summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2008-06-19Remove some current_user references from trans2.cVolker Lendecke1-19/+25
(This used to be commit 4c31cc0b62f532eafdc44398b29b773ad8cb0646)
2008-06-19Remove reference to current_user from reply.cVolker Lendecke1-4/+3
(This used to be commit e895e44cc7d675d128430fb53c138e5e8736e59f)
2008-06-19Wrap the unix token info in a unix_user_token in auth_serversupplied_infoVolker Lendecke10-41/+43
No functional change, this is a preparation for more current_user ref removal (This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
2008-06-19Remove the "current_user" arg from fsp_belongs_connVolker Lendecke2-5/+5
fsp_belongs_conn only used the vuid struct member anyway, and this is available in the smb_request structure as well. (This used to be commit 64e9372ab997739d46669c0cc4a4c6edb11d5e64)
2008-06-19Remove the "current_user" arg from check_fspVolker Lendecke3-24/+24
check_fsp only used the vuid struct member anyway, and this is available in the smb_request structure as well. (This used to be commit 8d364c4c3311b406847158fc37e9208d298cf8ba)
2008-06-19RWX on a file does not imply DELETE accessVolker Lendecke1-1/+1
Without this the changed checks in can_delete_file_in_directory give DELETE access where there is none. So we can end up granting the ntcreate&x preparing the unlink where we should not, which leads to a NT_STATUS_ACCESS_DENIED at close time later, which in turn does *not* give the access denied error message in the Windows GUI. can_delete_file_in_directory will grant access now by looking at the directory permissions. (This used to be commit 51b5364c2afb3a18df4bec2bc1624760ccc01676)
2008-06-19Fix checks in can_delete_file_in_directory()Volker Lendecke1-6/+15
With at least NFSv4 ACLs around the write permission for the owner is a bogus check if we can delete a file in a directory. Like in Windows, there are two ways which can grant us such: First, the DELETE permission on the file itself, or if that does not help, the DELETE_CHILD permission on the directory. It might be a bit more code that runs, but essentially we should end up with the same set of syscalls in the non-acl case. (This used to be commit daa9b056645a45edfb3a70e3536011ebe5678970)
2008-06-19Remove some codeVolker Lendecke1-12/+4
Did not measure it, but I think a single write is better than a read and a conditional branch (This used to be commit abe1bed665ad8d1dbf9177dcbb9344b25df9594c)
2008-06-18file_access: add a function header comment for can_access_file_acl().Michael Adam1-0/+3
Michael (This used to be commit 7d5fb873bde0a84de522650945effeaf602c759e)
2008-06-18smbd/dir.c: remove unneeded stat buf parameter from user_can_read_file()Michael Adam1-4/+2
This is not needed anymore since user_can_access_file_acl() ist used. Michael (This used to be commit 3c349f773a52e3de693d3bb79f5060c9f1e01e41)
2008-06-17file_access: remove unneeded stat buf parameter from can_access_file_acl().Michael Adam2-4/+4
This is a security descriptor level function only. Michael (This used to be commit 5931540fa1681f026fed42df387d17e43c493c47)
2008-06-17Add some debug to notifyVolker Lendecke1-0/+6
(This used to be commit 4394235378f85ccb911d662d95f1545a14240bdf)
2008-06-15Remove the current_user references from open.cVolker Lendecke1-6/+4
current_user_info was "only" used in a debug msg, and current_user.ut.uid is also available via conn->server_info (This used to be commit d0386914ff0f7b0f1edc3302fdc6a25f211712fa)
2008-06-15Remove the current_user reference from fake_file.cVolker Lendecke2-5/+5
The current vuid is not only available there, it is also in the current smb_request structure. (This used to be commit c8fd5eef32a86888c7a28317f0fdf717a26b7d4c)
2008-06-15Remove unused "extern struct current_user" from dir.cVolker Lendecke1-2/+0
(This used to be commit b92cfd19b459caad34229dfe941cf15fd14a5ce0)
2008-06-15Remove the reference to current_user from file_access.cVolker Lendecke1-8/+6
conn holds the current user info (This used to be commit 093bc5f2b33ebf90e04bc17e51b1695b1b932bf2)
2008-06-14Move connection-specific vuid cache clear to uid.cVolker Lendecke3-16/+25
(This used to be commit 1025f687910ce40283c7344ed67ebd5bf31217b7)
2008-06-14Slight refactoring for check_user_ok: It only needs vuid and server_infoVolker Lendecke1-20/+18
(This used to be commit 68944ea1ea7a0a63b08cbfc703f5ee29d2627696)
2008-06-14Group the access checks together in check_user_ok()Volker Lendecke1-6/+8
(This used to be commit 45662b5e8b3c7bc39cb33c5d7deb7e9a91f30a8b)
2008-06-14Consistently use snum in check_user_okVolker Lendecke1-2/+2
Most already used it, these two still used SNUM(conn), where the only caller of this routine (change_to_user) had set snum = SNUM(conn). (This used to be commit b14e59bfdbfb62494002e22d0665c4d420484245)
2008-06-14Compare the pointer "vuser" to NULL, not 0Volker Lendecke1-1/+1
(This used to be commit 5c916549f002d5e4e06f24d396a2bdca73d384c7)
2008-05-28Security fix for CVE-2008-1105: Boundary failure when parsing SMB responsesJeremy Allison1-3/+1
can result in a buffer overrun. Jeremy. (This used to be commit 23b825e9d2c74c5b940cf4d3aa56c18692259972)
2008-05-28Fix Bug #5285. (libcap header mismatch)Günther Deschner1-46/+2
Can someone with gpfs available test this ? The only codepath using this function is the modules/gpfs.c module. The fix resolves at least the build issues Samba has with recent kernel / libcap versions by using the portable cap_get_proc()/cap_set_proc() interface (instead of using capget/capset). Guenther (This used to be commit 177955141247a4eb56ba0d82dc1add7f52175c40)
2008-05-27Allow server manager to close open files selected by id.Jeremy Allison3-1/+37
Jeremy. (This used to be commit 7eeed8bb41059ec2bddedb6a71deddeec7f33af2)
2008-05-26Re-enable the evil "aio write behind" parameter.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 5d22ca00bcdf49dcb35468400ac8cc3c57808d0d)
2008-05-25Remove some references to get_current_username() and current_user_infoVolker Lendecke3-14/+25
(This used to be commit 344d69f95e217d16213eaa6b53141af6ab459708)
2008-05-25Remove the reference to current_user_info from share_access.cVolker Lendecke3-13/+23
This required to pass around the domain a bit (This used to be commit 17b0db20d28d1b737c5e86b78106657e8ca5ce9c)
2008-05-25Remove reference to current_user_info from lanman.cVolker Lendecke1-13/+13
(This used to be commit f52d7c3faba4aa815d95883775f4859251406161)
2008-05-20Fix type error in debug messageVolker Lendecke1-1/+1
(This used to be commit eb281532b1721ded39c39bb00c26202080dcd735)
2008-05-20Cleanup size_t return values in callers of convert_string_allocateTim Prouty5-22/+40
This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
2008-05-20Fix bug #5477 - recvfile code was broken.Jeremy Allison1-8/+4
Jeremy. (This used to be commit 830337f054a6c0646d85df33d9958e99283e727a)
2008-05-20sesssetup.c: Add debug message.Karolin Seeger1-0/+3
Log when we kill other smbd sessions like when we hit the VC == 0 case. This one fixes BUG #5476. Initial patch from Björn Jacke <bj@sernet.de>. Karolin (This used to be commit 1429f3b7cf293994b334052428fcdadcee162dea)
2008-05-19Restructuring of code to fix #5460. Remove searchJeremy Allison2-38/+12
by name code from conn, we were already doing the same check in the dfs_redirect() function, so move it into parse_dfs_path() instead. Jeremy. (This used to be commit 8a7c6df122c5e4a1d0f74ab0f1bc9376a0a8bcb1)
2008-05-16Simplify fake_file logicVolker Lendecke3-58/+41
(This used to be commit 93111ea0a1191e8547ad6cf112e2699d3bb3799b)
2008-05-14Ensure we don't keep searching for sharename if it'sJeremy Allison1-3/+3
not the start of the list. Jeremy. (This used to be commit 15857534b76bc66ad122510100aa224f17250465)
2008-05-13Fix debug message.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 08d168f0e5b8fb07e95a5118a839e0da53e9d363)
2008-05-13Second part of patch for bug #5460. Cope with pathnamesJeremy Allison1-15/+39
that don't look like \xxx\yyy, cope with arbitrary length. Jeremy. (This used to be commit 635035d999fcd8e06b70c8cb1137127c289dc9e6)
2008-05-13Fix bug #5460. The problem is RHEL5.0 shipped a CIFS clientJeremy Allison2-2/+33
that sets the DFS bit on pathnames but doesn't send DFS paths. This causes lookups to fail as the smbd/msdfs.c code now just eats the first two parts of the pathname and uses the rest as the local path. The previous hostname check used to protect us from that as we knew that when the hostname was invalid it was a local path (and a broken client). I didn't want to put that check back in, but came up with another idea - even though the hostname can be a different one, the sharename must be valid on this machine. So we can check for a valid sharename instead. Jeremy. (This used to be commit e1cda82f6f7de3306a653af920756c1640057f2d)
2008-05-11With force user, we have the same base token for all vuidsVolker Lendecke1-1/+9
(This used to be commit 0f19bc3f65bfc132aea1de1e76fcb4ee625a050f)
2008-05-11Fix a memleak in new auth_serversupplied codeVolker Lendecke1-1/+2
(This used to be commit f23e970848b6e6655453fa65f6f160f624acfcff)
2008-05-10Fix a memleakVolker Lendecke1-5/+0
(This used to be commit 9891c7c30858a3bea9adbea1c5bfa5c6b1b85221)
2008-05-10Remove "user" from connection_structVolker Lendecke8-27/+37
(This used to be commit 368454a27cb53a408ec416cbf37235b304592fb5)
2008-05-10Remove the unix token info from connection_structVolker Lendecke4-21/+24
(This used to be commit 2834dacc8d49f77fe55fb5d7e3eb2dda431d1d3d)
2008-05-10Replace nt_user_token with server_info in connection_structVolker Lendecke3-54/+33
(This used to be commit a3738aef59e97d4533010b048534d937d36c0950)
2008-05-10Empty some nonempty blank linesVolker Lendecke1-18/+18
(This used to be commit 1a406def02bf171b223467d6b76317586d6205fc)
2008-05-10Make use of talloc_tos() in change_to_user()Volker Lendecke1-1/+1
(This used to be commit c4bed3a48b86d44ad641250add2fc189af7e72f5)
2008-05-10Next try at making the vuid cache circularVolker Lendecke2-10/+13
Jeremy, please check! (This used to be commit a34f73521712e3820d417f0d9ed811723b7681d6)
2008-05-10find_forced_group can directly change the token in server_infoVolker Lendecke1-72/+16
Now that we have a token that is correctly set up with gids already, this saves manual translation of the SIDs to GIDs. (This used to be commit 6136a6d9d7301c65f37e2bf485681138cddd8bd2)
2008-05-10Add an error return in find_forced_group()Volker Lendecke1-0/+5
(This used to be commit 93ce0705c14f222bda3e6204f4b54ba1893f33e1)
2008-05-10Do not unnecessarily mess with the results in find_forced_group()Volker Lendecke1-3/+0
(This used to be commit 6d9860d09b54c61625f011c2d56d710aa59d7686)
generated by cgit (git 2.34.1) at 2024-11-02 08:06:00 +0000