summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-07-15 15:55:31 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-07-20 09:17:11 +1000
commit92895379934b660affa70cd406e40719d429ae2a (patch)
tree6a6185b2e0476a7045535332fad6201caeda2424
parenta39187f0f5e6f99ce8a38cba997e4ad15353e09e (diff)
downloadsamba-92895379934b660affa70cd406e40719d429ae2a.tar.gz
samba-92895379934b660affa70cd406e40719d429ae2a.tar.bz2
samba-92895379934b660affa70cd406e40719d429ae2a.zip
s3-auth Use struct auth_user_info_unix for unix_name and sanitized_username
This is closer to the layout of struct auth_session_info in auth.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r--source3/auth/auth_util.c52
-rw-r--r--source3/include/auth.h11
-rw-r--r--source3/lib/afs.c4
-rw-r--r--source3/lib/substitute.c5
-rw-r--r--source3/modules/onefs_open.c2
-rw-r--r--source3/modules/vfs_expand_msdfs.c4
-rw-r--r--source3/modules/vfs_full_audit.c4
-rw-r--r--source3/modules/vfs_recycle.c4
-rw-r--r--source3/modules/vfs_smb_traffic_analyzer.c2
-rw-r--r--source3/printing/printing.c6
-rw-r--r--source3/rpc_server/lsa/srv_lsa_nt.c2
-rw-r--r--source3/smbd/close.c2
-rw-r--r--source3/smbd/fake_file.c2
-rw-r--r--source3/smbd/lanman.c12
-rw-r--r--source3/smbd/msdfs.c4
-rw-r--r--source3/smbd/nttrans.c4
-rw-r--r--source3/smbd/open.c2
-rw-r--r--source3/smbd/password.c19
-rw-r--r--source3/smbd/process.c4
-rw-r--r--source3/smbd/service.c32
-rw-r--r--source3/smbd/session.c2
-rw-r--r--source3/smbd/smb2_server.c4
-rw-r--r--source3/smbd/smb2_sesssetup.c8
-rw-r--r--source3/smbd/smb2_tcon.c2
-rw-r--r--source3/smbd/trans2.c4
-rw-r--r--source3/smbd/uid.c12
26 files changed, 109 insertions, 100 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 59a296774b..f53f63df1f 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -507,11 +507,11 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
if (((lp_server_role() == ROLE_DOMAIN_MEMBER) && !winbind_ping()) ||
(server_info->nss_token)) {
status = create_token_from_username(session_info,
- session_info->unix_name,
+ session_info->unix_info->unix_name,
session_info->guest,
&session_info->unix_token->uid,
&session_info->unix_token->gid,
- &session_info->unix_name,
+ &session_info->unix_info->unix_name,
&session_info->security_token);
} else {
@@ -824,7 +824,7 @@ static NTSTATUS make_new_session_info_guest(struct auth3_session_info **session_
alpha_strcpy(tmp, (*session_info)->info3->base.account_name.string,
". _-$", sizeof(tmp));
- (*session_info)->sanitized_username = talloc_strdup(*session_info, tmp);
+ (*session_info)->unix_info->sanitized_username = talloc_strdup(*session_info, tmp);
status = NT_STATUS_OK;
done:
@@ -1015,13 +1015,15 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo(TALLOC_CTX
}
dst->extra = src->extra;
- dst->unix_name = talloc_strdup(dst, src->unix_name);
+ /* This element must be provided to convert back to an auth_serversupplied_info */
+ SMB_ASSERT(src->unix_info);
+ dst->unix_name = talloc_strdup(dst, src->unix_info->unix_name);
if (!dst->unix_name) {
TALLOC_FREE(dst);
return NULL;
}
- dst->sanitized_username = talloc_strdup(dst, src->sanitized_username);
+ dst->sanitized_username = talloc_strdup(dst, src->unix_info->sanitized_username);
if (!dst->sanitized_username) {
TALLOC_FREE(dst);
return NULL;
@@ -1080,14 +1082,20 @@ static struct auth3_session_info *copy_serverinfo_session_info(TALLOC_CTX *mem_c
}
dst->extra = src->extra;
- dst->unix_name = talloc_strdup(dst, src->unix_name);
- if (!dst->unix_name) {
+ dst->unix_info = talloc_zero(dst, struct auth_user_info_unix);
+ if (!dst->unix_info) {
TALLOC_FREE(dst);
return NULL;
}
- dst->sanitized_username = talloc_strdup(dst, src->sanitized_username);
- if (!dst->sanitized_username) {
+ dst->unix_info->unix_name = talloc_strdup(dst, src->unix_name);
+ if (!dst->unix_info->unix_name) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
+
+ dst->unix_info->sanitized_username = talloc_strdup(dst, src->sanitized_username);
+ if (!dst->unix_info->sanitized_username) {
TALLOC_FREE(dst);
return NULL;
}
@@ -1149,16 +1157,24 @@ struct auth3_session_info *copy_session_info(TALLOC_CTX *mem_ctx,
}
dst->extra = src->extra;
- dst->unix_name = talloc_strdup(dst, src->unix_name);
- if (!dst->unix_name) {
- TALLOC_FREE(dst);
- return NULL;
- }
+ if (src->unix_info) {
+ dst->unix_info = talloc_zero(dst, struct auth_user_info_unix);
+ if (!dst->unix_info) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
- dst->sanitized_username = talloc_strdup(dst, src->sanitized_username);
- if (!dst->sanitized_username) {
- TALLOC_FREE(dst);
- return NULL;
+ dst->unix_info->unix_name = talloc_strdup(dst, src->unix_info->unix_name);
+ if (!dst->unix_info->unix_name) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
+
+ dst->unix_info->sanitized_username = talloc_strdup(dst, src->unix_info->sanitized_username);
+ if (!dst->unix_info->sanitized_username) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
}
return dst;
diff --git a/source3/include/auth.h b/source3/include/auth.h
index f3c6a04092..11d501f434 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -112,16 +112,7 @@ struct auth3_session_info {
*/
bool nss_token;
- char *unix_name;
-
- /*
- * For performance reasons we keep an alpha_strcpy-sanitized version
- * of the username around as long as the global variable current_user
- * still exists. If we did not do keep this, we'd have to call
- * alpha_strcpy whenever we do a become_user(), potentially on every
- * smb request. See set_current_user_info.
- */
- char *sanitized_username;
+ struct auth_user_info_unix *unix_info;
};
struct auth_context {
diff --git a/source3/lib/afs.c b/source3/lib/afs.c
index 11a930b8b9..7a49c5772e 100644
--- a/source3/lib/afs.c
+++ b/source3/lib/afs.c
@@ -231,9 +231,9 @@ bool afs_login(connection_struct *conn)
}
afs_username = talloc_sub_advanced(ctx,
- SNUM(conn), conn->session_info->unix_name,
+ SNUM(conn), conn->session_info->unix_info->unix_name,
conn->connectpath, conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
pdb_get_domain(conn->session_info->sam_account),
afs_username);
if (!afs_username) {
diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c
index bf3cd5d51e..eae6d15f7c 100644
--- a/source3/lib/substitute.c
+++ b/source3/lib/substitute.c
@@ -815,11 +815,12 @@ void standard_sub_advanced(const char *servicename, const char *user,
char *standard_sub_conn(TALLOC_CTX *ctx, connection_struct *conn, const char *str)
{
- /* Make clear that we require the optional unix_token in the source3 code */
+ /* Make clear that we require the optional unix_token and unix_info in the source3 code */
SMB_ASSERT(conn->session_info->unix_token);
+ SMB_ASSERT(conn->session_info->unix_info);
return talloc_sub_advanced(ctx,
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
get_smb_user_name(),
diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c
index 101dc5bc6e..dd4eb90b13 100644
--- a/source3/modules/onefs_open.c
+++ b/source3/modules/onefs_open.c
@@ -327,7 +327,7 @@ static NTSTATUS onefs_open_file(files_struct *fsp,
fsp->wcp = NULL; /* Write cache pointer. */
DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
smb_fname_str_dbg(smb_fname),
BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
conn->num_files_open));
diff --git a/source3/modules/vfs_expand_msdfs.c b/source3/modules/vfs_expand_msdfs.c
index 8cb59b2cdd..c857c1a424 100644
--- a/source3/modules/vfs_expand_msdfs.c
+++ b/source3/modules/vfs_expand_msdfs.c
@@ -157,10 +157,10 @@ static char *expand_msdfs_target(TALLOC_CTX *ctx,
targethost = talloc_sub_advanced(ctx,
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
targethost);
diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
index 9e7981b408..da28551046 100644
--- a/source3/modules/vfs_full_audit.c
+++ b/source3/modules/vfs_full_audit.c
@@ -406,10 +406,10 @@ static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn)
}
result = talloc_sub_advanced(ctx,
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
prefix);
TALLOC_FREE(prefix);
diff --git a/source3/modules/vfs_recycle.c b/source3/modules/vfs_recycle.c
index 72355cd55e..65de114b83 100644
--- a/source3/modules/vfs_recycle.c
+++ b/source3/modules/vfs_recycle.c
@@ -443,10 +443,10 @@ static int recycle_unlink(vfs_handle_struct *handle,
int rc = -1;
repository = talloc_sub_advanced(NULL, lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
recycle_repository(handle));
ALLOC_CHECK(repository, done);
diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c
index 2ce8beb04f..fb36c4c99e 100644
--- a/source3/modules/vfs_smb_traffic_analyzer.c
+++ b/source3/modules/vfs_smb_traffic_analyzer.c
@@ -459,7 +459,7 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle,
* function.
*/
username = smb_traffic_analyzer_anonymize( talloc_tos(),
- handle->conn->session_info->sanitized_username,
+ handle->conn->session_info->unix_info->sanitized_username,
handle);
if (!username) {
diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index 50ef75b8ef..a2d5c5373b 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -2252,7 +2252,7 @@ static bool is_owner(const struct auth3_session_info *server_info,
if (!pjob || !server_info)
return False;
- return strequal(pjob->user, server_info->sanitized_username);
+ return strequal(pjob->user, server_info->unix_info->sanitized_username);
}
/****************************************************************************
@@ -2840,9 +2840,9 @@ WERROR print_job_start(const struct auth3_session_info *server_info,
fstrcpy(pjob.clientmachine, clientmachine);
fstrcpy(pjob.user, lp_printjob_username(snum));
- standard_sub_advanced(sharename, server_info->sanitized_username,
+ standard_sub_advanced(sharename, server_info->unix_info->sanitized_username,
path, server_info->unix_token->gid,
- server_info->sanitized_username,
+ server_info->unix_info->sanitized_username,
server_info->info3->base.domain.string,
pjob.user, sizeof(pjob.user)-1);
/* ensure NULL termination */
diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index fa018b424f..eaf1a5b0ba 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -2411,7 +2411,7 @@ NTSTATUS _lsa_GetUserName(struct pipes_struct *p,
return NT_STATUS_NO_MEMORY;
}
} else {
- username = p->session_info->sanitized_username;
+ username = p->session_info->unix_info->sanitized_username;
domname = p->session_info->info3->base.domain.string;
}
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index 52cfc111fb..43861b3045 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -686,7 +686,7 @@ static NTSTATUS close_normal_file(struct smb_request *req, files_struct *fsp,
status = ntstatus_keeperror(status, tmp);
DEBUG(2,("%s closed file %s (numopen=%d) %s\n",
- conn->session_info->unix_name, fsp_str_dbg(fsp),
+ conn->session_info->unix_info->unix_name, fsp_str_dbg(fsp),
conn->num_files_open - 1,
nt_errstr(status) ));
diff --git a/source3/smbd/fake_file.c b/source3/smbd/fake_file.c
index 68967fb268..2b31ba5ae0 100644
--- a/source3/smbd/fake_file.c
+++ b/source3/smbd/fake_file.c
@@ -147,7 +147,7 @@ NTSTATUS open_fake_file(struct smb_request *req, connection_struct *conn,
"service[%s] file[%s] user[%s]\n",
lp_servicename(SNUM(conn)),
smb_fname_str_dbg(smb_fname),
- conn->session_info->unix_name));
+ conn->session_info->unix_info->unix_name));
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index f84540fbec..b8fcc3022d 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -117,10 +117,10 @@ static int CopyExpanded(connection_struct *conn,
}
buf = talloc_sub_advanced(ctx,
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
buf);
if (!buf) {
@@ -168,10 +168,10 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s)
}
buf = talloc_sub_advanced(ctx,
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
buf);
if (!buf) {
@@ -4011,7 +4011,7 @@ static bool api_NetWkstaGetInfo(struct smbd_server_connection *sconn,
p += 4;
SIVAL(p,0,PTR_DIFF(p2,*rdata));
- strlcpy(p2,conn->session_info->sanitized_username,PTR_DIFF(endp,p2));
+ strlcpy(p2,conn->session_info->unix_info->sanitized_username,PTR_DIFF(endp,p2));
p2 = skip_string(*rdata,*rdata_len,p2);
if (!p2) {
return False;
@@ -4636,7 +4636,7 @@ static bool api_WWkstaUserLogon(struct smbd_server_connection *sconn,
if(vuser != NULL) {
DEBUG(3,(" Username of UID %d is %s\n",
(int)vuser->session_info->unix_token->uid,
- vuser->session_info->unix_name));
+ vuser->session_info->unix_info->unix_name));
}
uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index 25a82cdbb0..c71f83dedd 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -272,7 +272,7 @@ NTSTATUS create_conn_struct(TALLOC_CTX *ctx,
TALLOC_FREE(conn);
return NT_STATUS_NO_MEMORY;
}
- vfs_user = conn->session_info->unix_name;
+ vfs_user = conn->session_info->unix_info->unix_name;
} else {
/* use current authenticated user in absence of session_info */
vfs_user = get_current_username();
@@ -773,7 +773,7 @@ static NTSTATUS dfs_redirect(TALLOC_CTX *ctx,
if (!( strequal(pdp->servicename, lp_servicename(SNUM(conn)))
|| (strequal(pdp->servicename, HOMES_NAME)
&& strequal(lp_servicename(SNUM(conn)),
- conn->session_info->sanitized_username) )) ) {
+ conn->session_info->unix_info->sanitized_username) )) ) {
/* The given sharename doesn't match this connection. */
TALLOC_FREE(pdp);
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 5fdb07d769..9f745f269e 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -2501,7 +2501,7 @@ static void call_nt_transact_get_user_quota(connection_struct *conn,
if (get_current_uid(conn) != 0) {
DEBUG(1,("get_user_quota: access_denied service [%s] user "
"[%s]\n", lp_servicename(SNUM(conn)),
- conn->session_info->unix_name));
+ conn->session_info->unix_info->unix_name));
reply_nterror(req, NT_STATUS_ACCESS_DENIED);
return;
}
@@ -2771,7 +2771,7 @@ static void call_nt_transact_set_user_quota(connection_struct *conn,
if (get_current_uid(conn) != 0) {
DEBUG(1,("set_user_quota: access_denied service [%s] user "
"[%s]\n", lp_servicename(SNUM(conn)),
- conn->session_info->unix_name));
+ conn->session_info->unix_info->unix_name));
reply_nterror(req, NT_STATUS_ACCESS_DENIED);
return;
}
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 5bbcf1e616..d81c278110 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -689,7 +689,7 @@ static NTSTATUS open_file(files_struct *fsp,
fsp->wcp = NULL; /* Write cache pointer. */
DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
smb_fname_str_dbg(smb_fname),
BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
conn->num_files_open));
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index fb88fd3319..08b53a818e 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -281,22 +281,23 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
/* This is a potentially untrusted username */
alpha_strcpy(tmp, smb_name, ". _-$", sizeof(tmp));
- vuser->session_info->sanitized_username = talloc_strdup(
+ vuser->session_info->unix_info->sanitized_username = talloc_strdup(
vuser->session_info, tmp);
- /* Make clear that we require the optional unix_token in the source3 code */
+ /* Make clear that we require the optional unix_token and unix_info in the source3 code */
SMB_ASSERT(vuser->session_info->unix_token);
+ SMB_ASSERT(vuser->session_info->unix_info);
DEBUG(10,("register_existing_vuid: (%u,%u) %s %s %s guest=%d\n",
(unsigned int)vuser->session_info->unix_token->uid,
(unsigned int)vuser->session_info->unix_token->gid,
- vuser->session_info->unix_name,
- vuser->session_info->sanitized_username,
+ vuser->session_info->unix_info->unix_name,
+ vuser->session_info->unix_info->sanitized_username,
vuser->session_info->info3->base.domain.string,
vuser->session_info->guest ));
DEBUG(3, ("register_existing_vuid: User name: %s\t"
- "Real name: %s\n", vuser->session_info->unix_name,
+ "Real name: %s\n", vuser->session_info->unix_info->unix_name,
vuser->session_info->info3->base.full_name.string));
if (!vuser->session_info->security_token) {
@@ -310,7 +311,7 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
DEBUG(3,("register_existing_vuid: UNIX uid %d is UNIX user %s, "
"and will be vuid %u\n", (int)vuser->session_info->unix_token->uid,
- vuser->session_info->unix_name, vuser->vuid));
+ vuser->session_info->unix_info->unix_name, vuser->vuid));
if (!session_claim(sconn, vuser)) {
DEBUG(1, ("register_existing_vuid: Failed to claim session "
@@ -329,7 +330,7 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
if (!vuser->session_info->guest) {
vuser->homes_snum = register_homes_share(
- vuser->session_info->unix_name);
+ vuser->session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(sconn) &&
@@ -343,8 +344,8 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
/* fill in the current_user_info struct */
set_current_user_info(
- vuser->session_info->sanitized_username,
- vuser->session_info->unix_name,
+ vuser->session_info->unix_info->sanitized_username,
+ vuser->session_info->unix_info->unix_name,
vuser->session_info->info3->base.domain.string);
return vuser->vuid;
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 785486137c..66c7d08383 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1412,8 +1412,8 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in
vuser = get_valid_user_struct(sconn, session_tag);
if (vuser) {
set_current_user_info(
- vuser->session_info->sanitized_username,
- vuser->session_info->unix_name,
+ vuser->session_info->unix_info->sanitized_username,
+ vuser->session_info->unix_info->unix_name,
vuser->session_info->info3->base.domain.string);
}
}
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 0c86ec09f9..47114f1255 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -402,13 +402,13 @@ static NTSTATUS create_connection_session_info(struct smbd_server_connection *sc
return NT_STATUS_ACCESS_DENIED;
}
} else {
- if (!user_ok_token(vuid_serverinfo->unix_name,
+ if (!user_ok_token(vuid_serverinfo->unix_info->unix_name,
vuid_serverinfo->info3->base.domain.string,
vuid_serverinfo->security_token, snum)) {
DEBUG(2, ("user '%s' (from session setup) not "
"permitted to access this share "
"(%s)\n",
- vuid_serverinfo->unix_name,
+ vuid_serverinfo->unix_info->unix_name,
lp_servicename(snum)));
return NT_STATUS_ACCESS_DENIED;
}
@@ -496,7 +496,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
if (*lp_force_group(snum)) {
status = find_forced_group(
- conn->force_user, snum, conn->session_info->unix_name,
+ conn->force_user, snum, conn->session_info->unix_info->unix_name,
&conn->session_info->security_token->sids[1],
&conn->session_info->unix_token->gid);
@@ -571,7 +571,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
conn->force_user = true;
}
- add_session_user(sconn, conn->session_info->unix_name);
+ add_session_user(sconn, conn->session_info->unix_info->unix_name);
conn->num_files_open = 0;
conn->lastused = conn->lastused_count = time(NULL);
@@ -613,10 +613,10 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
{
char *s = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
lp_pathname(snum));
if (!s) {
@@ -700,7 +700,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
filesystem operation that we do. */
if (SMB_VFS_CONNECT(conn, lp_servicename(snum),
- conn->session_info->unix_name) < 0) {
+ conn->session_info->unix_info->unix_name) < 0) {
DEBUG(0,("make_connection: VFS make connection failed!\n"));
*pstatus = NT_STATUS_UNSUCCESSFUL;
goto err_root_exit;
@@ -735,10 +735,10 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
if (*lp_rootpreexec(snum)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
lp_rootpreexec(snum));
DEBUG(5,("cmd=%s\n",cmd));
@@ -773,10 +773,10 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
if (*lp_preexec(snum)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
lp_preexec(snum));
ret = smbrun(cmd,NULL);
@@ -881,7 +881,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
dbgtext( "%s", srv_is_signing_active(sconn) ? "signed " : "");
dbgtext( "connect to service %s ", lp_servicename(snum) );
dbgtext( "initially as user %s ",
- conn->session_info->unix_name );
+ conn->session_info->unix_info->unix_name );
dbgtext( "(uid=%d, gid=%d) ", (int)effuid, (int)effgid );
dbgtext( "(pid %d)\n", (int)sys_getpid() );
}
@@ -1093,10 +1093,10 @@ void close_cnum(connection_struct *conn, uint16 vuid)
change_to_user(conn, vuid)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
lp_postexec(SNUM(conn)));
smbrun(cmd,NULL);
@@ -1109,10 +1109,10 @@ void close_cnum(connection_struct *conn, uint16 vuid)
if (*lp_rootpostexec(SNUM(conn))) {
char *cmd = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
- conn->session_info->sanitized_username,
+ conn->session_info->unix_info->sanitized_username,
conn->session_info->info3->base.domain.string,
lp_rootpostexec(SNUM(conn)));
smbrun(cmd,NULL);
diff --git a/source3/smbd/session.c b/source3/smbd/session.c
index 184ce1b3a5..a6bc4924b5 100644
--- a/source3/smbd/session.c
+++ b/source3/smbd/session.c
@@ -139,7 +139,7 @@ bool session_claim(struct smbd_server_connection *sconn, user_struct *vuser)
/* Make clear that we require the optional unix_token in the source3 code */
SMB_ASSERT(vuser->session_info->unix_token);
- fstrcpy(sessionid.username, vuser->session_info->unix_name);
+ fstrcpy(sessionid.username, vuser->session_info->unix_info->unix_name);
fstrcpy(sessionid.hostname, sconn->remote_hostname);
sessionid.id_num = i; /* Only valid for utmp sessions */
sessionid.pid = pid;
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 65454aef18..7e181ef5dd 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1188,8 +1188,8 @@ static NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req)
return NT_STATUS_ACCESS_DENIED;
}
- set_current_user_info(session->session_info->sanitized_username,
- session->session_info->unix_name,
+ set_current_user_info(session->session_info->unix_info->sanitized_username,
+ session->session_info->unix_info->unix_name,
session->session_info->info3->base.domain.string);
req->session = session;
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 8a4704cb28..fb9fbde502 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -277,12 +277,12 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
/* This is a potentially untrusted username */
alpha_strcpy(tmp, user, ". _-$", sizeof(tmp));
- session->session_info->sanitized_username =
+ session->session_info->unix_info->sanitized_username =
talloc_strdup(session->session_info, tmp);
if (!session->session_info->guest) {
session->compat_vuser->homes_snum =
- register_homes_share(session->session_info->unix_name);
+ register_homes_share(session->session_info->unix_info->unix_name);
}
if (!session_claim(session->sconn, session->compat_vuser)) {
@@ -488,12 +488,12 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
auth_ntlmssp_get_username(session->auth_ntlmssp_state),
". _-$",
sizeof(tmp));
- session->session_info->sanitized_username = talloc_strdup(
+ session->session_info->unix_info->sanitized_username = talloc_strdup(
session->session_info, tmp);
if (!session->compat_vuser->session_info->guest) {
session->compat_vuser->homes_snum =
- register_homes_share(session->session_info->unix_name);
+ register_homes_share(session->session_info->unix_info->unix_name);
}
if (!session_claim(session->sconn, session->compat_vuser)) {
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index 6b86e24dc2..a302b4ea58 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -186,7 +186,7 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
"user %s because it was not found "
"or created at session setup "
"time\n",
- compat_vuser->session_info->unix_name));
+ compat_vuser->session_info->unix_info->unix_name));
return NT_STATUS_BAD_NETWORK_NAME;
}
snum = compat_vuser->homes_snum;
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index bfde938635..90eb40a62f 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -3209,7 +3209,7 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
DEBUG(0,("set_user_quota: access_denied "
"service [%s] user [%s]\n",
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name));
+ conn->session_info->unix_info->unix_name));
return NT_STATUS_ACCESS_DENIED;
}
@@ -3703,7 +3703,7 @@ cap_low = 0x%x, cap_high = 0x%x\n",
if ((get_current_uid(conn) != 0) || !CAN_WRITE(conn)) {
DEBUG(0,("set_user_quota: access_denied service [%s] user [%s]\n",
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name));
+ conn->session_info->unix_info->unix_name));
reply_nterror(req, NT_STATUS_ACCESS_DENIED);
return;
}
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index b6ea7674b1..47c9786116 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -109,13 +109,13 @@ static bool check_user_ok(connection_struct *conn,
}
}
- if (!user_ok_token(session_info->unix_name,
+ if (!user_ok_token(session_info->unix_info->unix_name,
session_info->info3->base.domain.string,
session_info->security_token, snum))
return(False);
readonly_share = is_share_read_only_for_token(
- session_info->unix_name,
+ session_info->unix_info->unix_name,
session_info->info3->base.domain.string,
session_info->security_token,
conn);
@@ -140,7 +140,7 @@ static bool check_user_ok(connection_struct *conn,
}
admin_user = token_contains_name_in_list(
- session_info->unix_name,
+ session_info->unix_info->unix_name,
session_info->info3->base.domain.string,
NULL, session_info->security_token, lp_admin_users(snum));
@@ -176,7 +176,7 @@ static bool check_user_ok(connection_struct *conn,
if (admin_user) {
DEBUG(2,("check_user_ok: user %s is an admin user. "
"Setting uid as %d\n",
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
sec_initial_uid() ));
conn->session_info->unix_token->uid = sec_initial_uid();
}
@@ -207,8 +207,8 @@ static bool change_to_user_internal(connection_struct *conn,
if (!ok) {
DEBUG(2,("SMB user %s (unix user %s) "
"not permitted access to share %s.\n",
- session_info->sanitized_username,
- session_info->unix_name,
+ session_info->unix_info->sanitized_username,
+ session_info->unix_info->unix_name,
lp_servicename(snum)));
return false;
}