[SCM] Samba Shared Repository - branch v3-6-test updated
Karolin Seeger
kseeger at samba.org
Wed Jul 13 13:35:05 MDT 2011
The branch, v3-6-test has been updated
via d43d147 s3:smb2_create: use smbd_calculate_access_mask() instead of smbd_check_open_rights()
via 89a05c3 s3:smb2_tcon: return the correct maximal_access on the share
via c384bf7 s3:smbd: return the real share access mask in the SMBtconX response
via 3e87706 s3:smbd: use smbd_calculate_access_mask() also for fake_files
via d43f7ff s3:smbd: check the share level access mask in smbd_calculate_access_mask()
via 5a1c2b4 s3:smbd: make smbd_calculate_access_mask() non-static
via bd91cb8 s3:smbd/msdfs: let create_conn_struct() check the share security descriptor
via b3a0350 s3: Fix bug 8102
via 83c6e9d s3: Calculate&store the maximum share access mask
via 283f76c s3: Return "granted" from share_access_check
via 7b28ae9 s3:smb2_server: add some comments about change_to_user() and change_to_root_user()
via 3de9d22 s3:smb2_server: call change_to_root_user() or smbd_smb2_request_check_tcon()
via fe6a325 s3:smb2_server: there's no reason to check the session id twice on a smb2_tcon request
from ae41415 WHATSNEW: Update changes since rc2.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -----------------------------------------------------------------
commit d43d147c9d69dd23296677f9ae998c9362771682
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jul 10 13:09:06 2011 +0200
s3:smb2_create: use smbd_calculate_access_mask() instead of smbd_check_open_rights()
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Mon Jul 11 22:45:01 CEST 2011 on sn-devel-104
(cherry picked from commit f5d320ac0fb74d4ad95a03969366096e9b074379)
The last 10 patches address bug #8102 (domuser can change ACL from his files
over the network).
commit 89a05c3a54239d384317f9881430fac264138f3f
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jul 10 13:02:11 2011 +0200
s3:smb2_tcon: return the correct maximal_access on the share
metze
(cherry picked from commit a1046389ffcc476456ac76cb701a4325d1c42ef9)
commit c384bf75284fa7280b9279d305c5404f9f1066df
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jul 11 16:12:57 2011 +0200
s3:smbd: return the real share access mask in the SMBtconX response
metze
(cherry picked from commit 58eed1b295afeff6acfb8c1f10b0bb02280fd491)
commit 3e8770619c53c956f623ae852f97e6226513898d
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jul 10 13:59:40 2011 +0200
s3:smbd: use smbd_calculate_access_mask() also for fake_files
metze
(cherry picked from commit 581d8fa36b73abab030168dc35fb631ccd42a388)
commit d43f7ffb9fa8449a954d2e9fc9012a00289b41e2
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jul 10 13:03:51 2011 +0200
s3:smbd: check the share level access mask in smbd_calculate_access_mask()
I think we should reject invalid access early,
before we might create new files.
Also smbd_check_open_rights() is only called if the file existed.
metze
(cherry picked from commit 896f105ed40dc04f83bcbfac367b309c8d957f86)
commit 5a1c2b4774c914a45bf2da7e666f6acf7f6927c6
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jul 10 13:00:25 2011 +0200
s3:smbd: make smbd_calculate_access_mask() non-static
metze
(cherry picked from commit ce66d4e4a885add09edfa8e6d5eab0f3b5d63081)
commit bd91cb862c4ceb3955c742d1c516e51733a19e6e
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jul 12 17:31:13 2011 +0200
s3:smbd/msdfs: let create_conn_struct() check the share security descriptor
metze
(cherry picked from commit 18f967a24881aa899b39f7676fc70a7f7aaca07b)
commit b3a035005ef98bcb31bade50a9e3ddf088302779
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jul 5 11:13:07 2011 +0200
s3: Fix bug 8102
We can't allow open with access that has been denied via the share
security descriptor
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Tue Jul 5 16:21:54 CEST 2011 on sn-devel-104
(cherry picked from commit 4deca5d72804a40e68158a1183f5633dabf24761)
commit 83c6e9d3ad76e8009778e5ba0bf22e256d06ad48
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jul 4 18:35:21 2011 +0200
s3: Calculate&store the maximum share access mask
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 720fa46f9443ccbe471b265f1c2b9cb9782a3c26)
commit 283f76c06308eaeaf9d134e0bfb45188ee684fb3
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jul 4 17:02:34 2011 +0200
s3: Return "granted" from share_access_check
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 1c022d2e414607633323e65abbc63bb3aeaaa6a4)
commit 7b28ae90603ff152e31b2113109bdaebc540810f
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 8 09:08:39 2011 +0200
s3:smb2_server: add some comments about change_to_user() and change_to_root_user()
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Fri Jul 8 13:45:46 CEST 2011 on sn-devel-104
(cherry picked from commit dbfb88aef30a755c29015bff4699eb17925a4988)
The last 3 patches address bug #8292 (Disable SMB2 for 3.6).
commit 3de9d2204e1f14c8a1d9642f3dc1e1e7e1013210
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 7 16:38:33 2011 +0200
s3:smb2_server: call change_to_root_user() or smbd_smb2_request_check_tcon()
For all requests which don't operate on a tcon, we should call
change_to_root_user(), to match the SMB1 behavior.
For SMB1 we do the following operations without AS_USER:
/* 0x70 */ { "SMBtcon",reply_tcon,0},
/* 0x71 */ { "SMBtdis",reply_tdis,DO_CHDIR},
/* 0x72 */ { "SMBnegprot",reply_negprot,0},
/* 0x73 */ { "SMBsesssetupX",reply_sesssetup_and_X,0},
/* 0x74 */ { "SMBulogoffX",reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
/* 0x75 */ { "SMBtconX",reply_tcon_and_X,0},
...
/* 0x2b */ { "SMBecho",reply_echo,0},
...
/* 0xa4 */ { "SMBntcancel",reply_ntcancel, 0 },
For SMB2tdis we still call smbd_smb2_request_check_tcon()
as close_cnum() calls change_to_root_user() when needed.
metze
Signed-off-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit eea210eba7c20e6d04b13cf8ccd3011ee7c99157)
commit fe6a325226a5fb17e5ccf62c5d0882d97baa35b7
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jul 4 15:57:20 2011 +0200
s3:smb2_server: there's no reason to check the session id twice on a smb2_tcon request
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Mon Jul 4 17:34:13 CEST 2011 on sn-devel-104
(cherry picked from commit 7c96e96e9881ec1ad7b41f0ab241a5b0ac17b93f)
-----------------------------------------------------------------------
Summary of changes:
source3/include/proto.h | 6 +-
source3/include/smb.h | 1 +
source3/lib/sharesec.c | 10 ++-
source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 4 +-
source3/smbd/fake_file.c | 13 +++
source3/smbd/globals.h | 5 +
source3/smbd/msdfs.c | 30 +++++++
source3/smbd/open.c | 54 +++++++++---
source3/smbd/reply.c | 4 +-
source3/smbd/service.c | 36 ++++-----
source3/smbd/smb2_create.c | 7 ++-
source3/smbd/smb2_server.c | 130 +++++++++++++++++++++++++++--
source3/smbd/smb2_tcon.c | 2 +-
source3/smbd/uid.c | 11 ++-
14 files changed, 255 insertions(+), 58 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index d072502..6291f11 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -329,8 +329,10 @@ struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *ser
size_t *psize);
bool set_share_security(const char *share_name, struct security_descriptor *psd);
bool delete_share_security(const char *servicename);
-bool share_access_check(const struct security_token *token, const char *sharename,
- uint32 desired_access);
+bool share_access_check(const struct security_token *token,
+ const char *sharename,
+ uint32 desired_access,
+ uint32_t *pgranted);
bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd);
/* The following definitions come from lib/smbrun.c */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 3e68a99..3a64af7 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -408,6 +408,7 @@ typedef struct connection_struct {
bool printer;
bool ipc;
bool read_only; /* Attributes for the current user of the share. */
+ uint32_t share_access;
/* Does this filesystem honor
sub second timestamps on files
and directories when setting time ? */
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index c2494e2..410fc13 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -410,8 +410,10 @@ bool delete_share_security(const char *servicename)
Can this user access with share with the required permissions ?
********************************************************************/
-bool share_access_check(const struct security_token *token, const char *sharename,
- uint32 desired_access)
+bool share_access_check(const struct security_token *token,
+ const char *sharename,
+ uint32 desired_access,
+ uint32_t *pgranted)
{
uint32 granted;
NTSTATUS status;
@@ -428,6 +430,10 @@ bool share_access_check(const struct security_token *token, const char *sharenam
TALLOC_FREE(psd);
+ if (pgranted != NULL) {
+ *pgranted = granted;
+ }
+
return NT_STATUS_IS_OK(status);
}
diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index 472a318..a078395 100644
--- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
@@ -539,8 +539,8 @@ static bool is_enumeration_allowed(struct pipes_struct *p,
if (!lp_access_based_share_enum(snum))
return true;
- return share_access_check(p->session_info->security_token, lp_servicename(snum),
- FILE_READ_DATA);
+ return share_access_check(p->session_info->security_token,
+ lp_servicename(snum), FILE_READ_DATA, NULL);
}
/*******************************************************************
diff --git a/source3/smbd/fake_file.c b/source3/smbd/fake_file.c
index 81f7686..68967fb 100644
--- a/source3/smbd/fake_file.c
+++ b/source3/smbd/fake_file.c
@@ -19,6 +19,7 @@
#include "includes.h"
#include "smbd/smbd.h"
+#include "smbd/globals.h"
#include "fake_file.h"
#include "auth.h"
@@ -128,6 +129,18 @@ NTSTATUS open_fake_file(struct smb_request *req, connection_struct *conn,
files_struct *fsp = NULL;
NTSTATUS status;
+ status = smbd_calculate_access_mask(conn, smb_fname,
+ false, /* fake files do not exist */
+ access_mask, &access_mask);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("open_fake_file: smbd_calculate_access_mask "
+ "on service[%s] file[%s] returned %s\n",
+ lp_servicename(SNUM(conn)),
+ smb_fname_str_dbg(smb_fname),
+ nt_errstr(status)));
+ return status;
+ }
+
/* access check */
if (geteuid() != sec_initial_uid()) {
DEBUG(3, ("open_fake_file_shared: access_denied to "
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index d9a54d2..58e03a5 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -224,6 +224,11 @@ bool smbd_dirptr_lanman2_entry(TALLOC_CTX *ctx,
int *_last_entry_off,
struct ea_list *name_list);
+NTSTATUS smbd_calculate_access_mask(connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ bool file_existed,
+ uint32_t access_mask,
+ uint32_t *access_mask_out);
NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
const struct smb_filename *smb_fname,
uint32_t access_mask,
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index ab67ac8..3bdedb8 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -27,6 +27,7 @@
#include "smbd/globals.h"
#include "msdfs.h"
#include "auth.h"
+#include "libcli/security/security.h"
/**********************************************************************
Parse a DFS pathname of the form \hostname\service\reqpath
@@ -278,6 +279,35 @@ NTSTATUS create_conn_struct(TALLOC_CTX *ctx,
set_conn_connectpath(conn, connpath);
+ /*
+ * New code to check if there's a share security descripter
+ * added from NT server manager. This is done after the
+ * smb.conf checks are done as we need a uid and token. JRA.
+ *
+ */
+ if (conn->session_info) {
+ share_access_check(conn->session_info->security_token,
+ lp_servicename(snum), MAXIMUM_ALLOWED_ACCESS,
+ &conn->share_access);
+
+ if ((conn->share_access & FILE_WRITE_DATA) == 0) {
+ if ((conn->share_access & FILE_READ_DATA) == 0) {
+ /* No access, read or write. */
+ DEBUG(0,("create_conn_struct: connection to %s "
+ "denied due to security "
+ "descriptor.\n",
+ lp_servicename(snum)));
+ conn_free(conn);
+ return NT_STATUS_ACCESS_DENIED;
+ } else {
+ conn->read_only = true;
+ }
+ }
+ } else {
+ conn->share_access = 0;
+ conn->read_only = true;
+ }
+
if (!smbd_vfs_init(conn)) {
NTSTATUS status = map_nt_error_from_unix(errno);
DEBUG(0,("create_conn_struct: smbd_vfs_init failed.\n"));
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 44b1835..81d4e69 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -76,6 +76,14 @@ NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
/* Check if we have rights to open. */
NTSTATUS status;
struct security_descriptor *sd = NULL;
+ uint32_t rejected_share_access;
+
+ rejected_share_access = access_mask & ~(conn->share_access);
+
+ if (rejected_share_access) {
+ *access_granted = rejected_share_access;
+ return NT_STATUS_ACCESS_DENIED;
+ }
if ((access_mask & DELETE_ACCESS) && !lp_acl_check_permissions(SNUM(conn))) {
*access_granted = access_mask;
@@ -1514,13 +1522,15 @@ static void schedule_defer_open(struct share_mode_lock *lck,
Work out what access_mask to use from what the client sent us.
****************************************************************************/
-static NTSTATUS calculate_access_mask(connection_struct *conn,
- const struct smb_filename *smb_fname,
- bool file_existed,
- uint32_t access_mask,
- uint32_t *access_mask_out)
+NTSTATUS smbd_calculate_access_mask(connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ bool file_existed,
+ uint32_t access_mask,
+ uint32_t *access_mask_out)
{
NTSTATUS status;
+ uint32_t orig_access_mask = access_mask;
+ uint32_t rejected_share_access;
/*
* Convert GENERIC bits to specific bits.
@@ -1541,8 +1551,8 @@ static NTSTATUS calculate_access_mask(connection_struct *conn,
SECINFO_DACL),&sd);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("calculate_access_mask: Could not get acl "
- "on file %s: %s\n",
+ DEBUG(10,("smbd_calculate_access_mask: "
+ "Could not get acl on file %s: %s\n",
smb_fname_str_dbg(smb_fname),
nt_errstr(status)));
return NT_STATUS_ACCESS_DENIED;
@@ -1557,8 +1567,9 @@ static NTSTATUS calculate_access_mask(connection_struct *conn,
TALLOC_FREE(sd);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("calculate_access_mask: Access denied on "
- "file %s: when calculating maximum access\n",
+ DEBUG(10, ("smbd_calculate_access_mask: "
+ "Access denied on file %s: "
+ "when calculating maximum access\n",
smb_fname_str_dbg(smb_fname)));
return NT_STATUS_ACCESS_DENIED;
}
@@ -1567,6 +1578,21 @@ static NTSTATUS calculate_access_mask(connection_struct *conn,
} else {
access_mask = FILE_GENERIC_ALL;
}
+
+ access_mask &= conn->share_access;
+ }
+
+ rejected_share_access = access_mask & ~(conn->share_access);
+
+ if (rejected_share_access) {
+ DEBUG(10, ("smbd_calculate_access_mask: Access denied on "
+ "file %s: rejected by share access mask[0x%08X] "
+ "orig[0x%08X] mapped[0x%08X] reject[0x%08X]\n",
+ smb_fname_str_dbg(smb_fname),
+ conn->share_access,
+ orig_access_mask, access_mask,
+ rejected_share_access));
+ return NT_STATUS_ACCESS_DENIED;
}
*access_mask_out = access_mask;
@@ -1890,11 +1916,11 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
}
}
- status = calculate_access_mask(conn, smb_fname, file_existed,
+ status = smbd_calculate_access_mask(conn, smb_fname, file_existed,
access_mask,
&access_mask);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
+ DEBUG(10, ("open_file_ntcreate: smbd_calculate_access_mask "
"on file %s returned %s\n",
smb_fname_str_dbg(smb_fname), nt_errstr(status)));
return status;
@@ -2737,10 +2763,10 @@ static NTSTATUS open_directory(connection_struct *conn,
return NT_STATUS_NOT_A_DIRECTORY;
}
- status = calculate_access_mask(conn, smb_dname, dir_existed,
- access_mask, &access_mask);
+ status = smbd_calculate_access_mask(conn, smb_dname, dir_existed,
+ access_mask, &access_mask);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("open_directory: calculate_access_mask "
+ DEBUG(10, ("open_directory: smbd_calculate_access_mask "
"on file %s returned %s\n",
smb_fname_str_dbg(smb_dname),
nt_errstr(status)));
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 099a36e..c594a6b 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -835,9 +835,7 @@ void reply_tcon_and_X(struct smb_request *req)
perm1 = FILE_ALL_ACCESS;
perm2 = FILE_ALL_ACCESS;
} else {
- perm1 = CAN_WRITE(conn) ?
- SHARE_ALL_ACCESS :
- SHARE_READ_ONLY;
+ perm1 = conn->share_access;
}
SIVAL(req->outbuf, smb_vwv3, perm1);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index a8cd756..d88c02c 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -853,27 +853,21 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
*
*/
- {
- bool can_write = False;
-
- can_write = share_access_check(conn->session_info->security_token,
- lp_servicename(snum),
- FILE_WRITE_DATA);
-
- if (!can_write) {
- if (!share_access_check(conn->session_info->security_token,
- lp_servicename(snum),
- FILE_READ_DATA)) {
- /* No access, read or write. */
- DEBUG(0,("make_connection: connection to %s "
- "denied due to security "
- "descriptor.\n",
- lp_servicename(snum)));
- *pstatus = NT_STATUS_ACCESS_DENIED;
- goto err_root_exit;
- } else {
- conn->read_only = True;
- }
+ share_access_check(conn->session_info->security_token,
+ lp_servicename(snum), MAXIMUM_ALLOWED_ACCESS,
+ &conn->share_access);
+
+ if ((conn->share_access & FILE_WRITE_DATA) == 0) {
+ if ((conn->share_access & FILE_READ_DATA) == 0) {
+ /* No access, read or write. */
+ DEBUG(0,("make_connection: connection to %s "
+ "denied due to security "
+ "descriptor.\n",
+ lp_servicename(snum)));
+ *pstatus = NT_STATUS_ACCESS_DENIED;
+ goto err_root_exit;
+ } else {
+ conn->read_only = True;
}
}
/* Initialise VFS function pointers */
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index 3478f34..fcd8945 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -736,8 +736,13 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
uint32_t max_access_granted;
DATA_BLOB blob = data_blob_const(p, sizeof(p));
- status = smbd_check_open_rights(smb1req->conn,
+ status = smbd_calculate_access_mask(smb1req->conn,
result->fsp_name,
+ /*
+ * at this stage
+ * it exists
+ */
+ true,
SEC_FLAG_MAXIMUM_ALLOWED,
&max_access_granted);
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 416e3c1..c5c7a8e 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1104,6 +1104,14 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
+ /*
+ * Check if the client provided a valid session id,
+ * if so smbd_smb2_request_check_session() calls
+ * set_current_user_info().
+ *
+ * As some command don't require a valid session id
+ * we defer the check of the session_status
+ */
session_status = smbd_smb2_request_check_session(req);
req->do_signing = false;
@@ -1139,6 +1147,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
switch (opcode) {
case SMB2_OP_NEGPROT:
+ /* This call needs to be run as root */
+ change_to_root_user();
+
{
START_PROFILE(smb2_negprot);
return_value = smbd_smb2_request_process_negprot(req);
@@ -1147,6 +1158,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
break;
case SMB2_OP_SESSSETUP:
+ /* This call needs to be run as root */
+ change_to_root_user();
+
{
START_PROFILE(smb2_sesssetup);
return_value = smbd_smb2_request_process_sesssetup(req);
@@ -1160,6 +1174,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
break;
}
+ /* This call needs to be run as root */
+ change_to_root_user();
+
{
START_PROFILE(smb2_logoff);
return_value = smbd_smb2_request_process_logoff(req);
@@ -1172,11 +1189,15 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
return_value = smbd_smb2_request_error(req, session_status);
break;
}
- status = smbd_smb2_request_check_session(req);
- if (!NT_STATUS_IS_OK(status)) {
- return_value = smbd_smb2_request_error(req, status);
- break;
- }
+
+ /*
+ * This call needs to be run as root.
+ *
+ * smbd_smb2_request_process_tcon()
+ * calls make_connection_snum(), which will call
+ * change_to_user(), when needed.
+ */
+ change_to_root_user();
{
START_PROFILE(smb2_tcon);
@@ -1190,11 +1211,20 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
return_value = smbd_smb2_request_error(req, session_status);
break;
}
+ /*
+ * This call needs to be run as user.
+ *
+ * smbd_smb2_request_check_tcon()
+ * calls change_to_user() on success.
+ */
status = smbd_smb2_request_check_tcon(req);
if (!NT_STATUS_IS_OK(status)) {
return_value = smbd_smb2_request_error(req, status);
break;
}
+ /* This call needs to be run as root */
+ change_to_root_user();
+
{
START_PROFILE(smb2_tdis);
@@ -1208,6 +1238,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
return_value = smbd_smb2_request_error(req, session_status);
break;
}
+ /*
+ * This call needs to be run as user.
+ *
+ * smbd_smb2_request_check_tcon()
+ * calls change_to_user() on success.
+ */
status = smbd_smb2_request_check_tcon(req);
if (!NT_STATUS_IS_OK(status)) {
return_value = smbd_smb2_request_error(req, status);
@@ -1226,6 +1262,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
return_value = smbd_smb2_request_error(req, session_status);
break;
}
+ /*
+ * This call needs to be run as user.
+ *
+ * smbd_smb2_request_check_tcon()
+ * calls change_to_user() on success.
+ */
status = smbd_smb2_request_check_tcon(req);
if (!NT_STATUS_IS_OK(status)) {
return_value = smbd_smb2_request_error(req, status);
@@ -1244,6 +1286,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
return_value = smbd_smb2_request_error(req, session_status);
break;
}
+ /*
+ * This call needs to be run as user.
+ *
+ * smbd_smb2_request_check_tcon()
+ * calls change_to_user() on success.
+ */
status = smbd_smb2_request_check_tcon(req);
if (!NT_STATUS_IS_OK(status)) {
return_value = smbd_smb2_request_error(req, status);
@@ -1262,6 +1310,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
return_value = smbd_smb2_request_error(req, session_status);
break;
}
+ /*
+ * This call needs to be run as user.
+ *
+ * smbd_smb2_request_check_tcon()
+ * calls change_to_user() on success.
--
Samba Shared Repository
More information about the samba-cvs
mailing list