1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

4348 Commits

Author SHA1 Message Date
Stefan Metzmacher
f49b9ada60 s3:libsmb: add cli_session_setup_anon()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:29 +01:00
Stefan Metzmacher
3a14eec09e s3:libsmb: change cli_session_setup_send/recv into cli_session_setup_creds_send/recv
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:28 +01:00
Stefan Metzmacher
32438b7cec s3:libsmb: move domain\\username magic to cli_session_creds_init()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:28 +01:00
Stefan Metzmacher
fb13eeecea s3:libsmb: get the plaintext and NTLM authentication details out of cli_credentials
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:28 +01:00
Stefan Metzmacher
b64b24a493 s3:libsmb: move cli_session_creds_init() to cli_session_setup_send()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:28 +01:00
Stefan Metzmacher
8a4f76e060 s3:libsmb: move cli_session_setup_get_account into cli_session_creds_init()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:28 +01:00
Stefan Metzmacher
f4cfff3669 s3:libsmb: pass cli_credentials to cli_session_setup_gensec_send()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:28 +01:00
Andreas Schneider
da5e12efa8 s3:libsmb: split out a cli_session_creds_init() function
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
a460e6beef s3:libsmb: pass the optional dest_realm via the cli_credentials
'dest_realm' is only valid in the winbindd use case, where we also have
the account in that realm.

We need to ask the DC to which KDC the principal belongs to, in order to
get the potential trust referrals right.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
75b68d0360 s3:libsmb: let gensec handle the fallback from krb5 to ntlmssp
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
7512eb5dfb s3:libsmb: remove target_principal argument from cli_session_setup_gensec_send()
It's enough to pass down target_service and target_hostname, that's all we
have at the smb layer. The kerberos layer should figure out what
the final target_principals is based on the users realm.

The gse_krb5 backend doesn't use it currently, so it's also unused.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
721b823762 s3:libsmb: always pass the servers gss blob to gensec
The spnego backend will take the "client use spnego principal" option.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
c758df6b4a s3:libsmb: remove unused cli_session_setup_{lanman2,plain,nt1}*
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
a54d250e09 s3:libsmb: make use of smb1cli_session_setup_{nt1,lm21}_send/recv()
This separates the construction of the ASCII-Password (lm_response)
and UNICODE-Password (nt_response) values from the marshalling logic.

We don't need the NT1 marshalling logic 3 times (guest, plain, nt1),
we just need it once now in smb1cli_session_setup_nt1*.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
9fffec8803 s3:libsmb: make use of smb1cli_session_setup_ext_send/recv()
This separates the spnego authentication logic from the
marshalling logic.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Andreas Schneider
5b8ed5009b s3:libsmb: handle the spnego as a first action in cli_session_setup_send()
This will make further restructuring easier.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
cb10628a72 s3:libsmb: add some comments to the noop case for < PROTOCOL_LANMAN1 in cli_session_setup_send()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:27 +01:00
Stefan Metzmacher
7999e6f6c0 libcli/smb: move {smb,trans2}_bytes_push_{str,bytes}() to common code
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:26 +01:00
Stefan Metzmacher
482d3b35e9 s3:libsmb: let the callers only pass the password string to cli_session_setup[_send]()
There're no callers which tried to pass raw {lm,nt}_response any more.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:26 +01:00
David Disseldorp
84786c8305 libsmb: fix leak in opendir error path
Fixes CID 242325 - dir state and the talloc frame are leaked on
user_auth_info_init() failure.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 26 00:58:41 CEST 2016 on sn-devel-144
2016-10-26 00:58:41 +02:00
Stefan Metzmacher
30013efe39 s3:libsmb: make use of proper allocated struct user_auth_info in SMBC_opendir_ctx()
We should avoid to dereference struct user_auth_info.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-21 20:44:23 +02:00
Stefan Metzmacher
87c3ff0f3b s3:libsmb: make use of get_cmdline_auth_info_* helper functions in get_ipc_connect()
We should avoid to dereference struct user_auth_info.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-21 20:44:23 +02:00
Jeremy Allison
c21a6eda37 s3: libsmb: Fix cut and paste error using the wrong structure type.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12383

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct 19 14:33:53 CEST 2016 on sn-devel-144
2016-10-19 14:33:53 +02:00
Uri Simchoni
f596bbff30 cliquota: support setting file system quota via SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
d82f0e99b0 cliquota: factor out building of FILE_FS_CONTROL_INFORMATION
add a service routine that builds FILE_FS_CONTROL_INFORMATION
with default quota and flags. This will be reused by SMB2 and
by server code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
fba19ad9dc cliquota: support setting user quota via SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
5e9b1f77ad cliquota: factor out building of FILE_QUOTA_INFORMATION
Add a function to build a FILE_QUOTA_INFORMATION buffer
out of a quota list, and a function that adds a record
to a quota list.

Some parameters of the new functions are unused by
client code, but will be used by server code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
a1d9090e3c cliquota: support getting fs quota by SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
0ed8b49faf cliquota: factor out fs quota parsing
This code will be reused by SMB2 code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
e0e500258a cliquota: implement quota listing in SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
debc97ef8e cliquota: factor out parsing of a quota record buffer
In preparation for SMB2 support, take parsing of the return
buffer into a separate function.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
72c773c9c2 cliquota: some security hardening
Add some checks for validity of the offset in
the return buffer.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
621d7b41d9 cliquota: refactor and cleanup listing of user quotas
Split cli_list_user_quota into an outer loop function and
an inner loop function.

This simplifies the code somewhat, paves the way for SMB2
support, and fixes a couple of memory leaks in error
conditions. No functional changes.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
b6375ce549 s3-libsmb: support getting user's quota in SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
7f08a3b031 s3-libsmb: make parse_user_quota_record() public
For reuse by SMB2 client code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
2e7e5dfbc6 s3-libsmb: Support getting fs attributes via SMB2
Add a wrapper function arounf GET_INFO to obtain
file system attributes, and plumb it in.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
dad6c2d563 cliquota: fix param count when setting fs quota
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12288

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:22 +02:00
Uri Simchoni
dd8a0578d8 ntquotas: support "freeing" an empty quota list
This avoids dereferencing a null pointer if there's
an attempt to free an empty list.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12307

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:22 +02:00
Uri Simchoni
5a947d6ca1 s3-cliquota: correctly handle no-more-entries
When listing quota records, a Windows server would
return STATUS_SUCCESS until no more entries are available,
where it would return STATUS_NO_MORE_ENTRIES.

The fix keeps old behavior of empty answer also signifying
end of record, to maintain compatibility with Samba servers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12270

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:22 +02:00
Günther Deschner
c08c71c0e5 werror: replace WERR_GENERAL_FAILURE with WERR_GEN_FAILURE in source3/libsmb/libsmb_dir.c
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:20 +02:00
Christian Ambach
b0dadbee33 s3:libsmb fix a typo
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Sep 14 02:06:18 CEST 2016 on sn-devel-144
2016-09-14 02:06:17 +02:00
Andreas Schneider
2454374309 krb5_wrap: Rename kerberos_get_principal_from_service_hostname()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-08-31 20:59:16 +02:00
Jeremy Allison
272f5c95cf s3: libsmb: Add the capability to find a @GMT- path in an SMB2 create and transform to a timewarp token.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12166

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 22 22:59:22 CEST 2016 on sn-devel-144
2016-08-22 22:59:22 +02:00
Jeremy Allison
03bf1f858d s3: libsmb: Plumb new SMB2 shadow copy call into cli_shadow_copy_data().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12166

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-08-22 19:10:22 +02:00
Jeremy Allison
0c6329bc15 s3: libsmb: Add cli_smb2_shadow_copy_data() function that gets shadow copy info over SMB2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12166

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-08-22 19:10:22 +02:00
Jeremy Allison
14fd6dca4e s3: libsmb: Add return args to clistr_is_previous_version_path().
Not yet used - we will use these to construct the SMB2 TWrp blob.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12166

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-08-22 19:10:22 +02:00
Jeremy Allison
336da63754 s3: libsmb: Do some hardening in the receive processing of cli_shadow_copy_data_recv().
Protect against malicious servers.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-08-19 20:03:13 +02:00
Jeremy Allison
a9fe27e17c s3: libsmb: Correctly set max_setup_size in FSCTL_GET_SHADOW_COPY_DATA nttrans ioctl.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12165

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-08-19 20:03:13 +02:00
Jeremy Allison
0b252d7c6f s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_list_trans_send().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12165

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-08-19 20:03:13 +02:00
Jeremy Allison
e4a261c6c8 s3: libsmb: Make a comment note that cli_set_ea() needs some internal changes before cli_set_ea_path() can use previous path versions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12165

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-08-19 20:03:13 +02:00