Ronnie Sahlberg [Wed, 18 Dec 2019 07:06:25 +0000 (17:06 +1000)]
Merge pull request #123 from amandeepgautam/master
evaluate smb status before call to krb5 lib
Amandeep Gautam [Wed, 18 Dec 2019 05:37:34 +0000 (21:37 -0800)]
update readme to say that signing is supported with ntlm plugin
Amandeep Gautam [Tue, 17 Dec 2019 08:40:31 +0000 (00:40 -0800)]
evaluate smb status before call to krb5 lib
This leads to better error messages. For example, for incorrect pass we
have a message like following:
Session setup failed with (0xc000006d) STATUS_LOGON_FAILURE (-111)
with current change instead of
gss_init_sec_context: (Invalid token was supplied, Unknown error) (-1)
Ronnie Sahlberg [Tue, 26 Nov 2019 12:06:33 +0000 (22:06 +1000)]
fix SIGBUS in smb2_set_uint64
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Namjae Jeon [Mon, 18 Nov 2019 00:49:06 +0000 (19:49 -0500)]
libsmb2: don't call dcerpc_free_pdu to avoid use-after-free
ret = dcerpc_decode_pdu(dce, pdu, &iov);
if (ret < 0) {
pdu->cb(dce, -EINVAL, NULL, pdu->cb_data); -> use after free.
smb2_free_data(dce->smb2, rep->output);
dcerpc_free_pdu(dce, pdu); -> re-free here.
return;
}
Signed-off-by: Namjae Jeon <linkinjeon@gmail.com>
Namjae Jeon [Mon, 18 Nov 2019 00:49:07 +0000 (19:49 -0500)]
libsmb2: fix potential memory leak
Signed-off-by: Namjae Jeon <linkinjeon@gmail.com>
Namjae Jeon [Mon, 18 Nov 2019 00:49:05 +0000 (19:49 -0500)]
libsmb2: alloc_hint with unint32 type never less than zero
unsigned type alloc_hint could not be negative.
Signed-off-by: Namjae Jeon <linkinjeon@gmail.com>
Namjae Jeon [Mon, 18 Nov 2019 00:49:04 +0000 (19:49 -0500)]
libsmb2: fix use-after-free of c_data->utf8_unc
freed c_data->utf8_unc by free_c_data could be used.
Signed-off-by: Namjae Jeon <linkinjeon@gmail.com>
Volker Lendecke [Sat, 2 Nov 2019 14:25:25 +0000 (15:25 +0100)]
Use calloc where appropriate
Saves around 250 bytes with -Oz
Ronnie Sahlberg [Mon, 28 Oct 2019 04:00:56 +0000 (14:00 +1000)]
negotiate protocol: some servers do not return a blob in neg prot responses
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sun, 27 Oct 2019 17:56:14 +0000 (03:56 +1000)]
Merge pull request #118 from tguillem/more-errnos
More errnos
Thomas Guillem [Thu, 24 Oct 2019 15:50:53 +0000 (17:50 +0200)]
smb2_connect_share_async: don't return ENOMEM if connect fails
Thomas Guillem [Thu, 24 Oct 2019 16:01:53 +0000 (18:01 +0200)]
smb2_connect_async: convert getaddrinfo to errno
Thomas Guillem [Thu, 24 Oct 2019 15:49:16 +0000 (17:49 +0200)]
smb2_connect_async: return errno
Ronnie Sahlberg [Mon, 21 Oct 2019 04:47:43 +0000 (14:47 +1000)]
Merge pull request #113 from ePirat/configure-cleanup
Configure cleanup
Marvin Scholz [Fri, 18 Oct 2019 19:20:54 +0000 (21:20 +0200)]
Use AS_IF instead of shell if statements
This is more consistent with the rest of the file
Marvin Scholz [Fri, 18 Oct 2019 19:08:09 +0000 (21:08 +0200)]
Use GCC variable instead of ac_cv_prog_gcc
This is documented in the AC_PROG_CC documentation and seems a bit
cleaner than to use the "internal" caching variable. And it is easier
to read.
Marvin Scholz [Fri, 18 Oct 2019 19:05:27 +0000 (21:05 +0200)]
Remove unused header checks
None of the headers checked by these checks are used in the project.
Marvin Scholz [Fri, 18 Oct 2019 01:12:45 +0000 (03:12 +0200)]
Cleanup comments
A lot of comments were duplicated as both autoconf and shell
comments, which seems unnecessary.
Additionally slight rewording of some comments.
Ronnie Sahlberg [Fri, 18 Oct 2019 05:14:47 +0000 (15:14 +1000)]
Merge pull request #112 from ePirat/ci-run-prs
Trigger CI builds for pull requests
Ronnie Sahlberg [Fri, 18 Oct 2019 05:14:15 +0000 (15:14 +1000)]
Merge pull request #111 from ePirat/add-ci-windows
Add windows build to CI
Ronnie Sahlberg [Fri, 18 Oct 2019 05:13:37 +0000 (15:13 +1000)]
Merge pull request #110 from ePirat/fix-windows-msvc
Various MSVC build fixes
Marvin Scholz [Fri, 18 Oct 2019 01:09:12 +0000 (03:09 +0200)]
Fix indentation
Marvin Scholz [Fri, 18 Oct 2019 00:56:36 +0000 (02:56 +0200)]
Add missing quotes
While these are not all needed it is much easier to be consistent and
quote, so that when editing later to not accidentally forget to quote
a value that did not need quoting before.
Marvin Scholz [Fri, 18 Oct 2019 00:50:14 +0000 (02:50 +0200)]
Do not use deprecated AC_HELP_STRING
Marvin Scholz [Fri, 18 Oct 2019 00:48:59 +0000 (02:48 +0200)]
Remove explicit PKG_PROG_PKG_CONFIG call
This will be called implicitly when needed
Marvin Scholz [Fri, 18 Oct 2019 00:46:49 +0000 (02:46 +0200)]
Set minimum supported autoconf version to 2.58
The file is already using things only available since 2.58, not 2.50
Marvin Scholz [Fri, 18 Oct 2019 00:45:53 +0000 (02:45 +0200)]
Check for AM_PROG_AR instead of defining to nothing
Marvin Scholz [Fri, 18 Oct 2019 00:45:25 +0000 (02:45 +0200)]
Set needed automake version to 1.11
This version should be old enough and gives us an opportunity to know
what is actually the lowest supported version, erroring out with a
helpful error message if someone tries to use an older version than
that, instead of obscure errors due to missing macros.
Marvin Scholz [Fri, 18 Oct 2019 00:38:21 +0000 (02:38 +0200)]
Simplify suppression of default CFLAGS
This is the way autoconf documents this should be done and much
simpler than before.
Marvin Scholz [Fri, 18 Oct 2019 00:36:38 +0000 (02:36 +0200)]
Add config.h.in~ to gitignore
Marvin Scholz [Thu, 17 Oct 2019 23:32:34 +0000 (01:32 +0200)]
Trigger CI builds for pull requests
Marvin Scholz [Thu, 17 Oct 2019 22:29:09 +0000 (00:29 +0200)]
Add windows build to CI
Marvin Scholz [Thu, 17 Oct 2019 22:38:05 +0000 (00:38 +0200)]
Various MSVC build fixes
Fix #101
Ronnie Sahlberg [Thu, 17 Oct 2019 22:00:55 +0000 (08:00 +1000)]
Merge pull request #108 from ePirat/add-ci
Add GitHub Actions CI
Ronnie Sahlberg [Thu, 17 Oct 2019 21:55:43 +0000 (07:55 +1000)]
Merge pull request #107 from ePirat/fix-distcheck
Fix autotools distcheck
ePirat [Thu, 17 Oct 2019 14:10:33 +0000 (16:10 +0200)]
Add GitHub Actions CI
Marvin Scholz [Thu, 17 Oct 2019 16:03:50 +0000 (18:03 +0200)]
Remove check for popt and fix conditional directory
Using an automake conditional here allows automake to correctly
always add examples sources to the dist tarballs, even when disabled.
Fixes `make distcheck`
Marvin Scholz [Thu, 17 Oct 2019 14:43:25 +0000 (16:43 +0200)]
Add missing headers files to Makefile.am
This fixes `make distcheck` and produces correct
tarballs with `make dist`.
Ronnie Sahlberg [Thu, 17 Oct 2019 14:16:57 +0000 (00:16 +1000)]
Merge pull request #105 from ePirat/remove-popt-dep
Remove unused popt dependency for examples
Ronnie Sahlberg [Thu, 17 Oct 2019 14:11:12 +0000 (00:11 +1000)]
Merge pull request #106 from ePirat/fix-macos-compilation
aes128ccm: Add missing portable-endian header
Ronnie Sahlberg [Thu, 17 Oct 2019 14:09:35 +0000 (00:09 +1000)]
Merge pull request #104 from ePirat/add-error-code
errors: Add SMB2_STATUS_BAD_NETWORK_PATH
Marvin Scholz [Thu, 17 Oct 2019 13:52:32 +0000 (15:52 +0200)]
errors: Add SMB2_STATUS_BAD_NETWORK_PATH
This error code is returned by macOS SMB implementation when not
specifying the share to which to connect.
Marvin Scholz [Thu, 17 Oct 2019 13:48:13 +0000 (15:48 +0200)]
aes128ccm: Add missing portable-endian header
This fixes the compilation on macOS and other platforms that
do not have htobe* functions.
Marvin Scholz [Thu, 17 Oct 2019 13:45:56 +0000 (15:45 +0200)]
Remove unused popt dependency for examples
The examples have a dependency on popt even though that library is
not used by any examples, making it unnecessary.
Ronnie Sahlberg [Thu, 17 Oct 2019 12:53:57 +0000 (22:53 +1000)]
Merge pull request #102 from tguillem/smb2-password-fix
Don't override password set via smb2_set_password()
Ronnie Sahlberg [Thu, 17 Oct 2019 11:59:04 +0000 (21:59 +1000)]
Revert "fix correct length for error PDUs"
This reverts commit
938cc11fabfb7c31e88ffcd2d04fce859664a9e1.
Some servers (win10 for anonymous/guest logins) actually violate the spec
here and does NOT provide the extra byte.
Thomas Guillem [Tue, 15 Oct 2019 08:29:28 +0000 (10:29 +0200)]
don't override password set via smb2_set_password()
Regression from
bf5c12d7072d3a81438ffee67e7308077bfa3adb
This was impossible for an user to provide a password via smb2_set_password()
since it was overridden from smb2_connect_share_async(). Indeed,
smb2_set_password_from_file() is called from smb2_set_user(), that is called
from smb2_connect_share_async().
Thomas Guillem [Tue, 15 Oct 2019 08:28:04 +0000 (10:28 +0200)]
check fopen return value
Ronnie Sahlberg [Thu, 3 Oct 2019 23:54:49 +0000 (09:24 +0930)]
krb5: ignore errors if SMB2 layer returned success
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 26 Sep 2019 08:45:58 +0000 (01:45 -0700)]
change bitfield from int:1 to uint8_t:1 to make lgtm.com happy
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 26 Sep 2019 08:44:23 +0000 (01:44 -0700)]
Add header guards to make lgtm.com happy
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 26 Sep 2019 05:38:05 +0000 (22:38 -0700)]
we don't need SHA512 either
This all now shaves off 5-6kb of text size !!!
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 26 Sep 2019 05:13:03 +0000 (22:13 -0700)]
we don't need SHA384
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 26 Sep 2019 05:07:15 +0000 (22:07 -0700)]
we dont need sha1
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 26 Sep 2019 05:00:59 +0000 (22:00 -0700)]
We don't need SHA224
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 26 Sep 2019 04:37:46 +0000 (21:37 -0700)]
aes: we do not need the CBC version of AES
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 25 Sep 2019 00:03:35 +0000 (17:03 -0700)]
idcerpc: ask for 32kb for frag size. 256b is too small
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Tue, 24 Sep 2019 17:26:23 +0000 (10:26 -0700)]
check for integer wrap in query directory
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Tue, 24 Sep 2019 16:03:22 +0000 (09:03 -0700)]
dont segfault when trying to connect to server==NULL
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Tue, 24 Sep 2019 15:54:37 +0000 (08:54 -0700)]
make it possible to use alternative username for the share-enum example
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 11 Sep 2019 07:47:56 +0000 (17:47 +1000)]
fix correct length for error PDUs
Reported-by: Richard Sharpe <realrichardsharpe@gmail.com>
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 4 Sep 2019 11:42:43 +0000 (21:42 +1000)]
remove dependency of struct iovec from libsmb2-private.h
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Tue, 20 Aug 2019 11:34:17 +0000 (21:34 +1000)]
Update README and clarify some parts with kerberos/ntlmssp
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sat, 17 Aug 2019 20:46:13 +0000 (06:46 +1000)]
always build with ntlmssp
Previously we would not build with ntlmssp if we had libkrb5.
Change this so that we always build with our ntlmssp implementation
and allow the user to select authentication mechanism through either the
URL argument or via an API call.
The reason for this is so that we will be able to use either krb5 or ntlmssp
from the same binary and still have the option to use sign or seal.
(the krb5 ntlmssp mech plugin does not export the session key so that
ntlm implementation can not be used for sign/seal).
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Fri, 16 Aug 2019 05:18:52 +0000 (15:18 +1000)]
README: document how to use/enable smb3 encryption
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 15 Aug 2019 02:51:20 +0000 (12:51 +1000)]
add a function to enable/disable encryption
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 14 Aug 2019 07:02:56 +0000 (17:02 +1000)]
make more commands use encryption is seal is enabled
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 14 Aug 2019 05:58:46 +0000 (15:58 +1000)]
Add plumbing to process the headers/command/data for decrypted blobs
so far we only encrypt/decrypt TreeConnect
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 14 Aug 2019 04:38:33 +0000 (14:38 +1000)]
split out the loops where we read header/fixed/variable parts
into its own helper function.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Mon, 12 Aug 2019 10:56:53 +0000 (20:56 +1000)]
add code to decrypt smb3 transform headers and payload
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Mon, 12 Aug 2019 02:57:44 +0000 (12:57 +1000)]
seal: encrypt outgoing PDUs that are flagged to require encryption
Set this flag for TreeConnect for now.
We can send Encrypted TreeConnect packets but we can not yet parse
or decrypt the response.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Mon, 12 Aug 2019 00:16:32 +0000 (10:16 +1000)]
initialize the prng by calling srandom on context creation
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sun, 11 Aug 2019 23:25:39 +0000 (09:25 +1000)]
set SEAL flag in ntlmssp is we want encryption
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sun, 11 Aug 2019 01:27:34 +0000 (11:27 +1000)]
aes128ccm: add test program
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sun, 11 Aug 2019 21:55:13 +0000 (07:55 +1000)]
add aes128ccm functions
Add functions to perform aes128ccm encryption/decryption
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Thu, 8 Aug 2019 06:53:42 +0000 (16:53 +1000)]
When sign is used, set the ENCRYPTION capability in negprot
for protocols 3.0 and 3.02 and throw an error if the server does not support
encryption.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 7 Aug 2019 08:24:40 +0000 (18:24 +1000)]
derive the encryption keys for smb3.0 and smb3.02
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Wed, 7 Aug 2019 07:55:27 +0000 (17:55 +1000)]
add a URL argument for seal
Add a seal argument to activate smb3 encryption.
This does not do anything yet other than record that we want to use encryption.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Mon, 12 Aug 2019 10:55:06 +0000 (20:55 +1000)]
Merge pull request #97 from tguillem/android-getlogin_r-fix
Android: fix getlogin_r() dep
Thomas Guillem [Mon, 12 Aug 2019 08:04:30 +0000 (10:04 +0200)]
fix getlogin_r() dep on Android
Thomas Guillem [Mon, 12 Aug 2019 08:04:00 +0000 (10:04 +0200)]
fix getlogin_r() fallback
Ronnie Sahlberg [Mon, 12 Aug 2019 00:11:11 +0000 (10:11 +1000)]
Merge pull request #96 from tguillem/fix-segfault-destroy
smb2_destroy_context: fix possible null-deref
Thomas Guillem [Thu, 8 Aug 2019 13:18:31 +0000 (15:18 +0200)]
smb2_destroy_context: fix possible null-deref
This could happen when the smb2_close_async() command was aborted
(smb2_service() not being called).
Ronnie Sahlberg [Thu, 8 Aug 2019 06:36:31 +0000 (16:36 +1000)]
Merge pull request #94 from tguillem/getlogin-fix
Fix getlogin() usage
Ronnie Sahlberg [Tue, 6 Aug 2019 07:46:31 +0000 (17:46 +1000)]
Merge pull request #95 from apuder/master
Limit output buffer size to 512 on an ESP32
Arno Puder [Tue, 6 Aug 2019 07:08:38 +0000 (00:08 -0700)]
Limit output buffer size to 512 on an ESP32
Ronnie Sahlberg [Tue, 6 Aug 2019 03:30:51 +0000 (13:30 +1000)]
ntlmssp: add support for Anonymous logins
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Thomas Guillem [Tue, 30 Jul 2019 16:02:14 +0000 (18:02 +0200)]
Fix getlogin() usage
Use the reentrant version (the getlogin() string was statically allocated and
could be overwritten on subsequent calls).
Also check for error and use "Guest" as a fallback.
Thomas Guillem [Tue, 30 Jul 2019 15:46:49 +0000 (17:46 +0200)]
Fix indent and white spaces
No functional changes.
Ronnie Sahlberg [Mon, 15 Jul 2019 08:06:08 +0000 (18:06 +1000)]
improve error messages for readlink failures
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Mon, 15 Jul 2019 07:01:48 +0000 (17:01 +1000)]
add smb2_readlink example
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Mon, 15 Jul 2019 06:48:59 +0000 (16:48 +1000)]
fix NULL deref in readlink_cb_3
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sun, 14 Jul 2019 22:17:03 +0000 (08:17 +1000)]
Add support for readlink()
Report Windows Reparse points as links
and implement readlink() to decode reparse points of the type
MS-FSCC: 2.1.2.4 Symbolic Link Reparse Data Buffer
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sun, 9 Jun 2019 21:38:20 +0000 (07:38 +1000)]
New version: 3.0.0
Mon Jun 10 2019 : Version 3.0.0
- ESP32 support
- Support specifying the port number in an SMB URL.
- Add creation time to smb_stat
- Abort all commands when the context is destroyed.
- Free all file and directory handles when the context is destroyed.
- Fix handling of O_TRUNC
- Add more error codes.
- Add support for SMB2_IOCTL
- Handle DCE/RPC fragment reassembly for IOCTL().
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Ronnie Sahlberg [Sun, 2 Jun 2019 20:21:26 +0000 (06:21 +1000)]
Merge pull request #91 from apuder/esp
Add instructions for ESP32 and small fix
Arno Puder [Sun, 2 Jun 2019 17:54:22 +0000 (10:54 -0700)]
Make libsmb2's config.h private
Arno Puder [Sun, 2 Jun 2019 17:53:16 +0000 (10:53 -0700)]
Add instructions for the ESP32
Ronnie Sahlberg [Sun, 2 Jun 2019 08:34:27 +0000 (18:34 +1000)]
Merge pull request #90 from apuder/esp
Add support for the ESP32 microcontroller
Arno Puder [Sun, 2 Jun 2019 07:55:14 +0000 (00:55 -0700)]
Add support for the ESP32 microcontroller