summaryrefslogtreecommitdiffstats
path: root/source3/smbd
Commit message (Collapse)AuthorAgeFilesLines
...
* s3-smbd: ensure we give appropriate errors for EA requests on streamsAndrew Bartlett2012-08-201-35/+77
|
* s3-smbd: Do not look for EA information on a streamAndrew Bartlett2012-08-201-6/+8
| | | | | | | | | The estimated EA size needs to be of the main file. However, the fsp may point to the stream, so we need to ignore it if this is the case. This may mean we estimate wrong if there has been a rename. Andrew Bartlett
* s3-smbd: Push smb_fname into estimate_ea_sizeAndrew Bartlett2012-08-201-12/+20
| | | | | | | | | This ensures that we return the ea size of the stream, not the overall file. This is important as if there is an EA on the main file, the raw.streams test was failing. Andrew Bartlett
* s3:smb2_negprot: annouce/negotiate SMB3 encryption supportStefan Metzmacher2012-08-171-0/+8
| | | | metze
* s3:smb2_server: add SMB3 encryption supportStefan Metzmacher2012-08-172-49/+353
| | | | metze
* s3:smbd: don't disconnect the client when a share has "smb encrypt = required"Stefan Metzmacher2012-08-172-6/+8
| | | | | | | | It's not the client fault, if he doesn't know that encryption is required. We should just return ACCESS_DENIED and let the client work on other shares and open files on the current SMB connection. metze
* s3:smbd: lp_smb_encrypt() returns SMB_SIGNING_* valuesStefan Metzmacher2012-08-172-6/+6
| | | | metze
* s3:smbd: make use of ENCRYPTION_REQUIRED()Stefan Metzmacher2012-08-171-2/+2
| | | | metze
* s3:smb2_server: try to sign an error response if we have a signing keyStefan Metzmacher2012-08-171-1/+18
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Aug 17 00:54:01 CEST 2012 on sn-devel-104
* s3:smb2_server: verify the signature before the session_statusStefan Metzmacher2012-08-161-3/+4
| | | | metze
* s3:smb2_server: add some const to print_req_vectors()Stefan Metzmacher2012-08-161-1/+1
| | | | metze
* s3-libsmb: Add a python wrapperVolker Lendecke2012-08-161-1/+1
| | | | | | Please note that this is not finished and only for internal use. Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-smbd: Do not check no_acl_syscall_error(errno) after sys_acl_init()Andrew Bartlett2012-08-161-11/+2
| | | | | | This is no longer a VFS call, so will no longer fail in this way. Andrew Bartlett
* s3:smb2_server: do calculations based on SMBD_SMB2_NUM_IOV_PER_REQ in ↵Stefan Metzmacher2012-08-151-3/+3
| | | | | | smbd_smb2_request_validate() metze
* s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-opAndrew Bartlett2012-08-152-4/+0
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 15 05:23:18 CEST 2012 on sn-devel-104
* s3-sysacls: Remove sys_acl_free_acl() and replace with TALLOC_FREE()Andrew Bartlett2012-08-153-41/+41
|
* s3-smbd: Remove sys_acl_*() VFS wrapper functionsAndrew Bartlett2012-08-151-129/+0
| | | | | | | | | | | | | | | | | | | | | | | We no longer do struct smb_acl_t manipuations via the VFS layer, which is now reduced to handling the get/set functions. The only backend that implemented these functions (aside from audit) was the vfs_default module calling the sys_acl code. The various ACL implementation modules either worked on the fully initilaised smb_acl_t object or on NT ACLs. This not only makes the operation of the posix ACL code more efficient (as allocation and free is not put via the VFS), it makes it easier to test and removes the fantasy that a module could safely redefine this structure or the behaviour here. The smb_acls.idl now defines the structure, and it is now allocated with talloc. These operations were originally added to the VFS in commit 3bb219161a270f12c27c3bc7e1220829c6e9f284. Andrew Bartlett
* s3-smbd: Remove unused conn argument from convert_permset_to_mode_t()Andrew Bartlett2012-08-151-3/+3
|
* s3-smbd: Call sys_acl_set_permset() directly rather than via the VFSAndrew Bartlett2012-08-151-7/+7
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_set_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-151-3/+3
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_set_tag_type() directly rather than via the VFSAndrew Bartlett2012-08-151-6/+6
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_create_entry() directly rather than via the VFSAndrew Bartlett2012-08-151-6/+6
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_add_perm() directly rather than via the VFSAndrew Bartlett2012-08-151-6/+6
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_clear_perms() directly rather than via the VFSAndrew Bartlett2012-08-151-2/+2
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_init() directly rather than via the VFSAndrew Bartlett2012-08-151-3/+3
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_free_acl() directly rather than via the VFSAndrew Bartlett2012-08-152-24/+24
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-151-2/+2
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_entry() directly rather than via the VFSAndrew Bartlett2012-08-152-8/+8
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-151-2/+2
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-152-4/+4
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_tagtype() directly rather than via the VFSAndrew Bartlett2012-08-152-5/+5
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_permset() directly rather than via the VFSAndrew Bartlett2012-08-152-8/+8
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_perm() directly rather than via the VFSAndrew Bartlett2012-08-152-9/+9
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3: skip loading vfs modules for printer connectionsBjörn Jacke2012-08-121-0/+6
| | | | | Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Sun Aug 12 23:40:23 CEST 2012 on sn-devel-104
* s3-smbd: Merge ACE entries based on mapped UID/GID not SIDAndrew Bartlett2012-08-101-4/+4
| | | | | | | | | | | | As the test for a valid posix ACL is based on the unix uid/gid only appearing once in the ACL the merge process also needs to be UID/GID based. This is a problem when we have multiple builtin groups mapped to the same POSIX group as happens in a Samba4 provision. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-smbd: Convert posix_acls.c to use struct unixid internallyAndrew Bartlett2012-08-101-57/+72
| | | | | | | | | | | | | This is consistent with the rest of Samba which uses this structure to represent a unix uid or gid. World values remain represented by the owner_type being WORLD_ACE in the containing structure. A -1 value is filled in to the unixid.id in the same way the .world value was initialised in the union. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-smbd: Create a shortcut for building the token of a user by SID for ↵Andrew Bartlett2012-08-101-10/+2
| | | | | | | | | | | | | posix_acls When a user owns a file, but does not have specific permissions on that file, we need to make up the user permissions. This change ensures that the first thing that we do is to look up the SID, and confirm it is a user. Then, we avoid the getpwnam() and directly create the token via the SID. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
* Revert "s3:smbd: include smbXsrv.h before smbd/proto.h to have the smbXsrv_ ↵Stefan Metzmacher2012-08-101-1/+0
| | | | | | | | | structs available" This reverts commit 98ccca8dca70b87d04a93c8ef5232a071ab7c2af. Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Aug 10 17:35:38 CEST 2012 on sn-devel-104
* Revert "s3:smbd: Include smbXsrv.h before vfs.h (in smbd.h) so that the ↵Stefan Metzmacher2012-08-101-1/+1
| | | | | | smbXsrv structures are available" This reverts commit e332bfaff51e54638bd37cd1fe08e57608e16e86.
* Correctly check for errors in strlower_m() returns.Jeremy Allison2012-08-093-3/+10
|
* Check error returns on strnorm().Jeremy Allison2012-08-091-3/+12
|
* Check error returns from strupper_m() (in all reasonable places).Jeremy Allison2012-08-094-7/+19
|
* s3:smb2_sesssetup: setup global->[en|de]cryption_keyStefan Metzmacher2012-08-091-0/+36
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 9 09:59:02 CEST 2012 on sn-devel-104
* s3:smb2_read: don't try sendfile if encryption is usedStefan Metzmacher2012-08-091-0/+1
| | | | metze
* s3:smb2_server: add smbd_smb2_request->do_encryptionStefan Metzmacher2012-08-092-0/+2
| | | | | | For now it's always false... metze
* s3:smb2_tcon: set global->encryption_required and enforce itStefan Metzmacher2012-08-091-5/+29
| | | | | | | This the account or client doesn't support encryption we should reject the tree connect. metze
* s3:smb2_sesssetup: set global->encryption_required and enforce itStefan Metzmacher2012-08-091-0/+22
| | | | | | | This the account or client doesn't support encryption we should reject the session setup. metze
* s3:smb2_server: check the session before we could response with an error.Stefan Metzmacher2012-08-091-15/+15
| | | | metze
* s3:smb2_server: do central file_id check if the operation requires itStefan Metzmacher2012-08-091-0/+56
| | | | | | | Note that it's fine to call file_fsp_smb2() twice, the 2nd call just returns smb2req->compat_chain_fsp without a 2nd lookup. metze
* s3:smb2_server: s/i/idx in smbd_smb2_request_pending_queue()Stefan Metzmacher2012-08-081-4/+4
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 8 17:32:26 CEST 2012 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-29 14:04:19 +0000