diff options
Diffstat (limited to 'source/libsmb')
| -rw-r--r-- | source/libsmb/cliconnect.c | 1 | ||||
| -rw-r--r-- | source/libsmb/clidgram.c | 5 | ||||
| -rw-r--r-- | source/libsmb/clikrb5.c | 18 | ||||
| -rw-r--r-- | source/libsmb/cliprint.c | 12 | ||||
| -rw-r--r-- | source/libsmb/clirap.c | 18 | ||||
| -rw-r--r-- | source/libsmb/clirap2.c | 4 | ||||
| -rw-r--r-- | source/libsmb/credentials.c | 4 | ||||
| -rw-r--r-- | source/libsmb/libsmbclient.c | 47 | ||||
| -rw-r--r-- | source/libsmb/samlogon_cache.c | 29 | ||||
| -rw-r--r-- | source/libsmb/smb_share_modes.c | 40 |
10 files changed, 109 insertions, 69 deletions
diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c index 0f09747dbf1..183cbe3bfc0 100644 --- a/source/libsmb/cliconnect.c +++ b/source/libsmb/cliconnect.c @@ -1065,6 +1065,7 @@ BOOL cli_send_tconX(struct cli_state *cli, cli_setup_packet(cli); SSVAL(cli->outbuf,smb_vwv0,0xFF); + SSVAL(cli->outbuf,smb_vwv2,TCONX_FLAG_EXTENDED_RESPONSE); SSVAL(cli->outbuf,smb_vwv3,passlen); p = smb_buf(cli->outbuf); diff --git a/source/libsmb/clidgram.c b/source/libsmb/clidgram.c index a983f485ab4..83ea81ddf1e 100644 --- a/source/libsmb/clidgram.c +++ b/source/libsmb/clidgram.c @@ -85,7 +85,10 @@ BOOL cli_send_mailslot(BOOL unique, const char *mailslot, SSVAL(ptr,smb_vwv16,2); p2 = smb_buf(ptr); fstrcpy(p2,mailslot); - p2 = skip_string(p2,1); + p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2); + if (!p2) { + return False; + } memcpy(p2,buf,len); p2 += len; diff --git a/source/libsmb/clikrb5.c b/source/libsmb/clikrb5.c index 5018e146cad..993e32c1edd 100644 --- a/source/libsmb/clikrb5.c +++ b/source/libsmb/clikrb5.c @@ -393,7 +393,7 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ #if defined(KRB5_KRBHST_INIT) /* Heimdal */ - krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters) + krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters) { krb5_krbhst_handle hnd; krb5_krbhst_info *hinfo; @@ -407,7 +407,7 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ rc = krb5_krbhst_init(ctx, realm->data, KRB5_KRBHST_KDC, &hnd); if (rc) { - DEBUG(0, ("krb5_locate_kdc: krb5_krbhst_init failed (%s)\n", error_message(rc))); + DEBUG(0, ("smb_krb5_locate_kdc: krb5_krbhst_init failed (%s)\n", error_message(rc))); return rc; } @@ -417,14 +417,14 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ krb5_krbhst_reset(ctx, hnd); if (!num_kdcs) { - DEBUG(0, ("krb5_locate_kdc: zero kdcs found !\n")); + DEBUG(0, ("smb_krb5_locate_kdc: zero kdcs found !\n")); krb5_krbhst_free(ctx, hnd); return -1; } sa = SMB_MALLOC_ARRAY( struct sockaddr, num_kdcs ); if (!sa) { - DEBUG(0, ("krb5_locate_kdc: malloc failed\n")); + DEBUG(0, ("smb_krb5_locate_kdc: malloc failed\n")); krb5_krbhst_free(ctx, hnd); naddrs = 0; return -1; @@ -454,7 +454,7 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ #else /* ! defined(KRB5_KRBHST_INIT) */ - krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, + krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters) { DEBUG(0, ("unable to explicitly locate the KDC on this platform\n")); @@ -463,6 +463,14 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ #endif /* KRB5_KRBHST_INIT */ +#else /* ! HAVE_KRB5_LOCATE_KDC */ + + krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, + struct sockaddr **addr_pp, int *naddrs, int get_masters) +{ + return krb5_locate_kdc(ctx, realm, addr_pp, naddrs, get_masters); +} + #endif /* HAVE_KRB5_LOCATE_KDC */ #if !defined(HAVE_KRB5_FREE_UNPARSED_NAME) diff --git a/source/libsmb/cliprint.c b/source/libsmb/cliprint.c index 5798e945541..cb04e0ddcc7 100644 --- a/source/libsmb/cliprint.c +++ b/source/libsmb/cliprint.c @@ -64,16 +64,16 @@ int cli_print_queue(struct cli_state *cli, SSVAL(p,0,76); /* API function number 76 (DosPrintJobEnum) */ p += 2; pstrcpy_base(p,"zWrLeh", param); /* parameter description? */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"WWzWWDDzz", param); /* returned data format */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,cli->share, param); /* name of queue */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,2); /* API function level 2, PRJINFO_2 data structure */ SSVAL(p,2,1000); /* size of bytes of returned data buffer */ p += 4; pstrcpy_base(p,"", param); /* subformat */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); DEBUG(4,("doing cli_print_queue for %s\n", cli->share)); @@ -133,9 +133,9 @@ int cli_printjob_del(struct cli_state *cli, int job) SSVAL(p,0,81); /* DosPrintJobDel() */ p += 2; pstrcpy_base(p,"W", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,job); p += 2; diff --git a/source/libsmb/clirap.c b/source/libsmb/clirap.c index 05dc36e91c3..6008dfbe934 100644 --- a/source/libsmb/clirap.c +++ b/source/libsmb/clirap.c @@ -86,9 +86,9 @@ BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation) SSVAL(p,0,132); /* api number */ p += 2; pstrcpy_base(p,"OOWb54WrLh",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"WB21BWDWWDDDDDDDzzzD",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,1); p += 2; pstrcpy_base(p,user,param); @@ -147,9 +147,9 @@ int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32, co SSVAL(p,0,0); /* api number */ p += 2; pstrcpy_base(p,"WrLeh",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"B13BWz",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,1); /* * Win2k needs a *smaller* buffer than 0xFFFF here - @@ -225,11 +225,11 @@ BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, SSVAL(p,0,0x68); /* api number */ p += 2; pstrcpy_base(p,"WrLehDz", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"B16BBDz", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,uLevel); SSVAL(p,2,CLI_BUFFER_SIZE); p += 4; @@ -314,11 +314,11 @@ BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char SSVAL(p,0,214); /* SamOEMChangePassword command. */ p += 2; pstrcpy_base(p, "zsT", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p, "B516B16", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,user, param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,532); p += 2; diff --git a/source/libsmb/clirap2.c b/source/libsmb/clirap2.c index d6a44f4ea22..1730626066f 100644 --- a/source/libsmb/clirap2.c +++ b/source/libsmb/clirap2.c @@ -91,7 +91,7 @@ /* put string s at p with max len n and increment p past string */ #define PUTSTRING(p,s,n) do {\ push_ascii(p,s?s:"",n?n:256,STR_TERMINATE);\ - p = skip_string(p,1);\ + p = push_skip_string(p);\ } while(0) /* put string s and p, using fixed len l, and increment p by l */ #define PUTSTRINGF(p,s,l) do {\ @@ -111,7 +111,7 @@ /* get asciiz string s from p, increment p past string */ #define GETSTRING(p,s) do {\ pull_ascii_pstring(s,p);\ - p = skip_string(p,1);\ + p = push_skip_string(p);\ } while(0) /* get fixed length l string s from p, increment p by l */ #define GETSTRINGF(p,s,l) do {\ diff --git a/source/libsmb/credentials.c b/source/libsmb/credentials.c index 76fc5fc0621..3243719d5c9 100644 --- a/source/libsmb/credentials.c +++ b/source/libsmb/credentials.c @@ -101,7 +101,9 @@ static void creds_init_64(struct dcinfo *dc, unsigned char sum2[8]; /* Just in case this isn't already there */ - memcpy(dc->mach_pw, mach_pw, 16); + if (dc->mach_pw != mach_pw) { + memcpy(dc->mach_pw, mach_pw, 16); + } sum[0] = IVAL(clnt_chal_in->data, 0) + IVAL(srv_chal_in->data, 0); sum[1] = IVAL(clnt_chal_in->data, 4) + IVAL(srv_chal_in->data, 4); diff --git a/source/libsmb/libsmbclient.c b/source/libsmb/libsmbclient.c index 7fbf5a10c54..e305409b87c 100644 --- a/source/libsmb/libsmbclient.c +++ b/source/libsmb/libsmbclient.c @@ -339,14 +339,15 @@ smbc_parse_path(SMBCCTX *context, goto decoding; if (*p == '/') { + int wl = strlen(context->workgroup); - strncpy(server, context->workgroup, - ((strlen(context->workgroup) < 16) - ? strlen(context->workgroup) - : 16)); - server[server_len - 1] = '\0'; + if (wl > 16) { + wl = 16; + } + + strncpy(server, context->workgroup, wl); + server[wl] = '\0'; return 0; - } /* @@ -499,8 +500,30 @@ static int smbc_check_server(SMBCCTX * context, SMBCSRV * server) { - if ( send_keepalive(server->cli->fd) == False ) - return 1; + size_t size; + struct sockaddr addr; + + /* + * Although the use of port 139 is not a guarantee that we're using + * netbios, we assume so. We don't want to send a keepalive packet if + * not netbios because it's not valid, and Vista, at least, + * disconnects the client on such a request. + */ + if (server->cli->port == 139) { + /* Assuming netbios. Send a keepalive packet */ + if ( send_keepalive(server->cli->fd) == False ) { + return 1; + } + } else { + /* + * Assuming not netbios. Try a different method to detect if + * the connection is still alive. + */ + size = sizeof(addr); + if (getpeername(server->cli->fd, &addr, &size) == -1) { + return 1; + } + } /* connection is ok */ return 0; @@ -917,6 +940,7 @@ smbc_attr_server(SMBCCTX *context, fstring password, POLICY_HND *pol) { + int flags; struct in_addr ip; struct cli_state *ipc_cli; struct rpc_pipe_client *pipe_hnd; @@ -951,12 +975,17 @@ smbc_attr_server(SMBCCTX *context, } } + flags = 0; + if (context->flags & SMB_CTX_FLAG_USE_KERBEROS) { + flags |= CLI_FULL_CONNECTION_USE_KERBEROS; + } + zero_ip(&ip); nt_status = cli_full_connection(&ipc_cli, global_myname(), server, &ip, 0, "IPC$", "?????", username, workgroup, - password, 0, + password, flags, Undefined, NULL); if (! NT_STATUS_IS_OK(nt_status)) { DEBUG(1,("cli_full_connection failed! (%s)\n", diff --git a/source/libsmb/samlogon_cache.c b/source/libsmb/samlogon_cache.c index b242d0ef55b..c48c75f3efa 100644 --- a/source/libsmb/samlogon_cache.c +++ b/source/libsmb/samlogon_cache.c @@ -59,9 +59,9 @@ BOOL netsamlogon_cache_shutdown(void) ***********************************************************************/ void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, NET_USER_INFO_3 *user) { - fstring domain; - TDB_DATA key; BOOL got_tdb = False; + DOM_SID sid; + fstring key_str, sid_string; /* We may need to call this function from smbd which will not have winbindd_cache.tdb open. Open the tdb if a NULL is passed. */ @@ -77,29 +77,24 @@ void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, NET_USER_INFO_3 *user) got_tdb = True; } - unistr2_to_ascii(domain, &user->uni_logon_dom, sizeof(domain) - 1); + sid_copy(&sid, &user->dom_sid.sid); + sid_append_rid(&sid, user->user_rid); - /* Clear U/DOMAIN/RID cache entry */ + /* Clear U/SID cache entry */ - asprintf(&key.dptr, "U/%s/%d", domain, user->user_rid); - key.dsize = strlen(key.dptr) - 1; /* keys are not NULL terminated */ + fstr_sprintf(key_str, "U/%s", sid_to_string(sid_string, &sid)); - DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key.dptr)); + DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key_str)); - tdb_delete(tdb, key); + tdb_delete(tdb, string_tdb_data(key_str)); - SAFE_FREE(key.dptr); + /* Clear UG/SID cache entry */ - /* Clear UG/DOMAIN/RID cache entry */ + fstr_sprintf(key_str, "UG/%s", sid_to_string(sid_string, &sid)); - asprintf(&key.dptr, "UG/%s/%d", domain, user->user_rid); - key.dsize = strlen(key.dptr) - 1; /* keys are not NULL terminated */ + DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key_str)); - DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key.dptr)); - - tdb_delete(tdb, key); - - SAFE_FREE(key.dptr); + tdb_delete(tdb, string_tdb_data(key_str)); if (got_tdb) tdb_close(tdb); diff --git a/source/libsmb/smb_share_modes.c b/source/libsmb/smb_share_modes.c index 4c49ecb7bd9..9236a96c5b2 100644 --- a/source/libsmb/smb_share_modes.c +++ b/source/libsmb/smb_share_modes.c @@ -200,7 +200,7 @@ int smb_get_share_mode_entries(struct smbdb_ctx *db_ctx, memset(list, '\0', num_share_modes * sizeof(struct smb_share_mode_entry)); - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); list_num = 0; for (i = 0; i < num_share_modes; i++) { @@ -265,7 +265,8 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, if (!db_data.dptr) { /* We must create the entry. */ db_data.dptr = (char *)malloc( - (2*sizeof(struct share_mode_entry)) + + sizeof(struct locking_data) + + sizeof(struct share_mode_entry) + strlen(sharepath) + 1 + strlen(filename) + 1); if (!db_data.dptr) { @@ -276,18 +277,18 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, ld->u.s.num_share_mode_entries = 1; ld->u.s.delete_on_close = 0; ld->u.s.delete_token_size = 0; - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); create_share_mode_entry(shares, new_entry); - memcpy(db_data.dptr + 2*sizeof(struct share_mode_entry), + memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry), sharepath, strlen(sharepath) + 1); - memcpy(db_data.dptr + 2*sizeof(struct share_mode_entry) + + memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry) + strlen(sharepath) + 1, filename, strlen(filename) + 1); - db_data.dsize = 2*sizeof(struct share_mode_entry) + + db_data.dsize = sizeof(struct locking_data) + sizeof(struct share_mode_entry) + strlen(sharepath) + 1 + strlen(filename) + 1; if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_INSERT) == -1) { @@ -310,11 +311,11 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, orig_num_share_modes = ld->u.s.num_share_mode_entries; /* Copy the original data. */ - memcpy(new_data_p, db_data.dptr, (orig_num_share_modes+1)*sizeof(struct share_mode_entry)); + memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry))); /* Add in the new share mode */ - shares = (struct share_mode_entry *)(new_data_p + - ((orig_num_share_modes+1)*sizeof(struct share_mode_entry))); + shares = (struct share_mode_entry *)(new_data_p + sizeof(struct locking_data) + + (orig_num_share_modes * sizeof(struct share_mode_entry))); create_share_mode_entry(shares, new_entry); @@ -322,9 +323,9 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, ld->u.s.num_share_mode_entries++; /* Append the original delete_token and filenames. */ - memcpy(new_data_p + ((ld->u.s.num_share_mode_entries+1)*sizeof(struct share_mode_entry)), - db_data.dptr + ((orig_num_share_modes+1)*sizeof(struct share_mode_entry)), - db_data.dsize - ((orig_num_share_modes+1) * sizeof(struct share_mode_entry))); + memcpy(new_data_p + sizeof(struct locking_data) + (ld->u.s.num_share_mode_entries * sizeof(struct share_mode_entry)), + db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)), + db_data.dsize - sizeof(struct locking_data) - (orig_num_share_modes * sizeof(struct share_mode_entry))); new_data_size = db_data.dsize + sizeof(struct share_mode_entry); @@ -382,7 +383,7 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, ld = (struct locking_data *)db_data.dptr; orig_num_share_modes = ld->u.s.num_share_mode_entries; - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); if (orig_num_share_modes == 1) { /* Only one entry - better be ours... */ @@ -405,7 +406,7 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, } /* Copy the header. */ - memcpy(new_data_p, db_data.dptr, sizeof(struct share_mode_entry)); + memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data)); num_share_modes = 0; for (i = 0; i < orig_num_share_modes; i++) { @@ -421,7 +422,8 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, continue; /* This is our delete taget. */ } - memcpy(new_data_p + ((num_share_modes+1)*sizeof(struct share_mode_entry)), + memcpy(new_data_p + sizeof(struct locking_data) + + (num_share_modes * sizeof(struct share_mode_entry)), share, sizeof(struct share_mode_entry) ); num_share_modes++; @@ -435,10 +437,10 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, } /* Copy any delete token plus the terminating filenames. */ - remaining_ptr = db_data.dptr + ((orig_num_share_modes+1) * sizeof(struct share_mode_entry)); + remaining_ptr = db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)); remaining_size = db_data.dsize - (remaining_ptr - db_data.dptr); - memcpy(new_data_p + ((num_share_modes+1)*sizeof(struct share_mode_entry)), + memcpy(new_data_p + sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)), remaining_ptr, remaining_size); @@ -450,7 +452,7 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, ld = (struct locking_data *)db_data.dptr; ld->u.s.num_share_mode_entries = num_share_modes; - db_data.dsize = ((num_share_modes+1)*sizeof(struct share_mode_entry)) + remaining_size; + db_data.dsize = sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)) + remaining_size; if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) == -1) { free(db_data.dptr); @@ -481,7 +483,7 @@ int smb_change_share_mode_entry(struct smbdb_ctx *db_ctx, ld = (struct locking_data *)db_data.dptr; num_share_modes = ld->u.s.num_share_mode_entries; - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); for (i = 0; i < num_share_modes; i++) { struct share_mode_entry *share = &shares[i]; |