[SCM] Samba Shared Repository - branch v4-1-test updated

Karolin Seeger kseeger at samba.org
Mon Mar 23 21:51:04 MDT 2015


The branch, v4-1-test has been updated
       via  f5e3b94 s3: lib: libsmbclient: If reusing a server struct, check every cli->timout miliseconds if it's still valid before use.
       via  b417ef0 s3: libcli: smb1: Ensure we correctly finish a tevent req if the writev fails in the SMB1 case.
       via  9e395c9 s3: lib: ntlmssp: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't set, cope with servers that don't send the 2 unused fields.
       via  2355e2d s4: lib: auth: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't set, cope with servers that don't send the 2 unused fields.
       via  f9fd1dc docs/idmap_rid: remove deprecated base_rid from example
      from  f244eaa talloc: version 2.1.2

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test


- Log -----------------------------------------------------------------
commit f5e3b9440805e548a8b41fa76f98a366f7426047
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Mar 18 14:15:16 2015 -0700

    s3: lib: libsmbclient: If reusing a server struct, check every cli->timout miliseconds if it's still valid before use.
    
    Uses an cli_echo() call to do so.
    
    Based on code from <shargagan at novell.com>
    
    Bug 11079 - libsmbclient not checking the cached connection alive status before re-using it from connection cache
    
    https://bugzilla.samba.org/show_bug.cgi?id=11079
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: David Disseldorp <ddiss at samba.org>
    
    Autobuild-User(master): David Disseldorp <ddiss at samba.org>
    Autobuild-Date(master): Fri Mar 20 13:48:26 CET 2015 on sn-devel-104
    
    (cherry picked from commit 4f4151ea050a5f34e42d73a4bf9448c673a35787)
    
    Autobuild-User(v4-1-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-1-test): Tue Mar 24 04:50:34 CET 2015 on sn-devel-104

commit b417ef0680bdd737760a1386c54973214b2163f4
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Mar 19 10:40:56 2015 -0700

    s3: libcli: smb1: Ensure we correctly finish a tevent req if the writev fails in the SMB1 case.
    
    We haven't added the req to the pending array yet, as SMB1 requests can
    be one-way (no reply needed). So if we error out after the writev, but
    before we add to the pending array we must rember to terminate our current
    tevent req with a tevent_req_nterror call.
    
    Fixes bug 11173 - SMB1 Server disconnect can cause timeout on client write error.
    
    https://bugzilla.samba.org/show_bug.cgi?id=11173
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    
    Autobuild-User(master): Michael Adam <obnox at samba.org>
    Autobuild-Date(master): Fri Mar 20 05:08:25 CET 2015 on sn-devel-104
    
    (cherry picked from commit 00d92f59257ce8fe1729becd72e13a42dfff0589)

commit 9e395c9c445f101014a01b7d3589bdf524f17883
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Mar 9 14:27:43 2015 -0700

    s3: lib: ntlmssp: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't set, cope with servers that don't send the 2 unused fields.
    
    Packet traces showing such servers are found in the bug this fixes:
    
    https://bugzilla.samba.org/show_bug.cgi?id=10016
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    
    Autobuild-User(master): Michael Adam <obnox at samba.org>
    Autobuild-Date(master): Thu Mar 19 12:05:56 CET 2015 on sn-devel-104
    
    (cherry picked from commit ffe33940faa6fb762fd2483f0245448b0434be00)

commit 2355e2dc577d87f251097200aef519131ef9cfe2
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Mar 9 14:21:22 2015 -0700

    s4: lib: auth: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't set, cope with servers that don't send the 2 unused fields.
    
    Packet traces showing such servers are found in the bug this fixes:
    
    https://bugzilla.samba.org/show_bug.cgi?id=10016
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    (cherry picked from commit 5137af570d8a173d7775754ad2e60d6d8efbe3a2)

commit f9fd1dca432505773995471d159bd1f4e199ab90
Author: David Disseldorp <ddiss at samba.org>
Date:   Fri Jan 16 16:21:24 2015 +0100

    docs/idmap_rid: remove deprecated base_rid from example
    
    The base_rid option has been deprecated for some time. Specifying a
    value of 1000 (as recommended in the parameter description and example
    section) can result in failed mapping of group SIDs, where RIDs do not
    start at 1000.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=11169
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Michael Adam <obnox at samba.org>
    Autobuild-Date(master): Mon Jan 19 09:09:22 CET 2015 on sn-devel-104
    
    (cherry picked from commit 8466587c589f01d59294be36ad0b347f5d82a11f)

-----------------------------------------------------------------------

Summary of changes:
 auth/ntlmssp/ntlmssp_client.c     | 40 +++++++++++++++++++++++++++++++++++----
 docs-xml/manpages/idmap_rid.8.xml |  3 ---
 libcli/smb/smbXcli_base.c         |  1 +
 source3/include/libsmb_internal.h |  1 +
 source3/libsmb/libsmb_server.c    | 16 ++++++++++++++++
 source3/libsmb/ntlmssp.c          | 38 ++++++++++++++++++++++++++++++++++---
 6 files changed, 89 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c
index fc66a8d..c168244 100644
--- a/auth/ntlmssp/ntlmssp_client.c
+++ b/auth/ntlmssp/ntlmssp_client.c
@@ -131,12 +131,13 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
 		talloc_get_type_abort(gensec_security->private_data,
 				      struct gensec_ntlmssp_context);
 	struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
-	uint32_t chal_flags, ntlmssp_command, unkn1, unkn2;
+	uint32_t chal_flags, ntlmssp_command, unkn1 = 0, unkn2 = 0;
 	DATA_BLOB server_domain_blob;
 	DATA_BLOB challenge_blob;
 	DATA_BLOB target_info = data_blob(NULL, 0);
 	char *server_domain;
 	const char *chal_parse_string;
+	const char *chal_parse_string_short = NULL;
 	const char *auth_gen_string;
 	DATA_BLOB lm_response = data_blob(NULL, 0);
 	DATA_BLOB nt_response = data_blob(NULL, 0);
@@ -177,6 +178,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
 			chal_parse_string = "CdUdbddB";
 		} else {
 			chal_parse_string = "CdUdbdd";
+			chal_parse_string_short = "CdUdb";
 		}
 		auth_gen_string = "CdBBUUUBd";
 	} else {
@@ -184,6 +186,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
 			chal_parse_string = "CdAdbddB";
 		} else {
 			chal_parse_string = "CdAdbdd";
+			chal_parse_string_short = "CdAdb";
 		}
 
 		auth_gen_string = "CdBBAAABd";
@@ -198,10 +201,39 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
 			 &challenge_blob, 8,
 			 &unkn1, &unkn2,
 			 &target_info)) {
+
+		bool ok = false;
+
 		DEBUG(1, ("Failed to parse the NTLMSSP Challenge: (#2)\n"));
-		dump_data(2, in.data, in.length);
-		talloc_free(mem_ctx);
-		return NT_STATUS_INVALID_PARAMETER;
+
+		if (chal_parse_string_short != NULL) {
+			/*
+			 * In the case where NTLMSSP_NEGOTIATE_TARGET_INFO
+			 * is not used, some NTLMSSP servers don't return
+			 * the unused unkn1 and unkn2 fields.
+			 * See bug:
+			 * https://bugzilla.samba.org/show_bug.cgi?id=10016
+			 * for packet traces.
+			 * Try and parse again without them.
+			 */
+			ok = msrpc_parse(mem_ctx,
+				&in, chal_parse_string_short,
+				"NTLMSSP",
+				&ntlmssp_command,
+				&server_domain,
+				&chal_flags,
+				&challenge_blob, 8);
+			if (!ok) {
+				DEBUG(1, ("Failed to short parse "
+					"the NTLMSSP Challenge: (#2)\n"));
+			}
+		}
+
+		if (!ok) {
+			dump_data(2, in.data, in.length);
+			talloc_free(mem_ctx);
+			return NT_STATUS_INVALID_PARAMETER;
+		}
 	}
 
 	if (chal_flags & NTLMSSP_TARGET_TYPE_SERVER) {
diff --git a/docs-xml/manpages/idmap_rid.8.xml b/docs-xml/manpages/idmap_rid.8.xml
index 9b96b8e..5a0ed1f 100644
--- a/docs-xml/manpages/idmap_rid.8.xml
+++ b/docs-xml/manpages/idmap_rid.8.xml
@@ -65,8 +65,6 @@
 			This means SIDs with a RID less than the base rid are filtered.
 			The default is not to restrict the allowed rids at all,
 			i.e. a base_rid value of 0.
-			A good value for the base_rid can be 1000, since user
-			RIDs by default start at 1000 (512 hexadecimal).
 		</para>
 		<para>
 			Use of this parameter is deprecated.
@@ -114,7 +112,6 @@
 
 	idmap config TRUSTED : backend  = rid
 	idmap config TRUSTED : range    = 50000 - 99999
-	idmap config TRUSTED : base_rid = 1000
 	</programlisting>
 </refsect1>
 
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 7fadffa..0c6a6d2 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -1580,6 +1580,7 @@ static void smb1cli_req_writev_done(struct tevent_req *subreq)
 	if (nwritten == -1) {
 		NTSTATUS status = map_nt_error_from_unix_common(err);
 		smbXcli_conn_disconnect(state->conn, status);
+		tevent_req_nterror(req, status);
 		return;
 	}
 
diff --git a/source3/include/libsmb_internal.h b/source3/include/libsmb_internal.h
index ce73181..65fad99 100644
--- a/source3/include/libsmb_internal.h
+++ b/source3/include/libsmb_internal.h
@@ -81,6 +81,7 @@ struct _SMBCSRV {
 	bool no_pathinfo3;
         bool no_nt_session;
         struct policy_handle pol;
+	time_t last_echo_time;
 
 	SMBCSRV *next, *prev;
 };
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index d4254da..b1a4ed7 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -45,10 +45,26 @@ int
 SMBC_check_server(SMBCCTX * context,
                   SMBCSRV * server)
 {
+	time_t now;
+
 	if (!cli_state_is_connected(server->cli)) {
 		return 1;
 	}
 
+	now = time_mono(NULL);
+
+	if (server->last_echo_time == (time_t)0 ||
+			now > server->last_echo_time +
+				(server->cli->timeout/1000)) {
+		unsigned char data[16] = {0};
+		NTSTATUS status = cli_echo(server->cli,
+					1,
+					data_blob_const(data, sizeof(data)));
+		if (!NT_STATUS_IS_OK(status)) {
+			return 1;
+		}
+		server->last_echo_time = now;
+	}
 	return 0;
 }
 
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 617b34b..e661aeb 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -359,12 +359,13 @@ static NTSTATUS ntlmssp3_client_challenge(struct ntlmssp_state *ntlmssp_state,
 				         TALLOC_CTX *out_mem_ctx, /* Unused at this time */
 					 const DATA_BLOB reply, DATA_BLOB *next_request)
 {
-	uint32_t chal_flags, ntlmssp_command, unkn1, unkn2;
+	uint32_t chal_flags, ntlmssp_command, unkn1 = 0, unkn2 = 0;
 	DATA_BLOB server_domain_blob;
 	DATA_BLOB challenge_blob;
 	DATA_BLOB struct_blob = data_blob_null;
 	char *server_domain;
 	const char *chal_parse_string;
+	const char *chal_parse_string_short = NULL;
 	const char *auth_gen_string;
 	DATA_BLOB lm_response = data_blob_null;
 	DATA_BLOB nt_response = data_blob_null;
@@ -474,6 +475,7 @@ noccache:
 			chal_parse_string = "CdUdbddB";
 		} else {
 			chal_parse_string = "CdUdbdd";
+			chal_parse_string_short = "CdUdb";
 		}
 		auth_gen_string = "CdBBUUUBd";
 	} else {
@@ -481,6 +483,7 @@ noccache:
 			chal_parse_string = "CdAdbddB";
 		} else {
 			chal_parse_string = "CdAdbdd";
+			chal_parse_string_short = "CdAdb";
 		}
 
 		auth_gen_string = "CdBBAAABd";
@@ -497,9 +500,38 @@ noccache:
 			 &challenge_blob, 8,
 			 &unkn1, &unkn2,
 			 &struct_blob)) {
+
+		bool ok = false;
+
 		DEBUG(1, ("Failed to parse the NTLMSSP Challenge: (#2)\n"));
-		dump_data(2, reply.data, reply.length);
-		return NT_STATUS_INVALID_PARAMETER;
+
+		if (chal_parse_string_short != NULL) {
+			/*
+			 * In the case where NTLMSSP_NEGOTIATE_TARGET_INFO
+			 * is not used, some NTLMSSP servers don't return
+			 * the unused unkn1 and unkn2 fields.
+			 * See bug:
+			 * https://bugzilla.samba.org/show_bug.cgi?id=10016
+			 * for packet traces.
+			 * Try and parse again without them.
+			 */
+			ok = msrpc_parse(ntlmssp_state, &reply,
+				chal_parse_string_short,
+				"NTLMSSP",
+				&ntlmssp_command,
+				&server_domain,
+				&chal_flags,
+				&challenge_blob, 8);
+			if (!ok) {
+				DEBUG(1, ("Failed to short parse "
+					"the NTLMSSP Challenge: (#2)\n"));
+			}
+		}
+
+		if (!ok) {
+			dump_data(2, reply.data, reply.length);
+			return NT_STATUS_INVALID_PARAMETER;
+		}
 	}
 
 	if (chal_flags & NTLMSSP_TARGET_TYPE_SERVER) {


-- 
Samba Shared Repository


More information about the samba-cvs mailing list