sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-12 20:58:37 +03:00
Code
samba-mirror/source3/smbd
History
Stefan Metzmacher f3ddfb828e s3:smbd: allow anonymous encryption after one authenticated session setup 
I have captures where a client tries smb3 encryption on an anonymous session,
we used to allow that before commit da7dcc443f45d07d9963df9daae458fbdd991a47
was released with samba-4.15.0rc1.

Testing against Windows Server 2022 revealed that anonymous signing is always
allowed (with the session key derived from 16 zero bytes) and
anonymous encryption is allowed after one authenticated session setup on
the tcp connection.

https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2024-05-23 12:35:37 +00:00
..
notifyd
smbd: Slightly simplify notifyd_send_delete()
2024-04-23 17:53:36 +00:00
avahi_register.c
blocking.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
close.c
smbd: Modernize a few DEBUGs
2024-05-15 16:51:39 +00:00
conn_idle.c
smbd: Remove sconn->using_smb2
2024-04-17 07:57:36 +00:00
conn_msg.c
conn.c
smbd: Add conn_using_smb2()
2024-04-17 07:57:36 +00:00
connection.c
dfree.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
dir.c
smbd: Remove sconn->using_smb2
2024-04-17 07:57:36 +00:00
dir.h
smbd: Give source3/smbd/dir.c its own header file
2023-12-19 16:05:36 +00:00
dmapi.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
dnsregister.c
dosmode.c
smbd: Return FILE_ATTRIBUTE_REPARSE_POINT from "user.DOSATTRIB"
2024-05-06 20:55:37 +00:00
durable.c
smbd: Modernize a DEBUG statement
2023-11-15 05:10:35 +00:00
error.c
s3: smbd: Rename reply_outbuf() -> reply_smb1_outbuf().
2022-04-07 17:37:30 +00:00
fake_file.c
smbd: Fix whitespace
2023-11-01 18:55:32 +00:00
fd_handle.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
fd_handle.h
smbd: fd_handle.h does not need includes.h
2022-04-26 21:41:29 +00:00
file_access.c
smbd: use check_any_access_fsp() for all access checks
2024-01-08 15:53:36 +00:00
fileio.c
smbd: allow POSIX opens for file_set_dosmode() in mark_file_modified()
2023-11-05 18:34:38 +00:00
filename.c
smbd: Remove sconn->using_smb2
2024-04-17 07:57:36 +00:00
files.c
smbd: Remove struct open_symlink_err
2024-03-28 08:05:35 +00:00
globals.c
smbd: Slightly simplify set_current_case_sensitive()
2022-12-14 22:54:29 +00:00
globals.h
s3:smbd: allow anonymous encryption after one authenticated session setup
2024-05-23 12:35:37 +00:00
mangle_hash2.c
s3:smbd: Add missing newlines to logging messages
2023-08-08 04:39:38 +00:00
mangle_hash.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
mangle.c
msdfs.c
s3:smbd: Fix code spelling
2024-02-08 02:48:44 +00:00
notify_fam.c
notify_inotify.c
smbd: Align two integer types
2020-11-04 18:55:39 +00:00
notify_msg.c
notifyd: Factor out notify_walk() into its own file
2020-10-24 05:57:31 +00:00
notify.c
s3:notify: don't log user_can_stat_name_under_fsp with level 0 for OBJECT_NAME_NOT_FOUND
2024-04-23 14:17:32 +00:00
ntquotas.c
smbd: Fix some whitespace
2023-11-01 18:55:32 +00:00
open.c
smbd: Simplify request_timed_out
2024-05-22 04:23:29 +00:00
oplock_linux.c
s3:smbd: Add missing newlines to logging messages
2023-08-08 04:39:38 +00:00
password.c
smbd: Give smbXsrv_session.c its own header file
2024-03-12 13:31:31 +00:00
posix_acls.c
Revert "posix_acls.c: prefer capabilities over become_root"
2024-03-27 09:40:34 +00:00
proto.h
smbd: Remove message_to_share_mode_entry and vice versa
2024-04-30 22:44:32 +00:00
pysmbd.c
Use python.h from libreplace
2023-11-20 15:37:33 +00:00
quotas.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
scavenger.c
s3:smbd: Avoid integer overflow (CID 1035487)
2023-10-13 02:18:31 +00:00
scavenger.h
seal.c
sec_ctx.c
libcli/security: Rename dup_nt_token() -> security_token_duplicate()
2023-09-26 23:45:36 +00:00
server_exit.c
smbd: Give smbXsrv_session.c its own header file
2024-03-12 13:31:31 +00:00
server_reload.c
smbd: Remove source3/smbd/statcache.c
2022-12-14 22:54:29 +00:00
server.c
smbd-server: Process ip add/drop events for options:dynamic only
2024-04-16 23:51:45 +00:00
session.c
share_access.c
Revert "s3:smbd: Remove NIS support"
2022-06-09 21:45:28 +00:00
smb1_aio.c
smbd: Remove unused "pcd" arg from smb1_srv_send()
2023-06-05 17:17:35 +00:00
smb1_aio.h
smbd: Move schedule_aio_write_and_X to smb1_aio.c
2022-04-07 17:37:29 +00:00
smb1_ipc.c
s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer.
2023-08-14 15:55:43 +00:00
smb1_ipc.h
smbd: Move ipc.c -> smb1_ipc.c
2022-04-07 17:37:29 +00:00
smb1_lanman.c
lib: Give lib/util/util_file.c its own header file
2024-04-16 23:51:45 +00:00
smb1_lanman.h
smbd: Move lanman.c -> smb1_lanman.c
2022-04-07 17:37:29 +00:00
smb1_message.c
s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer.
2023-08-14 15:55:43 +00:00
smb1_message.h
smbd: Move message.c -> smb1_message.c
2022-04-07 17:37:29 +00:00
smb1_negprot.c
s3:smbd: Add missing newlines to logging messages
2023-08-08 04:39:38 +00:00
smb1_negprot.h
smbd: Move negprot.c -> smb1_negprot.c
2022-04-07 17:37:29 +00:00
smb1_nttrans.c
s3: smbd: Now we have proved hardlink_internals() doesn't use src_dirfsp and dst_dirfsp, remove the parameters.
2023-09-19 19:51:47 +00:00
smb1_nttrans.h
smbd: Remove duplicate read_nttrans_ea_list function prototype
2022-04-07 17:37:30 +00:00
smb1_oplock.c
smbd: Remove unused "pcd" arg from smb1_srv_send()
2023-06-05 17:17:35 +00:00
smb1_oplock.h
smbd: Move send_break_message_smb1 to smb1_oplock.c
2022-04-07 17:37:29 +00:00
smb1_pipes.c
smbd: Remove code #ifdef'ed out >23years ago
2023-11-01 18:55:32 +00:00
smb1_pipes.h
smbd: Move reply_pipe_write to smb1_pipes.c
2022-04-07 17:37:30 +00:00
smb1_process.c
smbd: Remove sconn->using_smb2
2024-04-17 07:57:36 +00:00
smb1_process.h
smbd: Remove unused "deferred_pcd" from process_smb1()
2023-06-05 17:17:35 +00:00
smb1_reply.c
smbd: Remove an unused function parameter
2024-05-22 04:23:29 +00:00
smb1_reply.h
s3: smbd: Move reply_findnclose() from trans2.c to smb1_reply.c
2022-04-07 17:37:30 +00:00
smb1_service.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
smb1_service.h
smbd: Move make_connection to smb1_service.c
2022-04-07 17:37:29 +00:00
smb1_sesssetup.c
smbd: Give smbXsrv_session.c its own header file
2024-03-12 13:31:31 +00:00
smb1_sesssetup.h
smbd: Move sesssetup.c -> smb1_sesssetup.c
2022-04-07 17:37:29 +00:00
smb1_signing.c
CVE-2023-3347: smbd: pass lp_ctx to smb[1|2]_srv_init_signing()
2023-07-21 12:05:35 +00:00
smb1_signing.h
CVE-2023-3347: smbd: pass lp_ctx to smb[1|2]_srv_init_signing()
2023-07-21 12:05:35 +00:00
smb1_trans2.c
smbd: Simplify smb_set_file_unix_link()
2024-04-23 17:53:36 +00:00
smb1_trans2.h
smbd: Move handling smb_set_posix_lock() to smb1_trans2.c
2023-01-04 08:54:32 +00:00
smb1_utils.c
smbd: Move filename_convert_smb1_search_path() to smb1-only code
2023-11-01 18:55:32 +00:00
smb1_utils.h
smbd: Move filename_convert_smb1_search_path() to smb1-only code
2023-11-01 18:55:32 +00:00
smb2_aio.c
s3: smbd: Add some DEVELOPER-only code to panic if the destructor for an aio_lnk is called and the associated fsp doesn't exist.
2023-09-20 01:49:34 +00:00
smb2_break.c
s3: smbd: Correctly set smb2req->smb1req->posix_pathnames from the calling fsp on SMB2 calls.
2023-03-31 20:22:38 +00:00
smb2_close.c
smbd: don't leak the fsp if close_file_smb() fails
2023-07-10 21:32:32 +00:00
smb2_create.c
smbd: Add reparse tag to smb3_posix_cc_info
2024-05-14 23:29:46 +00:00
smb2_flush.c
smbd: use check_any_access_fsp() for all access checks
2024-01-08 15:53:36 +00:00
smb2_getinfo.c
smbd: use check_any_access_fsp() for all access checks
2024-01-08 15:53:36 +00:00
smb2_glue.c
s3: smbd: Correctly set smb2req->smb1req->posix_pathnames from the calling fsp on SMB2 calls.
2023-03-31 20:22:38 +00:00
smb2_ioctl_dfs.c
smb2_ioctl_filesys.c
smbd: rename check_access_fsp() to check_any_access_fsp()
2024-01-08 15:53:36 +00:00
smb2_ioctl_named_pipe.c
smb2_ioctl_network_fs.c
lib: Make GUID_to_ndr_buf() return void
2024-03-12 13:31:31 +00:00
smb2_ioctl_private.h
s3: smbd: Split out smb2_ioctl_smbtorture() into a separate file.
2021-08-11 19:16:29 +00:00
smb2_ioctl_smbtorture.c
s3: smbd: Call smbd_fsctl_torture_async_sleep() when we get FSCTL_SMBTORTURE_FSP_ASYNC_SLEEP.
2021-08-11 19:16:29 +00:00
smb2_ioctl.c
s3:smbd: Remove unreachable code (CID 710840)
2023-11-02 03:08:37 +00:00
smb2_ipc.c
smbd: Move nt_status_np_pipe to smb2_ipc.c
2022-04-07 17:37:29 +00:00
smb2_keepalive.c
smb2_lock.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
smb2_negprot.c
smbd: Save a few bytes of .text
2024-04-30 22:44:32 +00:00
smb2_notify.c
s3: smbd: Correctly set smb2req->smb1req->posix_pathnames from the calling fsp on SMB2 calls.
2023-03-31 20:22:38 +00:00
smb2_nttrans.c
smbd: Remove sconn->using_smb2
2024-04-17 07:57:36 +00:00
smb2_oplock.c
smbd: Use struct oplock_break_message for MSG_SMB_KERNEL_BREAK
2024-04-30 22:44:32 +00:00
smb2_pipes.c
smbd: Use security_token_count_flag_sids() in open_np_file()
2023-05-16 10:53:40 +00:00
smb2_posix.c
smbd: add inode marshalling in smb3_file_posix_information_init()
2023-10-26 16:32:30 +00:00
smb2_process.c
smbd: Remove sconn->using_smb2
2024-04-17 07:57:36 +00:00
smb2_query_directory.c
smbd: Slightly simplify smbd_smb2_query_directory_send()
2023-12-19 16:05:36 +00:00
smb2_read.c
smbd: Remove a no-op call to init_strict_lock_struct
2024-05-22 04:23:29 +00:00
smb2_reply.c
smbd: Modernize a few DEBUGs
2024-05-14 22:29:36 +00:00
smb2_server.c
s3:smbd: allow anonymous encryption after one authenticated session setup
2024-05-23 12:35:37 +00:00
smb2_service.c
smbd: Remove sconn->using_smb2
2024-04-17 07:57:36 +00:00
smb2_sesssetup.c
s3:smbd: allow anonymous encryption after one authenticated session setup
2024-05-23 12:35:37 +00:00
smb2_setinfo.c
lib: Remove timeval_set()
2024-03-22 06:07:42 +00:00
smb2_signing.c
CVE-2023-3347: smbd: fix "server signing = mandatory"
2023-07-21 13:03:09 +00:00
smb2_tcon.c
s3:smbd: allow anonymous encryption after one authenticated session setup
2024-05-23 12:35:37 +00:00
smb2_trans2.c
smbd: Remove an unnecessary else
2024-05-22 04:23:29 +00:00
smb2_write.c
smbd: replace CHECK_WRITE() macro with calls to check_any_access_fsp()
2024-01-08 15:53:36 +00:00
smbd_cleanupd.c
s3:smbd: Fix code spelling
2023-07-19 09:58:37 +00:00
smbd_cleanupd.h
smbd.h
smbd: Hide the SMB1 posix symlink behaviour behind UCF_LCOMP_LNK_OK
2022-12-22 19:50:34 +00:00
smbXsrv_client.c
smbd: Fix a copy&paste error in smbXsrv_client_remove()
2024-04-30 22:44:32 +00:00
smbXsrv_open.c
smbd: Simplify smbXsrv_open_clear_replay_cache()
2024-04-30 22:44:32 +00:00
smbXsrv_open.h
smbd: Remove smbXsrv_open_global0->db_rec
2023-02-13 10:49:43 +00:00
smbXsrv_session.c
smbd: Simplify an if-condition
2024-04-30 22:44:32 +00:00
smbXsrv_session.h
smbd: Give smbXsrv_session.c its own header file
2024-03-12 13:31:31 +00:00
smbXsrv_tcon.c
s3:smbd: Fix code spelling
2023-10-25 22:23:37 +00:00
smbXsrv_version.c
smbXsrv_version: Use a struct assignment
2024-03-12 13:31:31 +00:00
srvstr.c
smbd: Move message_push_string() to smb1_utils.c
2022-06-06 19:22:28 +00:00
statvfs.c
smbd: Fix the build on FreeBSD
2022-08-04 20:44:32 +00:00
uid.c
smbd: Give smbXsrv_session.c its own header file
2024-03-12 13:31:31 +00:00
utmp.c
vfs.c
smbd: Convert a void* into the real DIR*
2023-11-21 17:34:36 +00:00