bool guest;
bool system;
- struct unix_user_token utok;
+ struct security_unix_token utok;
/* NT group information taken from the info3 structure */
bool remove_share_oplock(struct share_mode_lock *lck, files_struct *fsp);
bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp);
NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode);
-const UNIX_USER_TOKEN *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash);
+const struct security_unix_token *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash);
void set_delete_on_close_lck(files_struct *fsp,
struct share_mode_lock *lck,
bool delete_on_close,
- const UNIX_USER_TOKEN *tok);
-bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const UNIX_USER_TOKEN *tok);
+ const struct security_unix_token *tok);
+bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const struct security_unix_token *tok);
bool is_delete_on_close_set(struct share_mode_lock *lck, uint32_t name_hash);
bool set_sticky_write_time(struct file_id fileid, struct timespec write_time);
bool set_write_time(struct file_id fileid, struct timespec write_time);
/* The following definitions come from smbd/sec_ctx.c */
-bool unix_token_equal(const UNIX_USER_TOKEN *t1, const UNIX_USER_TOKEN *t2);
+bool unix_token_equal(const struct security_unix_token *t1, const struct security_unix_token *t2);
bool push_sec_ctx(void);
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token);
void set_root_sec_ctx(void);
bool unbecome_user(void);
uid_t get_current_uid(connection_struct *conn);
gid_t get_current_gid(connection_struct *conn);
-const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn);
+const struct security_unix_token *get_current_utok(connection_struct *conn);
const struct security_token *get_current_nttok(connection_struct *conn);
uint16_t get_current_vuid(connection_struct *conn);
uint32 des_access, uint32 *acc_granted,
const char *debug );
void map_max_allowed_access(const struct security_token *nt_token,
- const struct unix_user_token *unix_token,
+ const struct security_unix_token *unix_token,
uint32_t *pacc_requested);
/* The following definitions come from ../libds/common/flag_mapping.c */
#define PRIMARY_USER_SID_INDEX 0
#define PRIMARY_GROUP_SID_INDEX 1
-typedef struct unix_user_token {
- uid_t uid;
- gid_t gid;
- uint32_t ngroups;
- gid_t *groups;
-} UNIX_USER_TOKEN;
-
typedef struct write_cache {
SMB_OFF_T file_size;
SMB_OFF_T offset;
struct current_user {
connection_struct *conn;
uint16 vuid;
- UNIX_USER_TOKEN ut;
+ struct security_unix_token ut;
struct security_token *nt_user_token;
};
struct delete_token_list {
struct delete_token_list *next, *prev;
uint32_t name_hash;
- UNIX_USER_TOKEN *delete_token;
+ struct security_unix_token *delete_token;
};
struct share_mode_lock {
memcpy(&pdtl->name_hash, p, sizeof(pdtl->name_hash));
p += sizeof(pdtl->name_hash);
- pdtl->delete_token = TALLOC_ZERO_P(pdtl, UNIX_USER_TOKEN);
+ pdtl->delete_token = TALLOC_ZERO_P(pdtl, struct security_unix_token);
if (pdtl->delete_token == NULL) {
DEBUG(0,("parse_delete_tokens_list: talloc failed"));
return -1;
/* Store any delete on close tokens. */
for (pdtl = lck->delete_tokens; pdtl; pdtl = pdtl->next) {
- UNIX_USER_TOKEN *pdt = pdtl->delete_token;
+ struct security_unix_token *pdt = pdtl->delete_token;
uint32_t token_size = sizeof(uint32_t) +
sizeof(uint32_t) +
sizeof(uid_t) +
}
/*************************************************************************
- Return a talloced copy of a UNIX_USER_TOKEN. NULL on fail.
+ Return a talloced copy of a struct security_unix_token. NULL on fail.
(Should this be in locking.c.... ?).
*************************************************************************/
-static UNIX_USER_TOKEN *copy_unix_token(TALLOC_CTX *ctx, const UNIX_USER_TOKEN *tok)
+static struct security_unix_token *copy_unix_token(TALLOC_CTX *ctx, const struct security_unix_token *tok)
{
- UNIX_USER_TOKEN *cpy;
+ struct security_unix_token *cpy;
- cpy = TALLOC_P(ctx, UNIX_USER_TOKEN);
+ cpy = TALLOC_P(ctx, struct security_unix_token);
if (!cpy) {
return NULL;
}
static bool add_delete_on_close_token(struct share_mode_lock *lck,
uint32_t name_hash,
- const UNIX_USER_TOKEN *tok)
+ const struct security_unix_token *tok)
{
struct delete_token_list *dtl;
changed the delete on close flag. This will be noticed
in the close code, the last closer will delete the file
if flag is set.
- This makes a copy of any UNIX_USER_TOKEN into the
+ This makes a copy of any struct security_unix_token into the
lck entry. This function is used when the lock is already granted.
****************************************************************************/
void set_delete_on_close_lck(files_struct *fsp,
struct share_mode_lock *lck,
bool delete_on_close,
- const UNIX_USER_TOKEN *tok)
+ const struct security_unix_token *tok)
{
struct delete_token_list *dtl;
bool ret;
SMB_ASSERT(ret);
}
-bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const UNIX_USER_TOKEN *tok)
+bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const struct security_unix_token *tok)
{
struct share_mode_lock *lck;
return True;
}
-const UNIX_USER_TOKEN *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash)
+const struct security_unix_token *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash)
{
struct delete_token_list *dtl;
********************************************************************/
void map_max_allowed_access(const struct security_token *nt_token,
- const struct unix_user_token *unix_token,
+ const struct security_unix_token *unix_token,
uint32_t *pacc_requested)
{
if (!((*pacc_requested) & MAXIMUM_ALLOWED_ACCESS)) {
NTSTATUS status = NT_STATUS_OK;
NTSTATUS tmp_status;
struct file_id id;
- const UNIX_USER_TOKEN *del_token = NULL;
+ const struct security_unix_token *del_token = NULL;
/* Ensure any pending write time updates are done. */
if (fsp->update_write_time_event) {
bool delete_dir = False;
NTSTATUS status = NT_STATUS_OK;
NTSTATUS status1 = NT_STATUS_OK;
- const UNIX_USER_TOKEN *del_token = NULL;
+ const struct security_unix_token *del_token = NULL;
/*
* NT can set delete_on_close of the last open
extern struct smb_srv_trans_enc_ctx *srv_trans_enc_ctx;
struct sec_ctx {
- UNIX_USER_TOKEN ut;
+ struct security_unix_token ut;
struct security_token *token;
};
/* A stack of security contexts. We include the current context as being
while (user) {
if (user->session_info != NULL) {
int i;
- struct unix_user_token utok = user->session_info->utok;
+ struct security_unix_token utok = user->session_info->utok;
if (utok.gid == gid) {
return true;
}
* and don't need to do the complex user_in_group_sid() call
*/
if (uid_ace->unix_ug.uid == get_current_uid(conn)) {
- const UNIX_USER_TOKEN *curr_utok = NULL;
+ const struct security_unix_token *curr_utok = NULL;
size_t i;
if (group_ace->unix_ug.gid == get_current_gid(conn)) {
static bool current_user_in_group(connection_struct *conn, gid_t gid)
{
int i;
- const UNIX_USER_TOKEN *utok = get_current_utok(conn);
+ const struct security_unix_token *utok = get_current_utok(conn);
for (i = 0; i < utok->ngroups; i++) {
if (utok->groups[i] == gid) {
Are two UNIX tokens equal ?
****************************************************************************/
-bool unix_token_equal(const UNIX_USER_TOKEN *t1, const UNIX_USER_TOKEN *t2)
+bool unix_token_equal(const struct security_unix_token *t1, const struct security_unix_token *t2)
{
if (t1->uid != t2->uid || t1->gid != t2->gid ||
t1->ngroups != t2->ngroups) {
doesn't alter this value.
****************************************************************************/
-const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn)
+const struct security_unix_token *get_current_utok(connection_struct *conn)
{
return ¤t_user.ut;
}