1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

81952 Commits

Author SHA1 Message Date
Stefan Metzmacher
92811c6f5f libcli/smb: make use of SMB2_HDR_BODY as header size
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
be8e33ec54 libcli/smb: parse the SMB2_TRANSFORM header and decrypt the SMB2 pdu
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
c2b0a48513 libcli/smb: create 4 iovecs per request in smb2cli_inbuf_parse_compound()
The first one might hold the SMB2_TRANSFORM Header later.

metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
5863107cd3 libcli/smb: prepare [en|de]cryption_key for SMB3
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
d333edbe14 libcli/smb: copy the application_key in smb2cli_session_create_channel()
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
077eb578be libcli/smb: check the buffer length in smbXcli_negprot_dispatch_incoming()
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
1c144b07f6 libcli/smb: only pass the smb2 buffer to smb2cli_inbuf_parse_compound()
We should hide the transport as much as possible.

metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
fd736f7f18 libcli/smb: add smb2_signing_[en|e]crypt_pdu()
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
7e0982421b libcli/smb: construct the signing_key before forming the message
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
5adf63fe30 lib/crypto: add aes_ccm_128
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
4628e2878f libcli/smb: add SMB2_SESSION_FLAG_ENCRYPT_DATA
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
d7285672b4 libcli/smb: add SMB2_TRANSFORM macros
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
a41a1d176f s3:test_smb2: copy the session_channel from the primary channel.
metze
2012-07-23 18:19:36 +02:00
Stefan Metzmacher
88f326a2c0 s3:smb2_tcon: reject access to shares mark as "smb encrypt = required"
We do not support SMB2 transport encryption yet.

metze
2012-07-23 18:19:36 +02:00
Guenther Deschner
3fe601afcf s3-winbind: Fix idmap initialization debug message.
Signed-off-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 23 18:19:00 CEST 2012 on sn-devel-104
2012-07-23 18:19:00 +02:00
Stefan Metzmacher
0b903e1cf5 s3:smbd: if a fsp has fsp->deferred_close, clients shouldn't be able to use it
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jul 23 16:22:03 CEST 2012 on sn-devel-104
2012-07-23 16:22:03 +02:00
Geza Gemes
e2cea8fbea s4-classicupgrade: Add unix attributes during upgrade
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jul 22 13:20:20 CEST 2012 on sn-devel-104
2012-07-22 13:20:19 +02:00
Sergey Urushkin
e8b3b1c110 s4 rfc2307 gids mapping fix
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-07-22 19:11:26 +10:00
Jiri Popelka
f7b88fbe9f Use ippGet/ippSet (accessors) for IPP API.
CUPS 1.6 makes various structures private and
introduces these ippGet and ippSet functions
for all of the fields in these structures.
http://www.cups.org/str.php?L3928

We define our own accessors when CUPS < 1.6.

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 20 22:35:55 CEST 2012 on sn-devel-104
2012-07-20 22:35:55 +02:00
Jeremy Allison
b336b8ed58 Remove source3/lib/pidfile.c
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 20 03:57:20 CEST 2012 on sn-devel-104
2012-07-20 03:57:20 +02:00
Jeremy Allison
e8dbf2889f Move everything to use the common pidfile functions.
The extra code in source3/lib/pidfile.c is no longer needed.
2012-07-19 16:36:18 -07:00
Jeremy Allison
f58d8feabc Fix the configure build - add lib/util/pidfile.o into UTIL_OBJ. 2012-07-19 16:21:15 -07:00
Jeremy Allison
0d24370c76 Make the s3 pidfile use the common code inside lib/util/pidfile.c 2012-07-19 16:08:49 -07:00
Jeremy Allison
3e476e184d Add debugs to functions. Add pidfile_unlink(). 2012-07-19 16:08:16 -07:00
Jeremy Allison
2922fdaaf0 Move source4/smbd/pidfile into lib/util in preparation for making it in common. 2012-07-19 15:41:52 -07:00
Andrew Bartlett
03a6137001 s3-param: Remove special case for lp_ctdbd_socket(), set CTDB_PATH as default
This changes the default based on the #ifdef rather than an override
on a parameter value of ""

The less special override functions we have the easier it is to merge
the loadparm tables.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul 19 09:56:01 CEST 2012 on sn-devel-104
2012-07-19 09:56:01 +02:00
Andrew Bartlett
0f57da57e3 lib/param: bring lp_smb_ports() into common by making it a list everywhere 2012-07-19 08:02:32 +02:00
Andrew Bartlett
cf9bd1d9ed s3-param: Make lp_name_resolve_order() return a list
This allows this parameter, one of the few with differing declarations
between the loadparm systems, to be brought into common.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-19 08:02:32 +02:00
Andrew Bartlett
8822b3b662 s4-param: Remove unused "idmap trusted only"
When we revamp the idmap layer, we will end up just following the s3
options, and this option is not used there either.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-19 08:02:32 +02:00
Andrew Bartlett
d2ae8179ea lib/param: Add my copyright 2012-07-19 08:02:32 +02:00
Andrew Bartlett
1cbbd2d980 lib/param: bring lp_time_server() into common 2012-07-19 08:02:32 +02:00
Andrew Bartlett
376dc5cc5d s3-auth Use correct RID for domain guests primary group
This was incorrect in commit 9dd7e7fc2d
as the RID was from the BUILTIN domain, but this creates a guest
account token for the real domain.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul 19 05:56:28 CEST 2012 on sn-devel-104
2012-07-19 05:56:28 +02:00
Andrew Bartlett
11d7f7762d s3-rpc_server: Remove make_server_info_info3() call from make_server_pipes_struct()
This codepath would only be executed if we provided a partial session_info token
across the named pipe forwarding code.

The smbd file server always fills this in, and if the ntvfs file server ever
wants to use an smbd hosted pipe, it can do the same.  Calling create_local_token
is always the wrong thing to do.

Andrew Bartlett
2012-07-19 04:04:20 +02:00
Andrew Bartlett
cbc30833d6 auth/credentials: Remove extra newline 2012-07-19 04:04:20 +02:00
Andrew Bartlett
9130bbb7e5 selftest: Run unix.whomai against the machine acccount as well
This shows that the machine account got an extra SID in the token for domain users.

Andrew Bartlett
2012-07-19 04:04:20 +02:00
Andrew Bartlett
38a47039cf Revert "s3:auth make sure the primary group sid is usable"
This reverts commit 00089fd74a.

The issue with this patch, which I did sign off on, is that for the
domain member case, we already know that the SID is reasonable and
valid, and we indeed rely on that, because we keep it as an additonal
group anyway.  The primary group is not so special that we need to do
extra validation.

Calling this function may put a user into the domain 'domain users'
group, even if they are not in that group to start with.

Andrew Bartlett
2012-07-19 04:04:20 +02:00
Andrew Bartlett
faa9b2e1b1 s4-torture: Move check of map-to-guest above SID list check
This makes it easier to interpret failing output.

Andrew Bartlett
2012-07-19 04:04:20 +02:00
Andrew Bartlett
624f11e4b4 s4-torture: Allow unix.whoami to test against a member server
This compares only the domain SIDs betwen the two servers, rather than
the full token, as well known and other SIDs may be added locally
in both cases.

This also expands the test environments this is run against to verify
this between our AD server and domain members.

Andrew Bartlett
2012-07-19 04:04:20 +02:00
Andrew Bartlett
8825085ea4 s4-torture: Also print GID values in whoami test 2012-07-19 04:04:20 +02:00
Christof Schmitt
6305b4b64f torture: Print SIDs as additional debug output in unix.whoami 2012-07-19 04:04:20 +02:00
Volker Lendecke
8ef968a23d s3-aio: Panic if we try to close a fsp with outstanding aio requests
The core smbd must have taken care of this. If we don't do this properly,
we have a race of the close(2) against a pwrite(2). We might end up
writing to the wrong file.

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 19 03:40:17 CEST 2012 on sn-devel-104
2012-07-19 03:40:17 +02:00
Volker Lendecke
a6b5836741 s3-smb2: Postpone close_file until all aio is handled
Thanks to Jeremy for this simple idea

Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:58:43 -07:00
Volker Lendecke
3e9f58be7e s3-smb1: Postpone close_file until all aio is handled
Thanks to Jeremy for this simple idea

Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:57:53 -07:00
Volker Lendecke
3da86cc23f s3: Add tevent_wait_send/recv
To me it seems that we might have this functionality already somewere... I
just can't find it. Metze, do you have an idea?

Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:54:20 -07:00
Volker Lendecke
f79fb4429c s3: Slightly simplify reply_close()
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:54:04 -07:00
Volker Lendecke
730d3e8973 s3: Compile with pthreadpool by default
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:53:50 -07:00
Volker Lendecke
4a9b5cce92 config: The AIO engine is indepent of HAVE_AIO now
Compile the basic aio engine always, it works via libasys/pthreadpool_sync
in a sync fashion even if no pthreads are around. Everything else (linux
aio, posix aio, aio fork) is now compiled as modules based on specific
system capabilities

Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:53:28 -07:00
Volker Lendecke
d948b1bfee s3: Add aio_fsync to the aio_linux module
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:52:52 -07:00
Volker Lendecke
d6cb302988 s3: Add aio_fsync to the aio_fork module
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:52:16 -07:00
Volker Lendecke
38dd5b24bb s3-aio-fork: make "read_cmd" an enum
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-18 15:51:53 -07:00