search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: Add an async smbsock_connect
[Samba.git] / source3 / smbd / service.c
blob88a5f3c22ac3e6118c44c49557600460cbe00ad0
1 /*
2 Unix SMB/CIFS implementation.
3 service (connection) opening and closing
4 Copyright (C) Andrew Tridgell 1992-1998
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "smbd/globals.h"
22
23 extern userdom_struct current_user_info;
24
25 static bool canonicalize_connect_path(connection_struct *conn)
26 {
27 #ifdef REALPATH_TAKES_NULL
28 bool ret;
29 char *resolved_name = SMB_VFS_REALPATH(conn,conn->connectpath,NULL);
30 if (!resolved_name) {
31 return false;
32 }
33 ret = set_conn_connectpath(conn,resolved_name);
34 SAFE_FREE(resolved_name);
35 return ret;
36 #else
37 char resolved_name_buf[PATH_MAX+1];
38 char *resolved_name = SMB_VFS_REALPATH(conn,conn->connectpath,resolved_name_buf);
39 if (!resolved_name) {
40 return false;
41 }
42 return set_conn_connectpath(conn,resolved_name);
43 #endif /* REALPATH_TAKES_NULL */
44 }
45
46 /****************************************************************************
47 Ensure when setting connectpath it is a canonicalized (no ./ // or ../)
48 absolute path stating in / and not ending in /.
49 Observent people will notice a similarity between this and check_path_syntax :-).
50 ****************************************************************************/
51
52 bool set_conn_connectpath(connection_struct *conn, const char *connectpath)
53 {
54 char *destname;
55 char *d;
56 const char *s = connectpath;
57 bool start_of_name_component = true;
58
59 if (connectpath == NULL || connectpath[0] == '\0') {
60 return false;
61 }
62
63 /* Allocate for strlen + '\0' + possible leading '/' */
64 destname = SMB_MALLOC(strlen(connectpath) + 2);
65 if (!destname) {
66 return false;
67 }
68 d = destname;
69
70 *d++ = '/'; /* Always start with root. */
71
72 while (*s) {
73 if (*s == '/') {
74 /* Eat multiple '/' */
75 while (*s == '/') {
76 s++;
77 }
78 if ((d > destname + 1) && (*s != '\0')) {
79 *d++ = '/';
80 }
81 start_of_name_component = True;
82 continue;
83 }
84
85 if (start_of_name_component) {
86 if ((s[0] == '.') && (s[1] == '.') && (s[2] == '/' || s[2] == '\0')) {
87 /* Uh oh - "/../" or "/..\0" ! */
88
89 /* Go past the ../ or .. */
90 if (s[2] == '/') {
91 s += 3;
92 } else {
93 s += 2; /* Go past the .. */
94 }
95
96 /* If we just added a '/' - delete it */
97 if ((d > destname) && (*(d-1) == '/')) {
98 *(d-1) = '\0';
99 d--;
100 }
101
102 /* Are we at the start ? Can't go back further if so. */
103 if (d <= destname) {
104 *d++ = '/'; /* Can't delete root */
105 continue;
106 }
107 /* Go back one level... */
108 /* Decrement d first as d points to the *next* char to write into. */
109 for (d--; d > destname; d--) {
110 if (*d == '/') {
111 break;
112 }
113 }
114 /* We're still at the start of a name component, just the previous one. */
115 continue;
116 } else if ((s[0] == '.') && ((s[1] == '\0') || s[1] == '/')) {
117 /* Component of pathname can't be "." only - skip the '.' . */
118 if (s[1] == '/') {
119 s += 2;
120 } else {
121 s++;
122 }
123 continue;
124 }
125 }
126
127 if (!(*s & 0x80)) {
128 *d++ = *s++;
129 } else {
130 size_t siz;
131 /* Get the size of the next MB character. */
132 next_codepoint(s,&siz);
133 switch(siz) {
134 case 5:
135 *d++ = *s++;
136 /*fall through*/
137 case 4:
138 *d++ = *s++;
139 /*fall through*/
140 case 3:
141 *d++ = *s++;
142 /*fall through*/
143 case 2:
144 *d++ = *s++;
145 /*fall through*/
146 case 1:
147 *d++ = *s++;
148 break;
149 default:
150 break;
151 }
152 }
153 start_of_name_component = false;
154 }
155 *d = '\0';
156
157 /* And must not end in '/' */
158 if (d > destname + 1 && (*(d-1) == '/')) {
159 *(d-1) = '\0';
160 }
161
162 DEBUG(10,("set_conn_connectpath: service %s, connectpath = %s\n",
163 lp_servicename(SNUM(conn)), destname ));
164
165 string_set(&conn->connectpath, destname);
166 SAFE_FREE(destname);
167 return true;
168 }
169
170 /****************************************************************************
171 Load parameters specific to a connection/service.
172 ****************************************************************************/
173
174 bool set_current_service(connection_struct *conn, uint16 flags, bool do_chdir)
175 {
176 int snum;
177
178 if (!conn) {
179 last_conn = NULL;
180 return(False);
181 }
182
183 conn->lastused_count++;
184
185 snum = SNUM(conn);
186
187 if (do_chdir &&
188 vfs_ChDir(conn,conn->connectpath) != 0 &&
189 vfs_ChDir(conn,conn->origpath) != 0) {
190 DEBUG(0,("chdir (%s) failed\n",
191 conn->connectpath));
192 return(False);
193 }
194
195 if ((conn == last_conn) && (last_flags == flags)) {
196 return(True);
197 }
198
199 last_conn = conn;
200 last_flags = flags;
201
202 /* Obey the client case sensitivity requests - only for clients that support it. */
203 switch (lp_casesensitive(snum)) {
204 case Auto:
205 {
206 /* We need this uglyness due to DOS/Win9x clients that lie about case insensitivity. */
207 enum remote_arch_types ra_type = get_remote_arch();
208 if ((ra_type != RA_SAMBA) && (ra_type != RA_CIFSFS)) {
209 /* Client can't support per-packet case sensitive pathnames. */
210 conn->case_sensitive = False;
211 } else {
212 conn->case_sensitive = !(flags & FLAG_CASELESS_PATHNAMES);
213 }
214 }
215 break;
216 case True:
217 conn->case_sensitive = True;
218 break;
219 default:
220 conn->case_sensitive = False;
221 break;
222 }
223 return(True);
224 }
225
226 static int load_registry_service(const char *servicename)
227 {
228 if (!lp_registry_shares()) {
229 return -1;
230 }
231
232 if ((servicename == NULL) || (*servicename == '\0')) {
233 return -1;
234 }
235
236 if (strequal(servicename, GLOBAL_NAME)) {
237 return -2;
238 }
239
240 if (!process_registry_service(servicename)) {
241 return -1;
242 }
243
244 return lp_servicenumber(servicename);
245 }
246
247 void load_registry_shares(void)
248 {
249 DEBUG(8, ("load_registry_shares()\n"));
250 if (!lp_registry_shares()) {
251 return;
252 }
253
254 process_registry_shares();
255
256 return;
257 }
258
259 /****************************************************************************
260 Add a home service. Returns the new service number or -1 if fail.
261 ****************************************************************************/
262
263 int add_home_service(const char *service, const char *username, const char *homedir)
264 {
265 int iHomeService;
266
267 if (!service || !homedir || homedir[0] == '\0')
268 return -1;
269
270 if ((iHomeService = lp_servicenumber(HOMES_NAME)) < 0) {
271 if ((iHomeService = load_registry_service(HOMES_NAME)) < 0) {
272 return -1;
273 }
274 }
275
276 /*
277 * If this is a winbindd provided username, remove
278 * the domain component before adding the service.
279 * Log a warning if the "path=" parameter does not
280 * include any macros.
281 */
282
283 {
284 const char *p = strchr(service,*lp_winbind_separator());
285
286 /* We only want the 'user' part of the string */
287 if (p) {
288 service = p + 1;
289 }
290 }
291
292 if (!lp_add_home(service, iHomeService, username, homedir)) {
293 return -1;
294 }
295
296 return lp_servicenumber(service);
297
298 }
299
300 /**
301 * Find a service entry.
302 *
303 * @param service is modified (to canonical form??)
304 **/
305
306 int find_service(fstring service)
307 {
308 int iService;
309
310 all_string_sub(service,"\\","/",0);
311
312 iService = lp_servicenumber(service);
313
314 /* now handle the special case of a home directory */
315 if (iService < 0) {
316 char *phome_dir = get_user_home_dir(talloc_tos(), service);
317
318 if(!phome_dir) {
319 /*
320 * Try mapping the servicename, it may
321 * be a Windows to unix mapped user name.
322 */
323 if(map_username(service))
324 phome_dir = get_user_home_dir(
325 talloc_tos(), service);
326 }
327
328 DEBUG(3,("checking for home directory %s gave %s\n",service,
329 phome_dir?phome_dir:"(NULL)"));
330
331 iService = add_home_service(service,service /* 'username' */, phome_dir);
332 }
333
334 /* If we still don't have a service, attempt to add it as a printer. */
335 if (iService < 0) {
336 int iPrinterService;
337
338 if ((iPrinterService = lp_servicenumber(PRINTERS_NAME)) < 0) {
339 iPrinterService = load_registry_service(PRINTERS_NAME);
340 }
341 if (iPrinterService >= 0) {
342 DEBUG(3,("checking whether %s is a valid printer name...\n", service));
343 if (pcap_printername_ok(service)) {
344 DEBUG(3,("%s is a valid printer name\n", service));
345 DEBUG(3,("adding %s as a printer service\n", service));
346 lp_add_printer(service, iPrinterService);
347 iService = lp_servicenumber(service);
348 if (iService < 0) {
349 DEBUG(0,("failed to add %s as a printer service!\n", service));
350 }
351 } else {
352 DEBUG(3,("%s is not a valid printer name\n", service));
353 }
354 }
355 }
356
357 /* Check for default vfs service? Unsure whether to implement this */
358 if (iService < 0) {
359 }
360
361 if (iService < 0) {
362 iService = load_registry_service(service);
363 }
364
365 /* Is it a usershare service ? */
366 if (iService < 0 && *lp_usershare_path()) {
367 /* Ensure the name is canonicalized. */
368 strlower_m(service);
369 iService = load_usershare_service(service);
370 }
371
372 /* just possibly it's a default service? */
373 if (iService < 0) {
374 char *pdefservice = lp_defaultservice();
375 if (pdefservice && *pdefservice && !strequal(pdefservice,service) && !strstr_m(service,"..")) {
376 /*
377 * We need to do a local copy here as lp_defaultservice()
378 * returns one of the rotating lp_string buffers that
379 * could get overwritten by the recursive find_service() call
380 * below. Fix from Josef Hinteregger <joehtg@joehtg.co.at>.
381 */
382 char *defservice = SMB_STRDUP(pdefservice);
383
384 if (!defservice) {
385 goto fail;
386 }
387
388 /* Disallow anything except explicit share names. */
389 if (strequal(defservice,HOMES_NAME) ||
390 strequal(defservice, PRINTERS_NAME) ||
391 strequal(defservice, "IPC$")) {
392 SAFE_FREE(defservice);
393 goto fail;
394 }
395
396 iService = find_service(defservice);
397 if (iService >= 0) {
398 all_string_sub(service, "_","/",0);
399 iService = lp_add_service(service, iService);
400 }
401 SAFE_FREE(defservice);
402 }
403 }
404
405 if (iService >= 0) {
406 if (!VALID_SNUM(iService)) {
407 DEBUG(0,("Invalid snum %d for %s\n",iService, service));
408 iService = -1;
409 }
410 }
411
412 fail:
413
414 if (iService < 0)
415 DEBUG(3,("find_service() failed to find service %s\n", service));
416
417 return (iService);
418 }
419
420
421 /****************************************************************************
422 do some basic sainity checks on the share.
423 This function modifies dev, ecode.
424 ****************************************************************************/
425
426 static NTSTATUS share_sanity_checks(int snum, fstring dev)
427 {
428
429 if (!lp_snum_ok(snum) ||
430 !check_access(smbd_server_fd(),
431 lp_hostsallow(snum), lp_hostsdeny(snum))) {
432 return NT_STATUS_ACCESS_DENIED;
433 }
434
435 if (dev[0] == '?' || !dev[0]) {
436 if (lp_print_ok(snum)) {
437 fstrcpy(dev,"LPT1:");
438 } else if (strequal(lp_fstype(snum), "IPC")) {
439 fstrcpy(dev, "IPC");
440 } else {
441 fstrcpy(dev,"A:");
442 }
443 }
444
445 strupper_m(dev);
446
447 if (lp_print_ok(snum)) {
448 if (!strequal(dev, "LPT1:")) {
449 return NT_STATUS_BAD_DEVICE_TYPE;
450 }
451 } else if (strequal(lp_fstype(snum), "IPC")) {
452 if (!strequal(dev, "IPC")) {
453 return NT_STATUS_BAD_DEVICE_TYPE;
454 }
455 } else if (!strequal(dev, "A:")) {
456 return NT_STATUS_BAD_DEVICE_TYPE;
457 }
458
459 /* Behave as a printer if we are supposed to */
460 if (lp_print_ok(snum) && (strcmp(dev, "A:") == 0)) {
461 fstrcpy(dev, "LPT1:");
462 }
463
464 return NT_STATUS_OK;
465 }
466
467 /*
468 * Go through lookup_name etc to find the force'd group.
469 *
470 * Create a new token from src_token, replacing the primary group sid with the
471 * one found.
472 */
473
474 static NTSTATUS find_forced_group(bool force_user,
475 int snum, const char *username,
476 DOM_SID *pgroup_sid,
477 gid_t *pgid)
478 {
479 NTSTATUS result = NT_STATUS_NO_SUCH_GROUP;
480 TALLOC_CTX *frame = talloc_stackframe();
481 DOM_SID group_sid;
482 enum lsa_SidType type;
483 char *groupname;
484 bool user_must_be_member = False;
485 gid_t gid;
486
487 groupname = talloc_strdup(talloc_tos(), lp_force_group(snum));
488 if (groupname == NULL) {
489 DEBUG(1, ("talloc_strdup failed\n"));
490 result = NT_STATUS_NO_MEMORY;
491 goto done;
492 }
493
494 if (groupname[0] == '+') {
495 user_must_be_member = True;
496 groupname += 1;
497 }
498
499 groupname = talloc_string_sub(talloc_tos(), groupname,
500 "%S", lp_servicename(snum));
501 if (groupname == NULL) {
502 DEBUG(1, ("talloc_string_sub failed\n"));
503 result = NT_STATUS_NO_MEMORY;
504 goto done;
505 }
506
507 if (!lookup_name_smbconf(talloc_tos(), groupname,
508 LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
509 NULL, NULL, &group_sid, &type)) {
510 DEBUG(10, ("lookup_name_smbconf(%s) failed\n",
511 groupname));
512 goto done;
513 }
514
515 if ((type != SID_NAME_DOM_GRP) && (type != SID_NAME_ALIAS) &&
516 (type != SID_NAME_WKN_GRP)) {
517 DEBUG(10, ("%s is a %s, not a group\n", groupname,
518 sid_type_lookup(type)));
519 goto done;
520 }
521
522 if (!sid_to_gid(&group_sid, &gid)) {
523 DEBUG(10, ("sid_to_gid(%s) for %s failed\n",
524 sid_string_dbg(&group_sid), groupname));
525 goto done;
526 }
527
528 /*
529 * If the user has been forced and the forced group starts with a '+',
530 * then we only set the group to be the forced group if the forced
531 * user is a member of that group. Otherwise, the meaning of the '+'
532 * would be ignored.
533 */
534
535 if (force_user && user_must_be_member) {
536 if (user_in_group_sid(username, &group_sid)) {
537 sid_copy(pgroup_sid, &group_sid);
538 *pgid = gid;
539 DEBUG(3,("Forced group %s for member %s\n",
540 groupname, username));
541 } else {
542 DEBUG(0,("find_forced_group: forced user %s is not a member "
543 "of forced group %s. Disallowing access.\n",
544 username, groupname ));
545 result = NT_STATUS_MEMBER_NOT_IN_GROUP;
546 goto done;
547 }
548 } else {
549 sid_copy(pgroup_sid, &group_sid);
550 *pgid = gid;
551 DEBUG(3,("Forced group %s\n", groupname));
552 }
553
554 result = NT_STATUS_OK;
555 done:
556 TALLOC_FREE(frame);
557 return result;
558 }
559
560 /****************************************************************************
561 Create an auth_serversupplied_info structure for a connection_struct
562 ****************************************************************************/
563
564 static NTSTATUS create_connection_server_info(TALLOC_CTX *mem_ctx, int snum,
565 struct auth_serversupplied_info *vuid_serverinfo,
566 DATA_BLOB password,
567 struct auth_serversupplied_info **presult)
568 {
569 if (lp_guest_only(snum)) {
570 return make_server_info_guest(mem_ctx, presult);
571 }
572
573 if (vuid_serverinfo != NULL) {
574
575 struct auth_serversupplied_info *result;
576
577 /*
578 * This is the normal security != share case where we have a
579 * valid vuid from the session setup. */
580
581 if (vuid_serverinfo->guest) {
582 if (!lp_guest_ok(snum)) {
583 DEBUG(2, ("guest user (from session setup) "
584 "not permitted to access this share "
585 "(%s)\n", lp_servicename(snum)));
586 return NT_STATUS_ACCESS_DENIED;
587 }
588 } else {
589 if (!user_ok_token(vuid_serverinfo->unix_name,
590 pdb_get_domain(vuid_serverinfo->sam_account),
591 vuid_serverinfo->ptok, snum)) {
592 DEBUG(2, ("user '%s' (from session setup) not "
593 "permitted to access this share "
594 "(%s)\n",
595 vuid_serverinfo->unix_name,
596 lp_servicename(snum)));
597 return NT_STATUS_ACCESS_DENIED;
598 }
599 }
600
601 result = copy_serverinfo(mem_ctx, vuid_serverinfo);
602 if (result == NULL) {
603 return NT_STATUS_NO_MEMORY;
604 }
605
606 *presult = result;
607 return NT_STATUS_OK;
608 }
609
610 if (lp_security() == SEC_SHARE) {
611
612 fstring user;
613 bool guest;
614
615 /* add the sharename as a possible user name if we
616 are in share mode security */
617
618 add_session_user(lp_servicename(snum));
619
620 /* shall we let them in? */
621
622 if (!authorise_login(snum,user,password,&guest)) {
623 DEBUG( 2, ( "Invalid username/password for [%s]\n",
624 lp_servicename(snum)) );
625 return NT_STATUS_WRONG_PASSWORD;
626 }
627
628 return make_serverinfo_from_username(mem_ctx, user, guest,
629 presult);
630 }
631
632 DEBUG(0, ("invalid VUID (vuser) but not in security=share\n"));
633 return NT_STATUS_ACCESS_DENIED;
634 }
635
636
637 /****************************************************************************
638 Make a connection, given the snum to connect to, and the vuser of the
639 connecting user if appropriate.
640 ****************************************************************************/
641
642 static connection_struct *make_connection_snum(int snum, user_struct *vuser,
643 DATA_BLOB password,
644 const char *pdev,
645 NTSTATUS *pstatus)
646 {
647 connection_struct *conn;
648 SMB_STRUCT_STAT st;
649 fstring dev;
650 int ret;
651 char addr[INET6_ADDRSTRLEN];
652 NTSTATUS status;
653
654 fstrcpy(dev, pdev);
655 SET_STAT_INVALID(st);
656
657 if (NT_STATUS_IS_ERR(*pstatus = share_sanity_checks(snum, dev))) {
658 return NULL;
659 }
660
661 conn = conn_new();
662 if (!conn) {
663 DEBUG(0,("Couldn't find free connection.\n"));
664 *pstatus = NT_STATUS_INSUFFICIENT_RESOURCES;
665 return NULL;
666 }
667
668 conn->params->service = snum;
669
670 status = create_connection_server_info(
671 conn, snum, vuser ? vuser->server_info : NULL, password,
672 &conn->server_info);
673
674 if (!NT_STATUS_IS_OK(status)) {
675 DEBUG(1, ("create_connection_server_info failed: %s\n",
676 nt_errstr(status)));
677 *pstatus = status;
678 conn_free(conn);
679 return NULL;
680 }
681
682 if ((lp_guest_only(snum)) || (lp_security() == SEC_SHARE)) {
683 conn->force_user = true;
684 }
685
686 add_session_user(conn->server_info->unix_name);
687
688 safe_strcpy(conn->client_address,
689 client_addr(get_client_fd(),addr,sizeof(addr)),
690 sizeof(conn->client_address)-1);
691 conn->num_files_open = 0;
692 conn->lastused = conn->lastused_count = time(NULL);
693 conn->used = True;
694 conn->printer = (strncmp(dev,"LPT",3) == 0);
695 conn->ipc = ( (strncmp(dev,"IPC",3) == 0) ||
696 ( lp_enable_asu_support() && strequal(dev,"ADMIN$")) );
697 conn->dirptr = NULL;
698
699 /* Case options for the share. */
700 if (lp_casesensitive(snum) == Auto) {
701 /* We will be setting this per packet. Set to be case
702 * insensitive for now. */
703 conn->case_sensitive = False;
704 } else {
705 conn->case_sensitive = (bool)lp_casesensitive(snum);
706 }
707
708 conn->case_preserve = lp_preservecase(snum);
709 conn->short_case_preserve = lp_shortpreservecase(snum);
710
711 conn->encrypt_level = lp_smb_encrypt(snum);
712
713 conn->veto_list = NULL;
714 conn->hide_list = NULL;
715 conn->veto_oplock_list = NULL;
716 conn->aio_write_behind_list = NULL;
717 string_set(&conn->dirpath,"");
718
719 conn->read_only = lp_readonly(SNUM(conn));
720 conn->admin_user = False;
721
722 if (*lp_force_user(snum)) {
723
724 /*
725 * Replace conn->server_info with a completely faked up one
726 * from the username we are forced into :-)
727 */
728
729 char *fuser;
730 struct auth_serversupplied_info *forced_serverinfo;
731
732 fuser = talloc_string_sub(conn, lp_force_user(snum), "%S",
733 lp_servicename(snum));
734 if (fuser == NULL) {
735 conn_free(conn);
736 *pstatus = NT_STATUS_NO_MEMORY;
737 return NULL;
738 }
739
740 status = make_serverinfo_from_username(
741 conn, fuser, conn->server_info->guest,
742 &forced_serverinfo);
743 if (!NT_STATUS_IS_OK(status)) {
744 conn_free(conn);
745 *pstatus = status;
746 return NULL;
747 }
748
749 TALLOC_FREE(conn->server_info);
750 conn->server_info = forced_serverinfo;
751
752 conn->force_user = True;
753 DEBUG(3,("Forced user %s\n", fuser));
754 }
755
756 /*
757 * If force group is true, then override
758 * any groupid stored for the connecting user.
759 */
760
761 if (*lp_force_group(snum)) {
762
763 status = find_forced_group(
764 conn->force_user, snum, conn->server_info->unix_name,
765 &conn->server_info->ptok->user_sids[1],
766 &conn->server_info->utok.gid);
767
768 if (!NT_STATUS_IS_OK(status)) {
769 conn_free(conn);
770 *pstatus = status;
771 return NULL;
772 }
773
774 /*
775 * We need to cache this gid, to use within
776 * change_to_user() separately from the conn->server_info
777 * struct. We only use conn->server_info directly if
778 * "force_user" was set.
779 */
780 conn->force_group_gid = conn->server_info->utok.gid;
781 }
782
783 conn->vuid = (vuser != NULL) ? vuser->vuid : UID_FIELD_INVALID;
784
785 {
786 char *s = talloc_sub_advanced(talloc_tos(),
787 lp_servicename(SNUM(conn)),
788 conn->server_info->unix_name,
789 conn->connectpath,
790 conn->server_info->utok.gid,
791 conn->server_info->sanitized_username,
792 pdb_get_domain(conn->server_info->sam_account),
793 lp_pathname(snum));
794 if (!s) {
795 conn_free(conn);
796 *pstatus = NT_STATUS_NO_MEMORY;
797 return NULL;
798 }
799
800 if (!set_conn_connectpath(conn,s)) {
801 TALLOC_FREE(s);
802 conn_free(conn);
803 *pstatus = NT_STATUS_NO_MEMORY;
804 return NULL;
805 }
806 DEBUG(3,("Connect path is '%s' for service [%s]\n",s,
807 lp_servicename(snum)));
808 TALLOC_FREE(s);
809 }
810
811 /*
812 * New code to check if there's a share security descripter
813 * added from NT server manager. This is done after the
814 * smb.conf checks are done as we need a uid and token. JRA.
815 *
816 */
817
818 {
819 bool can_write = False;
820
821 can_write = share_access_check(conn->server_info->ptok,
822 lp_servicename(snum),
823 FILE_WRITE_DATA);
824
825 if (!can_write) {
826 if (!share_access_check(conn->server_info->ptok,
827 lp_servicename(snum),
828 FILE_READ_DATA)) {
829 /* No access, read or write. */
830 DEBUG(0,("make_connection: connection to %s "
831 "denied due to security "
832 "descriptor.\n",
833 lp_servicename(snum)));
834 conn_free(conn);
835 *pstatus = NT_STATUS_ACCESS_DENIED;
836 return NULL;
837 } else {
838 conn->read_only = True;
839 }
840 }
841 }
842 /* Initialise VFS function pointers */
843
844 if (!smbd_vfs_init(conn)) {
845 DEBUG(0, ("vfs_init failed for service %s\n",
846 lp_servicename(snum)));
847 conn_free(conn);
848 *pstatus = NT_STATUS_BAD_NETWORK_NAME;
849 return NULL;
850 }
851
852 if ((!conn->printer) && (!conn->ipc)) {
853 conn->notify_ctx = notify_init(conn, server_id_self(),
854 smbd_messaging_context(),
855 smbd_event_context(),
856 conn);
857 }
858
859 /* ROOT Activities: */
860 /* explicitly check widelinks here so that we can correctly warn
861 * in the logs. */
862 widelinks_warning(snum);
863
864 /*
865 * Enforce the max connections parameter.
866 */
867
868 if ((lp_max_connections(snum) > 0)
869 && (count_current_connections(lp_servicename(SNUM(conn)), True) >=
870 lp_max_connections(snum))) {
871
872 DEBUG(1, ("Max connections (%d) exceeded for %s\n",
873 lp_max_connections(snum), lp_servicename(snum)));
874 conn_free(conn);
875 *pstatus = NT_STATUS_INSUFFICIENT_RESOURCES;
876 return NULL;
877 }
878
879 /*
880 * Get us an entry in the connections db
881 */
882 if (!claim_connection(conn, lp_servicename(snum), 0)) {
883 DEBUG(1, ("Could not store connections entry\n"));
884 conn_free(conn);
885 *pstatus = NT_STATUS_INTERNAL_DB_ERROR;
886 return NULL;
887 }
888
889 /* Invoke VFS make connection hook - must be the first
890 VFS operation we do. */
891
892 if (SMB_VFS_CONNECT(conn, lp_servicename(snum),
893 conn->server_info->unix_name) < 0) {
894 DEBUG(0,("make_connection: VFS make connection failed!\n"));
895 yield_connection(conn, lp_servicename(snum));
896 conn_free(conn);
897 *pstatus = NT_STATUS_UNSUCCESSFUL;
898 return NULL;
899 }
900
901 /*
902 * Fix compatibility issue pointed out by Volker.
903 * We pass the conn->connectpath to the preexec
904 * scripts as a parameter, so attempt to canonicalize
905 * it here before calling the preexec scripts.
906 * We ignore errors here, as it is possible that
907 * the conn->connectpath doesn't exist yet and
908 * the preexec scripts will create them.
909 */
910
911 (void)canonicalize_connect_path(conn);
912
913 /* Preexecs are done here as they might make the dir we are to ChDir
914 * to below */
915 /* execute any "root preexec = " line */
916 if (*lp_rootpreexec(snum)) {
917 char *cmd = talloc_sub_advanced(talloc_tos(),
918 lp_servicename(SNUM(conn)),
919 conn->server_info->unix_name,
920 conn->connectpath,
921 conn->server_info->utok.gid,
922 conn->server_info->sanitized_username,
923 pdb_get_domain(conn->server_info->sam_account),
924 lp_rootpreexec(snum));
925 DEBUG(5,("cmd=%s\n",cmd));
926 ret = smbrun(cmd,NULL);
927 TALLOC_FREE(cmd);
928 if (ret != 0 && lp_rootpreexec_close(snum)) {
929 DEBUG(1,("root preexec gave %d - failing "
930 "connection\n", ret));
931 SMB_VFS_DISCONNECT(conn);
932 yield_connection(conn, lp_servicename(snum));
933 conn_free(conn);
934 *pstatus = NT_STATUS_ACCESS_DENIED;
935 return NULL;
936 }
937 }
938
939 /* USER Activites: */
940 if (!change_to_user(conn, conn->vuid)) {
941 /* No point continuing if they fail the basic checks */
942 DEBUG(0,("Can't become connected user!\n"));
943 SMB_VFS_DISCONNECT(conn);
944 yield_connection(conn, lp_servicename(snum));
945 conn_free(conn);
946 *pstatus = NT_STATUS_LOGON_FAILURE;
947 return NULL;
948 }
949
950 /* Remember that a different vuid can connect later without these
951 * checks... */
952
953 /* Preexecs are done here as they might make the dir we are to ChDir
954 * to below */
955
956 /* execute any "preexec = " line */
957 if (*lp_preexec(snum)) {
958 char *cmd = talloc_sub_advanced(talloc_tos(),
959 lp_servicename(SNUM(conn)),
960 conn->server_info->unix_name,
961 conn->connectpath,
962 conn->server_info->utok.gid,
963 conn->server_info->sanitized_username,
964 pdb_get_domain(conn->server_info->sam_account),
965 lp_preexec(snum));
966 ret = smbrun(cmd,NULL);
967 TALLOC_FREE(cmd);
968 if (ret != 0 && lp_preexec_close(snum)) {
969 DEBUG(1,("preexec gave %d - failing connection\n",
970 ret));
971 *pstatus = NT_STATUS_ACCESS_DENIED;
972 goto err_root_exit;
973 }
974 }
975
976 /*
977 * If widelinks are disallowed we need to canonicalise the connect
978 * path here to ensure we don't have any symlinks in the
979 * connectpath. We will be checking all paths on this connection are
980 * below this directory. We must do this after the VFS init as we
981 * depend on the realpath() pointer in the vfs table. JRA.
982 */
983 if (!lp_widelinks(snum)) {
984 if (!canonicalize_connect_path(conn)) {
985 DEBUG(0, ("canonicalize_connect_path failed "
986 "for service %s, path %s\n",
987 lp_servicename(snum),
988 conn->connectpath));
989 *pstatus = NT_STATUS_BAD_NETWORK_NAME;
990 goto err_root_exit;
991 }
992 }
993
994 #ifdef WITH_FAKE_KASERVER
995 if (lp_afs_share(snum)) {
996 afs_login(conn);
997 }
998 #endif
999
1000 /* Add veto/hide lists */
1001 if (!IS_IPC(conn) && !IS_PRINT(conn)) {
1002 set_namearray( &conn->veto_list, lp_veto_files(snum));
1003 set_namearray( &conn->hide_list, lp_hide_files(snum));
1004 set_namearray( &conn->veto_oplock_list, lp_veto_oplocks(snum));
1005 set_namearray( &conn->aio_write_behind_list,
1006 lp_aio_write_behind(snum));
1007 }
1008
1009
1010 /* win2000 does not check the permissions on the directory
1011 during the tree connect, instead relying on permission
1012 check during individual operations. To match this behaviour
1013 I have disabled this chdir check (tridge) */
1014 /* the alternative is just to check the directory exists */
1015 if ((ret = SMB_VFS_STAT(conn, conn->connectpath, &st)) != 0 ||
1016 !S_ISDIR(st.st_mode)) {
1017 if (ret == 0 && !S_ISDIR(st.st_mode)) {
1018 DEBUG(0,("'%s' is not a directory, when connecting to "
1019 "[%s]\n", conn->connectpath,
1020 lp_servicename(snum)));
1021 } else {
1022 DEBUG(0,("'%s' does not exist or permission denied "
1023 "when connecting to [%s] Error was %s\n",
1024 conn->connectpath, lp_servicename(snum),
1025 strerror(errno) ));
1026 }
1027 *pstatus = NT_STATUS_BAD_NETWORK_NAME;
1028 goto err_root_exit;
1029 }
1030
1031 string_set(&conn->origpath,conn->connectpath);
1032
1033 #if SOFTLINK_OPTIMISATION
1034 /* resolve any soft links early if possible */
1035 if (vfs_ChDir(conn,conn->connectpath) == 0) {
1036 TALLOC_CTX *ctx = talloc_tos();
1037 char *s = vfs_GetWd(ctx,s);
1038 if (!s) {
1039 *status = map_nt_error_from_unix(errno);
1040 goto err_root_exit;
1041 }
1042 if (!set_conn_connectpath(conn,s)) {
1043 *status = NT_STATUS_NO_MEMORY;
1044 goto err_root_exit;
1045 }
1046 vfs_ChDir(conn,conn->connectpath);
1047 }
1048 #endif
1049
1050 /* Figure out the characteristics of the underlying filesystem. This
1051 * assumes that all the filesystem mounted withing a share path have
1052 * the same characteristics, which is likely but not guaranteed.
1053 */
1054
1055 conn->fs_capabilities = SMB_VFS_FS_CAPABILITIES(conn);
1056
1057 /*
1058 * Print out the 'connected as' stuff here as we need
1059 * to know the effective uid and gid we will be using
1060 * (at least initially).
1061 */
1062
1063 if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) {
1064 dbgtext( "%s (%s) ", get_remote_machine_name(),
1065 conn->client_address );
1066 dbgtext( "%s", srv_is_signing_active() ? "signed " : "");
1067 dbgtext( "connect to service %s ", lp_servicename(snum) );
1068 dbgtext( "initially as user %s ",
1069 conn->server_info->unix_name );
1070 dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
1071 dbgtext( "(pid %d)\n", (int)sys_getpid() );
1072 }
1073
1074 /* we've finished with the user stuff - go back to root */
1075 change_to_root_user();
1076 return(conn);
1077
1078 err_root_exit:
1079
1080 change_to_root_user();
1081 /* Call VFS disconnect hook */
1082 SMB_VFS_DISCONNECT(conn);
1083 yield_connection(conn, lp_servicename(snum));
1084 conn_free(conn);
1085 return NULL;
1086 }
1087
1088 /****************************************************************************
1089 Make a connection to a service.
1090 *
1091 * @param service
1092 ****************************************************************************/
1093
1094 connection_struct *make_connection(const char *service_in, DATA_BLOB password,
1095 const char *pdev, uint16 vuid,
1096 NTSTATUS *status)
1097 {
1098 uid_t euid;
1099 user_struct *vuser = NULL;
1100 fstring service;
1101 fstring dev;
1102 int snum = -1;
1103 char addr[INET6_ADDRSTRLEN];
1104
1105 fstrcpy(dev, pdev);
1106
1107 /* This must ONLY BE CALLED AS ROOT. As it exits this function as
1108 * root. */
1109 if (!non_root_mode() && (euid = geteuid()) != 0) {
1110 DEBUG(0,("make_connection: PANIC ERROR. Called as nonroot "
1111 "(%u)\n", (unsigned int)euid ));
1112 smb_panic("make_connection: PANIC ERROR. Called as nonroot\n");
1113 }
1114
1115 if (conn_num_open() > 2047) {
1116 *status = NT_STATUS_INSUFF_SERVER_RESOURCES;
1117 return NULL;
1118 }
1119
1120 if(lp_security() != SEC_SHARE) {
1121 vuser = get_valid_user_struct(vuid);
1122 if (!vuser) {
1123 DEBUG(1,("make_connection: refusing to connect with "
1124 "no session setup\n"));
1125 *status = NT_STATUS_ACCESS_DENIED;
1126 return NULL;
1127 }
1128 }
1129
1130 /* Logic to try and connect to the correct [homes] share, preferably
1131 without too many getpwnam() lookups. This is particulary nasty for
1132 winbind usernames, where the share name isn't the same as unix
1133 username.
1134
1135 The snum of the homes share is stored on the vuser at session setup
1136 time.
1137 */
1138
1139 if (strequal(service_in,HOMES_NAME)) {
1140 if(lp_security() != SEC_SHARE) {
1141 DATA_BLOB no_pw = data_blob_null;
1142 if (vuser->homes_snum == -1) {
1143 DEBUG(2, ("[homes] share not available for "
1144 "this user because it was not found "
1145 "or created at session setup "
1146 "time\n"));
1147 *status = NT_STATUS_BAD_NETWORK_NAME;
1148 return NULL;
1149 }
1150 DEBUG(5, ("making a connection to [homes] service "
1151 "created at session setup time\n"));
1152 return make_connection_snum(vuser->homes_snum,
1153 vuser, no_pw,
1154 dev, status);
1155 } else {
1156 /* Security = share. Try with
1157 * current_user_info.smb_name as the username. */
1158 if (*current_user_info.smb_name) {
1159 fstring unix_username;
1160 fstrcpy(unix_username,
1161 current_user_info.smb_name);
1162 map_username(unix_username);
1163 snum = find_service(unix_username);
1164 }
1165 if (snum != -1) {
1166 DEBUG(5, ("making a connection to 'homes' "
1167 "service %s based on "
1168 "security=share\n", service_in));
1169 return make_connection_snum(snum, NULL,
1170 password,
1171 dev, status);
1172 }
1173 }
1174 } else if ((lp_security() != SEC_SHARE) && (vuser->homes_snum != -1)
1175 && strequal(service_in,
1176 lp_servicename(vuser->homes_snum))) {
1177 DATA_BLOB no_pw = data_blob_null;
1178 DEBUG(5, ("making a connection to 'homes' service [%s] "
1179 "created at session setup time\n", service_in));
1180 return make_connection_snum(vuser->homes_snum,
1181 vuser, no_pw,
1182 dev, status);
1183 }
1184
1185 fstrcpy(service, service_in);
1186
1187 strlower_m(service);
1188
1189 snum = find_service(service);
1190
1191 if (snum < 0) {
1192 if (strequal(service,"IPC$") ||
1193 (lp_enable_asu_support() && strequal(service,"ADMIN$"))) {
1194 DEBUG(3,("refusing IPC connection to %s\n", service));
1195 *status = NT_STATUS_ACCESS_DENIED;
1196 return NULL;
1197 }
1198
1199 DEBUG(0,("%s (%s) couldn't find service %s\n",
1200 get_remote_machine_name(),
1201 client_addr(get_client_fd(),addr,sizeof(addr)),
1202 service));
1203 *status = NT_STATUS_BAD_NETWORK_NAME;
1204 return NULL;
1205 }
1206
1207 /* Handle non-Dfs clients attempting connections to msdfs proxy */
1208 if (lp_host_msdfs() && (*lp_msdfs_proxy(snum) != '\0')) {
1209 DEBUG(3, ("refusing connection to dfs proxy share '%s' "
1210 "(pointing to %s)\n",
1211 service, lp_msdfs_proxy(snum)));
1212 *status = NT_STATUS_BAD_NETWORK_NAME;
1213 return NULL;
1214 }
1215
1216 DEBUG(5, ("making a connection to 'normal' service %s\n", service));
1217
1218 return make_connection_snum(snum, vuser,
1219 password,
1220 dev, status);
1221 }
1222
1223 /****************************************************************************
1224 Close a cnum.
1225 ****************************************************************************/
1226
1227 void close_cnum(connection_struct *conn, uint16 vuid)
1228 {
1229 file_close_conn(conn);
1230
1231 if (!IS_IPC(conn)) {
1232 dptr_closecnum(conn);
1233 }
1234
1235 change_to_root_user();
1236
1237 DEBUG(IS_IPC(conn)?3:1, ("%s (%s) closed connection to service %s\n",
1238 get_remote_machine_name(),
1239 conn->client_address,
1240 lp_servicename(SNUM(conn))));
1241
1242 /* Call VFS disconnect hook */
1243 SMB_VFS_DISCONNECT(conn);
1244
1245 yield_connection(conn, lp_servicename(SNUM(conn)));
1246
1247 /* make sure we leave the directory available for unmount */
1248 vfs_ChDir(conn, "/");
1249
1250 /* execute any "postexec = " line */
1251 if (*lp_postexec(SNUM(conn)) &&
1252 change_to_user(conn, vuid)) {
1253 char *cmd = talloc_sub_advanced(talloc_tos(),
1254 lp_servicename(SNUM(conn)),
1255 conn->server_info->unix_name,
1256 conn->connectpath,
1257 conn->server_info->utok.gid,
1258 conn->server_info->sanitized_username,
1259 pdb_get_domain(conn->server_info->sam_account),
1260 lp_postexec(SNUM(conn)));
1261 smbrun(cmd,NULL);
1262 TALLOC_FREE(cmd);
1263 change_to_root_user();
1264 }
1265
1266 change_to_root_user();
1267 /* execute any "root postexec = " line */
1268 if (*lp_rootpostexec(SNUM(conn))) {
1269 char *cmd = talloc_sub_advanced(talloc_tos(),
1270 lp_servicename(SNUM(conn)),
1271 conn->server_info->unix_name,
1272 conn->connectpath,
1273 conn->server_info->utok.gid,
1274 conn->server_info->sanitized_username,
1275 pdb_get_domain(conn->server_info->sam_account),
1276 lp_rootpostexec(SNUM(conn)));
1277 smbrun(cmd,NULL);
1278 TALLOC_FREE(cmd);
1279 }
1280
1281 conn_free(conn);
1282 }
Samba GIT mirror