1
0
mirror of https://github.com/samba-team/samba.git synced 2025-10-25 19:33:18 +03:00
Commit Graph

35 Commits

Author SHA1 Message Date
Andrew Bartlett
e4f2afc343 r10153: This patch adds a new parameter to gensec_sig_size(), the size of the
data to be signed/sealed.  We can use this to split the data from the
signature portion of the resultant wrapped packet.

This required merging the gsskrb5_wrap_size patch from
lorikeet-heimdal, and fixes AES encrption issues on DCE/RPC (we no
longer use a static 45 byte value).

This fixes one of the krb5 issues in my list.

Andrew Bartlett
2007-10-10 13:38:04 -05:00
Andrew Bartlett
093b98b5b5 r9490: Fix typo
Andrew Bartlett
2007-10-10 13:34:21 -05:00
Jelmer Vernooij
fac77f5fa2 r8811: Fix the build.. 2007-10-10 13:30:07 -05:00
Andrew Bartlett
bc8f8d2dcf r8109: Try to print out more helpful debug messages on DCERPC server-side
gensec failure to start.

Andrew Bartlett
2007-10-10 13:19:09 -05:00
Andrew Tridgell
3a3025485b r7633: this patch started as an attempt to make the dcerpc code use a given
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.

Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.

There were 3 places where I punted:

  - abartlet wanted me to add a gensec_set_event_context() call
    instead of adding it to the gensec init calls. Andrew, my
    apologies for not doing this. I didn't do it as adding a new
    parameter allowed me to catch all the callers with the
    compiler. Now that its done, we could go back and use
    gensec_set_event_context()

  - the ejs code calls auth initialisation, which means it should pass
    in the event context from the web server. I punted on that. Needs fixing.

  - I used a NULL event context in dcom_get_pipe(). This is equivalent
    to what we did already, but should be fixed to use a callers event
    context. Jelmer, can you think of a clean way to do that?

I also cleaned up a couple of things:

 - libnet_context_destroy() makes no sense. I removed it.

 - removed some unused vars in various places
2007-10-10 13:18:15 -05:00
Jelmer Vernooij
875cce1268 r7313: Prefix a few functions with ncacn_ rather then dcerpc_ because they are
ncacn_ specific
2007-10-10 13:17:41 -05:00
Jelmer Vernooij
2009a430b0 r7312: Add IDL for ncadg packets. 2007-10-10 13:17:40 -05:00
Andrew Bartlett
c023f5c5e8 r6457: Simply the RPC server code for the choice of GENSEC mech - it's just
one function call now, so no need for a wrapper function.

Andrew Bartlett
2007-10-10 13:11:38 -05:00
Andrew Tridgell
ec32b22ed5 r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for the
large commit. I thought this was worthwhile to get done for
consistency.
2007-10-10 13:09:15 -05:00
Andrew Tridgell
439cbb9ead r4663: fixed SPNEGO auth in the rpc server 2007-10-10 13:08:40 -05:00
Andrew Tridgell
b6af57c868 r4642: added support for alter_context in the server for adding new interfaces to an existing pipe 2007-10-10 13:08:38 -05:00
Stefan Metzmacher
ab6ec6b5f4 r4082: support alter_context requests
metze
2007-10-10 13:06:25 -05:00
Stefan Metzmacher
5d7d6f02cf r4081: use clearer names
metze
2007-10-10 13:06:24 -05:00
Andrew Tridgell
729e0026e4 r3468: split out dcerpc_server.h 2007-10-10 13:05:17 -05:00
Andrew Tridgell
f12ee2f241 r2629: convert gensec to the new talloc model
by making our gensec structures a talloc child of the open connection
we can be sure that it will be destroyed when the connection is
dropped.
2007-10-10 12:59:14 -05:00
Andrew Tridgell
76d0b8206c r2627: use the new talloc capabilities in a bunch more places in the rpc
server code. This fixes a number of memory leaks I found when testing
with valgrind and smbtorture, as the cascading effect of a
talloc_free() ensures that anything derived from the top level object
is destroyed on disconnect.
2007-10-10 12:59:13 -05:00
Andrew Tridgell
fee98137ad r2615: fixed a bug in the server side support for CONNECT level security 2007-10-10 12:59:12 -05:00
Andrew Tridgell
f4660857bc r2614: support CONNECT level DCE/RPC security in both client and
server. CONNECT security uses NTLMSSP, but does not do any signing or
sealing (or equivalently, its like signing, but with a zero filled
checksum).
2007-10-10 12:59:12 -05:00
Andrew Tridgell
fce7a4218b r2294: this fixes the NTLM2 sign+seal combination. I have now tested:
NTLM sign
 NTLM sign+seal
 NTLM2 sign
 NTLM2 sign+seal

and all of the above both with and without key exchange

the NTLM2 seal case is ugly and involves an extra data copy, which
some API changes in gensec or the ndr layer might avoid in future.
2007-10-10 12:58:40 -05:00
Andrew Tridgell
d8825b69ac r2293: fixed older NTLM sign/seal in the server 2007-10-10 12:58:40 -05:00
Andrew Bartlett
b80d849b6b r2290: Fix 'lsakey' for the server-side, it is static for
'authenticated' connections.

Fix kerberos session key issues - we need to call the
routine for extracting the session key, not just read the cache.

Andrew Bartlett
2007-10-10 12:58:40 -05:00
Andrew Bartlett
a1fe175eec r2284: Thanks to some great detective work by tridge, NTLM2 signing now works.
This means that 'require NTLMv2 session security' now works for RPC
pipe signing.  We don't yet have sealing, but it can't be much further.

This is almost all tridge's code, munged into a form that can work
with the GENSEC API.

This commit also includes more lsakey fixes - that key is used for all
DCE-RPC level authenticated connections, even over CIFS/ncacn_np.

No doubt I missed something, but I'm going to get some sleep :-)

Andrew Bartlett
2007-10-10 12:58:39 -05:00
Andrew Bartlett
7be16e5036 r2281: Add a few comments. 2007-10-10 12:58:38 -05:00
Andrew Bartlett
86f61568ea r2041: Fix NTLMSSP RPC sealing, client -> win2k3 server.
The bug (found by tridge) is that Win2k3 is being tighter about the
NTLMSSP flags.  If we don't negotiate sealing, we can't use it.

We now have a way to indicate to the GENSEC implementation mechanisms
what things we want for a connection.

Andrew Bartlett
2007-10-10 12:58:19 -05:00
Andrew Bartlett
07fd885fd4 r1294: A nice, large, commit...
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.

This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal).  This causes
changes in all the existing gensec users.

Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.

Gensec has also taken over the role of auth/auth_ntlmssp.c

An important part of gensec, is the output of the 'session_info'
struct.  This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.

The schannel code is reworked, to be in the same file for client and
server.

ntlm_auth is reworked to use gensec.

The major problem with this code is the way it relies on subsystem
auto-initialisation.  The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.

There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
  valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.

Andrew Bartlett
2007-10-10 12:56:49 -05:00
Andrew Tridgell
9b397356ae r1168: fixed a little-endian/big-endian mixup in the rpc server code 2007-10-10 12:56:43 -05:00
Andrew Tridgell
2ac79dfba0 r1030: added server side schannel support 2007-10-10 12:56:30 -05:00
Stefan Metzmacher
d09abeb686 r1004: continue tridge's work on dcerpc server auth/crypto code
I made it much more generic, and we should be able to add a
module interface to this code, so that other DCERPC_AUTH types can be added
via modules...

metze
2007-10-10 12:56:25 -05:00
Andrew Tridgell
729b2f41c9 r995: - renamed many of our crypto routines to use the industry standard
names rather than our crazy naming scheme. So DES is now called
  des_crypt() rather than smbhash()

- added the code from the solution of the ADS crypto challenge that
  allows Samba to correctly handle a 128 bit session key in all of the
  netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard
  from PADL for solving this one!

- restructured the server side rpc authentication to allow for other
  than NTLMSSP sign and seal. This commit just adds the structure, the
  next commit will add schannel server side support.

- added 128 bit session key support to our client side code, and
  testing against w2k3 with smbtorture. Works well.
2007-10-10 12:56:25 -05:00
Andrew Bartlett
399e2e2b11 r874: This patch is a pile of work on NTLMSSP:
Samba's NTLMSSP code is now fully talloc based, which should go a long
way to cleaning up the memory leaks in this code.  This also avoids a
lot of extra copies of data, as we now allocate the 'return' blobs on
a caller-supplied context.

I have also been doing a lot of work towards NTLM2 signing and
sealing.  I have this working for sealing, but not for the verifier
(MD5 integrity check on the stream) which is still incorrect.

(I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the
data arrives intact, but the signature check fails.  It does however
match the test values I have...).

The new torture test is cludged in - when we get a unit test suite
back, I'll happliy put it in the 'right' place....

Andrew Bartlett
2007-10-10 12:56:14 -05:00
Stefan Metzmacher
917e45dafd This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
    and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context

2.) each endpoint server can register at context creation time as much interfaces as it wants
    (multiple interfaces on one endpoint are supported!)
    (NOTE:  there's a difference between 'endpoint server' and 'endpoint'!
	    for details look at rpc_server/dcesrv_server.h)

3.) one endpoint can have a security descriptor registered to it self
    this will be checked in the future when a client wants to connect
    to an smb pipe endpoint.

4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
    it takes this options in the [globals] section:

    dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
    dcerpc remote:binding = ...
    dcerpc remote:user = ...
    dcerpc remote:password = ...

5.) we currently have tree endpoint servers: epmapper, rpcecho and remote

    the default for the 'dcerpc endpiont servers = epmapper, rpcecho'

    for testing you can also do
    dcerpc endpoint servers = rpcecho, remote, epmapper
    dcerpc remote:interfaces = srvsvc, samr, netlogon

6,) please notice the the epmapper now only returns NO_ENTRIES
    (but I think we'll find a solution for this too:-)

7.) also there're some other stuff left, but step by step :-)

This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration


metze

(hmmm, my first large commit...I hope it works as supposed :-)
-
Andrew Tridgell
44df662960 added a smb.conf flag "rpc big endian" that tells our rpc server to
send packets in bigendian format.
-
Andrew Tridgell
bb1af644a5 a fairly large commit!
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.

In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.

I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.

The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
-
Andrew Tridgell
6ee0935afe ntlmssp over rpc over tcp now fully works
I needed to hack the ntlmssp code a little, as the auth code in samba4
is out of date relative to the samba3 auth code. I need to do a merge :)
-
Andrew Tridgell
74041b6a0a fixed a bug handling multiple PDUs being read from a socket at one
time in the rpc server.

started on the framework for the dcerpc authentication server code
-