1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Commit Graph

1088 Commits

Author SHA1 Message Date
Volker Lendecke
796c77d43d lib: Use dom_sid_equal where appropriate
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2015-08-20 12:49:22 +02:00
Stefan Metzmacher
05dbd3b47a libcli/smb: prefer AES128_CCM
Callgrind showed that we use 28,165,720,719 cpu cycles to send
a 100MB file to a client using aes-ccm.

With aes-gcm this is raises up to 723,094,413,831 cpu cycles.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-08-17 17:43:36 +02:00
Volker Lendecke
e6c8452093 libcli: Use iov_buflen in smb2_signing.c
This gives us overflow protection.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Aug 14 13:56:49 CEST 2015 on sn-devel-104
2015-08-14 13:56:49 +02:00
Volker Lendecke
5d141a32f3 lib: Remove some unused code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-08-14 07:46:12 +02:00
Volker Lendecke
f0f23d6a92 lib: Remove some unused code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-08-14 07:46:12 +02:00
Michael Adam
204cbe3645 Introduce setting "desired" for 'smb encrypt' and 'client/server signing'
This should trigger the behaviour where the server requires
signing when the client supports it, but does not reject
clients that don't support it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-07-07 14:05:27 +02:00
Stefan Metzmacher
7e095eb334 libcli/smb: let tstream_smbXcli_np report connection errors as EPIPE instead of EIO
This maps to NT_STATUS_CONNECTION_DISCONNECTED instead of
NT_STATUS_IO_DEVICE_ERROR.

EPIPE, NT_STATUS_CONNECTION_DISCONNECTED matches what other tstream backends
e.g. tcp and unix report.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-07-03 02:00:28 +02:00
Volker Lendecke
994d08e420 libsmb: Streamline smb1cli_trans a bit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-06-26 19:32:19 +02:00
Jeremy Allison
95fc7fbe82 lib: ldap: Properly check talloc error returns.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 16 04:16:13 CEST 2015 on sn-devel-104
2015-06-16 04:16:13 +02:00
Stefan Metzmacher
006042ac12 libcli/smb: make sure we remove the writev_send() request when a request is destroyed
This way smbXcli_conn_disconnect() removes all tevent_fd structures attached to
the sock_fd before closing it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
f3982eb2c7 libcli/smb: add smb1 requests to the pending array before writev_send()
This way we have a change to destroy the pending writev_send request before
closing the socket in smbXcli_conn_disconnect().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
5933843427 libcli/smb: make sure the writev_send of smbXcli_conn_samba_suicide() is removed before closing the socket
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
8f42df235d libcli/smb: remove unused split of read_fd and write_fd
The tevent epoll backend supports separate read and write tevent_fd structure
on a single fd, so there's no need for a dup() anymore.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
46e1aa22b1 libcli/smb: close the socket fd at the end of smbXcli_conn_disconnect()
We need to cancel all pending requests before closing the socket fds,
otherwise we cause problem with the interaction with the epoll event backend.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
26c4b3fc9d libcli/smb: use tevent_req_received(req) in read_smb_recv()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
fcf0d3ebef libcli/named_pipe_auth: call smb_set_close_on_exec() in tstream_npa_socketpair()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11312

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-05 14:33:19 +02:00
Volker Lendecke
ab26e84da1 tstream: Make socketpair nonblocking
When we have a large RPC reply, we can't block in the RPC server.

Test: Do rpcclient netshareenumall with a thousand shares defined

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-04 01:02:26 +02:00
Stefan Metzmacher
477ecfbdaf libcli/smb: In CCM and GCM mode we can't reuse nonces
Reuse of nonces with AES-CCM and AES-GCM leads to catastrophic failure,
so make sure the server drops the connection if that ever happens.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11300

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
2015-05-29 19:50:25 +02:00
Ross Lagerwall
f73bcf4934 s3: libsmbclient: Add server-side copy support
Introduce a new operation, splice, which copies data from one SMBCFILE
to another. Implement this operation using FSCTL_SRV_COPYCHUNK_WRITE for
SMB2+ protocols and using read+write for older protocols. Since the
operation may be long running, it takes a callback which gets called
periodically to indicate progress to the application and given an
opportunity to stop it.

Signed-off-by: Ross Lagerwall <rosslagerwall@gmail.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-05-29 02:37:18 +02:00
Michael Adam
4770edec62 libcli/smb: SMB 3.0.2: define SVHDX_OPEN_DEVICE_CONTEXT
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:28 +02:00
Michael Adam
e85be925cc libcli/smb: SMB 3.0.2: define FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:28 +02:00
Michael Adam
a11aa8cf51 libcli/smb: SMB 3.0.2: define FSCTL_SVHDX_SYNC_TUNNEL_REQUEST
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:28 +02:00
Michael Adam
9aaeb67084 libcli/smb: SMB 3.0.2: define SMB2_WRITEFLAG_WRITE_UNBUFFERED
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:28 +02:00
Michael Adam
a8c3d94a6b libcli/smb: SMB 3.0.2: define SMB2_READFLAG_READ_UNBUFFERED
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:28 +02:00
Michael Adam
e97858433e libcli/smb: add support for SMB >= 3.1.1 io priorities
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:28 +02:00
Stefan Metzmacher
6ce14a9a8b libcli/smb: add define for SMB 3.1.1 SMB2_HDR_FLAG_PRIORITY_MASK and helper macros
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-05-08 13:00:28 +02:00
Stefan Metzmacher
a554f02bc1 libcli/smb: add PROTOCOL_SMB3_11 and SMB3_DIALECT_REVISION_311
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-05-08 13:00:28 +02:00
Michael Adam
c29ff00fe4 libcli/smb: don't alter state->smb2.hdr when getting STATUS_PENDING
We need to make sure smb2cli_req_get_sent_iov() returns what was sent
over the wire. This is required in order to correctly perform
the preauth calculation for SMB >= 3.1.

We keep separate variables for the cancel information we got
from a STATUS_PENDING response.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:27 +02:00
Michael Adam
d3ed269074 libcli: add new NTSTATUS codes from SMB 3.1
NT_STATUS_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP
NT_STATUS_SMB_BAD_CLUSTER_DIALECT

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:27 +02:00
Michael Adam
fae184e805 libcli: add missing printable form of NT_STATUS_VHD_SHARED
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2015-05-08 13:00:27 +02:00
Jeremy Allison
688aae8bac s4: Fix bad review I did in dom_sid_parse_length() code.
Volker, apologies for the mistake.

Spotted by Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr 29 08:20:23 CEST 2015 on sn-devel-104
2015-04-29 08:20:23 +02:00
Volker Lendecke
b2c34d45c0 lib: Simplify dom_sid_parse_length
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-04-28 18:11:13 +02:00
Stefan Metzmacher
2dcef48f24 libcli/security: add security_descriptor_for_client() helper function
This prepares a possibly stripped security descriptor for a client.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:25 +02:00
Stefan Metzmacher
77f0763c84 libcli/security: support "IS" in SDDL for SID_NT_IUSR
TODO: we should import the whole lists from [MS-DTYP].

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:25 +02:00
Stefan Metzmacher
0dbf1d4c40 libcli/util: remove unused WERR_BAD_PASSWORD
The values are the same, but WERR_INVALID_PASSWORD matches the documentation.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-27 01:26:17 +01:00
Stefan Metzmacher
6e5d9c2a3d libcli/auth: use WERR_INVALID_PASSWORD instead of WERR_BAD_PASSWORD
The values are the same, but WERR_INVALID_PASSWORD matches the documentation.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-27 01:26:17 +01:00
Stefan Metzmacher
d620f462ff libcli/util: let WERR_UNKNOWN_LEVEL be an alias to WERR_INVALID_LEVEL
WERR_INVALID_LEVEL is the documented name that should be printed
in logs.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-27 01:26:15 +01:00
Richard Sharpe
f0e9ba91c0 Rename SMB2_OP_FIND to SMB2_OP_QUERY_DIRECTORY so that it conforms with the MS document MS-SMB2.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 27 01:24:47 CET 2015 on sn-devel-104
2015-03-27 01:24:47 +01:00
Stefan Metzmacher
a46a00673d libcli/auth: add forward declaration for struct wkssvc_PasswordBuffer
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-20 20:43:11 +01:00
Stefan Metzmacher
409cf45147 libcli/auth: add some const to netlogon_creds_server_{init,step_check}()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-20 20:43:11 +01:00
Thomas Schulz
820a0a91fb libcli/auth: Match Declaration of netlogon_creds_cli_context_tmp with implementation
I have been building 4.2.0 with the GNU C compiler but I decided to see
how it works with the Sun C 5.11 compiler. The Sun compiler complains
about a identifier being redeclared in libcli/auth/netlogon_creds_cli.c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11140

Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-03-20 13:49:26 +01:00
Jeremy Allison
00d92f5925 s3: libcli: smb1: Ensure we correctly finish a tevent req if the writev fails in the SMB1 case.
We haven't added the req to the pending array yet, as SMB1 requests can
be one-way (no reply needed). So if we error out after the writev, but
before we add to the pending array we must rember to terminate our current
tevent req with a tevent_req_nterror call.

Fixes bug 11173 - SMB1 Server disconnect can cause timeout on client write error.

https://bugzilla.samba.org/show_bug.cgi?id=11173

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Mar 20 05:08:25 CET 2015 on sn-devel-104
2015-03-20 05:08:25 +01:00
Günther Deschner
5b68527f2b lib/util: globally include herrors in error.h
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-13 23:58:07 +01:00
Günther Deschner
533cfb63f3 libcli/util/hresult: add generated hresult_errstr() function.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-13 23:58:07 +01:00
Günther Deschner
3152529c7f libcli/util/hresult: re-generate hresult.c.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-13 23:58:07 +01:00
David Disseldorp
8fef2c82c1 idl: define FSCTL_DUPLICATE_EXTENTS_TO_FILE
As specified in the recent 20150129 revision of MS-FSCC.
Add a note regarding the FileHandle field, which was confirmed to
correspond to the volatile part of the fileid:
https://lists.samba.org/archive/samba-technical/2015-February/105454.html

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-11 16:11:07 +01:00
Richard Sharpe
e53f6e9ec2 Add the definition of FSCTL_SET_INTEGRITY_INFORMATION found from a capture and the Web.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Sun Mar  8 00:43:08 CET 2015 on sn-devel-104
2015-03-08 00:43:08 +01:00
Volker Lendecke
e4bded6551 libsmb: Use tevent_req_poll_ntstatus
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 18:51:10 +01:00
Volker Lendecke
bd6bc30693 Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 15:58:05 +01:00
Volker Lendecke
b3a472d976 lib: Use iov_buflen in smb1cli_req_chain_submit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-24 17:52:09 +01:00