Commit Graph

124 Commits

Author SHA1 Message Date
Steve French
133672efbc [CIFS] Fix buffer overflow if server sends corrupt response to small
request

In SendReceive() function in transport.c - it memcpy's
message payload into a buffer passed via out_buf param. The function
assumes that all buffers are of size (CIFSMaxBufSize +
MAX_CIFS_HDR_SIZE) , unfortunately it is also called with smaller
(MAX_CIFS_SMALL_BUFFER_SIZE) buffers.  There are eight callers
(SMB worker functions) which are primarily affected by this change:

TreeDisconnect, uLogoff, Close, findClose, SetFileSize, SetFileTimes,
Lock and PosixLock

CC: Dave Kleikamp <shaggy@austin.ibm.com>
CC: Przemyslaw Wegrzyn <czajnik@czajsoft.pl>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-11-13 22:41:37 +00:00
Jeff Layton
e545937a51 [CIFS] add OIDs for KRB5 and MSKRB5 to ASN1 parsing routines
Also, fix the parser to recognize them and set the secType
accordingly. Make CIFSSMBNegotiate not error out automatically
after parsing the securityBlob.

Also thanks to Q (Igor) and Simo for their help on this
set of kerberos patches (and Dave Howells for help on the
upcall).

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-11-03 05:11:06 +00:00
Steve French
b9c7a2bb1e [CIFS] ACL support part 8
Now GetACL in getinodeinfo path when cifsacl mount option used, and
ACL is parsed for SIDs.  Missing only one piece now to be able
to retrieve the mode

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-26 23:40:20 +00:00
Steve French
630f3f0c45 [CIFS] acl support part 6
Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com>
CC: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-25 21:17:17 +00:00
Parag Warudkar
c94897790e [CIFS] remove unused funtion compile warning when experimental off
get rid of couple of unused function warnings which
show up when CONFIG_CIFS_EXPERIMENTAL is not defined - wrap them in
#ifdef CONFIG_CIFS_EXPERIMENTAL. Patch against current git.

Signed-off-by: Parag Warudkar <kernel-stuff@comcast.net>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-23 18:09:48 +00:00
Steve French
a761ac579b [CIFS] log better errors on failed mounts
Also returns more accurate errors to mount for the cases of
account expired and password expired

Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-18 21:45:27 +00:00
Steve French
abb63d6c3d [CIFS] Return better error when server requires signing but client forbids
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-18 02:58:40 +00:00
Steve French
af6f4612fd [CIFS] Fix some endianness problems in new acl code
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-16 18:40:37 +00:00
Jeff Layton
e187e44eb8 [CIFS] parse server_GUID in SPNEGO negProt response
SPNEGO NegProt response also contains a server_GUID. Parse it as we
would for RawNTLMSSP.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-16 17:10:44 +00:00
Jeff Layton
7111d2144f [CIFS]
[CIFS] fix error message about packet signing

When packet signing is disabled and the server requires it, cifs prints
an error message. The current message refers to a file in /proc that no
longer exists. Fix it to refer to the correct file.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-16 16:50:25 +00:00
Cyril Gorcunov
8f2376adfb [CIFS] Fix endian conversion problem in posix mkdir
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-14 17:58:43 +00:00
Steve French
297647c21f [CIFS] CIFS ACL support part 3
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-12 04:11:59 +00:00
Steve French
a013689ddb [CIFS] Fix cifsd so shuts down when signing fails during mount
Fixes two problems:
1) we dropped down to negotiating lanman if we did not recognize the
mechanism (krb5 e.g.)
2) we did not stop cifsd (thus will fail when doing rmod cifs with
slab free errors) when we fail tcon but have a bad session (which is
the case in which signing is required but we don't allow signing on
the client)

It also turns on extended security flag in the header when passing
"sec=krb5" on mount command (although kerberos support is not done of
course)

Acked-by: Jeff Layton <jlayton@redhat.com>
CC: Shaggy <shaggy@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-04 20:05:09 +00:00
Shirish Pargaonkar
d0d66c443a [CIFS] CIFS ACL support (part 2)
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-03 18:22:19 +00:00
Steve French
407f61a2b4 [CIFS] Fix memory leak in statfs to very old servers
We were allocating request buffers twice in the statfs
path when mounted to very old (Windows 9x) servers.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-09-28 06:53:39 +00:00
Steve French
bcb020341a [CIFS] move cifs acl code to new file and fix build break
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-09-25 16:17:24 +00:00
Steve French
442aa310f3 [CIFS] Support for CIFS ACLs (part 1)
Add code to be able to dump CIFS ACL information
when Query Posix ACL with cifsacl mount parm enabled.

Signed-off-by: Shirish Pargoankar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-09-24 20:25:46 +00:00
Steve French
1e71f25d14 [CIFS] Print better error when server returns malformed QueryUnixInfo response
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-09-20 15:30:07 +00:00
Steve French
26f57364d7 [CIFS] formatting cleanup found by checkpatch
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-08-30 22:09:15 +00:00
Andre Haupt
8594c15ad2 [CIFS][KJ] use abs() from kernel.h where appropriate
Signed-off-by: Andrew Haupt <andre@finow14.de>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-08-30 20:18:41 +00:00
Steve French
c18c842b1f [CIFS] Allow disabling CIFS Unix Extensions as mount option
Previously the only way to do this was to umount all mounts to that server,
turn off a proc setting (/proc/fs/cifs/LinuxExtensionsEnabled).

Fixes Samba bugzilla bug number: 4582 (and also 2008)

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-18 23:21:09 +00:00
Steve French
63135e088a [CIFS] More whitespace/formatting fixes (noticed by checkpatch)
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-17 17:34:02 +00:00
Steve French
2d785a50a8 [CIFS] Add support for new POSIX unlink
In the cleanup phase of the dbench test, we were noticing sharing
violation followed by failed directory removals when dbench
did not close the test files before the cleanup phase started.
Using the new POSIX unlink, which Samba has supported for a few
months, avoids this.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-15 01:48:57 +00:00
Steve French
50c2f75388 [CIFS] whitespace/formatting fixes
This should be the last big batch of whitespace/formatting fixes.
checkpatch warnings for the cifs directory are down about 90% and
many of the remaining ones are harder to remove or make the code
harder to read.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-13 00:33:32 +00:00
Steve French
790fe579f5 [CIFS] more whitespace cleanup
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-07 19:25:05 +00:00
Jeff
38c10a1ddb [CIFS] Mount should fail if server signing off but client mount option requires it
Currently, if mount with a signing-enabled sec= option (e.g.
sec=ntlmi), the kernel does a warning printk if the server doesn't
support signing, and then proceeds without signatures.

This is probably OK for people that think to look at the ring buffer,
but seems wrong to me. If someone explicitly requests signing, we
should error out if that request can't be satisfied. They can then
reattempt the mount without signing if that's ok.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-06 21:10:07 +00:00
Steve French
762e5ab77c [CIFS] Fix sign mount option and sign proc config setting
We were checking the wrong (old) global variable to determine
whether to override server and force signing on the SMB
connection.

Acked-by: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-06-28 18:41:42 +00:00
Yehuda Sadeh Weinraub
100c1ddc98 [CIFS] Missing flag on negprot needed for some servers to force packet signing
A related signature issue that I came across.
There's a bug in win2k that when NT error codes are not negotiated, the
server doesn't response that signatures are mandatory. Since there's
(currently) no way turn on signatures in such case, I had to force NT
error codes, so that this bug will not occur

Signed-off-by: Yehuda Sadeh Weinraub <Yehuda.Sadeh@expand.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-06-05 21:31:16 +00:00
Steve French
cbac3cba66 [CIFS] New CIFS POSIX mkdir performance improvement (part 2)
Fix incorrect parsing of return data

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-04-25 11:46:06 +00:00
Steve French
2dd29d3133 [CIFS] New CIFS POSIX mkdir performance improvement
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-04-23 22:07:35 +00:00
Steve French
c7af1857ef [CIFS] Fix set file size to zero when doing chmod to Samba 3.0.26pre
In fixing a bug Samba 3.0.26pre allowed some clients (including Linux cifs
client) to change file size to zero in SET_FILE_UNIX_BASIC (which Linux cifs
client uses for chmod).

The server has been "fixed" now but that also fixes the client to net send
file size zero on chmod.

Fixes Samba bugzilla bug # 4418.

Fixed with help from Jeremy Allison

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-03-01 04:11:22 +00:00
Tobias Klauser
c5a69d57eb Storage class should be before const qualifier
The C99 specification states in section 6.11.5:

The placement of a storage-class specifier other than at the
beginning of the declaration specifiers in a declaration is an
obsolescent feature.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-02-17 20:11:19 +01:00
Steve French
8af1897158 [CIFS] on reconnect to Samba - reset the unix capabilities
After temporary server or network failure and reconneciton, we were not
resending the unix capabilities via SetFSInfo - which confused Samba posix
byte range locking code.

Discovered by jra

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-02-14 04:42:51 +00:00
Robert P. J. Day
5cbded585d [PATCH] getting rid of all casts of k[cmz]alloc() calls
Run this:

	#!/bin/sh
	for f in $(grep -Erl "\([^\)]*\) *k[cmz]alloc" *) ; do
	  echo "De-casting $f..."
	  perl -pi -e "s/ ?= ?\([^\)]*\) *(k[cmz]alloc) *\(/ = \1\(/" $f
	done

And then go through and reinstate those cases where code is casting pointers
to non-pointers.

And then drop a few hunks which conflicted with outstanding work.

Cc: Russell King <rmk@arm.linux.org.uk>, Ian Molton <spyro@f2s.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Cc: Roman Zippel <zippel@linux-m68k.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Kyle McMartin <kyle@mcmartin.ca>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Greg KH <greg@kroah.com>
Cc: Jens Axboe <jens.axboe@oracle.com>
Cc: Paul Fulghum <paulkf@microgate.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Karsten Keil <kkeil@suse.de>
Cc: Mauro Carvalho Chehab <mchehab@infradead.org>
Cc: Jeff Garzik <jeff@garzik.org>
Cc: James Bottomley <James.Bottomley@steeleye.com>
Cc: Ian Kent <raven@themaw.net>
Cc: Steven French <sfrench@us.ibm.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Neil Brown <neilb@cse.unsw.edu.au>
Cc: Jaroslav Kysela <perex@suse.cz>
Cc: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-13 09:05:58 -08:00
Al Viro
733f99acc8 [PATCH] new cifs endianness bugs
* missing cpu_to_le64() for ChangeTime (introduced by
    [CIFS] Legacy time handling for Win9x and OS/2 part 1)
* missing le16_to_cpu() for DialectIndex (introduced by
    [CIFS] Do not send newer QFSInfo to legacy servers which can not support it)

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-15 11:00:58 -07:00
Steve French
1a4e15a04e [CIFS] Missing flags2 for DFS
Partly suggested by Igor Mammedov

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-10-12 21:33:51 +00:00
Steve French
acf1a1b104 [CIFS] Level 1 QPathInfo needed for proper OS2 support
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-10-12 03:28:28 +00:00
Steve French
1a70d6529a [CIFS] Fix compiler warning with previous patch
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-10-02 05:59:18 +00:00
Steve French
947a506795 [CIFS] Fix typo
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-10-02 05:55:25 +00:00
Steve French
b815f1e559 [CIFS] Allow for 15 minute TZs (e.g. Nepal) and be more explicit about
not setting time on close

Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-10-02 05:53:29 +00:00
Steve French
18f75ca0dc [CIFS] Allow LANMAN21 support even in both POSIX non-POSIX path
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-10-01 03:13:01 +00:00
Steve French
9ac00b7d96 [CIFS] Do not send newer QFSInfo to legacy servers which can not support it
Fix dialect negotiation to save off when we have negotiated lanman.
This allows us to avoid sending some somewhat newer requests that the server
can not handle and go directly to the older version (infolevel) of the same
call. Make sure we try to negotiate a level which allows us to get the
server OS (which we check so we can detect Win9x vs. other legacy servers
and eventually work around the Win9x DOS time bug (they reverse date/time
fields).

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-09-30 04:13:17 +00:00
Steve French
175ec9e11c [CIFS] Rename server time zone field
Server time zone is not really a time zone, rather a time adjustement
in seconds.

CC: Guenter Kukkukk <linux@kukkukk.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-09-30 01:07:38 +00:00
Steve French
25ee4a98c6 [CIFS] Handle legacy servers which return undefined time zone
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-09-30 00:54:23 +00:00
Steve French
2cd646a2d1 [CIFS] Remove static and unused symbols
Most cases of the ones found by Shaggy by
	"make namespacecheck"
could be removed or made static

Ack: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-09-28 19:43:08 +00:00
Steve French
1bd5bbcb65 [CIFS] Legacy time handling for Win9x and OS/2 part 1
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-09-28 03:35:57 +00:00
Steve French
5ddaa683a5 [CIFS] endian errors in lanman protocol support
le16 compared to host-endian constant
	u8 fed to le32_to_cpu()
	le16 compared to host-endian constant

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-08-15 13:35:48 +00:00
Jeremy Allison
7ee1af765d [CIFS]
Allow Windows blocking locks to be cancelled via a
CANCEL_LOCK call. TODO - restrict this to servers
that support NT_STATUS codes (Win9x will probably
not support this call).

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
(cherry picked from 570d4d2d895569825d0d017d4e76b51138f68864 commit)
2006-08-11 21:28:47 +00:00
Steve French
3a5ff61c18 [CIFS] Do not time out posix brl requests when using new posix setfileinfo
request and do not time out slow requests to a server that is still responding
well to other threads

Suggested by jra of Samba team

Signed-off-by: Steve French <sfrench@us.ibm.com>
(cherry picked from 89b57148115479eef074b8d3f86c4c86c96ac969 commit)
2006-08-11 21:27:07 +00:00
Steve French
f40c562855 [CIFS] Fix authentication choice so we do not force NTLMv2 unless the
user specifies it is required or turns of ntlm

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-28 00:13:38 +00:00