smbd: rename [un]become_user*() to [un]become_user_without_service*()

We should make the behavior change (that gives up some protection)
more obvious, by changing the function names.

At least some OEMs have patches relying on the 4.9/4.10 behaviour
and we want them to detect that they have to do more work when they
need to change directories.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

source3/include/vfs.h

@@ -280,6 +280,7 @@
 /* Version 42 - Move SMB_VFS_MKDIR -> SMB_VFS_MKDIRAT. */
 /* Version 42 - Move change_to_user() -> change_to_user_and_service() */
 /* Version 42 - Move change_to_user_by_fsp() -> change_to_user_and_service_by_fsp() */
+/* Version 42 - Move [un]become_user*() -> [un]become_user_without_service*() */
 
 #define SMB_VFS_INTERFACE_VERSION 42
 

source3/modules/vfs_btrfs.c

@@ -214,7 +214,7 @@ static void btrfs_offload_write_cleanup(struct tevent_req *req,
 		return;
 	}
 
-	ok = unbecome_user();
+	ok = unbecome_user_without_service();
 	SMB_ASSERT(ok);
 	state->need_unbecome_user = false;
 }
@@ -311,7 +311,7 @@ static struct tevent_req *btrfs_offload_write_send(struct vfs_handle_struct *han
 		return tevent_req_post(req, ev);
 	}
 
-	ok = become_user_by_fsp(src_fsp);
+	ok = become_user_without_service_by_fsp(src_fsp);
 	if (!ok) {
 		tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
 		return tevent_req_post(req, ev);
@@ -342,7 +342,7 @@ static struct tevent_req *btrfs_offload_write_send(struct vfs_handle_struct *han
 		}
 	}
 
-	ok = unbecome_user();
+	ok = unbecome_user_without_service();
 	SMB_ASSERT(ok);
 	state->need_unbecome_user = false;
 

source3/printing/nt_printing.c

@@ -1071,7 +1071,7 @@ static uint32_t get_correct_cversion(const struct auth_session_info *session_inf
 		goto error_free_conn;
 	}
 
-	if (!become_user_by_session(conn, session_info)) {
+	if (!become_user_without_service_by_session(conn, session_info)) {
 		DEBUG(0, ("failed to become user\n"));
 		*perr = WERR_ACCESS_DENIED;
 		goto error_free_conn;
@@ -1167,7 +1167,7 @@ static uint32_t get_correct_cversion(const struct auth_session_info *session_inf
 	*perr = WERR_OK;
 
  error_exit:
-	unbecome_user();
+	unbecome_user_without_service();
  error_free_conn:
 	if (fsp != NULL) {
 		close_file(NULL, fsp, NORMAL_CLOSE);
@@ -1546,7 +1546,7 @@ WERROR move_driver_to_download_area(const struct auth_session_info *session_info
 		goto err_free_conn;
 	}
 
-	if (!become_user_by_session(conn, session_info)) {
+	if (!become_user_without_service_by_session(conn, session_info)) {
 		DEBUG(0, ("failed to become user\n"));
 		err = WERR_ACCESS_DENIED;
 		goto err_free_conn;
@@ -1691,7 +1691,7 @@ WERROR move_driver_to_download_area(const struct auth_session_info *session_info
 
 	err = WERR_OK;
  err_exit:
-	unbecome_user();
+	unbecome_user_without_service();
  err_free_conn:
 	TALLOC_FREE(frame);
 	return err;
@@ -2087,7 +2087,7 @@ bool delete_driver_files(const struct auth_session_info *session_info,
 		goto err_free_conn;
 	}
 
-	if (!become_user_by_session(conn, session_info)) {
+	if (!become_user_without_service_by_session(conn, session_info)) {
 		DEBUG(0, ("failed to become user\n"));
 		ret = false;
 		goto err_free_conn;
@@ -2139,7 +2139,7 @@ bool delete_driver_files(const struct auth_session_info *session_info,
 
 	ret = true;
  err_out:
-	unbecome_user();
+	unbecome_user_without_service();
  err_free_conn:
 	TALLOC_FREE(frame);
 	return ret;

source3/rpc_server/fss/srv_fss_agent.c

@@ -766,14 +766,14 @@ uint32_t _fss_AddToShadowCopySet(struct pipes_struct *p,
 		ret = HRES_ERROR_V(HRES_E_ACCESSDENIED);
 		goto err_tmp_free;
 	}
-	if (!become_user_by_session(conn, p->session_info)) {
+	if (!become_user_without_service_by_session(conn, p->session_info)) {
 		DEBUG(0, ("failed to become user\n"));
 		ret = HRES_ERROR_V(HRES_E_ACCESSDENIED);
 		goto err_tmp_free;
 	}
 
 	status = SMB_VFS_SNAP_CHECK_PATH(conn, frame, path_name, &base_vol);
-	unbecome_user();
+	unbecome_user_without_service();
 	if (!NT_STATUS_IS_OK(status)) {
 		ret = FSRVP_E_NOT_SUPPORTED;
 		goto err_tmp_free;
@@ -893,7 +893,7 @@ static NTSTATUS commit_sc_with_conn(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
-	if (!become_user_by_session(conn, session_info)) {
+	if (!become_user_without_service_by_session(conn, session_info)) {
 		DEBUG(0, ("failed to become user\n"));
 		TALLOC_FREE(frame);
 		return NT_STATUS_ACCESS_DENIED;
@@ -903,7 +903,7 @@ static NTSTATUS commit_sc_with_conn(TALLOC_CTX *mem_ctx,
 				     sc->volume_name,
 				     &sc->create_ts, rw,
 				     base_path, snap_path);
-	unbecome_user();
+	unbecome_user_without_service();
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0, ("snap create failed: %s\n", nt_errstr(status)));
 		TALLOC_FREE(frame);
@@ -1349,7 +1349,7 @@ uint32_t _fss_IsPathSupported(struct pipes_struct *p,
 		TALLOC_FREE(frame);
 		return HRES_ERROR_V(HRES_E_ACCESSDENIED);
 	}
-	if (!become_user_by_session(conn, p->session_info)) {
+	if (!become_user_without_service_by_session(conn, p->session_info)) {
 		DEBUG(0, ("failed to become user\n"));
 		TALLOC_FREE(frame);
 		return HRES_ERROR_V(HRES_E_ACCESSDENIED);
@@ -1357,7 +1357,7 @@ uint32_t _fss_IsPathSupported(struct pipes_struct *p,
 	status = SMB_VFS_SNAP_CHECK_PATH(conn, frame,
 					 lp_path(frame, snum),
 					 &base_vol);
-	unbecome_user();
+	unbecome_user_without_service();
 	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(frame);
 		return FSRVP_E_NOT_SUPPORTED;
@@ -1628,7 +1628,7 @@ uint32_t _fss_DeleteShareMapping(struct pipes_struct *p,
 	if (!NT_STATUS_IS_OK(status)) {
 		goto err_tmp_free;
 	}
-	if (!become_user_by_session(conn, p->session_info)) {
+	if (!become_user_without_service_by_session(conn, p->session_info)) {
 		DEBUG(0, ("failed to become user\n"));
 		status = NT_STATUS_ACCESS_DENIED;
 		goto err_tmp_free;
@@ -1636,7 +1636,7 @@ uint32_t _fss_DeleteShareMapping(struct pipes_struct *p,
 
 	status = SMB_VFS_SNAP_DELETE(conn, frame, sc->volume_name,
 				     sc->sc_path);
-	unbecome_user();
+	unbecome_user_without_service();
 	if (!NT_STATUS_IS_OK(status)) {
 		goto err_tmp_free;
 	}

source3/smbd/close.c

@@ -338,7 +338,7 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
 		 * wrote a real delete on close. */
 
 		if (get_current_vuid(conn) != fsp->vuid) {
-			become_user(conn, fsp->vuid);
+			become_user_without_service(conn, fsp->vuid);
 			became_user = True;
 		}
 		fsp->delete_on_close = true;
@@ -346,7 +346,7 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
 				get_current_nttok(conn),
 				get_current_utok(conn));
 		if (became_user) {
-			unbecome_user();
+			unbecome_user_without_service();
 		}
 	}
 
@@ -1141,7 +1141,7 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
 		 * wrote a real delete on close. */
 
 		if (get_current_vuid(fsp->conn) != fsp->vuid) {
-			become_user(fsp->conn, fsp->vuid);
+			become_user_without_service(fsp->conn, fsp->vuid);
 			became_user = True;
 		}
 		send_stat_cache_delete_message(fsp->conn->sconn->msg_ctx,
@@ -1151,7 +1151,7 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
 				get_current_utok(fsp->conn));
 		fsp->delete_on_close = true;
 		if (became_user) {
-			unbecome_user();
+			unbecome_user_without_service();
 		}
 	}
 

source3/smbd/proto.h

@@ -1198,11 +1198,11 @@ void become_root(void);
 void unbecome_root(void);
 void smbd_become_root(void);
 void smbd_unbecome_root(void);
-bool become_user(connection_struct *conn, uint64_t vuid);
+bool become_user_without_service(connection_struct *conn, uint64_t vuid);
-bool become_user_by_fsp(struct files_struct *fsp);
+bool become_user_without_service_by_fsp(struct files_struct *fsp);
-bool become_user_by_session(connection_struct *conn,
+bool become_user_without_service_by_session(connection_struct *conn,
 			    const struct auth_session_info *session_info);
-bool unbecome_user(void);
+bool unbecome_user_without_service(void);
 uid_t get_current_uid(connection_struct *conn);
 gid_t get_current_gid(connection_struct *conn);
 const struct security_unix_token *get_current_utok(connection_struct *conn);

source3/smbd/uid.c

@@ -659,7 +659,7 @@ void smbd_unbecome_root(void)
  Saves and restores the connection context.
 ****************************************************************************/
 
-bool become_user(connection_struct *conn, uint64_t vuid)
+bool become_user_without_service(connection_struct *conn, uint64_t vuid)
 {
 	struct user_struct *vuser;
 	int snum = SNUM(conn);
@@ -696,12 +696,12 @@ bool become_user(connection_struct *conn, uint64_t vuid)
 	return true;
 }
 
-bool become_user_by_fsp(struct files_struct *fsp)
+bool become_user_without_service_by_fsp(struct files_struct *fsp)
 {
-	return become_user(fsp->conn, fsp->vuid);
+	return become_user_without_service(fsp->conn, fsp->vuid);
 }
 
-bool become_user_by_session(connection_struct *conn,
+bool become_user_without_service_by_session(connection_struct *conn,
 			    const struct auth_session_info *session_info)
 {
 	bool ok;
@@ -726,7 +726,7 @@ bool become_user_by_session(connection_struct *conn,
 	return true;
 }
 
-bool unbecome_user(void)
+bool unbecome_user_without_service(void)
 {
 	pop_sec_ctx();
 	pop_conn_ctx();

source3/utils/net_vfs.c

@@ -186,9 +186,11 @@ static int net_vfs_init(struct net_context *c, int argc, const char **argv)
 	state.conn_tos->conn->read_only = false;
 	file_init(state.conn_tos->conn->sconn);
 
-	ok = become_user_by_session(state.conn_tos->conn, state.session_info);
+	ok = become_user_without_service_by_session(state.conn_tos->conn,
+						    state.session_info);
 	if (!ok) {
-		fprintf(stderr, "become_user_by_session failed\n");
+		fprintf(stderr,
+			"become_user_without_service_by_session failed\n");
 		goto done;
 	}