/*
- * Unix SMB/Netbios implementation.
- * Version 1.9.
+ * Unix SMB/CIFS implementation.
* RPC Pipe client / server routines
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
#include "includes.h"
-extern int DEBUGLEVEL;
extern pstring global_myname;
/*******************************************************************
Fill in a share info level 1 structure.
********************************************************************/
-static void init_srv_share_info_1(SRV_SHARE_INFO_1 *sh1, int snum)
+static void init_srv_share_info_1(pipes_struct *p, SRV_SHARE_INFO_1 *sh1, int snum)
{
int len_net_name;
pstring net_name;
pstrcpy(net_name, lp_servicename(snum));
pstrcpy(remark, lp_comment(snum));
- pstring_sub(remark,"%S",lp_servicename(snum));
+ standard_sub_conn(p->conn, remark);
len_net_name = strlen(net_name);
/* work out the share type */
Fill in a share info level 2 structure.
********************************************************************/
-static void init_srv_share_info_2(SRV_SHARE_INFO_2 *sh2, int snum)
+static void init_srv_share_info_2(pipes_struct *p, SRV_SHARE_INFO_2 *sh2, int snum)
{
int len_net_name;
pstring net_name;
pstrcpy(net_name, lp_servicename(snum));
pstrcpy(remark, lp_comment(snum));
- pstring_sub(remark,"%S",lp_servicename(snum));
+ standard_sub_conn(p->conn, remark);
pstrcpy(path, "C:");
pstrcat(path, lp_pathname(snum));
********************************************************************/
static TDB_CONTEXT *share_tdb; /* used for share security descriptors */
-#define SHARE_DATABASE_VERSION 1
+#define SHARE_DATABASE_VERSION_V1 1
+#define SHARE_DATABASE_VERSION_V2 2 /* version id in little endian. */
BOOL share_info_db_init(void)
{
- static pid_t local_pid;
- char *vstring = "INFO/version";
+ static pid_t local_pid;
+ char *vstring = "INFO/version";
+ int32 vers_id;
- if (share_tdb && local_pid == sys_getpid()) return True;
- share_tdb = tdb_open_log(lock_path("share_info.tdb"), 0, 0, O_RDWR|O_CREAT, 0600);
- if (!share_tdb) {
- DEBUG(0,("Failed to open share info database %s (%s)\n",
- lock_path("share_info.tdb"), strerror(errno) ));
- return False;
- }
+ if (share_tdb && local_pid == sys_getpid())
+ return True;
+ share_tdb = tdb_open_log(lock_path("share_info.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ if (!share_tdb) {
+ DEBUG(0,("Failed to open share info database %s (%s)\n",
+ lock_path("share_info.tdb"), strerror(errno) ));
+ return False;
+ }
- local_pid = sys_getpid();
+ local_pid = sys_getpid();
- /* handle a Samba upgrade */
- tdb_lock_bystring(share_tdb, vstring);
- if (tdb_fetch_int(share_tdb, vstring) != SHARE_DATABASE_VERSION) {
- tdb_traverse(share_tdb, (tdb_traverse_func)tdb_delete, NULL);
- tdb_store_int(share_tdb, vstring, SHARE_DATABASE_VERSION);
- }
- tdb_unlock_bystring(share_tdb, vstring);
+ /* handle a Samba upgrade */
+ tdb_lock_bystring(share_tdb, vstring);
+
+ /* Cope with byte-reversed older versions of the db. */
+ vers_id = tdb_fetch_int32(share_tdb, vstring);
+ if ((vers_id == SHARE_DATABASE_VERSION_V1) || (IREV(vers_id) == SHARE_DATABASE_VERSION_V1)) {
+ /* Written on a bigendian machine with old fetch_int code. Save as le. */
+ tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
+ vers_id = SHARE_DATABASE_VERSION_V2;
+ }
+
+ if (vers_id != SHARE_DATABASE_VERSION_V2) {
+ tdb_traverse(share_tdb, tdb_traverse_delete_fn, NULL);
+ tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
+ }
+ tdb_unlock_bystring(share_tdb, vstring);
message_register(MSG_SMB_CONF_UPDATED, smb_conf_updated);
- return True;
+ return True;
}
/*******************************************************************
prs_init(&ps, (uint32)sec_desc_size(psd), mem_ctx, MARSHALL);
- if (!sec_io_desc("nt_printing_setsec", &psd, &ps, 1)) {
+ if (!sec_io_desc("share_security", &psd, &ps, 1)) {
goto out;
}
BOOL share_access_check(connection_struct *conn, int snum, uint16 vuid, uint32 desired_access)
{
- uint32 granted, status;
+ uint32 granted;
+ NTSTATUS status;
TALLOC_CTX *mem_ctx = NULL;
SEC_DESC *psd = NULL;
size_t sd_size;
- struct current_user tmp_user;
- struct current_user *puser = NULL;
+ NT_USER_TOKEN *token = NULL;
user_struct *vuser = get_valid_user_struct(vuid);
BOOL ret = True;
if (!psd)
goto out;
- ZERO_STRUCT(tmp_user);
- if (vuser) {
- tmp_user.vuid = vuid;
- tmp_user.uid = vuser->uid;
- tmp_user.gid = vuser->gid;
- tmp_user.ngroups = vuser->n_groups;
- tmp_user.groups = vuser->groups;
- tmp_user.nt_user_token = vuser->nt_user_token;
- } else {
- tmp_user.vuid = vuid;
- tmp_user.uid = conn->uid;
- tmp_user.gid = conn->gid;
- tmp_user.ngroups = conn->ngroups;
- tmp_user.groups = conn->groups;
- tmp_user.nt_user_token = conn->nt_user_token;
- }
-
- puser = &tmp_user;
+ if (vuser)
+ token = vuser->nt_user_token;
+ else
+ token = conn->nt_user_token;
- ret = se_access_check(psd, puser, desired_access, &granted, &status);
+ ret = se_access_check(psd, token, desired_access, &granted, &status);
out:
Fill in a share info level 502 structure.
********************************************************************/
-static void init_srv_share_info_502(TALLOC_CTX *ctx, SRV_SHARE_INFO_502 *sh502, int snum)
+static void init_srv_share_info_502(pipes_struct *p, SRV_SHARE_INFO_502 *sh502, int snum)
{
int len_net_name;
pstring net_name;
uint32 type;
SEC_DESC *sd;
size_t sd_size;
+ TALLOC_CTX *ctx = p->mem_ctx;
+
ZERO_STRUCTP(sh502);
pstrcpy(net_name, lp_servicename(snum));
pstrcpy(remark, lp_comment(snum));
- pstring_sub(remark,"%S",lp_servicename(snum));
+ standard_sub_conn(p->conn, remark);
pstrcpy(path, "C:");
pstrcat(path, lp_pathname(snum));
{
sh1005->dfs_root_flag = 0;
-#ifdef WITH_MSDFS
if(lp_host_msdfs() && lp_msdfs_root(snum))
sh1005->dfs_root_flag = 3;
-#endif
-
}
/*******************************************************************
Fill in a share info structure.
********************************************************************/
-static BOOL init_srv_share_info_ctr(TALLOC_CTX *ctx, SRV_SHARE_INFO_CTR *ctr,
+static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
uint32 info_level, uint32 *resume_hnd, uint32 *total_entries, BOOL all_shares)
{
int num_entries = 0;
int num_services = lp_numservices();
int snum;
+ TALLOC_CTX *ctx = p->mem_ctx;
DEBUG(5,("init_srv_share_info_ctr\n"));
for (snum = *resume_hnd; snum < num_services; snum++) {
if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_admin_share(snum)) ) {
- init_srv_share_info_1(&info1[i++], snum);
+ init_srv_share_info_1(p, &info1[i++], snum);
}
}
for (snum = *resume_hnd; snum < num_services; snum++) {
if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_admin_share(snum)) ) {
- init_srv_share_info_2(&info2[i++], snum);
+ init_srv_share_info_2(p, &info2[i++], snum);
}
}
for (snum = *resume_hnd; snum < num_services; snum++) {
if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_admin_share(snum)) ) {
- init_srv_share_info_502(ctx, &info502[i++], snum);
+ init_srv_share_info_502(p, &info502[i++], snum);
}
}
Inits a SRV_R_NET_SHARE_ENUM structure.
********************************************************************/
-static void init_srv_r_net_share_enum(TALLOC_CTX *ctx, SRV_R_NET_SHARE_ENUM *r_n,
+static void init_srv_r_net_share_enum(pipes_struct *p, SRV_R_NET_SHARE_ENUM *r_n,
uint32 info_level, uint32 resume_hnd, BOOL all)
{
DEBUG(5,("init_srv_r_net_share_enum: %d\n", __LINE__));
- if (init_srv_share_info_ctr(ctx, &r_n->ctr, info_level,
+ if (init_srv_share_info_ctr(p, &r_n->ctr, info_level,
&resume_hnd, &r_n->total_entries, all)) {
- r_n->status = NT_STATUS_NOPROBLEMO;
+ r_n->status = NT_STATUS_OK;
} else {
r_n->status = NT_STATUS_INVALID_INFO_CLASS;
}
Inits a SRV_R_NET_SHARE_GET_INFO structure.
********************************************************************/
-static void init_srv_r_net_share_get_info(TALLOC_CTX *ctx, SRV_R_NET_SHARE_GET_INFO *r_n,
+static void init_srv_r_net_share_get_info(pipes_struct *p, SRV_R_NET_SHARE_GET_INFO *r_n,
char *share_name, uint32 info_level)
{
- uint32 status = NT_STATUS_NOPROBLEMO;
+ NTSTATUS status = NT_STATUS_OK;
int snum;
DEBUG(5,("init_srv_r_net_share_get_info: %d\n", __LINE__));
if (snum >= 0) {
switch (info_level) {
case 1:
- init_srv_share_info_1(&r_n->info.share.info1, snum);
+ init_srv_share_info_1(p, &r_n->info.share.info1, snum);
break;
case 2:
- init_srv_share_info_2(&r_n->info.share.info2, snum);
+ init_srv_share_info_2(p, &r_n->info.share.info2, snum);
break;
case 502:
- init_srv_share_info_502(ctx, &r_n->info.share.info502, snum);
+ init_srv_share_info_502(p, &r_n->info.share.info502, snum);
break;
case 1005:
init_srv_share_info_1005(&r_n->info.share.info1005, snum);
status = NT_STATUS_BAD_NETWORK_NAME;
}
- r_n->info.ptr_share_ctr = (status == NT_STATUS_NOPROBLEMO) ? 1 : 0;
+ r_n->info.ptr_share_ctr = NT_STATUS_IS_OK(status) ? 1 : 0;
r_n->status = status;
}
makes a SRV_R_NET_SESS_ENUM structure.
********************************************************************/
-static uint32 init_srv_sess_info_ctr(SRV_SESS_INFO_CTR *ctr,
+static NTSTATUS init_srv_sess_info_ctr(SRV_SESS_INFO_CTR *ctr,
int switch_value, uint32 *resume_hnd, uint32 *total_entries)
{
- uint32 status = NT_STATUS_NOPROBLEMO;
+ NTSTATUS status = NT_STATUS_OK;
DEBUG(5,("init_srv_sess_info_ctr: %d\n", __LINE__));
ctr->switch_value = switch_value;
else
r_n->status = init_srv_sess_info_ctr(r_n->ctr, switch_value, &resume_hnd, &r_n->total_entries);
- if (r_n->status != NT_STATUS_NOPROBLEMO)
+ if (NT_STATUS_IS_ERR(r_n->status))
resume_hnd = 0;
init_enum_hnd(&r_n->enum_hnd, resume_hnd);
makes a SRV_R_NET_CONN_ENUM structure.
********************************************************************/
-static uint32 init_srv_conn_info_ctr(SRV_CONN_INFO_CTR *ctr,
+static NTSTATUS init_srv_conn_info_ctr(SRV_CONN_INFO_CTR *ctr,
int switch_value, uint32 *resume_hnd, uint32 *total_entries)
{
- uint32 status = NT_STATUS_NOPROBLEMO;
+ NTSTATUS status = NT_STATUS_OK;
DEBUG(5,("init_srv_conn_info_ctr: %d\n", __LINE__));
ctr->switch_value = switch_value;
else
r_n->status = init_srv_conn_info_ctr(r_n->ctr, switch_value, &resume_hnd, &r_n->total_entries);
- if (r_n->status != NT_STATUS_NOPROBLEMO)
+ if (NT_STATUS_IS_ERR(r_n->status))
resume_hnd = 0;
init_enum_hnd(&r_n->enum_hnd, resume_hnd);
makes a SRV_R_NET_FILE_ENUM structure.
********************************************************************/
-static uint32 init_srv_file_info_ctr(SRV_FILE_INFO_CTR *ctr,
+static NTSTATUS init_srv_file_info_ctr(SRV_FILE_INFO_CTR *ctr,
int switch_value, uint32 *resume_hnd, uint32 *total_entries)
{
- uint32 status = NT_STATUS_NOPROBLEMO;
+ NTSTATUS status = NT_STATUS_OK;
DEBUG(5,("init_srv_file_info_ctr: %d\n", __LINE__));
ctr->switch_value = switch_value;
else
r_n->status = init_srv_file_info_ctr(r_n->ctr, switch_value, &resume_hnd, &(r_n->total_entries));
- if (r_n->status != NT_STATUS_NOPROBLEMO)
+ if (NT_STATUS_IS_ERR(r_n->status))
resume_hnd = 0;
init_enum_hnd(&r_n->enum_hnd, resume_hnd);
net server get info
********************************************************************/
-uint32 _srv_net_srv_get_info(pipes_struct *p, SRV_Q_NET_SRV_GET_INFO *q_u, SRV_R_NET_SRV_GET_INFO *r_u)
+NTSTATUS _srv_net_srv_get_info(pipes_struct *p, SRV_Q_NET_SRV_GET_INFO *q_u, SRV_R_NET_SRV_GET_INFO *r_u)
{
- uint32 status = NT_STATUS_NOPROBLEMO;
+ NTSTATUS status = NT_STATUS_OK;
SRV_INFO_CTR *ctr = (SRV_INFO_CTR *)talloc(p->mem_ctx, sizeof(SRV_INFO_CTR));
if (!ctr)
return r_u->status;
}
+/*******************************************************************
+net server set info
+********************************************************************/
+
+NTSTATUS _srv_net_srv_set_info(pipes_struct *p, SRV_Q_NET_SRV_SET_INFO *q_u, SRV_R_NET_SRV_SET_INFO *r_u)
+{
+ /* NT gives "Windows NT error 0xc00000022" if we return
+ NT_STATUS_ACCESS_DENIED here so just pretend everything is OK. */
+
+ NTSTATUS status = NT_STATUS_OK;
+
+ DEBUG(5,("srv_net_srv_set_info: %d\n", __LINE__));
+
+ /* Set up the net server set info structure. */
+
+ init_srv_r_net_srv_set_info(r_u, 0x0, status);
+
+ DEBUG(5,("srv_net_srv_set_info: %d\n", __LINE__));
+
+ return r_u->status;
+}
+
/*******************************************************************
net file enum
********************************************************************/
-uint32 _srv_net_file_enum(pipes_struct *p, SRV_Q_NET_FILE_ENUM *q_u, SRV_R_NET_FILE_ENUM *r_u)
+NTSTATUS _srv_net_file_enum(pipes_struct *p, SRV_Q_NET_FILE_ENUM *q_u, SRV_R_NET_FILE_ENUM *r_u)
{
r_u->ctr = (SRV_FILE_INFO_CTR *)talloc(p->mem_ctx, sizeof(SRV_FILE_INFO_CTR));
if (!r_u->ctr)
net conn enum
********************************************************************/
-uint32 _srv_net_conn_enum(pipes_struct *p, SRV_Q_NET_CONN_ENUM *q_u, SRV_R_NET_CONN_ENUM *r_u)
+NTSTATUS _srv_net_conn_enum(pipes_struct *p, SRV_Q_NET_CONN_ENUM *q_u, SRV_R_NET_CONN_ENUM *r_u)
{
DEBUG(5,("srv_net_conn_enum: %d\n", __LINE__));
net sess enum
********************************************************************/
-uint32 _srv_net_sess_enum(pipes_struct *p, SRV_Q_NET_SESS_ENUM *q_u, SRV_R_NET_SESS_ENUM *r_u)
+NTSTATUS _srv_net_sess_enum(pipes_struct *p, SRV_Q_NET_SESS_ENUM *q_u, SRV_R_NET_SESS_ENUM *r_u)
{
DEBUG(5,("_srv_net_sess_enum: %d\n", __LINE__));
Net share enum all.
********************************************************************/
-uint32 _srv_net_share_enum_all(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R_NET_SHARE_ENUM *r_u)
+NTSTATUS _srv_net_share_enum_all(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R_NET_SHARE_ENUM *r_u)
{
DEBUG(5,("_srv_net_share_enum: %d\n", __LINE__));
/* Create the list of shares for the response. */
- init_srv_r_net_share_enum(p->mem_ctx, r_u,
+ init_srv_r_net_share_enum(p, r_u,
q_u->ctr.info_level,
get_enum_hnd(&q_u->enum_hnd), True);
Net share enum.
********************************************************************/
-uint32 _srv_net_share_enum(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R_NET_SHARE_ENUM *r_u)
+NTSTATUS _srv_net_share_enum(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R_NET_SHARE_ENUM *r_u)
{
DEBUG(5,("_srv_net_share_enum: %d\n", __LINE__));
/* Create the list of shares for the response. */
- init_srv_r_net_share_enum(p->mem_ctx, r_u,
+ init_srv_r_net_share_enum(p, r_u,
q_u->ctr.info_level,
get_enum_hnd(&q_u->enum_hnd), False);
Net share get info.
********************************************************************/
-uint32 _srv_net_share_get_info(pipes_struct *p, SRV_Q_NET_SHARE_GET_INFO *q_u, SRV_R_NET_SHARE_GET_INFO *r_u)
+NTSTATUS _srv_net_share_get_info(pipes_struct *p, SRV_Q_NET_SHARE_GET_INFO *q_u, SRV_R_NET_SHARE_GET_INFO *r_u)
{
fstring share_name;
/* Create the list of shares for the response. */
unistr2_to_ascii(share_name, &q_u->uni_share_name, sizeof(share_name));
- init_srv_r_net_share_get_info(p->mem_ctx, r_u, share_name, q_u->info_level);
+ init_srv_r_net_share_get_info(p, r_u, share_name, q_u->info_level);
DEBUG(5,("_srv_net_share_get_info: %d\n", __LINE__));
if (getcwd(saved_pathname, sizeof(saved_pathname)) == NULL)
return False;
- /* Convert to UNIX charset. */
pstrcpy(unix_pathname, ptr);
- dos_to_unix(unix_pathname, True);
ret = chdir(unix_pathname);
Net share set info. Modify share details.
********************************************************************/
-uint32 _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, SRV_R_NET_SHARE_SET_INFO *r_u)
+NTSTATUS _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, SRV_R_NET_SHARE_SET_INFO *r_u)
{
struct current_user user;
pstring command;
r_u->switch_value = 0;
if (strequal(share_name,"IPC$") || strequal(share_name,"ADMIN$") || strequal(share_name,"global"))
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
snum = find_service(share_name);
/* Does this share exist ? */
if (snum < 0)
- return ERRnosuchshare;
+ return NT_STATUS_BAD_NETWORK_NAME;
/* No change to printer shares. */
if (lp_print_ok(snum))
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
get_current_user(&user,p);
if (user.uid != 0)
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
switch (q_u->info_level) {
case 1:
/* Not enough info in a level 1 to do anything. */
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
case 2:
unistr2_to_ascii(comment, &q_u->info.share.info2.info_2_str.uni_remark, sizeof(share_name));
unistr2_to_ascii(pathname, &q_u->info.share.info2.info_2_str.uni_path, sizeof(share_name));
map_generic_share_sd_bits(psd);
break;
case 1005:
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
case 1501:
fstrcpy(pathname, lp_pathname(snum));
fstrcpy(comment, lp_comment(snum));
/* We can only modify disk shares. */
if (type != STYPE_DISKTREE)
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
/* Check if the pathname is valid. */
if (!(ptr = valid_share_pathname( pathname )))
- return ERRbadpath;
+ return NT_STATUS_OBJECT_PATH_INVALID;
/* Ensure share name, pathname and comment don't contain '"' characters. */
string_replace(share_name, '"', ' ');
if (strcmp(ptr, lp_pathname(snum)) || strcmp(comment, lp_comment(snum)) ) {
if (!lp_change_share_cmd() || !*lp_change_share_cmd())
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
- lp_change_share_cmd(), CONFIGFILE, share_name, ptr, comment);
- dos_to_unix(command, True); /* Convert to unix-codepage */
+ lp_change_share_cmd(), dyn_CONFIGFILE, share_name, ptr, comment);
DEBUG(10,("_srv_net_share_set_info: Running [%s]\n", command ));
if ((ret = smbrun(command, NULL)) != 0) {
DEBUG(0,("_srv_net_share_set_info: Running [%s] returned (%d)\n", command, ret ));
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
}
/* Tell everyone we updated smb.conf. */
- message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False);
+ message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL,
+ 0, False, NULL);
} else {
DEBUG(10,("_srv_net_share_set_info: No change to share name (%s)\n", share_name ));
DEBUG(5,("_srv_net_share_set_info: %d\n", __LINE__));
- return NT_STATUS_NOPROBLEMO;
+ return NT_STATUS_OK;
}
/*******************************************************************
Net share add. Call 'add_share_command "sharename" "pathname" "comment" "read only = xxx"'
********************************************************************/
-uint32 _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_SHARE_ADD *r_u)
+NTSTATUS _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_SHARE_ADD *r_u)
{
struct current_user user;
pstring command;
if (user.uid != 0) {
DEBUG(10,("_srv_net_share_add: uid != 0. Access denied.\n"));
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
}
if (!lp_add_share_cmd() || !*lp_add_share_cmd()) {
DEBUG(10,("_srv_net_share_add: No add share command\n"));
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
}
switch (q_u->info_level) {
case 1:
/* Not enough info in a level 1 to do anything. */
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
case 2:
unistr2_to_ascii(share_name, &q_u->info.share.info2.info_2_str.uni_netname, sizeof(share_name));
unistr2_to_ascii(comment, &q_u->info.share.info2.info_2_str.uni_remark, sizeof(share_name));
break;
case 1005:
/* DFS only level. */
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
default:
DEBUG(5,("_srv_net_share_add: unsupported switch value %d\n", q_u->info_level));
return NT_STATUS_INVALID_INFO_CLASS;
}
if (strequal(share_name,"IPC$") || strequal(share_name,"ADMIN$") || strequal(share_name,"global"))
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
snum = find_service(share_name);
/* Share already exists. */
if (snum >= 0)
- return ERRfilexists;
+ return NT_STATUS_OBJECT_NAME_COLLISION;
/* We can only add disk shares. */
if (type != STYPE_DISKTREE)
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
/* Check if the pathname is valid. */
if (!(ptr = valid_share_pathname( pathname )))
- return ERRbadpath;
+ return NT_STATUS_OBJECT_PATH_INVALID;
/* Ensure share name, pathname and comment don't contain '"' characters. */
string_replace(share_name, '"', ' ');
string_replace(comment, '"', ' ');
slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
- lp_add_share_cmd(), CONFIGFILE, share_name, ptr, comment);
- dos_to_unix(command, True); /* Convert to unix-codepage */
+ lp_add_share_cmd(), dyn_CONFIGFILE, share_name, ptr, comment);
DEBUG(10,("_srv_net_share_add: Running [%s]\n", command ));
if ((ret = smbrun(command, NULL)) != 0) {
DEBUG(0,("_srv_net_share_add: Running [%s] returned (%d)\n", command, ret ));
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
}
if (psd) {
}
/* Tell everyone we updated smb.conf. */
- message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False);
+ message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False,
+ NULL);
/*
* We don't call reload_services() here, the message will
DEBUG(5,("_srv_net_share_add: %d\n", __LINE__));
- return NT_STATUS_NOPROBLEMO;
+ return NT_STATUS_OK;
}
/*******************************************************************
a parameter.
********************************************************************/
-uint32 _srv_net_share_del(pipes_struct *p, SRV_Q_NET_SHARE_DEL *q_u, SRV_R_NET_SHARE_DEL *r_u)
+NTSTATUS _srv_net_share_del(pipes_struct *p, SRV_Q_NET_SHARE_DEL *q_u, SRV_R_NET_SHARE_DEL *r_u)
{
struct current_user user;
pstring command;
unistr2_to_ascii(share_name, &q_u->uni_share_name, sizeof(share_name));
if (strequal(share_name,"IPC$") || strequal(share_name,"ADMIN$") || strequal(share_name,"global"))
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
snum = find_service(share_name);
if (snum < 0)
- return ERRnosuchshare;
+ return NT_STATUS_BAD_NETWORK_NAME;
/* No change to printer shares. */
if (lp_print_ok(snum))
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
get_current_user(&user,p);
if (user.uid != 0)
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
if (!lp_delete_share_cmd() || !*lp_delete_share_cmd())
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\"",
- lp_delete_share_cmd(), CONFIGFILE, lp_servicename(snum));
- dos_to_unix(command, True); /* Convert to unix-codepage */
+ lp_delete_share_cmd(), dyn_CONFIGFILE, lp_servicename(snum));
DEBUG(10,("_srv_net_share_del: Running [%s]\n", command ));
if ((ret = smbrun(command, NULL)) != 0) {
DEBUG(0,("_srv_net_share_del: Running [%s] returned (%d)\n", command, ret ));
- return ERROR_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
}
/* Delete the SD in the database. */
delete_share_security(snum);
/* Tell everyone we updated smb.conf. */
- message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False);
+ message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False,
+ NULL);
lp_killservice(snum);
- return NT_STATUS_NOPROBLEMO;
+ return NT_STATUS_OK;
}
/*******************************************************************
time of day
********************************************************************/
-uint32 _srv_net_remote_tod(pipes_struct *p, SRV_Q_NET_REMOTE_TOD *q_u, SRV_R_NET_REMOTE_TOD *r_u)
+NTSTATUS _srv_net_remote_tod(pipes_struct *p, SRV_Q_NET_REMOTE_TOD *q_u, SRV_R_NET_REMOTE_TOD *r_u)
{
TIME_OF_DAY_INFO *tod;
struct tm *t;
r_u->tod = tod;
r_u->ptr_srv_tod = 0x1;
- r_u->status = NT_STATUS_NOPROBLEMO;
+ r_u->status = NT_STATUS_OK;
DEBUG(5,("_srv_net_remote_tod: %d\n", __LINE__));
Win9x NT tools get security descriptor.
***********************************************************************************/
-uint32 _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC *q_u,
+NTSTATUS _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC *q_u,
SRV_R_NET_FILE_QUERY_SECDESC *r_u)
{
SEC_DESC *psd = NULL;
size_t sd_size;
- fstring null_pw;
+ DATA_BLOB null_pw;
pstring filename;
pstring qualname;
files_struct *fsp = NULL;
BOOL bad_path;
int access_mode;
int action;
- int ecode;
+ NTSTATUS nt_status;
struct current_user user;
- fstring user_name;
connection_struct *conn = NULL;
+ BOOL became_user = False;
ZERO_STRUCT(st);
- r_u->status = NT_STATUS_NOPROBLEMO;
+ r_u->status = NT_STATUS_OK;
unistr2_to_ascii(qualname, &q_u->uni_qual_name, sizeof(qualname));
/* Null password is ok - we are already an authenticated user... */
- *null_pw = '\0';
-
- get_current_user(&user, p);
- fstrcpy(user_name, uidtoname(user.uid));
+ null_pw = data_blob(NULL, 0);
- conn = make_connection(qualname, user_name, "", 0, "A:", user.vuid, &ecode);
+ get_current_user(&user, p);
+
+ become_root();
+ conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status);
+ unbecome_root();
if (conn == NULL) {
DEBUG(3,("_srv_net_file_query_secdesc: Unable to connect to %s\n", qualname));
- r_u->status = (uint32)ecode;
+ r_u->status = nt_status;
goto error_exit;
}
+ if (!become_user(conn, conn->vuid)) {
+ DEBUG(0,("_srv_net_file_query_secdesc: Can't become connected user!\n"));
+ r_u->status = NT_STATUS_ACCESS_DENIED;
+ goto error_exit;
+ }
+ became_user = True;
+
unistr2_to_ascii(filename, &q_u->uni_file_name, sizeof(filename));
unix_convert(filename, conn, NULL, &bad_path, &st);
+
fsp = open_file_shared(conn, filename, &st, SET_OPEN_MODE(DOS_OPEN_RDONLY),
- (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &action);
+ (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &action);
if (!fsp) {
/* Perhaps it is a directory */
if (errno == EISDIR)
- fsp = open_directory(conn, filename, &st,
- (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, &action);
+ fsp = open_directory(conn, filename, &st,0,
+ (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, &action);
if (!fsp) {
DEBUG(3,("_srv_net_file_query_secdesc: Unable to open file %s\n", filename));
- r_u->status = ERROR_ACCESS_DENIED;
+ r_u->status = NT_STATUS_ACCESS_DENIED;
goto error_exit;
}
}
if (sd_size == 0) {
DEBUG(3,("_srv_net_file_query_secdesc: Unable to get NT ACL for file %s\n", filename));
- r_u->status = ERROR_ACCESS_DENIED;
+ r_u->status = NT_STATUS_ACCESS_DENIED;
goto error_exit;
}
psd->dacl->revision = (uint16) NT4_ACL_REVISION;
close_file(fsp, True);
- file_free(fsp);
-
+ unbecome_user();
close_cnum(conn, user.vuid);
return r_u->status;
if(fsp) {
close_file(fsp, True);
- file_free(fsp);
}
+ if (became_user)
+ unbecome_user();
+
if (conn)
close_cnum(conn, user.vuid);
Win9x NT tools set security descriptor.
***********************************************************************************/
-uint32 _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_u,
+NTSTATUS _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_u,
SRV_R_NET_FILE_SET_SECDESC *r_u)
{
BOOL ret;
+ DATA_BLOB null_pw;
pstring filename;
pstring qualname;
- fstring null_pw;
files_struct *fsp = NULL;
SMB_STRUCT_STAT st;
BOOL bad_path;
int access_mode;
int action;
- int ecode;
+ NTSTATUS nt_status;
struct current_user user;
- fstring user_name;
connection_struct *conn = NULL;
+ BOOL became_user = False;
ZERO_STRUCT(st);
- r_u->status = NT_STATUS_NOPROBLEMO;
+ r_u->status = NT_STATUS_OK;
unistr2_to_ascii(qualname, &q_u->uni_qual_name, sizeof(qualname));
/* Null password is ok - we are already an authenticated user... */
- *null_pw = '\0';
-
- get_current_user(&user, p);
- fstrcpy(user_name, uidtoname(user.uid));
+ null_pw = data_blob(NULL, 0);
- conn = make_connection(qualname, user_name, null_pw, 0, "A:", user.vuid, &ecode);
+ get_current_user(&user, p);
+
+ become_root();
+ conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status);
+ unbecome_root();
if (conn == NULL) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to connect to %s\n", qualname));
- r_u->status = (uint32)ecode;
+ r_u->status = nt_status;
goto error_exit;
}
+ if (!become_user(conn, conn->vuid)) {
+ DEBUG(0,("_srv_net_file_set_secdesc: Can't become connected user!\n"));
+ r_u->status = NT_STATUS_ACCESS_DENIED;
+ goto error_exit;
+ }
+ became_user = True;
+
unistr2_to_ascii(filename, &q_u->uni_file_name, sizeof(filename));
unix_convert(filename, conn, NULL, &bad_path, &st);
fsp = open_file_shared(conn, filename, &st, SET_OPEN_MODE(DOS_OPEN_RDWR),
- (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &action);
+ (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &action);
if (!fsp) {
/* Perhaps it is a directory */
if (errno == EISDIR)
- fsp = open_directory(conn, filename, &st,
- (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, &action);
+ fsp = open_directory(conn, filename, &st,0,
+ (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, &action);
if (!fsp) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to open file %s\n", filename));
- r_u->status = ERROR_ACCESS_DENIED;
+ r_u->status = NT_STATUS_ACCESS_DENIED;
goto error_exit;
}
}
if (ret == False) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to set NT ACL on file %s\n", filename));
- r_u->status = ERROR_ACCESS_DENIED;
+ r_u->status = NT_STATUS_ACCESS_DENIED;
goto error_exit;
}
close_file(fsp, True);
- file_free(fsp);
+ unbecome_user();
close_cnum(conn, user.vuid);
return r_u->status;
if(fsp) {
close_file(fsp, True);
- file_free(fsp);
}
+ if (became_user)
+ unbecome_user();
+
if (conn)
close_cnum(conn, user.vuid);
return disk;
}
-uint32 _srv_net_disk_enum(pipes_struct *p, SRV_Q_NET_DISK_ENUM *q_u, SRV_R_NET_DISK_ENUM *r_u)
+NTSTATUS _srv_net_disk_enum(pipes_struct *p, SRV_Q_NET_DISK_ENUM *q_u, SRV_R_NET_DISK_ENUM *r_u)
{
uint32 i;
const char *disk_name;
uint32 resume=get_enum_hnd(&q_u->enum_hnd);
- r_u->status=NT_STATUS_NOPROBLEMO;
+ r_u->status=NT_STATUS_OK;
r_u->total_entries = init_server_disk_enum(&resume);
r_u->disk_enum_ctr.unknown = 0;
- r_u->disk_enum_ctr.disk_info_ptr = (uint32) r_u->disk_enum_ctr.disk_info;
+ r_u->disk_enum_ctr.disk_info_ptr = r_u->disk_enum_ctr.disk_info? 1 : 0;
/*allow one DISK_INFO for null terminator*/
return r_u->status;
}
-uint32 _srv_net_name_validate(pipes_struct *p, SRV_Q_NET_NAME_VALIDATE *q_u, SRV_R_NET_NAME_VALIDATE *r_u)
+NTSTATUS _srv_net_name_validate(pipes_struct *p, SRV_Q_NET_NAME_VALIDATE *q_u, SRV_R_NET_NAME_VALIDATE *r_u)
{
int snum;
fstring share_name;
- r_u->status=NT_STATUS_NOPROBLEMO;
+ r_u->status=NT_STATUS_OK;
switch(q_u->type) {
default:
/*unsupported type*/
- r_u->status = ERROR_INVALID_LEVEL;
+ r_u->status = NT_STATUS_INVALID_LEVEL;
break;
}
git.samba.org / samba.git / blobdiff