diff options
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/chgpasswd.c | 2 | ||||
-rw-r--r-- | source3/smbd/conn.c | 8 | ||||
-rw-r--r-- | source3/smbd/lanman.c | 138 | ||||
-rw-r--r-- | source3/smbd/nttrans.c | 1 | ||||
-rw-r--r-- | source3/smbd/password.c | 8 | ||||
-rw-r--r-- | source3/smbd/sec_ctx.c | 29 | ||||
-rw-r--r-- | source3/smbd/service.c | 4 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 11 | ||||
-rw-r--r-- | source3/smbd/uid.c | 18 |
9 files changed, 85 insertions, 134 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 4192cc3a23..d928445d94 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -991,7 +991,7 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw if (!push_sec_ctx()) return NT_STATUS_UNSUCCESSFUL; - set_sec_ctx(pass->pw_uid, pass->pw_gid, 0, NULL, NULL, NULL); + set_sec_ctx(pass->pw_uid, pass->pw_gid, 0, NULL, NULL); set_re_uid(); } diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c index 0805f8e690..9bac0acdb9 100644 --- a/source3/smbd/conn.c +++ b/source3/smbd/conn.c @@ -249,14 +249,6 @@ void conn_free(connection_struct *conn) conn->ngroups = 0; } - if (conn->nt_user_token) { - delete_nt_token(&(conn->nt_user_token)); - } - - if (conn->privs) { - destroy_privilege(&(conn->privs)); - } - free_namearray(conn->veto_list); free_namearray(conn->hide_list); free_namearray(conn->veto_oplock_list); diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d715ab4ddc..c4df84e76c 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1557,87 +1557,87 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - fstring sharename; - fstring comment; - pstring pathname; - char *command, *cmdname; - unsigned int offset; - int snum; - int res = ERRunsup; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + fstring sharename; + fstring comment; + pstring pathname; + char *command, *cmdname; + unsigned int offset; + int snum; + int res = ERRunsup; - /* check it's a supported varient */ - if (!prefix_ok(str1, RAP_WShareAdd_REQ)) return False; - if (!check_share_info(uLevel, str2)) return False; - if (uLevel != 2) return False; - - pull_ascii_fstring(sharename, data); - snum = find_service(sharename); - if (snum >= 0) { /* already exists */ - res = ERRfilexists; - goto error_exit; - } + /* check it's a supported varient */ + if (!prefix_ok(str1,RAP_WShareAdd_REQ)) return False; + if (!check_share_info(uLevel,str2)) return False; + if (uLevel != 2) return False; - /* only support disk share adds */ - if (SVAL(data,14) != STYPE_DISKTREE) return False; + pull_ascii_fstring(sharename,data); + snum = find_service(sharename); + if (snum >= 0) { /* already exists */ + res = ERRfilexists; + goto error_exit; + } - offset = IVAL(data, 16); - if (offset >= mdrcnt) { - res = ERRinvalidparam; - goto error_exit; - } - pull_ascii_fstring(comment, offset? (data+offset) : ""); + /* only support disk share adds */ + if (SVAL(data,14)!=STYPE_DISKTREE) return False; - offset = IVAL(data, 26); - if (offset >= mdrcnt) { - res = ERRinvalidparam; - goto error_exit; - } - pull_ascii_pstring(pathname, offset? (data+offset) : ""); + offset = IVAL(data, 16); + if (offset >= mdrcnt) { + res = ERRinvalidparam; + goto error_exit; + } + pull_ascii_fstring(comment, offset? (data+offset) : ""); - string_replace(sharename, '"', ' '); - string_replace(pathname, '"', ' '); - string_replace(comment, '"', ' '); + offset = IVAL(data, 26); + if (offset >= mdrcnt) { + res = ERRinvalidparam; + goto error_exit; + } + pull_ascii_pstring(pathname, offset? (data+offset) : ""); - cmdname = lp_add_share_cmd(); + string_replace(sharename, '"', ' '); + string_replace(pathname, '"', ' '); + string_replace(comment, '"', ' '); - if (!cmdname || *cmdname == '\0') return False; + cmdname = lp_add_share_cmd(); - asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", - lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment); + if (!cmdname || *cmdname == '\0') return False; - if (command) { - DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); - if ((res = smbrun(command, NULL)) != 0) { - DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); - SAFE_FREE(command); - res = ERRnoaccess; - goto error_exit; - } else { - SAFE_FREE(command); - message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL); - } - } else return False; + asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", + lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment); - *rparam_len = 6; - *rparam = REALLOC(*rparam, *rparam_len); - SSVAL(*rparam, 0, NERR_Success); - SSVAL(*rparam, 2, 0); /* converter word */ - SSVAL(*rparam, 4, *rdata_len); - *rdata_len = 0; + if (command) { + DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); + if ((res = smbrun(command, NULL)) != 0) { + DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); + SAFE_FREE(command); + res = ERRnoaccess; + goto error_exit; + } else { + SAFE_FREE(command); + message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL); + } + } else return False; + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,*rdata_len); + *rdata_len = 0; - return True; + return True; -error_exit: - *rparam_len = 4; - *rparam = REALLOC(*rparam, *rparam_len); - *rdata_len = 0; - SSVAL(*rparam, 0, res); - SSVAL(*rparam, 2, 0); - return True; + error_exit: + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + *rdata_len = 0; + SSVAL(*rparam,0,res); + SSVAL(*rparam,2,0); + return True; } diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 4a9db06c87..21b6db8b46 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -43,7 +43,6 @@ static const char *known_nt_pipes[] = { "\\spoolss", "\\netdfs", "\\rpcecho", - "\\epmapper", NULL }; diff --git a/source3/smbd/password.c b/source3/smbd/password.c index ba57fecd51..10c6aadb1f 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -87,7 +87,6 @@ void invalidate_vuid(uint16 vuid) SAFE_FREE(vuser->groups); delete_nt_token(&vuser->nt_user_token); - destroy_privilege(&vuser->privs); SAFE_FREE(vuser); num_validated_vuids--; } @@ -235,11 +234,6 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key, return UID_FIELD_INVALID; } - if (server_info->privs) { - init_privilege(&(vuser->privs)); - dup_priv_set(vuser->privs, server_info->privs); - } - /* use this to keep tabs on all our info from the authentication */ vuser->server_info = server_info; @@ -275,7 +269,7 @@ int register_vuid(auth_serversupplied_info *server_info, DATA_BLOB session_key, vuser->homes_snum = -1; } - if (srv_is_signing_negotiated() && !vuser->guest && !srv_signing_started()) { + if (lp_server_signing() && !vuser->guest && !srv_is_signing_active()) { /* Try and turn on server signing on the first non-guest sessionsetup. */ srv_set_signing(vuser->session_key, response_blob); } diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c index 97fe2dfaee..8a85792ead 100644 --- a/source3/smbd/sec_ctx.c +++ b/source3/smbd/sec_ctx.c @@ -28,7 +28,6 @@ struct sec_ctx { int ngroups; gid_t *groups; NT_USER_TOKEN *token; - PRIVILEGE_SET *privs; }; /* A stack of security contexts. We include the current context as being @@ -257,16 +256,12 @@ BOOL push_sec_ctx(void) (unsigned int)ctx_p->uid, (unsigned int)ctx_p->gid, sec_ctx_stack_ndx )); ctx_p->token = dup_nt_token(sec_ctx_stack[sec_ctx_stack_ndx-1].token); - if (! ctx_p->token) { - DEBUG(0, ("Out of memory on dup_nt_token() in push_sec_ctx()\n")); - return False; - } ctx_p->ngroups = sys_getgroups(0, NULL); if (ctx_p->ngroups != 0) { if (!(ctx_p->groups = malloc(ctx_p->ngroups * sizeof(gid_t)))) { - DEBUG(0, ("Out of memory on malloc() in push_sec_ctx()\n")); + DEBUG(0, ("Out of memory in push_sec_ctx()\n")); delete_nt_token(&ctx_p->token); return False; } @@ -276,14 +271,6 @@ BOOL push_sec_ctx(void) ctx_p->groups = NULL; } - init_privilege(&ctx_p->privs); - if (! NT_STATUS_IS_OK(dup_priv_set(ctx_p->privs, sec_ctx_stack[sec_ctx_stack_ndx-1].privs))) { - DEBUG(0, ("Out of memory on dup_priv_set() in push_sec_ctx()\n")); - delete_nt_token(&ctx_p->token); - destroy_privilege(&ctx_p->privs); - return False; - } - return True; } @@ -291,7 +278,7 @@ BOOL push_sec_ctx(void) Set the current security context to a given user. ****************************************************************************/ -void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token, PRIVILEGE_SET *privs) +void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token) { struct sec_ctx *ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx]; @@ -316,14 +303,9 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN smb_panic("DUPLICATE_TOKEN"); delete_nt_token(&ctx_p->token); - if (ctx_p->privs) - reset_privilege(ctx_p->privs); - else - init_privilege(&ctx_p->privs); ctx_p->groups = memdup(groups, sizeof(gid_t) * ngroups); ctx_p->token = dup_nt_token(token); - dup_priv_set(ctx_p->privs, privs); become_id(uid, gid); @@ -337,7 +319,6 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN current_user.ngroups = ngroups; current_user.groups = groups; current_user.nt_user_token = ctx_p->token; - current_user.privs = ctx_p->privs; } /**************************************************************************** @@ -348,7 +329,7 @@ void set_root_sec_ctx(void) { /* May need to worry about supplementary groups at some stage */ - set_sec_ctx(0, 0, 0, NULL, NULL, NULL); + set_sec_ctx(0, 0, 0, NULL, NULL); } /**************************************************************************** @@ -378,7 +359,6 @@ BOOL pop_sec_ctx(void) ctx_p->ngroups = 0; delete_nt_token(&ctx_p->token); - destroy_privilege(&ctx_p->privs); /* Pop back previous user */ @@ -401,7 +381,6 @@ BOOL pop_sec_ctx(void) current_user.ngroups = prev_ctx_p->ngroups; current_user.groups = prev_ctx_p->groups; current_user.nt_user_token = prev_ctx_p->token; - current_user.privs = prev_ctx_p->privs; DEBUG(3, ("pop_sec_ctx (%u, %u) - sec_ctx_stack_ndx = %d\n", (unsigned int)geteuid(), (unsigned int)getegid(), sec_ctx_stack_ndx)); @@ -434,7 +413,6 @@ void init_sec_ctx(void) get_current_groups(ctx_p->gid, &ctx_p->ngroups, &ctx_p->groups); ctx_p->token = NULL; /* Maps to guest user. */ - ctx_p->privs = NULL; /* Initialise current_user global */ @@ -449,5 +427,4 @@ void init_sec_ctx(void) current_user.conn = NULL; current_user.vuid = UID_FIELD_INVALID; current_user.nt_user_token = NULL; - current_user.privs = NULL; } diff --git a/source3/smbd/service.c b/source3/smbd/service.c index adbed67b33..08b6648249 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -363,7 +363,6 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, string_set(&conn->dirpath,""); string_set(&conn->user,user); conn->nt_user_token = NULL; - conn->privs = NULL; conn->read_only = lp_readonly(conn->service); conn->admin_user = False; @@ -472,9 +471,6 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, conn->nt_user_token = create_nt_token(conn->uid, conn->gid, conn->ngroups, conn->groups, guest); - - init_privilege(&(conn->privs)); - pdb_get_privilege_set(conn->nt_user_token, conn->privs); } /* diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 864d69653c..d91aa94728 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -291,14 +291,14 @@ static int reply_spnego_kerberos(connection_struct *conn, SSVAL(outbuf, smb_uid, sess_vuid); - if (!server_info->guest && !srv_signing_started()) { + if (!server_info->guest) { /* We need to start the signing engine * here but a W2K client sends the old * "BSRSPYL " signature instead of the * correct one. Subsequent packets will * be correct. */ - srv_check_sign_mac(inbuf, False); + srv_check_sign_mac(inbuf); } } @@ -364,15 +364,14 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *out SSVAL(outbuf,smb_uid,sess_vuid); - if (!server_info->guest && !srv_signing_started()) { + if (!server_info->guest) { /* We need to start the signing engine * here but a W2K client sends the old * "BSRSPYL " signature instead of the * correct one. Subsequent packets will * be correct. */ - - srv_check_sign_mac(inbuf, False); + srv_check_sign_mac(inbuf); } } } @@ -912,7 +911,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf, return ERROR_NT(NT_STATUS_LOGON_FAILURE); } - if (!server_info->guest && !srv_signing_started() && !srv_check_sign_mac(inbuf, True)) { + if (!server_info->guest && !srv_check_sign_mac(inbuf)) { exit_server("reply_sesssetup_and_X: bad smb signature"); } diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index d43bf301e8..3859298055 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -44,7 +44,7 @@ BOOL change_to_guest(void) initgroups(pass->pw_name, pass->pw_gid); #endif - set_sec_ctx(pass->pw_uid, pass->pw_gid, 0, NULL, NULL, NULL); + set_sec_ctx(pass->pw_uid, pass->pw_gid, 0, NULL, NULL); current_user.conn = NULL; current_user.vuid = UID_FIELD_INVALID; @@ -161,9 +161,8 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid) gid_t gid; uid_t uid; char group_c; - BOOL must_free_token_priv = False; + BOOL must_free_token = False; NT_USER_TOKEN *token = NULL; - PRIVILEGE_SET *privs = NULL; if (!conn) { DEBUG(2,("change_to_user: Connection not open\n")); @@ -196,14 +195,12 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid) current_user.groups = conn->groups; current_user.ngroups = conn->ngroups; token = conn->nt_user_token; - privs = conn->privs; } else if ((vuser) && check_user_ok(conn, vuser, snum)) { uid = conn->admin_user ? 0 : vuser->uid; gid = vuser->gid; current_user.ngroups = vuser->n_groups; current_user.groups = vuser->groups; token = vuser->nt_user_token; - privs = vuser->privs; } else { DEBUG(2,("change_to_user: Invalid vuid used %d or vuid not permitted access to share.\n",vuid)); return False; @@ -251,20 +248,17 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid) DEBUG(1, ("change_to_user: create_nt_token failed!\n")); return False; } - pdb_get_privilege_set(token, privs); - must_free_token_priv = True; + must_free_token = True; } - set_sec_ctx(uid, gid, current_user.ngroups, current_user.groups, token, privs); + set_sec_ctx(uid, gid, current_user.ngroups, current_user.groups, token); /* * Free the new token (as set_sec_ctx copies it). */ - if (must_free_token_priv) { + if (must_free_token) delete_nt_token(&token); - destroy_privilege(&privs); - } current_user.conn = conn; current_user.vuid = vuid; @@ -305,7 +299,7 @@ BOOL become_authenticated_pipe_user(pipes_struct *p) return False; set_sec_ctx(p->pipe_user.uid, p->pipe_user.gid, - p->pipe_user.ngroups, p->pipe_user.groups, p->pipe_user.nt_user_token, p->pipe_user.privs); + p->pipe_user.ngroups, p->pipe_user.groups, p->pipe_user.nt_user_token); return True; } |