[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Thu Jul 21 15:34:03 MDT 2011
The branch, master has been updated
via 2b1fc7c s3:winbindd_cm: remove unused checks for address family
via ebe258d s3:libsmb: replace cli_initialise[_ex]() by cli_state_create()
via 04b740d s3:include: remove unused cli_state->called and cli_state->calling
via 392ddf9 s3:libsmb: don't pass cli->called.name to NTLMv2_generate_names_blob()
via 25447a5 s3:libsmb: move cli->vuid to cli->smb1.uid and hide it behind cli_state_[g|s]et_uid()
via c70103f s3:libsmb: add cli_state_encryption_on()
from fb2ee30 s3-rpc_server: Pass msg_ctx to make_base_pipes_struct().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2b1fc7c0d30b6fbef3cb61775f37062fdc2c9656
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 21 21:51:11 2011 +0200
s3:winbindd_cm: remove unused checks for address family
If we got a connection, we don't need to check what
address family it uses.
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Thu Jul 21 23:33:48 CEST 2011 on sn-devel-104
commit ebe258dd4091c00cf2ca3d6648cf4d60cb682ee1
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 21 21:47:36 2011 +0200
s3:libsmb: replace cli_initialise[_ex]() by cli_state_create()
This makes sure cli_state->src_ss and cli_state->dest_ss are always
initialized.
metze
commit 04b740d18b5f7868bcded1b1bda504a95082425a
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 21 21:18:27 2011 +0200
s3:include: remove unused cli_state->called and cli_state->calling
metze
commit 392ddf970c8f8486e79eec5214ed49912e344e09
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 21 21:15:38 2011 +0200
s3:libsmb: don't pass cli->called.name to NTLMv2_generate_names_blob()
cli->called.name is never initialized, so this change doesn't change
the behavior. And this behavior seems to be correct, see
commit 29c0c37691da10bf061ba90a5b31482bda2fa486
s4/libcli: do not use netbios name in NTLMv2 blobs w/o spnego.
metze
commit 25447a528a1f5c37e0e62bbc990b87c868de784a
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 21 09:20:43 2011 +0200
s3:libsmb: move cli->vuid to cli->smb1.uid and hide it behind cli_state_[g|s]et_uid()
metze
commit c70103f3f81c45846acc60fa84027247d72913f5
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jul 18 19:46:59 2011 +0200
s3:libsmb: add cli_state_encryption_on()
metze
-----------------------------------------------------------------------
Summary of changes:
source3/client/client.c | 7 +++--
source3/include/client.h | 4 +--
source3/libsmb/cliconnect.c | 48 +++++++++-------------------------
source3/libsmb/clientgen.c | 53 +++++++++++++++++++++++++++++++++-----
source3/libsmb/libsmb_context.c | 2 +-
source3/libsmb/proto.h | 9 +++++-
source3/torture/torture.c | 35 ++++++++++++-------------
source3/winbindd/winbindd_cm.c | 46 +--------------------------------
8 files changed, 91 insertions(+), 113 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/client/client.c b/source3/client/client.c
index d489ea7..1cf4410 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -4261,11 +4261,12 @@ static int cmd_vuid(void)
char *buf;
if (!next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
- d_printf("Current VUID is %d\n", cli->vuid);
+ d_printf("Current VUID is %d\n",
+ cli_state_get_uid(cli));
return 0;
}
- cli->vuid = atoi(buf);
+ cli_state_set_uid(cli, atoi(buf));
return 0;
}
@@ -4303,7 +4304,7 @@ static int cmd_logon(void)
return -1;
}
- d_printf("Current VUID is %d\n", cli->vuid);
+ d_printf("Current VUID is %d\n", cli_state_get_uid(cli));
return 0;
}
diff --git a/source3/include/client.h b/source3/include/client.h
index 5e4e0a3..cfc0b41 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -52,7 +52,6 @@ struct cli_state {
*/
struct cli_state *prev, *next;
int fd;
- uint16 vuid;
int protocol;
int sec_mode;
int rap_error;
@@ -76,9 +75,7 @@ struct cli_state {
char *share;
char *dev;
- struct nmb_name called;
struct sockaddr_storage src_ss;
- struct nmb_name calling;
struct sockaddr_storage dest_ss;
DATA_BLOB secblob; /* cryptkey or negTokenInit */
@@ -135,6 +132,7 @@ struct cli_state {
uint16_t pid;
uint16_t vc_num;
uint16_t tid;
+ uint16_t uid;
} smb1;
struct {
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 4e3e47f..6a7931b 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -274,7 +274,7 @@ static void cli_session_setup_lanman2_done(struct tevent_req *subreq)
inbuf = (char *)in;
p = bytes;
- cli->vuid = SVAL(inbuf, smb_uid);
+ cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
status = smb_bytes_talloc_string(cli,
@@ -502,7 +502,7 @@ static void cli_session_setup_guest_done(struct tevent_req *subreq)
inbuf = (char *)in;
p = bytes;
- cli->vuid = SVAL(inbuf, smb_uid);
+ cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
status = smb_bytes_talloc_string(cli,
@@ -709,7 +709,7 @@ static void cli_session_setup_plain_done(struct tevent_req *subreq)
inbuf = (char *)in;
p = bytes;
- cli->vuid = SVAL(inbuf, smb_uid);
+ cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
status = smb_bytes_talloc_string(cli,
@@ -861,11 +861,11 @@ static struct tevent_req *cli_session_setup_nt1_send(
/*
* note that the 'workgroup' here is a best
* guess - we don't know the server's domain
- * at this point. The 'server name' is also
- * dodgy...
+ * at this point. Windows clients also don't
+ * use hostname...
*/
names_blob = NTLMv2_generate_names_blob(
- NULL, cli->called.name, workgroup);
+ NULL, NULL, workgroup);
if (tevent_req_nomem(names_blob.data, req)) {
return tevent_req_post(req, ev);
@@ -1066,7 +1066,7 @@ static void cli_session_setup_nt1_done(struct tevent_req *subreq)
inbuf = (char *)in;
p = bytes;
- cli->vuid = SVAL(inbuf, smb_uid);
+ cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
status = smb_bytes_talloc_string(cli,
@@ -1305,7 +1305,7 @@ static void cli_sesssetup_blob_done(struct tevent_req *subreq)
TALLOC_FREE(state->buf);
state->inbuf = (char *)inbuf;
- cli->vuid = SVAL(state->inbuf, smb_uid);
+ cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
blob_length = SVAL(vwv+3, 0);
@@ -1385,7 +1385,7 @@ static NTSTATUS cli_sesssetup_blob_recv(struct tevent_req *req,
char *inbuf;
if (tevent_req_is_nterror(req, &status)) {
- state->cli->vuid = 0;
+ cli_state_set_uid(state->cli, UID_FIELD_INVALID);
return status;
}
@@ -1743,7 +1743,7 @@ static NTSTATUS cli_session_setup_ntlmssp_recv(struct tevent_req *req)
NTSTATUS status;
if (tevent_req_is_nterror(req, &status)) {
- state->cli->vuid = 0;
+ cli_state_set_uid(state->cli, UID_FIELD_INVALID);
return status;
}
return NT_STATUS_OK;
@@ -2126,7 +2126,7 @@ static void cli_ulogoff_done(struct tevent_req *subreq)
tevent_req_nterror(req, status);
return;
}
- state->cli->vuid = -1;
+ cli_state_set_uid(state->cli, UID_FIELD_INVALID);
tevent_req_done(req);
}
@@ -2849,8 +2849,6 @@ NTSTATUS cli_connect_nb(const char *host, struct sockaddr_storage *pss,
int fd = -1;
char *desthost;
char *p;
- socklen_t length;
- int ret;
desthost = talloc_strdup(talloc_tos(), host);
if (desthost == NULL) {
@@ -2866,34 +2864,14 @@ NTSTATUS cli_connect_nb(const char *host, struct sockaddr_storage *pss,
}
}
- cli = cli_initialise_ex(signing_state);
- if (cli == NULL) {
- goto fail;
- }
- cli->desthost = talloc_move(cli, &desthost);
-
status = cli_connect_sock(host, name_type, pss, myname, port, 20, &fd,
&port);
if (!NT_STATUS_IS_OK(status)) {
- cli_shutdown(cli);
goto fail;
}
- cli->fd = fd;
- length = sizeof(cli->src_ss);
- ret = getsockname(fd, (struct sockaddr *)(void *)&cli->src_ss,
- &length);
- if (ret == -1) {
- status = map_nt_error_from_unix(errno);
- cli_shutdown(cli);
- goto fail;
- }
- length = sizeof(cli->dest_ss);
- ret = getpeername(fd, (struct sockaddr *)(void *)&cli->dest_ss,
- &length);
- if (ret == -1) {
- status = map_nt_error_from_unix(errno);
- cli_shutdown(cli);
+ cli = cli_state_create(NULL, fd, desthost, signing_state);
+ if (cli == NULL) {
goto fail;
}
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 0ee361f..1ac5c2e 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -70,7 +70,7 @@ void cli_setup_packet_buf(struct cli_state *cli, char *buf)
SIVAL(buf,smb_rcls,0);
SSVAL(buf,smb_pid,cli->smb1.pid);
memset(buf+smb_pidhigh, 0, 12);
- SSVAL(buf,smb_uid,cli->vuid);
+ SSVAL(buf,smb_uid, cli_state_get_uid(cli));
SSVAL(buf,smb_mid,cli->smb1.mid);
if (cli->protocol <= PROTOCOL_CORE) {
@@ -161,11 +161,16 @@ NTSTATUS cli_init_creds(struct cli_state *cli, const char *username, const char
Set the signing state (used from the command line).
****************************************************************************/
-struct cli_state *cli_initialise_ex(int signing_state)
+struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
+ int fd,
+ const char *desthost,
+ int signing_state)
{
struct cli_state *cli = NULL;
bool allow_smb_signing = false;
bool mandatory_signing = false;
+ size_t length;
+ int ret;
/* Check the effective uid - make sure we are not setuid */
if (is_setuid_root()) {
@@ -173,7 +178,7 @@ struct cli_state *cli_initialise_ex(int signing_state)
return NULL;
}
- cli = talloc_zero(NULL, struct cli_state);
+ cli = talloc_zero(mem_ctx, struct cli_state);
if (!cli) {
return NULL;
}
@@ -184,7 +189,6 @@ struct cli_state *cli_initialise_ex(int signing_state)
}
cli->fd = -1;
cli->raw_status = NT_STATUS_INTERNAL_ERROR;
- cli->vuid = UID_FIELD_INVALID;
cli->protocol = PROTOCOL_NT1;
cli->timeout = 20000; /* Timeout is in milliseconds. */
cli->max_xmit = CLI_BUFFER_SIZE+4;
@@ -235,13 +239,35 @@ struct cli_state *cli_initialise_ex(int signing_state)
}
cli->pending = NULL;
- cli->initialised = 1;
+ cli->desthost = talloc_strdup(cli, desthost);
+ if (cli->desthost == NULL) {
+ goto error;
+ }
+
+ cli->fd = fd;
+
+ length = sizeof(cli->src_ss);
+ ret = getsockname(fd,
+ (struct sockaddr *)(void *)&cli->src_ss,
+ &length);
+ if (ret == -1) {
+ goto error;
+ }
+ length = sizeof(cli->dest_ss);
+ ret = getpeername(fd,
+ (struct sockaddr *)(void *)&cli->dest_ss,
+ &length);
+ if (ret == -1) {
+ goto error;
+ }
cli->smb1.mid = 1;
cli->smb1.pid = (uint16_t)sys_getpid();
cli->smb1.vc_num = cli->smb1.pid;
cli->smb1.tid = UINT16_MAX;
+ cli->smb1.uid = UID_FIELD_INVALID;
+ cli->initialised = 1;
return cli;
/* Clean up after malloc() error */
@@ -252,11 +278,12 @@ struct cli_state *cli_initialise_ex(int signing_state)
return NULL;
}
-struct cli_state *cli_initialise(void)
+bool cli_state_encryption_on(struct cli_state *cli)
{
- return cli_initialise_ex(Undefined);
+ return common_encryption_on(cli->trans_enc_state);
}
+
/****************************************************************************
Close all pipes open on this session.
****************************************************************************/
@@ -385,6 +412,18 @@ uint16_t cli_state_set_tid(struct cli_state *cli, uint16_t tid)
return ret;
}
+uint16_t cli_state_get_uid(struct cli_state *cli)
+{
+ return cli->smb1.uid;
+}
+
+uint16_t cli_state_set_uid(struct cli_state *cli, uint16_t uid)
+{
+ uint16_t ret = cli->smb1.uid;
+ cli->smb1.uid = uid;
+ return ret;
+}
+
/****************************************************************************
Set the case sensitivity flag on the packets. Returns old state.
****************************************************************************/
diff --git a/source3/libsmb/libsmb_context.c b/source3/libsmb/libsmb_context.c
index 14f646f..789a555 100644
--- a/source3/libsmb/libsmb_context.c
+++ b/source3/libsmb/libsmb_context.c
@@ -470,7 +470,7 @@ smbc_option_get(SMBCCTX *context,
for (s = context->internal->servers; s; s = s->next) {
num_servers++;
- if (s->cli->trans_enc_state == NULL) {
+ if (!cli_state_encryption_on(s->cli)) {
return (void *)false;
}
}
diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h
index 127983d..08d651f 100644
--- a/source3/libsmb/proto.h
+++ b/source3/libsmb/proto.h
@@ -159,8 +159,11 @@ NTSTATUS cli_set_domain(struct cli_state *cli, const char *domain);
NTSTATUS cli_set_username(struct cli_state *cli, const char *username);
NTSTATUS cli_set_password(struct cli_state *cli, const char *password);
NTSTATUS cli_init_creds(struct cli_state *cli, const char *username, const char *domain, const char *password);
-struct cli_state *cli_initialise(void);
-struct cli_state *cli_initialise_ex(int signing_state);
+struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
+ int fd,
+ const char *desthost,
+ int signing_state);
+bool cli_state_encryption_on(struct cli_state *cli);
void cli_nt_pipes_close(struct cli_state *cli);
void cli_shutdown(struct cli_state *cli);
void cli_sockopt(struct cli_state *cli, const char *options);
@@ -170,6 +173,8 @@ uint16_t cli_getpid(struct cli_state *cli);
bool cli_state_has_tcon(struct cli_state *cli);
uint16_t cli_state_get_tid(struct cli_state *cli);
uint16_t cli_state_set_tid(struct cli_state *cli, uint16_t tid);
+uint16_t cli_state_get_uid(struct cli_state *cli);
+uint16_t cli_state_set_uid(struct cli_state *cli, uint16_t uid);
bool cli_set_case_sensitive(struct cli_state *cli, bool case_sensitive);
struct tevent_req *cli_echo_send(TALLOC_CTX *mem_ctx, struct event_context *ev,
struct cli_state *cli, uint16_t num_echos,
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 6317d0e..fbfe52d 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -429,20 +429,20 @@ bool torture_init_connection(struct cli_state **pcli)
bool torture_cli_session_setup2(struct cli_state *cli, uint16 *new_vuid)
{
- uint16 old_vuid = cli->vuid;
+ uint16_t old_vuid = cli_state_get_uid(cli);
fstring old_user_name;
size_t passlen = strlen(password);
NTSTATUS status;
bool ret;
fstrcpy(old_user_name, cli->user_name);
- cli->vuid = 0;
+ cli_state_set_uid(cli, 0);
ret = NT_STATUS_IS_OK(cli_session_setup(cli, username,
password, passlen,
password, passlen,
workgroup));
- *new_vuid = cli->vuid;
- cli->vuid = old_vuid;
+ *new_vuid = cli_state_get_uid(cli);
+ cli_state_set_uid(cli, old_vuid);
status = cli_set_username(cli, old_user_name);
if (!NT_STATUS_IS_OK(status)) {
return false;
@@ -1367,7 +1367,7 @@ static bool run_tcon_test(int dummy)
}
cnum1 = cli_state_get_tid(cli);
- vuid1 = cli->vuid;
+ vuid1 = cli_state_get_uid(cli);
status = cli_writeall(cli, fnum1, 0, (uint8_t *)buf, 130, 4, NULL);
if (!NT_STATUS_IS_OK(status)) {
@@ -1386,7 +1386,7 @@ static bool run_tcon_test(int dummy)
cnum2 = cli_state_get_tid(cli);
cnum3 = MAX(cnum1, cnum2) + 1; /* any invalid number */
- vuid2 = cli->vuid + 1;
+ vuid2 = cli_state_get_uid(cli) + 1;
/* try a write with the wrong tid */
cli_state_set_tid(cli, cnum2);
@@ -1414,7 +1414,7 @@ static bool run_tcon_test(int dummy)
}
/* try a write with an invalid vuid */
- cli->vuid = vuid2;
+ cli_state_set_uid(cli, vuid2);
cli_state_set_tid(cli, cnum1);
status = cli_writeall(cli, fnum1, 0, (uint8_t *)buf, 130, 4, NULL);
@@ -1427,7 +1427,7 @@ static bool run_tcon_test(int dummy)
}
cli_state_set_tid(cli, cnum1);
- cli->vuid = vuid1;
+ cli_state_set_uid(cli, vuid1);
status = cli_close(cli, fnum1);
if (!NT_STATUS_IS_OK(status)) {
@@ -2734,7 +2734,7 @@ static bool run_fdpasstest(int dummy)
return False;
}
- cli2->vuid = cli1->vuid;
+ cli_state_set_uid(cli2, cli_state_get_uid(cli1));
cli_state_set_tid(cli2, cli_state_get_tid(cli1));
cli_setpid(cli2, cli_getpid(cli1));
@@ -2800,8 +2800,8 @@ static bool run_fdsesstest(int dummy)
return False;
}
- saved_vuid = cli->vuid;
- cli->vuid = new_vuid;
+ saved_vuid = cli_state_get_uid(cli);
+ cli_state_set_uid(cli, new_vuid);
if (cli_read_old(cli, fnum1, buf, 0, 13) == 13) {
printf("read succeeded with different vuid! nasty security hole [%s]\n",
@@ -2819,7 +2819,7 @@ static bool run_fdsesstest(int dummy)
ret = False;
}
- cli->vuid = saved_vuid;
+ cli_state_set_uid(cli, saved_vuid);
/* Try with same vuid, different cnum. */
cli_state_set_tid(cli, new_cnum);
@@ -6358,7 +6358,7 @@ static bool run_sesssetup_bench(int dummy)
return false;
}
- d_printf("\r%d ", (int)c->vuid);
+ d_printf("\r%d ", (int)cli_state_get_uid(c));
status = cli_ulogoff(c);
if (!NT_STATUS_IS_OK(status)) {
@@ -6366,7 +6366,6 @@ static bool run_sesssetup_bench(int dummy)
__location__, nt_errstr(status));
return false;
}
- c->vuid = 0;
}
return true;
@@ -7099,7 +7098,7 @@ static bool run_uid_regression_test(int dummy)
cli_sockopt(cli, sockops);
/* Ok - now save then logoff our current user. */
- old_vuid = cli->vuid;
+ old_vuid = cli_state_get_uid(cli);
status = cli_ulogoff(cli);
if (!NT_STATUS_IS_OK(status)) {
@@ -7109,7 +7108,7 @@ static bool run_uid_regression_test(int dummy)
goto out;
}
- cli->vuid = old_vuid;
+ cli_state_set_uid(cli, old_vuid);
/* Try an operation. */
status = cli_mkdir(cli, "\\uid_reg_test");
@@ -7130,7 +7129,7 @@ static bool run_uid_regression_test(int dummy)
old_cnum = cli_state_get_tid(cli);
/* Now try a SMBtdis with the invald vuid set to zero. */
- cli->vuid = 0;
+ cli_state_set_uid(cli, 0);
/* This should succeed. */
status = cli_tdis(cli);
@@ -7143,7 +7142,7 @@ static bool run_uid_regression_test(int dummy)
goto out;
}
- cli->vuid = old_vuid;
+ cli_state_set_uid(cli, old_vuid);
cli_state_set_tid(cli, old_cnum);
--
Samba Shared Repository
More information about the samba-cvs
mailing list