Age | Commit message (Collapse) | Author | Files | Lines |
|
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This will allow the auth_serversupplied_info struct to be migrated
to auth_session_info easier.
Adnrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Fallback to pathname opendir if not.
|
|
Start of the move towards handle-based code for directory access.
Currently makes fstat/fchown code work for directories rather than
falling back to pathnames.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Feb 8 06:34:41 CET 2011 on sn-devel-104
|
|
Do this by keeping a linked list of delete on close tokens, one for
each filename that identifies a path to the dev/inode. Use the
jenkins hash of the pathname to identify the correct token.
|
|
Will be used when we store more than one delete on close token.
|
|
instead.
|
|
but makes logic cleaner. Pointed out by Metze.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 24 01:47:13 CET 2010 on sn-devel-104
|
|
This avoids some special casing in the waf code.
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
in the destination struct for a rename, so set the flag appropriately.
Jeremy.
|
|
in the destination struct for a rename, so set the flag appropriately.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 6 00:29:51 UTC 2010 on sn-devel-104
|
|
|
|
This is closer to the struct security_token from security.idl
|
|
Ensure we check the correct stat struct once we've created the
special fix. Thanks to izh1979@gmail.com for pointing out the
bug.
Jeremy.
|
|
|
|
|
|
Jeremy, please check! To me this is a lot more readable than the decimal
listing of the bytes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This removes some code Jeremy (jra) suspected was bad. It turns out that the
command window rename command will not work with the offending code in place.
With it removed the bug is gone, and rename works.
|
|
Guenther
|
|
We use s_i->ptok->num_sids everywhere else in this call and
then suddenly we reference s_i->num_sids
|
|
extensions.
Move to a consistent get_FileIndex() function for all inode returns,
that checks if st_dev on the file is identical to the top directory
dev_t of the exported share, and if so uses the raw 64-bit inode
number. If it isn't (we've traversed a mount point) - return what
we used to do for Windows which is the concatination of the bottom
32-bits of the inode with the 32-bit device number. We can get more
creative with this over time (hashing?) if we want as now all inode returns go
through this single function.
Jeremy.
|
|
Add the correct devicetype and characteristics for this info level.
Jeremy.
|
|
Fix bug #7435 - SMB2 hardlink fails (invalid level).
Found at the Microsoft plugsharing plugfest.
Jeremy.
|
|
|
|
The end_data argument to smbd_dirptr_lanman2_entry() must include
the safety margin, as internally it's actually used to allow detection
of string name pushes that were truncated. Ensure space_remaining can
never go negative due to padding.
Jeremy.
|
|
go on this test.
Jeremy.
|
|
smblctx in our locking code. 2). Widens smblctx to 64-bits internally. Preparing to use the SMB2 handle as the locking context.
Jeremy.
|
|
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:
ccache build w/o patch
real 4m21.529s
ccache build with patch
real 3m6.402s
pch build w/o patch
real 4m26.318s
pch build with patch
real 3m6.932s
Guenther
|
|
Jeremy.
|
|
Based on an initial patch from Ira Cooper <samba@ira.wakeful.net>.
Jeremy.
|
|
|
|
Remove the bool ms_dfs_link parameter from smbd_do_qfilepathinfo.
It is not possible for this to be a DFS link. Remove the check_msdfs_link()
call from call_trans2qfilepathinfo() - the call to filename_convert()
above with a ucf_flags of zero *MUST* catch a DFS link and return
NT_STATUS_PATH_NOT_COVERED in this case, so the code below checking
for msdfs links is redundent. Don't add this to 3.5.x, as it's an
optimization but not needed to fix bug #7339 - MSDFS is non-functional in 3.5.x.
Jeremy.
|
|
In the refactoring around filename_convert, the split between the functions
resolve_dfspath() and resolve_dfspath_wcard() was lost, leaving us only with
resolve_dfspath_wcard().
Internally resolve_dfspath_wcard() calls dfs_redirect() only with a
"allow_wcards" flag of true, wheras the old resolve_dfspath() would call with a
value of false. The loss of this case causes dfs_redirect to always masquerade
DFS links as directories, even when they are being queried directly by a trans2
QPATHINFO call. We should only masquerade DFS links as directories when called
from a SMBsearch or trans2 findfirst/findnext - which was the intent of the
"allow_wcards" flag.
This patch adds back an allow_wcards bool parameter to
resolve_dfspath_wcard(). This bool is set from the state of the ucf_flags when
filename_convert() is called.
I will follow this up with a new smbclient-based torture test that will prevent
us from ever regressing our DFS support again.
Jeremy.
|
|
metze
|
|
Make ea data checks identical for trans2open and trans2mkdir.
Jeremy.
|
|
Ensure we don't use any of the create_options for Samba private
use. Add a new parameter to the VFS_CREATE call (private_flags)
which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code).
Rev. the VFS interface to version 28.
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
Jeremy.
|
|
Rewrite all calls to reply_nterror(NT_STATUS_DOS()) to
reply_force_doserror() and update the comment in smbd/error.c
Jeremy.
|