logon_parameters (0 for session setups).Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit abff53b6339b7924ff705c7e3685135e85d8ed7a)
2007-10-10r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett1-0/+2
authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10r10946: Use the right name for the remote workstation, and always initialise it.Andrew Bartlett1-4/+4
Should fix a valgrind error volker is seeing. Andrew Bartlett (This used to be commit 11957c5f37fe0a0be465a9ce9d6d256724c5951c)
2007-10-10r8706: My previous patch oversimplied the previous change to session setup -Andrew Bartlett1-3/+14
we didn't cope with the 'anonymous NTLM under SPNEGO' login. Andrew Bartlett (This used to be commit c3cc14542e426b23e468a11803c1bab0f6fe290f)
2007-10-10r8700: Propmted by tridge's need to do plaintext auth in ejs, rework theAndrew Bartlett1-54/+59
user_info strcture in auth/ This moves it to a pattern much like that found in ntvfs, with functions to migrate between PAIN, HASH and RESPONSE passwords. Instead of make_user_info*() functions, we simply fill in the control block in the callers, per recent dicussions on the lists. This removed a lot of data copies as well as error paths, as we can grab much of it with talloc. Andrew Bartlett (This used to be commit ecbd2235a3e2be937440fa1dc0aecc5a047eda88)
2007-10-10r8627: fixed a big memory leak in the spnego gensec code in sessionAndrew Tridgell1-2/+3
setup. Andrew, please check over this. What happens is this: - run the BASE-SECLEAK test - with each failed session setup using spnego a gensec ctx is leaked into the smb_conn structure - after the client disconnects these are finally cleaned up as they are all children of the connection structure - the cleanup of the millions of memory objects takes long enough that the next operation in test_posix.sh sometimes fails with a timeout Andrew, can you also look at the talloc_reference() on line 332 of sesssetup.c ? I suspect it isn't needed (I don't think it does any actual harm though) (This used to be commit b40fb6a4569ccc1fa1750a1e534e18a020764b4c)
2007-10-10r8119: fixed two error code returns in the smb server now that we haveAndrew Tridgell1-1/+1
torture code that can tell the difference between dos and ntstatus codes without mapping (This used to be commit 5521060c089c2181a2f3c7aeabd2f3ba813c6e60)
2007-10-10r7675: Use correct memory context for anonymous session setup auth contextAndrew Bartlett1-2/+2
(no need for it to hang around forever). Add test for this behaviour. Andrew Bartlett (This used to be commit 36dc2491d778fbbff32c4abdf95faa9f83024e12)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell1-2/+5
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r6270: Move the VUID handling to a IDR tree. This should avoid O(n)Andrew Bartlett1-53/+90
behaviour on session setups, and because we no longer need do deal with the linked list as much, the code is much simpiler too. We may be able to compleatly remove the tid and vuid linked lists, but I need to check. This patch also tries to clean up the VUID handling and session setups in general. To avoid security issues, we now have a distinction between VUIDs allocated for the session setup (to tie togeather the multiple round trips) and those used after authentication. Andrew Bartlett (This used to be commit 3e5775146d9ce6f0ac43aecae7e899b5324399ad)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-1/+1
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5102: This is a major simplification of the logic for controlling top levelAndrew Tridgell1-0/+1
servers in smbd. The old code still contained a fairly bit of legacy from the time when smbd was only handling SMB connection. The new code gets rid of all of the smb_server specific code in smbd/, and creates a much simpler infrastructures for new server code. Major changes include: - simplified the process model code a lot. - got rid of the top level server and service structures completely. The top level context is now the event_context. This got rid of service.h and server.h completely (they were the most confusing parts of the old code) - added service_stream.[ch] for the helper functions that are specific to stream type services (services that handle streams, and use a logically separate process per connection) - got rid of the builtin idle_handler code in the service logic, as none of the servers were using it, and it can easily be handled by a server in future by adding its own timed_event to the event context. - fixed some major memory leaks in the rpc server code. - added registration of servers, rather than hard coding our list of possible servers. This allows for servers as modules in the future. - temporarily disabled the winbind code until I add the helper functions for that type of server - added error checking on service startup. If a configured server fails to startup then smbd doesn't startup. - cleaned up the command line handling in smbd, removing unused options (This used to be commit cf6a46c3cbde7b1eb1b86bd3882b953a2de3a42e)
2007-10-10r4819: its just not my day today ....Andrew Tridgell1-0/+1
(This used to be commit e54a97f8a67a04427b36cb4afac204c4e5f4502a)
2007-10-10r4777: added a smb_composite_sesssetup() async composite function. ThisAndrew Tridgell1-4/+1
encapsulates all the different session setup methods, including the multi-pass spnego code. I have hooked this into all the places that previously used the RAW_SESSSETUP_GENERIC method, and have removed the old RAW_SESSSETUP_GENERIC code from clisession.c and clitree.c. A nice side effect is that these two modules are now very simple again, back to being "raw" session setup handling, which was what was originally intended. I have also used this to replace the session setup code in the smb_composite_connect() code, and used that to build a very simple replacement for smbcli_tree_full_connection(). As a result, smbclient, smbtorture and all our other SMB connection code now goes via these composite async functions. That should give them a good workout! (This used to be commit 080d0518bc7d6fd4bc3ef783e7d4d2e3275d0799)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher1-45/+42
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4358: At metze's request, the Christmas elves have removed gensec_end inAndrew Bartlett1-1/+2
favor of talloc_free(). Andrew Bartlett (This used to be commit 1933cd12fbaed56e13f2386b19de6ade99bf9478)
2007-10-10r4355: More work from the elves on Christmas eve:Andrew Bartlett1-0/+2
- Update Samba4's kerberos code to match the 'salting' changes in Samba3 (and many other cleanups by jra). - Move GENSEC into the modern era of talloc destructors. This avoids many of the memory leaks in this code, as we now can't somehow 'forget' to call the end routine. - This required fixing some of the talloc hierarchies. - The new krb5 seems more sensitive to getting the service name right, so start actually setting the service name on the krb5 context. Andrew Bartlett (This used to be commit 278bf1a61a6da6ef955a12c13d7b1a0357cebf1f)
2007-10-10r4079: implement the gensec_have_feature() correctly by askingStefan Metzmacher1-1/+1
the backend what is actually in use metze (This used to be commit 6f3eb7bc03609108b9e0ea5676fca3d04140e737)
2007-10-10r4070: move some defines from asn_1.h to the places they belong toStefan Metzmacher1-2/+1
metze (This used to be commit ab2c2f27e1c61516e885f02bf26350f97209057a)
2007-10-10r3466: split out request.h, signing.h, and smb_server.hAndrew Tridgell1-0/+2
(This used to be commit 7c4e6ebf05790dd6e29896dd316db0fff613aa4e)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell1-0/+1
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3453: - split out the auth and popt includesAndrew Tridgell1-0/+1
- tidied up some of the system includes - moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl knows about inter-IDL dependencies (This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
2007-10-10r3361: Allow Samba4 (I'm interested in ntlm_auth in particular) to useAndrew Bartlett1-11/+20
Samba3's winbind. This is also the start of domain membership code in Samba4, as we now (partially) parse the info3, and use it like Samba3 does. Andrew Bartlett (This used to be commit c1b7303c1c7d9fb815006c3bd2af20a0010d15a8)
2007-10-10r3186: Use the properties of the new talloc() system to handle the authAndrew Bartlett1-5/+7
session info and server info structures. Andrew Bartlett (This used to be commit 5bdf391b3bc10291739f5640be9a404dbbeda273)
2007-10-10r2797: don't free the server_info before using it for anonymous connectionsAndrew Tridgell1-3/+2
(This used to be commit 5f5b04196c7930c91e6c00e0276f25f88181b317)
2007-10-10r2669: convert make_user_info() and associated functions from malloc to tallocAndrew Tridgell1-3/+5
(This used to be commit 278cef77f083c002d17ecbbe18c20825a380eda3)
2007-10-10r2657: if we are already fully authenticated in session setup then the vuid ↵Andrew Tridgell1-6/+3
is ignored (This used to be commit 50d5c638a3710855be67cd41dccc9658d64b70fd)
2007-10-10r2648: - use a destructor on struct server_connection to simplify theAndrew Tridgell1-1/+1
connection termination cleanup, and to ensure that the event contexts are properly removed for every process model - gave auth_context the new talloc treatment, which removes another source of memory leaks. (This used to be commit 230e1cd777b0fba82dffcbd656cfa23c155d0560)
2007-10-10r2629: convert gensec to the new talloc modelAndrew Tridgell1-1/+1
by making our gensec structures a talloc child of the open connection we can be sure that it will be destroyed when the connection is dropped. (This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
2007-10-10r2590: fixed one of the server security memory leaks. There are more :(Andrew Tridgell1-0/+4
(This used to be commit 9e1eb58e4b332e4a300e8b546a5d39bd2f7cd7a6)
2007-10-10r2542: I really don't like the 'substitute' code, and I particularly don'tAndrew Bartlett1-1/+18
like it in the mainline code (outside the smb.conf magic). We will need to have a more useful 'helper' routine for this, but for now we at least get a reliable IP address. Also remove the unused 'socket' structure in the smb server - it seems to have been replaced by the socket library. Andrew Bartlett (This used to be commit d8fd19a2020da6cce691c0db2b00f42e31d672cc)
2007-10-10r2521: fixed two uninitialised data errors found with valgrind whenAndrew Tridgell1-4/+1
negotiating a old style session setup (eg. LANMAN1) (This used to be commit 04f68f481c49102411b168593adaddf5e97b7d4d)
2007-10-10r2249: got rid of some more mem_ctx elements in structuresAndrew Tridgell1-5/+5
(This used to be commit 21ef338cbbe96acc8594ffc550ef60c6a40fb951)
2007-10-10r2041: Fix NTLMSSP RPC sealing, client -> win2k3 server.Andrew Bartlett1-0/+2
The bug (found by tridge) is that Win2k3 is being tighter about the NTLMSSP flags. If we don't negotiate sealing, we can't use it. We now have a way to indicate to the GENSEC implementation mechanisms what things we want for a connection. Andrew Bartlett (This used to be commit 86f61568ea44c5719f9b583beeeefb12e0c26f4c)
2007-10-10r1796: Enable server-side SPNEGO, now that I have fixed the server-side SMBAndrew Bartlett1-8/+22
signing code to be able to cope. Andrew Bartlett (This used to be commit cb74d52b563730a50e33c92d868c45ee96a598e8)
2007-10-10r1762: Ensure that a user (as opposed to guest) cannot login without SPNEGO,Andrew Bartlett1-4/+6
when we have negotiated SPNEGO. Andrew Bartlett (This used to be commit 07e3d2c4cd77d06c9ffaefd481ba58e4debe028c)
2007-10-10r1747: don't segfault when the spnego mech only use one call from the client ↵Stefan Metzmacher1-9/+19
to finish metze (This used to be commit ddac5e46d42d3b2daae10107b1bcb3b138de7474)
2007-10-10r1731: Add server-side SPNEGO support to Samba (disabled, until SMB signingAndrew Bartlett1-13/+104
is reworked). Andrew Bartlett (This used to be commit 73ee549b8c54e93556ff0105941996e0d4de8303)
2007-10-10r1687: Fix bogus requirement for SMB signing on guest connections.Andrew Bartlett1-1/+4
Andrew Bartlett (This used to be commit 3520af0f3d8826ac52a7fb6a658ed0924e51bbf7)
2007-10-10r1507: fixed the handling of SMB chaining with the new server structure. YouAndrew Tridgell1-5/+15
must think carefully about packet chaining when dealing with any authentication or SMB parsing issues. The particular problem here was that a chained tconX didn't get the req->session setup after an initial sesstion setup call, so the tconx used a bogus VUID. (This used to be commit 6f2a335cd623211071b01d982d4e7c69b49a5602)
2007-10-10r1499: combine struct user_struct and struct smbsrv_userStefan Metzmacher1-2/+2
to a struct smbsrv_session that the same as cli_session for the client we need a gensec_security pointer there (spnego support will follow) prefix some related functions with smbsrv_ metze (This used to be commit f276378157bb9994c4c91ce46150a510de5c33f8)
2007-10-10r1337: use sess->nt1. in sesssetup_nt1 :-)Stefan Metzmacher1-1/+1
metze (This used to be commit ee711c71fedd9d24b5a78b51d9dc3e166645260f)
2007-10-10r1336: check the vuid in old style sessionsetup tooStefan Metzmacher1-0/+3
metze (This used to be commit 32e307857ccc99b446e7574d46b610c63ee03583)
2007-10-10r1293: IndentAndrew Bartlett1-3/+5
Andrew Bartlett (This used to be commit 9002584c020a48ab37cce103b4413e871aae2985)
2007-10-10r1291: rename struct smbsrv_context to smbsrv_connectionStefan Metzmacher1-11/+11
because this is the connection state per transport layer (tcp) connection I also moved the substructs directly into smbsrv_connection, because they don't need a struct name and we should allway pass the complete smbsrv_connection struct into functions metze (This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
2007-10-10r1280: rename struct request_context to smbsrv_requestStefan Metzmacher1-5/+5
metze (This used to be commit a85d2db5826a84b812ea5162a11f54edd25f74e3)
2007-10-10r1277: rename struct server_context to smbsrv_ontextStefan Metzmacher1-11/+11
because I need server_context fot the generic server infastructure metze (This used to be commit 0712f9f30797e65362c99423c0cf158a2f539000)
2007-10-10r1268: varient -> variantTim Potter1-1/+1
(This used to be commit de5984c95602ca67e8ac3139c3aa4330b74266e0)
2007-10-10r1019: Push the auth subsystem away from using typedef, and over to the 'allAndrew Bartlett1-19/+19
goodness and light' struct ;-) Break apart the auth subsystem's return strucutres, into the parts that a netlogon call cares about, and the parts that are for a local session. This is the 'struct session_info' and it will almost completly replace the current information stored on a vuid, but be generic to all login methods (RPC over TCP, for example). Andrew Bartlett (This used to be commit d199697014d9562f9439a30b950fda798c5ef419)