sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
96,829 Commits 60 Branches 1,144 Tags 452 MiB
297d187761
Commit Graph

1023 Commits

Author SHA1 Message Date
Günther Deschner
a62cc2ce44 samba: pass down size_t instead of int to add_string_to_array(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Nov 17 19:53:22 CET 2014 on sn-devel-104
 2014-11-17 19:53:22 +01:00
Stefan Metzmacher
ef2e05e441 libcli/nbt: use NDR_SCALAR_PTR_PROTO() and fix the prototype of ndr_pull_wrepl_nbt_name() 
This avoids compiler warnings in pidl generated code.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-11-14 23:27:05 +01:00
Jeremy Allison
dbb191f35b libcli/smb: Add smb2_lease_equal() which compares client_guids and keys. 
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov  7 22:41:47 CET 2014 on sn-devel-104
 2014-11-07 22:41:47 +01:00
Volker Lendecke
2fc8f761c1 libcli/smb: add smb2_lease_key_equal() helper function 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-11-07 20:13:09 +01:00
Volker Lendecke
a6affb7bb3 libcli/smb: mask off SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET for version 1 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-11-07 20:13:09 +01:00
Volker Lendecke
171cefe48f libcli/smb: remember the lease_version in struct smb2_lease 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-11-07 20:13:09 +01:00
Andreas Schneider
c3b00b9944 libcli: Make sure status is initialized. 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-31 03:47:40 +01:00
Stefan Metzmacher
71cb5749f4 libcli/smb: try to negotiate SMB2_ENCRYPTION_AES128_GCM 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 16 21:53:32 CEST 2014 on sn-devel-104
 2014-10-16 21:53:32 +02:00
Stefan Metzmacher
778ff0c65c libcli/smb: support SMB2_ENCRYPTION_AES128_GCM in smb2_signing_[de|en]crypt_pdu() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-16 19:30:04 +02:00
Stefan Metzmacher
6fb2a982d7 libcli/smb: prepare smb2_signing_[de|en]crypt_pdu() to support multiple ciphers 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-16 19:30:04 +02:00
Stefan Metzmacher
2ed2f00831 libcli/smb: pass the negotiated cipher to smb2_signing_[de|en]ncrypt_pdu() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-16 19:30:04 +02:00
Stefan Metzmacher
ed38abb0a9 libcli/smb: pass 'uint16_t cipher_id' to smb2_signing_[de|en]crypt_pdu() 
enum protocol_types protocol was unused before
and cipher_id is unused as well for now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-16 19:30:04 +02:00
Stefan Metzmacher
1ab23ac1e7 libcli/smb: use conn->smb2.server.cipher != 0 instead of conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION 
SMB 3.10 servers don't report SMB2_CAP_ENCRYPTION anymore.
So using conn->smb2.server.cipher != 0 is a more consistent way to decide if
encryption is supported on the connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-16 19:30:04 +02:00
Günther Deschner
b8fce2c65b libcli/smb: use lib/crypto SHA512 functions, do not depend on heimdal. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Oct 14 13:13:08 CEST 2014 on sn-devel-104
 2014-10-14 13:13:08 +02:00
Andrew Bartlett
14f6256c51 s3-winbindd: Allow winbindd to connect over SMB2 to servers 
This allows SMB signing to work against many more DCs, and so improves network security.

The default for "client max protocol" remains NT1 in the rest of the code.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2014-10-08 01:09:51 +02:00
Stefan Metzmacher
3e2d4199c3 libcli/smb: remove unused SMB2_TF_ALGORITHM define 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct  8 01:08:40 CEST 2014 on sn-devel-104
 2014-10-08 01:08:40 +02:00
Stefan Metzmacher
72d3f931d7 libcli/smb: use SMB 3.10 flags for the transform header 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
d021a2d90f libcli/smb: pass tcon flags to the server for SMB 3.10 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
2a4290fa00 libcli/smb: avoid validate info after tcon for SMB 3.10 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
c290ece1f6 libcli/smb: implement SMB 3.10 session setup 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
2f732db742 libcli/smb: implement SMB 3.10 negprot 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
a00fe90c3c libcli/smb: add smb2cli_req_get_send_iov() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
5c5a33cfcb libcli/smb: add smb2_negotiate_context.c 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
9d92074769 libcli/smb: add SMB 3.10 related defines 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
664ca0e3ee libcli/smb: negotiate SMB3_DIALECT_REVISION_310 if PROTOCOL_SMB3_10 is requested 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
d22fd000c9 libcli/smb: add PROTOCOL_SMB3_10 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
1fa8861f15 libcli/smb: add SMB3_DIALECT_REVISION_310 define 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Stefan Metzmacher
3eef853f74 libcli/smb: fix smb2cli_validate_negotiate_info with min=PROTOCOL_NT1 max=PROTOCOL_SMB2_02 
If the connection starts with a SMB Negprot, the server only implies the
selected dialect, but not the clients security mode.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-07 22:47:04 +02:00
Richard Sharpe
e4c27cb4bb Add a status code for VHD support gleaned from some Win8.1 stuff. 
Signed-off-by: Richard Sharpe (rsharpe@samba.org)
Reviewed-by: Jeremy Allison <jra@samba.org>
 2014-10-06 19:18:05 +02:00
Jeremy Allison
6c05cd3e89 s3: smb2cli: query info return length check was reversed. 
Make it identical to the check in libcli/smb/smb2cli_ioctl.c

https://bugzilla.samba.org/show_bug.cgi?id=10848

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct  2 04:42:26 CEST 2014 on sn-devel-104
 2014-10-02 04:42:26 +02:00
Stefan Metzmacher
26ff9f3487 libcli/smb: call smb2cli_validate_negotiate_info*() after each authenticated tcon 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Stefan Metzmacher
7729ba5849 libcli/smb: add smb2cli_validate_negotiate_info*() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Stefan Metzmacher
6a82cb7b68 libcli/smb: list NT_STATUS_FILE_CLOSED as expected ioctl response. 
Some IOCTL requests change the behavior with new protocol versions.
E.g. FSCTL_VALIDATE_NEGOTIATE_INFO resulted in NT_STATUS_FILE_CLOSED
for old servers.

As SMB2 signing might be skipped for responses with NT_STATUS_FILE_CLOSED
we need to list it explicitly in the expected return values.

This way we'll get NT_STATUS_ACCESS_DENIED, if the server doesn't
sign the response to a signed requests.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Stefan Metzmacher
b77bb5a2e3 libcli/smb: move smb2cli_tcon.c to the toplevel 
removing use of cli_state from the code.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Stefan Metzmacher
8c846f78ed libcli/smb: add smb2cli_tcon_{should_sign,is_signing_on}() 
This can be used to force signing for individual requests.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Stefan Metzmacher
e954f9290c libcli/smb: add smb2cli_tcon_should_encrypt() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Stefan Metzmacher
ca1081ef5e libcli/smb: add smbXcli_session_is_authenticated() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Stefan Metzmacher
aa4310b0af libcli/smb: support additional_flags = SMB2_HDR_FLAG_SIGNED 
With SMB2_HDR_FLAG_SIGNED we make sure that we either use smb2 signing
or smb2 encryption for the request.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-30 23:35:08 +02:00
Andreas Schneider
763d37e6a4 libcli: Remove unreachable code in cldap. 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-28 01:32:09 +02:00
Andreas Schneider
321e948c98 libcli: Remove unreachable code in dns_hosts_file. 
The count is already checked for 0 above this line so it can never be 0
at this point.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-28 01:32:09 +02:00
Jeremy Allison
69a7e3cfdc s4: libcli: ldap message - Ensure all asn1_XX returns are checked. 
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 26 03:15:00 CEST 2014 on sn-devel-104
 2014-09-26 03:15:00 +02:00
Jeremy Allison
53f21ffb4a libcli: auth: Ensure all asn1_XX returns are checked. 
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
 2014-09-26 00:51:16 +02:00
Andreas Schneider
f92086f4a3 libcli: Fix a segfault calling smbXcli_req_set_pending() on NULL. 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10817

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Sep 23 04:23:05 CEST 2014 on sn-devel-104
 2014-09-23 04:23:05 +02:00
Anubhav Rakshit
4c64d41cfc libcli/smb: Add routines to enable/disable SMB2_HDR_FLAG_REPLAY_OPERATION flag. 
Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-19 09:15:10 +02:00
Anubhav Rakshit
2a8a6edfef libcli/smb: Add routine to reset the Channel Sequence number. 
Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-19 09:15:10 +02:00
Stefan Metzmacher
dfcc683e38 libcli/smb: correctly report disconnect errors after getting STATUS_PENDING 
smb2cli_req_recv() should not report STATUS_PENDING if the
request isn't pending anymore (e.g. the connection was disconnected)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
 2014-09-19 09:15:10 +02:00
Volker Lendecke
3ffff13e0d lib: Fix samba-util dep in "errors" module 
This piece of code pulls in talloc_stackframe and smb_panic into what
should be a very simple mapping library. I'm trying to reduce our
dependencies right now a bit, and I think the use cases that this fixes
(unknown NTSTATUS together with double nt_errstr() calls in the same
DEBUG) are rare enough that this is not justified.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
 2014-09-18 20:36:11 +02:00
Volker Lendecke
6a1c51ee80 lib: Reduce deps for "smb_transport" 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
 2014-09-18 20:36:11 +02:00
Volker Lendecke
6ce6262014 lib: Make nt_err_code_struct private 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 17 02:56:54 CEST 2014 on sn-devel-104
 2014-09-17 02:56:54 +02:00
Stefan Metzmacher
3fcc4a545e libcli/dns: ignore NS entries in dns_hosts_file.c at a higher log level for now 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-08-26 09:13:06 +02:00