summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-02-03 18:03:10 +1100
committerAndrew Bartlett <abartlet@samba.org>2012-03-04 23:33:05 +0100
commitd7bb961859a3501aec4d28842bfffb6190d19a73 (patch)
treee472b543e1e88914fbcf7bf68a3e431ff7314afd /source3
parentacfa107ec64ceb6bf3a28df14585cfb0ccc79f41 (diff)
downloadsamba-d7bb961859a3501aec4d28842bfffb6190d19a73.tar.gz
samba-d7bb961859a3501aec4d28842bfffb6190d19a73.tar.bz2
samba-d7bb961859a3501aec4d28842bfffb6190d19a73.zip
s3-auth: Remove security=share (depricated since 3.6).
This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
Diffstat (limited to 'source3')
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/auth/auth.c11
-rw-r--r--source3/auth/auth_compat.c169
-rw-r--r--source3/auth/proto.h12
-rw-r--r--source3/auth/wscript_build2
-rw-r--r--source3/libnet/libnet_join.c1
-rw-r--r--source3/param/loadparm.c17
-rw-r--r--source3/smbd/globals.h4
-rw-r--r--source3/smbd/negprot.c1
-rw-r--r--source3/smbd/password.c397
-rw-r--r--source3/smbd/process.c7
-rw-r--r--source3/smbd/proto.h10
-rw-r--r--source3/smbd/reply.c38
-rw-r--r--source3/smbd/service.c114
-rw-r--r--source3/smbd/sesssetup.c80
-rw-r--r--source3/smbd/smb2_tcon.c2
-rw-r--r--source3/smbd/uid.c23
-rw-r--r--source3/utils/status.c4
18 files changed, 67 insertions, 827 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index d64c5022fa..2b0002bbf0 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -912,7 +912,7 @@ AUTH_OBJ = auth/auth.o @AUTH_STATIC@ auth/auth_util.o auth/token_util.o \
auth/user_info.o \
auth/user_util.o \
auth/user_krb5.o \
- auth/auth_compat.o auth/auth_ntlmssp.o auth/auth_generic.o \
+ auth/auth_ntlmssp.o auth/auth_generic.o \
$(PLAINTEXT_AUTH_OBJ) $(SLCACHE_OBJ) $(DCUTIL_OBJ)
MANGLE_OBJ = smbd/mangle.o smbd/mangle_hash.o smbd/mangle_hash2.o
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 1c813a429a..0c91065605 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -523,17 +523,6 @@ NTSTATUS make_auth_context_subsystem(TALLOC_CTX *mem_ctx,
talloc_tos(), "guest unix", NULL);
}
break;
- case SEC_SHARE:
- if (lp_encrypted_passwords()) {
- DEBUG(5,("Making default auth method list for security=share, encrypt passwords = yes\n"));
- auth_method_list = str_list_make_v3(
- talloc_tos(), "guest sam", NULL);
- } else {
- DEBUG(5,("Making default auth method list for security=share, encrypt passwords = no\n"));
- auth_method_list = str_list_make_v3(
- talloc_tos(), "guest unix", NULL);
- }
- break;
case SEC_ADS:
DEBUG(5,("Making default auth method list for security=ADS\n"));
auth_method_list = str_list_make_v3(
diff --git a/source3/auth/auth_compat.c b/source3/auth/auth_compat.c
deleted file mode 100644
index e7225a2756..0000000000
--- a/source3/auth/auth_compat.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Password and authentication handling
- Copyright (C) Andrew Bartlett 2001-2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "auth.h"
-#include "../lib/tsocket/tsocket.h"
-
-extern struct auth_context *negprot_global_auth_context;
-extern bool global_encrypted_passwords_negotiated;
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_AUTH
-
-/****************************************************************************
- COMPATIBILITY INTERFACES:
- ***************************************************************************/
-
-/****************************************************************************
-check if a username/password is OK assuming the password is in plaintext
-return True if the password is correct, False otherwise
-****************************************************************************/
-
-NTSTATUS check_plaintext_password(const char *smb_name,
- const struct tsocket_address *remote_address,
- DATA_BLOB plaintext_blob,
- struct auth_serversupplied_info **server_info)
-{
- struct auth_context *plaintext_auth_context = NULL;
- struct auth_usersupplied_info *user_info = NULL;
- uint8_t chal[8];
- NTSTATUS nt_status;
-
- nt_status = make_auth_context_subsystem(talloc_tos(),
- &plaintext_auth_context);
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
-
- plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context,
- chal);
-
- if (!make_user_info_for_reply(&user_info,
- smb_name, lp_workgroup(),
- remote_address,
- chal,
- plaintext_blob)) {
- return NT_STATUS_NO_MEMORY;
- }
-
- nt_status = plaintext_auth_context->check_ntlm_password(plaintext_auth_context,
- user_info, server_info);
-
- TALLOC_FREE(plaintext_auth_context);
- free_user_info(&user_info);
- return nt_status;
-}
-
-static NTSTATUS pass_check_smb(struct auth_context *actx,
- const char *smb_name,
- const char *domain,
- const struct tsocket_address *remote_address,
- DATA_BLOB lm_pwd,
- DATA_BLOB nt_pwd)
-
-{
- NTSTATUS nt_status;
- struct auth_serversupplied_info *server_info = NULL;
- struct auth_usersupplied_info *user_info = NULL;
- if (actx == NULL) {
- return NT_STATUS_INTERNAL_ERROR;
- }
- make_user_info_for_reply_enc(&user_info, smb_name,
- domain,
- remote_address,
- lm_pwd,
- nt_pwd);
- nt_status = actx->check_ntlm_password(actx, user_info, &server_info);
- free_user_info(&user_info);
- TALLOC_FREE(server_info);
- return nt_status;
-}
-
-/****************************************************************************
-check if a username/password pair is ok via the auth subsystem.
-return True if the password is correct, False otherwise
-****************************************************************************/
-
-bool password_ok(struct auth_context *actx, bool global_encrypted,
- const char *session_workgroup,
- const char *smb_name,
- const struct tsocket_address *remote_address,
- DATA_BLOB password_blob)
-{
-
- DATA_BLOB null_password = data_blob_null;
- bool encrypted = (global_encrypted && (password_blob.length == 24 || password_blob.length > 46));
-
- if (encrypted) {
- /*
- * The password could be either NTLM or plain LM. Try NTLM first,
- * but fall-through as required.
- * Vista sends NTLMv2 here - we need to try the client given workgroup.
- */
- if (session_workgroup) {
- if (NT_STATUS_IS_OK(pass_check_smb(actx,
- smb_name,
- session_workgroup,
- remote_address,
- null_password,
- password_blob))) {
- return True;
- }
- if (NT_STATUS_IS_OK(pass_check_smb(actx,
- smb_name,
- session_workgroup,
- remote_address,
- password_blob,
- null_password))) {
- return True;
- }
- }
-
- if (NT_STATUS_IS_OK(pass_check_smb(actx,
- smb_name,
- lp_workgroup(),
- remote_address,
- null_password,
- password_blob))) {
- return True;
- }
-
- if (NT_STATUS_IS_OK(pass_check_smb(actx,
- smb_name,
- lp_workgroup(),
- remote_address,
- password_blob,
- null_password))) {
- return True;
- }
- } else {
- struct auth_serversupplied_info *server_info = NULL;
- NTSTATUS nt_status = check_plaintext_password(smb_name,
- remote_address,
- password_blob,
- &server_info);
- TALLOC_FREE(server_info);
- if (NT_STATUS_IS_OK(nt_status)) {
- return True;
- }
- }
-
- return False;
-}
diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index c68b99af90..04f94ae84b 100644
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -48,18 +48,6 @@ NTSTATUS make_auth_context_fixed(TALLOC_CTX *mem_ctx,
NTSTATUS auth_builtin_init(void);
-/* The following definitions come from auth/auth_compat.c */
-
-NTSTATUS check_plaintext_password(const char *smb_name,
- const struct tsocket_address *remote_address,
- DATA_BLOB plaintext_password,
- struct auth_serversupplied_info **server_info);
-bool password_ok(struct auth_context *actx, bool global_encrypted,
- const char *session_workgroup,
- const char *smb_name,
- const struct tsocket_address *remote_address,
- DATA_BLOB password_blob);
-
/* The following definitions come from auth/auth_domain.c */
void attempt_machine_password_change(void);
diff --git a/source3/auth/wscript_build b/source3/auth/wscript_build
index 0dba13f7cb..cf0db42431 100644
--- a/source3/auth/wscript_build
+++ b/source3/auth/wscript_build
@@ -12,7 +12,7 @@ AUTH_NETLOGOND_SRC = 'auth_netlogond.c'
AUTH_SRC = '''auth.c
user_krb5.c
- auth_compat.c auth_ntlmssp.c auth_generic.c'''
+ auth_ntlmssp.c auth_generic.c'''
bld.SAMBA3_SUBSYSTEM('TOKEN_UTIL',
source='token_util.c',
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 5a36d3422d..1736ba65fa 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1892,7 +1892,6 @@ static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx,
if (!valid_security) {
const char *sec = NULL;
switch (lp_security()) {
- case SEC_SHARE: sec = "share"; break;
case SEC_USER: sec = "user"; break;
case SEC_DOMAIN: sec = "domain"; break;
case SEC_ADS: sec = "ads"; break;
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 382a273f38..453c8fd875 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -5286,18 +5286,7 @@ FN_GLOBAL_INTEGER(lp_passwordlevel, pwordlevel)
FN_GLOBAL_INTEGER(lp_usernamelevel, unamelevel)
FN_GLOBAL_INTEGER(lp_deadtime, deadtime)
FN_GLOBAL_BOOL(lp_getwd_cache, getwd_cache)
-static FN_GLOBAL_INTEGER(_lp_srv_maxprotocol, srv_maxprotocol)
-int lp_srv_maxprotocol(void)
-{
- int ret = _lp_srv_maxprotocol();
- if ((ret >= PROTOCOL_SMB2_02) && (lp_security() == SEC_SHARE)) {
- DEBUG(2,("WARNING!!: \"security = share\" is incompatible "
- "with the SMB2 protocol. Resetting to SMB1.\n" ));
- lp_do_parameter(-1, "server max protocol", "NT1");
- return PROTOCOL_NT1;
- }
- return ret;
-}
+FN_GLOBAL_INTEGER(lp_srv_maxprotocol, srv_maxprotocol)
FN_GLOBAL_INTEGER(lp_srv_minprotocol, srv_minprotocol)
FN_GLOBAL_INTEGER(lp_security, security)
FN_GLOBAL_LIST(lp_auth_methods, AuthMethods)
@@ -9050,9 +9039,7 @@ static bool lp_load_ex(const char *pszFname,
set_allowed_client_auth();
- if (lp_security() == SEC_SHARE) {
- DEBUG(1, ("WARNING: The security=share option is deprecated\n"));
- } else if (lp_security() == SEC_SERVER) {
+ if (lp_security() == SEC_SERVER) {
DEBUG(1, ("WARNING: The security=server option is deprecated\n"));
}
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 0c4b3b71a4..075dc564d9 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -531,10 +531,6 @@ struct smbd_server_connection {
int max_send;
uint16_t last_session_tag;
- /* users from session setup */
- char *session_userlist;
- /* workgroup from session setup. */
- char *session_workgroup;
/*
* this holds info on user ids that are already
* validated for this VC
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 2f3fd450ca..8a6b509fea 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -299,7 +299,6 @@ static void reply_nt1(struct smb_request *req, uint16 choice)
supports it and we can do encrypted passwords */
if (sconn->smb1.negprot.encrypted_passwords &&
- (lp_security() != SEC_SHARE) &&
lp_use_spnego() &&
(req->flags2 & FLAGS2_EXTENDED_SECURITY)) {
negotiate_spnego = True;
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 9df99ef6b1..27ba3bd01b 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -172,12 +172,6 @@ int register_initial_vuid(struct smbd_server_connection *sconn)
{
user_struct *vuser;
- /* Paranoia check. */
- if(lp_security() == SEC_SHARE) {
- smb_panic("register_initial_vuid: "
- "Tried to register uid in security=share");
- }
-
/* Limit allowed vuids to 16bits - VUID_OFFSET. */
if (sconn->smb1.sessions.num_validated_vuids >= 0xFFFF-VUID_OFFSET) {
return UID_FIELD_INVALID;
@@ -352,394 +346,3 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
}
return UID_FIELD_INVALID;
}
-
-/****************************************************************************
- Add a name to the session users list.
-****************************************************************************/
-
-void add_session_user(struct smbd_server_connection *sconn,
- const char *user)
-{
- struct passwd *pw;
- char *tmp;
-
- pw = Get_Pwnam_alloc(talloc_tos(), user);
-
- if (pw == NULL) {
- return;
- }
-
- if (sconn->smb1.sessions.session_userlist == NULL) {
- sconn->smb1.sessions.session_userlist = SMB_STRDUP(pw->pw_name);
- goto done;
- }
-
- if (in_list(pw->pw_name,sconn->smb1.sessions.session_userlist,false)) {
- goto done;
- }
-
- if (strlen(sconn->smb1.sessions.session_userlist) > 128 * 1024) {
- DEBUG(3,("add_session_user: session userlist already "
- "too large.\n"));
- goto done;
- }
-
- if (asprintf(&tmp, "%s %s",
- sconn->smb1.sessions.session_userlist, pw->pw_name) == -1) {
- DEBUG(3, ("asprintf failed\n"));
- goto done;
- }
-
- SAFE_FREE(sconn->smb1.sessions.session_userlist);
- sconn->smb1.sessions.session_userlist = tmp;
- done:
- TALLOC_FREE(pw);
-}
-
-/****************************************************************************
- In security=share mode we need to store the client workgroup, as that's
- what Vista uses for the NTLMv2 calculation.
-****************************************************************************/
-
-void add_session_workgroup(struct smbd_server_connection *sconn,
- const char *workgroup)
-{
- if (sconn->smb1.sessions.session_workgroup) {
- SAFE_FREE(sconn->smb1.sessions.session_workgroup);
- }
- sconn->smb1.sessions.session_workgroup = smb_xstrdup(workgroup);
-}
-
-/****************************************************************************
- In security=share mode we need to return the client workgroup, as that's
- what Vista uses for the NTLMv2 calculation.
-****************************************************************************/
-
-const char *get_session_workgroup(struct smbd_server_connection *sconn)
-{
- return sconn->smb1.sessions.session_workgroup;
-}
-
-/****************************************************************************
- Check if a username is valid.
-****************************************************************************/
-
-static bool user_ok(const char *user, int snum)
-{
- bool ret;
-
- ret = True;
-
- if (lp_invalid_users(snum)) {
- char **invalid = str_list_copy(talloc_tos(),
- lp_invalid_users(snum));
- if (invalid &&
- str_list_substitute(invalid, "%S", lp_servicename(snum))) {
-
- /* This is used in sec=share only, so no current user
- * around to pass to str_list_sub_basic() */
-
- if ( invalid && str_list_sub_basic(invalid, "", "") ) {
- ret = !user_in_list(talloc_tos(), user,
- (const char **)invalid);
- }
- }
- TALLOC_FREE(invalid);
- }
-
- if (ret && lp_valid_users(snum)) {
- char **valid = str_list_copy(talloc_tos(),
- lp_valid_users(snum));
- if ( valid &&
- str_list_substitute(valid, "%S", lp_servicename(snum)) ) {
-
- /* This is used in sec=share only, so no current user
- * around to pass to str_list_sub_basic() */
-
- if ( valid && str_list_sub_basic(valid, "", "") ) {
- ret = user_in_list(talloc_tos(), user,
- (const char **)valid);
- }
- }
- TALLOC_FREE(valid);
- }
-
- if (ret && lp_onlyuser(snum)) {
- char **user_list = str_list_make_v3(
- talloc_tos(), lp_username(snum), NULL);
- if (user_list &&
- str_list_substitute(user_list, "%S",
- lp_servicename(snum))) {
- ret = user_in_list(talloc_tos(), user,
- (const char **)user_list);
- }
- TALLOC_FREE(user_list);
- }
-
- return(ret);
-}
-
-/****************************************************************************
- Validate a group username entry. Return the username or NULL.
-****************************************************************************/
-
-static char *validate_group(struct smbd_server_connection *sconn,
- char *group, DATA_BLOB password,int snum)
-{
-#ifdef HAVE_NETGROUP
- {
- char *host, *user, *domain;
- struct auth_context *actx = sconn->smb1.negprot.auth_context;
- bool enc = sconn->smb1.negprot.encrypted_passwords;
- setnetgrent(group);
- while (getnetgrent(&host, &user, &domain)) {
- if (user) {
- if (user_ok(user, snum) &&
- password_ok(actx, enc,
- get_session_workgroup(sconn),
- user,
- sconn->remote_address,
- password)) {
- endnetgrent();
- return(user);
- }
- }
- }
- endnetgrent();
- }
-#endif
-
-#ifdef HAVE_GETGRENT
- {
- struct group *gptr;
- struct auth_context *actx = sconn->smb1.negprot.auth_context;
- bool enc = sconn->smb1.negprot.encrypted_passwords;
-
- setgrent();
- while ((gptr = (struct group *)getgrent())) {
- if (strequal(gptr->gr_name,group))
- break;
- }
-
- /*
- * As user_ok can recurse doing a getgrent(), we must
- * copy the member list onto the heap before
- * use. Bug pointed out by leon@eatworms.swmed.edu.
- */
-
- if (gptr) {
- char *member_list = NULL;
- size_t list_len = 0;
- char *member;
- int i;
-
- for(i = 0; gptr->gr_mem && gptr->gr_mem[i]; i++) {
- list_len += strlen(gptr->gr_mem[i])+1;
- }
- list_len++;
-
- member_list = (char *)SMB_MALLOC(list_len);
- if (!member_list) {
- endgrent();
- return NULL;
- }
-
- *member_list = '\0';
- member = member_list;
-
- for(i = 0; gptr->gr_mem && gptr->gr_mem[i]; i++) {
- size_t member_len = strlen(gptr->gr_mem[i])+1;
-
- DEBUG(10,("validate_group: = gr_mem = "
- "%s\n", gptr->gr_mem[i]));
-
- strlcpy(member, gptr->gr_mem[i],
- list_len - (member-member_list));
- member += member_len;
- }
-
- endgrent();
-
- member = member_list;
- while (*member) {
- if (user_ok(member,snum) &&
- password_ok(actx, enc,
- get_session_workgroup(sconn),
- member,
- sconn->remote_address,
- password)) {
- char *name = talloc_strdup(talloc_tos(),
- member);
- SAFE_FREE(member_list);
- return name;
- }
-
- DEBUG(10,("validate_group = member = %s\n",
- member));
-
- member += strlen(member) + 1;
- }
-
- SAFE_FREE(member_list);
- } else {
- endgrent();
- return NULL;
- }
- }
-#endif
- return(NULL);
-}
-
-/****************************************************************************
- Check for authority to login to a service with a given username/password.
- Note this is *NOT* used when logging on using sessionsetup_and_X.
-****************************************************************************/
-
-bool authorise_login(struct smbd_server_connection *sconn,
- int snum, fstring user, DATA_BLOB password,
- bool *guest)
-{
- bool ok = False;
- struct auth_context *actx = sconn->smb1.negprot.auth_context;
- bool enc = sconn->smb1.negprot.encrypted_passwords;
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("authorise_login: checking authorisation on "
- "user=%s pass=%s\n", user,password.data));
-#endif
-
- *guest = False;
-
- /* there are several possibilities:
- 1) login as the given user with given password
- 2) login as a previously registered username with the given
- password
- 3) login as a session list username with the given password
- 4) login as a previously validated user/password pair
- 5) login as the "user =" user with given password
- 6) login as the "user =" user with no password
- (guest connection)
- 7) login as guest user with no password
-
- if the service is guest_only then steps 1 to 5 are skipped
- */
-
- /* now check the list of session users */
- if (!ok) {
- char *auser;
- char *user_list = NULL;
- char *saveptr;
-
- if (sconn->smb1.sessions.session_userlist)
- user_list = SMB_STRDUP(sconn->smb1.sessions.session_userlist);
- else
- user_list = SMB_STRDUP("");
-
- if (!user_list)
- return(False);
-
- for (auser = strtok_r(user_list, LIST_SEP, &saveptr);
- !ok && auser;
- auser = strtok_r(NULL, LIST_SEP, &saveptr)) {
- fstring user2;
- fstrcpy(user2,auser);
- if (!user_ok(user2,snum))
- continue;
-
- if (password_ok(actx, enc,
- get_session_workgroup(sconn),
- user2,
- sconn->remote_address,
- password)) {
- ok = True;
- strlcpy(user,user2,sizeof(fstring));
- DEBUG(3,("authorise_login: ACCEPTED: session "
- "list username (%s) and given "
- "password ok\n", user));
- }
- }
-
- SAFE_FREE(user_list);
- }
-
- /* check the user= fields and the given password */
- if (!ok && lp_username(snum)) {
- TALLOC_CTX *ctx = talloc_tos();
- char *auser;
- char *user_list = talloc_strdup(ctx, lp_username(snum));
- char *saveptr;
-
- if (!user_list) {
- goto check_guest;
- }
-
- user_list = talloc_string_sub(ctx,
- user_list,
- "%S",
- lp_servicename(snum));
-
- if (!user_list) {
- goto check_guest;
- }
-
- for (auser = strtok_r(user_list, LIST_SEP, &saveptr);
- auser && !ok;
- auser = strtok_r(NULL, LIST_SEP, &saveptr)) {
- if (*auser == '@') {
- auser = validate_group(sconn,auser+1,
- password,snum);
- if (auser) {
- ok = True;
- fstrcpy(user,auser);
- DEBUG(3,("authorise_login: ACCEPTED: "
- "group username and given "
- "password ok (%s)\n", user));
- }
- } else {
- fstring user2;
- fstrcpy(user2,auser);
- if (user_ok(user2,snum) &&
- password_ok(actx, enc,
- get_session_workgroup(sconn),
- user2,
- sconn->remote_address,
- password)) {
- ok = True;
- strlcpy(user,user2,sizeof(fstring));
- DEBUG(3,("authorise_login: ACCEPTED: "
- "user list username and "
- "given password ok (%s)\n",
- user));
- }
- }
- }
- }
-
- check_guest:
-
- /* check for a normal guest connection */
- if (!ok && GUEST_OK(snum)) {
- struct passwd *guest_pw;
- fstring guestname;
- fstrcpy(guestname,lp_guestaccount());
- guest_pw = Get_Pwnam_alloc(talloc_tos(), guestname);
- if (guest_pw != NULL) {
- strlcpy(user,guestname,sizeof(fstring));
- ok = True;
- DEBUG(3,("authorise_login: ACCEPTED: guest account "
- "and guest ok (%s)\n", user));
- } else {
- DEBUG(0,("authorise_login: Invalid guest account "
- "%s??\n",guestname));
- }
- TALLOC_FREE(guest_pw);
- *guest = True;
- }
-
- if (ok && !user_ok(user, snum)) {
- DEBUG(0,("authorise_login: rejected invalid user %s\n",user));
- ok = False;
- }
-
- return(ok);
-}
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 6ffc06700f..6c927554f1 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1364,8 +1364,7 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in
flags = smb_messages[type].flags;
/* In share mode security we must ignore the vuid. */
- session_tag = (lp_security() == SEC_SHARE)
- ? UID_FIELD_INVALID : req->vuid;
+ session_tag = req->vuid;
conn = req->conn;
DEBUG(3,("switch message %s (pid %d) conn 0x%lx\n", smb_fn_name(type),
@@ -3257,10 +3256,6 @@ void smbd_process(struct tevent_context *ev_ctx,
sconn->smb1.sessions.done_sesssetup = false;
sconn->smb1.sessions.max_send = BUFFER_SIZE;
sconn->smb1.sessions.last_session_tag = UID_FIELD_INVALID;
- /* users from session setup */
- sconn->smb1.sessions.session_userlist = NULL;
- /* workgroup from session setup. */
- sconn->smb1.sessions.session_workgroup = NULL;
/* this holds info on user ids that are already validated for this VC */
sconn->smb1.sessions.validated_users = NULL;
sconn->smb1.sessions.next_vuid = VUID_OFFSET;
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 599180084e..7321ca698f 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -707,13 +707,6 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
uint16 vuid,
struct auth_session_info *session_info,
DATA_BLOB response_blob);
-void add_session_user(struct smbd_server_connection *sconn, const char *user);
-void add_session_workgroup(struct smbd_server_connection *sconn,
- const char *workgroup);
-const char *get_session_workgroup(struct smbd_server_connection *sconn);
-bool authorise_login(struct smbd_server_connection *sconn,
- int snum, fstring user, DATA_BLOB password,
- bool *guest);
/* The following definitions come from smbd/pipes.c */
@@ -986,11 +979,10 @@ struct smbd_smb2_tcon;
connection_struct *make_connection_smb2(struct smbd_server_connection *sconn,
struct smbd_smb2_tcon *tcon,
user_struct *vuser,
- DATA_BLOB password,
const char *pdev,
NTSTATUS *pstatus);
connection_struct *make_connection(struct smbd_server_connection *sconn,
- const char *service_in, DATA_BLOB password,
+ const char *service_in,
const char *pdev, uint16 vuid,
NTSTATUS *status);
void close_cnum(connection_struct *conn, uint16 vuid);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 0ab764c2d4..26a928f1b4 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -599,13 +599,6 @@ void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inb
break;
}
- /* only add the client's machine name to the list
- of possibly valid usernames if we are operating
- in share mode security */
- if (lp_security() == SEC_SHARE) {
- add_session_user(sconn, get_remote_machine_name());
- }
-
reload_services(sconn, conn_snum_used, true);
reopen_logs();
@@ -656,7 +649,6 @@ void reply_tcon(struct smb_request *req)
int pwlen=0;
NTSTATUS nt_status;
const char *p;
- DATA_BLOB password_blob;
TALLOC_CTX *ctx = talloc_tos();
struct smbd_server_connection *sconn = req->sconn;
@@ -688,14 +680,10 @@ void reply_tcon(struct smb_request *req)
service = service_buf;
}
- password_blob = data_blob(password, pwlen+1);
-
- conn = make_connection(sconn,service,password_blob,dev,
+ conn = make_connection(sconn,service,dev,
req->vuid,&nt_status);
req->conn = conn;
- data_blob_clear_free(&password_blob);
-
if (!conn) {
reply_nterror(req, nt_status);
END_PROFILE(SMBtcon);
@@ -723,7 +711,6 @@ void reply_tcon_and_X(struct smb_request *req)
{
connection_struct *conn = req->conn;
const char *service = NULL;
- DATA_BLOB password;
TALLOC_CTX *ctx = talloc_tos();
/* what the cleint thinks the device is */
char *client_devicetype = NULL;
@@ -761,27 +748,14 @@ void reply_tcon_and_X(struct smb_request *req)
}
if (sconn->smb1.negprot.encrypted_passwords) {
- password = data_blob_talloc(talloc_tos(), req->buf, passlen);
- if (lp_security() == SEC_SHARE) {
- /*
- * Security = share always has a pad byte
- * after the password.
- */
- p = (const char *)req->buf + passlen + 1;
- } else {
- p = (const char *)req->buf + passlen;
- }
+ p = (const char *)req->buf + passlen;
} else {
- password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
- /* Ensure correct termination */
- password.data[passlen]=0;
p = (const char *)req->buf + passlen + 1;
}
p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
if (path == NULL) {
- data_blob_clear_free(&password);
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBtconX);
return;
@@ -794,7 +768,6 @@ void reply_tcon_and_X(struct smb_request *req)
if (*path=='\\') {
q = strchr_m(path+2,'\\');
if (!q) {
- data_blob_clear_free(&password);
reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
END_PROFILE(SMBtconX);
return;
@@ -809,7 +782,6 @@ void reply_tcon_and_X(struct smb_request *req)
MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
if (client_devicetype == NULL) {
- data_blob_clear_free(&password);
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBtconX);
return;
@@ -817,12 +789,10 @@ void reply_tcon_and_X(struct smb_request *req)
DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
- conn = make_connection(sconn, service, password, client_devicetype,
+ conn = make_connection(sconn, service, client_devicetype,
req->vuid, &nt_status);
req->conn =conn;
- data_blob_clear_free(&password);
-
if (!conn) {
reply_nterror(req, nt_status);
END_PROFILE(SMBtconX);
@@ -2117,7 +2087,7 @@ void reply_ulogoffX(struct smb_request *req)
/* in user level security we are supposed to close any files
open by this user */
- if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
+ if (vuser != NULL) {
file_close_user(sconn, req->vuid);
}
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 8436fbee91..c53323381e 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -381,7 +381,6 @@ static NTSTATUS find_forced_group(bool force_user,
static NTSTATUS create_connection_session_info(struct smbd_server_connection *sconn,
TALLOC_CTX *mem_ctx, int snum,
struct auth_session_info *session_info,
- DATA_BLOB password,
struct auth_session_info **presult)
{
if (lp_guest_only(snum)) {
@@ -425,29 +424,7 @@ static NTSTATUS create_connection_session_info(struct smbd_server_connection *sc
return NT_STATUS_OK;
}
- if (lp_security() == SEC_SHARE) {
-
- fstring user;
- bool guest;
-
- /* add the sharename as a possible user name if we
- are in share mode security */
-
- add_session_user(sconn, lp_servicename(snum));
-
- /* shall we let them in? */
-
- if (!authorise_login(sconn, snum,user,password,&guest)) {
- DEBUG( 2, ( "Invalid username/password for [%s]\n",
- lp_servicename(snum)) );
- return NT_STATUS_WRONG_PASSWORD;
- }
-
- return make_session_info_from_username(mem_ctx, user, guest,
- presult);
- }
-
- DEBUG(0, ("invalid VUID (vuser) but not in security=share\n"));
+ DEBUG(0, ("invalid VUID (vuser)\n"));
return NT_STATUS_ACCESS_DENIED;
}
@@ -557,7 +534,6 @@ static void create_share_access_mask(connection_struct *conn, int snum)
static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn,
connection_struct *conn,
int snum, user_struct *vuser,
- DATA_BLOB password,
const char *pdev)
{
struct smb_filename *smb_fname_cpath = NULL;
@@ -582,7 +558,7 @@ static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn,
conn->params->service = snum;
status = create_connection_session_info(sconn,
- conn, snum, vuser ? vuser->session_info : NULL, password,
+ conn, snum, vuser ? vuser->session_info : NULL,
&conn->session_info);
if (!NT_STATUS_IS_OK(status)) {
@@ -591,12 +567,10 @@ static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn,
goto err_root_exit;
}
- if ((lp_guest_only(snum)) || (lp_security() == SEC_SHARE)) {
+ if (lp_guest_only(snum)) {
conn->force_user = true;
}
- add_session_user(sconn, conn->session_info->unix_info->unix_name);
-
conn->num_files_open = 0;
conn->lastused = conn->lastused_count = time(NULL);
conn->used = True;
@@ -630,7 +604,7 @@ static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn,
goto err_root_exit;
}
- conn->vuid = (vuser != NULL) ? vuser->vuid : UID_FIELD_INVALID;
+ conn->vuid = vuser->vuid;
{
char *s = talloc_sub_advanced(talloc_tos(),
@@ -930,7 +904,6 @@ static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn,
static connection_struct *make_connection_smb1(struct smbd_server_connection *sconn,
int snum, user_struct *vuser,
- DATA_BLOB password,
const char *pdev,
NTSTATUS *pstatus)
{
@@ -944,7 +917,6 @@ static connection_struct *make_connection_smb1(struct smbd_server_connection *sc
conn,
snum,
vuser,
- password,
pdev);
if (!NT_STATUS_IS_OK(*pstatus)) {
conn_free(conn);
@@ -961,7 +933,6 @@ static connection_struct *make_connection_smb1(struct smbd_server_connection *sc
connection_struct *make_connection_smb2(struct smbd_server_connection *sconn,
struct smbd_smb2_tcon *tcon,
user_struct *vuser,
- DATA_BLOB password,
const char *pdev,
NTSTATUS *pstatus)
{
@@ -976,7 +947,6 @@ connection_struct *make_connection_smb2(struct smbd_server_connection *sconn,
conn,
tcon->snum,
vuser,
- password,
pdev);
if (!NT_STATUS_IS_OK(*pstatus)) {
conn_free(conn);
@@ -992,7 +962,7 @@ connection_struct *make_connection_smb2(struct smbd_server_connection *sconn,
****************************************************************************/
connection_struct *make_connection(struct smbd_server_connection *sconn,
- const char *service_in, DATA_BLOB password,
+ const char *service_in,
const char *pdev, uint16 vuid,
NTSTATUS *status)
{
@@ -1017,14 +987,12 @@ connection_struct *make_connection(struct smbd_server_connection *sconn,
return NULL;
}
- if(lp_security() != SEC_SHARE) {
- vuser = get_valid_user_struct(sconn, vuid);
- if (!vuser) {
- DEBUG(1,("make_connection: refusing to connect with "
- "no session setup\n"));
- *status = NT_STATUS_ACCESS_DENIED;
- return NULL;
- }
+ vuser = get_valid_user_struct(sconn, vuid);
+ if (!vuser) {
+ DEBUG(1,("make_connection: refusing to connect with "
+ "no session setup\n"));
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
}
/* Logic to try and connect to the correct [homes] share, preferably
@@ -1037,57 +1005,28 @@ connection_struct *make_connection(struct smbd_server_connection *sconn,
*/
if (strequal(service_in,HOMES_NAME)) {
- if(lp_security() != SEC_SHARE) {
- DATA_BLOB no_pw = data_blob_null;
- if (vuser->homes_snum == -1) {
- DEBUG(2, ("[homes] share not available for "
- "this user because it was not found "
- "or created at session setup "
- "time\n"));
- *status = NT_STATUS_BAD_NETWORK_NAME;
- return NULL;
- }
- DEBUG(5, ("making a connection to [homes] service "
- "created at session setup time\n"));
- return make_connection_smb1(sconn,
- vuser->homes_snum,
- vuser, no_pw,
- dev, status);
- } else {
- /* Security = share. Try with
- * current_user_info.smb_name as the username. */
- if (*current_user_info.smb_name) {
- char *unix_username = NULL;
- (void)map_username(talloc_tos(),
- current_user_info.smb_name,
- &unix_username);
- snum = find_service(talloc_tos(),
- unix_username,
- &unix_username);
- if (!unix_username) {
- *status = NT_STATUS_NO_MEMORY;
- }
- return NULL;
- }
- if (snum != -1) {
- DEBUG(5, ("making a connection to 'homes' "
- "service %s based on "
- "security=share\n", service_in));
- return make_connection_smb1(sconn,
- snum, NULL,
- password,
- dev, status);
- }
+ if (vuser->homes_snum == -1) {
+ DEBUG(2, ("[homes] share not available for "
+ "this user because it was not found "
+ "or created at session setup "
+ "time\n"));
+ *status = NT_STATUS_BAD_NETWORK_NAME;
+ return NULL;
}
- } else if ((lp_security() != SEC_SHARE) && (vuser->homes_snum != -1)
+ DEBUG(5, ("making a connection to [homes] service "
+ "created at session setup time\n"));
+ return make_connection_smb1(sconn,
+ vuser->homes_snum,
+ vuser,
+ dev, status);
+ } else if ((vuser->homes_snum != -1)
&& strequal(service_in,
lp_servicename(vuser->homes_snum))) {
- DATA_BLOB no_pw = data_blob_null;
DEBUG(5, ("making a connection to 'homes' service [%s] "
"created at session setup time\n", service_in));
return make_connection_smb1(sconn,
vuser->homes_snum,
- vuser, no_pw,
+ vuser,
dev, status);
}
@@ -1134,7 +1073,6 @@ connection_struct *make_connection(struct smbd_server_connection *sconn,
DEBUG(5, ("making a connection to 'normal' service %s\n", service));
return make_connection_smb1(sconn, snum, vuser,
- password,
dev, status);
}
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 987b626d6b..da306b97bc 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -561,11 +561,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
if (doencrypt) {
lm_resp = data_blob(p, passlen1);
nt_resp = data_blob(p+passlen1, passlen2);
- } else if (lp_security() != SEC_SHARE) {
- /*
- * In share level we should ignore any passwords, so
- * only read them if we're not.
- */
+ } else {
char *pass = NULL;
bool unic= smb_flag2 & FLAGS2_UNICODE_STRINGS;
@@ -673,27 +669,6 @@ void reply_sesssetup_and_X(struct smb_request *req)
reload_services(sconn, conn_snum_used, true);
- if (lp_security() == SEC_SHARE) {
- char *sub_user_mapped = NULL;
- /* In share level we should ignore any passwords */
-
- data_blob_free(&lm_resp);
- data_blob_free(&nt_resp);
- data_blob_clear_free(&plaintext_password);
-
- (void)map_username(talloc_tos(), sub_user, &sub_user_mapped);
- if (!sub_user_mapped) {
- reply_nterror(req, NT_STATUS_NO_MEMORY);
- END_PROFILE(SMBsesssetupX);
- return;
- }
- fstrcpy(sub_user, sub_user_mapped);
- add_session_user(sconn, sub_user);
- add_session_workgroup(sconn, domain);
- /* Then force it to null for the benfit of the code below */
- user = "";
- }
-
if (!*user) {
nt_status = check_guest_password(sconn->remote_address, &server_info);
@@ -796,36 +771,31 @@ void reply_sesssetup_and_X(struct smb_request *req)
/* register the name and uid as being validated, so further connections
to a uid can get through without a password, on the same VC */
- if (lp_security() == SEC_SHARE) {
- sess_vuid = UID_FIELD_INVALID;
- TALLOC_FREE(session_info);
- } else {
- /* Ignore the initial vuid. */
- sess_vuid = register_initial_vuid(sconn);
- if (sess_vuid == UID_FIELD_INVALID) {
- data_blob_free(&nt_resp);
- data_blob_free(&lm_resp);
- reply_nterror(req, nt_status_squash(
- NT_STATUS_LOGON_FAILURE));
- END_PROFILE(SMBsesssetupX);
- return;
- }
- /* register_existing_vuid keeps the session_info */
- sess_vuid = register_existing_vuid(sconn, sess_vuid,
- session_info,
- nt_resp.data ? nt_resp : lm_resp);
- if (sess_vuid == UID_FIELD_INVALID) {
- data_blob_free(&nt_resp);
- data_blob_free(&lm_resp);
- reply_nterror(req, nt_status_squash(
- NT_STATUS_LOGON_FAILURE));
- END_PROFILE(SMBsesssetupX);
- return;
- }
-
- /* current_user_info is changed on new vuid */
- reload_services(sconn, conn_snum_used, true);
+ /* Ignore the initial vuid. */
+ sess_vuid = register_initial_vuid(sconn);
+ if (sess_vuid == UID_FIELD_INVALID) {
+ data_blob_free(&nt_resp);
+ data_blob_free(&lm_resp);
+ reply_nterror(req, nt_status_squash(
+ NT_STATUS_LOGON_FAILURE));
+ END_PROFILE(SMBsesssetupX);
+ return;
}
+ /* register_existing_vuid keeps the session_info */
+ sess_vuid = register_existing_vuid(sconn, sess_vuid,
+ session_info,
+ nt_resp.data ? nt_resp : lm_resp);
+ if (sess_vuid == UID_FIELD_INVALID) {
+ data_blob_free(&nt_resp);
+ data_blob_free(&lm_resp);
+ reply_nterror(req, nt_status_squash(
+ NT_STATUS_LOGON_FAILURE));
+ END_PROFILE(SMBsesssetupX);
+ return;
+ }
+
+ /* current_user_info is changed on new vuid */
+ reload_services(sconn, conn_snum_used, true);
data_blob_free(&nt_resp);
data_blob_free(&lm_resp);
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index b7e5ce0877..56c42889b6 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -232,7 +232,7 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
compat_conn = make_connection_smb2(req->sconn,
tcon,
req->session->compat_vuser,
- data_blob_null, "???",
+ "???",
&status);
if (compat_conn == NULL) {
TALLOC_FREE(tcon);
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 3847d393d7..84cb61cd14 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -288,19 +288,7 @@ bool change_to_user(connection_struct *conn, uint16_t vuid)
vuser = get_valid_user_struct(conn->sconn, vuid);
- /*
- * We need a separate check in security=share mode due to vuid
- * always being UID_FIELD_INVALID. If we don't do this then
- * in share mode security we are *always* changing uid's between
- * SMB's - this hurts performance - Badly.
- */
-
- if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
- (current_user.ut.uid == conn->session_info->unix_token->uid)) {
- DEBUG(4,("Skipping user change - already "
- "user\n"));
- return(True);
- } else if ((current_user.conn == conn) &&
+ if ((current_user.conn == conn) &&
(vuser != NULL) && (current_user.vuid == vuid) &&
(current_user.ut.uid == vuser->session_info->unix_token->uid)) {
DEBUG(4,("Skipping user change - already "
@@ -308,16 +296,15 @@ bool change_to_user(connection_struct *conn, uint16_t vuid)
return(True);
}
- session_info = vuser ? vuser->session_info : conn->session_info;
-
- if (session_info == NULL) {
- /* Invalid vuid sent - even with security = share. */
+ if (vuser == NULL) {
+ /* Invalid vuid sent */
DEBUG(2,("Invalid vuid %d used on "
"share %s.\n", vuid, lp_servicename(snum) ));
return false;
}
- /* security = share sets force_user. */
+ session_info = vuser->session_info;
+
if (!conn->force_user && vuser == NULL) {
DEBUG(2,("Invalid vuid used %d in accessing "
"share %s.\n", vuid, lp_servicename(snum) ));
diff --git a/source3/utils/status.c b/source3/utils/status.c
index 8f8f3945cb..0755f9fdf2 100644
--- a/source3/utils/status.c
+++ b/source3/utils/status.c
@@ -418,10 +418,6 @@ static int traverse_sessionid(const char *key, struct sessionid *session,
d_printf("\nSamba version %s\n",samba_version_string());
d_printf("PID Username Group Machine \n");
d_printf("-------------------------------------------------------------------\n");
- if (lp_security() == SEC_SHARE) {
- d_printf(" <processes do not show up in "
- "anonymous mode>\n");
- }
sessionid_traverse_read(traverse_sessionid, NULL);