[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-1995-ga02265c
Stefan Metzmacher
metze at samba.org
Wed Jun 3 15:55:53 GMT 2009
The branch, master has been updated
via a02265cdc4ea359979f89af99f58fb0720d7c464 (commit)
via c8620180083c2bff2e54bb90bcbf89a3d5008fbd (commit)
via 75d03970b78538346308c612ca6be15559e15b5b (commit)
via 356f0336e558465318450da8936ebfef3f1f4eb1 (commit)
via f554af187161a006c3f51edd129e53500acc9046 (commit)
via d9843b3db4ba6961ba1af01f8393b7e744df5927 (commit)
via e16e7146b378e8e89bf25adc66d806bac7feaeb6 (commit)
via f20ded603b488b4eaca8b4bf1009e61ead851f85 (commit)
from b3491df2f9db2c550845243975ddbf0a2f9658e6 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a02265cdc4ea359979f89af99f58fb0720d7c464
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 27 18:26:15 2009 +0200
s3:smbd: make make_connection_snum() non static
metze
commit c8620180083c2bff2e54bb90bcbf89a3d5008fbd
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 27 11:15:44 2009 +0200
s3:smbd: move tcon specific globals to struct smbd_server_connection
metze
commit 75d03970b78538346308c612ca6be15559e15b5b
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 26 16:38:45 2009 +0200
s3:smbd: move more session specific globals to struct smbd_server_connection
metze
commit 356f0336e558465318450da8936ebfef3f1f4eb1
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 26 15:21:16 2009 +0200
s3:smbd: move some session specific globals to struct smbd_server_connection
metze
commit f554af187161a006c3f51edd129e53500acc9046
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 26 15:20:36 2009 +0200
s3:smbd: move already_got_session to struct smbd_server_connection
metze
commit d9843b3db4ba6961ba1af01f8393b7e744df5927
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 26 14:56:08 2009 +0200
s3:smbd: move max_recv to struct smbd_server_connection
metze
commit e16e7146b378e8e89bf25adc66d806bac7feaeb6
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 26 12:48:58 2009 +0200
s3:smbd: move negprot related globals to struct smbd_server_connection
metze
commit f20ded603b488b4eaca8b4bf1009e61ead851f85
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 26 12:07:16 2009 +0200
s3:smbd: move pending_auth_data list to struct smbd_server_connection
metze
-----------------------------------------------------------------------
Summary of changes:
source3/auth/auth_compat.c | 29 ++++---
source3/auth/auth_util.c | 7 +-
source3/include/proto.h | 68 ++++++++-----
source3/include/smb.h | 9 --
source3/rpc_server/srv_samr_nt.c | 10 ++-
source3/smbd/conn.c | 72 ++++++++-------
source3/smbd/globals.c | 41 --------
source3/smbd/globals.h | 92 ++++++++++--------
source3/smbd/ipc.c | 5 +-
source3/smbd/lanman.c | 13 ++-
source3/smbd/map_username.c | 4 +-
source3/smbd/negprot.c | 76 +++++++++------
source3/smbd/nttrans.c | 2 +
source3/smbd/password.c | 197 +++++++++++++++++++++++---------------
source3/smbd/process.c | 36 ++++++--
source3/smbd/reply.c | 47 ++++++----
source3/smbd/server.c | 17 ++--
source3/smbd/service.c | 78 ++++++++-------
source3/smbd/sesssetup.c | 128 +++++++++++++++----------
source3/smbd/share_access.c | 4 +-
source3/smbd/trans2.c | 2 +
source3/smbd/uid.c | 3 +-
source3/torture/vfstest.c | 6 +-
23 files changed, 543 insertions(+), 403 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_compat.c b/source3/auth/auth_compat.c
index 925c0d4..77a9948 100644
--- a/source3/auth/auth_compat.c
+++ b/source3/auth/auth_compat.c
@@ -62,7 +62,8 @@ NTSTATUS check_plaintext_password(const char *smb_name, DATA_BLOB plaintext_pass
return nt_status;
}
-static NTSTATUS pass_check_smb(const char *smb_name,
+static NTSTATUS pass_check_smb(struct auth_context *actx,
+ const char *smb_name,
const char *domain,
DATA_BLOB lm_pwd,
DATA_BLOB nt_pwd,
@@ -72,14 +73,16 @@ static NTSTATUS pass_check_smb(const char *smb_name,
{
NTSTATUS nt_status;
auth_serversupplied_info *server_info = NULL;
- if (encrypted) {
+ if (encrypted) {
auth_usersupplied_info *user_info = NULL;
+ if (actx == NULL) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
make_user_info_for_reply_enc(&user_info, smb_name,
domain,
lm_pwd,
nt_pwd);
- nt_status = negprot_global_auth_context->check_ntlm_password(negprot_global_auth_context,
- user_info, &server_info);
+ nt_status = actx->check_ntlm_password(actx, user_info, &server_info);
free_user_info(&user_info);
} else {
nt_status = check_plaintext_password(smb_name, plaintext_password, &server_info);
@@ -93,11 +96,13 @@ check if a username/password pair is ok via the auth subsystem.
return True if the password is correct, False otherwise
****************************************************************************/
-bool password_ok(const char *smb_name, DATA_BLOB password_blob)
+bool password_ok(struct auth_context *actx, bool global_encrypted,
+ const char *session_workgroup,
+ const char *smb_name, DATA_BLOB password_blob)
{
DATA_BLOB null_password = data_blob_null;
- bool encrypted = (global_encrypted_passwords_negotiated && (password_blob.length == 24 || password_blob.length > 46));
+ bool encrypted = (global_encrypted && (password_blob.length == 24 || password_blob.length > 46));
if (encrypted) {
/*
@@ -105,24 +110,24 @@ bool password_ok(const char *smb_name, DATA_BLOB password_blob)
* but fall-through as required.
* Vista sends NTLMv2 here - we need to try the client given workgroup.
*/
- if (get_session_workgroup()) {
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), null_password, password_blob, null_password, encrypted))) {
+ if (session_workgroup) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, session_workgroup, null_password, password_blob, null_password, encrypted))) {
return True;
}
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), password_blob, null_password, null_password, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, session_workgroup, password_blob, null_password, null_password, encrypted))) {
return True;
}
}
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) {
return True;
}
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), password_blob, null_password, null_password, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), password_blob, null_password, null_password, encrypted))) {
return True;
}
} else {
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), null_password, null_password, password_blob, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), null_password, null_password, password_blob, encrypted))) {
return True;
}
}
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 9d29987..d53da78 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -22,6 +22,7 @@
*/
#include "includes.h"
+#include "smbd/globals.h"
#include "../libcli/auth/libcli_auth.h"
#undef DBGC_CLASS
@@ -198,12 +199,13 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
DATA_BLOB *plaintext,
bool encrypted)
{
+ struct smbd_server_connection *sconn = smbd_server_conn;
const char *domain;
NTSTATUS result;
bool was_mapped;
fstring internal_username;
fstrcpy(internal_username, smb_name);
- was_mapped = map_username(internal_username);
+ was_mapped = map_username(sconn, internal_username);
DEBUG(5, ("Mapping user [%s]\\[%s] from workstation [%s]\n",
client_domain, smb_name, wksta_name));
@@ -1487,6 +1489,7 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx,
struct samu *account,
bool *username_was_mapped)
{
+ struct smbd_server_connection *sconn = smbd_server_conn;
NTSTATUS nt_status;
fstring dom_user, lower_username;
fstring real_username;
@@ -1500,7 +1503,7 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx,
/* Get the passwd struct. Try to create the account is necessary. */
- *username_was_mapped = map_username( dom_user );
+ *username_was_mapped = map_username(sconn, dom_user);
if ( !(passwd = smb_getpwnam( NULL, dom_user, real_username, True )) )
return NT_STATUS_NO_SUCH_USER;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 81d254f..961b3e0 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -39,7 +39,9 @@ NTSTATUS auth_builtin_init(void);
/* The following definitions come from auth/auth_compat.c */
NTSTATUS check_plaintext_password(const char *smb_name, DATA_BLOB plaintext_password, auth_serversupplied_info **server_info);
-bool password_ok(const char *smb_name, DATA_BLOB password_blob);
+bool password_ok(struct auth_context *actx, bool global_encrypted,
+ const char *session_workgroup,
+ const char *smb_name, DATA_BLOB password_blob);
/* The following definitions come from auth/auth_domain.c */
@@ -6154,16 +6156,18 @@ NTSTATUS delete_all_streams(connection_struct *conn, const char *fname);
/* The following definitions come from smbd/conn.c */
-void conn_init(void);
-int conn_num_open(void);
+void conn_init(struct smbd_server_connection *sconn);
+int conn_num_open(struct smbd_server_connection *sconn);
bool conn_snum_used(int snum);
-connection_struct *conn_find(unsigned cnum);
-connection_struct *conn_new(void);
-bool conn_close_all(void);
-bool conn_idle_all(time_t t);
-void conn_clear_vuid_caches(uint16 vuid);
+connection_struct *conn_find(struct smbd_server_connection *sconn,
+ unsigned cnum);
+connection_struct *conn_new(struct smbd_server_connection *sconn);
+bool conn_close_all(struct smbd_server_connection *sconn);
+bool conn_idle_all(struct smbd_server_connection *sconn, time_t t);
+void conn_clear_vuid_caches(struct smbd_server_connection *sconn, uint16 vuid);
void conn_free_internal(connection_struct *conn);
-void conn_free(connection_struct *conn);
+void conn_free(struct smbd_server_connection *sconn,
+ connection_struct *conn);
void msg_force_tdis(struct messaging_context *msg,
void *private_data,
uint32_t msg_type,
@@ -6426,7 +6430,7 @@ const struct mangle_fns *posix_mangle_init(void);
/* The following definitions come from smbd/map_username.c */
-bool map_username(fstring user);
+bool map_username(struct smbd_server_connection *sconn, fstring user);
/* The following definitions come from smbd/message.c */
@@ -6671,22 +6675,29 @@ struct kernel_oplocks *onefs_init_kernel_oplocks(TALLOC_CTX *mem_ctx);
/* The following definitions come from smbd/password.c */
-user_struct *get_valid_user_struct(uint16 vuid);
-bool is_partial_auth_vuid(uint16 vuid);
-user_struct *get_partial_auth_user_struct(uint16 vuid);
-void invalidate_vuid(uint16 vuid);
-void invalidate_all_vuids(void);
-int register_initial_vuid(void);
-int register_existing_vuid(uint16 vuid,
+user_struct *get_valid_user_struct(struct smbd_server_connection *sconn,
+ uint16 vuid);
+bool is_partial_auth_vuid(struct smbd_server_connection *sconn, uint16 vuid);
+user_struct *get_partial_auth_user_struct(struct smbd_server_connection *sconn,
+ uint16 vuid);
+void invalidate_vuid(struct smbd_server_connection *sconn, uint16 vuid);
+void invalidate_all_vuids(struct smbd_server_connection *sconn);
+int register_initial_vuid(struct smbd_server_connection *sconn);
+int register_existing_vuid(struct smbd_server_connection *sconn,
+ uint16 vuid,
auth_serversupplied_info *server_info,
DATA_BLOB response_blob,
const char *smb_name);
-void add_session_user(const char *user);
-void add_session_workgroup(const char *workgroup);
-const char *get_session_workgroup(void);
-bool user_in_netgroup(const char *user, const char *ngname);
-bool user_in_list(const char *user,const char **list);
-bool authorise_login(int snum, fstring user, DATA_BLOB password,
+void add_session_user(struct smbd_server_connection *sconn, const char *user);
+void add_session_workgroup(struct smbd_server_connection *sconn,
+ const char *workgroup);
+const char *get_session_workgroup(struct smbd_server_connection *sconn);
+bool user_in_netgroup(struct smbd_server_connection *sconn,
+ const char *user, const char *ngname);
+bool user_in_list(struct smbd_server_connection *sconn,
+ const char *user,const char **list);
+bool authorise_login(struct smbd_server_connection *sconn,
+ int snum, fstring user, DATA_BLOB password,
bool *guest);
/* The following definitions come from smbd/pipes.c */
@@ -6948,10 +6959,17 @@ bool set_current_service(connection_struct *conn, uint16 flags, bool do_chdir);
void load_registry_shares(void);
int add_home_service(const char *service, const char *username, const char *homedir);
int find_service(fstring service);
-connection_struct *make_connection(const char *service_in, DATA_BLOB password,
+connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
+ int snum, user_struct *vuser,
+ DATA_BLOB password,
+ const char *pdev,
+ NTSTATUS *pstatus);
+connection_struct *make_connection(struct smbd_server_connection *sconn,
+ const char *service_in, DATA_BLOB password,
const char *pdev, uint16 vuid,
NTSTATUS *status);
-void close_cnum(connection_struct *conn, uint16 vuid);
+void close_cnum(struct smbd_server_connection *sconn,
+ connection_struct *conn, uint16 vuid);
/* The following definitions come from smbd/session.c */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 9332df3..188c83f 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1767,15 +1767,6 @@ struct node_status_extra {
/* There really is more here ... */
};
-/* For split krb5 SPNEGO blobs. */
-struct pending_auth_data {
- struct pending_auth_data *prev, *next;
- uint16 vuid; /* Tag for this entry. */
- uint16 smbpid; /* Alternate tag for this entry. */
- size_t needed_len;
- DATA_BLOB partial_data;
-};
-
typedef struct user_struct {
struct user_struct *next, *prev;
uint16 vuid; /* Tag for this entry. */
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 26bc44c..b5b5f5e 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -32,6 +32,7 @@
*/
#include "includes.h"
+#include "smbd/globals.h"
#include "../libcli/auth/libcli_auth.h"
#undef DBGC_CLASS
@@ -1920,6 +1921,7 @@ NTSTATUS _samr_ChangePasswordUser(pipes_struct *p,
NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p,
struct samr_ChangePasswordUser2 *r)
{
+ struct smbd_server_connection *sconn = smbd_server_conn;
NTSTATUS status;
fstring user_name;
fstring wks;
@@ -1936,7 +1938,7 @@ NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p,
* function.
*/
- (void)map_username(user_name);
+ (void)map_username(sconn, user_name);
/*
* UNIX username case mangling not required, pass_oem_change
@@ -1966,6 +1968,7 @@ NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p,
NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p,
struct samr_OemChangePasswordUser2 *r)
{
+ struct smbd_server_connection *sconn = smbd_server_conn;
NTSTATUS status;
fstring user_name;
const char *wks = NULL;
@@ -1984,7 +1987,7 @@ NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p,
* function.
*/
- (void)map_username(user_name);
+ (void)map_username(sconn, user_name);
/*
* UNIX username case mangling not required, pass_oem_change
@@ -2018,6 +2021,7 @@ NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p,
NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p,
struct samr_ChangePasswordUser3 *r)
{
+ struct smbd_server_connection *sconn = smbd_server_conn;
NTSTATUS status;
fstring user_name;
const char *wks = NULL;
@@ -2040,7 +2044,7 @@ NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p,
* function.
*/
- (void)map_username(user_name);
+ (void)map_username(sconn, user_name);
/*
* UNIX username case mangling not required, pass_oem_change
diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c
index 3800643..607329d 100644
--- a/source3/smbd/conn.c
+++ b/source3/smbd/conn.c
@@ -30,17 +30,19 @@
/****************************************************************************
init the conn structures
****************************************************************************/
-void conn_init(void)
+void conn_init(struct smbd_server_connection *sconn)
{
- bmap = bitmap_allocate(BITMAP_BLOCK_SZ);
+ sconn->smb1.tcons.Connections = NULL;
+ sconn->smb1.tcons.num_open = 0;
+ sconn->smb1.tcons.bmap = bitmap_allocate(BITMAP_BLOCK_SZ);
}
/****************************************************************************
return the number of open connections
****************************************************************************/
-int conn_num_open(void)
+int conn_num_open(struct smbd_server_connection *sconn)
{
- return num_open;
+ return sconn->smb1.tcons.num_open;
}
@@ -49,8 +51,9 @@ check if a snum is in use
****************************************************************************/
bool conn_snum_used(int snum)
{
+ struct smbd_server_connection *sconn = smbd_server_conn;
connection_struct *conn;
- for (conn=Connections;conn;conn=conn->next) {
+ for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next) {
if (conn->params->service == snum) {
return(True);
}
@@ -62,15 +65,16 @@ bool conn_snum_used(int snum)
Find a conn given a cnum.
****************************************************************************/
-connection_struct *conn_find(unsigned cnum)
+connection_struct *conn_find(struct smbd_server_connection *sconn,unsigned cnum)
{
int count=0;
connection_struct *conn;
- for (conn=Connections;conn;conn=conn->next,count++) {
+ for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next,count++) {
if (conn->cnum == cnum) {
if (count > 10) {
- DLIST_PROMOTE(Connections, conn);
+ DLIST_PROMOTE(sconn->smb1.tcons.Connections,
+ conn);
}
return conn;
}
@@ -84,19 +88,20 @@ connection_struct *conn_find(unsigned cnum)
The randomisation stops problems with the server dieing and clients
thinking the server is still available.
****************************************************************************/
-connection_struct *conn_new(void)
+connection_struct *conn_new(struct smbd_server_connection *sconn)
{
connection_struct *conn;
int i;
int find_offset = 1;
find_again:
- i = bitmap_find(bmap, find_offset);
+ i = bitmap_find(sconn->smb1.tcons.bmap, find_offset);
if (i == -1) {
/* Expand the connections bitmap. */
- int oldsz = bmap->n;
- int newsz = bmap->n + BITMAP_BLOCK_SZ;
+ int oldsz = sconn->smb1.tcons.bmap->n;
+ int newsz = sconn->smb1.tcons.bmap->n +
+ BITMAP_BLOCK_SZ;
struct bitmap * nbmap;
if (newsz <= oldsz) {
@@ -114,10 +119,10 @@ find_again:
return NULL;
}
- bitmap_copy(nbmap, bmap);
- bitmap_free(bmap);
+ bitmap_copy(nbmap, sconn->smb1.tcons.bmap);
+ bitmap_free(sconn->smb1.tcons.bmap);
- bmap = nbmap;
+ sconn->smb1.tcons.bmap = nbmap;
find_offset = oldsz; /* Start next search in the new portion. */
goto find_again;
@@ -142,15 +147,15 @@ find_again:
conn->cnum = i;
conn->force_group_gid = (gid_t)-1;
- bitmap_set(bmap, i);
+ bitmap_set(sconn->smb1.tcons.bmap, i);
- num_open++;
+ sconn->smb1.tcons.num_open++;
string_set(&conn->dirpath,"");
string_set(&conn->connectpath,"");
string_set(&conn->origpath,"");
- DLIST_ADD(Connections, conn);
+ DLIST_ADD(sconn->smb1.tcons.Connections, conn);
return conn;
}
@@ -159,14 +164,14 @@ find_again:
Close all conn structures.
return true if any were closed
****************************************************************************/
-bool conn_close_all(void)
+bool conn_close_all(struct smbd_server_connection *sconn)
{
connection_struct *conn, *next;
bool ret = false;
- for (conn=Connections;conn;conn=next) {
+ for (conn=sconn->smb1.tcons.Connections;conn;conn=next) {
next=conn->next;
set_current_service(conn, 0, True);
- close_cnum(conn, conn->vuid);
+ close_cnum(sconn, conn, conn->vuid);
ret = true;
}
return ret;
@@ -176,7 +181,7 @@ bool conn_close_all(void)
Idle inactive connections.
****************************************************************************/
-bool conn_idle_all(time_t t)
+bool conn_idle_all(struct smbd_server_connection *sconn,time_t t)
{
int deadtime = lp_deadtime()*60;
pipes_struct *plist = NULL;
@@ -185,7 +190,7 @@ bool conn_idle_all(time_t t)
if (deadtime <= 0)
deadtime = DEFAULT_SMBD_TIMEOUT;
- for (conn=Connections;conn;conn=conn->next) {
+ for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next) {
time_t age = t - conn->lastused;
@@ -224,11 +229,11 @@ bool conn_idle_all(time_t t)
Clear a vuid out of the validity cache, and as the 'owner' of a connection.
****************************************************************************/
-void conn_clear_vuid_caches(uint16_t vuid)
+void conn_clear_vuid_caches(struct smbd_server_connection *sconn,uint16_t vuid)
{
connection_struct *conn;
- for (conn=Connections;conn;conn=conn->next) {
+ for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next) {
if (conn->vuid == vuid) {
conn->vuid = UID_FIELD_INVALID;
}
@@ -279,14 +284,14 @@ void conn_free_internal(connection_struct *conn)
Free a conn structure.
****************************************************************************/
-void conn_free(connection_struct *conn)
+void conn_free(struct smbd_server_connection *sconn, connection_struct *conn)
{
- DLIST_REMOVE(Connections, conn);
+ DLIST_REMOVE(sconn->smb1.tcons.Connections, conn);
- bitmap_clear(bmap, conn->cnum);
--
Samba Shared Repository
More information about the samba-cvs
mailing list