summaryrefslogtreecommitdiff
path: root/source3/libsmb
Commit message (Collapse)AuthorAgeFilesLines
* libsmb:namequery: fix typo in comment in get_dc_list()Michael Adam2016-07-121-1/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* CVE-2016-2019: s3:libsmb: add comment regarding smbXcli_session_is_guest() ↵Stefan Metzmacher2016-07-071-0/+3
| | | | | | | | with mandatory signing BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:libsmb/clirap: remove unused cli_get_server_*() functionsStefan Metzmacher2016-07-062-146/+0
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 6 22:41:41 CEST 2016 on sn-devel-144
* s3: libsmb: Correctly trim a trailing \\ character in ↵Jeremy Allison2016-06-221-0/+12
| | | | | | | | | | | | | | | cli_smb2_create_fnum_send() when passing a pathname to SMB2 create. We already trim any leading \\ characters in this function, so this is the simplest place to clean the pathname. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11986 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Autobuild-User(master): Uri Simchoni <uri@samba.org> Autobuild-Date(master): Wed Jun 22 10:33:29 CEST 2016 on sn-devel-144
* s3: libsmb: Widen the internal client smb1.pid to 32-bits as is used on the ↵Jeremy Allison2016-06-182-6/+6
| | | | | | | | | | | | | | | | | | | | | | wire and in libcli/smb/smb1*.c Note: This has *NO* effect on the lock context code, as on the wire for all SMB1 locking requests, the pid used as the lock context is already truncated down to 16-bits - the field is only 16-bits wide. This allows the cli_XXX() calls to correctly set pidlow AND pidhigh in SMB1 requests put on the wire by the libcli/smb/smb1*.c code. Note that currently the smbd server doesn't correctly return pidhigh yet - a fix (and tests) for that will follow. As pidhigh is not checked in any client code (mid is used to differentiate different requests) this has no effect other than a correctness fix. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* libsmb: Fix two CIDs for NULL dereferenceVolker Lendecke2016-06-071-6/+12
| | | | | | | | | | | This whole area is a known-to-be-broken mess, but this patch should fix the immediate crash Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Jun 7 18:31:30 CEST 2016 on sn-devel-144
* s3: libsmb: Add sync and async cli_posix_whoami().Jeremy Allison2016-05-252-0/+281
| | | | | | | Will add as a command to smbclient, plus will be useful for testing. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* s3:samlogon_cache: fix O3 error unused result of truncateMichael Adam2016-05-131-1/+7
| | | | | | | in netsamlogon_cache_init() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
* s3:libsmb/clifile use correct value for MaxParameterCount for setting EAsChristian Ambach2016-05-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Windows servers will refuse trans2 requests which use excessive request parameters. From [MS-CIFS|: <239> Section 3.3.5.2.5: Windows NT servers fail a transaction request with STATUS_INSUFF_SERVER_RESOURCES, if (SetupCount + MaxSetupCount + TotalParameterCount + MaxParameterCount + TotalDataCount + MaxDataCount) is greater than 65*1024. When attempting to set a large list of EAs for a file, this limit can be hit when using CLI_BUFFER_SIZE as MaxDataCount while the TRANS2_SET_PATH_INFORMATION response has no data reply, only parameters (section 2.2.6.7.2). Be as minimal as possible here to allow a maximum number of EAs to be written. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11354 Reviewed-by: Jeremy Allison <jra@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed May 11 18:35:59 CEST 2016 on sn-devel-144
* Correctly set cli->raw_status for libsmbclient in SMB2 codeRobin McCorkell2016-05-041-1/+15
| | | | | | | | | | | The SMB2 file handling code wasn't correctly setting raw_status, which is used by libsmbclient to report file open errors etc. https://bugzilla.samba.org/show_bug.cgi?id=11276 Signed-off-by: Robin McCorkell <robin@mccorkell.me.uk> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libsmb: use anonymous authentication via spnego if possibleStefan Metzmacher2016-04-281-26/+29
| | | | | | | | | | | | This makes the authentication consistent between SMB1 with CAP_EXTENDED_SECURITY (introduced in Windows 2000) and SNB2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:libsmb: don't finish the gensec handshake for guest loginsStefan Metzmacher2016-04-281-0/+21
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:libsmb: record the session setup action flagsStefan Metzmacher2016-04-281-0/+5
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:libsmb: use password = NULL for anonymous connectionsStefan Metzmacher2016-04-281-0/+11
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11858 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:libsmb: Fix illegal memory access after memory has been deleted.Noel Power2016-04-141-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | smbtorture with the libsmbclient test suite produces the following valgrind trace ==31432== Invalid read of size 8 ==31432== at 0x99B8858: smbc_free_context (libsmb_context.c:260) ==31432== by 0x5E6401: torture_libsmbclient_opendir (libsmbclient.c:136) ==31432== by 0x9553F42: wrap_simple_test (torture.c:632) ==31432== by 0x955366F: internal_torture_run_test (torture.c:442) ==31432== by 0x95538C3: torture_run_tcase_restricted (torture.c:506) ==31432== by 0x9553278: torture_run_suite_restricted (torture.c:357) ==31432== by 0x95531D7: torture_run_suite (torture.c:339) ==31432== by 0x25FEFF: run_matching (smbtorture.c:93) ==31432== by 0x260195: torture_run_named_tests (smbtorture.c:143) ==31432== by 0x261E14: main (smbtorture.c:665) ==31432== Address 0x18864a70 is 80 bytes inside a block of size 96 free'd ==31432== at 0x4C2A37C: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==31432== by 0x99BCC46: SMBC_closedir_ctx (libsmb_dir.c:922) ==31432== by 0x99C06CA: SMBC_close_ctx (libsmb_file.c:370) ==31432== by 0x99B8853: smbc_free_context (libsmb_context.c:259) ==31432== by 0x5E6401: torture_libsmbclient_opendir (libsmbclient.c:136) ==31432== by 0x9553F42: wrap_simple_test (torture.c:632) ==31432== by 0x955366F: internal_torture_run_test (torture.c:442) ==31432== by 0x95538C3: torture_run_tcase_restricted (torture.c:506) ==31432== by 0x9553278: torture_run_suite_restricted (torture.c:357) ==31432== by 0x95531D7: torture_run_suite (torture.c:339) ==31432== by 0x25FEFF: run_matching (smbtorture.c:93) ==31432== by 0x260195: torture_run_named_tests (smbtorture.c:143) BUG: https://bugzilla.samba.org/show_bug.cgi?id=11836 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Apr 14 13:24:10 CEST 2016 on sn-devel-144
* CVE-2016-2115: s3:libsmb: use SMB_SIGNING_IPC_DEFAULT and ↵Ralph Boehme2016-04-121-3/+4
| | | | | | | | | | | lp_client_ipc_{min,max}_protocol() Use SMB_SIGNING_IPC_DEFAULT and lp_client_ipc_{min,max}_protocol() for RPC connections. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* CVE-2016-2115: s3:libsmb: let SMB_SIGNING_IPC_DEFAULT use "client ipc ↵Stefan Metzmacher2016-04-121-2/+12
| | | | | | | | | | | | | | | | | min/max protocol" We need NT1 => LATEST in order to work against all servers which support DCERPC over ncacn_np. This is a mini step in using SMB2/3 in our client side by default. This gives us a higher chance that SMB signing is supported by the server (as it can't be turned off for SMB2 and higher). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2016-2115: s3:libsmb: add signing constant SMB_SIGNING_IPC_DEFAULTRalph Boehme2016-04-121-0/+9
| | | | | | | | | | SMB_SIGNING_IPC_DEFAULT must be used from s3 client code when opening RPC connections. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* CVE-2016-2111: s3:libsmb: don't send a raw NTLMv2 response when we want to ↵Stefan Metzmacher2016-04-121-0/+11
| | | | | | | | | use spnego BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3: libsmb: Fix error where short name length was read as 2 bytes, should be 1.Jeremy Allison2016-04-061-1/+1
| | | | | | | | | | | | | Reported by Thomas Dvorachek <tdvorachek@yahoo.com> from a Windows 10 server. Confirmed in MS-CIFS 2.2.8.1.7. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11822 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 6 03:46:55 CEST 2016 on sn-devel-144
* libsmb: Fix CID 1356312 Explicit null dereferencedVolker Lendecke2016-03-181-0/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:libsmb: remove unused functions in clispnego.cStefan Metzmacher2016-03-101-282/+0
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: remove unused cli_session_setup_kerberos*() functionsStefan Metzmacher2016-03-101-141/+0
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: make use of cli_session_setup_gensec*() for KerberosStefan Metzmacher2016-03-101-5/+10
| | | | | | | | This pares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: call cli_state_remote_realm() within cli_session_setup_spnego_send()Stefan Metzmacher2016-03-101-8/+4
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: provide generic cli_session_setup_gensec_send/recv() pairStefan Metzmacher2016-03-101-48/+103
| | | | | | | | | | It will be possible to use this for more than just NTLMSSP in future. This prepares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: let cli_session_setup_ntlmssp*() use gensec_update_send/recv()Stefan Metzmacher2016-03-101-92/+191
| | | | | | | | This pares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: unused ntlmssp.cStefan Metzmacher2016-03-101-765/+0
| | | | | | | | Everything uses the top level ntlmssp code via gensec now. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: make use gensec based SPNEGO/NTLMSSPStefan Metzmacher2016-03-101-84/+95
| | | | | | | | This pares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:auth_generic: add "ntlmssp_resume_ccache" backend in ↵Stefan Metzmacher2016-03-101-1/+2
| | | | | | | | | | auth_generic_client_prepare() This will be used by winbindd in order to correctly implement WINBINDD_CCACHE_NTLMAUTH. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: remove unused libsmb/ntlmssp_wrap.cStefan Metzmacher2016-03-101-135/+0
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:auth_generic: make use of the top level NTLMSSP client codeStefan Metzmacher2016-03-101-1/+1
| | | | | | | | | There's no reason to use gensec_ntlmssp3_client_ops, the WINBINDD_CCACHE_NTLMAUTH isn't available via gensec anyway. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:auth_generic: add auth_generic_client_start_by_sasl()Stefan Metzmacher2016-03-101-0/+23
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:auth_generic: add auth_generic_client_start_by_name()Stefan Metzmacher2016-03-101-0/+23
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* CVE-2015-7560: s3: libsmb: Add SMB1-only POSIX cli_posix_setacl() functions. ↵Jeremy Allison2016-03-102-0/+111
| | | | | | | | | Needed for tests. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* CVE-2015-7560: s3: libsmb: Rename cli_posix_getfaclXX() functions to ↵Jeremy Allison2016-03-102-18/+18
| | | | | | | | | cli_posix_getacl() as they operate on pathnames. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* dsgetdcname: fix flag checkUri Simchoni2016-03-071-1/+1
| | | | | | | | | Fix the check for zero requseted flags. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11769 Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dsgetdcname: return an IP address on rediscoveryUri Simchoni2016-03-071-7/+7
| | | | | | | | | | | | When dsgetdcname return its result based on discovery process (instead of retrieving cached value), always return the found server's IP address in dc_address field, rather than its netbios name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11769 Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3/libsmb/clirap2.c: use actual buffer sizeAurelien Aptel2016-02-271-1/+1
| | | | | | | | | | | | data used to be a stack allocated array but was changed to a heap allocated buffer by commit 95a81a3. Update sizeof(data) to data_size. Signed-off-by: Aurelien Aptel <aaptel@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Feb 27 05:25:40 CET 2016 on sn-devel-144
* dlist: remove unneeded type argument from DLIST_ADD_END()Michael Adam2016-02-062-3/+3
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* spnego: Correctly check asn1_tag_remaining retvalVolker Lendecke2016-02-031-4/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:clispnego: fix confusing warning in spnego_gen_krb5_wrap()Stefan Metzmacher2016-02-011-5/+10
| | | | | | | | | | | | | asn1_extract_blob() stops further asn1 processing by setting has_error. Don't call asn1_has_error() after asn1_extract_blob() has been successful otherwise we get an "Failed to build krb5 wrapper at" message on success. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11702 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libsmb: Remove ip_service based resolve_lmhostsVolker Lendecke2016-01-131-50/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* libsmb: Convert resolve_hosts to sockaddr_storageVolker Lendecke2016-01-131-7/+14
| | | | | | | Eventually I want to get rid of struct ip_service. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* lib: Introduce util_tsock.hVolker Lendecke2016-01-101-0/+1
| | | | | | | This avoids includes.h in source3/lib/util_tsock.c Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* pylibsmb: Adjust to use of PY_SSIZE_T_CLEANAndrew Bartlett2016-01-071-1/+1
| | | | | | | This changes the type used for # arguments to PyArg_ParseTupleAndKeywords Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* s3: smbclient: asn1_extract_blob() stops further asn1 processing by setting ↵Jeremy Allison2016-01-071-5/+10
| | | | | | | | | | | | | | has_error. Don't call asn1_has_error() after asn1_extract_blob() has been successful otherwise we get an "Failed to build negTokenInit at offset" message on success. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Jan 7 16:00:02 CET 2016 on sn-devel-144
* smbclient: query disk usage relative to current directoryUri Simchoni2016-01-064-5/+9
| | | | | | | | | | | When querying disk usage in the "dir" and "du" commands, use the current directory. This behavior is compatible with Windows command shell "dir" command. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11662 Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use asn1_current_ofs()Volker Lendecke2016-01-061-3/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use asn1_extract_blob()Volker Lendecke2016-01-061-3/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>