summaryrefslogtreecommitdiff
path: root/source3/smbd/service.c
AgeCommit message (Collapse)AuthorFilesLines
2013-01-09smbd: Fix a typoVolker Lendecke1-1/+1
Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-09Move create_share_access_mask() from smbd/service.c to smbd/uid.c.Jeremy Allison1-38/+0
Make it static. Only called from uid.c now. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-09Fix bug #9518 - conn->share_access appears not be be reset between users.Jeremy Allison1-20/+8
Ensure make_connection_snum() uses the same logic as check_user_ok() to decide if a user can access a share. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-09Change API for create_share_access_mask() - remove conn struct.Jeremy Allison1-5/+5
Eventually this will be indepentent of conn, just pass in the readonly flag. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-09Change API for create_share_access_mask() to pass in the token.Jeremy Allison1-3/+6
Don't automatically use the one from conn->session_info->security_token. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-09Fix API for create_share_access_mask().Jeremy Allison1-8/+11
Return the uint32_t share_access rather than directly changing the conn struct. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-09Remove static from create_share_access_mask().Jeremy Allison1-1/+1
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-05s3:smbd: pass the current time to make_connection[_smb1]()Stefan Metzmacher1-4/+5
Otherwise smbstatus reports the wrong time for tree connects. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Mon Nov 5 20:43:23 CET 2012 on sn-devel-104
2012-10-19s3:smbd: don't call claim/yield_connection() in ↵Stefan Metzmacher1-16/+0
make_connection_snum/close_cnum() This was used to maintain the connections.tdb database which is being removed. We use info from the smbXsrv_tcon instead. Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19s3:smbd: fill tcon->global->session_global_idStefan Metzmacher1-0/+2
metze Signed-off-by: Michael Adam <obnox@samba.org>
2012-09-27s3: For read-only shares, filter out write bits from conn->access_maskVolker Lendecke1-0/+7
Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 27 02:51:42 CEST 2012 on sn-devel-104
2012-09-12Move cached cwd onto conn struct.Jeremy Allison1-0/+6
This enables us to make VFS modules safe for use in root called code when we've changed directory under conn->connectpath.
2012-08-09Correctly check for errors in strlower_m() returns.Jeremy Allison1-1/+5
2012-08-09Check error returns from strupper_m() (in all reasonable places).Jeremy Allison1-1/+4
2012-08-07source3/smbd/conn.c: wean off string_set/string_freeRusty Russell1-4/+5
Use straight talloc strings. This is the only user outside loadparm.c. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-07-18loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell1-49/+53
They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-25s3:smbd: make use of smbXsrv_tcon for smb1Stefan Metzmacher1-2/+42
Pair-Programmed-With: Michael Adam <obnox@samba.org> metze
2012-06-25s3:smbd: make use of smbXsrv_tcon and smbXsrv_session for smb2Stefan Metzmacher1-3/+7
The removes the protocol specific smbd_smb2_session and smbd_smb2_tcon. Pair-Programmed-With: Michael Adam <obnox@samba.org> metze
2012-06-06s3:smbd: let close_cnum() take a uint64_t vuidStefan Metzmacher1-1/+1
metze
2012-06-06s3:smbd: let make_connection() take a uint64_t vuidStefan Metzmacher1-1/+1
metze
2012-06-06s3:smbd: use 'struct user_struct' instead of typedef'ed 'user_struct'Stefan Metzmacher1-4/+4
metze
2012-05-22s3:smbd: remove unused 'connection_struct->used'Michael Adam1-1/+0
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 22 16:42:22 CEST 2012 on sn-devel-104
2012-05-04s3: Remove an unused extern declarationVolker Lendecke1-2/+0
2012-04-23Fix bug #8882 - Broken processing of %U with vfs_full_audit when force user ↵Jeremy Allison1-0/+11
is set. When doing a "force user" we need to remember what the "sanitized_username" was from the original connect. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Apr 23 19:52:19 CEST 2012 on sn-devel-104
2012-04-11s3:smbd only initialize kernel oplocks if they are enabled for a shareChristian Ambach1-0/+4
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-03-24lib/util: Remove obsolete sys_getpid() and sys_fork().Jelmer Vernooij1-1/+1
The performance of these is minimal (these days) and they can return invalid results when used as part of applications that do not use sys_fork(). Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104
2012-03-23s3: Remove the sys_notify dependency from notify_internalVolker Lendecke1-5/+9
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri Mar 23 12:12:51 CET 2012 on sn-devel-104
2012-03-21s3: Move the notify_ctx to the smbd_server_connectionVolker Lendecke1-4/+5
We only need one notify_ctx per smbd. The notify_array can become quite large. It's based on absolute paths, so there's no point in having a copy of the complete array in memory multiple times. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Wed Mar 21 14:26:07 CET 2012 on sn-devel-104
2012-03-21s3: Remove "conn" param from notify_init()Volker Lendecke1-3/+3
2012-03-15s3: Remove the separate server_id arg to notify_initVolker Lendecke1-1/+0
The server_id is tied to the messaging_context Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-03-04s3-smbd: vuser and session_info cannot be NULL hereAndrew Bartlett1-37/+31
The callers always supply it. (this is a hold-over from the security=share removal). Andrew Bartlett
2012-03-04s3-auth: Remove security=share (depricated since 3.6).Andrew Bartlett1-88/+26
This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
2012-02-28Fix problem reported by Tom Lee <tlee2951@gmail.com> - when calculatingJeremy Allison1-3/+28
the share security mask, take priviliges into account for the connecting user. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Feb 28 20:21:26 CET 2012 on sn-devel-104
2012-02-25s3-auth rename vuid_serverinfo to session_infoAndrew Bartlett1-8/+8
This matches the name used elsewhere in the code. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sat Feb 25 05:24:19 CET 2012 on sn-devel-104
2012-01-19Now make_connection_snum() is a static function that takes aJeremy Allison1-33/+26
connection_struct as a parameter, fix the interface to allow it to return an NTSTATUS. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Jan 19 07:25:49 CET 2012 on sn-devel-104
2012-01-18Fix bug 8710 - connections.tdb - major leak with SMB2.Jeremy Allison1-17/+71
Ensure the cnum used to claim the connection for SMB2 is the id that will be used for the SMB2 tcon. Based on code from Ira Cooper <ira@wakeful.net>. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jan 18 23:14:32 CET 2012 on sn-devel-104
2011-12-16s3:smbd: avoid using sconn_server_id()Stefan Metzmacher1-1/+2
metze
2011-12-12s3:smbd/service: avoid using server_event_context() for notify_init()Stefan Metzmacher1-1/+1
metze
2011-10-27s3: Include uid_wrapper where it is missing.Andreas Schneider1-0/+1
2011-07-20s3-auth Remove seperate guest booleanAndrew Bartlett1-3/+7
Instead, we base our guest calculations on the presence or absense of the authenticated users group in the token, ensuring that we have only one canonical source of this important piece of authorization data Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use the common auth_session_infoAndrew Bartlett1-5/+5
This patch finally has the same structure being used to describe the authorization data of a user across the whole codebase. This will allow of our session handling to be accomplished with common code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth use auth_user_info not netr_SamInfo3 in auth3_session_infoAndrew Bartlett1-6/+6
This makes auth3_session_info identical to auth_session_info The logic to convert the info3 to a struct auth_user_info is essentially moved up the stack from the named pipe proxy in source3/rpc_server to create_local_token(). Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use guest boolean in auth_user_info_unixAndrew Bartlett1-2/+2
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use struct auth_user_info_unix for unix_name and sanitized_usernameAndrew Bartlett1-16/+16
This is closer to the layout of struct auth_session_info in auth.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use *unix_token rather than utok in struct auth3_session_infoAndrew Bartlett1-7/+7
This brings this structure one step closer to the struct auth_session_info. A few SMB_ASSERT calls are added in some key places to ensure that this pointer is initialised, to make tracing any bugs here easier in future. NOTE: Many of the users of this structure should be reviewed, as unix and NT access checks are mixed in a way that should just be done using the NT ACL. This patch has not changed this behaviour however. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use struct auth3_session_info outside the auth subsystemAndrew Bartlett1-7/+7
This seperation between the structure used inside the auth modules and in the wider codebase allows for a gradual migration from struct auth_serversupplied_info -> struct auth_session_info (from auth.idl) The idea here is that we keep a clear seperation between the structure before and after the local groups, local user lookup and the session key modifications have been processed, as the lack of this seperation has caused issues in the past. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-05s3: Calculate&store the maximum share access maskVolker Lendecke1-22/+15
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-05s3: Return "granted" from share_access_checkVolker Lendecke1-6/+7
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-04s3-smbd: Replace client_id in smbd service.Andreas Schneider1-6/+21
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-06-29param: Merge param headers into lib/param/loadparm.hAndrew Bartlett1-0/+1
This defines a common table format, so we can in future define a common table. Andrew Bartlett