| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will serve as a check to make sure that in particular a SAMR
client is really root. This is for example used in get_user_info_18()
handing out a machine password.
The unix domain sockets for NCACN_NP can only be contacted by root,
the "np\" subdirectory for those sockets is root/root 0700.
Connecting to such a socket is done in two situations: First, local
real root processes connecting and smbd on behalf of SMB clients
connecting to \\pipe\name, smbd does become_root() there. Via the
named_pipe_auth_req_info4 smbd hands over the SMB session information
that the RPC server blindly trusts. The session information (i.e. the
NT token) is heavily influenced by external sources like the KDC. It
is highly unlikely that we get a system token via SMB, but who knows,
this is information not fully controlled by smbd.
This is where this additional field in named_pipe_auth_req_info5 makes
a difference: This field is set to NCACN_NP by smbd's code, not
directly controlled by the clients. Other clients directly connecting
to a socket in "np\" is root anyway (only smbd can do become_root())
and can set this field to NCALRPC.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Once RPC services are done by individual processes, we need to avoid
recursion between processes:
Any RPC server process will be able to serve multiple client requests
simultaneously, but each request is served in a single-threaded
blocking manner.
For example the netlogon RPC service needs to ask samr for
something. The netlogon->samr connection will initially be handled by
a central dispatcher assigning clients to processes. This dispatcher
needs to know that this connection can't end up in the same process
that originated the request.
With this flag an RPC client can request a samr server process that
exclusively serves its own requests and that will not serve anybody
else while serving netlogon.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
|
| |
We'll add a field soon
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Dec 9 18:57:15 UTC 2021 on sn-devel-184
|
|
|
|
|
|
|
| |
No longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
rename_internals().
No longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
rename code.
Best viewed with 'git show -b'
As we're touching the DEBUG() code, change it to modern DBG_NOTICE().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
We no longer use resolve_wildcards() so comment it out
for later removal. Keep the '{ ... }' block around the
singleton rename for now, to keep the diff small.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
src_has_wild and dest_has_wild can never be true.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
It's always false now.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
It can never be true.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
for destination lookups.
We know the destination will never be a wildcard.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
level) prevent destination wildcards.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
in reply_mv().
We are no longer supporting wildcard rename via SMBmv (0x7)
as WindowsXP SMB1 and above do not use it.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
| |
It's always passed as false now so we can remove the (horrible)
enumeration code for unlink.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
This was the only user of "has_wild=true" passed to
unlink_internals().
Next commit will remove this functionality from unlink_internals().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's not used in our client code or tested.
From MS-CIFS.
This command was introduced in the LAN Manager 1.0 dialect
It was rendered obsolete in the NT LAN Manager dialect.
This command was used to perform server-side file copies, but
is no longer used. Clients SHOULD
NOT send requests using this command code.
Servers receiving requests with this command code
SHOULD return STATUS_NOT_IMPLEMENTED (ERRDOS/ERRbadfunc).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
This is pre WindowXP SMB1 functionality, and we
need to remove this from the server in order to
move towards SMB2-only, so the test must go.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
This is pre WindowXP SMB1 functionality, and we
need to remove this from the server in order to
move towards SMB2-only, so the test must go.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
This is pre WindowXP SMB1 functionality, and we
need to remove this from the server in order to
move towards SMB2-only, so the test must go.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
rename target.
The server will not be supporting wildcard rename soon.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
cleanup.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
cleanup.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
setup and cleanup.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
setup and cleanup.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
Not yet used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
Avoid smbcli_unlink() calls with a wildcard path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
| |
Avoid using smbcli_unlink() calls with wildcard names.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
smbcli_unlink().
We know we have a wildcard mask here.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
| |
smbcli_unlink().
We know we have a wildcard mask here.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
We will use this in place of smbcli_unlink() when we
know we are using a wildcard pattern. If can be used
to generally replace smbcli_unlink() as it calls down
to smbcli_unlink() is no wildcard is detected.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
These changes were submitted in a patch by
Stefan Metzmacher <metze@samba.org> in his lorikeet-heimdal
import branch of patches to upgrade to a modern Heimdal.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Dec 9 14:14:12 UTC 2021 on sn-devel-184
|
|
|
|
|
|
|
| |
Avoid dangling values if something fails...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
|
|
|
|
|
| |
The new Heimdal may return ENOENT instead of KRB5_CC_END.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
|
| |
This is needed to ensure Heimdal does not attempt to use nss to canonicalize the name.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Dec 9 07:42:38 UTC 2021 on sn-devel-184
|
|
|
|
|
|
|
| |
This becomes noticed when we upgrade Heimdal as we do not find
the correct gssapi headers any more.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Additional fields may be added to this structure without us explicitly
initialising them. This could cause Heimdal to crash upon reading
garbage data, so we should zero-initialise the structure.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 9 02:47:27 UTC 2021 on sn-devel-184
|
|
|
|
|
|
|
|
|
|
|
|
| |
A skew error means the client just tried using PADATA-ENC-TIMESTAMP or
PADATA-ENCRYPTED-CHALLENGE, so it might not be necessary to announce
them in that case.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec 7 08:32:42 UTC 2021 on sn-devel-184
|