summaryrefslogtreecommitdiff
path: root/source4/smb_server/smb
diff options
context:
space:
mode:
Diffstat (limited to 'source4/smb_server/smb')
-rw-r--r--source4/smb_server/smb/negprot.c59
-rw-r--r--source4/smb_server/smb/service.c2
-rw-r--r--source4/smb_server/smb/sesssetup.c13
-rw-r--r--source4/smb_server/smb/signing.c4
4 files changed, 41 insertions, 37 deletions
diff --git a/source4/smb_server/smb/negprot.c b/source4/smb_server/smb/negprot.c
index 81cfe43137..f92c542ef6 100644
--- a/source4/smb_server/smb/negprot.c
+++ b/source4/smb_server/smb/negprot.c
@@ -47,7 +47,7 @@ static NTSTATUS get_challenge(struct smbsrv_connection *smb_conn, uint8_t buff[8
nt_status = auth_context_create(smb_conn,
smb_conn->connection->event.ctx,
smb_conn->connection->msg_ctx,
- global_loadparm,
+ smb_conn->lp_ctx,
&smb_conn->negotiate.auth_context);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("auth_context_create() returned %s", nt_errstr(nt_status)));
@@ -92,7 +92,7 @@ this any more it probably doesn't matter
****************************************************************************/
static void reply_coreplus(struct smbsrv_request *req, uint16_t choice)
{
- uint16_t raw = (lp_readraw(global_loadparm)?1:0) | (lp_writeraw(global_loadparm)?2:0);
+ uint16_t raw = (lp_readraw(req->smb_conn->lp_ctx)?1:0) | (lp_writeraw(req->smb_conn->lp_ctx)?2:0);
smbsrv_setup_reply(req, 13, 0);
@@ -123,13 +123,13 @@ static void reply_coreplus(struct smbsrv_request *req, uint16_t choice)
****************************************************************************/
static void reply_lanman1(struct smbsrv_request *req, uint16_t choice)
{
- int raw = (lp_readraw(global_loadparm)?1:0) | (lp_writeraw(global_loadparm)?2:0);
+ int raw = (lp_readraw(req->smb_conn->lp_ctx)?1:0) | (lp_writeraw(req->smb_conn->lp_ctx)?2:0);
int secword=0;
time_t t = req->request_time.tv_sec;
- req->smb_conn->negotiate.encrypted_passwords = lp_encrypted_passwords(global_loadparm);
+ req->smb_conn->negotiate.encrypted_passwords = lp_encrypted_passwords(req->smb_conn->lp_ctx);
- if (lp_security(global_loadparm) != SEC_SHARE)
+ if (lp_security(req->smb_conn->lp_ctx) != SEC_SHARE)
secword |= NEGOTIATE_SECURITY_USER_LEVEL;
if (req->smb_conn->negotiate.encrypted_passwords)
@@ -146,7 +146,7 @@ static void reply_lanman1(struct smbsrv_request *req, uint16_t choice)
SSVAL(req->out.vwv, VWV(0), choice);
SSVAL(req->out.vwv, VWV(1), secword);
SSVAL(req->out.vwv, VWV(2), req->smb_conn->negotiate.max_recv);
- SSVAL(req->out.vwv, VWV(3), lp_maxmux(global_loadparm));
+ SSVAL(req->out.vwv, VWV(3), lp_maxmux(req->smb_conn->lp_ctx));
SSVAL(req->out.vwv, VWV(4), 1);
SSVAL(req->out.vwv, VWV(5), raw);
SIVAL(req->out.vwv, VWV(6), req->smb_conn->connection->server_id.id);
@@ -181,13 +181,13 @@ static void reply_lanman1(struct smbsrv_request *req, uint16_t choice)
****************************************************************************/
static void reply_lanman2(struct smbsrv_request *req, uint16_t choice)
{
- int raw = (lp_readraw(global_loadparm)?1:0) | (lp_writeraw(global_loadparm)?2:0);
+ int raw = (lp_readraw(req->smb_conn->lp_ctx)?1:0) | (lp_writeraw(req->smb_conn->lp_ctx)?2:0);
int secword=0;
time_t t = req->request_time.tv_sec;
- req->smb_conn->negotiate.encrypted_passwords = lp_encrypted_passwords(global_loadparm);
+ req->smb_conn->negotiate.encrypted_passwords = lp_encrypted_passwords(req->smb_conn->lp_ctx);
- if (lp_security(global_loadparm) != SEC_SHARE)
+ if (lp_security(req->smb_conn->lp_ctx) != SEC_SHARE)
secword |= NEGOTIATE_SECURITY_USER_LEVEL;
if (req->smb_conn->negotiate.encrypted_passwords)
@@ -200,7 +200,7 @@ static void reply_lanman2(struct smbsrv_request *req, uint16_t choice)
SSVAL(req->out.vwv, VWV(0), choice);
SSVAL(req->out.vwv, VWV(1), secword);
SSVAL(req->out.vwv, VWV(2), req->smb_conn->negotiate.max_recv);
- SSVAL(req->out.vwv, VWV(3), lp_maxmux(global_loadparm));
+ SSVAL(req->out.vwv, VWV(3), lp_maxmux(req->smb_conn->lp_ctx));
SSVAL(req->out.vwv, VWV(4), 1);
SSVAL(req->out.vwv, VWV(5), raw);
SIVAL(req->out.vwv, VWV(6), req->smb_conn->connection->server_id.id);
@@ -215,7 +215,7 @@ static void reply_lanman2(struct smbsrv_request *req, uint16_t choice)
get_challenge(req->smb_conn, req->out.data);
}
- req_push_str(req, NULL, lp_workgroup(global_loadparm), -1, STR_TERMINATE);
+ req_push_str(req, NULL, lp_workgroup(req->smb_conn->lp_ctx), -1, STR_TERMINATE);
if (req->smb_conn->signing.mandatory_signing) {
smbsrv_terminate_connection(req->smb_conn,
@@ -237,8 +237,8 @@ static void reply_nt1_orig(struct smbsrv_request *req)
req->out.ptr += 8;
SCVAL(req->out.vwv+1, VWV(16), 8);
}
- req_push_str(req, NULL, lp_workgroup(global_loadparm), -1, STR_UNICODE|STR_TERMINATE|STR_NOALIGN);
- req_push_str(req, NULL, lp_netbios_name(global_loadparm), -1, STR_UNICODE|STR_TERMINATE|STR_NOALIGN);
+ req_push_str(req, NULL, lp_workgroup(req->smb_conn->lp_ctx), -1, STR_UNICODE|STR_TERMINATE|STR_NOALIGN);
+ req_push_str(req, NULL, lp_netbios_name(req->smb_conn->lp_ctx), -1, STR_UNICODE|STR_TERMINATE|STR_NOALIGN);
DEBUG(3,("not using extended security (SPNEGO or NTLMSSP)\n"));
}
@@ -261,50 +261,51 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
CAP_NT_FIND | CAP_LOCK_AND_READ |
CAP_LEVEL_II_OPLOCKS | CAP_NT_SMBS | CAP_RPC_REMOTE_APIS;
- req->smb_conn->negotiate.encrypted_passwords = lp_encrypted_passwords(global_loadparm);
+ req->smb_conn->negotiate.encrypted_passwords = lp_encrypted_passwords(req->smb_conn->lp_ctx);
/* do spnego in user level security if the client
supports it and we can do encrypted passwords */
if (req->smb_conn->negotiate.encrypted_passwords &&
- (lp_security(global_loadparm) != SEC_SHARE) &&
- lp_use_spnego(global_loadparm) &&
+ (lp_security(req->smb_conn->lp_ctx) != SEC_SHARE) &&
+ lp_use_spnego(req->smb_conn->lp_ctx) &&
(req->flags2 & FLAGS2_EXTENDED_SECURITY)) {
negotiate_spnego = true;
capabilities |= CAP_EXTENDED_SECURITY;
}
- if (lp_unix_extensions(global_loadparm)) {
+ if (lp_unix_extensions(req->smb_conn->lp_ctx)) {
capabilities |= CAP_UNIX;
}
- if (lp_large_readwrite(global_loadparm)) {
+ if (lp_large_readwrite(req->smb_conn->lp_ctx)) {
capabilities |= CAP_LARGE_READX | CAP_LARGE_WRITEX | CAP_W2K_SMBS;
}
- large_test_path = lock_path(req, global_loadparm, "large_test.dat");
+ large_test_path = lock_path(req, req->smb_conn->lp_ctx, "large_test.dat");
if (large_file_support(large_test_path)) {
capabilities |= CAP_LARGE_FILES;
}
- if (lp_readraw(global_loadparm) && lp_writeraw(global_loadparm)) {
+ if (lp_readraw(req->smb_conn->lp_ctx) &&
+ lp_writeraw(req->smb_conn->lp_ctx)) {
capabilities |= CAP_RAW_MODE;
}
/* allow for disabling unicode */
- if (lp_unicode(global_loadparm)) {
+ if (lp_unicode(req->smb_conn->lp_ctx)) {
capabilities |= CAP_UNICODE;
}
- if (lp_nt_status_support(global_loadparm)) {
+ if (lp_nt_status_support(req->smb_conn->lp_ctx)) {
capabilities |= CAP_STATUS32;
}
- if (lp_host_msdfs(global_loadparm)) {
+ if (lp_host_msdfs(req->smb_conn->lp_ctx)) {
capabilities |= CAP_DFS;
}
- if (lp_security(global_loadparm) != SEC_SHARE) {
+ if (lp_security(req->smb_conn->lp_ctx) != SEC_SHARE) {
secword |= NEGOTIATE_SECURITY_USER_LEVEL;
}
@@ -331,7 +332,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
this is the one and only SMB packet that is malformed in
the specification - all the command words after the secword
are offset by 1 byte */
- SSVAL(req->out.vwv+1, VWV(1), lp_maxmux(global_loadparm));
+ SSVAL(req->out.vwv+1, VWV(1), lp_maxmux(req->smb_conn->lp_ctx));
SSVAL(req->out.vwv+1, VWV(2), 1); /* num vcs */
SIVAL(req->out.vwv+1, VWV(3), req->smb_conn->negotiate.max_recv);
SIVAL(req->out.vwv+1, VWV(5), 0x10000); /* raw size. full 64k */
@@ -352,7 +353,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
nt_status = gensec_server_start(req->smb_conn,
req->smb_conn->connection->event.ctx,
- global_loadparm,
+ req->smb_conn->lp_ctx,
req->smb_conn->connection->msg_ctx,
&gensec_security);
if (!NT_STATUS_IS_OK(nt_status)) {
@@ -373,7 +374,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
return;
}
- cli_credentials_set_conf(server_credentials, global_loadparm);
+ cli_credentials_set_conf(server_credentials, req->smb_conn->lp_ctx);
nt_status = cli_credentials_set_machine_account(server_credentials);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(nt_status)));
@@ -519,9 +520,9 @@ void smbsrv_reply_negprot(struct smbsrv_request *req)
for (protocol = 0; supported_protocols[protocol].proto_name; protocol++) {
int i;
- if (supported_protocols[protocol].protocol_level > lp_srv_maxprotocol(global_loadparm))
+ if (supported_protocols[protocol].protocol_level > lp_srv_maxprotocol(req->smb_conn->lp_ctx))
continue;
- if (supported_protocols[protocol].protocol_level < lp_srv_minprotocol(global_loadparm))
+ if (supported_protocols[protocol].protocol_level < lp_srv_minprotocol(req->smb_conn->lp_ctx))
continue;
for (i = 0; i < protos_count; i++) {
diff --git a/source4/smb_server/smb/service.c b/source4/smb_server/smb/service.c
index 558f30307b..0e602f6a8b 100644
--- a/source4/smb_server/smb/service.c
+++ b/source4/smb_server/smb/service.c
@@ -201,7 +201,7 @@ NTSTATUS smbsrv_tcon_backend(struct smbsrv_request *req, union smb_tcon *con)
con->tconx.out.dev_type = talloc_strdup(req, req->tcon->ntvfs->dev_type);
con->tconx.out.fs_type = talloc_strdup(req, req->tcon->ntvfs->fs_type);
con->tconx.out.options = SMB_SUPPORT_SEARCH_BITS | (share_int_option(req->tcon->ntvfs->config, SHARE_CSC_POLICY, SHARE_CSC_POLICY_DEFAULT) << 2);
- if (share_bool_option(req->tcon->ntvfs->config, SHARE_MSDFS_ROOT, SHARE_MSDFS_ROOT_DEFAULT) && lp_host_msdfs(global_loadparm)) {
+ if (share_bool_option(req->tcon->ntvfs->config, SHARE_MSDFS_ROOT, SHARE_MSDFS_ROOT_DEFAULT) && lp_host_msdfs(req->smb_conn->lp_ctx)) {
con->tconx.out.options |= SMB_SHARE_IN_DFS;
}
diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c
index 8cc16aaa68..de2141b808 100644
--- a/source4/smb_server/smb/sesssetup.c
+++ b/source4/smb_server/smb/sesssetup.c
@@ -40,7 +40,8 @@ static void sesssetup_common_strings(struct smbsrv_request *req,
{
(*os) = talloc_asprintf(req, "Unix");
(*lanman) = talloc_asprintf(req, "Samba %s", SAMBA_VERSION_STRING);
- (*domain) = talloc_asprintf(req, "%s", lp_workgroup(global_loadparm));
+ (*domain) = talloc_asprintf(req, "%s",
+ lp_workgroup(req->smb_conn->lp_ctx));
}
static void smbsrv_sesssetup_backend_send(struct smbsrv_request *req,
@@ -69,7 +70,8 @@ static void sesssetup_old_send(struct auth_check_password_request *areq,
if (!NT_STATUS_IS_OK(status)) goto failed;
/* This references server_info into session_info */
- status = auth_generate_session_info(req, global_loadparm, server_info, &session_info);
+ status = auth_generate_session_info(req, req->smb_conn->lp_ctx,
+ server_info, &session_info);
if (!NT_STATUS_IS_OK(status)) goto failed;
/* allocate a new session */
@@ -164,7 +166,8 @@ static void sesssetup_nt1_send(struct auth_check_password_request *areq,
if (!NT_STATUS_IS_OK(status)) goto failed;
/* This references server_info into session_info */
- status = auth_generate_session_info(req, global_loadparm, server_info, &session_info);
+ status = auth_generate_session_info(req, req->smb_conn->lp_ctx,
+ server_info, &session_info);
if (!NT_STATUS_IS_OK(status)) goto failed;
/* allocate a new session */
@@ -246,7 +249,7 @@ static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess)
status = auth_context_create(req,
req->smb_conn->connection->event.ctx,
req->smb_conn->connection->msg_ctx,
- global_loadparm,
+ req->smb_conn->lp_ctx,
&auth_context);
if (!NT_STATUS_IS_OK(status)) goto failed;
} else {
@@ -380,7 +383,7 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se
status = gensec_server_start(req,
req->smb_conn->connection->event.ctx,
- global_loadparm,
+ req->smb_conn->lp_ctx,
req->smb_conn->connection->msg_ctx,
&gensec_ctx);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source4/smb_server/smb/signing.c b/source4/smb_server/smb/signing.c
index b91a65ab84..146d8c7256 100644
--- a/source4/smb_server/smb/signing.c
+++ b/source4/smb_server/smb/signing.c
@@ -102,7 +102,7 @@ bool smbsrv_init_signing(struct smbsrv_connection *smb_conn)
return false;
}
- switch (lp_server_signing(global_loadparm)) {
+ switch (lp_server_signing(smb_conn->lp_ctx)) {
case SMB_SIGNING_OFF:
smb_conn->signing.allow_smb_signing = false;
break;
@@ -114,7 +114,7 @@ bool smbsrv_init_signing(struct smbsrv_connection *smb_conn)
smb_conn->signing.mandatory_signing = true;
break;
case SMB_SIGNING_AUTO:
- if (lp_domain_logons(global_loadparm)) {
+ if (lp_domain_logons(smb_conn->lp_ctx)) {
smb_conn->signing.allow_smb_signing = true;
} else {
smb_conn->signing.allow_smb_signing = false;