Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
|
|
metze
|
|
It is just easier to fill in the known to be 8 byte challenge than
stuff about with allocated pointers.
Andrew Bartlett
|
|
Thanks to Metze for spotting this.
|
|
This helps with the CIFS NTVFS backend, but doesn't solve all problems
|
|
|
|
In order to implement root_fid in the s4 SMB server we need to declare
it as a handle type, just as for other fnum values in SMB. This
required some extensive (but simple) changes in many bits of code.
|
|
|
|
see bug #6610
The MacOSX SMB client sets the BCC value in SMBwriteX calls to zero
instead of the correct size. Checking against WindowsXP, I've found
that Windows uses the maximum of the computed buffer size and the
given BCC value. I've changed Samba4 to do the same to allow MacOSX to
work.
I've limited this change to non-chained packets to ensure we don't get
the possibility of exploits based on overlapping chained requests
|
|
|
|
This fixes bug 6547, where smbclient in S3 reads more than 64k at a
time with readx.
|
|
|
|
We need to loop over all given dialects and check
if we can find SMB2_DIALECT_REVISION_202.
metze
|
|
This change brings ntvfs_connect into compliance with other ntvfs functions
which take an ntvfs module, an ntvfs request and an smb io union.
It now becomes the responsibility of ntvfs modules to examine
tcon->generic.level themselves and derive the share name and any other
options
directly; e.g.
const char *sharename;
switch (tcon->generic.level) {
case RAW_TCON_TCON:
sharename = tcon->tcon.in.service;
break;
case RAW_TCON_TCONX:
sharename = tcon->tconx.in.path;
break;
case RAW_TCON_SMB2:
default:
return NT_STATUS_INVALID_LEVEL;
}
if (strncmp(sharename, "\\\\", 2) == 0) {
char *p = strchr(sharename+2, '\\');
if (p) {
sharename = p + 1;
}
}
service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in
some of the tcon->..out values.
For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and
tcon->tconx.out.options
For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and
tcon->tcon.out.max_xmit
Thus the ntvfs_connect function for vfs modules may override these values
if desired, but are not required to.
ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type
fields, for RAW_TCON_TCONX, perhaps something like:
if (tcon->generic.level == RAW_TCON_TCONX) {
tcon->tconx.out.fs_type = ntvfs->ctx->fs_type;
tcon->tconx.out.dev_type = ntvfs->ctx->dev_type;
}
Signed-off-by: Sam Liddicott <sam@liddicott.com>
(I fixed the ntvfs_connect() in the smb_server/smb2/
and the RAW_TCON_SMB2 switch case in the modules)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
smbsrv_tcon_backend no longer creates the ntvfs_request wrapper,
so smbsrv_reply_tcon* can now do this and then invoke ntvfs_connect
in the typical manner using SMBSRV_SETUP_NTVFS_REQUEST and
SMBSRV_CALL_NTVFS_BACKEND
Previously smbsrv_tcon_backend has been responsible for instantiating
the ntvfs_module_context to service a tree-connect request, and
then create an ntvfs_request wrapper around the smbsrv_request
and pass this to ntvfs_connect for the newly created ntvfs.
These actions could not be invoked asynchronously.
This meant that any client requests made while instantiating the
ntvfs module, including any composite's used during authentication
(or related client connections for the case of proxy modules)
would block other ntvfs modules and requests in the current process as
they executed a nested event loop to await completion.
Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
consistency with Samba 3.
|
|
When starting GENSEC on the server, the auth subsystem context must be
passed in, which now includes function pointers to the key elements.
This should (when the other dependencies are fixed up) allow GENSEC to
exist as a client or server library without bundling in too much of
our server code.
Andrew Bartlett
|
|
metze
|
|
|
|
should in the future only contain some settings required for gensec.
|
|
|
|
make them wrappers around convert_string{,talloc}_convenience().
|
|
functions.
|
|
|
|
set always
metze
|
|
This was found during testing at the CIFS plugfest.
No other client seems to honour or use this bit, but it is quite
ligitimately required by the spec.
Andrew Bartlett
|
|
Real signing always starts with seqnumber 2, and once signing
is on the session key never change anymore for the complete
smb connection.
metze
|
|
|
|
(this does not change the file server role, and only really changes
what 'server signing = auto' means)
Optional signing really isn't any benifit to network security.
In doing so, allow anonymous clients (if permitted by policy) to log
in without signing, as Samba3 does not sign these connections (which
would use an all-zero key, so pointless).
Andrew Bartlett
(This used to be commit 468bf839c500ed1a26ab9a358ee64a4c0a695797)
|
|
Andrew Bartlett
(This used to be commit a89f9818180e8fb868975c444c4d0e5aaa8d4e79)
|
|
(This used to be commit 4b3af09450cf33c6785a3d8fddddc68047f2e388)
|
|
(This used to be commit 036f73d39a7ef882fd76afcd3c11eef483f6c308)
|
|
metze
(This used to be commit 9a5f7bf68b20e3b490b209b5cfc4408566320f2e)
|
|
metze
(This used to be commit 36a39b92d732a682e38ad4b3f733951fee4757ed)
|
|
metze
(This used to be commit 1b507a9b8e2ede5a4eb542bdf7a0eab9269b9f7b)
|
|
Also add a note about NT_STATUS_DOS(ERRSRV, ERRerror).
metze
(This used to be commit 4287b7c1323796cf0688d0fae9b5bd4e840e3d48)
|
|
We need to use smbsrv_setup_secondary_request(req) to send the
trans ack, because smbsrv_send_reply(req) destroys 'req'
and the partial trans list had dead elements in the list.
Also make sure the partial list element is removed by a talloc
destructor.
metze
(This used to be commit 221f4d6e534a40b7def6e51dc6b4f9e8057d18b7)
|
|
(This used to be commit 85d1873ee92fcc7df3addc42ddb8189144901f8b)
|
|
(This used to be commit f9b94f62998aef5f5f3879ac3cfba93016fa521b)
|
|
(This used to be commit a7b5689a73adde59de28770aa3949660441291ea)
|
|
(This used to be commit 733937e87a1adcc19492ea2bd138e705701901b6)
|
|
(This used to be commit a6b52119940a900fb0de3864b8bca94e2965cc24)
|
|
middle.
(This used to be commit f4a77b96f9c17d853348b70794026e5b9e384942)
|
|
(This used to be commit c41bd3005f5f0b9cfd3709fc9217b4a401d265b4)
|
|
(This used to be commit d5165ed7a77120f42c25c4997be2630f0f1cb98c)
|
|
If smb_messages flags show for which opcodes VWV(0)
signifies chaining modes, and also which opcodes can
have requests >64K then the bcc / req->in.data_size
fixup in smbsrv_recv_smb_request can be more safely
applied.
This fix permits nttrans requests >64K to be handled.
It is not yet clear if THAT is a good thing, but this
fix does the current thing more nicely.
(This used to be commit 8e4f16e975e192709f398c98650cbe9fe2a76261)
|
|
No functional change, just re-ordering so that
smbsrv_recv_smb_request can refer to smb_messages
in a future patch
(This used to be commit d06eafea1a3e7fa61c94492cf504e6fd81da861d)
|
|
(This used to be commit 3ab9abf40605a4a6b220faeebaef81546a8d87a0)
|
|
The approach I have used is as set out in
https://www.securecoding.cert.org/confluence/display/seccode/ARR38-C.+Do+not+add+or+subtract+an+integer+to+a+pointer+if+the+resulting+value+does+not+refer+to+an+element+within+the+array
(This used to be commit 92d5fb531db39be655f0cbd2d75b5f675a0a4cfa)
|