summaryrefslogtreecommitdiffstats
path: root/source3/rpc_server
Commit message (Collapse)AuthorAgeFilesLines
...
* s3: rpc_server/srvsvc: count open files in NetConnEnumShekhar Amlekar2014-04-031-11/+47
| | | | | | | | | Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Apr 3 21:19:43 CEST 2014 on sn-devel-104
* s3: rpc_server/srvsvc: count share connections in NetConnEnumShekhar Amlekar2014-04-031-9/+45
| | | | | | Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s3: rpc_server/srvsvc: added routines to compute opens on share connections.Shekhar Amlekar2014-04-031-0/+49
| | | | | | | | | Added routines count_share_opens() and share_file_fn() to count opens on share connections. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s3: rpc_server/srvsvc: Added routines to count share connections.Shekhar Amlekar2014-04-031-0/+64
| | | | | | | | | Added routines count_share_conns() and share_conn_fn() to count connections to a share. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s3-samr: Refuse to set lockout_duration < lockout_window per ↵Andrew Bartlett2014-04-021-0/+17
| | | | | | | | | | | | rpc.samr.passwords.lockout This was not noticed previously because the test was not run. Andrew Bartlett Change-Id: I88701b6c3057ec26f44b3ccab4134ac9aabe552a Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Finally change make_user_info_*() use a parent talloc contextAndrew Bartlett2014-04-021-3/+5
| | | | | | Change-Id: Iedf516e8c24e0d18064aeedd8e287ed692d3c5b4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3:rpc_server: explicitly use allow_warnings=True for RPC_SPOOLSSStefan Metzmacher2014-04-021-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/gensec: remove tevent_context argument from gensec_update()Stefan Metzmacher2014-03-271-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-rpc_server: Fix handling of fragmented rpc requests.Andreas Schneider2014-03-201-12/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need to call pipe_init_outgoing_data() as the first thing in process_complete_pdu(). Otherwise the caller may use uninitialized memory and tries to write a response into the socket. The problem happens only if a real socket is used, which means in all cases for master and only with external rpc daemons in v4-0 and v4-1. The problem looks like this in the logs. [2014/03/20 14:49:35.531663, 10, pid=7309, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1627(process_complete_pdu) Processing packet type 0 [2014/03/20 14:49:35.531695, 10, pid=7309, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1472(dcesrv_auth_request) Checking request auth. [2014/03/20 14:49:35.531738, 10, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:521(named_pipe_packet_process) Sending 1 fragments in a total of 0 bytes [2014/03/20 14:49:35.531769, 10, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:526(named_pipe_packet_process) Sending PDU number: 0, PDU Length: 4294967228 [2014/03/20 14:49:35.531801, 2, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:565(named_pipe_packet_done) Writev failed! [2014/03/20 14:49:35.531845, 2, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:595(named_pipe_packet_done) Fatal error(Message too long). Terminating client(127.0.0.1) connection! BUG: https://bugzilla.samba.org/show_bug.cgi?id=10481 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Guenther Deschner <gd@samba.org Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Thu Mar 20 18:30:17 CET 2014 on sn-devel-104
* CVE-2013-4496:samr: Remove ChangePasswordUserAndrew Bartlett2014-03-131-161/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This old password change mechanism does not provide the plaintext to validate against password complexity, and it is not used by modern clients. It also has quite difficult semantics to handle regarding password lockout. The missing features in both implementations (by design) were: - the password complexity checks (no plaintext) - the minimum password length (no plaintext) Additionally, the source3 version did not check: - the minimum password age - pdb_get_pass_can_change() which checks the security descriptor for the 'user cannot change password' setting. - the password history - the output of the 'passwd program' if 'unix passwd sync = yes'. Finally, the mechanism was almost useless, as it was incorrectly only made available to administrative users with permission to reset the password. It is removed here so that it is not mistakenly reinstated in the future. Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245 Change-Id: If2edd3183c177e5ff37c9511b0d0ad0dd9038c66 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-on: https://gerrit.samba.org/37
* CVE-2013-4496:s3-samr: Block attempts to crack passwords via repeated ↵Andrew Bartlett2014-03-132-16/+129
| | | | | | | | | | | | | | password changes Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245 Change-Id: Ic31774275f07e003e7c2682a856ccb2d5a7939de Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-on: https://gerrit.samba.org/162
* rpc_server: change unsupported pipe errorDavid Disseldorp2014-03-051-3/+2
| | | | | | | | | | | | | | | smbd currently prints the following level 0 error when a client attempts to connect to an unsupported named pipe (e.g. browser): ERROR! 'browser' is not a registred pipe This change reduces the severity of the error (0->2) and fixes a couple of typos. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Mar 5 16:31:42 CET 2014 on sn-devel-104
* s3-auth: Pass mem_ctx to auth_check_ntlm_password().Andreas Schneider2014-02-191-2/+4
| | | | | | | | | | Coverity-Id: 1168009 BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598 Signed-off-by: Andreas Schneider <asn@samba.org> Change-Id: Ie01674561a6a75239a13918d3190c2f21c3efc7a Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3: printing: Fix problem with server taking too long to respond to a ↵Jeremy Allison2014-02-181-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MSG_PRINTER_DRVUPGRADE message. Receiving a MSG_PRINTER_DRVUPGRADE causes smbd to iterate over all printers looking for ones that uses the driver. This is a very expensive operation requiring a read of all registry printer parameters. On a system with a large number of printers, this causes the clients to timeout (smbd can take longer than 60 seconds to respond). This patch fixes the problem by forwarding the MSG_PRINTER_DRVUPGRADE to the background lpq queue updater process and allowing it to take care of the updating of the changeid in the registry, allowing the smbd connected to the client to return to processing requests immediately. https://bugzilla.samba.org/show_bug.cgi?id=9942 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Feb 18 17:48:30 CET 2014 on sn-devel-104
* s3:srv_epmapper: make use of dcerpc_binding_get_abstract_syntax()Stefan Metzmacher2014-02-131-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:srv_epmapper: make use of dcerpc_binding_*() functions in build_ep_list()Stefan Metzmacher2014-02-131-6/+34
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:srv_epmapper: use dcerpc_binding_get_abstract_syntax() in _epm_Insert()Stefan Metzmacher2014-02-131-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:srv_epmapper: use dcerpc_binding_get_transport() in _epm_Insert() and ↵Stefan Metzmacher2014-02-131-2/+7
| | | | | | | _epm_Delete() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:srv_epmapper: make use of dcerpc_binding_*() functions in endpoints_match()Stefan Metzmacher2014-02-131-11/+26
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:rpc_server: make use of dcerpc_binding_set_abstract_syntax()Stefan Metzmacher2014-02-131-1/+7
| | | | | | | This is better than accessing the dcerpc_binding internals. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:rpc_server: make use of dcerpc_parse_binding() to create a binding.Stefan Metzmacher2014-02-131-7/+10
| | | | | | | This makes sure binding is talloc'ed. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* param: change fstype to use a constant stringGarming Sam2014-02-121-1/+1
| | | | | | | | Substitution isn't really necessary for this parameter. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:srv_epmapper: only replace ipv4 addresses in _epm_Lookup() and _epm_Map()Stefan Metzmacher2014-02-111-2/+6
| | | | | | | | The floor data for EPM_PROTOCOL_IP only handles a 4 byte ipv4 address. "0.0.0.0" is used for ipv6 and hostnames. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:srv_epmapper: fix logic in endpoints_match()Stefan Metzmacher2014-02-111-6/+18
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:rpc_server: initialize struct dcerpc_binding completelyStefan Metzmacher2014-02-111-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:rpc_server: check verification trailerGregor Beck2014-02-111-0/+44
| | | | | | Signed-off-by: Gregor Beck <gbeck@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:rpc_server: check header of each packet fragmentGregor Beck2014-02-112-0/+14
| | | | | | Signed-off-by: Gregor Beck <gbeck@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:rpc_server: only become the user if we have a valid context_idStefan Metzmacher2014-02-111-21/+20
| | | | | | | | Pair-Programmed-With: Gregor Beck <gbeck@sernet.de> Signed-off-by: Gregor Beck <gbeck@sernet.de> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:rpc_server: minor refactoring of process_request_pdu()Gregor Beck2014-02-111-15/+10
| | | | | | Signed-off-by: Gregor Beck <gbeck@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* param: rename lp function and variable from "ms_add_printer_wizard" to ↵Garming Sam2014-02-071-1/+1
| | | | | | | | "show_add_printer_wizard" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "enumports_cmd" to ↵Garming Sam2014-02-071-1/+1
| | | | | | | | "enumports_command" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "deleteprinter_cmd" to ↵Garming Sam2014-02-071-1/+1
| | | | | | | | "deleteprinter_command" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "addprinter_cmd" to ↵Garming Sam2014-02-071-3/+3
| | | | | | | | "addprinter_command" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "addport_cmd" to "addport_command"Garming Sam2014-02-071-1/+1
| | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "delete_share_cmd" to ↵Garming Sam2014-02-071-2/+2
| | | | | | | | "delete_share_command" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "change_share_cmd" to ↵Garming Sam2014-02-071-3/+3
| | | | | | | | "change_share_command" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "add_share_cmd" to ↵Garming Sam2014-02-071-2/+2
| | | | | | | | "add_share_command" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "serverstring" to "server_string"Garming Sam2014-02-072-4/+4
| | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from 'passwordserver' to ↵Garming Sam2014-02-071-1/+1
| | | | | | | | 'password_server' Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from 'guestaccount' to 'guest_account'Garming Sam2014-02-071-1/+1
| | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: rpc_server/srvsvc: NetShareSetInfo - let CSC policy be settable.Shekhar Amlekar2014-02-061-8/+24
| | | | | | | | | | The current code simply denies changing the csc policy through RPC calls. Change that to allow changing the csc policy and call the 'change share command' when a SetInfo RPC call changes the setting. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s3: rpc_server/srvsvc: NetShareSetInfo - Correctly initialize ↵Shekhar Amlekar2014-02-061-0/+2
| | | | | | | | max_connections for info levels != 2 before calling the change share script. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* loadparm: rename lp[cfg]_print_ok to lp[cfg]_printable for consistency with docsMichael Adam2014-02-033-8/+8
| | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* loadparm: rename lp[cfg]_hostsdeny to lp[cfg]_hosts_deny for consistency ↵Michael Adam2014-02-031-1/+1
| | | | | | | | | with docs Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* loadparm: rename lp[cfg]_hostsallow to lp[cfg]_hosts_allow for consistency ↵Michael Adam2014-02-031-1/+1
| | | | | | | | | with docs Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* loadparm: rename lp[cfg]_pathname to lp[cfg]_path for consistency with docsMichael Adam2014-02-032-14/+14
| | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s3:rpc_server/netlogon: return a zero return_authenticator on errorStefan Metzmacher2014-01-221-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3: rpc_server/srvsvc: Avoiding the loop around locking tdb traversal.Shekhar Amlekar2014-01-181-49/+6
| | | | | | | | | | | | | | | | The current code for determining the number of open files iterates over the session list and for each session it traverses the locking tdb to get the open files. This scales badly for a large server with many sessions and open files. Instead, get the list of sessions first, and then determine the number of open files on all sessions in a single traversal of locking tdb. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jan 18 01:11:32 CET 2014 on sn-devel-104
* s3: rpc_server/srvsvc: Adding functions to determine open files on all sessions.Shekhar Amlekar2014-01-171-0/+55
| | | | | | | | | Introduce helper functions for counting the number of open files on an array of sessions. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3: rpc_server/srvsvc: Ensure we don't continually realloc inside ↵Jeremy Allison2014-01-171-11/+22
| | | | | | | | | init_srv_sess_info_1(). Just allocate the return value directly. Makes iteration of open files much easier. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
generated by cgit (git 2.34.1) at 2025-09-01 23:02:53 +0000