[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Jul 8 13:02:02 MDT 2011
The branch, master has been updated
via fe39925 Move smbd_smb2_request_check_tcon() smbd_smb2_request_check_session() next to their only user and make them static. Add comments.
from f4add4f s3-waf: split out LIBCLI_WINREG_INTERNAL as LIBCLI_WINREG was pulling in rpc server code in undesired places.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit fe3992541d6f86efb32a63d01bc1814650618cae
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jul 8 10:44:29 2011 -0700
Move smbd_smb2_request_check_tcon() smbd_smb2_request_check_session() next to their only user and make them static. Add comments.
Autobuild-User: Jeremy Allison <jra at samba.org>
Autobuild-Date: Fri Jul 8 21:01:40 CEST 2011 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/globals.h | 3 -
source3/smbd/smb2_server.c | 130 +++++++++++++++++++++++++++++++++++++++++
source3/smbd/smb2_sesssetup.c | 58 ------------------
source3/smbd/smb2_tcon.c | 60 -------------------
4 files changed, 130 insertions(+), 121 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index a98936a..b684a92 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -267,9 +267,6 @@ NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn,
NTSTATUS smbd_smb2_request_pending_queue(struct smbd_smb2_request *req,
struct tevent_req *subreq);
-NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req);
-NTSTATUS smbd_smb2_request_check_tcon(struct smbd_smb2_request *req);
-
struct smb_request *smbd_smb2_fake_smb_request(struct smbd_smb2_request *req);
void remove_smb2_chained_fsp(files_struct *fsp);
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 72beb86..65454ae 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -27,6 +27,8 @@
#include "../lib/util/tevent_ntstatus.h"
#include "smbprofile.h"
#include "../lib/util/bitmap.h"
+#include "../librpc/gen_ndr/krb5pac.h"
+#include "auth.h"
#define OUTVEC_ALLOC_SIZE (SMB2_HDR_BODY + 9)
@@ -1072,6 +1074,134 @@ static NTSTATUS smbd_smb2_request_process_cancel(struct smbd_smb2_request *req)
return NT_STATUS_OK;
}
+/*************************************************************
+ Ensure an incoming tid is a valid one for us to access.
+ Change to the associated uid credentials and chdir to the
+ valid tid directory.
+*************************************************************/
+
+static NTSTATUS smbd_smb2_request_check_tcon(struct smbd_smb2_request *req)
+{
+ const uint8_t *inhdr;
+ const uint8_t *outhdr;
+ int i = req->current_idx;
+ uint32_t in_tid;
+ void *p;
+ struct smbd_smb2_tcon *tcon;
+ bool chained_fixup = false;
+
+ inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
+
+ in_tid = IVAL(inhdr, SMB2_HDR_TID);
+
+ if (in_tid == (0xFFFFFFFF)) {
+ if (req->async) {
+ /*
+ * async request - fill in tid from
+ * already setup out.vector[].iov_base.
+ */
+ outhdr = (const uint8_t *)req->out.vector[i].iov_base;
+ in_tid = IVAL(outhdr, SMB2_HDR_TID);
+ } else if (i > 2) {
+ /*
+ * Chained request - fill in tid from
+ * the previous request out.vector[].iov_base.
+ */
+ outhdr = (const uint8_t *)req->out.vector[i-3].iov_base;
+ in_tid = IVAL(outhdr, SMB2_HDR_TID);
+ chained_fixup = true;
+ }
+ }
+
+ /* lookup an existing session */
+ p = idr_find(req->session->tcons.idtree, in_tid);
+ if (p == NULL) {
+ return NT_STATUS_NETWORK_NAME_DELETED;
+ }
+ tcon = talloc_get_type_abort(p, struct smbd_smb2_tcon);
+
+ if (!change_to_user(tcon->compat_conn,req->session->vuid)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ /* should we pass FLAG_CASELESS_PATHNAMES here? */
+ if (!set_current_service(tcon->compat_conn, 0, true)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ req->tcon = tcon;
+
+ if (chained_fixup) {
+ /* Fix up our own outhdr. */
+ outhdr = (const uint8_t *)req->out.vector[i].iov_base;
+ SIVAL(discard_const_p(uint8_t, outhdr), SMB2_HDR_TID, in_tid);
+ }
+
+ return NT_STATUS_OK;
+}
+
+/*************************************************************
+ Ensure an incoming session_id is a valid one for us to access.
+*************************************************************/
+
+static NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req)
+{
+ const uint8_t *inhdr;
+ const uint8_t *outhdr;
+ int i = req->current_idx;
+ uint64_t in_session_id;
+ void *p;
+ struct smbd_smb2_session *session;
+ bool chained_fixup = false;
+
+ inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
+
+ in_session_id = BVAL(inhdr, SMB2_HDR_SESSION_ID);
+
+ if (in_session_id == (0xFFFFFFFFFFFFFFFFLL)) {
+ if (req->async) {
+ /*
+ * async request - fill in session_id from
+ * already setup request out.vector[].iov_base.
+ */
+ outhdr = (const uint8_t *)req->out.vector[i].iov_base;
+ in_session_id = BVAL(outhdr, SMB2_HDR_SESSION_ID);
+ } else if (i > 2) {
+ /*
+ * Chained request - fill in session_id from
+ * the previous request out.vector[].iov_base.
+ */
+ outhdr = (const uint8_t *)req->out.vector[i-3].iov_base;
+ in_session_id = BVAL(outhdr, SMB2_HDR_SESSION_ID);
+ chained_fixup = true;
+ }
+ }
+
+ /* lookup an existing session */
+ p = idr_find(req->sconn->smb2.sessions.idtree, in_session_id);
+ if (p == NULL) {
+ return NT_STATUS_USER_SESSION_DELETED;
+ }
+ session = talloc_get_type_abort(p, struct smbd_smb2_session);
+
+ if (!NT_STATUS_IS_OK(session->status)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ set_current_user_info(session->session_info->sanitized_username,
+ session->session_info->unix_name,
+ session->session_info->info3->base.domain.string);
+
+ req->session = session;
+
+ if (chained_fixup) {
+ /* Fix up our own outhdr. */
+ outhdr = (const uint8_t *)req->out.vector[i].iov_base;
+ SBVAL(discard_const_p(uint8_t, outhdr), SMB2_HDR_SESSION_ID, in_session_id);
+ }
+ return NT_STATUS_OK;
+}
+
NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
{
const uint8_t *inhdr;
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index e09eff8..8a4704c 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -795,64 +795,6 @@ static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *smb2req,
return NT_STATUS_LOGON_FAILURE;
}
-NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req)
-{
- const uint8_t *inhdr;
- const uint8_t *outhdr;
- int i = req->current_idx;
- uint64_t in_session_id;
- void *p;
- struct smbd_smb2_session *session;
- bool chained_fixup = false;
-
- inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
-
- in_session_id = BVAL(inhdr, SMB2_HDR_SESSION_ID);
-
- if (in_session_id == (0xFFFFFFFFFFFFFFFFLL)) {
- if (req->async) {
- /*
- * async request - fill in session_id from
- * already setup request out.vector[].iov_base.
- */
- outhdr = (const uint8_t *)req->out.vector[i].iov_base;
- in_session_id = BVAL(outhdr, SMB2_HDR_SESSION_ID);
- } else if (i > 2) {
- /*
- * Chained request - fill in session_id from
- * the previous request out.vector[].iov_base.
- */
- outhdr = (const uint8_t *)req->out.vector[i-3].iov_base;
- in_session_id = BVAL(outhdr, SMB2_HDR_SESSION_ID);
- chained_fixup = true;
- }
- }
-
- /* lookup an existing session */
- p = idr_find(req->sconn->smb2.sessions.idtree, in_session_id);
- if (p == NULL) {
- return NT_STATUS_USER_SESSION_DELETED;
- }
- session = talloc_get_type_abort(p, struct smbd_smb2_session);
-
- if (!NT_STATUS_IS_OK(session->status)) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
- set_current_user_info(session->session_info->sanitized_username,
- session->session_info->unix_name,
- session->session_info->info3->base.domain.string);
-
- req->session = session;
-
- if (chained_fixup) {
- /* Fix up our own outhdr. */
- outhdr = (const uint8_t *)req->out.vector[i].iov_base;
- SBVAL(discard_const_p(uint8_t, outhdr), SMB2_HDR_SESSION_ID, in_session_id);
- }
- return NT_STATUS_OK;
-}
-
NTSTATUS smbd_smb2_request_process_logoff(struct smbd_smb2_request *req)
{
const uint8_t *inbody;
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index 7c2014c..946bc56 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -278,66 +278,6 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
return NT_STATUS_OK;
}
-NTSTATUS smbd_smb2_request_check_tcon(struct smbd_smb2_request *req)
-{
- const uint8_t *inhdr;
- const uint8_t *outhdr;
- int i = req->current_idx;
- uint32_t in_tid;
- void *p;
- struct smbd_smb2_tcon *tcon;
- bool chained_fixup = false;
-
- inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
-
- in_tid = IVAL(inhdr, SMB2_HDR_TID);
-
- if (in_tid == (0xFFFFFFFF)) {
- if (req->async) {
- /*
- * async request - fill in tid from
- * already setup out.vector[].iov_base.
- */
- outhdr = (const uint8_t *)req->out.vector[i].iov_base;
- in_tid = IVAL(outhdr, SMB2_HDR_TID);
- } else if (i > 2) {
- /*
- * Chained request - fill in tid from
- * the previous request out.vector[].iov_base.
- */
- outhdr = (const uint8_t *)req->out.vector[i-3].iov_base;
- in_tid = IVAL(outhdr, SMB2_HDR_TID);
- chained_fixup = true;
- }
- }
-
- /* lookup an existing session */
- p = idr_find(req->session->tcons.idtree, in_tid);
- if (p == NULL) {
- return NT_STATUS_NETWORK_NAME_DELETED;
- }
- tcon = talloc_get_type_abort(p, struct smbd_smb2_tcon);
-
- if (!change_to_user(tcon->compat_conn,req->session->vuid)) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
- /* should we pass FLAG_CASELESS_PATHNAMES here? */
- if (!set_current_service(tcon->compat_conn, 0, true)) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
- req->tcon = tcon;
-
- if (chained_fixup) {
- /* Fix up our own outhdr. */
- outhdr = (const uint8_t *)req->out.vector[i].iov_base;
- SIVAL(discard_const_p(uint8_t, outhdr), SMB2_HDR_TID, in_tid);
- }
-
- return NT_STATUS_OK;
-}
-
NTSTATUS smbd_smb2_request_process_tdis(struct smbd_smb2_request *req)
{
const uint8_t *inbody;
--
Samba Shared Repository
More information about the samba-cvs
mailing list