This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-extern struct timeval smb_last_time;
extern userdom_struct current_user_info;
+static BOOL canonicalize_path(connection_struct *conn, pstring path)
+{
+#ifdef REALPATH_TAKES_NULL
+ char *resolved_name = SMB_VFS_REALPATH(conn,path,NULL);
+ if (!resolved_name) {
+ return False;
+ }
+ pstrcpy(path, resolved_name);
+ SAFE_FREE(resolved_name);
+ return True;
+#else
+#ifdef PATH_MAX
+ char resolved_name_buf[PATH_MAX+1];
+#else
+ pstring resolved_name_buf;
+#endif
+ char *resolved_name = SMB_VFS_REALPATH(conn,path,resolved_name_buf);
+ if (!resolved_name) {
+ return False;
+ }
+ pstrcpy(path, resolved_name);
+ return True;
+#endif /* REALPATH_TAKES_NULL */
+}
+
/****************************************************************************
Ensure when setting connectpath it is a canonicalized (no ./ // or ../)
absolute path stating in / and not ending in /.
if (!(*s & 0x80)) {
*d++ = *s++;
} else {
- switch(next_mb_char_size(s)) {
+ size_t siz;
+ /* Get the size of the next MB character. */
+ next_codepoint(s,&siz);
+ switch(siz) {
+ case 5:
+ *d++ = *s++;
+ /*fall through*/
case 4:
*d++ = *s++;
+ /*fall through*/
case 3:
*d++ = *s++;
+ /*fall through*/
case 2:
*d++ = *s++;
+ /*fall through*/
case 1:
*d++ = *s++;
break;
return(False);
}
- conn->lastused = smb_last_time.tv_sec;
+ conn->lastused_count++;
snum = SNUM(conn);
}
+static int load_registry_service(const char *servicename)
+{
+ struct registry_key *key;
+ char *path;
+ WERROR err;
+
+ uint32 i;
+ char *value_name;
+ struct registry_value *value;
+
+ int res = -1;
+
+ if (!lp_registry_shares()) {
+ return -1;
+ }
+
+ if (asprintf(&path, "%s\\%s", KEY_SMBCONF, servicename) == -1) {
+ return -1;
+ }
+
+ err = reg_open_path(NULL, path, REG_KEY_READ, get_root_nt_token(),
+ &key);
+ SAFE_FREE(path);
+
+ if (!W_ERROR_IS_OK(err)) {
+ return -1;
+ }
+
+ res = lp_add_service(servicename, -1);
+ if (res == -1) {
+ goto error;
+ }
+
+ for (i=0;
+ W_ERROR_IS_OK(reg_enumvalue(key, key, i, &value_name, &value));
+ i++) {
+ switch (value->type) {
+ case REG_DWORD: {
+ char *tmp;
+ if (asprintf(&tmp, "%d", value->v.dword) == -1) {
+ continue;
+ }
+ lp_do_parameter(res, value_name, tmp);
+ SAFE_FREE(tmp);
+ break;
+ }
+ case REG_SZ: {
+ lp_do_parameter(res, value_name, value->v.sz.str);
+ break;
+ }
+ default:
+ /* Ignore all the rest */
+ break;
+ }
+
+ TALLOC_FREE(value_name);
+ TALLOC_FREE(value);
+ }
+
+ if (!service_ok(res)) {
+ /* this is actually never reached, since
+ * service_ok only returns False if the service
+ * entry does not have a service name, and we _know_
+ * we do have a service name here... */
+ res = -1;
+ }
+
+ error:
+
+ TALLOC_FREE(key);
+ return res;
+}
+
+void load_registry_shares(void)
+{
+ struct registry_key *key;
+ char *name;
+ WERROR err;
+ int i;
+
+ if (!lp_registry_shares()) {
+ return;
+ }
+
+ err = reg_open_path(NULL, KEY_SMBCONF, REG_KEY_READ,
+ get_root_nt_token(), &key);
+ if (!(W_ERROR_IS_OK(err))) {
+ return;
+ }
+
+ for (i=0; W_ERROR_IS_OK(reg_enumkey(key, key, i, &name, NULL)); i++) {
+ load_registry_service(name);
+ TALLOC_FREE(name);
+ }
+
+ TALLOC_FREE(key);
+ return;
+}
/**
* Find a service entry.
if (iService < 0) {
}
+ /* Is it a usershare service ? */
+ if (iService < 0 && *lp_usershare_path()) {
+ /* Ensure the name is canonicalized. */
+ strlower_m(service);
+ iService = load_usershare_service(service);
+ }
+
/* just possibly it's a default service? */
if (iService < 0) {
char *pdefservice = lp_defaultservice();
*/
pstring defservice;
pstrcpy(defservice, pdefservice);
+
+ /* Disallow anything except explicit share names. */
+ if (strequal(defservice,HOMES_NAME) ||
+ strequal(defservice, PRINTERS_NAME) ||
+ strequal(defservice, "IPC$")) {
+ goto fail;
+ }
+
iService = find_service(defservice);
if (iService >= 0) {
all_string_sub(service, "_","/",0);
}
}
- /* Is it a usershare service ? */
- if (iService < 0 && *lp_usershare_path()) {
- /* Ensure the name is canonicalized. */
- strlower_m(service);
- iService = load_usershare_service(service);
+ if (iService < 0) {
+ iService = load_registry_service(service);
}
if (iService >= 0) {
}
}
+ fail:
+
if (iService < 0)
DEBUG(3,("find_service() failed to find service %s\n", service));
return NT_STATUS_OK;
}
-static NTSTATUS find_forced_user(int snum, BOOL vuser_is_guest,
- uid_t *uid, gid_t *gid, fstring username,
- struct nt_user_token **token)
+static NTSTATUS find_forced_user(connection_struct *conn, BOOL vuser_is_guest, fstring username)
{
- TALLOC_CTX *mem_ctx;
+ int snum = conn->params->service;
char *fuser, *found_username;
NTSTATUS result;
- mem_ctx = talloc_new(NULL);
- if (mem_ctx == NULL) {
- DEBUG(0, ("talloc_new failed\n"));
+ if (!(fuser = talloc_string_sub(conn->mem_ctx, lp_force_user(snum), "%S",
+ lp_servicename(snum)))) {
return NT_STATUS_NO_MEMORY;
}
- fuser = talloc_string_sub(mem_ctx, lp_force_user(snum), "%S",
- lp_servicename(snum));
- if (fuser == NULL) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- result = create_token_from_username(mem_ctx, fuser, vuser_is_guest,
- uid, gid, &found_username,
- token);
+ result = create_token_from_username(conn->mem_ctx, fuser, vuser_is_guest,
+ &conn->uid, &conn->gid, &found_username,
+ &conn->nt_user_token);
if (!NT_STATUS_IS_OK(result)) {
- goto done;
+ return result;
}
- talloc_steal(NULL, *token);
fstrcpy(username, found_username);
- result = NT_STATUS_OK;
- done:
- TALLOC_FREE(mem_ctx);
- return result;
+ TALLOC_FREE(fuser);
+ TALLOC_FREE(found_username);
+ return NT_STATUS_OK;
}
/*
NTSTATUS result = NT_STATUS_NO_SUCH_GROUP;
TALLOC_CTX *mem_ctx;
DOM_SID group_sid;
- enum SID_NAME_USE type;
+ enum lsa_SidType type;
char *groupname;
BOOL user_must_be_member = False;
gid_t gid;
+ ZERO_STRUCTP(pgroup_sid);
+ *pgid = (gid_t)-1;
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));
groupname = talloc_string_sub(mem_ctx, groupname,
"%S", lp_servicename(snum));
- if (!lookup_name(mem_ctx, groupname,
+ if (!lookup_name_smbconf(mem_ctx, groupname,
LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
NULL, NULL, &group_sid, &type)) {
- DEBUG(10, ("lookup_name(%s) failed\n",
+ DEBUG(10, ("lookup_name_smbconf(%s) failed\n",
groupname));
goto done;
}
*pgid = gid;
DEBUG(3,("Forced group %s for member %s\n",
groupname, username));
+ } else {
+ DEBUG(0,("find_forced_group: forced user %s is not a member "
+ "of forced group %s. Disallowing access.\n",
+ username, groupname ));
+ result = NT_STATUS_MEMBER_NOT_IN_GROUP;
+ goto done;
}
} else {
sid_copy(pgroup_sid, &group_sid);
return NULL;
}
+ conn->params->service = snum;
+ conn->nt_user_token = NULL;
+
if (lp_guest_only(snum)) {
const char *guestname = lp_guestaccount();
+ NTSTATUS status2;
+ char *found_username = NULL;
+
guest = True;
pass = getpwnam_alloc(NULL, guestname);
if (!pass) {
*status = NT_STATUS_NO_SUCH_USER;
return NULL;
}
- fstrcpy(user,pass->pw_name);
+ status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True,
+ &conn->uid, &conn->gid,
+ &found_username,
+ &conn->nt_user_token);
+ if (!NT_STATUS_IS_OK(status2)) {
+ TALLOC_FREE(pass);
+ conn_free(conn);
+ *status = status2;
+ return NULL;
+ }
+ fstrcpy(user, found_username);
+ string_set(&conn->user,user);
conn->force_user = True;
- conn->uid = pass->pw_uid;
- conn->gid = pass->pw_gid;
- string_set(&conn->user,pass->pw_name);
+ TALLOC_FREE(found_username);
TALLOC_FREE(pass);
DEBUG(3,("Guest only user %s\n",user));
} else if (vuser) {
fstrcpy(user,vuser->user.unix_name);
guest = vuser->guest;
} else if (lp_security() == SEC_SHARE) {
+ NTSTATUS status2;
+ char *found_username = NULL;
+
/* add it as a possible user name if we
are in share mode security */
add_session_user(lp_servicename(snum));
return NULL;
}
pass = Get_Pwnam(user);
+ status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True,
+ &conn->uid, &conn->gid,
+ &found_username,
+ &conn->nt_user_token);
+ if (!NT_STATUS_IS_OK(status2)) {
+ conn_free(conn);
+ *status = status2;
+ return NULL;
+ }
+ fstrcpy(user, found_username);
+ string_set(&conn->user,user);
+ TALLOC_FREE(found_username);
conn->force_user = True;
- conn->uid = pass->pw_uid;
- conn->gid = pass->pw_gid;
- string_set(&conn->user, pass->pw_name);
- fstrcpy(user, pass->pw_name);
-
} else {
DEBUG(0, ("invalid VUID (vuser) but not in security=share\n"));
conn_free(conn);
safe_strcpy(conn->client_address, client_addr(),
sizeof(conn->client_address)-1);
conn->num_files_open = 0;
- conn->lastused = time(NULL);
- conn->service = snum;
+ conn->lastused = conn->lastused_count = time(NULL);
conn->used = True;
conn->printer = (strncmp(dev,"LPT",3) == 0);
conn->ipc = ( (strncmp(dev,"IPC",3) == 0) ||
conn->veto_list = NULL;
conn->hide_list = NULL;
conn->veto_oplock_list = NULL;
- conn->aio_write_behind_list = NULL;
string_set(&conn->dirpath,"");
string_set(&conn->user,user);
- conn->nt_user_token = NULL;
- conn->read_only = lp_readonly(conn->service);
+ conn->read_only = lp_readonly(SNUM(conn));
conn->admin_user = False;
/*
if (*lp_force_user(snum)) {
NTSTATUS status2;
- status2 = find_forced_user(snum,
- (vuser != NULL) && vuser->guest,
- &conn->uid, &conn->gid, user,
- &conn->nt_user_token);
+ status2 = find_forced_user(conn,
+ (vuser != NULL) && vuser->guest,
+ user);
if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
*status = status2;
sid_string_static(sid)));
continue;
}
- add_gid_to_array_unique(NULL, gid, &conn->groups,
- &conn->ngroups);
+ if (!add_gid_to_array_unique(conn->mem_ctx, gid, &conn->groups,
+ &conn->ngroups)) {
+ DEBUG(0, ("add_gid_to_array_unique failed\n"));
+ conn_free(conn);
+ *status = NT_STATUS_NO_MEMORY;
+ return NULL;
+ }
}
}
{
pstring s;
pstrcpy(s,lp_pathname(snum));
- standard_sub_conn(conn,s,sizeof(s));
+ standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
+ conn->connectpath, conn->gid,
+ get_current_username(),
+ current_user_info.domain,
+ s, sizeof(s));
set_conn_connectpath(conn,s);
DEBUG(3,("Connect path is '%s' for service [%s]\n",s,
lp_servicename(snum)));
*/
{
- BOOL can_write = share_access_check(conn, snum, vuser,
+ BOOL can_write = False;
+ NT_USER_TOKEN *token = conn->nt_user_token ?
+ conn->nt_user_token :
+ (vuser ? vuser->nt_user_token : NULL);
+
+ /*
+ * I don't believe this can happen. But the
+ * logic above is convoluted enough to confuse
+ * automated checkers, so be sure. JRA.
+ */
+
+ if (token == NULL) {
+ DEBUG(0,("make_connection: connection to %s "
+ "denied due to missing "
+ "NT token.\n",
+ lp_servicename(snum)));
+ conn_free(conn);
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
+ }
+
+ can_write = share_access_check(token,
+ lp_servicename(snum),
FILE_WRITE_DATA);
if (!can_write) {
- if (!share_access_check(conn, snum, vuser,
+ if (!share_access_check(token,
+ lp_servicename(snum),
FILE_READ_DATA)) {
/* No access, read or write. */
DEBUG(0,("make_connection: connection to %s "
set_conn_connectpath(conn,s);
}
+ if ((!conn->printer) && (!conn->ipc)) {
+ conn->notify_ctx = notify_init(conn->mem_ctx, server_id_self(),
+ smbd_messaging_context(),
+ smbd_event_context(),
+ conn);
+ }
+
/* ROOT Activities: */
- /* check number of connections */
- if (!claim_connection(conn,
- lp_servicename(snum),
- lp_max_connections(snum),
- False,0)) {
- DEBUG(1,("too many connections - rejected\n"));
+ /*
+ * Enforce the max connections parameter.
+ */
+
+ if ((lp_max_connections(snum) > 0)
+ && (count_current_connections(lp_servicename(SNUM(conn)), True) >=
+ lp_max_connections(snum))) {
+
+ DEBUG(1, ("Max connections (%d) exceeded for %s\n",
+ lp_max_connections(snum), lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_INSUFFICIENT_RESOURCES;
return NULL;
}
+ /*
+ * Get us an entry in the connections db
+ */
+ if (!claim_connection(conn, lp_servicename(snum), 0)) {
+ DEBUG(1, ("Could not store connections entry\n"));
+ conn_free(conn);
+ *status = NT_STATUS_INTERNAL_DB_ERROR;
+ return NULL;
+ }
+
/* Preexecs are done here as they might make the dir we are to ChDir
* to below */
/* execute any "root preexec = " line */
if (*lp_rootpreexec(snum)) {
pstring cmd;
pstrcpy(cmd,lp_rootpreexec(snum));
- standard_sub_conn(conn,cmd,sizeof(cmd));
+ standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
+ conn->connectpath, conn->gid,
+ get_current_username(),
+ current_user_info.domain,
+ cmd, sizeof(cmd));
DEBUG(5,("cmd=%s\n",cmd));
ret = smbrun(cmd,NULL);
if (ret != 0 && lp_rootpreexec_close(snum)) {
if (*lp_preexec(snum)) {
pstring cmd;
pstrcpy(cmd,lp_preexec(snum));
- standard_sub_conn(conn,cmd,sizeof(cmd));
+ standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
+ conn->connectpath, conn->gid,
+ get_current_username(),
+ current_user_info.domain,
+ cmd, sizeof(cmd));
ret = smbrun(cmd,NULL);
if (ret != 0 && lp_preexec_close(snum)) {
DEBUG(1,("preexec gave %d - failing connection\n",
smb_panic("make_connection: PANIC ERROR. Called as nonroot\n");
}
+ if (conn_num_open() > 2047) {
+ *status = NT_STATUS_INSUFF_SERVER_RESOURCES;
+ return NULL;
+ }
+
if(lp_security() != SEC_SHARE) {
vuser = get_valid_user_struct(vuid);
if (!vuser) {
if (strequal(service_in,HOMES_NAME)) {
if(lp_security() != SEC_SHARE) {
- DATA_BLOB no_pw = data_blob(NULL, 0);
+ DATA_BLOB no_pw = data_blob_null;
if (vuser->homes_snum == -1) {
DEBUG(2, ("[homes] share not available for "
"this user because it was not found "
} else if ((lp_security() != SEC_SHARE) && (vuser->homes_snum != -1)
&& strequal(service_in,
lp_servicename(vuser->homes_snum))) {
- DATA_BLOB no_pw = data_blob(NULL, 0);
+ DATA_BLOB no_pw = data_blob_null;
DEBUG(5, ("making a connection to 'homes' service [%s] "
"created at session setup time\n", service_in));
return make_connection_snum(vuser->homes_snum,
change_to_user(conn, vuid)) {
pstring cmd;
pstrcpy(cmd,lp_postexec(SNUM(conn)));
- standard_sub_conn(conn,cmd,sizeof(cmd));
+ standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
+ conn->connectpath, conn->gid,
+ get_current_username(),
+ current_user_info.domain,
+ cmd, sizeof(cmd));
smbrun(cmd,NULL);
change_to_root_user();
}
if (*lp_rootpostexec(SNUM(conn))) {
pstring cmd;
pstrcpy(cmd,lp_rootpostexec(SNUM(conn)));
- standard_sub_conn(conn,cmd,sizeof(cmd));
+ standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
+ conn->connectpath, conn->gid,
+ get_current_username(),
+ current_user_info.domain,
+ cmd, sizeof(cmd));
smbrun(cmd,NULL);
}
git.samba.org / abartlet / samba.git / .git / blobdiff