summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2011-11-07Add the SEC_DIR_LIST check to dptr_create().Jeremy Allison1-0/+27
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Nov 7 21:11:03 CET 2011 on sn-devel-104
2011-11-05Move the SEC_DIR_LIST check into dptr_create for SMB2 and now for SMB1.Jeremy Allison2-5/+6
The pathname check still needs fixing. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Nov 5 01:38:00 CET 2011 on sn-devel-104
2011-11-04can_write_to_file() does now take share permissions into account. Fix comment.Jeremy Allison1-1/+0
2011-11-04No longer do the pre-check on DELETE_ACCESS - we're correctly checking the ↵Jeremy Allison1-22/+0
ACL every time now.
2011-11-04Remove can_access_file_acl(). We no longer need this duplicate code (hurrah!).Jeremy Allison4-56/+9
2011-11-04Remove can_access_file_data() - make it use the standard ↵Jeremy Allison2-58/+5
smbd_check_access_rights() instead.
2011-11-04Add const to the smb_filename argument of smbd_check_access_rights().Jeremy Allison3-17/+9
2011-11-04Expose smbd_check_access_rights() to other modules.Jeremy Allison2-1/+4
2011-11-04Rename smbd_check_open_rights() to smbd_check_access_rights() as we're going ↵Jeremy Allison1-15/+15
to remove the static from this.
2011-11-04Replace smb1_file_se_access_check() with just se_access_check().Jeremy Allison1-30/+21
2011-11-04Move root check out of smb1_file_se_access_check() in preparation for ↵Jeremy Allison1-13/+25
deleting this function.
2011-11-04smb1_file_se_access_check() is now static to smbd/open.cJeremy Allison2-6/+1
2011-11-04Revert "Change function signature of check_parent_access() to take char * ↵Jeremy Allison2-10/+6
instead of struct smb_filename." This reverts commit a11c0a41a35aa2b1c14333552045a65e3e50df1e. Not needed.
2011-11-04Revert "Call check_parent_access() on readdir."Jeremy Allison1-13/+0
This reverts commit a763edaf9c76afe2546c035fc090370301dd347b. Checking the wrong thing..
2011-11-04s3:smbd increase a debug levelChristian Ambach1-5/+6
logging disconnected clients with level 1 swamps the logs
2011-11-04s3:smbd: also send the server name in the negprot responseStefan Metzmacher1-0/+8
This matches W2K (at least sp4) and higher. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Nov 4 15:50:06 CET 2011 on sn-devel-104
2011-11-03s3:smbd: make use of SMB_SIGNING_* constantsStefan Metzmacher4-10/+12
metze
2011-11-03s3:param: the behavior of "client/server signing = auto" is the same as "true"Stefan Metzmacher1-2/+0
So remove the special case for 'Auto'. metze
2011-11-02s3:smb2_server: remove unused outhdr variablesDavid Disseldorp1-2/+0
2011-11-01Call check_parent_access() on readdir.Jeremy Allison1-0/+13
2011-11-01Change function signature of check_parent_access() to take char * instead of ↵Jeremy Allison2-6/+10
struct smb_filename. Expose it so it can be called from directory code.
2011-10-31s3:smb2_server: FLAG_CHAINED means we always use the last session_id and tidStefan Metzmacher2-33/+20
metze
2011-10-31s3:smb2_server: don't reset the tid and session id in the out hdr of ↵Stefan Metzmacher1-14/+0
compound requests Windows also leaves tid (0xFFFFFFFF) and session id (0xFFFFFFFFFFFFFFFF) as the client requested them. metze
2011-10-31s3:smb2_server: echo the SMB2_HDR_CREDIT_CHARGE and SMB2_HDR_SIGNATURE fieldsStefan Metzmacher1-2/+4
Windows just echos back the given values by default. metze
2011-10-31s3:smbd: also the parent smbd needs FLAG_MSG_PRINT_GENERAL (bug #8553)Stefan Metzmacher1-0/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Oct 31 17:37:34 CET 2011 on sn-devel-104
2011-10-28Remove the order dependency in parent_override_delete(), just check for & ↵Jeremy Allison1-2/+2
not ==.
2011-10-28Remove unused "struct security_descriptor" parameter from check_parent_access()Jeremy Allison1-8/+2
2011-10-28Finally do all the open checks inside open_file(). Checks insideJeremy Allison1-0/+30
vfs_acl_common can now be removed.
2011-10-28Simplify smbd_check_open_rights() and move all the special casing inside it.Jeremy Allison1-101/+72
2011-10-28Move parent_override_delete() to before I need to use it.Jeremy Allison1-19/+19
2011-10-28Make smbd_check_open_rights() static.Jeremy Allison2-5/+1
2011-10-27s3: Include uid_wrapper where it is missing.Andreas Schneider1-0/+1
2011-10-27Include uid_wrapper correctly.Andreas Schneider1-1/+1
2011-10-26Factor out the code checking if a parent should override DELETE_ACCESS into ↵Jeremy Allison1-9/+31
a function. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 26 23:15:05 CEST 2011 on sn-devel-104
2011-10-26Remove another level of indentation - deal with !NT_STATUS_OK individually.Jeremy Allison1-65/+63
2011-10-26Add early return on stat open without O_CREAT if file doesn't exist.Jeremy Allison1-71/+74
Reduces one level of indentation.
2011-10-25libcli/smb: move smb_signing.[ch] to the toplevelStefan Metzmacher1-1/+1
metze
2011-10-22Third part of fix for bug #8541 - readlink() on Linux clients fails if the ↵Jeremy Allison1-2/+1
symlink target is outside of the share. Missed passing ucf_flags instead of hard coded flags in findfirst call. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Oct 22 06:30:16 CEST 2011 on sn-devel-104
2011-10-22Second part of fix for bug #8541 - readlink() on Linux clients fails if the ↵Jeremy Allison3-2/+12
symlink target is outside of the share. The statcache has to do lstat instead of stat when returning cached posix pathnames.
2011-10-22Fix bug #8541 - readlink() on Linux clients fails if the symlink target is ↵Jeremy Allison3-11/+42
outside of the share. The key is to only allow the lookup to succeed if it's a UNIX level lookup or readlink, but disallow all other operations. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Oct 22 01:37:41 CEST 2011 on sn-devel-104
2011-10-21libcli/smb: move smb_seal.c to the toplevelStefan Metzmacher1-1/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Oct 21 10:22:39 CEST 2011 on sn-devel-104
2011-10-21s3-seal Remove struct smb_srv_trans_enc_ctxAndrew Bartlett3-104/+54
This structure added no value, particularly after the move to gensec. It was added at a time when auth_ntlmssp_state was not available in the client. This changed a while back (the wrapper was extended with client calls), and the move to gensec again reinforced that we do not need the extra complexity. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove references to auth_ntlmssp_context from the smb sealing codeAndrew Bartlett1-15/+24
Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett3-7/+7
We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_negotiated_sign() and ↵Andrew Bartlett1-2/+2
auth_ntlmssp_negotiated_seal() We now just call the gensec_have_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett4-27/+29
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-auth remove auth_ntlmssp_session_info()Andrew Bartlett2-8/+9
Instead, call gensec_session_info() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3:smbd/seal: pass talloc_tos() auth_ntlmssp_update(), because we free a few ↵Stefan Metzmacher1-1/+1
lines later metze
2011-10-20Refactor to create check_parent_access() which can be called for file ↵Jeremy Allison1-23/+64
creation too. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 20 20:29:22 CEST 2011 on sn-devel-104
2011-10-20Make mkdir_internal() check the parent ACL for SEC_DIR_ADD_SUBDIR rights.Jeremy Allison1-2/+33
generated by cgit (git 2.34.1) at 2024-07-08 13:54:18 +0000