summaryrefslogtreecommitdiff
path: root/source3/smbd/sesssetup.c
Commit message (Collapse)AuthorAgeFilesLines
* smbd: remove sub_set_smb_name()/reload_services()Ralph Boehme2020-02-061-4/+0
| | | | | | | | | | | | | | | | | | This means switching auth backend based on %U include, ie passdb backend = tdbsam include = smb.conf.%U and smb.conf.SOMEUSER contains passdb backend = smbpasswd won't work anymore. We're still calling set_current_user_info() and reload_services() later on in this function, so everything else still works as before. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* smbd: RIP user_structRalph Boehme2020-01-131-22/+0
| | | | | | | | | | At last, the nail in the coffin. :) Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jan 13 21:09:01 UTC 2020 on sn-devel-184
* smbd: remove vuid from struct user_structRalph Boehme2020-01-131-4/+0
| | | | | | | The previous commit removed all users of struct user_struct.vuid. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: use session->global->session_wire_id instead of session->compat->vuidRalph Boehme2020-01-131-6/+6
| | | | | | | | | session->compat->vuid is set to session->global->session_wire_id after a successful session setup, so both variables will always carry the same value. Cf the next commit which removes vuid from user_struct. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: move homes_snum from struct user_struct to struct smbXsrv_sessionRalph Boehme2020-01-131-5/+3
| | | | | | | No change in behaviour. A first step in removing user_struct. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: remove unused session_keystr from struct user_structRalph Boehme2019-12-201-2/+0
| | | | | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Fri Dec 20 13:06:20 UTC 2019 on sn-devel-184
* lib: Remove #define serverid_equal server_id_equalVolker Lendecke2019-11-061-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd: Start to use the smb2_signing_key structureAndreas Schneider2019-04-301-12/+36
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:librpc: Rename the data blobs for keys in smbXsrv.idlAndreas Schneider2019-04-301-10/+10
| | | | | | | | The original names will be used with a new structure to cache mac and cipher handles for gnutls later. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* smbd: Remove some unused includesVolker Lendecke2019-04-111-1/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd: Fix build on AIXBjoern Jacke2019-01-041-5/+5
| | | | | | | | | | | | AIX makes a define of ip_len in netinet/ip.h (sic!) BUG: https://bugzilla.samba.org/show_bug.cgi?id=13731 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jan 4 16:29:50 CET 2019 on sn-devel-144
* smbd: Fix "reset on zero vc"Volker Lendecke2018-05-131-9/+22
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13340 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sun May 13 23:43:56 CEST 2018 on sn-devel-144
* s3: remove dead already commented codeBjörn Jacke2018-02-211-4/+1
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:smbd: call auth_check_password_session_info() only in one central placeStefan Metzmacher2017-06-261-33/+25
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:smbd: introduce a reply_sesssetup_and_X_stateStefan Metzmacher2017-06-261-62/+69
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:smbd: inline check_guest_password() into reply_sesssetup_and_X()Stefan Metzmacher2017-06-261-42/+25
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:smbd: only set user_info->auth_description on successStefan Metzmacher2017-06-261-2/+1
| | | | | | | Otherwise we'll derefence a NULL pointer. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* source3 smdb: fix null pointer dereferenceGary Lockyer2017-04-281-1/+1
| | | | | | | | | | | | Fix the null pointer dereference in smbd, introduced in the auth logging changes. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Apr 28 07:18:54 CEST 2017 on sn-devel-144
* auth: Log the transport connection for the authorizationAndrew Bartlett2017-03-291-0/+1
| | | | | | | We also log if a simple bind was over TLS, as this particular case matters to a lot of folks Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* rpc: Always supply both the remote and local address to the auth subsystemGary Lockyer2017-03-291-3/+8
| | | | | | | | | | | This ensures that gensec, and then the NTLM auth subsystem under it, always gets the remote and local address pointers for potential logging. The local address allows us to know which interface an authentication is on Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* auth: Always supply both the remote and local address to the auth subsystemAndrew Bartlett2017-03-291-1/+3
| | | | | | | | | | | This ensures that gensec, and then the NTLM auth subsystem under it, always gets the remote and local address pointers for potential logging. The local address allows us to know which interface an authentication is on Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* auth: Add "auth_description" to allow logs to distinguish simple bind (etc)Andrew Bartlett2017-03-291-0/+6
| | | | | | | | | This will allow the authentication log to indicate clearly how the password was supplied to the server. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* auth: Fill in user_info->service_description from all callersAndrew Bartlett2017-03-291-1/+4
| | | | | | | | This will allow the logging code to make clear which protocol an authentication was for. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* s3-auth: Pass service_description into gensec via auth_generic_prepare()Andrew Bartlett2017-03-291-0/+1
| | | | | | | | | | | This allows the GENSEC service description to be set from the various callers that go via this function. The RPC service description is the name of the interface from the IDL. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* lib: Add lib/util/server_id.hVolker Lendecke2017-01-221-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3:smbd: fix anonymous authentication if signing is mandatoryStefan Metzmacher2016-05-181-2/+6
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11910 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed May 18 15:49:46 CEST 2016 on sn-devel-144
* s3:smbd: only mark real guest sessions with the GUEST flagStefan Metzmacher2016-04-281-3/+3
| | | | | | | | | | Real anonymous sessions don't get it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: make use SMB_SETUP_GUEST constantStefan Metzmacher2016-04-281-3/+3
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* CVE-2016-2114: s3:smbd: enforce "server signing = mandatory"Ralph Boehme2016-04-121-1/+3
| | | | | | | | | | | | | | This fixes a regression that was introduced by commit abb24bf8e874d525382e994af7ae432212775153 ("s3:smbd: make use of better SMB signing negotiation"). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: remove unused spnego related includesStefan Metzmacher2015-12-171-5/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:sesssetup: use session->pending_auth in smb1 session setupMichael Adam2015-07-301-11/+24
| | | | | | | (instead of session->gensec) Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Convert all uses of uint8/16/32 to _t in source3/smbd.Richard Sharpe2015-05-061-8/+8
| | | | | Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Remove server_id_str()Volker Lendecke2015-04-281-1/+2
| | | | | | | | | | Call server_id_str_buf instead Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Apr 28 20:48:01 CEST 2015 on sn-devel-104
* s3:smbd: use req->sconn in sesssetup.cStefan Metzmacher2014-09-191-2/+2
| | | | | | | xconn->sconn will go away soon. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:smbd: remember the time of the session setup auth_timeStefan Metzmacher2014-08-061-0/+3
| | | | | | | | This is the time of the last reauth. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:smbd: use req->xconn in sesssetup.cStefan Metzmacher2014-08-061-8/+8
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:smbd: move sconn->smb1.signing_state to xconn->smb1.signing_stateStefan Metzmacher2014-08-061-5/+5
| | | | | | | | This prepares the structures for multi-channel support. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:smbd: move sconn->smb1.sessions.* to xconn->smb1.sessions.*Stefan Metzmacher2014-08-061-8/+9
| | | | | | | | This prepares the structures for multi-channel support. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:smbd: move sconn->smb1.negprot.* to xconn->smb1.negprot.*Stefan Metzmacher2014-08-061-6/+5
| | | | | | | | This prepares the structures for multi-channel support. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-auth: Finally change make_user_info_*() use a parent talloc contextAndrew Bartlett2014-04-021-8/+10
| | | | | | Change-Id: Iedf516e8c24e0d18064aeedd8e287ed692d3c5b4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3:smbd: let srvstr_pull_req_talloc() take 'const uint8_t *src'Stefan Metzmacher2014-04-021-5/+4
| | | | | | | | | | This is the correct thing to do the smb request buffer contains just bytes (uint8_t). It also avoids strange casting in the callers. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/gensec: remove tevent_context argument from gensec_update()Stefan Metzmacher2014-03-271-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:smbd: reject a MaxBufferSize < SMB_BUFFER_SIZE_MIN (500) in a session ↵Stefan Metzmacher2014-03-051-6/+13
| | | | | | | | | | setup request This makes sure sconn->smb1.sessions.max_send is always >= SMB_BUFFER_SIZE_MIN. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: set native os according to Windows and NBT_ANNOUNCE_VERSION definesBjörn Jacke2014-01-141-1/+5
| | | | | | | | | | | | | | When the native os in sessionsetup is "Unix" then broken Konica Minolta printers refuse to talk to those CIFS servers. Other CIFS servers also announce themselves with native os Windows. Let's do the same to improve interoperability with broken devices like those printers from Konica Minolta. Thanks to Daniel Hoffmann for finding and reporting this Konika printer brokenness. https://bugzilla.samba.org/show_bug.cgi?id=10168 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd: keep global_client_caps and max_send from the first successful ↵Stefan Metzmacher2013-03-201-4/+10
| | | | | | | session setup Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smbd:setup_new_vc_session: traverse sessions instead of connections to ↵Gregor Beck2012-10-191-10/+17
| | | | | | | shutdown other smbds Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* s3:smbd: initialize session->global before calling session_claimGregor Beck2012-10-191-20/+20
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* s3:smbd: remove smbd_server_connection argument from session_claim()Gregor Beck2012-10-191-2/+2
| | | | | | | retrieve the server connection from the smbXsrv_session argument instead. Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* s3:smbd: pass smbXsrv_session instead of user_struct to session_claim() and ↵Gregor Beck2012-10-191-2/+2
| | | | | | | session_yield() Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* s3:smbd: remove unused variable in sesssetup.cStefan Metzmacher2012-08-051-1/+0
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Aug 5 23:09:06 CEST 2012 on sn-devel-104
View Lorry Controller Status