1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

57 Commits

Author SHA1 Message Date
Volker Lendecke
9e5d44d567 r10852: Continuation-based programming can become a bit spaghetti...
Initialize a domain structure properly. Excerpt from wb_init_domain.c:

/*
 * Initialize a domain:
 *
 * - With schannel credentials, try to open the SMB connection with the machine
 *   creds. Fall back to anonymous.
 *
 * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
 *   pipe.
 *
 * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
 *   to schannel and then to anon bind.
 *
 * - With queryinfopolicy, verify that we're talking to the right domain
 *
 * A bit complex, but with all the combinations I think it's the best we can
 * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
 * have a signed&sealed lsa connection on all of them.
 *
 * Is this overkill? In particular the authenticated SMB connection seems a
 * bit overkill, given that we do schannel for netlogon and ntlmssp for
 * lsa later on w2k3, the others don't do this anyway.
 */

Thanks to Jeremy for his detective work, and to the Samba4 team for providing
such a great infrastructure.

Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
with all we have.

Volker
(This used to be commit 3e69fdc07c)
2007-10-10 13:39:36 -05:00
Rafal Szczesniak
65271095d0 r10635: Formatting for better readability.
rafal
(This used to be commit 7b3a4096b5)
2007-10-10 13:39:13 -05:00
Stefan Metzmacher
38e43be7b8 r10537: - we now use a much nicer way to handle talloc_free(timed_event)
the events code replaces a destructor to one that returns allways -1
  while it's calling the event handler
- we don't need the composite and winsrepl specific fixes any more
- this also fixes the problem with smbcli, dcerpc, cldap, ldap and nbt
  request timeouts

metze
(This used to be commit 495996cfc4)
2007-10-10 13:39:03 -05:00
Stefan Metzmacher
fa70d1d0c2 r10529: fix a crash bug in full async code the uses the composite_trigger_done() code
the event subsystem wants to free timed_events!

metze
(This used to be commit dc5d5953b6)
2007-10-10 13:39:02 -05:00
Stefan Metzmacher
ab4d635b92 r10504: - seperate implementation specific stuff, from the generic composite
stuff.
- don't use SMBCLI_REQUEST_* state's in the genreic composite stuff
- move monitor_fn to libnet.

NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR
      state in the _send() function. I haven't fixed this bugs in this
      commit! We may need some composite_trigger_*() functions or so.
      And maybe some other generic helper functions...

metze
(This used to be commit 4527815a0a)
2007-10-10 13:38:57 -05:00
Andrew Bartlett
51cbc188df r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own
test for the moment, but I'm working on these issues :-)

This required a change to the credentials API, so that the special
case for NTLM logins using a principal was indeed handled as a
special, not general case.

Also don't set the realm from a ccache, as then it overrides --option=realm=.

Andrew Bartlett
(This used to be commit 194e8f07c0)
2007-10-10 13:38:39 -05:00
Andrew Tridgell
45f760973d r10200: added a composite_trigger_done() call that allows a composite function
to cause an event to happen immediately. This allows metzes patch for
recognising IPs in resolve_name() to work, and also allows us to
remove some of the other code where we currently do specific checks
for is_ipaddress().
(This used to be commit 9cc000d868)
2007-10-10 13:38:08 -05:00
Andrew Bartlett
24186a80eb r9728: A *major* update to the credentials system, to incorporate the
Kerberos CCACHE into the system.

This again allows the use of the system ccache when no username is
specified, and brings more code in common between gensec_krb5 and
gensec_gssapi.

It also has a side-effect that may (or may not) be expected: If there
is a ccache, even if it is not used (perhaps the remote server didn't
want kerberos), it will change the default username.

Andrew Bartlett
(This used to be commit 6202267f6e)
2007-10-10 13:34:54 -05:00
Andrew Bartlett
ba90b652d9 r9505: Work on GENSEC and the code that calls it, for tighter interface
requirements, and for better error reporting.

In particular, the composite session setup (extended security/SPNEGO)
code now returns errors, rather than NT_STATUS_NO_MEMORY.  This is
seen particularly when GENSEC fails to start.

The tighter interface rules apply to NTLMSSP, which must be called
exactly the right number of times.  This is to match some of our other
less-tested modules, where adding flexablity is harder.  (and this is
security code, so let's just get it right).  As such, the DCE/RPC and
LDAP clients have been updated.

Andrew Bartlett
(This used to be commit 134550cf75)
2007-10-10 13:34:24 -05:00
Tim Potter
172cee9adc r9223: Rename smb_raw_session_setup() to smb_raw_sesssetup().
(This used to be commit 5e6d330e73)
2007-10-10 13:31:33 -05:00
Tim Potter
2fa50ab671 r9222: Rename smb_tree_connect() to smb_raw_tcon() to match other raw function
names.
(This used to be commit 26b191b3c9)
2007-10-10 13:31:33 -05:00
Rafal Szczesniak
0102f2752f r8788: New monitor messages.
rafal
(This used to be commit 40061d7bd6)
2007-10-10 13:30:05 -05:00
Andrew Tridgell
528bb470bd r8776: fixed SMB connections for IP addresses, even when name resolve order
doesn't include 'host'
(This used to be commit 77a1e3076a)
2007-10-10 13:30:04 -05:00
Rafal Szczesniak
a04e899bc0 r8760: Rework monitor messaging code a bit, as Metze once suggested.
enum type has now been replaced with unsigned 32-bit field and
message data is passed as void pointer.

This allows various extension implementers to plug their monitor
messages in more easily.

rafal
(This used to be commit 4a6ab58133)
2007-10-10 13:30:03 -05:00
Andrew Bartlett
176c0d1b77 r8699: removed invalid comment
(This used to be commit f5910ceef5)
2007-10-10 13:29:55 -05:00
Rafal Szczesniak
49417aaed7 r7814: Propagate the change in resolve_name_send function.
(This used to be commit 7abd634701)
2007-10-10 13:18:40 -05:00
Andrew Bartlett
e578c33c2c r7757: Add NTLMv2 support to the NT1 Session setup (ie, not SPNEGO/NTLMSSP)
Session Setup code.

Add a mem_ctx argument to a few of the NTLMv2 support functions, and
add smb.conf options to control client NTLMv2 behaviour.

Andrew Bartlett
(This used to be commit 3f35cdb218)
2007-10-10 13:18:32 -05:00
Rafal Szczesniak
7a8315bddc r7736: Propagate change in resolve_name function. Let's use default methods
in this case.

rafal
(This used to be commit b0bae584a4)
2007-10-10 13:18:28 -05:00
Andrew Tridgell
af237084ec r7633: this patch started as an attempt to make the dcerpc code use a given
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.

Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.

There were 3 places where I punted:

  - abartlet wanted me to add a gensec_set_event_context() call
    instead of adding it to the gensec init calls. Andrew, my
    apologies for not doing this. I didn't do it as adding a new
    parameter allowed me to catch all the callers with the
    compiler. Now that its done, we could go back and use
    gensec_set_event_context()

  - the ejs code calls auth initialisation, which means it should pass
    in the event context from the web server. I punted on that. Needs fixing.

  - I used a NULL event context in dcom_get_pipe(). This is equivalent
    to what we did already, but should be fixed to use a callers event
    context. Jelmer, can you think of a clean way to do that?

I also cleaned up a couple of things:

 - libnet_context_destroy() makes no sense. I removed it.

 - removed some unused vars in various places
(This used to be commit 3a3025485b)
2007-10-10 13:18:15 -05:00
Volker Lendecke
46c231f1c8 r7435: Another little step, sorry for the spam... :-)
(This used to be commit 96d9b7fc98)
2007-10-10 13:17:53 -05:00
Volker Lendecke
35314f2427 r7433: Another little AIX one...
(This used to be commit c1ccaa0cc9)
2007-10-10 13:17:53 -05:00
Volker Lendecke
09753bf20a r7430: Next step in AIX build
(This used to be commit 43e1bd870d)
2007-10-10 13:17:52 -05:00
Tim Potter
2b7fe67f4d r6933: Add a couple of helper functions for creating nbt names.
(This used to be commit b896daf11c)
2007-10-10 13:16:58 -05:00
Rafal Szczesniak
5cbfca2967 r6708: Another type of monitor message.
rafal
(This used to be commit f7aaa0bfca)
2007-10-10 13:16:36 -05:00
Andrew Bartlett
1cf8396db4 r6702: Revert -r 6699, as I think this is a win2k v win2k3 issue.
Andrew Bartlett
(This used to be commit 77b67da5b8)
2007-10-10 13:16:36 -05:00
Andrew Bartlett
493cab3dbc r6699: Windows clients seem to ask for CIFS/, ie in upper case, so match it.
Andrew Bartlett
(This used to be commit 6d7f1daaf2)
2007-10-10 13:16:35 -05:00
Rafal Szczesniak
aefd5df199 r6614: Basic approach to monitoring messages for composite functions.
rafal
(This used to be commit 47a7a6c3fc)
2007-10-10 13:16:30 -05:00
Alexander Bokovoy
9779e6d670 r6352: Two new composite calls:
- qfsinfo (query file system information)
- appendacl (append an ACL to existing file's security descriptor and get new
full ACL)

The second one also includes an improvement to security descriptor handling
which allows to copy security descriptor. Written by Peter Novodvorsky
<peter.novodvorsky@ru.ibm.com>

Both functions have corresponding torture tests added. Tested under valgrind and
work against Samba 4 and Windows XP.

ToDo: document composite call creation process in prog_guide.txt
(This used to be commit 441cff62ac)
2007-10-10 13:11:34 -05:00
Andrew Bartlett
68d7a5e383 r6078: Correctly fix the failures for NT1 (not SPNEGO) session setups in the
client.  The issue was actually a cut-and-paste bug, I was filling in
the .old not the .nt1 part of the union.

I've also removed the 'error checks' - I'll shortly document the API
for the credentials code to clarify that it will always return a
pointer here, except in cases of programmer error.

Tridge:  I hope this is OK.

Andrew Bartlett
(This used to be commit 6439de9ec8)
2007-10-10 13:11:17 -05:00
Andrew Tridgell
0c936acc47 r6074: fixed non-spnego connections for new credentials code
(This used to be commit ff6663aac8)
2007-10-10 13:11:17 -05:00
Andrew Bartlett
2eb3d68062 r6028: A MAJOR update to intergrate the new credentails system fully with
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'.

GENSEC now no longer has it's own handling of 'set username' etc,
instead it uses cli_credentials calls.

In order to link the credentails code right though Samba, a lot of
interfaces have changed to remove 'username, domain, password'
arguments, and these have been replaced with a single 'struct
cli_credentials'.

In the session setup code, a new parameter 'workgroup' contains the
client/server current workgroup, which seems unrelated to the
authentication exchange (it was being filled in from the auth info).

This allows in particular kerberos to only call back for passwords
when it actually needs to perform the kinit.

The kerberos code has been modified not to use the SPNEGO provided
'principal name' (in the mechListMIC), but to instead use the name the
host was connected to as.  This better matches Microsoft behaviour,
is more secure and allows better use of standard kerberos functions.

To achieve this, I made changes to our socket code so that the
hostname (before name resolution) is now recorded on the socket.

In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now
in libcli/auth/schannel.c, and it looks much more like a standard
GENSEC module.  The actual sign/seal code moved to
libcli/auth/schannel_sign.c in a previous commit.

The schannel credentails structure is now merged with the rest of the
credentails, as many of the values (username, workstation, domain)
where already present there.  This makes handling this in a generic
manner much easier, as there is no longer a custom entry-point.

The auth_domain module continues to be developed, but is now just as
functional as auth_winbind.  The changes here are consequential to the
schannel changes.

The only removed function at this point is the RPC-LOGIN test
(simulating the load of a WinXP login), which needs much more work to
clean it up (it contains copies of too much code from all over the
torture suite, and I havn't been able to penetrate its 'structure').

Andrew Bartlett
(This used to be commit 2301a4b38a)
2007-10-10 13:11:15 -05:00
Alexander Bokovoy
3a55299221 r5646: state->loadfile might be NULL after allocation so this is really
should be NT_STATUS_HAVE_NO_MEMORY(state->loadfile) instead of
NT_STATUS_NOT_OK_RETURN(status).
(This used to be commit eb57a58788)
2007-10-10 13:10:56 -05:00
Andrew Tridgell
9515fc4406 r5322: removed a whole bunch of #include lines that minimal_includes.pl
thinks are not needed. Now to see how this fares on the build farm :)
(This used to be commit 80ffcc650c)
2007-10-10 13:09:41 -05:00
Andrew Tridgell
131dc76d56 r5197: moved events code to lib/events/ (suggestion from metze)
(This used to be commit 7f54c8a339)
2007-10-10 13:09:30 -05:00
Andrew Tridgell
66170ef8b3 r5185: make all the events data structures private to events.c. This will
make it possible to add optimisations to the events code such as
keeping the next timed event in a sorted list, and using epoll for
file descriptor events.

I also removed the loop events code, as it wasn't being used anywhere,
and changed timed events to always be one-shot (as adding a new timed
event in the event handler is so easy to do if needed)
(This used to be commit d7b4b6de51)
2007-10-10 13:09:29 -05:00
Andrew Tridgell
9a70f446fc r5126: the composite code is no longer client specific or smb specific, so
rename the core structure to composite_context and the wait routine to
composite_wait() (suggestion from metze)
(This used to be commit cf11d05e35)
2007-10-10 13:09:25 -05:00
Andrew Tridgell
657583b9b9 r4957: the fetchfile _recv() function was neglecting to steal the data and
free the connection context. This left a whole lot of state hanging
around and didn't give the memory to the caller properly
(This used to be commit 3e13e1d526)
2007-10-10 13:09:10 -05:00
Andrew Tridgell
3e44c4a3ba r4951: some of the code dealing with libcli was getting too complex trying to
handle the inverted memory hierarchy that a normal session
establishment gave. The inverted hierarchy came from that fact that
you first establish a socket, then a transport, then a session and
finally a tree. That leads to the socket being at the top of the
memory hierarchy and the tree at the bottom, which makes no sense from
the users point of view, as they want to be able to free the tree and
have everything disappear.

The core problem was that the libcli interface didn't distinguish
between establishing a primary context and a secondary context. If you
establish a 2nd session on a transport then you want the transport to
be referenced by the session, whereas if you establish a primary
session then you want the transport to be a child of the session.

To fix this I have added "parent_ctx" and "primary" arguments to the
libcli intialisation functions. This makes using the library much
easier, and gives us a memory hierarchy that makes much more sense.

I was prompted to do this by a bug in the cifs backend, which was
caused by the socket not being properly torn down on a disconnect due
to the inverted memory hierarchy.
(This used to be commit 5e8fd5f701)
2007-10-10 13:09:09 -05:00
Andrew Tridgell
46b5a3d754 r4950: removed some excessive debugging messages
(This used to be commit 4a351901aa)
2007-10-10 13:09:09 -05:00
Volker Lendecke
63ba8383e1 r4949: First version of a fetchfile composite function which connects to a server and
loads a file. Needs a smb url parsing wrapper.

Volker
(This used to be commit fa435bf7c8)
2007-10-10 13:09:08 -05:00
Andrew Tridgell
9d6e923aab r4938: allow the caller to supply an existing event_context if they want to
in smb_composite_connect_send(). This makes doing parallel calls much
easier.
(This used to be commit 442308970c)
2007-10-10 13:09:07 -05:00
Andrew Tridgell
0e9c55e70f r4937: simplify the connect code in the same way
(This used to be commit 347dfa4724)
2007-10-10 13:09:07 -05:00
Andrew Tridgell
0db8b5a949 r4936: moved to a convention where the completion function is only called in
one place. This makes the code more robust, and simpler (it would have
prevented the error that volker found).
(This used to be commit 420b53091e)
2007-10-10 13:09:07 -05:00
Andrew Tridgell
8eb0963c95 r4935: fixed a bug where "c->status = xxx_handler(x);" could write to c after
it is freed. The problem is that the handler might complete the
request, and called the c->async.fn() async handler. That handler
might free the request handle.
(This used to be commit c4faceadc7)
2007-10-10 13:09:07 -05:00
Andrew Tridgell
aefaa18554 r4924: continue the effort to simplify and generalise the composite
interface. This patch removes the "stage" variable, which is really
better suited to the backend state structures
(This used to be commit 39da684ea8)
2007-10-10 13:09:06 -05:00
Andrew Tridgell
8485a8d935 r4911: make sure we fill in the transport called name on port 445 as well
(thanks to abartlet for spotting this bug)
(This used to be commit 8b653f12f2)
2007-10-10 13:09:05 -05:00
Andrew Tridgell
2383787f19 r4891: - added a generic resolve_name() async interface in libcli/resolve/,
which will eventually try all resolution methods setup in smb.conf

 - only resolution backend at the moment is bcast, which does a
   parallel broadcast to all configured network interfaces, and takes
   the first reply that comes in (this nicely demonstrates how to do
   parallel requests using the async APIs)

 - converted all the existing code to use the new resolve_name() api

 - removed all the old nmb code (yay!)
(This used to be commit 239c310f25)
2007-10-10 13:09:03 -05:00
Andrew Tridgell
6e13590873 r4795: stronget type checking in composite connect function
(This used to be commit e16f67c931)
2007-10-10 13:08:56 -05:00
Andrew Tridgell
4a03172e66 r4791: used the new talloc type safety macros to make the "void *private"
pointers in the composite code type safe.

This is a bit of an experiement, I'd be interested in comments on
whether we should use this more widely.
(This used to be commit 0e1da827b3)
2007-10-10 13:08:55 -05:00
Andrew Tridgell
a38df2d251 r4783: got rid of another void* in the composite code. This brings us down to
the minimal level I think (one private pointer for the composite
function, and one private pointer for the caller)
(This used to be commit 0240bf9281)
2007-10-10 13:08:54 -05:00