#include "includes.h"
#include "system/passwd.h"
+#include "lib/util/server_id.h"
#include "ntdomain.h"
#include "../librpc/gen_ndr/srv_srvsvc.h"
#include "../libcli/security/security.h"
#include "smbd/globals.h"
#include "auth.h"
#include "messages.h"
+#include "serverid.h"
#include "lib/conn_tdb.h"
extern const struct generic_mapping file_generic_mapping;
struct srvsvc_NetFileCtr3 *ctr3;
};
-struct sess_file_count {
- struct server_id pid;
- uid_t uid;
+struct sess_file_info {
+ struct srvsvc_NetSessCtr1 *ctr;
+ struct sessionid *session_list;
+ uint32_t resume_handle;
+ uint32_t num_entries;
+};
+
+struct share_file_stat {
+ struct srvsvc_NetConnInfo1 *netconn_arr;
+ struct server_id *svrid_arr;
+ const char *in_sharepath;
+ uint32_t resp_entries;
+ uint32_t total_entries;
+};
+
+struct share_conn_stat {
+ TALLOC_CTX *ctx;
+ const char *sharename;
+ struct server_id *svrid_arr;
int count;
};
/*******************************************************************
********************************************************************/
-static void enum_file_fn( const struct share_mode_entry *e,
- const char *sharepath, const char *fname,
- void *private_data )
+static int enum_file_fn(const struct share_mode_entry *e,
+ const char *sharepath,
+ const char *fname,
+ const char *sname,
+ void *private_data)
{
struct file_enum_count *fenum =
(struct file_enum_count *)private_data;
struct byte_range_lock *brl;
int num_locks = 0;
char *fullpath = NULL;
- uint32 permissions;
+ uint32_t permissions;
const char *username;
/* If the pid was not found delete the entry from connections.tdb */
if ( !process_exists(e->pid) ) {
- return;
+ return 0;
}
username = uidtoname(e->uid);
if ((fenum->username != NULL)
&& !strequal(username, fenum->username)) {
- return;
+ return 0;
}
f = talloc_realloc(fenum->ctx, fenum->ctr3->array,
struct srvsvc_NetFileInfo3, i+1);
if ( !f ) {
DEBUG(0,("conn_enum_fn: realloc failed for %d items\n", i+1));
- return;
+ return 0;
}
fenum->ctr3->array = f;
fsp.file_id = e->id;
if ( (brl = brl_get_locks(talloc_tos(), &fsp)) != NULL ) {
- num_locks = brl->num_locks;
+ num_locks = brl_num_locks(brl);
TALLOC_FREE(brl);
}
if ( strcmp( fname, "." ) == 0 ) {
fullpath = talloc_asprintf(fenum->ctx, "C:%s", sharepath );
} else {
- fullpath = talloc_asprintf(fenum->ctx, "C:%s/%s",
- sharepath, fname );
+ fullpath = talloc_asprintf(fenum->ctx, "C:%s/%s%s",
+ sharepath, fname,
+ sname ? sname : "");
}
if (!fullpath) {
- return;
+ return 0;
}
string_replace( fullpath, '/', '\\' );
fenum->ctr3->array[i].user = username;
fenum->ctr3->count++;
+
+ return 0;
}
/*******************************************************************
f_enum_cnt.username = username;
f_enum_cnt.ctr3 = *ctr3;
- share_mode_forall( enum_file_fn, (void *)&f_enum_cnt );
+ share_entry_forall( enum_file_fn, (void *)&f_enum_cnt );
*ctr3 = f_enum_cnt.ctr3;
/* work out the share type */
enum srvsvc_ShareType type = STYPE_DISKTREE;
- if (lp_print_ok(snum)) {
+ if (lp_printable(snum)) {
type = lp_administrative_share(snum)
? STYPE_PRINTQ_HIDDEN : STYPE_PRINTQ;
}
- if (strequal(lp_fstype(talloc_tos(), snum), "IPC")) {
+ if (strequal(lp_fstype(snum), "IPC")) {
type = lp_administrative_share(snum)
? STYPE_IPC_HIDDEN : STYPE_IPC;
}
if (remark) {
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(talloc_tos(), snum),
- get_current_username(), lp_pathname(talloc_tos(), snum),
+ get_current_username(), lp_path(talloc_tos(), snum),
p->session_info->unix_token->uid, get_current_username(),
"", remark);
}
if (remark) {
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(talloc_tos(), snum),
- get_current_username(), lp_pathname(talloc_tos(), snum),
+ get_current_username(), lp_path(talloc_tos(), snum),
p->session_info->unix_token->uid, get_current_username(),
"", remark);
}
path = talloc_asprintf(p->mem_ctx,
- "C:%s", lp_pathname(talloc_tos(), snum));
+ "C:%s", lp_path(talloc_tos(), snum));
if (path) {
/*
for (i = 0; i < ps_dacl->num_aces; i++) {
struct security_ace *psa = &ps_dacl->aces[i];
- uint32 orig_mask = psa->access_mask;
+ uint32_t orig_mask = psa->access_mask;
se_map_generic(&psa->access_mask, &file_generic_mapping);
psa->access_mask |= orig_mask;
if (remark) {
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(talloc_tos(), snum),
- get_current_username(), lp_pathname(talloc_tos(), snum),
+ get_current_username(), lp_path(talloc_tos(), snum),
p->session_info->unix_token->uid, get_current_username(),
"", remark);
}
if (remark) {
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(talloc_tos(), snum),
- get_current_username(), lp_pathname(talloc_tos(), snum),
+ get_current_username(), lp_path(talloc_tos(), snum),
p->session_info->unix_token->uid, get_current_username(),
"", remark);
}
- path = talloc_asprintf(ctx, "C:%s", lp_pathname(talloc_tos(), snum));
+ path = talloc_asprintf(ctx, "C:%s", lp_path(talloc_tos(), snum));
if (path) {
/*
* Change / to \\ so that win2k will see it as a valid path. This was added to
if (remark) {
remark = talloc_sub_advanced(
p->mem_ctx, lp_servicename(talloc_tos(), snum),
- get_current_username(), lp_pathname(talloc_tos(), snum),
+ get_current_username(), lp_path(talloc_tos(), snum),
p->session_info->unix_token->uid, get_current_username(),
"", remark);
}
static bool is_enumeration_allowed(struct pipes_struct *p,
int snum)
{
- if (!lp_access_based_share_enum(snum))
- return true;
+ if (!lp_access_based_share_enum(snum)) {
+ return true;
+ }
- return share_access_check(p->session_info->security_token,
- lp_servicename(talloc_tos(), snum),
- FILE_READ_DATA, NULL);
+ if (!user_ok_token(p->session_info->unix_info->unix_name,
+ p->session_info->info->domain_name,
+ p->session_info->security_token, snum)) {
+ return false;
+ }
+
+ return share_access_check(p->session_info->security_token,
+ lp_servicename(talloc_tos(), snum),
+ FILE_READ_DATA, NULL);
}
/****************************************************************************
/* Ensure all the usershares are loaded. */
become_root();
+ delete_and_reload_printers(server_event_context(), p->msg_ctx);
load_usershare_shares(NULL, connections_snum_used);
load_registry_shares();
num_services = lp_numservices();
default:
DEBUG(5,("init_srv_share_info_ctr: unsupported switch value %d\n",
info_ctr->level));
- return WERR_UNKNOWN_LEVEL;
+ return WERR_INVALID_LEVEL;
}
*total_entries = alloc_entries;
return WERR_OK;
}
-/*******************************************************************
-********************************************************************/
+/***********************************************************************
+ * find out the session on which this file is open and bump up its count
+ **********************************************************************/
-static void sess_file_fn( const struct share_mode_entry *e,
- const char *sharepath, const char *fname,
- void *data )
+static int count_sess_files_fn(const struct share_mode_entry *e,
+ const char *sharepath,
+ const char *fname,
+ const char *sname,
+ void *data)
{
- struct sess_file_count *sess = (struct sess_file_count *)data;
+ struct sess_file_info *info = data;
+ uint32_t rh = info->resume_handle;
+ int i;
- if (serverid_equal(&e->pid, &sess->pid) && (sess->uid == e->uid)) {
- sess->count++;
+ for (i=0; i < info->num_entries; i++) {
+ /* rh+info->num_entries is safe, as we've
+ ensured that:
+ *total_entries > resume_handle &&
+ info->num_entries = *total_entries - resume_handle;
+ inside init_srv_sess_info_1() below.
+ */
+ struct sessionid *sess = &info->session_list[rh + i];
+ if ((e->uid == sess->uid) &&
+ serverid_equal(&e->pid, &sess->pid)) {
+
+ info->ctr->array[i].num_open++;
+ return 0;
+ }
}
-
- return;
+ return 0;
}
/*******************************************************************
-********************************************************************/
+ * count the num of open files on all sessions
+ *******************************************************************/
-static int net_count_files( uid_t uid, struct server_id pid )
+static void net_count_files_for_all_sess(struct srvsvc_NetSessCtr1 *ctr1,
+ struct sessionid *session_list,
+ uint32_t resume_handle,
+ uint32_t num_entries)
{
- struct sess_file_count s_file_cnt;
-
- s_file_cnt.count = 0;
- s_file_cnt.uid = uid;
- s_file_cnt.pid = pid;
+ struct sess_file_info s_file_info;
- share_mode_forall( sess_file_fn, &s_file_cnt );
+ s_file_info.ctr = ctr1;
+ s_file_info.session_list = session_list;
+ s_file_info.resume_handle = resume_handle;
+ s_file_info.num_entries = num_entries;
- return s_file_cnt.count;
+ share_entry_forall(count_sess_files_fn, &s_file_info);
}
/*******************************************************************
*total_entries = list_sessions(p->mem_ctx, &session_list);
- for (; resume_handle < *total_entries; resume_handle++) {
- uint32 num_files;
- uint32 connect_time;
- struct passwd *pw = getpwnam(session_list[resume_handle].username);
- bool guest;
-
- if ( !pw ) {
- DEBUG(10,("init_srv_sess_info_1: failed to find owner: %s\n",
- session_list[resume_handle].username));
- continue;
+ if (resume_handle >= *total_entries) {
+ if (resume_handle_p) {
+ *resume_handle_p = 0;
}
+ return WERR_OK;
+ }
- connect_time = (uint32_t)(now - session_list[resume_handle].connect_start);
- num_files = net_count_files(pw->pw_uid, session_list[resume_handle].pid);
- guest = strequal( session_list[resume_handle].username, lp_guestaccount() );
+ /* We know num_entries must be positive, due to
+ the check resume_handle >= *total_entries above. */
- ctr1->array = talloc_realloc(p->mem_ctx,
- ctr1->array,
- struct srvsvc_NetSessInfo1,
- num_entries+1);
- W_ERROR_HAVE_NO_MEMORY(ctr1->array);
+ num_entries = *total_entries - resume_handle;
+
+ ctr1->array = talloc_zero_array(p->mem_ctx,
+ struct srvsvc_NetSessInfo1,
+ num_entries);
+
+ W_ERROR_HAVE_NO_MEMORY(ctr1->array);
+
+ for (num_entries = 0; resume_handle < *total_entries; num_entries++, resume_handle++) {
+ uint32_t connect_time;
+ bool guest;
+
+ connect_time = (uint32_t)(now - session_list[resume_handle].connect_start);
+ guest = strequal( session_list[resume_handle].username, lp_guest_account() );
ctr1->array[num_entries].client = session_list[resume_handle].remote_machine;
ctr1->array[num_entries].user = session_list[resume_handle].username;
- ctr1->array[num_entries].num_open = num_files;
+ ctr1->array[num_entries].num_open = 0;/* computed later */
ctr1->array[num_entries].time = connect_time;
ctr1->array[num_entries].idle_time = 0;
ctr1->array[num_entries].user_flags = guest;
-
- num_entries++;
}
ctr1->count = num_entries;
+ /* count open files on all sessions in single tdb traversal */
+ net_count_files_for_all_sess(ctr1, session_list,
+ resume_handle_p ? *resume_handle_p : 0,
+ num_entries);
+
if (resume_handle_p) {
if (*resume_handle_p >= *total_entries) {
*resume_handle_p = 0;
return WERR_OK;
}
+/*******************************************************************
+ find the share connection on which this open exists.
+ ********************************************************************/
+
+static int share_file_fn(const struct share_mode_entry *e,
+ const char *sharepath,
+ const char *fname,
+ const char *sname,
+ void *data)
+{
+ struct share_file_stat *sfs = data;
+ uint32_t i;
+ uint32_t offset = sfs->total_entries - sfs->resp_entries;
+
+ if (strequal(sharepath, sfs->in_sharepath)) {
+ for (i=0; i < sfs->resp_entries; i++) {
+ if (serverid_equal(&e->pid, &sfs->svrid_arr[offset + i])) {
+ sfs->netconn_arr[i].num_open ++;
+ return 0;
+ }
+ }
+ }
+ return 0;
+}
+
+/*******************************************************************
+ count number of open files on given share connections.
+ ********************************************************************/
+
+static void count_share_opens(struct srvsvc_NetConnInfo1 *arr,
+ struct server_id *svrid_arr, char *sharepath,
+ uint32_t resp_entries, uint32_t total_entries)
+{
+ struct share_file_stat sfs;
+
+ sfs.netconn_arr = arr;
+ sfs.svrid_arr = svrid_arr;
+ sfs.in_sharepath = sharepath;
+ sfs.resp_entries = resp_entries;
+ sfs.total_entries = total_entries;
+
+ share_entry_forall(share_file_fn, &sfs);
+}
+
+/****************************************************************************
+ process an entry from the connection db.
+****************************************************************************/
+
+static int share_conn_fn(struct smbXsrv_tcon_global0 *tcon,
+ void *data)
+{
+ struct share_conn_stat *scs = data;
+
+ if (!process_exists(tcon->server_id)) {
+ return 0;
+ }
+
+ if (strequal(tcon->share_name, scs->sharename)) {
+ scs->svrid_arr = talloc_realloc(scs->ctx, scs->svrid_arr,
+ struct server_id,
+ scs->count + 1);
+ if (!scs->svrid_arr) {
+ return 0;
+ }
+
+ scs->svrid_arr[scs->count] = tcon->server_id;
+ scs->count++;
+ }
+
+ return 0;
+}
+
+/****************************************************************************
+ Count the connections to a share. Build an array of serverid's owning these
+ connections.
+****************************************************************************/
+
+static uint32_t count_share_conns(TALLOC_CTX *ctx, const char *sharename,
+ struct server_id **arr)
+{
+ struct share_conn_stat scs;
+ NTSTATUS status;
+
+ scs.ctx = ctx;
+ scs.sharename = sharename;
+ scs.svrid_arr = NULL;
+ scs.count = 0;
+
+ status = smbXsrv_tcon_global_traverse(share_conn_fn, &scs);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("count_share_conns: traverse of "
+ "smbXsrv_tcon_global.tdb failed - %s\n",
+ nt_errstr(status)));
+ return 0;
+ }
+
+ *arr = scs.svrid_arr;
+ return scs.count;
+}
+
/*******************************************************************
fill in a conn info level 0 structure.
********************************************************************/
struct srvsvc_NetConnInfo0,
num_entries+1);
if (!ctr0->array) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
ctr0->array[num_entries].conn_id = *total_entries;
fill in a conn info level 1 structure.
********************************************************************/
-static WERROR init_srv_conn_info_1(struct srvsvc_NetConnCtr1 *ctr1,
+static WERROR init_srv_conn_info_1(const char *name,
+ struct srvsvc_NetConnCtr1 *ctr1,
uint32_t *resume_handle_p,
uint32_t *total_entries)
{
uint32_t num_entries = 0;
+ int snum = 0;
uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0;
+ char *share_name = NULL;
+ struct server_id *svrid_arr = NULL;
DEBUG(5,("init_srv_conn_info_1\n"));
return WERR_OK;
}
- *total_entries = 1;
+ /* check if this is a server name or a share name */
+ if (name && (strlen(name) > 2) && (name[0] == '\\') &&
+ (name[1] == '\\')) {
- ZERO_STRUCTP(ctr1);
+ /* 'name' is a server name - this part is unimplemented */
+ *total_entries = 1;
+ } else {
+ /* 'name' is a share name */
+ snum = find_service(talloc_tos(), name, &share_name);
- for (; resume_handle < *total_entries; resume_handle++) {
+ if (!share_name) {
+ return WERR_NOT_ENOUGH_MEMORY;
+ }
- ctr1->array = talloc_realloc(talloc_tos(),
- ctr1->array,
- struct srvsvc_NetConnInfo1,
- num_entries+1);
- if (!ctr1->array) {
- return WERR_NOMEM;
+ if (snum < 0) {
+ return WERR_INVALID_NAME;
+ }
+
+ /*
+ * count the num of connections to this share. Also,
+ * build a list of serverid's that own these
+ * connections. The serverid list is used later to
+ * identify the share connection on which an open exists.
+ */
+
+ *total_entries = count_share_conns(talloc_tos(),
+ share_name,
+ &svrid_arr);
+ }
+
+ if (resume_handle >= *total_entries) {
+ if (resume_handle_p) {
+ *resume_handle_p = 0;
}
+ return WERR_OK;
+ }
+
+ /*
+ * We know num_entries must be positive, due to
+ * the check resume_handle >= *total_entries above.
+ */
+
+ num_entries = *total_entries - resume_handle;
+
+ ZERO_STRUCTP(ctr1);
+
+ ctr1->array = talloc_zero_array(talloc_tos(),
+ struct srvsvc_NetConnInfo1,
+ num_entries);
+
+ W_ERROR_HAVE_NO_MEMORY(ctr1->array);
+
+ for (num_entries = 0; resume_handle < *total_entries;
+ num_entries++, resume_handle++) {
ctr1->array[num_entries].conn_id = *total_entries;
ctr1->array[num_entries].conn_type = 0x3;
- ctr1->array[num_entries].num_open = 1;
+
+ /*
+ * if these are connections to a share, we are going to
+ * compute the opens on them later. If it's for the server,
+ * it's unimplemented.
+ */
+
+ if (!share_name) {
+ ctr1->array[num_entries].num_open = 1;
+ }
+
ctr1->array[num_entries].num_users = 1;
ctr1->array[num_entries].conn_time = 3;
ctr1->array[num_entries].user = "dummy_user";
ctr1->array[num_entries].share = "IPC$";
+ }
+
+ /* now compute open files on the share connections */
+
+ if (share_name) {
+
+ /*
+ * the locking tdb, which has the open files information,
+ * does not store share name or share (service) number, but
+ * just the share path. So, we can compute open files only
+ * on the share path. If more than one shares are defined
+ * on a share path, open files on all of them are included
+ * in the count.
+ *
+ * To have the correct behavior in case multiple shares
+ * are defined on the same path, changes to tdb records
+ * would be required. That would be lot more effort, so
+ * this seems a good stopgap fix.
+ */
+
+ count_share_opens(ctr1->array, svrid_arr,
+ lp_path(talloc_tos(), snum),
+ num_entries, *total_entries);
- /* move on to creating next connection */
- num_entries++;
}
ctr1->count = num_entries;
*total_entries = num_entries;
if (resume_handle_p) {
- if (*resume_handle_p >= *total_entries) {
- *resume_handle_p = 0;
- } else {
- *resume_handle_p = resume_handle;
- }
+ *resume_handle_p = resume_handle;
}
return WERR_OK;
case 3:
break;
default:
- return WERR_UNKNOWN_LEVEL;
+ return WERR_INVALID_LEVEL;
}
if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
ctx = talloc_tos();
ctr3 = r->in.info_ctr->ctr.ctr3;
if (!ctr3) {
- werr = WERR_INVALID_PARAM;
+ werr = WERR_INVALID_PARAMETER;
goto done;
}
info102 = talloc(p->mem_ctx, struct srvsvc_NetSrvInfo102);
if (!info102) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
info102->platform_id = PLATFORM_ID_NT;
info102->version_major = SAMBA_MAJOR_NBT_ANNOUNCE_VERSION;
info102->version_minor = SAMBA_MINOR_NBT_ANNOUNCE_VERSION;
info102->server_type = lp_default_server_announce();
- info102->comment = string_truncate(lp_serverstring(talloc_tos()),
+ info102->comment = string_truncate(lp_server_string(talloc_tos()),
MAX_SERVER_STRING_LENGTH);
info102->users = 0xffffffff;
info102->disc = 0xf;
info101 = talloc(p->mem_ctx, struct srvsvc_NetSrvInfo101);
if (!info101) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
info101->platform_id = PLATFORM_ID_NT;
info101->version_major = SAMBA_MAJOR_NBT_ANNOUNCE_VERSION;
info101->version_minor = SAMBA_MINOR_NBT_ANNOUNCE_VERSION;
info101->server_type = lp_default_server_announce();
- info101->comment = string_truncate(lp_serverstring(talloc_tos()),
+ info101->comment = string_truncate(lp_server_string(talloc_tos()),
MAX_SERVER_STRING_LENGTH);
r->out.info->info101 = info101;
info100 = talloc(p->mem_ctx, struct srvsvc_NetSrvInfo100);
if (!info100) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
info100->platform_id = PLATFORM_ID_NT;
break;
}
default:
- status = WERR_UNKNOWN_LEVEL;
+ status = WERR_INVALID_LEVEL;
break;
}
r->out.totalentries);
break;
case 1:
- werr = init_srv_conn_info_1(r->in.info_ctr->ctr.ctr1,
+ werr = init_srv_conn_info_1(r->in.path,
+ r->in.info_ctr->ctr.ctr1,
r->in.resume_handle,
r->out.totalentries);
break;
default:
- return WERR_UNKNOWN_LEVEL;
+ return WERR_INVALID_LEVEL;
}
DEBUG(5,("_srvsvc_NetConnEnum: %d\n", __LINE__));
r->out.totalentries);
break;
default:
- return WERR_UNKNOWN_LEVEL;
+ return WERR_INVALID_LEVEL;
}
DEBUG(5,("_srvsvc_NetSessEnum: %d\n", __LINE__));
machine += 2;
}
- num_sessions = list_sessions(p->mem_ctx, &session_list);
+ num_sessions = find_sessions(p->mem_ctx, username, machine,
+ &session_list);
for (snum = 0; snum < num_sessions; snum++) {
- if ((strequal(session_list[snum].username, username) || username[0] == '\0' ) &&
- strequal(session_list[snum].remote_machine, machine)) {
+ NTSTATUS ntstat;
- NTSTATUS ntstat;
-
- if (p->session_info->unix_token->uid != sec_initial_uid()) {
- not_root = True;
- become_root();
- }
+ if (p->session_info->unix_token->uid != sec_initial_uid()) {
+ not_root = True;
+ become_root();
+ }
- ntstat = messaging_send(p->msg_ctx,
- session_list[snum].pid,
- MSG_SHUTDOWN, &data_blob_null);
+ ntstat = messaging_send(p->msg_ctx,
+ session_list[snum].pid,
+ MSG_SHUTDOWN, &data_blob_null);
- if (NT_STATUS_IS_OK(ntstat))
- werr = WERR_OK;
+ if (NT_STATUS_IS_OK(ntstat))
+ werr = WERR_OK;
- if (not_root)
- unbecome_root();
- }
+ if (not_root)
+ unbecome_root();
}
DEBUG(5,("_srvsvc_NetSessDel: %d\n", __LINE__));
snum = find_service(talloc_tos(), r->in.share_name, &share_name);
if (!share_name) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
if (snum < 0) {
return WERR_INVALID_NAME;
default:
DEBUG(5,("_srvsvc_NetShareGetInfo: unsupported switch value %d\n",
r->in.level));
- status = WERR_UNKNOWN_LEVEL;
+ status = WERR_INVALID_LEVEL;
break;
}
char *path = NULL;
struct security_descriptor *psd = NULL;
bool is_disk_op = False;
+ const char *csc_policy = NULL;
+ bool csc_policy_changed = false;
+ const char *csc_policies[] = {"manual", "documents", "programs",
+ "disable"};
+ uint32_t client_csc_policy;
int max_connections = 0;
TALLOC_CTX *ctx = p->mem_ctx;
union srvsvc_NetShareInfo *info = r->in.info;
snum = find_service(talloc_tos(), r->in.share_name, &share_name);
if (!share_name) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
/* Does this share exist ? */
if (snum < 0)
- return WERR_NET_NAME_NOT_FOUND;
+ return WERR_NERR_NETNAMENOTFOUND;
/* No change to printer shares. */
- if (lp_print_ok(snum))
+ if (lp_printable(snum))
return WERR_ACCESS_DENIED;
is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR);
return WERR_ACCESS_DENIED;
}
+ max_connections = lp_max_connections(snum);
+ csc_policy = csc_policies[lp_csc_policy(snum)];
+
switch (r->in.level) {
case 1:
- pathname = lp_pathname(ctx, snum);
+ pathname = lp_path(ctx, snum);
comment = talloc_strdup(ctx, info->info1->comment);
type = info->info1->type;
psd = NULL;
map_generic_share_sd_bits(psd);
break;
case 1004:
- pathname = lp_pathname(ctx, snum);
+ pathname = lp_path(ctx, snum);
comment = talloc_strdup(ctx, info->info1004->comment);
type = STYPE_DISKTREE;
break;
user, so we must compare it to see if it's what is set in
smb.conf, so that we can contine other ops like setting
ACLs on a share */
- if (((info->info1005->dfs_flags &
- SHARE_1005_CSC_POLICY_MASK) >>
- SHARE_1005_CSC_POLICY_SHIFT) == lp_csc_policy(snum))
+ client_csc_policy = (info->info1005->dfs_flags &
+ SHARE_1005_CSC_POLICY_MASK) >>
+ SHARE_1005_CSC_POLICY_SHIFT;
+
+ if (client_csc_policy == lp_csc_policy(snum))
return WERR_OK;
else {
- DEBUG(3, ("_srvsvc_NetShareSetInfo: client is trying to change csc policy from the network; must be done with smb.conf\n"));
- return WERR_ACCESS_DENIED;
+ csc_policy = csc_policies[client_csc_policy];
+ csc_policy_changed = true;
}
+
+ pathname = lp_path(ctx, snum);
+ comment = lp_comment(ctx, snum);
+ type = STYPE_DISKTREE;
+ break;
case 1006:
case 1007:
return WERR_ACCESS_DENIED;
case 1501:
- pathname = lp_pathname(ctx, snum);
+ pathname = lp_path(ctx, snum);
comment = lp_comment(ctx, snum);
psd = info->info1501->sd;
map_generic_share_sd_bits(psd);
default:
DEBUG(5,("_srvsvc_NetShareSetInfo: unsupported switch value %d\n",
r->in.level));
- return WERR_UNKNOWN_LEVEL;
+ return WERR_INVALID_LEVEL;
}
/* We can only modify disk shares. */
}
if (comment == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
/* Check if the pathname is valid. */
if (!(path = valid_share_pathname(p->mem_ctx, pathname ))) {
DEBUG(5,("_srvsvc_NetShareSetInfo: invalid pathname %s\n",
pathname ));
- return WERR_OBJECT_PATH_INVALID;
+ return WERR_BAD_PATHNAME;
}
/* Ensure share name, pathname and comment don't contain '"' characters. */
string_replace(comment, '"', ' ');
DEBUG(10,("_srvsvc_NetShareSetInfo: change share command = %s\n",
- lp_change_share_cmd(talloc_tos()) ? lp_change_share_cmd(talloc_tos()) : "NULL" ));
+ lp_change_share_command(talloc_tos()) ? lp_change_share_command(talloc_tos()) : "NULL" ));
/* Only call modify function if something changed. */
- if (strcmp(path, lp_pathname(talloc_tos(), snum)) || strcmp(comment, lp_comment(talloc_tos(), snum))
- || (lp_max_connections(snum) != max_connections)) {
- if (!lp_change_share_cmd(talloc_tos()) || !*lp_change_share_cmd(talloc_tos())) {
+ if (strcmp(path, lp_path(talloc_tos(), snum)) || strcmp(comment, lp_comment(talloc_tos(), snum))
+ || (lp_max_connections(snum) != max_connections)
+ || csc_policy_changed) {
+
+ if (!lp_change_share_command(talloc_tos()) || !*lp_change_share_command(talloc_tos())) {
DEBUG(10,("_srvsvc_NetShareSetInfo: No change share command\n"));
return WERR_ACCESS_DENIED;
}
command = talloc_asprintf(p->mem_ctx,
- "%s \"%s\" \"%s\" \"%s\" \"%s\" %d",
- lp_change_share_cmd(talloc_tos()),
+ "%s \"%s\" \"%s\" \"%s\" \"%s\" %d \"%s\"",
+ lp_change_share_command(talloc_tos()),
get_dyn_CONFIGFILE(),
share_name,
path,
- comment ? comment : "",
- max_connections);
+ comment,
+ max_connections,
+ csc_policy);
if (!command) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
DEBUG(10,("_srvsvc_NetShareSetInfo: Running [%s]\n", command ));
if (is_disk_op)
become_root();
- if ( (ret = smbrun(command, NULL)) == 0 ) {
+ ret = smbrun(command, NULL, NULL);
+ if (ret == 0) {
/* Tell everyone we updated smb.conf. */
message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED,
- NULL, 0, NULL);
+ NULL, 0);
}
if ( is_disk_op )
struct security_descriptor *psd = NULL;
bool is_disk_op;
int max_connections = 0;
+ SMB_STRUCT_STAT st;
TALLOC_CTX *ctx = p->mem_ctx;
DEBUG(5,("_srvsvc_NetShareAdd: %d\n", __LINE__));
if (p->session_info->unix_token->uid != sec_initial_uid() && !is_disk_op )
return WERR_ACCESS_DENIED;
- if (!lp_add_share_cmd(talloc_tos()) || !*lp_add_share_cmd(talloc_tos())) {
- DEBUG(10,("_srvsvc_NetShareAdd: No add share command\n"));
+ if (!lp_add_share_command(talloc_tos()) || !*lp_add_share_command(talloc_tos())) {
+ DBG_WARNING("_srvsvc_NetShareAdd: No \"add share command\" parameter set in smb.conf.\n");
return WERR_ACCESS_DENIED;
}
default:
DEBUG(5,("_srvsvc_NetShareAdd: unsupported switch value %d\n",
r->in.level));
- return WERR_UNKNOWN_LEVEL;
+ return WERR_INVALID_LEVEL;
}
/* check for invalid share names */
snum = find_service(ctx, share_name_in, &share_name);
if (!share_name) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
/* Share already exists. */
/* Check if the pathname is valid. */
if (!(path = valid_share_pathname(p->mem_ctx, pathname))) {
- return WERR_OBJECT_PATH_INVALID;
+ return WERR_BAD_PATHNAME;
+ }
+
+ ret = sys_lstat(path, &st, false);
+ if (ret == -1 && (errno != EACCES)) {
+ /*
+ * If path has any other than permission
+ * problem, return WERR_FILE_NOT_FOUND (as Windows
+ * does.
+ */
+ return WERR_FILE_NOT_FOUND;
}
/* Ensure share name, pathname and comment don't contain '"' characters. */
command = talloc_asprintf(ctx,
"%s \"%s\" \"%s\" \"%s\" \"%s\" %d",
- lp_add_share_cmd(talloc_tos()),
+ lp_add_share_command(talloc_tos()),
get_dyn_CONFIGFILE(),
share_name_in,
path,
comment ? comment : "",
max_connections);
if (!command) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
DEBUG(10,("_srvsvc_NetShareAdd: Running [%s]\n", command ));
/* FIXME: use libnetconf here - gd */
- if ( (ret = smbrun(command, NULL)) == 0 ) {
+ ret = smbrun(command, NULL, NULL);
+ if (ret == 0) {
/* Tell everyone we updated smb.conf. */
- message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0,
- NULL);
+ message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0);
}
if ( is_disk_op )
int ret;
int snum;
bool is_disk_op;
- struct share_params *params;
TALLOC_CTX *ctx = p->mem_ctx;
DEBUG(5,("_srvsvc_NetShareDel: %d\n", __LINE__));
if (!r->in.share_name) {
- return WERR_NET_NAME_NOT_FOUND;
+ return WERR_NERR_NETNAMENOTFOUND;
}
if ( strequal(r->in.share_name,"IPC$")
snum = find_service(talloc_tos(), r->in.share_name, &share_name);
if (!share_name) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
if (snum < 0) {
- return WERR_NO_SUCH_SHARE;
- }
-
- if (!(params = get_share_params(p->mem_ctx, share_name))) {
- return WERR_NO_SUCH_SHARE;
+ return WERR_BAD_NET_NAME;
}
/* No change to printer shares. */
- if (lp_print_ok(snum))
+ if (lp_printable(snum))
return WERR_ACCESS_DENIED;
is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR);
if (p->session_info->unix_token->uid != sec_initial_uid() && !is_disk_op )
return WERR_ACCESS_DENIED;
- if (!lp_delete_share_cmd(talloc_tos()) || !*lp_delete_share_cmd(talloc_tos())) {
- DEBUG(10,("_srvsvc_NetShareDel: No delete share command\n"));
+ if (!lp_delete_share_command(talloc_tos()) || !*lp_delete_share_command(talloc_tos())) {
+ DBG_WARNING("_srvsvc_NetShareDel: No \"delete share command\" parameter set in smb.conf.\n");
return WERR_ACCESS_DENIED;
}
command = talloc_asprintf(ctx,
"%s \"%s\" \"%s\"",
- lp_delete_share_cmd(talloc_tos()),
+ lp_delete_share_command(talloc_tos()),
get_dyn_CONFIGFILE(),
- lp_servicename(talloc_tos(), snum));
+ share_name);
if (!command) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
DEBUG(10,("_srvsvc_NetShareDel: Running [%s]\n", command ));
if ( is_disk_op )
become_root();
- if ( (ret = smbrun(command, NULL)) == 0 ) {
+ ret = smbrun(command, NULL, NULL);
+ if (ret == 0) {
/* Tell everyone we updated smb.conf. */
- message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0,
- NULL);
+ message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0);
}
if ( is_disk_op )
return WERR_ACCESS_DENIED;
/* Delete the SD in the database. */
- delete_share_security(lp_servicename(talloc_tos(), params->service));
+ delete_share_security(share_name);
- lp_killservice(params->service);
+ lp_killservice(snum);
return WERR_OK;
}
/* We do this call first as if we do it *after* the gmtime call
it overwrites the pointed-to values. JRA */
- uint32 zone = get_time_zone(unixdate)/60;
+ uint32_t zone = get_time_zone(unixdate)/60;
DEBUG(5,("_srvsvc_NetRemoteTOD: %d\n", __LINE__));
if ( !(tod = talloc_zero(p->mem_ctx, struct srvsvc_NetRemoteTODInfo)) )
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
*r->out.info = tod;
struct sec_desc_buf *sd_buf = NULL;
files_struct *fsp = NULL;
int snum;
- char *oldcwd = NULL;
+ struct smb_filename *oldcwd_fname = NULL;
+ uint32_t ucf_flags = 0;
ZERO_STRUCT(st);
if (!r->in.share) {
- werr = WERR_NET_NAME_NOT_FOUND;
+ werr = WERR_NERR_NETNAMENOTFOUND;
goto error_exit;
}
snum = find_service(talloc_tos(), r->in.share, &servicename);
if (!servicename) {
- werr = WERR_NOMEM;
+ werr = WERR_NOT_ENOUGH_MEMORY;
goto error_exit;
}
if (snum == -1) {
DEBUG(10, ("Could not find service %s\n", servicename));
- werr = WERR_NET_NAME_NOT_FOUND;
+ werr = WERR_NERR_NETNAMENOTFOUND;
goto error_exit;
}
server_event_context(),
server_messaging_context(),
&conn,
- snum, lp_pathname(talloc_tos(), snum),
- p->session_info, &oldcwd);
+ snum, lp_path(talloc_tos(), snum),
+ p->session_info, &oldcwd_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(10, ("create_conn_struct failed: %s\n",
nt_errstr(nt_status)));
nt_status = filename_convert(talloc_tos(),
conn,
- false,
r->in.file,
- 0,
+ ucf_flags,
NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
0, /* create_options */
0, /* file_attributes */
INTERNAL_OPEN_ONLY, /* oplock_request */
+ NULL, /* lease */
0, /* allocation_size */
0, /* private_flags */
NULL, /* sd */
NULL, /* ea_list */
&fsp, /* result */
- NULL); /* pinfo */
+ NULL, /* pinfo */
+ NULL, NULL); /* create context */
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetGetFileSecurity: can't open %s\n",
sd_buf = talloc_zero(p->mem_ctx, struct sec_desc_buf);
if (!sd_buf) {
- werr = WERR_NOMEM;
+ werr = WERR_NOT_ENOUGH_MEMORY;
goto error_exit;
}
*r->out.sd_buf = sd_buf;
- close_file(NULL, fsp, NORMAL_CLOSE);
- vfs_ChDir(conn, oldcwd);
- SMB_VFS_DISCONNECT(conn);
- conn_free(conn);
werr = WERR_OK;
- goto done;
error_exit:
close_file(NULL, fsp, NORMAL_CLOSE);
}
- if (oldcwd) {
- vfs_ChDir(conn, oldcwd);
+ if (oldcwd_fname) {
+ vfs_ChDir(conn, oldcwd_fname);
+ TALLOC_FREE(oldcwd_fname);
}
if (conn) {
conn_free(conn);
}
- done:
-
TALLOC_FREE(smb_fname);
return werr;
WERROR werr;
connection_struct *conn = NULL;
int snum;
- char *oldcwd = NULL;
+ struct smb_filename *oldcwd_fname = NULL;
struct security_descriptor *psd = NULL;
uint32_t security_info_sent = 0;
+ uint32_t ucf_flags = 0;
ZERO_STRUCT(st);
if (!r->in.share) {
- werr = WERR_NET_NAME_NOT_FOUND;
+ werr = WERR_NERR_NETNAMENOTFOUND;
goto error_exit;
}
snum = find_service(talloc_tos(), r->in.share, &servicename);
if (!servicename) {
- werr = WERR_NOMEM;
+ werr = WERR_NOT_ENOUGH_MEMORY;
goto error_exit;
}
if (snum == -1) {
DEBUG(10, ("Could not find service %s\n", servicename));
- werr = WERR_NET_NAME_NOT_FOUND;
+ werr = WERR_NERR_NETNAMENOTFOUND;
goto error_exit;
}
server_event_context(),
server_messaging_context(),
&conn,
- snum, lp_pathname(talloc_tos(), snum),
- p->session_info, &oldcwd);
+ snum, lp_path(talloc_tos(), snum),
+ p->session_info, &oldcwd_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(10, ("create_conn_struct failed: %s\n",
nt_errstr(nt_status)));
nt_status = filename_convert(talloc_tos(),
conn,
- false,
r->in.file,
- 0,
+ ucf_flags,
NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
0, /* create_options */
0, /* file_attributes */
INTERNAL_OPEN_ONLY, /* oplock_request */
+ NULL, /* lease */
0, /* allocation_size */
0, /* private_flags */
NULL, /* sd */
NULL, /* ea_list */
&fsp, /* result */
- NULL); /* pinfo */
+ NULL, /* pinfo */
+ NULL, NULL); /* create context */
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetSetFileSecurity: can't open %s\n",
goto error_exit;
}
- close_file(NULL, fsp, NORMAL_CLOSE);
- vfs_ChDir(conn, oldcwd);
- SMB_VFS_DISCONNECT(conn);
- conn_free(conn);
werr = WERR_OK;
- goto done;
error_exit:
close_file(NULL, fsp, NORMAL_CLOSE);
}
- if (oldcwd) {
- vfs_ChDir(conn, oldcwd);
+ if (oldcwd_fname) {
+ vfs_ChDir(conn, oldcwd_fname);
+ TALLOC_FREE(oldcwd_fname);
}
if (conn) {
conn_free(conn);
}
- done:
TALLOC_FREE(smb_fname);
return werr;
static const char *server_disks[] = {"C:"};
-static uint32 get_server_disk_count(void)
+static uint32_t get_server_disk_count(void)
{
return sizeof(server_disks)/sizeof(server_disks[0]);
}
-static uint32 init_server_disk_enum(uint32 *resume)
+static uint32_t init_server_disk_enum(uint32_t *resume)
{
- uint32 server_disk_count = get_server_disk_count();
+ uint32_t server_disk_count = get_server_disk_count();
/*resume can be an offset into the list for now*/
return server_disk_count - *resume;
}
-static const char *next_server_disk_enum(uint32 *resume)
+static const char *next_server_disk_enum(uint32_t *resume)
{
const char *disk;
WERROR _srvsvc_NetDiskEnum(struct pipes_struct *p,
struct srvsvc_NetDiskEnum *r)
{
- uint32 i;
+ uint32_t i;
const char *disk_name;
TALLOC_CTX *ctx = p->mem_ctx;
WERROR werr;
break;
default:
- return WERR_UNKNOWN_LEVEL;
+ return WERR_INVALID_LEVEL;
}
return WERR_OK;
struct messaging_context *msg_ctx;
};
-static void enum_file_close_fn( const struct share_mode_entry *e,
- const char *sharepath, const char *fname,
- void *private_data )
+static int enum_file_close_fn(const struct share_mode_entry *e,
+ const char *sharepath,
+ const char *fname,
+ const char *sname,
+ void *private_data)
{
char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
struct enum_file_close_state *state =
uint32_t fid = (((uint32_t)(procid_to_pid(&e->pid))<<16) | e->share_file_id);
if (fid != state->r->in.fid) {
- return; /* Not this file. */
+ return 0; /* Not this file. */
}
if (!process_exists(e->pid) ) {
- return;
+ return 0;
}
/* Ok - send the close message. */
state->r->out.result = ntstatus_to_werror(
messaging_send_buf(state->msg_ctx,
e->pid, MSG_SMB_CLOSE_FILE,
- (uint8 *)msg,
- MSG_SMB_SHARE_MODE_ENTRY_SIZE));
+ (uint8_t *)msg, sizeof(msg)));
+
+ return 0;
}
/********************************************************************
}
/* enum_file_close_fn sends the close message to
- * the relevent smbd process. */
+ * the relevant smbd process. */
- r->out.result = WERR_BADFILE;
+ r->out.result = WERR_FILE_NOT_FOUND;
state.r = r;
state.msg_ctx = p->msg_ctx;
- share_mode_forall(enum_file_close_fn, &state);
+ share_entry_forall(enum_file_close_fn, &state);
return r->out.result;
}