diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-06-15 12:38:13 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-06-15 12:38:13 +0000 |
| commit | ac08646c374cd70e47301bce3e031b35cb220347 (patch) | |
| tree | 5e302cfd5bfe703ad0fbe7614f656bf7595691a8 /source3/rpc_server | |
| parent | 843a467f21b48c5fc77c6c2d2db6553e5066a0c5 (diff) | |
| download | samba-ac08646c374cd70e47301bce3e031b35cb220347.tar.gz samba-ac08646c374cd70e47301bce3e031b35cb220347.tar.bz2 samba-ac08646c374cd70e47301bce3e031b35cb220347.zip | |
Rework much of the service.c code:
The aim of this execise is to give the 'security>=user' code a straight paper
path. Security=share will sill call authorise_login(), but otherwise we avoid
that mess.
This allow *much* more accurate error code reporting, beocuse we don't start
pretending that we can use the (nonexistant) password etc.
Also in this patch is code to create the 'homes' share at session setup time
(as we have done in the past - been broken recently) and to record this on
the user's vuser struct for later reference. The changes here should also
allow for much better use of %H (some more changes to come here).
The service.c changes move a lot of code around, but are not as drastric
as they look...
(Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not
'*total_entries' was compared).
This code is needs testing, but passes my basic tests.
I expect we have lost some functionality, but the stuff I had expected
to loose was already broken before I started. In particular, we don't 'fall
back' to guest if the user cannot access a share (for security=user). If you
want this kind of stuff then you really want security=share anyway.
Andrew Bartlett
(This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
Diffstat (limited to 'source3/rpc_server')
| -rw-r--r-- | source3/rpc_server/srv_srvsvc_nt.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index f99827ea19..f5b9959b2c 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -308,7 +308,7 @@ void map_generic_share_sd_bits(SEC_DESC *psd) Can this user access with share with the required permissions ? ********************************************************************/ -BOOL share_access_check(connection_struct *conn, int snum, uint16 vuid, uint32 desired_access) +BOOL share_access_check(connection_struct *conn, int snum, user_struct *vuser, uint32 desired_access) { uint32 granted; NTSTATUS status; @@ -316,7 +316,6 @@ BOOL share_access_check(connection_struct *conn, int snum, uint16 vuid, uint32 d SEC_DESC *psd = NULL; size_t sd_size; NT_USER_TOKEN *token = NULL; - user_struct *vuser = get_valid_user_struct(vuid); BOOL ret = True; mem_ctx = talloc_init(); @@ -969,7 +968,7 @@ static WERROR init_srv_file_info_ctr(pipes_struct *p, SRV_FILE_INFO_CTR *ctr, switch (switch_value) { case 3: { int i; - if (total_entries > 0) { + if (*total_entries > 0) { ctr->ptr_entries = 1; ctr->file.info3 = talloc(ctx, ctr->num_entries * sizeof(SRV_FILE_INFO_3)); |