summaryrefslogtreecommitdiffstats
path: root/source3/smbd/lanman.c
Commit message (Collapse)AuthorAgeFilesLines
* lanman: don't leak cache_path onto talloc tosDavid Disseldorp2014-10-061-2/+9
| | | | | | | | | | | Also check for allocation failures. Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Oct 6 21:41:22 CEST 2014 on sn-devel-104
* s3: smbd: Change the function signature of srvstr_push() from returning a ↵Jeremy Allison2014-09-161-2/+7
| | | | | | | | | | | | | | | | | length to returning an NTSTATUS with a length param. srvstr_push_fn() now returns an NTSTATUS reporting any string conversion failure. We need to get serious about returning character set conversion errors inside smbd. Bug 10775 - smbd crashes when accessing garbage filenames https://bugzilla.samba.org/show_bug.cgi?id=10775 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* printing: only reload printer shares on client enumDavid Disseldorp2014-08-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Currently, automatic printer share updates are handled in the following way: - Background printer process (BPP) forked on startup - Parent smbd and per-client children await MSG_PRINTER_PCAP messages - BPP periodically polls the printing backend for printcap data - printcap data written to printer_list.tdb - MSG_PRINTER_PCAP sent to all smbd processes following update - smbd processes all read the latest printer_list.tdb data, and update their share listings This procedure is not scalable, as all smbd processes hit printer_list.tdb in parallel, resulting in a large spike in CPU usage. This change sees smbd processes only update their printer share lists only when a client asks for this information, e.g. via NetShareEnum or EnumPrinters. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652 Suggested-by: Volker Lendecke <vl@samba.org> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3: smbd - fix processing of packets with invalid DOS charset conversions.Jeremy Allison2014-06-251-2/+2
| | | | | | | | | | | | | | | CVE-2014-3493 Bug 10654 - Segmentation fault in smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler https://bugzilla.samba.org/show_bug.cgi?id=10654 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 25 03:47:55 CEST 2014 on sn-devel-104
* CVE-2013-4496:samr: Remove ChangePasswordUserAndrew Bartlett2014-03-131-254/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This old password change mechanism does not provide the plaintext to validate against password complexity, and it is not used by modern clients. It also has quite difficult semantics to handle regarding password lockout. The missing features in both implementations (by design) were: - the password complexity checks (no plaintext) - the minimum password length (no plaintext) Additionally, the source3 version did not check: - the minimum password age - pdb_get_pass_can_change() which checks the security descriptor for the 'user cannot change password' setting. - the password history - the output of the 'passwd program' if 'unix passwd sync = yes'. Finally, the mechanism was almost useless, as it was incorrectly only made available to administrative users with permission to reset the password. It is removed here so that it is not mistakenly reinstated in the future. Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245 Change-Id: If2edd3183c177e5ff37c9511b0d0ad0dd9038c66 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-on: https://gerrit.samba.org/37
* param: change fstype to use a constant stringGarming Sam2014-02-121-1/+1
| | | | | | | | Substitution isn't really necessary for this parameter. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* loadparm: rename lp[cfg]_print_ok to lp[cfg]_printable for consistency with docsMichael Adam2014-02-031-1/+1
| | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* loadparm: rename lp[cfg]_pathname to lp[cfg]_path for consistency with docsMichael Adam2014-02-031-2/+2
| | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked.Jeremy Allison2013-12-091-0/+8
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_interface().Günther Deschner2013-08-051-18/+18
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* smbd: Fix CID 1035536 Uninitialized pointer readVolker Lendecke2013-07-231-1/+1
| | | | | | | | | | | rpc_pipe_open_interface just returns okay if the pipe in question is already open. For this, it needs to read the value. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 23 02:05:19 CEST 2013 on sn-devel-104
* smbd: Fix CID 1035537 Uninitialized pointer readVolker Lendecke2013-07-221-1/+1
| | | | | | | | rpc_pipe_open_interface just returns okay if the pipe in question is already open. For this, it needs to read the value. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Fix CID 1035538 Uninitialized pointer readVolker Lendecke2013-07-221-1/+1
| | | | | | | | rpc_pipe_open_interface just returns okay if the pipe in question is already open. For this, it needs to read the value. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-smbd: Don't leak subcntarr array.Andreas Schneider2013-02-221-1/+1
| | | | Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3-rap: Open printers with the right access mask.Andreas Schneider2012-09-121-3/+3
| | | | | Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Sep 12 14:05:42 CEST 2012 on sn-devel-104
* Check error returns from strupper_m() (in all reasonable places).Jeremy Allison2012-08-091-4/+10
|
* loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell2012-07-181-12/+13
| | | | | | | | | | They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* s3:smbd: pass down vuid as uint64_t in lanman.cStefan Metzmacher2012-06-061-36/+36
| | | | metze
* s3:smbd: use 'struct user_struct' instead of typedef'ed 'user_struct'Stefan Metzmacher2012-06-061-2/+2
| | | | metze
* s3: Fix a likely cut&paste errorVolker Lendecke2012-05-151-1/+1
|
* s3:smbd: use connections_snum_used() instead of conn_snum_used() for ↵Stefan Metzmacher2011-12-131-1/+1
| | | | | | | | | load_usershare_shares() Before removing the share security descriptor, we should make sure there're really no active users anymore. metze
* s3:param: don't reference conn_snum_used directly in load_usershare_shares()Stefan Metzmacher2011-12-131-1/+1
| | | | | | This uses the same logic as lp_killunused(). metze
* s3-auth Remove seperate guest booleanAndrew Bartlett2011-07-201-1/+1
| | | | | | | | | | Instead, we base our guest calculations on the presence or absense of the authenticated users group in the token, ensuring that we have only one canonical source of this important piece of authorization data Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth use auth_user_info not netr_SamInfo3 in auth3_session_infoAndrew Bartlett2011-07-201-3/+3
| | | | | | | | | | | | This makes auth3_session_info identical to auth_session_info The logic to convert the info3 to a struct auth_user_info is essentially moved up the stack from the named pipe proxy in source3/rpc_server to create_local_token(). Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Use guest boolean in auth_user_info_unixAndrew Bartlett2011-07-201-1/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Use struct auth_user_info_unix for unix_name and sanitized_usernameAndrew Bartlett2011-07-201-6/+6
| | | | | | | | This is closer to the layout of struct auth_session_info in auth.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Use *unix_token rather than utok in struct auth3_session_infoAndrew Bartlett2011-07-201-3/+3
| | | | | | | | | | | | | | | | This brings this structure one step closer to the struct auth_session_info. A few SMB_ASSERT calls are added in some key places to ensure that this pointer is initialised, to make tracing any bugs here easier in future. NOTE: Many of the users of this structure should be reviewed, as unix and NT access checks are mixed in a way that should just be done using the NT ACL. This patch has not changed this behaviour however. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-rpc_server: Migrate rpc function to tsocket_address.Andreas Schneider2011-07-041-18/+18
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-param Remove 'announce version' parameterAndrew Bartlett2011-06-231-2/+2
| | | | | | | | The only users I can find of this on the internet involve confused users, and our own documentation recommends never setting this. Don't confuse our users any longer. Andrew Bartlett
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-6/+6
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* s3-smbd provide struct smbd_server_connection * to conn_snum_usedAndrew Bartlett2011-05-311-1/+1
| | | | | | | | | | | | | | | | This provides the 'sconn' parameter to this key functions, that is currently duplicated in dummysmbd.c, which causes duplicate symbol issues in the waf build. This has natrually caused a number of consequential changes across the codebase, includning not passing a messaging context into initial reload_services(): This causes problems because the global smbd_server_connection isn't yet set up, as there isn't a connection here, just the initial process. Andrew Bartlett
* s3-lib Replace StrCaseCmp() with strcasecmp_m()Andrew Bartlett2011-05-181-3/+3
| | | | | | | strcasecmp_m() never needs to call to talloc, and via next_codepoint() still has an ASCII fast-path bypassing iconv() calls. Andrew Bartlett
* rpc_server: Always use rpc_pipe_open_interface()Simo Sorce2011-05-131-8/+8
| | | | | | | | | | This way we can configure which rpc service we actually want to connect to. By default it uses an "embedded" interface and calls rpc_pipe_open_internal() Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri May 13 14:40:26 CEST 2011 on sn-devel-104
* More simple const fixes.Jeremy Allison2011-05-051-4/+4
|
* s3-proto: remove duplicate prototypes.Günther Deschner2011-04-291-0/+1
| | | | Guenther
* s3-build: remove some unused headers.Günther Deschner2011-04-291-3/+0
| | | | Guenther
* s3-rpc_client: add and use rpc_client/rpc_client.h.Günther Deschner2011-04-131-0/+1
| | | | Guenther
* s3: Fix Coverity ID 2236: REVERSE_INULLVolker Lendecke2011-03-301-3/+1
| | | | | We have already dereferenced "b", and the other calls in this loop can only have worked with a valid handle
* s3-auth: smbd needs auth.hGünther Deschner2011-03-301-0/+1
| | | | Guenther
* s3: include smbd/smbd.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-passdb: use passdb headers where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3: Expose num_opens via api_RNetSessionEnumVolker Lendecke2011-03-171-1/+1
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Mar 17 22:05:10 CET 2011 on sn-devel-104
* s3: Fix Coverity ID 2140, DEADCODEVolker Lendecke2011-03-161-1/+1
| | | | | | | This routine was never executed after f0dcc90f because "netname" was always NULL. Jeremy, please check!
* s3-lanman: talk to srvsvc dcerpc server in api_RNetSessionEnum().Günther Deschner2011-03-021-10/+63
| | | | Guenther
* s3-printing: only include printing where really needed.Günther Deschner2011-02-221-0/+1
| | | | Guenther
* s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_infoAndrew Bartlett2011-02-221-37/+37
| | | | | | | | | | | | | | | | | | | | | These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-lanman: prefer dcerpc_samr_X functions.Günther Deschner2011-02-011-83/+237
| | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Feb 1 16:45:10 CET 2011 on sn-devel-104
* s3-lanman: remove trailing whitespace.Günther Deschner2011-01-211-30/+30
| | | | Guenther
* s3:smbd: use dcerpc_spoolss_X() functionsStefan Metzmacher2011-01-211-28/+44
| | | | | | metze Signed-off-by: Andreas Schneider <asn@samba.org>
* s3-lanman: prefer dcerpc_srvsvc_X functions.Günther Deschner2011-01-131-3/+9
| | | | | | Guenther Signed-off-by: Andreas Schneider <asn@samba.org>
generated by cgit (git 2.34.1) at 2025-09-25 17:46:27 +0000