1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

175 Commits

Author SHA1 Message Date
Stefan Metzmacher
af1a2eecce s3:smbd: calculate the negprot signing flags from the signing_state
We should map from lp_server_signing() just once in srv_init_signing().

metze

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov 16 18:59:49 CET 2011 on sn-devel-104
2011-11-16 18:59:49 +01:00
Stefan Metzmacher
9b4c300922 s3:smbd: also send the server name in the negprot response
This matches W2K (at least sp4) and higher.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Nov  4 15:50:06 CET 2011 on sn-devel-104
2011-11-04 15:50:06 +01:00
Stefan Metzmacher
caa134672c s3:smbd: make use of SMB_SIGNING_* constants
metze
2011-11-03 16:55:13 +01:00
Andrew Bartlett
083025ccd5 s3-ntlmssp Remove auth_ntlmssp_update wrapper
We now just call gensec_update directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21 08:43:10 +02:00
Stefan Metzmacher
abb24bf8e8 s3:smbd: make use of better SMB signing negotiation
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Sep 14 09:41:02 CEST 2011 on sn-devel-104
2011-09-14 09:41:02 +02:00
Stefan Metzmacher
258ffddf1c libcli/smb: s/FLAGS2_UNKNOWN_BIT4/FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Sep 10 00:34:50 CEST 2011 on sn-devel-104
2011-09-10 00:34:50 +02:00
Stefan Metzmacher
012c9d06a9 s3:smb2_server: add basic support for SMB 2.1
This adds support for the 2 stage negprot, from SMB 1 to SMB 2.1.

Support for this of for now and "max protocol = SMB2" still maps
to "max protocol = SMB2_02" PROTOCOL_SMB2_02.

In order to activate smb2.1, you need to use "max protocol = SMB2_10".

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Sep  5 19:30:58 CEST 2011 on sn-devel-104
2011-09-05 19:30:58 +02:00
Stefan Metzmacher
491c975dfe s3:smbd: make use of PROTOCOL_SMB2_02
metze
2011-09-05 13:25:00 +02:00
Volker Lendecke
781074664d s3: Fix bug 8334, do not fork the echo handler for smb2
If a smb1 negprot negotiated smb2 we forked the echo responder. This will
eventually lead to a panic from

[2011/08/30 10:33:29.212578,  0, pid=3846917] smbd/smb2_server.c:243(smbd_smb2_request_create)
  Invalid SMB packet: first request: 0x0009

because from the echo responder we always read using the normal smb1 protocol
handling routine. If that is a bit down the smb2 stream, we get a non-negprot
packet and panic.

BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed
that it probes the server liveness using TCP keepalives and not smb2 echo
requests.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104
2011-08-31 17:58:48 +02:00
Andrew Bartlett
d3524f2eae s3-auth use auth_generic_start to get full GENSEC in Samba3 session setup
This tests if the auth_generic_start() hook is available on the auth
context during the negprot, and if so it uses auth_generic_start() to
hook to GENSEC to handle the full SPNEGO blob.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03 18:48:04 +10:00
Stefan Metzmacher
aca920b27c s3:smbd: use PROTOCOL_SMB2_02 instead PROTOCOL_SMB2
metze
2011-07-12 08:18:00 +02:00
Andrew Bartlett
74eed8f3ed s3-param Remove special case for global_myname(), rename to lp_netbios_name()
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.

Andrew Bartlett
2011-06-09 12:40:09 +02:00
Andrew Bartlett
73b377432c s3-talloc Change TALLOC_REALLOC_ARRAY() to talloc_realloc()
Using the standard macro makes it easier to move code into common, as
TALLOC_REALLOC_ARRAY isn't standard talloc.

Andrew Bartlett
2011-06-09 12:40:08 +02:00
Volker Lendecke
8a2eff871f s3: Fork the echo handler only after SMB1 negprot is done
This enables activating the echo responder also if SMB2 is enabled, albeit it
will only be used for SMB1 at this moment.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri May 20 15:06:03 CEST 2011 on sn-devel-104
2011-05-20 15:06:03 +02:00
Jeremy Allison
265338c194 BUGFIX when converting from safe_strcpy to strlcpy.
We must have a blob legth > 0 in order to safely copy
the (possibly) 16 bytes + 1 byte zero character safely.
2011-05-04 12:12:14 -07:00
Günther Deschner
165521e20d s3: only include smb profiling where needed.
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Apr 14 01:31:39 CEST 2011 on sn-devel-104
2011-04-14 01:31:39 +02:00
Günther Deschner
b2af281e50 s3-messages: only include messages.h where needed.
Guenther
2011-03-30 01:13:09 +02:00
Günther Deschner
af300a9fcb s3-auth: smbd needs auth.h
Guenther
2011-03-30 01:13:09 +02:00
Günther Deschner
8c24ebf371 s3: include smbd/smbd.h where needed.
Guenther
2011-03-30 01:13:08 +02:00
Andrew Bartlett
d73db405f7 s3-safe_string: Add checked_strlcpy()
This is strlcpy, just with an extra check of the parameters with
sizeof(), use only where that works.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Mar 23 03:39:35 CET 2011 on sn-devel-104
2011-03-23 03:39:35 +01:00
Günther Deschner
8643683dd8 s3-server_id: only include server_id where needed.
Guenther
2011-03-02 12:12:31 +01:00
Volker Lendecke
356add8a63 s3: Fix some nonempty blank lines 2010-12-19 23:25:06 +01:00
Andrew Bartlett
b3c2df5e0d s3-smbd Don't send SPNEGO principal (rfc4178 hint) by default
This patch, based on the suggestion by Goldberg, Neil R. <ngoldber@mitre.org>
turns off the sending of the principal in the negprot by default, matching
Windows 2008 behaviour.

This slowly works us back from this hack, which from an RFC
perspective was never the right thing to do in the first place, but we
traditionally follow windows behaviour.  It also discourages client
implmentations from relying on it, as if they do they are more open to
man-in-the-middle attacks.

Andrew Bartlett
2010-12-10 16:08:30 +11:00
Jeremy Allison
d38cd9b671 Fix bug discovered with "encryped passwords = no".
message_push_string() and message_push_blob() both update
the bcc value, so we don't need the old code that tries to
do it manually.

Jeremy.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Nov 29 22:24:01 CET 2010 on sn-devel-104
2010-11-29 22:24:01 +01:00
Volker Lendecke
242e329610 s3: Lift talloc_autofree_context() from make_auth_context_subsystem() 2010-09-26 01:12:37 +02:00
Björn Jacke
079baa7688 s3: use fine grained time in netprot response 2010-08-31 15:51:11 +02:00
Volker Lendecke
ac7b63384d s3: Lift smbd_server_fd from reload_services() 2010-08-18 11:18:21 +02:00
Volker Lendecke
39da717fe1 s3: Lift the smbd_messaging_context from reload_services 2010-08-08 18:09:33 +02:00
Stefan Metzmacher
ac9f06c9b9 s3:smbd: fix valgrind warning, sizeof(16) != 16...
metze
2010-08-08 11:05:16 +02:00
Jeremy Allison
cce19c5162 Fix one more data_blob -> data_blob_talloc. Move away from implicit NULL context tallocs.
Jeremy.
2010-07-20 14:59:31 -07:00
Jeremy Allison
0bb8d133c9 Remove gen_negTokenInit() - change all callers to spnego_gen_negTokenInit().
We now have one function to do this in all calling code. More rationalization
to follow.

Jeremy.
2010-07-19 17:14:26 -07:00
Jeremy Allison
8cba4a0c96 Move the addition of the 16 byte guid out of spnego_gen_negTokenInit() and
into negprot_spnego() where it belongs (it's not an SPNEGO operation).
Add a TALLOC_CTX for callers of negprot_spnego(). Closer to unifying all
the gen_negTokenXXX calls.

Jeremy.
2010-07-19 16:45:16 -07:00
Simo Sorce
e60ed80754 s3-auth: Simplify how we free the auth_context
Turn the freeing function into a destructor and attach it to the
auth_context.
Make all callers TALLOC_FREE() the auth_context instead of calling
the free function.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-19 14:20:00 +10:00
Volker Lendecke
c89b55b573 s3: Remove procid_self() from reply_negprot() 2010-07-05 11:06:25 +02:00
Volker Lendecke
b01958b0bd s3: Remove serverid_[de]register_self
This removes some deep references to procid_self()
2010-07-04 16:41:14 +02:00
Volker Lendecke
a45ea200c6 s3: Explicitly pass sconn to negprot_spnego() 2010-06-12 15:42:50 +02:00
Volker Lendecke
b82fc135a7 s3: Remove some global references to smbd_server_conn 2010-06-12 15:42:50 +02:00
Volker Lendecke
89c785c47a s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.

For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.

This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.

I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.

CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.

While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().

Volker
2010-03-10 16:07:10 +01:00
Volker Lendecke
0f8e2a6ebb Revert "s3: Move the global variable Protocol to struct smbd_server_connection"
This reverts commit c85a4c9ba4.
2009-11-23 16:34:59 +01:00
Volker Lendecke
c85a4c9ba4 s3: Move the global variable Protocol to struct smbd_server_connection 2009-11-21 20:49:17 +01:00
Jeremy Allison
cbafe17bb3 Remove "Protocol" as an extern, and add accessor functions.
Jeremy.
2009-11-04 15:15:50 -08:00
Günther Deschner
503d035814 spnego: share spnego_parse.
Guenther
2009-09-17 01:12:20 +02:00
Stefan Metzmacher
d9843b3db4 s3:smbd: move max_recv to struct smbd_server_connection
metze
2009-06-03 17:54:37 +02:00
Stefan Metzmacher
e16e7146b3 s3:smbd: move negprot related globals to struct smbd_server_connection
metze
2009-06-03 17:54:37 +02:00
Stefan Metzmacher
d7d73b08e9 s3:smbd: allow SMB 2.002 dialect in SMB1 negprot
We create a dummy SMB2 Negotiate inbuf and pass the
connection to the SMB2 engine.

metze
2009-05-20 15:43:00 +02:00
Stefan Metzmacher
c14dd15c6a s3:smbd: make negprot_spnego() non static
metze
2009-05-20 15:42:58 +02:00
Stefan Metzmacher
c16c90a1cb s3:smbd: use new simplified snb_signing code in the server
We keep the seqnum/mid mapping in the smb_request structure.

This also moves one global variable into the
smbd_server_connection struct.

metze
2009-03-23 12:21:13 +01:00
Volker Lendecke
4aed9abbf8 Remove the static "chal" from ntlmssp.c:get_challenge() 2009-02-21 14:04:14 +01:00
Dan Sledz
d96248a9b4 Add two new parameters to control how we verify kerberos tickets. Removes lp_use_kerberos_keytab parameter.
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum.  Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab

For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only

The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.

The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode.  This keytab is only used in
ads_verify_ticket.
2009-02-01 20:23:31 -08:00
Stefan Metzmacher
3dde0cbb76 s3:smbd: move all globals and static variables in globals.[ch]
The goal is to move all this variables into a big context structure.

metze
2009-01-08 12:22:21 +01:00