1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

817 Commits

Author SHA1 Message Date
ouyang.xu
98ea4a2219 pvfs_open win10 fix, need return SMB2_CREATE_TAG_QFID
Signed-off-by: kkhaike <kkhaike@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>

Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Fri Aug 19 09:35:15 CEST 2016 on sn-devel-144
2016-08-19 09:35:14 +02:00
Andrew Bartlett
0b4c741b9c build: Build less of Samba when building --without-ntvfs-fileserver
We would build, but not use, many components of the NTVFS file server
even when we asked not to.  They would then consume disk, but not be
of any use

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-06-02 16:36:15 +02:00
Ralph Boehme
b720575f16 CVE-2016-2115: s3:libsmb: add signing constant SMB_SIGNING_IPC_DEFAULT
SMB_SIGNING_IPC_DEFAULT must be used from s3 client code when opening
RPC connections.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-04-12 19:25:26 +02:00
Stefan Metzmacher
44dd523d6c CVE-2016-2114: s4:smb2_server: fix session setup with required signing
The client can't sign the session setup request...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
70452c90a5 CVE-2016-2111: s4:smb_server: implement "raw NTLMv2 auth" checks
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:24 +02:00
Günther Deschner
fe93a09889 s4-smb_server: check for return code of cli_credentials_set_machine_account().
We keep anonymous server_credentials structure in order to let
the rpc.spoolss.notify start it's test server.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-03-17 17:17:16 +01:00
Michael Adam
476672b647 dlist: remove unneeded type argument from DLIST_ADD_END()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-02-06 21:48:17 +01:00
Andrew Bartlett
71dcc76b70 build: Enable NTVFS file server to be omitted
We now only build it by default with --enable-sefltest, or otherwise
if requested.

The NTVFS file server still has features not present in the smbd file
server, such as a CIFS/SMB proxy, and a radically different design,
but it is also not undergoing any ongoing development so this keeps it
in a safe state for care and maintaince, with less of a security risk
if such an issue were to come up.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-10-23 22:27:30 +02:00
Michael Adam
204cbe3645 Introduce setting "desired" for 'smb encrypt' and 'client/server signing'
This should trigger the behaviour where the server requires
signing when the client supports it, but does not reject
clients that don't support it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-07-07 14:05:27 +02:00
Volker Lendecke
06f4ba3217 lib: Remove server_id_str()
Call server_id_str_buf instead

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 28 20:48:01 CEST 2015 on sn-devel-104
2015-04-28 20:48:01 +02:00
Richard Sharpe
f0e9ba91c0 Rename SMB2_OP_FIND to SMB2_OP_QUERY_DIRECTORY so that it conforms with the MS document MS-SMB2.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 27 01:24:47 CET 2015 on sn-devel-104
2015-03-27 01:24:47 +01:00
David Disseldorp
d1e664f154 s4/ntvfs: support FS_SECTOR_SIZE_INFORMATION query-info
Return the same values as used by s3fs.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-18 18:57:21 +01:00
Stefan Metzmacher
4a0c2605ac s4:smb_server/smb2: remove unused _pad variables
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-11-25 07:25:45 +01:00
Stefan Metzmacher
de9cd397a9 s4:smb_server/smb2: avoid unused warnings in smb2srv_setinfo_send()
op->req and req have the same value.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-11-25 07:25:45 +01:00
Volker Lendecke
e8996582c6 lib: Move "large_file_support()" to the source4 smb server
That's the only place where it's used, make it static there.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-09-17 00:31:21 +02:00
Stefan Metzmacher
7377aa11f7 s4:smb_server/smb: fix invalid pointer type warnings in negprot.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-04-02 09:03:44 +02:00
Stefan Metzmacher
4fa922cc0f s4:smb_server/smb: fix declaration after code warnings in negprot.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-04-02 09:03:44 +02:00
Stefan Metzmacher
a18fba4081 s4:smb_server: make use of gensec_update_ev()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-03-27 00:36:32 +01:00
Stefan Metzmacher
f7883ae02a s4:lib/socket: simplify iface_list_wildcard() and its callers
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10464
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Change-Id: Ib317d71dea01fc8ef6b6a26455f15a8a175d59f6
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar  7 02:18:17 CET 2014 on sn-devel-104
2014-03-07 02:18:17 +01:00
Garming Sam
bce62e6000 s4: pass down a memory context when performing share_string_option, to allow substitutions
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Change-Id: I24b36db3ac11834c3268b2da929e214c10268b16
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@samba.org>
2014-02-20 10:11:00 +13:00
Andrew Bartlett
86850860f8 lib/param: Normalise "read raw" and "write raw" parameters
They have been changed to function like normal parameters,
removing a special case in the loadparm system.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-12 13:17:13 +13:00
Garming Sam
63598ff628 param: rename lp function and variable from "encrypted_passwords" to "encrypt_passwords"
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-02-07 16:19:15 -08:00
Garming Sam
fc111c7875 param: rename lp function and variable from "srv_minprotocol" to "server_min_protocol"
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-02-07 16:19:15 -08:00
Garming Sam
64dc4b59f8 param: rename lp function and variable from "srv_maxprotocol" to "server_max_protocol"
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-02-07 16:19:15 -08:00
Garming Sam
57d407430f param: rename lp function and variable from "maxmux" to "max_mux"
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-02-07 16:19:15 -08:00
Andrew Bartlett
bd0f9f4dec ntvfs: Remove CAP_UNIX from the ntvfs file server as it was never finished
Only some of the unix extensions where implemented, but this was enough
to caused the samba3.smbtorture_s3.plain(dc).LARGE_READX to fail when they
are enabled (as is the default in source3/param).

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Reviewed-by: Nadezhda Ivanova <nivanova@samba.org>
2014-01-14 23:44:26 +01:00
Andrew Bartlett
e665fc3940 lib/param: Consolidate code to enable smb signing on the server, always enable on AD DC
This uses the code from the source4/ SMB server (the NTVFS smb server)
in common, to force SMB Signing to be on when we are an AD DC.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Nov 22 13:13:05 CET 2013 on sn-devel-104
2013-11-22 13:13:03 +01:00
Andreas Schneider
12a2230581 s4-smb_server: Fix a use after free.
If we haven't allocated the smbsrv_session then we should not free it.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-11-08 09:45:10 -08:00
Stefan Metzmacher
afb2bcc084 s4:smb_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the smb_server task.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-13 12:37:04 +02:00
David Disseldorp
ed76e65172 ntvfs: support setfileinfo with FULL_EA_INFORMATION
Use existing unmarshall and set helper functions. This allows the
smb2.setinfo.setinfo test to run against the ntvfs file server.

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr  3 16:14:33 CEST 2013 on sn-devel-104
2013-04-03 16:14:32 +02:00
Stefan Metzmacher
5a05e687ce s4:smb_server: fix large read_andx requests
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-20 09:32:26 -07:00
Andrew Bartlett
b8815dc23d lib/param: Create a seperate server role for "active directory domain controller"
This will allow us to detect from the smb.conf if this is a Samba4 AD
DC which will allow smarter handling of (for example) accidentially
starting smbd rather than samba.

To cope with upgrades from existing Samba4 installs, 'domain
controller' is a synonym of 'active directory domain controller' and
new parameters 'classic primary domain controller' and 'classic backup
domain controller' are added.

Andrew Bartlett
2012-06-15 09:18:33 +02:00
Stefan Metzmacher
0beede33a7 s4:smb_server/smb: fix talloc_free() bug
ERROR: talloc_free with references at ../source4/smb_server/smb/receive.c:637
        reference at ../source4/ntvfs/posix/pvfs_wait.c:86

metze
2012-05-24 18:16:37 +02:00
Alexander Bokovoy
2ddf89a2bc Introduce system MIT krb5 build with --with-system-mitkrb5 option.
System MIT krb5 build also enabled by specifying --without-ad-dc

When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.

Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
  * Samba 4 client libraries and their Python bindings
  * Samba 3 server (smbd, nmbd, winbindd from source3/)
  * Samba 3 client libraries

In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
2012-05-23 17:51:50 +03:00
Stefan Metzmacher
49dbd38047 s4:smb_server/smb: only create a new session with vuid == 0
metze
2012-05-09 01:02:16 +02:00
Andreas Schneider
dba2ed9ac1 s4-smb2: Fix a talloc crash bug.
The talloc context needs to be initialzed or NULL. So move
talloc_steal() to the position where req is initialized.

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Apr 11 15:59:39 CEST 2012 on sn-devel-104
2012-04-11 15:59:39 +02:00
Stefan Metzmacher
c7a3b8ae21 s4:smb_server/smb2: add missing 'return;' statements in smb2srv_chain_reply()
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Apr  2 23:02:53 CEST 2012 on sn-devel-104
2012-04-02 23:02:52 +02:00
Stefan Metzmacher
d72641ef76 s4:smb_server/smb2: after smbsrv_terminate_connection() we have to return
req is a talloc child of the connection...

metze
2012-04-02 21:26:08 +02:00
Stefan Metzmacher
e01d6f4af0 s4:smb_server/smb2: fix memory leak in smb2srv_chain_reply()
metze
2012-04-02 21:26:08 +02:00
Stefan Metzmacher
dca4e6eb6e s4:smb_server/smb2: use helper variable smb2srv_chain_reply()
metze
2012-04-02 21:26:08 +02:00
Stefan Metzmacher
6865241fdd s4:smb_server/smb: remove a request from the list before adding the next one in a chain.
metze
2012-04-02 21:26:07 +02:00
Andrew Bartlett
781bb3617b s4-smb_server: Put error from share_get_config() into the logs 2012-03-07 12:46:13 +01:00
Andrew Tridgell
8db121be42 s3fs: added file_server directory
this contains a file server backend that forks and starts smbd

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2012-02-28 12:01:08 +01:00
Andrew Bartlett
63c96b3a58 s4-smb_server Remove inetd-mode samba3 hook 2012-02-28 12:01:08 +01:00
Andrew Bartlett
e786e8fef9 auth: Reorder arguments to generate_session_info
This matches check_ntlm_password() and generate_session_info_pac()

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Feb 18 02:19:35 CET 2012 on sn-devel-104
2012-02-18 02:19:35 +01:00
Andrew Bartlett
caf485a2bd auth: Pass in the SMB username (for %U) into generate_session_info
This matches what Samba3 does.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Feb 13 01:25:59 CET 2012 on sn-devel-104
2012-02-13 01:25:59 +01:00
Jelmer Vernooij
e92302d707 smb_server: Preserve signedness of string push return value. 2012-02-07 01:11:07 +01:00
Andrew Bartlett
56e760f8f1 s4-smb_server No longer follow the security=share smb.conf directive
By ignoring the value of security= from the smb.conf, we can allow this
to instead set the value of 'server role' in a manner compatible
with the Samba 3.x release stream.

Andrew Bartlett
2011-11-08 02:58:06 +01:00
Günther Deschner
185b94eefa nbt: trim down header dependencies of nbt.idl.
Guenther
2011-11-03 18:35:08 +01:00
Stefan Metzmacher
beb5687e9e s4:smb_server: s/SMB_SIGNING_SUPPORTED/SMB_SIGNING_IF_REQUIRED/
metze
2011-11-03 16:55:12 +01:00