sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
92,243 Commits 60 Branches 1,145 Tags 452 MiB
068dafc4d8
Commit Graph

562 Commits

Author SHA1 Message Date
Stefan Metzmacher
8b7c862bab CVE-2013-4408:s3:rpc_client: verify frag_len at least contains the header size 
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2013-12-09 07:05:45 +01:00
Gregor Beck
412af28e1e s3:rpc_client: fix a leaked talloc_stackframe 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10241

Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-11-04 10:38:50 +01:00
Stefan Metzmacher
872486bbd0 s3:rpc_client: pass object and table to rpccli_bh_create() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-10-17 08:48:45 +13:00
Stefan Metzmacher
f773ed2cf7 s3:rpc_client: implement dcerpc_binding_handle_auth_info() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-10-17 08:48:44 +13:00
Günther Deschner
a94e278883 s3-rpc: use table->name directly in DEBUG contexts. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-20 13:07:10 +02:00
Günther Deschner
45949d7218 s3-rpc_cli: remove unused schannel calls from cli_pipe.c 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-19 11:09:55 +02:00
Günther Deschner
89d0b89b5d s3-rpc_cli: use gensec for schannel bind. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-19 11:09:36 +02:00
Günther Deschner
7b570b4128 s3-rpc_cli: allow to pass down a netlogon CredentialState struct to gensec. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2013-09-19 11:09:27 +02:00
Stefan Metzmacher
af4dc30684 s3:cli_pipe.c: return NO_USER_SESSION_KEY in cli_get_session_key() for schannel 
SCHANNEL connections don't have a user session key,
they're like anonymous connections.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:58 +02:00
Stefan Metzmacher
838cb53962 s3:cli_pipe: pass down creds->computer_name to NL_AUTH_MESSAGE 
We need to use the same computer_name value as in the netr_Authenticate3()
request.

We abuse cli->auth->user_name to pass the value down.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:57 +02:00
Stefan Metzmacher
e96142fc43 s3:cli_pipe: make use of netsec_create_state() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:57 +02:00
Stefan Metzmacher
3302356226 s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind* 
It's done in the caller now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:55 +02:00
Stefan Metzmacher
eecb5bafba s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:54 +02:00
Stefan Metzmacher
e9c8e3fb92 s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:54 +02:00
Stefan Metzmacher
90e28c1825 s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2013-08-10 09:18:54 +02:00
Stefan Metzmacher
94be8d63cd s3:rpc_client: rename same variables in cli_rpc_pipe_open_schannel_with_key() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Stefan Metzmacher
8a302fc353 s3:rpc_client: use the correct context for netlogon_creds_copy() in rpccli_schannel_bind_data() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Stefan Metzmacher
6ce645e03c s3:rpc_client: make rpccli_schannel_bind_data() static 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:02 +02:00
Günther Deschner
c41b6e5c5e s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
7bdcfcb37c s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
0ff8c2d508 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
5c5cff0a72 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
8cd3a06051 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
34cc4b4095 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9aa99c3cfb s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9813fe2b04 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
3dc3a6c848 s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:30:00 +02:00
Günther Deschner
9b4fb5b074 s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2013-08-05 10:29:59 +02:00
Volker Lendecke
e322420dc7 rpc_cli: Remove some unnecessary initializations 
tevent_req_create already initializes "state" to 0

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul  8 17:04:20 CEST 2013 on sn-devel-104
 2013-07-08 17:04:19 +02:00
Christian Ambach
3d29bb2d37 s3:rpc_client fix a crash 
state->cli->dc does not have to be set (e.g. when running
net rpc join against an older Samba PDC), so check it before dereferencing it

This fixes Bug 9669 - net rpc join crashes against a Samba 3.0.33 PDC

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9669

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Feb 20 19:00:52 CET 2013 on sn-devel-104
 2013-02-20 19:00:52 +01:00
Stefan Metzmacher
f9d0473d02 s3:rpc_client: s/struct event_context/struct tevent_context 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2013-02-19 23:47:52 +01:00
Stefan Metzmacher
b538c31889 s3:rpc_client: make use of samba_tevent_context_init() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2013-02-19 23:47:49 +01:00
Günther Deschner
b11ba24883 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104
 2012-11-26 17:36:19 +01:00
Günther Deschner
2032f2746d s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426) 
The server name type (0x20) is much more likely to be available in the name cache, as
this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp
code currently.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104
 2012-11-23 16:30:56 +01:00
Stefan Metzmacher
8e1c6d4232 s3:rpc_client: rename pipe_auth_data->user_session_key to transport_session_key 
metze
 2012-08-01 14:17:15 +02:00
Stefan Metzmacher
8b42f526f4 s3:rpc_client: make use of smbXcli_session_application_key() 
metze
 2012-08-01 14:17:14 +02:00
Andreas Schneider
33206b1e24 s3-rpc_client: Fix updating netlogon credentials. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2012-07-17 13:53:37 +02:00
Andreas Schneider
572b549063 s3-rpc_client: Add capabilities check for AES encrypted connections. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2012-07-17 13:53:37 +02:00
Luk Claes
4f6f4ea93c s3:libsmb: get rid of cli_state_remote_name 
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-05-28 14:49:45 +02:00
Jelmer Vernooij
2c9444685d cli_pipe: Avoid sys_connect. 2012-03-24 14:57:47 +01:00
Jelmer Vernooij
95ca5fbadd libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix. 
This makes the NDR namespace a bit clearer, in preparation of ABI checking.
 2012-03-20 13:54:07 +01:00
Stefan Metzmacher
083d80c502 s3:rpc_client: initialize struct schannel_state to zero 
metze
 2012-03-02 07:07:10 +01:00
Andrew Bartlett
2b511f0e92 s3-librpc: Use gensec_spnego for DCE/RPC authentication 
This ensures that we use the same SPNEGO code on session setup and on
DCE/RPC binds, and simplfies the calling code as spnego is no longer
a special case in cli_pipe.c

A special case wrapper function remains to avoid changing the
application layer callers in this patch.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-02-16 15:18:42 +01:00
Stefan Metzmacher
0c5cbb557b s3:rpc_client: fix comment 
metze
 2012-02-16 15:18:41 +01:00
Andrew Bartlett
bd2a7aac2c s3-librpc: make gensec result handling more generic 
This prepares us for handling SPNEGO via gensec

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-02-16 15:18:41 +01:00
Andrew Bartlett
40715e1251 s3-librpc: pass struct ndr_interface_table down to cli_pipe_open_generic/spnego() 
This allows the target service (as determined from the IDL) to be
passed to GSSAPI (rather than the current, incorrect, "cifs").

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:24 +01:00
Andrew Bartlett
c62af4f652 s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() generic 
This also avoids passing NULL as the server to
gensec_set_target_hostname() in spnego_generic_init_client().

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:23 +01:00
Andrew Bartlett
f2efb0f6a3 s3-librpc Remove special case for spnego session key 
SPNEGO is implemented only in terms of gensec mechanisms now.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:23 +01:00
Andrew Bartlett
0c1b4c2321 s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec 
This simplifies a lot of code, as we know we are always dealing
with a struct gensec_security, and allows the gensec module being
used to implement GSSAPI to be swapped for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:22 +01:00
Andrew Bartlett
e012ad9d8b s3-librpc Call GSSAPI via the auth_generic layer and gensec 
This simplifies a lot of code, as we know we are always dealing with a
struct gensec_security, and allows the gensec module being used to
implement GSSAPI to be swapped when required for AD-server operation.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-01-18 16:23:22 +01:00