diff options
| -rwxr-xr-x | source3/configure | 8 | ||||
| -rw-r--r-- | source3/configure.in | 1 | ||||
| -rw-r--r-- | source3/rpc_client/cli_login.c | 14 | ||||
| -rw-r--r-- | source3/smbd/dosmode.c | 2 | ||||
| -rw-r--r-- | source3/smbd/posix_acls.c | 17 | ||||
| -rw-r--r-- | source3/smbd/reply.c | 5 |
6 files changed, 37 insertions, 10 deletions
diff --git a/source3/configure b/source3/configure index 105f82f26d..35ed71f6bb 100755 --- a/source3/configure +++ b/source3/configure @@ -11573,6 +11573,10 @@ EOF esac else echo "$ac_t""no" 1>&6 + cat >> confdefs.h <<\EOF +#define HAVE_NO_ACLS 1 +EOF + fi @@ -11582,11 +11586,11 @@ if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext <<EOF -#line 11586 "configure" +#line 11590 "configure" #include "confdefs.h" #include "${srcdir-.}/tests/summary.c" EOF -if { (eval echo configure:11590: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:11594: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then echo "configure OK"; else diff --git a/source3/configure.in b/source3/configure.in index cced6fa901..7eba74d710 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1950,6 +1950,7 @@ fi ;; esac ], AC_MSG_RESULT(no) + AC_DEFINE(HAVE_NO_ACLS) ) echo "checking configure summary" diff --git a/source3/rpc_client/cli_login.c b/source3/rpc_client/cli_login.c index 6600fac162..aaf4fe17aa 100644 --- a/source3/rpc_client/cli_login.c +++ b/source3/rpc_client/cli_login.c @@ -160,13 +160,23 @@ BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username, char *lm_chal_resp, char *nt_chal_resp, NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3) { + fstring dos_wksta_name, dos_username, dos_domain; DEBUG(5,("cli_nt_login_network: %d\n", __LINE__)); /* indicate a "network" login */ ctr->switch_value = NET_LOGON_TYPE; + fstrcpy(dos_wksta_name, cli->clnt_name_slash); + unix_to_dos(dos_wksta_name, True); + + fstrcpy(dos_username, username); + unix_to_dos(dos_username, True); + + fstrcpy(dos_domain, domain); + unix_to_dos(dos_domain, True); + /* Create the structure needed for SAM logon. */ - init_id_info2(&ctr->auth.id2, domain, 0, smb_userid_low, 0, - username, dos_to_unix(cli->clnt_name_slash, False), + init_id_info2(&ctr->auth.id2, dos_domain, 0, smb_userid_low, 0, + dos_username, dos_wksta_name, (uchar *)lm_chal, (uchar *)lm_chal_resp, (uchar *)nt_chal_resp); diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 31c4fbdf31..a4b4f65ad9 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -111,6 +111,8 @@ mode_t unix_mode(connection_struct *conn,int dosmode,const char *fname) result |= lp_force_create_mode(SNUM(conn)); } } + + DEBUG(3,("unix_mode(%s) returning 0%o\n",fname,(int)result )); return(result); } diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index db2f933420..da457604bb 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -391,14 +391,16 @@ static BOOL unpack_canon_ace(files_struct *fsp, canon_ace **ppfile_ace, canon_ace **ppdir_ace, uint32 security_info_sent, SEC_DESC *psd) { +#if !defined(HAVE_NO_ACLS) extern DOM_SID global_sid_World; - SEC_ACL *dacl = psd->dacl; BOOL all_aces_are_inherit_only = (fsp->is_directory ? True : False); canon_ace *file_ace = NULL; canon_ace *dir_ace = NULL; canon_ace *current_ace = NULL; enum SID_NAME_USE sid_type; int i; +#endif /* HAVE_NO_ACLS */ + SEC_ACL *dacl = psd->dacl; *ppfile_ace = NULL; *ppdir_ace = NULL; @@ -415,6 +417,13 @@ static BOOL unpack_canon_ace(files_struct *fsp, if(!(security_info_sent & DACL_SECURITY_INFORMATION) || !dacl) return True; +#if defined(HAVE_NO_ACLS) + + /* No point in doing this if we have no ACL support. */ + return False; + +#else /* HAVE_NO_ACLS */ + /* * Now go through the DACL and create the canon_ace lists. */ @@ -623,6 +632,8 @@ static BOOL unpack_canon_ace(files_struct *fsp, *ppfile_ace = file_ace; *ppdir_ace = dir_ace; return True; + +#endif /* HAVE_NO_ACLS */ } /**************************************************************************** @@ -704,7 +715,7 @@ static BOOL unpack_posix_permissions(files_struct *fsp, SMB_STRUCT_STAT *psbuf, * ACLs on directories. */ - psa->flags &= ~(SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT); + psa->flags &= ~(SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_INHERITED_ACE); if(psa->flags != 0) { DEBUG(1,("unpack_posix_permissions: unable to set ACE flags (%x).\n", @@ -1554,7 +1565,7 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) * If we cannot set using POSIX ACLs we fall back to checking if we need to chmod. */ - if(!acl_set_support && (sbuf.st_mode != perms)) { + if(!acl_set_support && posix_perms && (sbuf.st_mode != perms)) { free_canon_ace_list(file_ace_list); free_canon_ace_list(dir_ace_list); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e1feb921f5..402f9db754 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -837,17 +837,16 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int fstrcpy(user,p); p = skip_string(p,1); /* - * Incoming user is in DOS codepage format. Convert + * Incoming user and domain are in DOS codepage format. Convert * to UNIX. */ dos_to_unix(user,True); domain = p; - + dos_to_unix(domain, True); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", domain,skip_string(p,1),skip_string(p,2))); } - DEBUG(3,("sesssetupX:name=[%s]\n",user)); /* If name ends in $ then I think it's asking about whether a */ |