1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

99 Commits

Author SHA1 Message Date
Gerald Carter
7db1c6873c r21250: Partial fix for BUG 4093: Make %a expand to "Vista"
based on the flags2 values in the negprot request.

This also includes some code for testing the dialect
strings for "SMB 2.001" but this is unreliable as Vista
only sends that in the 1st negprot and caches the fact
that we don't support it.  Restartnig the WOrkstation
service on the client clears the cache.
(This used to be commit d781eeb0e4)
2007-10-10 12:17:51 -05:00
Jeremy Allison
2703b3ac48 r20368: Fix valgrind report of uninitialized memory
being returned (false positive). Up debug
level on "open_directory" message.
Jeremy.
(This used to be commit 71a8b8863f)
2007-10-10 12:16:44 -05:00
James Peach
5bb49b08f3 r20237: Replace exit_server with exit_server_cleanly where appropriate. All
send_smb failures should be clean exits. All times when we exit as
a matter of policy should also be clean exits.
(This used to be commit d6382092e7)
2007-10-10 12:16:34 -05:00
Volker Lendecke
c209219d06 r18773: Change negprot_spnego to return a blob
(This used to be commit 28fa772721)
2007-10-10 12:00:56 -05:00
Volker Lendecke
3bddf16b1f r18772: Now that we don't have a one-byte keylength in the extended security case
anymore, we don't have to truncate the length to 255 anymore.

The test I did for this: I sent 50 times the NTLMSSP oid. With truncating
Vista said Access Denied, without truncating it liked the response.

Volker
(This used to be commit f1512cb43c)
2007-10-10 12:00:56 -05:00
Volker Lendecke
a4a2d795b1 r18771: Sequel to r18761: If we always set the keylen to 0 there's no point in passing
a pointer down to negprot_spnego().

Volker
(This used to be commit 18f47130b1)
2007-10-10 12:00:55 -05:00
Volker Lendecke
8f7643bd83 r18761: Even if only offering NTLMSSP Windows (tested with Vista & XP) sends 0 as the
key length in the case of extended security. It does make sense because with
SPNEGO our beloved ASN1 structure gives us the length.

Next test I did to verify this: I modified the server to put in random
garbage, and W2kwks, XP, Vista and W2k3srv still talked to us.

Volker
(This used to be commit f19bd479ce)
2007-10-10 12:00:55 -05:00
Volker Lendecke
45ca718d19 r18760: Fix typos, remove unneeded code
(This used to be commit 56ccfe98b2)
2007-10-10 12:00:55 -05:00
Jeremy Allison
ce61fb21d9 r16397: Fix Klocwork #11767 and drasticly simplify the
logic in smbd/process.c. All interested (Volker,
Jerry, James etc). PLEASE REVIEW THIS CHANGE.
The logic should be identical but *much* easier
to follow and change (and shouldn't confuse Klockwork :-).
Jeremy.
(This used to be commit d357f8b335)
2007-10-10 11:18:52 -05:00
Jeremy Allison
0229b65755 r13647: Fix for standalone Samba servers and XP clients. Reverts
part of the PocketPC bugfix. I'm trying to get someone who
has a pocketpc to test this.
Jeremy.
(This used to be commit ce25e6b002)
2007-10-10 11:10:21 -05:00
Jeremy Allison
6d5757395a r11511: A classic "friday night check-in" :-). This moves much
of the Samba4 timezone handling code back into Samba3.
Gets rid of "kludge-gmt" and removes the effectiveness
of the parameter "time offset" (I can add this back
in very easily if needed) - it's no longer being
looked at. I'm hoping this will fix the problems people
have been having with DST transitions. I'll start comprehensive
testing tomorrow, but for now all modifications are done.
Splits time get/set functions into srv_XXX and cli_XXX
as they need to look at different timezone offsets.
Get rid of much of the "efficiency" cruft that was
added to Samba back in the day when the C library
timezone handling functions were slow.
Jeremy.
(This used to be commit 414303bc02)
2007-10-10 11:05:19 -05:00
Jeremy Allison
8d7c886671 r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4
x86_64 box.
Jeremy.
(This used to be commit d720867a78)
2007-10-10 11:05:02 -05:00
Jeremy Allison
97a321e557 r10974: Get closer to trying to fix #1825 (PcoketPC spnego bug). Ensure we
set keylen to zero if no spnego.
Jeremy.
(This used to be commit 57ed94e6e4)
2007-10-10 11:04:58 -05:00
Jeremy Allison
4a190ec27b r10947: Fix bugs #3133 and #1828 - SPNEGO not working with PocketPC 2003.
Our sessionsetup code now handles raw NTLMSSP connects, so we can go
back to doing what W2K3 does here which is to send no OID's in
the negprot reply when not in a security=ads mode.
Jeremy.
(This used to be commit 38a70185b7)
2007-10-10 11:04:57 -05:00
Gerald Carter
dacdfbc98c r7398: commiting abartlet's patch for kerberos authentication when using a keytab and security != ads
(This used to be commit 3faaa5c3eb)
2007-10-10 10:57:08 -05:00
Herb Lewis
978ca84860 r6225: get rid of warnings from my compiler about nested externs
(This used to be commit efea76ac71)
2007-10-10 10:56:30 -05:00
Jeremy Allison
404fa5636d r6069: Fix for bug #2541. Ensure we recognise LANMAN2.1 as OS/2 and select LANMAN2
protocol, ensure the EA size is always correctly set on a query for a file with no EA's.
Jeremy.
(This used to be commit d6ad1f8df0)
2007-10-10 10:56:20 -05:00
Gerald Carter
2fffc40b1d r4018: * move claim_connection from the netbios session request
reply code to the negprot reply code to cope with
  client connections on port 445.  Fixes the spurious
  "register_message_flags: tdb fetch failed" errors.

* don't run the backgroup LPQ daemon when we are running
  in interactive mode.
(This used to be commit 88747a7da3)
2007-10-10 10:53:27 -05:00
Jeremy Allison
482f14871d r3946: Fix for bugid #2085 reported by Jason Mader <jason@ncac.gwu.edu>. Use consistent
enum type for Protocol extern.
Jeremy.
(This used to be commit 65dfae7ea4)
2007-10-10 10:53:26 -05:00
Jeremy Allison
b447065629 r1939: Ensure with my new change we set extended security in flags2 in
the negprot reply.
Jeremy.
(This used to be commit 8b80b46b8b)
2007-10-10 10:52:24 -05:00
Jeremy Allison
6219c997cb r1936: Fix bug noticed by Steve - ensure extended security bit is on only
if we negotiated extended security. Do not merge for 3.0.6. Works
with W2K but needs further testing.
Jeremy.
(This used to be commit 284689aa18)
2007-10-10 10:52:24 -05:00
Jeremy Allison
2acd084866 r1154: Change default setting for case sensitivity to "auto". If set to auto
then is the client supports it (current clients supported are Samba and
CIFSVFS - detected by the negprot strings "Samba", "POSIX 2" and a bare
"NT LM 0.12" string) then the setting of the per packet flag smb_flag
FLAG_CASELESS_PATHNAMES is taken into account per packet. This allows
the linux CIFS client to use Samba in a case sensitive manner.
Additional command in smbclient "case_sensitive", toggles the
flag in subsequent packets.
Docs to follow.
Jeremy.
(This used to be commit cf84c0fe1a)
2007-10-10 10:51:57 -05:00
Andrew Bartlett
deee8fae47 As I raised (without objection) on the mailing list a while back, this
patch removes the 'unicode' smb.conf option.

Clients are as always free not to negotiate unicode, but Samba will always
accept unicode in smbd.

Setting 'unicode = no' caused me more client BSODs than any other option
I have seen, and I really want to protect some of our more silly users, who
will, no matter what, select and change every option...

Andrew Bartlett
(This used to be commit 3f9177bd5d)
2004-03-27 05:38:20 +00:00
Jeremy Allison
6b9dbbcd24 Modified fix for bugid #784. Based on a patch from moriyama@miraclelinux.com (MORIYAMA Masayuki).
Don't use nstrings to hold workgroup and netbios names. The problem with them is that MB netbios
and workgroup names in unix charset (particularly utf8) may be up to 3x bigger than the name
when represented in dos charset (ie. cp932). So go back to using fstrings for these but
translate into nstrings (ie. 16 byte length values) for transport on the wire.
Jeremy.
(This used to be commit b4ea493599)
2004-03-13 02:16:21 +00:00
Jeremy Allison
814e987c62 Signing so far... the client code fails on a SMBtrans2 secondary transaction
I think (my changes haven't affected this I believe). Initial support on the
server side for smbclient. Still doesn't work for w2k clients I think...
Work in progress..... (don't change).
Jeremy.
(This used to be commit e5714edc23)
2003-07-18 00:53:34 +00:00
Jeremy Allison
f1b6cd794d Putting the framework for server signing in place. Ensure we don't use
sendfile when signing (I need to add this for readbraw/writebraw too...).
Jeremy.
(This used to be commit f2e84f1ba6)
2003-07-17 00:48:21 +00:00
Jeremy Allison
ce72beb2b5 Removed strupper/strlower macros that automatically map to strupper_m/strlower_m.
I really want people to think about when they're using multibyte strings.
Jeremy.
(This used to be commit ff222716a0)
2003-07-03 19:11:31 +00:00
Jeremy Allison
0899066fd6 Got us happy running under valgrind again :-).
Jeremy.
(This used to be commit b6ab9d7361)
2003-05-31 02:03:58 +00:00
Jeremy Allison
1fdbe30685 Fixes to stop valgrind complaining about uninitialised memory when it's
copying clobbered buffer areas and doing hashes on them and sending
them onto the wire.
Jeremy.
(This used to be commit 7dfcf714ae)
2003-05-31 01:48:59 +00:00
Andrew Tridgell
c9d0ee977c merge LANMAN1/LANMAN2.1 fixes from head
(This used to be commit 73c686ab77)
2003-05-21 05:20:54 +00:00
Andrew Bartlett
d5ee9b2f48 Jeremy merged across my string parinoia fixes, but forgot to enable them! :-)
This patch catches up on the rest of the work - as much string checking
as is possible is done at compile time, and the rest at runtime.

Lots of code converted to pstrcpy() etc, and other code reworked to correctly
call sizeof().

Andrew Bartlett
(This used to be commit c5b604e2ee)
2003-03-18 11:22:52 +00:00
Andrew Bartlett
634c54310c Merge from HEAD - make Samba compile with -Wwrite-strings without additional
warnings.  (Adds a lot of const).

Andrew Bartlett
(This used to be commit 3a7458f947)
2003-01-03 08:28:12 +00:00
Jeremy Allison
2f194322d4 Removed global_myworkgroup, global_myname, global_myscope. Added liberal
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8)
2002-11-12 23:20:50 +00:00
Jeremy Allison
3d8274df34 Change default of max_xmit to match W2K. Ensure NT negprot uses it.
Jeremy.
(This used to be commit 0bf7187e3b)
2002-10-15 21:35:46 +00:00
Gerald Carter
a834a73e34 sync'ing up for 3.0alpha20 release
(This used to be commit 65e7b5273b)
2002-09-25 15:19:00 +00:00
Jelmer Vernooij
127e77e6e3 Sync 3.0 branch with head
(This used to be commit 42615b945e)
2002-08-17 15:27:10 +00:00
Andrew Tridgell
e90b652848 updated the 3.0 branch from the head branch - ready for alpha18
(This used to be commit 03ac082dcb)
2002-07-15 10:35:28 +00:00
Tim Potter
ab13654dc9 Renamed get_nt_error_msg() to nt_errstr().
(This used to be commit 1f007d3ed4)
2002-03-17 04:36:35 +00:00
Jeremy Allison
2da4d64cfc Added "nt status support" parameter. Fix offline synchronisation.
Jeremy.
(This used to be commit 9243a9778e)
2002-02-27 21:46:53 +00:00
Andrew Tridgell
566fafdb25 don't do an ADS init when not in ADS mode
(This used to be commit 68693ba4e8)
2002-02-22 03:14:58 +00:00
Tim Potter
cd68afe312 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06)
2002-01-30 06:08:46 +00:00
Tim Potter
1f670cfb27 Spelling fixes.
(This used to be commit e67c7c5852)
2002-01-20 22:50:23 +00:00
Jeremy Allison
d6823366b8 Same fix as went into 2.2 (I'm waiting for jerry to finish some code).
Jeremy.
(This used to be commit 01ff6ce496)
2002-01-11 19:10:25 +00:00
Jeremy Allison
a36c10bd1e First part of UNIX extensions (#ifdefed out) more to follow.
Jeremy.
(This used to be commit 02b18f2cca)
2002-01-10 02:41:15 +00:00
Martin Pool
f5bc0e92a6 Better explanation message for dmalloc.
Also more insertion of parenthesis to handle struct members called
'free'.

You can now get useful dmalloc output, as long as it is compatible
with your C library.  On RH7.1 it looks like you have to rebuild
dmalloc to allow free(0) by default, because something in libcrypt
does that. (sigh)
(This used to be commit 391cbb6901)
2002-01-09 07:52:51 +00:00
Andrew Bartlett
2e28f8ff0e I've decided to move the auth code around a bit more...
The auth_authsupplied_info typedef is now just a plain struct - auth_context,
but it has been modified to contain the function pointers to the rest
of the auth subsystem's components.

(Who needs non-static functions anyway?)

In working all this mess out, I fixed a number of memory leaks and moved the
entire auth subsystem over to talloc().

Note that the TALLOC_CTX attached to the auth_context can be rather long-lived,
it is provided for things that are intended to live as long.  (The
global_negprot_auth_context lasts the whole life of the smbd).

I've also adjusted a few things in auth_domain.c, mainly passing the domain as
a paramater to a few functions instead of looking up lp_workgroup().  I'm
hopign to make this entire thing a bit more trusted domains (as PDC) freindly
in the near future.

Other than that, I moved a bit of the code around, hence the rather messy diff.

Andrew Bartlett
(This used to be commit 12f5515f55)
2002-01-05 04:55:41 +00:00
Andrew Tridgell
99c431695c added a "use spnego" option
you need to set "use spnego = no" for w2k to be able to join a samba
domain. Otherwise the w2k box will assume we can do kerberos as a KDC
(This used to be commit b5cb57a367)
2001-12-07 01:01:10 +00:00
Andrew Tridgell
9421ad4a7a added a REALLY gross hack into kerberos_kinit_password so that
winbindd can do a kinit
this will be removed once we have code that gets a tgt
and puts it in a place where cyrus-sasl can see it
(This used to be commit 7d94f1b736)
2001-12-05 09:46:53 +00:00
Andrew Bartlett
fe64484824 Make better use of the ads_init() function to get the kerberos relam etc.
This allows us to use automagically obtained values in future, and the value
from krb5.conf now.

Also fix mem leaks etc.

Andrew Bartlett
(This used to be commit 8f9ce71781)
2001-11-29 06:21:56 +00:00
Andrew Tridgell
5e25ba6fec always send an OID list until we handle raw (unwrapped) NTLMSSP
packets in session setup
(This used to be commit 3b3f8a9350)
2001-11-27 23:41:14 +00:00