The branch, master has been updated via 66736fe s4:torture/rpc: use dcerpc_secondary_auth_connection with creds via 87bf1a6 s4:torture/rpc: use dcerpc_secondary_auth_connection with anon creds via e0bb97f s4:torture/samba3rpc: use pipe_bind_smb_auth() via 810d630 s4:torture/samba3rpc: add pipe_bind_smb_auth() via f42d4e9 s4:torture/samba3rpc: use pipe_bind_smb2() via 1df9416 s4:torture/samba3rpc: add pipe_bind_smb2() via d80c389 s4:torture/samba3rpc: use pipe_bind_smb() in more places via 5a849c1 s4:torture/samba3rpc: move pipe_bind_smb() to the top via 07b1e37 s4:libnet: make use of dcerpc_secondary_auth_connection_send/recv() via f036683 s4:libcli/clilsa: only remember the dcerpc_binding_handle via 8c22f81 s4:librpc/rpc: add dcerpc_secondary_auth_connection() via 9c165e5 dcerpc.idl: fix calculatin of uint16 secondary_address_size; via 9f62c4e pidl:Samba4/NDR/Parser: always initialize _mem_save_ pointers to NULL via 856c9aa pidl:Samba3/ServerNDR: add pidl_reset() and pidl_return() helper functions via 16952dc pidl:Samba3/ServerNDR: make CallWithStruct() more flexible via b3de334 pidl:Samba3/ServerNDR: simplify CallWithStruct() via 365d9d8 docs:smb.conf: explain effect of new setting 'desired' of smb encrypt via 1435770 smbd:smb2: use encryption_desired in send_break via 41cb881 smbd:smb2: only enable encryption in tcon if desired via fc22802 smbd:smb2: only enable encryption in session if desired via 3bb2999 smbd:smb2: separate between encryption required and enc desired via a3ea6db smbXsrv: add bools encryption_desired to session and tcon via 204cbe3 Introduce setting "desired" for 'smb encrypt' and 'client/server signing' from 8fec359 vfs_fruit: Fix CID 1311244 Out-of-bounds read
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 66736fee3a896edf5571dc627a9cf6d8eee405b0 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jan 17 13:39:45 2014 +0100 s4:torture/rpc: use dcerpc_secondary_auth_connection with creds This is the same as calling dcerpc_secondary_connection/dcerpc_bind_auth. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> Autobuild-User(master): Günther Deschner <g...@samba.org> Autobuild-Date(master): Tue Jul 7 17:07:49 CEST 2015 on sn-devel-104 commit 87bf1a6edd2395b1a98775af0edb0a0b5be59c62 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jan 17 09:54:39 2014 +0100 s4:torture/rpc: use dcerpc_secondary_auth_connection with anon creds This is the same as calling dcerpc_secondary_connection/dcerpc_bind_auth_none. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit e0bb97fde61bf3577651a8624bc1014561087d31 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 07:20:37 2014 +0100 s4:torture/samba3rpc: use pipe_bind_smb_auth() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 810d630bd5120f12540ce9ab09e106c41a028347 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 07:20:20 2014 +0100 s4:torture/samba3rpc: add pipe_bind_smb_auth() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit f42d4e9dd342f207b206f7cf00a75e690ded76ed Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 07:19:49 2014 +0100 s4:torture/samba3rpc: use pipe_bind_smb2() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 1df9416bdb9ce569618a94df4dbcdbb016b8f8a1 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 07:19:26 2014 +0100 s4:torture/samba3rpc: add pipe_bind_smb2() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit d80c38990fa8821cbda554aa18c19a50207172a9 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 07:18:30 2014 +0100 s4:torture/samba3rpc: use pipe_bind_smb() in more places Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 5a849c13a7100fe5c3a84386988b0910608b3ece Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 07:17:00 2014 +0100 s4:torture/samba3rpc: move pipe_bind_smb() to the top Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 07b1e375e561dfe4bac9e8dd495401df1b4fcff7 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 12:49:58 2014 +0100 s4:libnet: make use of dcerpc_secondary_auth_connection_send/recv() This avoid the bogus usage of dcerpc_pipe_auth(). Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit f0366838960888fa09d040ccafa76bb0723c8174 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 08:57:30 2014 +0100 s4:libcli/clilsa: only remember the dcerpc_binding_handle We don't need the 'dcerpc_pipe'. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 8c22f81e9b7f58099ad095e6c205a85b05ed59a3 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jan 17 09:31:51 2014 +0100 s4:librpc/rpc: add dcerpc_secondary_auth_connection() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 9c165e550491339fbea1222b26b78e75658ec876 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jun 26 22:12:49 2015 +0200 dcerpc.idl: fix calculatin of uint16 secondary_address_size; This should be 0 for secondary_address = "". Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 9f62c4e47b43d6ef7e32dedd13749de613cfc4d0 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Jul 7 13:01:16 2015 +0200 pidl:Samba4/NDR/Parser: always initialize _mem_save_ pointers to NULL Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 856c9aa503877251313885b6192286ce9b7d5059 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Mar 19 10:41:52 2014 +0100 pidl:Samba3/ServerNDR: add pidl_reset() and pidl_return() helper functions Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 16952dc7a420d2e3b4994229171580f1608d020d Author: Stefan Metzmacher <me...@samba.org> Date: Wed Mar 19 10:36:04 2014 +0100 pidl:Samba3/ServerNDR: make CallWithStruct() more flexible We now pass multiple callbacks $check, $cleanup, $return down to AllocOutVar(). Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit b3de33493871bb9c2e65f48a5990d3795b8192af Author: Stefan Metzmacher <me...@samba.org> Date: Wed Mar 19 10:35:14 2014 +0100 pidl:Samba3/ServerNDR: simplify CallWithStruct() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 365d9d8bdfe9759ef9662d0080cf9c9a0767dbf2 Author: Michael Adam <ob...@samba.org> Date: Tue Jun 30 17:46:36 2015 +0200 docs:smb.conf: explain effect of new setting 'desired' of smb encrypt Thereby clarify some details. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <ob...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 14357700fd69291995ce6adebb13e7340a63c209 Author: Michael Adam <ob...@samba.org> Date: Wed Jul 1 17:41:38 2015 +0200 smbd:smb2: use encryption_desired in send_break BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <ob...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 41cb881e775ea7eb0c59d9e0cafb6ab5531918d9 Author: Michael Adam <ob...@samba.org> Date: Wed Jul 1 18:07:52 2015 +0200 smbd:smb2: only enable encryption in tcon if desired Don't enforce it but only announce DATA_ENCRYPT, making use of encryption_desired in tcon. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <ob...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit fc228025d78f165815d3fa1670d51f0c27ed2091 Author: Michael Adam <ob...@samba.org> Date: Wed Jul 1 18:07:26 2015 +0200 smbd:smb2: only enable encryption in session if desired Don't enforce it but only announce ENCRYPT_DATA, using the encryption_desired flag in session setup. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <ob...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 3bb299944391633c45d87d5e8ad48c2c14428592 Author: Michael Adam <ob...@samba.org> Date: Wed Jul 1 17:42:58 2015 +0200 smbd:smb2: separate between encryption required and enc desired this means we: - accept unencrypted requests if encryption only desired and not required, - but we always send encrypted responses in the desired case, not only when the request was encrypted. For this purpose, the do_encryption in the request structure is separated into was_encrypted and do_encryption. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <ob...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit a3ea6dbef53e049701326497e684e1563344e6d8 Author: Michael Adam <ob...@samba.org> Date: Wed Jul 1 17:34:45 2015 +0200 smbXsrv: add bools encryption_desired to session and tcon This is to indicate that we should sen the ENCRYPT_DATA flag on session or tcon replies. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <ob...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> commit 204cbe3645c59b43175beeadad792b4a00e80da3 Author: Michael Adam <ob...@samba.org> Date: Tue Jun 30 14:16:19 2015 +0200 Introduce setting "desired" for 'smb encrypt' and 'client/server signing' This should trigger the behaviour where the server requires signing when the client supports it, but does not reject clients that don't support it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <ob...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> ----------------------------------------------------------------------- Summary of changes: docs-xml/smbdotconf/security/smbencrypt.xml | 66 +++-- lib/param/loadparm.c | 1 + lib/param/param_table.c | 1 + libcli/smb/smbXcli_base.c | 6 + libcli/smb/smb_constants.h | 1 + librpc/idl/dcerpc.idl | 2 +- pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm | 50 ++-- pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 2 +- source3/librpc/idl/smbXsrv.idl | 2 + source3/smbd/globals.h | 3 + source3/smbd/smb2_server.c | 22 +- source3/smbd/smb2_sesssetup.c | 7 +- source3/smbd/smb2_tcon.c | 9 +- source4/libcli/util/clilsa.c | 25 +- source4/libnet/libnet_join.c | 11 - source4/libnet/libnet_rpc.c | 9 +- source4/librpc/rpc/dcerpc.h | 7 + source4/librpc/rpc/dcerpc_secondary.c | 15 ++ source4/smb_server/smb2/negprot.c | 1 + source4/torture/rpc/netlogon.c | 13 +- source4/torture/rpc/samba3rpc.c | 371 +++++++++++++--------------- source4/torture/rpc/schannel.c | 33 +-- source4/torture/rpc/spoolss.c | 11 +- 23 files changed, 359 insertions(+), 309 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/security/smbencrypt.xml b/docs-xml/smbdotconf/security/smbencrypt.xml index 17248e6..ae0682b 100644 --- a/docs-xml/smbdotconf/security/smbencrypt.xml +++ b/docs-xml/smbdotconf/security/smbencrypt.xml @@ -30,11 +30,15 @@ <para> This parameter can be set globally and on a per-share bases. Possible values are - <emphasis>off</emphasis> or <emphasis>disabled</emphasis>, - <emphasis>auto</emphasis> or <emphasis>enabled</emphasis>, and - <emphasis>mandatory</emphasis> or <emphasis>required</emphasis>. + <emphasis>off</emphasis> (or <emphasis>disabled</emphasis>), + <emphasis>enabled</emphasis> (or <emphasis>auto</emphasis>, or + <emphasis>if_required</emphasis>), + <emphasis>desired</emphasis>, + and + <emphasis>required</emphasis> + (or <emphasis>mandatory</emphasis>). A special value is <emphasis>default</emphasis> which is - the implicit default setting. + the implicit default setting of <emphasis>enabled</emphasis>. </para> <variablelist> @@ -103,7 +107,7 @@ <listitem> <para> The capability to perform SMB encryption can be - negotiated during prorocol negotiation. + negotiated during protocol negotiation. </para> </listitem> @@ -145,8 +149,9 @@ <itemizedlist> <listitem> <para> - Leaving it as default or explicitly setting - <emphasis>default</emphasis> globally will enable + Leaving it as default, explicitly setting + <emphasis>default</emphasis>, or setting it to + <emphasis>enabled</emphasis> globally will enable negotiation of encryption but will not turn on data encryption globally or per share. </para> @@ -154,16 +159,20 @@ <listitem> <para> - Setting it to <emphasis>enabled</emphasis> globally will - enable negotiation and turn on data encryption globally. + Setting it to <emphasis>desired</emphasis> globally + will enable negotiation and will turn on data encryption + on sessions and share connections for those clients + that support it. </para> </listitem> <listitem> <para> Setting it to <emphasis>required</emphasis> globally - will enable negotiation and enforce data encryption - globally. + will enable negotiation and turn on data encryption + on sessions and share connections. Clients that do + not support encryption will be denied access to the + server. </para> </listitem> @@ -176,9 +185,10 @@ <listitem> <para> - Setting it to <emphasis>enabled</emphasis> on a share - will turn on data encryption for this share if - negotiation has been enabled globally. + Setting it to <emphasis>desired</emphasis> on a share + will turn on data encryption for this share for clients + that support encryption if negotiation has been + enabled globally. </para> </listitem> @@ -186,16 +196,34 @@ <para> Setting it to <emphasis>required</emphasis> on a share will enforce data encryption for this share if - negotiation has been enabled globally. Note that this - allows enforcing to be controlled in Samba more - fine-grainedly than in Windows. This is a small - deviation from the MS-SMB2 protocol document. + negotiation has been enabled globally. I.e. clients that + do not support encryption will be denied access to the + share. + </para> + <para> + Note that this allows per-share enforcing to be + controlled in Samba differently from Windows: + In Windows, <emphasis>RejectUnencryptedAccess</emphasis> + is a global setting, and if it is set, all shares with + data encryption turned on + are automatically enforcing encryption. In order to + achieve the same effect in Samba, one + has to globally set <emphasis>smb encrypt</emphasis> to + <emphasis>enabled</emphasis>, and then set all shares + that should be encrypted to + <emphasis>required</emphasis>. + Additionally, it is possible in Samba to have some + shares with encryption <emphasis>required</emphasis> + and some other shares with encryption only + <emphasis>desired</emphasis>, which is not possible in + Windows. </para> </listitem> <listitem> <para> - Setting it to <emphasis>off</emphasis> for a share has + Setting it to <emphasis>off</emphasis> or + <emphasis>enabled</emphasis> for a share has no effect. </para> </listitem> diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index bb215b2..0e11428 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -3207,6 +3207,7 @@ bool lpcfg_server_signing_allowed(struct loadparm_context *lp_ctx, bool *mandato case SMB_SIGNING_REQUIRED: *mandatory = true; break; + case SMB_SIGNING_DESIRED: case SMB_SIGNING_IF_REQUIRED: break; case SMB_SIGNING_DEFAULT: diff --git a/lib/param/param_table.c b/lib/param/param_table.c index 287839f..ff31038 100644 --- a/lib/param/param_table.c +++ b/lib/param/param_table.c @@ -115,6 +115,7 @@ static const struct enum_list enum_smb_signing_vals[] = { {SMB_SIGNING_IF_REQUIRED, "On"}, {SMB_SIGNING_IF_REQUIRED, "enabled"}, {SMB_SIGNING_IF_REQUIRED, "auto"}, + {SMB_SIGNING_DESIRED, "desired"}, {SMB_SIGNING_REQUIRED, "required"}, {SMB_SIGNING_REQUIRED, "mandatory"}, {SMB_SIGNING_REQUIRED, "force"}, diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index c8ae5b0..6c35430 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -376,6 +376,12 @@ struct smbXcli_conn *smbXcli_conn_create(TALLOC_CTX *mem_ctx, conn->desire_signing = false; conn->mandatory_signing = false; break; + case SMB_SIGNING_DESIRED: + /* if the server desires it */ + conn->allow_signing = true; + conn->desire_signing = true; + conn->mandatory_signing = false; + break; case SMB_SIGNING_REQUIRED: /* always */ conn->allow_signing = true; diff --git a/libcli/smb/smb_constants.h b/libcli/smb/smb_constants.h index 589b1a63..c4cca15 100644 --- a/libcli/smb/smb_constants.h +++ b/libcli/smb/smb_constants.h @@ -98,6 +98,7 @@ enum smb_signing_setting { SMB_SIGNING_DEFAULT = -1, SMB_SIGNING_OFF = 0, SMB_SIGNING_IF_REQUIRED = 1, + SMB_SIGNING_DESIRED = 2, SMB_SIGNING_REQUIRED = 3, }; diff --git a/librpc/idl/dcerpc.idl b/librpc/idl/dcerpc.idl index 67f4b9d..63be48e 100644 --- a/librpc/idl/dcerpc.idl +++ b/librpc/idl/dcerpc.idl @@ -106,7 +106,7 @@ interface dcerpc uint16 max_xmit_frag; uint16 max_recv_frag; uint32 assoc_group_id; - [value(strlen(secondary_address)+1)] uint16 secondary_address_size; + [value(strlen_m_term_null(secondary_address))] uint16 secondary_address_size; [charset(DOS)] uint8 secondary_address[secondary_address_size]; [flag(NDR_ALIGN4)] DATA_BLOB _pad1; uint8 num_results; diff --git a/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm b/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm index bff23e2..bae84af 100644 --- a/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm +++ b/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm @@ -24,6 +24,8 @@ $VERSION = '0.01'; my $res; my $res_hdr; my $tabs = ""; +sub pidl_reset() { $res=""; $res_hdr="", $tabs=""; } +sub pidl_return() { my $s = $res; my $h = $res_hdr; pidl_reset(); return ($s, $h) } sub indent() { $tabs.="\t"; } sub deindent() { $tabs = substr($tabs, 1); } sub pidl($) { my ($txt) = @_; $res .= $txt?$tabs.(shift)."\n":"\n"; } @@ -48,9 +50,9 @@ sub DeclLevel($$) return $res; } -sub AllocOutVar($$$$$) +sub AllocOutVar($$$$$$$) { - my ($e, $mem_ctx, $name, $env, $fail) = @_; + my ($e, $mem_ctx, $name, $env, $check, $cleanup, $return) = @_; my $l = $e->{LEVELS}[0]; @@ -83,15 +85,18 @@ sub AllocOutVar($$$$$) pidl "$name = talloc_zero($mem_ctx, " . DeclLevel($e, 1) . ");"; } - pidl "if ($name == NULL) {"; - $fail->(); + pidl "if (" . $check->($name) . ") {"; + indent; + pidl $cleanup->($name) if defined($cleanup); + pidl $return->($name) if defined($return); + deindent; pidl "}"; pidl ""; } -sub CallWithStruct($$$$) +sub CallWithStruct($$$$$$) { - my ($pipes_struct, $mem_ctx, $fn, $fail) = @_; + my ($pipes_struct, $mem_ctx, $fn, $check, $cleanup, $return) = @_; my $env = GenerateFunctionOutEnv($fn); my $hasout = 0; foreach (@{$fn->{ELEMENTS}}) { @@ -100,8 +105,6 @@ sub CallWithStruct($$$$) pidl "ZERO_STRUCT(r->out);" if ($hasout); - my $proto = "_$fn->{NAME}(struct pipes_struct *p, struct $fn->{NAME} *r"; - my $ret = "_$fn->{NAME}($pipes_struct, r"; foreach (@{$fn->{ELEMENTS}}) { my @dir = @{$_->{DIRECTION}}; if (grep(/in/, @dir) and grep(/out/, @dir)) { @@ -116,11 +119,13 @@ sub CallWithStruct($$$$) # noop } elsif (grep(/out/, @dir) and not has_property($_, "represent_as")) { - AllocOutVar($_, $mem_ctx, "r->out.$_->{NAME}", $env, $fail); + AllocOutVar($_, $mem_ctx, "r->out.$_->{NAME}", $env, + $check, $cleanup, $return); } } - $ret .= ")"; - $proto .= ");"; + + my $proto = "_$fn->{NAME}(struct pipes_struct *p, struct $fn->{NAME} *r)"; + my $ret = "_$fn->{NAME}($pipes_struct, r)"; if ($fn->{RETURN_TYPE}) { $ret = "r->out.result = $ret"; @@ -129,7 +134,7 @@ sub CallWithStruct($$$$) $proto = "void $proto"; } - pidl_hdr "$proto"; + pidl_hdr "$proto;"; pidl "$ret;"; } @@ -176,10 +181,18 @@ sub ParseFunction($$) pidl "}"; pidl ""; - CallWithStruct("p", "r", $fn, - sub { - pidl "\ttalloc_free(r);"; - pidl "\treturn false;"; + CallWithStruct("p", "r", $fn, + sub ($) { + my ($name) = @_; + return "${name} == NULL"; + }, + sub ($) { + my ($name) = @_; + return "talloc_free(r);"; + }, + sub ($) { + my ($name) = @_; + return "return false;"; } ); @@ -286,8 +299,7 @@ sub Parse($$$) { my($ndr,$header,$ndr_header) = @_; - $res = ""; - $res_hdr = ""; + pidl_reset(); pidl "/*"; pidl " * Unix SMB/CIFS implementation."; @@ -304,7 +316,7 @@ sub Parse($$$) ParseInterface($_) if ($_->{TYPE} eq "INTERFACE"); } - return ($res, $res_hdr); + return pidl_return(); } 1; diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm index a267fb1..f52d4b1 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm @@ -1688,7 +1688,7 @@ sub DeclareMemCtxVariables($$) } if (defined($mem_flags)) { - $self->pidl("TALLOC_CTX *_mem_save_$e->{NAME}_$l->{LEVEL_INDEX};"); + $self->pidl("TALLOC_CTX *_mem_save_$e->{NAME}_$l->{LEVEL_INDEX} = NULL;"); } } } diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl index 4367d72..77959ce 100644 --- a/source3/librpc/idl/smbXsrv.idl +++ b/source3/librpc/idl/smbXsrv.idl @@ -193,6 +193,7 @@ interface smbXsrv [ignore] user_struct *compat; [ignore] smbXsrv_tcon_table *tcon_table; [ignore] smbXsrv_preauth *preauth; + boolean8 encryption_desired; } smbXsrv_session; typedef union { @@ -287,6 +288,7 @@ interface smbXsrv NTSTATUS status; NTTIME idle_time; [ignore] connection_struct *compat; + boolean8 encryption_desired; } smbXsrv_tcon; typedef union { diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index 3ddafaf..2ca23aa 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -654,6 +654,9 @@ struct smbd_smb2_request { int current_idx; bool do_signing; + /* Was the request encrypted? */ + bool was_encrypted; + /* Should we encrypt? */ bool do_encryption; struct tevent_timer *async_te; bool compound_related; diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index a8d54cb..2ea997e 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -2000,6 +2000,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) NTSTATUS return_value; struct smbXsrv_session *x = NULL; bool signing_required = false; + bool encryption_desired = false; bool encryption_required = false; inhdr = SMBD_SMB2_IN_HDR_PTR(req); @@ -2047,11 +2048,13 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) x = req->session; if (x != NULL) { signing_required = x->global->signing_required; + encryption_desired = x->encryption_desired; encryption_required = x->global->encryption_required; } req->do_signing = false; req->do_encryption = false; + req->was_encrypted = false; if (intf_v->iov_len == SMB2_TF_HDR_SIZE) { const uint8_t *intf = SMBD_SMB2_IN_TF_PTR(req); uint64_t tf_session_id = BVAL(intf, SMB2_TF_SESSION_ID); @@ -2073,10 +2076,10 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) NT_STATUS_ACCESS_DENIED); } - req->do_encryption = true; + req->was_encrypted = true; } - if (encryption_required && !req->do_encryption) { + if (encryption_required && !req->was_encrypted) { return smbd_smb2_request_error(req, NT_STATUS_ACCESS_DENIED); } @@ -2116,7 +2119,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) req->compat_chain_fsp = NULL; } - if (req->do_encryption) { + if (req->was_encrypted) { signing_required = false; } else if (signing_required || (flags & SMB2_HDR_FLAG_SIGNED)) { DATA_BLOB signing_key = data_blob_null; @@ -2202,15 +2205,22 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) if (!NT_STATUS_IS_OK(status)) { return smbd_smb2_request_error(req, status); } + if (req->tcon->encryption_desired) { + encryption_desired = true; + } if (req->tcon->global->encryption_required) { encryption_required = true; } - if (encryption_required && !req->do_encryption) { + if (encryption_required && !req->was_encrypted) { return smbd_smb2_request_error(req, NT_STATUS_ACCESS_DENIED); } } + if (req->was_encrypted || encryption_desired) { + req->do_encryption = true; + } + if (call->fileid_ofs != 0) { size_t needed = call->fileid_ofs + 16; const uint8_t *body = SMBD_SMB2_IN_BODY_PTR(req); @@ -2843,8 +2853,8 @@ static NTSTATUS smbd_smb2_send_break(struct smbXsrv_connection *xconn, if (session != NULL) { session_wire_id = session->global->session_wire_id; - do_encryption = session->global->encryption_required; - if (tcon->global->encryption_required) { + do_encryption = session->encryption_desired; + if (tcon->encryption_desired) { do_encryption = true; } } diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index da7adb3..11d381f 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -262,12 +262,13 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, x->global->signing_required = true; } - if ((lp_smb_encrypt(-1) > SMB_SIGNING_OFF) && + if ((lp_smb_encrypt(-1) >= SMB_SIGNING_DESIRED) && (xconn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { - x->global->encryption_required = true; + x->encryption_desired = true; } if (lp_smb_encrypt(-1) == SMB_SIGNING_REQUIRED) { + x->encryption_desired = true; x->global->encryption_required = true; } @@ -294,7 +295,7 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, } } - if (x->global->encryption_required) { + if (x->encryption_desired) { *out_session_flags |= SMB2_SESSION_FLAG_ENCRYPT_DATA; } diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c index eb66ea0..99e2f21 100644 --- a/source3/smbd/smb2_tcon.c +++ b/source3/smbd/smb2_tcon.c @@ -193,6 +193,7 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, connection_struct *compat_conn = NULL; struct user_struct *compat_vuser = req->session->compat; NTSTATUS status; + bool encryption_desired = req->session->encryption_desired; bool encryption_required = req->session->global->encryption_required; bool guest_session = false; bool require_signed_tcon = false; @@ -266,12 +267,13 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, return NT_STATUS_BAD_NETWORK_NAME; } - if ((lp_smb_encrypt(snum) > SMB_SIGNING_OFF) && + if ((lp_smb_encrypt(snum) >= SMB_SIGNING_DESIRED) && (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { - encryption_required = true; + encryption_desired = true; } if (lp_smb_encrypt(snum) == SMB_SIGNING_REQUIRED) { + encryption_desired = true; encryption_required = true; -- Samba Shared Repository