From afa0d6b0b14e0ef2293bd8468ffc1d6330abdb5b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 3 Dec 2008 09:07:00 +0100 Subject: libwbclient: avoid usage talloc_init() in library code talloc_init() is a compat function for the old samba3 non-hierachical talloc implementation. It enables the talloc null tracking which should never be done by library code. metze --- source3/nsswitch/libwbclient/wbc_sid.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'source3') diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c index ac929b1dd5..92de22e901 100644 --- a/source3/nsswitch/libwbclient/wbc_sid.c +++ b/source3/nsswitch/libwbclient/wbc_sid.c @@ -40,22 +40,18 @@ wbcErr wbcSidToString(const struct wbcDomainSid *sid, uint32_t id_auth; int i; char *tmp = NULL; - TALLOC_CTX *ctx = NULL; if (!sid) { wbc_status = WBC_ERR_INVALID_SID; BAIL_ON_WBC_ERROR(wbc_status); } - ctx = talloc_init("wbcSidToString"); - BAIL_ON_PTR_ERROR(ctx, wbc_status); - id_auth = sid->id_auth[5] + (sid->id_auth[4] << 8) + (sid->id_auth[3] << 16) + (sid->id_auth[2] << 24); - tmp = talloc_asprintf(ctx, "S-%d-%d", sid->sid_rev_num, id_auth); + tmp = talloc_asprintf(NULL, "S-%d-%d", sid->sid_rev_num, id_auth); BAIL_ON_PTR_ERROR(tmp, wbc_status); for (i=0; inum_auths; i++) { @@ -66,13 +62,13 @@ wbcErr wbcSidToString(const struct wbcDomainSid *sid, tmp = tmp2; } - *sid_string=talloc_strdup(NULL, tmp); - BAIL_ON_PTR_ERROR((*sid_string), wbc_status); + *sid_string = tmp; + tmp = NULL; wbc_status = WBC_ERR_SUCCESS; done: - talloc_free(ctx); + talloc_free(tmp); return wbc_status; } -- cgit From 1eb743ab8e8b1141f99fabd3e4a46895c6dcc17e Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Tue, 2 Dec 2008 23:29:57 -0800 Subject: s3: Change sockaddr util function names for consistency Also eliminates name conflicts with OneFS system libraries --- source3/client/client.c | 2 +- source3/include/proto.h | 4 ++-- source3/lib/interface.c | 12 ++++++------ source3/lib/util_sock.c | 10 +++++----- source3/libads/kerberos.c | 6 +++--- source3/libsmb/cliconnect.c | 2 +- source3/libsmb/clidfs.c | 4 ++-- source3/libsmb/libsmb_server.c | 6 +++--- source3/libsmb/namequery.c | 10 +++++----- source3/libsmb/namequery_dc.c | 4 ++-- source3/rpcclient/rpcclient.c | 2 +- source3/torture/locktest.c | 4 ++-- source3/torture/masktest.c | 4 ++-- source3/torture/torture.c | 2 +- source3/utils/net.c | 2 +- source3/utils/smbcacls.c | 2 +- source3/utils/smbcquotas.c | 2 +- source3/utils/smbfilter.c | 2 +- source3/winbindd/winbindd_cm.c | 2 +- 19 files changed, 41 insertions(+), 41 deletions(-) (limited to 'source3') diff --git a/source3/client/client.c b/source3/client/client.c index 39f8f90bba..da789161c9 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4623,7 +4623,7 @@ static int do_message_op(void) snprintf(name_type_hex, sizeof(name_type_hex), "#%X", name_type); fstrcat(server_name, name_type_hex); - zero_addr(&ss); + zero_sockaddr(&ss); if (have_ip) ss = dest_ss; diff --git a/source3/include/proto.h b/source3/include/proto.h index f2bbb07f92..d9430e2909 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1396,13 +1396,13 @@ bool is_loopback_ip_v4(struct in_addr ip); bool is_loopback_addr(const struct sockaddr *pss); bool is_zero_addr(const struct sockaddr *pss); void zero_ip_v4(struct in_addr *ip); -void zero_addr(struct sockaddr_storage *pss); +void zero_sockaddr(struct sockaddr_storage *pss); void in_addr_to_sockaddr_storage(struct sockaddr_storage *ss, struct in_addr ip); bool same_net(const struct sockaddr *ip1, const struct sockaddr *ip2, const struct sockaddr *mask); -bool addr_equal(const struct sockaddr *ip1, +bool sockaddr_equal(const struct sockaddr *ip1, const struct sockaddr *ip2); bool is_address_any(const struct sockaddr *psa); uint16_t get_sockaddr_port(const struct sockaddr_storage *pss); diff --git a/source3/lib/interface.c b/source3/lib/interface.c index f533ec92c7..48fa4d32a9 100644 --- a/source3/lib/interface.c +++ b/source3/lib/interface.c @@ -33,7 +33,7 @@ bool ismyaddr(const struct sockaddr *ip) { struct interface *i; for (i=local_interfaces;i;i=i->next) { - if (addr_equal((struct sockaddr *)&i->ip,ip)) { + if (sockaddr_equal((struct sockaddr *)&i->ip,ip)) { return true; } } @@ -65,7 +65,7 @@ static struct interface *iface_find(const struct sockaddr *ip, if (same_net(ip, (struct sockaddr *)&i->ip, (struct sockaddr *)&i->netmask)) { return i; } - } else if (addr_equal((struct sockaddr *)&i->ip, ip)) { + } else if (sockaddr_equal((struct sockaddr *)&i->ip, ip)) { return i; } } @@ -93,7 +93,7 @@ void setup_linklocal_scope_id(struct sockaddr *pss) { struct interface *i; for (i=local_interfaces;i;i=i->next) { - if (addr_equal((struct sockaddr *)&i->ip,pss)) { + if (sockaddr_equal((struct sockaddr *)&i->ip,pss)) { struct sockaddr_in6 *psa6 = (struct sockaddr_in6 *)pss; psa6->sin6_scope_id = if_nametoindex(i->name); @@ -388,7 +388,7 @@ static void interpret_interface(char *token) } for (i=0;iai_addr) { continue; } - if (addr_equal((const struct sockaddr *)res->ai_addr, + if (sockaddr_equal((const struct sockaddr *)res->ai_addr, (struct sockaddr *)pss)) { freeaddrinfo(ailist); return true; @@ -1367,7 +1367,7 @@ const char *get_peer_name(int fd, bool force_lookup) p = get_peer_addr_internal(fd, addr_buf, sizeof(addr_buf), (struct sockaddr *)&ss, &length); /* it might be the same as the last one - save some DNS work */ - if (addr_equal((struct sockaddr *)&ss, (struct sockaddr *)&nc.ss)) { + if (sockaddr_equal((struct sockaddr *)&ss, (struct sockaddr *)&nc.ss)) { return nc.name ? nc.name : "UNKNOWN"; } @@ -1687,7 +1687,7 @@ bool is_myname_or_ipaddr(const char *s) } n = get_interfaces(nics, MAX_INTERFACES); for (i=0; ildap.ss; #else - zero_addr(dc_ss); + zero_sockaddr(dc_ss); #endif ads_destroy(&ads); @@ -217,7 +217,7 @@ bool get_dc_name(const char *domain, bool ret; bool our_domain = False; - zero_addr(&dc_ss); + zero_sockaddr(&dc_ss); ret = False; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 61d8d7c485..e8ffddb6dc 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -776,7 +776,7 @@ out_free: load_case_tables(); - zero_addr(&server_ss); + zero_sockaddr(&server_ss); setlinebuf(stdout); diff --git a/source3/torture/locktest.c b/source3/torture/locktest.c index b58cb3deec..247c9abcc1 100644 --- a/source3/torture/locktest.c +++ b/source3/torture/locktest.c @@ -176,7 +176,7 @@ static struct cli_state *connect_one(char *share, int snum) server_n = server; - zero_addr(&ss); + zero_sockaddr(&ss); slprintf(myname,sizeof(myname), "lock-%lu-%u", (unsigned long)getpid(), count++); @@ -184,7 +184,7 @@ static struct cli_state *connect_one(char *share, int snum) make_nmb_name(&called , server, 0x20); again: - zero_addr(&ss); + zero_sockaddr(&ss); /* have to open a new connection */ if (!(c=cli_initialise())) { diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c index c5612fefaa..8fea15877f 100644 --- a/source3/torture/masktest.c +++ b/source3/torture/masktest.c @@ -178,13 +178,13 @@ static struct cli_state *connect_one(char *share) server_n = server; - zero_addr(&ss); + zero_sockaddr(&ss); make_nmb_name(&calling, "masktest", 0x0); make_nmb_name(&called , server, 0x20); again: - zero_addr(&ss); + zero_sockaddr(&ss); /* have to open a new connection */ if (!(c=cli_initialise())) { diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 603426b67c..382b3b65eb 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -158,7 +158,7 @@ static struct cli_state *open_nbt_connection(void) make_nmb_name(&calling, myname, 0x0); make_nmb_name(&called , host, 0x20); - zero_addr(&ss); + zero_sockaddr(&ss); if (!(c = cli_initialise())) { printf("Failed initialize cli_struct to connect with %s\n", host); diff --git a/source3/utils/net.c b/source3/utils/net.c index bab2f41d11..f1a5be1876 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -662,7 +662,7 @@ static struct functable net_func[] = { }; - zero_addr(&c->opt_dest_ip); + zero_sockaddr(&c->opt_dest_ip); load_case_tables(); diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 10b55014c2..1bfc4757da 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -956,7 +956,7 @@ static struct cli_state *connect_one(const char *server, const char *share) NTSTATUS nt_status; uint32_t flags = 0; - zero_addr(&ss); + zero_sockaddr(&ss); if (get_cmdline_auth_info_use_kerberos()) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index b769c2bce0..8938cc5e65 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -371,7 +371,7 @@ static struct cli_state *connect_one(const char *share) NTSTATUS nt_status; uint32_t flags = 0; - zero_addr(&ss); + zero_sockaddr(&ss); if (get_cmdline_auth_info_use_machine_account() && !set_cmdline_auth_info_machine_account_creds()) { diff --git a/source3/utils/smbfilter.c b/source3/utils/smbfilter.c index d274e09299..1e22a40201 100644 --- a/source3/utils/smbfilter.c +++ b/source3/utils/smbfilter.c @@ -212,7 +212,7 @@ static void start_filter(char *desthost) /* start listening on port 445 locally */ - zero_addr(&my_ss); + zero_sockaddr(&my_ss); s = open_socket_in(SOCK_STREAM, 445, 0, &my_ss, True); if (s == -1) { diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 3c69859731..5f592fc6b7 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -1038,7 +1038,7 @@ static bool add_one_dc_unique(TALLOC_CTX *mem_ctx, const char *domain_name, /* Make sure there's no duplicates in the list */ for (i=0; i<*num; i++) - if (addr_equal((struct sockaddr *)&(*dcs)[i].ss, (struct sockaddr *)pss)) + if (sockaddr_equal((struct sockaddr *)&(*dcs)[i].ss, (struct sockaddr *)pss)) return False; *dcs = TALLOC_REALLOC_ARRAY(mem_ctx, *dcs, struct dc_name_ip, (*num)+1); -- cgit From f38d7f20a865b1ff5f7b039dd284d91b2ba7ec26 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 20 Oct 2008 17:43:45 -0700 Subject: s3: Add SMB_VFS_CREATE_FILE to the vfs layer Modify all callers of create_file to go through SMB_VFS_CREATE_FILE --- source3/include/proto.h | 34 ++++++------- source3/include/vfs.h | 21 ++++++++ source3/include/vfs_macros.h | 3 ++ source3/modules/vfs_default.c | 27 +++++++++++ source3/rpc_server/srv_srvsvc_nt.c | 4 +- source3/smbd/nttrans.c | 42 +++++++++++++--- source3/smbd/open.c | 34 ++++++------- source3/smbd/reply.c | 99 ++++++++++++++++++++------------------ source3/smbd/trans2.c | 33 +++++++------ 9 files changed, 189 insertions(+), 108 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index d9430e2909..05ef17b51c 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8150,23 +8150,23 @@ NTSTATUS create_file_unixpath(connection_struct *conn, files_struct **result, int *pinfo, SMB_STRUCT_STAT *psbuf); -NTSTATUS create_file(connection_struct *conn, - struct smb_request *req, - uint16_t root_dir_fid, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf); +NTSTATUS create_file_default(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); /* The following definitions come from smbd/oplock.c */ diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 4cedb4a9c6..03b4b8e706 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -110,6 +110,7 @@ open handle. JRA. */ /* Changed to version 24 - make security descriptor const in fset_nt_acl. JRA. */ /* Changed to version 25 - Jelmer's change from SMB_BIG_UINT to uint64_t. */ +/* Leave at 25 - not yet released. Add create_file call. -- tprouty. */ #define SMB_VFS_INTERFACE_VERSION 25 @@ -134,6 +135,8 @@ struct connection_struct; struct files_struct; struct security_descriptor; struct vfs_statvfs_struct; +struct smb_request; +struct ea_list; /* Available VFS operations. These values must be in sync with vfs_ops struct @@ -170,6 +173,7 @@ typedef enum _vfs_op_type { /* File operations */ SMB_VFS_OP_OPEN, + SMB_VFS_OP_CREATE_FILE, SMB_VFS_OP_CLOSE, SMB_VFS_OP_READ, SMB_VFS_OP_PREAD, @@ -305,6 +309,22 @@ struct vfs_ops { /* File operations */ int (*open)(struct vfs_handle_struct *handle, const char *fname, files_struct *fsp, int flags, mode_t mode); + NTSTATUS (*create_file)(struct vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); int (*close_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp); ssize_t (*vfs_read)(struct vfs_handle_struct *handle, struct files_struct *fsp, void *data, size_t n); ssize_t (*pread)(struct vfs_handle_struct *handle, struct files_struct *fsp, void *data, size_t n, SMB_OFF_T offset); @@ -452,6 +472,7 @@ struct vfs_ops { /* File operations */ struct vfs_handle_struct *open; + struct vfs_handle_struct *create_file; struct vfs_handle_struct *close_hnd; struct vfs_handle_struct *vfs_read; struct vfs_handle_struct *pread; diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 8fbc21b12d..5c57e92899 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -48,6 +48,7 @@ /* File operations */ #define SMB_VFS_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs.ops.open)((conn)->vfs.handles.open, (fname), (fsp), (flags), (mode))) +#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_CLOSE(fsp) ((fsp)->conn->vfs.ops.close_fn((fsp)->conn->vfs.handles.close_hnd, (fsp))) #define SMB_VFS_READ(fsp, data, n) ((fsp)->conn->vfs.ops.vfs_read((fsp)->conn->vfs.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_PREAD(fsp, data, n, off) ((fsp)->conn->vfs.ops.pread((fsp)->conn->vfs.handles.pread, (fsp), (data), (n), (off))) @@ -173,6 +174,7 @@ /* File operations */ #define SMB_VFS_OPAQUE_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs_opaque.ops.open)((conn)->vfs_opaque.handles.open, (fname), (fsp), (flags), (mode))) +#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_OPAQUE_CLOSE(fsp) ((fsp)->conn->vfs_opaque.ops.close_fn((fsp)->conn->vfs_opaque.handles.close_hnd, (fsp))) #define SMB_VFS_OPAQUE_READ(fsp, data, n) ((fsp)->conn->vfs_opaque.ops.vfs_read((fsp)->conn->vfs_opaque.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_OPAQUE_PREAD(fsp, data, n, off) ((fsp)->conn->vfs_opaque.ops.pread((fsp)->conn->vfs_opaque.handles.pread, (fsp), (data), (n), (off))) @@ -299,6 +301,7 @@ /* File operations */ #define SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode) (((handle)->vfs_next.ops.open)((handle)->vfs_next.handles.open, (fname), (fsp), (flags), (mode))) +#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_NEXT_CLOSE(handle, fsp) ((handle)->vfs_next.ops.close_fn((handle)->vfs_next.handles.close_hnd, (fsp))) #define SMB_VFS_NEXT_READ(handle, fsp, data, n) ((handle)->vfs_next.ops.vfs_read((handle)->vfs_next.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_NEXT_PREAD(handle, fsp, data, n, off) ((handle)->vfs_next.ops.pread((handle)->vfs_next.handles.pread, (fsp), (data), (n), (off))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index d972828ba9..bca06dfaf7 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -208,6 +208,31 @@ static int vfswrap_open(vfs_handle_struct *handle, const char *fname, return result; } +static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + return create_file_default(handle->conn, req, root_dir_fid, fname, + access_mask, share_access, + create_disposition, create_options, + file_attributes, oplock_request, + allocation_size, sd, ea_list, result, pinfo, + psbuf); +} + static int vfswrap_close(vfs_handle_struct *handle, files_struct *fsp) { int result; @@ -1359,6 +1384,8 @@ static vfs_op_tuple vfs_default_ops[] = { {SMB_VFS_OP(vfswrap_open), SMB_VFS_OP_OPEN, SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(vfswrap_create_file), SMB_VFS_OP_CREATE_FILE, + SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(vfswrap_close), SMB_VFS_OP_CLOSE, SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(vfswrap_read), SMB_VFS_OP_READ, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index bf3669022d..b1a31f1761 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2048,7 +2048,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, goto error_exit; } - nt_status = create_file( + nt_status = SMB_VFS_CREATE_FILE( conn, /* conn */ NULL, /* req */ 0, /* root_dir_fid */ @@ -2162,7 +2162,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, goto error_exit; } - nt_status = create_file( + nt_status = SMB_VFS_CREATE_FILE( conn, /* conn */ NULL, /* req */ 0, /* root_dir_fid */ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 777073e6ba..f2c6eaccca 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -474,10 +474,23 @@ void reply_ntcreate_and_X(struct smb_request *req) ? BATCH_OPLOCK : 0; } - status = create_file(conn, req, root_dir_fid, fname, - access_mask, share_access, create_disposition, - create_options, file_attributes, oplock_request, - allocation_size, NULL, NULL, &fsp, &info, &sbuf); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + root_dir_fid, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { @@ -932,10 +945,23 @@ static void call_nt_transact_create(connection_struct *conn, ? BATCH_OPLOCK : 0; } - status = create_file(conn, req, root_dir_fid, fname, - access_mask, share_access, create_disposition, - create_options, file_attributes, oplock_request, - allocation_size, sd, ea_list, &fsp, &info, &sbuf); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + root_dir_fid, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + sd, /* sd */ + ea_list, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if(!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { diff --git a/source3/smbd/open.c b/source3/smbd/open.c index f98415ee33..924b6c5905 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3082,23 +3082,23 @@ NTSTATUS create_file_unixpath(connection_struct *conn, return status; } -NTSTATUS create_file(connection_struct *conn, - struct smb_request *req, - uint16_t root_dir_fid, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) +NTSTATUS create_file_default(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { struct case_semantics_state *case_state = NULL; SMB_STRUCT_STAT sbuf; diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 11c713ab4a..dfd4b47608 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1630,22 +1630,23 @@ void reply_open(struct smb_request *req) return; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - dos_attr, /* file_attributes */ - oplock_request, /* oplock_request */ - 0, /* allocation_size */ - NULL, /* sd */ - NULL, /* ea_list */ - &fsp, /* result */ - &info, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + dos_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { @@ -1774,22 +1775,23 @@ void reply_open_and_X(struct smb_request *req) return; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - smb_attr, /* file_attributes */ - oplock_request, /* oplock_request */ - 0, /* allocation_size */ - NULL, /* sd */ - NULL, /* ea_list */ - &fsp, /* result */ - &smb_action, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + smb_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &smb_action, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); @@ -1972,22 +1974,23 @@ void reply_mknew(struct smb_request *req) create_disposition = FILE_OVERWRITE_IF; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - fattr, /* file_attributes */ - oplock_request, /* oplock_request */ - 0, /* allocation_size */ - NULL, /* sd */ - NULL, /* ea_list */ - &fsp, /* result */ - NULL, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + fattr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 7b051d389f..4669e883fd 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1006,22 +1006,23 @@ static void call_trans2open(connection_struct *conn, return; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - open_attr, /* file_attributes */ - oplock_request, /* oplock_request */ - open_size, /* allocation_size */ - NULL, /* sd */ - ea_list, /* ea_list */ - &fsp, /* result */ - &smb_action, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + open_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + open_size, /* allocation_size */ + NULL, /* sd */ + ea_list, /* ea_list */ + &fsp, /* result */ + &smb_action, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { -- cgit From f995a7af2a06ccff29f23f1b099e0a84bc948f6e Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 19 Nov 2008 17:55:28 -0800 Subject: s3: Add new "is_dos_path" argument to SMB_VFS_CREATE_FILE Now unix paths can be differentiated from windows paths so the underlying create_file implementations can convert paths correctly. --- source3/include/proto.h | 1 + source3/include/vfs.h | 1 + source3/include/vfs_macros.h | 6 +++--- source3/modules/vfs_default.c | 3 ++- source3/rpc_server/srv_srvsvc_nt.c | 2 ++ source3/smbd/nttrans.c | 2 ++ source3/smbd/open.c | 7 ++++--- source3/smbd/reply.c | 3 +++ source3/smbd/trans2.c | 1 + 9 files changed, 19 insertions(+), 7 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 05ef17b51c..258139b877 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8154,6 +8154,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 03b4b8e706..5f6851a7bc 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -313,6 +313,7 @@ struct vfs_ops { struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 5c57e92899..97107f3f60 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -48,7 +48,7 @@ /* File operations */ #define SMB_VFS_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs.ops.open)((conn)->vfs.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_CLOSE(fsp) ((fsp)->conn->vfs.ops.close_fn((fsp)->conn->vfs.handles.close_hnd, (fsp))) #define SMB_VFS_READ(fsp, data, n) ((fsp)->conn->vfs.ops.vfs_read((fsp)->conn->vfs.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_PREAD(fsp, data, n, off) ((fsp)->conn->vfs.ops.pread((fsp)->conn->vfs.handles.pread, (fsp), (data), (n), (off))) @@ -174,7 +174,7 @@ /* File operations */ #define SMB_VFS_OPAQUE_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs_opaque.ops.open)((conn)->vfs_opaque.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_OPAQUE_CLOSE(fsp) ((fsp)->conn->vfs_opaque.ops.close_fn((fsp)->conn->vfs_opaque.handles.close_hnd, (fsp))) #define SMB_VFS_OPAQUE_READ(fsp, data, n) ((fsp)->conn->vfs_opaque.ops.vfs_read((fsp)->conn->vfs_opaque.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_OPAQUE_PREAD(fsp, data, n, off) ((fsp)->conn->vfs_opaque.ops.pread((fsp)->conn->vfs_opaque.handles.pread, (fsp), (data), (n), (off))) @@ -301,7 +301,7 @@ /* File operations */ #define SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode) (((handle)->vfs_next.ops.open)((handle)->vfs_next.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_NEXT_CLOSE(handle, fsp) ((handle)->vfs_next.ops.close_fn((handle)->vfs_next.handles.close_hnd, (fsp))) #define SMB_VFS_NEXT_READ(handle, fsp, data, n) ((handle)->vfs_next.ops.vfs_read((handle)->vfs_next.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_NEXT_PREAD(handle, fsp, data, n, off) ((handle)->vfs_next.ops.pread((handle)->vfs_next.handles.pread, (fsp), (data), (n), (off))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index bca06dfaf7..fde899d1af 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -212,6 +212,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -226,7 +227,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, SMB_STRUCT_STAT *psbuf) { return create_file_default(handle->conn, req, root_dir_fid, fname, - access_mask, share_access, + is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index b1a31f1761..0febfbca06 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2053,6 +2053,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ + true, /* is_dos_path */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2167,6 +2168,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ + true, /* is_dos_path */ FILE_WRITE_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index f2c6eaccca..b66aba5aac 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -479,6 +479,7 @@ void reply_ntcreate_and_X(struct smb_request *req) req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ @@ -950,6 +951,7 @@ static void call_nt_transact_create(connection_struct *conn, req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 924b6c5905..d8f5548883 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3086,6 +3086,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -3111,7 +3112,7 @@ NTSTATUS create_file_default(connection_struct *conn, "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x " "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, " - "fname = %s\n", + "is_dos_path = %s, fname = %s\n", (unsigned int)access_mask, (unsigned int)file_attributes, (unsigned int)share_access, @@ -3119,7 +3120,7 @@ NTSTATUS create_file_default(connection_struct *conn, (unsigned int)create_options, (unsigned int)oplock_request, (unsigned int)root_dir_fid, - ea_list, sd, fname)); + ea_list, sd, fname, is_dos_path ? "true" : "false")); /* * Get the file name. @@ -3275,7 +3276,7 @@ NTSTATUS create_file_default(connection_struct *conn, file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; } - { + if (is_dos_path) { char *converted_fname; SET_STAT_INVALID(sbuf); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dfd4b47608..80292636a6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1635,6 +1635,7 @@ void reply_open(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1780,6 +1781,7 @@ void reply_open_and_X(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1979,6 +1981,7 @@ void reply_mknew(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 4669e883fd..9ba6d198c4 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1011,6 +1011,7 @@ static void call_trans2open(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ -- cgit From 61b4597e3c9016b3fdd540857abf3b72963ad4b2 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sun, 23 Nov 2008 14:37:37 -0800 Subject: s3: Add SMB_VFS_CREATE_FILE to vfs_full_audit module --- source3/modules/vfs_full_audit.c | 64 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) (limited to 'source3') diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 6342c4a14e..fd97a4ccff 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -109,6 +109,23 @@ static int smb_full_audit_closedir(vfs_handle_struct *handle, SMB_STRUCT_DIR *dirp); static int smb_full_audit_open(vfs_handle_struct *handle, const char *fname, files_struct *fsp, int flags, mode_t mode); +static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + bool is_dos_path, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp); static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp, void *data, size_t n); @@ -353,6 +370,8 @@ static vfs_op_tuple audit_op_tuples[] = { {SMB_VFS_OP(smb_full_audit_open), SMB_VFS_OP_OPEN, SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_full_audit_create_file),SMB_VFS_OP_CREATE_FILE, + SMB_VFS_LAYER_LOGGER}, {SMB_VFS_OP(smb_full_audit_close), SMB_VFS_OP_CLOSE, SMB_VFS_LAYER_LOGGER}, {SMB_VFS_OP(smb_full_audit_read), SMB_VFS_OP_READ, @@ -1087,6 +1106,51 @@ static int smb_full_audit_open(vfs_handle_struct *handle, return result; } +static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + bool is_dos_path, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result_fsp, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + NTSTATUS result; + + result = SMB_VFS_NEXT_CREATE_FILE( + handle, /* handle */ + req, /* req */ + root_dir_fid, /* root_dir_fid */ + fname, /* fname */ + is_dos_path, /* is_dos_path */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + sd, /* sd */ + ea_list, /* ea_list */ + result_fsp, /* result */ + pinfo, /* pinfo */ + psbuf); /* psbuf */ + + do_log(SMB_VFS_OP_CREATE_FILE, (NT_STATUS_IS_OK(result)), handle, "0x%x|%s", + access_mask, fname); + + return result; +} + static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp) { int result; -- cgit From 2caa4fe08e157a01012b425a68cc25c381d5f354 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 19 Nov 2008 18:03:27 -0800 Subject: s3: Modify direct callers of create_file_unix_path to call SMB_VFS_CREATE_FILE --- source3/include/proto.h | 16 -------------- source3/smbd/open.c | 58 +++++++++++++++++++++++++++++++++++-------------- source3/smbd/reply.c | 6 +++-- 3 files changed, 46 insertions(+), 34 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 258139b877..c32234a1d8 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8134,22 +8134,6 @@ void msg_file_was_renamed(struct messaging_context *msg, uint32_t msg_type, struct server_id server_id, DATA_BLOB *data); -NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf); NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d8f5548883..989024f553 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -29,6 +29,23 @@ struct deferred_open_record { struct file_id id; }; +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); + /**************************************************************************** SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES. ****************************************************************************/ @@ -2708,22 +2725,22 @@ static NTSTATUS open_streams_for_delete(connection_struct *conn, * Wrapper around open_file_ntcreate and open_directory */ -NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { SMB_STRUCT_STAT sbuf; int info = FILE_WAS_OPENED; @@ -3287,6 +3304,15 @@ NTSTATUS create_file_default(connection_struct *conn, goto fail; } fname = converted_fname; + } else { + if (psbuf != NULL) { + sbuf = *psbuf; + } else { + if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) { + SET_STAT_INVALID(sbuf); + } + } + } TALLOC_FREE(case_state); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 80292636a6..2465e73a18 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2315,10 +2315,12 @@ static NTSTATUS do_unlink(connection_struct *conn, /* On open checks the open itself will check the share mode, so don't do it here as we'll get it wrong. */ - status = create_file_unixpath + status = SMB_VFS_CREATE_FILE (conn, /* conn */ req, /* req */ + 0, /* root_dir_fid */ fname, /* fname */ + false, /* is_dos_path */ DELETE_ACCESS, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2333,7 +2335,7 @@ static NTSTATUS do_unlink(connection_struct *conn, &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("create_file_unixpath failed: %s\n", + DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n", nt_errstr(status))); return status; } -- cgit From 08ce0604757315367f26a2c0869d59dd229c3ffe Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Thu, 20 Nov 2008 18:55:24 -0800 Subject: s3: Modify direct callers of open_file_ntcreate and open_directory to call SMB_VFS_CREATE_FILE --- source3/printing/nt_printing.c | 78 +++++++++++++------- source3/smbd/nttrans.c | 54 +++++++++----- source3/smbd/open.c | 26 ++++--- source3/smbd/posix_acls.c | 29 +++++--- source3/smbd/reply.c | 151 ++++++++++++++++++++++++++------------ source3/smbd/trans2.c | 159 +++++++++++++++++++++++++---------------- 6 files changed, 330 insertions(+), 167 deletions(-) (limited to 'source3') diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 244b3aee03..0c54c6452a 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1344,14 +1344,24 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr goto error_exit; } - status = open_file_ntcreate(conn, NULL, filepath, &stat_buf, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + filepath, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &stat_buf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { /* Old file not found, so by definition new file is in fact newer */ @@ -1385,14 +1395,24 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr goto error_exit; } - status = open_file_ntcreate(conn, NULL, filepath, &stat_buf, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + filepath, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &stat_buf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { /* New file not found, this shouldn't occur if the caller did its job */ @@ -1528,14 +1548,24 @@ static uint32 get_correct_cversion(struct pipes_struct *p, goto error_exit; } - status = open_file_ntcreate(conn, NULL, driverpath, &st, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + driverpath, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &st); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("get_correct_cversion: Can't open file [%s], errno = %d\n", diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index b66aba5aac..a7b2cb6c31 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1186,27 +1186,49 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, DEBUG(10,("copy_internals: doing file copy %s to %s\n", oldname, newname)); - status = open_file_ntcreate(conn, req, oldname, &sbuf1, - FILE_READ_DATA, /* Read-only. */ - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, /* No create options. */ - FILE_ATTRIBUTE_NORMAL, - NO_OPLOCK, - &info, &fsp1); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + oldname, /* fname */ + false, /* is_dos_path */ + FILE_READ_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + NO_OPLOCK, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp1, /* result */ + &info, /* pinfo */ + &sbuf1); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { return status; } - status = open_file_ntcreate(conn, req, newname, &sbuf2, - FILE_WRITE_DATA, /* Read-only. */ - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_CREATE, - 0, /* No create options. */ - fattr, - NO_OPLOCK, - &info, &fsp2); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + newname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_CREATE, /* create_disposition*/ + 0, /* create_options */ + fattr, /* file_attributes */ + NO_OPLOCK, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp2, /* result */ + &info, /* pinfo */ + &sbuf2); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { close_file(NULL, fsp1, ERROR_CLOSE); diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 989024f553..62d4827bb2 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2493,14 +2493,24 @@ NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, cons SET_STAT_INVALID(sbuf); - status = open_directory(conn, req, directory, &sbuf, - FILE_READ_ATTRIBUTES, /* Just a stat open */ - FILE_SHARE_NONE, /* Ignored for stat opens */ - FILE_CREATE, - 0, - FILE_ATTRIBUTE_DIRECTORY, - NULL, - &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + directory, /* fname */ + false, /* is_dos_path */ + FILE_READ_ATTRIBUTES, /* access_mask */ + FILE_SHARE_NONE, /* share_access */ + FILE_CREATE, /* create_disposition*/ + FILE_DIRECTORY_FILE, /* create_options */ + FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ if (NT_STATUS_IS_OK(status)) { close_file(req, fsp, NORMAL_CLOSE); diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 97fd3b2bbe..78a5d548c2 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3248,17 +3248,24 @@ NTSTATUS append_parent_acl(files_struct *fsp, return NT_STATUS_NO_MEMORY; } - status = open_directory(fsp->conn, - NULL, - parent_name, - &sbuf, - FILE_READ_ATTRIBUTES, /* Just a stat open */ - FILE_SHARE_NONE, /* Ignored for stat opens */ - FILE_OPEN, - 0, - INTERNAL_OPEN_ONLY, - &info, - &parent_fsp); + status = SMB_VFS_CREATE_FILE( + fsp->conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + parent_name, /* fname */ + false, /* is_dos_path */ + FILE_READ_ATTRIBUTES, /* access_mask */ + FILE_SHARE_NONE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + FILE_DIRECTORY_FILE, /* create_options */ + 0, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &parent_fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { return status; diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2465e73a18..728753bc3b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2123,14 +2123,24 @@ void reply_ctemp(struct smb_request *req) SMB_VFS_STAT(conn,fname,&sbuf); /* We should fail if file does not exist. */ - status = open_file_ntcreate(conn, req, fname, &sbuf, - FILE_GENERIC_READ | FILE_GENERIC_WRITE, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - fattr, - oplock_request, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + fattr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ /* close fd from smb_mkstemp() */ close(tmpfd); @@ -5631,6 +5641,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, struct smb_Dir *dir_hnd = NULL; const char *dname; long offset = 0; + int create_options = 0; ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); @@ -5744,17 +5755,29 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, ZERO_STRUCT(sbuf1); SMB_VFS_STAT(conn, directory, &sbuf1); - status = S_ISDIR(sbuf1.st_mode) ? - open_directory(conn, req, directory, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, NULL, - &fsp) - : open_file_ntcreate(conn, req, directory, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, 0, NULL, - &fsp); + if (S_ISDIR(sbuf1.st_mode)) { + create_options |= FILE_DIRECTORY_FILE; + } + + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + directory, /* fname */ + false, /* is_dos_path */ + access_mask, /* access_mask */ + (FILE_SHARE_READ | /* share_access */ + FILE_SHARE_WRITE), + FILE_OPEN, /* create_disposition*/ + create_options, /* create_options */ + 0, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf1); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { DEBUG(3, ("Could not open rename source %s: %s\n", @@ -5848,20 +5871,34 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, ZERO_STRUCT(sbuf1); SMB_VFS_STAT(conn, fname, &sbuf1); - status = S_ISDIR(sbuf1.st_mode) ? - open_directory(conn, req, fname, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, NULL, - &fsp) - : open_file_ntcreate(conn, req, fname, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, 0, NULL, - &fsp); + create_options = 0; + + if (S_ISDIR(sbuf1.st_mode)) { + create_options |= FILE_DIRECTORY_FILE; + } + + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + access_mask, /* access_mask */ + (FILE_SHARE_READ | /* share_access */ + FILE_SHARE_WRITE), + FILE_OPEN, /* create_disposition*/ + create_options, /* create_options */ + 0, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf1); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("rename_internals: open_file_ntcreate " + DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE " "returned %s rename %s -> %s\n", nt_errstr(status), directory, newname)); break; @@ -6052,14 +6089,24 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, } } - status = open_file_ntcreate(conn, NULL, src, &src_sbuf, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp1); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + src, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp1, /* result */ + NULL, /* pinfo */ + &src_sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(dest); @@ -6071,14 +6118,24 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, ZERO_STRUCTP(&sbuf2); } - status = open_file_ntcreate(conn, NULL, dest, &sbuf2, - FILE_GENERIC_WRITE, - FILE_SHARE_READ|FILE_SHARE_WRITE, - new_create_disposition, - 0, - dosattrs, - INTERNAL_OPEN_ONLY, - NULL, &fsp2); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + dest, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_WRITE, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + new_create_disposition, /* create_disposition*/ + 0, /* create_options */ + dosattrs, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp2, /* result */ + NULL, /* pinfo */ + &sbuf2); /* psbuf */ TALLOC_FREE(dest); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 9ba6d198c4..b9a04e9b4f 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -5059,15 +5059,26 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, return NT_STATUS_OK; } - status = open_file_ntcreate(conn, req, fname, psbuf, - FILE_WRITE_ATTRIBUTES, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - FORCE_OPLOCK_BREAK_TO_NONE, - NULL, &new_fsp); - + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_ATTRIBUTES, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + FORCE_OPLOCK_BREAK_TO_NONE, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &new_fsp, /* result */ + NULL, /* pinfo */ + psbuf); /* psbuf */ + if (!NT_STATUS_IS_OK(status)) { /* NB. We check for open_was_deferred in the caller. */ return status; @@ -5828,14 +5839,25 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn, /* Pathname or stat or directory file. */ - status = open_file_ntcreate(conn, req, fname, psbuf, - FILE_WRITE_DATA, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - FORCE_OPLOCK_BREAK_TO_NONE, - NULL, &new_fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + FORCE_OPLOCK_BREAK_TO_NONE, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &new_fsp, /* result */ + NULL, /* pinfo */ + psbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { /* NB. We check for open_was_deferred in the caller. */ @@ -6259,16 +6281,24 @@ static NTSTATUS smb_posix_mkdir(connection_struct *conn, DEBUG(10,("smb_posix_mkdir: file %s, mode 0%o\n", fname, (unsigned int)unixmode )); - status = open_directory(conn, req, - fname, - psbuf, - FILE_READ_ATTRIBUTES, /* Just a stat open */ - FILE_SHARE_NONE, /* Ignored for stat opens */ - FILE_CREATE, - 0, - mod_unixmode, - &info, - &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_READ_ATTRIBUTES, /* access_mask */ + FILE_SHARE_NONE, /* share_access */ + FILE_CREATE, /* create_disposition*/ + FILE_DIRECTORY_FILE, /* create_options */ + mod_unixmode, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + psbuf); /* psbuf */ if (NT_STATUS_IS_OK(status)) { close_file(req, fsp, NORMAL_CLOSE); @@ -6425,17 +6455,25 @@ static NTSTATUS smb_posix_open(connection_struct *conn, (unsigned int)wire_open_mode, (unsigned int)unixmode )); - status = open_file_ntcreate(conn, req, - fname, - psbuf, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - create_disp, - 0, /* no create options yet. */ - mod_unixmode, - oplock_request, - &info, - &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + access_mask, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + create_disp, /* create_disposition*/ + 0, /* create_options */ + mod_unixmode, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + psbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { return status; @@ -6520,6 +6558,7 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, uint16 flags = 0; char del = 1; int info = 0; + int create_options = 0; int i; struct share_mode_lock *lck = NULL; @@ -6543,31 +6582,29 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, fname)); if (VALID_STAT_OF_DIR(*psbuf)) { - status = open_directory(conn, req, - fname, - psbuf, - DELETE_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_FLAG_POSIX_SEMANTICS|0777, - &info, - &fsp); - } else { - - status = open_file_ntcreate(conn, req, - fname, - psbuf, - DELETE_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_FLAG_POSIX_SEMANTICS|0777, - 0, /* No oplock, but break existing ones. */ - &info, - &fsp); + create_options |= FILE_DIRECTORY_FILE; } + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + DELETE_ACCESS, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + create_options, /* create_options */ + FILE_FLAG_POSIX_SEMANTICS|0777, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + psbuf); /* psbuf */ + if (!NT_STATUS_IS_OK(status)) { return status; } -- cgit From 6f7f4b428a86921e9532c62856873a19202f286d Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sat, 22 Nov 2008 19:37:24 -0800 Subject: s3: Modify direct caller of open_file to call SMB_VFS_CREATE_FILE --- source3/smbd/open.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 62d4827bb2..2e34115071 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2143,10 +2143,25 @@ NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn, return status; } - /* note! we must use a non-zero desired access or we don't get - a real file descriptor. Oh what a twisted web we weave. */ - status = open_file(fsp, conn, NULL, NULL, NULL, fname, psbuf, O_WRONLY, - 0, FILE_WRITE_DATA, FILE_WRITE_DATA); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + 0, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + psbuf); /* psbuf */ /* * This is not a user visible file open. -- cgit From f79aae70dd10877311243b5b2a55e1f130bd54b6 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sat, 22 Nov 2008 19:40:09 -0800 Subject: s3: Simplify the create_file_unix_path->open_file_ntcreate path Also removed open_file_ntcreate/open_file from proto.h so they can no longer be called directly. --- source3/include/proto.h | 24 --------- source3/smbd/open.c | 131 ++++++++++++++---------------------------------- 2 files changed, 38 insertions(+), 117 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index c32234a1d8..08ecbfd1e5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8100,34 +8100,10 @@ bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func uint32 *pshare_mode, uint32 *pcreate_disposition, uint32 *pcreate_options); -NTSTATUS open_file_ntcreate(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ - uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ - uint32 create_disposition, /* FILE_OPEN_IF etc. */ - uint32 create_options, /* options such as delete on close. */ - uint32 new_dos_attributes, /* attributes used for new file. */ - int oplock_request, /* internal Samba oplock codes. */ - /* Information (FILE_EXISTS etc.) */ - int *pinfo, - files_struct **result); NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf, files_struct **result); NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp); -NTSTATUS open_directory(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, - uint32 share_access, - uint32 create_disposition, - uint32 create_options, - uint32 file_attributes, - int *pinfo, - files_struct **result); NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, const char *directory); void msg_file_was_renamed(struct messaging_context *msg, void *private_data, diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 2e34115071..d2068dde47 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1277,7 +1277,7 @@ static NTSTATUS calculate_access_mask(connection_struct *conn, Open a file with a share mode. Passed in an already created files_struct *. ****************************************************************************/ -static NTSTATUS open_file_ntcreate_internal(connection_struct *conn, +static NTSTATUS open_file_ntcreate(connection_struct *conn, struct smb_request *req, const char *fname, SMB_STRUCT_STAT *psbuf, @@ -2073,55 +2073,6 @@ static NTSTATUS open_file_ntcreate_internal(connection_struct *conn, return NT_STATUS_OK; } -/**************************************************************************** - Open a file with a share mode. -****************************************************************************/ - -NTSTATUS open_file_ntcreate(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ - uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ - uint32 create_disposition, /* FILE_OPEN_IF etc. */ - uint32 create_options, /* options such as delete on close. */ - uint32 new_dos_attributes, /* attributes used for new file. */ - int oplock_request, /* internal Samba oplock codes. */ - /* Information (FILE_EXISTS etc.) */ - int *pinfo, - files_struct **result) -{ - NTSTATUS status; - files_struct *fsp = NULL; - - *result = NULL; - - status = file_new(req, conn, &fsp); - if(!NT_STATUS_IS_OK(status)) { - return status; - } - - status = open_file_ntcreate_internal(conn, - req, - fname, - psbuf, - access_mask, - share_access, - create_disposition, - create_options, - new_dos_attributes, - oplock_request, - pinfo, - fsp); - - if(!NT_STATUS_IS_OK(status)) { - file_free(req, fsp); - return status; - } - - *result = fsp; - return status; -} /**************************************************************************** Open a file for for write to ensure that we can fchmod it. @@ -2282,17 +2233,17 @@ static NTSTATUS mkdir_internal(connection_struct *conn, Open a directory from an NT SMB call. ****************************************************************************/ -NTSTATUS open_directory(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, - uint32 share_access, - uint32 create_disposition, - uint32 create_options, - uint32 file_attributes, - int *pinfo, - files_struct **result) +static NTSTATUS open_directory(connection_struct *conn, + struct smb_request *req, + const char *fname, + SMB_STRUCT_STAT *psbuf, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 file_attributes, + int *pinfo, + files_struct **result) { files_struct *fsp = NULL; bool dir_existed = VALID_STAT(*psbuf) ? True : False; @@ -2932,41 +2883,35 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, * Ordinary file case. */ - if (base_fsp) { - /* - * We're opening the stream element of a base_fsp - * we already opened. We need to initialize - * the fsp first, and set up the base_fsp pointer. - */ - status = file_new(req, conn, &fsp); - if(!NT_STATUS_IS_OK(status)) { - goto fail; - } + status = file_new(req, conn, &fsp); + if(!NT_STATUS_IS_OK(status)) { + goto fail; + } + /* + * We're opening the stream element of a base_fsp + * we already opened. Set up the base_fsp pointer. + */ + if (base_fsp) { fsp->base_fsp = base_fsp; + } - status = open_file_ntcreate_internal(conn, - req, - fname, - &sbuf, - access_mask, - share_access, - create_disposition, - create_options, - file_attributes, - oplock_request, - &info, - fsp); - - if(!NT_STATUS_IS_OK(status)) { - file_free(req, fsp); - fsp = NULL; - } - } else { - status = open_file_ntcreate( - conn, req, fname, &sbuf, access_mask, share_access, - create_disposition, create_options, file_attributes, - oplock_request, &info, &fsp); + status = open_file_ntcreate(conn, + req, + fname, + &sbuf, + access_mask, + share_access, + create_disposition, + create_options, + file_attributes, + oplock_request, + &info, + fsp); + + if(!NT_STATUS_IS_OK(status)) { + file_free(req, fsp); + fsp = NULL; } if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) { -- cgit From 58440122853b65048793efd90ee45916e25c08c1 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 1 Dec 2008 12:47:31 -0800 Subject: s3: Change SMB_VFS_CREATE_FILE to take a create_file_flags argument This replaces the is_dos_path bool with a more future-proof argument. The next step is to plumb INTERNAL_OPEN_ONLY through this flag instead of overridding the oplock_request. --- source3/include/proto.h | 2 +- source3/include/smb.h | 5 +++++ source3/include/vfs.h | 2 +- source3/include/vfs_macros.h | 6 +++--- source3/modules/vfs_default.c | 4 ++-- source3/modules/vfs_full_audit.c | 6 +++--- source3/printing/nt_printing.c | 6 +++--- source3/rpc_server/srv_srvsvc_nt.c | 4 ++-- source3/smbd/nttrans.c | 8 ++++---- source3/smbd/open.c | 12 ++++++------ source3/smbd/posix_acls.c | 2 +- source3/smbd/reply.c | 18 +++++++++--------- source3/smbd/trans2.c | 12 ++++++------ 13 files changed, 46 insertions(+), 41 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 08ecbfd1e5..63fe4d47c5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8114,7 +8114,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/smb.h b/source3/include/smb.h index bcf605ee53..39673e1ff7 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1895,4 +1895,9 @@ struct smb_extended_info { char samba_version_string[SAMBA_EXTENDED_INFO_VERSION_STRING_LENGTH]; }; +/* + * create_file_flags + */ +#define CFF_DOS_PATH 0x00000001 + #endif /* _SMB_H */ diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 5f6851a7bc..383cd327ae 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -313,7 +313,7 @@ struct vfs_ops { struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 97107f3f60..fa5dad8781 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -48,7 +48,7 @@ /* File operations */ #define SMB_VFS_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs.ops.open)((conn)->vfs.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (create_file_flags), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_CLOSE(fsp) ((fsp)->conn->vfs.ops.close_fn((fsp)->conn->vfs.handles.close_hnd, (fsp))) #define SMB_VFS_READ(fsp, data, n) ((fsp)->conn->vfs.ops.vfs_read((fsp)->conn->vfs.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_PREAD(fsp, data, n, off) ((fsp)->conn->vfs.ops.pread((fsp)->conn->vfs.handles.pread, (fsp), (data), (n), (off))) @@ -174,7 +174,7 @@ /* File operations */ #define SMB_VFS_OPAQUE_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs_opaque.ops.open)((conn)->vfs_opaque.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (create_file_flags), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_OPAQUE_CLOSE(fsp) ((fsp)->conn->vfs_opaque.ops.close_fn((fsp)->conn->vfs_opaque.handles.close_hnd, (fsp))) #define SMB_VFS_OPAQUE_READ(fsp, data, n) ((fsp)->conn->vfs_opaque.ops.vfs_read((fsp)->conn->vfs_opaque.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_OPAQUE_PREAD(fsp, data, n, off) ((fsp)->conn->vfs_opaque.ops.pread((fsp)->conn->vfs_opaque.handles.pread, (fsp), (data), (n), (off))) @@ -301,7 +301,7 @@ /* File operations */ #define SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode) (((handle)->vfs_next.ops.open)((handle)->vfs_next.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (create_file_flags), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_NEXT_CLOSE(handle, fsp) ((handle)->vfs_next.ops.close_fn((handle)->vfs_next.handles.close_hnd, (fsp))) #define SMB_VFS_NEXT_READ(handle, fsp, data, n) ((handle)->vfs_next.ops.vfs_read((handle)->vfs_next.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_NEXT_PREAD(handle, fsp, data, n, off) ((handle)->vfs_next.ops.pread((handle)->vfs_next.handles.pread, (fsp), (data), (n), (off))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index fde899d1af..6d8d8f8065 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -212,7 +212,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -227,7 +227,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, SMB_STRUCT_STAT *psbuf) { return create_file_default(handle->conn, req, root_dir_fid, fname, - is_dos_path, access_mask, share_access, + create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index fd97a4ccff..7970bf2644 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -113,7 +113,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -1110,7 +1110,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -1131,7 +1131,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ - is_dos_path, /* is_dos_path */ + create_file_flags, /* create_file_flags */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 0c54c6452a..ba1fb4352c 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1349,7 +1349,7 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr NULL, /* req */ 0, /* root_dir_fid */ filepath, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -1400,7 +1400,7 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr NULL, /* req */ 0, /* root_dir_fid */ filepath, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -1553,7 +1553,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ driverpath, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 0febfbca06..76b475120d 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2053,7 +2053,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2168,7 +2168,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ FILE_WRITE_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index a7b2cb6c31..24a14a8c1b 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -479,7 +479,7 @@ void reply_ntcreate_and_X(struct smb_request *req) req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ @@ -951,7 +951,7 @@ static void call_nt_transact_create(connection_struct *conn, req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ @@ -1191,7 +1191,7 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ oldname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -1215,7 +1215,7 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ newname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d2068dde47..55aec16840 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2099,7 +2099,7 @@ NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn, NULL, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -2464,7 +2464,7 @@ NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, cons req, /* req */ 0, /* root_dir_fid */ directory, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_CREATE, /* create_disposition*/ @@ -3073,7 +3073,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -3099,7 +3099,7 @@ NTSTATUS create_file_default(connection_struct *conn, "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x " "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, " - "is_dos_path = %s, fname = %s\n", + "create_file_flags = 0x%x, fname = %s\n", (unsigned int)access_mask, (unsigned int)file_attributes, (unsigned int)share_access, @@ -3107,7 +3107,7 @@ NTSTATUS create_file_default(connection_struct *conn, (unsigned int)create_options, (unsigned int)oplock_request, (unsigned int)root_dir_fid, - ea_list, sd, fname, is_dos_path ? "true" : "false")); + ea_list, sd, create_file_flags, fname)); /* * Get the file name. @@ -3263,7 +3263,7 @@ NTSTATUS create_file_default(connection_struct *conn, file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; } - if (is_dos_path) { + if (create_file_flags & CFF_DOS_PATH) { char *converted_fname; SET_STAT_INVALID(sbuf); diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 78a5d548c2..b184279259 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3253,7 +3253,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, NULL, /* req */ 0, /* root_dir_fid */ parent_name, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 728753bc3b..00c744ce1a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1635,7 +1635,7 @@ void reply_open(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1781,7 +1781,7 @@ void reply_open_and_X(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1981,7 +1981,7 @@ void reply_mknew(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -2128,7 +2128,7 @@ void reply_ctemp(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2330,7 +2330,7 @@ static NTSTATUS do_unlink(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ DELETE_ACCESS, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -5764,7 +5764,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ directory, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ access_mask, /* access_mask */ (FILE_SHARE_READ | /* share_access */ FILE_SHARE_WRITE), @@ -5882,7 +5882,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ access_mask, /* access_mask */ (FILE_SHARE_READ | /* share_access */ FILE_SHARE_WRITE), @@ -6094,7 +6094,7 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, NULL, /* req */ 0, /* root_dir_fid */ src, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -6123,7 +6123,7 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, NULL, /* req */ 0, /* root_dir_fid */ dest, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_WRITE, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ new_create_disposition, /* create_disposition*/ diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index b9a04e9b4f..f41210b2e1 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1011,7 +1011,7 @@ static void call_trans2open(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -5064,7 +5064,7 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_ATTRIBUTES, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -5844,7 +5844,7 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -6286,7 +6286,7 @@ static NTSTATUS smb_posix_mkdir(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_CREATE, /* create_disposition*/ @@ -6460,7 +6460,7 @@ static NTSTATUS smb_posix_open(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ access_mask, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -6590,7 +6590,7 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ DELETE_ACCESS, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), -- cgit From dbfcd3f97c02a19c48360b4f477570997f8aa870 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 1 Dec 2008 14:13:14 -0800 Subject: s3: Fix FILE_FLAG_POSIX_SEMANTICS handling underneath SMB_VFS_CREATE_FILE --- source3/smbd/open.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 55aec16840..41a1fb371d 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2861,7 +2861,8 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } /* Can't open a temp directory. IFS kit test. */ - if (file_attributes & FILE_ATTRIBUTE_TEMPORARY) { + if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && + (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) { status = NT_STATUS_INVALID_PARAMETER; goto fail; } @@ -3260,7 +3261,6 @@ NTSTATUS create_file_default(connection_struct *conn, if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { case_state = set_posix_case_semantics(talloc_tos(), conn); - file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; } if (create_file_flags & CFF_DOS_PATH) { -- cgit From 2b8f3e253d3a56aac996287f5ce265d0c915b3c8 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 12:26:03 +0100 Subject: s3:net: fix password set of 'net rpc trustdom add' metze --- source3/utils/net_rpc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 3c8ce0326e..0c34972a29 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5250,7 +5250,8 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, notime, notime, notime, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, ¶meters, - 0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS, + 0, 0, ACB_DOMTRUST, + SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_PASSWORD, hours, 0, 0, 0, 0, 0, 0, 0, &crypt_pwd); -- cgit From db59cbfba8018d5b8eaf71d6a4441c5914baca4c Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 3 Dec 2008 15:59:17 +0100 Subject: s3:winbindd: don't open a new dc connection in winbindd_getgrnam (main winbindd) This is just to find the corresponding domain struct. Actual connection is handled by the domain child. Michael --- source3/winbindd/winbindd_group.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 3422fdba1c..8b4d4d6dec 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -800,7 +800,7 @@ void winbindd_getgrnam(struct winbindd_cli_state *state) /* Get info for the domain */ - if ((domain = find_domain_from_name(name_domain)) == NULL) { + if ((domain = find_domain_from_name_noinit(name_domain)) == NULL) { DEBUG(3, ("could not get domain sid for domain %s\n", name_domain)); request_error(state); -- cgit From 95b4baf5adc61e823a83044e9a679a6200d2f6af Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 3 Dec 2008 16:38:55 +0100 Subject: s3:winbindd: don't open a new dc connection in winbindd_getpwnam (main winbindd) This is just to find the corresponding domain struct. Actual connection is handled by the domain child. Michael --- source3/winbindd/winbindd_user.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c index e5d0a22a73..fd1fdd3699 100644 --- a/source3/winbindd/winbindd_user.c +++ b/source3/winbindd/winbindd_user.c @@ -456,7 +456,7 @@ void winbindd_getpwnam(struct winbindd_cli_state *state) /* Get info for the domain */ - domain = find_domain_from_name(domname); + domain = find_domain_from_name_noinit(domname); if (domain == NULL) { DEBUG(7, ("could not find domain entry for domain %s. " -- cgit From 0f38bd90722469c6dbf1bcc7f56d3fbf6db3a8e8 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 4 Dec 2008 14:00:44 +0100 Subject: s3:winbindd: fix horrible mis-indentation of toplvl braces in getgrsid_sid2gid_recv to make code more readble Michael --- source3/winbindd/winbindd_group.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 8b4d4d6dec..7432bda451 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -833,7 +833,7 @@ struct getgrsid_state { }; static void getgrsid_sid2gid_recv(void *private_data, bool success, gid_t gid) - { +{ struct getgrsid_state *s = (struct getgrsid_state *)private_data; struct winbindd_domain *domain; @@ -884,7 +884,7 @@ static void getgrsid_sid2gid_recv(void *private_data, bool success, gid_t gid) s->state->response.extra_data.data = gr_mem; request_ok(s->state); - } +} static void getgrsid_lookupsid_recv( void *private_data, bool success, const char *dom_name, const char *name, -- cgit From 15e1fd7c540ab47dffdfbd4cfad3a8c18a3f62dc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 4 Dec 2008 11:20:57 -0800 Subject: Fix bug #1254 - write list not working under share-level security A somewhat more elegant fix than I could use for 3.2.x or 3.0.x. Turns out the only part of check_user_ok() that needs to change for share level security is the VUID cache pieces, so I can just always use check_user_ok() for all lp_security() cases. Jeremy --- source3/auth/auth_util.c | 2 +- source3/include/proto.h | 6 ++-- source3/smbd/share_access.c | 4 +-- source3/smbd/uid.c | 81 +++++++++++++++++++++++++-------------------- 4 files changed, 52 insertions(+), 41 deletions(-) (limited to 'source3') diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 9220df01c0..d2a8591ae6 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1294,7 +1294,7 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, - auth_serversupplied_info *src) + const auth_serversupplied_info *src) { auth_serversupplied_info *dst; diff --git a/source3/include/proto.h b/source3/include/proto.h index 63fe4d47c5..89b443e9db 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -123,7 +123,7 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, bool is_guest, struct auth_serversupplied_info **presult); struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, - auth_serversupplied_info *src); + const auth_serversupplied_info *src); bool init_guest_info(void); bool server_info_set_session_key(struct auth_serversupplied_info *info, DATA_BLOB session_key); @@ -8462,10 +8462,10 @@ bool token_contains_name_in_list(const char *username, const struct nt_user_token *token, const char **list); bool user_ok_token(const char *username, const char *domain, - struct nt_user_token *token, int snum); + const struct nt_user_token *token, int snum); bool is_share_read_only_for_token(const char *username, const char *domain, - struct nt_user_token *token, + const struct nt_user_token *token, connection_struct *conn); /* The following definitions come from smbd/srvstr.c */ diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c index 9dbacc2998..c72251b5a7 100644 --- a/source3/smbd/share_access.c +++ b/source3/smbd/share_access.c @@ -192,7 +192,7 @@ bool token_contains_name_in_list(const char *username, */ bool user_ok_token(const char *username, const char *domain, - struct nt_user_token *token, int snum) + const struct nt_user_token *token, int snum) { if (lp_invalid_users(snum) != NULL) { if (token_contains_name_in_list(username, domain, @@ -252,7 +252,7 @@ bool user_ok_token(const char *username, const char *domain, bool is_share_read_only_for_token(const char *username, const char *domain, - struct nt_user_token *token, + const struct nt_user_token *token, connection_struct *conn) { int snum = SNUM(conn); diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index ca7df264e2..5a4b8a52e7 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -61,22 +61,27 @@ bool change_to_guest(void) later code can then mess with. ********************************************************************/ -static bool check_user_ok(connection_struct *conn, uint16_t vuid, - struct auth_serversupplied_info *server_info, - int snum) +static bool check_user_ok(connection_struct *conn, + uint16_t vuid, + const struct auth_serversupplied_info *server_info, + int snum) { + bool valid_vuid = (vuid != UID_FIELD_INVALID); unsigned int i; - struct vuid_cache_entry *ent = NULL; bool readonly_share; bool admin_user; - for (i=0; ivuid_cache.array[i]; - if (ent->vuid == vuid) { - conn->server_info = ent->server_info; - conn->read_only = ent->read_only; - conn->admin_user = ent->admin_user; - return(True); + if (valid_vuid) { + struct vuid_cache_entry *ent; + + for (i=0; ivuid_cache.array[i]; + if (ent->vuid == vuid) { + conn->server_info = ent->server_info; + conn->read_only = ent->read_only; + conn->admin_user = ent->admin_user; + return(True); + } } } @@ -112,33 +117,36 @@ static bool check_user_ok(connection_struct *conn, uint16_t vuid, pdb_get_domain(server_info->sam_account), NULL, server_info->ptok, lp_admin_users(snum)); - ent = &conn->vuid_cache.array[conn->vuid_cache.next_entry]; + if (valid_vuid) { + struct vuid_cache_entry *ent = + &conn->vuid_cache.array[conn->vuid_cache.next_entry]; - conn->vuid_cache.next_entry = - (conn->vuid_cache.next_entry + 1) % VUID_CACHE_SIZE; + conn->vuid_cache.next_entry = + (conn->vuid_cache.next_entry + 1) % VUID_CACHE_SIZE; - TALLOC_FREE(ent->server_info); + TALLOC_FREE(ent->server_info); - /* - * If force_user was set, all server_info's are based on the same - * username-based faked one. - */ + /* + * If force_user was set, all server_info's are based on the same + * username-based faked one. + */ - ent->server_info = copy_serverinfo( - conn, conn->force_user ? conn->server_info : server_info); + ent->server_info = copy_serverinfo( + conn, conn->force_user ? conn->server_info : server_info); - if (ent->server_info == NULL) { - ent->vuid = UID_FIELD_INVALID; - return false; - } + if (ent->server_info == NULL) { + ent->vuid = UID_FIELD_INVALID; + return false; + } - ent->vuid = vuid; - ent->read_only = readonly_share; - ent->admin_user = admin_user; + ent->vuid = vuid; + ent->read_only = readonly_share; + ent->admin_user = admin_user; + conn->server_info = ent->server_info; + } - conn->read_only = ent->read_only; - conn->admin_user = ent->admin_user; - conn->server_info = ent->server_info; + conn->read_only = readonly_share; + conn->admin_user = admin_user; return(True); } @@ -172,6 +180,7 @@ void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid) bool change_to_user(connection_struct *conn, uint16 vuid) { + const struct auth_serversupplied_info *server_info = NULL; user_struct *vuser = get_valid_user_struct(vuid); int snum; gid_t gid; @@ -207,13 +216,15 @@ bool change_to_user(connection_struct *conn, uint16 vuid) snum = SNUM(conn); - if ((vuser) && !check_user_ok(conn, vuid, vuser->server_info, snum)) { + server_info = vuser ? vuser->server_info : conn->server_info; + + if (!check_user_ok(conn, vuid, server_info, snum)) { DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) " "not permitted access to share %s.\n", - vuser->server_info->sanitized_username, - vuser->server_info->unix_name, vuid, + server_info->sanitized_username, + server_info->unix_name, vuid, lp_servicename(snum))); - return False; + return false; } /* -- cgit From 09b4a9513cf0be52dcd43660ae384b8f7c398287 Mon Sep 17 00:00:00 2001 From: Henning Henkel Date: Thu, 4 Dec 2008 13:55:12 -0800 Subject: Fix bug #5929 - vfs_prealloc does not build with option --with-cluster-support and GPFS --- source3/modules/vfs_prealloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/modules/vfs_prealloc.c b/source3/modules/vfs_prealloc.c index 2a06e3d81b..5a339dbf8d 100644 --- a/source3/modules/vfs_prealloc.c +++ b/source3/modules/vfs_prealloc.c @@ -56,9 +56,9 @@ static int module_debug; static int preallocate_space(int fd, SMB_OFF_T size) { + int err; #ifndef HAVE_GPFS lock_type fl = {0}; - int err; if (size <= 0) { return 0; -- cgit From 0e723d8f7d918d2d1a1e9e26d976f016d5d97c94 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 4 Dec 2008 15:35:32 -0800 Subject: Fix bug #5937 - filenames with "*" char hide other files Jeremy. --- source3/smbd/trans2.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'source3') diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index f41210b2e1..606e656795 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1095,15 +1095,13 @@ static bool exact_match(connection_struct *conn, { if (mask[0] == '.' && mask[1] == 0) return False; - if (conn->case_sensitive) - return strcmp(str,mask)==0; - if (StrCaseCmp(str,mask) != 0) { - return False; - } if (dptr_has_wild(conn->dirptr)) { return False; } - return True; + if (conn->case_sensitive) + return strcmp(str,mask)==0; + else + return StrCaseCmp(str,mask) == 0; } /**************************************************************************** -- cgit From e9269e57fce69a4ad9dcf19444e60ff3cd489d18 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 29 Nov 2008 00:27:28 +0100 Subject: s3-rpcclient: add get_domain_handle for samr commands. Guenther --- source3/rpcclient/cmd_samr.c | 168 +++++++++++++++++-------------------------- 1 file changed, 64 insertions(+), 104 deletions(-) (limited to 'source3') diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index eaf5adbfa5..139702cc74 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -264,6 +264,35 @@ static void display_sam_info_5(struct samr_DispEntryAscii *r) printf("Account: %s\n", r->account_name.string); } +/**************************************************************************** + ****************************************************************************/ + +static NTSTATUS get_domain_handle(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *sam, + struct policy_handle *connect_pol, + uint32_t access_mask, + struct dom_sid *_domain_sid, + struct policy_handle *domain_pol) +{ + + if (StrCaseCmp(sam, "domain") == 0) { + return rpccli_samr_OpenDomain(cli, mem_ctx, + connect_pol, + access_mask, + _domain_sid, + domain_pol); + } else if (StrCaseCmp(sam, "builtin") == 0) { + return rpccli_samr_OpenDomain(cli, mem_ctx, + connect_pol, + access_mask, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + domain_pol); + } + + return NT_STATUS_INVALID_PARAMETER; +} + /********************************************************************** * Query user information */ @@ -649,21 +678,11 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - &domain_sid, &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else { - printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]); - return NT_STATUS_INVALID_PARAMETER; - } + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -955,20 +974,11 @@ static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli, /* Get domain policy handle */ - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1107,20 +1117,11 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, /* Open handle on domain */ - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1197,25 +1198,11 @@ static NTSTATUS cmd_samr_query_aliasinfo(struct rpc_pipe_client *cli, /* Open handle on domain */ - if (strequal(argv[1], "domain")) { - - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - SEC_FLAG_MAXIMUM_ALLOWED, - &domain_sid, - &domain_pol); - - } else if (strequal(argv[1], "builtin")) { - - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - SEC_FLAG_MAXIMUM_ALLOWED, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - - } else { - return NT_STATUS_OK; - } + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + SEC_FLAG_MAXIMUM_ALLOWED, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -1294,20 +1281,11 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, /* Open handle on domain */ - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_INVALID_PARAMETER; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1890,20 +1868,11 @@ static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1973,20 +1942,11 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; -- cgit From 98ea2b12c4c0f77c81ba5fb3689ddb056204fcf5 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 29 Nov 2008 00:30:21 +0100 Subject: s3-build: re-run make samba3-idl. Guenther --- source3/librpc/gen_ndr/ndr_samr.c | 54 +++++++++++++++++++-------------------- source3/librpc/gen_ndr/samr.h | 18 ++++++------- 2 files changed, 36 insertions(+), 36 deletions(-) (limited to 'source3') diff --git a/source3/librpc/gen_ndr/ndr_samr.c b/source3/librpc/gen_ndr/ndr_samr.c index 975bde3340..83db0faaef 100644 --- a/source3/librpc/gen_ndr/ndr_samr.c +++ b/source3/librpc/gen_ndr/ndr_samr.c @@ -852,8 +852,7 @@ static enum ndr_err_code ndr_push_samr_DomInfo13(struct ndr_push *ndr, int ndr_f NDR_CHECK(ndr_push_align(ndr, 8)); NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, r->sequence_num)); NDR_CHECK(ndr_push_NTTIME(ndr, NDR_SCALARS, r->domain_create_time)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->unknown1)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->unknown2)); + NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, r->modified_count_at_last_promotion)); } if (ndr_flags & NDR_BUFFERS) { } @@ -866,8 +865,7 @@ static enum ndr_err_code ndr_pull_samr_DomInfo13(struct ndr_pull *ndr, int ndr_f NDR_CHECK(ndr_pull_align(ndr, 8)); NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, &r->sequence_num)); NDR_CHECK(ndr_pull_NTTIME(ndr, NDR_SCALARS, &r->domain_create_time)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown1)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown2)); + NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, &r->modified_count_at_last_promotion)); } if (ndr_flags & NDR_BUFFERS) { } @@ -880,8 +878,7 @@ _PUBLIC_ void ndr_print_samr_DomInfo13(struct ndr_print *ndr, const char *name, ndr->depth++; ndr_print_hyper(ndr, "sequence_num", r->sequence_num); ndr_print_NTTIME(ndr, "domain_create_time", r->domain_create_time); - ndr_print_uint32(ndr, "unknown1", r->unknown1); - ndr_print_uint32(ndr, "unknown2", r->unknown2); + ndr_print_hyper(ndr, "modified_count_at_last_promotion", r->modified_count_at_last_promotion); ndr->depth--; } @@ -2652,10 +2649,11 @@ static enum ndr_err_code ndr_push_samr_UserInfo18(struct ndr_push *ndr, int ndr_ { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 1)); - NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->nt_pwd)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->lm_pwd_active)); + NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->nt_pwd_active)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->lm_pwd_active)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->password_expired)); } if (ndr_flags & NDR_BUFFERS) { } @@ -2666,10 +2664,11 @@ static enum ndr_err_code ndr_pull_samr_UserInfo18(struct ndr_pull *ndr, int ndr_ { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 1)); - NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->nt_pwd)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->lm_pwd_active)); + NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->nt_pwd_active)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->lm_pwd_active)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->password_expired)); } if (ndr_flags & NDR_BUFFERS) { } @@ -2680,10 +2679,11 @@ _PUBLIC_ void ndr_print_samr_UserInfo18(struct ndr_print *ndr, const char *name, { ndr_print_struct(ndr, name, "samr_UserInfo18"); ndr->depth++; - ndr_print_samr_Password(ndr, "lm_pwd", &r->lm_pwd); ndr_print_samr_Password(ndr, "nt_pwd", &r->nt_pwd); - ndr_print_uint8(ndr, "lm_pwd_active", r->lm_pwd_active); + ndr_print_samr_Password(ndr, "lm_pwd", &r->lm_pwd); ndr_print_uint8(ndr, "nt_pwd_active", r->nt_pwd_active); + ndr_print_uint8(ndr, "lm_pwd_active", r->lm_pwd_active); + ndr_print_uint8(ndr, "password_expired", r->password_expired); ndr->depth--; } @@ -2761,8 +2761,8 @@ _PUBLIC_ void ndr_print_samr_FieldsPresent(struct ndr_print *ndr, const char *na ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PARAMETERS", SAMR_FIELD_PARAMETERS, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_COUNTRY_CODE", SAMR_FIELD_COUNTRY_CODE, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_CODE_PAGE", SAMR_FIELD_CODE_PAGE, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PASSWORD", SAMR_FIELD_PASSWORD, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PASSWORD2", SAMR_FIELD_PASSWORD2, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_NT_PASSWORD_PRESENT", SAMR_FIELD_NT_PASSWORD_PRESENT, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_LM_PASSWORD_PRESENT", SAMR_FIELD_LM_PASSWORD_PRESENT, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PRIVATE_DATA", SAMR_FIELD_PRIVATE_DATA, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_EXPIRED_FLAG", SAMR_FIELD_EXPIRED_FLAG, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_SEC_DESC", SAMR_FIELD_SEC_DESC, r); @@ -2790,8 +2790,8 @@ static enum ndr_err_code ndr_push_samr_UserInfo21(struct ndr_push *ndr, int ndr_ NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->workstations)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->comment)); NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_SCALARS, &r->parameters)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->unknown1)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->unknown2)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_SCALARS, &r->lm_owf_password)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_SCALARS, &r->nt_owf_password)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->unknown3)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->buf_count)); NDR_CHECK(ndr_push_unique_ptr(ndr, r->buffer)); @@ -2804,8 +2804,8 @@ static enum ndr_err_code ndr_push_samr_UserInfo21(struct ndr_push *ndr, int ndr_ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->logon_count)); NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->country_code)); NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->code_page)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->nt_password_set)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->lm_password_set)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->nt_password_set)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->password_expired)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->unknown4)); } @@ -2820,8 +2820,8 @@ static enum ndr_err_code ndr_push_samr_UserInfo21(struct ndr_push *ndr, int ndr_ NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->workstations)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->comment)); NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_BUFFERS, &r->parameters)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->unknown1)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->unknown2)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_BUFFERS, &r->lm_owf_password)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_BUFFERS, &r->nt_owf_password)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->unknown3)); if (r->buffer) { NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->buf_count)); @@ -2854,8 +2854,8 @@ static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_ NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->workstations)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->comment)); NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_SCALARS, &r->parameters)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown1)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown2)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_SCALARS, &r->lm_owf_password)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_SCALARS, &r->nt_owf_password)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown3)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->buf_count)); NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_buffer)); @@ -2873,8 +2873,8 @@ static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->logon_count)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->country_code)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->code_page)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->nt_password_set)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->lm_password_set)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->nt_password_set)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->password_expired)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->unknown4)); } @@ -2889,8 +2889,8 @@ static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_ NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->workstations)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->comment)); NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_BUFFERS, &r->parameters)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown1)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown2)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_BUFFERS, &r->lm_owf_password)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_BUFFERS, &r->nt_owf_password)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown3)); if (r->buffer) { _mem_save_buffer_0 = NDR_PULL_GET_MEM_CTX(ndr); @@ -2928,8 +2928,8 @@ _PUBLIC_ void ndr_print_samr_UserInfo21(struct ndr_print *ndr, const char *name, ndr_print_lsa_String(ndr, "workstations", &r->workstations); ndr_print_lsa_String(ndr, "comment", &r->comment); ndr_print_lsa_BinaryString(ndr, "parameters", &r->parameters); - ndr_print_lsa_String(ndr, "unknown1", &r->unknown1); - ndr_print_lsa_String(ndr, "unknown2", &r->unknown2); + ndr_print_lsa_BinaryString(ndr, "lm_owf_password", &r->lm_owf_password); + ndr_print_lsa_BinaryString(ndr, "nt_owf_password", &r->nt_owf_password); ndr_print_lsa_String(ndr, "unknown3", &r->unknown3); ndr_print_uint32(ndr, "buf_count", r->buf_count); ndr_print_ptr(ndr, "buffer", r->buffer); @@ -2947,8 +2947,8 @@ _PUBLIC_ void ndr_print_samr_UserInfo21(struct ndr_print *ndr, const char *name, ndr_print_uint16(ndr, "logon_count", r->logon_count); ndr_print_uint16(ndr, "country_code", r->country_code); ndr_print_uint16(ndr, "code_page", r->code_page); - ndr_print_uint8(ndr, "nt_password_set", r->nt_password_set); ndr_print_uint8(ndr, "lm_password_set", r->lm_password_set); + ndr_print_uint8(ndr, "nt_password_set", r->nt_password_set); ndr_print_uint8(ndr, "password_expired", r->password_expired); ndr_print_uint8(ndr, "unknown4", r->unknown4); ndr->depth--; diff --git a/source3/librpc/gen_ndr/samr.h b/source3/librpc/gen_ndr/samr.h index 537f144940..3116f26d8c 100644 --- a/source3/librpc/gen_ndr/samr.h +++ b/source3/librpc/gen_ndr/samr.h @@ -252,8 +252,7 @@ struct samr_DomInfo12 { struct samr_DomInfo13 { uint64_t sequence_num; NTTIME domain_create_time; - uint32_t unknown1; - uint32_t unknown2; + uint64_t modified_count_at_last_promotion; }; union samr_DomainInfo { @@ -477,10 +476,11 @@ struct samr_Password { }/* [public,flag(LIBNDR_PRINT_ARRAY_HEX)] */; struct samr_UserInfo18 { - struct samr_Password lm_pwd; struct samr_Password nt_pwd; - uint8_t lm_pwd_active; + struct samr_Password lm_pwd; uint8_t nt_pwd_active; + uint8_t lm_pwd_active; + uint8_t password_expired; }; struct samr_UserInfo20 { @@ -512,8 +512,8 @@ struct samr_UserInfo20 { #define SAMR_FIELD_PARAMETERS ( 0x00200000 ) #define SAMR_FIELD_COUNTRY_CODE ( 0x00400000 ) #define SAMR_FIELD_CODE_PAGE ( 0x00800000 ) -#define SAMR_FIELD_PASSWORD ( 0x01000000 ) -#define SAMR_FIELD_PASSWORD2 ( 0x02000000 ) +#define SAMR_FIELD_NT_PASSWORD_PRESENT ( 0x01000000 ) +#define SAMR_FIELD_LM_PASSWORD_PRESENT ( 0x02000000 ) #define SAMR_FIELD_PRIVATE_DATA ( 0x04000000 ) #define SAMR_FIELD_EXPIRED_FLAG ( 0x08000000 ) #define SAMR_FIELD_SEC_DESC ( 0x10000000 ) @@ -536,8 +536,8 @@ struct samr_UserInfo21 { struct lsa_String workstations; struct lsa_String comment; struct lsa_BinaryString parameters; - struct lsa_String unknown1; - struct lsa_String unknown2; + struct lsa_BinaryString lm_owf_password; + struct lsa_BinaryString nt_owf_password; struct lsa_String unknown3; uint32_t buf_count; uint8_t *buffer;/* [unique,size_is(buf_count)] */ @@ -550,8 +550,8 @@ struct samr_UserInfo21 { uint16_t logon_count; uint16_t country_code; uint16_t code_page; - uint8_t nt_password_set; uint8_t lm_password_set; + uint8_t nt_password_set; uint8_t password_expired; uint8_t unknown4; }; -- cgit From eb906e1d2d61325487fa7e0bcd50fcf4a1b623a3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 29 Nov 2008 00:36:23 +0100 Subject: s3-samr: fix init_samr_user_info2{1,3,5} callers. Guenther --- source3/rpc_client/init_samr.c | 12 ++++++------ source3/rpc_server/srv_samr_nt.c | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'source3') diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c index 6a9e6d1682..7f48b1fdf9 100644 --- a/source3/rpc_client/init_samr.c +++ b/source3/rpc_client/init_samr.c @@ -391,8 +391,8 @@ void init_samr_user_info21(struct samr_UserInfo21 *r, uint16_t logon_count, uint16_t country_code, uint16_t code_page, - uint8_t nt_password_set, uint8_t lm_password_set, + uint8_t nt_password_set, uint8_t password_expired) { r->last_logon = last_logon; @@ -420,8 +420,8 @@ void init_samr_user_info21(struct samr_UserInfo21 *r, r->logon_count = logon_count; r->country_code = country_code; r->code_page = code_page; - r->nt_password_set = nt_password_set; r->lm_password_set = lm_password_set; + r->nt_password_set = nt_password_set; r->password_expired = password_expired; } @@ -455,8 +455,8 @@ void init_samr_user_info23(struct samr_UserInfo23 *r, uint16_t logon_count, uint16_t country_code, uint16_t code_page, - uint8_t nt_password_set, uint8_t lm_password_set, + uint8_t nt_password_set, uint8_t password_expired, struct samr_CryptPassword *pwd_buf) { @@ -487,8 +487,8 @@ void init_samr_user_info23(struct samr_UserInfo23 *r, logon_count, country_code, code_page, - nt_password_set, lm_password_set, + nt_password_set, password_expired); r->password = *pwd_buf; @@ -538,8 +538,8 @@ void init_samr_user_info25(struct samr_UserInfo25 *r, uint16_t logon_count, uint16_t country_code, uint16_t code_page, - uint8_t nt_password_set, uint8_t lm_password_set, + uint8_t nt_password_set, uint8_t password_expired, struct samr_CryptPasswordEx *pwd_buf) { @@ -572,8 +572,8 @@ void init_samr_user_info25(struct samr_UserInfo25 *r, logon_count, country_code, code_page, - nt_password_set, lm_password_set, + nt_password_set, password_expired); r->password = *pwd_buf; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index cbcd4de60c..f5e477f668 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2607,8 +2607,8 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, pdb_get_logon_count(pw), 0, /* country_code */ 0, /* code_page */ - 0, /* nt_password_set */ 0, /* lm_password_set */ + 0, /* nt_password_set */ password_expired); return NT_STATUS_OK; -- cgit From e97149087ac45d178e18f648c8c25bb8c2d9759c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 2 Dec 2008 23:26:48 +0100 Subject: s3-samr: fix rpcclient after idl change. Guenther --- source3/rpcclient/cmd_samr.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 139702cc74..979941193f 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -219,9 +219,8 @@ static void display_sam_dom_info_13(struct samr_DomInfo13 *info13) printf("Sequence No:\t%llu\n", (unsigned long long)info13->sequence_num); printf("Domain Create Time:\t%s\n", http_timestring(talloc_tos(), nt_time_to_unix(info13->domain_create_time))); - printf("Unknown1:\t%d\n", info13->unknown1); - printf("Unknown2:\t%d\n", info13->unknown2); - + printf("Sequence No at last promotion:\t%llu\n", + (unsigned long long)info13->modified_count_at_last_promotion); } static void display_sam_info_1(struct samr_DispEntryGeneral *r) -- cgit From 7423b6a4b8aadd12fde2f348d8637099b4171848 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:15:03 +0100 Subject: s3-samr: fix SAMR_FIELD_PASSWORD callers. Guenther --- source3/lib/netapi/user.c | 2 +- source3/rpc_server/srv_samr_nt.c | 4 ++-- source3/utils/net_rpc.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 2e319cf23c..1f4b03f677 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -46,7 +46,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, fields_present |= SAMR_FIELD_ACCOUNT_NAME; } if (infoX->usriX_password) { - fields_present |= SAMR_FIELD_PASSWORD; + fields_present |= SAMR_FIELD_NT_PASSWORD_PRESENT; } if (infoX->usriX_flags) { fields_present |= SAMR_FIELD_ACCT_FLAGS; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index f5e477f668..bff168bf2f 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3856,8 +3856,8 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, return NT_STATUS_ACCESS_DENIED; } - if ((id23->info.fields_present & SAMR_FIELD_PASSWORD) || - (id23->info.fields_present & SAMR_FIELD_PASSWORD2)) { + if ((id23->info.fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (id23->info.fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT)) { DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n", pdb_get_username(pwd))); diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 0c34972a29..f69d3f9012 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5251,7 +5251,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, ¶meters, 0, 0, ACB_DOMTRUST, - SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_PASSWORD, + SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_NT_PASSWORD_PRESENT, hours, 0, 0, 0, 0, 0, 0, 0, &crypt_pwd); -- cgit From b8204ffd03ccadf795978670e1c20247ab6aecc2 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:21:10 +0100 Subject: s3-samr: fix samr callers of samr_UserInfo18. Guenther --- source3/include/proto.h | 3 ++- source3/rpc_client/init_samr.c | 4 +++- source3/rpc_server/srv_samr_nt.c | 6 ++++-- 3 files changed, 9 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 89b443e9db..f985fe25b7 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5672,7 +5672,8 @@ void init_samr_user_info16(struct samr_UserInfo16 *r, uint32_t acct_flags); void init_samr_user_info18(struct samr_UserInfo18 *r, const uint8 lm_pwd[16], - const uint8 nt_pwd[16]); + const uint8 nt_pwd[16], + uint8_t password_expired); void init_samr_user_info20(struct samr_UserInfo20 *r, struct lsa_BinaryString *parameters); void init_samr_user_info21(struct samr_UserInfo21 *r, diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c index 7f48b1fdf9..a6e4ad8a33 100644 --- a/source3/rpc_client/init_samr.c +++ b/source3/rpc_client/init_samr.c @@ -341,7 +341,8 @@ void init_samr_user_info16(struct samr_UserInfo16 *r, void init_samr_user_info18(struct samr_UserInfo18 *r, const uint8 lm_pwd[16], - const uint8 nt_pwd[16]) + const uint8 nt_pwd[16], + uint8_t password_expired) { DEBUG(5, ("init_samr_user_info18\n")); @@ -349,6 +350,7 @@ void init_samr_user_info18(struct samr_UserInfo18 *r, memcpy(r->lm_pwd.hash, lm_pwd, sizeof(r->lm_pwd.hash)) ? true : false; r->nt_pwd_active = memcpy(r->nt_pwd.hash, nt_pwd, sizeof(r->nt_pwd.hash)) ? true : false; + r->password_expired = password_expired; } /******************************************************************* diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index bff168bf2f..54aa534311 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2430,8 +2430,10 @@ static NTSTATUS get_user_info_18(pipes_struct *p, return NT_STATUS_ACCOUNT_DISABLED; } - init_samr_user_info18(r, pdb_get_lanman_passwd(smbpass), - pdb_get_nt_passwd(smbpass)); + init_samr_user_info18(r, + pdb_get_lanman_passwd(smbpass), + pdb_get_nt_passwd(smbpass), + 0 /* FIXME */); TALLOC_FREE(smbpass); -- cgit From b883bcd4ff5fcde8db74564cadb540c9452d501c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:23:45 +0100 Subject: s3: store user session key in cli_rpc_pipe_open_noauth(). Guenther --- source3/include/client.h | 1 + source3/rpc_client/cli_pipe.c | 7 +++++++ 2 files changed, 8 insertions(+) (limited to 'source3') diff --git a/source3/include/client.h b/source3/include/client.h index 8d57fe1eed..587f3f6c67 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -52,6 +52,7 @@ struct cli_pipe_auth_data { char *domain; char *user_name; + DATA_BLOB user_session_key; union { struct schannel_auth_struct *schannel_auth; diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index f0c2f6709e..a2d334230d 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2979,6 +2979,9 @@ NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, auth->user_name = talloc_strdup(auth, cli->user_name); auth->domain = talloc_strdup(auth, cli->domain); + auth->user_session_key = data_blob_talloc(auth, + cli->user_session_key.data, + cli->user_session_key.length); if ((auth->user_name == NULL) || (auth->domain == NULL)) { TALLOC_FREE(result); @@ -3443,6 +3446,10 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, cli->auth->a_u.kerberos_auth->session_key.length); break; case PIPE_AUTH_TYPE_NONE: + *session_key = data_blob_talloc(mem_ctx, + cli->auth->user_session_key.data, + cli->auth->user_session_key.length); + break; default: return NT_STATUS_NO_USER_SESSION_KEY; } -- cgit From 8be38511a3d87f4debbdc3a827b6ca898ccdde02 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 12:59:07 +0100 Subject: s3-rpcclient: add setuserinfo to set passwords using level 18,21,23,24,25,26. Guenther --- source3/rpcclient/cmd_samr.c | 237 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 237 insertions(+) (limited to 'source3') diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 979941193f..426e7e9744 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -2617,6 +2617,241 @@ static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, return result; } +static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv, + int opcode) +{ + POLICY_HND connect_pol, domain_pol, user_pol; + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + const char *user, *param; + uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t level; + uint32_t user_rid; + union samr_UserInfo info; + struct samr_CryptPassword pwd_buf; + struct samr_CryptPasswordEx pwd_buf_ex; + uint8_t nt_hash[16]; + uint8_t lm_hash[16]; + DATA_BLOB session_key; + uint8_t password_expired = 0; + + if (argc < 4) { + printf("Usage: %s username level password [password_expired]\n", + argv[0]); + return NT_STATUS_INVALID_PARAMETER; + } + + user = argv[1]; + level = atoi(argv[2]); + param = argv[3]; + + if (argc >= 5) { + password_expired = atoi(argv[4]); + } + + status = cli_get_session_key(mem_ctx, cli, &session_key); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + init_samr_CryptPassword(param, &session_key, &pwd_buf); + init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex); + nt_lm_owf_gen(param, nt_hash, lm_hash); + + switch (level) { + case 18: + { + DATA_BLOB in,out; + in = data_blob_const(nt_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(nt_hash, out.data, out.length); + } + { + DATA_BLOB in,out; + in = data_blob_const(lm_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(lm_hash, out.data, out.length); + } + + init_samr_user_info18(&info.info18, + lm_hash, + nt_hash, + password_expired); + break; + case 21: + ZERO_STRUCT(info.info21); + + info.info21.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT; + if (argc >= 5) { + info.info21.fields_present |= SAMR_FIELD_EXPIRED_FLAG; + info.info21.password_expired = password_expired; + } + + info.info21.lm_password_set = true; + info.info21.lm_owf_password.length = 16; + info.info21.lm_owf_password.size = 16; + + info.info21.nt_password_set = true; + info.info21.nt_owf_password.length = 16; + info.info21.nt_owf_password.size = 16; + + { + DATA_BLOB in,out; + in = data_blob_const(nt_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + info.info21.nt_owf_password.array = + (uint16_t *)talloc_memdup(mem_ctx, out.data, 16); + } + { + DATA_BLOB in,out; + in = data_blob_const(lm_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + info.info21.lm_owf_password.array = + (uint16_t *)talloc_memdup(mem_ctx, out.data, 16); + } + + break; + case 23: + ZERO_STRUCT(info.info23); + + info.info23.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT; + if (argc >= 5) { + info.info23.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG; + info.info23.info.password_expired = password_expired; + } + + info.info23.password = pwd_buf; + + break; + case 24: + init_samr_user_info24(&info.info24, + &pwd_buf, + password_expired); + break; + case 25: + ZERO_STRUCT(info.info25); + + info.info25.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT; + if (argc >= 5) { + info.info25.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG; + info.info25.info.password_expired = password_expired; + } + + info.info25.password = pwd_buf_ex; + + break; + case 26: + init_samr_user_info26(&info.info26, + &pwd_buf_ex, + password_expired); + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + /* Get sam policy handle */ + + status = rpccli_try_samr_connects(cli, mem_ctx, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); + + if (!NT_STATUS_IS_OK(status)) + goto done; + + /* Get domain policy handle */ + + status = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); + + if (!NT_STATUS_IS_OK(status)) + goto done; + + user_rid = strtol(user, NULL, 0); + if (user_rid) { + status = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rid, + &user_pol); + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) || + (user_rid == 0)) { + + /* Probably this was a user name, try lookupnames */ + struct samr_Ids rids, types; + struct lsa_String lsa_acct_name; + + init_lsa_String(&lsa_acct_name, user); + + status = rpccli_samr_LookupNames(cli, mem_ctx, + &domain_pol, + 1, + &lsa_acct_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + status = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + rids.ids[0], + &user_pol); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + switch (opcode) { + case NDR_SAMR_SETUSERINFO: + status = rpccli_samr_SetUserInfo(cli, mem_ctx, + &user_pol, + level, + &info); + break; + case NDR_SAMR_SETUSERINFO2: + status = rpccli_samr_SetUserInfo2(cli, mem_ctx, + &user_pol, + level, + &info); + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + done: + return status; +} + +static NTSTATUS cmd_samr_setuserinfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ + return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv, + NDR_SAMR_SETUSERINFO); +} + +static NTSTATUS cmd_samr_setuserinfo2(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ + return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv, + NDR_SAMR_SETUSERINFO2); +} + static NTSTATUS cmd_samr_get_dispinfo_idx(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) @@ -2718,5 +2953,7 @@ struct cmd_set samr_commands[] = { { "chgpasswd2", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd2, NULL, &ndr_table_samr.syntax_id, NULL, "Change user password", "" }, { "chgpasswd3", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3, NULL, &ndr_table_samr.syntax_id, NULL, "Change user password", "" }, { "getdispinfoidx", RPC_RTYPE_NTSTATUS, cmd_samr_get_dispinfo_idx, NULL, &ndr_table_samr.syntax_id, NULL, "Get Display Information Index", "" }, + { "setuserinfo", RPC_RTYPE_NTSTATUS, cmd_samr_setuserinfo, NULL, &ndr_table_samr.syntax_id, NULL, "Set user info", "" }, + { "setuserinfo2", RPC_RTYPE_NTSTATUS, cmd_samr_setuserinfo2, NULL, &ndr_table_samr.syntax_id, NULL, "Set user info2", "" }, { NULL } }; -- cgit From 420a9071e1227435aada2a52c83ee44fda7180ed Mon Sep 17 00:00:00 2001 From: Steve French Date: Fri, 5 Dec 2008 08:09:08 -0600 Subject: mount.cifs: if mount user not specified use USER environment variable smbfs also would use the USER environment variable if the user was not specified on the mount command and no credential file specified, and mount.cifs man page says that we will use this environment variable (in most cases this will not cause a behavior change, because we were doing getuid of the current process which will usually be the same name). Fixes Samba bug #5934 Acked-by: Jeff Layton --- source3/client/mount.cifs.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/client/mount.cifs.c b/source3/client/mount.cifs.c index da2f98bff8..0bc61ae38f 100644 --- a/source3/client/mount.cifs.c +++ b/source3/client/mount.cifs.c @@ -1293,7 +1293,13 @@ int main(int argc, char ** argv) } if(got_user == 0) { - user_name = getusername(); + /* Note that the password will not be retrieved from the + USER env variable (ie user%password form) as there is + already a PASSWD environment varaible */ + if (getenv("USER")) + user_name = strdup(getenv("USER")); + if (user_name == NULL) + user_name = getusername(); got_user = 1; } -- cgit From 3656cb2e57d971f8119024dff8eb3594b559592d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 16:13:28 +0100 Subject: s3-samr: fix samr_SetUserInfo level 18 server-side. Guenther --- source3/rpc_server/srv_samr_nt.c | 62 +++++++++++++++++++++++++++++----------- 1 file changed, 46 insertions(+), 16 deletions(-) (limited to 'source3') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 54aa534311..513634019b 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3701,29 +3701,58 @@ static bool set_user_info_16(struct samr_UserInfo16 *id16, set_user_info_18 ********************************************************************/ -static bool set_user_info_18(struct samr_UserInfo18 *id18, - struct samu *pwd) +static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18, + TALLOC_CTX *mem_ctx, + DATA_BLOB *session_key, + struct samu *pwd) { if (id18 == NULL) { DEBUG(2, ("set_user_info_18: id18 is NULL\n")); - return False; + return NT_STATUS_INVALID_PARAMETER; } - if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd.hash, PDB_CHANGED)) { - return False; + if (id18->nt_pwd_active || id18->lm_pwd_active) { + if (!session_key->length) { + return NT_STATUS_NO_USER_SESSION_KEY; + } } - if (!pdb_set_nt_passwd (pwd, id18->nt_pwd.hash, PDB_CHANGED)) { - return False; + + if (id18->nt_pwd_active) { + + DATA_BLOB in, out; + + in = data_blob_const(id18->nt_pwd.hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + + sess_crypt_blob(&out, &in, session_key, false); + + if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) { + return NT_STATUS_ACCESS_DENIED; + } } - if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) { - return False; + + if (id18->lm_pwd_active) { + + DATA_BLOB in, out; + + in = data_blob_const(id18->lm_pwd.hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + + sess_crypt_blob(&out, &in, session_key, false); + + if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) { + return NT_STATUS_ACCESS_DENIED; + } } - if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) { - return False; - } + if (id18->password_expired) { + pdb_set_pass_last_set_time(pwd, 0, PDB_CHANGED); + } else { + /* FIXME */ + pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED); + } - return True; + return pdb_update_sam_account(pwd); } /******************************************************************* @@ -4180,9 +4209,10 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p, case 18: /* Used by AS/U JRA. */ - if (!set_user_info_18(&info->info18, pwd)) { - status = NT_STATUS_ACCESS_DENIED; - } + status = set_user_info_18(&info->info18, + p->mem_ctx, + &p->server_info->user_session_key, + pwd); break; case 20: -- cgit From ac4a77ccca08b73f828938a0cfaece66b1c9deea Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 5 Dec 2008 13:20:55 -0800 Subject: Fix for crash bug freeing a non-malloc'ed buffer if the client sends a non-encrypted packet with the crypto state set. --- source3/libsmb/smb_seal.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3') diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c index a81ae9afd5..795c8bc14c 100644 --- a/source3/libsmb/smb_seal.c +++ b/source3/libsmb/smb_seal.c @@ -388,10 +388,17 @@ void common_free_encryption_state(struct smb_trans_enc_state **pp_es) void common_free_enc_buffer(struct smb_trans_enc_state *es, char *buf) { + uint16_t enc_ctx_num; + if (!common_encryption_on(es)) { return; } + if (!NT_STATUS_IS_OK(get_enc_ctx_num((const uint8_t *)buf, + &enc_ctx_num))) { + return; + } + if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) { SAFE_FREE(buf); return; -- cgit From 611ef42053eb99f4c29d4efa86eaea9f1ca06286 Mon Sep 17 00:00:00 2001 From: Yasuma Takeda Date: Fri, 5 Dec 2008 13:37:51 -0800 Subject: Fix bug #5944 - nmbd does not boot if socket adress = "" is defined in smb.conf --- source3/param/loadparm.c | 16 +++++++++++++++- source3/smbd/server.c | 5 ++--- 2 files changed, 17 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 217957ab37..c743b89680 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -5063,7 +5063,6 @@ FN_GLOBAL_STRING(lp_remote_announce, &Globals.szRemoteAnnounce) FN_GLOBAL_STRING(lp_remote_browse_sync, &Globals.szRemoteBrowseSync) FN_GLOBAL_LIST(lp_wins_server_list, &Globals.szWINSservers) FN_GLOBAL_LIST(lp_interfaces, &Globals.szInterfaces) -FN_GLOBAL_STRING(lp_socket_address, &Globals.szSocketAddress) FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName) static FN_GLOBAL_STRING(lp_announce_version, &Globals.szAnnounceVersion) FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases) @@ -9468,3 +9467,18 @@ int lp_min_receive_file_size(void) } return MIN(Globals.iminreceivefile, BUFFER_SIZE); } + +/******************************************************************* + If socket address is an empty character string, it is necessary to + define it as "0.0.0.0". +********************************************************************/ + +const char *lp_socket_address(void) +{ + char *sock_addr = Globals.szSocketAddress; + + if (sock_addr[0] == '\0'){ + string_set(&Globals.szSocketAddress, "0.0.0.0"); + } + return Globals.szSocketAddress; +} diff --git a/source3/smbd/server.c b/source3/smbd/server.c index fff05a3aac..f7bdb58288 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -469,9 +469,8 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ char *sock_tok; const char *sock_ptr; - if (sock_addr[0] == '\0' || - strequal(sock_addr, "0.0.0.0") || - strequal(sock_addr, "::")) { + if (strequal(sock_addr, "0.0.0.0") || + strequal(sock_addr, "::")) { #if HAVE_IPV6 sock_addr = "::,0.0.0.0"; #else -- cgit From 3b6e5e6cc8b00912d24c8e1fc59eaa21068db91a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 5 Dec 2008 14:04:51 -0800 Subject: Fix lp_socket_address() prototype. Jeremy. --- source3/include/proto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index f985fe25b7..d0e64f7f14 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3922,7 +3922,7 @@ char *lp_remote_announce(void); char *lp_remote_browse_sync(void); const char **lp_wins_server_list(void); const char **lp_interfaces(void); -char *lp_socket_address(void); +const char *lp_socket_address(void); char *lp_nis_home_map_name(void); const char **lp_netbios_aliases(void); const char *lp_passdb_backend(void); -- cgit From 33193c2bb78f8903aa430f8153f74a68682ddec3 Mon Sep 17 00:00:00 2001 From: Tomasz Krasuski Date: Fri, 5 Dec 2008 16:30:39 -0800 Subject: Fix bug #5928 - Option --version in testparm does not work. --- source3/lib/popt_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c index 2e6d3b3cb1..9e67c5257d 100644 --- a/source3/lib/popt_common.c +++ b/source3/lib/popt_common.c @@ -166,7 +166,7 @@ struct poptOption popt_common_configfile[] = { }; struct poptOption popt_common_version[] = { - { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback }, + { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_POST, (void *)popt_common_callback }, { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" }, POPT_TABLEEND }; -- cgit From f9172a2af558262a6993059114813daf24c9e173 Mon Sep 17 00:00:00 2001 From: Dan Sledz Date: Fri, 5 Dec 2008 17:29:38 -0800 Subject: Fix logging to syslog --- source3/lib/debug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/lib/debug.c b/source3/lib/debug.c index d64fcb66d9..193e9efc96 100644 --- a/source3/lib/debug.c +++ b/source3/lib/debug.c @@ -851,7 +851,7 @@ void check_log_size( void ) ret = vasprintf(&msgbuf, format_str, ap); va_end(ap); - if (ret == -1) { + if (ret != -1) { syslog(priority, "%s", msgbuf); } SAFE_FREE(msgbuf); -- cgit From 691cf386fbc5d57a35a5838b99ef5cca1bfbf944 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 30 Nov 2008 13:49:14 +0100 Subject: Slightly simplify cli_session_setup_ntlmssp Remove three pointless variables --- source3/libsmb/cliconnect.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) (limited to 'source3') diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index b063475f4e..d33775fbb8 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -748,19 +748,11 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use if (NT_STATUS_IS_OK(nt_status)) { - DATA_BLOB key = data_blob(ntlmssp_state->session_key.data, - ntlmssp_state->session_key.length); - DATA_BLOB null_blob = data_blob_null; - bool res; - fstrcpy(cli->server_domain, ntlmssp_state->server_domain); cli_set_session_key(cli, ntlmssp_state->session_key); - res = cli_simple_set_signing(cli, key, null_blob); - - data_blob_free(&key); - - if (res) { + if (cli_simple_set_signing( + cli, ntlmssp_state->session_key, data_blob_null)) { /* 'resign' the last message, so we get the right sequence numbers for checking the first reply from the server */ -- cgit From 1db7076b8e96eaf5046455b4d21a00f9636e4cd9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 26 Nov 2008 14:01:22 +0100 Subject: Fix nonempty blank lines --- source3/printing/printing.c | 10 ++++---- source3/winbindd/winbindd.c | 54 +++++++++++++++++++-------------------- source3/winbindd/winbindd_async.c | 24 ++++++++--------- 3 files changed, 44 insertions(+), 44 deletions(-) (limited to 'source3') diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 3c8c60f0e0..4051a6ca34 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -335,7 +335,7 @@ static struct printjob *print_job_find(const char *sharename, uint32 jobid) uint32_t tmp; TDB_DATA ret; struct tdb_print_db *pdb = get_print_db_byname(sharename); - + DEBUG(10,("print_job_find: looking up job %u for share %s\n", (unsigned int)jobid, sharename )); @@ -350,19 +350,19 @@ static struct printjob *print_job_find(const char *sharename, uint32 jobid) DEBUG(10,("print_job_find: failed to find jobid %u.\n", (unsigned int)jobid )); return NULL; } - + if ( pjob.nt_devmode ) { free_nt_devicemode( &pjob.nt_devmode ); } - + ZERO_STRUCT( pjob ); - + if ( unpack_pjob( ret.dptr, ret.dsize, &pjob ) == -1 ) { DEBUG(10,("print_job_find: failed to unpack jobid %u.\n", (unsigned int)jobid )); SAFE_FREE(ret.dptr); return NULL; } - + SAFE_FREE(ret.dptr); DEBUG(10,("print_job_find: returning system job %d for jobid %u.\n", diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 82af55800f..1dcc70adae 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -7,17 +7,17 @@ Copyright (C) Andrew Tridgell 2002 Copyright (C) Jelmer Vernooij 2003 Copyright (C) Volker Lendecke 2004 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . */ @@ -103,9 +103,9 @@ static void winbindd_status(void) DEBUG(0, ("winbindd status:\n")); /* Print client state information */ - + DEBUG(0, ("\t%d clients currently active\n", winbindd_num_clients())); - + if (DEBUGLEVEL >= 2 && winbindd_num_clients()) { DEBUG(2, ("\tclient list:\n")); for(tmp = winbindd_client_list(); tmp; tmp = tmp->next) { @@ -157,7 +157,7 @@ static void terminate(bool is_parent) } idmap_close(); - + trustdom_cache_shutdown(); #if 0 @@ -288,7 +288,7 @@ static struct winbindd_dispatch_table { void (*fn)(struct winbindd_cli_state *state); const char *winbindd_cmd_name; } dispatch_table[] = { - + /* User functions */ { WINBINDD_GETPWNAM, winbindd_getpwnam, "GETPWNAM" }, @@ -685,9 +685,9 @@ static void new_connection(int listen_sock, bool privileged) struct winbindd_cli_state *state; socklen_t len; int sock; - + /* Accept connection */ - + len = sizeof(sunaddr); do { @@ -696,16 +696,16 @@ static void new_connection(int listen_sock, bool privileged) if (sock == -1) return; - + DEBUG(6,("accepted socket %d\n", sock)); - + /* Create new connection structure */ - + if ((state = TALLOC_ZERO_P(NULL, struct winbindd_cli_state)) == NULL) { close(sock); return; } - + state->sock = sock; state->last_access = time(NULL); @@ -720,7 +720,7 @@ static void new_connection(int listen_sock, bool privileged) request_len_recv, state); /* Add to connection list */ - + winbindd_add_client(state); } @@ -731,7 +731,7 @@ static void remove_client(struct winbindd_cli_state *state) char c = 0; /* It's a dead client - hold a funeral */ - + if (state == NULL) { return; } @@ -740,14 +740,14 @@ static void remove_client(struct winbindd_cli_state *state) write(state->sock, &c, sizeof(c)); /* Close socket */ - + close(state->sock); - + /* Free any getent state */ - + free_getent_state(state->getpwent_state); free_getent_state(state->getgrent_state); - + /* We may have some extra data that was not freed if the client was killed unexpectedly */ @@ -756,9 +756,9 @@ static void remove_client(struct winbindd_cli_state *state) TALLOC_FREE(state->mem_ctx); remove_fd_event(&state->fd_event); - + /* Remove from list and free */ - + winbindd_remove_client(state); TALLOC_FREE(state); } @@ -893,7 +893,7 @@ static void process_loop(void) } /* Call select */ - + selret = sys_select(maxfd + 1, &r_fds, &w_fds, NULL, &timeout); if (selret == 0) { @@ -944,7 +944,7 @@ static void process_loop(void) /* new, non-privileged connection */ new_connection(listen_sock, False); } - + if (FD_ISSET(listen_priv_sock, &r_fds)) { while (winbindd_num_clients() > WINBINDD_MAX_SIMULTANEOUS_CLIENTS - 1) { @@ -1159,7 +1159,7 @@ int main(int argc, char **argv, char **envp) BlockSignals(False, SIGCHLD); /* Setup signal handlers */ - + CatchSignal(SIGINT, termination_handler); /* Exit on these sigs */ CatchSignal(SIGQUIT, termination_handler); CatchSignal(SIGTERM, termination_handler); @@ -1232,13 +1232,13 @@ int main(int argc, char **argv, char **envp) messaging_register(winbind_messaging_context(), NULL, MSG_DEBUG, winbind_msg_debug); - + netsamlogon_cache_init(); /* Non-critical */ - + /* clear the cached list of trusted domains */ wcache_tdc_clear(); - + if (!init_domain_list()) { DEBUG(0,("unable to initialize domain list\n")); exit(1); diff --git a/source3/winbindd/winbindd_async.c b/source3/winbindd/winbindd_async.c index 7500bcbe5b..7b93f963b4 100644 --- a/source3/winbindd/winbindd_async.c +++ b/source3/winbindd/winbindd_async.c @@ -5,7 +5,7 @@ Copyright (C) Volker Lendecke 2005 Copyright (C) Gerald Carter 2006 - + The helpers always consist of three functions: * A request setup function that takes the necessary parameters together @@ -21,12 +21,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . */ @@ -166,7 +166,7 @@ static void lookupsid_recv(TALLOC_CTX *mem_ctx, bool success, /* Try again using the forest root */ struct winbindd_domain *root_domain = find_root_domain(); struct winbindd_request request; - + if ( !root_domain ) { DEBUG(5,("lookupsid_recv: unable to determine forest root\n")); cont(s->caller_private_data, False, NULL, NULL, SID_NAME_UNKNOWN); @@ -491,7 +491,7 @@ void winbindd_listent_async(TALLOC_CTX *mem_ctx, do_async_domain(mem_ctx, domain, &request, listent_recv, (void *)cont, private_data); } - + enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, struct winbindd_cli_state *state) { @@ -509,7 +509,7 @@ enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, methods = domain->methods; status = methods->query_user_list(domain, state->mem_ctx, &num_entries, &info); - + if (!NT_STATUS_IS_OK(status)) return WINBINDD_ERROR; @@ -521,7 +521,7 @@ enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, +1 for the ',' between group names */ extra_data = (char *)SMB_REALLOC(extra_data, (sizeof(fstring) + 1) * num_entries); - + if (!extra_data) { DEBUG(0,("failed to enlarge buffer!\n")); return WINBINDD_ERROR; @@ -530,12 +530,12 @@ enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, /* Pack user list into extra data fields */ for (i = 0; i < num_entries; i++) { fstring acct_name, name; - + if (info[i].acct_name == NULL) fstrcpy(acct_name, ""); else fstrcpy(acct_name, info[i].acct_name); - + fill_domain_username(name, domain->name, acct_name, True); /* Append to extra data */ memcpy(&extra_data[extra_data_len], name, strlen(name)); @@ -904,7 +904,7 @@ enum winbindd_result winbindd_dual_getsidaliases(struct winbindd_domain *domain, (char *)state->response.extra_data.data)); state->response.length += len+1; } - + return WINBINDD_OK; } @@ -926,7 +926,7 @@ static void gettoken_recvdomgroups(TALLOC_CTX *mem_ctx, bool success, static void gettoken_recvaliases(void *private_data, bool success, const DOM_SID *aliases, size_t num_aliases); - + void winbindd_gettoken_async(TALLOC_CTX *mem_ctx, const DOM_SID *user_sid, void (*cont)(void *private_data, bool success, @@ -975,7 +975,7 @@ static void gettoken_recvdomgroups(TALLOC_CTX *mem_ctx, bool success, struct gettoken_state *state = talloc_get_type_abort(private_data, struct gettoken_state); char *sids_str; - + if (!success) { DEBUG(10, ("Could not get domain groups\n")); state->cont(state->private_data, False, NULL, 0); -- cgit From e3eb94ef8ec820ad4155c5abb26528302ef7abf4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 9 Nov 2008 19:57:10 +0100 Subject: Replace some pointless variables in reply_open_pipe_and_X by comments --- source3/smbd/pipes.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) (limited to 'source3') diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index 261f12cb08..faabdd795b 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -43,7 +43,6 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req) const char *fname = NULL; char *pipe_name = NULL; files_struct *fsp; - int size=0,fmode=0,mtime=0,rmode=0; TALLOC_CTX *ctx = talloc_tos(); NTSTATUS status; @@ -96,17 +95,12 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req) SSVAL(req->outbuf,smb_vwv9,2); SSVAL(req->outbuf,smb_vwv10,0xc700); - if (rmode == 2) { - DEBUG(4,("Resetting open result to open from create.\n")); - rmode = 1; - } - - SSVAL(req->outbuf,smb_vwv2, fsp->fnum); - SSVAL(req->outbuf,smb_vwv3,fmode); - srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime); - SIVAL(req->outbuf,smb_vwv6,size); - SSVAL(req->outbuf,smb_vwv8,rmode); - SSVAL(req->outbuf,smb_vwv11,0x0001); + SSVAL(req->outbuf, smb_vwv2, fsp->fnum); + SSVAL(req->outbuf, smb_vwv3, 0); /* fmode */ + srv_put_dos_date3((char *)req->outbuf, smb_vwv4, 0); /* mtime */ + SIVAL(req->outbuf, smb_vwv6, 0); /* size */ + SSVAL(req->outbuf, smb_vwv8, 0); /* rmode */ + SSVAL(req->outbuf, smb_vwv11, 0x0001); chain_reply(req); return; -- cgit From f0bb53dd0fc0d8b2191eda7fc857f146093e0f83 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 12 Nov 2008 18:43:34 +0100 Subject: Factor out smb_splice_chain(), to be used by chain_reply() in smbd --- source3/include/async_smb.h | 3 + source3/libsmb/async_smb.c | 144 ++++++++++++++++++++++++++++++-------------- 2 files changed, 101 insertions(+), 46 deletions(-) (limited to 'source3') diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 4e2061813f..24ea6649d9 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -125,6 +125,9 @@ bool cli_chain_cork(struct cli_state *cli, struct event_context *ev, size_t size_hint); void cli_chain_uncork(struct cli_state *cli); bool cli_in_chain(struct cli_state *cli); +bool smb_splice_chain(char **poutbuf, uint8_t smb_command, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, const uint8_t *bytes); NTSTATUS cli_pull_reply(struct async_req *req, uint8_t *pwct, uint16_t **pvwv, diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index d371e057e3..cf6886ff19 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -217,6 +217,102 @@ static bool find_andx_cmd_ofs(char *buf, size_t *pofs) return true; } +/** + * @brief Do the smb chaining at a buffer level + * @param[in] poutbuf Pointer to the talloc'ed buffer to be modified + * @param[in] smb_command The command that we want to issue + * @param[in] wct How many words? + * @param[in] vwv The words, already in network order + * @param[in] num_bytes How many bytes? + * @param[in] bytes The data the request ships + * + * smb_splice_chain() adds the vwv and bytes to the request already present in + * *poutbuf. + */ + +bool smb_splice_chain(char **poutbuf, uint8_t smb_command, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, const uint8_t *bytes) +{ + char *outbuf; + size_t old_size, new_size; + size_t ofs; + size_t padding = 0; + bool first_request; + + old_size = talloc_get_size(*poutbuf); + + /* + * old_size == smb_wct means we're pushing the first request in for + * libsmb/ + */ + + first_request = (old_size == smb_wct); + + if (!first_request && ((old_size % 4) != 0)) { + /* + * Align subsequent requests to a 4-byte boundary + */ + padding = 4 - (old_size % 4); + } + + /* + * We need space for the wct field, the words, the byte count field + * and the bytes themselves. + */ + new_size = old_size + padding + + 1 + wct * sizeof(uint16_t) + 2 + num_bytes; + + if (new_size > 0xffff) { + DEBUG(1, ("splice_chain: %u bytes won't fit\n", + (unsigned)new_size)); + return false; + } + + outbuf = TALLOC_REALLOC_ARRAY(NULL, *poutbuf, char, new_size); + if (outbuf == NULL) { + DEBUG(0, ("talloc failed\n")); + return false; + } + *poutbuf = outbuf; + + if (first_request) { + SCVAL(outbuf, smb_com, smb_command); + } else { + size_t andx_cmd_ofs; + + if (!find_andx_cmd_ofs(outbuf, &andx_cmd_ofs)) { + DEBUG(1, ("invalid command chain\n")); + *poutbuf = TALLOC_REALLOC_ARRAY( + NULL, *poutbuf, char, old_size); + return false; + } + + if (padding != 0) { + memset(outbuf + old_size, 0, padding); + old_size += padding; + } + + SCVAL(outbuf, andx_cmd_ofs, smb_command); + SSVAL(outbuf, andx_cmd_ofs + 2, old_size - 4); + } + + ofs = old_size; + + SCVAL(outbuf, ofs, wct); + ofs += 1; + + memcpy(outbuf + ofs, vwv, sizeof(uint16_t) * wct); + ofs += sizeof(uint16_t) * wct; + + SSVAL(outbuf, ofs, num_bytes); + ofs += sizeof(uint16_t); + + memcpy(outbuf + ofs, bytes, num_bytes); + + return true; +} + /** * @brief Destroy an async_req that is the visible part of a cli_request * @param[in] req The request to kill @@ -286,10 +382,7 @@ static struct async_req *cli_request_chain(TALLOC_CTX *mem_ctx, const uint8_t *bytes) { struct async_req **tmp_reqs; - char *tmp_buf; struct cli_request *req; - size_t old_size, new_size; - size_t ofs; req = cli->chain_accumulator; @@ -313,52 +406,11 @@ static struct async_req *cli_request_chain(TALLOC_CTX *mem_ctx, talloc_set_destructor(req->async[req->num_async-1], cli_async_req_destructor); - old_size = talloc_get_size(req->outbuf); - - /* - * We need space for the wct field, the words, the byte count field - * and the bytes themselves. - */ - new_size = old_size + 1 + wct * sizeof(uint16_t) + 2 + num_bytes; - - if (new_size > 0xffff) { - DEBUG(1, ("cli_request_chain: %u bytes won't fit\n", - (unsigned)new_size)); + if (!smb_splice_chain(&req->outbuf, smb_command, wct, vwv, + num_bytes, bytes)) { goto fail; } - tmp_buf = TALLOC_REALLOC_ARRAY(NULL, req->outbuf, char, new_size); - if (tmp_buf == NULL) { - DEBUG(0, ("talloc failed\n")); - goto fail; - } - req->outbuf = tmp_buf; - - if (old_size == smb_wct) { - SCVAL(req->outbuf, smb_com, smb_command); - } else { - size_t andx_cmd_ofs; - if (!find_andx_cmd_ofs(req->outbuf, &andx_cmd_ofs)) { - DEBUG(1, ("invalid command chain\n")); - goto fail; - } - SCVAL(req->outbuf, andx_cmd_ofs, smb_command); - SSVAL(req->outbuf, andx_cmd_ofs + 2, old_size - 4); - } - - ofs = old_size; - - SCVAL(req->outbuf, ofs, wct); - ofs += 1; - - memcpy(req->outbuf + ofs, vwv, sizeof(uint16_t) * wct); - ofs += sizeof(uint16_t) * wct; - - SSVAL(req->outbuf, ofs, num_bytes); - ofs += sizeof(uint16_t); - - memcpy(req->outbuf + ofs, bytes, num_bytes); - return req->async[req->num_async-1]; fail: -- cgit From ed25c6c287ca4f5d019d5f0012b1ff40d5e8e328 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 16 Nov 2008 18:02:17 +0100 Subject: Add a "bytes_padding" parameter to smb_splice_chain For example open&x and write&x needs the bytes to be aligned relative to the SMB header. In particular for write&x we should not have to move stuff around. --- source3/include/async_smb.h | 1 + source3/libsmb/async_smb.c | 40 ++++++++++++++++++++++++++++------------ 2 files changed, 29 insertions(+), 12 deletions(-) (limited to 'source3') diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 24ea6649d9..25fd353632 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -127,6 +127,7 @@ void cli_chain_uncork(struct cli_state *cli); bool cli_in_chain(struct cli_state *cli); bool smb_splice_chain(char **poutbuf, uint8_t smb_command, uint8_t wct, const uint16_t *vwv, + size_t bytes_alignment, uint16_t num_bytes, const uint8_t *bytes); NTSTATUS cli_pull_reply(struct async_req *req, diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index cf6886ff19..fd2fe930f8 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -223,6 +223,7 @@ static bool find_andx_cmd_ofs(char *buf, size_t *pofs) * @param[in] smb_command The command that we want to issue * @param[in] wct How many words? * @param[in] vwv The words, already in network order + * @param[in] bytes_alignment How shall we align "bytes"? * @param[in] num_bytes How many bytes? * @param[in] bytes The data the request ships * @@ -232,12 +233,14 @@ static bool find_andx_cmd_ofs(char *buf, size_t *pofs) bool smb_splice_chain(char **poutbuf, uint8_t smb_command, uint8_t wct, const uint16_t *vwv, + size_t bytes_alignment, uint16_t num_bytes, const uint8_t *bytes) { char *outbuf; size_t old_size, new_size; size_t ofs; - size_t padding = 0; + size_t chain_padding = 0; + size_t bytes_padding = 0; bool first_request; old_size = talloc_get_size(*poutbuf); @@ -251,17 +254,25 @@ bool smb_splice_chain(char **poutbuf, uint8_t smb_command, if (!first_request && ((old_size % 4) != 0)) { /* - * Align subsequent requests to a 4-byte boundary + * Align the wct field of subsequent requests to a 4-byte + * boundary */ - padding = 4 - (old_size % 4); + chain_padding = 4 - (old_size % 4); } /* - * We need space for the wct field, the words, the byte count field - * and the bytes themselves. + * After the old request comes the new wct field (1 byte), the vwv's + * and the num_bytes field. After at we might need to align the bytes + * given to us to "bytes_alignment", increasing the num_bytes value. */ - new_size = old_size + padding - + 1 + wct * sizeof(uint16_t) + 2 + num_bytes; + + new_size = old_size + chain_padding + 1 + wct * sizeof(uint16_t) + 2; + + if ((bytes_alignment != 0) && ((new_size % bytes_alignment) != 0)) { + bytes_padding = bytes_alignment + (new_size % bytes_alignment); + } + + new_size += bytes_padding + num_bytes; if (new_size > 0xffff) { DEBUG(1, ("splice_chain: %u bytes won't fit\n", @@ -288,9 +299,9 @@ bool smb_splice_chain(char **poutbuf, uint8_t smb_command, return false; } - if (padding != 0) { - memset(outbuf + old_size, 0, padding); - old_size += padding; + if (chain_padding != 0) { + memset(outbuf + old_size, 0, chain_padding); + old_size += chain_padding; } SCVAL(outbuf, andx_cmd_ofs, smb_command); @@ -305,9 +316,14 @@ bool smb_splice_chain(char **poutbuf, uint8_t smb_command, memcpy(outbuf + ofs, vwv, sizeof(uint16_t) * wct); ofs += sizeof(uint16_t) * wct; - SSVAL(outbuf, ofs, num_bytes); + SSVAL(outbuf, ofs, num_bytes + bytes_padding); ofs += sizeof(uint16_t); + if (bytes_padding != 0) { + memset(outbuf + ofs, 0, bytes_padding); + ofs += bytes_padding; + } + memcpy(outbuf + ofs, bytes, num_bytes); return true; @@ -407,7 +423,7 @@ static struct async_req *cli_request_chain(TALLOC_CTX *mem_ctx, cli_async_req_destructor); if (!smb_splice_chain(&req->outbuf, smb_command, wct, vwv, - num_bytes, bytes)) { + 0, num_bytes, bytes)) { goto fail; } -- cgit From f9aa69ae352f7f441b04976575b96ecc8b844dbd Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 28 Nov 2008 19:52:52 +0100 Subject: Streamline the async_sock API a bit --- source3/include/async_sock.h | 22 ++++++++------ source3/lib/async_sock.c | 69 +++++++++++++++++++++++--------------------- 2 files changed, 49 insertions(+), 42 deletions(-) (limited to 'source3') diff --git a/source3/include/async_sock.h b/source3/include/async_sock.h index 3c90453601..f0cd5fdaa4 100644 --- a/source3/include/async_sock.h +++ b/source3/include/async_sock.h @@ -22,24 +22,28 @@ #include "includes.h" -ssize_t async_syscall_result_ssize_t(struct async_req **req, int *perrno); -size_t async_syscall_result_size_t (struct async_req **req, int *perrno); -ssize_t async_syscall_result_int (struct async_req **req, int *perrno); +ssize_t async_syscall_result_ssize_t(struct async_req *req, int *perrno); +size_t async_syscall_result_size_t(struct async_req *req, int *perrno); +ssize_t async_syscall_result_int(struct async_req *req, int *perrno); struct async_req *async_send(TALLOC_CTX *mem_ctx, struct event_context *ev, int fd, const void *buffer, size_t length, int flags); -struct async_req *async_sendall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, const void *buffer, size_t length, - int flags); struct async_req *async_recv(TALLOC_CTX *mem_ctx, struct event_context *ev, int fd, void *buffer, size_t length, int flags); -struct async_req *async_recvall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, void *buffer, size_t length, - int flags); struct async_req *async_connect(TALLOC_CTX *mem_ctx, struct event_context *ev, int fd, const struct sockaddr *address, socklen_t address_len); +struct async_req *sendall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, const void *buffer, size_t length, + int flags); +NTSTATUS sendall_recv(struct async_req *req); + +struct async_req *recvall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, void *buffer, size_t length, + int flags); +NTSTATUS recvall_recv(struct async_req *req); + #endif diff --git a/source3/lib/async_sock.c b/source3/lib/async_sock.c index ffba6de832..ba860e8e78 100644 --- a/source3/lib/async_sock.c +++ b/source3/lib/async_sock.c @@ -177,18 +177,13 @@ static struct async_req *async_fde_syscall_new( * @retval The return value from the asynchronously called syscall */ -ssize_t async_syscall_result_ssize_t(struct async_req **req, int *perrno) +ssize_t async_syscall_result_ssize_t(struct async_req *req, int *perrno) { struct async_syscall_state *state = talloc_get_type_abort( - (*req)->private_data, struct async_syscall_state); - - int sys_errno = state->sys_errno; - ssize_t result = state->result.result_ssize_t; - - TALLOC_FREE(*req); + req->private_data, struct async_syscall_state); - *perrno = sys_errno; - return result; + *perrno = state->sys_errno; + return state->result.result_ssize_t; } /** @@ -198,18 +193,13 @@ ssize_t async_syscall_result_ssize_t(struct async_req **req, int *perrno) * @retval The return value from the asynchronously called syscall */ -size_t async_syscall_result_size_t(struct async_req **req, int *perrno) +size_t async_syscall_result_size_t(struct async_req *req, int *perrno) { struct async_syscall_state *state = talloc_get_type_abort( - (*req)->private_data, struct async_syscall_state); - - int sys_errno = state->sys_errno; - size_t result = state->result.result_ssize_t; - - TALLOC_FREE(*req); + req->private_data, struct async_syscall_state); - *perrno = sys_errno; - return result; + *perrno = state->sys_errno; + return state->result.result_size_t; } /** @@ -219,18 +209,13 @@ size_t async_syscall_result_size_t(struct async_req **req, int *perrno) * @retval The return value from the asynchronously called syscall */ -ssize_t async_syscall_result_int(struct async_req **req, int *perrno) +ssize_t async_syscall_result_int(struct async_req *req, int *perrno) { struct async_syscall_state *state = talloc_get_type_abort( - (*req)->private_data, struct async_syscall_state); - - int sys_errno = state->sys_errno; - int result = state->result.result_ssize_t; - - TALLOC_FREE(*req); + req->private_data, struct async_syscall_state); - *perrno = sys_errno; - return result; + *perrno = state->sys_errno; + return state->result.result_int; } /** @@ -353,9 +338,9 @@ static void async_sendall_callback(struct event_context *ev, * "length" bytes */ -struct async_req *async_sendall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, const void *buffer, size_t length, - int flags) +struct async_req *sendall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, const void *buffer, size_t length, + int flags) { struct async_req *result; struct async_syscall_state *state; @@ -377,6 +362,15 @@ struct async_req *async_sendall(TALLOC_CTX *mem_ctx, struct event_context *ev, return result; } +NTSTATUS sendall_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + return NT_STATUS_OK; +} + /** * fde event handler for the "recv" syscall * @param[in] ev The event context that sent us here @@ -498,9 +492,9 @@ static void async_recvall_callback(struct event_context *ev, * async_recvall will call recv(2) until "length" bytes are received */ -struct async_req *async_recvall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, void *buffer, size_t length, - int flags) +struct async_req *recvall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, void *buffer, size_t length, + int flags) { struct async_req *result; struct async_syscall_state *state; @@ -522,6 +516,15 @@ struct async_req *async_recvall(TALLOC_CTX *mem_ctx, struct event_context *ev, return result; } +NTSTATUS recvall_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + return NT_STATUS_OK; +} + /** * fde event handler for connect(2) * @param[in] ev The event context that sent us here -- cgit From 7fbb64d726f23da49cd2f07e1a678ed575b70bfa Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Dec 2008 08:23:35 +0100 Subject: Simplify async programming a bit with helper routines Introduce async_req_is_error() and async_req_simple_recv() --- source3/include/async_req.h | 4 ++++ source3/lib/async_req.c | 23 +++++++++++++++++++++++ source3/lib/async_sock.c | 12 ++---------- source3/libsmb/clientgen.c | 7 +------ source3/libsmb/clifile.c | 11 +++++------ source3/libsmb/clireadwrite.c | 11 +++++------ source3/libsmb/clitrans.c | 6 +++--- 7 files changed, 43 insertions(+), 31 deletions(-) (limited to 'source3') diff --git a/source3/include/async_req.h b/source3/include/async_req.h index 2d01b53814..14a30696c4 100644 --- a/source3/include/async_req.h +++ b/source3/include/async_req.h @@ -134,4 +134,8 @@ bool async_post_status(struct async_req *req, NTSTATUS status); bool async_req_nomem(const void *p, struct async_req *req); +bool async_req_is_error(struct async_req *req, NTSTATUS *status); + +NTSTATUS async_req_simple_recv(struct async_req *req); + #endif diff --git a/source3/lib/async_req.c b/source3/lib/async_req.c index 501a6b5524..159666f15c 100644 --- a/source3/lib/async_req.c +++ b/source3/lib/async_req.c @@ -172,3 +172,26 @@ bool async_req_nomem(const void *p, struct async_req *req) async_req_error(req, NT_STATUS_NO_MEMORY); return true; } + +bool async_req_is_error(struct async_req *req, NTSTATUS *status) +{ + if (req->state < ASYNC_REQ_DONE) { + *status = NT_STATUS_INTERNAL_ERROR; + return true; + } + if (req->state == ASYNC_REQ_ERROR) { + *status = req->status; + return true; + } + return false; +} + +NTSTATUS async_req_simple_recv(struct async_req *req) +{ + NTSTATUS status; + + if (async_req_is_error(req, &status)) { + return status; + } + return NT_STATUS_OK; +} diff --git a/source3/lib/async_sock.c b/source3/lib/async_sock.c index ba860e8e78..225cc7b195 100644 --- a/source3/lib/async_sock.c +++ b/source3/lib/async_sock.c @@ -364,11 +364,7 @@ struct async_req *sendall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS sendall_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - return NT_STATUS_OK; + return async_req_simple_recv(req); } /** @@ -518,11 +514,7 @@ struct async_req *recvall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS recvall_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - return NT_STATUS_OK; + return async_req_simple_recv(req); } /** diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 8a5aedfde5..d94427809c 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -732,12 +732,7 @@ struct async_req *cli_echo_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS cli_echo_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - - return NT_STATUS_OK; + return async_req_simple_recv(req); } /** diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index a9e81082ea..733abb6510 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -908,9 +908,8 @@ NTSTATUS cli_open_recv(struct async_req *req, int *fnum) uint8_t *bytes; NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); @@ -985,10 +984,10 @@ NTSTATUS cli_close_recv(struct async_req *req) uint16_t *vwv; uint16_t num_bytes; uint8_t *bytes; + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } return cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index cc982683d0..ecf49396d1 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -112,9 +112,8 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, NTSTATUS status; size_t size; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); @@ -405,10 +404,10 @@ NTSTATUS cli_pull_recv(struct async_req *req, SMB_OFF_T *received) { struct cli_pull_state *state = talloc_get_type_abort( req->private_data, struct cli_pull_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } *received = state->pushed; return NT_STATUS_OK; diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c index bbdfb75fcd..120b6c0e29 100644 --- a/source3/libsmb/clitrans.c +++ b/source3/libsmb/clitrans.c @@ -1316,10 +1316,10 @@ NTSTATUS cli_trans_recv(struct async_req *req, TALLOC_CTX *mem_ctx, req->private_data, struct cli_request); struct cli_trans_state *state = talloc_get_type_abort( cli_req->recv_helper.priv, struct cli_trans_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } if (setup != NULL) { -- cgit From 2bd8a6e21ed9e52373bc04b12e2d4b80881edb8b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 28 Nov 2008 19:54:46 +0100 Subject: Add infrastructure to transfer winbindd_request/response asynchronously --- source3/Makefile.in | 1 + source3/winbindd/winbindd_proto.h | 21 ++ source3/winbindd/winbindd_reqtrans.c | 561 +++++++++++++++++++++++++++++++++++ 3 files changed, 583 insertions(+) create mode 100644 source3/winbindd/winbindd_reqtrans.c (limited to 'source3') diff --git a/source3/Makefile.in b/source3/Makefile.in index 83e94a4382..bf79a7dfda 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1036,6 +1036,7 @@ IDMAP_ADEX_OBJ = \ WINBINDD_OBJ1 = \ winbindd/winbindd.o \ + winbindd/winbindd_reqtrans.o \ winbindd/winbindd_user.o \ winbindd/winbindd_group.o \ winbindd/winbindd_util.o \ diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 9de385e3b3..3869ac5771 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -67,6 +67,27 @@ void winbind_check_sighup(const char *lfile); void winbind_check_sigterm(bool in_parent); int main(int argc, char **argv, char **envp); +/* The following definitions come from winbindd/winbindd_reqtrans.c */ + +struct async_req *wb_req_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, size_t max_extra_data); +NTSTATUS wb_req_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_request **preq); +struct async_req *wb_req_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_request *wb_req); +NTSTATUS wb_req_write_recv(struct async_req *req); + +struct async_req *wb_resp_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd); +NTSTATUS wb_resp_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp); +struct async_req *wb_resp_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_response *wb_resp); +NTSTATUS wb_resp_write_recv(struct async_req *req); + /* The following definitions come from winbindd/winbindd_ads.c */ diff --git a/source3/winbindd/winbindd_reqtrans.c b/source3/winbindd/winbindd_reqtrans.c new file mode 100644 index 0000000000..e9901e173f --- /dev/null +++ b/source3/winbindd/winbindd_reqtrans.c @@ -0,0 +1,561 @@ +/* + Unix SMB/CIFS implementation. + + Async transfer of winbindd_request and _response structs + + Copyright (C) Volker Lendecke 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "winbindd.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_WINBIND + +struct req_read_state { + struct winbindd_request *wb_req; + struct event_context *ev; + size_t max_extra_data; + int fd; +}; + +static void wb_req_read_len(struct async_req *subreq); +static void wb_req_read_main(struct async_req *subreq); +static void wb_req_read_extra(struct async_req *subreq); + +struct async_req *wb_req_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, size_t max_extra_data) +{ + struct async_req *result, *subreq; + struct req_read_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct req_read_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->max_extra_data = max_extra_data; + state->wb_req = talloc(state, struct winbindd_request); + if (state->wb_req == NULL) { + goto nomem; + } + + subreq = recvall_send(state, ev, state->fd, &(state->wb_req->length), + sizeof(state->wb_req->length), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_req_read_len; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_req_read_len(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct req_read_state *state = talloc_get_type_abort( + req->private_data, struct req_read_state); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_req->length != sizeof(struct winbindd_request)) { + DEBUG(0, ("wb_req_read_len: Invalid request size received: " + "%d (expected %d)\n", (int)state->wb_req->length, + (int)sizeof(struct winbindd_request))); + async_req_error(req, NT_STATUS_INVALID_BUFFER_SIZE); + return; + } + + subreq = recvall_send( + req, state->ev, state->fd, (uint32 *)(state->wb_req)+1, + sizeof(struct winbindd_request) - sizeof(uint32), 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_req_read_main; + subreq->async.priv = req; +} + +static void wb_req_read_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct req_read_state *state = talloc_get_type_abort( + req->private_data, struct req_read_state); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if ((state->max_extra_data != 0) + && (state->wb_req->extra_len > state->max_extra_data)) { + DEBUG(3, ("Got request with %d bytes extra data on " + "unprivileged socket\n", + (int)state->wb_req->extra_len)); + async_req_error(req, NT_STATUS_INVALID_BUFFER_SIZE); + return; + } + + if (state->wb_req->extra_len == 0) { + async_req_done(req); + return; + } + + state->wb_req->extra_data.data = TALLOC_ARRAY( + state->wb_req, char, state->wb_req->extra_len + 1); + if (state->wb_req->extra_data.data == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + state->wb_req->extra_data.data[state->wb_req->extra_len] = 0; + + subreq = recvall_send( + req, state->ev, state->fd, state->wb_req->extra_data.data, + state->wb_req->extra_len, 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_req_read_extra; + subreq->async.priv = req; +} + +static void wb_req_read_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + async_req_done(req); +} + + +NTSTATUS wb_req_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_request **preq) +{ + struct req_read_state *state = talloc_get_type_abort( + req->private_data, struct req_read_state); + + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + *preq = talloc_move(mem_ctx, &state->wb_req); + return NT_STATUS_OK; +} + +struct req_write_state { + struct winbindd_request *wb_req; + struct event_context *ev; + int fd; +}; + +static void wb_req_write_main(struct async_req *subreq); +static void wb_req_write_extra(struct async_req *subreq); + +struct async_req *wb_req_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_request *wb_req) +{ + struct async_req *result, *subreq; + struct req_write_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct req_write_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->wb_req = wb_req; + + subreq = sendall_send(state, state->ev, state->fd, state->wb_req, + sizeof(struct winbindd_request), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_req_write_main; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_req_write_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct req_write_state *state = talloc_get_type_abort( + req->private_data, struct req_write_state); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_req->extra_len == 0) { + async_req_done(req); + return; + } + + subreq = sendall_send(state, state->ev, state->fd, + state->wb_req->extra_data.data, + state->wb_req->extra_len, 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_req_write_extra; + subreq->async.priv = req; +} + +static void wb_req_write_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + async_req_done(req); +} + +NTSTATUS wb_req_write_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + return NT_STATUS_OK; +} + +struct resp_read_state { + struct winbindd_response *wb_resp; + struct event_context *ev; + size_t max_extra_data; + int fd; +}; + +static void wb_resp_read_len(struct async_req *subreq); +static void wb_resp_read_main(struct async_req *subreq); +static void wb_resp_read_extra(struct async_req *subreq); + +struct async_req *wb_resp_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd) +{ + struct async_req *result, *subreq; + struct resp_read_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct resp_read_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->wb_resp = talloc(state, struct winbindd_response); + if (state->wb_resp == NULL) { + goto nomem; + } + + subreq = recvall_send(state, ev, state->fd, &(state->wb_resp->length), + sizeof(state->wb_resp->length), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_resp_read_len; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_resp_read_len(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct resp_read_state *state = talloc_get_type_abort( + req->private_data, struct resp_read_state); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_resp->length < sizeof(struct winbindd_response)) { + DEBUG(0, ("wb_resp_read_len: Invalid response size received: " + "%d (expected at least%d)\n", + (int)state->wb_resp->length, + (int)sizeof(struct winbindd_response))); + async_req_error(req, NT_STATUS_INVALID_BUFFER_SIZE); + return; + } + + subreq = recvall_send( + req, state->ev, state->fd, (uint32 *)(state->wb_resp)+1, + sizeof(struct winbindd_response) - sizeof(uint32), 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_resp_read_main; + subreq->async.priv = req; +} + +static void wb_resp_read_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct resp_read_state *state = talloc_get_type_abort( + req->private_data, struct resp_read_state); + NTSTATUS status; + size_t extra_len; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + extra_len = state->wb_resp->length - sizeof(struct winbindd_response); + if (extra_len == 0) { + async_req_done(req); + return; + } + + state->wb_resp->extra_data.data = TALLOC_ARRAY( + state->wb_resp, char, extra_len+1); + if (state->wb_resp->extra_data.data == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + ((char *)state->wb_resp->extra_data.data)[extra_len] = 0; + + subreq = recvall_send( + req, state->ev, state->fd, state->wb_resp->extra_data.data, + extra_len, 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_resp_read_extra; + subreq->async.priv = req; +} + +static void wb_resp_read_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + async_req_done(req); +} + + +NTSTATUS wb_resp_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp) +{ + struct resp_read_state *state = talloc_get_type_abort( + req->private_data, struct resp_read_state); + + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + *presp = talloc_move(mem_ctx, &state->wb_resp); + return NT_STATUS_OK; +} + +struct resp_write_state { + struct winbindd_response *wb_resp; + struct event_context *ev; + int fd; +}; + +static void wb_resp_write_main(struct async_req *subreq); +static void wb_resp_write_extra(struct async_req *subreq); + +struct async_req *wb_resp_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_response *wb_resp) +{ + struct async_req *result, *subreq; + struct resp_write_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct resp_write_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->wb_resp = wb_resp; + + subreq = sendall_send(state, state->ev, state->fd, state->wb_resp, + sizeof(struct winbindd_response), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_resp_write_main; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_resp_write_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct resp_write_state *state = talloc_get_type_abort( + req->private_data, struct resp_write_state); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_resp->length == sizeof(struct winbindd_response)) { + async_req_done(req); + return; + } + + subreq = sendall_send( + state, state->ev, state->fd, + state->wb_resp->extra_data.data, + state->wb_resp->length - sizeof(struct winbindd_response), 0); + if (subreq == 0) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_resp_write_extra; + subreq->async.priv = req; +} + +static void wb_resp_write_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + async_req_done(req); +} + +NTSTATUS wb_resp_write_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + return NT_STATUS_OK; +} -- cgit From 15c942657d4767663d2164a3089253f8dde8b413 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Dec 2008 08:25:25 +0100 Subject: Add wb_trans_send/revc --- source3/winbindd/winbindd_proto.h | 9 ++ source3/winbindd/winbindd_reqtrans.c | 190 +++++++++++++++++++++++++++++------ 2 files changed, 166 insertions(+), 33 deletions(-) (limited to 'source3') diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 3869ac5771..92ce1f9850 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -88,6 +88,15 @@ struct async_req *wb_resp_write_send(TALLOC_CTX *mem_ctx, struct winbindd_response *wb_resp); NTSTATUS wb_resp_write_recv(struct async_req *req); +struct async_req *wb_trans_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, + struct winbindd_request *wb_req, + struct timeval timeout, + size_t reply_max_extra_data); +NTSTATUS wb_trans_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp); + /* The following definitions come from winbindd/winbindd_ads.c */ diff --git a/source3/winbindd/winbindd_reqtrans.c b/source3/winbindd/winbindd_reqtrans.c index e9901e173f..ea16c5f81e 100644 --- a/source3/winbindd/winbindd_reqtrans.c +++ b/source3/winbindd/winbindd_reqtrans.c @@ -103,8 +103,7 @@ static void wb_req_read_len(struct async_req *subreq) subreq = recvall_send( req, state->ev, state->fd, (uint32 *)(state->wb_req)+1, sizeof(struct winbindd_request) - sizeof(uint32), 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -143,17 +142,16 @@ static void wb_req_read_main(struct async_req *subreq) state->wb_req->extra_data.data = TALLOC_ARRAY( state->wb_req, char, state->wb_req->extra_len + 1); - if (state->wb_req->extra_data.data == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(state->wb_req->extra_data.data, req)) { return; } + state->wb_req->extra_data.data[state->wb_req->extra_len] = 0; subreq = recvall_send( req, state->ev, state->fd, state->wb_req->extra_data.data, state->wb_req->extra_len, 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -182,12 +180,11 @@ NTSTATUS wb_req_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, { struct req_read_state *state = talloc_get_type_abort( req->private_data, struct req_read_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } - *preq = talloc_move(mem_ctx, &state->wb_req); return NT_STATUS_OK; } @@ -261,8 +258,7 @@ static void wb_req_write_main(struct async_req *subreq) subreq = sendall_send(state, state->ev, state->fd, state->wb_req->extra_data.data, state->wb_req->extra_len, 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -288,12 +284,7 @@ static void wb_req_write_extra(struct async_req *subreq) NTSTATUS wb_req_write_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - - return NT_STATUS_OK; + return async_req_simple_recv(req); } struct resp_read_state { @@ -373,8 +364,7 @@ static void wb_resp_read_len(struct async_req *subreq) subreq = recvall_send( req, state->ev, state->fd, (uint32 *)(state->wb_resp)+1, sizeof(struct winbindd_response) - sizeof(uint32), 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -406,8 +396,7 @@ static void wb_resp_read_main(struct async_req *subreq) state->wb_resp->extra_data.data = TALLOC_ARRAY( state->wb_resp, char, extra_len+1); - if (state->wb_resp->extra_data.data == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(state->wb_resp->extra_data.data, req)) { return; } ((char *)state->wb_resp->extra_data.data)[extra_len] = 0; @@ -415,8 +404,7 @@ static void wb_resp_read_main(struct async_req *subreq) subreq = recvall_send( req, state->ev, state->fd, state->wb_resp->extra_data.data, extra_len, 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -445,12 +433,11 @@ NTSTATUS wb_resp_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, { struct resp_read_state *state = talloc_get_type_abort( req->private_data, struct resp_read_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } - *presp = talloc_move(mem_ctx, &state->wb_resp); return NT_STATUS_OK; } @@ -525,8 +512,7 @@ static void wb_resp_write_main(struct async_req *subreq) state, state->ev, state->fd, state->wb_resp->extra_data.data, state->wb_resp->length - sizeof(struct winbindd_response), 0); - if (subreq == 0) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -552,10 +538,148 @@ static void wb_resp_write_extra(struct async_req *subreq) NTSTATUS wb_resp_write_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + return async_req_simple_recv(req); +} + +struct wb_trans_state { + struct event_context *ev; + struct timed_event *te; + int fd; + struct winbindd_response *wb_resp; + size_t reply_max_extra_data; +}; + +static void wb_trans_timeout(struct event_context *ev, struct timed_event *te, + const struct timeval *now, void *priv); +static void wb_trans_sent(struct async_req *req); +static void wb_trans_received(struct async_req *req); + +struct async_req *wb_trans_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, + struct winbindd_request *wb_req, + struct timeval timeout, + size_t reply_max_extra_data) +{ + struct async_req *result, *subreq; + struct wb_trans_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct wb_trans_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->ev = ev; + state->fd = fd; + state->reply_max_extra_data = reply_max_extra_data; + + state->te = event_add_timed( + ev, state, + timeval_current_ofs(timeout.tv_sec, timeout.tv_usec), + "wb_trans_timeout", wb_trans_timeout, result); + if (state->te == NULL) { + goto nomem; + } + + subreq = wb_req_write_send(state, state->ev, state->fd, wb_req); + if (subreq == NULL) { + goto nomem; + } + subreq->async.fn = wb_trans_sent; + subreq->async.priv = result; + + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_trans_timeout(struct event_context *ev, struct timed_event *te, + const struct timeval *now, void *priv) +{ + struct async_req *req = talloc_get_type_abort( + priv, struct async_req); + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + + TALLOC_FREE(state->te); + async_req_error(req, NT_STATUS_IO_TIMEOUT); +} + +static void wb_trans_sent(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + NTSTATUS status; + + status = wb_req_write_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + subreq = wb_resp_read_send(state, state->ev, state->fd); + if (async_req_nomem(subreq, req)) { + return; + } + + subreq->async.fn = wb_trans_received; + subreq->async.priv = req; +}; + +static void wb_trans_received(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + NTSTATUS status; + + TALLOC_FREE(state->te); + + status = wb_resp_read_recv(subreq, state, &state->wb_resp); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; } + async_req_done(req); +} + +NTSTATUS wb_trans_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp) +{ + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + NTSTATUS status; + + if (async_req_is_error(req, &status)) { + return status; + } + *presp = talloc_move(mem_ctx, &state->wb_resp); return NT_STATUS_OK; } + +struct wb_trans_queue_state { + struct wb_trans_queue_state *prev, *next; + struct wb_trans_queue *queue; + struct winbindd_request *req; +}; + +struct wb_trans_queue { + int fd; + struct timeval timeout; + size_t max_resp_extra_data; + struct wb_trans_queue_state *queued_requests; +}; -- cgit From 3878dad0c68884c941b1d6a428f21928014fbc3e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 8 Dec 2008 14:24:38 -0800 Subject: Fix bug #5953 - smbclient crashes: cli_list_new segmentation fault. Jeremy. --- source3/libsmb/clilist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index 50918458b0..cebafc6919 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -417,7 +417,7 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute, } SAFE_FREE(mask); - if (ff_searchcount > 0) { + if (ff_searchcount > 0 && ff_eos == 0 && finfo.name) { mask = SMB_STRDUP(finfo.name); } else { mask = SMB_STRDUP(""); -- cgit From 9985898e94e4aa4476c87ed34e0899a5f4117752 Mon Sep 17 00:00:00 2001 From: Todd Stecher Date: Thu, 4 Dec 2008 11:33:32 -0800 Subject: s3: Add support for access based share enumeration --- source3/include/proto.h | 1 + source3/param/loadparm.c | 13 +++++++++ source3/rpc_server/srv_srvsvc_nt.c | 58 +++++++++++++++++++++++++------------- 3 files changed, 53 insertions(+), 19 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index d0e64f7f14..ed79ad03ec 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4136,6 +4136,7 @@ bool lp_hide_special_files(int ); bool lp_hideunreadable(int ); bool lp_hideunwriteable_files(int ); bool lp_browseable(int ); +bool lp_access_based_share_enum(int ); bool lp_readonly(int ); bool lp_no_set_dir(int ); bool lp_guest_ok(int ); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c743b89680..7e7a1e505e 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -425,6 +425,7 @@ struct service { bool bHideUnReadable; bool bHideUnWriteableFiles; bool bBrowseable; + bool bAccessBasedShareEnum; bool bAvailable; bool bRead_only; bool bNo_set_dir; @@ -568,6 +569,7 @@ static struct service sDefault = { False, /* bHideUnReadable */ False, /* bHideUnWriteableFiles */ True, /* bBrowseable */ + False, /* bAccessBasedShareEnum */ True, /* bAvailable */ True, /* bRead_only */ True, /* bNo_set_dir */ @@ -3303,6 +3305,15 @@ static struct parm_struct parm_table[] = { .enum_list = NULL, .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT, }, + { + .label = "access based share enum", + .type = P_BOOL, + .p_class = P_LOCAL, + .ptr = &sDefault.bAccessBasedShareEnum, + .special = NULL, + .enum_list = NULL, + .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE + }, { .label = "browsable", .type = P_BOOL, @@ -5331,6 +5342,7 @@ FN_LOCAL_BOOL(lp_hide_special_files, bHideSpecialFiles) FN_LOCAL_BOOL(lp_hideunreadable, bHideUnReadable) FN_LOCAL_BOOL(lp_hideunwriteable_files, bHideUnWriteableFiles) FN_LOCAL_BOOL(lp_browseable, bBrowseable) +FN_LOCAL_BOOL(lp_access_based_share_enum, bAccessBasedShareEnum) FN_LOCAL_BOOL(lp_readonly, bRead_only) FN_LOCAL_BOOL(lp_no_set_dir, bNo_set_dir) FN_LOCAL_BOOL(lp_guest_ok, bGuest_ok) @@ -5925,6 +5937,7 @@ bool lp_add_home(const char *pszHomename, int iDefaultService, /* set the browseable flag from the global default */ ServicePtrs[i]->bBrowseable = sDefault.bBrowseable; + ServicePtrs[i]->bAccessBasedShareEnum = sDefault.bAccessBasedShareEnum; ServicePtrs[i]->autoloaded = True; diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 76b475120d..67ff1fecf6 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -492,6 +492,19 @@ static bool is_hidden_share(int snum) return (net_name[strlen(net_name) - 1] == '$') ? True : False; } +/******************************************************************* + Verify user is allowed to view share, access based enumeration +********************************************************************/ +static bool is_enumeration_allowed(pipes_struct *p, + int snum) +{ + if (!lp_access_based_share_enum(snum)) + return true; + + return share_access_check(p->server_info->ptok, lp_servicename(snum), + FILE_READ_DATA); +} + /******************************************************************* Fill in a share info structure. ********************************************************************/ @@ -509,6 +522,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, TALLOC_CTX *ctx = p->mem_ctx; int i = 0; int valid_share_count = 0; + bool *allowed = 0; union srvsvc_NetShareCtr ctr; uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0; @@ -521,15 +535,21 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, num_services = lp_numservices(); unbecome_root(); - /* Count the number of entries. */ - for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) ) { - DEBUG(10, ("counting service %s\n", lp_servicename(snum))); - num_entries++; - } else { - DEBUG(10, ("NOT counting service %s\n", lp_servicename(snum))); - } - } + allowed = TALLOC_ZERO_ARRAY(ctx, int, num_services); + W_ERROR_HAVE_NO_MEMORY(allowed); + + /* Count the number of entries. */ + for (snum = 0; snum < num_services; snum++) { + if (lp_browseable(snum) && lp_snum_ok(snum) && + is_enumeration_allowed(p, snum) && + (all_shares || !is_hidden_share(snum)) ) { + DEBUG(10, ("counting service %s\n", lp_servicename(snum))); + allowed[snum] = true; + num_entries++; + } else { + DEBUG(10, ("NOT counting service %s\n", lp_servicename(snum))); + } + } if (!num_entries || (resume_handle >= num_entries)) { return WERR_OK; @@ -547,7 +567,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr0->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_0(p, &ctr.ctr0->array[i++], snum); } @@ -564,7 +584,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1(p, &ctr.ctr1->array[i++], snum); } @@ -581,7 +601,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr2->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_2(p, &ctr.ctr2->array[i++], snum); } @@ -598,7 +618,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr501->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_501(p, &ctr.ctr501->array[i++], snum); } @@ -615,7 +635,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr502->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_502(p, &ctr.ctr502->array[i++], snum); } @@ -632,7 +652,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1004->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1004(p, &ctr.ctr1004->array[i++], snum); } @@ -649,7 +669,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1005->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1005(p, &ctr.ctr1005->array[i++], snum); } @@ -666,7 +686,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1006->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1006(p, &ctr.ctr1006->array[i++], snum); } @@ -683,7 +703,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1007->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1007(p, &ctr.ctr1007->array[i++], snum); } @@ -700,7 +720,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1501->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1501(p, &ctr.ctr1501->array[i++], snum); } -- cgit From 89e57a8fad2be4e36a726822072548d7a64bf68f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 12:39:14 +0100 Subject: s3-srvsvc: fix build warning. Guenther --- source3/rpc_server/srv_srvsvc_nt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 67ff1fecf6..15af963c4c 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -522,7 +522,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, TALLOC_CTX *ctx = p->mem_ctx; int i = 0; int valid_share_count = 0; - bool *allowed = 0; + bool *allowed = 0; union srvsvc_NetShareCtr ctr; uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0; @@ -535,7 +535,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, num_services = lp_numservices(); unbecome_root(); - allowed = TALLOC_ZERO_ARRAY(ctx, int, num_services); + allowed = TALLOC_ZERO_ARRAY(ctx, bool, num_services); W_ERROR_HAVE_NO_MEMORY(allowed); /* Count the number of entries. */ -- cgit From 8608fd87b0ba43e128b984e314047589e607f377 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 12:39:47 +0100 Subject: s3-samr: a level 18 password set needs to set the pwdlastset as well. Guenther --- source3/rpc_server/srv_samr_nt.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 513634019b..25bbc6eeac 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3729,6 +3729,8 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18, if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) { return NT_STATUS_ACCESS_DENIED; } + + pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED); } if (id18->lm_pwd_active) { @@ -3743,6 +3745,8 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18, if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) { return NT_STATUS_ACCESS_DENIED; } + + pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED); } if (id18->password_expired) { -- cgit From c8b0196c958b454a58d342df531c6f859381c78b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 14:48:10 +0100 Subject: s3-libnet: fix build warning (missing prototype). Guenther --- source3/libnet/libnet_samsync.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/libnet/libnet_samsync.c b/source3/libnet/libnet_samsync.c index 4351810169..73d4439743 100644 --- a/source3/libnet/libnet_samsync.c +++ b/source3/libnet/libnet_samsync.c @@ -282,8 +282,8 @@ static const char *samsync_debug_str(TALLOC_CTX *mem_ctx, * libnet_samsync */ -void libnet_init_netr_ChangeLogEntry(struct samsync_object *o, - struct netr_ChangeLogEntry *e) +static void libnet_init_netr_ChangeLogEntry(struct samsync_object *o, + struct netr_ChangeLogEntry *e) { ZERO_STRUCTP(e); -- cgit From 920395442869d5d32f80e48d211047450f274aba Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 17:28:15 +0100 Subject: s3-ldapsam: Fix Bug 5957: do not abort rename process on valid rename script. Guenther (cherry picked from commit 26139344fd0fac4fdd2a6752628b252fbd9b7450) (cherry picked from commit 866efa63a26f75bbf17cd4bebf639594e2feafba) --- source3/passdb/pdb_ldap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index ddbb53a9b9..95e9a01ba3 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -2014,7 +2014,7 @@ static NTSTATUS ldapsam_rename_sam_account(struct pdb_methods *my_methods, newname_lower, true, true); - if (rename_script) { + if (!rename_script) { return NT_STATUS_NO_MEMORY; } rename_script = realloc_string_sub2(rename_script, -- cgit From f62e0d6c96519a04f29df91c9c8722843e51be44 Mon Sep 17 00:00:00 2001 From: SATOH Fumiyasu Date: Tue, 9 Dec 2008 14:26:22 -0800 Subject: Fix bug #5688 LPQ process is orphaned if socket address parameter is invalid --- source3/printing/printing.c | 39 +++++++++++++++++++++++++++++++++------ 1 file changed, 33 insertions(+), 6 deletions(-) (limited to 'source3') diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 4051a6ca34..ba88f8ee56 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -1394,7 +1394,19 @@ main thread of the background lpq updater ****************************************************************************/ void start_background_queue(void) { + /* Use local variables for this as we don't + * need to save the parent side of this, just + * ensure it closes when the process exits. + */ + int pause_pipe[2]; + DEBUG(3,("start_background_queue: Starting background LPQ thread\n")); + + if (pipe(pause_pipe) == -1) { + DEBUG(5,("start_background_queue: cannot create pipe. %s\n", strerror(errno) )); + exit(1); + } + background_lpq_updater_pid = sys_fork(); if (background_lpq_updater_pid == -1) { @@ -1406,6 +1418,9 @@ void start_background_queue(void) /* Child. */ DEBUG(5,("start_background_queue: background LPQ thread started\n")); + close(pause_pipe[0]); + pause_pipe[0] = -1; + if (!reinit_after_fork(smbd_messaging_context(), true)) { DEBUG(0,("reinit_after_fork() failed\n")); smb_panic("reinit_after_fork() failed"); @@ -1420,13 +1435,23 @@ void start_background_queue(void) messaging_register(smbd_messaging_context(), NULL, MSG_PRINTER_UPDATE, print_queue_receive); - + DEBUG(5,("start_background_queue: background LPQ thread waiting for messages\n")); while (1) { - pause(); - + fd_set pause_fds; + int pause_select; + + FD_ZERO(&pause_fds); + FD_SET(pause_pipe[1], &pause_fds); + pause_select = sys_select(pause_pipe[1]+1, &pause_fds, NULL, NULL, NULL); + /* If pause_pipe[0] is closed it means the parent smbd + * and children exited or aborted. */ + if (pause_select == 1) { + exit_server_cleanly(NULL); + } + /* check for some essential signals first */ - + if (got_sig_term) { exit_server_cleanly(NULL); } @@ -1437,9 +1462,9 @@ void start_background_queue(void) reload_services(False); reload_after_sighup = 0; } - + /* now check for messages */ - + DEBUG(10,("start_background_queue: background LPQ thread got a message\n")); message_dispatch(smbd_messaging_context()); @@ -1449,6 +1474,8 @@ void start_background_queue(void) 0); } } + + close(pause_pipe[1]); } /**************************************************************************** -- cgit From d5d9d3dc0e2c85ab608972cfa8e41122504fb75e Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 29 Oct 2008 17:28:19 -0700 Subject: s3: Make a few open utility functions non-static This allows vfs modules that implement SMB_VFS_CREATE_FILE to access some of the useful utility functions. --- source3/include/proto.h | 32 ++++++++++++++++++++++++++++++++ source3/smbd/dosmode.c | 2 +- source3/smbd/open.c | 32 ++++++++++++++++---------------- 3 files changed, 49 insertions(+), 17 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index ed79ad03ec..9de64d018c 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7821,6 +7821,7 @@ bool dns_register_smbd_reply(struct dns_reg_state *dns_state, mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname, const char *inherit_from_dir); uint32 dos_mode_msdfs(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf); +int dos_attributes_to_stat_dos_flags(uint32_t dosmode); uint32 dos_mode(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf); int file_set_dosmode(connection_struct *conn, const char *fname, uint32 dosmode, SMB_STRUCT_STAT *st, @@ -8097,6 +8098,34 @@ NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd, uint32_t access_desired, uint32_t *access_granted); NTSTATUS fd_close(files_struct *fsp); +void change_file_owner_to_parent(connection_struct *conn, + const char *inherit_from_dir, + files_struct *fsp); +NTSTATUS change_dir_owner_to_parent(connection_struct *conn, + const char *inherit_from_dir, + const char *fname, + SMB_STRUCT_STAT *psbuf); +bool is_executable(const char *fname); +bool is_stat_open(uint32 access_mask); +bool request_timed_out(struct timeval request_time, + struct timeval timeout); +bool open_match_attributes(connection_struct *conn, + const char *path, + uint32 old_dos_attr, + uint32 new_dos_attr, + mode_t existing_unx_mode, + mode_t new_unx_mode, + mode_t *returned_unx_mode); +NTSTATUS fcb_or_dos_open(struct smb_request *req, + connection_struct *conn, + files_struct *fsp_to_dup_into, + const char *fname, + struct file_id id, + uint16 file_pid, + uint16 vuid, + uint32 access_mask, + uint32 share_access, + uint32 create_options); bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func, uint32 *paccess_mask, uint32 *pshare_mode, @@ -8112,6 +8141,9 @@ void msg_file_was_renamed(struct messaging_context *msg, uint32_t msg_type, struct server_id server_id, DATA_BLOB *data); +struct case_semantics_state; +struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx, + connection_struct *conn); NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 954cd5a4d2..de07482369 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -353,7 +353,7 @@ uint32 dos_mode_msdfs(connection_struct *conn, const char *path,SMB_STRUCT_STAT Convert dos attributes (FILE_ATTRIBUTE_*) to dos stat flags (UF_*) ****************************************************************************/ -static int dos_attributes_to_stat_dos_flags(uint32_t dosmode) +int dos_attributes_to_stat_dos_flags(uint32_t dosmode) { uint32_t dos_stat_flags = 0; diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 41a1fb371d..5bd28862e1 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -159,7 +159,7 @@ NTSTATUS fd_close(files_struct *fsp) Do this by fd if possible. ****************************************************************************/ -static void change_file_owner_to_parent(connection_struct *conn, +void change_file_owner_to_parent(connection_struct *conn, const char *inherit_from_dir, files_struct *fsp) { @@ -190,7 +190,7 @@ static void change_file_owner_to_parent(connection_struct *conn, (unsigned int)parent_st.st_uid )); } -static NTSTATUS change_dir_owner_to_parent(connection_struct *conn, +NTSTATUS change_dir_owner_to_parent(connection_struct *conn, const char *inherit_from_dir, const char *fname, SMB_STRUCT_STAT *psbuf) @@ -499,7 +499,7 @@ static NTSTATUS open_file(files_struct *fsp, Return True if the filename is one of the special executable types. ********************************************************************/ -static bool is_executable(const char *fname) +bool is_executable(const char *fname) { if ((fname = strrchr_m(fname,'.'))) { if (strequal(fname,".com") || @@ -661,7 +661,7 @@ static void validate_my_share_entries(int num, } #endif -static bool is_stat_open(uint32 access_mask) +bool is_stat_open(uint32 access_mask) { return (access_mask && ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES| @@ -862,8 +862,8 @@ static bool delay_for_oplocks(struct share_mode_lock *lck, return True; } -static bool request_timed_out(struct timeval request_time, - struct timeval timeout) +bool request_timed_out(struct timeval request_time, + struct timeval timeout) { struct timeval now, end_time; GetTimeOfDay(&now); @@ -928,13 +928,13 @@ static void defer_open(struct share_mode_lock *lck, On overwrite open ensure that the attributes match. ****************************************************************************/ -static bool open_match_attributes(connection_struct *conn, - const char *path, - uint32 old_dos_attr, - uint32 new_dos_attr, - mode_t existing_unx_mode, - mode_t new_unx_mode, - mode_t *returned_unx_mode) +bool open_match_attributes(connection_struct *conn, + const char *path, + uint32 old_dos_attr, + uint32 new_dos_attr, + mode_t existing_unx_mode, + mode_t new_unx_mode, + mode_t *returned_unx_mode) { uint32 noarch_old_dos_attr, noarch_new_dos_attr; @@ -978,7 +978,7 @@ static bool open_match_attributes(connection_struct *conn, Try and find a duplicated file handle. ****************************************************************************/ -static NTSTATUS fcb_or_dos_open(struct smb_request *req, +NTSTATUS fcb_or_dos_open(struct smb_request *req, connection_struct *conn, files_struct *fsp_to_dup_into, const char *fname, @@ -2562,8 +2562,8 @@ static int restore_case_semantics(struct case_semantics_state *state) /**************************************************************************** Save case semantics. ****************************************************************************/ -static struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx, - connection_struct *conn) +struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx, + connection_struct *conn) { struct case_semantics_state *result; -- cgit From 6153f622af0cd7855ca349f73307988c1b9478b8 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Tue, 4 Nov 2008 18:08:03 -0800 Subject: s3: Refactor getting sec_info from a security_descriptor into separate function --- source3/include/proto.h | 1 + source3/lib/secdesc.c | 27 +++++++++++++++++++++++++++ source3/smbd/open.c | 15 ++------------- 3 files changed, 30 insertions(+), 13 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 9de64d018c..26d131e393 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -723,6 +723,7 @@ bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2); /* The following definitions come from lib/secdesc.c */ bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2); +uint32_t get_sec_info(const SEC_DESC *sd); SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb); SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, enum security_descriptor_revision revision, diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index df85336603..400f5f31b0 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -99,6 +99,33 @@ bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2) return True; } +/******************************************************************* + Given a security_descriptor return the sec_info. +********************************************************************/ + +uint32_t get_sec_info(const SEC_DESC *sd) +{ + uint32_t sec_info = ALL_SECURITY_INFORMATION; + + SMB_ASSERT(sd); + + if (sd->owner_sid == NULL) { + sec_info &= ~OWNER_SECURITY_INFORMATION; + } + if (sd->group_sid == NULL) { + sec_info &= ~GROUP_SECURITY_INFORMATION; + } + if (sd->sacl == NULL) { + sec_info &= ~SACL_SECURITY_INFORMATION; + } + if (sd->dacl == NULL) { + sec_info &= ~DACL_SECURITY_INFORMATION; + } + + return sec_info; +} + + /******************************************************************* Merge part of security descriptor old_sec in to the empty sections of security descriptor new_sec. diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 5bd28862e1..d59f018cfb 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2963,21 +2963,10 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, if ((sd != NULL) && (info == FILE_WAS_CREATED) && lp_nt_acl_support(SNUM(conn))) { - uint32_t sec_info_sent = ALL_SECURITY_INFORMATION; + uint32_t sec_info_sent; uint32_t saved_access_mask = fsp->access_mask; - if (sd->owner_sid == NULL) { - sec_info_sent &= ~OWNER_SECURITY_INFORMATION; - } - if (sd->group_sid == NULL) { - sec_info_sent &= ~GROUP_SECURITY_INFORMATION; - } - if (sd->sacl == NULL) { - sec_info_sent &= ~SACL_SECURITY_INFORMATION; - } - if (sd->dacl == NULL) { - sec_info_sent &= ~DACL_SECURITY_INFORMATION; - } + sec_info_sent = get_sec_info(sd); fsp->access_mask = FILE_GENERIC_ALL; -- cgit From 2053f77b3c71ad40a875614b98e547fd558375ad Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 19 Nov 2008 21:26:42 -0800 Subject: s3: Refactor calculating path from relative_fid into a separate function --- source3/include/proto.h | 4 ++ source3/smbd/open.c | 174 ++++++++++++++++++++++++++---------------------- 2 files changed, 100 insertions(+), 78 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 26d131e393..d0ad361701 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8163,6 +8163,10 @@ NTSTATUS create_file_default(connection_struct *conn, files_struct **result, int *pinfo, SMB_STRUCT_STAT *psbuf); +NTSTATUS get_relative_fid_filename(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, char **new_fname); /* The following definitions come from smbd/oplock.c */ diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d59f018cfb..078b47a1a7 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3059,6 +3059,96 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, return status; } +/* + * Calculate the full path name given a relative fid. + */ +NTSTATUS get_relative_fid_filename(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, char **new_fname) +{ + files_struct *dir_fsp; + char *parent_fname = NULL; + + if (root_dir_fid == 0 || !fname || !new_fname || !*new_fname) { + return NT_STATUS_INTERNAL_ERROR; + } + + dir_fsp = file_fsp(req, root_dir_fid); + + if (dir_fsp == NULL) { + return NT_STATUS_INVALID_HANDLE; + } + + if (!dir_fsp->is_directory) { + + /* + * Check to see if this is a mac fork of some kind. + */ + + if ((conn->fs_capabilities & FILE_NAMED_STREAMS) && + is_ntfs_stream_name(fname)) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + + /* + we need to handle the case when we get a + relative open relative to a file and the + pathname is blank - this is a reopen! + (hint from demyn plantenberg) + */ + + return NT_STATUS_INVALID_HANDLE; + } + + if (ISDOT(dir_fsp->fsp_name)) { + /* + * We're at the toplevel dir, the final file name + * must not contain ./, as this is filtered out + * normally by srvstr_get_path and unix_convert + * explicitly rejects paths containing ./. + */ + parent_fname = talloc_strdup(talloc_tos(), ""); + if (parent_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + } else { + size_t dir_name_len = strlen(dir_fsp->fsp_name); + + /* + * Copy in the base directory name. + */ + + parent_fname = TALLOC_ARRAY(talloc_tos(), char, + dir_name_len+2); + if (parent_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + memcpy(parent_fname, dir_fsp->fsp_name, + dir_name_len+1); + + /* + * Ensure it ends in a '/'. + * We used TALLOC_SIZE +2 to add space for the '/'. + */ + + if(dir_name_len + && (parent_fname[dir_name_len-1] != '\\') + && (parent_fname[dir_name_len-1] != '/')) { + parent_fname[dir_name_len] = '/'; + parent_fname[dir_name_len+1] = '\0'; + } + } + + *new_fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname, + fname); + if (*new_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; +} + NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, @@ -3100,91 +3190,19 @@ NTSTATUS create_file_default(connection_struct *conn, ea_list, sd, create_file_flags, fname)); /* - * Get the file name. + * Calculate the filename from the root_dir_if if necessary. */ if (root_dir_fid != 0) { - /* - * This filename is relative to a directory fid. - */ - char *parent_fname = NULL; - files_struct *dir_fsp = file_fsp(req, root_dir_fid); - - if (dir_fsp == NULL) { - status = NT_STATUS_INVALID_HANDLE; - goto fail; - } - - if (!dir_fsp->is_directory) { - - /* - * Check to see if this is a mac fork of some kind. - */ - - if ((conn->fs_capabilities & FILE_NAMED_STREAMS) && - is_ntfs_stream_name(fname)) { - status = NT_STATUS_OBJECT_PATH_NOT_FOUND; - goto fail; - } - - /* - we need to handle the case when we get a - relative open relative to a file and the - pathname is blank - this is a reopen! - (hint from demyn plantenberg) - */ + char *new_fname; - status = NT_STATUS_INVALID_HANDLE; + status = get_relative_fid_filename(conn, req, root_dir_fid, + fname, &new_fname); + if (!NT_STATUS_IS_OK(status)) { goto fail; } - if (ISDOT(dir_fsp->fsp_name)) { - /* - * We're at the toplevel dir, the final file name - * must not contain ./, as this is filtered out - * normally by srvstr_get_path and unix_convert - * explicitly rejects paths containing ./. - */ - parent_fname = talloc_strdup(talloc_tos(), ""); - if (parent_fname == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - } else { - size_t dir_name_len = strlen(dir_fsp->fsp_name); - - /* - * Copy in the base directory name. - */ - - parent_fname = TALLOC_ARRAY(talloc_tos(), char, - dir_name_len+2); - if (parent_fname == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - memcpy(parent_fname, dir_fsp->fsp_name, - dir_name_len+1); - - /* - * Ensure it ends in a '/'. - * We used TALLOC_SIZE +2 to add space for the '/'. - */ - - if(dir_name_len - && (parent_fname[dir_name_len-1] != '\\') - && (parent_fname[dir_name_len-1] != '/')) { - parent_fname[dir_name_len] = '/'; - parent_fname[dir_name_len+1] = '\0'; - } - } - - fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname, - fname); - if (fname == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } + fname = new_fname; } /* -- cgit From b3c785f22edeff5f731af95ec1252517c4677451 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 26 Nov 2008 16:47:14 -0800 Subject: s3: Call fd_close from close_directory Some implementations of SMB_VFS_CREATE_FILE implementations actually keep an fd open for directories just as files. In this case it is necessary to call fd_close when closing directories. This is safe because fd_close is a no-op when fd == -1, which is true for directory opens originating from open.c (the default SMB_VFS_CREATE_FILE implementation). --- source3/smbd/close.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3') diff --git a/source3/smbd/close.c b/source3/smbd/close.c index ce918ab6a3..f91f1fcf8f 100644 --- a/source3/smbd/close.c +++ b/source3/smbd/close.c @@ -694,6 +694,13 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp, fsp, NT_STATUS_OK); } + status = fd_close(fsp); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Could not close dir! fname=%s, fd=%d, err=%d=%s\n", + fsp->fsp_name, fsp->fh->fd, errno, strerror(errno))); + } + /* * Do the code common to files and directories. */ -- cgit From 51e7f79b3b4ae0fa830ac176df5ba8229e14f32d Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 8 Dec 2008 16:42:45 -0800 Subject: s3: Add onefs_open.c with code copied verbatim from smbd/open.c This is an intermediate step that makes it much easier to see how the OneFS SMB_VFS_CREATE_FILE implementation diverges from stock samba. The goal is that more common code can be refactored into utility functions. --- source3/modules/onefs_open.c | 2028 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 2028 insertions(+) create mode 100644 source3/modules/onefs_open.c (limited to 'source3') diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c new file mode 100644 index 0000000000..f45cc471ce --- /dev/null +++ b/source3/modules/onefs_open.c @@ -0,0 +1,2028 @@ +/* + Unix SMB/CIFS implementation. + file opening and share modes + Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Jeremy Allison 2001-2004 + Copyright (C) Volker Lendecke 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" + +extern const struct generic_mapping file_generic_mapping; +extern bool global_client_failed_oplock_break; + +struct deferred_open_record { + bool delayed_for_oplocks; + struct file_id id; +}; + +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); + +/**************************************************************************** + Open a file. +****************************************************************************/ + +static NTSTATUS open_file(files_struct *fsp, + connection_struct *conn, + struct smb_request *req, + const char *parent_dir, + const char *name, + const char *path, + SMB_STRUCT_STAT *psbuf, + int flags, + mode_t unx_mode, + uint32 access_mask, /* client requested access mask. */ + uint32 open_access_mask) /* what we're actually using in the open. */ +{ + NTSTATUS status = NT_STATUS_OK; + int accmode = (flags & O_ACCMODE); + int local_flags = flags; + bool file_existed = VALID_STAT(*psbuf); + + fsp->fh->fd = -1; + errno = EPERM; + + /* Check permissions */ + + /* + * This code was changed after seeing a client open request + * containing the open mode of (DENY_WRITE/read-only) with + * the 'create if not exist' bit set. The previous code + * would fail to open the file read only on a read-only share + * as it was checking the flags parameter directly against O_RDONLY, + * this was failing as the flags parameter was set to O_RDONLY|O_CREAT. + * JRA. + */ + + if (!CAN_WRITE(conn)) { + /* It's a read-only share - fail if we wanted to write. */ + if(accmode != O_RDONLY) { + DEBUG(3,("Permission denied opening %s\n", path)); + return NT_STATUS_ACCESS_DENIED; + } else if(flags & O_CREAT) { + /* We don't want to write - but we must make sure that + O_CREAT doesn't create the file if we have write + access into the directory. + */ + flags &= ~O_CREAT; + local_flags &= ~O_CREAT; + } + } + + /* + * This little piece of insanity is inspired by the + * fact that an NT client can open a file for O_RDONLY, + * but set the create disposition to FILE_EXISTS_TRUNCATE. + * If the client *can* write to the file, then it expects to + * truncate the file, even though it is opening for readonly. + * Quicken uses this stupid trick in backup file creation... + * Thanks *greatly* to "David W. Chapman Jr." + * for helping track this one down. It didn't bite us in 2.0.x + * as we always opened files read-write in that release. JRA. + */ + + if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) { + DEBUG(10,("open_file: truncate requested on read-only open " + "for file %s\n", path)); + local_flags = (flags & ~O_ACCMODE)|O_RDWR; + } + + if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) || + (!file_existed && (local_flags & O_CREAT)) || + ((local_flags & O_TRUNC) == O_TRUNC) ) { + const char *wild; + + /* + * We can't actually truncate here as the file may be locked. + * open_file_ntcreate will take care of the truncate later. JRA. + */ + + local_flags &= ~O_TRUNC; + +#if defined(O_NONBLOCK) && defined(S_ISFIFO) + /* + * We would block on opening a FIFO with no one else on the + * other end. Do what we used to do and add O_NONBLOCK to the + * open flags. JRA. + */ + + if (file_existed && S_ISFIFO(psbuf->st_mode)) { + local_flags |= O_NONBLOCK; + } +#endif + + /* Don't create files with Microsoft wildcard characters. */ + if (fsp->base_fsp) { + /* + * wildcard characters are allowed in stream names + * only test the basefilename + */ + wild = fsp->base_fsp->fsp_name; + } else { + wild = path; + } + if ((local_flags & O_CREAT) && !file_existed && + ms_has_wild(wild)) { + return NT_STATUS_OBJECT_NAME_INVALID; + } + + /* Actually do the open */ + status = fd_open(conn, path, fsp, local_flags, unx_mode); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3,("Error opening file %s (%s) (local_flags=%d) " + "(flags=%d)\n", + path,nt_errstr(status),local_flags,flags)); + return status; + } + + if ((local_flags & O_CREAT) && !file_existed) { + + /* Inherit the ACL if required */ + if (lp_inherit_perms(SNUM(conn))) { + inherit_access_posix_acl(conn, parent_dir, path, + unx_mode); + } + + /* Change the owner if required. */ + if (lp_inherit_owner(SNUM(conn))) { + change_file_owner_to_parent(conn, parent_dir, + fsp); + } + + notify_fname(conn, NOTIFY_ACTION_ADDED, + FILE_NOTIFY_CHANGE_FILE_NAME, path); + } + + } else { + fsp->fh->fd = -1; /* What we used to call a stat open. */ + if (file_existed) { + status = check_open_rights(conn, + path, + access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_file: Access denied on " + "file %s\n", + path)); + return status; + } + } + } + + if (!file_existed) { + int ret; + + if (fsp->fh->fd == -1) { + ret = SMB_VFS_STAT(conn, path, psbuf); + } else { + ret = SMB_VFS_FSTAT(fsp, psbuf); + /* If we have an fd, this stat should succeed. */ + if (ret == -1) { + DEBUG(0,("Error doing fstat on open file %s " + "(%s)\n", path,strerror(errno) )); + } + } + + /* For a non-io open, this stat failing means file not found. JRA */ + if (ret == -1) { + status = map_nt_error_from_unix(errno); + fd_close(fsp); + return status; + } + } + + /* + * POSIX allows read-only opens of directories. We don't + * want to do this (we use a different code path for this) + * so catch a directory open and return an EISDIR. JRA. + */ + + if(S_ISDIR(psbuf->st_mode)) { + fd_close(fsp); + errno = EISDIR; + return NT_STATUS_FILE_IS_A_DIRECTORY; + } + + fsp->mode = psbuf->st_mode; + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); + fsp->vuid = req ? req->vuid : UID_FIELD_INVALID; + fsp->file_pid = req ? req->smbpid : 0; + fsp->can_lock = True; + fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False; + if (!CAN_WRITE(conn)) { + fsp->can_write = False; + } else { + fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ? + True : False; + } + fsp->print_file = False; + fsp->modified = False; + fsp->sent_oplock_break = NO_BREAK_SENT; + fsp->is_directory = False; + if (conn->aio_write_behind_list && + is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) { + fsp->aio_write_behind = True; + } + + string_set(&fsp->fsp_name, path); + fsp->wcp = NULL; /* Write cache pointer. */ + + DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n", + conn->server_info->unix_name, + fsp->fsp_name, + BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write), + conn->num_files_open)); + + errno = 0; + return NT_STATUS_OK; +} + +/**************************************************************************** + Handle the 1 second delay in returning a SHARING_VIOLATION error. +****************************************************************************/ + +static void defer_open(struct share_mode_lock *lck, + struct timeval request_time, + struct timeval timeout, + struct smb_request *req, + struct deferred_open_record *state) +{ + int i; + + /* Paranoia check */ + + for (i=0; inum_share_modes; i++) { + struct share_mode_entry *e = &lck->share_modes[i]; + + if (!is_deferred_open_entry(e)) { + continue; + } + + if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) { + DEBUG(0, ("Trying to defer an already deferred " + "request: mid=%d, exiting\n", req->mid)); + exit_server("attempt to defer a deferred request"); + } + } + + /* End paranoia check */ + + DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred " + "open entry for mid %u\n", + (unsigned int)request_time.tv_sec, + (unsigned int)request_time.tv_usec, + (unsigned int)req->mid)); + + if (!push_deferred_smb_message(req, request_time, timeout, + (char *)state, sizeof(*state))) { + exit_server("push_deferred_smb_message failed"); + } + add_deferred_open(lck, req->mid, request_time, state->id); + + /* + * Push the MID of this packet on the signing queue. + * We only do this once, the first time we push the packet + * onto the deferred open queue, as this has a side effect + * of incrementing the response sequence number. + */ + + srv_defer_sign_response(req->mid); +} + +static void schedule_defer_open(struct share_mode_lock *lck, + struct timeval request_time, + struct smb_request *req) +{ + struct deferred_open_record state; + + /* This is a relative time, added to the absolute + request_time value to get the absolute timeout time. + Note that if this is the second or greater time we enter + this codepath for this particular request mid then + request_time is left as the absolute time of the *first* + time this request mid was processed. This is what allows + the request to eventually time out. */ + + struct timeval timeout; + + /* Normally the smbd we asked should respond within + * OPLOCK_BREAK_TIMEOUT seconds regardless of whether + * the client did, give twice the timeout as a safety + * measure here in case the other smbd is stuck + * somewhere else. */ + + timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0); + + /* Nothing actually uses state.delayed_for_oplocks + but it's handy to differentiate in debug messages + between a 30 second delay due to oplock break, and + a 1 second delay for share mode conflicts. */ + + state.delayed_for_oplocks = True; + state.id = lck->id; + + if (!request_timed_out(request_time, timeout)) { + defer_open(lck, request_time, timeout, req, &state); + } +} + +/**************************************************************************** + Open a file with a share mode. Passed in an already created files_struct *. +****************************************************************************/ + +static NTSTATUS open_file_ntcreate(connection_struct *conn, + struct smb_request *req, + const char *fname, + SMB_STRUCT_STAT *psbuf, + uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ + uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ + uint32 create_disposition, /* FILE_OPEN_IF etc. */ + uint32 create_options, /* options such as delete on close. */ + uint32 new_dos_attributes, /* attributes used for new file. */ + int oplock_request, /* internal Samba oplock codes. */ + /* Information (FILE_EXISTS etc.) */ + int *pinfo, + files_struct *fsp) +{ + int flags=0; + int flags2=0; + bool file_existed = VALID_STAT(*psbuf); + bool def_acl = False; + bool posix_open = False; + bool new_file_created = False; + struct file_id id; + NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED; + mode_t new_unx_mode = (mode_t)0; + mode_t unx_mode = (mode_t)0; + int info; + uint32 existing_dos_attributes = 0; + struct pending_message_list *pml = NULL; + struct timeval request_time = timeval_zero(); + struct share_mode_lock *lck = NULL; + uint32 open_access_mask = access_mask; + NTSTATUS status; + int ret_flock; + char *parent_dir; + const char *newname; + + ZERO_STRUCT(id); + + if (conn->printer) { + /* + * Printers are handled completely differently. + * Most of the passed parameters are ignored. + */ + + if (pinfo) { + *pinfo = FILE_WAS_CREATED; + } + + DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname)); + + return print_fsp_open(req, conn, fname, req->vuid, fsp); + } + + if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir, + &newname)) { + return NT_STATUS_NO_MEMORY; + } + + if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) { + posix_open = True; + unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS); + new_dos_attributes = 0; + } else { + /* We add aARCH to this as this mode is only used if the file is + * created new. */ + unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname, + parent_dir); + } + + DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x " + "access_mask=0x%x share_access=0x%x " + "create_disposition = 0x%x create_options=0x%x " + "unix mode=0%o oplock_request=%d\n", + fname, new_dos_attributes, access_mask, share_access, + create_disposition, create_options, unx_mode, + oplock_request)); + + if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) { + DEBUG(0, ("No smb request but not an internal only open!\n")); + return NT_STATUS_INTERNAL_ERROR; + } + + /* + * Only non-internal opens can be deferred at all + */ + + if ((req != NULL) + && ((pml = get_open_deferred_message(req->mid)) != NULL)) { + struct deferred_open_record *state = + (struct deferred_open_record *)pml->private_data.data; + + /* Remember the absolute time of the original + request with this mid. We'll use it later to + see if this has timed out. */ + + request_time = pml->request_time; + + /* Remove the deferred open entry under lock. */ + lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL, + NULL); + if (lck == NULL) { + DEBUG(0, ("could not get share mode lock\n")); + } else { + del_deferred_open_entry(lck, req->mid); + TALLOC_FREE(lck); + } + + /* Ensure we don't reprocess this message. */ + remove_deferred_open_smb_message(req->mid); + } + + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + if (!posix_open) { + new_dos_attributes &= SAMBA_ATTRIBUTES_MASK; + if (file_existed) { + existing_dos_attributes = dos_mode(conn, fname, psbuf); + } + } + + /* ignore any oplock requests if oplocks are disabled */ + if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break || + IS_VETO_OPLOCK_PATH(conn, fname)) { + /* Mask off everything except the private Samba bits. */ + oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK; + } + + /* this is for OS/2 long file names - say we don't support them */ + if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) { + /* OS/2 Workplace shell fix may be main code stream in a later + * release. */ + DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not " + "supported.\n")); + if (use_nt_status()) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + return NT_STATUS_DOS(ERRDOS, ERRcannotopen); + } + + switch( create_disposition ) { + /* + * Currently we're using FILE_SUPERSEDE as the same as + * FILE_OVERWRITE_IF but they really are + * different. FILE_SUPERSEDE deletes an existing file + * (requiring delete access) then recreates it. + */ + case FILE_SUPERSEDE: + /* If file exists replace/overwrite. If file doesn't + * exist create. */ + flags2 |= (O_CREAT | O_TRUNC); + break; + + case FILE_OVERWRITE_IF: + /* If file exists replace/overwrite. If file doesn't + * exist create. */ + flags2 |= (O_CREAT | O_TRUNC); + break; + + case FILE_OPEN: + /* If file exists open. If file doesn't exist error. */ + if (!file_existed) { + DEBUG(5,("open_file_ntcreate: FILE_OPEN " + "requested for file %s and file " + "doesn't exist.\n", fname )); + errno = ENOENT; + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + break; + + case FILE_OVERWRITE: + /* If file exists overwrite. If file doesn't exist + * error. */ + if (!file_existed) { + DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE " + "requested for file %s and file " + "doesn't exist.\n", fname )); + errno = ENOENT; + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + flags2 |= O_TRUNC; + break; + + case FILE_CREATE: + /* If file exists error. If file doesn't exist + * create. */ + if (file_existed) { + DEBUG(5,("open_file_ntcreate: FILE_CREATE " + "requested for file %s and file " + "already exists.\n", fname )); + if (S_ISDIR(psbuf->st_mode)) { + errno = EISDIR; + } else { + errno = EEXIST; + } + return map_nt_error_from_unix(errno); + } + flags2 |= (O_CREAT|O_EXCL); + break; + + case FILE_OPEN_IF: + /* If file exists open. If file doesn't exist + * create. */ + flags2 |= O_CREAT; + break; + + default: + return NT_STATUS_INVALID_PARAMETER; + } + + /* We only care about matching attributes on file exists and + * overwrite. */ + + if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) || + (create_disposition == FILE_OVERWRITE_IF))) { + if (!open_match_attributes(conn, fname, + existing_dos_attributes, + new_dos_attributes, psbuf->st_mode, + unx_mode, &new_unx_mode)) { + DEBUG(5,("open_file_ntcreate: attributes missmatch " + "for file %s (%x %x) (0%o, 0%o)\n", + fname, existing_dos_attributes, + new_dos_attributes, + (unsigned int)psbuf->st_mode, + (unsigned int)unx_mode )); + errno = EACCES; + return NT_STATUS_ACCESS_DENIED; + } + } + + status = calculate_access_mask(conn, fname, file_existed, + access_mask, + &access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_file_ntcreate: calculate_access_mask " + "on file %s returned %s\n", + fname, + nt_errstr(status))); + return status; + } + + open_access_mask = access_mask; + + if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { + open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */ + } + + DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping " + "access_mask=0x%x\n", fname, access_mask )); + + /* + * Note that we ignore the append flag as append does not + * mean the same thing under DOS and Unix. + */ + + if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) || + (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { + /* DENY_DOS opens are always underlying read-write on the + file handle, no matter what the requested access mask + says. */ + if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) || + access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) { + flags = O_RDWR; + } else { + flags = O_WRONLY; + } + } else { + flags = O_RDONLY; + } + + /* + * Currently we only look at FILE_WRITE_THROUGH for create options. + */ + +#if defined(O_SYNC) + if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) { + flags2 |= O_SYNC; + } +#endif /* O_SYNC */ + + if (posix_open && (access_mask & FILE_APPEND_DATA)) { + flags2 |= O_APPEND; + } + + if (!posix_open && !CAN_WRITE(conn)) { + /* + * We should really return a permission denied error if either + * O_CREAT or O_TRUNC are set, but for compatibility with + * older versions of Samba we just AND them out. + */ + flags2 &= ~(O_CREAT|O_TRUNC); + } + + /* + * Ensure we can't write on a read-only share or file. + */ + + if (flags != O_RDONLY && file_existed && + (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) { + DEBUG(5,("open_file_ntcreate: write access requested for " + "file %s on read only %s\n", + fname, !CAN_WRITE(conn) ? "share" : "file" )); + errno = EACCES; + return NT_STATUS_ACCESS_DENIED; + } + + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); + fsp->share_access = share_access; + fsp->fh->private_options = create_options; + fsp->access_mask = open_access_mask; /* We change this to the + * requested access_mask after + * the open is done. */ + fsp->posix_open = posix_open; + + /* Ensure no SAMBA_PRIVATE bits can be set. */ + fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK); + + if (timeval_is_zero(&request_time)) { + request_time = fsp->open_time; + } + + if (file_existed) { + struct timespec old_write_time = get_mtimespec(psbuf); + id = vfs_file_id_from_sbuf(conn, psbuf); + + lck = get_share_mode_lock(talloc_tos(), id, + conn->connectpath, + fname, &old_write_time); + + if (lck == NULL) { + DEBUG(0, ("Could not get share mode lock\n")); + return NT_STATUS_SHARING_VIOLATION; + } + + /* First pass - send break only on batch oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 1, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + return NT_STATUS_SHARING_VIOLATION; + } + + /* Use the client requested access mask here, not the one we + * open with. */ + status = open_mode_check(conn, fname, lck, + access_mask, share_access, + create_options, &file_existed); + + if (NT_STATUS_IS_OK(status)) { + /* We might be going to allow this open. Check oplock + * status again. */ + /* Second pass - send break for both batch or + * exclusive oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 2, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + return NT_STATUS_SHARING_VIOLATION; + } + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) { + /* DELETE_PENDING is not deferred for a second */ + TALLOC_FREE(lck); + return status; + } + + if (!NT_STATUS_IS_OK(status)) { + uint32 can_access_mask; + bool can_access = True; + + SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)); + + /* Check if this can be done with the deny_dos and fcb + * calls. */ + if (create_options & + (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS| + NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) { + if (req == NULL) { + DEBUG(0, ("DOS open without an SMB " + "request!\n")); + TALLOC_FREE(lck); + return NT_STATUS_INTERNAL_ERROR; + } + + /* Use the client requested access mask here, + * not the one we open with. */ + status = fcb_or_dos_open(req, + conn, + fsp, + fname, + id, + req->smbpid, + req->vuid, + access_mask, + share_access, + create_options); + + if (NT_STATUS_IS_OK(status)) { + TALLOC_FREE(lck); + if (pinfo) { + *pinfo = FILE_WAS_OPENED; + } + return NT_STATUS_OK; + } + } + + /* + * This next line is a subtlety we need for + * MS-Access. If a file open will fail due to share + * permissions and also for security (access) reasons, + * we need to return the access failed error, not the + * share error. We can't open the file due to kernel + * oplock deadlock (it's possible we failed above on + * the open_mode_check()) so use a userspace check. + */ + + if (flags & O_RDWR) { + can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA; + } else if (flags & O_WRONLY) { + can_access_mask = FILE_WRITE_DATA; + } else { + can_access_mask = FILE_READ_DATA; + } + + if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) || + !can_access_file_data(conn,fname,psbuf,can_access_mask)) { + can_access = False; + } + + /* + * If we're returning a share violation, ensure we + * cope with the braindead 1 second delay. + */ + + if (!(oplock_request & INTERNAL_OPEN_ONLY) && + lp_defer_sharing_violations()) { + struct timeval timeout; + struct deferred_open_record state; + int timeout_usecs; + + /* this is a hack to speed up torture tests + in 'make test' */ + timeout_usecs = lp_parm_int(SNUM(conn), + "smbd","sharedelay", + SHARING_VIOLATION_USEC_WAIT); + + /* This is a relative time, added to the absolute + request_time value to get the absolute timeout time. + Note that if this is the second or greater time we enter + this codepath for this particular request mid then + request_time is left as the absolute time of the *first* + time this request mid was processed. This is what allows + the request to eventually time out. */ + + timeout = timeval_set(0, timeout_usecs); + + /* Nothing actually uses state.delayed_for_oplocks + but it's handy to differentiate in debug messages + between a 30 second delay due to oplock break, and + a 1 second delay for share mode conflicts. */ + + state.delayed_for_oplocks = False; + state.id = id; + + if ((req != NULL) + && !request_timed_out(request_time, + timeout)) { + defer_open(lck, request_time, timeout, + req, &state); + } + } + + TALLOC_FREE(lck); + if (can_access) { + /* + * We have detected a sharing violation here + * so return the correct error code + */ + status = NT_STATUS_SHARING_VIOLATION; + } else { + status = NT_STATUS_ACCESS_DENIED; + } + return status; + } + + /* + * We exit this block with the share entry *locked*..... + */ + } + + SMB_ASSERT(!file_existed || (lck != NULL)); + + /* + * Ensure we pay attention to default ACLs on directories if required. + */ + + if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) && + (def_acl = directory_has_default_acl(conn, parent_dir))) { + unx_mode = 0777; + } + + DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, " + "access_mask = 0x%x, open_access_mask = 0x%x\n", + (unsigned int)flags, (unsigned int)flags2, + (unsigned int)unx_mode, (unsigned int)access_mask, + (unsigned int)open_access_mask)); + + /* + * open_file strips any O_TRUNC flags itself. + */ + + fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf, + flags|flags2, unx_mode, access_mask, + open_access_mask); + + if (!NT_STATUS_IS_OK(fsp_open)) { + if (lck != NULL) { + TALLOC_FREE(lck); + } + return fsp_open; + } + + if (!file_existed) { + struct timespec old_write_time = get_mtimespec(psbuf); + /* + * Deal with the race condition where two smbd's detect the + * file doesn't exist and do the create at the same time. One + * of them will win and set a share mode, the other (ie. this + * one) should check if the requested share mode for this + * create is allowed. + */ + + /* + * Now the file exists and fsp is successfully opened, + * fsp->dev and fsp->inode are valid and should replace the + * dev=0,inode=0 from a non existent file. Spotted by + * Nadav Danieli . JRA. + */ + + id = fsp->file_id; + + lck = get_share_mode_lock(talloc_tos(), id, + conn->connectpath, + fname, &old_write_time); + + if (lck == NULL) { + DEBUG(0, ("open_file_ntcreate: Could not get share " + "mode lock for %s\n", fname)); + fd_close(fsp); + return NT_STATUS_SHARING_VIOLATION; + } + + /* First pass - send break only on batch oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 1, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + fd_close(fsp); + return NT_STATUS_SHARING_VIOLATION; + } + + status = open_mode_check(conn, fname, lck, + access_mask, share_access, + create_options, &file_existed); + + if (NT_STATUS_IS_OK(status)) { + /* We might be going to allow this open. Check oplock + * status again. */ + /* Second pass - send break for both batch or + * exclusive oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 2, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + fd_close(fsp); + return NT_STATUS_SHARING_VIOLATION; + } + } + + if (!NT_STATUS_IS_OK(status)) { + struct deferred_open_record state; + + fd_close(fsp); + + state.delayed_for_oplocks = False; + state.id = id; + + /* Do it all over again immediately. In the second + * round we will find that the file existed and handle + * the DELETE_PENDING and FCB cases correctly. No need + * to duplicate the code here. Essentially this is a + * "goto top of this function", but don't tell + * anybody... */ + + if (req != NULL) { + defer_open(lck, request_time, timeval_zero(), + req, &state); + } + TALLOC_FREE(lck); + return status; + } + + /* + * We exit this block with the share entry *locked*..... + */ + + } + + SMB_ASSERT(lck != NULL); + + /* note that we ignore failure for the following. It is + basically a hack for NFS, and NFS will never set one of + these only read them. Nobody but Samba can ever set a deny + mode and we have already checked our more authoritative + locking database for permission to set this deny mode. If + the kernel refuses the operations then the kernel is wrong. + note that GPFS supports it as well - jmcd */ + + if (fsp->fh->fd != -1) { + ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access); + if(ret_flock == -1 ){ + + TALLOC_FREE(lck); + fd_close(fsp); + + return NT_STATUS_SHARING_VIOLATION; + } + } + + /* + * At this point onwards, we can guarentee that the share entry + * is locked, whether we created the file or not, and that the + * deny mode is compatible with all current opens. + */ + + /* + * If requested, truncate the file. + */ + + if (flags2&O_TRUNC) { + /* + * We are modifing the file after open - update the stat + * struct.. + */ + if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) || + (SMB_VFS_FSTAT(fsp, psbuf)==-1)) { + status = map_nt_error_from_unix(errno); + TALLOC_FREE(lck); + fd_close(fsp); + return status; + } + } + + /* Record the options we were opened with. */ + fsp->share_access = share_access; + fsp->fh->private_options = create_options; + /* + * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted, + */ + fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES; + + if (file_existed) { + /* stat opens on existing files don't get oplocks. */ + if (is_stat_open(open_access_mask)) { + fsp->oplock_type = NO_OPLOCK; + } + + if (!(flags2 & O_TRUNC)) { + info = FILE_WAS_OPENED; + } else { + info = FILE_WAS_OVERWRITTEN; + } + } else { + info = FILE_WAS_CREATED; + } + + if (pinfo) { + *pinfo = info; + } + + /* + * Setup the oplock info in both the shared memory and + * file structs. + */ + + if ((fsp->oplock_type != NO_OPLOCK) && + (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) { + if (!set_file_oplock(fsp, fsp->oplock_type)) { + /* Could not get the kernel oplock */ + fsp->oplock_type = NO_OPLOCK; + } + } + + if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) { + new_file_created = True; + } + + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, + fsp->oplock_type); + + /* Handle strange delete on close create semantics. */ + if (create_options & FILE_DELETE_ON_CLOSE) { + + status = can_set_delete_on_close(fsp, True, new_dos_attributes); + + if (!NT_STATUS_IS_OK(status)) { + /* Remember to delete the mode we just added. */ + del_share_mode(lck, fsp); + TALLOC_FREE(lck); + fd_close(fsp); + return status; + } + /* Note that here we set the *inital* delete on close flag, + not the regular one. The magic gets handled in close. */ + fsp->initial_delete_on_close = True; + } + + if (new_file_created) { + /* Files should be initially set as archive */ + if (lp_map_archive(SNUM(conn)) || + lp_store_dos_attributes(SNUM(conn))) { + if (!posix_open) { + SMB_STRUCT_STAT tmp_sbuf; + SET_STAT_INVALID(tmp_sbuf); + if (file_set_dosmode( + conn, fname, + new_dos_attributes | aARCH, + &tmp_sbuf, parent_dir, + true) == 0) { + unx_mode = tmp_sbuf.st_mode; + } + } + } + } + + /* + * Take care of inherited ACLs on created files - if default ACL not + * selected. + */ + + if (!posix_open && !file_existed && !def_acl) { + + int saved_errno = errno; /* We might get ENOSYS in the next + * call.. */ + + if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 && + errno == ENOSYS) { + errno = saved_errno; /* Ignore ENOSYS */ + } + + } else if (new_unx_mode) { + + int ret = -1; + + /* Attributes need changing. File already existed. */ + + { + int saved_errno = errno; /* We might get ENOSYS in the + * next call.. */ + ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode); + + if (ret == -1 && errno == ENOSYS) { + errno = saved_errno; /* Ignore ENOSYS */ + } else { + DEBUG(5, ("open_file_ntcreate: reset " + "attributes of file %s to 0%o\n", + fname, (unsigned int)new_unx_mode)); + ret = 0; /* Don't do the fchmod below. */ + } + } + + if ((ret == -1) && + (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1)) + DEBUG(5, ("open_file_ntcreate: failed to reset " + "attributes of file %s to 0%o\n", + fname, (unsigned int)new_unx_mode)); + } + + /* If this is a successful open, we must remove any deferred open + * records. */ + if (req != NULL) { + del_deferred_open_entry(lck, req->mid); + } + TALLOC_FREE(lck); + + return NT_STATUS_OK; +} + +/**************************************************************************** + Open a directory from an NT SMB call. +****************************************************************************/ + +static NTSTATUS open_directory(connection_struct *conn, + struct smb_request *req, + const char *fname, + SMB_STRUCT_STAT *psbuf, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 file_attributes, + int *pinfo, + files_struct **result) +{ + files_struct *fsp = NULL; + bool dir_existed = VALID_STAT(*psbuf) ? True : False; + struct share_mode_lock *lck = NULL; + NTSTATUS status; + struct timespec mtimespec; + int info = 0; + + DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, " + "share_access = 0x%x create_options = 0x%x, " + "create_disposition = 0x%x, file_attributes = 0x%x\n", + fname, + (unsigned int)access_mask, + (unsigned int)share_access, + (unsigned int)create_options, + (unsigned int)create_disposition, + (unsigned int)file_attributes)); + + if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && + (conn->fs_capabilities & FILE_NAMED_STREAMS) && + is_ntfs_stream_name(fname)) { + DEBUG(2, ("open_directory: %s is a stream name!\n", fname)); + return NT_STATUS_NOT_A_DIRECTORY; + } + + status = calculate_access_mask(conn, fname, dir_existed, + access_mask, + &access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_directory: calculate_access_mask " + "on file %s returned %s\n", + fname, + nt_errstr(status))); + return status; + } + + switch( create_disposition ) { + case FILE_OPEN: + + info = FILE_WAS_OPENED; + + /* + * We want to follow symlinks here. + */ + + if (SMB_VFS_STAT(conn, fname, psbuf) != 0) { + return map_nt_error_from_unix(errno); + } + + break; + + case FILE_CREATE: + + /* If directory exists error. If directory doesn't + * exist create. */ + + status = mkdir_internal(conn, + fname, + file_attributes, + psbuf); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("open_directory: unable to create " + "%s. Error was %s\n", fname, + nt_errstr(status))); + return status; + } + + info = FILE_WAS_CREATED; + break; + + case FILE_OPEN_IF: + /* + * If directory exists open. If directory doesn't + * exist create. + */ + + status = mkdir_internal(conn, + fname, + file_attributes, + psbuf); + + if (NT_STATUS_IS_OK(status)) { + info = FILE_WAS_CREATED; + } + + if (NT_STATUS_EQUAL(status, + NT_STATUS_OBJECT_NAME_COLLISION)) { + info = FILE_WAS_OPENED; + status = NT_STATUS_OK; + } + + break; + + case FILE_SUPERSEDE: + case FILE_OVERWRITE: + case FILE_OVERWRITE_IF: + default: + DEBUG(5,("open_directory: invalid create_disposition " + "0x%x for directory %s\n", + (unsigned int)create_disposition, fname)); + return NT_STATUS_INVALID_PARAMETER; + } + + if(!S_ISDIR(psbuf->st_mode)) { + DEBUG(5,("open_directory: %s is not a directory !\n", + fname )); + return NT_STATUS_NOT_A_DIRECTORY; + } + + if (info == FILE_WAS_OPENED) { + status = check_open_rights(conn, + fname, + access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_directory: check_open_rights on " + "file %s failed with %s\n", + fname, + nt_errstr(status))); + return status; + } + } + + status = file_new(req, conn, &fsp); + if(!NT_STATUS_IS_OK(status)) { + return status; + } + + /* + * Setup the files_struct for it. + */ + + fsp->mode = psbuf->st_mode; + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); + fsp->vuid = req ? req->vuid : UID_FIELD_INVALID; + fsp->file_pid = req ? req->smbpid : 0; + fsp->can_lock = False; + fsp->can_read = False; + fsp->can_write = False; + + fsp->share_access = share_access; + fsp->fh->private_options = create_options; + /* + * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted, + */ + fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES; + fsp->print_file = False; + fsp->modified = False; + fsp->oplock_type = NO_OPLOCK; + fsp->sent_oplock_break = NO_BREAK_SENT; + fsp->is_directory = True; + fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False; + + string_set(&fsp->fsp_name,fname); + + mtimespec = get_mtimespec(psbuf); + + lck = get_share_mode_lock(talloc_tos(), fsp->file_id, + conn->connectpath, + fname, &mtimespec); + + if (lck == NULL) { + DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname)); + file_free(req, fsp); + return NT_STATUS_SHARING_VIOLATION; + } + + status = open_mode_check(conn, fname, lck, + access_mask, share_access, + create_options, &dir_existed); + + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(lck); + file_free(req, fsp); + return status; + } + + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); + + /* For directories the delete on close bit at open time seems + always to be honored on close... See test 19 in Samba4 BASE-DELETE. */ + if (create_options & FILE_DELETE_ON_CLOSE) { + status = can_set_delete_on_close(fsp, True, 0); + if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) { + TALLOC_FREE(lck); + file_free(req, fsp); + return status; + } + + if (NT_STATUS_IS_OK(status)) { + /* Note that here we set the *inital* delete on close flag, + not the regular one. The magic gets handled in close. */ + fsp->initial_delete_on_close = True; + } + } + + TALLOC_FREE(lck); + + if (pinfo) { + *pinfo = info; + } + + *result = fsp; + return NT_STATUS_OK; +} + +/* + * If a main file is opened for delete, all streams need to be checked for + * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS. + * If that works, delete them all by setting the delete on close and close. + */ + +static NTSTATUS open_streams_for_delete(connection_struct *conn, + const char *fname) +{ + struct stream_struct *stream_info; + files_struct **streams; + int i; + unsigned int num_streams; + TALLOC_CTX *frame = talloc_stackframe(); + NTSTATUS status; + + status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(), + &num_streams, &stream_info); + + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED) + || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { + DEBUG(10, ("no streams around\n")); + TALLOC_FREE(frame); + return NT_STATUS_OK; + } + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n", + nt_errstr(status))); + goto fail; + } + + DEBUG(10, ("open_streams_for_delete found %d streams\n", + num_streams)); + + if (num_streams == 0) { + TALLOC_FREE(frame); + return NT_STATUS_OK; + } + + streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams); + if (streams == NULL) { + DEBUG(0, ("talloc failed\n")); + status = NT_STATUS_NO_MEMORY; + goto fail; + } + + for (i=0; i= 0; i--) { + if (streams[i] == NULL) { + continue; + } + + DEBUG(10, ("Closing stream # %d, %s\n", i, + streams[i]->fsp_name)); + close_file(NULL, streams[i], NORMAL_CLOSE); + } + + fail: + TALLOC_FREE(frame); + return status; +} + +/* + * Wrapper around open_file_ntcreate and open_directory + */ + +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + SMB_STRUCT_STAT sbuf; + int info = FILE_WAS_OPENED; + files_struct *base_fsp = NULL; + files_struct *fsp = NULL; + NTSTATUS status; + + DEBUG(10,("create_file_unixpath: access_mask = 0x%x " + "file_attributes = 0x%x, share_access = 0x%x, " + "create_disposition = 0x%x create_options = 0x%x " + "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, " + "fname = %s\n", + (unsigned int)access_mask, + (unsigned int)file_attributes, + (unsigned int)share_access, + (unsigned int)create_disposition, + (unsigned int)create_options, + (unsigned int)oplock_request, + ea_list, sd, fname)); + + if (create_options & FILE_OPEN_BY_FILE_ID) { + status = NT_STATUS_NOT_SUPPORTED; + goto fail; + } + + if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + if (req == NULL) { + oplock_request |= INTERNAL_OPEN_ONLY; + } + + if (psbuf != NULL) { + sbuf = *psbuf; + } + else { + if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) { + SET_STAT_INVALID(sbuf); + } + } + + if ((conn->fs_capabilities & FILE_NAMED_STREAMS) + && (access_mask & DELETE_ACCESS) + && !is_ntfs_stream_name(fname)) { + /* + * We can't open a file with DELETE access if any of the + * streams is open without FILE_SHARE_DELETE + */ + status = open_streams_for_delete(conn, fname); + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + } + + /* This is the correct thing to do (check every time) but can_delete + * is expensive (it may have to read the parent directory + * permissions). So for now we're not doing it unless we have a strong + * hint the client is really going to delete this file. If the client + * is forcing FILE_CREATE let the filesystem take care of the + * permissions. */ + + /* Setting FILE_SHARE_DELETE is the hint. */ + + if (lp_acl_check_permissions(SNUM(conn)) + && (create_disposition != FILE_CREATE) + && (share_access & FILE_SHARE_DELETE) + && (access_mask & DELETE_ACCESS) + && (!can_delete_file_in_directory(conn, fname))) { + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } + +#if 0 + /* We need to support SeSecurityPrivilege for this. */ + if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) && + !user_has_privileges(current_user.nt_user_token, + &se_security)) { + status = NT_STATUS_PRIVILEGE_NOT_HELD; + goto fail; + } +#endif + + if ((conn->fs_capabilities & FILE_NAMED_STREAMS) + && is_ntfs_stream_name(fname) + && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) { + char *base; + uint32 base_create_disposition; + + if (create_options & FILE_DIRECTORY_FILE) { + status = NT_STATUS_NOT_A_DIRECTORY; + goto fail; + } + + status = split_ntfs_stream_name(talloc_tos(), fname, + &base, NULL); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("create_file_unixpath: " + "split_ntfs_stream_name failed: %s\n", + nt_errstr(status))); + goto fail; + } + + SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */ + + switch (create_disposition) { + case FILE_OPEN: + base_create_disposition = FILE_OPEN; + break; + default: + base_create_disposition = FILE_OPEN_IF; + break; + } + + status = create_file_unixpath(conn, NULL, base, 0, + FILE_SHARE_READ + | FILE_SHARE_WRITE + | FILE_SHARE_DELETE, + base_create_disposition, + 0, 0, 0, 0, NULL, NULL, + &base_fsp, NULL, NULL); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("create_file_unixpath for base %s failed: " + "%s\n", base, nt_errstr(status))); + goto fail; + } + /* we don't need to low level fd */ + fd_close(base_fsp); + } + + /* + * If it's a request for a directory open, deal with it separately. + */ + + if (create_options & FILE_DIRECTORY_FILE) { + + if (create_options & FILE_NON_DIRECTORY_FILE) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + /* Can't open a temp directory. IFS kit test. */ + if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && + (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + /* + * We will get a create directory here if the Win32 + * app specified a security descriptor in the + * CreateDirectory() call. + */ + + oplock_request = 0; + status = open_directory( + conn, req, fname, &sbuf, access_mask, share_access, + create_disposition, create_options, file_attributes, + &info, &fsp); + } else { + + /* + * Ordinary file case. + */ + + status = file_new(req, conn, &fsp); + if(!NT_STATUS_IS_OK(status)) { + goto fail; + } + + /* + * We're opening the stream element of a base_fsp + * we already opened. Set up the base_fsp pointer. + */ + if (base_fsp) { + fsp->base_fsp = base_fsp; + } + + status = open_file_ntcreate(conn, + req, + fname, + &sbuf, + access_mask, + share_access, + create_disposition, + create_options, + file_attributes, + oplock_request, + &info, + fsp); + + if(!NT_STATUS_IS_OK(status)) { + file_free(req, fsp); + fsp = NULL; + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) { + + /* A stream open never opens a directory */ + + if (base_fsp) { + status = NT_STATUS_FILE_IS_A_DIRECTORY; + goto fail; + } + + /* + * Fail the open if it was explicitly a non-directory + * file. + */ + + if (create_options & FILE_NON_DIRECTORY_FILE) { + status = NT_STATUS_FILE_IS_A_DIRECTORY; + goto fail; + } + + oplock_request = 0; + status = open_directory( + conn, req, fname, &sbuf, access_mask, + share_access, create_disposition, + create_options, file_attributes, + &info, &fsp); + } + } + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + fsp->base_fsp = base_fsp; + + /* + * According to the MS documentation, the only time the security + * descriptor is applied to the opened file is iff we *created* the + * file; an existing file stays the same. + * + * Also, it seems (from observation) that you can open the file with + * any access mask but you can still write the sd. We need to override + * the granted access before we call set_sd + * Patch for bug #2242 from Tom Lackemann . + */ + + if ((sd != NULL) && (info == FILE_WAS_CREATED) + && lp_nt_acl_support(SNUM(conn))) { + + uint32_t sec_info_sent; + uint32_t saved_access_mask = fsp->access_mask; + + sec_info_sent = get_sec_info(sd); + + fsp->access_mask = FILE_GENERIC_ALL; + + /* Convert all the generic bits. */ + security_acl_map_generic(sd->dacl, &file_generic_mapping); + security_acl_map_generic(sd->sacl, &file_generic_mapping); + + if (sec_info_sent & (OWNER_SECURITY_INFORMATION| + GROUP_SECURITY_INFORMATION| + DACL_SECURITY_INFORMATION| + SACL_SECURITY_INFORMATION)) { + status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd); + } + + fsp->access_mask = saved_access_mask; + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + } + + if ((ea_list != NULL) && (info == FILE_WAS_CREATED)) { + status = set_ea(conn, fsp, fname, ea_list); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + } + + if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) { + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } + + /* Save the requested allocation size. */ + if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) { + if (allocation_size + && (allocation_size > sbuf.st_size)) { + fsp->initial_allocation_size = smb_roundup( + fsp->conn, allocation_size); + if (fsp->is_directory) { + /* Can't set allocation size on a directory. */ + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } + if (vfs_allocate_file_space( + fsp, fsp->initial_allocation_size) == -1) { + status = NT_STATUS_DISK_FULL; + goto fail; + } + } else { + fsp->initial_allocation_size = smb_roundup( + fsp->conn, (uint64_t)sbuf.st_size); + } + } + + DEBUG(10, ("create_file_unixpath: info=%d\n", info)); + + *result = fsp; + if (pinfo != NULL) { + *pinfo = info; + } + if (psbuf != NULL) { + if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) { + *psbuf = sbuf; + } + else { + SMB_VFS_FSTAT(fsp, psbuf); + } + } + return NT_STATUS_OK; + + fail: + DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status))); + + if (fsp != NULL) { + if (base_fsp && fsp->base_fsp == base_fsp) { + /* + * The close_file below will close + * fsp->base_fsp. + */ + base_fsp = NULL; + } + close_file(req, fsp, ERROR_CLOSE); + fsp = NULL; + } + if (base_fsp != NULL) { + close_file(req, base_fsp, ERROR_CLOSE); + base_fsp = NULL; + } + return status; +} +NTSTATUS create_file_default(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t create_file_flags, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + struct case_semantics_state *case_state = NULL; + SMB_STRUCT_STAT sbuf; + int info = FILE_WAS_OPENED; + files_struct *fsp = NULL; + NTSTATUS status; + + DEBUG(10,("create_file: access_mask = 0x%x " + "file_attributes = 0x%x, share_access = 0x%x, " + "create_disposition = 0x%x create_options = 0x%x " + "oplock_request = 0x%x " + "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, " + "create_file_flags = 0x%x, fname = %s\n", + (unsigned int)access_mask, + (unsigned int)file_attributes, + (unsigned int)share_access, + (unsigned int)create_disposition, + (unsigned int)create_options, + (unsigned int)oplock_request, + (unsigned int)root_dir_fid, + ea_list, sd, create_file_flags, fname)); + + /* + * Calculate the filename from the root_dir_if if necessary. + */ + + if (root_dir_fid != 0) { + char *new_fname; + + status = get_relative_fid_filename(conn, req, root_dir_fid, + fname, &new_fname); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + fname = new_fname; + } + + /* + * Check to see if this is a mac fork of some kind. + */ + + if (is_ntfs_stream_name(fname)) { + enum FAKE_FILE_TYPE fake_file_type; + + fake_file_type = is_fake_file(fname); + + if (fake_file_type != FAKE_FILE_TYPE_NONE) { + + /* + * Here we go! support for changing the disk quotas + * --metze + * + * We need to fake up to open this MAGIC QUOTA file + * and return a valid FID. + * + * w2k close this file directly after openening xp + * also tries a QUERY_FILE_INFO on the file and then + * close it + */ + status = open_fake_file(req, conn, req->vuid, + fake_file_type, fname, + access_mask, &fsp); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + ZERO_STRUCT(sbuf); + goto done; + } + + if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) { + status = NT_STATUS_OBJECT_PATH_NOT_FOUND; + goto fail; + } + } + + if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) { + char *resolved_fname; + + status = resolve_dfspath(talloc_tos(), conn, true, fname, + &resolved_fname); + + if (!NT_STATUS_IS_OK(status)) { + /* + * For PATH_NOT_COVERED we had + * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + * ERRSRV, ERRbadpath); + * Need to fix in callers + */ + goto fail; + } + fname = resolved_fname; + } + + /* + * Check if POSIX semantics are wanted. + */ + + if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { + case_state = set_posix_case_semantics(talloc_tos(), conn); + } + + if (create_file_flags & CFF_DOS_PATH) { + char *converted_fname; + + SET_STAT_INVALID(sbuf); + + status = unix_convert(talloc_tos(), conn, fname, False, + &converted_fname, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + fname = converted_fname; + } else { + if (psbuf != NULL) { + sbuf = *psbuf; + } else { + if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) { + SET_STAT_INVALID(sbuf); + } + } + + } + + TALLOC_FREE(case_state); + + /* All file access must go through check_name() */ + + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + status = create_file_unixpath( + conn, req, fname, access_mask, share_access, + create_disposition, create_options, file_attributes, + oplock_request, allocation_size, sd, ea_list, + &fsp, &info, &sbuf); + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + done: + DEBUG(10, ("create_file: info=%d\n", info)); + + *result = fsp; + if (pinfo != NULL) { + *pinfo = info; + } + if (psbuf != NULL) { + *psbuf = sbuf; + } + return NT_STATUS_OK; + + fail: + DEBUG(10, ("create_file: %s\n", nt_errstr(status))); + + if (fsp != NULL) { + close_file(req, fsp, ERROR_CLOSE); + fsp = NULL; + } + return status; +} -- cgit From e0711ffa526e22e3ffe483319ce5d7725d578647 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 8 Dec 2008 16:57:58 -0800 Subject: s3: Add the OneFS SMB_VFS_CREATE_FILE implementation This is the first pass at extending the onefs vfs module to support the CIFS-specific enhancements available on OneFS. Most of this patch is massaging the sama open path to work with ifs_createfile. ifs_createfile is a CIFS-specific syscall for opening/files and directories. It adds support for: - Full in-kernel access checks using a windows access_mask - Cluster-coherent share mode locks - Cluster-coherent oplocks - Streams - Setting security descriptors at create time - Setting dos_attributes at create time This patch does not implement the samba side of the streams support or oplocks support. Tests that expect oplocks to be granted or streams to be supported will fail. This will be remedied in upcoming patches. --- source3/Makefile.in | 3 +- source3/modules/onefs.h | 68 +- source3/modules/onefs_acl.c | 119 ++-- source3/modules/onefs_open.c | 1442 ++++++++++++++++++++++------------------ source3/modules/onefs_system.c | 214 ++++++ source3/modules/vfs_onefs.c | 27 +- 6 files changed, 1162 insertions(+), 711 deletions(-) create mode 100644 source3/modules/onefs_system.c (limited to 'source3') diff --git a/source3/Makefile.in b/source3/Makefile.in index bf79a7dfda..f53406c39e 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -650,7 +650,8 @@ VFS_SYNCOPS_OBJ = modules/vfs_syncops.o VFS_ACL_XATTR_OBJ = modules/vfs_acl_xattr.o VFS_ACL_TDB_OBJ = modules/vfs_acl_tdb.o VFS_SMB_TRAFFIC_ANALYZER_OBJ = modules/vfs_smb_traffic_analyzer.o -VFS_ONEFS_OBJ = modules/vfs_onefs.o modules/onefs_acl.o +VFS_ONEFS_OBJ = modules/vfs_onefs.o modules/onefs_acl.o modules/onefs_system.o \ + modules/onefs_open.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h index 965f39509a..8d0f45abdb 100644 --- a/source3/modules/onefs.h +++ b/source3/modules/onefs.h @@ -21,6 +21,10 @@ #ifndef _ONEFS_H #define _ONEFS_H +#include "includes.h" + +#include + /* OneFS Module smb.conf parameters and defaults */ /** @@ -34,13 +38,6 @@ enum onefs_acl_wire_format ACL_FORMAT_ALWAYS /**< Always canonicalize */ }; -const struct enum_list enum_onefs_acl_wire_format[] = { - {ACL_FORMAT_RAW, "No Format"}, - {ACL_FORMAT_WINDOWS_SD, "Format Windows SD"}, - {ACL_FORMAT_ALWAYS, "Always Format SD"}, - {-1, NULL} -}; - #define PARM_ONEFS_TYPE "onefs" #define PARM_ACL_WIRE_FORMAT "acl wire format" #define PARM_ACL_WIRE_FORMAT_DEFAULT ACL_FORMAT_WINDOWS_SD @@ -49,4 +46,61 @@ const struct enum_list enum_onefs_acl_wire_format[] = { #define PARM_CREATOR_OWNER_GETS_FULL_CONTROL "creator owner gets full control" #define PARM_CREATOR_OWNER_GETS_FULL_CONTROL_DEFAULT true +/* + * vfs interface handlers + */ +NTSTATUS onefs_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t create_file_flags, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); + +NTSTATUS onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, + uint32 security_info, SEC_DESC **ppdesc); + +NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, + uint32 security_info, SEC_DESC **ppdesc); + +NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, + uint32 security_info_sent, SEC_DESC *psd); + + +/* + * Utility functions + */ +NTSTATUS onefs_setup_sd(uint32 security_info_sent, SEC_DESC *psd, + struct ifs_security_descriptor *sd); + +/* + * System Interfaces + */ +int onefs_sys_create_file(connection_struct *conn, + int base_fd, + const char *path, + uint32_t access_mask, + uint32_t open_access_mask, + uint32_t share_access, + uint32_t create_options, + int flags, + mode_t mode, + int oplock_request, + uint64_t id, + struct security_descriptor *sd, + uint32_t ntfs_flags, + int *granted_oplock); + + + #endif /* _ONEFS_H */ diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c index 3a692c95ab..5351118a87 100644 --- a/source3/modules/onefs_acl.c +++ b/source3/modules/onefs_acl.c @@ -19,20 +19,23 @@ * along with this program; if not, see . */ -#include "includes.h" +#include "onefs.h" -#include #include -#include #include -#include "onefs.h" +const struct enum_list enum_onefs_acl_wire_format[] = { + {ACL_FORMAT_RAW, "No Format"}, + {ACL_FORMAT_WINDOWS_SD, "Format Windows SD"}, + {ACL_FORMAT_ALWAYS, "Always Format SD"}, + {-1, NULL} +}; /** * Turn SID into UID/GID and setup a struct ifs_identity */ static bool -onefs_sid_to_identity(DOM_SID *sid, struct ifs_identity *id, bool is_group) +onefs_sid_to_identity(const DOM_SID *sid, struct ifs_identity *id, bool is_group) { enum ifs_identity_type type = IFS_ID_TYPE_LAST+1; uid_t uid = 0; @@ -514,15 +517,22 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, if (security_info & SACL_SECURITY_INFORMATION) desired_access |= IFS_RTS_SACL_ACCESS; - if ((fsp->fh->fd = ifs_createfile(-1, - fsp->fsp_name, - desired_access, - 0, 0, - OPLOCK_NONE, - 0, NULL, 0, - NULL, 0, NULL)) == -1) { - DEBUG(0, ("Error opening file %s. errno=%d\n", - fsp->fsp_name, errno)); + if ((fsp->fh->fd = onefs_sys_create_file(handle->conn, + -1, + fsp->fsp_name, + desired_access, + desired_access, + 0, + 0, + 0, + 0, + INTERNAL_OPEN_ONLY, + 0, + NULL, + 0, + NULL)) == -1) { + DEBUG(0, ("Error opening file %s. errno=%d (%s)\n", + fsp->fsp_name, errno, strerror(errno))); status = map_nt_error_from_unix(errno); goto out; } @@ -679,22 +689,18 @@ onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, } /** - * Isilon-specific function for setting an NTFS ACL on an open file. + * Isilon-specific function for setting up an ifs_security_descriptor, given a + * samba SEC_DESC. * - * @return NT_STATUS_UNSUCCESSFUL for userspace errors, NTSTATUS based off - * errno on syscall errors + * @param[out] sd ifs_security_descriptor to fill in + * + * @return NTSTATUS_OK if successful */ -NTSTATUS -onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info_sent, SEC_DESC *psd) +NTSTATUS onefs_setup_sd(uint32 security_info_sent, SEC_DESC *psd, + struct ifs_security_descriptor *sd) { - struct ifs_security_descriptor sd = {}; struct ifs_security_acl dacl, sacl, *daclp, *saclp; struct ifs_identity owner, group, *ownerp, *groupp; - int fd; - bool fopened = false; - - DEBUG(5,("Setting SD on file %s.\n", fsp->fsp_name )); ownerp = NULL; groupp = NULL; @@ -759,10 +765,37 @@ onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, /* Setup ifs_security_descriptor */ DEBUG(5,("Setting up SD\n")); - if (aclu_initialize_sd(&sd, psd->type, ownerp, groupp, - (daclp ? &daclp : NULL), (saclp ? &saclp : NULL), false)) + if (aclu_initialize_sd(sd, psd->type, ownerp, groupp, + (daclp ? &daclp : NULL), (saclp ? &saclp : NULL), false)) return NT_STATUS_UNSUCCESSFUL; + return NT_STATUS_OK; +} + +/** + * Isilon-specific function for setting an NTFS ACL on an open file. + * + * @return NT_STATUS_UNSUCCESSFUL for userspace errors, NTSTATUS based off + * errno on syscall errors + */ +NTSTATUS +onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, + uint32 security_info_sent, SEC_DESC *psd) +{ + struct ifs_security_descriptor sd = {}; + int fd; + bool fopened = false; + NTSTATUS status; + + DEBUG(5,("Setting SD on file %s.\n", fsp->fsp_name )); + + status = onefs_setup_sd(security_info_sent, psd, &sd); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("SD initialization failure: %s", nt_errstr(status))); + return status; + } + fd = fsp->fh->fd; if (fd == -1) { enum ifs_ace_rights desired_access = 0; @@ -775,16 +808,24 @@ onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, if (security_info_sent & SACL_SECURITY_INFORMATION) desired_access |= IFS_RTS_SACL_ACCESS; - if ((fd = ifs_createfile(-1, - fsp->fsp_name, - desired_access, - 0, 0, - OPLOCK_NONE, - 0, NULL, 0, - NULL, 0, NULL)) == -1) { - DEBUG(0, ("Error opening file %s. errno=%d\n", - fsp->fsp_name, errno)); - return map_nt_error_from_unix(errno); + if ((fd = onefs_sys_create_file(handle->conn, + -1, + fsp->fsp_name, + desired_access, + desired_access, + 0, + 0, + 0, + 0, + INTERNAL_OPEN_ONLY, + 0, + NULL, + 0, + NULL)) == -1) { + DEBUG(0, ("Error opening file %s. errno=%d (%s)\n", + fsp->fsp_name, errno, strerror(errno))); + status = map_nt_error_from_unix(errno); + goto out; } fopened = true; } @@ -792,10 +833,12 @@ onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, errno = 0; if (ifs_set_security_descriptor(fd, security_info_sent, &sd)) { DEBUG(0, ("Error setting security descriptor = %d\n", errno)); + status = map_nt_error_from_unix(errno); goto out; } DEBUG(5, ("Security descriptor set correctly!\n")); + status = NT_STATUS_OK; /* FALLTHROUGH */ out: @@ -803,5 +846,5 @@ out: close(fd); aclu_free_sd(&sd, false); - return errno ? map_nt_error_from_unix(errno) : NT_STATUS_OK; + return status; } diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c index f45cc471ce..bda5e7e91a 100644 --- a/source3/modules/onefs_open.c +++ b/source3/modules/onefs_open.c @@ -1,71 +1,93 @@ /* - Unix SMB/CIFS implementation. - file opening and share modes - Copyright (C) Andrew Tridgell 1992-1998 - Copyright (C) Jeremy Allison 2001-2004 - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ + * Unix SMB/CIFS implementation. + * + * This file began with some code from source3/smbd/open.c and modified it to + * work with ifs_createfile. + * + * ifs_createfile is a CIFS-specific syscall for opening/files and + * directories. It adds support for: + * - Full in-kernel access checks using a windows access_mask + * - Cluster-coherent share mode locks + * - Cluster-coherent oplocks + * - Streams + * - Setting security descriptors at create time + * - Setting dos_attributes at create time + * + * Copyright (C) Andrew Tridgell 1992-1998 + * Copyright (C) Jeremy Allison 2001-2004 + * Copyright (C) Volker Lendecke 2005 + * Copyright (C) Tim Prouty, 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ -#include "includes.h" +#include "onefs.h" extern const struct generic_mapping file_generic_mapping; extern bool global_client_failed_oplock_break; struct deferred_open_record { bool delayed_for_oplocks; + bool failed; /* added for onefs_oplocks */ struct file_id id; }; -static NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf); +static NTSTATUS onefs_create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); /**************************************************************************** Open a file. ****************************************************************************/ -static NTSTATUS open_file(files_struct *fsp, - connection_struct *conn, - struct smb_request *req, - const char *parent_dir, - const char *name, - const char *path, - SMB_STRUCT_STAT *psbuf, - int flags, - mode_t unx_mode, - uint32 access_mask, /* client requested access mask. */ - uint32 open_access_mask) /* what we're actually using in the open. */ +static NTSTATUS onefs_open_file(files_struct *fsp, + connection_struct *conn, + struct smb_request *req, + const char *parent_dir, + const char *name, + const char *path, + SMB_STRUCT_STAT *psbuf, + int flags, + mode_t unx_mode, + uint32 access_mask, + uint32 open_access_mask, + int oplock_request, + uint64 id, + uint32 share_access, + uint32 create_options, + uint32_t new_dos_attributes, + struct security_descriptor *sd, + int *granted_oplock) { NTSTATUS status = NT_STATUS_OK; int accmode = (flags & O_ACCMODE); int local_flags = flags; bool file_existed = VALID_STAT(*psbuf); + const char *wild; fsp->fh->fd = -1; errno = EPERM; @@ -110,90 +132,118 @@ static NTSTATUS open_file(files_struct *fsp, */ if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) { - DEBUG(10,("open_file: truncate requested on read-only open " - "for file %s\n", path)); + DEBUG(10,("onefs_open_file: truncate requested on read-only " + "open for file %s\n", path)); local_flags = (flags & ~O_ACCMODE)|O_RDWR; } - if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) || - (!file_existed && (local_flags & O_CREAT)) || - ((local_flags & O_TRUNC) == O_TRUNC) ) { - const char *wild; +#if defined(O_NONBLOCK) && defined(S_ISFIFO) + /* + * We would block on opening a FIFO with no one else on the + * other end. Do what we used to do and add O_NONBLOCK to the + * open flags. JRA. + */ + + if (file_existed && S_ISFIFO(psbuf->st_mode)) { + local_flags |= O_NONBLOCK; + } +#endif + /* Don't create files with Microsoft wildcard characters. */ + if (fsp->base_fsp) { /* - * We can't actually truncate here as the file may be locked. - * open_file_ntcreate will take care of the truncate later. JRA. + * wildcard characters are allowed in stream names + * only test the basefilename */ - - local_flags &= ~O_TRUNC; - -#if defined(O_NONBLOCK) && defined(S_ISFIFO) + wild = fsp->base_fsp->fsp_name; + } else { + wild = path; + } + if ((local_flags & O_CREAT) && !file_existed && + ms_has_wild(wild)) { /* - * We would block on opening a FIFO with no one else on the - * other end. Do what we used to do and add O_NONBLOCK to the - * open flags. JRA. + * XXX: may need to remvoe this return... + * + * We dont think this check needs to exist. All it does is + * block creating files with Microsoft wildcards, which is + * fine if the creation originated from NFS or locally and + * then was copied via Samba. */ + DEBUG(1, ("onefs_open_file: creating file with wildcard: %s\n", + path)); + return NT_STATUS_OBJECT_NAME_INVALID; + } - if (file_existed && S_ISFIFO(psbuf->st_mode)) { - local_flags |= O_NONBLOCK; - } -#endif - - /* Don't create files with Microsoft wildcard characters. */ - if (fsp->base_fsp) { - /* - * wildcard characters are allowed in stream names - * only test the basefilename - */ - wild = fsp->base_fsp->fsp_name; - } else { - wild = path; - } - if ((local_flags & O_CREAT) && !file_existed && - ms_has_wild(wild)) { - return NT_STATUS_OBJECT_NAME_INVALID; - } + /* Actually do the open */ - /* Actually do the open */ - status = fd_open(conn, path, fsp, local_flags, unx_mode); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("Error opening file %s (%s) (local_flags=%d) " - "(flags=%d)\n", - path,nt_errstr(status),local_flags,flags)); - return status; - } +#ifdef O_NOFOLLOW + /* + * Never follow symlinks on a POSIX client. The + * client should be doing this. + */ - if ((local_flags & O_CREAT) && !file_existed) { + if (fsp->posix_open || !lp_symlinks(SNUM(conn))) { + flags |= O_NOFOLLOW; + } +#endif + /* Don't request an oplock if oplocks are turned off for the + * share. */ + if (!lp_oplocks(SNUM(conn))) + oplock_request = 0; - /* Inherit the ACL if required */ - if (lp_inherit_perms(SNUM(conn))) { - inherit_access_posix_acl(conn, parent_dir, path, - unx_mode); + fsp->fh->fd = onefs_sys_create_file(conn, + -1, + path, + access_mask, + open_access_mask, + share_access, + create_options, + flags, + unx_mode, + oplock_request, + id, + sd, + new_dos_attributes, + granted_oplock); + + if (fsp->fh->fd == -1) { + if (errno == EMFILE) { + static time_t last_warned = 0L; + + if (time((time_t *) NULL) > last_warned) { + DEBUG(0, ("Too many open files, unable " + "to open more! smbd's max " + "open files = %d, also check " + "sysctl kern.maxfiles and " + "sysctl kern.maxfilesperproc\n", + lp_max_open_files())); + last_warned = time((time_t *) NULL); } + } - /* Change the owner if required. */ - if (lp_inherit_owner(SNUM(conn))) { - change_file_owner_to_parent(conn, parent_dir, - fsp); - } + status = map_nt_error_from_unix(errno); + DEBUG(3,("Error opening file %s (%s) (local_flags=%d) " + "(flags=%d)\n", + path,nt_errstr(status),local_flags,flags)); + return status; + } + + if ((local_flags & O_CREAT) && !file_existed) { - notify_fname(conn, NOTIFY_ACTION_ADDED, - FILE_NOTIFY_CHANGE_FILE_NAME, path); + /* Inherit the ACL if required */ + if (lp_inherit_perms(SNUM(conn))) { + inherit_access_posix_acl(conn, parent_dir, path, + unx_mode); } - } else { - fsp->fh->fd = -1; /* What we used to call a stat open. */ - if (file_existed) { - status = check_open_rights(conn, - path, - access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_file: Access denied on " - "file %s\n", - path)); - return status; - } + /* Change the owner if required. */ + if (lp_inherit_owner(SNUM(conn))) { + change_file_owner_to_parent(conn, parent_dir, + fsp); } + + notify_fname(conn, NOTIFY_ACTION_ADDED, + FILE_NOTIFY_CHANGE_FILE_NAME, path); } if (!file_existed) { @@ -346,6 +396,7 @@ static void schedule_defer_open(struct share_mode_lock *lck, a 1 second delay for share mode conflicts. */ state.delayed_for_oplocks = True; + state.failed = False; state.id = lck->id; if (!request_timed_out(request_time, timeout)) { @@ -354,22 +405,21 @@ static void schedule_defer_open(struct share_mode_lock *lck, } /**************************************************************************** - Open a file with a share mode. Passed in an already created files_struct *. + Open a file with a share mode. Passed in an already created files_struct. ****************************************************************************/ - -static NTSTATUS open_file_ntcreate(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ - uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ - uint32 create_disposition, /* FILE_OPEN_IF etc. */ - uint32 create_options, /* options such as delete on close. */ - uint32 new_dos_attributes, /* attributes used for new file. */ - int oplock_request, /* internal Samba oplock codes. */ - /* Information (FILE_EXISTS etc.) */ - int *pinfo, - files_struct *fsp) +NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 new_dos_attributes, + int oplock_request, + struct security_descriptor *sd, + files_struct *fsp, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { int flags=0; int flags2=0; @@ -378,7 +428,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, bool posix_open = False; bool new_file_created = False; struct file_id id; - NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED; mode_t new_unx_mode = (mode_t)0; mode_t unx_mode = (mode_t)0; int info; @@ -391,6 +440,9 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, int ret_flock; char *parent_dir; const char *newname; + int granted_oplock; + uint64 oplock_waiter; + uint32 createfile_attributes = 0; ZERO_STRUCT(id); @@ -404,7 +456,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, *pinfo = FILE_WAS_CREATED; } - DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname)); + DEBUG(10, ("onefs_open_file_ntcreate: printer open fname=%s\n", + fname)); return print_fsp_open(req, conn, fname, req->vuid, fsp); } @@ -425,13 +478,13 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, parent_dir); } - DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x " - "access_mask=0x%x share_access=0x%x " - "create_disposition = 0x%x create_options=0x%x " - "unix mode=0%o oplock_request=%d\n", - fname, new_dos_attributes, access_mask, share_access, - create_disposition, create_options, unx_mode, - oplock_request)); + DEBUG(10,("onefs_open_file_ntcreate: fname=%s, dos_attrs=0x%x " + "access_mask=0x%x share_access=0x%x " + "create_disposition = 0x%x create_options=0x%x " + "unix mode=0%o oplock_request=0x%x\n", + fname, new_dos_attributes, access_mask, share_access, + create_disposition, create_options, unx_mode, + oplock_request)); if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) { DEBUG(0, ("No smb request but not an internal only open!\n")); @@ -465,6 +518,17 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* Ensure we don't reprocess this message. */ remove_deferred_open_smb_message(req->mid); + + /* + * When receiving a semlock_async_failure message, the + * deferred open will be marked as "failed". Returning + * INTERNAL_ERROR. + */ + if (state->failed) { + DEBUG(0, ("onefs_open_file_ntcreate: " + "semlock_async_failure detected!\n")); + return NT_STATUS_INTERNAL_ERROR; + } } status = check_name(conn, fname); @@ -479,7 +543,13 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } } - /* ignore any oplock requests if oplocks are disabled */ + /* Setup dos_attributes to be set by ifs_createfile */ + if (lp_store_dos_attributes(SNUM(conn))) { + createfile_attributes = (new_dos_attributes | aARCH) & + ~(FILE_ATTRIBUTE_NONINDEXED | FILE_ATTRIBUTE_COMPRESSED); + } + + /* Ignore oplock requests if oplocks are disabled. */ if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break || IS_VETO_OPLOCK_PATH(conn, fname)) { /* Mask off everything except the private Samba bits. */ @@ -490,8 +560,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) { /* OS/2 Workplace shell fix may be main code stream in a later * release. */ - DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not " - "supported.\n")); + DEBUG(5,("onefs_open_file_ntcreate: OS/2 long filenames are " + "not supported.\n")); if (use_nt_status()) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -508,6 +578,14 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, case FILE_SUPERSEDE: /* If file exists replace/overwrite. If file doesn't * exist create. */ + /** + * @todo: Clear all file attributes? + * http://www.osronline.com/article.cfm?article=302 + * create if not exist, trunc if exist + * + * If file exists replace/overwrite. If file doesn't + * exist create. + */ flags2 |= (O_CREAT | O_TRUNC); break; @@ -520,7 +598,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, case FILE_OPEN: /* If file exists open. If file doesn't exist error. */ if (!file_existed) { - DEBUG(5,("open_file_ntcreate: FILE_OPEN " + DEBUG(5,("onefs_open_file_ntcreate: FILE_OPEN " "requested for file %s and file " "doesn't exist.\n", fname )); errno = ENOENT; @@ -532,9 +610,10 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* If file exists overwrite. If file doesn't exist * error. */ if (!file_existed) { - DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE " - "requested for file %s and file " - "doesn't exist.\n", fname )); + DEBUG(5, ("onefs_open_file_ntcreate: " + "FILE_OVERWRITE requested for file " + "%s and file doesn't exist.\n", + fname)); errno = ENOENT; return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -545,9 +624,10 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* If file exists error. If file doesn't exist * create. */ if (file_existed) { - DEBUG(5,("open_file_ntcreate: FILE_CREATE " - "requested for file %s and file " - "already exists.\n", fname )); + DEBUG(5, ("onefs_open_file_ntcreate: " + "FILE_CREATE requested for file %s " + "and file already exists.\n", + fname)); if (S_ISDIR(psbuf->st_mode)) { errno = EISDIR; } else { @@ -568,45 +648,47 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, return NT_STATUS_INVALID_PARAMETER; } - /* We only care about matching attributes on file exists and - * overwrite. */ - - if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) || - (create_disposition == FILE_OVERWRITE_IF))) { + /* Match attributes on file exists and overwrite. */ + if (!posix_open && file_existed && + ((create_disposition == FILE_OVERWRITE) || + (create_disposition == FILE_OVERWRITE_IF))) { if (!open_match_attributes(conn, fname, existing_dos_attributes, new_dos_attributes, psbuf->st_mode, unx_mode, &new_unx_mode)) { - DEBUG(5,("open_file_ntcreate: attributes missmatch " - "for file %s (%x %x) (0%o, 0%o)\n", - fname, existing_dos_attributes, - new_dos_attributes, - (unsigned int)psbuf->st_mode, - (unsigned int)unx_mode )); + DEBUG(5, ("onefs_open_file_ntcreate: attributes " + "missmatch for file %s (%x %x) (0%o, 0%o)\n", + fname, existing_dos_attributes, + new_dos_attributes, + (unsigned int)psbuf->st_mode, + (unsigned int)unx_mode )); errno = EACCES; return NT_STATUS_ACCESS_DENIED; } } - status = calculate_access_mask(conn, fname, file_existed, - access_mask, - &access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_file_ntcreate: calculate_access_mask " - "on file %s returned %s\n", - fname, - nt_errstr(status))); - return status; + /* + * OneFS understands MAXIMUM_ALLOWED_ACCESS, so only hack the + * access_mask, but leave the MAA for the actual open in + * open_access_mask. + */ + open_access_mask = access_mask; + if (open_access_mask & MAXIMUM_ALLOWED_ACCESS) { + access_mask |= FILE_GENERIC_ALL; } - open_access_mask = access_mask; + /* Convert GENERIC bits to specific bits. */ + se_map_generic(&access_mask, &file_generic_mapping); + se_map_generic(&open_access_mask, &file_generic_mapping); if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { - open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */ + /* This will cause oplock breaks. */ + open_access_mask |= FILE_WRITE_DATA; } - DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping " - "access_mask=0x%x\n", fname, access_mask )); + DEBUG(10, ("onefs_open_file_ntcreate: fname=%s, after mapping " + "open_access_mask=%#x, access_mask=0x%x\n", + fname, open_access_mask, access_mask)); /* * Note that we ignore the append flag as append does not @@ -614,12 +696,31 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, */ if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) || - (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { - /* DENY_DOS opens are always underlying read-write on the - file handle, no matter what the requested access mask - says. */ - if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) || - access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) { + (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { + + /* + * DENY_DOS opens are always underlying read-write on the + * file handle, no matter what the requested access mask + * says. Stock samba just sets the flags, but since + * ifs_createfile uses the access_mask, it must be updated as + * well. This allows BASE-DENY* to pass. + */ + if (create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) { + + DEBUG(10,("onefs_open_file_ntcreate: deny_dos: " + "Adding O_RDWR to flags " + "(0x%x) and some READ bits to " + "open_access_mask (0x%x)\n", + flags, open_access_mask)); + + flags = O_RDWR; + open_access_mask |= (FILE_READ_ATTRIBUTES | + FILE_READ_DATA | FILE_READ_EA | FILE_EXECUTE); + + } else if (access_mask & (FILE_READ_ATTRIBUTES | + FILE_READ_DATA | + FILE_READ_EA | + FILE_EXECUTE)) { flags = O_RDWR; } else { flags = O_WRONLY; @@ -628,12 +729,10 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, flags = O_RDONLY; } - /* - * Currently we only look at FILE_WRITE_THROUGH for create options. - */ - + /* Currently we only look at FILE_WRITE_THROUGH for create options. */ #if defined(O_SYNC) - if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) { + if ((create_options & FILE_WRITE_THROUGH) && + lp_strict_sync(SNUM(conn))) { flags2 |= O_SYNC; } #endif /* O_SYNC */ @@ -649,21 +748,36 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, * older versions of Samba we just AND them out. */ flags2 &= ~(O_CREAT|O_TRUNC); - } - /* - * Ensure we can't write on a read-only share or file. - */ + /** + * XXX: TODO + * Apparently this is necessary because we ship with + * lp_acl_check_permissions = no. It is set to no because our + * ifs_createfile does the access check correctly. This check + * was added in the last merge, and the question is why is it + * necessary? Check out Bug 25547 and Bug 14596. The key is + * to figure out what case this is covering, and do some + * testing to see if it's actually necessary. If it is, maybe + * it should go upstream in open.c. + */ + if (!lp_acl_check_permissions(SNUM(conn)) && + (access_mask & DELETE_ACCESS)) { + return map_nt_error_from_unix(EACCES); + } + } + /* Ensure we can't write on a read-only share or file. */ if (flags != O_RDONLY && file_existed && (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) { - DEBUG(5,("open_file_ntcreate: write access requested for " - "file %s on read only %s\n", - fname, !CAN_WRITE(conn) ? "share" : "file" )); + DEBUG(5, ("onefs_open_file_ntcreate: write access requested " + "for file %s on read only %s\n", + fname, !CAN_WRITE(conn) ? "share" : "file" )); errno = EACCES; return NT_STATUS_ACCESS_DENIED; } + DEBUG(10, ("fsp = %p\n", fsp)); + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); fsp->share_access = share_access; fsp->fh->private_options = create_options; @@ -692,57 +806,124 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - /* First pass - send break only on batch oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 1, - oplock_request)) { - schedule_defer_open(lck, request_time, req); + if (lck->delete_on_close) { + /* DELETE_PENDING is not deferred for a second */ TALLOC_FREE(lck); - return NT_STATUS_SHARING_VIOLATION; + return NT_STATUS_DELETE_PENDING; } + } - /* Use the client requested access mask here, not the one we - * open with. */ - status = open_mode_check(conn, fname, lck, - access_mask, share_access, - create_options, &file_existed); + SMB_ASSERT(!file_existed || (lck != NULL)); - if (NT_STATUS_IS_OK(status)) { - /* We might be going to allow this open. Check oplock - * status again. */ - /* Second pass - send break for both batch or - * exclusive oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 2, - oplock_request)) { - schedule_defer_open(lck, request_time, req); - TALLOC_FREE(lck); - return NT_STATUS_SHARING_VIOLATION; - } - } + /* + * Ensure we pay attention to default ACLs on directories. May be + * neccessary depending on ACL policies. + */ + if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) && + (def_acl = directory_has_default_acl(conn, parent_dir))) { + unx_mode = 0777; + } - if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) { - /* DELETE_PENDING is not deferred for a second */ - TALLOC_FREE(lck); - return status; + DEBUG(4,("calling onefs_open_file with flags=0x%X flags2=0x%X " + "mode=0%o, access_mask = 0x%x, open_access_mask = 0x%x\n", + (unsigned int)flags, (unsigned int)flags2, + (unsigned int)unx_mode, (unsigned int)access_mask, + (unsigned int)open_access_mask)); + + oplock_waiter = 1; //ifs_oplock_wait_record(mid); + + if (oplock_waiter == 0) { + return NT_STATUS_NO_MEMORY; + } + + /* Do the open. */ + status = onefs_open_file(fsp, + conn, + req, + parent_dir, + newname, + fname, + psbuf, + flags|flags2, + unx_mode, + access_mask, + open_access_mask, + fsp->oplock_type, + oplock_waiter, + share_access, + create_options, + createfile_attributes, + sd, + &granted_oplock); + + if (!NT_STATUS_IS_OK(status)) { + + /* OneFS Oplock Handling */ + if (errno == EINPROGRESS) { + + if (lck == NULL) { + + struct deferred_open_record state; + struct timespec old_write_time; + + old_write_time = get_mtimespec(psbuf); + + DEBUG(3, ("Someone created file %s with an " + "oplock after we looked: Retrying\n", + fname)); + /* + * We hit the race that when we did the stat + * on the file it did not exist, and someone + * has created it in between the stat and the + * open_file() call. Just retry immediately. + */ + id = vfs_file_id_from_sbuf(conn, psbuf); + if (!(lck = get_share_mode_lock(talloc_tos(), + id, conn->connectpath, fname, + &old_write_time))) { + /* + * Emergency exit + */ + DEBUG(0, ("onefs_open_file_ntcreate: " + "Could not get share mode " + "lock for %s\n", fname)); + status = NT_STATUS_SHARING_VIOLATION; + goto cleanup_destroy; + } + + state.delayed_for_oplocks = False; + state.id = id; + + if (req != NULL) { + defer_open(lck, request_time, + timeval_zero(), req, &state); + } + goto cleanup_destroy; + } + /* Waiting for an oplock */ + SMB_ASSERT(req); + schedule_defer_open(lck, request_time, req); + goto cleanup; } - if (!NT_STATUS_IS_OK(status)) { + /* Check for a sharing violation */ + if ((errno == EAGAIN) || (errno == EWOULDBLOCK)) { uint32 can_access_mask; bool can_access = True; - SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)); - /* Check if this can be done with the deny_dos and fcb * calls. */ + + /* Try to find dup fsp if possible. */ if (create_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS| NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) { + if (req == NULL) { DEBUG(0, ("DOS open without an SMB " "request!\n")); - TALLOC_FREE(lck); - return NT_STATUS_INTERNAL_ERROR; + status = NT_STATUS_INTERNAL_ERROR; + goto cleanup_destroy; } /* Use the client requested access mask here, @@ -763,7 +944,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if (pinfo) { *pinfo = FILE_WAS_OPENED; } - return NT_STATUS_OK; + status = NT_STATUS_OK; + goto cleanup; } } @@ -794,7 +976,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, * If we're returning a share violation, ensure we * cope with the braindead 1 second delay. */ - if (!(oplock_request & INTERNAL_OPEN_ONLY) && lp_defer_sharing_violations()) { struct timeval timeout; @@ -804,26 +985,30 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* this is a hack to speed up torture tests in 'make test' */ timeout_usecs = lp_parm_int(SNUM(conn), - "smbd","sharedelay", - SHARING_VIOLATION_USEC_WAIT); - - /* This is a relative time, added to the absolute - request_time value to get the absolute timeout time. - Note that if this is the second or greater time we enter - this codepath for this particular request mid then - request_time is left as the absolute time of the *first* - time this request mid was processed. This is what allows - the request to eventually time out. */ + "smbd","sharedelay", + SHARING_VIOLATION_USEC_WAIT); + + /* This is a relative time, added to the + absolute request_time value to get the + absolute timeout time. Note that if this + is the second or greater time we enter this + codepath for this particular request mid + then request_time is left as the absolute + time of the *first* time this request mid + was processed. This is what allows the + request to eventually time out. */ timeout = timeval_set(0, timeout_usecs); - /* Nothing actually uses state.delayed_for_oplocks - but it's handy to differentiate in debug messages - between a 30 second delay due to oplock break, and - a 1 second delay for share mode conflicts. */ + /* Nothing actually uses + state.delayed_for_oplocks but it's handy to + differentiate in debug messages between a + 30 second delay due to oplock break, and a + 1 second delay for share mode conflicts. */ state.delayed_for_oplocks = False; state.id = id; + state.failed = false; if ((req != NULL) && !request_timed_out(request_time, @@ -833,7 +1018,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } } - TALLOC_FREE(lck); if (can_access) { /* * We have detected a sharing violation here @@ -843,45 +1027,25 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } else { status = NT_STATUS_ACCESS_DENIED; } - return status; + + goto cleanup_destroy; } /* - * We exit this block with the share entry *locked*..... + * Normal error, for example EACCES */ + cleanup_destroy: + //destroy_ifs_callback_record(oplock_waiter); + cleanup: + TALLOC_FREE(lck); + return status; } - SMB_ASSERT(!file_existed || (lck != NULL)); - - /* - * Ensure we pay attention to default ACLs on directories if required. - */ - - if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) && - (def_acl = directory_has_default_acl(conn, parent_dir))) { - unx_mode = 0777; - } - - DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, " - "access_mask = 0x%x, open_access_mask = 0x%x\n", - (unsigned int)flags, (unsigned int)flags2, - (unsigned int)unx_mode, (unsigned int)access_mask, - (unsigned int)open_access_mask)); - - /* - * open_file strips any O_TRUNC flags itself. - */ - - fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf, - flags|flags2, unx_mode, access_mask, - open_access_mask); + fsp->oplock_type = granted_oplock; - if (!NT_STATUS_IS_OK(fsp_open)) { - if (lck != NULL) { - TALLOC_FREE(lck); - } - return fsp_open; - } + /* XXX uncomment for oplocks */ + //ifs_set_oplock_callback(oplock_waiter, fsp); + //fsp->oplock_callback_id = oplock_waiter; if (!file_existed) { struct timespec old_write_time = get_mtimespec(psbuf); @@ -907,39 +1071,14 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, fname, &old_write_time); if (lck == NULL) { - DEBUG(0, ("open_file_ntcreate: Could not get share " - "mode lock for %s\n", fname)); + DEBUG(0, ("onefs_open_file_ntcreate: Could not get " + "share mode lock for %s\n", fname)); fd_close(fsp); return NT_STATUS_SHARING_VIOLATION; } - /* First pass - send break only on batch oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 1, - oplock_request)) { - schedule_defer_open(lck, request_time, req); - TALLOC_FREE(lck); - fd_close(fsp); - return NT_STATUS_SHARING_VIOLATION; - } - - status = open_mode_check(conn, fname, lck, - access_mask, share_access, - create_options, &file_existed); - - if (NT_STATUS_IS_OK(status)) { - /* We might be going to allow this open. Check oplock - * status again. */ - /* Second pass - send break for both batch or - * exclusive oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 2, - oplock_request)) { - schedule_defer_open(lck, request_time, req); - TALLOC_FREE(lck); - fd_close(fsp); - return NT_STATUS_SHARING_VIOLATION; - } + if (lck->delete_on_close) { + status = NT_STATUS_DELETE_PENDING; } if (!NT_STATUS_IS_OK(status)) { @@ -987,7 +1126,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, TALLOC_FREE(lck); fd_close(fsp); - return NT_STATUS_SHARING_VIOLATION; } } @@ -998,24 +1136,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, * deny mode is compatible with all current opens. */ - /* - * If requested, truncate the file. - */ - - if (flags2&O_TRUNC) { - /* - * We are modifing the file after open - update the stat - * struct.. - */ - if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) || - (SMB_VFS_FSTAT(fsp, psbuf)==-1)) { - status = map_nt_error_from_unix(errno); - TALLOC_FREE(lck); - fd_close(fsp); - return status; - } - } - /* Record the options we were opened with. */ fsp->share_access = share_access; fsp->fh->private_options = create_options; @@ -1056,16 +1176,16 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } } - if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) { + if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || + info == FILE_WAS_SUPERSEDED) { new_file_created = True; } set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, - fsp->oplock_type); + fsp->oplock_type, true); /* Handle strange delete on close create semantics. */ if (create_options & FILE_DELETE_ON_CLOSE) { - status = can_set_delete_on_close(fsp, True, new_dos_attributes); if (!NT_STATUS_IS_OK(status)) { @@ -1080,30 +1200,13 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, fsp->initial_delete_on_close = True; } - if (new_file_created) { - /* Files should be initially set as archive */ - if (lp_map_archive(SNUM(conn)) || - lp_store_dos_attributes(SNUM(conn))) { - if (!posix_open) { - SMB_STRUCT_STAT tmp_sbuf; - SET_STAT_INVALID(tmp_sbuf); - if (file_set_dosmode( - conn, fname, - new_dos_attributes | aARCH, - &tmp_sbuf, parent_dir, - true) == 0) { - unx_mode = tmp_sbuf.st_mode; - } - } - } - } - /* * Take care of inherited ACLs on created files - if default ACL not * selected. + * May be necessary depending on acl policies. */ - - if (!posix_open && !file_existed && !def_acl) { + if (!posix_open && !file_existed && !def_acl && !(VALID_STAT(*psbuf) + && (psbuf->st_flags & SF_HASNTFSACL))) { int saved_errno = errno; /* We might get ENOSYS in the next * call.. */ @@ -1127,7 +1230,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if (ret == -1 && errno == ENOSYS) { errno = saved_errno; /* Ignore ENOSYS */ } else { - DEBUG(5, ("open_file_ntcreate: reset " + DEBUG(5, ("onefs_open_file_ntcreate: reset " "attributes of file %s to 0%o\n", fname, (unsigned int)new_unx_mode)); ret = 0; /* Don't do the fchmod below. */ @@ -1136,7 +1239,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if ((ret == -1) && (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1)) - DEBUG(5, ("open_file_ntcreate: failed to reset " + DEBUG(5, ("onefs_open_file_ntcreate: failed to reset " "attributes of file %s to 0%o\n", fname, (unsigned int)new_unx_mode)); } @@ -1151,153 +1254,225 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, return NT_STATUS_OK; } + /**************************************************************************** Open a directory from an NT SMB call. ****************************************************************************/ - -static NTSTATUS open_directory(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, - uint32 share_access, - uint32 create_disposition, - uint32 create_options, - uint32 file_attributes, - int *pinfo, - files_struct **result) +static NTSTATUS onefs_open_directory(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 file_attributes, + struct security_descriptor *sd, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { files_struct *fsp = NULL; - bool dir_existed = VALID_STAT(*psbuf) ? True : False; struct share_mode_lock *lck = NULL; NTSTATUS status; struct timespec mtimespec; int info = 0; - - DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, " - "share_access = 0x%x create_options = 0x%x, " - "create_disposition = 0x%x, file_attributes = 0x%x\n", - fname, - (unsigned int)access_mask, - (unsigned int)share_access, - (unsigned int)create_options, - (unsigned int)create_disposition, - (unsigned int)file_attributes)); + char *parent_dir; + const char *dirname; + bool posix_open = false; + uint32 create_flags = 0; + uint32 mode = lp_dir_mask(SNUM(conn)); + + DEBUG(5, ("onefs_open_directory: opening directory %s, " + "access_mask = 0x%x, " + "share_access = 0x%x create_options = 0x%x, " + "create_disposition = 0x%x, file_attributes = 0x%x\n", + fname, (unsigned int)access_mask, (unsigned int)share_access, + (unsigned int)create_options, (unsigned int)create_disposition, + (unsigned int)file_attributes)); if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && - (conn->fs_capabilities & FILE_NAMED_STREAMS) && - is_ntfs_stream_name(fname)) { - DEBUG(2, ("open_directory: %s is a stream name!\n", fname)); + (conn->fs_capabilities & FILE_NAMED_STREAMS) && + is_ntfs_stream_name(fname)) { + DEBUG(2, ("onefs_open_directory: %s is a stream name!\n", fname)); return NT_STATUS_NOT_A_DIRECTORY; } - status = calculate_access_mask(conn, fname, dir_existed, - access_mask, - &access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_directory: calculate_access_mask " - "on file %s returned %s\n", - fname, - nt_errstr(status))); - return status; - } - - switch( create_disposition ) { + switch (create_disposition) { case FILE_OPEN: - + /* If directory exists open. If directory doesn't + * exist error. */ + create_flags = 0; info = FILE_WAS_OPENED; - - /* - * We want to follow symlinks here. - */ - - if (SMB_VFS_STAT(conn, fname, psbuf) != 0) { - return map_nt_error_from_unix(errno); - } - break; - case FILE_CREATE: - /* If directory exists error. If directory doesn't * exist create. */ - - status = mkdir_internal(conn, - fname, - file_attributes, - psbuf); - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("open_directory: unable to create " - "%s. Error was %s\n", fname, - nt_errstr(status))); - return status; - } - + create_flags = O_CREAT | O_EXCL; info = FILE_WAS_CREATED; break; - case FILE_OPEN_IF: - /* - * If directory exists open. If directory doesn't - * exist create. - */ - - status = mkdir_internal(conn, - fname, - file_attributes, - psbuf); - - if (NT_STATUS_IS_OK(status)) { - info = FILE_WAS_CREATED; - } - - if (NT_STATUS_EQUAL(status, - NT_STATUS_OBJECT_NAME_COLLISION)) { - info = FILE_WAS_OPENED; - status = NT_STATUS_OK; - } + /* If directory exists open. If directory doesn't + * exist create. */ + /* Note: in order to return whether the directory was + * opened or created, we first try to open and then try + * to create. */ + create_flags = 0; + info = FILE_WAS_OPENED; break; - case FILE_SUPERSEDE: case FILE_OVERWRITE: case FILE_OVERWRITE_IF: default: - DEBUG(5,("open_directory: invalid create_disposition " - "0x%x for directory %s\n", - (unsigned int)create_disposition, fname)); + DEBUG(5, ("onefs_open_directory: invalid " + "create_disposition 0x%x for directory %s\n", + (unsigned int)create_disposition, fname)); return NT_STATUS_INVALID_PARAMETER; } - if(!S_ISDIR(psbuf->st_mode)) { - DEBUG(5,("open_directory: %s is not a directory !\n", - fname )); - return NT_STATUS_NOT_A_DIRECTORY; + /* + * Check for write access to the share. Done in mkdir_internal() in + * mainline samba. + */ + if (!CAN_WRITE(conn) && (create_flags & O_CREAT)) { + return NT_STATUS_ACCESS_DENIED; } - if (info == FILE_WAS_OPENED) { - status = check_open_rights(conn, - fname, - access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_directory: check_open_rights on " - "file %s failed with %s\n", - fname, - nt_errstr(status))); - return status; - } + /* Get parent dirname */ + if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir, + &dirname)) { + return NT_STATUS_NO_MEMORY; } + if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { + posix_open = true; + mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS); + file_attributes = 0; + } else { + mode = unix_mode(conn, aDIR, fname, parent_dir); + } + + /* + * The NONINDEXED and COMPRESSED bits seem to always be cleared on + * directories, no matter if you specify that they should be set. + */ + file_attributes &= + ~(FILE_ATTRIBUTE_NONINDEXED | FILE_ATTRIBUTE_COMPRESSED); + status = file_new(req, conn, &fsp); if(!NT_STATUS_IS_OK(status)) { return status; } /* - * Setup the files_struct for it. + * Actual open with retry magic to handle FILE_OPEN_IF which is + * unique because the kernel won't tell us if the file was opened or + * created. */ + retry_open: + fsp->fh->fd = onefs_sys_create_file(conn, + -1, + fname, + access_mask, + access_mask, + share_access, + create_options, + create_flags | O_DIRECTORY, + mode, + 0, + 0, + sd, + file_attributes, + NULL); + + if (fsp->fh->fd == -1) { + DEBUG(3, ("Error opening %s. Errno=%d (%s).\n", fname, errno, + strerror(errno))); + SMB_ASSERT(errno != EINPROGRESS); + + if (create_disposition == FILE_OPEN_IF) { + if (errno == ENOENT) { + /* Try again, creating it this time. */ + create_flags = O_CREAT | O_EXCL; + info = FILE_WAS_CREATED; + goto retry_open; + } else if (errno == EEXIST) { + /* Uggh. Try again again. */ + create_flags = 0; + info = FILE_WAS_OPENED; + goto retry_open; + } + } + + /* Error cases below: */ + file_free(req, fsp); + + if ((errno == ENOENT) && (create_disposition == FILE_OPEN)) { + DEBUG(5,("onefs_open_directory: FILE_OPEN requested " + "for directory %s and it doesn't " + "exist.\n", fname )); + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } else if ((errno == EEXIST) && + (create_disposition == FILE_CREATE)) { + DEBUG(5,("onefs_open_directory: FILE_CREATE " + "requested for directory %s and it " + "already exists.\n", fname )); + return NT_STATUS_OBJECT_NAME_COLLISION; + } else if ((errno == EAGAIN) || (errno == EWOULDBLOCK)) { + /* Catch sharing violations. */ + return NT_STATUS_SHARING_VIOLATION; + } + + return map_nt_error_from_unix(errno); + } + + if (info == FILE_WAS_CREATED) { + + /* Pulled from mkdir_internal() */ + if (SMB_VFS_LSTAT(conn, fname, psbuf) == -1) { + DEBUG(2, ("Could not stat directory '%s' just " + "created: %s\n",fname, strerror(errno))); + return map_nt_error_from_unix(errno); + } + + if (!S_ISDIR(psbuf->st_mode)) { + DEBUG(0, ("Directory just '%s' created is not a " + "directory\n", fname)); + return NT_STATUS_ACCESS_DENIED; + } + + if (!posix_open) { + /* + * Check if high bits should have been set, then (if + * bits are missing): add them. Consider bits + * automagically set by UNIX, i.e. SGID bit from + * parent dir. + */ + if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && + (mode & ~psbuf->st_mode)) { + SMB_VFS_CHMOD(conn, fname, (psbuf->st_mode | + (mode & ~psbuf->st_mode))); + } + } + + /* Change the owner if required. */ + if (lp_inherit_owner(SNUM(conn))) { + change_dir_owner_to_parent(conn, parent_dir, fname, + psbuf); + } + + notify_fname(conn, NOTIFY_ACTION_ADDED, + FILE_NOTIFY_CHANGE_DIR_NAME, fname); + } + + /* Stat the fd for Samba bookkeeping. */ + if(SMB_VFS_FSTAT(fsp, psbuf) != 0) { + fd_close(fsp); + file_free(req, fsp); + return map_nt_error_from_unix(errno); + } + /* Setup the files_struct for it. */ fsp->mode = psbuf->st_mode; fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); fsp->vuid = req ? req->vuid : UID_FIELD_INVALID; @@ -1317,40 +1492,48 @@ static NTSTATUS open_directory(connection_struct *conn, fsp->oplock_type = NO_OPLOCK; fsp->sent_oplock_break = NO_BREAK_SENT; fsp->is_directory = True; - fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False; + fsp->posix_open = posix_open; string_set(&fsp->fsp_name,fname); mtimespec = get_mtimespec(psbuf); + /* + * Still set the samba share mode lock for correct delete-on-close + * semantics and to make smbstatus more useful. + */ lck = get_share_mode_lock(talloc_tos(), fsp->file_id, conn->connectpath, fname, &mtimespec); if (lck == NULL) { - DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname)); + DEBUG(0, ("onefs_open_directory: Could not get share mode " + "lock for %s\n", fname)); + fd_close(fsp); file_free(req, fsp); return NT_STATUS_SHARING_VIOLATION; } - status = open_mode_check(conn, fname, lck, - access_mask, share_access, - create_options, &dir_existed); - - if (!NT_STATUS_IS_OK(status)) { + if (lck->delete_on_close) { TALLOC_FREE(lck); + fd_close(fsp); file_free(req, fsp); - return status; + return NT_STATUS_DELETE_PENDING; } - set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK, + true); - /* For directories the delete on close bit at open time seems - always to be honored on close... See test 19 in Samba4 BASE-DELETE. */ + /* + * For directories the delete on close bit at open time seems + * always to be honored on close... See test 19 in Samba4 BASE-DELETE. + */ if (create_options & FILE_DELETE_ON_CLOSE) { status = can_set_delete_on_close(fsp, True, 0); - if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) { + if (!NT_STATUS_IS_OK(status) && + !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) { TALLOC_FREE(lck); + fd_close(fsp); file_free(req, fsp); return status; } @@ -1436,7 +1619,7 @@ static NTSTATUS open_streams_for_delete(connection_struct *conn, goto fail; } - status = create_file_unixpath + status = onefs_create_file_unixpath (conn, /* conn */ NULL, /* req */ streamname, /* fname */ @@ -1483,25 +1666,23 @@ static NTSTATUS open_streams_for_delete(connection_struct *conn, } /* - * Wrapper around open_file_ntcreate and open_directory + * Wrapper around onefs_open_file_ntcreate and onefs_open_directory. */ - -static NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) +static NTSTATUS onefs_create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { SMB_STRUCT_STAT sbuf; int info = FILE_WAS_OPENED; @@ -1509,7 +1690,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, files_struct *fsp = NULL; NTSTATUS status; - DEBUG(10,("create_file_unixpath: access_mask = 0x%x " + DEBUG(10,("onefs_create_file_unixpath: access_mask = 0x%x " "file_attributes = 0x%x, share_access = 0x%x, " "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, " @@ -1559,34 +1740,6 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } } - /* This is the correct thing to do (check every time) but can_delete - * is expensive (it may have to read the parent directory - * permissions). So for now we're not doing it unless we have a strong - * hint the client is really going to delete this file. If the client - * is forcing FILE_CREATE let the filesystem take care of the - * permissions. */ - - /* Setting FILE_SHARE_DELETE is the hint. */ - - if (lp_acl_check_permissions(SNUM(conn)) - && (create_disposition != FILE_CREATE) - && (share_access & FILE_SHARE_DELETE) - && (access_mask & DELETE_ACCESS) - && (!can_delete_file_in_directory(conn, fname))) { - status = NT_STATUS_ACCESS_DENIED; - goto fail; - } - -#if 0 - /* We need to support SeSecurityPrivilege for this. */ - if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) && - !user_has_privileges(current_user.nt_user_token, - &se_security)) { - status = NT_STATUS_PRIVILEGE_NOT_HELD; - goto fail; - } -#endif - if ((conn->fs_capabilities & FILE_NAMED_STREAMS) && is_ntfs_stream_name(fname) && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) { @@ -1601,9 +1754,9 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, status = split_ntfs_stream_name(talloc_tos(), fname, &base, NULL); if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("create_file_unixpath: " - "split_ntfs_stream_name failed: %s\n", - nt_errstr(status))); + DEBUG(10, ("onefs_create_file_unixpath: " + "split_ntfs_stream_name failed: %s\n", + nt_errstr(status))); goto fail; } @@ -1618,22 +1771,43 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, break; } - status = create_file_unixpath(conn, NULL, base, 0, - FILE_SHARE_READ - | FILE_SHARE_WRITE - | FILE_SHARE_DELETE, - base_create_disposition, - 0, 0, 0, 0, NULL, NULL, - &base_fsp, NULL, NULL); + status = onefs_create_file_unixpath( + conn, /* conn */ + NULL, /* req */ + base, /* fname */ + 0, /* access_mask */ + (FILE_SHARE_READ | + FILE_SHARE_WRITE | + FILE_SHARE_DELETE), /* share_access */ + base_create_disposition, /* create_disposition*/ + 0, /* create_options */ + 0, /* file_attributes */ + NO_OPLOCK, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &base_fsp, /* result */ + NULL, /* pinfo */ + NULL); /* psbuf */ + if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("create_file_unixpath for base %s failed: " - "%s\n", base, nt_errstr(status))); + DEBUG(10, ("onefs_create_file_unixpath for base %s " + "failed: %s\n", base, nt_errstr(status))); goto fail; } - /* we don't need to low level fd */ + /* + * we don't need to low level fd: This might conflict with + * OneFS streams. + */ fd_close(base_fsp); } + /* Covert generic bits in the security descriptor. */ + if (sd != NULL) { + security_acl_map_generic(sd->dacl, &file_generic_mapping); + security_acl_map_generic(sd->sacl, &file_generic_mapping); + } + /* * If it's a request for a directory open, deal with it separately. */ @@ -1658,11 +1832,19 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, * CreateDirectory() call. */ - oplock_request = 0; - status = open_directory( - conn, req, fname, &sbuf, access_mask, share_access, - create_disposition, create_options, file_attributes, - &info, &fsp); + status = onefs_open_directory( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + sd, /* sd */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ } else { /* @@ -1682,18 +1864,20 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, fsp->base_fsp = base_fsp; } - status = open_file_ntcreate(conn, - req, - fname, - &sbuf, - access_mask, - share_access, - create_disposition, - create_options, - file_attributes, - oplock_request, - &info, - fsp); + status = onefs_open_file_ntcreate( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + sd, /* sd */ + fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if(!NT_STATUS_IS_OK(status)) { file_free(req, fsp); @@ -1719,12 +1903,21 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, goto fail; } - oplock_request = 0; - status = open_directory( - conn, req, fname, &sbuf, access_mask, - share_access, create_disposition, - create_options, file_attributes, - &info, &fsp); + create_options |= FILE_DIRECTORY_FILE; + + status = onefs_open_directory( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + sd, /* sd */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ } } @@ -1734,44 +1927,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, fsp->base_fsp = base_fsp; - /* - * According to the MS documentation, the only time the security - * descriptor is applied to the opened file is iff we *created* the - * file; an existing file stays the same. - * - * Also, it seems (from observation) that you can open the file with - * any access mask but you can still write the sd. We need to override - * the granted access before we call set_sd - * Patch for bug #2242 from Tom Lackemann . - */ - - if ((sd != NULL) && (info == FILE_WAS_CREATED) - && lp_nt_acl_support(SNUM(conn))) { - - uint32_t sec_info_sent; - uint32_t saved_access_mask = fsp->access_mask; - - sec_info_sent = get_sec_info(sd); - - fsp->access_mask = FILE_GENERIC_ALL; - - /* Convert all the generic bits. */ - security_acl_map_generic(sd->dacl, &file_generic_mapping); - security_acl_map_generic(sd->sacl, &file_generic_mapping); - - if (sec_info_sent & (OWNER_SECURITY_INFORMATION| - GROUP_SECURITY_INFORMATION| - DACL_SECURITY_INFORMATION| - SACL_SECURITY_INFORMATION)) { - status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd); - } - - fsp->access_mask = saved_access_mask; - - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } - } + SMB_ASSERT(fsp); if ((ea_list != NULL) && (info == FILE_WAS_CREATED)) { status = set_ea(conn, fsp, fname, ea_list); @@ -1807,7 +1963,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } } - DEBUG(10, ("create_file_unixpath: info=%d\n", info)); + DEBUG(10, ("onefs_create_file_unixpath: info=%d\n", info)); *result = fsp; if (pinfo != NULL) { @@ -1824,7 +1980,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, return NT_STATUS_OK; fail: - DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status))); + DEBUG(10, ("onefs_create_file_unixpath: %s\n", nt_errstr(status))); if (fsp != NULL) { if (base_fsp && fsp->base_fsp == base_fsp) { @@ -1843,32 +1999,36 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } return status; } -NTSTATUS create_file_default(connection_struct *conn, - struct smb_request *req, - uint16_t root_dir_fid, - const char *fname, - uint32_t create_file_flags, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) + +/** + * SMB_VFS_CREATE_FILE interface to onefs. + */ +NTSTATUS onefs_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t create_file_flags, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { + connection_struct *conn = handle->conn; struct case_semantics_state *case_state = NULL; SMB_STRUCT_STAT sbuf; int info = FILE_WAS_OPENED; files_struct *fsp = NULL; NTSTATUS status; - DEBUG(10,("create_file: access_mask = 0x%x " + DEBUG(10,("onefs_create_file: access_mask = 0x%x " "file_attributes = 0x%x, share_access = 0x%x, " "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x " @@ -1883,10 +2043,7 @@ NTSTATUS create_file_default(connection_struct *conn, (unsigned int)root_dir_fid, ea_list, sd, create_file_flags, fname)); - /* - * Calculate the filename from the root_dir_if if necessary. - */ - + /* Get the file name if root_dir_fid was specified. */ if (root_dir_fid != 0) { char *new_fname; @@ -1899,45 +2056,7 @@ NTSTATUS create_file_default(connection_struct *conn, fname = new_fname; } - /* - * Check to see if this is a mac fork of some kind. - */ - - if (is_ntfs_stream_name(fname)) { - enum FAKE_FILE_TYPE fake_file_type; - - fake_file_type = is_fake_file(fname); - - if (fake_file_type != FAKE_FILE_TYPE_NONE) { - - /* - * Here we go! support for changing the disk quotas - * --metze - * - * We need to fake up to open this MAGIC QUOTA file - * and return a valid FID. - * - * w2k close this file directly after openening xp - * also tries a QUERY_FILE_INFO on the file and then - * close it - */ - status = open_fake_file(req, conn, req->vuid, - fake_file_type, fname, - access_mask, &fsp); - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } - - ZERO_STRUCT(sbuf); - goto done; - } - - if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) { - status = NT_STATUS_OBJECT_PATH_NOT_FOUND; - goto fail; - } - } - + /* Resolve the file name if this was a DFS pathname. */ if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) { char *resolved_fname; @@ -1956,14 +2075,12 @@ NTSTATUS create_file_default(connection_struct *conn, fname = resolved_fname; } - /* - * Check if POSIX semantics are wanted. - */ - + /* Check if POSIX semantics are wanted. */ if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { case_state = set_posix_case_semantics(talloc_tos(), conn); } + /* Convert dos path to unix path if it hasn't already been done. */ if (create_file_flags & CFF_DOS_PATH) { char *converted_fname; @@ -1989,24 +2106,33 @@ NTSTATUS create_file_default(connection_struct *conn, TALLOC_FREE(case_state); /* All file access must go through check_name() */ - status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { goto fail; } - status = create_file_unixpath( - conn, req, fname, access_mask, share_access, - create_disposition, create_options, file_attributes, - oplock_request, allocation_size, sd, ea_list, - &fsp, &info, &sbuf); + status = onefs_create_file_unixpath( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + sd, /* sd */ + ea_list, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { goto fail; } - done: - DEBUG(10, ("create_file: info=%d\n", info)); + DEBUG(10, ("onefs_create_file: info=%d\n", info)); *result = fsp; if (pinfo != NULL) { @@ -2018,7 +2144,7 @@ NTSTATUS create_file_default(connection_struct *conn, return NT_STATUS_OK; fail: - DEBUG(10, ("create_file: %s\n", nt_errstr(status))); + DEBUG(10, ("onefs_create_file: %s\n", nt_errstr(status))); if (fsp != NULL) { close_file(req, fsp, ERROR_CLOSE); diff --git a/source3/modules/onefs_system.c b/source3/modules/onefs_system.c new file mode 100644 index 0000000000..485e7f56ac --- /dev/null +++ b/source3/modules/onefs_system.c @@ -0,0 +1,214 @@ +/* + * Unix SMB/CIFS implementation. + * Support for OneFS system interfaces. + * + * Copyright (C) Tim Prouty, 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include "onefs.h" + +#include +#include + +/* + * Initialize the sm_lock struct before passing it to ifs_createfile. + */ +static void smlock_init(connection_struct *conn, struct sm_lock *sml, + bool isexe, uint32_t access_mask, uint32_t share_access, + uint32_t create_options) +{ + sml->sm_type.doc = false; + sml->sm_type.isexe = isexe; + sml->sm_type.statonly = is_stat_open(access_mask); + sml->sm_type.access_mask = access_mask; + sml->sm_type.share_access = share_access; + + /* + * private_options was previously used for DENY_DOS/DENY_FCB checks in + * the kernel, but are now properly handled by fcb_or_dos_open. In + * these cases, ifs_createfile will return a sharing violation, which + * gives fcb_or_dos_open the chance to open a duplicate file handle. + */ + sml->sm_type.private_options = 0; + + /* 1 second delay is handled in onefs_open.c by deferring the open */ + sml->sm_timeout = timeval_set(0, 0); +} + +static void smlock_dump(int debuglevel, const struct sm_lock *sml) +{ + if (sml == NULL) { + DEBUG(debuglevel, ("sml == NULL\n")); + return; + } + + DEBUG(debuglevel, + ("smlock: doc=%s, isexec=%s, statonly=%s, access_mask=0x%x, " + "share_access=0x%x, private_options=0x%x timeout=%d/%d\n", + sml->sm_type.doc ? "True" : "False", + sml->sm_type.isexe ? "True" : "False", + sml->sm_type.statonly ? "True" : "False", + sml->sm_type.access_mask, + sml->sm_type.share_access, + sml->sm_type.private_options, + (int)sml->sm_timeout.tv_sec, + (int)sml->sm_timeout.tv_usec)); +} + +/* + * Return string value of onefs oplock types. + */ +static const char *onefs_oplock_str(enum oplock_type onefs_oplock_type) +{ + switch (onefs_oplock_type) { + case OPLOCK_NONE: + return "OPLOCK_NONE"; + case OPLOCK_EXCLUSIVE: + return "OPLOCK_EXCLUSIVE"; + case OPLOCK_BATCH: + return "OPLOCK_BATCH"; + case OPLOCK_SHARED: + return "OPLOCK_SHARED"; + default: + break; + } + return "UNKNOWN"; +} + +/* + * Convert from onefs to samba oplock. + */ +static int onefs_to_samba_oplock(enum oplock_type onefs_oplock) +{ + switch (onefs_oplock) { + case OPLOCK_NONE: + return NO_OPLOCK; + case OPLOCK_EXCLUSIVE: + return EXCLUSIVE_OPLOCK; + case OPLOCK_BATCH: + return BATCH_OPLOCK; + case OPLOCK_SHARED: + return LEVEL_II_OPLOCK; + default: + DEBUG(0, ("unknown oplock type %d found\n", onefs_oplock)); + break; + } + return NO_OPLOCK; +} + +/* + * Convert from samba to onefs oplock. + */ +static enum oplock_type samba_to_onefs_oplock(int samba_oplock_type) +{ + if (BATCH_OPLOCK_TYPE(samba_oplock_type)) return OPLOCK_BATCH; + if (EXCLUSIVE_OPLOCK_TYPE(samba_oplock_type)) return OPLOCK_EXCLUSIVE; + if (LEVEL_II_OPLOCK_TYPE(samba_oplock_type)) return OPLOCK_SHARED; + return OPLOCK_NONE; +} + +/** + * External interface to ifs_createfile + */ +int onefs_sys_create_file(connection_struct *conn, + int base_fd, + const char *path, + uint32_t access_mask, + uint32_t open_access_mask, + uint32_t share_access, + uint32_t create_options, + int flags, + mode_t mode, + int oplock_request, + uint64_t id, + struct security_descriptor *sd, + uint32_t dos_flags, + int *granted_oplock) +{ + struct sm_lock sml, *psml = NULL; + enum oplock_type onefs_oplock; + enum oplock_type onefs_granted_oplock = OPLOCK_NONE; + struct ifs_security_descriptor ifs_sd = {}, *pifs_sd = NULL; + int secinfo = 0; + int ret_fd = -1; + uint32_t onefs_dos_attributes; + + /* Setup security descriptor and get secinfo. */ + if (sd != NULL) { + NTSTATUS status; + + secinfo = (get_sec_info(sd) & IFS_SEC_INFO_KNOWN_MASK); + + status = onefs_setup_sd(secinfo, sd, &ifs_sd); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("SD initialization failure: %s", + nt_errstr(status))); + errno = EINVAL; + goto out; + } + + pifs_sd = &ifs_sd; + } + + onefs_oplock = samba_to_onefs_oplock(oplock_request); + + /* Temporary until oplock work is added to vfs_onefs */ + onefs_oplock = OPLOCK_NONE; + + /* Convert samba dos flags to UF_DOS_* attributes. */ + onefs_dos_attributes = dos_attributes_to_stat_dos_flags(dos_flags); + + DEBUG(10,("onefs_sys_create_file: base_fd = %d, " + "open_access_mask = 0x%x, flags = 0x%x, mode = 0x%x, " + "desired_oplock = %s, id = 0x%x, secinfo = 0x%x, sd = %p, " + "dos_attributes = 0x%x, path = %s\n", base_fd, + (unsigned int)open_access_mask, + (unsigned int)flags, + (unsigned int)mode, + onefs_oplock_str(onefs_oplock), + (unsigned int)id, + (unsigned int)secinfo, sd, + (unsigned int)onefs_dos_attributes, path)); + + /* Initialize smlock struct for files/dirs but not internal opens */ + if (!(oplock_request & INTERNAL_OPEN_ONLY)) { + smlock_init(conn, &sml, is_executable(path), access_mask, + share_access, create_options); + psml = &sml; + } + + smlock_dump(10, psml); + + ret_fd = ifs_createfile(base_fd, path, + (enum ifs_ace_rights)open_access_mask, flags & ~O_ACCMODE, mode, + onefs_oplock, id, psml, secinfo, pifs_sd, onefs_dos_attributes, + &onefs_granted_oplock); + + DEBUG(10,("onefs_sys_create_file(%s): ret_fd = %d, " + "onefs_granted_oplock = %s\n", + ret_fd < 0 ? strerror(errno) : "success", ret_fd, + onefs_oplock_str(onefs_granted_oplock))); + + if (granted_oplock) { + *granted_oplock = onefs_to_samba_oplock(onefs_granted_oplock); + } + + out: + aclu_free_sd(pifs_sd, false); + + return ret_fd; +} diff --git a/source3/modules/vfs_onefs.c b/source3/modules/vfs_onefs.c index 193a986cf6..b51858fbae 100644 --- a/source3/modules/vfs_onefs.c +++ b/source3/modules/vfs_onefs.c @@ -1,4 +1,5 @@ /* + * Unix SMB/CIFS implementation. * Support for OneFS * * Copyright (C) Tim Prouty, 2008 @@ -18,20 +19,32 @@ */ #include "includes.h" +#include "onefs.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_VFS -NTSTATUS onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info, SEC_DESC **ppdesc); - -NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, - uint32 security_info, SEC_DESC **ppdesc); +static int onefs_mkdir(vfs_handle_struct *handle, const char *path, + mode_t mode) +{ + DEBUG(0, ("SMB_VFS_MKDIR should never be called in vfs_onefs")); + return SMB_VFS_NEXT_MKDIR(handle, path, mode); +} -NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info_sent, SEC_DESC *psd); +static int onefs_open(vfs_handle_struct *handle, const char *fname, + files_struct *fsp, int flags, mode_t mode) +{ + DEBUG(0, ("SMB_VFS_OPEN should never be called in vfs_onefs")); + return SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode); +} static vfs_op_tuple onefs_ops[] = { + {SMB_VFS_OP(onefs_mkdir), SMB_VFS_OP_MKDIR, + SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(onefs_open), SMB_VFS_OP_OPEN, + SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(onefs_create_file), SMB_VFS_OP_CREATE_FILE, + SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(onefs_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(onefs_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, -- cgit From a5651848b26719b7f9c06fbc996a369a5d97461d Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sun, 7 Dec 2008 10:30:01 -0800 Subject: s3: [1/3] Fix a delete on close divergence from windows and the associated torture test smbtorture4's BASE-DELETE:deltest17 was failing against win2k8, win2k3, and winXPsp2 but passing against samba. deltest17 does the following: 1. open file -> file is created 2. closes file 3. open file with DOC -> fnum1 4. check that DOC is not reported as being set from fnum1 5. opens file again Read Only -> fnum2 6. check that DOC is not reported as being set from either file handle 7. close fnum1 (the file handle that requested DOC to be set) 8. check if DOC is reported as being set from fnum2 * This is where windows and samba begin to diverge. Windows reports that the DOC bit is set, while samba reports that it is not set. 9. close fnum2 (the last remaining open handle for the file) 10.See if the file has been deleted. * On samba the file still exists. On windows the file was deleted. The way open_file_ntcreate is written now, if an open has the DOC bit set on the wire, DOC (fsp->initial_delete_on_close) is not set unless: a. the open creates the file, or b. there is an open file handle with a share_entry in the struct lck that has the SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE bit set (let's call it SM_AIDOC). My understanding of SM_AIDOC is that it was added to differentiate between DOC being set on an open that creates a file vs an open that opens an existing. As described in step 8/10 above, it appears that windows does not make this differentiation. To resolve this issue there are three patches. This first patch is a simple proof of concept change that is sufficient to fix the bug. It removes the differentiation in open_file_ntcreate, and updates deltest17 to allow it to pass against win2k3/xp. This makes open_file_ntcreate more closely match the semantics in open_directory and rename_internals_fsp. This change also does not break any other tests in BASE-DELETE or "make test". Specifically test deltest20b which verifies the CIFSFS rename DOC semantics still passes :). --- source3/smbd/open.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 078b47a1a7..8882e5438b 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1984,10 +1984,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, fsp->oplock_type, new_file_created); /* Handle strange delete on close create semantics. */ - if ((create_options & FILE_DELETE_ON_CLOSE) - && (((conn->fs_capabilities & FILE_NAMED_STREAMS) - && is_ntfs_stream_name(fname)) - || can_set_initial_delete_on_close(lck))) { + if (create_options & FILE_DELETE_ON_CLOSE) { + status = can_set_delete_on_close(fsp, True, new_dos_attributes); if (!NT_STATUS_IS_OK(status)) { -- cgit From 7b9f6dda131f471ae61c12e7eb06d67b8f02b1cf Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sat, 6 Dec 2008 16:08:35 -0800 Subject: s3: [3/3]: Fix a delete on close divergence from windows and the associated torture test This third patch cleans up by removing all of the code that is made obsolete by the first patch. It should cause no functional changes. --- source3/include/proto.h | 4 +--- source3/include/smb.h | 1 - source3/locking/locking.c | 46 +------------------------------------------- source3/modules/onefs_open.c | 5 ++--- source3/smbd/open.c | 5 ++--- source3/smbd/reply.c | 2 -- 6 files changed, 6 insertions(+), 57 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index d0ad361701..2ba01b30ed 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3455,7 +3455,7 @@ bool is_valid_share_mode_entry(const struct share_mode_entry *e); bool is_deferred_open_entry(const struct share_mode_entry *e); bool is_unused_share_mode_entry(const struct share_mode_entry *e); void set_share_mode(struct share_mode_lock *lck, files_struct *fsp, - uid_t uid, uint16 mid, uint16 op_type, bool initial_delete_on_close_allowed); + uid_t uid, uint16 mid, uint16 op_type); void add_deferred_open(struct share_mode_lock *lck, uint16 mid, struct timeval request_time, struct file_id id); @@ -3465,11 +3465,9 @@ bool remove_share_oplock(struct share_mode_lock *lck, files_struct *fsp); bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp); NTSTATUS can_set_delete_on_close(files_struct *fsp, bool delete_on_close, uint32 dosmode); -bool can_set_initial_delete_on_close(const struct share_mode_lock *lck); void set_delete_on_close_token(struct share_mode_lock *lck, UNIX_USER_TOKEN *tok); void set_delete_on_close_lck(struct share_mode_lock *lck, bool delete_on_close, UNIX_USER_TOKEN *tok); bool set_delete_on_close(files_struct *fsp, bool delete_on_close, UNIX_USER_TOKEN *tok); -bool set_allow_initial_delete_on_close(struct share_mode_lock *lck, files_struct *fsp, bool delete_on_close); bool set_sticky_write_time(struct file_id fileid, struct timespec write_time); bool set_write_time(struct file_id fileid, struct timespec write_time); int share_mode_forall(void (*fn)(const struct share_mode_entry *, const char *, diff --git a/source3/include/smb.h b/source3/include/smb.h index 39673e1ff7..112b4e0f91 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -710,7 +710,6 @@ struct pending_message_list { }; #define SHARE_MODE_FLAG_POSIX_OPEN 0x1 -#define SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE 0x2 /* struct returned by get_share_modes */ struct share_mode_entry { diff --git a/source3/locking/locking.c b/source3/locking/locking.c index 33717f1bb9..a70f9d20fe 100644 --- a/source3/locking/locking.c +++ b/source3/locking/locking.c @@ -1067,13 +1067,10 @@ static void add_share_mode_entry(struct share_mode_lock *lck, } void set_share_mode(struct share_mode_lock *lck, files_struct *fsp, - uid_t uid, uint16 mid, uint16 op_type, bool initial_delete_on_close_allowed) + uid_t uid, uint16 mid, uint16 op_type) { struct share_mode_entry entry; fill_share_mode_entry(&entry, fsp, uid, mid, op_type); - if (initial_delete_on_close_allowed) { - entry.flags |= SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; - } add_share_mode_entry(lck, &entry); } @@ -1271,22 +1268,6 @@ NTSTATUS can_set_delete_on_close(files_struct *fsp, bool delete_on_close, return NT_STATUS_OK; } -/**************************************************************************** - Do we have an open file handle that created this entry ? -****************************************************************************/ - -bool can_set_initial_delete_on_close(const struct share_mode_lock *lck) -{ - int i; - - for (i=0; inum_share_modes; i++) { - if (lck->share_modes[i].flags & SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE) { - return True; - } - } - return False; -} - /************************************************************************* Return a talloced copy of a UNIX_USER_TOKEN. NULL on fail. (Should this be in locking.c.... ?). @@ -1380,31 +1361,6 @@ bool set_delete_on_close(files_struct *fsp, bool delete_on_close, UNIX_USER_TOKE return True; } -/**************************************************************************** - Sets the allow initial delete on close flag for this share mode. -****************************************************************************/ - -bool set_allow_initial_delete_on_close(struct share_mode_lock *lck, files_struct *fsp, bool delete_on_close) -{ - struct share_mode_entry entry, *e; - - /* Don't care about the pid owner being correct here - just a search. */ - fill_share_mode_entry(&entry, fsp, (uid_t)-1, 0, NO_OPLOCK); - - e = find_share_mode_entry(lck, &entry); - if (e == NULL) { - return False; - } - - if (delete_on_close) { - e->flags |= SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; - } else { - e->flags &= ~SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; - } - lck->modified = True; - return True; -} - bool set_sticky_write_time(struct file_id fileid, struct timespec write_time) { struct share_mode_lock *lck; diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c index bda5e7e91a..d0310d0174 100644 --- a/source3/modules/onefs_open.c +++ b/source3/modules/onefs_open.c @@ -1182,7 +1182,7 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, } set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, - fsp->oplock_type, true); + fsp->oplock_type); /* Handle strange delete on close create semantics. */ if (create_options & FILE_DELETE_ON_CLOSE) { @@ -1521,8 +1521,7 @@ static NTSTATUS onefs_open_directory(connection_struct *conn, return NT_STATUS_DELETE_PENDING; } - set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK, - true); + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); /* * For directories the delete on close bit at open time seems diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 8882e5438b..77ad1664ef 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1981,7 +1981,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, - fsp->oplock_type, new_file_created); + fsp->oplock_type); /* Handle strange delete on close create semantics. */ if (create_options & FILE_DELETE_ON_CLOSE) { @@ -2419,8 +2419,7 @@ static NTSTATUS open_directory(connection_struct *conn, return status; } - set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK, - True); + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); /* For directories the delete on close bit at open time seems always to be honored on close... See test 19 in Samba4 BASE-DELETE. */ diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00c744ce1a..9f7a1896b8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5583,8 +5583,6 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, * depends on these semantics. JRA. */ - set_allow_initial_delete_on_close(lck, fsp, True); - if (create_options & FILE_DELETE_ON_CLOSE) { status = can_set_delete_on_close(fsp, True, 0); -- cgit From e5804204901c7b376516e42a3a86d685236fd198 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 02:53:36 +0100 Subject: s3-build: re-run make samba3-idl. Guenther --- source3/librpc/gen_ndr/cli_netlogon.c | 32 +++- source3/librpc/gen_ndr/cli_netlogon.h | 15 +- source3/librpc/gen_ndr/ndr_netlogon.c | 344 ++++++++++++++++++++++++++++++++-- source3/librpc/gen_ndr/ndr_netlogon.h | 5 +- source3/librpc/gen_ndr/netlogon.h | 21 ++- source3/librpc/gen_ndr/srv_netlogon.c | 41 +++- source3/librpc/gen_ndr/srv_netlogon.h | 2 +- 7 files changed, 427 insertions(+), 33 deletions(-) (limited to 'source3') diff --git a/source3/librpc/gen_ndr/cli_netlogon.c b/source3/librpc/gen_ndr/cli_netlogon.c index 1af3249473..a1bcb2cb38 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.c +++ b/source3/librpc/gen_ndr/cli_netlogon.c @@ -2296,23 +2296,37 @@ NTSTATUS rpccli_netr_LogonSamLogonWithFlags(struct rpc_pipe_client *cli, return r.out.result; } -NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - WERROR *werror) +NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *server_name /* [in] [unique,charset(UTF16)] */, + const char *account_name /* [in] [ref,charset(UTF16)] */, + enum netr_SchannelType secure_channel_type /* [in] */, + const char *computer_name /* [in] [ref,charset(UTF16)] */, + struct netr_Authenticator *credential /* [in] [ref] */, + struct netr_Authenticator *return_authenticator /* [out] [ref] */, + struct samr_Password *new_owf_password /* [out] [ref] */, + struct samr_Password *old_owf_password /* [out] [ref] */, + struct netr_TrustInfo **trust_info /* [out] [ref] */, + WERROR *werror) { - struct netr_NETRSERVERGETTRUSTINFO r; + struct netr_ServerGetTrustInfo r; NTSTATUS status; /* In parameters */ + r.in.server_name = server_name; + r.in.account_name = account_name; + r.in.secure_channel_type = secure_channel_type; + r.in.computer_name = computer_name; + r.in.credential = credential; if (DEBUGLEVEL >= 10) { - NDR_PRINT_IN_DEBUG(netr_NETRSERVERGETTRUSTINFO, &r); + NDR_PRINT_IN_DEBUG(netr_ServerGetTrustInfo, &r); } status = cli_do_rpc_ndr(cli, mem_ctx, &ndr_table_netlogon, - NDR_NETR_NETRSERVERGETTRUSTINFO, + NDR_NETR_SERVERGETTRUSTINFO, &r); if (!NT_STATUS_IS_OK(status)) { @@ -2320,7 +2334,7 @@ NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, } if (DEBUGLEVEL >= 10) { - NDR_PRINT_OUT_DEBUG(netr_NETRSERVERGETTRUSTINFO, &r); + NDR_PRINT_OUT_DEBUG(netr_ServerGetTrustInfo, &r); } if (NT_STATUS_IS_ERR(status)) { @@ -2328,6 +2342,10 @@ NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, } /* Return variables */ + *return_authenticator = *r.out.return_authenticator; + *new_owf_password = *r.out.new_owf_password; + *old_owf_password = *r.out.old_owf_password; + *trust_info = *r.out.trust_info; /* Return result */ if (werror) { diff --git a/source3/librpc/gen_ndr/cli_netlogon.h b/source3/librpc/gen_ndr/cli_netlogon.h index 9f5eac15b2..7a2d43b3c1 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.h +++ b/source3/librpc/gen_ndr/cli_netlogon.h @@ -356,7 +356,16 @@ NTSTATUS rpccli_netr_LogonSamLogonWithFlags(struct rpc_pipe_client *cli, union netr_Validation *validation /* [out] [ref,switch_is(validation_level)] */, uint8_t *authoritative /* [out] [ref] */, uint32_t *flags /* [in,out] [ref] */); -NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - WERROR *werror); +NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *server_name /* [in] [unique,charset(UTF16)] */, + const char *account_name /* [in] [ref,charset(UTF16)] */, + enum netr_SchannelType secure_channel_type /* [in] */, + const char *computer_name /* [in] [ref,charset(UTF16)] */, + struct netr_Authenticator *credential /* [in] [ref] */, + struct netr_Authenticator *return_authenticator /* [out] [ref] */, + struct samr_Password *new_owf_password /* [out] [ref] */, + struct samr_Password *old_owf_password /* [out] [ref] */, + struct netr_TrustInfo **trust_info /* [out] [ref] */, + WERROR *werror); #endif /* __CLI_NETLOGON__ */ diff --git a/source3/librpc/gen_ndr/ndr_netlogon.c b/source3/librpc/gen_ndr/ndr_netlogon.c index c4102eba6e..af8228cd5a 100644 --- a/source3/librpc/gen_ndr/ndr_netlogon.c +++ b/source3/librpc/gen_ndr/ndr_netlogon.c @@ -8617,6 +8617,145 @@ _PUBLIC_ void ndr_print_DcSitesCtr(struct ndr_print *ndr, const char *name, cons ndr->depth--; } +static enum ndr_err_code ndr_push_netr_TrustInfo(struct ndr_push *ndr, int ndr_flags, const struct netr_TrustInfo *r) +{ + uint32_t cntr_data_1; + uint32_t cntr_entries_1; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->count)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->data)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->entry_count)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->entries)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->data) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->count)); + for (cntr_data_1 = 0; cntr_data_1 < r->count; cntr_data_1++) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->data[cntr_data_1])); + } + } + if (r->entries) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->count)); + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + } + } + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_pull_netr_TrustInfo(struct ndr_pull *ndr, int ndr_flags, struct netr_TrustInfo *r) +{ + uint32_t _ptr_data; + uint32_t cntr_data_1; + TALLOC_CTX *_mem_save_data_0; + TALLOC_CTX *_mem_save_data_1; + uint32_t _ptr_entries; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->count)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_data)); + if (_ptr_data) { + NDR_PULL_ALLOC(ndr, r->data); + } else { + r->data = NULL; + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->entry_count)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_entries)); + if (_ptr_entries) { + NDR_PULL_ALLOC(ndr, r->entries); + } else { + r->entries = NULL; + } + } + if (ndr_flags & NDR_BUFFERS) { + if (r->data) { + _mem_save_data_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); + NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); + _mem_save_data_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + for (cntr_data_1 = 0; cntr_data_1 < r->count; cntr_data_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->data[cntr_data_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_1, 0); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->entries) { + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); + NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_1, 0); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_0, 0); + } + if (r->data) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->data, r->count)); + } + if (r->entries) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->entries, r->count)); + } + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_netr_TrustInfo(struct ndr_print *ndr, const char *name, const struct netr_TrustInfo *r) +{ + uint32_t cntr_data_1; + uint32_t cntr_entries_1; + ndr_print_struct(ndr, name, "netr_TrustInfo"); + ndr->depth++; + ndr_print_uint32(ndr, "count", r->count); + ndr_print_ptr(ndr, "data", r->data); + ndr->depth++; + if (r->data) { + ndr->print(ndr, "%s: ARRAY(%d)", "data", (int)r->count); + ndr->depth++; + for (cntr_data_1=0;cntr_data_1count;cntr_data_1++) { + char *idx_1=NULL; + if (asprintf(&idx_1, "[%d]", cntr_data_1) != -1) { + ndr_print_uint32(ndr, "data", r->data[cntr_data_1]); + free(idx_1); + } + } + ndr->depth--; + } + ndr->depth--; + ndr_print_uint32(ndr, "entry_count", r->entry_count); + ndr_print_ptr(ndr, "entries", r->entries); + ndr->depth++; + if (r->entries) { + ndr->print(ndr, "%s: ARRAY(%d)", "entries", (int)r->count); + ndr->depth++; + for (cntr_entries_1=0;cntr_entries_1count;cntr_entries_1++) { + char *idx_1=NULL; + if (asprintf(&idx_1, "[%d]", cntr_entries_1) != -1) { + ndr_print_lsa_String(ndr, "entries", &r->entries[cntr_entries_1]); + free(idx_1); + } + } + ndr->depth--; + } + ndr->depth--; + ndr->depth--; +} + static enum ndr_err_code ndr_push_netr_LogonUasLogon(struct ndr_push *ndr, int flags, const struct netr_LogonUasLogon *r) { if (flags & NDR_IN) { @@ -15424,41 +15563,224 @@ _PUBLIC_ void ndr_print_netr_LogonSamLogonWithFlags(struct ndr_print *ndr, const ndr->depth--; } -static enum ndr_err_code ndr_push_netr_NETRSERVERGETTRUSTINFO(struct ndr_push *ndr, int flags, const struct netr_NETRSERVERGETTRUSTINFO *r) +static enum ndr_err_code ndr_push_netr_ServerGetTrustInfo(struct ndr_push *ndr, int flags, const struct netr_ServerGetTrustInfo *r) { if (flags & NDR_IN) { + NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.server_name)); + if (r->in.server_name) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.server_name, CH_UTF16))); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.server_name, CH_UTF16))); + NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.server_name, ndr_charset_length(r->in.server_name, CH_UTF16), sizeof(uint16_t), CH_UTF16)); + } + if (r->in.account_name == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.account_name, CH_UTF16))); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.account_name, CH_UTF16))); + NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.account_name, ndr_charset_length(r->in.account_name, CH_UTF16), sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_push_netr_SchannelType(ndr, NDR_SCALARS, r->in.secure_channel_type)); + if (r->in.computer_name == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.computer_name, CH_UTF16))); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.computer_name, CH_UTF16))); + NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.computer_name, ndr_charset_length(r->in.computer_name, CH_UTF16), sizeof(uint16_t), CH_UTF16)); + if (r->in.credential == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_netr_Authenticator(ndr, NDR_SCALARS, r->in.credential)); } if (flags & NDR_OUT) { + if (r->out.return_authenticator == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_netr_Authenticator(ndr, NDR_SCALARS, r->out.return_authenticator)); + if (r->out.new_owf_password == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, r->out.new_owf_password)); + if (r->out.old_owf_password == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, r->out.old_owf_password)); + if (r->out.trust_info == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_unique_ptr(ndr, *r->out.trust_info)); + if (*r->out.trust_info) { + NDR_CHECK(ndr_push_netr_TrustInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.trust_info)); + } NDR_CHECK(ndr_push_WERROR(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_netr_NETRSERVERGETTRUSTINFO(struct ndr_pull *ndr, int flags, struct netr_NETRSERVERGETTRUSTINFO *r) +static enum ndr_err_code ndr_pull_netr_ServerGetTrustInfo(struct ndr_pull *ndr, int flags, struct netr_ServerGetTrustInfo *r) { + uint32_t _ptr_server_name; + uint32_t _ptr_trust_info; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; + TALLOC_CTX *_mem_save_new_owf_password_0; + TALLOC_CTX *_mem_save_old_owf_password_0; + TALLOC_CTX *_mem_save_trust_info_0; + TALLOC_CTX *_mem_save_trust_info_1; if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_name)); + if (_ptr_server_name) { + NDR_PULL_ALLOC(ndr, r->in.server_name); + } else { + r->in.server_name = NULL; + } + if (r->in.server_name) { + _mem_save_server_name_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); + if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); + } + NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); + NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); + if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); + } + NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); + NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); + if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); + } + NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); + NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } + _mem_save_credential_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.credential, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, r->in.credential)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_credential_0, LIBNDR_FLAG_REF_ALLOC); + NDR_PULL_ALLOC(ndr, r->out.return_authenticator); + ZERO_STRUCTP(r->out.return_authenticator); + NDR_PULL_ALLOC(ndr, r->out.new_owf_password); + ZERO_STRUCTP(r->out.new_owf_password); + NDR_PULL_ALLOC(ndr, r->out.old_owf_password); + ZERO_STRUCTP(r->out.old_owf_password); + NDR_PULL_ALLOC(ndr, r->out.trust_info); + ZERO_STRUCTP(r->out.trust_info); } if (flags & NDR_OUT) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.return_authenticator); + } + _mem_save_return_authenticator_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.return_authenticator, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, r->out.return_authenticator)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_return_authenticator_0, LIBNDR_FLAG_REF_ALLOC); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.new_owf_password); + } + _mem_save_new_owf_password_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.new_owf_password, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, r->out.new_owf_password)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_new_owf_password_0, LIBNDR_FLAG_REF_ALLOC); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.old_owf_password); + } + _mem_save_old_owf_password_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.old_owf_password, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, r->out.old_owf_password)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_old_owf_password_0, LIBNDR_FLAG_REF_ALLOC); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.trust_info); + } + _mem_save_trust_info_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.trust_info, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_trust_info)); + if (_ptr_trust_info) { + NDR_PULL_ALLOC(ndr, *r->out.trust_info); + } else { + *r->out.trust_info = NULL; + } + if (*r->out.trust_info) { + _mem_save_trust_info_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.trust_info, 0); + NDR_CHECK(ndr_pull_netr_TrustInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.trust_info)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); } return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_netr_NETRSERVERGETTRUSTINFO(struct ndr_print *ndr, const char *name, int flags, const struct netr_NETRSERVERGETTRUSTINFO *r) +_PUBLIC_ void ndr_print_netr_ServerGetTrustInfo(struct ndr_print *ndr, const char *name, int flags, const struct netr_ServerGetTrustInfo *r) { - ndr_print_struct(ndr, name, "netr_NETRSERVERGETTRUSTINFO"); + ndr_print_struct(ndr, name, "netr_ServerGetTrustInfo"); ndr->depth++; if (flags & NDR_SET_VALUES) { ndr->flags |= LIBNDR_PRINT_SET_VALUES; } if (flags & NDR_IN) { - ndr_print_struct(ndr, "in", "netr_NETRSERVERGETTRUSTINFO"); + ndr_print_struct(ndr, "in", "netr_ServerGetTrustInfo"); + ndr->depth++; + ndr_print_ptr(ndr, "server_name", r->in.server_name); ndr->depth++; + if (r->in.server_name) { + ndr_print_string(ndr, "server_name", r->in.server_name); + } + ndr->depth--; + ndr_print_ptr(ndr, "account_name", r->in.account_name); + ndr->depth++; + ndr_print_string(ndr, "account_name", r->in.account_name); + ndr->depth--; + ndr_print_netr_SchannelType(ndr, "secure_channel_type", r->in.secure_channel_type); + ndr_print_ptr(ndr, "computer_name", r->in.computer_name); + ndr->depth++; + ndr_print_string(ndr, "computer_name", r->in.computer_name); + ndr->depth--; + ndr_print_ptr(ndr, "credential", r->in.credential); + ndr->depth++; + ndr_print_netr_Authenticator(ndr, "credential", r->in.credential); + ndr->depth--; ndr->depth--; } if (flags & NDR_OUT) { - ndr_print_struct(ndr, "out", "netr_NETRSERVERGETTRUSTINFO"); + ndr_print_struct(ndr, "out", "netr_ServerGetTrustInfo"); ndr->depth++; + ndr_print_ptr(ndr, "return_authenticator", r->out.return_authenticator); + ndr->depth++; + ndr_print_netr_Authenticator(ndr, "return_authenticator", r->out.return_authenticator); + ndr->depth--; + ndr_print_ptr(ndr, "new_owf_password", r->out.new_owf_password); + ndr->depth++; + ndr_print_samr_Password(ndr, "new_owf_password", r->out.new_owf_password); + ndr->depth--; + ndr_print_ptr(ndr, "old_owf_password", r->out.old_owf_password); + ndr->depth++; + ndr_print_samr_Password(ndr, "old_owf_password", r->out.old_owf_password); + ndr->depth--; + ndr_print_ptr(ndr, "trust_info", r->out.trust_info); + ndr->depth++; + ndr_print_ptr(ndr, "trust_info", *r->out.trust_info); + ndr->depth++; + if (*r->out.trust_info) { + ndr_print_netr_TrustInfo(ndr, "trust_info", *r->out.trust_info); + } + ndr->depth--; + ndr->depth--; ndr_print_WERROR(ndr, "result", r->out.result); ndr->depth--; } @@ -15835,11 +16157,11 @@ static const struct ndr_interface_call netlogon_calls[] = { false, }, { - "netr_NETRSERVERGETTRUSTINFO", - sizeof(struct netr_NETRSERVERGETTRUSTINFO), - (ndr_push_flags_fn_t) ndr_push_netr_NETRSERVERGETTRUSTINFO, - (ndr_pull_flags_fn_t) ndr_pull_netr_NETRSERVERGETTRUSTINFO, - (ndr_print_function_t) ndr_print_netr_NETRSERVERGETTRUSTINFO, + "netr_ServerGetTrustInfo", + sizeof(struct netr_ServerGetTrustInfo), + (ndr_push_flags_fn_t) ndr_push_netr_ServerGetTrustInfo, + (ndr_pull_flags_fn_t) ndr_pull_netr_ServerGetTrustInfo, + (ndr_print_function_t) ndr_print_netr_ServerGetTrustInfo, false, }, { NULL, 0, NULL, NULL, NULL, false } diff --git a/source3/librpc/gen_ndr/ndr_netlogon.h b/source3/librpc/gen_ndr/ndr_netlogon.h index be20448636..5858906c1c 100644 --- a/source3/librpc/gen_ndr/ndr_netlogon.h +++ b/source3/librpc/gen_ndr/ndr_netlogon.h @@ -104,7 +104,7 @@ extern const struct ndr_interface_table ndr_table_netlogon; #define NDR_NETR_LOGONSAMLOGONWITHFLAGS (0x2d) -#define NDR_NETR_NETRSERVERGETTRUSTINFO (0x2e) +#define NDR_NETR_SERVERGETTRUSTINFO (0x2e) #define NDR_NETLOGON_CALL_COUNT (47) void ndr_print_netr_UasInfo(struct ndr_print *ndr, const char *name, const struct netr_UasInfo *r); @@ -226,6 +226,7 @@ void ndr_print_netr_DomainTrust(struct ndr_print *ndr, const char *name, const s void ndr_print_netr_DomainTrustList(struct ndr_print *ndr, const char *name, const struct netr_DomainTrustList *r); void ndr_print_netr_DsRAddressToSitenamesExWCtr(struct ndr_print *ndr, const char *name, const struct netr_DsRAddressToSitenamesExWCtr *r); void ndr_print_DcSitesCtr(struct ndr_print *ndr, const char *name, const struct DcSitesCtr *r); +void ndr_print_netr_TrustInfo(struct ndr_print *ndr, const char *name, const struct netr_TrustInfo *r); void ndr_print_netr_LogonUasLogon(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonUasLogon *r); void ndr_print_netr_LogonUasLogoff(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonUasLogoff *r); void ndr_print_netr_LogonSamLogon(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonSamLogon *r); @@ -276,5 +277,5 @@ void ndr_print_netr_ServerTrustPasswordsGet(struct ndr_print *ndr, const char *n void ndr_print_netr_DsRGetForestTrustInformation(struct ndr_print *ndr, const char *name, int flags, const struct netr_DsRGetForestTrustInformation *r); void ndr_print_netr_GetForestTrustInformation(struct ndr_print *ndr, const char *name, int flags, const struct netr_GetForestTrustInformation *r); void ndr_print_netr_LogonSamLogonWithFlags(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonSamLogonWithFlags *r); -void ndr_print_netr_NETRSERVERGETTRUSTINFO(struct ndr_print *ndr, const char *name, int flags, const struct netr_NETRSERVERGETTRUSTINFO *r); +void ndr_print_netr_ServerGetTrustInfo(struct ndr_print *ndr, const char *name, int flags, const struct netr_ServerGetTrustInfo *r); #endif /* _HEADER_NDR_netlogon */ diff --git a/source3/librpc/gen_ndr/netlogon.h b/source3/librpc/gen_ndr/netlogon.h index 4d9b549e75..02a4a447e0 100644 --- a/source3/librpc/gen_ndr/netlogon.h +++ b/source3/librpc/gen_ndr/netlogon.h @@ -964,6 +964,13 @@ struct DcSitesCtr { struct lsa_String *sites;/* [unique,size_is(num_sites)] */ }; +struct netr_TrustInfo { + uint32_t count; + uint32_t *data;/* [unique,size_is(count)] */ + uint32_t entry_count; + struct lsa_String *entries;/* [unique,size_is(count)] */ +}; + struct netr_LogonUasLogon { struct { @@ -1706,8 +1713,20 @@ struct netr_LogonSamLogonWithFlags { }; -struct netr_NETRSERVERGETTRUSTINFO { +struct netr_ServerGetTrustInfo { + struct { + const char *server_name;/* [unique,charset(UTF16)] */ + const char *account_name;/* [ref,charset(UTF16)] */ + enum netr_SchannelType secure_channel_type; + const char *computer_name;/* [ref,charset(UTF16)] */ + struct netr_Authenticator *credential;/* [ref] */ + } in; + struct { + struct netr_Authenticator *return_authenticator;/* [ref] */ + struct samr_Password *new_owf_password;/* [ref] */ + struct samr_Password *old_owf_password;/* [ref] */ + struct netr_TrustInfo **trust_info;/* [ref] */ WERROR result; } out; diff --git a/source3/librpc/gen_ndr/srv_netlogon.c b/source3/librpc/gen_ndr/srv_netlogon.c index 2cb2978af2..8cb461e94d 100644 --- a/source3/librpc/gen_ndr/srv_netlogon.c +++ b/source3/librpc/gen_ndr/srv_netlogon.c @@ -3733,18 +3733,18 @@ static bool api_netr_LogonSamLogonWithFlags(pipes_struct *p) return true; } -static bool api_netr_NETRSERVERGETTRUSTINFO(pipes_struct *p) +static bool api_netr_ServerGetTrustInfo(pipes_struct *p) { const struct ndr_interface_call *call; struct ndr_pull *pull; struct ndr_push *push; enum ndr_err_code ndr_err; DATA_BLOB blob; - struct netr_NETRSERVERGETTRUSTINFO *r; + struct netr_ServerGetTrustInfo *r; - call = &ndr_table_netlogon.calls[NDR_NETR_NETRSERVERGETTRUSTINFO]; + call = &ndr_table_netlogon.calls[NDR_NETR_SERVERGETTRUSTINFO]; - r = talloc(talloc_tos(), struct netr_NETRSERVERGETTRUSTINFO); + r = talloc(talloc_tos(), struct netr_ServerGetTrustInfo); if (r == NULL) { return false; } @@ -3768,10 +3768,35 @@ static bool api_netr_NETRSERVERGETTRUSTINFO(pipes_struct *p) } if (DEBUGLEVEL >= 10) { - NDR_PRINT_IN_DEBUG(netr_NETRSERVERGETTRUSTINFO, r); + NDR_PRINT_IN_DEBUG(netr_ServerGetTrustInfo, r); } - r->out.result = _netr_NETRSERVERGETTRUSTINFO(p, r); + ZERO_STRUCT(r->out); + r->out.return_authenticator = talloc_zero(r, struct netr_Authenticator); + if (r->out.return_authenticator == NULL) { + talloc_free(r); + return false; + } + + r->out.new_owf_password = talloc_zero(r, struct samr_Password); + if (r->out.new_owf_password == NULL) { + talloc_free(r); + return false; + } + + r->out.old_owf_password = talloc_zero(r, struct samr_Password); + if (r->out.old_owf_password == NULL) { + talloc_free(r); + return false; + } + + r->out.trust_info = talloc_zero(r, struct netr_TrustInfo *); + if (r->out.trust_info == NULL) { + talloc_free(r); + return false; + } + + r->out.result = _netr_ServerGetTrustInfo(p, r); if (p->rng_fault_state) { talloc_free(r); @@ -3780,7 +3805,7 @@ static bool api_netr_NETRSERVERGETTRUSTINFO(pipes_struct *p) } if (DEBUGLEVEL >= 10) { - NDR_PRINT_OUT_DEBUG(netr_NETRSERVERGETTRUSTINFO, r); + NDR_PRINT_OUT_DEBUG(netr_ServerGetTrustInfo, r); } push = ndr_push_init_ctx(r, NULL); @@ -3856,7 +3881,7 @@ static struct api_struct api_netlogon_cmds[] = {"NETR_DSRGETFORESTTRUSTINFORMATION", NDR_NETR_DSRGETFORESTTRUSTINFORMATION, api_netr_DsRGetForestTrustInformation}, {"NETR_GETFORESTTRUSTINFORMATION", NDR_NETR_GETFORESTTRUSTINFORMATION, api_netr_GetForestTrustInformation}, {"NETR_LOGONSAMLOGONWITHFLAGS", NDR_NETR_LOGONSAMLOGONWITHFLAGS, api_netr_LogonSamLogonWithFlags}, - {"NETR_NETRSERVERGETTRUSTINFO", NDR_NETR_NETRSERVERGETTRUSTINFO, api_netr_NETRSERVERGETTRUSTINFO}, + {"NETR_SERVERGETTRUSTINFO", NDR_NETR_SERVERGETTRUSTINFO, api_netr_ServerGetTrustInfo}, }; void netlogon_get_pipe_fns(struct api_struct **fns, int *n_fns) diff --git a/source3/librpc/gen_ndr/srv_netlogon.h b/source3/librpc/gen_ndr/srv_netlogon.h index 1fe16c603b..3bbe4d02fa 100644 --- a/source3/librpc/gen_ndr/srv_netlogon.h +++ b/source3/librpc/gen_ndr/srv_netlogon.h @@ -47,7 +47,7 @@ NTSTATUS _netr_ServerTrustPasswordsGet(pipes_struct *p, struct netr_ServerTrustP WERROR _netr_DsRGetForestTrustInformation(pipes_struct *p, struct netr_DsRGetForestTrustInformation *r); WERROR _netr_GetForestTrustInformation(pipes_struct *p, struct netr_GetForestTrustInformation *r); NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p, struct netr_NETRSERVERGETTRUSTINFO *r); +WERROR _netr_ServerGetTrustInfo(pipes_struct *p, struct netr_ServerGetTrustInfo *r); void netlogon_get_pipe_fns(struct api_struct **fns, int *n_fns); NTSTATUS rpc_netlogon_init(void); #endif /* __SRV_NETLOGON__ */ -- cgit From b431406357a7c9580e797a3d4f96d9b1fe9f2e86 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 02:54:06 +0100 Subject: s3-netlogon: fix netlogon server build. Guenther --- source3/include/proto.h | 4 ++-- source3/rpc_server/srv_netlog_nt.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 2ba01b30ed..4feedcdb04 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6859,8 +6859,8 @@ WERROR _netr_GetForestTrustInformation(pipes_struct *p, struct netr_GetForestTrustInformation *r); NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p, - struct netr_NETRSERVERGETTRUSTINFO *r); +WERROR _netr_ServerGetTrustInfo(pipes_struct *p, + struct netr_ServerGetTrustInfo *r); /* The following definitions come from rpc_server/srv_ntsvcs.c */ diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 45acd3ed48..46450059f4 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -1402,8 +1402,8 @@ NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, /**************************************************************** ****************************************************************/ -WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p, - struct netr_NETRSERVERGETTRUSTINFO *r) +WERROR _netr_ServerGetTrustInfo(pipes_struct *p, + struct netr_ServerGetTrustInfo *r) { p->rng_fault_state = true; return WERR_NOT_SUPPORTED; -- cgit From 6bb2fff0c14bd886a1d7995e5ce01f5938689372 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Dec 2008 13:40:41 +0100 Subject: Rename "scan_directory" to "get_real_filename" --- source3/smbd/filename.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'source3') diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 392264bfc0..9f2fe60f47 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -26,8 +26,9 @@ #include "includes.h" -static bool scan_directory(connection_struct *conn, const char *path, - char *name, char **found_name); +static bool get_real_filename(connection_struct *conn, const char *path, + char *name, TALLOC_CTX *mem_ctx, + char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, const char *orig_path, @@ -433,8 +434,8 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (name_has_wildcard || - !scan_directory(conn, dirpath, - start, &found_name)) { + !get_real_filename(conn, dirpath, start, + talloc_tos(), &found_name)) { char *unmangled; if (end) { @@ -768,15 +769,15 @@ static bool fname_equal(const char *name1, const char *name2, If the name looks like a mangled name then try via the mangling functions ****************************************************************************/ -static bool scan_directory(connection_struct *conn, const char *path, - char *name, char **found_name) +static bool get_real_filename(connection_struct *conn, const char *path, + char *name, TALLOC_CTX *mem_ctx, + char **found_name) { struct smb_Dir *cur_dir; const char *dname; bool mangled; char *unmangled_name = NULL; long curpos; - TALLOC_CTX *ctx = talloc_tos(); mangled = mangle_is_mangled(name, conn->params); @@ -810,10 +811,9 @@ static bool scan_directory(connection_struct *conn, const char *path, */ if (mangled && !conn->case_sensitive) { - mangled = !mangle_lookup_name_from_8_3(ctx, - name, - &unmangled_name, - conn->params); + mangled = !mangle_lookup_name_from_8_3(talloc_tos(), name, + &unmangled_name, + conn->params); if (!mangled) { /* Name is now unmangled. */ name = unmangled_name; @@ -850,7 +850,7 @@ static bool scan_directory(connection_struct *conn, const char *path, if ((mangled && mangled_equal(name,dname,conn->params)) || fname_equal(name, dname, conn->case_sensitive)) { /* we've found the file, change it's name and return */ - *found_name = talloc_strdup(ctx,dname); + *found_name = talloc_strdup(mem_ctx, dname); TALLOC_FREE(unmangled_name); TALLOC_FREE(cur_dir); if (!*found_name) { -- cgit From c7521b25e9f364ced3fbdee3ccb463e93e97a1c3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Dec 2008 13:50:22 +0100 Subject: Apply some const --- source3/smbd/filename.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 9f2fe60f47..a5800aa85b 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -27,7 +27,7 @@ #include "includes.h" static bool get_real_filename(connection_struct *conn, const char *path, - char *name, TALLOC_CTX *mem_ctx, + const char *name, TALLOC_CTX *mem_ctx, char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, @@ -770,7 +770,7 @@ static bool fname_equal(const char *name1, const char *name2, ****************************************************************************/ static bool get_real_filename(connection_struct *conn, const char *path, - char *name, TALLOC_CTX *mem_ctx, + const char *name, TALLOC_CTX *mem_ctx, char **found_name) { struct smb_Dir *cur_dir; -- cgit From 31543640e6227e8dc808e365ba0bf6d2d5b08727 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:03:51 +0100 Subject: Change get_real_filename() to unix syscall conventions, make it non-static It sets errno, so it might as well return 0/-1. --- source3/smbd/filename.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'source3') diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index a5800aa85b..c803e40649 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -26,9 +26,9 @@ #include "includes.h" -static bool get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name); +static int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, const char *orig_path, @@ -434,8 +434,9 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (name_has_wildcard || - !get_real_filename(conn, dirpath, start, - talloc_tos(), &found_name)) { + (get_real_filename( + conn, dirpath, start, + talloc_tos(), &found_name) == -1)) { char *unmangled; if (end) { @@ -769,9 +770,9 @@ static bool fname_equal(const char *name1, const char *name2, If the name looks like a mangled name then try via the mangling functions ****************************************************************************/ -static bool get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name) +int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name) { struct smb_Dir *cur_dir; const char *dname; @@ -792,7 +793,7 @@ static bool get_real_filename(connection_struct *conn, const char *path, */ if (!mangled && !(conn->fs_capabilities & FILE_CASE_SENSITIVE_SEARCH)) { errno = ENOENT; - return False; + return -1; } /* @@ -824,7 +825,7 @@ static bool get_real_filename(connection_struct *conn, const char *path, if (!(cur_dir = OpenDir(talloc_tos(), conn, path, NULL, 0))) { DEBUG(3,("scan dir didn't open dir [%s]\n",path)); TALLOC_FREE(unmangled_name); - return(False); + return -1; } /* now scan for matching names */ @@ -855,16 +856,16 @@ static bool get_real_filename(connection_struct *conn, const char *path, TALLOC_FREE(cur_dir); if (!*found_name) { errno = ENOMEM; - return False; + return -1; } - return(True); + return 0; } } TALLOC_FREE(unmangled_name); TALLOC_FREE(cur_dir); errno = ENOENT; - return False; + return -1; } static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, -- cgit From 21b9dec990b08a104600bf8e408e64e805a02835 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:17:19 +0100 Subject: Pass the get_real_filename operation through the VFS This is done to help file systems that can tell us about the real upper/lower case combination given a case-insensitive file name. The sample I will soon push is the gpfs module (recent gpfs has a get_real_filename function), others might have a similar function to help alleviate the 1million files in a single directory problem. Jeremy, please comment! Thanks, Volker --- source3/include/vfs.h | 8 ++++++++ source3/include/vfs_macros.h | 3 +++ source3/modules/vfs_default.c | 12 ++++++++++++ source3/smbd/filename.c | 5 +---- 4 files changed, 24 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 383cd327ae..d02d14b854 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -210,6 +210,7 @@ typedef enum _vfs_op_type { SMB_VFS_OP_CHFLAGS, SMB_VFS_OP_FILE_ID_CREATE, SMB_VFS_OP_STREAMINFO, + SMB_VFS_OP_GET_REAL_FILENAME, /* NT ACL operations. */ @@ -375,6 +376,12 @@ struct vfs_ops { unsigned int *num_streams, struct stream_struct **streams); + int (*get_real_filename)(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name); + /* NT ACL operations. */ NTSTATUS (*fget_nt_acl)(struct vfs_handle_struct *handle, @@ -510,6 +517,7 @@ struct vfs_ops { struct vfs_handle_struct *chflags; struct vfs_handle_struct *file_id_create; struct vfs_handle_struct *streaminfo; + struct vfs_handle_struct *get_real_filename; /* NT ACL operations. */ diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index fa5dad8781..b008d86b3c 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -85,6 +85,7 @@ #define SMB_VFS_CHFLAGS(conn, path, flags) ((conn)->vfs.ops.chflags((conn)->vfs.handles.chflags, (path), (flags))) #define SMB_VFS_FILE_ID_CREATE(conn, dev, inode) ((conn)->vfs.ops.file_id_create((conn)->vfs.handles.file_id_create, (dev), (inode))) #define SMB_VFS_STREAMINFO(conn, fsp, fname, mem_ctx, num_streams, streams) ((conn)->vfs.ops.streaminfo((conn)->vfs.handles.streaminfo, (fsp), (fname), (mem_ctx), (num_streams), (streams))) +#define SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name) ((conn)->vfs.ops.get_real_filename((conn)->vfs.handles.get_real_filename, (path), (name), (mem_ctx), (found_name))) /* NT ACL operations. */ #define SMB_VFS_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs.ops.fget_nt_acl((fsp)->conn->vfs.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) @@ -211,6 +212,7 @@ #define SMB_VFS_OPAQUE_CHFLAGS(conn, path, flags) ((conn)->vfs_opaque.ops.chflags((conn)->vfs_opaque.handles.chflags, (path), (flags))) #define SMB_VFS_OPAQUE_FILE_ID_CREATE(conn, dev, inode) ((conn)->vfs.ops_opaque.file_id_create((conn)->vfs_opaque.handles.file_id_create, (dev), (inode))) #define SMB_VFS_OPAQUE_STREAMINFO(conn, fsp, fname, mem_ctx, num_streams, streams) ((conn)->vfs_opaque.ops.streaminfo((conn)->vfs_opaque.handles.streaminfo, (fsp), (fname), (mem_ctx), (num_streams), (streams))) +#define SMB_VFS_OPAQUE_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name) ((conn)->vfs_opaque.ops.get_real_filename((conn)->vfs_opaque.handles.get_real_filename, (path), (name), (mem_ctx), (found_name))) /* NT ACL operations. */ #define SMB_VFS_OPAQUE_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs_opaque.ops.fget_nt_acl((fsp)->conn->vfs_opaque.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) @@ -338,6 +340,7 @@ #define SMB_VFS_NEXT_CHFLAGS(handle, path, flags) ((handle)->vfs_next.ops.chflags((handle)->vfs_next.handles.chflags, (path), (flags))) #define SMB_VFS_NEXT_FILE_ID_CREATE(handle, dev, inode) ((handle)->vfs_next.ops.file_id_create((handle)->vfs_next.handles.file_id_create, (dev), (inode))) #define SMB_VFS_NEXT_STREAMINFO(handle, fsp, fname, mem_ctx, num_streams, streams) ((handle)->vfs_next.ops.streaminfo((handle)->vfs_next.handles.streaminfo, (fsp), (fname), (mem_ctx), (num_streams), (streams))) +#define SMB_VFS_NEXT_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name) ((conn)->vfs_next.ops.get_real_filename((conn)->vfs_next.handles.get_real_filename, (path), (name), (mem_ctx), (found_name))) /* NT ACL operations. */ #define SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc) ((handle)->vfs_next.ops.fget_nt_acl((handle)->vfs_next.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 6d8d8f8065..8fa8f6ae06 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1038,6 +1038,16 @@ static NTSTATUS vfswrap_streaminfo(vfs_handle_struct *handle, return NT_STATUS_OK; } +static int vfswrap_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) +{ + return get_real_filename(handle->conn, path, name, mem_ctx, + found_name); +} + static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc) @@ -1459,6 +1469,8 @@ static vfs_op_tuple vfs_default_ops[] = { SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(vfswrap_streaminfo), SMB_VFS_OP_STREAMINFO, SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(vfswrap_get_real_filename), SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_LAYER_OPAQUE}, /* NT ACL operations. */ diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index c803e40649..d240ecfa64 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -26,9 +26,6 @@ #include "includes.h" -static int get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, const char *orig_path, @@ -434,7 +431,7 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (name_has_wildcard || - (get_real_filename( + (SMB_VFS_GET_REAL_FILENAME( conn, dirpath, start, talloc_tos(), &found_name) == -1)) { char *unmangled; -- cgit From a0efc4cffbd84898c454d27eaf946d073dfdad0f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 18:10:03 +0100 Subject: Fix some merge omissions for GPFS --- source3/modules/gpfs.c | 10 +++++----- source3/modules/vfs_gpfs.c | 13 +++++++++++-- 2 files changed, 16 insertions(+), 7 deletions(-) (limited to 'source3') diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 4e76b97ccf..c4b2518e02 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -43,7 +43,7 @@ bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, if (!gpfs_share_modes) { return True; } - + if (gpfs_set_share_fn == NULL) { return False; } @@ -104,7 +104,7 @@ int set_gpfs_lease(int fd, int leasetype) if (leasetype == F_WRLCK) { gpfs_type = GPFS_LEASE_WRITE; } - + /* we unconditionally set CAP_LEASE, rather than looking for -1/EACCES as there is a bug in some versions of libgpfs_gpl.so which results in a leaked fd on /dev/ss0 @@ -143,7 +143,7 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **fn_pointer = (void **)pfn_pointer; if (*libhandle_pointer == NULL) { - *libhandle_pointer = dlopen(libname, RTLD_LAZY); + *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); did_open_here = true; } if (*libhandle_pointer == NULL) { @@ -151,12 +151,12 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, return false; } - *fn_pointer = dlsym(*libhandle_pointer, fn_name); + *fn_pointer = sys_dlsym(*libhandle_pointer, fn_name); if (*fn_pointer == NULL) { DEBUG(10, ("Did not find symbol %s in lib %s\n", fn_name, libname)); if (did_open_here) { - dlclose(*libhandle_pointer); + sys_dlclose(*libhandle_pointer); *libhandle_pointer = NULL; } return false; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index fa0b4e97a5..a9e7a84249 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -365,7 +365,7 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) { struct gpfs_acl *acl; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -386,7 +386,12 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_i return result; } -static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +{ + return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); +} + +static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) { return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } @@ -834,6 +839,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_set_nt_acl), + SMB_VFS_OP_SET_NT_ACL, + SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From a4b52118d44906882677ed1234428d8025134036 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:22:04 +0100 Subject: Fix nonempty blank lines in vfs_gpfs.c --- source3/modules/vfs_gpfs.c | 105 +++++++++++++++++++++------------------------ 1 file changed, 50 insertions(+), 55 deletions(-) (limited to 'source3') diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index a9e7a84249..5cadce9e1d 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1,26 +1,24 @@ /* Unix SMB/CIFS implementation. Wrap gpfs calls in vfs functions. - + Copyright (C) Christian Ambach 2006 - + Major code contributions by Chetan Shringarpure and Gomati Mohanan - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . - - */ #include "includes.h" @@ -55,14 +53,14 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, int leasetype) { int ret; - + START_PROFILE(syscall_linux_setlease); - + if ( linux_set_lease_sighandler(fsp->fh->fd) == -1) return -1; ret = set_gpfs_lease(fsp->fh->fd,leasetype); - + if ( ret < 0 ) { /* This must have come from GPFS not being available */ /* or some other error, hence call the default */ @@ -301,13 +299,13 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) gace->aceType = aceprop->aceType; gace->aceFlags = aceprop->aceFlags; gace->aceMask = aceprop->aceMask; - + /* * GPFS can't distinguish between WRITE and APPEND on * files, so one being set without the other is an * error. Sorry for the many ()'s :-) */ - + if (!fsp->is_directory && ((((gace->aceMask & ACE4_MASK_WRITE) == 0) @@ -323,9 +321,9 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) fsp->fsp_name)); gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND; } - + gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0; - + if (aceprop->flags&SMB_ACE4_ID_SPECIAL) { switch(aceprop->who.special_id) @@ -483,7 +481,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) errno = EINVAL; goto done; } - + DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n", pacl->acl_len, pacl->acl_level, pacl->acl_version, pacl->acl_nace)); @@ -502,7 +500,6 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) } SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, - const char *path_p, SMB_ACL_TYPE_T type) { @@ -562,7 +559,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, for (i=0; icount; i++) { const struct smb_acl_entry *ace = &pacl->acl[i]; struct gpfs_ace_v1 *g_ace = &result->ace_v1[i]; - + DEBUG(10, ("Converting type %d perm %x\n", (int)ace->a_type, (int)ace->a_perm)); @@ -617,7 +614,6 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, } int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle, - const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) @@ -644,7 +640,6 @@ int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle, } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle, - const char *path) { errno = ENOTSUP; @@ -666,11 +661,11 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) uint32_t posix_mask = 0x01; uint32_t posix_bit; uint32_t nfs4_bits; - + for(i=0; i<3; i++) { nfs4_bits = posix_nfs4map[i]; posix_bit = rwx & posix_mask; - + if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { if (posix_bit) aceMask |= nfs4_bits; @@ -683,10 +678,10 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) else aceMask &= ~nfs4_bits; } /* other ace types are unexpected */ - + posix_mask <<= 1; } - + return aceMask; } @@ -698,30 +693,30 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) int i; files_struct fake_fsp; /* TODO: rationalize parametrization */ SMB4ACE_T *smbace; - + DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode)); - + result = gpfs_get_nfs4_acl(path, &pacl); if (result) return result; - + if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) { DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path)); } - + for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) { SMB_ACE4PROP_T *ace = smb_get_ace4(smbace); uint32_t specid = ace->who.special_id; - + if (ace->flags&SMB_ACE4_ID_SPECIAL && ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE && specid <= SMB_ACE4_WHO_EVERYONE) { - + uint32_t newMask; - + if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) haveAllowEntry[specid] = True; - + /* mode >> 6 for @owner, mode >> 3 for @group, * mode >> 0 for @everyone */ newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask, @@ -740,35 +735,35 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) */ for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) { SMB_ACE4PROP_T ace; - + if (haveAllowEntry[i]==True) continue; - + ZERO_STRUCT(ace); ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE; ace.flags |= SMB_ACE4_ID_SPECIAL; ace.who.special_id = i; - + if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */ ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - + ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask, mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3)); - + /* don't add unnecessary aces */ if (!ace.aceMask) continue; - + /* we add it to the END - as windows expects allow aces */ smb_add_ace4(pacl, &ace); DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n", path, mode, i, ace.aceMask)); } - + /* don't add complementary DENY ACEs here */ ZERO_STRUCT(fake_fsp); fake_fsp.fsp_name = (char *)path; /* no file_new is needed here */ - + /* put the acl */ if (gpfsacl_process_smbacl(&fake_fsp, pacl) == False) return -1; @@ -779,11 +774,11 @@ static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mo { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_STAT(handle, path, &st) != 0) { return -1; } - + /* avoid chmod() if possible, to preserve acls */ if ((st.st_mode & ~S_IFMT) == mode) { return 0; @@ -799,7 +794,7 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) { return -1; } @@ -818,27 +813,27 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t /* VFS operations structure */ static vfs_op_tuple gpfs_op_tuples[] = { - + { SMB_VFS_OP(vfs_gpfs_kernel_flock), SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(vfs_gpfs_setlease), SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, @@ -846,27 +841,27 @@ static vfs_op_tuple gpfs_op_tuples[] = { { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_chmod), SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_fchmod), SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_TRANSPARENT }, @@ -880,7 +875,7 @@ NTSTATUS vfs_gpfs_init(void); NTSTATUS vfs_gpfs_init(void) { init_gpfs(); - + return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs", gpfs_op_tuples); } -- cgit From b37684ffcec4ba0beada55d37bcaf4f5e79bcd58 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 12:32:24 +0100 Subject: Make use of smbd_gpfs_get_realfilename_path in unix_convert --- source3/modules/gpfs.c | 25 +++++++++++++++++++ source3/modules/vfs_gpfs.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) (limited to 'source3') diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index c4b2518e02..92aecb9fb6 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -31,6 +31,8 @@ static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny); static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType); static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl); static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl); +static int (*gpfs_get_realfilename_path_fn)(char *pathname, char *filenamep, + int *buflen); bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, @@ -134,6 +136,17 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return gpfs_putacl_fn(pathname, flags, acl); } +int smbd_gpfs_get_realfilename_path(char *pathname, char *filenamep, + int *buflen) +{ + if (gpfs_get_realfilename_path_fn == NULL) { + errno = ENOSYS; + return -1; + } + + return gpfs_get_realfilename_path_fn(pathname, filenamep, buflen); +} + static bool init_gpfs_function_lib(void *plibhandle_pointer, const char *libname, void *pfn_pointer, const char *fn_name) @@ -142,6 +155,9 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **libhandle_pointer = (void **)plibhandle_pointer; void **fn_pointer = (void **)pfn_pointer; + DEBUG(10, ("trying to load name %s from %s\n", + fn_name, libname)); + if (*libhandle_pointer == NULL) { *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); did_open_here = true; @@ -187,6 +203,8 @@ void init_gpfs(void) init_gpfs_function(&gpfs_set_lease_fn, "gpfs_set_lease"); init_gpfs_function(&gpfs_getacl_fn, "gpfs_getacl"); init_gpfs_function(&gpfs_putacl_fn, "gpfs_putacl"); + init_gpfs_function(&gpfs_get_realfilename_path_fn, + "gpfs_get_realfilename_path"); gpfs_share_modes = lp_parm_bool(-1, "gpfs", "sharemodes", True); gpfs_leases = lp_parm_bool(-1, "gpfs", "leases", True); @@ -226,6 +244,13 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return -1; } +int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep, + int *buflen) +{ + errno = ENOSYS; + return -1; +} + void init_gpfs(void) { return; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 5cadce9e1d..780bd9b8a5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -72,7 +72,64 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, return ret; } +static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) +{ + int result; + char *full_path; + char real_pathname[PATH_MAX+1]; + int buflen; + + full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name); + if (full_path == NULL) { + errno = ENOMEM; + return -1; + } + + buflen = sizeof(real_pathname) - 1; + + result = smbd_gpfs_get_realfilename_path(full_path, real_pathname, + &buflen); + + TALLOC_FREE(full_path); + + if (result == -1) { + DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n", + strerror(errno))); + return -1; + } + + /* + * GPFS does not necessarily null-terminate the returned path + * but instead returns the buffer length in buflen. + */ + if (buflen < sizeof(real_pathname)) { + real_pathname[buflen] = '\0'; + } else { + real_pathname[sizeof(real_pathname)-1] = '\0'; + } + + DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n", + path, name, real_pathname)); + + name = strrchr_m(real_pathname, '/'); + if (name == NULL) { + errno = ENOENT; + return -1; + } + + *found_name = talloc_strdup(mem_ctx, name+1); + if (*found_name == NULL) { + errno = ENOMEM; + return -1; + } + + return 0; +} static void gpfs_dumpacl(int level, struct gpfs_acl *gacl) { @@ -822,6 +879,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(vfs_gpfs_get_real_filename), + SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 3c93c96fd0fe362c35fe8127058f94868abc9342 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 18:17:59 +0100 Subject: Also search for -lgpfs which is available as GPL in GPFS PTF8 --- source3/configure.in | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'source3') diff --git a/source3/configure.in b/source3/configure.in index 40e78e89d9..b90b1b3f60 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1052,6 +1052,20 @@ if test x"$samba_cv_HAVE_GPFS" = x"yes"; then fi LIBS="$save_LIBS" +printf "%s" "checking for GPFS libs (with 3.2.1 PTF8 available as GPL)... " +save_LIBS="$LIBS" +LIBS="$LIBS -lgpfs" +AC_TRY_LINK([#include ], + [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], + samba_cv_HAVE_GPFS=yes, + samba_cv_HAVE_GPFS=no) +echo $samba_cv_HAVE_GPFS +if test x"$samba_cv_HAVE_GPFS" = x"yes"; then + AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) + default_shared_modules="$default_shared_modules vfs_gpfs" +fi +LIBS="$save_LIBS" + ############################################# # check if building on Isilon OneFS printf "%s" "checking for Isilon OneFS... " -- cgit From c044b09572631cbdd686e5dbbdfbcc731145533a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 16:58:40 +0100 Subject: Fix the build Crap, too many trees and no instant, infinitely fast rebuild --- source3/include/proto.h | 4 ++++ source3/modules/vfs_gpfs.c | 9 --------- 2 files changed, 4 insertions(+), 9 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 4feedcdb04..7fa6266910 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7896,6 +7896,10 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, char **pp_saved_last_component, SMB_STRUCT_STAT *pst); NTSTATUS check_name(connection_struct *conn, const char *name); +int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name); + /* The following definitions come from smbd/files.c */ diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 780bd9b8a5..fae08dd252 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -446,11 +446,6 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } -static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) -{ - return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); -} - static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl) { SMB_ACL_T result; @@ -895,10 +890,6 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_set_nt_acl), - SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 7ad9676864a70366c3165c6f35e5c8665bc6468d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:13:34 +0100 Subject: Revert "Fix the build" This reverts commit c044b09572631cbdd686e5dbbdfbcc731145533a. --- source3/include/proto.h | 4 ---- source3/modules/vfs_gpfs.c | 9 +++++++++ 2 files changed, 9 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 7fa6266910..4feedcdb04 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7896,10 +7896,6 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, char **pp_saved_last_component, SMB_STRUCT_STAT *pst); NTSTATUS check_name(connection_struct *conn, const char *name); -int get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name); - /* The following definitions come from smbd/files.c */ diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index fae08dd252..780bd9b8a5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -446,6 +446,11 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } +static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) +{ + return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); +} + static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl) { SMB_ACL_T result; @@ -890,6 +895,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_set_nt_acl), + SMB_VFS_OP_SET_NT_ACL, + SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 0114cb52ca552bc8c70d6f8160ca5a481e41154d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:13:48 +0100 Subject: Revert "Also search for -lgpfs which is available as GPL in GPFS PTF8" This reverts commit 3c93c96fd0fe362c35fe8127058f94868abc9342. --- source3/configure.in | 14 -------------- 1 file changed, 14 deletions(-) (limited to 'source3') diff --git a/source3/configure.in b/source3/configure.in index b90b1b3f60..40e78e89d9 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1052,20 +1052,6 @@ if test x"$samba_cv_HAVE_GPFS" = x"yes"; then fi LIBS="$save_LIBS" -printf "%s" "checking for GPFS libs (with 3.2.1 PTF8 available as GPL)... " -save_LIBS="$LIBS" -LIBS="$LIBS -lgpfs" -AC_TRY_LINK([#include ], - [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], - samba_cv_HAVE_GPFS=yes, - samba_cv_HAVE_GPFS=no) -echo $samba_cv_HAVE_GPFS -if test x"$samba_cv_HAVE_GPFS" = x"yes"; then - AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) - default_shared_modules="$default_shared_modules vfs_gpfs" -fi -LIBS="$save_LIBS" - ############################################# # check if building on Isilon OneFS printf "%s" "checking for Isilon OneFS... " -- cgit From 1896ccb24732fc9a3407224209d741640dd602d3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:14:01 +0100 Subject: Revert "Make use of smbd_gpfs_get_realfilename_path in unix_convert" This reverts commit b37684ffcec4ba0beada55d37bcaf4f5e79bcd58. --- source3/modules/gpfs.c | 25 ------------------- source3/modules/vfs_gpfs.c | 61 ---------------------------------------------- 2 files changed, 86 deletions(-) (limited to 'source3') diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 92aecb9fb6..c4b2518e02 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -31,8 +31,6 @@ static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny); static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType); static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl); static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl); -static int (*gpfs_get_realfilename_path_fn)(char *pathname, char *filenamep, - int *buflen); bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, @@ -136,17 +134,6 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return gpfs_putacl_fn(pathname, flags, acl); } -int smbd_gpfs_get_realfilename_path(char *pathname, char *filenamep, - int *buflen) -{ - if (gpfs_get_realfilename_path_fn == NULL) { - errno = ENOSYS; - return -1; - } - - return gpfs_get_realfilename_path_fn(pathname, filenamep, buflen); -} - static bool init_gpfs_function_lib(void *plibhandle_pointer, const char *libname, void *pfn_pointer, const char *fn_name) @@ -155,9 +142,6 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **libhandle_pointer = (void **)plibhandle_pointer; void **fn_pointer = (void **)pfn_pointer; - DEBUG(10, ("trying to load name %s from %s\n", - fn_name, libname)); - if (*libhandle_pointer == NULL) { *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); did_open_here = true; @@ -203,8 +187,6 @@ void init_gpfs(void) init_gpfs_function(&gpfs_set_lease_fn, "gpfs_set_lease"); init_gpfs_function(&gpfs_getacl_fn, "gpfs_getacl"); init_gpfs_function(&gpfs_putacl_fn, "gpfs_putacl"); - init_gpfs_function(&gpfs_get_realfilename_path_fn, - "gpfs_get_realfilename_path"); gpfs_share_modes = lp_parm_bool(-1, "gpfs", "sharemodes", True); gpfs_leases = lp_parm_bool(-1, "gpfs", "leases", True); @@ -244,13 +226,6 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return -1; } -int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep, - int *buflen) -{ - errno = ENOSYS; - return -1; -} - void init_gpfs(void) { return; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 780bd9b8a5..5cadce9e1d 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -72,64 +72,7 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, return ret; } -static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle, - const char *path, - const char *name, - TALLOC_CTX *mem_ctx, - char **found_name) -{ - int result; - char *full_path; - char real_pathname[PATH_MAX+1]; - int buflen; - - full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name); - if (full_path == NULL) { - errno = ENOMEM; - return -1; - } - - buflen = sizeof(real_pathname) - 1; - - result = smbd_gpfs_get_realfilename_path(full_path, real_pathname, - &buflen); - - TALLOC_FREE(full_path); - - if (result == -1) { - DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n", - strerror(errno))); - return -1; - } - - /* - * GPFS does not necessarily null-terminate the returned path - * but instead returns the buffer length in buflen. - */ - if (buflen < sizeof(real_pathname)) { - real_pathname[buflen] = '\0'; - } else { - real_pathname[sizeof(real_pathname)-1] = '\0'; - } - - DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n", - path, name, real_pathname)); - - name = strrchr_m(real_pathname, '/'); - if (name == NULL) { - errno = ENOENT; - return -1; - } - - *found_name = talloc_strdup(mem_ctx, name+1); - if (*found_name == NULL) { - errno = ENOMEM; - return -1; - } - - return 0; -} static void gpfs_dumpacl(int level, struct gpfs_acl *gacl) { @@ -879,10 +822,6 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - { SMB_VFS_OP(vfs_gpfs_get_real_filename), - SMB_VFS_OP_GET_REAL_FILENAME, - SMB_VFS_LAYER_OPAQUE }, - { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 8d641826595e3be8864097d4aea7a76879c173d6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:14:16 +0100 Subject: Revert "Fix nonempty blank lines in vfs_gpfs.c" This reverts commit a4b52118d44906882677ed1234428d8025134036. --- source3/modules/vfs_gpfs.c | 105 ++++++++++++++++++++++++--------------------- 1 file changed, 55 insertions(+), 50 deletions(-) (limited to 'source3') diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 5cadce9e1d..a9e7a84249 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1,24 +1,26 @@ /* Unix SMB/CIFS implementation. Wrap gpfs calls in vfs functions. - + Copyright (C) Christian Ambach 2006 - + Major code contributions by Chetan Shringarpure and Gomati Mohanan - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . + + */ #include "includes.h" @@ -53,14 +55,14 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, int leasetype) { int ret; - + START_PROFILE(syscall_linux_setlease); - + if ( linux_set_lease_sighandler(fsp->fh->fd) == -1) return -1; ret = set_gpfs_lease(fsp->fh->fd,leasetype); - + if ( ret < 0 ) { /* This must have come from GPFS not being available */ /* or some other error, hence call the default */ @@ -299,13 +301,13 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) gace->aceType = aceprop->aceType; gace->aceFlags = aceprop->aceFlags; gace->aceMask = aceprop->aceMask; - + /* * GPFS can't distinguish between WRITE and APPEND on * files, so one being set without the other is an * error. Sorry for the many ()'s :-) */ - + if (!fsp->is_directory && ((((gace->aceMask & ACE4_MASK_WRITE) == 0) @@ -321,9 +323,9 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) fsp->fsp_name)); gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND; } - + gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0; - + if (aceprop->flags&SMB_ACE4_ID_SPECIAL) { switch(aceprop->who.special_id) @@ -481,7 +483,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) errno = EINVAL; goto done; } - + DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n", pacl->acl_len, pacl->acl_level, pacl->acl_version, pacl->acl_nace)); @@ -500,6 +502,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) } SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, + const char *path_p, SMB_ACL_TYPE_T type) { @@ -559,7 +562,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, for (i=0; icount; i++) { const struct smb_acl_entry *ace = &pacl->acl[i]; struct gpfs_ace_v1 *g_ace = &result->ace_v1[i]; - + DEBUG(10, ("Converting type %d perm %x\n", (int)ace->a_type, (int)ace->a_perm)); @@ -614,6 +617,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, } int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle, + const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) @@ -640,6 +644,7 @@ int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle, } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle, + const char *path) { errno = ENOTSUP; @@ -661,11 +666,11 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) uint32_t posix_mask = 0x01; uint32_t posix_bit; uint32_t nfs4_bits; - + for(i=0; i<3; i++) { nfs4_bits = posix_nfs4map[i]; posix_bit = rwx & posix_mask; - + if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { if (posix_bit) aceMask |= nfs4_bits; @@ -678,10 +683,10 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) else aceMask &= ~nfs4_bits; } /* other ace types are unexpected */ - + posix_mask <<= 1; } - + return aceMask; } @@ -693,30 +698,30 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) int i; files_struct fake_fsp; /* TODO: rationalize parametrization */ SMB4ACE_T *smbace; - + DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode)); - + result = gpfs_get_nfs4_acl(path, &pacl); if (result) return result; - + if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) { DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path)); } - + for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) { SMB_ACE4PROP_T *ace = smb_get_ace4(smbace); uint32_t specid = ace->who.special_id; - + if (ace->flags&SMB_ACE4_ID_SPECIAL && ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE && specid <= SMB_ACE4_WHO_EVERYONE) { - + uint32_t newMask; - + if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) haveAllowEntry[specid] = True; - + /* mode >> 6 for @owner, mode >> 3 for @group, * mode >> 0 for @everyone */ newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask, @@ -735,35 +740,35 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) */ for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) { SMB_ACE4PROP_T ace; - + if (haveAllowEntry[i]==True) continue; - + ZERO_STRUCT(ace); ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE; ace.flags |= SMB_ACE4_ID_SPECIAL; ace.who.special_id = i; - + if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */ ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - + ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask, mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3)); - + /* don't add unnecessary aces */ if (!ace.aceMask) continue; - + /* we add it to the END - as windows expects allow aces */ smb_add_ace4(pacl, &ace); DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n", path, mode, i, ace.aceMask)); } - + /* don't add complementary DENY ACEs here */ ZERO_STRUCT(fake_fsp); fake_fsp.fsp_name = (char *)path; /* no file_new is needed here */ - + /* put the acl */ if (gpfsacl_process_smbacl(&fake_fsp, pacl) == False) return -1; @@ -774,11 +779,11 @@ static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mo { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_STAT(handle, path, &st) != 0) { return -1; } - + /* avoid chmod() if possible, to preserve acls */ if ((st.st_mode & ~S_IFMT) == mode) { return 0; @@ -794,7 +799,7 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) { return -1; } @@ -813,27 +818,27 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t /* VFS operations structure */ static vfs_op_tuple gpfs_op_tuples[] = { - + { SMB_VFS_OP(vfs_gpfs_kernel_flock), SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(vfs_gpfs_setlease), SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, @@ -841,27 +846,27 @@ static vfs_op_tuple gpfs_op_tuples[] = { { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_chmod), SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_fchmod), SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_TRANSPARENT }, @@ -875,7 +880,7 @@ NTSTATUS vfs_gpfs_init(void); NTSTATUS vfs_gpfs_init(void) { init_gpfs(); - + return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs", gpfs_op_tuples); } -- cgit From 7c2bdead9e3e4436e427668a16df367e14885cbc Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:14:46 +0100 Subject: Revert "Fix some merge omissions for GPFS" This reverts commit a0efc4cffbd84898c454d27eaf946d073dfdad0f. This one should have been done with careful cherry-picks, sorry. Volker --- source3/modules/gpfs.c | 10 +++++----- source3/modules/vfs_gpfs.c | 13 ++----------- 2 files changed, 7 insertions(+), 16 deletions(-) (limited to 'source3') diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index c4b2518e02..4e76b97ccf 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -43,7 +43,7 @@ bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, if (!gpfs_share_modes) { return True; } - + if (gpfs_set_share_fn == NULL) { return False; } @@ -104,7 +104,7 @@ int set_gpfs_lease(int fd, int leasetype) if (leasetype == F_WRLCK) { gpfs_type = GPFS_LEASE_WRITE; } - + /* we unconditionally set CAP_LEASE, rather than looking for -1/EACCES as there is a bug in some versions of libgpfs_gpl.so which results in a leaked fd on /dev/ss0 @@ -143,7 +143,7 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **fn_pointer = (void **)pfn_pointer; if (*libhandle_pointer == NULL) { - *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); + *libhandle_pointer = dlopen(libname, RTLD_LAZY); did_open_here = true; } if (*libhandle_pointer == NULL) { @@ -151,12 +151,12 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, return false; } - *fn_pointer = sys_dlsym(*libhandle_pointer, fn_name); + *fn_pointer = dlsym(*libhandle_pointer, fn_name); if (*fn_pointer == NULL) { DEBUG(10, ("Did not find symbol %s in lib %s\n", fn_name, libname)); if (did_open_here) { - sys_dlclose(*libhandle_pointer); + dlclose(*libhandle_pointer); *libhandle_pointer = NULL; } return false; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index a9e7a84249..fa0b4e97a5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -365,7 +365,7 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { struct gpfs_acl *acl; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -386,12 +386,7 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_i return result; } -static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) -{ - return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); -} - -static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } @@ -839,10 +834,6 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_set_nt_acl), - SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 94c44fcb6b9c67d3fac39b290c05c718b2980443 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Tue, 9 Dec 2008 13:18:06 +0100 Subject: Move the doxygen comments of wbclient to the header file. So that a developer who wants to use the wbclient api can read the documentation in the header file. Signed-off-by: Andreas Schneider Signed-off-by: Michael Adam --- source3/nsswitch/libwbclient/wbc_guid.c | 18 +- source3/nsswitch/libwbclient/wbc_idmap.c | 131 +-------- source3/nsswitch/libwbclient/wbc_pam.c | 96 +----- source3/nsswitch/libwbclient/wbc_pwd.c | 99 +------ source3/nsswitch/libwbclient/wbc_sid.c | 61 +--- source3/nsswitch/libwbclient/wbc_util.c | 78 +---- source3/nsswitch/libwbclient/wbclient.c | 8 +- source3/nsswitch/libwbclient/wbclient.h | 488 +++++++++++++++++++++++++++++-- 8 files changed, 524 insertions(+), 455 deletions(-) (limited to 'source3') diff --git a/source3/nsswitch/libwbclient/wbc_guid.c b/source3/nsswitch/libwbclient/wbc_guid.c index 0cb33e9868..c343e24351 100644 --- a/source3/nsswitch/libwbclient/wbc_guid.c +++ b/source3/nsswitch/libwbclient/wbc_guid.c @@ -24,14 +24,7 @@ #include "libwbclient.h" -/** @brief Convert a binary GUID to a character string - * - * @param guid Binary Guid - * @param **guid_string Resulting character string - * - * @return #wbcErr - **/ - +/* Convert a binary GUID to a character string */ wbcErr wbcGuidToString(const struct wbcGuid *guid, char **guid_string) { @@ -59,14 +52,7 @@ done: return wbc_status; } -/** @brief Convert a character string to a binary GUID - * - * @param *str Character string - * @param guid Resulting binary GUID - * - * @return #wbcErr - **/ - +/* @brief Convert a character string to a binary GUID */ wbcErr wbcStringToGuid(const char *str, struct wbcGuid *guid) { diff --git a/source3/nsswitch/libwbclient/wbc_idmap.c b/source3/nsswitch/libwbclient/wbc_idmap.c index 81b369c87c..5b2ab875f6 100644 --- a/source3/nsswitch/libwbclient/wbc_idmap.c +++ b/source3/nsswitch/libwbclient/wbc_idmap.c @@ -24,15 +24,7 @@ #include "libwbclient.h" -/** @brief Convert a Windows SID to a Unix uid, allocating an uid if needed - * - * @param *sid Pointer to the domain SID to be resolved - * @param *puid Pointer to the resolved uid_t value - * - * @return #wbcErr - * - **/ - +/* Convert a Windows SID to a Unix uid, allocating an uid if needed */ wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) { struct winbindd_request request; @@ -71,30 +63,14 @@ wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) return wbc_status; } -/** @brief Convert a Windows SID to a Unix uid if there already is a mapping - * - * @param *sid Pointer to the domain SID to be resolved - * @param *puid Pointer to the resolved uid_t value - * - * @return #wbcErr - * - **/ - +/* Convert a Windows SID to a Unix uid if there already is a mapping */ wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid, uid_t *puid) { return WBC_ERR_NOT_IMPLEMENTED; } -/** @brief Convert a Unix uid to a Windows SID, allocating a SID if needed - * - * @param uid Unix uid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix uid to a Windows SID, allocating a SID if needed */ wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -127,15 +103,7 @@ done: return wbc_status; } -/** @brief Convert a Unix uid to a Windows SID if there already is a mapping - * - * @param uid Unix uid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix uid to a Windows SID if there already is a mapping */ wbcErr wbcQueryUidToSid(uid_t uid, struct wbcDomainSid *sid) { @@ -189,14 +157,7 @@ wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid) return wbc_status; } -/** @brief Convert a Windows SID to a Unix gid if there already is a mapping - * - * @param *sid Pointer to the domain SID to be resolved - * @param *pgid Pointer to the resolved gid_t value - * - * @return #wbcErr - * - **/ +/* Convert a Windows SID to a Unix gid if there already is a mapping */ wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, gid_t *pgid) @@ -204,15 +165,7 @@ wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, return WBC_ERR_NOT_IMPLEMENTED; } -/** @brief Convert a Unix gid to a Windows SID, allocating a SID if needed - * - * @param gid Unix gid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix gid to a Windows SID, allocating a SID if needed */ wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid) { struct winbindd_request request; @@ -245,28 +198,14 @@ done: return wbc_status; } -/** @brief Convert a Unix gid to a Windows SID if there already is a mapping - * - * @param gid Unix gid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix gid to a Windows SID if there already is a mapping */ wbcErr wbcQueryGidToSid(gid_t gid, struct wbcDomainSid *sid) { return WBC_ERR_NOT_IMPLEMENTED; } -/** @brief Obtain a new uid from Winbind - * - * @param *puid *pointer to the allocated uid - * - * @return #wbcErr - **/ - +/* Obtain a new uid from Winbind */ wbcErr wbcAllocateUid(uid_t *puid) { struct winbindd_request request; @@ -296,13 +235,7 @@ wbcErr wbcAllocateUid(uid_t *puid) return wbc_status; } -/** @brief Obtain a new gid from Winbind - * - * @param *pgid Pointer to the allocated gid - * - * @return #wbcErr - **/ - +/* Obtain a new gid from Winbind */ wbcErr wbcAllocateGid(gid_t *pgid) { struct winbindd_request request; @@ -336,13 +269,7 @@ wbcErr wbcAllocateGid(gid_t *pgid) #define _ID_TYPE_UID 1 #define _ID_TYPE_GID 2 -/** @brief Set an user id mapping - * - * @param uid Uid of the desired mapping. - * @param *sid Pointer to the sid of the diresired mapping. - * - * @return #wbcErr - **/ +/* Set an user id mapping */ wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -379,13 +306,7 @@ wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Set a group id mapping - * - * @param gid Gid of the desired mapping. - * @param *sid Pointer to the sid of the diresired mapping. - * - * @return #wbcErr - **/ +/* Set a group id mapping */ wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -422,13 +343,7 @@ wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Remove a user id mapping - * - * @param uid Uid of the mapping to remove. - * @param *sid Pointer to the sid of the mapping to remove. - * - * @return #wbcErr - **/ +/* Remove a user id mapping */ wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -465,13 +380,7 @@ wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Remove a group id mapping - * - * @param gid Gid of the mapping to remove. - * @param *sid Pointer to the sid of the mapping to remove. - * - * @return #wbcErr - **/ +/* Remove a group id mapping */ wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -508,12 +417,7 @@ wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Set the highwater mark for allocated uids. - * - * @param uid_hwm The new uid highwater mark value - * - * @return #wbcErr - **/ +/* Set the highwater mark for allocated uids. */ wbcErr wbcSetUidHwm(uid_t uid_hwm) { struct winbindd_request request; @@ -538,12 +442,7 @@ wbcErr wbcSetUidHwm(uid_t uid_hwm) return wbc_status; } -/** @brief Set the highwater mark for allocated gids. - * - * @param gid_hwm The new gid highwater mark value - * - * @return #wbcErr - **/ +/* Set the highwater mark for allocated gids. */ wbcErr wbcSetGidHwm(gid_t gid_hwm) { struct winbindd_request request; diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c index 401d2ad2c3..92c6643631 100644 --- a/source3/nsswitch/libwbclient/wbc_pam.c +++ b/source3/nsswitch/libwbclient/wbc_pam.c @@ -24,14 +24,7 @@ #include "libwbclient.h" -/** @brief Authenticate a username/password pair - * - * @param username Name of user to authenticate - * @param password Clear text password os user - * - * @return #wbcErr - **/ - +/* Authenticate a username/password pair */ wbcErr wbcAuthenticateUser(const char *username, const char *password) { @@ -305,16 +298,7 @@ done: return wbc_status; } -/** @brief Authenticate with more detailed information - * - * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH - * is not supported yet - * @param info Output details on WBC_ERR_SUCCESS - * @param error Output details on WBC_ERR_AUTH_ERROR - * - * @return #wbcErr - **/ - +/* Authenticate with more detailed information */ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, struct wbcAuthUserInfo **info, struct wbcAuthErrorInfo **error) @@ -496,16 +480,7 @@ done: return wbc_status; } -/** @brief Trigger a verification of the trust credentials of a specific domain - * - * @param *domain The name of the domain, only NULL for the default domain is - * supported yet. Other values than NULL will result in - * WBC_ERR_NOT_IMPLEMENTED. - * @param error Output details on WBC_ERR_AUTH_ERROR - * - * @return #wbcErr - * - **/ +/* Trigger a verification of the trust credentials of a specific domain */ wbcErr wbcCheckTrustCredentials(const char *domain, struct wbcAuthErrorInfo **error) { @@ -547,15 +522,7 @@ wbcErr wbcCheckTrustCredentials(const char *domain, return wbc_status; } -/** @brief Trigger an extended logoff notification to Winbind for a specific user - * - * @param params A wbcLogoffUserParams structure - * @param error User output details on error - * - * @return #wbcErr - * - **/ - +/* Trigger an extended logoff notification to Winbind for a specific user */ wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, struct wbcAuthErrorInfo **error) { @@ -642,18 +609,7 @@ wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, return wbc_status; } -/** @brief Trigger a logoff notification to Winbind for a specific user - * - * @param username Name of user to remove from Winbind's list of - * logged on users. - * @param uid Uid assigned to the username - * @param ccfilename Absolute path to the Krb5 credentials cache to - * be removed - * - * @return #wbcErr - * - **/ - +/* Trigger a logoff notification to Winbind for a specific user */ wbcErr wbcLogoffUser(const char *username, uid_t uid, const char *ccfilename) @@ -693,16 +649,7 @@ wbcErr wbcLogoffUser(const char *username, return wbc_status; } -/** @brief Change a password for a user with more detailed information upon - * failure - * @param params Input parameters - * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED - * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED - * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED - * - * @return #wbcErr - **/ - +/* Change a password for a user with more detailed information upon failure */ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, struct wbcAuthErrorInfo **error, enum wbcPasswordChangeRejectReason *reject_reason, @@ -907,15 +854,7 @@ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, return wbc_status; } -/** @brief Change a password for a user - * - * @param username Name of user to authenticate - * @param old_password Old clear text password of user - * @param new_password New clear text password of user - * - * @return #wbcErr - **/ - +/* Change a password for a user */ wbcErr wbcChangeUserPassword(const char *username, const char *old_password, const char *new_password) @@ -940,17 +879,7 @@ done: return wbc_status; } -/** @brief Logon a User - * - * @param[in] params Pointer to a wbcLogonUserParams structure - * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure - * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure - * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure - * - * @return #wbcErr - * - **/ - +/* Logon a User */ wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, struct wbcLogonUserInfo **info, struct wbcAuthErrorInfo **error, @@ -1096,14 +1025,7 @@ done: return wbc_status; } -/** @brief Authenticate a user with cached credentials - * - * @param *params Pointer to a wbcCredentialCacheParams structure - * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure - * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure - * - * @return #wbcErr - **/ +/* Authenticate a user with cached credentials */ wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, struct wbcCredentialCacheInfo **info, struct wbcAuthErrorInfo **error) diff --git a/source3/nsswitch/libwbclient/wbc_pwd.c b/source3/nsswitch/libwbclient/wbc_pwd.c index d54a5af4fc..cd945996c8 100644 --- a/source3/nsswitch/libwbclient/wbc_pwd.c +++ b/source3/nsswitch/libwbclient/wbc_pwd.c @@ -126,15 +126,7 @@ done: return grp; } -/** @brief Fill in a struct passwd* for a domain user based - * on username - * - * @param *name Username to lookup - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on username */ wbcErr wbcGetpwnam(const char *name, struct passwd **pwd) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -167,15 +159,7 @@ wbcErr wbcGetpwnam(const char *name, struct passwd **pwd) return wbc_status; } -/** @brief Fill in a struct passwd* for a domain user based - * on uid - * - * @param uid Uid to lookup - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on uid */ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -206,15 +190,7 @@ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd) return wbc_status; } -/** @brief Fill in a struct passwd* for a domain user based - * on username - * - * @param *name Username to lookup - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on username */ wbcErr wbcGetgrnam(const char *name, struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -251,15 +227,7 @@ wbcErr wbcGetgrnam(const char *name, struct group **grp) return wbc_status; } -/** @brief Fill in a struct passwd* for a domain user based - * on uid - * - * @param gid Uid to lookup - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on uid */ wbcErr wbcGetgrgid(gid_t gid, struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -309,11 +277,7 @@ static uint32_t pw_cache_idx; */ static struct winbindd_response pw_response; -/** @brief Reset the passwd iterator - * - * @return #wbcErr - **/ - +/* Reset the passwd iterator */ wbcErr wbcSetpwent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -335,11 +299,7 @@ wbcErr wbcSetpwent(void) return wbc_status; } -/** @brief Close the passwd iterator - * - * @return #wbcErr - **/ - +/* Close the passwd iterator */ wbcErr wbcEndpwent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -359,13 +319,7 @@ wbcErr wbcEndpwent(void) return wbc_status; } -/** @brief Return the next struct passwd* entry from the pwent iterator - * - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ - +/* Return the next struct passwd* entry from the pwent iterator */ wbcErr wbcGetpwent(struct passwd **pwd) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -425,11 +379,7 @@ static uint32_t gr_cache_idx; */ static struct winbindd_response gr_response; -/** @brief Reset the group iterator - * - * @return #wbcErr - **/ - +/* Reset the group iterator */ wbcErr wbcSetgrent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -451,11 +401,7 @@ wbcErr wbcSetgrent(void) return wbc_status; } -/** @brief Close the group iterator - * - * @return #wbcErr - **/ - +/* Close the group iterator */ wbcErr wbcEndgrent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -475,13 +421,7 @@ wbcErr wbcEndgrent(void) return wbc_status; } -/** @brief Return the next struct group* entry from the pwent iterator - * - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Return the next struct group* entry from the pwent iterator */ wbcErr wbcGetgrent(struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -531,15 +471,7 @@ done: return wbc_status; } -/** @brief Return the next struct group* entry from the pwent iterator - * - * This is similar to #wbcGetgrent, just that the member list is empty - * - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Return the next struct group* entry from the pwent iterator */ wbcErr wbcGetgrlist(struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -584,14 +516,7 @@ done: return wbc_status; } -/** @brief Return the unix group array belonging to the given user - * - * @param *account The given user name - * @param *num_groups Number of elements returned in the groups array - * @param **_groups Pointer to resulting gid_t array. - * - * @return #wbcErr - **/ +/* Return the unix group array belonging to the given user */ wbcErr wbcGetGroups(const char *account, uint32_t *num_groups, gid_t **_groups) diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c index 92de22e901..e2157b9609 100644 --- a/source3/nsswitch/libwbclient/wbc_sid.c +++ b/source3/nsswitch/libwbclient/wbc_sid.c @@ -25,14 +25,7 @@ #include "libwbclient.h" -/** @brief Convert a binary SID to a character string - * - * @param sid Binary Security Identifier - * @param **sid_string Resulting character string - * - * @return #wbcErr - **/ - +/* Convert a binary SID to a character string */ wbcErr wbcSidToString(const struct wbcDomainSid *sid, char **sid_string) { @@ -73,14 +66,7 @@ done: return wbc_status; } -/** @brief Convert a character string to a binary SID - * - * @param *str Character string in the form of S-... - * @param sid Resulting binary SID - * - * @return #wbcErr - **/ - +/* Convert a character string to a binary SID */ wbcErr wbcStringToSid(const char *str, struct wbcDomainSid *sid) { @@ -163,17 +149,7 @@ done: } -/** @brief Convert a domain and name to SID - * - * @param domain Domain name (possibly "") - * @param name User or group name - * @param *sid Pointer to the resolved domain SID - * @param *name_type Pointer to the SID type - * - * @return #wbcErr - * - **/ - +/* Convert a domain and name to SID */ wbcErr wbcLookupName(const char *domain, const char *name, struct wbcDomainSid *sid, @@ -216,17 +192,7 @@ wbcErr wbcLookupName(const char *domain, return wbc_status; } -/** @brief Convert a SID to a domain and name - * - * @param *sid Pointer to the domain SID to be resolved - * @param pdomain Resolved Domain name (possibly "") - * @param pname Resolved User or group name - * @param *pname_type Pointer to the resolved SID type - * - * @return #wbcErr - * - **/ - +/* Convert a SID to a domain and name */ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, char **pdomain, char **pname, @@ -310,9 +276,7 @@ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, return wbc_status; } -/** @brief Translate a collection of RIDs within a domain to names - * - **/ +/* Translate a collection of RIDs within a domain to names */ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, int num_rids, @@ -448,10 +412,7 @@ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, return wbc_status; } -/** @brief Get the groups a user belongs to - * - **/ - +/* Get the groups a user belongs to */ wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, bool domain_groups_only, uint32_t *num_sids, @@ -530,10 +491,7 @@ wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, return wbc_status; } -/** @brief Lists Users - * - **/ - +/* Lists Users */ wbcErr wbcListUsers(const char *domain_name, uint32_t *_num_users, const char ***_users) @@ -601,10 +559,7 @@ wbcErr wbcListUsers(const char *domain_name, return wbc_status; } -/** @brief Lists Groups - * - **/ - +/* Lists Groups */ wbcErr wbcListGroups(const char *domain_name, uint32_t *_num_groups, const char ***_groups) diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c index b4868748ae..7cfb64b87e 100644 --- a/source3/nsswitch/libwbclient/wbc_util.c +++ b/source3/nsswitch/libwbclient/wbc_util.c @@ -119,16 +119,7 @@ done: } -/** @brief Lookup the current status of a trusted domain - * - * @param domain Domain to query - * @param *dinfo Pointer to returned domain_info struct - * - * @return #wbcErr - * - **/ - - +/* Lookup the current status of a trusted domain */ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) { struct winbindd_request request; @@ -189,14 +180,7 @@ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) } -/** @brief Resolve a NetbiosName via WINS - * - * @param name Name to resolve - * @param *ip Pointer to the ip address string - * - * @return #wbcErr - * - **/ +/* Resolve a NetbiosName via WINS */ wbcErr wbcResolveWinsByName(const char *name, char **ip) { struct winbindd_request request; @@ -229,14 +213,7 @@ wbcErr wbcResolveWinsByName(const char *name, char **ip) return wbc_status; } -/** @brief Resolve an IP address via WINS into a NetbiosName - * - * @param ip The ip address string - * @param *name Pointer to the name - * - * @return #wbcErr - * - **/ +/* Resolve an IP address via WINS into a NetbiosName */ wbcErr wbcResolveWinsByIP(const char *ip, char **name) { struct winbindd_request request; @@ -401,14 +378,7 @@ static wbcErr process_domain_info_string(TALLOC_CTX *ctx, return wbc_status; } -/** @brief Enumerate the domain trusts known by Winbind - * - * @param **domains Pointer to the allocated domain list array - * @param *num_domains Pointer to number of domains returned - * - * @return #wbcErr - * - **/ +/* Enumerate the domain trusts known by Winbind */ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) { struct winbindd_response response; @@ -493,18 +463,7 @@ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) return wbc_status; } -/** @brief Enumerate the domain trusts known by Winbind - * - * @param domain Name of the domain to query for a DC - * @param flags Bit flags used to control the domain location query - * @param *dc_info Pointer to the returned domain controller information - * - * @return #wbcErr - * - **/ - - - +/* Enumerate the domain trusts known by Winbind */ wbcErr wbcLookupDomainController(const char *domain, uint32_t flags, struct wbcDomainControllerInfo **dc_info) @@ -617,18 +576,7 @@ done: return wbc_status; } -/** @brief Get extended domain controller information - * - * @param domain Name of the domain to query for a DC - * @param guid Guid of the domain to query for a DC - * @param site Site of the domain to query for a DC - * @param flags Bit flags used to control the domain location query - * @param *dc_info Pointer to the returned extended domain controller information - * - * @return #wbcErr - * - **/ - +/* Get extended domain controller information */ wbcErr wbcLookupDomainControllerEx(const char *domain, struct wbcGuid *guid, const char *site, @@ -690,19 +638,7 @@ done: return wbc_status; } -/** @brief Initialize a named blob and add to list of blobs - * - * @param[in,out] num_blobs Pointer to the number of blobs - * @param[in,out] blobs Pointer to an array of blobs - * @param[in] name Name of the new named blob - * @param[in] flags Flags of the new named blob - * @param[in] data Blob data of new blob - * @param[in] length Blob data length of new blob - * - * @return #wbcErr - * - **/ - +/* Initialize a named blob and add to list of blobs */ wbcErr wbcAddNamedBlob(size_t *num_blobs, struct wbcNamedBlob **blobs, const char *name, diff --git a/source3/nsswitch/libwbclient/wbclient.c b/source3/nsswitch/libwbclient/wbclient.c index c0b7e0675a..3a9afad15d 100644 --- a/source3/nsswitch/libwbclient/wbclient.c +++ b/source3/nsswitch/libwbclient/wbclient.c @@ -123,13 +123,7 @@ const char *wbcErrorString(wbcErr error) return "unknown wbcErr value"; } -/** @brief Free library allocated memory - * - * @param *p Pointer to free - * - * @return void - **/ - +/* Free library allocated memory */ void wbcFreeMemory(void *p) { if (p) diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h index cb31360407..fcad3ff69b 100644 --- a/source3/nsswitch/libwbclient/wbclient.h +++ b/source3/nsswitch/libwbclient/wbclient.h @@ -486,10 +486,17 @@ struct wbcDomainControllerInfoEx { const char *client_site_name; }; -/* +/********************************************************** * Memory Management - */ + **********************************************************/ +/** + * @brief Free library allocated memory + * + * @param *p Pointer to free + * + * @return void + **/ void wbcFreeMemory(void*); @@ -497,9 +504,25 @@ void wbcFreeMemory(void*); * Utility functions for dealing with SIDs */ +/** + * @brief Convert a binary SID to a character string + * + * @param sid Binary Security Identifier + * @param **sid_string Resulting character string + * + * @return #wbcErr + **/ wbcErr wbcSidToString(const struct wbcDomainSid *sid, char **sid_string); +/** + * @brief Convert a character string to a binary SID + * + * @param *str Character string in the form of S-... + * @param sid Resulting binary SID + * + * @return #wbcErr + **/ wbcErr wbcStringToSid(const char *sid_string, struct wbcDomainSid *sid); @@ -507,32 +530,76 @@ wbcErr wbcStringToSid(const char *sid_string, * Utility functions for dealing with GUIDs */ +/** + * @brief Convert a binary GUID to a character string + * + * @param guid Binary Guid + * @param **guid_string Resulting character string + * + * @return #wbcErr + **/ wbcErr wbcGuidToString(const struct wbcGuid *guid, char **guid_string); +/** + * @brief Convert a character string to a binary GUID + * + * @param *str Character string + * @param guid Resulting binary GUID + * + * @return #wbcErr + **/ wbcErr wbcStringToGuid(const char *guid_string, struct wbcGuid *guid); +/** + * @brief Ping winbindd to see if the daemon is running + * + * @return #wbcErr + **/ wbcErr wbcPing(void); wbcErr wbcLibraryDetails(struct wbcLibraryDetails **details); wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **details); -/* +/********************************************************** * Name/SID conversion - */ + **********************************************************/ +/** + * @brief Convert a domain and name to SID + * + * @param domain Domain name (possibly "") + * @param name User or group name + * @param *sid Pointer to the resolved domain SID + * @param *name_type Pointer to the SID type + * + * @return #wbcErr + **/ wbcErr wbcLookupName(const char *dom_name, const char *name, struct wbcDomainSid *sid, enum wbcSidType *name_type); +/** + * @brief Convert a SID to a domain and name + * + * @param *sid Pointer to the domain SID to be resolved + * @param pdomain Resolved Domain name (possibly "") + * @param pname Resolved User or group name + * @param *pname_type Pointer to the resolved SID type + * + * @return #wbcErr + **/ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, char **domain, char **name, enum wbcSidType *name_type); +/** + * @brief Translate a collection of RIDs within a domain to names + */ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, int num_rids, uint32_t *rids, @@ -540,15 +607,24 @@ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, const char ***names, enum wbcSidType **types); +/* + * @brief Get the groups a user belongs to + **/ wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, bool domain_groups_only, uint32_t *num_sids, struct wbcDomainSid **sids); +/** + * @brief Lists Users + **/ wbcErr wbcListUsers(const char *domain_name, uint32_t *num_users, const char ***users); +/** + * @brief Lists Groups + **/ wbcErr wbcListGroups(const char *domain_name, uint32_t *num_groups, const char ***groups); @@ -558,88 +634,324 @@ wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid, char **pfullname, enum wbcSidType *pname_type); -/* +/********************************************************** * SID/uid/gid Mappings - */ + **********************************************************/ +/** + * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed + * + * @param *sid Pointer to the domain SID to be resolved + * @param *puid Pointer to the resolved uid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid); +/** + * @brief Convert a Windows SID to a Unix uid if there already is a mapping + * + * @param *sid Pointer to the domain SID to be resolved + * @param *puid Pointer to the resolved uid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid, uid_t *puid); +/** + * @brief Convert a Unix uid to a Windows SID, allocating a SID if needed + * + * @param uid Unix uid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid); +/** + * @brief Convert a Unix uid to a Windows SID if there already is a mapping + * + * @param uid Unix uid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcQueryUidToSid(uid_t uid, struct wbcDomainSid *sid); +/** + * @brief Convert a Windows SID to a Unix gid, allocating a gid if needed + * + * @param *sid Pointer to the domain SID to be resolved + * @param *pgid Pointer to the resolved gid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid); +/** + * @brief Convert a Windows SID to a Unix gid if there already is a mapping + * + * @param *sid Pointer to the domain SID to be resolved + * @param *pgid Pointer to the resolved gid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, gid_t *pgid); +/** + * @brief Convert a Unix gid to a Windows SID, allocating a SID if needed + * + * @param gid Unix gid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid); +/** + * @brief Convert a Unix gid to a Windows SID if there already is a mapping + * + * @param gid Unix gid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcQueryGidToSid(gid_t gid, struct wbcDomainSid *sid); +/** + * @brief Obtain a new uid from Winbind + * + * @param *puid *pointer to the allocated uid + * + * @return #wbcErr + **/ wbcErr wbcAllocateUid(uid_t *puid); +/** + * @brief Obtain a new gid from Winbind + * + * @param *pgid Pointer to the allocated gid + * + * @return #wbcErr + **/ wbcErr wbcAllocateGid(gid_t *pgid); +/** + * @brief Set an user id mapping + * + * @param uid Uid of the desired mapping. + * @param *sid Pointer to the sid of the diresired mapping. + * + * @return #wbcErr + **/ wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid); +/** + * @brief Set a group id mapping + * + * @param gid Gid of the desired mapping. + * @param *sid Pointer to the sid of the diresired mapping. + * + * @return #wbcErr + **/ wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid); +/** + * @brief Remove a user id mapping + * + * @param uid Uid of the mapping to remove. + * @param *sid Pointer to the sid of the mapping to remove. + * + * @return #wbcErr + **/ wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid); +/** + * @brief Remove a group id mapping + * + * @param gid Gid of the mapping to remove. + * @param *sid Pointer to the sid of the mapping to remove. + * + * @return #wbcErr + **/ wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid); +/** + * @brief Set the highwater mark for allocated uids. + * + * @param uid_hwm The new uid highwater mark value + * + * @return #wbcErr + **/ wbcErr wbcSetUidHwm(uid_t uid_hwm); +/** + * @brief Set the highwater mark for allocated gids. + * + * @param gid_hwm The new gid highwater mark value + * + * @return #wbcErr + **/ wbcErr wbcSetGidHwm(gid_t gid_hwm); -/* +/********************************************************** * NSS Lookup User/Group details - */ + **********************************************************/ +/** + * @brief Fill in a struct passwd* for a domain user based + * on username + * + * @param *name Username to lookup + * @param **pwd Pointer to resulting struct passwd* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetpwnam(const char *name, struct passwd **pwd); +/** + * @brief Fill in a struct passwd* for a domain user based + * on uid + * + * @param uid Uid to lookup + * @param **pwd Pointer to resulting struct passwd* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd); +/** + * @brief Fill in a struct passwd* for a domain user based + * on username + * + * @param *name Username to lookup + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrnam(const char *name, struct group **grp); +/** + * @brief Fill in a struct passwd* for a domain user based + * on uid + * + * @param gid Uid to lookup + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrgid(gid_t gid, struct group **grp); +/** + * @brief Reset the passwd iterator + * + * @return #wbcErr + **/ wbcErr wbcSetpwent(void); +/** + * @brief Close the passwd iterator + * + * @return #wbcErr + **/ wbcErr wbcEndpwent(void); +/** + * @brief Return the next struct passwd* entry from the pwent iterator + * + * @param **pwd Pointer to resulting struct passwd* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetpwent(struct passwd **pwd); +/** + * @brief Reset the group iterator + * + * @return #wbcErr + **/ wbcErr wbcSetgrent(void); +/** + * @brief Close the group iterator + * + * @return #wbcErr + **/ wbcErr wbcEndgrent(void); +/** + * @brief Return the next struct group* entry from the pwent iterator + * + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrent(struct group **grp); +/** + * @brief Return the next struct group* entry from the pwent iterator + * + * This is similar to #wbcGetgrent, just that the member list is empty + * + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrlist(struct group **grp); +/** + * @brief Return the unix group array belonging to the given user + * + * @param *account The given user name + * @param *num_groups Number of elements returned in the groups array + * @param **_groups Pointer to resulting gid_t array. + * + * @return #wbcErr + **/ wbcErr wbcGetGroups(const char *account, uint32_t *num_groups, gid_t **_groups); -/* +/********************************************************** * Lookup Domain information - */ + **********************************************************/ +/** + * @brief Lookup the current status of a trusted domain + * + * @param domain Domain to query + * @param *dinfo Pointer to returned domain_info struct + * + * @return #wbcErr + **/ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **info); +/** + * @brief Enumerate the domain trusts known by Winbind + * + * @param **domains Pointer to the allocated domain list array + * @param *num_domains Pointer to number of domains returned + * + * @return #wbcErr + **/ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains); @@ -665,66 +977,206 @@ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, #define WBC_LOOKUP_DC_RETURN_DNS_NAME 0x40000000 #define WBC_LOOKUP_DC_RETURN_FLAT_NAME 0x80000000 +/** + * @brief Enumerate the domain trusts known by Winbind + * + * @param domain Name of the domain to query for a DC + * @param flags Bit flags used to control the domain location query + * @param *dc_info Pointer to the returned domain controller information + * + * @return #wbcErr + **/ wbcErr wbcLookupDomainController(const char *domain, uint32_t flags, struct wbcDomainControllerInfo **dc_info); +/** + * @brief Get extended domain controller information + * + * @param domain Name of the domain to query for a DC + * @param guid Guid of the domain to query for a DC + * @param site Site of the domain to query for a DC + * @param flags Bit flags used to control the domain location query + * @param *dc_info Pointer to the returned extended domain controller information + * + * @return #wbcErr + **/ wbcErr wbcLookupDomainControllerEx(const char *domain, struct wbcGuid *guid, const char *site, uint32_t flags, struct wbcDomainControllerInfoEx **dc_info); -/* +/********************************************************** * Athenticate functions - */ + **********************************************************/ +/** + * @brief Authenticate a username/password pair + * + * @param username Name of user to authenticate + * @param password Clear text password os user + * + * @return #wbcErr + **/ wbcErr wbcAuthenticateUser(const char *username, const char *password); +/** + * @brief Authenticate with more detailed information + * + * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH + * is not supported yet + * @param info Output details on WBC_ERR_SUCCESS + * @param error Output details on WBC_ERR_AUTH_ERROR + * + * @return #wbcErr + **/ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, struct wbcAuthUserInfo **info, struct wbcAuthErrorInfo **error); +/** + * @brief Logon a User + * + * @param[in] params Pointer to a wbcLogonUserParams structure + * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure + * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure + * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure + * + * @return #wbcErr + **/ wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, struct wbcLogonUserInfo **info, struct wbcAuthErrorInfo **error, struct wbcUserPasswordPolicyInfo **policy); +/** + * @brief Trigger a logoff notification to Winbind for a specific user + * + * @param username Name of user to remove from Winbind's list of + * logged on users. + * @param uid Uid assigned to the username + * @param ccfilename Absolute path to the Krb5 credentials cache to + * be removed + * + * @return #wbcErr + **/ wbcErr wbcLogoffUser(const char *username, uid_t uid, const char *ccfilename); +/** + * @brief Trigger an extended logoff notification to Winbind for a specific user + * + * @param params A wbcLogoffUserParams structure + * @param error User output details on error + * + * @return #wbcErr + **/ wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, struct wbcAuthErrorInfo **error); +/** + * @brief Change a password for a user + * + * @param username Name of user to authenticate + * @param old_password Old clear text password of user + * @param new_password New clear text password of user + * + * @return #wbcErr + **/ wbcErr wbcChangeUserPassword(const char *username, const char *old_password, const char *new_password); +/** + * @brief Change a password for a user with more detailed information upon + * failure + * + * @param params Input parameters + * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED + * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED + * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED + * + * @return #wbcErr + **/ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, struct wbcAuthErrorInfo **error, enum wbcPasswordChangeRejectReason *reject_reason, struct wbcUserPasswordPolicyInfo **policy); +/** + * @brief Authenticate a user with cached credentials + * + * @param *params Pointer to a wbcCredentialCacheParams structure + * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure + * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure + * + * @return #wbcErr + **/ wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, struct wbcCredentialCacheInfo **info, struct wbcAuthErrorInfo **error); -/* +/********************************************************** * Resolve functions - */ + **********************************************************/ + +/** + * @brief Resolve a NetbiosName via WINS + * + * @param name Name to resolve + * @param *ip Pointer to the ip address string + * + * @return #wbcErr + **/ wbcErr wbcResolveWinsByName(const char *name, char **ip); + +/** + * @brief Resolve an IP address via WINS into a NetbiosName + * + * @param ip The ip address string + * @param *name Pointer to the name + * + * @return #wbcErr + * + **/ wbcErr wbcResolveWinsByIP(const char *ip, char **name); -/* +/********************************************************** * Trusted domain functions - */ + **********************************************************/ + +/** + * @brief Trigger a verification of the trust credentials of a specific domain + * + * @param *domain The name of the domain, only NULL for the default domain is + * supported yet. Other values than NULL will result in + * WBC_ERR_NOT_IMPLEMENTED. + * @param error Output details on WBC_ERR_AUTH_ERROR + * + * @return #wbcErr + **/ wbcErr wbcCheckTrustCredentials(const char *domain, struct wbcAuthErrorInfo **error); -/* + +/********************************************************** * Helper functions - */ + **********************************************************/ + +/** + * @brief Initialize a named blob and add to list of blobs + * + * @param[in,out] num_blobs Pointer to the number of blobs + * @param[in,out] blobs Pointer to an array of blobs + * @param[in] name Name of the new named blob + * @param[in] flags Flags of the new named blob + * @param[in] data Blob data of new blob + * @param[in] length Blob data length of new blob + * + * @return #wbcErr + **/ wbcErr wbcAddNamedBlob(size_t *num_blobs, struct wbcNamedBlob **blobs, const char *name, -- cgit From 8e0cce5b38c4d12ff490eadecb028155b6eb5dce Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 1 Oct 2008 12:26:55 +0200 Subject: s3:modules/gpfs: Fix nonempty blank lines --- source3/modules/gpfs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 4e76b97ccf..7caa810c49 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -43,7 +43,7 @@ bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, if (!gpfs_share_modes) { return True; } - + if (gpfs_set_share_fn == NULL) { return False; } @@ -104,7 +104,7 @@ int set_gpfs_lease(int fd, int leasetype) if (leasetype == F_WRLCK) { gpfs_type = GPFS_LEASE_WRITE; } - + /* we unconditionally set CAP_LEASE, rather than looking for -1/EACCES as there is a bug in some versions of libgpfs_gpl.so which results in a leaked fd on /dev/ss0 -- cgit From de8bb1725540d7fd12fe76b6b0da719309b41d69 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:22:04 +0100 Subject: Fix nonempty blank lines in vfs_gpfs.c Signed-off-by: Michael Adam --- source3/modules/vfs_gpfs.c | 105 +++++++++++++++++++++------------------------ 1 file changed, 50 insertions(+), 55 deletions(-) (limited to 'source3') diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index fa0b4e97a5..187c13b009 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1,26 +1,24 @@ /* Unix SMB/CIFS implementation. Wrap gpfs calls in vfs functions. - + Copyright (C) Christian Ambach 2006 - + Major code contributions by Chetan Shringarpure and Gomati Mohanan - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . - - */ #include "includes.h" @@ -55,14 +53,14 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, int leasetype) { int ret; - + START_PROFILE(syscall_linux_setlease); - + if ( linux_set_lease_sighandler(fsp->fh->fd) == -1) return -1; ret = set_gpfs_lease(fsp->fh->fd,leasetype); - + if ( ret < 0 ) { /* This must have come from GPFS not being available */ /* or some other error, hence call the default */ @@ -301,13 +299,13 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) gace->aceType = aceprop->aceType; gace->aceFlags = aceprop->aceFlags; gace->aceMask = aceprop->aceMask; - + /* * GPFS can't distinguish between WRITE and APPEND on * files, so one being set without the other is an * error. Sorry for the many ()'s :-) */ - + if (!fsp->is_directory && ((((gace->aceMask & ACE4_MASK_WRITE) == 0) @@ -323,9 +321,9 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) fsp->fsp_name)); gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND; } - + gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0; - + if (aceprop->flags&SMB_ACE4_ID_SPECIAL) { switch(aceprop->who.special_id) @@ -478,7 +476,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) errno = EINVAL; goto done; } - + DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n", pacl->acl_len, pacl->acl_level, pacl->acl_version, pacl->acl_nace)); @@ -497,7 +495,6 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) } SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, - const char *path_p, SMB_ACL_TYPE_T type) { @@ -557,7 +554,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, for (i=0; icount; i++) { const struct smb_acl_entry *ace = &pacl->acl[i]; struct gpfs_ace_v1 *g_ace = &result->ace_v1[i]; - + DEBUG(10, ("Converting type %d perm %x\n", (int)ace->a_type, (int)ace->a_perm)); @@ -612,7 +609,6 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, } int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle, - const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) @@ -639,7 +635,6 @@ int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle, } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle, - const char *path) { errno = ENOTSUP; @@ -661,11 +656,11 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) uint32_t posix_mask = 0x01; uint32_t posix_bit; uint32_t nfs4_bits; - + for(i=0; i<3; i++) { nfs4_bits = posix_nfs4map[i]; posix_bit = rwx & posix_mask; - + if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { if (posix_bit) aceMask |= nfs4_bits; @@ -678,10 +673,10 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) else aceMask &= ~nfs4_bits; } /* other ace types are unexpected */ - + posix_mask <<= 1; } - + return aceMask; } @@ -693,30 +688,30 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) int i; files_struct fake_fsp; /* TODO: rationalize parametrization */ SMB4ACE_T *smbace; - + DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode)); - + result = gpfs_get_nfs4_acl(path, &pacl); if (result) return result; - + if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) { DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path)); } - + for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) { SMB_ACE4PROP_T *ace = smb_get_ace4(smbace); uint32_t specid = ace->who.special_id; - + if (ace->flags&SMB_ACE4_ID_SPECIAL && ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE && specid <= SMB_ACE4_WHO_EVERYONE) { - + uint32_t newMask; - + if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) haveAllowEntry[specid] = True; - + /* mode >> 6 for @owner, mode >> 3 for @group, * mode >> 0 for @everyone */ newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask, @@ -735,35 +730,35 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) */ for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) { SMB_ACE4PROP_T ace; - + if (haveAllowEntry[i]==True) continue; - + ZERO_STRUCT(ace); ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE; ace.flags |= SMB_ACE4_ID_SPECIAL; ace.who.special_id = i; - + if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */ ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - + ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask, mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3)); - + /* don't add unnecessary aces */ if (!ace.aceMask) continue; - + /* we add it to the END - as windows expects allow aces */ smb_add_ace4(pacl, &ace); DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n", path, mode, i, ace.aceMask)); } - + /* don't add complementary DENY ACEs here */ ZERO_STRUCT(fake_fsp); fake_fsp.fsp_name = (char *)path; /* no file_new is needed here */ - + /* put the acl */ if (gpfsacl_process_smbacl(&fake_fsp, pacl) == False) return -1; @@ -774,11 +769,11 @@ static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mo { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_STAT(handle, path, &st) != 0) { return -1; } - + /* avoid chmod() if possible, to preserve acls */ if ((st.st_mode & ~S_IFMT) == mode) { return 0; @@ -794,7 +789,7 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) { return -1; } @@ -813,51 +808,51 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t /* VFS operations structure */ static vfs_op_tuple gpfs_op_tuples[] = { - + { SMB_VFS_OP(vfs_gpfs_kernel_flock), SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(vfs_gpfs_setlease), SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_chmod), SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_fchmod), SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_TRANSPARENT }, @@ -871,7 +866,7 @@ NTSTATUS vfs_gpfs_init(void); NTSTATUS vfs_gpfs_init(void) { init_gpfs(); - + return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs", gpfs_op_tuples); } -- cgit From 110bb2244931d0979461e75e5ff83b2ba21e2fc4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 12:32:24 +0100 Subject: Make use of smbd_gpfs_get_realfilename_path in unix_convert (cherry picked from commit b37684ffcec4ba0beada55d37bcaf4f5e79bcd58) Signed-off-by: Michael Adam --- source3/modules/gpfs.c | 25 +++++++++++++++++++ source3/modules/vfs_gpfs.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) (limited to 'source3') diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 7caa810c49..16599005b9 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -31,6 +31,8 @@ static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny); static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType); static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl); static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl); +static int (*gpfs_get_realfilename_path_fn)(char *pathname, char *filenamep, + int *buflen); bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, @@ -134,6 +136,17 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return gpfs_putacl_fn(pathname, flags, acl); } +int smbd_gpfs_get_realfilename_path(char *pathname, char *filenamep, + int *buflen) +{ + if (gpfs_get_realfilename_path_fn == NULL) { + errno = ENOSYS; + return -1; + } + + return gpfs_get_realfilename_path_fn(pathname, filenamep, buflen); +} + static bool init_gpfs_function_lib(void *plibhandle_pointer, const char *libname, void *pfn_pointer, const char *fn_name) @@ -142,6 +155,9 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **libhandle_pointer = (void **)plibhandle_pointer; void **fn_pointer = (void **)pfn_pointer; + DEBUG(10, ("trying to load name %s from %s\n", + fn_name, libname)); + if (*libhandle_pointer == NULL) { *libhandle_pointer = dlopen(libname, RTLD_LAZY); did_open_here = true; @@ -187,6 +203,8 @@ void init_gpfs(void) init_gpfs_function(&gpfs_set_lease_fn, "gpfs_set_lease"); init_gpfs_function(&gpfs_getacl_fn, "gpfs_getacl"); init_gpfs_function(&gpfs_putacl_fn, "gpfs_putacl"); + init_gpfs_function(&gpfs_get_realfilename_path_fn, + "gpfs_get_realfilename_path"); gpfs_share_modes = lp_parm_bool(-1, "gpfs", "sharemodes", True); gpfs_leases = lp_parm_bool(-1, "gpfs", "leases", True); @@ -226,6 +244,13 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return -1; } +int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep, + int *buflen) +{ + errno = ENOSYS; + return -1; +} + void init_gpfs(void) { return; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 187c13b009..1d7cdba014 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -72,7 +72,64 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, return ret; } +static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) +{ + int result; + char *full_path; + char real_pathname[PATH_MAX+1]; + int buflen; + + full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name); + if (full_path == NULL) { + errno = ENOMEM; + return -1; + } + + buflen = sizeof(real_pathname) - 1; + + result = smbd_gpfs_get_realfilename_path(full_path, real_pathname, + &buflen); + + TALLOC_FREE(full_path); + + if (result == -1) { + DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n", + strerror(errno))); + return -1; + } + + /* + * GPFS does not necessarily null-terminate the returned path + * but instead returns the buffer length in buflen. + */ + if (buflen < sizeof(real_pathname)) { + real_pathname[buflen] = '\0'; + } else { + real_pathname[sizeof(real_pathname)-1] = '\0'; + } + + DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n", + path, name, real_pathname)); + + name = strrchr_m(real_pathname, '/'); + if (name == NULL) { + errno = ENOENT; + return -1; + } + + *found_name = talloc_strdup(mem_ctx, name+1); + if (*found_name == NULL) { + errno = ENOMEM; + return -1; + } + + return 0; +} static void gpfs_dumpacl(int level, struct gpfs_acl *gacl) { @@ -817,6 +874,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(vfs_gpfs_get_real_filename), + SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 57a9380f7b4ec25fe7bc7a8da73310ce8969e8d1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 18:17:59 +0100 Subject: Also search for -lgpfs which is available as GPL in GPFS PTF8 (cherry picked from commit 3c93c96fd0fe362c35fe8127058f94868abc9342) Signed-off-by: Michael Adam --- source3/configure.in | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'source3') diff --git a/source3/configure.in b/source3/configure.in index 40e78e89d9..b90b1b3f60 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1052,6 +1052,20 @@ if test x"$samba_cv_HAVE_GPFS" = x"yes"; then fi LIBS="$save_LIBS" +printf "%s" "checking for GPFS libs (with 3.2.1 PTF8 available as GPL)... " +save_LIBS="$LIBS" +LIBS="$LIBS -lgpfs" +AC_TRY_LINK([#include ], + [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], + samba_cv_HAVE_GPFS=yes, + samba_cv_HAVE_GPFS=no) +echo $samba_cv_HAVE_GPFS +if test x"$samba_cv_HAVE_GPFS" = x"yes"; then + AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) + default_shared_modules="$default_shared_modules vfs_gpfs" +fi +LIBS="$save_LIBS" + ############################################# # check if building on Isilon OneFS printf "%s" "checking for Isilon OneFS... " -- cgit From 1c6a87604f535f3e78f0798bb8b2a6408f2c93d9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 16:58:40 +0100 Subject: Fix the build Crap, too many trees and no instant, infinitely fast rebuild Signed-off-by: Michael Adam --- source3/include/proto.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 4feedcdb04..4028f6de52 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7896,6 +7896,9 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, char **pp_saved_last_component, SMB_STRUCT_STAT *pst); NTSTATUS check_name(connection_struct *conn, const char *name); +int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name); /* The following definitions come from smbd/files.c */ -- cgit From c4c6e1e463fe5ab8bb0e3e649d76ac5ec80900de Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 10 Dec 2008 15:29:14 -0800 Subject: Fix usrmgr opening a user object as non-root. Jeremy. --- source3/rpc_server/srv_samr_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 25bbc6eeac..f942476fe5 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2636,7 +2636,7 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p, return NT_STATUS_INVALID_HANDLE; status = access_check_samr_function(info->acc_granted, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + SAMR_USER_ACCESS_GET_ATTRIBUTES, "_samr_QueryUserInfo"); if (!NT_STATUS_IS_OK(status)) { return status; -- cgit From d7d525bc9d8bf2f3dffbbc568254c3e774944268 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 10 Dec 2008 17:03:53 -0800 Subject: Make the LookupRid access check match LookupName until we know the correct bits to use here. Jeremy. --- source3/rpc_server/srv_samr_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index f942476fe5..342f432c4e 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2079,7 +2079,7 @@ NTSTATUS _samr_LookupRids(pipes_struct *p, return NT_STATUS_INVALID_HANDLE; status = access_check_samr_function(acc_granted, - SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, + 0, /* Don't know the acc_bits yet */ "_samr_LookupRids"); if (!NT_STATUS_IS_OK(status)) { return status; -- cgit From 138283c7c1f35b77ae773aca04cd499276df96ef Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 11 Dec 2008 11:25:45 +0100 Subject: s3-libnet: fix DEBUG statement in libnet_keytab. Guenther --- source3/libnet/libnet_keytab.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c index 990f6f6a63..81956942ca 100644 --- a/source3/libnet/libnet_keytab.c +++ b/source3/libnet/libnet_keytab.c @@ -324,7 +324,7 @@ struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *c ret = krb5_kt_start_seq_get(ctx->context, ctx->keytab, &cursor); if (ret) { - DEBUG(10, ("krb5_kt_start_seq_get failed: %s", + DEBUG(10, ("krb5_kt_start_seq_get failed: %s\n", error_message(ret))); return NULL; } -- cgit From 792f769e969da156bbc6330118e200f2eae19d7c Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 11 Dec 2008 18:20:18 +0100 Subject: Build python modules by default in merged build (required for provision). --- source3/samba4.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/samba4.mk b/source3/samba4.mk index 032a3d9c35..7631112684 100644 --- a/source3/samba4.mk +++ b/source3/samba4.mk @@ -161,7 +161,7 @@ modules:: $(PLUGINS) pythonmods:: $(PYTHON_PYS) $(PYTHON_SO) -all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 +all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 pythonmods torture:: bin/smbtorture4 everything:: $(patsubst %,%4,$(BINARIES)) -- cgit From 9f69a13de7bf192a3a6fe06b5dee51e9971b59b9 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 11 Dec 2008 19:07:50 +0100 Subject: Install symlink for convenience for the samba4 setup directory. --- source3/samba4.mk | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/samba4.mk b/source3/samba4.mk index 7631112684..38d1ec2e19 100644 --- a/source3/samba4.mk +++ b/source3/samba4.mk @@ -161,9 +161,11 @@ modules:: $(PLUGINS) pythonmods:: $(PYTHON_PYS) $(PYTHON_SO) -all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 pythonmods +all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 pythonmods setup torture:: bin/smbtorture4 everything:: $(patsubst %,%4,$(BINARIES)) +setup: + @ln -sf ../source4/setup setup SELFTEST4 = $(LD_LIBPATH_OVERRIDE) $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \ --builddir=$(builddir) --srcdir=$(samba4srcdir) \ -- cgit From 3a45779f546ac0e7ca1871cdd2573bd84f952524 Mon Sep 17 00:00:00 2001 From: Dan Sledz Date: Mon, 8 Dec 2008 14:52:14 -0800 Subject: s3: Use strtoul since id types are unsigned --- source3/nsswitch/wbinfo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index d14cfe94b7..c85e210cc0 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -146,8 +146,8 @@ static bool parse_mapping_arg(char *arg, int *id, char **sid) return false; /* Because atoi() can return 0 on invalid input, which would be a valid - * UID/GID we must use strtol() and do error checking */ - *id = strtol(tmp, &endptr, 10); + * UID/GID we must use strtoul() and do error checking */ + *id = strtoul(tmp, &endptr, 10); if (endptr[0] != '\0') return false; -- cgit From 9069c849074bc13dda505d461be97dd6357637aa Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Fri, 12 Dec 2008 07:00:38 -0500 Subject: mount.cifs: allow mounts to ipv6 capable servers The current name resolution scheme in mount.cifs is IPv4 only. Expand it to be protocol-independent. Also take advantage of the fact that getaddrinfo() returns a list of addresses and have mount.cifs try each in turn until it hits one that's reachable and allows the socket to connect. Signed-off-by: Jeff Layton --- source3/client/mount.cifs.c | 221 ++++++++++++++++++++++++-------------------- 1 file changed, 120 insertions(+), 101 deletions(-) (limited to 'source3') diff --git a/source3/client/mount.cifs.c b/source3/client/mount.cifs.c index 0bc61ae38f..9f4d1d3fd0 100644 --- a/source3/client/mount.cifs.c +++ b/source3/client/mount.cifs.c @@ -80,6 +80,9 @@ #define MOUNT_PASSWD_SIZE 64 #define DOMAIN_SIZE 64 +/* currently maximum length of IPv6 address string */ +#define MAX_ADDRESS_LEN INET6_ADDRSTRLEN + const char *thisprogram; int verboseflag = 0; static int got_password = 0; @@ -189,12 +192,6 @@ static char * getusername(void) { return username; } -static char * parse_cifs_url(char * unc_name) -{ - printf("\nMounting cifs URL not implemented yet. Attempt to mount %s\n",unc_name); - return NULL; -} - static int open_cred_file(char * file_name) { char * line_buf; @@ -494,7 +491,7 @@ static int parse_options(char ** optionsp, int * filesys_flags) } else if (strncmp(data, "ip", 2) == 0) { if (!value || !*value) { printf("target ip address argument missing"); - } else if (strnlen(value, 35) < 35) { + } else if (strnlen(value, MAX_ADDRESS_LEN) <= MAX_ADDRESS_LEN) { if(verboseflag) printf("ip address %s override specified\n",value); got_ip = 1; @@ -882,23 +879,23 @@ static void replace_char(char *string, char from, char to, int maxlen) } /* Note that caller frees the returned buffer if necessary */ -static char * parse_server(char ** punc_name) +static struct addrinfo * +parse_server(char ** punc_name) { char * unc_name = *punc_name; int length = strnlen(unc_name, MAX_UNC_LEN); char * share; - char * ipaddress_string = NULL; - struct hostent * host_entry = NULL; - struct in_addr server_ipaddr; + struct addrinfo *addrlist; + int rc; if(length > (MAX_UNC_LEN - 1)) { printf("mount error: UNC name too long"); return NULL; } - if (strncasecmp("cifs://",unc_name,7) == 0) - return parse_cifs_url(unc_name+7); - if (strncasecmp("smb://",unc_name,6) == 0) { - return parse_cifs_url(unc_name+6); + if ((strncasecmp("cifs://", unc_name, 7) == 0) || + (strncasecmp("smb://", unc_name, 6) == 0)) { + printf("\nMounting cifs URL not implemented yet. Attempt to mount %s\n", unc_name); + return NULL; } if(length < 3) { @@ -939,7 +936,12 @@ continue_unc_parsing: *share = 0; /* temporarily terminate the string */ share += 1; if(got_ip == 0) { - host_entry = gethostbyname(unc_name); + rc = getaddrinfo(unc_name, NULL, NULL, &addrlist); + if (rc != 0) { + printf("mount error: could not resolve address for %s: %s\n", + unc_name, gai_strerror(rc)); + addrlist = NULL; + } } *(share - 1) = '/'; /* put delimiter back */ @@ -954,23 +956,9 @@ continue_unc_parsing: printf("ip address specified explicitly\n"); return NULL; } - if(host_entry == NULL) { - printf("mount error: could not find target server. TCP name %s not found\n", unc_name); - return NULL; - } else { - /* BB should we pass an alternate version of the share name as Unicode */ - /* BB what about ipv6? BB */ - /* BB add retries with alternate servers in list */ + /* BB should we pass an alternate version of the share name as Unicode */ - memcpy(&server_ipaddr.s_addr, host_entry->h_addr, 4); - - ipaddress_string = inet_ntoa(server_ipaddr); - if(ipaddress_string == NULL) { - printf("mount error: could not get valid ip address for target server\n"); - return NULL; - } - return ipaddress_string; - } + return addrlist; } else { /* BB add code to find DFS root (send null path on get DFS Referral to specified server here */ printf("Mounting the DFS root for a particular server not implemented yet\n"); @@ -1034,10 +1022,11 @@ int main(int argc, char ** argv) int flags = MS_MANDLOCK; /* no need to set legacy MS_MGC_VAL */ char * orgoptions = NULL; char * share_name = NULL; - char * ipaddr = NULL; + const char * ipaddr = NULL; char * uuid = NULL; char * mountpoint = NULL; char * options = NULL; + char * optionstail; char * resolved_path = NULL; char * temp; char * dev_name; @@ -1050,10 +1039,14 @@ int main(int argc, char ** argv) int optlen = 0; int orgoptlen = 0; size_t options_size = 0; + size_t current_len; int retry = 0; /* set when we have to retry mount with uppercase */ + struct addrinfo *addrhead = NULL, *addr; struct stat statbuf; struct utsname sysinfo; struct mntent mountent; + struct sockaddr_in *addr4; + struct sockaddr_in6 *addr6; FILE * pmntfile; /* setlocale(LC_ALL, ""); @@ -1245,8 +1238,8 @@ int main(int argc, char ** argv) rc = EX_USAGE; goto mount_exit; } - ipaddr = parse_server(&share_name); - if((ipaddr == NULL) && (got_ip == 0)) { + addrhead = addr = parse_server(&share_name); + if((addrhead == NULL) && (got_ip == 0)) { printf("No ip address specified and hostname not found\n"); rc = EX_USAGE; goto mount_exit; @@ -1316,7 +1309,6 @@ int main(int argc, char ** argv) } /* FIXME launch daemon (handles dfs name resolution and credential change) remember to clear parms and overwrite password field before launching */ -mount_retry: if(orgoptions) { optlen = strlen(orgoptions); orgoptlen = optlen; @@ -1331,10 +1323,10 @@ mount_retry: } if(user_name) optlen += strlen(user_name) + 6; - if(ipaddr) - optlen += strlen(ipaddr) + 4; + optlen += MAX_ADDRESS_LEN + 4; if(mountpassword) optlen += strlen(mountpassword) + 6; +mount_retry: SAFE_FREE(options); options_size = optlen + 10 + DOMAIN_SIZE; options = (char *)malloc(options_size /* space for commas in password */ + 8 /* space for domain= , domain name itself was counted as part of the length username string above */); @@ -1344,18 +1336,12 @@ mount_retry: exit(EX_SYSERR); } - options[0] = 0; - strlcpy(options,"unc=",options_size); + strlcpy(options, "unc=", options_size); strlcat(options,share_name,options_size); /* scan backwards and reverse direction of slash */ temp = strrchr(options, '/'); if(temp > options + 6) *temp = '\\'; - if(ipaddr) { - strlcat(options,",ip=",options_size); - strlcat(options,ipaddr,options_size); - } - if(user_name) { /* check for syntax like user=domain\user */ if(got_domain == 0) @@ -1397,11 +1383,42 @@ mount_retry: /* convert all '\\' to '/' in share portion so that /proc/mounts looks pretty */ replace_char(dev_name, '\\', '/', strlen(share_name)); - if(mount(dev_name, mountpoint, "cifs", flags, options)) { - /* remember to kill daemon on error */ + if (!got_ip && addr) { + strlcat(options, ",ip=", options_size); + current_len = strnlen(options, options_size); + optionstail = options + current_len; + switch (addr->ai_addr->sa_family) { + case AF_INET6: + addr6 = (struct sockaddr_in6 *) addr->ai_addr; + ipaddr = inet_ntop(AF_INET6, &addr6->sin6_addr, optionstail, + options_size - current_len); + break; + case AF_INET: + addr4 = (struct sockaddr_in *) addr->ai_addr; + ipaddr = inet_ntop(AF_INET, &addr4->sin_addr, optionstail, + options_size - current_len); + break; + } + + /* if the address looks bogus, try the next one */ + if (!ipaddr) { + addr = addr->ai_next; + if (addr) + goto mount_retry; + rc = EX_SYSERR; + goto mount_exit; + } + } + + if (mount(dev_name, mountpoint, "cifs", flags, options)) { switch (errno) { - case 0: - printf("mount failed but no error number set\n"); + case ECONNREFUSED: + case EHOSTUNREACH: + if (addr) { + addr = addr->ai_next; + if (addr) + goto mount_retry; + } break; case ENODEV: printf("mount error: cifs filesystem not supported by the system\n"); @@ -1416,64 +1433,64 @@ mount_retry: goto mount_retry; } } - default: - printf("mount error %d = %s\n",errno,strerror(errno)); } + printf("mount error(%d): %s\n", errno, strerror(errno)); printf("Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)\n"); rc = EX_FAIL; - } else { - atexit(unlock_mtab); - rc = lock_mtab(); - if (rc) { - printf("cannot lock mtab"); - goto mount_exit; - } - pmntfile = setmntent(MOUNTED, "a+"); - if (!pmntfile) { - printf("could not update mount table\n"); - unlock_mtab(); - rc = EX_FILEIO; - goto mount_exit; - } - mountent.mnt_fsname = dev_name; - mountent.mnt_dir = mountpoint; - mountent.mnt_type = CONST_DISCARD(char *,"cifs"); - mountent.mnt_opts = (char *)malloc(220); - if(mountent.mnt_opts) { - char * mount_user = getusername(); - memset(mountent.mnt_opts,0,200); - if(flags & MS_RDONLY) - strlcat(mountent.mnt_opts,"ro",220); - else - strlcat(mountent.mnt_opts,"rw",220); - if(flags & MS_MANDLOCK) - strlcat(mountent.mnt_opts,",mand",220); - if(flags & MS_NOEXEC) - strlcat(mountent.mnt_opts,",noexec",220); - if(flags & MS_NOSUID) - strlcat(mountent.mnt_opts,",nosuid",220); - if(flags & MS_NODEV) - strlcat(mountent.mnt_opts,",nodev",220); - if(flags & MS_SYNCHRONOUS) - strlcat(mountent.mnt_opts,",sync",220); - if(mount_user) { - if(getuid() != 0) { - strlcat(mountent.mnt_opts, - ",user=", 220); - strlcat(mountent.mnt_opts, - mount_user, 220); - } + goto mount_exit; + } + + atexit(unlock_mtab); + rc = lock_mtab(); + if (rc) { + printf("cannot lock mtab"); + goto mount_exit; + } + pmntfile = setmntent(MOUNTED, "a+"); + if (!pmntfile) { + printf("could not update mount table\n"); + unlock_mtab(); + rc = EX_FILEIO; + goto mount_exit; + } + mountent.mnt_fsname = dev_name; + mountent.mnt_dir = mountpoint; + mountent.mnt_type = CONST_DISCARD(char *,"cifs"); + mountent.mnt_opts = (char *)malloc(220); + if(mountent.mnt_opts) { + char * mount_user = getusername(); + memset(mountent.mnt_opts,0,200); + if(flags & MS_RDONLY) + strlcat(mountent.mnt_opts,"ro",220); + else + strlcat(mountent.mnt_opts,"rw",220); + if(flags & MS_MANDLOCK) + strlcat(mountent.mnt_opts,",mand",220); + if(flags & MS_NOEXEC) + strlcat(mountent.mnt_opts,",noexec",220); + if(flags & MS_NOSUID) + strlcat(mountent.mnt_opts,",nosuid",220); + if(flags & MS_NODEV) + strlcat(mountent.mnt_opts,",nodev",220); + if(flags & MS_SYNCHRONOUS) + strlcat(mountent.mnt_opts,",sync",220); + if(mount_user) { + if(getuid() != 0) { + strlcat(mountent.mnt_opts, + ",user=", 220); + strlcat(mountent.mnt_opts, + mount_user, 220); } } - mountent.mnt_freq = 0; - mountent.mnt_passno = 0; - rc = addmntent(pmntfile,&mountent); - endmntent(pmntfile); - unlock_mtab(); - SAFE_FREE(mountent.mnt_opts); - if (rc) - rc = EX_FILEIO; } + mountent.mnt_freq = 0; + mountent.mnt_passno = 0; + rc = addmntent(pmntfile,&mountent); + endmntent(pmntfile); + unlock_mtab(); + SAFE_FREE(mountent.mnt_opts); + if (rc) + rc = EX_FILEIO; mount_exit: if(mountpassword) { int len = strlen(mountpassword); @@ -1481,6 +1498,8 @@ mount_exit: SAFE_FREE(mountpassword); } + if (addrhead) + freeaddrinfo(addrhead); SAFE_FREE(options); SAFE_FREE(orgoptions); SAFE_FREE(resolved_path); -- cgit From 01a444b42255a98e892f4cbb29b88796285c6d36 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 12 Dec 2008 16:51:34 +0100 Subject: s3 sesssetup.c: Add missing line break to debug message. Karolin --- source3/smbd/sesssetup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 24a201013a..a24843ff64 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -915,7 +915,7 @@ static void reply_spnego_auth(struct smb_request *req, DEBUG(3,("reply_spnego_auth: network " "misconfiguration, client sent us a " "krb5 ticket and kerberos security " - "not enabled")); + "not enabled\n")); reply_nterror(req, nt_status_squash( NT_STATUS_LOGON_FAILURE)); SAFE_FREE(kerb_mech); -- cgit From 9391dad85d08bb0939f4db1472c6cf063ebea892 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 12 Dec 2008 13:47:41 +0100 Subject: Fix error code when smbclient puts a file over an existing directory Windows returns NT_STATUS_FILE_IS_A_DIRECTORY, as does Samba 3.0. 3.2 and following returned NT_STATUS_INVALID_PARAMETER which is wrong. Before I converted reply_open_and_X to create_file() we called open_file_ntcreate directly. Passing through open&X for a filename that exists as a directory ends up in open_directory after having tried open_file_ntcreate. Some check in there returns NT_STATUS_INVALID_PARAMETER. With this additional FILE_NON_DIRECTORY_FILE flag we get the correct error message back from create_file_unixpath before trying open_directory(). Survives make test, but as this also touches the other open variants I would like others to review this. Volker --- source3/smbd/open.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 77ad1664ef..1e988f65ec 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1048,7 +1048,7 @@ bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func uint32 access_mask; uint32 share_mode; uint32 create_disposition; - uint32 create_options = 0; + uint32 create_options = FILE_NON_DIRECTORY_FILE; DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, " "open_func = 0x%x\n", -- cgit From d46c1907fceea6f9738251d35db6ffd5c1f77d0f Mon Sep 17 00:00:00 2001 From: SATOH Fumiyasu Date: Fri, 12 Dec 2008 17:43:51 +0100 Subject: winbindd: vars for signals must be volatile sig_atomic_t --- source3/winbindd/winbindd.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'source3') diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 1dcc70adae..0ecf11d0e5 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -173,35 +173,35 @@ static void terminate(bool is_parent) exit(0); } -static bool do_sigterm; +static SIG_ATOMIC_T do_sigterm = 0; static void termination_handler(int signum) { - do_sigterm = True; + do_sigterm = 1; sys_select_signal(signum); } -static bool do_sigusr2; +static SIG_ATOMIC_T do_sigusr2 = 0; static void sigusr2_handler(int signum) { - do_sigusr2 = True; + do_sigusr2 = 1; sys_select_signal(SIGUSR2); } -static bool do_sighup; +static SIG_ATOMIC_T do_sighup = 0; static void sighup_handler(int signum) { - do_sighup = True; + do_sighup = 1; sys_select_signal(SIGHUP); } -static bool do_sigchld; +static SIG_ATOMIC_T do_sigchld = 0; static void sigchld_handler(int signum) { - do_sigchld = True; + do_sigchld = 1; sys_select_signal(SIGCHLD); } @@ -224,7 +224,7 @@ static void msg_shutdown(struct messaging_context *msg, struct server_id server_id, DATA_BLOB *data) { - do_sigterm = True; + do_sigterm = 1; } @@ -802,7 +802,7 @@ void winbind_check_sighup(const char *lfile) flush_caches(); reload_services_file(lfile); - do_sighup = False; + do_sighup = 0; } } @@ -977,13 +977,13 @@ static void process_loop(void) if (do_sigusr2) { print_winbindd_status(); - do_sigusr2 = False; + do_sigusr2 = 0; } if (do_sigchld) { pid_t pid; - do_sigchld = False; + do_sigchld = 0; while ((pid = sys_waitpid(-1, NULL, WNOHANG)) > 0) { winbind_child_died(pid); -- cgit From cd25b6245f8185e36a365dcf4c28e7df13090d3e Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 20:20:01 +0100 Subject: Move dom_sid to the Samba 3 IDL file, remove the old definition. --- source3/include/proto.h | 8 -- source3/include/smb.h | 13 +- source3/librpc/gen_ndr/lsa.h | 2 +- source3/librpc/gen_ndr/misc.h | 2 +- source3/librpc/gen_ndr/ndr_drsblobs.c | 10 +- source3/librpc/gen_ndr/ndr_security.c | 21 ++-- source3/librpc/gen_ndr/ndr_security.h | 4 + source3/librpc/gen_ndr/ndr_srvsvc.c | 8 +- source3/librpc/gen_ndr/ndr_srvsvc.h | 4 + source3/librpc/gen_ndr/security.h | 10 ++ source3/librpc/gen_ndr/srvsvc.h | 4 +- source3/librpc/gen_ndr/winreg.h | 2 +- source3/librpc/ndr/sid.c | 224 ---------------------------------- 13 files changed, 40 insertions(+), 272 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 4028f6de52..c813fafff5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2315,15 +2315,7 @@ void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct do /* The following definitions come from librpc/ndr/sid.c */ -enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r); -enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r); char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid); -enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); -enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); -enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); -enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); -enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); -enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); /* The following definitions come from librpc/rpc/binding.c */ diff --git a/source3/include/smb.h b/source3/include/smb.h index 112b4e0f91..891bd4aaf7 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -209,18 +209,7 @@ typedef uint32 codepoint_t; * * @sa http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/accctrl_38yn.asp **/ -typedef struct dom_sid { - uint8 sid_rev_num; /**< SID revision number */ - uint8 num_auths; /**< Number of sub-authorities */ - uint8 id_auth[6]; /**< Identifier Authority */ - /* - * Pointer to sub-authorities. - * - * @note The values in these uint32's are in *native* byteorder, not - * neccessarily little-endian...... JRA. - */ - uint32 sub_auths[MAXSUBAUTHS]; -} DOM_SID; +typedef struct dom_sid DOM_SID; enum id_mapping { ID_UNKNOWN = 0, diff --git a/source3/librpc/gen_ndr/lsa.h b/source3/librpc/gen_ndr/lsa.h index 0ccbcdf5b0..ee8a31138d 100644 --- a/source3/librpc/gen_ndr/lsa.h +++ b/source3/librpc/gen_ndr/lsa.h @@ -17,7 +17,7 @@ struct lsa_String { uint16_t length;/* [value(2*strlen_m(string))] */ uint16_t size;/* [value(2*strlen_m(string))] */ const char *string;/* [unique,charset(UTF16),length_is(length/2),size_is(size/2)] */ -}/* [public,noejs] */; +}/* [public] */; struct lsa_StringLarge { uint16_t length;/* [value(2*strlen_m(string))] */ diff --git a/source3/librpc/gen_ndr/misc.h b/source3/librpc/gen_ndr/misc.h index d1cf64e0eb..de4abdcae5 100644 --- a/source3/librpc/gen_ndr/misc.h +++ b/source3/librpc/gen_ndr/misc.h @@ -11,7 +11,7 @@ struct GUID { uint16_t time_hi_and_version; uint8_t clock_seq[2]; uint8_t node[6]; -}/* [noprint,gensize,public,noejs] */; +}/* [noprint,gensize,public] */; struct ndr_syntax_id { struct GUID uuid; diff --git a/source3/librpc/gen_ndr/ndr_drsblobs.c b/source3/librpc/gen_ndr/ndr_drsblobs.c index dd8d77ea15..d965e40bd2 100644 --- a/source3/librpc/gen_ndr/ndr_drsblobs.c +++ b/source3/librpc/gen_ndr/ndr_drsblobs.c @@ -2351,7 +2351,6 @@ static enum ndr_err_code ndr_push_AuthInfoNT4Owf(struct ndr_push *ndr, int ndr_f NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->password)); } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_push_samr_Password(ndr, NDR_BUFFERS, &r->password)); } return NDR_ERR_SUCCESS; } @@ -2364,7 +2363,6 @@ static enum ndr_err_code ndr_pull_AuthInfoNT4Owf(struct ndr_pull *ndr, int ndr_f NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->password)); } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_BUFFERS, &r->password)); } return NDR_ERR_SUCCESS; } @@ -2477,7 +2475,6 @@ static enum ndr_err_code ndr_push_AuthInfo(struct ndr_push *ndr, int ndr_flags, break; case TRUST_AUTH_TYPE_NT4OWF: - NDR_CHECK(ndr_push_AuthInfoNT4Owf(ndr, NDR_BUFFERS, &r->nt4owf)); break; case TRUST_AUTH_TYPE_CLEAR: @@ -2525,7 +2522,6 @@ static enum ndr_err_code ndr_pull_AuthInfo(struct ndr_pull *ndr, int ndr_flags, break; case TRUST_AUTH_TYPE_NT4OWF: - NDR_CHECK(ndr_pull_AuthInfoNT4Owf(ndr, NDR_BUFFERS, &r->nt4owf)); break; case TRUST_AUTH_TYPE_CLEAR: @@ -2584,7 +2580,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_AuthenticationInformation(struct ndr_push *n } } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_push_AuthInfo(ndr, NDR_BUFFERS, &r->AuthInfo)); } return NDR_ERR_SUCCESS; } @@ -2605,7 +2600,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_AuthenticationInformation(struct ndr_pull *n } } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_pull_AuthInfo(ndr, NDR_BUFFERS, &r->AuthInfo)); } return NDR_ERR_SUCCESS; } @@ -2641,7 +2635,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_trustCurrentPasswords(struct ndr_push *ndr, for (cntr_current_0 = 0; cntr_current_0 < r->count; cntr_current_0++) { if (r->current[cntr_current_0]) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->current[cntr_current_0])); - NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->current[cntr_current_0])); + NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_SCALARS, r->current[cntr_current_0])); } } } @@ -2681,7 +2675,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_trustCurrentPasswords(struct ndr_pull *ndr, NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->current[cntr_current_0])); _mem_save_current_1 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->current[cntr_current_0], 0); - NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->current[cntr_current_0])); + NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_SCALARS, r->current[cntr_current_0])); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_current_1, 0); ndr->offset = _relative_save_offset; } diff --git a/source3/librpc/gen_ndr/ndr_security.c b/source3/librpc/gen_ndr/ndr_security.c index 108f2f689c..8339a40d40 100644 --- a/source3/librpc/gen_ndr/ndr_security.c +++ b/source3/librpc/gen_ndr/ndr_security.c @@ -427,7 +427,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_ace(struct ndr_push *ndr, int ndr_f } if (ndr_flags & NDR_BUFFERS) { NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object)); - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_BUFFERS, &r->trustee)); } return NDR_ERR_SUCCESS; } @@ -621,11 +620,11 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_descriptor(struct ndr_push *ndr, in if (ndr_flags & NDR_BUFFERS) { if (r->owner_sid) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->owner_sid)); - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->owner_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->owner_sid)); } if (r->group_sid) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->group_sid)); - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->group_sid)); } if (r->sacl) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->sacl)); @@ -694,7 +693,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor(struct ndr_pull *ndr, in NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->owner_sid)); _mem_save_owner_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->owner_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->owner_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->owner_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_owner_sid_0, 0); ndr->offset = _relative_save_offset; } @@ -704,7 +703,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor(struct ndr_pull *ndr, in NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->group_sid)); _mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0); ndr->offset = _relative_save_offset; } @@ -855,14 +854,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_token(struct ndr_push *ndr, int ndr } if (ndr_flags & NDR_BUFFERS) { if (r->user_sid) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->user_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->user_sid)); } if (r->group_sid) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->group_sid)); } for (cntr_sids_0 = 0; cntr_sids_0 < r->num_sids; cntr_sids_0++) { if (r->sids[cntr_sids_0]) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids[cntr_sids_0])); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0])); } } } @@ -916,13 +915,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr if (r->user_sid) { _mem_save_user_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->user_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->user_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->user_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_sid_0, 0); } if (r->group_sid) { _mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0); } _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); @@ -931,7 +930,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr if (r->sids[cntr_sids_0]) { _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->sids[cntr_sids_0], 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids[cntr_sids_0])); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0])); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); } } diff --git a/source3/librpc/gen_ndr/ndr_security.h b/source3/librpc/gen_ndr/ndr_security.h index bddf1bd2b7..f8cbf4afa8 100644 --- a/source3/librpc/gen_ndr/ndr_security.h +++ b/source3/librpc/gen_ndr/ndr_security.h @@ -8,6 +8,10 @@ #include "librpc/gen_ndr/ndr_dom_sid.h" #define NDR_SECURITY_CALL_COUNT (0) +enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r); +enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r); +void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *r); +size_t ndr_size_dom_sid(const struct dom_sid *r, int flags); enum ndr_err_code ndr_push_security_ace_flags(struct ndr_push *ndr, int ndr_flags, uint8_t r); enum ndr_err_code ndr_pull_security_ace_flags(struct ndr_pull *ndr, int ndr_flags, uint8_t *r); void ndr_print_security_ace_flags(struct ndr_print *ndr, const char *name, uint8_t r); diff --git a/source3/librpc/gen_ndr/ndr_srvsvc.c b/source3/librpc/gen_ndr/ndr_srvsvc.c index 9ac3aa82c9..125542d14a 100644 --- a/source3/librpc/gen_ndr/ndr_srvsvc.c +++ b/source3/librpc/gen_ndr/ndr_srvsvc.c @@ -6358,7 +6358,7 @@ _PUBLIC_ void ndr_print_srvsvc_PlatformId(struct ndr_print *ndr, const char *nam ndr_print_enum(ndr, name, "ENUM", val, r); } -static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r) +_PUBLIC_ enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); @@ -6376,7 +6376,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r) +_PUBLIC_ enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r) { uint32_t _ptr_server_name; TALLOC_CTX *_mem_save_server_name_0; @@ -6421,7 +6421,7 @@ _PUBLIC_ void ndr_print_srvsvc_NetSrvInfo100(struct ndr_print *ndr, const char * ndr->depth--; } -static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r) +_PUBLIC_ enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); @@ -6449,7 +6449,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r) +_PUBLIC_ enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r) { uint32_t _ptr_server_name; TALLOC_CTX *_mem_save_server_name_0; diff --git a/source3/librpc/gen_ndr/ndr_srvsvc.h b/source3/librpc/gen_ndr/ndr_srvsvc.h index 33569d1870..126680cad0 100644 --- a/source3/librpc/gen_ndr/ndr_srvsvc.h +++ b/source3/librpc/gen_ndr/ndr_srvsvc.h @@ -186,7 +186,11 @@ void ndr_print_srvsvc_NetShareInfoCtr(struct ndr_print *ndr, const char *name, c enum ndr_err_code ndr_push_srvsvc_PlatformId(struct ndr_push *ndr, int ndr_flags, enum srvsvc_PlatformId r); enum ndr_err_code ndr_pull_srvsvc_PlatformId(struct ndr_pull *ndr, int ndr_flags, enum srvsvc_PlatformId *r); void ndr_print_srvsvc_PlatformId(struct ndr_print *ndr, const char *name, enum srvsvc_PlatformId r); +enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r); +enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r); void ndr_print_srvsvc_NetSrvInfo100(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo100 *r); +enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r); +enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r); void ndr_print_srvsvc_NetSrvInfo101(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo101 *r); void ndr_print_srvsvc_NetSrvInfo102(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo102 *r); void ndr_print_srvsvc_NetSrvInfo402(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo402 *r); diff --git a/source3/librpc/gen_ndr/security.h b/source3/librpc/gen_ndr/security.h index fe23347fdf..99e1f4b1c9 100644 --- a/source3/librpc/gen_ndr/security.h +++ b/source3/librpc/gen_ndr/security.h @@ -4,6 +4,9 @@ #include "librpc/gen_ndr/misc.h" #include "librpc/gen_ndr/dom_sid.h" +#define dom_sid2 dom_sid +#define dom_sid28 dom_sid +#define dom_sid0 dom_sid #ifndef _HEADER_security #define _HEADER_security @@ -129,6 +132,13 @@ #define DOMAIN_RID_ENTERPRISE_ADMINS ( 519 ) #define NT4_ACL_REVISION ( SECURITY_ACL_REVISION_NT4 ) #define SD_REVISION ( SECURITY_DESCRIPTOR_REVISION_1 ) +struct dom_sid { + uint8_t sid_rev_num; + int8_t num_auths;/* [range(0,15)] */ + uint8_t id_auth[6]; + uint32_t sub_auths[15]; +}/* [noprint,gensize,nopull,public,nopush,nosize] */; + enum sec_privilege #ifndef USE_UINT_ENUMS { diff --git a/source3/librpc/gen_ndr/srvsvc.h b/source3/librpc/gen_ndr/srvsvc.h index b50213bb96..6467f72a5b 100644 --- a/source3/librpc/gen_ndr/srvsvc.h +++ b/source3/librpc/gen_ndr/srvsvc.h @@ -431,7 +431,7 @@ enum srvsvc_PlatformId struct srvsvc_NetSrvInfo100 { enum srvsvc_PlatformId platform_id; const char *server_name;/* [unique,charset(UTF16)] */ -}; +}/* [public] */; struct srvsvc_NetSrvInfo101 { enum srvsvc_PlatformId platform_id; @@ -440,7 +440,7 @@ struct srvsvc_NetSrvInfo101 { uint32_t version_minor; uint32_t server_type; const char *comment;/* [unique,charset(UTF16)] */ -}; +}/* [public] */; struct srvsvc_NetSrvInfo102 { enum srvsvc_PlatformId platform_id; diff --git a/source3/librpc/gen_ndr/winreg.h b/source3/librpc/gen_ndr/winreg.h index fbbab33c8d..a98120ccf5 100644 --- a/source3/librpc/gen_ndr/winreg.h +++ b/source3/librpc/gen_ndr/winreg.h @@ -54,7 +54,7 @@ struct winreg_String { uint16_t name_len;/* [value(strlen_m_term(name)*2)] */ uint16_t name_size;/* [value(strlen_m_term(name)*2)] */ const char *name;/* [unique,charset(UTF16)] */ -}/* [public,noejs] */; +}/* [public] */; struct KeySecurityData { uint8_t *data;/* [unique,length_is(len),size_is(size)] */ diff --git a/source3/librpc/ndr/sid.c b/source3/librpc/ndr/sid.c index 39b7e3cd59..252da85929 100644 --- a/source3/librpc/ndr/sid.c +++ b/source3/librpc/ndr/sid.c @@ -21,72 +21,6 @@ #include "includes.h" -/* - return the wire size of a dom_sid -*/ -size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags) -{ - if (!sid) return 0; - return 8 + 4*sid->num_auths; -} - -size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags) -{ - struct dom_sid zero_sid; - - if (!sid) return 0; - - ZERO_STRUCT(zero_sid); - - if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { - return 0; - } - - return 8 + 4*sid->num_auths; -} - -size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags) -{ - return ndr_size_dom_sid28(sid, flags); -} - -enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r) -{ - uint32_t cntr_sub_auths_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num)); - NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths)); - NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); - for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0])); - } - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r) -{ - uint32_t cntr_sub_auths_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->num_auths)); - if (r->num_auths > 15) { - return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); - } - NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); - for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0])); - } - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - /* convert a dom_sid to a string */ @@ -123,161 +57,3 @@ char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid) return ret; } - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - uint32_t num_auths; - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths)); - NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid)); - if (sid->num_auths != num_auths) { - return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, - "Bad array size %u should exceed %u", - num_auths, sid->num_auths); - } - return NDR_ERR_SUCCESS; -} - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths)); - return ndr_push_dom_sid(ndr, ndr_flags, sid); -} - -/* - parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth -*/ -enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - enum ndr_err_code status; - struct ndr_pull *subndr; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - subndr = talloc_zero(ndr, struct ndr_pull); - NDR_ERR_HAVE_NO_MEMORY(subndr); - subndr->flags = ndr->flags; - subndr->current_mem_ctx = ndr->current_mem_ctx; - - subndr->data = ndr->data + ndr->offset; - subndr->data_size = 28; - subndr->offset = 0; - - NDR_CHECK(ndr_pull_advance(ndr, 28)); - - status = ndr_pull_dom_sid(subndr, ndr_flags, sid); - if (!NDR_ERR_CODE_IS_SUCCESS(status)) { - /* handle a w2k bug which send random data in the buffer */ - ZERO_STRUCTP(sid); - } - - return NDR_ERR_SUCCESS; -} - -/* - push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer -*/ -enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - uint32_t old_offset; - uint32_t padding; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (sid->num_auths > 5) { - return ndr_push_error(ndr, NDR_ERR_RANGE, - "dom_sid28 allows only upto 5 sub auth [%u]", - sid->num_auths); - } - - old_offset = ndr->offset; - NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid)); - - padding = 28 - (ndr->offset - old_offset); - - if (padding > 0) { - NDR_CHECK(ndr_push_zero(ndr, padding)); - } - - return NDR_ERR_SUCCESS; -} - -/* - parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty -*/ -enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (ndr->data_size == ndr->offset) { - ZERO_STRUCTP(sid); - return NDR_ERR_SUCCESS; - } - - return ndr_pull_dom_sid(ndr, ndr_flags, sid); -} - -/* - push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty -*/ -enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - struct dom_sid zero_sid; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (!sid) { - return NDR_ERR_SUCCESS; - } - - ZERO_STRUCT(zero_sid); - - if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { - return NDR_ERR_SUCCESS; - } - - return ndr_push_dom_sid(ndr, ndr_flags, sid); -} - -/* - print a dom_sid -*/ -void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid)); -} - -void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - -void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - -void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - -- cgit From fb6803119c76b88d4ade1550fca884014b18be19 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 13 Dec 2008 00:13:02 +0100 Subject: s3: remove duplicate prototypes in proto.h. Guenther --- source3/include/proto.h | 778 ------------------------------------------------ 1 file changed, 778 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 4028f6de52..09ebaa799e 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6521,70 +6521,6 @@ bool svcctl_io_r_query_service_config2(const char *desc, SVCCTL_R_QUERY_SERVICE_ bool svcctl_io_q_query_service_status_ex(const char *desc, SVCCTL_Q_QUERY_SERVICE_STATUSEX *q_u, prs_struct *ps, int depth); bool svcctl_io_r_query_service_status_ex(const char *desc, SVCCTL_R_QUERY_SERVICE_STATUSEX *r_u, prs_struct *ps, int depth); -/* The following definitions come from rpc_server/srv_dfs_nt.c */ - -void _dfs_GetManagerVersion(pipes_struct *p, struct dfs_GetManagerVersion *r); -WERROR _dfs_Add(pipes_struct *p, struct dfs_Add *r); -WERROR _dfs_Remove(pipes_struct *p, struct dfs_Remove *r); -WERROR _dfs_Enum(pipes_struct *p, struct dfs_Enum *r); -WERROR _dfs_GetInfo(pipes_struct *p, struct dfs_GetInfo *r); -WERROR _dfs_SetInfo(pipes_struct *p, struct dfs_SetInfo *r); -WERROR _dfs_Rename(pipes_struct *p, struct dfs_Rename *r); -WERROR _dfs_Move(pipes_struct *p, struct dfs_Move *r); -WERROR _dfs_ManagerGetConfigInfo(pipes_struct *p, struct dfs_ManagerGetConfigInfo *r); -WERROR _dfs_ManagerSendSiteInfo(pipes_struct *p, struct dfs_ManagerSendSiteInfo *r); -WERROR _dfs_AddFtRoot(pipes_struct *p, struct dfs_AddFtRoot *r); -WERROR _dfs_RemoveFtRoot(pipes_struct *p, struct dfs_RemoveFtRoot *r); -WERROR _dfs_AddStdRoot(pipes_struct *p, struct dfs_AddStdRoot *r); -WERROR _dfs_RemoveStdRoot(pipes_struct *p, struct dfs_RemoveStdRoot *r); -WERROR _dfs_ManagerInitialize(pipes_struct *p, struct dfs_ManagerInitialize *r); -WERROR _dfs_AddStdRootForced(pipes_struct *p, struct dfs_AddStdRootForced *r); -WERROR _dfs_GetDcAddress(pipes_struct *p, struct dfs_GetDcAddress *r); -WERROR _dfs_SetDcAddress(pipes_struct *p, struct dfs_SetDcAddress *r); -WERROR _dfs_FlushFtTable(pipes_struct *p, struct dfs_FlushFtTable *r); -WERROR _dfs_Add2(pipes_struct *p, struct dfs_Add2 *r); -WERROR _dfs_Remove2(pipes_struct *p, struct dfs_Remove2 *r); -WERROR _dfs_EnumEx(pipes_struct *p, struct dfs_EnumEx *r); -WERROR _dfs_SetInfo2(pipes_struct *p, struct dfs_SetInfo2 *r); - -/* The following definitions come from rpc_server/srv_dssetup_nt.c */ - -WERROR _dssetup_DsRoleGetPrimaryDomainInformation(pipes_struct *p, - struct dssetup_DsRoleGetPrimaryDomainInformation *r); -WERROR _dssetup_DsRoleDnsNameToFlatName(pipes_struct *p, - struct dssetup_DsRoleDnsNameToFlatName *r); -WERROR _dssetup_DsRoleDcAsDc(pipes_struct *p, - struct dssetup_DsRoleDcAsDc *r); -WERROR _dssetup_DsRoleDcAsReplica(pipes_struct *p, - struct dssetup_DsRoleDcAsReplica *r); -WERROR _dssetup_DsRoleDemoteDc(pipes_struct *p, - struct dssetup_DsRoleDemoteDc *r); -WERROR _dssetup_DsRoleGetDcOperationProgress(pipes_struct *p, - struct dssetup_DsRoleGetDcOperationProgress *r); -WERROR _dssetup_DsRoleGetDcOperationResults(pipes_struct *p, - struct dssetup_DsRoleGetDcOperationResults *r); -WERROR _dssetup_DsRoleCancel(pipes_struct *p, - struct dssetup_DsRoleCancel *r); -WERROR _dssetup_DsRoleServerSaveStateForUpgrade(pipes_struct *p, - struct dssetup_DsRoleServerSaveStateForUpgrade *r); -WERROR _dssetup_DsRoleUpgradeDownlevelServer(pipes_struct *p, - struct dssetup_DsRoleUpgradeDownlevelServer *r); -WERROR _dssetup_DsRoleAbortDownlevelServerUpgrade(pipes_struct *p, - struct dssetup_DsRoleAbortDownlevelServerUpgrade *r); - -/* The following definitions come from rpc_server/srv_echo_nt.c */ - -void _echo_AddOne(pipes_struct *p, struct echo_AddOne *r ); -void _echo_EchoData(pipes_struct *p, struct echo_EchoData *r); -void _echo_SinkData(pipes_struct *p, struct echo_SinkData *r); -void _echo_SourceData(pipes_struct *p, struct echo_SourceData *r); -void _echo_TestCall(pipes_struct *p, struct echo_TestCall *r); -NTSTATUS _echo_TestCall2(pipes_struct *p, struct echo_TestCall2 *r); -uint32 _echo_TestSleep(pipes_struct *p, struct echo_TestSleep *r); -void _echo_TestEnum(pipes_struct *p, struct echo_TestEnum *r); -void _echo_TestSurrounding(pipes_struct *p, struct echo_TestSurrounding *r); -uint16 _echo_TestDoublePointer(pipes_struct *p, struct echo_TestDoublePointer *r); - /* The following definitions come from rpc_server/srv_eventlog.c */ NTSTATUS rpc_eventlog2_init(void); @@ -6605,43 +6541,9 @@ bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ); /* The following definitions come from rpc_server/srv_eventlog_nt.c */ -NTSTATUS _eventlog_OpenEventLogW(pipes_struct *p, - struct eventlog_OpenEventLogW *r); -NTSTATUS _eventlog_ClearEventLogW(pipes_struct *p, - struct eventlog_ClearEventLogW *r); -NTSTATUS _eventlog_CloseEventLog( pipes_struct * p, struct eventlog_CloseEventLog *r ); NTSTATUS _eventlog_read_eventlog( pipes_struct * p, EVENTLOG_Q_READ_EVENTLOG * q_u, EVENTLOG_R_READ_EVENTLOG * r_u ); -NTSTATUS _eventlog_GetOldestRecord(pipes_struct *p, - struct eventlog_GetOldestRecord *r); -NTSTATUS _eventlog_GetNumRecords(pipes_struct *p, - struct eventlog_GetNumRecords *r); -NTSTATUS _eventlog_BackupEventLogW(pipes_struct *p, struct eventlog_BackupEventLogW *r); -NTSTATUS _eventlog_DeregisterEventSource(pipes_struct *p, struct eventlog_DeregisterEventSource *r); -NTSTATUS _eventlog_ChangeNotify(pipes_struct *p, struct eventlog_ChangeNotify *r); -NTSTATUS _eventlog_RegisterEventSourceW(pipes_struct *p, struct eventlog_RegisterEventSourceW *r); -NTSTATUS _eventlog_OpenBackupEventLogW(pipes_struct *p, struct eventlog_OpenBackupEventLogW *r); -NTSTATUS _eventlog_ReadEventLogW(pipes_struct *p, struct eventlog_ReadEventLogW *r); -NTSTATUS _eventlog_ReportEventW(pipes_struct *p, struct eventlog_ReportEventW *r); -NTSTATUS _eventlog_ClearEventLogA(pipes_struct *p, struct eventlog_ClearEventLogA *r); -NTSTATUS _eventlog_BackupEventLogA(pipes_struct *p, struct eventlog_BackupEventLogA *r); -NTSTATUS _eventlog_OpenEventLogA(pipes_struct *p, struct eventlog_OpenEventLogA *r); -NTSTATUS _eventlog_RegisterEventSourceA(pipes_struct *p, struct eventlog_RegisterEventSourceA *r); -NTSTATUS _eventlog_OpenBackupEventLogA(pipes_struct *p, struct eventlog_OpenBackupEventLogA *r); -NTSTATUS _eventlog_ReadEventLogA(pipes_struct *p, struct eventlog_ReadEventLogA *r); -NTSTATUS _eventlog_ReportEventA(pipes_struct *p, struct eventlog_ReportEventA *r); -NTSTATUS _eventlog_RegisterClusterSvc(pipes_struct *p, struct eventlog_RegisterClusterSvc *r); -NTSTATUS _eventlog_DeregisterClusterSvc(pipes_struct *p, struct eventlog_DeregisterClusterSvc *r); -NTSTATUS _eventlog_WriteClusterEvents(pipes_struct *p, struct eventlog_WriteClusterEvents *r); -NTSTATUS _eventlog_GetLogIntormation(pipes_struct *p, struct eventlog_GetLogIntormation *r); -NTSTATUS _eventlog_FlushEventLog(pipes_struct *p, struct eventlog_FlushEventLog *r); - -/* The following definitions come from rpc_server/srv_initshutdown_nt.c */ - -WERROR _initshutdown_Init(pipes_struct *p, struct initshutdown_Init *r); -WERROR _initshutdown_InitEx(pipes_struct *p, struct initshutdown_InitEx *r); -WERROR _initshutdown_Abort(pipes_struct *p, struct initshutdown_Abort *r); /* The following definitions come from rpc_server/srv_lsa_hnd.c */ @@ -6652,216 +6554,6 @@ bool close_policy_hnd(pipes_struct *p, POLICY_HND *hnd); void close_policy_by_pipe(pipes_struct *p); bool pipe_access_check(pipes_struct *p); -/* The following definitions come from rpc_server/srv_lsa_nt.c */ - -NTSTATUS _lsa_OpenPolicy2(pipes_struct *p, - struct lsa_OpenPolicy2 *r); -NTSTATUS _lsa_OpenPolicy(pipes_struct *p, - struct lsa_OpenPolicy *r); -NTSTATUS _lsa_EnumTrustDom(pipes_struct *p, - struct lsa_EnumTrustDom *r); -NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p, - struct lsa_QueryInfoPolicy *r); -NTSTATUS _lsa_LookupSids(pipes_struct *p, - struct lsa_LookupSids *r); -NTSTATUS _lsa_LookupSids2(pipes_struct *p, - struct lsa_LookupSids2 *r); -NTSTATUS _lsa_LookupSids3(pipes_struct *p, - struct lsa_LookupSids3 *r); -NTSTATUS _lsa_LookupNames(pipes_struct *p, - struct lsa_LookupNames *r); -NTSTATUS _lsa_LookupNames2(pipes_struct *p, - struct lsa_LookupNames2 *r); -NTSTATUS _lsa_LookupNames3(pipes_struct *p, - struct lsa_LookupNames3 *r); -NTSTATUS _lsa_LookupNames4(pipes_struct *p, - struct lsa_LookupNames4 *r); -NTSTATUS _lsa_Close(pipes_struct *p, struct lsa_Close *r); -NTSTATUS _lsa_OpenSecret(pipes_struct *p, struct lsa_OpenSecret *r); -NTSTATUS _lsa_OpenTrustedDomain(pipes_struct *p, struct lsa_OpenTrustedDomain *r); -NTSTATUS _lsa_CreateTrustedDomain(pipes_struct *p, struct lsa_CreateTrustedDomain *r); -NTSTATUS _lsa_CreateSecret(pipes_struct *p, struct lsa_CreateSecret *r); -NTSTATUS _lsa_SetSecret(pipes_struct *p, struct lsa_SetSecret *r); -NTSTATUS _lsa_DeleteObject(pipes_struct *p, - struct lsa_DeleteObject *r); -NTSTATUS _lsa_EnumPrivs(pipes_struct *p, - struct lsa_EnumPrivs *r); -NTSTATUS _lsa_LookupPrivDisplayName(pipes_struct *p, - struct lsa_LookupPrivDisplayName *r); -NTSTATUS _lsa_EnumAccounts(pipes_struct *p, - struct lsa_EnumAccounts *r); -NTSTATUS _lsa_GetUserName(pipes_struct *p, - struct lsa_GetUserName *r); -NTSTATUS _lsa_CreateAccount(pipes_struct *p, - struct lsa_CreateAccount *r); -NTSTATUS _lsa_OpenAccount(pipes_struct *p, - struct lsa_OpenAccount *r); -NTSTATUS _lsa_EnumPrivsAccount(pipes_struct *p, - struct lsa_EnumPrivsAccount *r); -NTSTATUS _lsa_GetSystemAccessAccount(pipes_struct *p, - struct lsa_GetSystemAccessAccount *r); -NTSTATUS _lsa_SetSystemAccessAccount(pipes_struct *p, - struct lsa_SetSystemAccessAccount *r); -NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p, - struct lsa_AddPrivilegesToAccount *r); -NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p, - struct lsa_RemovePrivilegesFromAccount *r); -NTSTATUS _lsa_QuerySecurity(pipes_struct *p, - struct lsa_QuerySecurity *r); -NTSTATUS _lsa_AddAccountRights(pipes_struct *p, - struct lsa_AddAccountRights *r); -NTSTATUS _lsa_RemoveAccountRights(pipes_struct *p, - struct lsa_RemoveAccountRights *r); -NTSTATUS _lsa_EnumAccountRights(pipes_struct *p, - struct lsa_EnumAccountRights *r); -NTSTATUS _lsa_LookupPrivValue(pipes_struct *p, - struct lsa_LookupPrivValue *r); -NTSTATUS _lsa_Delete(pipes_struct *p, struct lsa_Delete *r); -NTSTATUS _lsa_SetSecObj(pipes_struct *p, struct lsa_SetSecObj *r); -NTSTATUS _lsa_ChangePassword(pipes_struct *p, struct lsa_ChangePassword *r); -NTSTATUS _lsa_SetInfoPolicy(pipes_struct *p, struct lsa_SetInfoPolicy *r); -NTSTATUS _lsa_ClearAuditLog(pipes_struct *p, struct lsa_ClearAuditLog *r); -NTSTATUS _lsa_GetQuotasForAccount(pipes_struct *p, struct lsa_GetQuotasForAccount *r); -NTSTATUS _lsa_SetQuotasForAccount(pipes_struct *p, struct lsa_SetQuotasForAccount *r); -NTSTATUS _lsa_QueryTrustedDomainInfo(pipes_struct *p, struct lsa_QueryTrustedDomainInfo *r); -NTSTATUS _lsa_SetInformationTrustedDomain(pipes_struct *p, struct lsa_SetInformationTrustedDomain *r); -NTSTATUS _lsa_QuerySecret(pipes_struct *p, struct lsa_QuerySecret *r); -NTSTATUS _lsa_LookupPrivName(pipes_struct *p, struct lsa_LookupPrivName *r); -NTSTATUS _lsa_EnumAccountsWithUserRight(pipes_struct *p, struct lsa_EnumAccountsWithUserRight *r); -NTSTATUS _lsa_QueryTrustedDomainInfoBySid(pipes_struct *p, struct lsa_QueryTrustedDomainInfoBySid *r); -NTSTATUS _lsa_SetTrustedDomainInfo(pipes_struct *p, struct lsa_SetTrustedDomainInfo *r); -NTSTATUS _lsa_DeleteTrustedDomain(pipes_struct *p, struct lsa_DeleteTrustedDomain *r); -NTSTATUS _lsa_StorePrivateData(pipes_struct *p, struct lsa_StorePrivateData *r); -NTSTATUS _lsa_RetrievePrivateData(pipes_struct *p, struct lsa_RetrievePrivateData *r); -NTSTATUS _lsa_QueryInfoPolicy2(pipes_struct *p, struct lsa_QueryInfoPolicy2 *r); -NTSTATUS _lsa_SetInfoPolicy2(pipes_struct *p, struct lsa_SetInfoPolicy2 *r); -NTSTATUS _lsa_QueryTrustedDomainInfoByName(pipes_struct *p, struct lsa_QueryTrustedDomainInfoByName *r); -NTSTATUS _lsa_SetTrustedDomainInfoByName(pipes_struct *p, struct lsa_SetTrustedDomainInfoByName *r); -NTSTATUS _lsa_EnumTrustedDomainsEx(pipes_struct *p, struct lsa_EnumTrustedDomainsEx *r); -NTSTATUS _lsa_CreateTrustedDomainEx(pipes_struct *p, struct lsa_CreateTrustedDomainEx *r); -NTSTATUS _lsa_CloseTrustedDomainEx(pipes_struct *p, struct lsa_CloseTrustedDomainEx *r); -NTSTATUS _lsa_QueryDomainInformationPolicy(pipes_struct *p, struct lsa_QueryDomainInformationPolicy *r); -NTSTATUS _lsa_SetDomainInformationPolicy(pipes_struct *p, struct lsa_SetDomainInformationPolicy *r); -NTSTATUS _lsa_OpenTrustedDomainByName(pipes_struct *p, struct lsa_OpenTrustedDomainByName *r); -NTSTATUS _lsa_TestCall(pipes_struct *p, struct lsa_TestCall *r); -NTSTATUS _lsa_CreateTrustedDomainEx2(pipes_struct *p, struct lsa_CreateTrustedDomainEx2 *r); -NTSTATUS _lsa_CREDRWRITE(pipes_struct *p, struct lsa_CREDRWRITE *r); -NTSTATUS _lsa_CREDRREAD(pipes_struct *p, struct lsa_CREDRREAD *r); -NTSTATUS _lsa_CREDRENUMERATE(pipes_struct *p, struct lsa_CREDRENUMERATE *r); -NTSTATUS _lsa_CREDRWRITEDOMAINCREDENTIALS(pipes_struct *p, struct lsa_CREDRWRITEDOMAINCREDENTIALS *r); -NTSTATUS _lsa_CREDRREADDOMAINCREDENTIALS(pipes_struct *p, struct lsa_CREDRREADDOMAINCREDENTIALS *r); -NTSTATUS _lsa_CREDRDELETE(pipes_struct *p, struct lsa_CREDRDELETE *r); -NTSTATUS _lsa_CREDRGETTARGETINFO(pipes_struct *p, struct lsa_CREDRGETTARGETINFO *r); -NTSTATUS _lsa_CREDRPROFILELOADED(pipes_struct *p, struct lsa_CREDRPROFILELOADED *r); -NTSTATUS _lsa_CREDRGETSESSIONTYPES(pipes_struct *p, struct lsa_CREDRGETSESSIONTYPES *r); -NTSTATUS _lsa_LSARREGISTERAUDITEVENT(pipes_struct *p, struct lsa_LSARREGISTERAUDITEVENT *r); -NTSTATUS _lsa_LSARGENAUDITEVENT(pipes_struct *p, struct lsa_LSARGENAUDITEVENT *r); -NTSTATUS _lsa_LSARUNREGISTERAUDITEVENT(pipes_struct *p, struct lsa_LSARUNREGISTERAUDITEVENT *r); -NTSTATUS _lsa_lsaRQueryForestTrustInformation(pipes_struct *p, struct lsa_lsaRQueryForestTrustInformation *r); -NTSTATUS _lsa_LSARSETFORESTTRUSTINFORMATION(pipes_struct *p, struct lsa_LSARSETFORESTTRUSTINFORMATION *r); -NTSTATUS _lsa_CREDRRENAME(pipes_struct *p, struct lsa_CREDRRENAME *r); -NTSTATUS _lsa_LSAROPENPOLICYSCE(pipes_struct *p, struct lsa_LSAROPENPOLICYSCE *r); -NTSTATUS _lsa_LSARADTREGISTERSECURITYEVENTSOURCE(pipes_struct *p, struct lsa_LSARADTREGISTERSECURITYEVENTSOURCE *r); -NTSTATUS _lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE(pipes_struct *p, struct lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE *r); -NTSTATUS _lsa_LSARADTREPORTSECURITYEVENT(pipes_struct *p, struct lsa_LSARADTREPORTSECURITYEVENT *r); - -/* The following definitions come from rpc_server/srv_netlog_nt.c */ - -WERROR _netr_LogonControl(pipes_struct *p, - struct netr_LogonControl *r); -WERROR _netr_LogonControl2(pipes_struct *p, - struct netr_LogonControl2 *r); -WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p, - struct netr_NetrEnumerateTrustedDomains *r); -NTSTATUS _netr_ServerReqChallenge(pipes_struct *p, - struct netr_ServerReqChallenge *r); -NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, - struct netr_ServerAuthenticate *r); -NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, - struct netr_ServerAuthenticate2 *r); -NTSTATUS _netr_ServerPasswordSet(pipes_struct *p, - struct netr_ServerPasswordSet *r); -NTSTATUS _netr_LogonSamLogoff(pipes_struct *p, - struct netr_LogonSamLogoff *r); -NTSTATUS _netr_LogonSamLogon(pipes_struct *p, - struct netr_LogonSamLogon *r); -NTSTATUS _netr_LogonSamLogonEx(pipes_struct *p, - struct netr_LogonSamLogonEx *r); -WERROR _netr_LogonUasLogon(pipes_struct *p, - struct netr_LogonUasLogon *r); -WERROR _netr_LogonUasLogoff(pipes_struct *p, - struct netr_LogonUasLogoff *r); -NTSTATUS _netr_DatabaseDeltas(pipes_struct *p, - struct netr_DatabaseDeltas *r); -NTSTATUS _netr_DatabaseSync(pipes_struct *p, - struct netr_DatabaseSync *r); -NTSTATUS _netr_AccountDeltas(pipes_struct *p, - struct netr_AccountDeltas *r); -NTSTATUS _netr_AccountSync(pipes_struct *p, - struct netr_AccountSync *r); -WERROR _netr_GetDcName(pipes_struct *p, - struct netr_GetDcName *r); -WERROR _netr_GetAnyDCName(pipes_struct *p, - struct netr_GetAnyDCName *r); -NTSTATUS _netr_DatabaseSync2(pipes_struct *p, - struct netr_DatabaseSync2 *r); -NTSTATUS _netr_DatabaseRedo(pipes_struct *p, - struct netr_DatabaseRedo *r); -WERROR _netr_LogonControl2Ex(pipes_struct *p, - struct netr_LogonControl2Ex *r); -WERROR _netr_DsRGetDCName(pipes_struct *p, - struct netr_DsRGetDCName *r); -WERROR _netr_NETRLOGONDUMMYROUTINE1(pipes_struct *p, - struct netr_NETRLOGONDUMMYROUTINE1 *r); -WERROR _netr_NETRLOGONSETSERVICEBITS(pipes_struct *p, - struct netr_NETRLOGONSETSERVICEBITS *r); -WERROR _netr_LogonGetTrustRid(pipes_struct *p, - struct netr_LogonGetTrustRid *r); -WERROR _netr_NETRLOGONCOMPUTESERVERDIGEST(pipes_struct *p, - struct netr_NETRLOGONCOMPUTESERVERDIGEST *r); -WERROR _netr_NETRLOGONCOMPUTECLIENTDIGEST(pipes_struct *p, - struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r); -NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, - struct netr_ServerAuthenticate3 *r); -WERROR _netr_DsRGetDCNameEx(pipes_struct *p, - struct netr_DsRGetDCNameEx *r); -WERROR _netr_DsRGetSiteName(pipes_struct *p, - struct netr_DsRGetSiteName *r); -NTSTATUS _netr_LogonGetDomainInfo(pipes_struct *p, - struct netr_LogonGetDomainInfo *r); -NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p, - struct netr_ServerPasswordSet2 *r); -WERROR _netr_ServerPasswordGet(pipes_struct *p, - struct netr_ServerPasswordGet *r); -WERROR _netr_NETRLOGONSENDTOSAM(pipes_struct *p, - struct netr_NETRLOGONSENDTOSAM *r); -WERROR _netr_DsRAddressToSitenamesW(pipes_struct *p, - struct netr_DsRAddressToSitenamesW *r); -WERROR _netr_DsRGetDCNameEx2(pipes_struct *p, - struct netr_DsRGetDCNameEx2 *r); -WERROR _netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(pipes_struct *p, - struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r); -WERROR _netr_NetrEnumerateTrustedDomainsEx(pipes_struct *p, - struct netr_NetrEnumerateTrustedDomainsEx *r); -WERROR _netr_DsRAddressToSitenamesExW(pipes_struct *p, - struct netr_DsRAddressToSitenamesExW *r); -WERROR _netr_DsrGetDcSiteCoverageW(pipes_struct *p, - struct netr_DsrGetDcSiteCoverageW *r); -WERROR _netr_DsrEnumerateDomainTrusts(pipes_struct *p, - struct netr_DsrEnumerateDomainTrusts *r); -WERROR _netr_DsrDeregisterDNSHostRecords(pipes_struct *p, - struct netr_DsrDeregisterDNSHostRecords *r); -NTSTATUS _netr_ServerTrustPasswordsGet(pipes_struct *p, - struct netr_ServerTrustPasswordsGet *r); -WERROR _netr_DsRGetForestTrustInformation(pipes_struct *p, - struct netr_DsRGetForestTrustInformation *r); -WERROR _netr_GetForestTrustInformation(pipes_struct *p, - struct netr_GetForestTrustInformation *r); -NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, - struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_ServerGetTrustInfo(pipes_struct *p, - struct netr_ServerGetTrustInfo *r); - /* The following definitions come from rpc_server/srv_ntsvcs.c */ void ntsvcs2_get_pipe_fns( struct api_struct **fns, int *n_fns ); @@ -6869,137 +6561,7 @@ NTSTATUS rpc_ntsvcs2_init(void); /* The following definitions come from rpc_server/srv_ntsvcs_nt.c */ -WERROR _PNP_GetVersion(pipes_struct *p, - struct PNP_GetVersion *r); -WERROR _PNP_GetDeviceListSize(pipes_struct *p, - struct PNP_GetDeviceListSize *r); WERROR _ntsvcs_get_device_list( pipes_struct *p, NTSVCS_Q_GET_DEVICE_LIST *q_u, NTSVCS_R_GET_DEVICE_LIST *r_u ); -WERROR _PNP_ValidateDeviceInstance(pipes_struct *p, - struct PNP_ValidateDeviceInstance *r); -WERROR _PNP_GetHwProfInfo(pipes_struct *p, - struct PNP_GetHwProfInfo *r); -WERROR _PNP_HwProfFlags(pipes_struct *p, - struct PNP_HwProfFlags *r); -WERROR _PNP_Disconnect(pipes_struct *p, - struct PNP_Disconnect *r); -WERROR _PNP_Connect(pipes_struct *p, - struct PNP_Connect *r); -WERROR _PNP_GetGlobalState(pipes_struct *p, - struct PNP_GetGlobalState *r); -WERROR _PNP_InitDetection(pipes_struct *p, - struct PNP_InitDetection *r); -WERROR _PNP_ReportLogOn(pipes_struct *p, - struct PNP_ReportLogOn *r); -WERROR _PNP_GetRootDeviceInstance(pipes_struct *p, - struct PNP_GetRootDeviceInstance *r); -WERROR _PNP_GetRelatedDeviceInstance(pipes_struct *p, - struct PNP_GetRelatedDeviceInstance *r); -WERROR _PNP_EnumerateSubKeys(pipes_struct *p, - struct PNP_EnumerateSubKeys *r); -WERROR _PNP_GetDeviceList(pipes_struct *p, - struct PNP_GetDeviceList *r); -WERROR _PNP_GetDepth(pipes_struct *p, - struct PNP_GetDepth *r); -WERROR _PNP_GetDeviceRegProp(pipes_struct *p, - struct PNP_GetDeviceRegProp *r); -WERROR _PNP_SetDeviceRegProp(pipes_struct *p, - struct PNP_SetDeviceRegProp *r); -WERROR _PNP_GetClassInstance(pipes_struct *p, - struct PNP_GetClassInstance *r); -WERROR _PNP_CreateKey(pipes_struct *p, - struct PNP_CreateKey *r); -WERROR _PNP_DeleteRegistryKey(pipes_struct *p, - struct PNP_DeleteRegistryKey *r); -WERROR _PNP_GetClassCount(pipes_struct *p, - struct PNP_GetClassCount *r); -WERROR _PNP_GetClassName(pipes_struct *p, - struct PNP_GetClassName *r); -WERROR _PNP_DeleteClassKey(pipes_struct *p, - struct PNP_DeleteClassKey *r); -WERROR _PNP_GetInterfaceDeviceAlias(pipes_struct *p, - struct PNP_GetInterfaceDeviceAlias *r); -WERROR _PNP_GetInterfaceDeviceList(pipes_struct *p, - struct PNP_GetInterfaceDeviceList *r); -WERROR _PNP_GetInterfaceDeviceListSize(pipes_struct *p, - struct PNP_GetInterfaceDeviceListSize *r); -WERROR _PNP_RegisterDeviceClassAssociation(pipes_struct *p, - struct PNP_RegisterDeviceClassAssociation *r); -WERROR _PNP_UnregisterDeviceClassAssociation(pipes_struct *p, - struct PNP_UnregisterDeviceClassAssociation *r); -WERROR _PNP_GetClassRegProp(pipes_struct *p, - struct PNP_GetClassRegProp *r); -WERROR _PNP_SetClassRegProp(pipes_struct *p, - struct PNP_SetClassRegProp *r); -WERROR _PNP_CreateDevInst(pipes_struct *p, - struct PNP_CreateDevInst *r); -WERROR _PNP_DeviceInstanceAction(pipes_struct *p, - struct PNP_DeviceInstanceAction *r); -WERROR _PNP_GetDeviceStatus(pipes_struct *p, - struct PNP_GetDeviceStatus *r); -WERROR _PNP_SetDeviceProblem(pipes_struct *p, - struct PNP_SetDeviceProblem *r); -WERROR _PNP_DisableDevInst(pipes_struct *p, - struct PNP_DisableDevInst *r); -WERROR _PNP_UninstallDevInst(pipes_struct *p, - struct PNP_UninstallDevInst *r); -WERROR _PNP_AddID(pipes_struct *p, - struct PNP_AddID *r); -WERROR _PNP_RegisterDriver(pipes_struct *p, - struct PNP_RegisterDriver *r); -WERROR _PNP_QueryRemove(pipes_struct *p, - struct PNP_QueryRemove *r); -WERROR _PNP_RequestDeviceEject(pipes_struct *p, - struct PNP_RequestDeviceEject *r); -WERROR _PNP_IsDockStationPresent(pipes_struct *p, - struct PNP_IsDockStationPresent *r); -WERROR _PNP_RequestEjectPC(pipes_struct *p, - struct PNP_RequestEjectPC *r); -WERROR _PNP_AddEmptyLogConf(pipes_struct *p, - struct PNP_AddEmptyLogConf *r); -WERROR _PNP_FreeLogConf(pipes_struct *p, - struct PNP_FreeLogConf *r); -WERROR _PNP_GetFirstLogConf(pipes_struct *p, - struct PNP_GetFirstLogConf *r); -WERROR _PNP_GetNextLogConf(pipes_struct *p, - struct PNP_GetNextLogConf *r); -WERROR _PNP_GetLogConfPriority(pipes_struct *p, - struct PNP_GetLogConfPriority *r); -WERROR _PNP_AddResDes(pipes_struct *p, - struct PNP_AddResDes *r); -WERROR _PNP_FreeResDes(pipes_struct *p, - struct PNP_FreeResDes *r); -WERROR _PNP_GetNextResDes(pipes_struct *p, - struct PNP_GetNextResDes *r); -WERROR _PNP_GetResDesData(pipes_struct *p, - struct PNP_GetResDesData *r); -WERROR _PNP_GetResDesDataSize(pipes_struct *p, - struct PNP_GetResDesDataSize *r); -WERROR _PNP_ModifyResDes(pipes_struct *p, - struct PNP_ModifyResDes *r); -WERROR _PNP_DetectResourceLimit(pipes_struct *p, - struct PNP_DetectResourceLimit *r); -WERROR _PNP_QueryResConfList(pipes_struct *p, - struct PNP_QueryResConfList *r); -WERROR _PNP_SetHwProf(pipes_struct *p, - struct PNP_SetHwProf *r); -WERROR _PNP_QueryArbitratorFreeData(pipes_struct *p, - struct PNP_QueryArbitratorFreeData *r); -WERROR _PNP_QueryArbitratorFreeSize(pipes_struct *p, - struct PNP_QueryArbitratorFreeSize *r); -WERROR _PNP_RunDetection(pipes_struct *p, - struct PNP_RunDetection *r); -WERROR _PNP_RegisterNotification(pipes_struct *p, - struct PNP_RegisterNotification *r); -WERROR _PNP_UnregisterNotification(pipes_struct *p, - struct PNP_UnregisterNotification *r); -WERROR _PNP_GetCustomDevProp(pipes_struct *p, - struct PNP_GetCustomDevProp *r); -WERROR _PNP_GetVersionInternal(pipes_struct *p, - struct PNP_GetVersionInternal *r); -WERROR _PNP_GetBlockedDriverInfo(pipes_struct *p, - struct PNP_GetBlockedDriverInfo *r); -WERROR _PNP_GetServerSideDeviceInstallFlags(pipes_struct *p, - struct PNP_GetServerSideDeviceInstallFlags *r); /* The following definitions come from rpc_server/srv_pipe.c */ @@ -7036,145 +6598,6 @@ NTSTATUS np_write(struct files_struct *fsp, const uint8_t *data, size_t len, NTSTATUS np_read(struct files_struct *fsp, uint8_t *data, size_t len, ssize_t *nread, bool *is_data_outstanding); - -/* The following definitions come from rpc_server/srv_samr_nt.c */ - -NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r); -NTSTATUS _samr_OpenDomain(pipes_struct *p, - struct samr_OpenDomain *r); -NTSTATUS _samr_GetUserPwInfo(pipes_struct *p, - struct samr_GetUserPwInfo *r); -NTSTATUS _samr_SetSecurity(pipes_struct *p, - struct samr_SetSecurity *r); -NTSTATUS _samr_QuerySecurity(pipes_struct *p, - struct samr_QuerySecurity *r); -NTSTATUS _samr_EnumDomainUsers(pipes_struct *p, - struct samr_EnumDomainUsers *r); -NTSTATUS _samr_EnumDomainGroups(pipes_struct *p, - struct samr_EnumDomainGroups *r); -NTSTATUS _samr_EnumDomainAliases(pipes_struct *p, - struct samr_EnumDomainAliases *r); -NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p, - struct samr_QueryDisplayInfo *r); -NTSTATUS _samr_QueryDisplayInfo2(pipes_struct *p, - struct samr_QueryDisplayInfo2 *r); -NTSTATUS _samr_QueryDisplayInfo3(pipes_struct *p, - struct samr_QueryDisplayInfo3 *r); -NTSTATUS _samr_QueryAliasInfo(pipes_struct *p, - struct samr_QueryAliasInfo *r); -NTSTATUS _samr_LookupNames(pipes_struct *p, - struct samr_LookupNames *r); -NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p, - struct samr_ChangePasswordUser2 *r); -NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p, - struct samr_ChangePasswordUser3 *r); -NTSTATUS _samr_LookupRids(pipes_struct *p, - struct samr_LookupRids *r); -NTSTATUS _samr_OpenUser(pipes_struct *p, - struct samr_OpenUser *r); -NTSTATUS _samr_QueryUserInfo(pipes_struct *p, - struct samr_QueryUserInfo *r); -NTSTATUS _samr_GetGroupsForUser(pipes_struct *p, - struct samr_GetGroupsForUser *r); -NTSTATUS _samr_QueryDomainInfo(pipes_struct *p, - struct samr_QueryDomainInfo *r); -NTSTATUS _samr_CreateUser2(pipes_struct *p, - struct samr_CreateUser2 *r); -NTSTATUS _samr_Connect(pipes_struct *p, - struct samr_Connect *r); -NTSTATUS _samr_Connect2(pipes_struct *p, - struct samr_Connect2 *r); -NTSTATUS _samr_Connect4(pipes_struct *p, - struct samr_Connect4 *r); -NTSTATUS _samr_Connect5(pipes_struct *p, - struct samr_Connect5 *r); -NTSTATUS _samr_LookupDomain(pipes_struct *p, - struct samr_LookupDomain *r); -NTSTATUS _samr_EnumDomains(pipes_struct *p, - struct samr_EnumDomains *r); -NTSTATUS _samr_OpenAlias(pipes_struct *p, - struct samr_OpenAlias *r); -NTSTATUS _samr_SetUserInfo(pipes_struct *p, - struct samr_SetUserInfo *r); -NTSTATUS _samr_SetUserInfo2(pipes_struct *p, - struct samr_SetUserInfo2 *r); -NTSTATUS _samr_GetAliasMembership(pipes_struct *p, - struct samr_GetAliasMembership *r); -NTSTATUS _samr_GetMembersInAlias(pipes_struct *p, - struct samr_GetMembersInAlias *r); -NTSTATUS _samr_QueryGroupMember(pipes_struct *p, - struct samr_QueryGroupMember *r); -NTSTATUS _samr_AddAliasMember(pipes_struct *p, - struct samr_AddAliasMember *r); -NTSTATUS _samr_DeleteAliasMember(pipes_struct *p, - struct samr_DeleteAliasMember *r); -NTSTATUS _samr_AddGroupMember(pipes_struct *p, - struct samr_AddGroupMember *r); -NTSTATUS _samr_DeleteGroupMember(pipes_struct *p, - struct samr_DeleteGroupMember *r); -NTSTATUS _samr_DeleteUser(pipes_struct *p, - struct samr_DeleteUser *r); -NTSTATUS _samr_DeleteDomainGroup(pipes_struct *p, - struct samr_DeleteDomainGroup *r); -NTSTATUS _samr_DeleteDomAlias(pipes_struct *p, - struct samr_DeleteDomAlias *r); -NTSTATUS _samr_CreateDomainGroup(pipes_struct *p, - struct samr_CreateDomainGroup *r); -NTSTATUS _samr_CreateDomAlias(pipes_struct *p, - struct samr_CreateDomAlias *r); -NTSTATUS _samr_QueryGroupInfo(pipes_struct *p, - struct samr_QueryGroupInfo *r); -NTSTATUS _samr_SetGroupInfo(pipes_struct *p, - struct samr_SetGroupInfo *r); -NTSTATUS _samr_SetAliasInfo(pipes_struct *p, - struct samr_SetAliasInfo *r); -NTSTATUS _samr_GetDomPwInfo(pipes_struct *p, - struct samr_GetDomPwInfo *r); -NTSTATUS _samr_OpenGroup(pipes_struct *p, - struct samr_OpenGroup *r); -NTSTATUS _samr_RemoveMemberFromForeignDomain(pipes_struct *p, - struct samr_RemoveMemberFromForeignDomain *r); -NTSTATUS _samr_QueryDomainInfo2(pipes_struct *p, - struct samr_QueryDomainInfo2 *r); -NTSTATUS _samr_SetDomainInfo(pipes_struct *p, - struct samr_SetDomainInfo *r); -NTSTATUS _samr_GetDisplayEnumerationIndex(pipes_struct *p, - struct samr_GetDisplayEnumerationIndex *r); -NTSTATUS _samr_GetDisplayEnumerationIndex2(pipes_struct *p, - struct samr_GetDisplayEnumerationIndex2 *r); -NTSTATUS _samr_Shutdown(pipes_struct *p, - struct samr_Shutdown *r); -NTSTATUS _samr_CreateUser(pipes_struct *p, - struct samr_CreateUser *r); -NTSTATUS _samr_SetMemberAttributesOfGroup(pipes_struct *p, - struct samr_SetMemberAttributesOfGroup *r); -NTSTATUS _samr_ChangePasswordUser(pipes_struct *p, - struct samr_ChangePasswordUser *r); -NTSTATUS _samr_TestPrivateFunctionsDomain(pipes_struct *p, - struct samr_TestPrivateFunctionsDomain *r); -NTSTATUS _samr_TestPrivateFunctionsUser(pipes_struct *p, - struct samr_TestPrivateFunctionsUser *r); -NTSTATUS _samr_QueryUserInfo2(pipes_struct *p, - struct samr_QueryUserInfo2 *r); -NTSTATUS _samr_AddMultipleMembersToAlias(pipes_struct *p, - struct samr_AddMultipleMembersToAlias *r); -NTSTATUS _samr_RemoveMultipleMembersFromAlias(pipes_struct *p, - struct samr_RemoveMultipleMembersFromAlias *r); -NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p, - struct samr_OemChangePasswordUser2 *r); -NTSTATUS _samr_SetBootKeyInformation(pipes_struct *p, - struct samr_SetBootKeyInformation *r); -NTSTATUS _samr_GetBootKeyInformation(pipes_struct *p, - struct samr_GetBootKeyInformation *r); -NTSTATUS _samr_Connect3(pipes_struct *p, - struct samr_Connect3 *r); -NTSTATUS _samr_RidToSid(pipes_struct *p, - struct samr_RidToSid *r); -NTSTATUS _samr_SetDsrmPassword(pipes_struct *p, - struct samr_SetDsrmPassword *r); -NTSTATUS _samr_ValidatePassword(pipes_struct *p, - struct samr_ValidatePassword *r); - /* The following definitions come from rpc_server/srv_samr_util.c */ void copy_id20_to_sam_passwd(struct samu *to, @@ -7334,79 +6757,7 @@ WERROR _spoolss_xcvdataport(pipes_struct *p, SPOOL_Q_XCVDATAPORT *q_u, SPOOL_R_X /* The following definitions come from rpc_server/srv_srvsvc_nt.c */ -WERROR _srvsvc_NetFileEnum(pipes_struct *p, - struct srvsvc_NetFileEnum *r); -WERROR _srvsvc_NetSrvGetInfo(pipes_struct *p, - struct srvsvc_NetSrvGetInfo *r); -WERROR _srvsvc_NetSrvSetInfo(pipes_struct *p, - struct srvsvc_NetSrvSetInfo *r); -WERROR _srvsvc_NetConnEnum(pipes_struct *p, - struct srvsvc_NetConnEnum *r); -WERROR _srvsvc_NetSessEnum(pipes_struct *p, - struct srvsvc_NetSessEnum *r); -WERROR _srvsvc_NetSessDel(pipes_struct *p, - struct srvsvc_NetSessDel *r); -WERROR _srvsvc_NetShareEnumAll(pipes_struct *p, - struct srvsvc_NetShareEnumAll *r); -WERROR _srvsvc_NetShareEnum(pipes_struct *p, - struct srvsvc_NetShareEnum *r); -WERROR _srvsvc_NetShareGetInfo(pipes_struct *p, - struct srvsvc_NetShareGetInfo *r); char *valid_share_pathname(TALLOC_CTX *ctx, const char *dos_pathname); -WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, - struct srvsvc_NetShareSetInfo *r); -WERROR _srvsvc_NetShareAdd(pipes_struct *p, - struct srvsvc_NetShareAdd *r); -WERROR _srvsvc_NetShareDel(pipes_struct *p, - struct srvsvc_NetShareDel *r); -WERROR _srvsvc_NetShareDelSticky(pipes_struct *p, - struct srvsvc_NetShareDelSticky *r); -WERROR _srvsvc_NetRemoteTOD(pipes_struct *p, - struct srvsvc_NetRemoteTOD *r); -WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, - struct srvsvc_NetGetFileSecurity *r); -WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, - struct srvsvc_NetSetFileSecurity *r); -WERROR _srvsvc_NetDiskEnum(pipes_struct *p, - struct srvsvc_NetDiskEnum *r); -WERROR _srvsvc_NetNameValidate(pipes_struct *p, - struct srvsvc_NetNameValidate *r); -WERROR _srvsvc_NetFileClose(pipes_struct *p, struct srvsvc_NetFileClose *r); -WERROR _srvsvc_NetCharDevEnum(pipes_struct *p, struct srvsvc_NetCharDevEnum *r); -WERROR _srvsvc_NetCharDevGetInfo(pipes_struct *p, struct srvsvc_NetCharDevGetInfo *r); -WERROR _srvsvc_NetCharDevControl(pipes_struct *p, struct srvsvc_NetCharDevControl *r); -WERROR _srvsvc_NetCharDevQEnum(pipes_struct *p, struct srvsvc_NetCharDevQEnum *r); -WERROR _srvsvc_NetCharDevQGetInfo(pipes_struct *p, struct srvsvc_NetCharDevQGetInfo *r); -WERROR _srvsvc_NetCharDevQSetInfo(pipes_struct *p, struct srvsvc_NetCharDevQSetInfo *r); -WERROR _srvsvc_NetCharDevQPurge(pipes_struct *p, struct srvsvc_NetCharDevQPurge *r); -WERROR _srvsvc_NetCharDevQPurgeSelf(pipes_struct *p, struct srvsvc_NetCharDevQPurgeSelf *r); -WERROR _srvsvc_NetFileGetInfo(pipes_struct *p, struct srvsvc_NetFileGetInfo *r); -WERROR _srvsvc_NetShareCheck(pipes_struct *p, struct srvsvc_NetShareCheck *r); -WERROR _srvsvc_NetServerStatisticsGet(pipes_struct *p, struct srvsvc_NetServerStatisticsGet *r); -WERROR _srvsvc_NetTransportAdd(pipes_struct *p, struct srvsvc_NetTransportAdd *r); -WERROR _srvsvc_NetTransportEnum(pipes_struct *p, struct srvsvc_NetTransportEnum *r); -WERROR _srvsvc_NetTransportDel(pipes_struct *p, struct srvsvc_NetTransportDel *r); -WERROR _srvsvc_NetSetServiceBits(pipes_struct *p, struct srvsvc_NetSetServiceBits *r); -WERROR _srvsvc_NetPathType(pipes_struct *p, struct srvsvc_NetPathType *r); -WERROR _srvsvc_NetPathCanonicalize(pipes_struct *p, struct srvsvc_NetPathCanonicalize *r); -WERROR _srvsvc_NetPathCompare(pipes_struct *p, struct srvsvc_NetPathCompare *r); -WERROR _srvsvc_NETRPRNAMECANONICALIZE(pipes_struct *p, struct srvsvc_NETRPRNAMECANONICALIZE *r); -WERROR _srvsvc_NetPRNameCompare(pipes_struct *p, struct srvsvc_NetPRNameCompare *r); -WERROR _srvsvc_NetShareDelStart(pipes_struct *p, struct srvsvc_NetShareDelStart *r); -WERROR _srvsvc_NetShareDelCommit(pipes_struct *p, struct srvsvc_NetShareDelCommit *r); -WERROR _srvsvc_NetServerTransportAddEx(pipes_struct *p, struct srvsvc_NetServerTransportAddEx *r); -WERROR _srvsvc_NetServerSetServiceBitsEx(pipes_struct *p, struct srvsvc_NetServerSetServiceBitsEx *r); -WERROR _srvsvc_NETRDFSGETVERSION(pipes_struct *p, struct srvsvc_NETRDFSGETVERSION *r); -WERROR _srvsvc_NETRDFSCREATELOCALPARTITION(pipes_struct *p, struct srvsvc_NETRDFSCREATELOCALPARTITION *r); -WERROR _srvsvc_NETRDFSDELETELOCALPARTITION(pipes_struct *p, struct srvsvc_NETRDFSDELETELOCALPARTITION *r); -WERROR _srvsvc_NETRDFSSETLOCALVOLUMESTATE(pipes_struct *p, struct srvsvc_NETRDFSSETLOCALVOLUMESTATE *r); -WERROR _srvsvc_NETRDFSSETSERVERINFO(pipes_struct *p, struct srvsvc_NETRDFSSETSERVERINFO *r); -WERROR _srvsvc_NETRDFSCREATEEXITPOINT(pipes_struct *p, struct srvsvc_NETRDFSCREATEEXITPOINT *r); -WERROR _srvsvc_NETRDFSDELETEEXITPOINT(pipes_struct *p, struct srvsvc_NETRDFSDELETEEXITPOINT *r); -WERROR _srvsvc_NETRDFSMODIFYPREFIX(pipes_struct *p, struct srvsvc_NETRDFSMODIFYPREFIX *r); -WERROR _srvsvc_NETRDFSFIXLOCALVOLUME(pipes_struct *p, struct srvsvc_NETRDFSFIXLOCALVOLUME *r); -WERROR _srvsvc_NETRDFSMANAGERREPORTSITEINFO(pipes_struct *p, struct srvsvc_NETRDFSMANAGERREPORTSITEINFO *r); -WERROR _srvsvc_NETRSERVERTRANSPORTDELEX(pipes_struct *p, struct srvsvc_NETRSERVERTRANSPORTDELEX *r); /* The following definitions come from rpc_server/srv_svcctl.c */ @@ -7416,138 +6767,9 @@ NTSTATUS rpc_svcctl2_init(void); /* The following definitions come from rpc_server/srv_svcctl_nt.c */ bool init_service_op_table( void ); -WERROR _svcctl_OpenSCManagerW(pipes_struct *p, - struct svcctl_OpenSCManagerW *r); -WERROR _svcctl_OpenServiceW(pipes_struct *p, - struct svcctl_OpenServiceW *r); -WERROR _svcctl_CloseServiceHandle(pipes_struct *p, struct svcctl_CloseServiceHandle *r); -WERROR _svcctl_GetServiceDisplayNameW(pipes_struct *p, - struct svcctl_GetServiceDisplayNameW *r); -WERROR _svcctl_QueryServiceStatus(pipes_struct *p, - struct svcctl_QueryServiceStatus *r); WERROR _svcctl_enum_services_status(pipes_struct *p, SVCCTL_Q_ENUM_SERVICES_STATUS *q_u, SVCCTL_R_ENUM_SERVICES_STATUS *r_u); -WERROR _svcctl_StartServiceW(pipes_struct *p, - struct svcctl_StartServiceW *r); -WERROR _svcctl_ControlService(pipes_struct *p, - struct svcctl_ControlService *r); -WERROR _svcctl_EnumDependentServicesW(pipes_struct *p, - struct svcctl_EnumDependentServicesW *r); WERROR _svcctl_query_service_status_ex( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_STATUSEX *q_u, SVCCTL_R_QUERY_SERVICE_STATUSEX *r_u ); WERROR _svcctl_query_service_config2( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CONFIG2 *q_u, SVCCTL_R_QUERY_SERVICE_CONFIG2 *r_u ); -WERROR _svcctl_LockServiceDatabase(pipes_struct *p, - struct svcctl_LockServiceDatabase *r); -WERROR _svcctl_UnlockServiceDatabase(pipes_struct *p, - struct svcctl_UnlockServiceDatabase *r); -WERROR _svcctl_QueryServiceObjectSecurity(pipes_struct *p, - struct svcctl_QueryServiceObjectSecurity *r); -WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p, - struct svcctl_SetServiceObjectSecurity *r); -WERROR _svcctl_DeleteService(pipes_struct *p, struct svcctl_DeleteService *r); -WERROR _svcctl_SetServiceStatus(pipes_struct *p, struct svcctl_SetServiceStatus *r); -WERROR _svcctl_NotifyBootConfigStatus(pipes_struct *p, struct svcctl_NotifyBootConfigStatus *r); -WERROR _svcctl_SCSetServiceBitsW(pipes_struct *p, struct svcctl_SCSetServiceBitsW *r); -WERROR _svcctl_ChangeServiceConfigW(pipes_struct *p, struct svcctl_ChangeServiceConfigW *r); -WERROR _svcctl_CreateServiceW(pipes_struct *p, struct svcctl_CreateServiceW *r); -WERROR _svcctl_EnumServicesStatusW(pipes_struct *p, struct svcctl_EnumServicesStatusW *r); -WERROR _svcctl_QueryServiceConfigW(pipes_struct *p, struct svcctl_QueryServiceConfigW *r); -WERROR _svcctl_QueryServiceLockStatusW(pipes_struct *p, struct svcctl_QueryServiceLockStatusW *r); -WERROR _svcctl_GetServiceKeyNameW(pipes_struct *p, struct svcctl_GetServiceKeyNameW *r); -WERROR _svcctl_SCSetServiceBitsA(pipes_struct *p, struct svcctl_SCSetServiceBitsA *r); -WERROR _svcctl_ChangeServiceConfigA(pipes_struct *p, struct svcctl_ChangeServiceConfigA *r); -WERROR _svcctl_CreateServiceA(pipes_struct *p, struct svcctl_CreateServiceA *r); -WERROR _svcctl_EnumDependentServicesA(pipes_struct *p, struct svcctl_EnumDependentServicesA *r); -WERROR _svcctl_EnumServicesStatusA(pipes_struct *p, struct svcctl_EnumServicesStatusA *r); -WERROR _svcctl_OpenSCManagerA(pipes_struct *p, struct svcctl_OpenSCManagerA *r); -WERROR _svcctl_OpenServiceA(pipes_struct *p, struct svcctl_OpenServiceA *r); -WERROR _svcctl_QueryServiceConfigA(pipes_struct *p, struct svcctl_QueryServiceConfigA *r); -WERROR _svcctl_QueryServiceLockStatusA(pipes_struct *p, struct svcctl_QueryServiceLockStatusA *r); -WERROR _svcctl_StartServiceA(pipes_struct *p, struct svcctl_StartServiceA *r); -WERROR _svcctl_GetServiceDisplayNameA(pipes_struct *p, struct svcctl_GetServiceDisplayNameA *r); -WERROR _svcctl_GetServiceKeyNameA(pipes_struct *p, struct svcctl_GetServiceKeyNameA *r); -WERROR _svcctl_GetCurrentGroupeStateW(pipes_struct *p, struct svcctl_GetCurrentGroupeStateW *r); -WERROR _svcctl_EnumServiceGroupW(pipes_struct *p, struct svcctl_EnumServiceGroupW *r); -WERROR _svcctl_ChangeServiceConfig2A(pipes_struct *p, struct svcctl_ChangeServiceConfig2A *r); -WERROR _svcctl_ChangeServiceConfig2W(pipes_struct *p, struct svcctl_ChangeServiceConfig2W *r); -WERROR _svcctl_QueryServiceConfig2A(pipes_struct *p, struct svcctl_QueryServiceConfig2A *r); -WERROR _svcctl_QueryServiceConfig2W(pipes_struct *p, struct svcctl_QueryServiceConfig2W *r); -WERROR _svcctl_QueryServiceStatusEx(pipes_struct *p, struct svcctl_QueryServiceStatusEx *r); -WERROR _EnumServicesStatusExA(pipes_struct *p, struct EnumServicesStatusExA *r); -WERROR _EnumServicesStatusExW(pipes_struct *p, struct EnumServicesStatusExW *r); -WERROR _svcctl_SCSendTSMessage(pipes_struct *p, struct svcctl_SCSendTSMessage *r); - -/* The following definitions come from rpc_server/srv_winreg_nt.c */ - -WERROR _winreg_CloseKey(pipes_struct *p, struct winreg_CloseKey *r); -WERROR _winreg_OpenHKLM(pipes_struct *p, struct winreg_OpenHKLM *r); -WERROR _winreg_OpenHKPD(pipes_struct *p, struct winreg_OpenHKPD *r); -WERROR _winreg_OpenHKPT(pipes_struct *p, struct winreg_OpenHKPT *r); -WERROR _winreg_OpenHKCR(pipes_struct *p, struct winreg_OpenHKCR *r); -WERROR _winreg_OpenHKU(pipes_struct *p, struct winreg_OpenHKU *r); -WERROR _winreg_OpenHKCU(pipes_struct *p, struct winreg_OpenHKCU *r); -WERROR _winreg_OpenHKCC(pipes_struct *p, struct winreg_OpenHKCC *r); -WERROR _winreg_OpenHKDD(pipes_struct *p, struct winreg_OpenHKDD *r); -WERROR _winreg_OpenHKPN(pipes_struct *p, struct winreg_OpenHKPN *r); -WERROR _winreg_OpenKey(pipes_struct *p, struct winreg_OpenKey *r); -WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r); -WERROR _winreg_QueryInfoKey(pipes_struct *p, struct winreg_QueryInfoKey *r); -WERROR _winreg_GetVersion(pipes_struct *p, struct winreg_GetVersion *r); -WERROR _winreg_EnumKey(pipes_struct *p, struct winreg_EnumKey *r); -WERROR _winreg_EnumValue(pipes_struct *p, struct winreg_EnumValue *r); -WERROR _winreg_InitiateSystemShutdown(pipes_struct *p, struct winreg_InitiateSystemShutdown *r); -WERROR _winreg_InitiateSystemShutdownEx(pipes_struct *p, struct winreg_InitiateSystemShutdownEx *r); -WERROR _winreg_AbortSystemShutdown(pipes_struct *p, struct winreg_AbortSystemShutdown *r); -WERROR _winreg_RestoreKey(pipes_struct *p, struct winreg_RestoreKey *r); -WERROR _winreg_SaveKey(pipes_struct *p, struct winreg_SaveKey *r); -WERROR _winreg_SaveKeyEx(pipes_struct *p, struct winreg_SaveKeyEx *r); -WERROR _winreg_CreateKey( pipes_struct *p, struct winreg_CreateKey *r); -WERROR _winreg_SetValue(pipes_struct *p, struct winreg_SetValue *r); -WERROR _winreg_DeleteKey(pipes_struct *p, struct winreg_DeleteKey *r); -WERROR _winreg_DeleteValue(pipes_struct *p, struct winreg_DeleteValue *r); -WERROR _winreg_GetKeySecurity(pipes_struct *p, struct winreg_GetKeySecurity *r); -WERROR _winreg_SetKeySecurity(pipes_struct *p, struct winreg_SetKeySecurity *r); -WERROR _winreg_FlushKey(pipes_struct *p, struct winreg_FlushKey *r); -WERROR _winreg_UnLoadKey(pipes_struct *p, struct winreg_UnLoadKey *r); -WERROR _winreg_ReplaceKey(pipes_struct *p, struct winreg_ReplaceKey *r); -WERROR _winreg_LoadKey(pipes_struct *p, struct winreg_LoadKey *r); -WERROR _winreg_NotifyChangeKeyValue(pipes_struct *p, struct winreg_NotifyChangeKeyValue *r); -WERROR _winreg_QueryMultipleValues(pipes_struct *p, struct winreg_QueryMultipleValues *r); -WERROR _winreg_QueryMultipleValues2(pipes_struct *p, struct winreg_QueryMultipleValues2 *r); - -/* The following definitions come from rpc_server/srv_wkssvc_nt.c */ - -WERROR _wkssvc_NetWkstaGetInfo(pipes_struct *p, struct wkssvc_NetWkstaGetInfo *r); -WERROR _wkssvc_NetWkstaSetInfo(pipes_struct *p, struct wkssvc_NetWkstaSetInfo *r); -WERROR _wkssvc_NetWkstaEnumUsers(pipes_struct *p, struct wkssvc_NetWkstaEnumUsers *r); -WERROR _wkssvc_NetrWkstaUserGetInfo(pipes_struct *p, struct wkssvc_NetrWkstaUserGetInfo *r); -WERROR _wkssvc_NetrWkstaUserSetInfo(pipes_struct *p, struct wkssvc_NetrWkstaUserSetInfo *r); -WERROR _wkssvc_NetWkstaTransportEnum(pipes_struct *p, struct wkssvc_NetWkstaTransportEnum *r); -WERROR _wkssvc_NetrWkstaTransportAdd(pipes_struct *p, struct wkssvc_NetrWkstaTransportAdd *r); -WERROR _wkssvc_NetrWkstaTransportDel(pipes_struct *p, struct wkssvc_NetrWkstaTransportDel *r); -WERROR _wkssvc_NetrUseAdd(pipes_struct *p, struct wkssvc_NetrUseAdd *r); -WERROR _wkssvc_NetrUseGetInfo(pipes_struct *p, struct wkssvc_NetrUseGetInfo *r); -WERROR _wkssvc_NetrUseDel(pipes_struct *p, struct wkssvc_NetrUseDel *r); -WERROR _wkssvc_NetrUseEnum(pipes_struct *p, struct wkssvc_NetrUseEnum *r); -WERROR _wkssvc_NetrMessageBufferSend(pipes_struct *p, struct wkssvc_NetrMessageBufferSend *r); -WERROR _wkssvc_NetrWorkstationStatisticsGet(pipes_struct *p, struct wkssvc_NetrWorkstationStatisticsGet *r) ; -WERROR _wkssvc_NetrLogonDomainNameAdd(pipes_struct *p, struct wkssvc_NetrLogonDomainNameAdd *r); -WERROR _wkssvc_NetrLogonDomainNameDel(pipes_struct *p, struct wkssvc_NetrLogonDomainNameDel *r); -WERROR _wkssvc_NetrJoinDomain(pipes_struct *p, struct wkssvc_NetrJoinDomain *r); -WERROR _wkssvc_NetrUnjoinDomain(pipes_struct *p, struct wkssvc_NetrUnjoinDomain *r); -WERROR _wkssvc_NetrRenameMachineInDomain(pipes_struct *p, struct wkssvc_NetrRenameMachineInDomain *r); -WERROR _wkssvc_NetrValidateName(pipes_struct *p, struct wkssvc_NetrValidateName *r); -WERROR _wkssvc_NetrGetJoinInformation(pipes_struct *p, struct wkssvc_NetrGetJoinInformation *r); -WERROR _wkssvc_NetrGetJoinableOus(pipes_struct *p, struct wkssvc_NetrGetJoinableOus *r); -WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, - struct wkssvc_NetrJoinDomain2 *r); -WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p, - struct wkssvc_NetrUnjoinDomain2 *r); -WERROR _wkssvc_NetrRenameMachineInDomain2(pipes_struct *p, struct wkssvc_NetrRenameMachineInDomain2 *r); -WERROR _wkssvc_NetrValidateName2(pipes_struct *p, struct wkssvc_NetrValidateName2 *r); -WERROR _wkssvc_NetrGetJoinableOus2(pipes_struct *p, struct wkssvc_NetrGetJoinableOus2 *r); -WERROR _wkssvc_NetrAddAlternateComputerName(pipes_struct *p, struct wkssvc_NetrAddAlternateComputerName *r); -WERROR _wkssvc_NetrRemoveAlternateComputerName(pipes_struct *p, struct wkssvc_NetrRemoveAlternateComputerName *r); -WERROR _wkssvc_NetrSetPrimaryComputername(pipes_struct *p, struct wkssvc_NetrSetPrimaryComputername *r); -WERROR _wkssvc_NetrEnumerateComputerNames(pipes_struct *p, struct wkssvc_NetrEnumerateComputerNames *r); /* The following definitions come from rpcclient/cmd_dfs.c */ -- cgit From a1aef939cf026e2a191f0bc7434e7857b7b330ec Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 13 Dec 2008 00:24:02 +0100 Subject: s3: re-run make samba3-idl. Guenther --- source3/librpc/gen_ndr/cli_netlogon.c | 9 ++------- source3/librpc/gen_ndr/cli_netlogon.h | 3 +-- source3/librpc/gen_ndr/ndr_netlogon.c | 6 +++--- source3/librpc/gen_ndr/netlogon.h | 2 +- source3/librpc/gen_ndr/srv_netlogon.h | 2 +- 5 files changed, 8 insertions(+), 14 deletions(-) (limited to 'source3') diff --git a/source3/librpc/gen_ndr/cli_netlogon.c b/source3/librpc/gen_ndr/cli_netlogon.c index a1bcb2cb38..1ce4e67c56 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.c +++ b/source3/librpc/gen_ndr/cli_netlogon.c @@ -2306,8 +2306,7 @@ NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, struct netr_Authenticator *return_authenticator /* [out] [ref] */, struct samr_Password *new_owf_password /* [out] [ref] */, struct samr_Password *old_owf_password /* [out] [ref] */, - struct netr_TrustInfo **trust_info /* [out] [ref] */, - WERROR *werror) + struct netr_TrustInfo **trust_info /* [out] [ref] */) { struct netr_ServerGetTrustInfo r; NTSTATUS status; @@ -2348,10 +2347,6 @@ NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, *trust_info = *r.out.trust_info; /* Return result */ - if (werror) { - *werror = r.out.result; - } - - return werror_to_ntstatus(r.out.result); + return r.out.result; } diff --git a/source3/librpc/gen_ndr/cli_netlogon.h b/source3/librpc/gen_ndr/cli_netlogon.h index 7a2d43b3c1..3fbc00e9da 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.h +++ b/source3/librpc/gen_ndr/cli_netlogon.h @@ -366,6 +366,5 @@ NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, struct netr_Authenticator *return_authenticator /* [out] [ref] */, struct samr_Password *new_owf_password /* [out] [ref] */, struct samr_Password *old_owf_password /* [out] [ref] */, - struct netr_TrustInfo **trust_info /* [out] [ref] */, - WERROR *werror); + struct netr_TrustInfo **trust_info /* [out] [ref] */); #endif /* __CLI_NETLOGON__ */ diff --git a/source3/librpc/gen_ndr/ndr_netlogon.c b/source3/librpc/gen_ndr/ndr_netlogon.c index af8228cd5a..81f8ddcab9 100644 --- a/source3/librpc/gen_ndr/ndr_netlogon.c +++ b/source3/librpc/gen_ndr/ndr_netlogon.c @@ -15613,7 +15613,7 @@ static enum ndr_err_code ndr_push_netr_ServerGetTrustInfo(struct ndr_push *ndr, if (*r->out.trust_info) { NDR_CHECK(ndr_push_netr_TrustInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.trust_info)); } - NDR_CHECK(ndr_push_WERROR(ndr, NDR_SCALARS, r->out.result)); + NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; } @@ -15721,7 +15721,7 @@ static enum ndr_err_code ndr_pull_netr_ServerGetTrustInfo(struct ndr_pull *ndr, NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_1, 0); } NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); + NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } return NDR_ERR_SUCCESS; } @@ -15781,7 +15781,7 @@ _PUBLIC_ void ndr_print_netr_ServerGetTrustInfo(struct ndr_print *ndr, const cha } ndr->depth--; ndr->depth--; - ndr_print_WERROR(ndr, "result", r->out.result); + ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; } ndr->depth--; diff --git a/source3/librpc/gen_ndr/netlogon.h b/source3/librpc/gen_ndr/netlogon.h index 02a4a447e0..7fb253446a 100644 --- a/source3/librpc/gen_ndr/netlogon.h +++ b/source3/librpc/gen_ndr/netlogon.h @@ -1727,7 +1727,7 @@ struct netr_ServerGetTrustInfo { struct samr_Password *new_owf_password;/* [ref] */ struct samr_Password *old_owf_password;/* [ref] */ struct netr_TrustInfo **trust_info;/* [ref] */ - WERROR result; + NTSTATUS result; } out; }; diff --git a/source3/librpc/gen_ndr/srv_netlogon.h b/source3/librpc/gen_ndr/srv_netlogon.h index 3bbe4d02fa..cd68d12f1e 100644 --- a/source3/librpc/gen_ndr/srv_netlogon.h +++ b/source3/librpc/gen_ndr/srv_netlogon.h @@ -47,7 +47,7 @@ NTSTATUS _netr_ServerTrustPasswordsGet(pipes_struct *p, struct netr_ServerTrustP WERROR _netr_DsRGetForestTrustInformation(pipes_struct *p, struct netr_DsRGetForestTrustInformation *r); WERROR _netr_GetForestTrustInformation(pipes_struct *p, struct netr_GetForestTrustInformation *r); NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_ServerGetTrustInfo(pipes_struct *p, struct netr_ServerGetTrustInfo *r); +NTSTATUS _netr_ServerGetTrustInfo(pipes_struct *p, struct netr_ServerGetTrustInfo *r); void netlogon_get_pipe_fns(struct api_struct **fns, int *n_fns); NTSTATUS rpc_netlogon_init(void); #endif /* __SRV_NETLOGON__ */ -- cgit From 3c66ba0b3cfe9114f28368c30305103ffec68f57 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 13 Dec 2008 00:27:25 +0100 Subject: s3: fix netlogon rpc_server build after idl change. Guenther --- source3/rpc_server/srv_netlog_nt.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 46450059f4..038690d0f1 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -1402,10 +1402,10 @@ NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, /**************************************************************** ****************************************************************/ -WERROR _netr_ServerGetTrustInfo(pipes_struct *p, - struct netr_ServerGetTrustInfo *r) +NTSTATUS _netr_ServerGetTrustInfo(pipes_struct *p, + struct netr_ServerGetTrustInfo *r) { p->rng_fault_state = true; - return WERR_NOT_SUPPORTED; + return NT_STATUS_NOT_IMPLEMENTED; } -- cgit From fd2bac966783a9aa3f278cc67219920384bc0981 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 19 Nov 2008 22:55:06 +0100 Subject: For read&x replies, check the offset --- source3/libsmb/clireadwrite.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'source3') diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index ecf49396d1..1c2a0d56c4 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -109,6 +109,7 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, uint16_t *vwv; uint16_t num_bytes; uint8_t *bytes; + uint8_t *buf; NTSTATUS status; size_t size; @@ -136,6 +137,24 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, return NT_STATUS_UNEXPECTED_IO_ERROR; } + /* + * bcc field must be valid for small reads, for large reads the 16-bit + * bcc field can't be correct. + */ + + if ((size < 0xffff) && (size > num_bytes)) { + DEBUG(5, ("server announced more bytes than sent\n")); + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + + buf = (uint8_t *)smb_base(cli_req->inbuf) + SVAL(vwv+6, 0); + + if (trans_oob(smb_len(cli_req->inbuf), SVAL(vwv+6, 0), size) + || (buf < bytes)) { + DEBUG(5, ("server returned invalid read&x data offset\n")); + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + *rcvbuf = (uint8_t *)(smb_base(cli_req->inbuf) + SVAL(vwv + 6, 0)); *received = size; return NT_STATUS_OK; -- cgit From 627c844a13caf869ae3c68ec780a8eded7cb181d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 10:31:11 +0100 Subject: Fix a valgrind error in get_relative_fid_filename It doesn't really make sense to check the length of a not-yet-allocated string :-) Volker --- source3/smbd/open.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 1e988f65ec..d22eda2bb5 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3067,7 +3067,7 @@ NTSTATUS get_relative_fid_filename(connection_struct *conn, files_struct *dir_fsp; char *parent_fname = NULL; - if (root_dir_fid == 0 || !fname || !new_fname || !*new_fname) { + if (root_dir_fid == 0 || !fname || !new_fname) { return NT_STATUS_INTERNAL_ERROR; } -- cgit From 588f5aae669910fee6da7f807f330163496b4170 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 22 Oct 2008 10:36:21 +0200 Subject: s3: correctly detect if the current dc is the closest one MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ads->config.tried_closest_dc was never set. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit dfe5b00db35e1e7c7bb3ba36729fc3f97eb48db3) --- source3/include/ads.h | 1 - source3/libads/ndr.c | 1 - source3/utils/net_ads.c | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/include/ads.h b/source3/include/ads.h index b72d250940..abff9eaa8c 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -80,7 +80,6 @@ typedef struct ads_struct { char *server_site_name; char *client_site_name; time_t current_time; - int tried_closest_dc; char *schema_path; char *config_path; } config; diff --git a/source3/libads/ndr.c b/source3/libads/ndr.c index 6324a22041..6ada66ca40 100644 --- a/source3/libads/ndr.c +++ b/source3/libads/ndr.c @@ -75,7 +75,6 @@ void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct ndr_print_string(ndr, "server_site_name", r->config.server_site_name); ndr_print_string(ndr, "client_site_name", r->config.client_site_name); ndr_print_time_t(ndr, "current_time", r->config.current_time); - ndr_print_bool(ndr, "tried_closest_dc", r->config.tried_closest_dc); ndr_print_string(ndr, "schema_path", r->config.schema_path); ndr_print_string(ndr, "config_path", r->config.config_path); ndr->depth--; diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index b03fefe14a..27d534665c 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -293,7 +293,7 @@ retry: tried_closest_dc = true; /* avoid loop */ - if (!ads->config.tried_closest_dc) { + if (!ads_closest_dc(ads)) { namecache_delete(ads->server.realm, 0x1C); namecache_delete(ads->server.workgroup, 0x1C); -- cgit From 7f779450cb0b0d9f36665c56c4acd0950daaeab2 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 22 Oct 2008 11:14:10 +0200 Subject: s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f) --- source3/libads/ldap.c | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 932e42e076..31feea50c7 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -310,11 +310,35 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) realm = c_realm; + /* + * In case of LDAP we use get_dc_name() as that + * creates the custom krb5.conf file + */ + if (!(ads->auth.flags & ADS_AUTH_NO_BIND)) { + fstring srv_name; + struct sockaddr_storage ip_out; + + DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n", + (got_realm ? "realm" : "domain"), realm)); + + if (get_dc_name(realm, realm, srv_name, &ip_out)) { + /* + * we call ads_try_connect() to fill in the + * ads->config details + */ + if (ads_try_connect(ads, srv_name, false)) { + return NT_STATUS_OK; + } + } + + return NT_STATUS_NO_LOGON_SERVERS; + } + sitename = sitename_fetch(realm); again: - DEBUG(6,("ads_find_dc: looking for %s '%s'\n", + DEBUG(6,("ads_find_dc: (cldap) looking for %s '%s'\n", (got_realm ? "realm" : "domain"), realm)); status = get_sorted_dc_list(realm, sitename, &ip_list, &count, got_realm); -- cgit From 0c43f96330f2935805ba4f0f8f858a027a90bc4c Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 09:40:25 +0100 Subject: s3: libsmb/namequery: fallback to returning all dcs, when none is available in the requested site MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It could happen that all dcs in a site are unavailable (some sites have only one dc) and then we need to fallback to get all dcs. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit c127367b1dd622eeceb1f47de0a047c297dda222) --- source3/libsmb/namequery.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'source3') diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index bcf849b795..87ed5af14c 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -2098,6 +2098,15 @@ NTSTATUS get_sorted_dc_list( const char *domain, status = get_dc_list(domain, sitename, ip_list, count, lookup_type, &ordered); + if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS) + && sitename) { + DEBUG(3,("get_sorted_dc_list: no server for name %s available" + " in site %s, fallback to all servers\n", + domain, sitename)); + status = get_dc_list(domain, NULL, ip_list, + count, lookup_type, &ordered); + } + if (!NT_STATUS_IS_OK(status)) { SAFE_FREE(*ip_list); *count = 0; -- cgit From 895c40d03a07182c054a6fd857e7dd6838e698f4 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:31:30 +0100 Subject: s3:libsmb/namequery.c: add saf_join_store() function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit saf_join_store() should be called after a successful domain join, the affinity to the dc used at join time has a larger ttl, to avoid problems with delayed replication. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit 80e74a27c55c01221091e3eec930c2ac4433c22c) --- source3/include/proto.h | 1 + source3/libsmb/namequery.c | 68 ++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 66 insertions(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 09ebaa799e..69194ec6b2 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2984,6 +2984,7 @@ bool namecache_status_fetch(const char *keyname, /* The following definitions come from libsmb/namequery.c */ bool saf_store( const char *domain, const char *servername ); +bool saf_join_store( const char *domain, const char *servername ); bool saf_delete( const char *domain ); char *saf_fetch( const char *domain ); NODE_STATUS_STRUCT *node_status_query(int fd, diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 87ed5af14c..05679570d4 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -34,6 +34,8 @@ bool global_in_nmbd = False; ****************************************************************************/ #define SAFKEY_FMT "SAF/DOMAIN/%s" #define SAF_TTL 900 +#define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s" +#define SAFJOIN_TTL 3600 static char *saf_key(const char *domain) { @@ -44,6 +46,15 @@ static char *saf_key(const char *domain) return keystr; } +static char *saf_join_key(const char *domain) +{ + char *keystr; + + asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain); + + return keystr; +} + /**************************************************************************** ****************************************************************************/ @@ -69,7 +80,7 @@ bool saf_store( const char *domain, const char *servername ) return False; key = saf_key( domain ); - expire = time( NULL ) + SAF_TTL; + expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL); DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n", domain, servername, (unsigned int)expire )); @@ -81,6 +92,38 @@ bool saf_store( const char *domain, const char *servername ) return ret; } +bool saf_join_store( const char *domain, const char *servername ) +{ + char *key; + time_t expire; + bool ret = False; + + if ( !domain || !servername ) { + DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n")); + return False; + } + + if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) { + DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n")); + return False; + } + + if ( !gencache_init() ) + return False; + + key = saf_join_key( domain ); + expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL); + + DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n", + domain, servername, (unsigned int)expire )); + + ret = gencache_set( key, servername, expire ); + + SAFE_FREE( key ); + + return ret; +} + bool saf_delete( const char *domain ) { char *key; @@ -94,15 +137,22 @@ bool saf_delete( const char *domain ) if ( !gencache_init() ) return False; + key = saf_join_key(domain); + ret = gencache_del(key); + SAFE_FREE(key); + + if (ret) { + DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain )); + } + key = saf_key(domain); ret = gencache_del(key); + SAFE_FREE(key); if (ret) { DEBUG(10,("saf_delete: domain = [%s]\n", domain )); } - SAFE_FREE( key ); - return ret; } @@ -124,6 +174,18 @@ char *saf_fetch( const char *domain ) if ( !gencache_init() ) return False; + key = saf_join_key( domain ); + + ret = gencache_get( key, &server, &timeout ); + + SAFE_FREE( key ); + + if ( ret ) { + DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n", + server, domain )); + return server; + } + key = saf_key( domain ); ret = gencache_get( key, &server, &timeout ); -- cgit From 2f27ffc4a2ba745341a5961b8f04e62da3fb089a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:36:25 +0100 Subject: s3:libads/ldap.c: pass the real workgroup name to get_dc_name() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit c2d4a84abe1b6cbf68d6e9f1bb1f8974d0b628fc) --- source3/libads/ldap.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 31feea50c7..61e04d1e7c 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -267,10 +267,12 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc) static NTSTATUS ads_find_dc(ADS_STRUCT *ads) { + const char *c_domain; const char *c_realm; int count, i=0; struct ip_service *ip_list; const char *realm; + const char *domain; bool got_realm = False; bool use_own_domain = False; char *sitename; @@ -308,7 +310,14 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) return NT_STATUS_INVALID_PARAMETER; /* rather need MISSING_PARAMETER ... */ } + if ( use_own_domain ) { + c_domain = lp_workgroup(); + } else { + c_domain = ads->server.workgroup; + } + realm = c_realm; + domain = c_domain; /* * In case of LDAP we use get_dc_name() as that @@ -321,7 +330,7 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n", (got_realm ? "realm" : "domain"), realm)); - if (get_dc_name(realm, realm, srv_name, &ip_out)) { + if (get_dc_name(domain, realm, srv_name, &ip_out)) { /* * we call ads_try_connect() to fill in the * ads->config details -- cgit From a8040d59659e58c5cb92c1107a7ff012eff12729 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:38:15 +0100 Subject: s3:libads/ldap.c: if the client belongs to no site at all any dc is the closest MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit f86ef9b53a903485deba94febf90dd4e657cc02b) --- source3/libads/ldap.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3') diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 61e04d1e7c..c0bb9c7e2d 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -162,6 +162,11 @@ bool ads_closest_dc(ADS_STRUCT *ads) return True; } + if (ads->config.client_site_name == NULL) { + DEBUG(10,("ads_closest_dc: client belongs to no site\n")); + return True; + } + DEBUG(10,("ads_closest_dc: %s is not the closest DC\n", ads->config.ldap_server_name)); -- cgit From 17efebde11eafd065c2cac39cdbe55b8d40d40be Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:39:30 +0100 Subject: s3:libads/ldap.c: store the dc name in the saf cache as in all other places MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit 543fa85a711337e979c7b631bda5db95d109ef59) --- source3/libads/ldap.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index c0bb9c7e2d..cf8a7ebb1b 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -651,9 +651,8 @@ got_connection: /* cache the successful connection for workgroup and realm */ if (ads_closest_dc(ads)) { - print_sockaddr(addr, sizeof(addr), &ads->ldap.ss); - saf_store( ads->server.workgroup, addr); - saf_store( ads->server.realm, addr); + saf_store( ads->server.workgroup, ads->config.ldap_server_name); + saf_store( ads->server.realm, ads->config.ldap_server_name); } ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version); -- cgit From 6a993cb333675f4079d439fa334edee2df604933 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:40:23 +0100 Subject: s3:libnet_join: call saf_join_store() after a the join. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (similar to commit feef594d275881466e2c3f59c0ff54609a9cc53b) --- source3/libnet/libnet_join.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 908fb78ab4..fb8bc1948f 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1521,7 +1521,10 @@ static WERROR libnet_join_post_processing(TALLOC_CTX *mem_ctx, return WERR_OK; } - saf_store(r->in.domain_name, r->in.dc_name); + saf_join_store(r->out.netbios_domain_name, r->in.dc_name); + if (r->out.dns_domain_name) { + saf_join_store(r->out.dns_domain_name, r->in.dc_name); + } #ifdef WITH_ADS if (r->out.domain_is_ad) { -- cgit From 2bb91392b46e347fe3b6803d10b10d8b40e4a4a6 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 21 Nov 2008 08:22:38 +0100 Subject: s3:libnet_join: use DS_FORCE_REDISCOVERY metze --- source3/libnet/libnet_join.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3') diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index fb8bc1948f..691f6ff8eb 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1755,6 +1755,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, r->in.domain_name, NULL, NULL, + DS_FORCE_REDISCOVERY | DS_DIRECTORY_SERVICE_REQUIRED | DS_WRITABLE_REQUIRED | DS_RETURN_DNS_NAME, -- cgit From 1b7b0e924f3064a9774fd5d46bedc3d342b39ddb Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 21 Nov 2008 08:28:13 +0100 Subject: s3:dsgetdcname: retry with the clients site metze --- source3/libsmb/dsgetdcname.c | 49 ++++++++++++++++++++++++++++++++++++++------ 1 file changed, 43 insertions(+), 6 deletions(-) (limited to 'source3') diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c index d8c2b70175..3491544175 100644 --- a/source3/libsmb/dsgetdcname.c +++ b/source3/libsmb/dsgetdcname.c @@ -1119,6 +1119,27 @@ static NTSTATUS dsgetdcname_rediscover(TALLOC_CTX *mem_ctx, num_dcs, info); } +static bool is_closest_site(struct netr_DsRGetDCNameInfo *info) +{ + if (info->dc_flags & DS_SERVER_CLOSEST) { + return true; + } + + if (!info->client_site_name) { + return true; + } + + if (!info->dc_site_name) { + return false; + } + + if (strcmp(info->client_site_name, info->dc_site_name) == 0) { + return true; + } + + return false; +} + /******************************************************************** dsgetdcname. @@ -1136,6 +1157,8 @@ NTSTATUS dsgetdcname(TALLOC_CTX *mem_ctx, NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND; struct netr_DsRGetDCNameInfo *myinfo = NULL; char *query_site = NULL; + bool first = true; + struct netr_DsRGetDCNameInfo *first_info = NULL; DEBUG(10,("dsgetdcname: domain_name: %s, " "domain_guid: %s, site_name: %s, flags: 0x%08x\n", @@ -1163,7 +1186,6 @@ NTSTATUS dsgetdcname(TALLOC_CTX *mem_ctx, status = dsgetdcname_cached(mem_ctx, msg_ctx, domain_name, domain_guid, flags, query_site, &myinfo); if (NT_STATUS_IS_OK(status)) { - *info = myinfo; goto done; } @@ -1176,12 +1198,27 @@ NTSTATUS dsgetdcname(TALLOC_CTX *mem_ctx, domain_guid, flags, query_site, &myinfo); - if (NT_STATUS_IS_OK(status)) { - *info = myinfo; - } - done: SAFE_FREE(query_site); - return status; + if (!NT_STATUS_IS_OK(status)) { + if (!first) { + *info = first_info; + return NT_STATUS_OK; + } + return status; + } + + if (!first) { + TALLOC_FREE(first_info); + } else if (!is_closest_site(myinfo)) { + first = false; + first_info = myinfo; + /* TODO: may use the next_closest_site here */ + query_site = SMB_STRDUP(myinfo->client_site_name); + goto rediscover; + } + + *info = myinfo; + return NT_STATUS_OK; } -- cgit From b04d00744efb2189c37c01b2c57cc3899db1e482 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 16:53:17 +0100 Subject: Micro-Optimize cliconnect.c In this form, the prots array is fully read-only in the text segment and thus can be shared between processes. Probably pointless, but I had fun doing it :-) --- source3/libsmb/cliconnect.c | 49 +++++++++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 22 deletions(-) (limited to 'source3') diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index d33775fbb8..8194a36941 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -22,19 +22,18 @@ static const struct { int prot; - const char *name; -} prots[] = { - {PROTOCOL_CORE,"PC NETWORK PROGRAM 1.0"}, - {PROTOCOL_COREPLUS,"MICROSOFT NETWORKS 1.03"}, - {PROTOCOL_LANMAN1,"MICROSOFT NETWORKS 3.0"}, - {PROTOCOL_LANMAN1,"LANMAN1.0"}, - {PROTOCOL_LANMAN2,"LM1.2X002"}, - {PROTOCOL_LANMAN2,"DOS LANMAN2.1"}, - {PROTOCOL_LANMAN2,"LANMAN2.1"}, - {PROTOCOL_LANMAN2,"Samba"}, - {PROTOCOL_NT1,"NT LANMAN 1.0"}, - {PROTOCOL_NT1,"NT LM 0.12"}, - {-1,NULL} + const char name[24]; +} prots[10] = { + {PROTOCOL_CORE, "PC NETWORK PROGRAM 1.0"}, + {PROTOCOL_COREPLUS, "MICROSOFT NETWORKS 1.03"}, + {PROTOCOL_LANMAN1, "MICROSOFT NETWORKS 3.0"}, + {PROTOCOL_LANMAN1, "LANMAN1.0"}, + {PROTOCOL_LANMAN2, "LM1.2X002"}, + {PROTOCOL_LANMAN2, "DOS LANMAN2.1"}, + {PROTOCOL_LANMAN2, "LANMAN2.1"}, + {PROTOCOL_LANMAN2, "Samba"}, + {PROTOCOL_NT1, "NT LANMAN 1.0"}, + {PROTOCOL_NT1, "NT LM 0.12"}, }; static const char *star_smbserver_name = "*SMBSERVER"; @@ -1221,9 +1220,10 @@ void cli_negprot_send(struct cli_state *cli) cli_set_message(cli->outbuf,0,0,True); p = smb_buf(cli->outbuf); - for (numprots=0; - prots[numprots].name && prots[numprots].prot<=cli->protocol; - numprots++) { + for (numprots=0; numprots < ARRAY_SIZE(prots); numprots++) { + if (prots[numprots].prot > cli->protocol) { + break; + } *p++ = 2; p += clistr_push(cli, p, prots[numprots].name, -1, STR_TERMINATE); } @@ -1252,18 +1252,23 @@ bool cli_negprot(struct cli_state *cli) memset(cli->outbuf,'\0',smb_size); + plength = 0; + /* setup the protocol strings */ - for (plength=0,numprots=0; - prots[numprots].name && prots[numprots].prot<=cli->protocol; - numprots++) + for (numprots=0; numprots < ARRAY_SIZE(prots); numprots++) { + if (prots[numprots].prot > cli->protocol) { + break; + } plength += strlen(prots[numprots].name)+2; + } cli_set_message(cli->outbuf,0,plength,True); p = smb_buf(cli->outbuf); - for (numprots=0; - prots[numprots].name && prots[numprots].prot<=cli->protocol; - numprots++) { + for (numprots=0; numprots < ARRAY_SIZE(prots); numprots++) { + if (prots[numprots].prot > cli->protocol) { + break; + } *p++ = 2; p += clistr_push(cli, p, prots[numprots].name, -1, STR_TERMINATE); } -- cgit From da6be4102ed1e3d4e20f08dd8944f062d13c759a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 17:04:12 +0100 Subject: Remove a static variable Derrell, please check! Thanks, Volker --- source3/libsmb/libsmb_dir.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'source3') diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c index aa313f2c05..d12e7487f6 100644 --- a/source3/libsmb/libsmb_dir.c +++ b/source3/libsmb/libsmb_dir.c @@ -1193,8 +1193,6 @@ SMBC_mkdir_ctx(SMBCCTX *context, * Our list function simply checks to see if a directory is not empty */ -static int smbc_rmdir_dirempty = True; - static void rmdir_list_fn(const char *mnt, file_info *finfo, @@ -1203,7 +1201,8 @@ rmdir_list_fn(const char *mnt, { if (strncmp(finfo->name, ".", 1) != 0 && strncmp(finfo->name, "..", 2) != 0) { - smbc_rmdir_dirempty = False; + bool *smbc_rmdir_dirempty = (bool *)state; + *smbc_rmdir_dirempty = false; } } @@ -1292,8 +1291,7 @@ SMBC_rmdir_ctx(SMBCCTX *context, /* Local storage to avoid buffer overflows */ char *lpath; - - smbc_rmdir_dirempty = True; /* Make this so ... */ + bool smbc_rmdir_dirempty = true; lpath = talloc_asprintf(frame, "%s\\*", targetpath); @@ -1305,7 +1303,8 @@ SMBC_rmdir_ctx(SMBCCTX *context, if (cli_list(targetcli, lpath, aDIR | aSYSTEM | aHIDDEN, - rmdir_list_fn, NULL) < 0) { + rmdir_list_fn, + &smbc_rmdir_dirempty) < 0) { /* Fix errno to ignore latest error ... */ DEBUG(5, ("smbc_rmdir: " -- cgit From be3d9990635fa31e4110285842b1ca98ed4ce53c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 16:40:25 +0100 Subject: Remove a pointless static variable Every sane compiler will only allocate "*SMBSERVER" once --- source3/libsmb/cliconnect.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3') diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 8194a36941..125345fccb 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -36,7 +36,7 @@ static const struct { {PROTOCOL_NT1, "NT LM 0.12"}, }; -static const char *star_smbserver_name = "*SMBSERVER"; +#define STAR_SMBSERVER "*SMBSERVER" /** * Set the user session key for a connection @@ -862,7 +862,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, if (principal == NULL && !is_ipaddress(cli->desthost) && - !strequal(star_smbserver_name, + !strequal(STAR_SMBSERVER, cli->desthost)) { char *realm = NULL; char *machine = NULL; @@ -1500,7 +1500,7 @@ NTSTATUS cli_connect(struct cli_state *cli, /* reasonable default hostname */ if (!host) { - host = star_smbserver_name; + host = STAR_SMBSERVER; } fstrcpy(cli->desthost, host); @@ -1648,8 +1648,8 @@ again: *p = 0; goto again; } - if (strcmp(called.name, star_smbserver_name)) { - make_nmb_name(&called , star_smbserver_name, 0x20); + if (strcmp(called.name, STAR_SMBSERVER)) { + make_nmb_name(&called , STAR_SMBSERVER, 0x20); goto again; } return NT_STATUS_BAD_NETWORK_NAME; @@ -1779,7 +1779,7 @@ bool attempt_netbios_session_request(struct cli_state **ppcli, const char *srcho */ if(is_ipaddress(desthost)) { - make_nmb_name(&called, star_smbserver_name, 0x20); + make_nmb_name(&called, STAR_SMBSERVER, 0x20); } else { make_nmb_name(&called, desthost, 0x20); } @@ -1788,7 +1788,7 @@ bool attempt_netbios_session_request(struct cli_state **ppcli, const char *srcho NTSTATUS status; struct nmb_name smbservername; - make_nmb_name(&smbservername, star_smbserver_name, 0x20); + make_nmb_name(&smbservername, STAR_SMBSERVER, 0x20); /* * If the name wasn't *SMBSERVER then -- cgit From c689d75c27c9fb0a0b3ae05fc75d38671055cd8e Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Sat, 13 Dec 2008 11:31:20 -0800 Subject: don't return 0 on error - bad for scripts --- source3/utils/smbcacls.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3') diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 1bfc4757da..f7f1272215 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -735,6 +735,8 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode, if (!cli_set_secdesc(cli, fnum, sd)) { printf("ERROR: secdesc set failed: %s\n", cli_errstr(cli)); + cli_close(cli, fnum); + return EXIT_FAILED; } cli_close(cli, fnum); -- cgit From 5887857a247622cff80d2fff9ef2d45cd7516dfb Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Dec 2008 12:30:04 +0100 Subject: Remove a pointless static variable --- source3/lib/display_sec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index a0d93d6fe7..636639c11d 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -240,7 +240,7 @@ void display_sec_acl(SEC_ACL *sec_acl) void display_acl_type(uint16 type) { - static fstring typestr=""; + fstring typestr=""; typestr[0] = 0; -- cgit From 31f157a04b2f26537c9da4aa39bdcdde7b41e64b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Dec 2008 13:11:41 +0100 Subject: Move 128 bytes from the data to the text segment --- source3/include/smb_macros.h | 2 +- source3/lib/util_str.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 119ceeb158..5149da0cb3 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -333,7 +333,7 @@ do { \ /* Warning - this must only be called with 0 <= c < 128. IT WILL * GIVE GARBAGE if c > 128 or c < 0. JRA. */ -extern char toupper_ascii_fast_table[]; +extern const char toupper_ascii_fast_table[]; #define toupper_ascii_fast(c) toupper_ascii_fast_table[(unsigned int)(c)]; #endif diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index fde4f825e8..9358061797 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -24,7 +24,7 @@ #include "includes.h" -char toupper_ascii_fast_table[128] = { +const char toupper_ascii_fast_table[128] = { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xa, 0xb, 0xc, 0xd, 0xe, 0xf, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, -- cgit From daeb3a190d16a5bc05be63b2b136ebe65d6f6cf7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Dec 2008 13:06:19 +0100 Subject: Remove the global "cmdline_auth_info" from source3/lib/util.c This involves changing all our clients, that's why it's so large. --- source3/client/client.c | 40 +++++++---- source3/include/proto.h | 41 +++++++----- source3/lib/popt_common.c | 59 +++++++++++------ source3/lib/util.c | 143 +++++++++++++++++++++++----------------- source3/librpc/rpc/dcerpc.c | 6 ++ source3/libsmb/clidfs.c | 13 ++-- source3/libsmb/libsmb_context.c | 18 +++-- source3/rpcclient/cmd_spoolss.c | 10 +-- source3/rpcclient/rpcclient.c | 50 ++++++++------ source3/utils/smbcacls.c | 34 ++++++---- source3/utils/smbcquotas.c | 32 +++++---- source3/utils/smbtree.c | 22 ++++--- 12 files changed, 284 insertions(+), 184 deletions(-) (limited to 'source3') diff --git a/source3/client/client.c b/source3/client/client.c index da789161c9..c88b918dc8 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -218,13 +218,12 @@ static int readfile(char *b, int n, XFILE *f) Send a message. ****************************************************************************/ -static void send_message(void) +static void send_message(const char *username) { int total_len = 0; int grp_id; - if (!cli_message_start(cli, desthost, - get_cmdline_auth_info_username(), &grp_id)) { + if (!cli_message_start(cli, desthost, username, &grp_id)) { d_printf("message start: %s\n", cli_errstr(cli)); return; } @@ -4607,7 +4606,7 @@ static int do_tar_op(const char *base_directory) Handle a message operation. ****************************************************************************/ -static int do_message_op(void) +static int do_message_op(struct user_auth_info *auth_info) { struct sockaddr_storage ss; struct nmb_name called, calling; @@ -4648,7 +4647,7 @@ static int do_message_op(void) return 1; } - send_message(); + send_message(get_cmdline_auth_info_username(auth_info)); cli_cm_shutdown(); return 0; @@ -4695,6 +4694,7 @@ static int do_message_op(void) POPT_TABLEEND }; TALLOC_CTX *frame = talloc_stackframe(); + struct user_auth_info *auth_info; if (!client_set_cur_dir("\\")) { exit(ENOMEM); @@ -4724,6 +4724,12 @@ static int do_message_op(void) load_case_tables(); + auth_info = user_auth_info_init(frame); + if (auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(auth_info); + /* skip argv(0) */ pc = poptGetContext("smbclient", argc, (const char **) argv, long_options, 0); poptSetOtherOptionHelp(pc, "service "); @@ -4751,8 +4757,11 @@ static int do_message_op(void) } /* if the service has already been retrieved then check if we have also a password */ - if (service_opt && (!get_cmdline_auth_info_got_pass()) && poptPeekArg(pc)) { - set_cmdline_auth_info_password(poptGetArg(pc)); + if (service_opt + && (!get_cmdline_auth_info_got_pass(auth_info)) + && poptPeekArg(pc)) { + set_cmdline_auth_info_password(auth_info, + poptGetArg(pc)); } switch (opt) { @@ -4858,8 +4867,11 @@ static int do_message_op(void) } /* if the service has already been retrieved then check if we have also a password */ - if (service_opt && !get_cmdline_auth_info_got_pass() && poptPeekArg(pc)) { - set_cmdline_auth_info_password(poptGetArg(pc)); + if (service_opt + && !get_cmdline_auth_info_got_pass(auth_info) + && poptPeekArg(pc)) { + set_cmdline_auth_info_password(auth_info, + poptGetArg(pc)); } /* check for the -P option */ @@ -4893,8 +4905,8 @@ static int do_message_op(void) argv[0], get_dyn_CONFIGFILE()); } - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(auth_info) && + !set_cmdline_auth_info_machine_account_creds(auth_info)) { exit(-1); } @@ -4929,7 +4941,7 @@ static int do_message_op(void) calling_name = talloc_strdup(frame, global_myname() ); } - smb_encrypt = get_cmdline_auth_info_smb_encrypt(); + smb_encrypt = get_cmdline_auth_info_smb_encrypt(auth_info); if (!init_names()) { fprintf(stderr, "init_names() failed\n"); exit(1); @@ -4947,7 +4959,7 @@ static int do_message_op(void) /* Store the username and password for dfs support */ - cli_cm_set_credentials(); + cli_cm_set_credentials(auth_info); DEBUG(3,("Client started (version %s).\n", SAMBA_VERSION_STRING)); @@ -4980,7 +4992,7 @@ static int do_message_op(void) } if (message) { - return do_message_op(); + return do_message_op(auth_info); } if (process(base_directory)) { diff --git a/source3/include/proto.h b/source3/include/proto.h index 69194ec6b2..2a8f83847f 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -637,6 +637,7 @@ void pidfile_create(const char *program_name); /* The following definitions come from lib/popt_common.c */ +void popt_common_set_auth_info(struct user_auth_info *auth_info); /* The following definitions come from lib/privileges.c */ @@ -1139,22 +1140,28 @@ void gfree_all( void ); const char *my_netbios_names(int i); bool set_netbios_aliases(const char **str_array); bool init_names(void); -const char *get_cmdline_auth_info_username(void); -void set_cmdline_auth_info_username(const char *username); -const char *get_cmdline_auth_info_password(void); -void set_cmdline_auth_info_password(const char *password); -bool set_cmdline_auth_info_signing_state(const char *arg); -int get_cmdline_auth_info_signing_state(void); -void set_cmdline_auth_info_use_kerberos(bool b); -bool get_cmdline_auth_info_use_kerberos(void); -void set_cmdline_auth_info_use_krb5_ticket(void); -void set_cmdline_auth_info_smb_encrypt(void); -void set_cmdline_auth_info_use_machine_account(void); -bool get_cmdline_auth_info_got_pass(void); -bool get_cmdline_auth_info_smb_encrypt(void); -bool get_cmdline_auth_info_use_machine_account(void); -bool get_cmdline_auth_info_copy(struct user_auth_info *info); -bool set_cmdline_auth_info_machine_account_creds(void); +struct user_auth_info *user_auth_info_init(TALLOC_CTX *mem_ctx); +const char *get_cmdline_auth_info_username(struct user_auth_info *auth_info); +void set_cmdline_auth_info_username(struct user_auth_info *auth_info, + const char *username); +void set_cmdline_auth_info_password(struct user_auth_info *auth_info, + const char *password); +const char *get_cmdline_auth_info_password(struct user_auth_info *auth_info); +bool set_cmdline_auth_info_signing_state(struct user_auth_info *auth_info, + const char *arg); +int get_cmdline_auth_info_signing_state(struct user_auth_info *auth_info); +void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info, + bool b); +bool get_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info); +void set_cmdline_auth_info_use_krb5_ticket(struct user_auth_info *auth_info); +void set_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info); +void set_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info); +bool get_cmdline_auth_info_got_pass(struct user_auth_info *auth_info); +bool get_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info); +bool get_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info); +struct user_auth_info *get_cmdline_auth_info_copy(TALLOC_CTX *mem_ctx, + struct user_auth_info *info); +bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_info); bool add_gid_to_array_unique(TALLOC_CTX *mem_ctx, gid_t gid, gid_t **gids, size_t *num_gids); const char *get_numlist(const char *p, uint32 **num, int *count); @@ -2419,7 +2426,7 @@ struct cli_state *cli_cm_open(TALLOC_CTX *ctx, bool force_encrypt); void cli_cm_shutdown(void); void cli_cm_display(void); -void cli_cm_set_credentials(void); +void cli_cm_set_credentials(struct user_auth_info *auth_info); void cli_cm_set_port(int port_number); void cli_cm_set_dest_name_type(int type); void cli_cm_set_signing_state(int state); diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c index 9e67c5257d..cad14ec493 100644 --- a/source3/lib/popt_common.c +++ b/source3/lib/popt_common.c @@ -318,7 +318,7 @@ const struct poptOption popt_common_dynconfig[] = { * exit on failure * ****************************************************************************/ -static void get_password_file(void) +static void get_password_file(struct user_auth_info *auth_info) { int fd = -1; char *p; @@ -377,13 +377,14 @@ static void get_password_file(void) } SAFE_FREE(spec); - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(auth_info, pass); if (close_it) { close(fd); } } -static void get_credentials_file(const char *file) +static void get_credentials_file(struct user_auth_info *auth_info, + const char *file) { XFILE *auth; fstring buf; @@ -426,9 +427,9 @@ static void get_credentials_file(const char *file) val++; if (strwicmp("password", param) == 0) { - set_cmdline_auth_info_password(val); + set_cmdline_auth_info_password(auth_info, val); } else if (strwicmp("username", param) == 0) { - set_cmdline_auth_info_username(val); + set_cmdline_auth_info_username(auth_info, val); } else if (strwicmp("domain", param) == 0) { set_global_myworkgroup(val); } @@ -453,13 +454,16 @@ static void popt_common_credentials_callback(poptContext con, const struct poptOption *opt, const char *arg, const void *data) { + struct user_auth_info *auth_info = talloc_get_type_abort( + *((const char **)data), struct user_auth_info); char *p; if (reason == POPT_CALLBACK_REASON_PRE) { - set_cmdline_auth_info_username("GUEST"); + set_cmdline_auth_info_username(auth_info, "GUEST"); if (getenv("LOGNAME")) { - set_cmdline_auth_info_username(getenv("LOGNAME")); + set_cmdline_auth_info_username(auth_info, + getenv("LOGNAME")); } if (getenv("USER")) { @@ -467,24 +471,25 @@ static void popt_common_credentials_callback(poptContext con, if (!puser) { exit(ENOMEM); } - set_cmdline_auth_info_username(puser); + set_cmdline_auth_info_username(auth_info, puser); if ((p = strchr_m(puser,'%'))) { size_t len; *p = 0; len = strlen(p+1); - set_cmdline_auth_info_password(p+1); + set_cmdline_auth_info_password(auth_info, p+1); memset(strchr_m(getenv("USER"),'%')+1,'X',len); } SAFE_FREE(puser); } if (getenv("PASSWD")) { - set_cmdline_auth_info_password(getenv("PASSWD")); + set_cmdline_auth_info_password(auth_info, + getenv("PASSWD")); } if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) { - get_password_file(); + get_password_file(auth_info); } return; @@ -499,19 +504,22 @@ static void popt_common_credentials_callback(poptContext con, if ((lp=strchr_m(puser,'%'))) { size_t len; *lp = 0; - set_cmdline_auth_info_username(puser); - set_cmdline_auth_info_password(lp+1); + set_cmdline_auth_info_username(auth_info, + puser); + set_cmdline_auth_info_password(auth_info, + lp+1); len = strlen(lp+1); memset(strchr_m(arg,'%')+1,'X',len); } else { - set_cmdline_auth_info_username(puser); + set_cmdline_auth_info_username(auth_info, + puser); } SAFE_FREE(puser); } break; case 'A': - get_credentials_file(arg); + get_credentials_file(auth_info, arg); break; case 'k': @@ -519,31 +527,40 @@ static void popt_common_credentials_callback(poptContext con, d_printf("No kerberos support compiled in\n"); exit(1); #else - set_cmdline_auth_info_use_krb5_ticket(); + set_cmdline_auth_info_use_krb5_ticket(auth_info); #endif break; case 'S': - if (!set_cmdline_auth_info_signing_state(arg)) { + if (!set_cmdline_auth_info_signing_state(auth_info, arg)) { fprintf(stderr, "Unknown signing option %s\n", arg ); exit(1); } break; case 'P': - set_cmdline_auth_info_use_machine_account(); + set_cmdline_auth_info_use_machine_account(auth_info); break; case 'N': - set_cmdline_auth_info_password(""); + set_cmdline_auth_info_password(auth_info, ""); break; case 'e': - set_cmdline_auth_info_smb_encrypt(); + set_cmdline_auth_info_smb_encrypt(auth_info); break; } } +static struct user_auth_info *global_auth_info; + +void popt_common_set_auth_info(struct user_auth_info *auth_info) +{ + global_auth_info = auth_info; +} + struct poptOption popt_common_credentials[] = { - { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, (void *)popt_common_credentials_callback }, + { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, + (void *)popt_common_credentials_callback, 0, + (const char *)&global_auth_info }, { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" }, { "no-pass", 'N', POPT_ARG_NONE, NULL, 'N', "Don't ask for a password" }, { "kerberos", 'k', POPT_ARG_NONE, NULL, 'k', "Use kerberos (active directory) authentication" }, diff --git a/source3/lib/util.c b/source3/lib/util.c index 074b523ae0..dd23d547b5 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -280,135 +280,154 @@ bool init_names(void) Used mainly in client tools. ****************************************************************************/ -static struct user_auth_info cmdline_auth_info = { - NULL, /* username */ - NULL, /* password */ - false, /* got_pass */ - false, /* use_kerberos */ - Undefined, /* signing state */ - false, /* smb_encrypt */ - false /* use machine account */ -}; - -const char *get_cmdline_auth_info_username(void) -{ - if (!cmdline_auth_info.username) { +struct user_auth_info *user_auth_info_init(TALLOC_CTX *mem_ctx) +{ + struct user_auth_info *result; + + result = TALLOC_ZERO_P(mem_ctx, struct user_auth_info); + if (result == NULL) { + return NULL; + } + + result->signing_state = Undefined; + return result; +} + +const char *get_cmdline_auth_info_username(struct user_auth_info *auth_info) +{ + if (!auth_info->username) { return ""; } - return cmdline_auth_info.username; + return auth_info->username; } -void set_cmdline_auth_info_username(const char *username) +void set_cmdline_auth_info_username(struct user_auth_info *auth_info, + const char *username) { - SAFE_FREE(cmdline_auth_info.username); - cmdline_auth_info.username = SMB_STRDUP(username); - if (!cmdline_auth_info.username) { + TALLOC_FREE(auth_info->username); + auth_info->username = talloc_strdup(auth_info, username); + if (!auth_info->username) { exit(ENOMEM); } } -const char *get_cmdline_auth_info_password(void) +const char *get_cmdline_auth_info_password(struct user_auth_info *auth_info) { - if (!cmdline_auth_info.password) { + if (!auth_info->password) { return ""; } - return cmdline_auth_info.password; + return auth_info->password; } -void set_cmdline_auth_info_password(const char *password) +void set_cmdline_auth_info_password(struct user_auth_info *auth_info, + const char *password) { - SAFE_FREE(cmdline_auth_info.password); - cmdline_auth_info.password = SMB_STRDUP(password); - if (!cmdline_auth_info.password) { + TALLOC_FREE(auth_info->password); + auth_info->password = talloc_strdup(auth_info, password); + if (!auth_info->password) { exit(ENOMEM); } - cmdline_auth_info.got_pass = true; + auth_info->got_pass = true; } -bool set_cmdline_auth_info_signing_state(const char *arg) +bool set_cmdline_auth_info_signing_state(struct user_auth_info *auth_info, + const char *arg) { - cmdline_auth_info.signing_state = -1; + auth_info->signing_state = -1; if (strequal(arg, "off") || strequal(arg, "no") || strequal(arg, "false")) { - cmdline_auth_info.signing_state = false; + auth_info->signing_state = false; } else if (strequal(arg, "on") || strequal(arg, "yes") || strequal(arg, "true") || strequal(arg, "auto")) { - cmdline_auth_info.signing_state = true; + auth_info->signing_state = true; } else if (strequal(arg, "force") || strequal(arg, "required") || strequal(arg, "forced")) { - cmdline_auth_info.signing_state = Required; + auth_info->signing_state = Required; } else { return false; } return true; } -int get_cmdline_auth_info_signing_state(void) +int get_cmdline_auth_info_signing_state(struct user_auth_info *auth_info) { - return cmdline_auth_info.signing_state; + return auth_info->signing_state; } -void set_cmdline_auth_info_use_kerberos(bool b) +void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info, + bool b) { - cmdline_auth_info.use_kerberos = b; + auth_info->use_kerberos = b; } -bool get_cmdline_auth_info_use_kerberos(void) +bool get_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info) { - return cmdline_auth_info.use_kerberos; + return auth_info->use_kerberos; } /* This should only be used by lib/popt_common.c JRA */ -void set_cmdline_auth_info_use_krb5_ticket(void) +void set_cmdline_auth_info_use_krb5_ticket(struct user_auth_info *auth_info) { - cmdline_auth_info.use_kerberos = true; - cmdline_auth_info.got_pass = true; + auth_info->use_kerberos = true; + auth_info->got_pass = true; } /* This should only be used by lib/popt_common.c JRA */ -void set_cmdline_auth_info_smb_encrypt(void) +void set_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info) { - cmdline_auth_info.smb_encrypt = true; + auth_info->smb_encrypt = true; } -void set_cmdline_auth_info_use_machine_account(void) +void set_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info) { - cmdline_auth_info.use_machine_account = true; + auth_info->use_machine_account = true; } -bool get_cmdline_auth_info_got_pass(void) +bool get_cmdline_auth_info_got_pass(struct user_auth_info *auth_info) { - return cmdline_auth_info.got_pass; + return auth_info->got_pass; } -bool get_cmdline_auth_info_smb_encrypt(void) +bool get_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info) { - return cmdline_auth_info.smb_encrypt; + return auth_info->smb_encrypt; } -bool get_cmdline_auth_info_use_machine_account(void) +bool get_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info) { - return cmdline_auth_info.use_machine_account; + return auth_info->use_machine_account; } -bool get_cmdline_auth_info_copy(struct user_auth_info *info) +struct user_auth_info *get_cmdline_auth_info_copy(TALLOC_CTX *mem_ctx, + struct user_auth_info *src) { - *info = cmdline_auth_info; - /* Now re-alloc the strings. */ - info->username = SMB_STRDUP(get_cmdline_auth_info_username()); - info->password = SMB_STRDUP(get_cmdline_auth_info_password()); - if (!info->username || !info->password) { - return false; + struct user_auth_info *result; + + result = user_auth_info_init(mem_ctx); + if (result == NULL) { + return NULL; } - return true; + + *result = *src; + + result->username = talloc_strdup( + result, get_cmdline_auth_info_username(src)); + result->password = talloc_strdup( + result, get_cmdline_auth_info_password(src)); + if ((result->username == NULL) || (result->password == NULL)) { + TALLOC_FREE(result); + return NULL; + } + + return result; } -bool set_cmdline_auth_info_machine_account_creds(void) +bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_info) { char *pass = NULL; char *account = NULL; - if (!get_cmdline_auth_info_use_machine_account()) { + if (!get_cmdline_auth_info_use_machine_account(auth_info)) { return false; } @@ -430,8 +449,8 @@ bool set_cmdline_auth_info_machine_account_creds(void) return false; } - set_cmdline_auth_info_username(account); - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_username(auth_info, account); + set_cmdline_auth_info_password(auth_info, pass); SAFE_FREE(account); SAFE_FREE(pass); diff --git a/source3/librpc/rpc/dcerpc.c b/source3/librpc/rpc/dcerpc.c index 77bb7b33a2..69bfc6f329 100644 --- a/source3/librpc/rpc/dcerpc.c +++ b/source3/librpc/rpc/dcerpc.c @@ -117,6 +117,10 @@ NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req) return NT_STATUS_OK; } +#if 0 + +Completely unfinished and unused -- vl :-) + /** * Connect to a DCE/RPC interface. * @@ -178,3 +182,5 @@ _PUBLIC_ NTSTATUS dcerpc_pipe_connect(TALLOC_CTX *parent_ctx, struct dcerpc_pipe return nt_status; } + +#endif diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 35922b13e9..f0ac39fed0 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -471,18 +471,19 @@ static void cm_set_password(const char *newpass) /**************************************************************************** ****************************************************************************/ -void cli_cm_set_credentials(void) +void cli_cm_set_credentials(struct user_auth_info *auth_info) { SAFE_FREE(cm_creds.username); - cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username()); + cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username( + auth_info)); - if (get_cmdline_auth_info_got_pass()) { - cm_set_password(get_cmdline_auth_info_password()); + if (get_cmdline_auth_info_got_pass(auth_info)) { + cm_set_password(get_cmdline_auth_info_password(auth_info)); } - cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos(); + cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos(auth_info); cm_creds.fallback_after_kerberos = false; - cm_creds.signing_state = get_cmdline_auth_info_signing_state(); + cm_creds.signing_state = get_cmdline_auth_info_signing_state(auth_info); } /**************************************************************************** diff --git a/source3/libsmb/libsmb_context.c b/source3/libsmb/libsmb_context.c index 19843383de..becee17f65 100644 --- a/source3/libsmb/libsmb_context.c +++ b/source3/libsmb/libsmb_context.c @@ -633,13 +633,19 @@ smbc_set_credentials(char *workgroup, smbc_bool use_kerberos, char *signing_state) { - - set_cmdline_auth_info_username(user); - set_cmdline_auth_info_password(password); - set_cmdline_auth_info_use_kerberos(use_kerberos); - if (! set_cmdline_auth_info_signing_state(signing_state)) { + struct user_auth_info *auth_info; + + auth_info = user_auth_info_init(talloc_tos()); + if (auth_info == NULL) { + return; + } + set_cmdline_auth_info_username(auth_info, user); + set_cmdline_auth_info_password(auth_info, password); + set_cmdline_auth_info_use_kerberos(auth_info, use_kerberos); + if (! set_cmdline_auth_info_signing_state(auth_info, signing_state)) { DEBUG(0, ("Invalid signing state: %s", signing_state)); } set_global_myworkgroup(workgroup); - cli_cm_set_credentials(); + cli_cm_set_credentials(auth_info); + TALLOC_FREE(auth_info); } diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index 26a73203b9..038acfbcdc 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -2641,6 +2641,8 @@ done: /**************************************************************************** ****************************************************************************/ +extern struct user_auth_info *rpcclient_auth_info; + static WERROR cmd_spoolss_printercmp(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) @@ -2671,11 +2673,11 @@ static WERROR cmd_spoolss_printercmp(struct rpc_pipe_client *cli, nt_status = cli_full_connection(&cli_server2, global_myname(), servername2, NULL, 0, "IPC$", "IPC", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(rpcclient_auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), - get_cmdline_auth_info_use_kerberos() ? CLI_FULL_CONNECTION_USE_KERBEROS : 0, - get_cmdline_auth_info_signing_state(), NULL); + get_cmdline_auth_info_password(rpcclient_auth_info), + get_cmdline_auth_info_use_kerberos(rpcclient_auth_info) ? CLI_FULL_CONNECTION_USE_KERBEROS : 0, + get_cmdline_auth_info_signing_state(rpcclient_auth_info), NULL); if ( !NT_STATUS_IS_OK(nt_status) ) return WERR_GENERAL_FAILURE; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index e8ffddb6dc..dc125007e3 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -28,6 +28,8 @@ static enum pipe_auth_type pipe_default_auth_type = PIPE_AUTH_TYPE_NONE; static enum pipe_auth_level pipe_default_auth_level = PIPE_AUTH_LEVEL_NONE; static unsigned int timeout = 0; +struct user_auth_info *rpcclient_auth_info; + /* List to hold groups of commands. * * Commands are defined in a list of arrays: arrays are easy to @@ -560,6 +562,7 @@ static void add_command_set(struct cmd_set *cmd_set) * @param cmd Command to run, as a single string. **/ static NTSTATUS do_cmd(struct cli_state *cli, + struct user_auth_info *auth_info, struct cmd_set *cmd_entry, int argc, char **argv) { @@ -589,8 +592,8 @@ static NTSTATUS do_cmd(struct cli_state *cli, cli, cmd_entry->interface, pipe_default_auth_level, lp_workgroup(), - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(auth_info), + get_cmdline_auth_info_password(auth_info), &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_NTLMSSP: @@ -598,8 +601,8 @@ static NTSTATUS do_cmd(struct cli_state *cli, cli, cmd_entry->interface, pipe_default_auth_level, lp_workgroup(), - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(auth_info), + get_cmdline_auth_info_password(auth_info), &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_SCHANNEL: @@ -687,7 +690,8 @@ static NTSTATUS do_cmd(struct cli_state *cli, * * @returns The NTSTATUS from running the command. **/ -static NTSTATUS process_cmd(struct cli_state *cli, char *cmd) +static NTSTATUS process_cmd(struct user_auth_info *auth_info, + struct cli_state *cli, char *cmd) { struct cmd_list *temp_list; NTSTATUS result = NT_STATUS_OK; @@ -713,7 +717,8 @@ static NTSTATUS process_cmd(struct cli_state *cli, char *cmd) goto out_free; } - result = do_cmd(cli, temp_set, argc, argv); + result = do_cmd(cli, auth_info, temp_set, + argc, argv); goto out_free; } @@ -784,6 +789,12 @@ out_free: facilities. See lib/debug.c */ setup_logging("rpcclient", True); + rpcclient_auth_info = user_auth_info_init(frame); + if (rpcclient_auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(rpcclient_auth_info); + /* Parse options */ pc = poptGetContext("rpcclient", argc, (const char **) argv, @@ -850,16 +861,16 @@ out_free: * from stdin if necessary */ - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(rpcclient_auth_info) && + !set_cmdline_auth_info_machine_account_creds(rpcclient_auth_info)) { result = 1; goto done; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(rpcclient_auth_info)) { char *pass = getpass("Password:"); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(rpcclient_auth_info, pass); } } @@ -868,7 +879,7 @@ out_free: server += 2; } - if (get_cmdline_auth_info_use_kerberos()) { + if (get_cmdline_auth_info_use_kerberos(rpcclient_auth_info)) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; } @@ -877,11 +888,12 @@ out_free: nt_status = cli_full_connection(&cli, global_myname(), server, opt_ipaddr ? &server_ss : NULL, opt_port, "IPC$", "IPC", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(rpcclient_auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_password(rpcclient_auth_info), flags, - get_cmdline_auth_info_signing_state(),NULL); + get_cmdline_auth_info_signing_state(rpcclient_auth_info), + NULL); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("Cannot connect to server. Error was %s\n", nt_errstr(nt_status))); @@ -889,10 +901,10 @@ out_free: goto done; } - if (get_cmdline_auth_info_smb_encrypt()) { + if (get_cmdline_auth_info_smb_encrypt(rpcclient_auth_info)) { nt_status = cli_cm_force_encryption(cli, - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(rpcclient_auth_info), + get_cmdline_auth_info_password(rpcclient_auth_info), lp_workgroup(), "IPC$"); if (!NT_STATUS_IS_OK(nt_status)) { @@ -927,7 +939,7 @@ out_free: result = 0; while((cmd=next_command(&p)) != NULL) { - NTSTATUS cmd_result = process_cmd(cli, cmd); + NTSTATUS cmd_result = process_cmd(rpcclient_auth_info, cli, cmd); SAFE_FREE(cmd); result = NT_STATUS_IS_ERR(cmd_result); } @@ -946,7 +958,7 @@ out_free: break; if (line[0] != '\n') - process_cmd(cli, line); + process_cmd(rpcclient_auth_info, cli, line); SAFE_FREE(line); } diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index f7f1272215..f07b5011c8 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -951,7 +951,8 @@ static int cacl_set(struct cli_state *cli, char *filename, /***************************************************** Return a connection to a server. *******************************************************/ -static struct cli_state *connect_one(const char *server, const char *share) +static struct cli_state *connect_one(struct user_auth_info *auth_info, + const char *server, const char *share) { struct cli_state *c = NULL; struct sockaddr_storage ss; @@ -960,41 +961,41 @@ static struct cli_state *connect_one(const char *server, const char *share) zero_sockaddr(&ss); - if (get_cmdline_auth_info_use_kerberos()) { + if (get_cmdline_auth_info_use_kerberos(auth_info)) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; } - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(auth_info) && + !set_cmdline_auth_info_machine_account_creds(auth_info)) { return NULL; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(auth_info)) { char *pass = getpass("Password: "); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(auth_info, pass); } } nt_status = cli_full_connection(&c, global_myname(), server, &ss, 0, share, "?????", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_password(auth_info), flags, - get_cmdline_auth_info_signing_state(), + get_cmdline_auth_info_signing_state(auth_info), NULL); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status))); return NULL; } - if (get_cmdline_auth_info_smb_encrypt()) { + if (get_cmdline_auth_info_smb_encrypt(auth_info)) { nt_status = cli_cm_force_encryption(c, - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(auth_info), + get_cmdline_auth_info_password(auth_info), lp_workgroup(), share); if (!NT_STATUS_IS_OK(nt_status)) { @@ -1040,6 +1041,7 @@ static struct cli_state *connect_one(const char *server, const char *share) TALLOC_CTX *frame = talloc_stackframe(); const char *owner_username = ""; char *server; + struct user_auth_info *auth_info; load_case_tables(); @@ -1055,6 +1057,12 @@ static struct cli_state *connect_one(const char *server, const char *share) lp_load(get_dyn_CONFIGFILE(),True,False,False,True); load_interfaces(); + auth_info = user_auth_info_init(frame); + if (auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(auth_info); + pc = poptGetContext("smbcacls", argc, argv, long_options, 0); poptSetOtherOptionHelp(pc, "//server1/share1 filename\nACLs look like: " @@ -1131,7 +1139,7 @@ static struct cli_state *connect_one(const char *server, const char *share) share++; if (!test_args) { - cli = connect_one(server, share); + cli = connect_one(auth_info, server, share); if (!cli) { exit(EXIT_FAILED); } diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index 8938cc5e65..a95394b125 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -37,6 +37,7 @@ static struct cli_state *cli_ipc; static struct rpc_pipe_client *global_pipe_hnd; static POLICY_HND pol; static bool got_policy_hnd; +static struct user_auth_info *smbcquotas_auth_info; static struct cli_state *connect_one(const char *share); @@ -373,42 +374,42 @@ static struct cli_state *connect_one(const char *share) zero_sockaddr(&ss); - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(smbcquotas_auth_info) && + !set_cmdline_auth_info_machine_account_creds(smbcquotas_auth_info)) { return NULL; } - if (get_cmdline_auth_info_use_kerberos()) { + if (get_cmdline_auth_info_use_kerberos(smbcquotas_auth_info)) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(smbcquotas_auth_info)) { char *pass = getpass("Password: "); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(smbcquotas_auth_info, pass); } } nt_status = cli_full_connection(&c, global_myname(), server, &ss, 0, share, "?????", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(smbcquotas_auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_password(smbcquotas_auth_info), flags, - get_cmdline_auth_info_signing_state(), + get_cmdline_auth_info_signing_state(smbcquotas_auth_info), NULL); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status))); return NULL; } - if (get_cmdline_auth_info_smb_encrypt()) { + if (get_cmdline_auth_info_smb_encrypt(smbcquotas_auth_info)) { nt_status = cli_cm_force_encryption(c, - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(smbcquotas_auth_info), + get_cmdline_auth_info_password(smbcquotas_auth_info), lp_workgroup(), share); if (!NT_STATUS_IS_OK(nt_status)) { @@ -475,6 +476,12 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" }, lp_load(get_dyn_CONFIGFILE(),True,False,False,True); load_interfaces(); + smbcquotas_auth_info = user_auth_info_init(frame); + if (smbcquotas_auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(smbcquotas_auth_info); + pc = poptGetContext("smbcquotas", argc, argv, long_options, 0); poptSetOtherOptionHelp(pc, "//server1/share1"); @@ -537,7 +544,8 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" }, todo = USER_QUOTA; if (!fix_user) { - username_str = talloc_strdup(frame, get_cmdline_auth_info_username()); + username_str = talloc_strdup( + frame, get_cmdline_auth_info_username(smbcquotas_auth_info)); if (!username_str) { exit(EXIT_PARSE_ERROR); } diff --git a/source3/utils/smbtree.c b/source3/utils/smbtree.c index 9fc02bac13..6c69300e85 100644 --- a/source3/utils/smbtree.c +++ b/source3/utils/smbtree.c @@ -272,7 +272,7 @@ static bool print_tree(struct user_auth_info *user_info) int main(int argc,char *argv[]) { TALLOC_CTX *frame = talloc_stackframe(); - struct user_auth_info local_auth_info; + struct user_auth_info *auth_info; struct poptOption long_options[] = { POPT_AUTOHELP { "broadcast", 'b', POPT_ARG_VAL, &use_bcast, True, "Use broadcast instead of using the master browser" }, @@ -293,6 +293,12 @@ static bool print_tree(struct user_auth_info *user_info) setup_logging(argv[0],True); + auth_info = user_auth_info_init(frame); + if (auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(auth_info); + pc = poptGetContext("smbtree", argc, (const char **)argv, long_options, POPT_CONTEXT_KEEP_FIRST); while(poptGetNextOpt(pc) != -1); @@ -303,26 +309,22 @@ static bool print_tree(struct user_auth_info *user_info) /* Parse command line args */ - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(auth_info) && + !set_cmdline_auth_info_machine_account_creds(auth_info)) { TALLOC_FREE(frame); return 1; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(auth_info)) { char *pass = getpass("Password: "); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(auth_info, pass); } } /* Now do our stuff */ - if (!get_cmdline_auth_info_copy(&local_auth_info)) { - return 1; - } - - if (!print_tree(&local_auth_info)) { + if (!print_tree(auth_info)) { TALLOC_FREE(frame); return 1; } -- cgit From 07a21dbfa5b9dc3cc6fa7417b64e4963f111fe1a Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 11:32:45 +0100 Subject: s3:fix build of pam_winbind.so on older Linux systems. Older pam implementations on Linux define PAM_AUTHTOK_RECOVER_ERR instead of PAM_AUTHTOK_RECOVERY_ERR. We have always defined and are using PAM_AUTHTOK_RECOVER_ERR in all other places. Michael --- source3/nsswitch/pam_winbind.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index be22ff3f5e..d049bdb1e7 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -93,8 +93,8 @@ static const char *_pam_error_code_str(int err) return "PAM_CONV_ERR"; case PAM_AUTHTOK_ERR: return "PAM_AUTHTOK_ERR"; - case PAM_AUTHTOK_RECOVERY_ERR: - return "PAM_AUTHTOK_RECOVERY_ERR"; + case PAM_AUTHTOK_RECOVER_ERR: + return "PAM_AUTHTOK_RECOVER_ERR"; case PAM_AUTHTOK_LOCK_BUSY: return "PAM_AUTHTOK_LOCK_BUSY"; case PAM_AUTHTOK_DISABLE_AGING: -- cgit From 606abdceacfcad19735cd80f59aad975a9e97b7c Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 13:33:24 +0100 Subject: s3:loadparm: fix newly introduced leading whitespaces to tabs Michael --- source3/param/loadparm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 7e7a1e505e..c74246c98e 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -425,7 +425,7 @@ struct service { bool bHideUnReadable; bool bHideUnWriteableFiles; bool bBrowseable; - bool bAccessBasedShareEnum; + bool bAccessBasedShareEnum; bool bAvailable; bool bRead_only; bool bNo_set_dir; @@ -569,7 +569,7 @@ static struct service sDefault = { False, /* bHideUnReadable */ False, /* bHideUnWriteableFiles */ True, /* bBrowseable */ - False, /* bAccessBasedShareEnum */ + False, /* bAccessBasedShareEnum */ True, /* bAvailable */ True, /* bRead_only */ True, /* bNo_set_dir */ -- cgit From 91c543f0b5a539da4194f14dee8cad0f980a117e Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:16:06 +0100 Subject: s3:loadparm: rename lp_local_ptr() to lp_local_ptr_by_snum() Michael --- source3/include/proto.h | 2 +- source3/param/loadparm.c | 6 +++--- source3/web/swat.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 2a8f83847f..9d86f16e69 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4260,7 +4260,7 @@ const char *lp_ldap_machine_suffix(void); const char *lp_ldap_user_suffix(void); const char *lp_ldap_group_suffix(void); const char *lp_ldap_idmap_suffix(void); -void *lp_local_ptr(int snum, void *ptr); +void *lp_local_ptr_by_snum(int snum, void *ptr); bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue); void init_locals(void); bool lp_is_default(int snum, struct parm_struct *parm); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c74246c98e..3600266310 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4599,7 +4599,7 @@ static void free_parameter(int snum, struct parm_struct parm) } else if (parm.p_class != P_LOCAL) { return; } else { - parm_ptr = lp_local_ptr(snum, parm.ptr); + parm_ptr = lp_local_ptr_by_snum(snum, parm.ptr); } if ((parm.type == P_STRING) || @@ -7171,7 +7171,7 @@ static void init_copymap(struct service *pservice) pointer into the default structure. ***************************************************************************/ -void *lp_local_ptr(int snum, void *ptr) +void *lp_local_ptr_by_snum(int snum, void *ptr) { return (void *)(((char *)ServicePtrs[snum]) + PTR_DIFF(ptr, &sDefault)); } @@ -7225,7 +7225,7 @@ bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue pszParmName)); return (True); } - parm_ptr = lp_local_ptr(snum, def_ptr); + parm_ptr = lp_local_ptr_by_snum(snum, def_ptr); } if (snum >= 0) { diff --git a/source3/web/swat.c b/source3/web/swat.c index 27c4b54e2f..b729e3b241 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -232,7 +232,7 @@ static void show_parameter(int snum, struct parm_struct *parm) TALLOC_CTX *ctx = talloc_stackframe(); if (parm->p_class == P_LOCAL && snum >= 0) { - ptr = lp_local_ptr(snum, ptr); + ptr = lp_local_ptr_by_snum(snum, ptr); } printf("%s", get_parm_translated(ctx, @@ -375,7 +375,7 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte void *ptr = parm->ptr; if (parm->p_class == P_LOCAL && snum >= 0) { - ptr = lp_local_ptr(snum, ptr); + ptr = lp_local_ptr_by_snum(snum, ptr); } switch (parm->type) { -- cgit From 6244194265f7f1027c16664b2701ce114435a59b Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:20:16 +0100 Subject: s3:loadparm: add lp_local_ptr() that operates on a service struct and use this in lp_local_ptr_by_snum(). Michael --- source3/param/loadparm.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 3600266310..43fd9d9d3a 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -671,6 +671,8 @@ static void set_server_role(void); static void set_default_server_announce_type(void); static void set_allowed_client_auth(void); +static void *lp_local_ptr(struct service *service, void *ptr); + static const struct enum_list enum_protocol[] = { {PROTOCOL_NT1, "NT1"}, {PROTOCOL_LANMAN2, "LANMAN2"}, @@ -7166,6 +7168,16 @@ static void init_copymap(struct service *pservice) bitmap_set(pservice->copymap, i); } +/*************************************************************************** + Return the local pointer to a parameter given a service struct and the + pointer into the default structure. +***************************************************************************/ + +static void *lp_local_ptr(struct service *service, void *ptr) +{ + return (void *)(((char *)service) + PTR_DIFF(ptr, &sDefault)); +} + /*************************************************************************** Return the local pointer to a parameter given the service number and the pointer into the default structure. @@ -7173,7 +7185,7 @@ static void init_copymap(struct service *pservice) void *lp_local_ptr_by_snum(int snum, void *ptr) { - return (void *)(((char *)ServicePtrs[snum]) + PTR_DIFF(ptr, &sDefault)); + return lp_local_ptr(ServicePtrs[snum], ptr); } /*************************************************************************** -- cgit From 0b0dc506d4b709b6373a19795276351285679eb3 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:28:03 +0100 Subject: s3:loadparm: rename free_parameter() to free_one_parameter_by_snum() Michael --- source3/param/loadparm.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 43fd9d9d3a..580136446b 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4585,10 +4585,12 @@ static void init_printer_values(struct service *pService) } } + /** - * Free the allocated data for one parameter for a given share. + * Free the allocated data for one parameter for a given share + * specified by an snum. */ -static void free_parameter(int snum, struct parm_struct parm) +static void free_one_parameter_by_snum(int snum, struct parm_struct parm) { void *parm_ptr; @@ -4621,7 +4623,7 @@ static void free_parameters(int snum) uint32_t i; for (i=0; parm_table[i].label; i++) { - free_parameter(snum, parm_table[i]); + free_one_parameter_by_snum(snum, parm_table[i]); } } -- cgit From 03f19dad795c247878918de95a8c1f63ec259d13 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:29:34 +0100 Subject: s3:loadparm: rename free_parameters() to free_parameters_by_snum() Michael --- source3/param/loadparm.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 580136446b..d44d04a7a7 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4616,9 +4616,10 @@ static void free_one_parameter_by_snum(int snum, struct parm_struct parm) } /** - * Free the allocated parameter data for a share. + * Free the allocated parameter data for a share specified + * by an snum. */ -static void free_parameters(int snum) +static void free_parameters_by_snum(int snum) { uint32_t i; @@ -4632,7 +4633,7 @@ static void free_parameters(int snum) */ static void free_global_parameters(void) { - free_parameters(GLOBAL_SECTION_SNUM); + free_parameters_by_snum(GLOBAL_SECTION_SNUM); } /*************************************************************************** @@ -5743,7 +5744,7 @@ static void free_service(struct service *pservice) DEBUG(5, ("free_service: Freeing service %s\n", pservice->szService)); - free_parameters(getservicebyname(pservice->szService, NULL)); + free_parameters_by_snum(getservicebyname(pservice->szService, NULL)); string_free(&pservice->szService); bitmap_free(pservice->copymap); -- cgit From c2bd88f145d73e9a8613d32d313954e3ecdcacd2 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:38:51 +0100 Subject: s3:loadparm: add service-struct based variants of the free-parameter routines and use the abstracted free_one_parameter_common() in old free_one_parameter_by_snum() as well as in new free_one_parameter() Michael --- source3/param/loadparm.c | 53 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 46 insertions(+), 7 deletions(-) (limited to 'source3') diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index d44d04a7a7..f2a39d12de 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4585,6 +4585,51 @@ static void init_printer_values(struct service *pService) } } +/** + * Common part of freeing allocated data for one parameter. + */ +static void free_one_parameter_common(void *parm_ptr, + struct parm_struct parm) +{ + if ((parm.type == P_STRING) || + (parm.type == P_USTRING)) + { + string_free((char**)parm_ptr); + } else if (parm.type == P_LIST) { + TALLOC_FREE(*((char***)parm_ptr)); + } +} + +/** + * Free the allocated data for one parameter for a share + * given as a service struct. + */ +static void free_one_parameter(struct service *service, + struct parm_struct parm) +{ + void *parm_ptr; + + if (parm.p_class != P_LOCAL) { + return; + } + + parm_ptr = lp_local_ptr(service, parm.ptr); + + free_one_parameter_common(parm_ptr, parm); +} + +/** + * Free the allocated parameter data of a share given + * as a service struct. + */ +static void free_parameters(struct service *service) +{ + uint32_t i; + + for (i=0; parm_table[i].label; i++) { + free_one_parameter(service, parm_table[i]); + } +} /** * Free the allocated data for one parameter for a given share @@ -4606,13 +4651,7 @@ static void free_one_parameter_by_snum(int snum, struct parm_struct parm) parm_ptr = lp_local_ptr_by_snum(snum, parm.ptr); } - if ((parm.type == P_STRING) || - (parm.type == P_USTRING)) - { - string_free((char**)parm_ptr); - } else if (parm.type == P_LIST) { - TALLOC_FREE(*((char***)parm_ptr)); - } + free_one_parameter_common(parm_ptr, parm); } /** -- cgit From 51118b1974fd91d7f60ed1a68e1eb5717690362b Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:42:13 +0100 Subject: s3:loadparm: fix copy service error (canonicalize_servicename: NULL source name) this was introduced by commit 3358a139d2dc77eb4c842d41722b1acc24bd2cb2. Michael --- source3/param/loadparm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index f2a39d12de..9a55067b01 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -5783,7 +5783,7 @@ static void free_service(struct service *pservice) DEBUG(5, ("free_service: Freeing service %s\n", pservice->szService)); - free_parameters_by_snum(getservicebyname(pservice->szService, NULL)); + free_parameters(pservice); string_free(&pservice->szService); bitmap_free(pservice->copymap); -- cgit