sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
77,113 Commits 60 Branches 1,144 Tags 452 MiB
32edc1d047
Commit Graph

6326 Commits

Author SHA1 Message Date
Jeremy Allison
32edc1d047 Rename smbd_check_open_rights() to smbd_check_access_rights() as we're going to remove the static from this. 2011-11-04 14:28:08 -07:00
Jeremy Allison
0c886eeb89 Replace smb1_file_se_access_check() with just se_access_check(). 2011-11-04 14:21:35 -07:00
Jeremy Allison
55b9ba79f8 Move root check out of smb1_file_se_access_check() in preparation for deleting this function. 2011-11-04 14:16:51 -07:00
Jeremy Allison
07edf6c65e smb1_file_se_access_check() is now static to smbd/open.c 2011-11-04 14:16:37 -07:00
Jeremy Allison
1fab17de94 Revert "Change function signature of check_parent_access() to take char * instead of struct smb_filename." 
This reverts commit a11c0a41a3.

Not needed.
 2011-11-04 14:15:47 -07:00
Jeremy Allison
d433af92b9 Revert "Call check_parent_access() on readdir." 
This reverts commit a763edaf9c.

Checking the wrong thing..
 2011-11-04 14:15:43 -07:00
Christian Ambach
b99becd4fa s3:smbd increase a debug level 
logging disconnected clients with level 1 swamps the logs
 2011-11-04 17:39:43 +01:00
Stefan Metzmacher
9b4c300922 s3:smbd: also send the server name in the negprot response 
This matches W2K (at least sp4) and higher.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Nov  4 15:50:06 CET 2011 on sn-devel-104
 2011-11-04 15:50:06 +01:00
Stefan Metzmacher
caa134672c s3:smbd: make use of SMB_SIGNING_* constants 
metze
 2011-11-03 16:55:13 +01:00
Stefan Metzmacher
44d7774a18 s3:param: the behavior of "client/server signing = auto" is the same as "true" 
So remove the special case for 'Auto'.

metze
 2011-11-03 16:55:11 +01:00
David Disseldorp
8fb9e087e3 s3:smb2_server: remove unused outhdr variables 2011-11-02 15:15:28 +01:00
Jeremy Allison
a763edaf9c Call check_parent_access() on readdir. 2011-11-01 16:38:14 -07:00
Jeremy Allison
a11c0a41a3 Change function signature of check_parent_access() to take char * instead of struct smb_filename. 
Expose it so it can be called from directory code.
 2011-11-01 16:38:14 -07:00
Stefan Metzmacher
91648aeb64 s3:smb2_server: FLAG_CHAINED means we always use the last session_id and tid 
metze
 2011-10-31 19:39:02 +01:00
Stefan Metzmacher
8d07d7148b s3:smb2_server: don't reset the tid and session id in the out hdr of compound requests 
Windows also leaves tid (0xFFFFFFFF) and session id (0xFFFFFFFFFFFFFFFF)
as the client requested them.

metze
 2011-10-31 19:39:02 +01:00
Stefan Metzmacher
c7d3b6b2c3 s3:smb2_server: echo the SMB2_HDR_CREDIT_CHARGE and SMB2_HDR_SIGNATURE fields 
Windows just echos back the given values by default.

metze
 2011-10-31 19:39:02 +01:00
Stefan Metzmacher
63c7107c4a s3:smbd: also the parent smbd needs FLAG_MSG_PRINT_GENERAL (bug #8553) 
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Oct 31 17:37:34 CET 2011 on sn-devel-104
 2011-10-31 17:37:33 +01:00
Jeremy Allison
3bd6513884 Remove the order dependency in parent_override_delete(), just check for & not ==. 2011-10-28 12:16:42 -07:00
Jeremy Allison
8a65e2c747 Remove unused "struct security_descriptor" parameter from check_parent_access() 2011-10-28 12:16:42 -07:00
Jeremy Allison
ea195b6cd2 Finally do all the open checks inside open_file(). Checks inside 
vfs_acl_common can now be removed.
 2011-10-28 12:16:42 -07:00
Jeremy Allison
8a3070a7c9 Simplify smbd_check_open_rights() and move all the special casing inside it. 2011-10-28 12:16:42 -07:00
Jeremy Allison
18df3aedb9 Move parent_override_delete() to before I need to use it. 2011-10-28 12:16:42 -07:00
Jeremy Allison
1619de3080 Make smbd_check_open_rights() static. 2011-10-28 12:16:42 -07:00
Andreas Schneider
2f65ae25df s3: Include uid_wrapper where it is missing. 2011-10-27 13:32:02 +02:00
Andreas Schneider
7cb08171ce Include uid_wrapper correctly. 2011-10-27 13:32:02 +02:00
Jeremy Allison
62ccae3229 Factor out the code checking if a parent should override DELETE_ACCESS into a function. 
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 26 23:15:05 CEST 2011 on sn-devel-104
 2011-10-26 23:15:05 +02:00
Jeremy Allison
4ec2c2a5e8 Remove another level of indentation - deal with !NT_STATUS_OK individually. 2011-10-26 12:29:19 -07:00
Jeremy Allison
4b9bdee167 Add early return on stat open without O_CREAT if file doesn't exist. 
Reduces one level of indentation.
 2011-10-26 12:08:51 -07:00
Stefan Metzmacher
1fa7300037 libcli/smb: move smb_signing.[ch] to the toplevel 
metze
 2011-10-25 01:47:21 +02:00
Jeremy Allison
f459318187 Third part of fix for bug #8541 - readlink() on Linux clients fails if the symlink target is outside of the share. 
Missed passing ucf_flags instead of hard coded flags in findfirst call.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 22 06:30:16 CEST 2011 on sn-devel-104
 2011-10-22 06:30:16 +02:00
Jeremy Allison
d1a4ee604f Second part of fix for bug #8541 - readlink() on Linux clients fails if the symlink target is outside of the share. 
The statcache has to do lstat instead of stat when returning cached
posix pathnames.
 2011-10-22 04:57:10 +02:00
Jeremy Allison
662e9c04fb Fix bug #8541 - readlink() on Linux clients fails if the symlink target is outside of the share. 
The key is to only allow the lookup to succeed if it's a UNIX level lookup or readlink,
but disallow all other operations.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 22 01:37:41 CEST 2011 on sn-devel-104
 2011-10-22 01:37:41 +02:00
Stefan Metzmacher
75d146d3ed libcli/smb: move smb_seal.c to the toplevel 
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Oct 21 10:22:39 CEST 2011 on sn-devel-104
 2011-10-21 10:22:39 +02:00
Andrew Bartlett
38de149e9b s3-seal Remove struct smb_srv_trans_enc_ctx 
This structure added no value, particularly after the move to gensec.

It was added at a time when auth_ntlmssp_state was not available in
the client.  This changed a while back (the wrapper was extended with
client calls), and the move to gensec again reinforced that we do not
need the extra complexity.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:50:02 +02:00
Andrew Bartlett
0fe4192054 s3-ntlmssp Remove references to auth_ntlmssp_context from the smb sealing code 
Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:44:48 +02:00
Andrew Bartlett
3f079885b2 s3-ntlmssp Remove auth_ntlmssp_want_feature() 
We now just call the gensec_want_feature() directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:43:33 +02:00
Andrew Bartlett
487545d48f s3-ntlmssp Remove auth_ntlmssp_negotiated_sign() and auth_ntlmssp_negotiated_seal() 
We now just call the gensec_have_feature() directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:43:18 +02:00
Andrew Bartlett
083025ccd5 s3-ntlmssp Remove auth_ntlmssp_update wrapper 
We now just call gensec_update directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:43:10 +02:00
Andrew Bartlett
915fe7981b s3-auth remove auth_ntlmssp_session_info() 
Instead, call gensec_session_info() directly.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-21 08:43:02 +02:00
Stefan Metzmacher
21a434d817 s3:smbd/seal: pass talloc_tos() auth_ntlmssp_update(), because we free a few lines later 
metze
 2011-10-21 08:43:01 +02:00
Jeremy Allison
30fb5e9969 Refactor to create check_parent_access() which can be called for file creation too. 
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 20 20:29:22 CEST 2011 on sn-devel-104
 2011-10-20 20:29:22 +02:00
Jeremy Allison
ff8fa5aa2b Make mkdir_internal() check the parent ACL for SEC_DIR_ADD_SUBDIR rights. 2011-10-20 09:07:46 -07:00
Jeremy Allison
f64f91f96f Fix error return to be NT_STATUS_NOT_A_DIRECTORY. 2011-10-20 00:58:29 +02:00
Jeremy Allison
7b4edc11e3 Make use of the "dir_exists" we already have on directory open. 2011-10-20 00:58:29 +02:00
David Disseldorp
d5ea379428 s3: Remove duplicate fsctl function definitions 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-19 15:44:29 +02:00
Andrew Bartlett
5ef4e91cf0 s3-smbd Give the nt error string when failing to set up encrypted transport 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-18 13:13:32 +11:00
Andrew Bartlett
0c6e4adcb2 ntlmssp: Move ntlmssp code to auth/ntlmssp 
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2011-10-18 13:13:31 +11:00
Frank Lahm
c3bdcab516 First part of fix for bug #8419 - Make VFS op "streaminfo" stackable. 
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Oct 17 21:39:32 CEST 2011 on sn-devel-104
 2011-10-17 21:39:32 +02:00
Günther Deschner
46e7ab37bf s3: remove some dead prototypes. 
Guenther
 2011-10-14 12:07:23 +02:00
Frank Lahm
7a0b5d6fc5 Add support for VFS op streaminfo chaining in all relevant VFS modules. 
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 14 03:26:06 CEST 2011 on sn-devel-104
 2011-10-14 03:26:06 +02:00