s3/smbd: Server responds incorrectly if no SMB protocol chosen The SMBnegprot response from the server contains the DialectIndex of the selected protocol from the client's request message. Currently, if no protocol is selected, the server is responding with a DialectIndex=zero, which is a valid index (PROTOCOL_CORE by default). The Windows spec, and historically the code, should return DialectIndex=0xffff if no protocol is chosen. The following commit changed it recently (presumably inadvertently), so that it now returns DialectIndex=zero. 06940155f315529c5b5 s3:smbd: Fix size types in reply_negprot() This results in somewhat confusing error messages on the client side: ERROR(runtime): uncaught exception - (3221225997, 'The transport connection has been reset.') or, when signing is configured as mandatory: smbXcli_negprot: SMB signing is mandatory and the selected protocol level (1) doesn't support it. ERROR(runtime): uncaught exception - (3221225506, '{Access Denied} A process has requested access to an object but has not been granted those access rights.') This patch restores the old behaviour of returning 0xffff. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13621 Pair-Programmed-With: Ralph Boehme <slow@samba.org> Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s3:smbd: Fix size types in reply_negprot() This fixes compilation with -Wstrict-overflow=2. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
s3:smbd: Do not crash if we fail to init the session table This should the following segfault with SMB1: #6 sig_fault (sig=<optimized out>) at ../lib/util/fault.c:94 #7 <signal handler called> #8 smbXsrv_session_create (conn=conn@entry=0x5654d3512af0, now=now@entry=131594481900356690, _session=_session@entry=0x7ffc93a778e8) at ../source3/smbd/smbXsrv_session.c:1212 #9 0x00007f7618aa21ef in reply_sesssetup_and_X (req=req@entry=0x5654d35174b0) at ../source3/smbd/sesssetup.c:961 #10 0x00007f7618ae17b0 in switch_message (type=<optimized out>, req=req@entry=0x5654d35174b0) at ../source3/smbd/process.c:1726 #11 0x00007f7618ae3550 in construct_reply (deferred_pcd=0x0, encrypted=false, seqnum=0, unread_bytes=0, size=140, inbuf=0x0, xconn=0x5654d35146d0) at ../source3/smbd/process.c:1762 #12 process_smb (xconn=xconn@entry=0x5654d3512af0, inbuf=<optimized out>, nread=140, unread_bytes=0, seqnum=0, encrypted=<optimized out>, deferred_pcd=deferred_pcd@entry=0x0) at ../source3/smbd/process.c:2008 #13 0x00007f7618ae4c41 in smbd_server_connection_read_handler (xconn=0x5654d3512af0, fd=40) at ../source3/smbd/process.c:2608 #14 0x00007f761587eedb in epoll_event_loop_once () from /lib64/libtevent.so.0 Inspection the core shows that: conn->client-session_table is NULL conn->protocol is PROTOCOL_NONE BUG: https://bugzilla.samba.org/show_bug.cgi?id=13315 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
s3:smbd: remove deprecated 'use spnego = no" handling Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
lib: Remove unused serverid.tdb Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 5 04:58:26 CET 2017 on sn-devel-144
auth: Always supply both the remote and local address to the auth subsystem This ensures that gensec, and then the NTLM auth subsystem under it, always gets the remote and local address pointers for potential logging. The local address allows us to know which interface an authentication is on Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
s3-auth: Pass service_description into gensec via auth_generic_prepare() This allows the GENSEC service description to be set from the various callers that go via this function. The RPC service description is the name of the interface from the IDL. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
smbd: Do an early exit on negprot failure BUG: https://bugzilla.samba.org/show_bug.cgi?id=12610 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
s3:smbd: allow "server min protocol = SMB3_00" to go via "SMB 2.???" negprot BUG: https://bugzilla.samba.org/show_bug.cgi?id=12540 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
smbd: Adjust debug level of "No protocol supported" message SMB clients only supporting SMB1 connecting to a Samba server that only accepts SMB protocol versions 2 and 3 can spam the logs with the "No protocol supported" message. This is useful information for debugging failed connection attempts, but it should not be in the default log. Adjust it to NOTICE/3. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
CVE-2016-2114: s3:smbd: use the correct default values for "smb signing" This means an ad_dc will now require signing by default. This matches the default behavior of Windows dc and avoids man in the middle attacks. The main logic for this hides in lpcfg_server_signing_allowed(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
s3:smbd: add negprot remote arch detection for OSX Remote arch detection for OSX clients has been broken for some time, since both Samba and OSX started supporting SMB2. Fix it by adding modern OSX client detection support to the negprot remote arch detection routine. Signed-off-by: Justin Maggard <jmaggard10@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <rb@sernet.de> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Mar 3 09:03:53 CET 2016 on sn-devel-144
s3:smbd: rework negprot remote arch detection Negprot remote arch detection is very cryptic. Rework it so it's easier to understand, and therefore more extensible, following the protocol table in inline comments. This also allows us to remove some hacks. Signed-off-by: Justin Maggard <jmaggard10@gmail.com> Reviewed-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org>
s3:smbd: remove unused spnego related includes Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
Convert all uses of uint8/16/32 to _t in source3/smbd. Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
s3:smbd: only pass smbXsrv_connection to fork_echo_handler() We don't need smbd_server_connection there. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
s3:smbd: use req->sconn in reply_negprot() xconn->sconn will go away soon. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
s3:smbd: pass smbXsrv_connection to get_challenge() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
s3:smbd: pass smbXsrv_connection to negprot_spnego() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
s3:smbd: move sconn->smb1.signing_state to xconn->smb1.signing_state This prepares the structures for multi-channel support. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>