*/
#include "includes.h"
+#include "system/passwd.h"
+#include "smbd/smbd.h"
+#include "smbd/globals.h"
+#include "../librpc/gen_ndr/netlogon.h"
+#include "libcli/security/security.h"
+#include "passdb/lookup_sid.h"
+#include "auth.h"
/* what user is current? */
extern struct current_user current_user;
bool change_to_guest(void)
{
- static struct passwd *pass=NULL;
+ struct passwd *pass;
+ pass = Get_Pwnam_alloc(talloc_tos(), lp_guestaccount());
if (!pass) {
- /* Don't need to free() this as its stored in a static */
- pass = getpwnam_alloc(talloc_autofree_context(), lp_guestaccount());
- if (!pass)
- return(False);
+ return false;
}
#ifdef AIX
current_user.vuid = UID_FIELD_INVALID;
TALLOC_FREE(pass);
- pass = NULL;
- return True;
+ return true;
+}
+
+/****************************************************************************
+ talloc free the conn->session_info if not used in the vuid cache.
+****************************************************************************/
+
+static void free_conn_session_info_if_unused(connection_struct *conn)
+{
+ unsigned int i;
+
+ for (i = 0; i < VUID_CACHE_SIZE; i++) {
+ struct vuid_cache_entry *ent;
+ ent = &conn->vuid_cache.array[i];
+ if (ent->vuid != UID_FIELD_INVALID &&
+ conn->session_info == ent->session_info) {
+ return;
+ }
+ }
+ /* Not used, safe to free. */
+ TALLOC_FREE(conn->session_info);
}
/*******************************************************************
Check if a username is OK.
- This sets up conn->server_info with a copy related to this vuser that
+ This sets up conn->session_info with a copy related to this vuser that
later code can then mess with.
********************************************************************/
static bool check_user_ok(connection_struct *conn,
uint16_t vuid,
- const struct auth_serversupplied_info *server_info,
+ const struct auth3_session_info *session_info,
int snum)
{
bool valid_vuid = (vuid != UID_FIELD_INVALID);
for (i=0; i<VUID_CACHE_SIZE; i++) {
ent = &conn->vuid_cache.array[i];
if (ent->vuid == vuid) {
- conn->server_info = ent->server_info;
+ free_conn_session_info_if_unused(conn);
+ conn->session_info = ent->session_info;
conn->read_only = ent->read_only;
- conn->admin_user = ent->admin_user;
return(True);
}
}
}
- if (!user_ok_token(server_info->unix_name,
- pdb_get_domain(server_info->sam_account),
- server_info->ptok, snum))
+ if (!user_ok_token(session_info->unix_info->unix_name,
+ session_info->info->domain_name,
+ session_info->security_token, snum))
return(False);
readonly_share = is_share_read_only_for_token(
- server_info->unix_name,
- pdb_get_domain(server_info->sam_account),
- server_info->ptok,
+ session_info->unix_info->unix_name,
+ session_info->info->domain_name,
+ session_info->security_token,
conn);
if (!readonly_share &&
- !share_access_check(server_info->ptok, lp_servicename(snum),
- FILE_WRITE_DATA)) {
+ !share_access_check(session_info->security_token,
+ lp_servicename(snum), FILE_WRITE_DATA,
+ NULL)) {
/* smb.conf allows r/w, but the security descriptor denies
* write. Fall back to looking at readonly. */
readonly_share = True;
"security descriptor\n"));
}
- if (!share_access_check(server_info->ptok, lp_servicename(snum),
+ if (!share_access_check(session_info->security_token,
+ lp_servicename(snum),
readonly_share ?
- FILE_READ_DATA : FILE_WRITE_DATA)) {
+ FILE_READ_DATA : FILE_WRITE_DATA,
+ NULL)) {
return False;
}
admin_user = token_contains_name_in_list(
- server_info->unix_name,
- pdb_get_domain(server_info->sam_account),
- NULL, server_info->ptok, lp_admin_users(snum));
+ session_info->unix_info->unix_name,
+ session_info->info->domain_name,
+ NULL, session_info->security_token, lp_admin_users(snum));
if (valid_vuid) {
struct vuid_cache_entry *ent =
conn->vuid_cache.next_entry =
(conn->vuid_cache.next_entry + 1) % VUID_CACHE_SIZE;
- TALLOC_FREE(ent->server_info);
+ TALLOC_FREE(ent->session_info);
/*
- * If force_user was set, all server_info's are based on the same
+ * If force_user was set, all session_info's are based on the same
* username-based faked one.
*/
- ent->server_info = copy_serverinfo(
- conn, conn->force_user ? conn->server_info : server_info);
+ ent->session_info = copy_session_info(
+ conn, conn->force_user ? conn->session_info : session_info);
- if (ent->server_info == NULL) {
+ if (ent->session_info == NULL) {
ent->vuid = UID_FIELD_INVALID;
return false;
}
ent->vuid = vuid;
ent->read_only = readonly_share;
- ent->admin_user = admin_user;
- conn->server_info = ent->server_info;
+ free_conn_session_info_if_unused(conn);
+ conn->session_info = ent->session_info;
}
conn->read_only = readonly_share;
- conn->admin_user = admin_user;
+ if (admin_user) {
+ DEBUG(2,("check_user_ok: user %s is an admin user. "
+ "Setting uid as %d\n",
+ conn->session_info->unix_info->unix_name,
+ sec_initial_uid() ));
+ conn->session_info->unix_token->uid = sec_initial_uid();
+ }
return(True);
}
-/****************************************************************************
- Clear a vuid out of the connection's vuid cache
-****************************************************************************/
-
-void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid)
-{
- int i;
-
- for (i=0; i<VUID_CACHE_SIZE; i++) {
- struct vuid_cache_entry *ent;
-
- ent = &conn->vuid_cache.array[i];
-
- if (ent->vuid == vuid) {
- ent->vuid = UID_FIELD_INVALID;
- TALLOC_FREE(ent->server_info);
- ent->read_only = False;
- ent->admin_user = False;
- }
- }
-}
-
/****************************************************************************
Become the user of a connection number without changing the security context
stack, but modify the current_user entries.
****************************************************************************/
-bool change_to_user(connection_struct *conn, uint16 vuid)
+static bool change_to_user_internal(connection_struct *conn,
+ const struct auth3_session_info *session_info,
+ uint16_t vuid)
{
- const struct auth_serversupplied_info *server_info = NULL;
- user_struct *vuser = get_valid_user_struct(vuid);
int snum;
gid_t gid;
uid_t uid;
char group_c;
int num_groups = 0;
gid_t *group_list = NULL;
-
- if (!conn) {
- DEBUG(2,("change_to_user: Connection not open\n"));
- return(False);
- }
-
- /*
- * We need a separate check in security=share mode due to vuid
- * always being UID_FIELD_INVALID. If we don't do this then
- * in share mode security we are *always* changing uid's between
- * SMB's - this hurts performance - Badly.
- */
-
- if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
- (current_user.ut.uid == conn->server_info->utok.uid)) {
- DEBUG(4,("change_to_user: Skipping user change - already "
- "user\n"));
- return(True);
- } else if ((current_user.conn == conn) &&
- (vuser != NULL) && (current_user.vuid == vuid) &&
- (current_user.ut.uid == vuser->server_info->utok.uid)) {
- DEBUG(4,("change_to_user: Skipping user change - already "
- "user\n"));
- return(True);
- }
+ bool ok;
snum = SNUM(conn);
- server_info = vuser ? vuser->server_info : conn->server_info;
-
- if (!check_user_ok(conn, vuid, server_info, snum)) {
- DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) "
+ ok = check_user_ok(conn, vuid, session_info, snum);
+ if (!ok) {
+ DEBUG(2,("SMB user %s (unix user %s) "
"not permitted access to share %s.\n",
- server_info->sanitized_username,
- server_info->unix_name, vuid,
+ session_info->unix_info->sanitized_username,
+ session_info->unix_info->unix_name,
lp_servicename(snum)));
return false;
}
- /*
- * conn->server_info is now correctly set up with a copy we can mess
- * with for force_group etc.
- */
-
- if (conn->force_user) /* security = share sets this too */ {
- uid = conn->server_info->utok.uid;
- gid = conn->server_info->utok.gid;
- group_list = conn->server_info->utok.groups;
- num_groups = conn->server_info->utok.ngroups;
- } else if (vuser) {
- uid = conn->admin_user ? 0 : vuser->server_info->utok.uid;
- gid = conn->server_info->utok.gid;
- num_groups = conn->server_info->utok.ngroups;
- group_list = conn->server_info->utok.groups;
- } else {
- DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
- "share %s.\n",vuid, lp_servicename(snum) ));
- return False;
- }
+ uid = conn->session_info->unix_token->uid;
+ gid = conn->session_info->unix_token->gid;
+ num_groups = conn->session_info->unix_token->ngroups;
+ group_list = conn->session_info->unix_token->groups;
/*
- * See if we should force group for this service.
- * If so this overrides any group set in the force
- * user code.
+ * See if we should force group for this service. If so this overrides
+ * any group set in the force user code.
*/
-
if((group_c = *lp_force_group(snum))) {
- if(group_c == '+') {
+ SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
+
+ if (group_c == '+') {
+ int i;
/*
- * Only force group if the user is a member of
- * the service group. Check the group memberships for
- * this user (we already have this) to
- * see if we should force the group.
+ * Only force group if the user is a member of the
+ * service group. Check the group memberships for this
+ * user (we already have this) to see if we should force
+ * the group.
*/
-
- int i;
for (i = 0; i < num_groups; i++) {
- if (group_list[i]
- == conn->server_info->utok.gid) {
- gid = conn->server_info->utok.gid;
- gid_to_sid(&conn->server_info->ptok
- ->user_sids[1], gid);
+ if (group_list[i] == conn->force_group_gid) {
+ conn->session_info->unix_token->gid =
+ conn->force_group_gid;
+ gid = conn->force_group_gid;
+ gid_to_sid(&conn->session_info->security_token
+ ->sids[1], gid);
break;
}
}
} else {
- gid = conn->server_info->utok.gid;
- gid_to_sid(&conn->server_info->ptok->user_sids[1],
+ conn->session_info->unix_token->gid = conn->force_group_gid;
+ gid = conn->force_group_gid;
+ gid_to_sid(&conn->session_info->security_token->sids[1],
gid);
}
}
- /* Now set current_user since we will immediately also call
- set_sec_ctx() */
-
+ /*Set current_user since we will immediately also call set_sec_ctx() */
current_user.ut.ngroups = num_groups;
- current_user.ut.groups = group_list;
+ current_user.ut.groups = group_list;
- set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
- conn->server_info->ptok);
+ set_sec_ctx(uid,
+ gid,
+ current_user.ut.ngroups,
+ current_user.ut.groups,
+ conn->session_info->security_token);
current_user.conn = conn;
current_user.vuid = vuid;
- DEBUG(5,("change_to_user uid=(%d,%d) gid=(%d,%d)\n",
- (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid()));
+ DEBUG(5, ("Impersonated user: uid=(%d,%d), gid=(%d,%d)\n",
+ (int)getuid(),
+ (int)geteuid(),
+ (int)getgid(),
+ (int)getegid()));
- return(True);
+ return true;
+}
+
+bool change_to_user(connection_struct *conn, uint16_t vuid)
+{
+ const struct auth3_session_info *session_info = NULL;
+ user_struct *vuser;
+ int snum = SNUM(conn);
+
+ if (!conn) {
+ DEBUG(2,("Connection not open\n"));
+ return(False);
+ }
+
+ vuser = get_valid_user_struct(conn->sconn, vuid);
+
+ /*
+ * We need a separate check in security=share mode due to vuid
+ * always being UID_FIELD_INVALID. If we don't do this then
+ * in share mode security we are *always* changing uid's between
+ * SMB's - this hurts performance - Badly.
+ */
+
+ if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
+ (current_user.ut.uid == conn->session_info->unix_token->uid)) {
+ DEBUG(4,("Skipping user change - already "
+ "user\n"));
+ return(True);
+ } else if ((current_user.conn == conn) &&
+ (vuser != NULL) && (current_user.vuid == vuid) &&
+ (current_user.ut.uid == vuser->session_info->unix_token->uid)) {
+ DEBUG(4,("Skipping user change - already "
+ "user\n"));
+ return(True);
+ }
+
+ session_info = vuser ? vuser->session_info : conn->session_info;
+
+ if (session_info == NULL) {
+ /* Invalid vuid sent - even with security = share. */
+ DEBUG(2,("Invalid vuid %d used on "
+ "share %s.\n", vuid, lp_servicename(snum) ));
+ return false;
+ }
+
+ /* security = share sets force_user. */
+ if (!conn->force_user && vuser == NULL) {
+ DEBUG(2,("Invalid vuid used %d in accessing "
+ "share %s.\n", vuid, lp_servicename(snum) ));
+ return False;
+ }
+
+ return change_to_user_internal(conn, session_info, vuid);
+}
+
+bool change_to_user_by_session(connection_struct *conn,
+ const struct auth3_session_info *session_info)
+{
+ SMB_ASSERT(conn != NULL);
+ SMB_ASSERT(session_info != NULL);
+
+ if ((current_user.conn == conn) &&
+ (current_user.ut.uid == session_info->unix_token->uid)) {
+ DEBUG(7, ("Skipping user change - already user\n"));
+
+ return true;
+ }
+
+ return change_to_user_internal(conn, session_info, UID_FIELD_INVALID);
}
/****************************************************************************
but modify the current_user entries.
****************************************************************************/
-bool change_to_root_user(void)
+bool smbd_change_to_root_user(void)
{
set_root_sec_ctx();
user. Doesn't modify current_user.
****************************************************************************/
-bool become_authenticated_pipe_user(pipes_struct *p)
+bool become_authenticated_pipe_user(struct auth3_session_info *session_info)
{
if (!push_sec_ctx())
return False;
- set_sec_ctx(p->server_info->utok.uid, p->server_info->utok.gid,
- p->server_info->utok.ngroups, p->server_info->utok.groups,
- p->server_info->ptok);
+ set_sec_ctx(session_info->unix_token->uid, session_info->unix_token->gid,
+ session_info->unix_token->ngroups, session_info->unix_token->groups,
+ session_info->security_token);
return True;
}
Utility functions used by become_xxx/unbecome_xxx.
****************************************************************************/
-struct conn_ctx {
- connection_struct *conn;
- uint16 vuid;
-};
-
-/* A stack of current_user connection contexts. */
-
-static struct conn_ctx conn_ctx_stack[MAX_SEC_CTX_DEPTH];
-static int conn_ctx_stack_ndx;
-
static void push_conn_ctx(void)
{
struct conn_ctx *ctx_p;
ctx_p->conn = current_user.conn;
ctx_p->vuid = current_user.vuid;
- DEBUG(3, ("push_conn_ctx(%u) : conn_ctx_stack_ndx = %d\n",
+ DEBUG(4, ("push_conn_ctx(%u) : conn_ctx_stack_ndx = %d\n",
(unsigned int)ctx_p->vuid, conn_ctx_stack_ndx ));
conn_ctx_stack_ndx++;
restores the connection context.
****************************************************************************/
-void become_root(void)
+void smbd_become_root(void)
{
/*
* no good way to handle push_sec_ctx() failing without changing
/* Unbecome the root user */
-void unbecome_root(void)
+void smbd_unbecome_root(void)
{
pop_sec_ctx();
pop_conn_ctx();
return True;
}
+bool become_user_by_session(connection_struct *conn,
+ const struct auth3_session_info *session_info)
+{
+ if (!push_sec_ctx())
+ return false;
+
+ push_conn_ctx();
+
+ if (!change_to_user_by_session(conn, session_info)) {
+ pop_sec_ctx();
+ pop_conn_ctx();
+ return false;
+ }
+
+ return true;
+}
+
bool unbecome_user(void)
{
pop_sec_ctx();
pop_conn_ctx();
return True;
}
+
+/****************************************************************************
+ Return the current user we are running effectively as on this connection.
+ I'd like to make this return conn->session_info->unix_token->uid, but become_root()
+ doesn't alter this value.
+****************************************************************************/
+
+uid_t get_current_uid(connection_struct *conn)
+{
+ return current_user.ut.uid;
+}
+
+/****************************************************************************
+ Return the current group we are running effectively as on this connection.
+ I'd like to make this return conn->session_info->unix_token->gid, but become_root()
+ doesn't alter this value.
+****************************************************************************/
+
+gid_t get_current_gid(connection_struct *conn)
+{
+ return current_user.ut.gid;
+}
+
+/****************************************************************************
+ Return the UNIX token we are running effectively as on this connection.
+ I'd like to make this return &conn->session_info->unix_token-> but become_root()
+ doesn't alter this value.
+****************************************************************************/
+
+const struct security_unix_token *get_current_utok(connection_struct *conn)
+{
+ return ¤t_user.ut;
+}
+
+const struct security_token *get_current_nttok(connection_struct *conn)
+{
+ return current_user.nt_user_token;
+}
+
+uint16_t get_current_vuid(connection_struct *conn)
+{
+ return current_user.vuid;
+}
git.samba.org / ira / wip.git / blobdiff