summaryrefslogtreecommitdiff
path: root/source3/libsmb
Commit message (Collapse)AuthorAgeFilesLines
...
* libsmb: Fix destructor setup in unexpected.cVolker Lendecke2018-02-131-1/+2
| | | | | | | | The destructor does DLIST_REMOVE, so better make sure "client" is in fact member of that list when the destructor fires Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Make g_lock_unlock use TDB_DATAVolker Lendecke2018-02-081-1/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Make g_lock_lock use TDB_DATAVolker Lendecke2018-02-081-1/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* libnmb: Fix CID 1428474 Incorrect expression (COPY_PASTE_ERROR)Volker Lendecke2018-01-251-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Jan 25 01:53:53 CET 2018 on sn-devel-144
* libnmb: Move "read_packet" to nmbdVolker Lendecke2018-01-242-36/+0
| | | | | | | | | | It's only used there Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jan 24 05:48:19 CET 2018 on sn-devel-144
* libnmb: Make nb_packet_read_recv return a talloc'ed pktVolker Lendecke2018-01-244-64/+19
| | | | | | | This saves a few explicit destructors only doing free_packet() Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libnmb: Add "parse_packet_talloc"Volker Lendecke2018-01-242-0/+76
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dsgetdcname: Fix a signed/unsigned hickupVolker Lendecke2018-01-231-1/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libnmb: Fix two signed/unsigned hickupsVolker Lendecke2018-01-231-2/+4
| | | | | | | Two warnings less Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libnmb: tsocket_address_unix_from_path deals fine with NULLVolker Lendecke2018-01-231-1/+1
| | | | | | | Other callers use NULL instead of "". Streamline it a bit Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libnmb: Remove a pointless struct memberVolker Lendecke2018-01-231-5/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb: Give unexpected.c its own headerVolker Lendecke2018-01-235-23/+53
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Added smbc_SetConfiguration which lets the user set the smb.conf for ↵Puran Chand2018-01-213-1/+197
| | | | | | | | | | libsmbclient code BUG: https://bugzilla.samba.org/show_bug.cgi?id=13229 Signed-off-by: Puran Chand <pchand@vmware.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* source3/libsmb/unexpected.c set socket close on execGary Lockyer2017-12-181-0/+1
| | | | | | | | | | Set SOCKET_CLOEXEC on the sockets returned by accept. This ensures that the socket is unavailable to any child process created by system(). Making it harder for malicious code to set up a command channel, as seen in the exploit for CVE-2015-0240 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Added smbc_SetLogCallback which lets third party code to capture ↵Puran Chand2017-12-103-1/+189
| | | | | | | | | | libsmbclient logs Signed-off-by: Puran Chand <pchand@vmware.com> Reviewed-by: Garming Sam <garming@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Dec 10 04:56:23 CET 2017 on sn-devel-144
* s3: libsmb: Plumb in the new SMB2 get reparse point calls into the ↵Jeremy Allison2017-12-061-10/+31
| | | | | | | | | | | | | | cli_readlink_XXXX() calls. Reparse point symlinks can now be queried over SMB1 and SMB2 from smbclient. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Dec 6 19:05:34 CET 2017 on sn-devel-144
* s3: libsmb: Add SMB2 calls ↵Jeremy Allison2017-12-062-0/+109
| | | | | | | | | | | cli_smb2_get_reparse_point_fnum_send()/cli_smb2_get_reparse_point_fnum_recv(). Allow reparse points to be queried over SMB2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3: libsmb: Do a naive response to SMB2 "stopped on symlink". Assume the ↵Jeremy Allison2017-12-061-1/+64
| | | | | | | | | | | | last component was the reparse point. Attempt re-open with FILE_OPEN_REPARSE_POINT. This matches the SMB1 behavior for smbclient. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
* s3: libsmb: Plumb in the new SMB2 reparse point calls into the ↵Jeremy Allison2017-12-061-15/+30
| | | | | | | | | | | | cli_symlink_create_XXX() calls. Reparse point symlinks can now be created over SMB1 and SMB2 from smbclient. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
* s3: libsmb: Add SMB2 calls ↵Jeremy Allison2017-12-062-0/+101
| | | | | | | | | | | cli_smb2_set_reparse_point_fnum_send()/cli_smb2_set_reparse_point_fnum_recv(). Allow reparse points to be created over SMB2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
* s3: libsmb: Make cli_close_send()/cli_close_recv() work for SMB1 and SMB2.Jeremy Allison2017-12-061-8/+43
| | | | | | | | | Remove the escape into synchronous smb2 code. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3: libsmb: Rename cli_close_create() -> cli_smb1_close_create().Jeremy Allison2017-12-062-22/+22
| | | | | | | | | | Move cli_smb1_close_done() next to its caller. This is SMB1 specific. Prepare to wrap cli_close_send/cli_close_recv to handle SMB2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
* s3: libsmb: Fix reversing of oldname/newname paths when creating a reparse ↵Jeremy Allison2017-11-301-7/+7
| | | | | | | | | | | | | | | point symlink on Windows from smbclient. This happened as smbd doesn't support reparse points so we couldn't test. This was the reverse of the (tested) symlink parameters in the unix extensions symlink command. Rename parameters to link_target instead of oldname so this is clearer. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13172 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3: client: Rename <oldname> to <link_target> in cmd_symlink() and ↵Jeremy Allison2017-11-301-7/+8
| | | | | | | | | | | | cli_posix_symlink(). Stops us from mixing up the old and new names. Only behavior change is correcting the names printed in the error messages. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13172 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3: libsmb: Fix valgrind read-after-free error in cli_smb2_close_fnum_recv().Jeremy Allison2017-11-301-2/+6
| | | | | | | | | | | | | cli_smb2_close_fnum_recv() uses tevent_req_simple_recv_ntstatus(req), which frees req, then uses the state pointer which was owned by req. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13171 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Nov 30 05:47:12 CET 2017 on sn-devel-144
* lib: Pass blob instead of &blob to gencache_set_data_blobVolker Lendecke2017-11-291-3/+4
| | | | | | | | Passing a whole DATA_BLOB is cheap enough to simplify the callers: A caller does not have to create a separate variable. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* Use talloc_stackframe() not talloc_tos() in namequery.cAndrew Bartlett2017-11-201-9/+8
| | | | | | | | | The pygpo code calls these functions but there was not stackframe set up so tallos_tos() fails. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* source3: remove sock_execGary Lockyer2017-11-201-14/+0
| | | | | | | | | | | | | | | | | | | | | | | | Remove the sock_exec code which is no longer needed and additionally has been used by exploit code. This was originally test support code, the tests relying on the sock_exec code have been removed. Past exploits have used sock_exec as a proxy for system() matching a talloc destructor prototype. See for example: Exploit for Samba vulnerabilty (CVE-2015-0240) at https://gist.github.com/worawit/051e881fc94fe4a49295 and the Red Hat post at https://access.redhat.com/blogs/766093/posts/1976553 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Nov 20 07:20:13 CET 2017 on sn-devel-144
* libsmb: Fix a typoVolker Lendecke2017-11-181-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smbclient: Implement "volume" command over SMB2.Jeremy Allison2017-11-153-0/+143
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13140 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3: libsmb: smbc_statvfs is missing the supporting SMB2 calls.Jeremy Allison2017-11-153-0/+112
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13138 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* netsamlogon_cache: Use ndr_pull_struct_blob_allVolker Lendecke2017-11-131-2/+3
| | | | | | | Be a bit more strict for error checking Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmbclient: Allow server (NetApp) to return STATUS_INVALID_PARAMETER from ↵Jeremy Allison2017-11-111-1/+10
| | | | | | | | | | | | | | an echo. It does this if we send a session ID of zero. The server still replied. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13007 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Nov 11 08:44:37 CET 2017 on sn-devel-144
* smbc_opendir should not return EEXIST with invalid login credentialsDavid Mulder2017-11-091-2/+2
| | | | | | | | | | Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jim McDonough <jmcd@samba.org> Autobuild-User(master): Jim McDonough <jmcd@samba.org> Autobuild-Date(master): Thu Nov 9 01:49:06 CET 2017 on sn-devel-144
* libsmbclient: Use const for the userAndreas Schneider2017-10-273-2/+181
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* netlogon_creds_cli: Protect netlogon_creds_cli_auth by _lckVolker Lendecke2017-09-251-8/+38
| | | | | | | | | This widens the lock range to cover the check for established credentials. Before this patch it could happen that more than one winbind finds no credentials and does the auth3. This can pile up. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2017-12150: s3:libsmb: only fallback to anonymous if authentication was ↵Stefan Metzmacher2017-09-201-12/+4
| | | | | | | | | | not requested With forced encryption or required signing we should also don't fallback. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* CVE-2017-12150: s3:pylibsmb: make use of SMB_SIGNING_DEFAULT for ↵Stefan Metzmacher2017-09-201-1/+1
| | | | | | | | 'samba.samba3.libsmb_samba_internal' BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()Stefan Metzmacher2017-09-202-3/+3
| | | | | | | | This will keep enforced encryption across dfs referrals. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* CVE-2017-12151: s3:libsmb: add cli_state_is_encryption_on() helper functionStefan Metzmacher2017-09-202-0/+14
| | | | | | | | | This allows to check if the current cli_state uses encryption (either via unix extentions or via SMB3). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:libsmb: Print the kinit failed message with DBGLVL_NOTICEAndreas Schneider2017-08-241-1/+1
| | | | | | | | | | | | | | The default debug level of smbclient is set to 'log level = 1'. So we need to use at least NOTICE to not get the message when we do not force kerberos. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12704 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Aug 24 17:22:18 CEST 2017 on sn-devel-144
* s3:libsmb: Move prototye of remote_password_change()Andreas Schneider2017-08-231-0/+10
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* s3:libsmb: Pass domain to remote_password_change()Andreas Schneider2017-08-231-2/+3
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* s3:libsmb: let do_connect() debug the negotiation result similar to "session ↵Stefan Metzmacher2017-08-191-2/+7
| | | | | | | | | | | | request ok" Also modify non-specified max_protocol to be PROTOCOL_LATEST (currently PROTOCOL_SMB3_11). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12881 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:libsmb: don't call cli_NetServerEnum() on SMB2/3 connections in ↵Stefan Metzmacher2017-08-191-0/+13
| | | | | | | | | | | | SMBC_opendir_ctx() This is all we can do with when using we allow SMB2/3 and the server supports it, 'smb://' can't work unless we implement LLMNR and maybe WSD. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12876 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:libsmb: let get_ipc_connect() use CLI_FULL_CONNECTION_FORCE_SMB1Stefan Metzmacher2017-08-191-0/+2
| | | | | | | | | | get_ipc_connect() is only used in code paths that require cli_NetServerEnum() to work, so it must already require SMB1 only. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12876 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: libsmb: Add cli_smb2_chkpath() and use from cli_chkpath().Jeremy Allison2017-08-183-1/+50
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12968 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libsmb: Enable "cli_notify" for SMB2+Volker Lendecke2017-07-261-1/+9
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 26 01:33:25 CEST 2017 on sn-devel-144
* libsmb: Add cli_smb2_notifyVolker Lendecke2017-07-252-0/+97
| | | | | | | | | | | | | | | | | | We have to do the parsing manually. Looking at librpc/gen_ndr/ndr_notify.c we have the following code snippet: size_FileName1_0 = strlen_m(r->FileName1); NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->FileName1, size_FileName1_0, sizeof(uint16_t), CH_UTF16)); which means that we take strlen_m(r->FileName1) before we pull it off the wire. Not sure how to fix this, but that is clearly broken pidl output. Once that is fixed, we can convert this to ndr_pull_struct. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: libsmb: Implement cli_smb2_setatr() by calling cli_smb2_setpathinfo().Jeremy Allison2017-07-251-52/+5
| | | | | | | | | | | This removes duplicate code paths and ensures we have only one function calling the underlying smb2cli_set_info() for setting info levels by path. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12913 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
View Lorry Controller Status