-#define OLD_NTDOMAIN 1
-
/*
- Unix SMB/Netbios implementation.
- Version 1.9.
+ Unix SMB/CIFS implementation.
service (connection) opening and closing
Copyright (C) Andrew Tridgell 1992-1998
#include "includes.h"
-extern int DEBUGLEVEL;
-
extern struct timeval smb_last_time;
extern int case_default;
extern BOOL case_preserve;
extern BOOL case_mangle;
extern BOOL case_sensitive;
extern BOOL use_mangled_map;
-extern fstring remote_machine;
-extern pstring sesssetup_user;
-extern fstring remote_machine;
+extern userdom_struct current_user_info;
/****************************************************************************
-load parameters specific to a connection/service
+ Load parameters specific to a connection/service.
****************************************************************************/
-BOOL become_service(connection_struct *conn,BOOL do_chdir)
+
+BOOL set_current_service(connection_struct *conn,BOOL do_chdir)
{
extern char magic_char;
static connection_struct *last_conn;
snum = SNUM(conn);
if (do_chdir &&
- dos_ChDir(conn->connectpath) != 0 &&
- dos_ChDir(conn->origpath) != 0) {
+ vfs_ChDir(conn,conn->connectpath) != 0 &&
+ vfs_ChDir(conn,conn->origpath) != 0) {
DEBUG(0,("chdir (%s) failed\n",
conn->connectpath));
return(False);
return(True);
}
-
/****************************************************************************
- find a service entry
+ Add a home service. Returns the new service number or -1 if fail.
****************************************************************************/
-int find_service(char *service)
+
+int add_home_service(const char *service, const char *username, const char *homedir)
+{
+ int iHomeService;
+
+ if (!service || !homedir)
+ return -1;
+
+ if ((iHomeService = lp_servicenumber(HOMES_NAME)) < 0)
+ return -1;
+
+ /*
+ * If this is a winbindd provided username, remove
+ * the domain component before adding the service.
+ * Log a warning if the "path=" parameter does not
+ * include any macros.
+ */
+
+ {
+ const char *p = strchr(service,*lp_winbind_separator());
+
+ /* We only want the 'user' part of the string */
+ if (p) {
+ service = p + 1;
+ }
+ }
+
+ if (!lp_add_home(service, iHomeService, username, homedir)) {
+ return -1;
+ }
+
+ return lp_servicenumber(service);
+
+}
+
+
+/**
+ * Find a service entry. service is always in dos codepage.
+ *
+ * @param service is modified (to canonical form??)
+ **/
+int find_service(fstring service)
{
int iService;
DEBUG(3,("checking for home directory %s gave %s\n",service,
phome_dir?phome_dir:"(NULL)"));
- if (phome_dir)
- {
- int iHomeService;
- if ((iHomeService = lp_servicenumber(HOMES_NAME)) >= 0)
- {
- lp_add_home(service,iHomeService,phome_dir);
- iService = lp_servicenumber(service);
- }
- }
+ iService = add_home_service(service,service /* 'username' */, phome_dir);
}
/* If we still don't have a service, attempt to add it as a printer. */
char *pszTemp;
DEBUG(3,("checking whether %s is a valid printer name...\n", service));
- pszTemp = PRINTCAP;
+ pszTemp = lp_printcapname();
if ((pszTemp != NULL) && pcap_printername_ok(service, pszTemp))
{
DEBUG(3,("%s is a valid printer name\n", service));
DEBUG(3,("adding %s as a printer service\n", service));
- lp_add_printer(service,iPrinterService);
+ lp_add_printer(service, iPrinterService);
iService = lp_servicenumber(service);
if (iService < 0)
DEBUG(0,("failed to add %s as a printer service!\n", service));
iService = find_service(defservice);
if (iService >= 0)
{
- all_string_sub(service,"_","/",0);
- iService = lp_add_service(service,iService);
+ all_string_sub(service, "_","/",0);
+ iService = lp_add_service(service, iService);
}
}
}
if (iService >= 0)
if (!VALID_SNUM(iService))
{
- DEBUG(0,("Invalid snum %d for %s\n",iService,service));
+ DEBUG(0,("Invalid snum %d for %s\n",iService, service));
iService = -1;
}
/****************************************************************************
- make a connection to a service
+ do some basic sainity checks on the share.
+ This function modifies dev, ecode.
****************************************************************************/
-connection_struct *make_connection(char *service,char *user,char *password, int pwlen, char *dev,uint16 vuid, int *ecode)
+static NTSTATUS share_sanity_checks(int snum, fstring dev)
{
- int snum;
- struct passwd *pass = NULL;
- BOOL guest = False;
- BOOL force = False;
- connection_struct *conn;
- int ret;
-
- strlower(service);
-
- snum = find_service(service);
- if (snum < 0) {
- if (strequal(service,"IPC$")) {
- DEBUG(3,("refusing IPC connection\n"));
- *ecode = ERRnoipc;
- return NULL;
- }
-
- DEBUG(0,("%s (%s) couldn't find service %s\n",
- remote_machine, client_addr(), service));
- *ecode = ERRnosuchshare;
- return NULL;
- }
-
- if (strequal(service,HOMES_NAME)) {
- if (*user && Get_Pwnam(user,True)) {
- fstring dos_username;
- fstrcpy(dos_username, user);
- unix_to_dos(dos_username, True);
- return(make_connection(dos_username,user,password,
- pwlen,dev,vuid,ecode));
- }
-
- if(lp_security() != SEC_SHARE) {
- if (validated_username(vuid)) {
- fstring dos_username;
- fstrcpy(user,validated_username(vuid));
- fstrcpy(dos_username, user);
- unix_to_dos(dos_username, True);
- return(make_connection(dos_username,user,password,pwlen,dev,vuid,ecode));
- }
- } else {
- /* Security = share. Try with sesssetup_user
- * as the username. */
- if(*sesssetup_user) {
- fstring dos_username;
- fstrcpy(user,sesssetup_user);
- fstrcpy(dos_username, user);
- unix_to_dos(dos_username, True);
- return(make_connection(dos_username,user,password,pwlen,dev,vuid,ecode));
- }
- }
- }
-
+
if (!lp_snum_ok(snum) ||
!check_access(smbd_server_fd(),
lp_hostsallow(snum), lp_hostsdeny(snum))) {
- *ecode = ERRaccess;
- return NULL;
+ return NT_STATUS_ACCESS_DENIED;
}
- /* you can only connect to the IPC$ service as an ipc device */
- if (strequal(service,"IPC$"))
- pstrcpy(dev,"IPC");
-
- if (*dev == '?' || !*dev) {
+ if (dev[0] == '?' || !dev[0]) {
if (lp_print_ok(snum)) {
- pstrcpy(dev,"LPT1:");
+ fstrcpy(dev,"LPT1:");
+ } else if (strequal(lp_fstype(snum), "IPC")) {
+ fstrcpy(dev, "IPC");
} else {
- pstrcpy(dev,"A:");
+ fstrcpy(dev,"A:");
}
}
- /* if the request is as a printer and you can't print then refuse */
- strupper(dev);
- if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) {
- DEBUG(1,("Attempt to connect to non-printer as a printer\n"));
- *ecode = ERRinvdevice;
- return NULL;
+ strupper_m(dev);
+
+ if (lp_print_ok(snum)) {
+ if (!strequal(dev, "LPT1:")) {
+ return NT_STATUS_BAD_DEVICE_TYPE;
+ }
+ } else if (strequal(lp_fstype(snum), "IPC")) {
+ if (!strequal(dev, "IPC")) {
+ return NT_STATUS_BAD_DEVICE_TYPE;
+ }
+ } else if (!strequal(dev, "A:")) {
+ return NT_STATUS_BAD_DEVICE_TYPE;
}
/* Behave as a printer if we are supposed to */
if (lp_print_ok(snum) && (strcmp(dev, "A:") == 0)) {
- pstrcpy(dev, "LPT1:");
- }
-
- /* lowercase the user name */
- strlower(user);
-
- /* add it as a possible user name */
- add_session_user(service);
-
- /* shall we let them in? */
- if (!authorise_login(snum,user,password,pwlen,&guest,&force,vuid)) {
- DEBUG( 2, ( "Invalid username/password for %s [%s]\n", service, user ) );
- *ecode = ERRbadpw;
- return NULL;
- }
-
- conn = conn_new();
- if (!conn) {
- DEBUG(0,("Couldn't find free connection.\n"));
- *ecode = ERRnoresource;
- conn_free(conn);
- return NULL;
+ fstrcpy(dev, "LPT1:");
}
- /* find out some info about the user */
- pass = smb_getpwnam(user,True);
+ return NT_STATUS_OK;
+}
- if (pass == NULL) {
- DEBUG(0,( "Couldn't find account %s\n",user));
- *ecode = ERRbaduid;
- conn_free(conn);
- return NULL;
- }
- conn->read_only = lp_readonly(snum);
+/****************************************************************************
+ readonly share?
+****************************************************************************/
+static void set_read_only(connection_struct *conn, gid_t *groups, size_t n_groups)
+{
+ char **list;
+ char *service = lp_servicename(conn->service);
+ conn->read_only = lp_readonly(conn->service);
- {
- pstring list;
- StrnCpy(list,lp_readlist(snum),sizeof(pstring)-1);
- pstring_sub(list,"%S",service);
+ if (!service) return;
- if (user_in_list(user,list))
+ str_list_copy(&list, lp_readlist(conn->service));
+ if (list) {
+ if ( !str_list_sub_basic(list, current_user_info.smb_name) ) {
+ DEBUG(0, ("ERROR: read list substitution failed\n"));
+ }
+ if (user_in_list(conn->user, (const char **)list, groups, n_groups))
conn->read_only = True;
-
- StrnCpy(list,lp_writelist(snum),sizeof(pstring)-1);
- pstring_sub(list,"%S",service);
-
- if (user_in_list(user,list))
- conn->read_only = False;
+ str_list_free(&list);
+ }
+
+ str_list_copy(&list, lp_writelist(conn->service));
+ if (list) {
+ if ( !str_list_sub_basic(list, current_user_info.smb_name) ) {
+ DEBUG(0, ("ERROR: write list substitution failed\n"));
+ }
+ if (user_in_list(conn->user, (const char **)list, groups, n_groups))
+ conn->read_only = False;
+ str_list_free(&list);
}
+}
+
+/****************************************************************************
+ admin user check
+****************************************************************************/
+static void set_admin_user(connection_struct *conn, gid_t *groups, size_t n_groups)
+{
/* admin user check */
/* JRA - original code denied admin user if the share was
marked read_only. Changed as I don't think this is needed,
but old code left in case there is a problem here.
*/
- if (user_in_list(user,lp_admin_users(snum))
+ if (user_in_list(conn->user,lp_admin_users(conn->service), groups, n_groups)
#if 0
&& !conn->read_only
#endif
) {
conn->admin_user = True;
- DEBUG(0,("%s logged in as admin user (root privileges)\n",user));
+ conn->force_user = True; /* Admin users are effectivly 'forced' */
+ DEBUG(0,("%s logged in as admin user (root privileges)\n",conn->user));
} else {
conn->admin_user = False;
}
-
- conn->force_user = force;
- conn->vuid = vuid;
- conn->uid = pass->pw_uid;
- conn->gid = pass->pw_gid;
- safe_strcpy(conn->client_address, client_addr(), sizeof(conn->client_address)-1);
+
+#if 0 /* This done later, for now */
+ /* admin users always run as uid=0 */
+ if (conn->admin_user) {
+ conn->uid = 0;
+ }
+#endif
+}
+
+/****************************************************************************
+ Make a connection, given the snum to connect to, and the vuser of the
+ connecting user if appropriate.
+****************************************************************************/
+
+static connection_struct *make_connection_snum(int snum, user_struct *vuser,
+ DATA_BLOB password,
+ const char *pdev, NTSTATUS *status)
+{
+ struct passwd *pass = NULL;
+ BOOL guest = False;
+ connection_struct *conn;
+ struct stat st;
+ fstring user;
+ fstring dev;
+
+ *user = 0;
+ fstrcpy(dev, pdev);
+
+ if (NT_STATUS_IS_ERR(*status = share_sanity_checks(snum, dev))) {
+ return NULL;
+ }
+
+ conn = conn_new();
+ if (!conn) {
+ DEBUG(0,("Couldn't find free connection.\n"));
+ *status = NT_STATUS_INSUFFICIENT_RESOURCES;
+ return NULL;
+ }
+
+ if (lp_guest_only(snum)) {
+ const char *guestname = lp_guestaccount();
+ guest = True;
+ pass = getpwnam_alloc(guestname);
+ if (!pass) {
+ DEBUG(0,("make_connection_snum: Invalid guest account %s??\n",guestname));
+ conn_free(conn);
+ *status = NT_STATUS_NO_SUCH_USER;
+ return NULL;
+ }
+ fstrcpy(user,pass->pw_name);
+ conn->force_user = True;
+ conn->uid = pass->pw_uid;
+ conn->gid = pass->pw_gid;
+ string_set(&conn->user,pass->pw_name);
+ passwd_free(&pass);
+ DEBUG(3,("Guest only user %s\n",user));
+ } else if (vuser) {
+ if (vuser->guest) {
+ if (!lp_guest_ok(snum)) {
+ DEBUG(2, ("guest user (from session setup) not permitted to access this share (%s)\n", lp_servicename(snum)));
+ conn_free(conn);
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
+ }
+ } else {
+ if (!user_ok(vuser->user.unix_name, snum, vuser->groups, vuser->n_groups)) {
+ DEBUG(2, ("user '%s' (from session setup) not permitted to access this share (%s)\n", vuser->user.unix_name, lp_servicename(snum)));
+ conn_free(conn);
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
+ }
+ }
+ conn->vuid = vuser->vuid;
+ conn->uid = vuser->uid;
+ conn->gid = vuser->gid;
+ string_set(&conn->user,vuser->user.unix_name);
+ fstrcpy(user,vuser->user.unix_name);
+ guest = vuser->guest;
+ } else if (lp_security() == SEC_SHARE) {
+ /* add it as a possible user name if we
+ are in share mode security */
+ add_session_user(lp_servicename(snum));
+ /* shall we let them in? */
+ if (!authorise_login(snum,user,password,&guest)) {
+ DEBUG( 2, ( "Invalid username/password for [%s]\n",
+ lp_servicename(snum)) );
+ conn_free(conn);
+ *status = NT_STATUS_WRONG_PASSWORD;
+ return NULL;
+ }
+ pass = Get_Pwnam(user);
+ conn->force_user = True;
+ conn->uid = pass->pw_uid;
+ conn->gid = pass->pw_gid;
+ string_set(&conn->user, pass->pw_name);
+ fstrcpy(user, pass->pw_name);
+
+ } else {
+ DEBUG(0, ("invalid VUID (vuser) but not in security=share\n"));
+ conn_free(conn);
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
+ }
+
+ add_session_user(user);
+
+ safe_strcpy(conn->client_address, client_addr(),
+ sizeof(conn->client_address)-1);
conn->num_files_open = 0;
conn->lastused = time(NULL);
conn->service = snum;
conn->used = True;
conn->printer = (strncmp(dev,"LPT",3) == 0);
- conn->ipc = (strncmp(dev,"IPC",3) == 0);
+ conn->ipc = ((strncmp(dev,"IPC",3) == 0) || strequal(dev,"ADMIN$"));
conn->dirptr = NULL;
conn->veto_list = NULL;
conn->hide_list = NULL;
string_set(&conn->user,user);
conn->nt_user_token = NULL;
+ set_read_only(conn, vuser ? vuser->groups : NULL, vuser ? vuser->n_groups : 0);
+
+ set_admin_user(conn, vuser ? vuser->groups : NULL, vuser ? vuser->n_groups : 0);
+
/*
* If force user is true, then store the
- * given userid and also the primary groupid
+ * given userid and also the groups
* of the user we're forcing.
*/
pstrcpy(fuser,lp_force_user(snum));
/* Allow %S to be used by force user. */
- pstring_sub(fuser,"%S",service);
+ pstring_sub(fuser,"%S",lp_servicename(snum));
- pass2 = (struct passwd *)Get_Pwnam(fuser,True);
+ pass2 = (struct passwd *)Get_Pwnam(fuser);
if (pass2) {
conn->uid = pass2->pw_uid;
conn->gid = pass2->pw_gid;
- string_set(&conn->user,fuser);
- fstrcpy(user,fuser);
+ string_set(&conn->user,pass2->pw_name);
+ fstrcpy(user,pass2->pw_name);
conn->force_user = True;
- DEBUG(3,("Forced user %s\n",fuser));
+ DEBUG(3,("Forced user %s\n",user));
} else {
DEBUG(1,("Couldn't find user %s\n",fuser));
+ conn_free(conn);
+ *status = NT_STATUS_NO_SUCH_USER;
+ return NULL;
}
}
+ /* admin users always run as uid=0 */
+ if (conn->admin_user) {
+ conn->uid = 0;
+ }
+
#ifdef HAVE_GETGRNAM
/*
* If force group is true, then override
*/
if (*lp_force_group(snum)) {
- struct group *gptr;
+ gid_t gid;
pstring gname;
pstring tmp_gname;
BOOL user_must_be_member = False;
- StrnCpy(tmp_gname,lp_force_group(snum),sizeof(pstring)-1);
-
+ pstrcpy(tmp_gname,lp_force_group(snum));
+
if (tmp_gname[0] == '+') {
user_must_be_member = True;
- StrnCpy(gname,&tmp_gname[1],sizeof(pstring)-2);
+ /* even now, tmp_gname is null terminated */
+ pstrcpy(gname,&tmp_gname[1]);
} else {
- StrnCpy(gname,tmp_gname,sizeof(pstring)-1);
+ pstrcpy(gname,tmp_gname);
}
/* default service may be a group name */
- pstring_sub(gname,"%S",service);
- gptr = (struct group *)getgrnam(gname);
+ pstring_sub(gname,"%S",lp_servicename(snum));
+ gid = nametogid(gname);
- if (gptr) {
+ if (gid != (gid_t)-1) {
+
/*
* If the user has been forced and the forced group starts
* with a '+', then we only set the group to be the forced
* Otherwise, the meaning of the '+' would be ignored.
*/
if (conn->force_user && user_must_be_member) {
- int i;
- for (i = 0; gptr->gr_mem[i] != NULL; i++) {
- if (strcmp(user,gptr->gr_mem[i]) == 0) {
- conn->gid = gptr->gr_gid;
+ if (user_in_group_list( user, gname, NULL, 0)) {
+ conn->gid = gid;
DEBUG(3,("Forced group %s for member %s\n",gname,user));
- break;
- }
}
} else {
- conn->gid = gptr->gr_gid;
+ conn->gid = gid;
DEBUG(3,("Forced group %s\n",gname));
}
+ conn->force_group = True;
} else {
DEBUG(1,("Couldn't find group %s\n",gname));
+ conn_free(conn);
+ *status = NT_STATUS_NO_SUCH_GROUP;
+ return NULL;
}
}
#endif /* HAVE_GETGRNAM */
{
pstring s;
pstrcpy(s,lp_pathname(snum));
- standard_sub_conn(conn,s);
+ standard_sub_conn(conn,s,sizeof(s));
string_set(&conn->connectpath,s);
- DEBUG(3,("Connect path is %s\n",s));
+ DEBUG(3,("Connect path is '%s' for service [%s]\n",s, lp_servicename(snum)));
}
- /* groups stuff added by ih */
- conn->ngroups = 0;
- conn->groups = NULL;
-
- if (!IS_IPC(conn)) {
+ if (conn->force_user || conn->force_group) {
+
+ /* groups stuff added by ih */
+ conn->ngroups = 0;
+ conn->groups = NULL;
+
/* Find all the groups this uid is in and
- store them. Used by become_user() */
+ store them. Used by change_to_user() */
initialise_groups(conn->user, conn->uid, conn->gid);
- initialize_groups(conn->user, conn->uid, conn->gid);
- get_current_groups(&conn->ngroups,&conn->groups);
+ get_current_groups(conn->gid, &conn->ngroups,&conn->groups);
- /* check number of connections */
- if (!claim_connection(conn,
- lp_servicename(SNUM(conn)),
- lp_max_connections(SNUM(conn)),
- False)) {
- DEBUG(1,("too many connections - rejected\n"));
- *ecode = ERRnoresource;
- conn_free(conn);
- return NULL;
- }
-
- if (lp_status(SNUM(conn)))
- claim_connection(conn,"",
- MAXSTATUS,False);
- } /* IS_IPC */
-
- conn->nt_user_token = create_nt_token(conn->uid, conn->gid, conn->ngroups, conn->groups);
+ conn->nt_user_token = create_nt_token(conn->uid, conn->gid,
+ conn->ngroups, conn->groups,
+ guest);
+ }
/*
- * Now initialize the vfs layer.
+ * New code to check if there's a share security descripter
+ * added from NT server manager. This is done after the
+ * smb.conf checks are done as we need a uid and token. JRA.
+ *
*/
- conn->vfs_conn = (struct vfs_connection_struct *)
- malloc(sizeof(struct vfs_connection_struct));
-
- if (conn->vfs_conn == NULL) {
- DEBUG(0, ("No memory to create vfs_connection_struct"));
- return NULL;
- }
-
- ZERO_STRUCTP(conn->vfs_conn);
-
- /* Copy across relevant data from connection struct */
-
- conn->vfs_conn->printer = conn->printer;
- conn->vfs_conn->ipc = conn->ipc;
- conn->vfs_conn->read_only = conn->read_only;
- conn->vfs_conn->admin_user = conn->admin_user;
-
- pstrcpy(conn->vfs_conn->dirpath, conn->dirpath);
- pstrcpy(conn->vfs_conn->connectpath, conn->connectpath);
- pstrcpy(conn->vfs_conn->origpath, conn->origpath);
-
- pstrcpy(conn->vfs_conn->service, service);
- pstrcpy(conn->vfs_conn->user, conn->user);
-
- conn->vfs_conn->uid = conn->uid;
- conn->vfs_conn->gid = conn->gid;
- conn->vfs_conn->ngroups = conn->ngroups;
- if (conn->vfs_conn->ngroups != 0) {
- conn->vfs_conn->groups = (gid_t *)memdup(conn->groups,
- conn->ngroups * sizeof(gid_t));
- } else {
- conn->vfs_conn->groups = NULL;
+ {
+ BOOL can_write = share_access_check(conn, snum, vuser, FILE_WRITE_DATA);
+
+ if (!can_write) {
+ if (!share_access_check(conn, snum, vuser, FILE_READ_DATA)) {
+ /* No access, read or write. */
+ DEBUG(0,( "make_connection: connection to %s denied due to security descriptor.\n",
+ lp_servicename(snum)));
+ conn_free(conn);
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
+ } else {
+ conn->read_only = True;
+ }
+ }
}
-
- conn->vfs_conn->nt_user_token = dup_nt_token(conn->nt_user_token);
-
/* Initialise VFS function pointers */
- if (*lp_vfsobj(SNUM(conn))) {
-
-#ifdef HAVE_LIBDL
-
- /* Loadable object file */
-
- if (!vfs_init_custom(conn)) {
- return NULL;
- }
-#else
- DEBUG(0, ("No libdl present - cannot use VFS objects\n"));
- conn_free(conn);
- return NULL;
-#endif
-
- } else {
-
- /* Normal share - initialise with disk access functions */
-
- vfs_init_default(conn);
+ if (!smbd_vfs_init(conn)) {
+ DEBUG(0, ("vfs_init failed for service %s\n", lp_servicename(SNUM(conn))));
+ conn_free(conn);
+ *status = NT_STATUS_BAD_NETWORK_NAME;
+ return NULL;
}
+/* ROOT Activities: */
+ /* check number of connections */
+ if (!claim_connection(conn,
+ lp_servicename(SNUM(conn)),
+ lp_max_connections(SNUM(conn)),
+ False,0)) {
+ DEBUG(1,("too many connections - rejected\n"));
+ conn_free(conn);
+ *status = NT_STATUS_INSUFFICIENT_RESOURCES;
+ return NULL;
+ }
+
+ /* Preexecs are done here as they might make the dir we are to ChDir to below */
/* execute any "root preexec = " line */
if (*lp_rootpreexec(SNUM(conn))) {
+ int ret;
pstring cmd;
pstrcpy(cmd,lp_rootpreexec(SNUM(conn)));
- standard_sub_conn(conn,cmd);
+ standard_sub_conn(conn,cmd,sizeof(cmd));
DEBUG(5,("cmd=%s\n",cmd));
- ret = smbrun(cmd,NULL,False);
+ ret = smbrun(cmd,NULL);
if (ret != 0 && lp_rootpreexec_close(SNUM(conn))) {
- DEBUG(1,("preexec gave %d - failing connection\n", ret));
+ DEBUG(1,("root preexec gave %d - failing connection\n", ret));
+ yield_connection(conn, lp_servicename(SNUM(conn)));
conn_free(conn);
- *ecode = ERRsrverror;
+ *status = NT_STATUS_ACCESS_DENIED;
return NULL;
}
}
-
- if (!become_user(conn, conn->vuid)) {
+
+/* USER Activites: */
+ if (!change_to_user(conn, conn->vuid)) {
+ /* No point continuing if they fail the basic checks */
DEBUG(0,("Can't become connected user!\n"));
- if (!IS_IPC(conn)) {
- yield_connection(conn,
- lp_servicename(SNUM(conn)),
- lp_max_connections(SNUM(conn)));
- if (lp_status(SNUM(conn))) {
- yield_connection(conn,"",MAXSTATUS);
- }
- }
conn_free(conn);
- *ecode = ERRbadpw;
+ *status = NT_STATUS_LOGON_FAILURE;
return NULL;
}
+
+ /* Remember that a different vuid can connect later without these checks... */
- if (dos_ChDir(conn->connectpath) != 0) {
- DEBUG(0,("Can't change directory to %s (%s)\n",
- conn->connectpath,strerror(errno)));
- unbecome_user();
- if (!IS_IPC(conn)) {
- yield_connection(conn,
- lp_servicename(SNUM(conn)),
- lp_max_connections(SNUM(conn)));
- if (lp_status(SNUM(conn)))
- yield_connection(conn,"",MAXSTATUS);
+ /* Preexecs are done here as they might make the dir we are to ChDir to below */
+ /* execute any "preexec = " line */
+ if (*lp_preexec(SNUM(conn))) {
+ int ret;
+ pstring cmd;
+ pstrcpy(cmd,lp_preexec(SNUM(conn)));
+ standard_sub_conn(conn,cmd,sizeof(cmd));
+ ret = smbrun(cmd,NULL);
+ if (ret != 0 && lp_preexec_close(SNUM(conn))) {
+ DEBUG(1,("preexec gave %d - failing connection\n", ret));
+ change_to_root_user();
+ yield_connection(conn, lp_servicename(SNUM(conn)));
+ conn_free(conn);
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
}
+ }
+
+#ifdef WITH_FAKE_KASERVER
+ if (lp_afs_share(SNUM(conn))) {
+ afs_login(conn);
+ }
+#endif
+
+#if CHECK_PATH_ON_TCONX
+ /* win2000 does not check the permissions on the directory
+ during the tree connect, instead relying on permission
+ check during individual operations. To match this behaviour
+ I have disabled this chdir check (tridge) */
+ if (vfs_ChDir(conn,conn->connectpath) != 0) {
+ DEBUG(0,("%s (%s) Can't change directory to %s (%s)\n",
+ get_remote_machine_name(), conn->client_address,
+ conn->connectpath,strerror(errno)));
+ change_to_root_user();
+ yield_connection(conn, lp_servicename(SNUM(conn)));
+ conn_free(conn);
+ *status = NT_STATUS_BAD_NETWORK_NAME;
+ return NULL;
+ }
+#else
+ /* the alternative is just to check the directory exists */
+ if (stat(conn->connectpath, &st) != 0 || !S_ISDIR(st.st_mode)) {
+ DEBUG(0,("'%s' does not exist or is not a directory, when connecting to [%s]\n", conn->connectpath, lp_servicename(SNUM(conn))));
+ change_to_root_user();
+ yield_connection(conn, lp_servicename(SNUM(conn)));
conn_free(conn);
- *ecode = ERRnosuchshare;
+ *status = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
}
+#endif
string_set(&conn->origpath,conn->connectpath);
#if SOFTLINK_OPTIMISATION
- /* resolve any soft links early */
- {
+ /* resolve any soft links early if possible */
+ if (vfs_ChDir(conn,conn->connectpath) == 0) {
pstring s;
pstrcpy(s,conn->connectpath);
- dos_GetWd(s);
+ vfs_GetWd(conn,s);
string_set(&conn->connectpath,s);
- dos_ChDir(conn->connectpath);
+ vfs_ChDir(conn,conn->connectpath);
}
#endif
- add_session_user(user);
-
- /* execute any "preexec = " line */
- if (*lp_preexec(SNUM(conn))) {
- pstring cmd;
- pstrcpy(cmd,lp_preexec(SNUM(conn)));
- standard_sub_conn(conn,cmd);
- ret = smbrun(cmd,NULL,False);
- if (ret != 0 && lp_preexec_close(SNUM(conn))) {
- DEBUG(1,("preexec gave %d - failing connection\n", ret));
- conn_free(conn);
- *ecode = ERRsrverror;
- return NULL;
- }
- }
-
/*
* Print out the 'connected as' stuff here as we need
- * to know the effective uid and gid we will be using.
+ * to know the effective uid and gid we will be using
+ * (at least initially).
*/
if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) {
- dbgtext( "%s (%s) ", remote_machine, conn->client_address );
+ dbgtext( "%s (%s) ", get_remote_machine_name(), conn->client_address );
+ dbgtext( "%s", srv_is_signing_active() ? "signed " : "");
dbgtext( "connect to service %s ", lp_servicename(SNUM(conn)) );
- dbgtext( "as user %s ", user );
+ dbgtext( "initially as user %s ", user );
dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
dbgtext( "(pid %d)\n", (int)sys_getpid() );
}
- /* we've finished with the sensitive stuff */
- unbecome_user();
-
/* Add veto/hide lists */
if (!IS_IPC(conn) && !IS_PRINT(conn)) {
set_namearray( &conn->veto_list, lp_veto_files(SNUM(conn)));
/* Invoke VFS make connection hook */
- if (conn->vfs_ops.connect) {
- if (conn->vfs_ops.connect(conn->vfs_conn, service, user) < 0)
- return NULL;
+ if (SMB_VFS_CONNECT(conn, lp_servicename(snum), user) < 0) {
+ DEBUG(0,("make_connection: VFS make connection failed!\n"));
+ change_to_root_user();
+ conn_free(conn);
+ *status = NT_STATUS_UNSUCCESSFUL;
+ return NULL;
}
+
+ /* we've finished with the user stuff - go back to root */
+ change_to_root_user();
return(conn);
}
+/***************************************************************************************
+ Simple wrapper function for make_connection() to include a call to
+ vfs_chdir()
+ **************************************************************************************/
+
+connection_struct *make_connection_with_chdir(const char *service_in, DATA_BLOB password,
+ const char *dev, uint16 vuid, NTSTATUS *status)
+{
+ connection_struct *conn = NULL;
+
+ conn = make_connection(service_in, password, dev, vuid, status);
+
+ /*
+ * make_connection() does not change the directory for us any more
+ * so we have to do it as a separate step --jerry
+ */
+
+ if ( conn && vfs_ChDir(conn,conn->connectpath) != 0 ) {
+ DEBUG(0,("move_driver_to_download_area: Can't change directory to %s for [print$] (%s)\n",
+ conn->connectpath,strerror(errno)));
+ yield_connection(conn, lp_servicename(SNUM(conn)));
+ conn_free(conn);
+ *status = NT_STATUS_UNSUCCESSFUL;
+ return NULL;
+ }
+
+ return conn;
+}
+
+/****************************************************************************
+ Make a connection to a service.
+ *
+ * @param service
+****************************************************************************/
+
+connection_struct *make_connection(const char *service_in, DATA_BLOB password,
+ const char *pdev, uint16 vuid, NTSTATUS *status)
+{
+ uid_t euid;
+ user_struct *vuser = NULL;
+ fstring service;
+ fstring dev;
+ int snum = -1;
+
+ fstrcpy(dev, pdev);
+
+ /* This must ONLY BE CALLED AS ROOT. As it exits this function as root. */
+ if (!non_root_mode() && (euid = geteuid()) != 0) {
+ DEBUG(0,("make_connection: PANIC ERROR. Called as nonroot (%u)\n", (unsigned int)euid ));
+ smb_panic("make_connection: PANIC ERROR. Called as nonroot\n");
+ }
+
+ if(lp_security() != SEC_SHARE) {
+ vuser = get_valid_user_struct(vuid);
+ if (!vuser) {
+ DEBUG(1,("make_connection: refusing to connect with no session setup\n"));
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
+ }
+ }
+
+ /* Logic to try and connect to the correct [homes] share, preferably without too many
+ getpwnam() lookups. This is particulary nasty for winbind usernames, where the
+ share name isn't the same as unix username.
+
+ The snum of the homes share is stored on the vuser at session setup time.
+ */
+
+ if (strequal(service_in,HOMES_NAME)) {
+ if(lp_security() != SEC_SHARE) {
+ DATA_BLOB no_pw = data_blob(NULL, 0);
+ if (vuser->homes_snum == -1) {
+ DEBUG(2, ("[homes] share not available for this user because it was not found or created at session setup time\n"));
+ *status = NT_STATUS_BAD_NETWORK_NAME;
+ return NULL;
+ }
+ DEBUG(5, ("making a connection to [homes] service created at session setup time\n"));
+ return make_connection_snum(vuser->homes_snum,
+ vuser, no_pw,
+ dev, status);
+ } else {
+ /* Security = share. Try with current_user_info.smb_name
+ * as the username. */
+ if (*current_user_info.smb_name) {
+ fstring unix_username;
+ fstrcpy(unix_username,
+ current_user_info.smb_name);
+ map_username(unix_username);
+ snum = find_service(unix_username);
+ }
+ if (snum != -1) {
+ DEBUG(5, ("making a connection to 'homes' service %s based on security=share\n", service_in));
+ return make_connection_snum(snum, NULL,
+ password,
+ dev, status);
+ }
+ }
+ } else if ((lp_security() != SEC_SHARE) && (vuser->homes_snum != -1)
+ && strequal(service_in, lp_servicename(vuser->homes_snum))) {
+ DATA_BLOB no_pw = data_blob(NULL, 0);
+ DEBUG(5, ("making a connection to 'homes' service [%s] created at session setup time\n", service_in));
+ return make_connection_snum(vuser->homes_snum,
+ vuser, no_pw,
+ dev, status);
+ }
+
+ fstrcpy(service, service_in);
+
+ strlower_m(service);
+
+ snum = find_service(service);
+
+ if (snum < 0) {
+ if (strequal(service,"IPC$") || strequal(service,"ADMIN$")) {
+ DEBUG(3,("refusing IPC connection to %s\n", service));
+ *status = NT_STATUS_ACCESS_DENIED;
+ return NULL;
+ }
+
+ DEBUG(0,("%s (%s) couldn't find service %s\n",
+ get_remote_machine_name(), client_addr(), service));
+ *status = NT_STATUS_BAD_NETWORK_NAME;
+ return NULL;
+ }
+
+ /* Handle non-Dfs clients attempting connections to msdfs proxy */
+ if (lp_host_msdfs() && (*lp_msdfs_proxy(snum) != '\0')) {
+ DEBUG(3, ("refusing connection to dfs proxy '%s'\n", service));
+ *status = NT_STATUS_BAD_NETWORK_NAME;
+ return NULL;
+ }
+
+ DEBUG(5, ("making a connection to 'normal' service %s\n", service));
+
+ return make_connection_snum(snum, vuser,
+ password,
+ dev, status);
+}
/****************************************************************************
close a cnum
{
DirCacheFlush(SNUM(conn));
- unbecome_user();
+ change_to_root_user();
DEBUG(IS_IPC(conn)?3:1, ("%s (%s) closed connection to service %s\n",
- remote_machine,conn->client_address,
+ get_remote_machine_name(),conn->client_address,
lp_servicename(SNUM(conn))));
- if (conn->vfs_ops.disconnect != NULL) {
-
- /* Call VFS disconnect hook */
-
- conn->vfs_ops.disconnect();
-
- }
-
- yield_connection(conn,
- lp_servicename(SNUM(conn)),
- lp_max_connections(SNUM(conn)));
+ /* Call VFS disconnect hook */
+ SMB_VFS_DISCONNECT(conn);
- if (lp_status(SNUM(conn)))
- yield_connection(conn,"",MAXSTATUS);
+ yield_connection(conn, lp_servicename(SNUM(conn)));
file_close_conn(conn);
dptr_closecnum(conn);
/* execute any "postexec = " line */
if (*lp_postexec(SNUM(conn)) &&
- become_user(conn, vuid)) {
+ change_to_user(conn, vuid)) {
pstring cmd;
pstrcpy(cmd,lp_postexec(SNUM(conn)));
- standard_sub_conn(conn,cmd);
- smbrun(cmd,NULL,False);
- unbecome_user();
+ standard_sub_conn(conn,cmd,sizeof(cmd));
+ smbrun(cmd,NULL);
+ change_to_root_user();
}
- unbecome_user();
+ change_to_root_user();
/* execute any "root postexec = " line */
if (*lp_rootpostexec(SNUM(conn))) {
pstring cmd;
pstrcpy(cmd,lp_rootpostexec(SNUM(conn)));
- standard_sub_conn(conn,cmd);
- smbrun(cmd,NULL,False);
+ standard_sub_conn(conn,cmd,sizeof(cmd));
+ smbrun(cmd,NULL);
}
+
+ /* make sure we leave the directory available for unmount */
+ vfs_ChDir(conn, "/");
+
conn_free(conn);
}
-
-#undef OLD_NTDOMAIN
git.samba.org / ira / wip.git / blobdiff