summaryrefslogtreecommitdiff
path: root/source4/smb_server
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r2629: convert gensec to the new talloc modelAndrew Tridgell2-2/+2
by making our gensec structures a talloc child of the open connection we can be sure that it will be destroyed when the connection is dropped. (This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
2007-10-10r2627: use the new talloc capabilities in a bunch more places in the rpcAndrew Tridgell2-3/+2
server code. This fixes a number of memory leaks I found when testing with valgrind and smbtorture, as the cascading effect of a talloc_free() ensures that anything derived from the top level object is destroyed on disconnect. (This used to be commit 76d0b8206ce64d6ff4a192979c43dddbec726d6e)
2007-10-10r2618: before we had refererence counts in talloc I added a hack in theAndrew Tridgell4-22/+8
server side request structure to prevent a structing being freed in some circumstances. This change replaces this with the much more robust mechanism of talloc_increase_ref_count(). (This used to be commit 3f7741f178b359f81cc98ef18cd69bf976123e9f)
2007-10-10r2616: the cascading nature of talloc_free() can lead to some surprises. InAndrew Tridgell1-0/+1
this case the bug was that server_terminate_connection() destroys the server context, which in turn cascades down to destroy all current request contexts, so we musn't then try to destroy the request structure a second time. (This used to be commit 28a647f681e2166c01f7ac59b16305676d5caa71)
2007-10-10r2590: fixed one of the server security memory leaks. There are more :(Andrew Tridgell1-0/+4
(This used to be commit 9e1eb58e4b332e4a300e8b546a5d39bd2f7cd7a6)
2007-10-10r2581: added "hosts allow" and "hosts deny" checking in smbd. I needed thisAndrew Tridgell1-0/+7
as my box keeps getting hit by viruses spreading on my companies internal network, which screws up my debug log badly (sigh). metze, I'm not sure if you think access.c should go in the socket library or not. It is closely tied to the socket functions, but you may prefer it separate. The access.c code is a port from Samba3, but with some cleanups to make it (slighly) less ugly. (This used to be commit 058b2fd99e3957d7d2a9544fd27071f1122eab68)
2007-10-10r2561: completely redid the ntvfs module chaining code, You can now do ↵Andrew Tridgell2-4/+7
something like: ntvfs handler = nbench posix and the nbench pass-thru module will be called before the posix module. The chaining logic is now much saner, and less racy, with each level in the chain getting its own private pointer rather than relying on save/restore logic in the pass-thru module. The only pass-thru module we have at the moment is the nbench one (which records all traffic in a nbench compatibe format), but I plan on soon writing a "unixuid" pass-thru module that will implement the setegid()/setgroups()/seteuid() logic for standard posix uid handling. This separation of the posix backend from the uid handling should simplify the code, and make development easier. I also modified the nbench module so it can do multiple chaining, so if you want to you can do: ntvfs module = nbench nbench posix and it will save 2 copies of the log file in /tmp. This is really only useful for testing at the moment until we have more than one pass-thru module. (This used to be commit f84c0af35cb54c8fdc4933afefc18fa4c062aae4)
2007-10-10r2552: Character set conversion and string handling updates.Andrew Bartlett2-5/+9
The intial motivation for this commit was to merge in some of the bugfixes present in Samba3's chrcnv and string handling code into Samba4. However, along the way I found a lot of unused functions, and decided to do a bit more... The strlen_m code now does not use a fixed buffer, but more work is needed to finish off other functions in str_util.c. These fixed length buffers hav caused very nasty, hard to chase down bugs at some sites. The strupper_m() function has a strupper_talloc() to replace it (we need to go around and fix more uses, but it's a start). Use of these new functions will avoid bugs where the upper or lowercase version of a string is a different length. I have removed the push_*_allocate functions, which are replaced by calls to push_*_talloc. Likewise, pstring and other 'fixed length' wrappers are removed, where possible. I have removed the first ('base pointer') argument, used by push_ucs2, as the Samba4 way of doing things ensures that this is always on an even boundary anyway. (It was used in only one place, in any case). (This used to be commit dfecb0150627b500cb026b8a4932fe87902ca392)
2007-10-10r2550: survive our own BASE-NEGNOWAIT torture test.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit a13208224921b6ad37ac5d9aeb12252f5d4aa288)
2007-10-10r2544: (missed from the last commit)Andrew Bartlett1-1/+1
smb_conn->socket has gone away, and the packet count is now in the main structure. Andrew Bartlett (This used to be commit 2e197f05ff186783bb76f7cb972faed3e8cb1ce7)
2007-10-10r2542: I really don't like the 'substitute' code, and I particularly don'tAndrew Bartlett4-25/+22
like it in the mainline code (outside the smb.conf magic). We will need to have a more useful 'helper' routine for this, but for now we at least get a reliable IP address. Also remove the unused 'socket' structure in the smb server - it seems to have been replaced by the socket library. Andrew Bartlett (This used to be commit d8fd19a2020da6cce691c0db2b00f42e31d672cc)
2007-10-10r2541: Add a TODO: This is one place we can grab the remote netbios name.Andrew Bartlett1-1/+2
Andrew Bartlett (This used to be commit cd2f97530b2846bdb98ef36fabdc0a1cdd9e69fd)
2007-10-10r2521: fixed two uninitialised data errors found with valgrind whenAndrew Tridgell2-4/+2
negotiating a old style session setup (eg. LANMAN1) (This used to be commit 04f68f481c49102411b168593adaddf5e97b7d4d)
2007-10-10r2520: - finished implementing the server side of the old style search requestsAndrew Tridgell1-2/+3
(This used to be commit 4e4859c06b9de5fe60ebd17cfb09eed480b79ec1)
2007-10-10r2503: the RAW-SEARCH test now mostly passes against the posix backendAndrew Tridgell1-1/+2
(This used to be commit 9710f24b1fd103d5656c9585cdfed96449cf9f97)
2007-10-10r2469: complete overhaul of the old-style RAW_SEARCH_ calls (the OS/2 andAndrew Tridgell4-58/+110
original core level calls). The old code was completely wrong in many respects. also fixed the EA_SIZE level in the server extended the RAW-SEARCH test suite to test the new code properly (This used to be commit 71480271ad84b57fcdde264a54bb2408cf783255)
2007-10-10r2460: fixed the spnego code that I recently brokeAndrew Tridgell1-0/+4
(This used to be commit 9a708e2281b87e41032e8a0b12bb5ac3b0e151ce)
2007-10-10r2455: don't use the uninitialised sess structure when auth failsAndrew Tridgell1-4/+6
(This used to be commit 93d444e6fd6b0e86a17a9aa8fa72408435cab3e0)
2007-10-10r2449: use a blocking fd for smbsrv codeStefan Metzmacher1-0/+4
metze (This used to be commit fba1637710138b0f2fae148e88b91a9cd1665465)
2007-10-10r2447: let the server code use the new lib/socket/ stuffStefan Metzmacher3-17/+35
metze (This used to be commit 2fd577d2417e117a7e8c1a56feb147eae805df34)
2007-10-10r2326: remove definition and usage of struct socket_contextStefan Metzmacher3-6/+7
metze (This used to be commit 1854907da8d577db41de9aa14573d5c8c0092f47)
2007-10-10r2320: add my copyrightStefan Metzmacher2-0/+2
metze (This used to be commit 45b77064bfeae1d4db2fa83c5513bdafa0c237e4)
2007-10-10r2288: Remove the claim/yield connection code - this will need to be redoneAndrew Bartlett3-240/+0
in a more samba4 style at some point (along with the session code). Andrew Bartlett (This used to be commit b8fe29dc7ac6fc60e5171a29788ae56968c1098b)
2007-10-10r2250: removed unnecessary mem_ctxAndrew Tridgell1-3/+0
(This used to be commit c455a3a61d587f5126236d8c11ba84e19d4f038a)
2007-10-10r2249: got rid of some more mem_ctx elements in structuresAndrew Tridgell13-66/+45
(This used to be commit 21ef338cbbe96acc8594ffc550ef60c6a40fb951)
2007-10-10r2247: talloc_destroy -> talloc_freeTim Potter1-2/+2
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
2007-10-10r2159: converted samba4 over to UTF-16.Andrew Tridgell1-1/+1
I had previously thought this was unnecessary, as windows doesn't use standards compliant UTF-16, and for filesystem operations treats bytes as UCS-2, but Bjoern Jacke has pointed out to me that this means we don't correctly store extended UTF-16 characters as UTF-8 on disk. This can be seen with (for example) the gothic characters with codepoints above 64k. This commit also adds a LOCAL-ICONV torture test that tests the first 1 million codepoints against the system iconv library, and tests 5 million random UTF-16LE buffers for identical error handling to the system iconv library. the lib/iconv.c changes need backporting to samba3 (This used to be commit 756f28ac95feaa84b42402723d5f7286865c78db)
2007-10-10r2046: fixed two server packet format errors found with the RAW-* testsAndrew Tridgell1-4/+3
(This used to be commit 9fdbe60230741e11478871072a40c8bc8124b5ea)
2007-10-10r2045: fixed a date format push in SMBsearchAndrew Tridgell1-1/+1
(This used to be commit a6cc0bedad98e7b9bbc27d9f31c21d5eba77146f)
2007-10-10r2044: fixed two uninAndrew Tridgell1-0/+2
(This used to be commit d17e088ebbf1fd0dd2ef2d73115c7f458677d02f)
2007-10-10r2041: Fix NTLMSSP RPC sealing, client -> win2k3 server.Andrew Bartlett1-0/+2
The bug (found by tridge) is that Win2k3 is being tighter about the NTLMSSP flags. If we don't negotiate sealing, we can't use it. We now have a way to indicate to the GENSEC implementation mechanisms what things we want for a connection. Andrew Bartlett (This used to be commit 86f61568ea44c5719f9b583beeeefb12e0c26f4c)
2007-10-10r1999: fix compiler warningStefan Metzmacher1-1/+1
metze (This used to be commit 8c9c702bc3328c3826985711c4a30b878cf8b02e)
2007-10-10r1998: fix compiler warningStefan Metzmacher1-2/+1
metze (This used to be commit bf06f476dbdfbcb38ccbd8606e622097015c2b3d)
2007-10-10r1983: a completely new implementation of tallocAndrew Tridgell2-3/+3
This version does the following: 1) talloc_free(), talloc_realloc() and talloc_steal() lose their (redundent) first arguments 2) you can use _any_ talloc pointer as a talloc context to allocate more memory. This allows you to create complex data structures where the top level structure is the logical parent of the next level down, and those are the parents of the level below that. Then destroy either the lot with a single talloc_free() or destroy any sub-part with a talloc_free() of that part 3) you can name any pointer. Use talloc_named() which is just like talloc() but takes the printf style name argument as well as the parent context and the size. The whole thing ends up being a very simple piece of code, although some of the pointer walking gets hairy. So far, I'm just using the new talloc() like the old one. The next step is to actually take advantage of the new interface properly. Expect some new commits soon that simplify some common coding styles in samba4 by using the new talloc(). (This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
2007-10-10r1819: changed "smb ports" to be a LIST parameter type in loadparm (its a ↵Andrew Tridgell1-5/+4
classic case for a list) (This used to be commit e53d32c65ab0751b3e01f4f699f5d0e1892369ae)
2007-10-10r1796: Enable server-side SPNEGO, now that I have fixed the server-side SMBAndrew Bartlett6-64/+152
signing code to be able to cope. Andrew Bartlett (This used to be commit cb74d52b563730a50e33c92d868c45ee96a598e8)
2007-10-10r1762: Ensure that a user (as opposed to guest) cannot login without SPNEGO,Andrew Bartlett1-4/+6
when we have negotiated SPNEGO. Andrew Bartlett (This used to be commit 07e3d2c4cd77d06c9ffaefd481ba58e4debe028c)
2007-10-10r1747: don't segfault when the spnego mech only use one call from the client ↵Stefan Metzmacher1-9/+19
to finish metze (This used to be commit ddac5e46d42d3b2daae10107b1bcb3b138de7474)
2007-10-10r1741: fixed padding of setpathinfo in serverAndrew Tridgell1-1/+1
(This used to be commit 2b41de48b24d5850a2e3a5834916403f44a6d9ed)
2007-10-10r1731: Add server-side SPNEGO support to Samba (disabled, until SMB signingAndrew Bartlett2-68/+149
is reworked). Andrew Bartlett (This used to be commit 73ee549b8c54e93556ff0105941996e0d4de8303)
2007-10-10r1727: SPNEGO session setup replies need to include the blob, even on errorAndrew Bartlett1-5/+4
cases, so don't shorten them back to 0 byte data length. Andrew Bartlett (This used to be commit 66c54fe7ebdbe1348731191d86ac4804e99d114e)
2007-10-10r1726: Fix up the comments and indenting.Andrew Bartlett1-5/+3
Andrew Bartlett (This used to be commit 30275764d8f22c47d46195e155d07c106ca3beba)
2007-10-10r1687: Fix bogus requirement for SMB signing on guest connections.Andrew Bartlett1-1/+4
Andrew Bartlett (This used to be commit 3520af0f3d8826ac52a7fb6a658ed0924e51bbf7)
2007-10-10r1578: the first stage of the async client rewrite.Andrew Tridgell1-0/+1
Up to now the client code has had an async API, and operated asynchronously at the packet level, but was not truly async in that it assumed that it could always write to the socket and when a partial packet came in that it could block waiting for the rest of the packet. This change makes the SMB client library full async, by adding a separate outgoing packet queue, using non-blocking socket IO and having a input buffer that can fill asynchonously until the full packet has arrived. The main complexity was in dealing with the events structure when using the CIFS proxy backend. In that case the same events structure needs to be used in both the client library and the main smbd server, so that when the client library is waiting for a reply that the main server keeps processing packets. This required some changes in the events library code. Next step is to make the generated rpc client code use these new capabilities. (This used to be commit 96bf4da3edc4d64b0f58ef520269f3b385b8da02)
2007-10-10r1547: rename 'enum <bla>_level' -> 'enum smb_<bla>_level'Stefan Metzmacher1-7/+7
e.g. we now have 'union smb_mkdir' and 'enum smb_mkdir_level' in sync we may should also rename 'RAW_MKDIR_*' -> 'SMB_MKDIR_*' metze (This used to be commit 0bb50dcf1ccb9797000fcbea4d8a73f2d2a3db77)
2007-10-10r1521: Updates to our SMB signing code.Andrew Bartlett2-85/+8
- This causes our client and server code to use the same core code, with the same debugs etc. - In turn, this will allow the 'mandetory/fallback' signing algorithms to be shared, and only written once. Updates to the SPNEGO code - Don't wrap an empty token to the server, if we are actually already finished. Andrew Bartlett (This used to be commit 35b83eb329482ac1b3bc67285854cc47844ff353)
2007-10-10r1514: close stuff from the server_connection not in theStefan Metzmacher1-4/+1
close_connection fn of a specific service metze (This used to be commit 0e1f5e66d37deb7a77ae9f545e60685428fd9d21)
2007-10-10r1508: simple fix for broken server side signing. This may need more work forAndrew Tridgell1-1/+1
SPNEGO, but I'll leave andrew to tackle that. (This used to be commit 5dd71be8d9e49277f17668877e47729c340f0f67)
2007-10-10r1507: fixed the handling of SMB chaining with the new server structure. YouAndrew Tridgell2-17/+33
must think carefully about packet chaining when dealing with any authentication or SMB parsing issues. The particular problem here was that a chained tconX didn't get the req->session setup after an initial sesstion setup call, so the tconx used a bogus VUID. (This used to be commit 6f2a335cd623211071b01d982d4e7c69b49a5602)
2007-10-10r1499: combine struct user_struct and struct smbsrv_userStefan Metzmacher7-89/+88
to a struct smbsrv_session that the same as cli_session for the client we need a gensec_security pointer there (spnego support will follow) prefix some related functions with smbsrv_ metze (This used to be commit f276378157bb9994c4c91ce46150a510de5c33f8)