1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

9721 Commits

Author SHA1 Message Date
Andrew Bartlett
ba07fa43d0 r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.

This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets.  It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default.  It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.

This patch mirrors the earlier work done to move TLS into the socket
layer.

Unusual in this pstch is the extra read callback argument I take.  As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data.  This would leave the system without an event
to restart the read (as the socket is dry).

As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop.  I believe that
the TLS code does require a similar callback.

In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:

+-----------------+---------------------+
| SASL  Packet #1 | SASL Packet #2      |
----------------------------------------+
| LDAP Packet #1       | LDAP Packet #2 |
----------------------------------------+

In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP.  Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.

Without data on the socket, read events stop.  That is why I add timed
events, until the SASL buffer is drained.

Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).

In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code.  The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length.  (1 + n/2).  This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.

Andrew Bartlett
(This used to be commit 5d7c9c12cb)
2007-10-10 14:10:18 -05:00
Andrew Bartlett
74b68a7555 r17196: Clarify that SSL is used for LDAP as well as SWAT.
Andrew Bartlett
(This used to be commit d79bfbe87d)
2007-10-10 14:10:18 -05:00
Simo Sorce
e248caed12 r17195: Start thinking how to implement extended operations.
Ad supports three extended operations:
- start tls
- dynamic objects
- fast binds

none of these are a priority.
(This used to be commit 523e8f3ed4)
2007-10-10 14:10:18 -05:00
Simo Sorce
fcea638657 r17193: Remove ancient stuff never really used
(This used to be commit a6709196ca)
2007-10-10 14:10:17 -05:00
Simo Sorce
3faab3e6dd r17189: Add the new LDAP rfc series
(This used to be commit d3f8b813b3)
2007-10-10 14:10:17 -05:00
Volker Lendecke
7718ef4c66 r17187: Beginnings of a little lsa walker for Samba3, if only to prevent the
regression we had in 3.0.23...

Volker
(This used to be commit 0236f3b41a)
2007-10-10 14:10:17 -05:00
Simo Sorce
49f68caed2 r17186: "async" word abuse clean-up part 2
(This used to be commit c6aa60c7e6)
2007-10-10 14:10:17 -05:00
Simo Sorce
c93817b36d r17185: Oh, I wanted to do this for sooo long time.
Finally acknowledge that ldb is inherently async and does not have a dual personality anymore
Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply
to reflect the real function of this structure.

Simo.
(This used to be commit 25fc735404)
2007-10-10 14:10:16 -05:00
Stefan Metzmacher
550f5fb26e r17176: remove off_t from talloc. size_t is large enough to hold
the max amount of memory of one process

metze
(This used to be commit f47b7bb656)
2007-10-10 14:10:16 -05:00
Andrew Bartlett
5f741e17d7 r17174: Enable gnutls code, which requires the HAVE_GNUTLS CPP macro.
Andrew Bartlett
(This used to be commit f3b6e57b23)
2007-10-10 14:10:16 -05:00
Andrew Bartlett
b718193b6b r17173: Check for oversize output, not oversize input, and fix the GSSAPI mech
to work (it broke it in the previous commit).

Andrew Bartlett
(This used to be commit e96638bc74)
2007-10-10 14:10:16 -05:00
Andrew Bartlett
048d0c64f9 r17171: Add a gensec function to determine the maximum negotiated buffer size,
and the maximum amount of user data that may be fitted into that.

This is used in the new SASL code, to correctly honour SASL buffer sizes.

Andrew Bartlett
(This used to be commit cbbe99d9c1)
2007-10-10 14:10:15 -05:00
Andrew Bartlett
d5aeddf2ef r17170: Catch some more out-of-memory cases, and provide some clues when
chasing down bad signatures that may be due to data truncation.

Andrew Bartlett
(This used to be commit d304760d3d)
2007-10-10 14:10:15 -05:00
Andrew Bartlett
9e854f2f86 r17169: Test LDAP with testnonblock.
Andrew Bartlett
(This used to be commit 9d866a030e)
2007-10-10 14:10:15 -05:00
Andrew Bartlett
a1a842eb44 r17168: Now that TLS (and soon SASL) is below the socket layer, we need to
make the testnonblock skip some things.  The socket *under* the tls
socket is still tested.

Andrew Bartlett
(This used to be commit 9c33c6a20a)
2007-10-10 14:10:15 -05:00
Andrew Bartlett
dc2715b49c r17167: indent
(This used to be commit 4dcdc5a3ad)
2007-10-10 14:10:15 -05:00
Stefan Metzmacher
48fac823d2 r17157: bail out if sizeof(size_t) < sizeof(void *)
metze
(This used to be commit f94198c2a8)
2007-10-10 14:10:14 -05:00
Stefan Metzmacher
02ac968a26 r17156: check for the size of a pointer
metze
(This used to be commit 58e124ade3)
2007-10-10 14:10:14 -05:00
Jeremy Allison
38dee43c19 r17141: Prove that create dispositions with truncate and
overwrite break oplocks.
Jeremy.
(This used to be commit 94886f8c40)
2007-10-10 14:10:14 -05:00
Jeremy Allison
8de86d192a r17139: Checking in Volker's extended oplock test.
Jeremy
(This used to be commit 720c425af1)
2007-10-10 14:10:14 -05:00
Stefan Metzmacher
3ff21a0cd7 r17114: print some sizes for debugging
metze
(This used to be commit fa04ef88e5)
2007-10-10 14:10:14 -05:00
Stefan Metzmacher
4611244abd r17113: build tdb and ldb standalone with the same sizes of 'off_t' as from samba
metze
(This used to be commit 5c1e6c08c7)
2007-10-10 14:10:13 -05:00
Stefan Metzmacher
761450c66e r17112: - fix the build of the ldap ldb backend with newer openldap header files.
- use the correct timeout variable (simo you should do a standalone build before commiting:-)

metze
(This used to be commit ac9d69d257)
2007-10-10 14:10:13 -05:00
Stefan Metzmacher
e3fd9ccd4e r17109: - use AC_SYS_LARGEFILE so that type sizes are the same when talloc
is build standalone and inside samba
- add configure checks for the some type sizes for debugging

metze
(This used to be commit 2977e7097a)
2007-10-10 14:10:13 -05:00
Andrew Bartlett
b38fca6e2d r17104: Rename function parameters and variables to avoid shadowing global
declarations.

Andrew Bartlett
(This used to be commit 15dd43b773)
2007-10-10 14:10:13 -05:00
Andrew Bartlett
37eab82528 r17103: Big updates to the not-yet-enabled partitions module. It now services
the Global Catalog port 'correctly' (in a very simple sense) in that
it should be no worse than what we had before.

We now combine partitions together to search over the whole tree, when
we are marked as 'global catalog'.

Andrew Bartlett
(This used to be commit 0a354a1dde)
2007-10-10 14:10:13 -05:00
Jeremy Allison
6cebe4d890 r17099: Samba3 now passes RAW-LOCK completely, no need for
parameters to protect it.
Jeremy.
(This used to be commit 382c37e3d7)
2007-10-10 14:10:12 -05:00
Stefan Metzmacher
e1248154d6 r17088: add ntvfs mapping function for notify
metze
(This used to be commit 7daf432d58)
2007-10-10 14:10:12 -05:00
Stefan Metzmacher
bdf914a39d r17087: - make pvfs_notify_next_send static
- fix double free:
  a talloc_reference(a,b) when a is a child of b
  doesn't prevent talloc_free(b) from destroiying a and b.

metze
(This used to be commit 41acbc6645)
2007-10-10 14:10:12 -05:00
Stefan Metzmacher
bca8f2d568 r17085: reuse the existing sec_desc_buf struct
metze
(This used to be commit 22463cbcdd)
2007-10-10 14:10:12 -05:00
Stefan Metzmacher
8075ce63fd r17084: implement SMB2 Cancel in the server,
that makes it possible for clients to cancel
async requests, like NOTIFY...

metze
(This used to be commit eaccd3c435)
2007-10-10 14:10:12 -05:00
Stefan Metzmacher
a5bafffd66 r17083: - implement SMB2 Cancel in the client
- the 0xffffffffffffffff seqnum is reserved for SMB2 Break (oplock breaks)
  so don't use it in a request. we should someday try to test this...

metze
(This used to be commit 730cdc4475)
2007-10-10 14:10:11 -05:00
Volker Lendecke
152ea280f1 r17082: Add a test that walks and tests denying tconX access via the share security
descriptor. This is something that W2k3 does _not_ pass and probably is not
expected to, it seems the don't check access at tconX time.

Thanks to metze for the hint how in the srvsvc_NetShareInfo1501 struct the
length of the sd can be encoded in idl.

As metze says, there's probably more to the share secdesc, this needs more
testing. This one is here to walk the samba3 code.

Volker
(This used to be commit 6718550822)
2007-10-10 14:10:11 -05:00
Stefan Metzmacher
73b066281e r17081: add idle handler support to the smb2 client lib too
metze
(This used to be commit 1f48e7dca6)
2007-10-10 14:10:11 -05:00
Rafal Szczesniak
45b64e394d r17079: Remove an attempt to connect on ncacn_ip_tcp transport after failure
on ncacn_np, as abartlet suggested. Also, named pipe remains the default
transport for all kinds of servers to be contacted.

rafal
(This used to be commit 76888c74a6)
2007-10-10 14:10:11 -05:00
Volker Lendecke
f139daccf7 r17074: Extend the rpc-samba3-getusername test: This creates a normal user and we
check if we can actually see the user SID on a fresh sessionsetup.

This also gives us the simple create_user, which can lead to more fun tests
:-)

Volker
(This used to be commit 92afe11569)
2007-10-10 14:10:11 -05:00
Volker Lendecke
32b7198256 r17069: Make us pass RPC-NETLOGSAMBA3 against w2k3 again
(This used to be commit 963878a5f3)
2007-10-10 14:10:10 -05:00
Volker Lendecke
803e5ef031 r17065: NT4 does not like "0" here, W2k3 does not care...
(This used to be commit 4f13b7d53c)
2007-10-10 14:10:10 -05:00
Volker Lendecke
41c571e659 r17064: lsa_GetUserName needs to return the name for S-1-5-7 on an anonymous login.
Found that because I want to play around with setsharesecurity, for this I
need the "whoami" call figuring out the SID of the currently connected user.

Not activating this test yet until the build farm has picked up the new samba4
revision.

Volker
(This used to be commit 5603db30e7)
2007-10-10 14:10:10 -05:00
Stefan Metzmacher
4e4e698f2b r17062: make correct use of talloc destructors, and make the code much simpler
should I merge that aslo to samba3?

metze
(This used to be commit c5672a54a0)
2007-10-10 14:10:10 -05:00
Stefan Metzmacher
cab68a413b r17061: - remove the currect talloc chunk from it's parent before freeing the children
this fixes an endless loop bug!
- reenable the test for this

should I merge this to samba3?

metze
(This used to be commit 0559222b62)
2007-10-10 14:10:09 -05:00
Andrew Bartlett
624544f065 r17031: When I first revived the objectclass sorting module, simo complained
that it should handle the add without a search.

Now that I'm working on better behaviour with an LDAP backend, I've
fixed the module to do just that.  For an ADD, and a MODIFY with the
REPLACE flag, we do not need the search step.

Andrew Bartlett
(This used to be commit 87573e2ee4)
2007-10-10 14:10:09 -05:00
Rafal Szczesniak
6078bfda5e r17028: Remove extra newline.
rafal
(This used to be commit 7da9ebffbd)
2007-10-10 14:10:09 -05:00
Rafal Szczesniak
752fda46a5 r17027: My copyright notice.
rafal
(This used to be commit a2229f8c80)
2007-10-10 14:10:09 -05:00
Rafal Szczesniak
434087bb4b r17026: Make rpc connect routine a bit smarter. Try to connect again
using different transport and possibly address type, when
the first attempt fails (only if it makes any sense, of course).
This may be especially useful when connecting DCs and PDCs in
mixed environments.

Also, add monitor messages issuing.

rafal
(This used to be commit d69b31230d)
2007-10-10 14:10:09 -05:00
Stefan Metzmacher
440d0487a6 r17020: pass the real error to the failing requests
metze
(This used to be commit 49b96ac44a)
2007-10-10 14:10:08 -05:00
Stefan Metzmacher
09b9d831c2 r17019: don't timeout on notifies
metze
(This used to be commit 8d4fd35b10)
2007-10-10 14:10:08 -05:00
Stefan Metzmacher
a6a8065812 r17015: add a test that closes the tcp connection with an outstanding
notify request

metze
(This used to be commit d90313f715)
2007-10-10 14:10:08 -05:00
Stefan Metzmacher
5af1b8e009 r17014: add whitespaces...
metze
(This used to be commit 60c4eaa4c5)
2007-10-10 14:10:08 -05:00
Stefan Metzmacher
39b7ae11ac r17012: don't try to send any data when the socket is gone already...
(fixes crash bugs)

metze
(This used to be commit b7418aec33)
2007-10-10 14:10:08 -05:00