diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 3 | ||||
-rw-r--r-- | source3/modules/vfs_readonly.c | 13 | ||||
-rw-r--r-- | source3/smbd/share_access.c | 6 | ||||
-rw-r--r-- | source3/smbd/uid.c | 3 |
4 files changed, 21 insertions, 4 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 5f9203a21f..33425849d1 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8459,7 +8459,8 @@ bool user_ok_token(const char *username, const char *domain, struct nt_user_token *token, int snum); bool is_share_read_only_for_token(const char *username, const char *domain, - struct nt_user_token *token, int snum); + struct nt_user_token *token, + connection_struct *conn); /* The following definitions come from smbd/srvstr.c */ diff --git a/source3/modules/vfs_readonly.c b/source3/modules/vfs_readonly.c index d4ddf32e3a..58c83e5e1b 100644 --- a/source3/modules/vfs_readonly.c +++ b/source3/modules/vfs_readonly.c @@ -64,12 +64,25 @@ static int readonly_connect(vfs_handle_struct *handle, "period", period_def); if (period && period[0] && period[1]) { + int i; time_t current_time = time(NULL); time_t begin_period = get_date(period[0], ¤t_time); time_t end_period = get_date(period[1], ¤t_time); if ((current_time >= begin_period) && (current_time <= end_period)) { + connection_struct *conn = handle->conn; + handle->conn->read_only = True; + + /* Wipe out the VUID cache. */ + for (i=0; i< VUID_CACHE_SIZE; i++) { + struct vuid_cache_entry *ent = ent = &conn->vuid_cache.array[i]; + ent->vuid = UID_FIELD_INVALID; + TALLOC_FREE(ent->server_info); + ent->read_only = false; + ent->admin_user = false; + } + conn->vuid_cache.next_entry = 0; } return SMB_VFS_NEXT_CONNECT(handle, service, user); diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c index f5f79c86e5..9dbacc2998 100644 --- a/source3/smbd/share_access.c +++ b/source3/smbd/share_access.c @@ -252,9 +252,11 @@ bool user_ok_token(const char *username, const char *domain, bool is_share_read_only_for_token(const char *username, const char *domain, - struct nt_user_token *token, int snum) + struct nt_user_token *token, + connection_struct *conn) { - bool result = lp_readonly(snum); + int snum = SNUM(conn); + bool result = conn->read_only; if (lp_readlist(snum) != NULL) { if (token_contains_name_in_list(username, domain, diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 045de6f2d3..c238f40cfd 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -88,7 +88,8 @@ static bool check_user_ok(connection_struct *conn, uint16_t vuid, readonly_share = is_share_read_only_for_token( server_info->unix_name, pdb_get_domain(server_info->sam_account), - server_info->ptok, snum); + server_info->ptok, + conn); if (!readonly_share && !share_access_check(server_info->ptok, lp_servicename(snum), |