summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2012-08-15s3-smbd: Call sys_acl_get_perm() directly rather than via the VFSAndrew Bartlett2-9/+9
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-12s3: skip loading vfs modules for printer connectionsBjörn Jacke1-0/+6
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Sun Aug 12 23:40:23 CEST 2012 on sn-devel-104
2012-08-10s3-smbd: Merge ACE entries based on mapped UID/GID not SIDAndrew Bartlett1-4/+4
As the test for a valid posix ACL is based on the unix uid/gid only appearing once in the ACL the merge process also needs to be UID/GID based. This is a problem when we have multiple builtin groups mapped to the same POSIX group as happens in a Samba4 provision. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-08-10s3-smbd: Convert posix_acls.c to use struct unixid internallyAndrew Bartlett1-57/+72
This is consistent with the rest of Samba which uses this structure to represent a unix uid or gid. World values remain represented by the owner_type being WORLD_ACE in the containing structure. A -1 value is filled in to the unixid.id in the same way the .world value was initialised in the union. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-08-10s3-smbd: Create a shortcut for building the token of a user by SID for ↵Andrew Bartlett1-10/+2
posix_acls When a user owns a file, but does not have specific permissions on that file, we need to make up the user permissions. This change ensures that the first thing that we do is to look up the SID, and confirm it is a user. Then, we avoid the getpwnam() and directly create the token via the SID. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-08-10Revert "s3:smbd: include smbXsrv.h before smbd/proto.h to have the smbXsrv_ ↵Stefan Metzmacher1-1/+0
structs available" This reverts commit 98ccca8dca70b87d04a93c8ef5232a071ab7c2af. Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Aug 10 17:35:38 CEST 2012 on sn-devel-104
2012-08-10Revert "s3:smbd: Include smbXsrv.h before vfs.h (in smbd.h) so that the ↵Stefan Metzmacher1-1/+1
smbXsrv structures are available" This reverts commit e332bfaff51e54638bd37cd1fe08e57608e16e86.
2012-08-09Correctly check for errors in strlower_m() returns.Jeremy Allison3-3/+10
2012-08-09Check error returns on strnorm().Jeremy Allison1-3/+12
2012-08-09Check error returns from strupper_m() (in all reasonable places).Jeremy Allison4-7/+19
2012-08-09s3:smb2_sesssetup: setup global->[en|de]cryption_keyStefan Metzmacher1-0/+36
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 9 09:59:02 CEST 2012 on sn-devel-104
2012-08-09s3:smb2_read: don't try sendfile if encryption is usedStefan Metzmacher1-0/+1
metze
2012-08-09s3:smb2_server: add smbd_smb2_request->do_encryptionStefan Metzmacher2-0/+2
For now it's always false... metze
2012-08-09s3:smb2_tcon: set global->encryption_required and enforce itStefan Metzmacher1-5/+29
This the account or client doesn't support encryption we should reject the tree connect. metze
2012-08-09s3:smb2_sesssetup: set global->encryption_required and enforce itStefan Metzmacher1-0/+22
This the account or client doesn't support encryption we should reject the session setup. metze
2012-08-09s3:smb2_server: check the session before we could response with an error.Stefan Metzmacher1-15/+15
metze
2012-08-09s3:smb2_server: do central file_id check if the operation requires itStefan Metzmacher1-0/+56
Note that it's fine to call file_fsp_smb2() twice, the 2nd call just returns smb2req->compat_chain_fsp without a 2nd lookup. metze
2012-08-08s3:smb2_server: s/i/idx in smbd_smb2_request_pending_queue()Stefan Metzmacher1-4/+4
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 8 17:32:26 CEST 2012 on sn-devel-104
2012-08-08s3:smb2_server: make use of SMBD_SMB2_OUT_HDR_PTR() in ↵Stefan Metzmacher1-1/+1
smbd_smb2_request_pending_queue() metze
2012-08-08s3:smb2_server: remove useless variable 'i'Stefan Metzmacher1-2/+1
metze
2012-08-08s3:smb2_server: rewrite dup_smb2_vec3() using SMBD_SMB2_*_IOV_OFS and helper ↵Stefan Metzmacher1-42/+52
variables metze
2012-08-08s3:smb2_server: make use of SMBD_SMB2_* macros in smbd_smb2_request_done_ex()Stefan Metzmacher1-18/+21
metze
2012-08-08s3:smb2_server: make use of SMBD_SMB2_* macros in ↵Stefan Metzmacher1-8/+14
smbd_smb2_request_verify_sizes() metze
2012-08-08s3:smb2_server: use the common buffer layout for smbd_smb2_request_pending*Stefan Metzmacher1-16/+26
metze
2012-08-08s3:smb2_read: use SMBD_SMB2_NUM_IOV_PER_REQ when checking for sendfile() supportStefan Metzmacher1-1/+1
metze
2012-08-08s3:smb2_read: fix indentation in schedule_smb2_sendfile_read()Stefan Metzmacher1-8/+8
metze
2012-08-08s3:smb2_server: don't try to update req->in.vector[0] in ↵Stefan Metzmacher1-3/+0
smbd_smb2_request_pending_queue() req->in.vector[0] is reserved for the transport and might be removed in future. This is currently always { NULL, 0 }, as it's not used, by our transport layer code. The SMB2 layer should never touch this! metze
2012-08-08s3:smb2_sesssetup: remove unused code in smbd_smb2_reauth_generic_return()Stefan Metzmacher1-9/+0
A reauth exchange is already signed, with the channel signing key. metze
2012-08-08s3:smb2_sesssetup: remove TALLOC_FREE(session) from ↵Stefan Metzmacher1-9/+0
smbd_smb2_[re]auth_generic_return The caller does this via the smbd_smb2_session_setup_state_destructor() metze
2012-08-08s3:smb2_server: sign the last request at the start of smbd_smb2_request_reply()Stefan Metzmacher1-22/+16
This means we correctly sign all responses in a compound chain. metze
2012-08-08s3: Fix a crash in reply_lockingX_errorVolker Lendecke1-4/+11
A timed brlock with 2 locks comes in and the second one blocks, file is closed. smbd_cancel_pending_lock_requests_by_fid sets blr->fsp to NULL. reply_lockingX_error (called via MSG_SMB_BLOCKING_LOCK_CANCEL) deferences blr->fsp because blr->lock_num==1 (the second one blocked). This patch fixes the bug by only undoing the locks if fsp!=NULL. fsp==NULL is the close case where everything is undone anyway. Thanks to Peter Somogyi, somogyi@hu.ibm.com for this bug report. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Aug 8 04:12:04 CEST 2012 on sn-devel-104
2012-08-07s3:smb2_server: fix SMB2 signing of compound responsesStefan Metzmacher2-13/+78
We need to defer the signing until we know the response doesn't change anymore before it goes over the wire. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Aug 7 20:29:30 CEST 2012 on sn-devel-104
2012-08-07s3:smb2_server: there's no need to copy req->out.vector when we just keep ↵Stefan Metzmacher1-22/+5
the last request metze
2012-08-07s3:smb2_server: use memmove instead of copying single vector elementsStefan Metzmacher1-6/+7
metze
2012-08-07s3:smb2_server: make use of SMBD_SMB2_OUT_HDR_PTR() ↵Stefan Metzmacher1-1/+1
smbd_smb2_request_pending_queue() metze
2012-08-07s3:smb2_server: check for compound based on SMBD_SMB2_NUM_IOV_PER_REQStefan Metzmacher1-1/+1
metze
2012-08-07s3:smb2_server: make use of SMBD_SMB2_OUT_*_IOV smbd_smb2_request_reply()Stefan Metzmacher1-4/+4
metze
2012-08-07s3:smb2_server: check for compound based on SMBD_SMB2_NUM_IOV_PER_REQStefan Metzmacher1-4/+3
metze
2012-08-07s3:smb2_server: make use of SMBD_SMB2_*_IOV_OFSStefan Metzmacher1-15/+20
metze
2012-08-07s3:smb2_server: make use of helper macros in smb2_calculate_credits()Stefan Metzmacher1-4/+6
metze
2012-08-07s3:smb2_server: make use of helper macros in smbd_smb2_request_validate()Stefan Metzmacher1-3/+5
metze
2012-08-07s3:smb2_server: make use of SMBD_SMB2_NUM_IOV_PER_REQStefan Metzmacher1-17/+20
metze
2012-08-07s3:smb2_server: add some more SMBD_SMB2_* defines/macrosStefan Metzmacher1-6/+22
metze
2012-08-07source3/smbd/conn.c: wean off string_set/string_freeRusty Russell2-11/+8
Use straight talloc strings. This is the only user outside loadparm.c. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-07s3:smb2_server: do one central as_root check if the operation requires itStefan Metzmacher1-30/+6
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Aug 7 13:14:38 CEST 2012 on sn-devel-104
2012-08-07s3:smb2_server: do one central tcon check if the operation requires itStefan Metzmacher1-160/+15
metze
2012-08-07s3:smb2_server: do one central session check if the operation requires itStefan Metzmacher1-66/+6
metze
2012-08-07s3:smb2_server: add and use smbd_smb2_call()Stefan Metzmacher1-0/+21
metze
2012-08-07s3:smb2_server: add .as_root to smbd_smb2_dispatch_tableStefan Metzmacher1-0/+15
metze
2012-08-07s3:smb2_server: add .need_tcon to smbd_smb2_dispatch_tableStefan Metzmacher1-0/+14
metze