summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsource3/configure8
-rw-r--r--source3/configure.in1
-rw-r--r--source3/rpc_client/cli_login.c14
-rw-r--r--source3/smbd/dosmode.c2
-rw-r--r--source3/smbd/posix_acls.c17
-rw-r--r--source3/smbd/reply.c5
6 files changed, 37 insertions, 10 deletions
diff --git a/source3/configure b/source3/configure
index 105f82f26d..35ed71f6bb 100755
--- a/source3/configure
+++ b/source3/configure
@@ -11573,6 +11573,10 @@ EOF
esac
else
echo "$ac_t""no" 1>&6
+ cat >> confdefs.h <<\EOF
+#define HAVE_NO_ACLS 1
+EOF
+
fi
@@ -11582,11 +11586,11 @@ if test "$cross_compiling" = yes; then
:
else
cat > conftest.$ac_ext <<EOF
-#line 11586 "configure"
+#line 11590 "configure"
#include "confdefs.h"
#include "${srcdir-.}/tests/summary.c"
EOF
-if { (eval echo configure:11590: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11594: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
echo "configure OK";
else
diff --git a/source3/configure.in b/source3/configure.in
index cced6fa901..7eba74d710 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -1950,6 +1950,7 @@ fi
;;
esac ],
AC_MSG_RESULT(no)
+ AC_DEFINE(HAVE_NO_ACLS)
)
echo "checking configure summary"
diff --git a/source3/rpc_client/cli_login.c b/source3/rpc_client/cli_login.c
index 6600fac162..aaf4fe17aa 100644
--- a/source3/rpc_client/cli_login.c
+++ b/source3/rpc_client/cli_login.c
@@ -160,13 +160,23 @@ BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username,
char *lm_chal_resp, char *nt_chal_resp,
NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3)
{
+ fstring dos_wksta_name, dos_username, dos_domain;
DEBUG(5,("cli_nt_login_network: %d\n", __LINE__));
/* indicate a "network" login */
ctr->switch_value = NET_LOGON_TYPE;
+ fstrcpy(dos_wksta_name, cli->clnt_name_slash);
+ unix_to_dos(dos_wksta_name, True);
+
+ fstrcpy(dos_username, username);
+ unix_to_dos(dos_username, True);
+
+ fstrcpy(dos_domain, domain);
+ unix_to_dos(dos_domain, True);
+
/* Create the structure needed for SAM logon. */
- init_id_info2(&ctr->auth.id2, domain, 0, smb_userid_low, 0,
- username, dos_to_unix(cli->clnt_name_slash, False),
+ init_id_info2(&ctr->auth.id2, dos_domain, 0, smb_userid_low, 0,
+ dos_username, dos_wksta_name,
(uchar *)lm_chal, (uchar *)lm_chal_resp,
(uchar *)nt_chal_resp);
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index 31c4fbdf31..a4b4f65ad9 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -111,6 +111,8 @@ mode_t unix_mode(connection_struct *conn,int dosmode,const char *fname)
result |= lp_force_create_mode(SNUM(conn));
}
}
+
+ DEBUG(3,("unix_mode(%s) returning 0%o\n",fname,(int)result ));
return(result);
}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index db2f933420..da457604bb 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -391,14 +391,16 @@ static BOOL unpack_canon_ace(files_struct *fsp,
canon_ace **ppfile_ace, canon_ace **ppdir_ace,
uint32 security_info_sent, SEC_DESC *psd)
{
+#if !defined(HAVE_NO_ACLS)
extern DOM_SID global_sid_World;
- SEC_ACL *dacl = psd->dacl;
BOOL all_aces_are_inherit_only = (fsp->is_directory ? True : False);
canon_ace *file_ace = NULL;
canon_ace *dir_ace = NULL;
canon_ace *current_ace = NULL;
enum SID_NAME_USE sid_type;
int i;
+#endif /* HAVE_NO_ACLS */
+ SEC_ACL *dacl = psd->dacl;
*ppfile_ace = NULL;
*ppdir_ace = NULL;
@@ -415,6 +417,13 @@ static BOOL unpack_canon_ace(files_struct *fsp,
if(!(security_info_sent & DACL_SECURITY_INFORMATION) || !dacl)
return True;
+#if defined(HAVE_NO_ACLS)
+
+ /* No point in doing this if we have no ACL support. */
+ return False;
+
+#else /* HAVE_NO_ACLS */
+
/*
* Now go through the DACL and create the canon_ace lists.
*/
@@ -623,6 +632,8 @@ static BOOL unpack_canon_ace(files_struct *fsp,
*ppfile_ace = file_ace;
*ppdir_ace = dir_ace;
return True;
+
+#endif /* HAVE_NO_ACLS */
}
/****************************************************************************
@@ -704,7 +715,7 @@ static BOOL unpack_posix_permissions(files_struct *fsp, SMB_STRUCT_STAT *psbuf,
* ACLs on directories.
*/
- psa->flags &= ~(SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT);
+ psa->flags &= ~(SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_INHERITED_ACE);
if(psa->flags != 0) {
DEBUG(1,("unpack_posix_permissions: unable to set ACE flags (%x).\n",
@@ -1554,7 +1565,7 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
* If we cannot set using POSIX ACLs we fall back to checking if we need to chmod.
*/
- if(!acl_set_support && (sbuf.st_mode != perms)) {
+ if(!acl_set_support && posix_perms && (sbuf.st_mode != perms)) {
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index e1feb921f5..402f9db754 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -837,17 +837,16 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
fstrcpy(user,p);
p = skip_string(p,1);
/*
- * Incoming user is in DOS codepage format. Convert
+ * Incoming user and domain are in DOS codepage format. Convert
* to UNIX.
*/
dos_to_unix(user,True);
domain = p;
-
+ dos_to_unix(domain, True);
DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n",
domain,skip_string(p,1),skip_string(p,2)));
}
-
DEBUG(3,("sesssetupX:name=[%s]\n",user));
/* If name ends in $ then I think it's asking about whether a */