summaryrefslogtreecommitdiffstats
path: root/source4/smb_server
Commit message (Collapse)AuthorAgeFilesLines
* s4:auth Change auth_generate_session_info to take flagsAndrew Bartlett2010-05-201-1/+13
| | | | | | | | | | | | | | This allows us to control what groups should be added in what use cases, and in particular to more carefully control the introduction of the 'authenticated' group. In particular, in the 'service_named_pipe' protocol, we do not have control over the addition of the authenticated users group, so we key of 'is this user the anonymous SID'. This also takes more care to allocate the right length ptoken->sids Andrew Bartlett
* s4:smb_server/smb/trans2.c - remove unused define "DEFAULT_SITE_NAME"Matthias Dieter Wallnöfer2010-05-181-1/+0
| | | | | Obviously this isn't needed and in general site names shouldn't be hardcoded anymore (except there is a good reason).
* s4:smb_server: Implement GET_DFS_REFERRAL for domain referral requestsMatthieu Patou2010-05-181-1/+871
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:smb_server: fix trailling whitespace in trans2.cMatthieu Patou2010-05-181-25/+25
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* Finish removal of iconv_convenience in public API's.Jelmer Vernooij2010-05-183-6/+6
|
* s4:smb_server/smb: SMBreadX can return STATUS_BUFFER_OVERFLOWStefan Metzmacher2010-04-281-1/+5
| | | | metze
* s4:smb_server: use tsocket_address_string() for debugging the client addressStefan Metzmacher2010-04-271-8/+8
| | | | metze
* s4:smb_server: use tsocket_address_string() for debugging the client addressStefan Metzmacher2010-04-271-8/+9
| | | | metze
* s4:smb_server: use tsocket_address_string() to display the client addressStefan Metzmacher2010-04-271-3/+5
| | | | metze
* s4:smb_server: remove unused socket_address functionsStefan Metzmacher2010-04-271-16/+0
| | | | metze
* s4:smb_server: pass tsocket_addresses to the ntvfs layerStefan Metzmacher2010-04-272-4/+8
| | | | metze
* s4:auth Change auth_generate_session_info to take an auth contextAndrew Bartlett2010-04-141-18/+61
| | | | | | | | | | | | | | | | | | The auth context was in the past only for NTLM authentication, but we need a SAM, an event context and and loadparm context for calculating the local groups too, so re-use that infrustructure we already have in place. However, to avoid problems where we may not have an auth_context (in torture tests, for example), allow a simpler 'session_info' to be generated, by passing this via an indirection in gensec and an generate_session_info() function pointer in the struct auth_context. In the smb_server (for old-style session setups) we need to change the async context to a new 'struct sesssetup_context'. This allows us to use the auth_context in processing the authentication reply . Andrew Bartlett
* s4-waf: move to a universal method of recursing into subdirsAndrew Tridgell2010-04-061-2/+2
| | | | This works with both standalone lib builds and bundled builds
* s4-waf: removed the AUTOGENERATED markersAndrew Tridgell2010-04-063-12/+0
| | | | we won't be using the mk -> wscript generator again
* s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell2010-04-063-0/+6
| | | | them
* build: waf quicktest nearly worksAndrew Tridgell2010-04-061-1/+1
| | | | | Rewrote wafsamba using a new dependency handling system, and started adding the waf test code
* build: commit all the waf build files in the treeAndrew Tridgell2010-04-063-0/+49
|
* s4-pvfs: move the private ntcreatex flags to private_flagsAndrew Tridgell2010-03-052-6/+2
| | | | | | | | Re-using two of the create_options bits was bound to eventually cause problems, and indeed, Windows7 now uses one of those bits when opening text files. Fixes bug 7189
* Change uint_t to unsigned int in source4Matt Kraai2010-02-026-24/+24
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:auth: change auth_check_password_send/recv to tevent_reqStefan Metzmacher2009-12-241-13/+26
| | | | metze
* s4:gensec: change gensec_update_send/recv to tevent_reqStefan Metzmacher2009-12-242-10/+27
| | | | metze
* s4:smb_server: fix mixing socket_address and tsocket_addressStefan Metzmacher2009-12-241-6/+9
| | | | metze
* s4:auth Change 'get_challenge' API to be more like Samba3Andrew Bartlett2009-12-221-4/+1
| | | | | | | It is just easier to fill in the known to be 8 byte challenge than stuff about with allocated pointers. Andrew Bartlett
* s4-server: use GUID_to_ndr_blob() in cldap and smb serversAndrew Tridgell2009-12-102-9/+6
|
* s4-smb2: use new GUID function in smb2 negprotAndrew Tridgell2009-12-101-3/+2
|
* s4:smb_server/smb2: don't reset highest_smb2_seqnum on SMB2 CancelStefan Metzmacher2009-11-271-2/+4
| | | | metze
* s4-smb2: sequence numbers are not checked in SMB2_OP_CANCELAndrew Tridgell2009-11-271-1/+2
|
* s4/libcli: rename previously reserved field in SMB2 LOCK structSteven Danneman2009-11-251-1/+1
| | | | | The lock.in.reserved field has been renamed lock_sequence in the SMB 2.1 dialect. See MS-SMB 2.2.26.
* s4-samdb: reduce the number of samdb opens at startupAndrew Tridgell2009-10-251-14/+0
| | | | | Using common parameters means that the ldb_wrap code can return a reference rather than a new database
* s4-smbserver: removed bogus initialisation of two union armsAndrew Tridgell2009-10-172-2/+0
| | | | Thanks to Metze for spotting this.
* s4-smb: fill in fnum as well for root_fidAndrew Tridgell2009-10-152-1/+3
| | | | This helps with the CIFS NTVFS backend, but doesn't solve all problems
* s4-smbserver: fixed root_fid in nttrans createAndrew Tridgell2009-10-151-1/+1
|
* s4-smb: declare root_fid as a file handleAndrew Tridgell2009-10-152-2/+2
| | | | | | In order to implement root_fid in the s4 SMB server we need to declare it as a handle type, just as for other fnum values in SMB. This required some extensive (but simple) changes in many bits of code.
* s4-smbd: minimise includes in smbd/ and smb_serverAndrew Tridgell2009-09-1919-37/+0
|
* s4-server: kill main daemon if a task fails to initialiseAndrew Tridgell2009-09-182-2/+2
| | | | | | When one of our core tasks fails to initialise it can now ask for the server as a whole to die, rather than limping along in a degraded state.
* changed BCC handling for SMBwriteX to handle broken MacOSX clientAndrew Tridgell2009-08-051-13/+8
| | | | | | | | | | | | | see bug #6610 The MacOSX SMB client sets the BCC value in SMBwriteX calls to zero instead of the correct size. Checking against WindowsXP, I've found that Windows uses the maximum of the computed buffer size and the given BCC value. I've changed Samba4 to do the same to allow MacOSX to work. I've limited this change to non-chained packets to ensure we don't get the possibility of exploits based on overlapping chained requests
* on buffer overflow windows gives SMBSRV:ERRerror hereAndrew Tridgell2009-08-051-1/+1
|
* fixed support for readx greater than 64kAndrew Tridgell2009-08-041-1/+2
| | | | | This fixes bug 6547, where smbclient in S3 reads more than 64k at a time with readx.
* use the new talloc_reparent in two placesAndrew Tridgell2009-07-011-1/+1
|
* s4:smb2srv: don't allow the related flag on the first request in a ↵Stefan Metzmacher2009-06-091-0/+7
| | | | | | compounded chain metze
* s4:smb2srv: correctly fail remaining compounded requests after a failureStefan Metzmacher2009-06-092-5/+18
| | | | metze
* s4:smb2srv: remove old TODO comment, we already check the seqnumStefan Metzmacher2009-06-091-2/+0
| | | | metze
* s4:smb2srv: fix handling of multiple compounded requestsStefan Metzmacher2009-06-091-7/+12
| | | | metze
* s4:smb2srv: remove the chained file handle on closeStefan Metzmacher2009-06-091-0/+4
| | | | metze
* s4:smb2srv: We only support SMB 2.002.Stefan Metzmacher2009-05-262-6/+12
| | | | | | | We need to loop over all given dialects and check if we can find SMB2_DIALECT_REVISION_202. metze
* Have ntvfs_connect() accept union smb_tcon *tcon instead of char* sharenameSam Liddicott2009-05-203-30/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change brings ntvfs_connect into compliance with other ntvfs functions which take an ntvfs module, an ntvfs request and an smb io union. It now becomes the responsibility of ntvfs modules to examine tcon->generic.level themselves and derive the share name and any other options directly; e.g. const char *sharename; switch (tcon->generic.level) { case RAW_TCON_TCON: sharename = tcon->tcon.in.service; break; case RAW_TCON_TCONX: sharename = tcon->tconx.in.path; break; case RAW_TCON_SMB2: default: return NT_STATUS_INVALID_LEVEL; } if (strncmp(sharename, "\\\\", 2) == 0) { char *p = strchr(sharename+2, '\\'); if (p) { sharename = p + 1; } } service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in some of the tcon->..out values. For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and tcon->tconx.out.options For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and tcon->tcon.out.max_xmit Thus the ntvfs_connect function for vfs modules may override these values if desired, but are not required to. ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type fields, for RAW_TCON_TCONX, perhaps something like: if (tcon->generic.level == RAW_TCON_TCONX) { tcon->tconx.out.fs_type = ntvfs->ctx->fs_type; tcon->tconx.out.dev_type = ntvfs->ctx->dev_type; } Signed-off-by: Sam Liddicott <sam@liddicott.com> (I fixed the ntvfs_connect() in the smb_server/smb2/ and the RAW_TCON_SMB2 switch case in the modules) Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:smb_server: initialy read the first 4 bytes onlySam Liddicott2009-05-201-0/+1
| | | | | | | | Stop packet_recv getting greedy and reading the whole socket and then dispatching te extra packets in a timer loop Signed-off-by: Sam Liddicott <sam@liddicott.com> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:smb_server: return after we have processed an invalid smb2 requestStefan Metzmacher2009-05-111-0/+2
| | | | metze
* Add async support for reply_tcon* and ntvfs_connectSam Liddicott2009-04-232-70/+105
| | | | | | | | | | | | | | | | | | | | | | | smbsrv_tcon_backend no longer creates the ntvfs_request wrapper, so smbsrv_reply_tcon* can now do this and then invoke ntvfs_connect in the typical manner using SMBSRV_SETUP_NTVFS_REQUEST and SMBSRV_CALL_NTVFS_BACKEND Previously smbsrv_tcon_backend has been responsible for instantiating the ntvfs_module_context to service a tree-connect request, and then create an ntvfs_request wrapper around the smbsrv_request and pass this to ntvfs_connect for the newly created ntvfs. These actions could not be invoked asynchronously. This meant that any client requests made while instantiating the ntvfs module, including any composite's used during authentication (or related client connections for the case of proxy modules) would block other ntvfs modules and requests in the current process as they executed a nested event loop to await completion. Signed-off-by: Sam Liddicott <sam@liddicott.com> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4: Use same function signature for convert_* as s3.Jelmer Vernooij2009-03-011-6/+6
|
generated by cgit (git 2.34.1) at 2024-10-14 01:25:25 +0000