summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2006-02-03 22:19:41 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:06:23 -0500
commit0af1500fc0bafe61019f1b2ab1d9e1d369221240 (patch)
tree653fc2533795458d5f9696402285d9f14e527a21 /source3/smbd
parent21a30a1346c9f9a25659a0cea0d276d8c2e6ddca (diff)
downloadsamba-0af1500fc0bafe61019f1b2ab1d9e1d369221240.tar.gz
samba-0af1500fc0bafe61019f1b2ab1d9e1d369221240.tar.bz2
samba-0af1500fc0bafe61019f1b2ab1d9e1d369221240.zip
r13316: Let the carnage begin....
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/chgpasswd.c13
-rw-r--r--source3/smbd/conn.c2
-rw-r--r--source3/smbd/lanman.c2690
-rw-r--r--source3/smbd/msdfs.c8
-rw-r--r--source3/smbd/ntquotas.c9
-rw-r--r--source3/smbd/nttrans.c2
-rw-r--r--source3/smbd/open.c10
-rw-r--r--source3/smbd/password.c143
-rw-r--r--source3/smbd/posix_acls.c10
-rw-r--r--source3/smbd/process.c115
-rw-r--r--source3/smbd/sec_ctx.c58
-rw-r--r--source3/smbd/server.c29
-rw-r--r--source3/smbd/service.c287
-rw-r--r--source3/smbd/sesssetup.c30
-rw-r--r--source3/smbd/share_access.c264
-rw-r--r--source3/smbd/uid.c131
16 files changed, 2121 insertions, 1680 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index bb30519319..0798541cb5 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -690,7 +690,7 @@ BOOL change_lanman_password(SAM_ACCOUNT *sampass, uchar *pass2)
}
/* Now flush the sam_passwd struct to persistent storage */
- ret = pdb_update_sam_account (sampass);
+ ret = NT_STATUS_IS_OK(pdb_update_sam_account (sampass));
return ret;
}
@@ -828,7 +828,7 @@ static NTSTATUS check_oem_password(const char *user,
DEBUG(1, ("LM password change supplied for user %s, but we have disabled LanMan authentication\n",
user));
}
- pdb_free_sam(&sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_WRONG_PASSWORD;
} else {
DEBUG(1, ("password change requested for user %s, but no password supplied!\n",
@@ -1009,7 +1009,6 @@ static BOOL check_passwd_history(SAM_ACCOUNT *sampass, const char *plaintext)
NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passwd, BOOL as_root)
{
- BOOL ret;
uint32 min_len, min_age;
struct passwd *pass = NULL;
const char *username = pdb_get_username(hnd);
@@ -1090,11 +1089,5 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw
}
/* Now write it into the file. */
- ret = pdb_update_sam_account (hnd);
-
- if (!ret) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
- return NT_STATUS_OK;
+ return pdb_update_sam_account (hnd);
}
diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c
index bb000bac30..bf4db99ea6 100644
--- a/source3/smbd/conn.c
+++ b/source3/smbd/conn.c
@@ -249,7 +249,7 @@ void conn_free_internal(connection_struct *conn)
}
if (conn->nt_user_token) {
- delete_nt_token(&(conn->nt_user_token));
+ talloc_free(conn->nt_user_token);
}
free_namearray(conn->veto_list);
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 4778702e7a..83dfdf0d8b 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -1034,107 +1034,111 @@ static int get_server_info(uint32 servertype,
struct srv_info_struct **servers,
const char *domain)
{
- int count=0;
- int alloced=0;
- char **lines;
- BOOL local_list_only;
- int i;
+ int count=0;
+ int alloced=0;
+ char **lines;
+ BOOL local_list_only;
+ int i;
- lines = file_lines_load(lock_path(SERVER_LIST), NULL);
- if (!lines) {
- DEBUG(4,("Can't open %s - %s\n",lock_path(SERVER_LIST),strerror(errno)));
- return(0);
- }
+ lines = file_lines_load(lock_path(SERVER_LIST), NULL, 0);
+ if (!lines) {
+ DEBUG(4,("Can't open %s - %s\n",lock_path(SERVER_LIST),strerror(errno)));
+ return 0;
+ }
- /* request for everything is code for request all servers */
- if (servertype == SV_TYPE_ALL)
- servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY);
+ /* request for everything is code for request all servers */
+ if (servertype == SV_TYPE_ALL) {
+ servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY);
+ }
- local_list_only = (servertype & SV_TYPE_LOCAL_LIST_ONLY);
+ local_list_only = (servertype & SV_TYPE_LOCAL_LIST_ONLY);
- DEBUG(4,("Servertype search: %8x\n",servertype));
+ DEBUG(4,("Servertype search: %8x\n",servertype));
- for (i=0;lines[i];i++) {
- fstring stype;
- struct srv_info_struct *s;
- const char *ptr = lines[i];
- BOOL ok = True;
+ for (i=0;lines[i];i++) {
+ fstring stype;
+ struct srv_info_struct *s;
+ const char *ptr = lines[i];
+ BOOL ok = True;
- if (!*ptr) continue;
+ if (!*ptr) {
+ continue;
+ }
- if (count == alloced) {
- struct srv_info_struct *ts;
+ if (count == alloced) {
+ struct srv_info_struct *ts;
- alloced += 10;
- ts = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced);
- if (!ts) {
- DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n"));
- return(0);
- }
- else *servers = ts;
- memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count));
- }
- s = &(*servers)[count];
+ alloced += 10;
+ ts = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced);
+ if (!ts) {
+ DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n"));
+ return 0;
+ } else {
+ *servers = ts;
+ }
+ memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count));
+ }
+ s = &(*servers)[count];
- if (!next_token(&ptr,s->name , NULL, sizeof(s->name))) continue;
- if (!next_token(&ptr,stype , NULL, sizeof(stype))) continue;
- if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) continue;
- if (!next_token(&ptr,s->domain , NULL, sizeof(s->domain))) {
- /* this allows us to cope with an old nmbd */
- fstrcpy(s->domain,lp_workgroup());
- }
+ if (!next_token(&ptr,s->name, NULL, sizeof(s->name))) {
+ continue;
+ }
+ if (!next_token(&ptr,stype, NULL, sizeof(stype))) {
+ continue;
+ }
+ if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) {
+ continue;
+ }
+ if (!next_token(&ptr,s->domain, NULL, sizeof(s->domain))) {
+ /* this allows us to cope with an old nmbd */
+ fstrcpy(s->domain,lp_workgroup());
+ }
- if (sscanf(stype,"%X",&s->type) != 1) {
- DEBUG(4,("r:host file "));
- ok = False;
- }
+ if (sscanf(stype,"%X",&s->type) != 1) {
+ DEBUG(4,("r:host file "));
+ ok = False;
+ }
- /* Filter the servers/domains we return based on what was asked for. */
+ /* Filter the servers/domains we return based on what was asked for. */
- /* Check to see if we are being asked for a local list only. */
- if(local_list_only && ((s->type & SV_TYPE_LOCAL_LIST_ONLY) == 0)) {
- DEBUG(4,("r: local list only"));
- ok = False;
- }
+ /* Check to see if we are being asked for a local list only. */
+ if(local_list_only && ((s->type & SV_TYPE_LOCAL_LIST_ONLY) == 0)) {
+ DEBUG(4,("r: local list only"));
+ ok = False;
+ }
- /* doesn't match up: don't want it */
- if (!(servertype & s->type)) {
- DEBUG(4,("r:serv type "));
- ok = False;
- }
+ /* doesn't match up: don't want it */
+ if (!(servertype & s->type)) {
+ DEBUG(4,("r:serv type "));
+ ok = False;
+ }
- if ((servertype & SV_TYPE_DOMAIN_ENUM) !=
- (s->type & SV_TYPE_DOMAIN_ENUM))
- {
- DEBUG(4,("s: dom mismatch "));
- ok = False;
- }
+ if ((servertype & SV_TYPE_DOMAIN_ENUM) !=
+ (s->type & SV_TYPE_DOMAIN_ENUM)) {
+ DEBUG(4,("s: dom mismatch "));
+ ok = False;
+ }
- if (!strequal(domain, s->domain) && !(servertype & SV_TYPE_DOMAIN_ENUM))
- {
- ok = False;
- }
+ if (!strequal(domain, s->domain) && !(servertype & SV_TYPE_DOMAIN_ENUM)) {
+ ok = False;
+ }
- /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */
- s->type &= ~SV_TYPE_LOCAL_LIST_ONLY;
+ /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */
+ s->type &= ~SV_TYPE_LOCAL_LIST_ONLY;
- if (ok)
- {
- DEBUG(4,("**SV** %20s %8x %25s %15s\n",
- s->name, s->type, s->comment, s->domain));
-
- s->server_added = True;
- count++;
- }
- else
- {
- DEBUG(4,("%20s %8x %25s %15s\n",
- s->name, s->type, s->comment, s->domain));
- }
- }
+ if (ok) {
+ DEBUG(4,("**SV** %20s %8x %25s %15s\n",
+ s->name, s->type, s->comment, s->domain));
+ s->server_added = True;
+ count++;
+ } else {
+ DEBUG(4,("%20s %8x %25s %15s\n",
+ s->name, s->type, s->comment, s->domain));
+ }
+ }
- file_lines_free(lines);
- return(count);
+ file_lines_free(lines);
+ return count;
}
/*******************************************************************
@@ -1145,75 +1149,79 @@ static int fill_srv_info(struct srv_info_struct *service,
int uLevel, char **buf, int *buflen,
char **stringbuf, int *stringspace, char *baseaddr)
{
- int struct_len;
- char* p;
- char* p2;
- int l2;
- int len;
-
- switch (uLevel) {
- case 0: struct_len = 16; break;
- case 1: struct_len = 26; break;
- default: return -1;
- }
+ int struct_len;
+ char* p;
+ char* p2;
+ int l2;
+ int len;
- if (!buf)
- {
- len = 0;
- switch (uLevel)
- {
- case 1:
- len = strlen(service->comment)+1;
- break;
+ switch (uLevel) {
+ case 0:
+ struct_len = 16;
+ break;
+ case 1:
+ struct_len = 26;
+ break;
+ default:
+ return -1;
}
+
+ if (!buf) {
+ len = 0;
+ switch (uLevel) {
+ case 1:
+ len = strlen(service->comment)+1;
+ break;
+ }
- if (buflen) *buflen = struct_len;
- if (stringspace) *stringspace = len;
- return struct_len + len;
- }
+ if (buflen) {
+ *buflen = struct_len;
+ }
+ if (stringspace) {
+ *stringspace = len;
+ }
+ return struct_len + len;
+ }
- len = struct_len;
- p = *buf;
- if (*buflen < struct_len) return -1;
- if (stringbuf)
- {
- p2 = *stringbuf;
- l2 = *stringspace;
- }
- else
- {
- p2 = p + struct_len;
- l2 = *buflen - struct_len;
- }
- if (!baseaddr) baseaddr = p;
+ len = struct_len;
+ p = *buf;
+ if (*buflen < struct_len) {
+ return -1;
+ }
+ if (stringbuf) {
+ p2 = *stringbuf;
+ l2 = *stringspace;
+ } else {
+ p2 = p + struct_len;
+ l2 = *buflen - struct_len;
+ }
+ if (!baseaddr) {
+ baseaddr = p;
+ }
- switch (uLevel)
- {
- case 0:
- push_ascii(p,service->name, MAX_NETBIOSNAME_LEN, STR_TERMINATE);
- break;
-
- case 1:
- push_ascii(p,service->name,MAX_NETBIOSNAME_LEN, STR_TERMINATE);
- SIVAL(p,18,service->type);
- SIVAL(p,22,PTR_DIFF(p2,baseaddr));
- len += CopyAndAdvance(&p2,service->comment,&l2);
- break;
- }
-
- if (stringbuf)
- {
- *buf = p + struct_len;
- *buflen -= struct_len;
- *stringbuf = p2;
- *stringspace = l2;
- }
- else
- {
- *buf = p2;
- *buflen -= len;
- }
- return len;
+ switch (uLevel) {
+ case 0:
+ push_ascii(p,service->name, MAX_NETBIOSNAME_LEN, STR_TERMINATE);
+ break;
+
+ case 1:
+ push_ascii(p,service->name,MAX_NETBIOSNAME_LEN, STR_TERMINATE);
+ SIVAL(p,18,service->type);
+ SIVAL(p,22,PTR_DIFF(p2,baseaddr));
+ len += CopyAndAdvance(&p2,service->comment,&l2);
+ break;
+ }
+
+ if (stringbuf) {
+ *buf = p + struct_len;
+ *buflen -= struct_len;
+ *stringbuf = p2;
+ *stringspace = l2;
+ } else {
+ *buf = p2;
+ *buflen -= len;
+ }
+ return len;
}
@@ -1231,124 +1239,137 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param
int mdrcnt, int mprcnt, char **rdata,
char **rparam, int *rdata_len, int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel = SVAL(p,0);
- int buf_len = SVAL(p,2);
- uint32 servertype = IVAL(p,4);
- char *p2;
- int data_len, fixed_len, string_len;
- int f_len = 0, s_len = 0;
- struct srv_info_struct *servers=NULL;
- int counted=0,total=0;
- int i,missed;
- fstring domain;
- BOOL domain_request;
- BOOL local_request;
-
- /* If someone sets all the bits they don't really mean to set
- DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the
- known servers. */
-
- if (servertype == SV_TYPE_ALL)
- servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY);
-
- /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set
- any other bit (they may just set this bit on it's own) they
- want all the locally seen servers. However this bit can be
- set on its own so set the requested servers to be
- ALL - DOMAIN_ENUM. */
-
- if ((servertype & SV_TYPE_LOCAL_LIST_ONLY) && !(servertype & SV_TYPE_DOMAIN_ENUM))
- servertype = SV_TYPE_ALL & ~(SV_TYPE_DOMAIN_ENUM);
-
- domain_request = ((servertype & SV_TYPE_DOMAIN_ENUM) != 0);
- local_request = ((servertype & SV_TYPE_LOCAL_LIST_ONLY) != 0);
-
- p += 8;
-
- if (!prefix_ok(str1,"WrLehD")) return False;
- if (!check_server_info(uLevel,str2)) return False;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel = SVAL(p,0);
+ int buf_len = SVAL(p,2);
+ uint32 servertype = IVAL(p,4);
+ char *p2;
+ int data_len, fixed_len, string_len;
+ int f_len = 0, s_len = 0;
+ struct srv_info_struct *servers=NULL;
+ int counted=0,total=0;
+ int i,missed;
+ fstring domain;
+ BOOL domain_request;
+ BOOL local_request;
+
+ /* If someone sets all the bits they don't really mean to set
+ DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the
+ known servers. */
+
+ if (servertype == SV_TYPE_ALL) {
+ servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY);
+ }
+
+ /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set
+ any other bit (they may just set this bit on it's own) they
+ want all the locally seen servers. However this bit can be
+ set on its own so set the requested servers to be
+ ALL - DOMAIN_ENUM. */
+
+ if ((servertype & SV_TYPE_LOCAL_LIST_ONLY) && !(servertype & SV_TYPE_DOMAIN_ENUM)) {
+ servertype = SV_TYPE_ALL & ~(SV_TYPE_DOMAIN_ENUM);
+ }
+
+ domain_request = ((servertype & SV_TYPE_DOMAIN_ENUM) != 0);
+ local_request = ((servertype & SV_TYPE_LOCAL_LIST_ONLY) != 0);
+
+ p += 8;
+
+ if (!prefix_ok(str1,"WrLehD")) {
+ return False;
+ }
+ if (!check_server_info(uLevel,str2)) {
+ return False;
+ }
- DEBUG(4, ("server request level: %s %8x ", str2, servertype));
- DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request)));
- DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request)));
-
- if (strcmp(str1, "WrLehDz") == 0) {
- pull_ascii_fstring(domain, p);
- } else {
- fstrcpy(domain, lp_workgroup());
- }
-
- if (lp_browse_list())
- total = get_server_info(servertype,&servers,domain);
-
- data_len = fixed_len = string_len = 0;
- missed = 0;
-
- if (total > 0)
- qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp);
-
- {
- char *lastname=NULL;
-
- for (i=0;i<total;i++)
- {
- struct srv_info_struct *s = &servers[i];
- if (lastname && strequal(lastname,s->name)) continue;
- lastname = s->name;
- data_len += fill_srv_info(s,uLevel,0,&f_len,0,&s_len,0);
- DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
- s->name, s->type, s->comment, s->domain));
+ DEBUG(4, ("server request level: %s %8x ", str2, servertype));
+ DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request)));
+ DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request)));
+
+ if (strcmp(str1, "WrLehDz") == 0) {
+ pull_ascii_fstring(domain, p);
+ } else {
+ fstrcpy(domain, lp_workgroup());
+ }
+
+ if (lp_browse_list()) {
+ total = get_server_info(servertype,&servers,domain);
+ }
+
+ data_len = fixed_len = string_len = 0;
+ missed = 0;
+
+ if (total > 0) {
+ qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp);
+ }
+
+ {
+ char *lastname=NULL;
+
+ for (i=0;i<total;i++) {
+ struct srv_info_struct *s = &servers[i];
+
+ if (lastname && strequal(lastname,s->name)) {
+ continue;
+ }
+ lastname = s->name;
+ data_len += fill_srv_info(s,uLevel,0,&f_len,0,&s_len,0);
+ DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
+ s->name, s->type, s->comment, s->domain));
- if (data_len <= buf_len) {
- counted++;
- fixed_len += f_len;
- string_len += s_len;
- } else {
- missed++;
- }
- }
- }
-
- *rdata_len = fixed_len + string_len;
- *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
- memset(*rdata,'\0',*rdata_len);
+ if (data_len <= buf_len) {
+ counted++;
+ fixed_len += f_len;
+ string_len += s_len;
+ } else {
+ missed++;
+ }
+ }
+ }
+
+ *rdata_len = fixed_len + string_len;
+ *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
+ memset(*rdata,'\0',*rdata_len);
- p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */
- p = *rdata;
- f_len = fixed_len;
- s_len = string_len;
-
- {
- char *lastname=NULL;
- int count2 = counted;
- for (i = 0; i < total && count2;i++)
- {
- struct srv_info_struct *s = &servers[i];
- if (lastname && strequal(lastname,s->name)) continue;
- lastname = s->name;
- fill_srv_info(s,uLevel,&p,&f_len,&p2,&s_len,*rdata);
- DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
- s->name, s->type, s->comment, s->domain));
- count2--;
- }
- }
+ p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */
+ p = *rdata;
+ f_len = fixed_len;
+ s_len = string_len;
+
+ {
+ char *lastname=NULL;
+ int count2 = counted;
+
+ for (i = 0; i < total && count2;i++) {
+ struct srv_info_struct *s = &servers[i];
+
+ if (lastname && strequal(lastname,s->name)) {
+ continue;
+ }
+ lastname = s->name;
+ fill_srv_info(s,uLevel,&p,&f_len,&p2,&s_len,*rdata);
+ DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
+ s->name, s->type, s->comment, s->domain));
+ count2--;
+ }
+ }
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata));
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,counted);
- SSVAL(*rparam,6,counted+missed);
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata));
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,counted);
+ SSVAL(*rparam,6,counted+missed);
- SAFE_FREE(servers);
+ SAFE_FREE(servers);
- DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n",
- domain,uLevel,counted,counted+missed));
+ DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n",
+ domain,uLevel,counted,counted+missed));
- return(True);
+ return True;
}
/****************************************************************************
@@ -1359,30 +1380,32 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *pa
int mdrcnt, int mprcnt, char **rdata,
char **rparam, int *rdata_len, int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel = SVAL(p,0);
- int buf_len = SVAL(p,2);
- int counted=0;
- int missed=0;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel = SVAL(p,0);
+ int buf_len = SVAL(p,2);
+ int counted=0;
+ int missed=0;
DEBUG(5,("RNetGroupGetUsers: %s %s %s %d %d\n",
str1, str2, p, uLevel, buf_len));
- if (!prefix_ok(str1,"zWrLeh")) return False;
+ if (!prefix_ok(str1,"zWrLeh")) {
+ return False;
+ }
- *rdata_len = 0;
+ *rdata_len = 0;
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVAL(*rparam,0,0x08AC); /* informational warning message */
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,counted);
- SSVAL(*rparam,6,counted+missed);
+ SSVAL(*rparam,0,0x08AC); /* informational warning message */
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,counted);
+ SSVAL(*rparam,6,counted+missed);
- return(True);
+ return True;
}
/****************************************************************************
@@ -1391,117 +1414,146 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *pa
static BOOL check_share_info(int uLevel, char* id)
{
- switch( uLevel ) {
- case 0:
- if (strcmp(id,"B13") != 0) return False;
- break;
- case 1:
- if (strcmp(id,"B13BWz") != 0) return False;
- break;
- case 2:
- if (strcmp(id,"B13BWzWWWzB9B") != 0) return False;
- break;
- case 91:
- if (strcmp(id,"B13BWzWWWzB9BB9BWzWWzWW") != 0) return False;
- break;
- default: return False;
- }
- return True;
+ switch( uLevel ) {
+ case 0:
+ if (strcmp(id,"B13") != 0) {
+ return False;
+ }
+ break;
+ case 1:
+ if (strcmp(id,"B13BWz") != 0) {
+ return False;
+ }
+ break;
+ case 2:
+ if (strcmp(id,"B13BWzWWWzB9B") != 0) {
+ return False;
+ }
+ break;
+ case 91:
+ if (strcmp(id,"B13BWzWWWzB9BB9BWzWWzWW") != 0) {
+ return False;
+ }
+ break;
+ default:
+ return False;
+ }
+ return True;
}
static int fill_share_info(connection_struct *conn, int snum, int uLevel,
char** buf, int* buflen,
char** stringbuf, int* stringspace, char* baseaddr)
{
- int struct_len;
- char* p;
- char* p2;
- int l2;
- int len;
+ int struct_len;
+ char* p;
+ char* p2;
+ int l2;
+ int len;
- switch( uLevel ) {
- case 0: struct_len = 13; break;
- case 1: struct_len = 20; break;
- case 2: struct_len = 40; break;
- case 91: struct_len = 68; break;
- default: return -1;
- }
+ switch( uLevel ) {
+ case 0:
+ struct_len = 13;
+ break;
+ case 1:
+ struct_len = 20;
+ break;
+ case 2:
+ struct_len = 40;
+ break;
+ case 91:
+ struct_len = 68;
+ break;
+ default:
+ return -1;
+ }
- if (!buf)
- {
- len = 0;
- if (uLevel > 0) len += StrlenExpanded(conn,snum,lp_comment(snum));
- if (uLevel > 1) len += strlen(lp_pathname(snum)) + 1;
- if (buflen) *buflen = struct_len;
- if (stringspace) *stringspace = len;
- return struct_len + len;
- }
+ if (!buf) {
+ len = 0;
+
+ if (uLevel > 0) {
+ len += StrlenExpanded(conn,snum,lp_comment(snum));
+ }
+ if (uLevel > 1) {
+ len += strlen(lp_pathname(snum)) + 1;
+ }
+ if (buflen) {
+ *buflen = struct_len;
+ }
+ if (stringspace) {
+ *stringspace = len;
+ }
+ return struct_len + len;
+ }
- len = struct_len;
- p = *buf;
- if ((*buflen) < struct_len) return -1;
- if (stringbuf)
- {
- p2 = *stringbuf;
- l2 = *stringspace;
- }
- else
- {
- p2 = p + struct_len;
- l2 = (*buflen) - struct_len;
- }
- if (!baseaddr) baseaddr = p;
+ len = struct_len;
+ p = *buf;
+ if ((*buflen) < struct_len) {
+ return -1;
+ }
+
+ if (stringbuf) {
+ p2 = *stringbuf;
+ l2 = *stringspace;
+ } else {
+ p2 = p + struct_len;
+ l2 = (*buflen) - struct_len;
+ }
+
+ if (!baseaddr) {
+ baseaddr = p;
+ }
- push_ascii(p,lp_servicename(snum),13, STR_TERMINATE);
+ push_ascii(p,lp_servicename(snum),13, STR_TERMINATE);
- if (uLevel > 0)
- {
- int type;
- SCVAL(p,13,0);
- type = STYPE_DISKTREE;
- if (lp_print_ok(snum)) type = STYPE_PRINTQ;
- if (strequal("IPC",lp_fstype(snum))) type = STYPE_IPC;
- SSVAL(p,14,type); /* device type */
- SIVAL(p,16,PTR_DIFF(p2,baseaddr));
- len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2);
- }
+ if (uLevel > 0) {
+ int type;
+
+ SCVAL(p,13,0);
+ type = STYPE_DISKTREE;
+ if (lp_print_ok(snum)) {
+ type = STYPE_PRINTQ;
+ }
+ if (strequal("IPC",lp_fstype(snum))) {
+ type = STYPE_IPC;
+ }
+ SSVAL(p,14,type); /* device type */
+ SIVAL(p,16,PTR_DIFF(p2,baseaddr));
+ len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2);
+ }
- if (uLevel > 1)
- {
- SSVAL(p,20,ACCESS_READ|ACCESS_WRITE|ACCESS_CREATE); /* permissions */
- SSVALS(p,22,-1); /* max uses */
- SSVAL(p,24,1); /* current uses */
- SIVAL(p,26,PTR_DIFF(p2,baseaddr)); /* local pathname */
- len += CopyAndAdvance(&p2,lp_pathname(snum),&l2);
- memset(p+30,0,SHPWLEN+2); /* passwd (reserved), pad field */
- }
+ if (uLevel > 1) {
+ SSVAL(p,20,ACCESS_READ|ACCESS_WRITE|ACCESS_CREATE); /* permissions */
+ SSVALS(p,22,-1); /* max uses */
+ SSVAL(p,24,1); /* current uses */
+ SIVAL(p,26,PTR_DIFF(p2,baseaddr)); /* local pathname */
+ len += CopyAndAdvance(&p2,lp_pathname(snum),&l2);
+ memset(p+30,0,SHPWLEN+2); /* passwd (reserved), pad field */
+ }
- if (uLevel > 2)
- {
- memset(p+40,0,SHPWLEN+2);
- SSVAL(p,50,0);
- SIVAL(p,52,0);
- SSVAL(p,56,0);
- SSVAL(p,58,0);
- SIVAL(p,60,0);
- SSVAL(p,64,0);
- SSVAL(p,66,0);
- }
+ if (uLevel > 2) {
+ memset(p+40,0,SHPWLEN+2);
+ SSVAL(p,50,0);
+ SIVAL(p,52,0);
+ SSVAL(p,56,0);
+ SSVAL(p,58,0);
+ SIVAL(p,60,0);
+ SSVAL(p,64,0);
+ SSVAL(p,66,0);
+ }
- if (stringbuf)
- {
- (*buf) = p + struct_len;
- (*buflen) -= struct_len;
- (*stringbuf) = p2;
- (*stringspace) = l2;
- }
- else
- {
- (*buf) = p2;
- (*buflen) -= len;
- }
- return len;
+ if (stringbuf) {
+ (*buf) = p + struct_len;
+ (*buflen) -= struct_len;
+ (*stringbuf) = p2;
+ (*stringspace) = l2;
+ } else {
+ (*buf) = p2;
+ (*buflen) -= len;
+ }
+
+ return len;
}
static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -1509,31 +1561,39 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *netname = skip_string(str2,1);
- char *p = skip_string(netname,1);
- int uLevel = SVAL(p,0);
- int snum = find_service(netname);
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *netname = skip_string(str2,1);
+ char *p = skip_string(netname,1);
+ int uLevel = SVAL(p,0);
+ int snum = find_service(netname);
- if (snum < 0) return False;
+ if (snum < 0) {
+ return False;
+ }
- /* check it's a supported varient */
- if (!prefix_ok(str1,"zWrLh")) return False;
- if (!check_share_info(uLevel,str2)) return False;
+ /* check it's a supported varient */
+ if (!prefix_ok(str1,"zWrLh")) {
+ return False;
+ }
+ if (!check_share_info(uLevel,str2)) {
+ return False;
+ }
- *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- p = *rdata;
- *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0);
- if (*rdata_len < 0) return False;
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ p = *rdata;
+ *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0);
+ if (*rdata_len < 0) {
+ return False;
+ }
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVAL(*rparam,0,NERR_Success);
- SSVAL(*rparam,2,0); /* converter word */
- SSVAL(*rparam,4,*rdata_len);
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVAL(*rparam,0,NERR_Success);
+ SSVAL(*rparam,2,0); /* converter word */
+ SSVAL(*rparam,4,*rdata_len);
- return(True);
+ return True;
}
/****************************************************************************
@@ -1557,78 +1617,87 @@ static BOOL api_RNetShareEnum( connection_struct *conn,
int *rdata_len,
int *rparam_len )
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel = SVAL(p,0);
- int buf_len = SVAL(p,2);
- char *p2;
- int count=lp_numservices();
- int total=0,counted=0;
- BOOL missed = False;
- int i;
- int data_len, fixed_len, string_len;
- int f_len = 0, s_len = 0;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel = SVAL(p,0);
+ int buf_len = SVAL(p,2);
+ char *p2;
+ int count = 0;
+ int total=0,counted=0;
+ BOOL missed = False;
+ int i;
+ int data_len, fixed_len, string_len;
+ int f_len = 0, s_len = 0;
- if (!prefix_ok(str1,"WrLeh")) return False;
- if (!check_share_info(uLevel,str2)) return False;
+ if (!prefix_ok(str1,"WrLeh")) {
+ return False;
+ }
+ if (!check_share_info(uLevel,str2)) {
+ return False;
+ }
- data_len = fixed_len = string_len = 0;
- for (i=0;i<count;i++) {
- fstring servicename_dos;
- if (!(lp_browseable(i) && lp_snum_ok(i)))
- continue;
- push_ascii_fstring(servicename_dos, lp_servicename(i));
- if( lp_browseable( i )
- && lp_snum_ok( i )
- && (strlen(servicename_dos) < 13) ) /* Maximum name length. */
- {
- total++;
- data_len += fill_share_info(conn,i,uLevel,0,&f_len,0,&s_len,0);
- if (data_len <= buf_len)
- {
- counted++;
- fixed_len += f_len;
- string_len += s_len;
- }
- else
- missed = True;
- }
- }
- *rdata_len = fixed_len + string_len;
- *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
- memset(*rdata,0,*rdata_len);
+ /* Ensure all the usershares are loaded. */
+ become_root();
+ count = load_usershare_shares();
+ unbecome_root();
+
+ data_len = fixed_len = string_len = 0;
+ for (i=0;i<count;i++) {
+ fstring servicename_dos;
+ if (!(lp_browseable(i) && lp_snum_ok(i))) {
+ continue;
+ }
+ push_ascii_fstring(servicename_dos, lp_servicename(i));
+ /* Maximum name length = 13. */
+ if( lp_browseable( i ) && lp_snum_ok( i ) && (strlen(servicename_dos) < 13)) {
+ total++;
+ data_len += fill_share_info(conn,i,uLevel,0,&f_len,0,&s_len,0);
+ if (data_len <= buf_len) {
+ counted++;
+ fixed_len += f_len;
+ string_len += s_len;
+ } else {
+ missed = True;
+ }
+ }
+ }
+
+ *rdata_len = fixed_len + string_len;
+ *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
+ memset(*rdata,0,*rdata_len);
- p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */
- p = *rdata;
- f_len = fixed_len;
- s_len = string_len;
- for( i = 0; i < count; i++ )
- {
- fstring servicename_dos;
- if (!(lp_browseable(i) && lp_snum_ok(i)))
- continue;
- push_ascii_fstring(servicename_dos, lp_servicename(i));
- if( lp_browseable( i )
- && lp_snum_ok( i )
- && (strlen(servicename_dos) < 13) )
- {
- if( fill_share_info( conn,i,uLevel,&p,&f_len,&p2,&s_len,*rdata ) < 0 )
- break;
- }
- }
+ p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */
+ p = *rdata;
+ f_len = fixed_len;
+ s_len = string_len;
+
+ for( i = 0; i < count; i++ ) {
+ fstring servicename_dos;
+ if (!(lp_browseable(i) && lp_snum_ok(i))) {
+ continue;
+ }
+
+ push_ascii_fstring(servicename_dos, lp_servicename(i));
+ if (lp_browseable(i) && lp_snum_ok(i) && (strlen(servicename_dos) < 13)) {
+ if (fill_share_info( conn,i,uLevel,&p,&f_len,&p2,&s_len,*rdata ) < 0) {
+ break;
+ }
+ }
+ }
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVAL(*rparam,0,missed ? ERRmoredata : NERR_Success);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,counted);
- SSVAL(*rparam,6,total);
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVAL(*rparam,0,missed ? ERRmoredata : NERR_Success);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,counted);
+ SSVAL(*rparam,6,total);
- DEBUG(3,("RNetShareEnum gave %d entries of %d (%d %d %d %d)\n",
- counted,total,uLevel,
- buf_len,*rdata_len,mdrcnt));
- return(True);
+ DEBUG(3,("RNetShareEnum gave %d entries of %d (%d %d %d %d)\n",
+ counted,total,uLevel,
+ buf_len,*rdata_len,mdrcnt));
+
+ return True;
}
/****************************************************************************
@@ -1640,87 +1709,104 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel = SVAL(p,0);
- fstring sharename;
- fstring comment;
- pstring pathname;
- char *command, *cmdname;
- unsigned int offset;
- int snum;
- int res = ERRunsup;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel = SVAL(p,0);
+ fstring sharename;
+ fstring comment;
+ pstring pathname;
+ char *command, *cmdname;
+ unsigned int offset;
+ int snum;
+ int res = ERRunsup;
- /* check it's a supported varient */
- if (!prefix_ok(str1,RAP_WShareAdd_REQ)) return False;
- if (!check_share_info(uLevel,str2)) return False;
- if (uLevel != 2) return False;
-
- pull_ascii_fstring(sharename,data);
- snum = find_service(sharename);
- if (snum >= 0) { /* already exists */
- res = ERRfilexists;
- goto error_exit;
- }
-
- /* only support disk share adds */
- if (SVAL(data,14)!=STYPE_DISKTREE) return False;
-
- offset = IVAL(data, 16);
- if (offset >= mdrcnt) {
- res = ERRinvalidparam;
- goto error_exit;
- }
- pull_ascii_fstring(comment, offset? (data+offset) : "");
-
- offset = IVAL(data, 26);
- if (offset >= mdrcnt) {
- res = ERRinvalidparam;
- goto error_exit;
- }
- pull_ascii_pstring(pathname, offset? (data+offset) : "");
-
- string_replace(sharename, '"', ' ');
- string_replace(pathname, '"', ' ');
- string_replace(comment, '"', ' ');
-
- cmdname = lp_add_share_cmd();
-
- if (!cmdname || *cmdname == '\0') return False;
-
- asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
- lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment);
-
- if (command) {
- DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command ));
- if ((res = smbrun(command, NULL)) != 0) {
- DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res ));
- SAFE_FREE(command);
- res = ERRnoaccess;
- goto error_exit;
- } else {
- SAFE_FREE(command);
- message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL);
- }
- } else return False;
-
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVAL(*rparam,0,NERR_Success);
- SSVAL(*rparam,2,0); /* converter word */
- SSVAL(*rparam,4,*rdata_len);
- *rdata_len = 0;
+ /* check it's a supported varient */
+ if (!prefix_ok(str1,RAP_WShareAdd_REQ)) {
+ return False;
+ }
+ if (!check_share_info(uLevel,str2)) {
+ return False;
+ }
+ if (uLevel != 2) {
+ return False;
+ }
+
+ pull_ascii_fstring(sharename,data);
+ snum = find_service(sharename);
+ if (snum >= 0) { /* already exists */
+ res = ERRfilexists;
+ goto error_exit;
+ }
+
+ /* only support disk share adds */
+ if (SVAL(data,14)!=STYPE_DISKTREE) {
+ return False;
+ }
+
+ offset = IVAL(data, 16);
+ if (offset >= mdrcnt) {
+ res = ERRinvalidparam;
+ goto error_exit;
+ }
+
+ pull_ascii_fstring(comment, offset? (data+offset) : "");
+
+ offset = IVAL(data, 26);
+
+ if (offset >= mdrcnt) {
+ res = ERRinvalidparam;
+ goto error_exit;
+ }
+
+ pull_ascii_pstring(pathname, offset? (data+offset) : "");
+
+ string_replace(sharename, '"', ' ');
+ string_replace(pathname, '"', ' ');
+ string_replace(comment, '"', ' ');
+
+ cmdname = lp_add_share_cmd();
+
+ if (!cmdname || *cmdname == '\0') {
+ return False;
+ }
+
+ asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
+ lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment);
+
+ if (command) {
+ DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command ));
+
+ if ((res = smbrun(command, NULL)) != 0) {
+ DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res ));
+ SAFE_FREE(command);
+ res = ERRnoaccess;
+ goto error_exit;
+ } else {
+ SAFE_FREE(command);
+ message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL);
+ }
+ } else {
+ return False;
+ }
+
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVAL(*rparam,0,NERR_Success);
+ SSVAL(*rparam,2,0); /* converter word */
+ SSVAL(*rparam,4,*rdata_len);
+ *rdata_len = 0;
- return True;
-
- error_exit:
- *rparam_len = 4;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- *rdata_len = 0;
- SSVAL(*rparam,0,res);
- SSVAL(*rparam,2,0);
- return True;
+ return True;
+
+ error_exit:
+
+ *rparam_len = 4;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ *rdata_len = 0;
+ SSVAL(*rparam,0,res);
+ SSVAL(*rparam,2,0);
+ return True;
}
/****************************************************************************
@@ -1744,18 +1830,21 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c
int num_entries;
- if (strcmp(str1,"WrLeh") != 0)
+ if (strcmp(str1,"WrLeh") != 0) {
return False;
+ }
- /* parameters
- * W-> resume context (number of users to skip)
- * r -> return parameter pointer to receive buffer
- * L -> length of receive buffer
- * e -> return parameter number of entries
- * h -> return parameter total number of users
- */
- if (strcmp("B21",str2) != 0)
+ /* parameters
+ * W-> resume context (number of users to skip)
+ * r -> return parameter pointer to receive buffer
+ * L -> length of receive buffer
+ * e -> return parameter number of entries
+ * h -> return parameter total number of users
+ */
+
+ if (strcmp("B21",str2) != 0) {
return False;
+ }
/* get list of domain groups SID_DOMAIN_GRP=2 */
become_root();
@@ -1837,8 +1926,10 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
gid_t *gids;
size_t num_groups;
size_t i;
- struct passwd *passwd;
NTSTATUS result;
+ DOM_SID user_sid;
+ enum SID_NAME_USE type;
+ TALLOC_CTX *mem_ctx;
*rparam_len = 8;
*rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
@@ -1867,45 +1958,64 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
p = *rdata;
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ DEBUG(0, ("talloc_new failed\n"));
+ return False;
+ }
+
/* Lookup the user information; This should only be one of
our accounts (not remote domains) */
- passwd = getpwnam_alloc(UserName);
-
- if (passwd == NULL)
- return False;
-
- pdb_init_sam( &sampw );
-
become_root(); /* ROOT BLOCK */
- if ( !pdb_getsampwnam(sampw, UserName) )
- goto out;
+ if (!lookup_name(mem_ctx, UserName, LOOKUP_NAME_ALL,
+ NULL, NULL, &user_sid, &type)) {
+ DEBUG(10, ("lookup_name(%s) failed\n", UserName));
+ goto done;
+ }
+
+ if (type != SID_NAME_USER) {
+ DEBUG(10, ("%s is a %s, not a user\n", UserName,
+ sid_type_lookup(type)));
+ goto done;
+ }
+
+ if (!NT_STATUS_IS_OK(pdb_init_sam_talloc(mem_ctx, &sampw))) {
+ DEBUG(10, ("pdb_init_sam_talloc failed\n"));
+ goto done;
+ }
+ if ( !pdb_getsampwsid(sampw, &user_sid) ) {
+ DEBUG(10, ("pdb_getsampwsid(%s) failed for user %s\n",
+ sid_string_static(&user_sid), UserName));
+ goto done;
+ }
+
+ gids = NULL;
sids = NULL;
num_groups = 0;
- result = pdb_enum_group_memberships(pdb_get_username(sampw),
- passwd->pw_gid,
+ result = pdb_enum_group_memberships(mem_ctx, sampw,
&sids, &gids, &num_groups);
- if (!NT_STATUS_IS_OK(result))
- goto out;
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
+ UserName));
+ goto done;
+ }
for (i=0; i<num_groups; i++) {
const char *grp_name;
- if ( lookup_sid(sampw->mem_ctx, &sids[i], NULL, &grp_name,
- NULL) ) {
+ if ( lookup_sid(mem_ctx, &sids[i], NULL, &grp_name, NULL) ) {
pstrcpy(p, grp_name);
p += 21;
count++;
}
}
- SAFE_FREE(sids);
-
*rdata_len = PTR_DIFF(p,*rdata);
SSVAL(*rparam,4,count); /* is this right?? */
@@ -1913,11 +2023,10 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
ret = True;
-out:
+done:
unbecome_root(); /* END ROOT BLOCK */
- pdb_free_sam( &sampw );
- passwd_free(&passwd);
+ talloc_free(mem_ctx);
return ret;
}
@@ -2023,43 +2132,42 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *p;
- *rparam_len = 4;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
-
- *rdata_len = 21;
- *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
-
- SSVAL(*rparam,0,NERR_Success);
- SSVAL(*rparam,2,0); /* converter word */
-
- p = *rdata;
-
- {
- struct tm *t;
- time_t unixdate = time(NULL);
-
- srv_put_dos_date3(p,0,unixdate); /* this is the time that is looked at
- by NT in a "net time" operation,
- it seems to ignore the one below */
-
- /* the client expects to get localtime, not GMT, in this bit
- (I think, this needs testing) */
- t = localtime(&unixdate);
-
- SIVAL(p,4,0); /* msecs ? */
- SCVAL(p,8,t->tm_hour);
- SCVAL(p,9,t->tm_min);
- SCVAL(p,10,t->tm_sec);
- SCVAL(p,11,0); /* hundredths of seconds */
- SSVALS(p,12,get_time_zone(unixdate)/60); /* timezone in minutes from GMT */
- SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */
- SCVAL(p,16,t->tm_mday);
- SCVAL(p,17,t->tm_mon + 1);
- SSVAL(p,18,1900+t->tm_year);
- SCVAL(p,20,t->tm_wday);
- }
- return(True);
+ struct tm *t;
+ time_t unixdate = time(NULL);
+ char *p;
+
+ *rparam_len = 4;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+
+ *rdata_len = 21;
+ *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
+
+ SSVAL(*rparam,0,NERR_Success);
+ SSVAL(*rparam,2,0); /* converter word */
+
+ p = *rdata;
+
+ srv_put_dos_date3(p,0,unixdate); /* this is the time that is looked at
+ by NT in a "net time" operation,
+ it seems to ignore the one below */
+
+ /* the client expects to get localtime, not GMT, in this bit
+ (I think, this needs testing) */
+ t = localtime(&unixdate);
+
+ SIVAL(p,4,0); /* msecs ? */
+ SCVAL(p,8,t->tm_hour);
+ SCVAL(p,9,t->tm_min);
+ SCVAL(p,10,t->tm_sec);
+ SCVAL(p,11,0); /* hundredths of seconds */
+ SSVALS(p,12,get_time_zone(unixdate)/60); /* timezone in minutes from GMT */
+ SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */
+ SCVAL(p,16,t->tm_mday);
+ SCVAL(p,17,t->tm_mon + 1);
+ SSVAL(p,18,1900+t->tm_year);
+ SCVAL(p,20,t->tm_wday);
+
+ return True;
}
/****************************************************************************
@@ -2111,7 +2219,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
}
unbecome_root();
- free_server_info(&server_info);
+ talloc_free(server_info);
}
data_blob_clear_free(&password);
}
@@ -2421,103 +2529,117 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel = SVAL(p,0);
- char *p2;
- int struct_len;
-
- DEBUG(4,("NetServerGetInfo level %d\n",uLevel));
-
- /* check it's a supported varient */
- if (!prefix_ok(str1,"WrLh")) return False;
- switch( uLevel ) {
- case 0:
- if (strcmp(str2,"B16") != 0) return False;
- struct_len = 16;
- break;
- case 1:
- if (strcmp(str2,"B16BBDz") != 0) return False;
- struct_len = 26;
- break;
- case 2:
- if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWz")
- != 0) return False;
- struct_len = 134;
- break;
- case 3:
- if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWzDWz")
- != 0) return False;
- struct_len = 144;
- break;
- case 20:
- if (strcmp(str2,"DN") != 0) return False;
- struct_len = 6;
- break;
- case 50:
- if (strcmp(str2,"B16BBDzWWzzz") != 0) return False;
- struct_len = 42;
- break;
- default: return False;
- }
-
- *rdata_len = mdrcnt;
- *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
-
- p = *rdata;
- p2 = p + struct_len;
- if (uLevel != 20) {
- srvstr_push(NULL, p,get_local_machine_name(),16,
- STR_ASCII|STR_UPPER|STR_TERMINATE);
- }
- p += 16;
- if (uLevel > 0)
- {
- struct srv_info_struct *servers=NULL;
- int i,count;
- pstring comment;
- uint32 servertype= lp_default_server_announce();
-
- push_ascii(comment,lp_serverstring(), MAX_SERVER_STRING_LENGTH,STR_TERMINATE);
-
- if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) {
- for (i=0;i<count;i++) {
- if (strequal(servers[i].name,get_local_machine_name())) {
- servertype = servers[i].type;
- push_ascii(comment,servers[i].comment,sizeof(pstring),STR_TERMINATE);
- }
- }
- }
- SAFE_FREE(servers);
-
- SCVAL(p,0,lp_major_announce_version());
- SCVAL(p,1,lp_minor_announce_version());
- SIVAL(p,2,servertype);
-
- if (mdrcnt == struct_len) {
- SIVAL(p,6,0);
- } else {
- SIVAL(p,6,PTR_DIFF(p2,*rdata));
- standard_sub_conn(conn,comment,sizeof(comment));
- StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0));
- p2 = skip_string(p2,1);
- }
- }
- if (uLevel > 1)
- {
- return False; /* not yet implemented */
- }
-
- *rdata_len = PTR_DIFF(p2,*rdata);
-
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVAL(*rparam,0,NERR_Success);
- SSVAL(*rparam,2,0); /* converter word */
- SSVAL(*rparam,4,*rdata_len);
-
- return(True);
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel = SVAL(p,0);
+ char *p2;
+ int struct_len;
+
+ DEBUG(4,("NetServerGetInfo level %d\n",uLevel));
+
+ /* check it's a supported varient */
+ if (!prefix_ok(str1,"WrLh")) {
+ return False;
+ }
+
+ switch( uLevel ) {
+ case 0:
+ if (strcmp(str2,"B16") != 0) {
+ return False;
+ }
+ struct_len = 16;
+ break;
+ case 1:
+ if (strcmp(str2,"B16BBDz") != 0) {
+ return False;
+ }
+ struct_len = 26;
+ break;
+ case 2:
+ if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWz")!= 0) {
+ return False;
+ }
+ struct_len = 134;
+ break;
+ case 3:
+ if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWzDWz") != 0) {
+ return False;
+ }
+ struct_len = 144;
+ break;
+ case 20:
+ if (strcmp(str2,"DN") != 0) {
+ return False;
+ }
+ struct_len = 6;
+ break;
+ case 50:
+ if (strcmp(str2,"B16BBDzWWzzz") != 0) {
+ return False;
+ }
+ struct_len = 42;
+ break;
+ default:
+ return False;
+ }
+
+ *rdata_len = mdrcnt;
+ *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
+
+ p = *rdata;
+ p2 = p + struct_len;
+ if (uLevel != 20) {
+ srvstr_push(NULL, p,get_local_machine_name(),16,
+ STR_ASCII|STR_UPPER|STR_TERMINATE);
+ }
+ p += 16;
+ if (uLevel > 0) {
+ struct srv_info_struct *servers=NULL;
+ int i,count;
+ pstring comment;
+ uint32 servertype= lp_default_server_announce();
+
+ push_ascii(comment,lp_serverstring(), MAX_SERVER_STRING_LENGTH,STR_TERMINATE);
+
+ if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) {
+ for (i=0;i<count;i++) {
+ if (strequal(servers[i].name,get_local_machine_name())) {
+ servertype = servers[i].type;
+ push_ascii(comment,servers[i].comment,sizeof(pstring),STR_TERMINATE);
+ }
+ }
+ }
+
+ SAFE_FREE(servers);
+
+ SCVAL(p,0,lp_major_announce_version());
+ SCVAL(p,1,lp_minor_announce_version());
+ SIVAL(p,2,servertype);
+
+ if (mdrcnt == struct_len) {
+ SIVAL(p,6,0);
+ } else {
+ SIVAL(p,6,PTR_DIFF(p2,*rdata));
+ standard_sub_conn(conn,comment,sizeof(comment));
+ StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0));
+ p2 = skip_string(p2,1);
+ }
+ }
+
+ if (uLevel > 1) {
+ return False; /* not yet implemented */
+ }
+
+ *rdata_len = PTR_DIFF(p2,*rdata);
+
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVAL(*rparam,0,NERR_Success);
+ SSVAL(*rparam,2,0); /* converter word */
+ SSVAL(*rparam,4,*rdata_len);
+
+ return True;
}
/****************************************************************************
@@ -2529,67 +2651,67 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- char *p2;
- int level = SVAL(p,0);
-
- DEBUG(4,("NetWkstaGetInfo level %d\n",level));
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ char *p2;
+ int level = SVAL(p,0);
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ DEBUG(4,("NetWkstaGetInfo level %d\n",level));
- /* check it's a supported varient */
- if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz")))
- return(False);
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- *rdata_len = mdrcnt + 1024;
- *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
+ /* check it's a supported varient */
+ if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz"))) {
+ return False;
+ }
- SSVAL(*rparam,0,NERR_Success);
- SSVAL(*rparam,2,0); /* converter word */
+ *rdata_len = mdrcnt + 1024;
+ *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len);
- p = *rdata;
- p2 = p + 22;
+ SSVAL(*rparam,0,NERR_Success);
+ SSVAL(*rparam,2,0); /* converter word */
+ p = *rdata;
+ p2 = p + 22;
- SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */
- pstrcpy(p2,get_local_machine_name());
- strupper_m(p2);
- p2 = skip_string(p2,1);
- p += 4;
+ SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */
+ pstrcpy(p2,get_local_machine_name());
+ strupper_m(p2);
+ p2 = skip_string(p2,1);
+ p += 4;
- SIVAL(p,0,PTR_DIFF(p2,*rdata));
- pstrcpy(p2,current_user_info.smb_name);
- p2 = skip_string(p2,1);
- p += 4;
+ SIVAL(p,0,PTR_DIFF(p2,*rdata));
+ pstrcpy(p2,current_user_info.smb_name);
+ p2 = skip_string(p2,1);
+ p += 4;
- SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */
- pstrcpy(p2,lp_workgroup());
- strupper_m(p2);
- p2 = skip_string(p2,1);
- p += 4;
+ SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */
+ pstrcpy(p2,lp_workgroup());
+ strupper_m(p2);
+ p2 = skip_string(p2,1);
+ p += 4;
- SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */
- SCVAL(p,1,lp_minor_announce_version()); /* system version - e.g .1 in 4.1 */
- p += 2;
+ SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */
+ SCVAL(p,1,lp_minor_announce_version()); /* system version - e.g .1 in 4.1 */
+ p += 2;
- SIVAL(p,0,PTR_DIFF(p2,*rdata));
- pstrcpy(p2,lp_workgroup()); /* don't know. login domain?? */
- p2 = skip_string(p2,1);
- p += 4;
+ SIVAL(p,0,PTR_DIFF(p2,*rdata));
+ pstrcpy(p2,lp_workgroup()); /* don't know. login domain?? */
+ p2 = skip_string(p2,1);
+ p += 4;
- SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */
- pstrcpy(p2,"");
- p2 = skip_string(p2,1);
- p += 4;
+ SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */
+ pstrcpy(p2,"");
+ p2 = skip_string(p2,1);
+ p += 4;
- *rdata_len = PTR_DIFF(p2,*rdata);
+ *rdata_len = PTR_DIFF(p2,*rdata);
- SSVAL(*rparam,4,*rdata_len);
+ SSVAL(*rparam,4,*rdata_len);
- return(True);
+ return True;
}
/****************************************************************************
@@ -2929,75 +3051,83 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel;
- struct pack_desc desc;
- char* name;
- /* With share level security vuid will always be zero.
- Don't depend on vuser being non-null !!. JRA */
- user_struct *vuser = get_valid_user_struct(vuid);
- if(vuser != NULL)
- DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid,
- vuser->user.unix_name));
-
- uLevel = SVAL(p,0);
- name = p + 2;
-
- memset((char *)&desc,'\0',sizeof(desc));
-
- DEBUG(3,("WWkstaUserLogon uLevel=%d name=%s\n",uLevel,name));
-
- /* check it's a supported varient */
- if (strcmp(str1,"OOWb54WrLh") != 0) return False;
- if (uLevel != 1 || strcmp(str2,"WB21BWDWWDDDDDDDzzzD") != 0) return False;
- if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- desc.subformat = NULL;
- desc.format = str2;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel;
+ struct pack_desc desc;
+ char* name;
+ /* With share level security vuid will always be zero.
+ Don't depend on vuser being non-null !!. JRA */
+ user_struct *vuser = get_valid_user_struct(vuid);
+
+ if(vuser != NULL) {
+ DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid,
+ vuser->user.unix_name));
+ }
+
+ uLevel = SVAL(p,0);
+ name = p + 2;
+
+ memset((char *)&desc,'\0',sizeof(desc));
+
+ DEBUG(3,("WWkstaUserLogon uLevel=%d name=%s\n",uLevel,name));
+
+ /* check it's a supported varient */
+ if (strcmp(str1,"OOWb54WrLh") != 0) {
+ return False;
+ }
+ if (uLevel != 1 || strcmp(str2,"WB21BWDWWDDDDDDDzzzD") != 0) {
+ return False;
+ }
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ }
+
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ desc.subformat = NULL;
+ desc.format = str2;
- if (init_package(&desc,1,0))
- {
- PACKI(&desc,"W",0); /* code */
- PACKS(&desc,"B21",name); /* eff. name */
- PACKS(&desc,"B",""); /* pad */
- PACKI(&desc,"W",
- conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER);
- PACKI(&desc,"D",0); /* auth flags XXX */
- PACKI(&desc,"W",0); /* num logons */
- PACKI(&desc,"W",0); /* bad pw count */
- PACKI(&desc,"D",0); /* last logon */
- PACKI(&desc,"D",-1); /* last logoff */
- PACKI(&desc,"D",-1); /* logoff time */
- PACKI(&desc,"D",-1); /* kickoff time */
- PACKI(&desc,"D",0); /* password age */
- PACKI(&desc,"D",0); /* password can change */
- PACKI(&desc,"D",-1); /* password must change */
- {
- fstring mypath;
- fstrcpy(mypath,"\\\\");
- fstrcat(mypath,get_local_machine_name());
- strupper_m(mypath);
- PACKS(&desc,"z",mypath); /* computer */
- }
- PACKS(&desc,"z",lp_workgroup());/* domain */
-
- PACKS(&desc,"z", vuser && vuser->logon_script ? vuser->logon_script :""); /* script path */
-
- PACKI(&desc,"D",0x00000000); /* reserved */
- }
-
- *rdata_len = desc.usedlen;
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,desc.neededlen);
-
- DEBUG(4,("WWkstaUserLogon: errorcode %d\n",desc.errcode));
- return(True);
+ if (init_package(&desc,1,0)) {
+ PACKI(&desc,"W",0); /* code */
+ PACKS(&desc,"B21",name); /* eff. name */
+ PACKS(&desc,"B",""); /* pad */
+ PACKI(&desc,"W", conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER);
+ PACKI(&desc,"D",0); /* auth flags XXX */
+ PACKI(&desc,"W",0); /* num logons */
+ PACKI(&desc,"W",0); /* bad pw count */
+ PACKI(&desc,"D",0); /* last logon */
+ PACKI(&desc,"D",-1); /* last logoff */
+ PACKI(&desc,"D",-1); /* logoff time */
+ PACKI(&desc,"D",-1); /* kickoff time */
+ PACKI(&desc,"D",0); /* password age */
+ PACKI(&desc,"D",0); /* password can change */
+ PACKI(&desc,"D",-1); /* password must change */
+
+ {
+ fstring mypath;
+ fstrcpy(mypath,"\\\\");
+ fstrcat(mypath,get_local_machine_name());
+ strupper_m(mypath);
+ PACKS(&desc,"z",mypath); /* computer */
+ }
+
+ PACKS(&desc,"z",lp_workgroup());/* domain */
+ PACKS(&desc,"z", vuser && vuser->logon_script ? vuser->logon_script :""); /* script path */
+ PACKI(&desc,"D",0x00000000); /* reserved */
+ }
+
+ *rdata_len = desc.usedlen;
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,desc.neededlen);
+
+ DEBUG(4,("WWkstaUserLogon: errorcode %d\n",desc.errcode));
+
+ return True;
}
/****************************************************************************
@@ -3009,24 +3139,28 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *p
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *user = skip_string(str2,1);
- char *resource = skip_string(user,1);
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *user = skip_string(str2,1);
+ char *resource = skip_string(user,1);
- DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource));
+ DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource));
- /* check it's a supported varient */
- if (strcmp(str1,"zzh") != 0) return False;
- if (strcmp(str2,"") != 0) return False;
+ /* check it's a supported varient */
+ if (strcmp(str1,"zzh") != 0) {
+ return False;
+ }
+ if (strcmp(str2,"") != 0) {
+ return False;
+ }
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,0); /* errorcode */
- SSVAL(*rparam,2,0); /* converter word */
- SSVAL(*rparam,4,0x7f); /* permission flags */
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,0); /* errorcode */
+ SSVAL(*rparam,2,0); /* converter word */
+ SSVAL(*rparam,4,0x7f); /* permission flags */
- return(True);
+ return True;
}
/****************************************************************************
@@ -3038,77 +3172,86 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel;
- int count;
- int i;
- int snum;
- fstring sharename;
- uint32 jobid;
- struct pack_desc desc;
- print_queue_struct *queue=NULL;
- print_status_struct status;
- char *tmpdata=NULL;
-
- uLevel = SVAL(p,2);
-
- memset((char *)&desc,'\0',sizeof(desc));
- memset((char *)&status,'\0',sizeof(status));
-
- DEBUG(3,("WPrintJobGetInfo uLevel=%d uJobId=0x%X\n",uLevel,SVAL(p,0)));
-
- /* check it's a supported varient */
- if (strcmp(str1,"WWrLh") != 0) return False;
- if (!check_printjob_info(&desc,uLevel,str2)) return False;
-
- if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid))
- return False;
-
- snum = lp_servicenumber( sharename);
- if (snum < 0 || !VALID_SNUM(snum)) return(False);
-
- count = print_queue_status(snum,&queue,&status);
- for (i = 0; i < count; i++) {
- if (queue[i].job == jobid) break;
- }
-
- if (mdrcnt > 0) {
- *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- } else {
- /*
- * Don't return data but need to get correct length
- * init_package will return wrong size if buflen=0
- */
- desc.buflen = getlen(desc.format);
- desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen );
- }
-
- if (init_package(&desc,1,0)) {
- if (i < count) {
- fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i);
- *rdata_len = desc.usedlen;
- }
- else {
- desc.errcode = NERR_JobNotFound;
- *rdata_len = 0;
- }
- }
-
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,desc.neededlen);
-
- SAFE_FREE(queue);
- SAFE_FREE(tmpdata);
-
- DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode));
- return(True);
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel;
+ int count;
+ int i;
+ int snum;
+ fstring sharename;
+ uint32 jobid;
+ struct pack_desc desc;
+ print_queue_struct *queue=NULL;
+ print_status_struct status;
+ char *tmpdata=NULL;
+
+ uLevel = SVAL(p,2);
+
+ memset((char *)&desc,'\0',sizeof(desc));
+ memset((char *)&status,'\0',sizeof(status));
+
+ DEBUG(3,("WPrintJobGetInfo uLevel=%d uJobId=0x%X\n",uLevel,SVAL(p,0)));
+
+ /* check it's a supported varient */
+ if (strcmp(str1,"WWrLh") != 0) {
+ return False;
+ }
+ if (!check_printjob_info(&desc,uLevel,str2)) {
+ return False;
+ }
+
+ if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) {
+ return False;
+ }
+
+ snum = lp_servicenumber( sharename);
+ if (snum < 0 || !VALID_SNUM(snum)) {
+ return(False);
+ }
+
+ count = print_queue_status(snum,&queue,&status);
+ for (i = 0; i < count; i++) {
+ if (queue[i].job == jobid) {
+ break;
+ }
+ }
+
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ } else {
+ /*
+ * Don't return data but need to get correct length
+ * init_package will return wrong size if buflen=0
+ */
+ desc.buflen = getlen(desc.format);
+ desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen );
+ }
+
+ if (init_package(&desc,1,0)) {
+ if (i < count) {
+ fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i);
+ *rdata_len = desc.usedlen;
+ } else {
+ desc.errcode = NERR_JobNotFound;
+ *rdata_len = 0;
+ }
+ }
+
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,desc.neededlen);
+
+ SAFE_FREE(queue);
+ SAFE_FREE(tmpdata);
+
+ DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode));
+
+ return True;
}
static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -3116,114 +3259,137 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- char* name = p;
- int uLevel;
- int count;
- int i, succnt=0;
- int snum;
- struct pack_desc desc;
- print_queue_struct *queue=NULL;
- print_status_struct status;
-
- memset((char *)&desc,'\0',sizeof(desc));
- memset((char *)&status,'\0',sizeof(status));
-
- p = skip_string(p,1);
- uLevel = SVAL(p,0);
-
- DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name));
-
- /* check it's a supported variant */
- if (strcmp(str1,"zWrLeh") != 0)
- return False;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ char* name = p;
+ int uLevel;
+ int count;
+ int i, succnt=0;
+ int snum;
+ struct pack_desc desc;
+ print_queue_struct *queue=NULL;
+ print_status_struct status;
+
+ memset((char *)&desc,'\0',sizeof(desc));
+ memset((char *)&status,'\0',sizeof(status));
+
+ p = skip_string(p,1);
+ uLevel = SVAL(p,0);
+
+ DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name));
+
+ /* check it's a supported variant */
+ if (strcmp(str1,"zWrLeh") != 0) {
+ return False;
+ }
- if (uLevel > 2)
- return False; /* defined only for uLevel 0,1,2 */
+ if (uLevel > 2) {
+ return False; /* defined only for uLevel 0,1,2 */
+ }
- if (!check_printjob_info(&desc,uLevel,str2))
- return False;
-
- snum = find_service(name);
- if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) )
- return False;
-
- count = print_queue_status(snum,&queue,&status);
- if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- desc.base = *rdata;
- desc.buflen = mdrcnt;
-
- if (init_package(&desc,count,0)) {
- succnt = 0;
- for (i = 0; i < count; i++) {
- fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i);
- if (desc.errcode == NERR_Success) succnt = i+1;
- }
- }
-
- *rdata_len = desc.usedlen;
-
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,succnt);
- SSVAL(*rparam,6,count);
-
- SAFE_FREE(queue);
-
- DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode));
- return(True);
+ if (!check_printjob_info(&desc,uLevel,str2)) {
+ return False;
+ }
+
+ snum = find_service(name);
+ if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) {
+ return False;
+ }
+
+ count = print_queue_status(snum,&queue,&status);
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ }
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+
+ if (init_package(&desc,count,0)) {
+ succnt = 0;
+ for (i = 0; i < count; i++) {
+ fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i);
+ if (desc.errcode == NERR_Success) {
+ succnt = i+1;
+ }
+ }
+ }
+
+ *rdata_len = desc.usedlen;
+
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,succnt);
+ SSVAL(*rparam,6,count);
+
+ SAFE_FREE(queue);
+
+ DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode));
+
+ return True;
}
static int check_printdest_info(struct pack_desc* desc,
int uLevel, char* id)
{
- desc->subformat = NULL;
- switch( uLevel ) {
- case 0: desc->format = "B9"; break;
- case 1: desc->format = "B9B21WWzW"; break;
- case 2: desc->format = "z"; break;
- case 3: desc->format = "zzzWWzzzWW"; break;
- default: return False;
- }
- if (strcmp(desc->format,id) != 0) return False;
- return True;
+ desc->subformat = NULL;
+ switch( uLevel ) {
+ case 0:
+ desc->format = "B9";
+ break;
+ case 1:
+ desc->format = "B9B21WWzW";
+ break;
+ case 2:
+ desc->format = "z";
+ break;
+ case 3:
+ desc->format = "zzzWWzzzWW";
+ break;
+ default:
+ return False;
+ }
+ if (strcmp(desc->format,id) != 0) {
+ return False;
+ }
+ return True;
}
static void fill_printdest_info(connection_struct *conn, int snum, int uLevel,
struct pack_desc* desc)
{
- char buf[100];
- strncpy(buf,SERVICE(snum),sizeof(buf)-1);
- buf[sizeof(buf)-1] = 0;
- strupper_m(buf);
- if (uLevel <= 1) {
- PACKS(desc,"B9",buf); /* szName */
- if (uLevel == 1) {
- PACKS(desc,"B21",""); /* szUserName */
- PACKI(desc,"W",0); /* uJobId */
- PACKI(desc,"W",0); /* fsStatus */
- PACKS(desc,"z",""); /* pszStatus */
- PACKI(desc,"W",0); /* time */
- }
- }
- if (uLevel == 2 || uLevel == 3) {
- PACKS(desc,"z",buf); /* pszPrinterName */
- if (uLevel == 3) {
- PACKS(desc,"z",""); /* pszUserName */
- PACKS(desc,"z",""); /* pszLogAddr */
- PACKI(desc,"W",0); /* uJobId */
- PACKI(desc,"W",0); /* fsStatus */
- PACKS(desc,"z",""); /* pszStatus */
- PACKS(desc,"z",""); /* pszComment */
- PACKS(desc,"z","NULL"); /* pszDrivers */
- PACKI(desc,"W",0); /* time */
- PACKI(desc,"W",0); /* pad1 */
- }
- }
+ char buf[100];
+
+ strncpy(buf,SERVICE(snum),sizeof(buf)-1);
+ buf[sizeof(buf)-1] = 0;
+ strupper_m(buf);
+
+ if (uLevel <= 1) {
+ PACKS(desc,"B9",buf); /* szName */
+ if (uLevel == 1) {
+ PACKS(desc,"B21",""); /* szUserName */
+ PACKI(desc,"W",0); /* uJobId */
+ PACKI(desc,"W",0); /* fsStatus */
+ PACKS(desc,"z",""); /* pszStatus */
+ PACKI(desc,"W",0); /* time */
+ }
+ }
+
+ if (uLevel == 2 || uLevel == 3) {
+ PACKS(desc,"z",buf); /* pszPrinterName */
+ if (uLevel == 3) {
+ PACKS(desc,"z",""); /* pszUserName */
+ PACKS(desc,"z",""); /* pszLogAddr */
+ PACKI(desc,"W",0); /* uJobId */
+ PACKI(desc,"W",0); /* fsStatus */
+ PACKS(desc,"z",""); /* pszStatus */
+ PACKS(desc,"z",""); /* pszComment */
+ PACKS(desc,"z","NULL"); /* pszDrivers */
+ PACKI(desc,"W",0); /* time */
+ PACKI(desc,"W",0); /* pad1 */
+ }
+ }
}
static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -3231,60 +3397,64 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- char* PrinterName = p;
- int uLevel;
- struct pack_desc desc;
- int snum;
- char *tmpdata=NULL;
-
- memset((char *)&desc,'\0',sizeof(desc));
-
- p = skip_string(p,1);
- uLevel = SVAL(p,0);
-
- DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName));
-
- /* check it's a supported varient */
- if (strcmp(str1,"zWrLh") != 0) return False;
- if (!check_printdest_info(&desc,uLevel,str2)) return False;
-
- snum = find_service(PrinterName);
- if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) {
- *rdata_len = 0;
- desc.errcode = NERR_DestNotFound;
- desc.neededlen = 0;
- }
- else {
- if (mdrcnt > 0) {
- *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- } else {
- /*
- * Don't return data but need to get correct length
- * init_package will return wrong size if buflen=0
- */
- desc.buflen = getlen(desc.format);
- desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen );
- }
- if (init_package(&desc,1,0)) {
- fill_printdest_info(conn,snum,uLevel,&desc);
- }
- *rdata_len = desc.usedlen;
- }
-
- *rparam_len = 6;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,desc.neededlen);
-
- DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode));
- SAFE_FREE(tmpdata);
- return(True);
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ char* PrinterName = p;
+ int uLevel;
+ struct pack_desc desc;
+ int snum;
+ char *tmpdata=NULL;
+
+ memset((char *)&desc,'\0',sizeof(desc));
+
+ p = skip_string(p,1);
+ uLevel = SVAL(p,0);
+
+ DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName));
+
+ /* check it's a supported varient */
+ if (strcmp(str1,"zWrLh") != 0) {
+ return False;
+ }
+ if (!check_printdest_info(&desc,uLevel,str2)) {
+ return False;
+ }
+
+ snum = find_service(PrinterName);
+ if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) {
+ *rdata_len = 0;
+ desc.errcode = NERR_DestNotFound;
+ desc.neededlen = 0;
+ } else {
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ } else {
+ /*
+ * Don't return data but need to get correct length
+ * init_package will return wrong size if buflen=0
+ */
+ desc.buflen = getlen(desc.format);
+ desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen );
+ }
+ if (init_package(&desc,1,0)) {
+ fill_printdest_info(conn,snum,uLevel,&desc);
+ }
+ *rdata_len = desc.usedlen;
+ }
+
+ *rparam_len = 6;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,desc.neededlen);
+
+ DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode));
+ SAFE_FREE(tmpdata);
+
+ return True;
}
static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -3292,56 +3462,68 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param,
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel;
- int queuecnt;
- int i, n, succnt=0;
- struct pack_desc desc;
- int services = lp_numservices();
-
- memset((char *)&desc,'\0',sizeof(desc));
-
- uLevel = SVAL(p,0);
-
- DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel));
-
- /* check it's a supported varient */
- if (strcmp(str1,"WrLeh") != 0) return False;
- if (!check_printdest_info(&desc,uLevel,str2)) return False;
-
- queuecnt = 0;
- for (i = 0; i < services; i++)
- if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i))
- queuecnt++;
-
- if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- if (init_package(&desc,queuecnt,0)) {
- succnt = 0;
- n = 0;
- for (i = 0; i < services; i++) {
- if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
- fill_printdest_info(conn,i,uLevel,&desc);
- n++;
- if (desc.errcode == NERR_Success) succnt = n;
- }
- }
- }
-
- *rdata_len = desc.usedlen;
-
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,succnt);
- SSVAL(*rparam,6,queuecnt);
-
- DEBUG(4,("WPrintDestEnumerate: errorcode %d\n",desc.errcode));
- return(True);
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel;
+ int queuecnt;
+ int i, n, succnt=0;
+ struct pack_desc desc;
+ int services = lp_numservices();
+
+ memset((char *)&desc,'\0',sizeof(desc));
+
+ uLevel = SVAL(p,0);
+
+ DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel));
+
+ /* check it's a supported varient */
+ if (strcmp(str1,"WrLeh") != 0) {
+ return False;
+ }
+ if (!check_printdest_info(&desc,uLevel,str2)) {
+ return False;
+ }
+
+ queuecnt = 0;
+ for (i = 0; i < services; i++) {
+ if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
+ queuecnt++;
+ }
+ }
+
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ }
+
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ if (init_package(&desc,queuecnt,0)) {
+ succnt = 0;
+ n = 0;
+ for (i = 0; i < services; i++) {
+ if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
+ fill_printdest_info(conn,i,uLevel,&desc);
+ n++;
+ if (desc.errcode == NERR_Success) {
+ succnt = n;
+ }
+ }
+ }
+ }
+
+ *rdata_len = desc.usedlen;
+
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,succnt);
+ SSVAL(*rparam,6,queuecnt);
+
+ DEBUG(4,("WPrintDestEnumerate: errorcode %d\n",desc.errcode));
+
+ return True;
}
static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -3349,43 +3531,50 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel;
- int succnt;
- struct pack_desc desc;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel;
+ int succnt;
+ struct pack_desc desc;
- memset((char *)&desc,'\0',sizeof(desc));
+ memset((char *)&desc,'\0',sizeof(desc));
- uLevel = SVAL(p,0);
+ uLevel = SVAL(p,0);
- DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel));
+ DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel));
- /* check it's a supported varient */
- if (strcmp(str1,"WrLeh") != 0) return False;
- if (uLevel != 0 || strcmp(str2,"B41") != 0) return False;
+ /* check it's a supported varient */
+ if (strcmp(str1,"WrLeh") != 0) {
+ return False;
+ }
+ if (uLevel != 0 || strcmp(str2,"B41") != 0) {
+ return False;
+ }
- if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- if (init_package(&desc,1,0)) {
- PACKS(&desc,"B41","NULL");
- }
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ }
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ if (init_package(&desc,1,0)) {
+ PACKS(&desc,"B41","NULL");
+ }
- succnt = (desc.errcode == NERR_Success ? 1 : 0);
+ succnt = (desc.errcode == NERR_Success ? 1 : 0);
- *rdata_len = desc.usedlen;
+ *rdata_len = desc.usedlen;
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,succnt);
- SSVAL(*rparam,6,1);
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,succnt);
+ SSVAL(*rparam,6,1);
+
+ DEBUG(4,("WPrintDriverEnum: errorcode %d\n",desc.errcode));
- DEBUG(4,("WPrintDriverEnum: errorcode %d\n",desc.errcode));
- return(True);
+ return True;
}
static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -3393,44 +3582,51 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel;
- int succnt;
- struct pack_desc desc;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel;
+ int succnt;
+ struct pack_desc desc;
- memset((char *)&desc,'\0',sizeof(desc));
+ memset((char *)&desc,'\0',sizeof(desc));
- uLevel = SVAL(p,0);
+ uLevel = SVAL(p,0);
- DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel));
+ DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel));
- /* check it's a supported varient */
- if (strcmp(str1,"WrLeh") != 0) return False;
- if (uLevel != 0 || strcmp(str2,"B13") != 0) return False;
+ /* check it's a supported varient */
+ if (strcmp(str1,"WrLeh") != 0) {
+ return False;
+ }
+ if (uLevel != 0 || strcmp(str2,"B13") != 0) {
+ return False;
+ }
- if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- desc.format = str2;
- if (init_package(&desc,1,0)) {
- PACKS(&desc,"B13","lpd");
- }
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ }
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ desc.format = str2;
+ if (init_package(&desc,1,0)) {
+ PACKS(&desc,"B13","lpd");
+ }
+
+ succnt = (desc.errcode == NERR_Success ? 1 : 0);
- succnt = (desc.errcode == NERR_Success ? 1 : 0);
+ *rdata_len = desc.usedlen;
- *rdata_len = desc.usedlen;
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,succnt);
+ SSVAL(*rparam,6,1);
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,succnt);
- SSVAL(*rparam,6,1);
+ DEBUG(4,("WPrintQProcEnum: errorcode %d\n",desc.errcode));
- DEBUG(4,("WPrintQProcEnum: errorcode %d\n",desc.errcode));
- return(True);
+ return True;
}
static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -3438,45 +3634,52 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel;
- int succnt;
- struct pack_desc desc;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel;
+ int succnt;
+ struct pack_desc desc;
- memset((char *)&desc,'\0',sizeof(desc));
+ memset((char *)&desc,'\0',sizeof(desc));
- uLevel = SVAL(p,0);
+ uLevel = SVAL(p,0);
- DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel));
+ DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel));
- /* check it's a supported varient */
- if (strcmp(str1,"WrLeh") != 0) return False;
- if (uLevel != 0 || strcmp(str2,"B9") != 0) return False;
+ /* check it's a supported varient */
+ if (strcmp(str1,"WrLeh") != 0) {
+ return False;
+ }
+ if (uLevel != 0 || strcmp(str2,"B9") != 0) {
+ return False;
+ }
- if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- memset((char *)&desc,'\0',sizeof(desc));
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- desc.format = str2;
- if (init_package(&desc,1,0)) {
- PACKS(&desc,"B13","lp0");
- }
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ }
+ memset((char *)&desc,'\0',sizeof(desc));
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ desc.format = str2;
+ if (init_package(&desc,1,0)) {
+ PACKS(&desc,"B13","lp0");
+ }
+
+ succnt = (desc.errcode == NERR_Success ? 1 : 0);
- succnt = (desc.errcode == NERR_Success ? 1 : 0);
+ *rdata_len = desc.usedlen;
- *rdata_len = desc.usedlen;
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0);
+ SSVAL(*rparam,4,succnt);
+ SSVAL(*rparam,6,1);
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0);
- SSVAL(*rparam,4,succnt);
- SSVAL(*rparam,6,1);
+ DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode));
- DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode));
- return(True);
+ return True;
}
@@ -3489,59 +3692,66 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param
int *rdata_len,int *rparam_len)
{
- char *str1 = param+2;
- char *str2 = skip_string(str1,1);
- char *p = skip_string(str2,1);
- int uLevel;
- struct pack_desc desc;
- struct sessionid *session_list;
- int i, num_sessions;
-
- memset((char *)&desc,'\0',sizeof(desc));
-
- uLevel = SVAL(p,0);
-
- DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel));
- DEBUG(7,("RNetSessionEnum req string=%s\n",str1));
- DEBUG(7,("RNetSessionEnum ret string=%s\n",str2));
-
- /* check it's a supported varient */
- if (strcmp(str1,RAP_NetSessionEnum_REQ) != 0) return False;
- if (uLevel != 2 || strcmp(str2,RAP_SESSION_INFO_L2) != 0) return False;
-
- num_sessions = list_sessions(&session_list);
-
- if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
- memset((char *)&desc,'\0',sizeof(desc));
- desc.base = *rdata;
- desc.buflen = mdrcnt;
- desc.format = str2;
- if (!init_package(&desc,num_sessions,0)) {
- return False;
- }
-
- for(i=0; i<num_sessions; i++) {
- PACKS(&desc, "z", session_list[i].remote_machine);
- PACKS(&desc, "z", session_list[i].username);
- PACKI(&desc, "W", 1); /* num conns */
- PACKI(&desc, "W", 0); /* num opens */
- PACKI(&desc, "W", 1); /* num users */
- PACKI(&desc, "D", 0); /* session time */
- PACKI(&desc, "D", 0); /* idle time */
- PACKI(&desc, "D", 0); /* flags */
- PACKS(&desc, "z", "Unknown Client"); /* client type string */
- }
-
- *rdata_len = desc.usedlen;
-
- *rparam_len = 8;
- *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
- SSVALS(*rparam,0,desc.errcode);
- SSVAL(*rparam,2,0); /* converter */
- SSVAL(*rparam,4,num_sessions); /* count */
-
- DEBUG(4,("RNetSessionEnum: errorcode %d\n",desc.errcode));
- return True;
+ char *str1 = param+2;
+ char *str2 = skip_string(str1,1);
+ char *p = skip_string(str2,1);
+ int uLevel;
+ struct pack_desc desc;
+ struct sessionid *session_list;
+ int i, num_sessions;
+
+ memset((char *)&desc,'\0',sizeof(desc));
+
+ uLevel = SVAL(p,0);
+
+ DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel));
+ DEBUG(7,("RNetSessionEnum req string=%s\n",str1));
+ DEBUG(7,("RNetSessionEnum ret string=%s\n",str2));
+
+ /* check it's a supported varient */
+ if (strcmp(str1,RAP_NetSessionEnum_REQ) != 0) {
+ return False;
+ }
+ if (uLevel != 2 || strcmp(str2,RAP_SESSION_INFO_L2) != 0) {
+ return False;
+ }
+
+ num_sessions = list_sessions(&session_list);
+
+ if (mdrcnt > 0) {
+ *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt);
+ }
+ memset((char *)&desc,'\0',sizeof(desc));
+ desc.base = *rdata;
+ desc.buflen = mdrcnt;
+ desc.format = str2;
+ if (!init_package(&desc,num_sessions,0)) {
+ return False;
+ }
+
+ for(i=0; i<num_sessions; i++) {
+ PACKS(&desc, "z", session_list[i].remote_machine);
+ PACKS(&desc, "z", session_list[i].username);
+ PACKI(&desc, "W", 1); /* num conns */
+ PACKI(&desc, "W", 0); /* num opens */
+ PACKI(&desc, "W", 1); /* num users */
+ PACKI(&desc, "D", 0); /* session time */
+ PACKI(&desc, "D", 0); /* idle time */
+ PACKI(&desc, "D", 0); /* flags */
+ PACKS(&desc, "z", "Unknown Client"); /* client type string */
+ }
+
+ *rdata_len = desc.usedlen;
+
+ *rparam_len = 8;
+ *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len);
+ SSVALS(*rparam,0,desc.errcode);
+ SSVAL(*rparam,2,0); /* converter */
+ SSVAL(*rparam,4,num_sessions); /* count */
+
+ DEBUG(4,("RNetSessionEnum: errorcode %d\n",desc.errcode));
+
+ return True;
}
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index 1279fe185d..4f7858d985 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -1094,13 +1094,19 @@ out:
int enum_msdfs_links(TALLOC_CTX *ctx, struct junction_map *jucn, int jn_max)
{
int i=0;
+ int sharecount = 0;
int jn_count = 0;
if(!lp_host_msdfs()) {
return 0;
}
- for(i=0;i < lp_numservices() && (jn_max - jn_count) > 0;i++) {
+ /* Ensure all the usershares are loaded. */
+ become_root();
+ sharecount = load_usershare_shares();
+ unbecome_root();
+
+ for(i=0;i < sharecount && (jn_max - jn_count) > 0;i++) {
if(lp_msdfs_root(i)) {
jn_count += form_junctions(ctx, i,jucn,jn_max - jn_count);
}
diff --git a/source3/smbd/ntquotas.c b/source3/smbd/ntquotas.c
index 9bc444d253..a824978ece 100644
--- a/source3/smbd/ntquotas.c
+++ b/source3/smbd/ntquotas.c
@@ -87,7 +87,7 @@ int vfs_get_ntquota(files_struct *fsp, enum SMB_QUOTA_TYPE qtype, DOM_SID *psid,
id.uid = -1;
- if (psid && !NT_STATUS_IS_OK(sid_to_uid(psid, &id.uid))) {
+ if (psid && !sid_to_uid(psid, &id.uid)) {
DEBUG(0,("sid_to_uid: failed, SID[%s]\n",
sid_string_static(psid)));
}
@@ -131,7 +131,7 @@ int vfs_set_ntquota(files_struct *fsp, enum SMB_QUOTA_TYPE qtype, DOM_SID *psid,
D.isoftlimit = limit_blk2inodes(D.softlimit);
D.ihardlimit = limit_blk2inodes(D.hardlimit);
- if (psid && !NT_STATUS_IS_OK(sid_to_uid(psid, &id.uid))) {
+ if (psid && !sid_to_uid(psid, &id.uid)) {
DEBUG(0,("sid_to_uid: failed, SID[%s]\n",
sid_string_static(psid)));
}
@@ -185,10 +185,7 @@ int vfs_get_user_ntquota_list(files_struct *fsp, SMB_NTQUOTA_LIST **qt_list)
continue;
}
- if (!NT_STATUS_IS_OK(uid_to_sid(&sid, usr->pw_uid))) {
- DEBUG(0,("uid_to_sid failed for %ld\n",(long)usr->pw_uid));
- continue;
- }
+ uid_to_sid(&sid, usr->pw_uid);
if (vfs_get_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &tmp_qt)!=0) {
DEBUG(5,("no quota entry for sid[%s] path[%s]\n",
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index e12a24968b..417e3421cb 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -2309,7 +2309,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou
sid_parse(pdata+4,sid_len,&sid);
DEBUGADD(10,("for SID: %s\n",sid_string_static(&sid)));
- if (!NT_STATUS_IS_OK(sid_to_uid(&sid, &uid))) {
+ if (!sid_to_uid(&sid, &uid)) {
DEBUG(0,("sid_to_uid: failed, sid[%s] sid_len[%lu]\n",
sid_string_static(&sid),(unsigned long)sid_len));
uid = (-1);
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 4b13e28f8e..4f28e291cd 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -22,6 +22,7 @@
#include "includes.h"
+extern struct generic_mapping file_generic_mapping;
extern struct current_user current_user;
extern userdom_struct current_user_info;
extern uint16 global_smbpid;
@@ -1018,15 +1019,6 @@ BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func
}
-/* Map generic permissions to file object specific permissions */
-
-struct generic_mapping file_generic_mapping = {
- FILE_GENERIC_READ,
- FILE_GENERIC_WRITE,
- FILE_GENERIC_EXECUTE,
- FILE_GENERIC_ALL
-};
-
/****************************************************************************
Open a file with a share mode.
****************************************************************************/
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 764fbe8a2e..e644550400 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -100,7 +100,7 @@ void invalidate_vuid(uint16 vuid)
session_yield(vuser);
SAFE_FREE(vuser->session_keystr);
- free_server_info(&vuser->server_info);
+ talloc_free(vuser->server_info);
data_blob_free(&vuser->session_key);
@@ -111,7 +111,7 @@ void invalidate_vuid(uint16 vuid)
conn_clear_vuid_cache(vuid);
SAFE_FREE(vuser->groups);
- delete_nt_token(&vuser->nt_user_token);
+ talloc_free(vuser->nt_user_token);
SAFE_FREE(vuser);
num_validated_vuids--;
}
@@ -136,9 +136,11 @@ void invalidate_all_vuids(void)
* @param server_info The token returned from the authentication process.
* (now 'owned' by register_vuid)
*
- * @param session_key The User session key for the login session (now also 'owned' by register_vuid)
+ * @param session_key The User session key for the login session (now also
+ * 'owned' by register_vuid)
*
- * @param respose_blob The NT challenge-response, if available. (May be freed after this call)
+ * @param respose_blob The NT challenge-response, if available. (May be
+ * freed after this call)
*
* @param smb_name The untranslated name of the user
*
@@ -147,7 +149,9 @@ void invalidate_all_vuids(void)
*
*/
-int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key, DATA_BLOB response_blob, const char *smb_name)
+int register_vuid(auth_serversupplied_info *server_info,
+ DATA_BLOB session_key, DATA_BLOB response_blob,
+ const char *smb_name)
{
user_struct *vuser = NULL;
@@ -179,7 +183,8 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key,
next_vuid = VUID_OFFSET;
}
- DEBUG(10,("register_vuid: allocated vuid = %u\n", (unsigned int)next_vuid ));
+ DEBUG(10,("register_vuid: allocated vuid = %u\n",
+ (unsigned int)next_vuid ));
vuser->vuid = next_vuid;
@@ -203,11 +208,14 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key,
vuser->n_groups = server_info->n_groups;
if (vuser->n_groups) {
- if (!(vuser->groups = (gid_t *)memdup(server_info->groups, sizeof(gid_t) * vuser->n_groups))) {
- DEBUG(0,("register_vuid: failed to memdup vuser->groups\n"));
+ if (!(vuser->groups = (gid_t *)memdup(server_info->groups,
+ sizeof(gid_t) *
+ vuser->n_groups))) {
+ DEBUG(0,("register_vuid: failed to memdup "
+ "vuser->groups\n"));
data_blob_free(&session_key);
free(vuser);
- free_server_info(&server_info);
+ talloc_free(server_info);
return UID_FIELD_INVALID;
}
}
@@ -216,26 +224,35 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key,
fstrcpy(vuser->user.unix_name, server_info->unix_name);
/* This is a potentially untrusted username */
- alpha_strcpy(vuser->user.smb_name, smb_name, ". _-$", sizeof(vuser->user.smb_name));
+ alpha_strcpy(vuser->user.smb_name, smb_name, ". _-$",
+ sizeof(vuser->user.smb_name));
fstrcpy(vuser->user.domain, pdb_get_domain(server_info->sam_account));
- fstrcpy(vuser->user.full_name, pdb_get_fullname(server_info->sam_account));
+ fstrcpy(vuser->user.full_name,
+ pdb_get_fullname(server_info->sam_account));
{
/* Keep the homedir handy */
- const char *homedir = pdb_get_homedir(server_info->sam_account);
- const char *logon_script = pdb_get_logon_script(server_info->sam_account);
-
- if (!IS_SAM_DEFAULT(server_info->sam_account, PDB_UNIXHOMEDIR)) {
- const char *unix_homedir = pdb_get_unix_homedir(server_info->sam_account);
+ const char *homedir =
+ pdb_get_homedir(server_info->sam_account);
+ const char *logon_script =
+ pdb_get_logon_script(server_info->sam_account);
+
+ if (!IS_SAM_DEFAULT(server_info->sam_account,
+ PDB_UNIXHOMEDIR)) {
+ const char *unix_homedir =
+ pdb_get_unix_homedir(server_info->sam_account);
if (unix_homedir) {
- vuser->unix_homedir = smb_xstrdup(unix_homedir);
+ vuser->unix_homedir =
+ smb_xstrdup(unix_homedir);
}
} else {
- struct passwd *passwd = getpwnam_alloc(vuser->user.unix_name);
+ struct passwd *passwd =
+ getpwnam_alloc(NULL, vuser->user.unix_name);
if (passwd) {
- vuser->unix_homedir = smb_xstrdup(passwd->pw_dir);
- passwd_free(&passwd);
+ vuser->unix_homedir =
+ smb_xstrdup(passwd->pw_dir);
+ talloc_free(passwd);
}
}
@@ -252,15 +269,18 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key,
DEBUG(10,("register_vuid: (%u,%u) %s %s %s guest=%d\n",
(unsigned int)vuser->uid,
(unsigned int)vuser->gid,
- vuser->user.unix_name, vuser->user.smb_name, vuser->user.domain, vuser->guest ));
+ vuser->user.unix_name, vuser->user.smb_name,
+ vuser->user.domain, vuser->guest ));
- DEBUG(3, ("User name: %s\tReal name: %s\n",vuser->user.unix_name,vuser->user.full_name));
+ DEBUG(3, ("User name: %s\tReal name: %s\n", vuser->user.unix_name,
+ vuser->user.full_name));
if (server_info->ptok) {
- vuser->nt_user_token = dup_nt_token(server_info->ptok);
+ vuser->nt_user_token = dup_nt_token(NULL, server_info->ptok);
} else {
- DEBUG(1, ("server_info does not contain a user_token - cannot continue\n"));
- free_server_info(&server_info);
+ DEBUG(1, ("server_info does not contain a user_token - "
+ "cannot continue\n"));
+ talloc_free(server_info);
data_blob_free(&session_key);
SAFE_FREE(vuser->homedir);
SAFE_FREE(vuser->unix_homedir);
@@ -273,7 +293,8 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key,
/* use this to keep tabs on all our info from the authentication */
vuser->server_info = server_info;
- DEBUG(3,("UNIX uid %d is UNIX user %s, and will be vuid %u\n",(int)vuser->uid,vuser->user.unix_name, vuser->vuid));
+ DEBUG(3,("UNIX uid %d is UNIX user %s, and will be vuid %u\n",
+ (int)vuser->uid,vuser->user.unix_name, vuser->vuid));
next_vuid++;
num_validated_vuids++;
@@ -281,7 +302,8 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key,
DLIST_ADD(validated_users, vuser);
if (!session_claim(vuser)) {
- DEBUG(1,("Failed to claim session for vuid=%d\n", vuser->vuid));
+ DEBUG(1, ("Failed to claim session for vuid=%d\n",
+ vuser->vuid));
invalidate_vuid(vuser->vuid);
return -1;
}
@@ -301,19 +323,26 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key,
int servicenumber = lp_servicenumber(vuser->user.unix_name);
if ( servicenumber == -1 ) {
- DEBUG(3, ("Adding homes service for user '%s' using home directory: '%s'\n",
+ DEBUG(3, ("Adding homes service for user '%s' using "
+ "home directory: '%s'\n",
vuser->user.unix_name, vuser->unix_homedir));
- vuser->homes_snum = add_home_service(vuser->user.unix_name,
- vuser->user.unix_name, vuser->unix_homedir);
+ vuser->homes_snum =
+ add_home_service(vuser->user.unix_name,
+ vuser->user.unix_name,
+ vuser->unix_homedir);
} else {
- DEBUG(3, ("Using static (or previously created) service for user '%s'; path = '%s'\n",
- vuser->user.unix_name, lp_pathname(servicenumber) ));
+ DEBUG(3, ("Using static (or previously created) "
+ "service for user '%s'; path = '%s'\n",
+ vuser->user.unix_name,
+ lp_pathname(servicenumber) ));
vuser->homes_snum = servicenumber;
}
}
- if (srv_is_signing_negotiated() && !vuser->guest && !srv_signing_started()) {
- /* Try and turn on server signing on the first non-guest sessionsetup. */
+ if (srv_is_signing_negotiated() && !vuser->guest &&
+ !srv_signing_started()) {
+ /* Try and turn on server signing on the first non-guest
+ * sessionsetup. */
srv_set_signing(vuser->session_key, response_blob);
}
@@ -344,14 +373,19 @@ void add_session_user(const char *user)
if( session_userlist && in_list(suser,session_userlist,False) )
return;
- if( !session_userlist || (strlen(suser) + strlen(session_userlist) + 2 >= len_session_userlist) ) {
+ if( !session_userlist ||
+ (strlen(suser) + strlen(session_userlist) + 2 >=
+ len_session_userlist) ) {
char *newlist;
if (len_session_userlist > 128 * PSTRING_LEN) {
- DEBUG(3,("add_session_user: session userlist already too large.\n"));
+ DEBUG(3,("add_session_user: session userlist already "
+ "too large.\n"));
return;
}
- newlist = (char *)SMB_REALLOC( session_userlist, len_session_userlist + PSTRING_LEN );
+ newlist = (char *)SMB_REALLOC(
+ session_userlist,
+ len_session_userlist + PSTRING_LEN );
if( newlist == NULL ) {
DEBUG(1,("Unable to resize session_userlist\n"));
return;
@@ -371,7 +405,7 @@ void add_session_user(const char *user)
Check if a username is valid.
****************************************************************************/
-BOOL user_ok(const char *user,int snum, gid_t *groups, size_t n_groups)
+static BOOL user_ok(const char *user, int snum)
{
char **valid, **invalid;
BOOL ret;
@@ -387,8 +421,7 @@ BOOL user_ok(const char *user,int snum, gid_t *groups, size_t n_groups)
str_list_sub_basic(invalid,
current_user_info.smb_name) ) {
ret = !user_in_list(user,
- (const char **)invalid,
- groups, n_groups);
+ (const char **)invalid);
}
}
}
@@ -402,8 +435,7 @@ BOOL user_ok(const char *user,int snum, gid_t *groups, size_t n_groups)
if ( valid &&
str_list_sub_basic(valid,
current_user_info.smb_name) ) {
- ret = user_in_list(user, (const char **)valid,
- groups, n_groups);
+ ret = user_in_list(user, (const char **)valid);
}
}
}
@@ -415,8 +447,7 @@ BOOL user_ok(const char *user,int snum, gid_t *groups, size_t n_groups)
if (user_list &&
str_list_substitute(user_list, "%S",
lp_servicename(snum))) {
- ret = user_in_list(user, (const char **)user_list,
- groups, n_groups);
+ ret = user_in_list(user, (const char **)user_list);
}
if (user_list) str_list_free (&user_list);
}
@@ -436,7 +467,7 @@ static char *validate_group(char *group, DATA_BLOB password,int snum)
setnetgrent(group);
while (getnetgrent(&host, &user, &domain)) {
if (user) {
- if (user_ok(user, snum, NULL, 0) &&
+ if (user_ok(user, snum) &&
password_ok(user,password)) {
endnetgrent();
return(user);
@@ -472,12 +503,15 @@ static char *validate_group(char *group, DATA_BLOB password,int snum)
member = member_list;
for(i = 0; gptr->gr_mem && gptr->gr_mem[i]; i++) {
- size_t member_len = strlen(gptr->gr_mem[i]) + 1;
- if( copied_len + member_len < sizeof(pstring)) {
+ size_t member_len = strlen(gptr->gr_mem[i])+1;
+ if(copied_len+member_len < sizeof(pstring)) {
- DEBUG(10,("validate_group: = gr_mem = %s\n", gptr->gr_mem[i]));
+ DEBUG(10,("validate_group: = gr_mem = "
+ "%s\n", gptr->gr_mem[i]));
- safe_strcpy(member, gptr->gr_mem[i], sizeof(pstring) - copied_len - 1);
+ safe_strcpy(member, gptr->gr_mem[i],
+ sizeof(pstring) -
+ copied_len - 1);
copied_len += member_len;
member += copied_len;
} else {
@@ -491,13 +525,14 @@ static char *validate_group(char *group, DATA_BLOB password,int snum)
while (*member) {
static fstring name;
fstrcpy(name,member);
- if (user_ok(name,snum, NULL, 0) &&
+ if (user_ok(name,snum) &&
password_ok(name,password)) {
endgrent();
return(&name[0]);
}
- DEBUG(10,("validate_group = member = %s\n", member));
+ DEBUG(10,("validate_group = member = %s\n",
+ member));
member += strlen(member) + 1;
}
@@ -558,7 +593,7 @@ BOOL authorise_login(int snum, fstring user, DATA_BLOB password,
auser = strtok(NULL,LIST_SEP)) {
fstring user2;
fstrcpy(user2,auser);
- if (!user_ok(user2,snum, NULL, 0))
+ if (!user_ok(user2,snum))
continue;
if (password_ok(user2,password)) {
@@ -595,7 +630,7 @@ BOOL authorise_login(int snum, fstring user, DATA_BLOB password,
} else {
fstring user2;
fstrcpy(user2,auser);
- if (user_ok(user2,snum, NULL, 0) &&
+ if (user_ok(user2,snum) &&
password_ok(user2,password)) {
ok = True;
fstrcpy(user,user2);
@@ -624,7 +659,7 @@ BOOL authorise_login(int snum, fstring user, DATA_BLOB password,
*guest = True;
}
- if (ok && !user_ok(user, snum, NULL, 0)) {
+ if (ok && !user_ok(user, snum)) {
DEBUG(0,("authorise_login: rejected invalid user %s\n",user));
ok = False;
}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 5db245ac0c..d4dd926089 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -925,7 +925,7 @@ static BOOL unpack_nt_owners(int snum, SMB_STRUCT_STAT *psbuf, uid_t *puser, gid
if (security_info_sent & OWNER_SECURITY_INFORMATION) {
sid_copy(&owner_sid, psd->owner_sid);
- if (!NT_STATUS_IS_OK(sid_to_uid(&owner_sid, puser))) {
+ if (!sid_to_uid(&owner_sid, puser)) {
if (lp_force_unknown_acl_user(snum)) {
/* this allows take ownership to work
* reasonably */
@@ -946,7 +946,7 @@ static BOOL unpack_nt_owners(int snum, SMB_STRUCT_STAT *psbuf, uid_t *puser, gid
if (security_info_sent & GROUP_SECURITY_INFORMATION) {
sid_copy(&grp_sid, psd->grp_sid);
- if (!NT_STATUS_IS_OK(sid_to_gid( &grp_sid, pgrp))) {
+ if (!sid_to_gid( &grp_sid, pgrp)) {
if (lp_force_unknown_acl_user(snum)) {
/* this allows take group ownership to work
* reasonably */
@@ -1035,7 +1035,7 @@ static BOOL uid_entry_in_group( canon_ace *uid_ace, canon_ace *group_ace )
* not uids/gids.
*/
- return user_in_group_list(u_name, g_name, NULL, 0);
+ return user_in_group(u_name, g_name);
}
/****************************************************************************
@@ -1390,10 +1390,10 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
if (nt4_compatible_acls())
psa->flags |= SEC_ACE_FLAG_INHERIT_ONLY;
- } else if (NT_STATUS_IS_OK(sid_to_uid( &current_ace->trustee, &current_ace->unix_ug.uid))) {
+ } else if (sid_to_uid( &current_ace->trustee, &current_ace->unix_ug.uid)) {
current_ace->owner_type = UID_ACE;
current_ace->type = SMB_ACL_USER;
- } else if (NT_STATUS_IS_OK(sid_to_gid( &current_ace->trustee, &current_ace->unix_ug.gid))) {
+ } else if (sid_to_gid( &current_ace->trustee, &current_ace->unix_ug.gid)) {
current_ace->owner_type = GID_ACE;
current_ace->type = SMB_ACL_GROUP;
} else {
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 0b7b94cce2..d646ebe02d 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -223,115 +223,6 @@ BOOL push_deferred_smb_message(uint16 mid,
private_data, priv_len);
}
-static struct timed_event *timed_events;
-
-struct timed_event {
- struct timed_event *next, *prev;
- struct timeval when;
- const char *event_name;
- void (*handler)(struct timed_event *te,
- const struct timeval *now,
- void *private_data);
- void *private_data;
-};
-
-static int timed_event_destructor(void *p)
-{
- struct timed_event *te = talloc_get_type_abort(p, struct timed_event);
- DEBUG(10, ("Destroying timed event %lx \"%s\"\n", (unsigned long)te,
- te->event_name));
- DLIST_REMOVE(timed_events, te);
- return 0;
-}
-
-/****************************************************************************
- Schedule a function for future calling, cancel with talloc_free().
- It's the responsibility of the handler to call talloc_free() on the event
- handed to it.
-****************************************************************************/
-
-struct timed_event *add_timed_event(TALLOC_CTX *mem_ctx,
- struct timeval when,
- const char *event_name,
- void (*handler)(struct timed_event *te,
- const struct timeval *now,
- void *private_data),
- void *private_data)
-{
- struct timed_event *te, *last_te, *cur_te;
-
- te = TALLOC_P(mem_ctx, struct timed_event);
- if (te == NULL) {
- DEBUG(0, ("talloc failed\n"));
- return NULL;
- }
-
- te->when = when;
- te->event_name = event_name;
- te->handler = handler;
- te->private_data = private_data;
-
- /* keep the list ordered */
- last_te = NULL;
- for (cur_te = timed_events; cur_te; cur_te = cur_te->next) {
- /* if the new event comes before the current one break */
- if (!timeval_is_zero(&cur_te->when) &&
- timeval_compare(&te->when, &cur_te->when) < 0) {
- break;
- }
- last_te = cur_te;
- }
-
- DLIST_ADD_AFTER(timed_events, te, last_te);
- talloc_set_destructor(te, timed_event_destructor);
-
- DEBUG(10, ("Added timed event \"%s\": %lx\n", event_name,
- (unsigned long)te));
- return te;
-}
-
-static void run_events(void)
-{
- struct timeval now;
-
- if (timed_events == NULL) {
- /* No syscall if there are no events */
- DEBUG(10, ("run_events: No events\n"));
- return;
- }
-
- GetTimeOfDay(&now);
-
- if (timeval_compare(&now, &timed_events->when) < 0) {
- /* Nothing to do yet */
- DEBUG(10, ("run_events: Nothing to do\n"));
- return;
- }
-
- DEBUG(10, ("Running event \"%s\" %lx\n", timed_events->event_name,
- (unsigned long)timed_events));
-
- timed_events->handler(timed_events, &now, timed_events->private_data);
- return;
-}
-
-struct timeval timed_events_timeout(void)
-{
- struct timeval now, timeout;
-
- if (timed_events == NULL) {
- return timeval_set(SMBD_SELECT_TIMEOUT, 0);
- }
-
- now = timeval_current();
- timeout = timeval_until(&now, &timed_events->when);
-
- DEBUG(10, ("timed_events_timeout: %d/%d\n", (int)timeout.tv_sec,
- (int)timeout.tv_usec));
-
- return timeout;
-}
-
struct idle_event {
struct timed_event *te;
struct timeval interval;
@@ -537,8 +428,10 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout)
}
{
- struct timeval tmp = timed_events_timeout();
- to = timeval_min(&to, &tmp);
+ struct timeval tmp;
+ struct timeval *tp = get_timed_events_timeout(&tmp,SMBD_SELECT_TIMEOUT);
+
+ to = timeval_min(&to, tp);
if (timeval_is_zero(&to)) {
return True;
}
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index fc6a858974..ebc47c51d9 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -129,7 +129,7 @@ static void gain_root(void)
Get the list of current groups.
****************************************************************************/
-int get_current_groups(gid_t gid, int *p_ngroups, gid_t **p_groups)
+static int get_current_groups(gid_t gid, int *p_ngroups, gid_t **p_groups)
{
int i;
gid_t grp;
@@ -180,51 +180,6 @@ fail:
}
/****************************************************************************
- Initialize the groups a user belongs to.
-****************************************************************************/
-
-BOOL initialise_groups(char *user, uid_t uid, gid_t gid)
-{
- struct sec_ctx *prev_ctx_p;
- BOOL result = True;
-
- if (non_root_mode()) {
- return True;
- }
-
- become_root();
-
- /* Call initgroups() to get user groups */
-
- if (winbind_initgroups(user,gid) == -1) {
- DEBUG(0,("Unable to initgroups. Error was %s\n", strerror(errno) ));
- if (getuid() == 0) {
- if (gid < 0 || gid > 32767 || uid < 0 || uid > 32767) {
- DEBUG(0,("This is probably a problem with the account %s\n", user));
- }
- }
- result = False;
- goto done;
- }
-
- /* Store groups in previous user's security context. This will
- always work as the become_root() call increments the stack
- pointer. */
-
- prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx - 1];
-
- SAFE_FREE(prev_ctx_p->ut.groups);
- prev_ctx_p->ut.ngroups = 0;
-
- get_current_groups(gid, &prev_ctx_p->ut.ngroups, &prev_ctx_p->ut.groups);
-
- done:
- unbecome_root();
-
- return result;
-}
-
-/****************************************************************************
Create a new security context on the stack. It is the same as the old
one. User changes are done using the set_sec_ctx() function.
****************************************************************************/
@@ -252,14 +207,15 @@ BOOL push_sec_ctx(void)
DEBUG(3, ("push_sec_ctx(%u, %u) : sec_ctx_stack_ndx = %d\n",
(unsigned int)ctx_p->ut.uid, (unsigned int)ctx_p->ut.gid, sec_ctx_stack_ndx ));
- ctx_p->token = dup_nt_token(sec_ctx_stack[sec_ctx_stack_ndx-1].token);
+ ctx_p->token = dup_nt_token(NULL,
+ sec_ctx_stack[sec_ctx_stack_ndx-1].token);
ctx_p->ut.ngroups = sys_getgroups(0, NULL);
if (ctx_p->ut.ngroups != 0) {
if (!(ctx_p->ut.groups = SMB_MALLOC_ARRAY(gid_t, ctx_p->ut.ngroups))) {
DEBUG(0, ("Out of memory in push_sec_ctx()\n"));
- delete_nt_token(&ctx_p->token);
+ talloc_free(ctx_p->token);
return False;
}
@@ -299,10 +255,10 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN
if (token && (token == ctx_p->token))
smb_panic("DUPLICATE_TOKEN");
- delete_nt_token(&ctx_p->token);
+ talloc_free(ctx_p->token);
ctx_p->ut.groups = memdup(groups, sizeof(gid_t) * ngroups);
- ctx_p->token = dup_nt_token(token);
+ ctx_p->token = dup_nt_token(NULL, token);
become_id(uid, gid);
@@ -355,7 +311,7 @@ BOOL pop_sec_ctx(void)
SAFE_FREE(ctx_p->ut.groups);
ctx_p->ut.ngroups = 0;
- delete_nt_token(&ctx_p->token);
+ talloc_free(ctx_p->token);
/* Pop back previous user */
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 3e970ec16c..6c2034988a 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -62,6 +62,18 @@ static void smbd_set_server_fd(int fd)
client_setfd(fd);
}
+/*******************************************************************
+ What to do when smb.conf is updated.
+ ********************************************************************/
+
+static void smb_conf_updated(int msg_type, struct process_id src,
+ void *buf, size_t len)
+{
+ DEBUG(10,("smb_conf_updated: Got message saying smb.conf was updated. Reloading.\n"));
+ reload_services(False);
+}
+
+
/****************************************************************************
Terminate signal.
****************************************************************************/
@@ -331,6 +343,7 @@ static BOOL open_sockets_smbd(BOOL is_daemon, BOOL interactive, const char *smb_
message_register(MSG_SMB_SAM_REPL, msg_sam_repl);
message_register(MSG_SHUTDOWN, msg_exit_server);
message_register(MSG_SMB_FILE_RENAME, msg_file_was_renamed);
+ message_register(MSG_SMB_CONF_UPDATED, smb_conf_updated);
/* now accept incoming connections - forking a new process
for each incoming connection */
@@ -697,6 +710,7 @@ void build_options(BOOL screen);
int main(int argc,const char *argv[])
{
+ extern BOOL in_server;
/* shall I run as a daemon */
static BOOL is_daemon = False;
static BOOL interactive = False;
@@ -718,6 +732,8 @@ void build_options(BOOL screen);
{ NULL }
};
+ in_server = True;
+
load_case_tables();
#ifdef HAVE_SET_AUTH_PARAMETERS
@@ -826,11 +842,6 @@ void build_options(BOOL screen);
init_structs();
- if (!init_guest_info()) {
- DEBUG(0,("ERROR: failed to setup guest info.\n"));
- return -1;
- }
-
#ifdef WITH_PROFILE
if (!profile_setup(False)) {
DEBUG(0,("ERROR: failed to setup profiling\n"));
@@ -885,9 +896,6 @@ void build_options(BOOL screen);
if (!locking_init(0))
exit(1);
- if (!share_info_db_init())
- exit(1);
-
namecache_enable();
if (!init_registry())
@@ -901,6 +909,11 @@ void build_options(BOOL screen);
if (!print_backend_init())
exit(1);
+ if (!init_guest_info()) {
+ DEBUG(0,("ERROR: failed to setup guest info.\n"));
+ return -1;
+ }
+
/* Setup the main smbd so that we can get messages. */
/* don't worry about general printing messages here */
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 7640559d53..cf0116cc09 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -299,6 +299,13 @@ int find_service(fstring service)
}
}
+ /* Is it a usershare service ? */
+ if (iService < 0 && *lp_usershare_path()) {
+ /* Ensure the name is canonicalized. */
+ strlower_m(service);
+ iService = load_usershare_service(service);
+ }
+
if (iService >= 0) {
if (!VALID_SNUM(iService)) {
DEBUG(0,("Invalid snum %d for %s\n",iService, service));
@@ -359,6 +366,131 @@ static NTSTATUS share_sanity_checks(int snum, fstring dev)
return NT_STATUS_OK;
}
+static NTSTATUS find_forced_user(int snum, BOOL vuser_is_guest,
+ uid_t *uid, gid_t *gid, fstring username,
+ struct nt_user_token **token)
+{
+ TALLOC_CTX *mem_ctx;
+ char *fuser, *found_username;
+ NTSTATUS result;
+
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ DEBUG(0, ("talloc_new failed\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ fuser = talloc_string_sub(mem_ctx, lp_force_user(snum), "%S",
+ lp_servicename(snum));
+ if (fuser == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ result = create_token_from_username(mem_ctx, fuser, vuser_is_guest,
+ uid, gid, &found_username,
+ token);
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ talloc_steal(NULL, *token);
+ fstrcpy(username, found_username);
+
+ result = NT_STATUS_OK;
+ done:
+ talloc_free(mem_ctx);
+ return result;
+}
+
+/*
+ * Go through lookup_name etc to find the force'd group.
+ *
+ * Create a new token from src_token, replacing the primary group sid with the
+ * one found.
+ */
+
+static NTSTATUS find_forced_group(BOOL force_user,
+ int snum, const char *username,
+ DOM_SID *pgroup_sid,
+ gid_t *pgid)
+{
+ NTSTATUS result = NT_STATUS_NO_SUCH_GROUP;
+ TALLOC_CTX *mem_ctx;
+ DOM_SID group_sid;
+ enum SID_NAME_USE type;
+ char *groupname;
+ BOOL user_must_be_member = False;
+ gid_t gid;
+
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ DEBUG(0, ("talloc_new failed\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ groupname = talloc_strdup(mem_ctx, lp_force_group(snum));
+ if (groupname == NULL) {
+ DEBUG(1, ("talloc_strdup failed\n"));
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ if (groupname[0] == '+') {
+ user_must_be_member = True;
+ groupname += 1;
+ }
+
+ groupname = talloc_string_sub(mem_ctx, groupname,
+ "%S", lp_servicename(snum));
+
+ if (!lookup_name(mem_ctx, groupname,
+ LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
+ NULL, NULL, &group_sid, &type)) {
+ DEBUG(10, ("lookup_name(%s) failed\n",
+ groupname));
+ goto done;
+ }
+
+ if ((type != SID_NAME_DOM_GRP) && (type != SID_NAME_ALIAS) &&
+ (type != SID_NAME_WKN_GRP)) {
+ DEBUG(10, ("%s is a %s, not a group\n", groupname,
+ sid_type_lookup(type)));
+ goto done;
+ }
+
+ if (!sid_to_gid(&group_sid, &gid)) {
+ DEBUG(10, ("sid_to_gid(%s) for %s failed\n",
+ sid_string_static(&group_sid), groupname));
+ goto done;
+ }
+
+ /*
+ * If the user has been forced and the forced group starts with a '+',
+ * then we only set the group to be the forced group if the forced
+ * user is a member of that group. Otherwise, the meaning of the '+'
+ * would be ignored.
+ */
+
+ if (force_user && user_must_be_member) {
+ if (user_in_group(username, groupname)) {
+ sid_copy(pgroup_sid, &group_sid);
+ *pgid = gid;
+ DEBUG(3,("Forced group %s for member %s\n",
+ groupname, username));
+ }
+ } else {
+ sid_copy(pgroup_sid, &group_sid);
+ *pgid = gid;
+ DEBUG(3,("Forced group %s\n", groupname));
+ }
+
+ result = NT_STATUS_OK;
+ done:
+ talloc_free(mem_ctx);
+ return result;
+}
+
/****************************************************************************
Make a connection, given the snum to connect to, and the vuser of the
connecting user if appropriate.
@@ -395,7 +527,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
if (lp_guest_only(snum)) {
const char *guestname = lp_guestaccount();
guest = True;
- pass = getpwnam_alloc(guestname);
+ pass = getpwnam_alloc(NULL, guestname);
if (!pass) {
DEBUG(0,("make_connection_snum: Invalid guest "
"account %s??\n",guestname));
@@ -408,7 +540,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
conn->uid = pass->pw_uid;
conn->gid = pass->pw_gid;
string_set(&conn->user,pass->pw_name);
- passwd_free(&pass);
+ talloc_free(pass);
DEBUG(3,("Guest only user %s\n",user));
} else if (vuser) {
if (vuser->guest) {
@@ -421,8 +553,8 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
return NULL;
}
} else {
- if (!user_ok(vuser->user.unix_name, snum,
- vuser->groups, vuser->n_groups)) {
+ if (!user_ok_token(vuser->user.unix_name,
+ vuser->nt_user_token, snum)) {
DEBUG(2, ("user '%s' (from session setup) not "
"permitted to access this share "
"(%s)\n", vuser->user.unix_name,
@@ -501,86 +633,98 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
conn->admin_user = False;
/*
- * If force user is true, then store the
- * given userid and also the groups
- * of the user we're forcing.
+ * If force user is true, then store the given userid and the gid of
+ * the user we're forcing.
+ * For auxiliary groups see below.
*/
if (*lp_force_user(snum)) {
- struct passwd *pass2;
- pstring fuser;
- pstrcpy(fuser,lp_force_user(snum));
-
- /* Allow %S to be used by force user. */
- pstring_sub(fuser,"%S",lp_servicename(snum));
-
- pass2 = (struct passwd *)Get_Pwnam(fuser);
- if (pass2) {
- conn->uid = pass2->pw_uid;
- conn->gid = pass2->pw_gid;
- string_set(&conn->user,pass2->pw_name);
- fstrcpy(user,pass2->pw_name);
- conn->force_user = True;
- DEBUG(3,("Forced user %s\n",user));
- } else {
- DEBUG(1,("Couldn't find user %s\n",fuser));
+ NTSTATUS status2;
+
+ status2 = find_forced_user(snum,
+ (vuser != NULL) && vuser->guest,
+ &conn->uid, &conn->gid, user,
+ &conn->nt_user_token);
+ if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
- *status = NT_STATUS_NO_SUCH_USER;
+ *status = status2;
return NULL;
}
+ string_set(&conn->user,user);
+ conn->force_user = True;
+ DEBUG(3,("Forced user %s\n",user));
}
-#ifdef HAVE_GETGRNAM
/*
* If force group is true, then override
* any groupid stored for the connecting user.
*/
if (*lp_force_group(snum)) {
- gid_t gid;
- pstring gname;
- pstring tmp_gname;
- BOOL user_must_be_member = False;
-
- pstrcpy(tmp_gname,lp_force_group(snum));
-
- if (tmp_gname[0] == '+') {
- user_must_be_member = True;
- /* even now, tmp_gname is null terminated */
- pstrcpy(gname,&tmp_gname[1]);
- } else {
- pstrcpy(gname,tmp_gname);
- }
- /* default service may be a group name */
- pstring_sub(gname,"%S",lp_servicename(snum));
- gid = nametogid(gname);
-
- if (gid == (gid_t)-1) {
- DEBUG(1,("Couldn't find group %s\n",gname));
+ NTSTATUS status2;
+ DOM_SID group_sid;
+
+ status2 = find_forced_group(conn->force_user,
+ snum, user,
+ &group_sid, &conn->gid);
+ if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
- *status = NT_STATUS_NO_SUCH_GROUP;
+ *status = status2;
return NULL;
}
- /*
- * If the user has been forced and the forced group starts
- * with a '+', then we only set the group to be the forced
- * group if the forced user is a member of that group.
- * Otherwise, the meaning of the '+' would be ignored.
- */
- if (conn->force_user && user_must_be_member) {
- if (user_in_group_list( user, gname, NULL, 0)) {
- conn->gid = gid;
- DEBUG(3,("Forced group %s for member %s\n",
- gname,user));
+ if ((conn->nt_user_token == NULL) && (vuser != NULL)) {
+
+ /* Not force user and not security=share, but force
+ * group. vuser has a token to copy */
+
+ conn->nt_user_token = dup_nt_token(
+ NULL, vuser->nt_user_token);
+ if (conn->nt_user_token == NULL) {
+ DEBUG(0, ("dup_nt_token failed\n"));
+ conn_free(conn);
+ *status = NT_STATUS_NO_MEMORY;
+ return NULL;
}
- } else {
- conn->gid = gid;
- DEBUG(3,("Forced group %s\n",gname));
+ }
+
+ /* If conn->nt_user_token is still NULL, we have
+ * security=share. This means ignore the SID, as we had no
+ * vuser to copy from */
+
+ if (conn->nt_user_token != NULL) {
+ /* Overwrite the primary group sid */
+ sid_copy(&conn->nt_user_token->user_sids[1],
+ &group_sid);
+
}
conn->force_group = True;
}
-#endif /* HAVE_GETGRNAM */
+
+ if (conn->nt_user_token != NULL) {
+ size_t i;
+
+ /* We have a share-specific token from force [user|group].
+ * This means we have to create the list of unix groups from
+ * the list of sids. */
+
+ conn->ngroups = 0;
+ conn->groups = NULL;
+
+ for (i=0; i<conn->nt_user_token->num_sids; i++) {
+ gid_t gid;
+ DOM_SID *sid = &conn->nt_user_token->user_sids[i];
+
+ if (!sid_to_gid(sid, &gid)) {
+ DEBUG(10, ("Could not convert SID %s to gid, "
+ "ignoring it\n",
+ sid_string_static(sid)));
+ continue;
+ }
+ add_gid_to_array_unique(NULL, gid, &conn->groups,
+ &conn->ngroups);
+ }
+ }
{
pstring s;
@@ -591,25 +735,6 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
lp_servicename(snum)));
}
- if (conn->force_user || conn->force_group) {
- int ngroups = 0;
-
- /* groups stuff added by ih */
- conn->ngroups = 0;
- conn->groups = NULL;
-
- /* Find all the groups this uid is in and
- store them. Used by change_to_user() */
- initialise_groups(conn->user, conn->uid, conn->gid);
- get_current_groups(conn->gid, &ngroups, &conn->groups);
- conn->ngroups = ngroups;
-
- conn->nt_user_token =
- create_nt_token(conn->uid, conn->gid,
- conn->ngroups, conn->groups,
- guest);
- }
-
/*
* New code to check if there's a share security descripter
* added from NT server manager. This is done after the
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index a22a575c76..38e16126e2 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -267,7 +267,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
map_username( user );
- pw = smb_getpwnam( user, real_username, True );
+ pw = smb_getpwnam( mem_ctx, user, real_username, True );
if (!pw) {
/* this was originally the behavior of Samba 2.2, if a user
@@ -277,7 +277,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID){
map_domainuser_to_guest = True;
fstrcpy(user,lp_guestaccount());
- pw = smb_getpwnam( user, real_username, True );
+ pw = smb_getpwnam( mem_ctx, user, real_username, True );
}
/* extra sanity check that the guest account is valid */
@@ -302,11 +302,11 @@ static int reply_spnego_kerberos(connection_struct *conn,
ret = make_server_info_pac(&server_info, real_username, pw, logon_info);
if ( !NT_STATUS_IS_OK(ret) ) {
- DEBUG(1,("make_server_info_pac failed!\n"));
+ DEBUG(1,("make_server_info_pac failed: %s!\n",
+ nt_errstr(ret)));
SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
- passwd_free(&pw);
talloc_destroy(mem_ctx);
return ERROR_NT(ret);
}
@@ -315,26 +315,24 @@ static int reply_spnego_kerberos(connection_struct *conn,
ret = make_server_info_pw(&server_info, real_username, pw);
if ( !NT_STATUS_IS_OK(ret) ) {
- DEBUG(1,("make_server_info_from_pw failed!\n"));
+ DEBUG(1,("make_server_info_pw failed: %s!\n",
+ nt_errstr(ret)));
SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
- passwd_free(&pw);
talloc_destroy(mem_ctx);
return ERROR_NT(ret);
}
- /* make_server_info_pw does not set the domain. Without this we end up
- * with the local netbios name in substitutions for %D. */
+ /* make_server_info_pw does not set the domain. Without this
+ * we end up with the local netbios name in substitutions for
+ * %D. */
if (server_info->sam_account != NULL) {
pdb_set_domain(server_info->sam_account, domain, PDB_SET);
}
}
-
- passwd_free(&pw);
-
/* register_vuid keeps the server info */
/* register_vuid takes ownership of session_key, no need to free after this.
A better interface would copy it.... */
@@ -1063,6 +1061,16 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
return ERROR_NT(nt_status_squash(nt_status));
}
+ nt_status = create_local_token(server_info);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(10, ("create_local_token failed: %s\n",
+ nt_errstr(nt_status)));
+ data_blob_free(&nt_resp);
+ data_blob_free(&lm_resp);
+ data_blob_clear_free(&plaintext_password);
+ return ERROR_NT(nt_status_squash(nt_status));
+ }
+
if (server_info->user_session_key.data) {
session_key = data_blob(server_info->user_session_key.data, server_info->user_session_key.length);
} else {
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
new file mode 100644
index 0000000000..11e52b03ab
--- /dev/null
+++ b/source3/smbd/share_access.c
@@ -0,0 +1,264 @@
+/*
+ Unix SMB/CIFS implementation.
+ Check access based on valid users, read list and friends
+ Copyright (C) Volker Lendecke 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+/*
+ * No prefix means direct username
+ * @name means netgroup first, then unix group
+ * &name means netgroup
+ * +name means unix group
+ * + and & may be combined
+ */
+
+static BOOL do_group_checks(const char **name, const char **pattern)
+{
+ if ((*name)[0] == '@') {
+ *pattern = "&+";
+ *name += 1;
+ return True;
+ }
+
+ if (((*name)[0] == '+') && ((*name)[1] == '&')) {
+ *pattern = "+&";
+ *name += 2;
+ return True;
+ }
+
+ if ((*name)[0] == '+') {
+ *pattern = "+";
+ *name += 1;
+ return True;
+ }
+
+ if (((*name)[0] == '&') && ((*name)[1] == '+')) {
+ *pattern = "&+";
+ *name += 2;
+ return True;
+ }
+
+ if ((*name)[0] == '&') {
+ *pattern = "&";
+ *name += 1;
+ return True;
+ }
+
+ return False;
+}
+
+static BOOL token_contains_name(TALLOC_CTX *mem_ctx,
+ const char *username,
+ const char *sharename,
+ const struct nt_user_token *token,
+ const char *name)
+{
+ const char *prefix;
+ DOM_SID sid;
+ enum SID_NAME_USE type;
+
+ if (username != NULL) {
+ name = talloc_sub_basic(mem_ctx, username, name);
+ }
+ if (sharename != NULL) {
+ name = talloc_string_sub(mem_ctx, name, "%S", sharename);
+ }
+
+ if (name == NULL) {
+ /* This is too security sensitive, better panic than return a
+ * result that might be interpreted in a wrong way. */
+ smb_panic("substitutions failed\n");
+ }
+
+ if (!do_group_checks(&name, &prefix)) {
+ if (!lookup_name(mem_ctx, name, LOOKUP_NAME_ALL,
+ NULL, NULL, &sid, &type)) {
+ DEBUG(5, ("lookup_name %s failed\n", name));
+ return False;
+ }
+ if (type != SID_NAME_USER) {
+ DEBUG(5, ("%s is a %s, expected a user\n",
+ name, sid_type_lookup(type)));
+ return False;
+ }
+ return nt_token_check_sid(&sid, token);
+ }
+
+ for (/* initialized above */ ; *prefix != '\0'; prefix++) {
+ if (*prefix == '+') {
+ if (!lookup_name(mem_ctx, name,
+ LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
+ NULL, NULL, &sid, &type)) {
+ DEBUG(5, ("lookup_name %s failed\n", name));
+ return False;
+ }
+ if ((type != SID_NAME_DOM_GRP) &&
+ (type != SID_NAME_ALIAS) &&
+ (type != SID_NAME_WKN_GRP)) {
+ DEBUG(5, ("%s is a %s, expected a group\n",
+ name, sid_type_lookup(type)));
+ return False;
+ }
+ if (nt_token_check_sid(&sid, token)) {
+ return True;
+ }
+ continue;
+ }
+ if (*prefix == '&') {
+ if (user_in_netgroup(username, name)) {
+ return True;
+ }
+ continue;
+ }
+ smb_panic("got invalid prefix from do_groups_check\n");
+ }
+ return False;
+}
+
+/*
+ * Check whether a user is contained in the list provided.
+ *
+ * Please note that the user name and share names passed in here mainly for
+ * the substitution routines that expand the parameter values, the decision
+ * whether a user is in the list is done after a lookup_name on the expanded
+ * parameter value, solely based on comparing the SIDs in token.
+ *
+ * The other use is the netgroup check when using @group or &group.
+ */
+
+BOOL token_contains_name_in_list(const char *username,
+ const char *sharename,
+ const struct nt_user_token *token,
+ const char **list)
+{
+ TALLOC_CTX *mem_ctx;
+
+ if (list == NULL) {
+ return False;
+ }
+
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ smb_panic("talloc_new failed\n");
+ }
+
+ while (*list != NULL) {
+ if (token_contains_name(mem_ctx, username, sharename,
+ token, *list)) {
+ talloc_free(mem_ctx);
+ return True;
+ }
+ list += 1;
+ }
+
+ talloc_free(mem_ctx);
+ return False;
+}
+
+/*
+ * Check whether the user described by "token" has access to share snum.
+ *
+ * This looks at "invalid users", "valid users" and "only user/username"
+ *
+ * Please note that the user name and share names passed in here mainly for
+ * the substitution routines that expand the parameter values, the decision
+ * whether a user is in the list is done after a lookup_name on the expanded
+ * parameter value, solely based on comparing the SIDs in token.
+ *
+ * The other use is the netgroup check when using @group or &group.
+ */
+
+BOOL user_ok_token(const char *username, struct nt_user_token *token, int snum)
+{
+ if (lp_invalid_users(snum) != NULL) {
+ if (token_contains_name_in_list(username, lp_servicename(snum),
+ token,
+ lp_invalid_users(snum))) {
+ DEBUG(10, ("User %s in 'invalid users'\n", username));
+ return False;
+ }
+ }
+
+ if (lp_valid_users(snum) != NULL) {
+ if (!token_contains_name_in_list(username,
+ lp_servicename(snum), token,
+ lp_valid_users(snum))) {
+ DEBUG(10, ("User %s no in 'valid users'\n", username));
+ return False;
+ }
+ }
+
+ if (lp_onlyuser(snum)) {
+ const char *list[2];
+ list[0] = lp_username(snum);
+ list[1] = NULL;
+ if (!token_contains_name_in_list(NULL, lp_servicename(snum),
+ token, list)) {
+ DEBUG(10, ("%s != 'username'\n", username));
+ return False;
+ }
+ }
+
+ DEBUG(10, ("user_ok_token: share %s is ok for unix user %s\n",
+ lp_servicename(snum), username));
+
+ return True;
+}
+
+/*
+ * Check whether the user described by "token" is restricted to read-only
+ * access on share snum.
+ *
+ * This looks at "invalid users", "valid users" and "only user/username"
+ *
+ * Please note that the user name and share names passed in here mainly for
+ * the substitution routines that expand the parameter values, the decision
+ * whether a user is in the list is done after a lookup_name on the expanded
+ * parameter value, solely based on comparing the SIDs in token.
+ *
+ * The other use is the netgroup check when using @group or &group.
+ */
+
+BOOL is_share_read_only_for_token(const char *username,
+ struct nt_user_token *token, int snum)
+{
+ BOOL result = lp_readonly(snum);
+
+ if (lp_readlist(snum) != NULL) {
+ if (token_contains_name_in_list(username,
+ lp_servicename(snum), token,
+ lp_readlist(snum))) {
+ result = True;
+ }
+ }
+
+ if (lp_writelist(snum) != NULL) {
+ if (token_contains_name_in_list(username,
+ lp_servicename(snum), token,
+ lp_writelist(snum))) {
+ result = False;
+ }
+ }
+
+ DEBUG(10,("is_share_read_only_for_user: share %s is %s for unix user "
+ "%s\n", lp_servicename(snum),
+ result ? "read-only" : "read-write", username));
+
+ return result;
+}
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index d419720c33..6e516d3562 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -56,7 +56,7 @@ BOOL change_to_guest(void)
if (!pass) {
/* Don't need to free() this as its stored in a static */
- pass = getpwnam_alloc(lp_guestaccount());
+ pass = getpwnam_alloc(NULL, lp_guestaccount());
if (!pass)
return(False);
}
@@ -71,67 +71,13 @@ BOOL change_to_guest(void)
current_user.conn = NULL;
current_user.vuid = UID_FIELD_INVALID;
-
- passwd_free(&pass);
+ talloc_free(pass);
+ pass = NULL;
+
return True;
}
-/****************************************************************************
- Readonly share for this user ?
-****************************************************************************/
-
-static BOOL is_share_read_only_for_user(int snum, user_struct *vuser)
-{
- char **list;
- const char *service = lp_servicename(snum);
- BOOL read_only_ret = lp_readonly(snum);
-
- if (!service)
- return read_only_ret;
-
- str_list_copy(&list, lp_readlist(snum));
- if (list) {
- if (!str_list_sub_basic(list, vuser->user.smb_name) ) {
- DEBUG(0, ("is_share_read_only_for_user: ERROR: read "
- "list substitution failed\n"));
- }
- if (!str_list_substitute(list, "%S", service)) {
- DEBUG(0, ("is_share_read_only_for_user: ERROR: read "
- "list service substitution failed\n"));
- }
- if (user_in_list(vuser->user.unix_name, (const char **)list,
- vuser->groups, vuser->n_groups)) {
- read_only_ret = True;
- }
- str_list_free(&list);
- }
-
- str_list_copy(&list, lp_writelist(snum));
- if (list) {
- if (!str_list_sub_basic(list, vuser->user.smb_name) ) {
- DEBUG(0, ("is_share_read_only_for_user: ERROR: write "
- "list substitution failed\n"));
- }
- if (!str_list_substitute(list, "%S", service)) {
- DEBUG(0, ("is_share_read_only_for_user: ERROR: write "
- "list service substitution failed\n"));
- }
- if (user_in_list(vuser->user.unix_name, (const char **)list,
- vuser->groups, vuser->n_groups)) {
- read_only_ret = False;
- }
- str_list_free(&list);
- }
-
- DEBUG(10,("is_share_read_only_for_user: share %s is %s for unix user "
- "%s\n", service,
- read_only_ret ? "read-only" : "read-write",
- vuser->user.unix_name ));
-
- return read_only_ret;
-}
-
/*******************************************************************
Check if a username is OK.
********************************************************************/
@@ -151,20 +97,25 @@ static BOOL check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
}
}
- if (!user_ok(vuser->user.unix_name,snum, vuser->groups, vuser->n_groups))
+ if (!user_ok_token(vuser->user.unix_name, vuser->nt_user_token, snum))
return(False);
- readonly_share = is_share_read_only_for_user(conn->service, vuser);
+ readonly_share = is_share_read_only_for_token(vuser->user.unix_name,
+ vuser->nt_user_token,
+ conn->service);
if (!readonly_share &&
!share_access_check(conn, snum, vuser, FILE_WRITE_DATA)) {
/* smb.conf allows r/w, but the security descriptor denies
* write. Fall back to looking at readonly. */
readonly_share = True;
- DEBUG(5,("falling back to read-only access-evaluation due to security descriptor\n"));
+ DEBUG(5,("falling back to read-only access-evaluation due to "
+ "security descriptor\n"));
}
- if (!share_access_check(conn, snum, vuser, readonly_share ? FILE_READ_DATA : FILE_WRITE_DATA)) {
+ if (!share_access_check(conn, snum, vuser,
+ readonly_share ?
+ FILE_READ_DATA : FILE_WRITE_DATA)) {
return False;
}
@@ -176,11 +127,9 @@ static BOOL check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
ent->vuid = vuser->vuid;
ent->read_only = readonly_share;
- if (user_in_list(vuser->user.unix_name ,lp_admin_users(conn->service), vuser->groups, vuser->n_groups)) {
- ent->admin_user = True;
- } else {
- ent->admin_user = False;
- }
+ ent->admin_user = token_contains_name_in_list(
+ vuser->user.unix_name, NULL, vuser->nt_user_token,
+ lp_admin_users(conn->service));
conn->read_only = ent->read_only;
conn->admin_user = ent->admin_user;
@@ -217,20 +166,24 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
(current_user.ut.uid == conn->uid)) {
- DEBUG(4,("change_to_user: Skipping user change - already user\n"));
+ DEBUG(4,("change_to_user: Skipping user change - already "
+ "user\n"));
return(True);
} else if ((current_user.conn == conn) &&
(vuser != 0) && (current_user.vuid == vuid) &&
(current_user.ut.uid == vuser->uid)) {
- DEBUG(4,("change_to_user: Skipping user change - already user\n"));
+ DEBUG(4,("change_to_user: Skipping user change - already "
+ "user\n"));
return(True);
}
snum = SNUM(conn);
if ((vuser) && !check_user_ok(conn, vuser, snum)) {
- DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) not permitted access to share %s.\n",
- vuser->user.smb_name, vuser->user.unix_name, vuid, lp_servicename(snum)));
+ DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) "
+ "not permitted access to share %s.\n",
+ vuser->user.smb_name, vuser->user.unix_name, vuid,
+ lp_servicename(snum)));
return False;
}
@@ -247,7 +200,8 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
current_user.ut.groups = vuser->groups;
token = vuser->nt_user_token;
} else {
- DEBUG(2,("change_to_user: Invalid vuid used %d in accessing share %s.\n",vuid, lp_servicename(snum) ));
+ DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
+ "share %s.\n",vuid, lp_servicename(snum) ));
return False;
}
@@ -258,7 +212,13 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
*/
if((group_c = *lp_force_group(snum))) {
- BOOL is_guest = False;
+
+ token = dup_nt_token(NULL, token);
+ if (token == NULL) {
+ DEBUG(0, ("dup_nt_token failed\n"));
+ return False;
+ }
+ must_free_token = True;
if(group_c == '+') {
@@ -273,37 +233,25 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
for (i = 0; i < current_user.ut.ngroups; i++) {
if (current_user.ut.groups[i] == conn->gid) {
gid = conn->gid;
+ gid_to_sid(&token->user_sids[1], gid);
break;
}
}
} else {
gid = conn->gid;
+ gid_to_sid(&token->user_sids[1], gid);
}
-
- /*
- * We've changed the group list in the token - we must
- * re-create it.
- */
-
- if (vuser && vuser->guest)
- is_guest = True;
-
- token = create_nt_token(uid, gid, current_user.ut.ngroups, current_user.ut.groups, is_guest);
- if (!token) {
- DEBUG(1, ("change_to_user: create_nt_token failed!\n"));
- return False;
- }
- must_free_token = True;
}
- set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups, token);
+ set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
+ token);
/*
* Free the new token (as set_sec_ctx copies it).
*/
if (must_free_token)
- delete_nt_token(&token);
+ talloc_free(token);
current_user.conn = conn;
current_user.vuid = vuid;
@@ -344,7 +292,8 @@ BOOL become_authenticated_pipe_user(pipes_struct *p)
return False;
set_sec_ctx(p->pipe_user.ut.uid, p->pipe_user.ut.gid,
- p->pipe_user.ut.ngroups, p->pipe_user.ut.groups, p->pipe_user.nt_user_token);
+ p->pipe_user.ut.ngroups, p->pipe_user.ut.groups,
+ p->pipe_user.nt_user_token);
return True;
}