#include "libcli/security/security.h"
#include "passdb/lookup_sid.h"
#include "auth.h"
-#include "ntdomain.h"
/* what user is current? */
extern struct current_user current_user;
********************************************************************/
static bool check_user_ok(connection_struct *conn,
- uint16_t vuid,
- const struct auth_serversupplied_info *session_info,
+ uint64_t vuid,
+ const struct auth_session_info *session_info,
int snum)
{
bool valid_vuid = (vuid != UID_FIELD_INVALID);
}
}
- if (!user_ok_token(session_info->unix_name,
- session_info->info3->base.domain.string,
+ if (!user_ok_token(session_info->unix_info->unix_name,
+ session_info->info->domain_name,
session_info->security_token, snum))
return(False);
readonly_share = is_share_read_only_for_token(
- session_info->unix_name,
- session_info->info3->base.domain.string,
+ session_info->unix_info->unix_name,
+ session_info->info->domain_name,
session_info->security_token,
conn);
if (!readonly_share &&
- !share_access_check(session_info->security_token, lp_servicename(snum),
- FILE_WRITE_DATA)) {
+ !share_access_check(session_info->security_token,
+ lp_servicename(talloc_tos(), snum),
+ FILE_WRITE_DATA,
+ NULL)) {
/* smb.conf allows r/w, but the security descriptor denies
* write. Fall back to looking at readonly. */
readonly_share = True;
"security descriptor\n"));
}
- if (!share_access_check(session_info->security_token, lp_servicename(snum),
+ if (!share_access_check(session_info->security_token,
+ lp_servicename(talloc_tos(), snum),
readonly_share ?
- FILE_READ_DATA : FILE_WRITE_DATA)) {
+ FILE_READ_DATA : FILE_WRITE_DATA,
+ NULL)) {
return False;
}
admin_user = token_contains_name_in_list(
- session_info->unix_name,
- session_info->info3->base.domain.string,
+ session_info->unix_info->unix_name,
+ session_info->info->domain_name,
NULL, session_info->security_token, lp_admin_users(snum));
if (valid_vuid) {
* username-based faked one.
*/
- ent->session_info = copy_serverinfo(
+ ent->session_info = copy_session_info(
conn, conn->force_user ? conn->session_info : session_info);
if (ent->session_info == NULL) {
if (admin_user) {
DEBUG(2,("check_user_ok: user %s is an admin user. "
"Setting uid as %d\n",
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
sec_initial_uid() ));
- conn->session_info->utok.uid = sec_initial_uid();
+ conn->session_info->unix_token->uid = sec_initial_uid();
}
return(True);
}
-/****************************************************************************
- Clear a vuid out of the connection's vuid cache
- This is only called on SMBulogoff.
-****************************************************************************/
-
-void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid)
-{
- int i;
-
- for (i=0; i<VUID_CACHE_SIZE; i++) {
- struct vuid_cache_entry *ent;
-
- ent = &conn->vuid_cache.array[i];
-
- if (ent->vuid == vuid) {
- ent->vuid = UID_FIELD_INVALID;
- /*
- * We need to keep conn->session_info around
- * if it's equal to ent->session_info as a SMBulogoff
- * is often followed by a SMBtdis (with an invalid
- * vuid). The debug code (or regular code in
- * vfs_full_audit) wants to refer to the
- * conn->session_info pointer to print debug
- * statements. Theoretically this is a bug,
- * as once the vuid is gone the session_info
- * on the conn struct isn't valid any more,
- * but there's enough code that assumes
- * conn->session_info is never null that
- * it's easier to hold onto the old pointer
- * until we get a new sessionsetupX.
- * As everything is hung off the
- * conn pointer as a talloc context we're not
- * leaking memory here. See bug #6315. JRA.
- */
- if (conn->session_info == ent->session_info) {
- ent->session_info = NULL;
- } else {
- TALLOC_FREE(ent->session_info);
- }
- ent->read_only = False;
- }
- }
-}
-
/****************************************************************************
Become the user of a connection number without changing the security context
stack, but modify the current_user entries.
****************************************************************************/
static bool change_to_user_internal(connection_struct *conn,
- const struct auth_serversupplied_info *session_info,
- uint16_t vuid)
+ const struct auth_session_info *session_info,
+ uint64_t vuid)
{
int snum;
gid_t gid;
if (!ok) {
DEBUG(2,("SMB user %s (unix user %s) "
"not permitted access to share %s.\n",
- session_info->sanitized_username,
- session_info->unix_name,
- lp_servicename(snum)));
+ session_info->unix_info->sanitized_username,
+ session_info->unix_info->unix_name,
+ lp_servicename(talloc_tos(), snum)));
return false;
}
- uid = conn->session_info->utok.uid;
- gid = conn->session_info->utok.gid;
- num_groups = conn->session_info->utok.ngroups;
- group_list = conn->session_info->utok.groups;
+ uid = conn->session_info->unix_token->uid;
+ gid = conn->session_info->unix_token->gid;
+ num_groups = conn->session_info->unix_token->ngroups;
+ group_list = conn->session_info->unix_token->groups;
/*
* See if we should force group for this service. If so this overrides
* any group set in the force user code.
*/
- if((group_c = *lp_force_group(snum))) {
+ if((group_c = *lp_force_group(talloc_tos(), snum))) {
SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
*/
for (i = 0; i < num_groups; i++) {
if (group_list[i] == conn->force_group_gid) {
- conn->session_info->utok.gid =
+ conn->session_info->unix_token->gid =
conn->force_group_gid;
gid = conn->force_group_gid;
gid_to_sid(&conn->session_info->security_token
}
}
} else {
- conn->session_info->utok.gid = conn->force_group_gid;
+ conn->session_info->unix_token->gid = conn->force_group_gid;
gid = conn->force_group_gid;
gid_to_sid(&conn->session_info->security_token->sids[1],
gid);
return true;
}
-bool change_to_user(connection_struct *conn, uint16_t vuid)
+bool change_to_user(connection_struct *conn, uint64_t vuid)
{
- const struct auth_serversupplied_info *session_info = NULL;
- user_struct *vuser;
+ const struct auth_session_info *session_info = NULL;
+ struct user_struct *vuser;
int snum = SNUM(conn);
if (!conn) {
vuser = get_valid_user_struct(conn->sconn, vuid);
- /*
- * We need a separate check in security=share mode due to vuid
- * always being UID_FIELD_INVALID. If we don't do this then
- * in share mode security we are *always* changing uid's between
- * SMB's - this hurts performance - Badly.
- */
-
- if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
- (current_user.ut.uid == conn->session_info->utok.uid)) {
- DEBUG(4,("Skipping user change - already "
- "user\n"));
- return(True);
- } else if ((current_user.conn == conn) &&
+ if ((current_user.conn == conn) &&
(vuser != NULL) && (current_user.vuid == vuid) &&
- (current_user.ut.uid == vuser->session_info->utok.uid)) {
+ (current_user.ut.uid == vuser->session_info->unix_token->uid)) {
DEBUG(4,("Skipping user change - already "
"user\n"));
return(True);
}
- session_info = vuser ? vuser->session_info : conn->session_info;
-
- if (session_info == NULL) {
- /* Invalid vuid sent - even with security = share. */
- DEBUG(2,("Invalid vuid %d used on "
- "share %s.\n", vuid, lp_servicename(snum) ));
+ if (vuser == NULL) {
+ /* Invalid vuid sent */
+ DEBUG(2,("Invalid vuid %llu used on share %s.\n",
+ (unsigned long long)vuid, lp_servicename(talloc_tos(),
+ snum)));
return false;
}
- /* security = share sets force_user. */
+ session_info = vuser->session_info;
+
if (!conn->force_user && vuser == NULL) {
- DEBUG(2,("Invalid vuid used %d in accessing "
- "share %s.\n", vuid, lp_servicename(snum) ));
+ DEBUG(2,("Invalid vuid used %llu in accessing share %s.\n",
+ (unsigned long long)vuid,
+ lp_servicename(talloc_tos(), snum)));
return False;
}
return change_to_user_internal(conn, session_info, vuid);
}
-bool change_to_user_by_session(connection_struct *conn,
- const struct auth_serversupplied_info *session_info)
+static bool change_to_user_by_session(connection_struct *conn,
+ const struct auth_session_info *session_info)
{
SMB_ASSERT(conn != NULL);
SMB_ASSERT(session_info != NULL);
if ((current_user.conn == conn) &&
- (current_user.ut.uid == session_info->utok.uid)) {
+ (current_user.ut.uid == session_info->unix_token->uid)) {
DEBUG(7, ("Skipping user change - already user\n"));
return true;
but modify the current_user entries.
****************************************************************************/
-bool change_to_root_user(void)
+bool smbd_change_to_root_user(void)
{
set_root_sec_ctx();
user. Doesn't modify current_user.
****************************************************************************/
-bool become_authenticated_pipe_user(struct pipes_struct *p)
+bool become_authenticated_pipe_user(struct auth_session_info *session_info)
{
if (!push_sec_ctx())
return False;
- set_sec_ctx(p->session_info->utok.uid, p->session_info->utok.gid,
- p->session_info->utok.ngroups, p->session_info->utok.groups,
- p->session_info->security_token);
+ set_sec_ctx(session_info->unix_token->uid, session_info->unix_token->gid,
+ session_info->unix_token->ngroups, session_info->unix_token->groups,
+ session_info->security_token);
return True;
}
ctx_p->conn = current_user.conn;
ctx_p->vuid = current_user.vuid;
- DEBUG(4, ("push_conn_ctx(%u) : conn_ctx_stack_ndx = %d\n",
- (unsigned int)ctx_p->vuid, conn_ctx_stack_ndx ));
+ DEBUG(4, ("push_conn_ctx(%llu) : conn_ctx_stack_ndx = %d\n",
+ (unsigned long long)ctx_p->vuid, conn_ctx_stack_ndx));
conn_ctx_stack_ndx++;
}
restores the connection context.
****************************************************************************/
-void become_root(void)
+void smbd_become_root(void)
{
/*
* no good way to handle push_sec_ctx() failing without changing
/* Unbecome the root user */
-void unbecome_root(void)
+void smbd_unbecome_root(void)
{
pop_sec_ctx();
pop_conn_ctx();
Saves and restores the connection context.
****************************************************************************/
-bool become_user(connection_struct *conn, uint16 vuid)
+bool become_user(connection_struct *conn, uint64_t vuid)
{
if (!push_sec_ctx())
return False;
return True;
}
+bool become_user_by_session(connection_struct *conn,
+ const struct auth_session_info *session_info)
+{
+ if (!push_sec_ctx())
+ return false;
+
+ push_conn_ctx();
+
+ if (!change_to_user_by_session(conn, session_info)) {
+ pop_sec_ctx();
+ pop_conn_ctx();
+ return false;
+ }
+
+ return true;
+}
+
bool unbecome_user(void)
{
pop_sec_ctx();
/****************************************************************************
Return the current user we are running effectively as on this connection.
- I'd like to make this return conn->session_info->utok.uid, but become_root()
+ I'd like to make this return conn->session_info->unix_token->uid, but become_root()
doesn't alter this value.
****************************************************************************/
/****************************************************************************
Return the current group we are running effectively as on this connection.
- I'd like to make this return conn->session_info->utok.gid, but become_root()
+ I'd like to make this return conn->session_info->unix_token->gid, but become_root()
doesn't alter this value.
****************************************************************************/
/****************************************************************************
Return the UNIX token we are running effectively as on this connection.
- I'd like to make this return &conn->session_info->utok, but become_root()
+ I'd like to make this return &conn->session_info->unix_token-> but become_root()
doesn't alter this value.
****************************************************************************/
return current_user.nt_user_token;
}
-uint16_t get_current_vuid(connection_struct *conn)
+uint64_t get_current_vuid(connection_struct *conn)
{
return current_user.vuid;
}