Changeset 411 for branches/samba-3.3.x/source/smbd
- Timestamp:
- Mar 1, 2010, 3:05:48 PM (15 years ago)
- Location:
- branches/samba-3.3.x/source/smbd
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.3.x/source/smbd/ipc.c
r224 r411 163 163 rparam, tot_param_sent, this_lparam, 164 164 rdata, tot_data_sent, this_ldata); 165 166 SSVAL(outbuf,smb_vwv0,lparam); 167 SSVAL(outbuf,smb_vwv1,ldata); 165 168 166 169 SSVAL(outbuf,smb_vwv3,this_lparam); -
branches/samba-3.3.x/source/smbd/lanman.c
r309 r411 1353 1353 1354 1354 1355 static boolsrv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2)1355 static int srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) 1356 1356 { 1357 1357 return(strcmp(s1->name,s2->name)); … … 1457 1457 s->name, s->type, s->comment, s->domain)); 1458 1458 1459 if (data_len < =buf_len) {1459 if (data_len < buf_len) { 1460 1460 counted++; 1461 1461 fixed_len += f_len; … … 1821 1821 total++; 1822 1822 data_len += fill_share_info(conn,i,uLevel,0,&f_len,0,&s_len,0); 1823 if (data_len < =buf_len) {1823 if (data_len < buf_len) { 1824 1824 counted++; 1825 1825 fixed_len += f_len; -
branches/samba-3.3.x/source/smbd/mangle_hash.c
r370 r411 336 336 337 337 SMB_ASSERT(chartest != NULL); 338 memset(chartest, '\0', 256); 338 339 339 340 for( s = (const unsigned char *)basechars; *s; s++ ) { … … 412 413 TDB_DATA data_val; 413 414 char mangled_name_key[13]; 414 char *s1 ;415 char *s2 ;415 char *s1 = NULL; 416 char *s2 = NULL; 416 417 417 418 /* If the cache isn't initialized, give up. */ … … 452 453 } 453 454 /* Restore the change we made to the const string. */ 454 *s2 = '.'; 455 if (s2) { 456 *s2 = '.'; 457 } 455 458 } 456 459 -
branches/samba-3.3.x/source/smbd/server.c
r370 r411 1248 1248 gain_root_group_privilege(); 1249 1249 1250 /* 1251 * Ensure we have CAP_KILL capability set on Linux, 1252 * where we need this to communicate with threads. 1253 * This is inherited by new threads, but not by new 1254 * processes across exec(). 1255 */ 1256 set_effective_capability(KILL_CAPABILITY); 1257 1250 1258 fault_setup((void (*)(void *))exit_server_fault); 1251 1259 dump_core_setup("smbd"); -
branches/samba-3.3.x/source/smbd/service.c
r338 r411 725 725 int ret; 726 726 char addr[INET6_ADDRSTRLEN]; 727 bool on_err_call_dis_hook = false;728 727 NTSTATUS status; 729 728 … … 926 925 } 927 926 928 /*929 * If widelinks are disallowed we need to canonicalise the connect930 * path here to ensure we don't have any symlinks in the931 * connectpath. We will be checking all paths on this connection are932 * below this directory. We must do this after the VFS init as we933 * depend on the realpath() pointer in the vfs table. JRA.934 */935 if (!lp_widelinks(snum)) {936 if (!canonicalize_connect_path(conn)) {937 DEBUG(0, ("canonicalize_connect_path failed "938 "for service %s, path %s\n",939 lp_servicename(snum),940 conn->connectpath));941 conn_free(conn);942 *pstatus = NT_STATUS_BAD_NETWORK_NAME;943 return NULL;944 }945 }946 947 927 if ((!conn->printer) && (!conn->ipc)) { 948 928 conn->notify_ctx = notify_init(conn, server_id_self(), … … 952 932 } 953 933 954 /* ROOT Activities: */ 934 /* ROOT Activities: */ 935 /* explicitly check widelinks here so that we can correctly warn 936 * in the logs. */ 937 widelinks_warning(snum); 938 955 939 /* 956 940 * Enforce the max connections parameter. … … 977 961 return NULL; 978 962 } 963 964 /* Invoke VFS make connection hook - must be the first 965 VFS operation we do. */ 966 967 if (SMB_VFS_CONNECT(conn, lp_servicename(snum), 968 conn->server_info->unix_name) < 0) { 969 DEBUG(0,("make_connection: VFS make connection failed!\n")); 970 yield_connection(conn, lp_servicename(snum)); 971 conn_free(conn); 972 *pstatus = NT_STATUS_UNSUCCESSFUL; 973 return NULL; 974 } 975 976 /* 977 * Fix compatibility issue pointed out by Volker. 978 * We pass the conn->connectpath to the preexec 979 * scripts as a parameter, so attempt to canonicalize 980 * it here before calling the preexec scripts. 981 * We ignore errors here, as it is possible that 982 * the conn->connectpath doesn't exist yet and 983 * the preexec scripts will create them. 984 */ 985 986 (void)canonicalize_connect_path(conn); 979 987 980 988 /* Preexecs are done here as they might make the dir we are to ChDir … … 996 1004 DEBUG(1,("root preexec gave %d - failing " 997 1005 "connection\n", ret)); 1006 SMB_VFS_DISCONNECT(conn); 998 1007 yield_connection(conn, lp_servicename(snum)); 999 1008 conn_free(conn); … … 1007 1016 /* No point continuing if they fail the basic checks */ 1008 1017 DEBUG(0,("Can't become connected user!\n")); 1018 SMB_VFS_DISCONNECT(conn); 1009 1019 yield_connection(conn, lp_servicename(snum)); 1010 1020 conn_free(conn); … … 1039 1049 } 1040 1050 1051 /* 1052 * If widelinks are disallowed we need to canonicalise the connect 1053 * path here to ensure we don't have any symlinks in the 1054 * connectpath. We will be checking all paths on this connection are 1055 * below this directory. We must do this after the VFS init as we 1056 * depend on the realpath() pointer in the vfs table. JRA. 1057 */ 1058 if (!lp_widelinks(snum)) { 1059 if (!canonicalize_connect_path(conn)) { 1060 DEBUG(0, ("canonicalize_connect_path failed " 1061 "for service %s, path %s\n", 1062 lp_servicename(snum), 1063 conn->connectpath)); 1064 *pstatus = NT_STATUS_BAD_NETWORK_NAME; 1065 goto err_root_exit; 1066 } 1067 } 1068 1041 1069 #ifdef WITH_FAKE_KASERVER 1042 1070 if (lp_afs_share(snum)) { … … 1054 1082 } 1055 1083 1056 /* Invoke VFS make connection hook - do this before the VFS_STAT call1057 to allow any filesystems needing user credentials to initialize1058 themselves. */1059 1060 if (SMB_VFS_CONNECT(conn, lp_servicename(snum),1061 conn->server_info->unix_name) < 0) {1062 DEBUG(0,("make_connection: VFS make connection failed!\n"));1063 *pstatus = NT_STATUS_UNSUCCESSFUL;1064 goto err_root_exit;1065 }1066 1067 /* Any error exit after here needs to call the disconnect hook. */1068 on_err_call_dis_hook = true;1069 1084 1070 1085 /* win2000 does not check the permissions on the directory … … 1139 1154 1140 1155 change_to_root_user(); 1141 if (on_err_call_dis_hook) { 1142 /* Call VFS disconnect hook */ 1143 SMB_VFS_DISCONNECT(conn); 1144 } 1156 /* Call VFS disconnect hook */ 1157 SMB_VFS_DISCONNECT(conn); 1145 1158 yield_connection(conn, lp_servicename(snum)); 1146 1159 conn_free(conn); -
branches/samba-3.3.x/source/smbd/trans2.c
r370 r411 5249 5249 char *link_target = NULL; 5250 5250 const char *newname = fname; 5251 NTSTATUS status = NT_STATUS_OK;5252 5251 TALLOC_CTX *ctx = talloc_tos(); 5253 5252 … … 5268 5267 if (!link_target) { 5269 5268 return NT_STATUS_INVALID_PARAMETER; 5270 }5271 5272 /* !widelinks forces the target path to be within the share. */5273 /* This means we can interpret the target as a pathname. */5274 if (!lp_widelinks(SNUM(conn))) {5275 char *rel_name = NULL;5276 char *last_dirp = NULL;5277 5278 if (*link_target == '/') {5279 /* No absolute paths allowed. */5280 return NT_STATUS_ACCESS_DENIED;5281 }5282 rel_name = talloc_strdup(ctx,newname);5283 if (!rel_name) {5284 return NT_STATUS_NO_MEMORY;5285 }5286 last_dirp = strrchr_m(rel_name, '/');5287 if (last_dirp) {5288 last_dirp[1] = '\0';5289 } else {5290 rel_name = talloc_strdup(ctx,"./");5291 if (!rel_name) {5292 return NT_STATUS_NO_MEMORY;5293 }5294 }5295 rel_name = talloc_asprintf_append(rel_name,5296 "%s",5297 link_target);5298 if (!rel_name) {5299 return NT_STATUS_NO_MEMORY;5300 }5301 5302 status = check_name(conn, rel_name);5303 if (!NT_STATUS_IS_OK(status)) {5304 return status;5305 }5306 5269 } 5307 5270 -
branches/samba-3.3.x/source/smbd/vfs.c
r206 r411 940 940 /* Check for widelinks allowed. */ 941 941 if (!lp_widelinks(SNUM(conn)) && (strncmp(conn->connectpath, resolved_name, con_path_len) != 0)) { 942 DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path ", fname));942 DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path\n", fname)); 943 943 if (free_resolved_name) { 944 944 SAFE_FREE(resolved_name);
Note:
See TracChangeset
for help on using the changeset viewer.
