summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srvsvc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-02-21 10:25:52 +0100
committerAndrew Bartlett <abartlet@samba.org>2011-02-22 16:20:10 +1100
commit2e69e894566d32001120d76d7ba58cdacb56d279 (patch)
tree2ac3ab5945d6bc9ed9ac4757c05dd8a72057e1ec /source3/rpc_server/srvsvc
parent985c7da604ac30e67ee4b5a829935074900d6f26 (diff)
downloadsamba-2e69e894566d32001120d76d7ba58cdacb56d279.tar.gz
samba-2e69e894566d32001120d76d7ba58cdacb56d279.tar.bz2
samba-2e69e894566d32001120d76d7ba58cdacb56d279.zip
s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_info
These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3/rpc_server/srvsvc')
-rw-r--r--source3/rpc_server/srvsvc/srv_srvsvc_nt.c46
1 files changed, 23 insertions, 23 deletions
diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index cd4ada1b90..31df4886bb 100644
--- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
@@ -271,7 +271,7 @@ static void init_srv_share_info_1(struct pipes_struct *p,
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(snum),
get_current_username(), lp_pathname(snum),
- p->server_info->utok.uid, get_current_username(),
+ p->session_info->utok.uid, get_current_username(),
"", remark);
}
@@ -299,7 +299,7 @@ static void init_srv_share_info_2(struct pipes_struct *p,
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(snum),
get_current_username(), lp_pathname(snum),
- p->server_info->utok.uid, get_current_username(),
+ p->session_info->utok.uid, get_current_username(),
"", remark);
}
path = talloc_asprintf(p->mem_ctx,
@@ -364,7 +364,7 @@ static void init_srv_share_info_501(struct pipes_struct *p,
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(snum),
get_current_username(), lp_pathname(snum),
- p->server_info->utok.uid, get_current_username(),
+ p->session_info->utok.uid, get_current_username(),
"", remark);
}
@@ -393,7 +393,7 @@ static void init_srv_share_info_502(struct pipes_struct *p,
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(snum),
get_current_username(), lp_pathname(snum),
- p->server_info->utok.uid, get_current_username(),
+ p->session_info->utok.uid, get_current_username(),
"", remark);
}
path = talloc_asprintf(ctx, "C:%s", lp_pathname(snum));
@@ -434,7 +434,7 @@ static void init_srv_share_info_1004(struct pipes_struct *p,
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(snum),
get_current_username(), lp_pathname(snum),
- p->server_info->utok.uid, get_current_username(),
+ p->session_info->utok.uid, get_current_username(),
"", remark);
}
@@ -520,7 +520,7 @@ static bool is_enumeration_allowed(struct pipes_struct *p,
if (!lp_access_based_share_enum(snum))
return true;
- return share_access_check(p->server_info->security_token, lp_servicename(snum),
+ return share_access_check(p->session_info->security_token, lp_servicename(snum),
FILE_READ_DATA);
}
@@ -1055,7 +1055,7 @@ WERROR _srvsvc_NetFileEnum(struct pipes_struct *p,
}
if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
- p->server_info->security_token)) {
+ p->session_info->security_token)) {
DEBUG(1, ("Enumerating files only allowed for "
"administrators\n"));
return WERR_ACCESS_DENIED;
@@ -1214,7 +1214,7 @@ WERROR _srvsvc_NetConnEnum(struct pipes_struct *p,
DEBUG(5,("_srvsvc_NetConnEnum: %d\n", __LINE__));
if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
- p->server_info->security_token)) {
+ p->session_info->security_token)) {
DEBUG(1, ("Enumerating connections only allowed for "
"administrators\n"));
return WERR_ACCESS_DENIED;
@@ -1252,7 +1252,7 @@ WERROR _srvsvc_NetSessEnum(struct pipes_struct *p,
DEBUG(5,("_srvsvc_NetSessEnum: %d\n", __LINE__));
if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
- p->server_info->security_token)) {
+ p->session_info->security_token)) {
DEBUG(1, ("Enumerating sessions only allowed for "
"administrators\n"));
return WERR_ACCESS_DENIED;
@@ -1310,8 +1310,8 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p,
/* fail out now if you are not root or not a domain admin */
- if ((p->server_info->utok.uid != sec_initial_uid()) &&
- ( ! nt_token_check_domain_rid(p->server_info->security_token,
+ if ((p->session_info->utok.uid != sec_initial_uid()) &&
+ ( ! nt_token_check_domain_rid(p->session_info->security_token,
DOMAIN_RID_ADMINS))) {
goto done;
@@ -1324,7 +1324,7 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p,
NTSTATUS ntstat;
- if (p->server_info->utok.uid != sec_initial_uid()) {
+ if (p->session_info->utok.uid != sec_initial_uid()) {
not_root = True;
become_root();
}
@@ -1579,15 +1579,15 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p,
if (lp_print_ok(snum))
return WERR_ACCESS_DENIED;
- is_disk_op = security_token_has_privilege(p->server_info->security_token, SEC_PRIV_DISK_OPERATOR);
+ is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR);
/* fail out now if you are not root and not a disk op */
- if ( p->server_info->utok.uid != sec_initial_uid() && !is_disk_op ) {
+ if ( p->session_info->utok.uid != sec_initial_uid() && !is_disk_op ) {
DEBUG(2,("_srvsvc_NetShareSetInfo: uid %u doesn't have the "
"SeDiskOperatorPrivilege privilege needed to modify "
"share %s\n",
- (unsigned int)p->server_info->utok.uid,
+ (unsigned int)p->session_info->utok.uid,
share_name ));
return WERR_ACCESS_DENIED;
}
@@ -1782,9 +1782,9 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p,
*r->out.parm_error = 0;
}
- is_disk_op = security_token_has_privilege(p->server_info->security_token, SEC_PRIV_DISK_OPERATOR);
+ is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR);
- if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op )
+ if (p->session_info->utok.uid != sec_initial_uid() && !is_disk_op )
return WERR_ACCESS_DENIED;
if (!lp_add_share_cmd() || !*lp_add_share_cmd()) {
@@ -1988,9 +1988,9 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p,
if (lp_print_ok(snum))
return WERR_ACCESS_DENIED;
- is_disk_op = security_token_has_privilege(p->server_info->security_token, SEC_PRIV_DISK_OPERATOR);
+ is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR);
- if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op )
+ if (p->session_info->utok.uid != sec_initial_uid() && !is_disk_op )
return WERR_ACCESS_DENIED;
if (!lp_delete_share_cmd() || !*lp_delete_share_cmd()) {
@@ -2141,7 +2141,7 @@ WERROR _srvsvc_NetGetFileSecurity(struct pipes_struct *p,
}
nt_status = create_conn_struct(talloc_tos(), &conn, snum,
- lp_pathname(snum), p->server_info,
+ lp_pathname(snum), p->session_info,
&oldcwd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(10, ("create_conn_struct failed: %s\n",
@@ -2280,7 +2280,7 @@ WERROR _srvsvc_NetSetFileSecurity(struct pipes_struct *p,
}
nt_status = create_conn_struct(talloc_tos(), &conn, snum,
- lp_pathname(snum), p->server_info,
+ lp_pathname(snum), p->session_info,
&oldcwd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(10, ("create_conn_struct failed: %s\n",
@@ -2554,9 +2554,9 @@ WERROR _srvsvc_NetFileClose(struct pipes_struct *p,
DEBUG(5,("_srvsvc_NetFileClose: %d\n", __LINE__));
- is_disk_op = security_token_has_privilege(p->server_info->security_token, SEC_PRIV_DISK_OPERATOR);
+ is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR);
- if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op) {
+ if (p->session_info->utok.uid != sec_initial_uid() && !is_disk_op) {
return WERR_ACCESS_DENIED;
}