summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2008-06-26Change print_access_check to take auth_serversupplied_info instead of ↵Volker Lendecke1-6/+12
current_user Reason: This is the main user of p->current_user which I would like to remove (This used to be commit fd43059b3dfa8cdac9814de1c76f963ba5de9bcb)
2008-06-26smbd: untangle logic in smbd_messaging_context() slightly.Michael Adam1-2/+5
Michael (This used to be commit fae4c21b14b9d288e06f6b4b4e1527e2c6d58dca)
2008-06-26smbd: don't panic if messaging_init() fails but return NULLMichael Adam1-1/+1
leaving panic or more appropriate action to callers. This can for instance happen in a clustered setup, when ctdb is not running. This allows for a more defined behaviour, reducing chicken-egg-problems. Michael (This used to be commit 3b6541ff483d5fea4fd30bb6a01a560c05028d4e)
2008-06-24Move the responsibility to keep the cwd from srv_dfs_nt to msdfs.cVolker Lendecke1-17/+53
(This used to be commit 7db382588ac90fe250b72cf4cd07afb39fcae7c0)
2008-06-22Remove the "exists" parameter from create_msdfs_linkVolker Lendecke1-11/+11
Jeremy, setting "exists" to True in _dfs_Add prevented the initial creation of a new symlink for me, because the SMB_VFS_UNLINK failed. This also exists in 3.2. I only check it into 3.3 as I would like you to look at it first. Thanks, Volker (This used to be commit f58b098a4172949018e84c4d0c722d6eb9bba514)
2008-06-22Reduce memory usage in form_junctions() a little bitVolker Lendecke1-0/+1
(This used to be commit d031e6d8cabe2dd0b29e90d173d45843e145176a)
2008-06-22Fix an abort in junction_to_local_pathVolker Lendecke1-1/+1
(This used to be commit 587bd636cb70d09600111ced040adaa55af35d0f)
2008-06-22Fix a crash in _dfs_EnumVolker Lendecke1-0/+2
(cherry picked from commit 4a996476297963d4cb300b4d45c23e83a493c339) (This used to be commit 86cae83a7db87063ecd6e58eaa15f11441c45040)
2008-06-22Fix an uninitialized variable access in callers of parse_msdfs_symlinkVolker Lendecke1-1/+2
At least form_junctions() does not initialize refcount, and I don't see it in get_referred_path(). For the latters, the callers might initialize it. But even if they did, I think parse_msdfs_symlink() should unconditionally return the number of referrals it found. I don't think it makes sense to count them up from somewhere else. (This used to be commit 73172113484a2c6c9af014f59e84707716c61a7d)
2008-06-21Fix a double-closedir() in form_junctions()Volker Lendecke1-1/+0
(This used to be commit 1d7ad0dea7ebf7a46af6e695797e5132264307d6)
2008-06-19Remove current_user references from nttrans.cVolker Lendecke1-3/+2
(This used to be commit 5f8a5e68ea166fbeda3af6e5ec381ec09d06f0f6)
2008-06-19Remove current_user references from trans2.cVolker Lendecke3-4/+35
This involved replacing the CHECK_NTQUOTA_HANDLE_OK macro by a function. (This used to be commit 5595cdf837edb82db69a3e57bcf3108be7feeeb8)
2008-06-19Remove some current_user references from trans2.cVolker Lendecke1-19/+25
(This used to be commit 4c31cc0b62f532eafdc44398b29b773ad8cb0646)
2008-06-19Remove reference to current_user from reply.cVolker Lendecke1-4/+3
(This used to be commit e895e44cc7d675d128430fb53c138e5e8736e59f)
2008-06-19Wrap the unix token info in a unix_user_token in auth_serversupplied_infoVolker Lendecke10-41/+43
No functional change, this is a preparation for more current_user ref removal (This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
2008-06-19Remove the "current_user" arg from fsp_belongs_connVolker Lendecke2-5/+5
fsp_belongs_conn only used the vuid struct member anyway, and this is available in the smb_request structure as well. (This used to be commit 64e9372ab997739d46669c0cc4a4c6edb11d5e64)
2008-06-19Remove the "current_user" arg from check_fspVolker Lendecke3-24/+24
check_fsp only used the vuid struct member anyway, and this is available in the smb_request structure as well. (This used to be commit 8d364c4c3311b406847158fc37e9208d298cf8ba)
2008-06-19RWX on a file does not imply DELETE accessVolker Lendecke1-1/+1
Without this the changed checks in can_delete_file_in_directory give DELETE access where there is none. So we can end up granting the ntcreate&x preparing the unlink where we should not, which leads to a NT_STATUS_ACCESS_DENIED at close time later, which in turn does *not* give the access denied error message in the Windows GUI. can_delete_file_in_directory will grant access now by looking at the directory permissions. (This used to be commit 51b5364c2afb3a18df4bec2bc1624760ccc01676)
2008-06-19Fix checks in can_delete_file_in_directory()Volker Lendecke1-6/+15
With at least NFSv4 ACLs around the write permission for the owner is a bogus check if we can delete a file in a directory. Like in Windows, there are two ways which can grant us such: First, the DELETE permission on the file itself, or if that does not help, the DELETE_CHILD permission on the directory. It might be a bit more code that runs, but essentially we should end up with the same set of syscalls in the non-acl case. (This used to be commit daa9b056645a45edfb3a70e3536011ebe5678970)
2008-06-19Remove some codeVolker Lendecke1-12/+4
Did not measure it, but I think a single write is better than a read and a conditional branch (This used to be commit abe1bed665ad8d1dbf9177dcbb9344b25df9594c)
2008-06-18file_access: add a function header comment for can_access_file_acl().Michael Adam1-0/+3
Michael (This used to be commit 7d5fb873bde0a84de522650945effeaf602c759e)
2008-06-18smbd/dir.c: remove unneeded stat buf parameter from user_can_read_file()Michael Adam1-4/+2
This is not needed anymore since user_can_access_file_acl() ist used. Michael (This used to be commit 3c349f773a52e3de693d3bb79f5060c9f1e01e41)
2008-06-17file_access: remove unneeded stat buf parameter from can_access_file_acl().Michael Adam2-4/+4
This is a security descriptor level function only. Michael (This used to be commit 5931540fa1681f026fed42df387d17e43c493c47)
2008-06-17Add some debug to notifyVolker Lendecke1-0/+6
(This used to be commit 4394235378f85ccb911d662d95f1545a14240bdf)
2008-06-15Remove the current_user references from open.cVolker Lendecke1-6/+4
current_user_info was "only" used in a debug msg, and current_user.ut.uid is also available via conn->server_info (This used to be commit d0386914ff0f7b0f1edc3302fdc6a25f211712fa)
2008-06-15Remove the current_user reference from fake_file.cVolker Lendecke2-5/+5
The current vuid is not only available there, it is also in the current smb_request structure. (This used to be commit c8fd5eef32a86888c7a28317f0fdf717a26b7d4c)
2008-06-15Remove unused "extern struct current_user" from dir.cVolker Lendecke1-2/+0
(This used to be commit b92cfd19b459caad34229dfe941cf15fd14a5ce0)
2008-06-15Remove the reference to current_user from file_access.cVolker Lendecke1-8/+6
conn holds the current user info (This used to be commit 093bc5f2b33ebf90e04bc17e51b1695b1b932bf2)
2008-06-14Move connection-specific vuid cache clear to uid.cVolker Lendecke3-16/+25
(This used to be commit 1025f687910ce40283c7344ed67ebd5bf31217b7)
2008-06-14Slight refactoring for check_user_ok: It only needs vuid and server_infoVolker Lendecke1-20/+18
(This used to be commit 68944ea1ea7a0a63b08cbfc703f5ee29d2627696)
2008-06-14Group the access checks together in check_user_ok()Volker Lendecke1-6/+8
(This used to be commit 45662b5e8b3c7bc39cb33c5d7deb7e9a91f30a8b)
2008-06-14Consistently use snum in check_user_okVolker Lendecke1-2/+2
Most already used it, these two still used SNUM(conn), where the only caller of this routine (change_to_user) had set snum = SNUM(conn). (This used to be commit b14e59bfdbfb62494002e22d0665c4d420484245)
2008-06-14Compare the pointer "vuser" to NULL, not 0Volker Lendecke1-1/+1
(This used to be commit 5c916549f002d5e4e06f24d396a2bdca73d384c7)
2008-05-28Security fix for CVE-2008-1105: Boundary failure when parsing SMB responsesJeremy Allison1-3/+1
can result in a buffer overrun. Jeremy. (This used to be commit 23b825e9d2c74c5b940cf4d3aa56c18692259972)
2008-05-28Fix Bug #5285. (libcap header mismatch)Günther Deschner1-46/+2
Can someone with gpfs available test this ? The only codepath using this function is the modules/gpfs.c module. The fix resolves at least the build issues Samba has with recent kernel / libcap versions by using the portable cap_get_proc()/cap_set_proc() interface (instead of using capget/capset). Guenther (This used to be commit 177955141247a4eb56ba0d82dc1add7f52175c40)
2008-05-27Allow server manager to close open files selected by id.Jeremy Allison3-1/+37
Jeremy. (This used to be commit 7eeed8bb41059ec2bddedb6a71deddeec7f33af2)
2008-05-26Re-enable the evil "aio write behind" parameter.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 5d22ca00bcdf49dcb35468400ac8cc3c57808d0d)
2008-05-25Remove some references to get_current_username() and current_user_infoVolker Lendecke3-14/+25
(This used to be commit 344d69f95e217d16213eaa6b53141af6ab459708)
2008-05-25Remove the reference to current_user_info from share_access.cVolker Lendecke3-13/+23
This required to pass around the domain a bit (This used to be commit 17b0db20d28d1b737c5e86b78106657e8ca5ce9c)
2008-05-25Remove reference to current_user_info from lanman.cVolker Lendecke1-13/+13
(This used to be commit f52d7c3faba4aa815d95883775f4859251406161)
2008-05-20Fix type error in debug messageVolker Lendecke1-1/+1
(This used to be commit eb281532b1721ded39c39bb00c26202080dcd735)
2008-05-20Cleanup size_t return values in callers of convert_string_allocateTim Prouty5-22/+40
This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
2008-05-20Fix bug #5477 - recvfile code was broken.Jeremy Allison1-8/+4
Jeremy. (This used to be commit 830337f054a6c0646d85df33d9958e99283e727a)
2008-05-20sesssetup.c: Add debug message.Karolin Seeger1-0/+3
Log when we kill other smbd sessions like when we hit the VC == 0 case. This one fixes BUG #5476. Initial patch from Björn Jacke <bj@sernet.de>. Karolin (This used to be commit 1429f3b7cf293994b334052428fcdadcee162dea)
2008-05-19Restructuring of code to fix #5460. Remove searchJeremy Allison2-38/+12
by name code from conn, we were already doing the same check in the dfs_redirect() function, so move it into parse_dfs_path() instead. Jeremy. (This used to be commit 8a7c6df122c5e4a1d0f74ab0f1bc9376a0a8bcb1)
2008-05-16Simplify fake_file logicVolker Lendecke3-58/+41
(This used to be commit 93111ea0a1191e8547ad6cf112e2699d3bb3799b)
2008-05-14Ensure we don't keep searching for sharename if it'sJeremy Allison1-3/+3
not the start of the list. Jeremy. (This used to be commit 15857534b76bc66ad122510100aa224f17250465)
2008-05-13Fix debug message.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 08d168f0e5b8fb07e95a5118a839e0da53e9d363)
2008-05-13Second part of patch for bug #5460. Cope with pathnamesJeremy Allison1-15/+39
that don't look like \xxx\yyy, cope with arbitrary length. Jeremy. (This used to be commit 635035d999fcd8e06b70c8cb1137127c289dc9e6)
2008-05-13Fix bug #5460. The problem is RHEL5.0 shipped a CIFS clientJeremy Allison2-2/+33
that sets the DFS bit on pathnames but doesn't send DFS paths. This causes lookups to fail as the smbd/msdfs.c code now just eats the first two parts of the pathname and uses the rest as the local path. The previous hostname check used to protect us from that as we knew that when the hostname was invalid it was a local path (and a broken client). I didn't want to put that check back in, but came up with another idea - even though the hostname can be a different one, the sharename must be valid on this machine. So we can check for a valid sharename instead. Jeremy. (This used to be commit e1cda82f6f7de3306a653af920756c1640057f2d)