s3: Calculate&store the maximum share access mask

author Volker Lendecke <vl@samba.org>

Mon, 4 Jul 2011 16:35:21 +0000 (18:35 +0200)

committer Karolin Seeger <kseeger@samba.org>

Wed, 13 Jul 2011 19:32:36 +0000 (21:32 +0200)
author Volker Lendecke <vl@samba.org>
Mon, 4 Jul 2011 16:35:21 +0000 (18:35 +0200)
committer Karolin Seeger <kseeger@samba.org>
Wed, 13 Jul 2011 19:32:36 +0000 (21:32 +0200)
diff --git a/source3/include/smb.h b/source3/include/smb.h

index 3e68a9918fc2a67c38cef590d7e73c69a362dd53..3a64af7eeda2174b85ee6360a72519978fd87080 100644 (file)
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -408,6 +408,7 @@ typedef struct connection_struct {
         bool printer;
         bool ipc;
         bool read_only; /* Attributes for the current user of the share. */
+       uint32_t share_access;
         /* Does this filesystem honor
            sub second timestamps on files
            and directories when setting time ? */
diff --git a/source3/smbd/service.c b/source3/smbd/service.c

index 6c147b26b5ba7bc95fd398decdd4a0b24b643dcc..d88c02c618beebe6fe2094f8ee3e5ed696cf06e2 100644 (file)
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -853,28 +853,21 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
          *
          */
  
-       {
-               bool can_write = False;
-
-               can_write = share_access_check(
-                       conn->session_info->security_token,
-                       lp_servicename(snum), FILE_WRITE_DATA, NULL);
-
-               if (!can_write) {
-                       if (!share_access_check(
-                                   conn->session_info->security_token,
-                                   lp_servicename(snum), FILE_READ_DATA,
-                                   NULL)) {
-                               /* No access, read or write. */
-                               DEBUG(0,("make_connection: connection to %s "
-                                        "denied due to security "
-                                        "descriptor.\n",
-                                         lp_servicename(snum)));
-                               *pstatus = NT_STATUS_ACCESS_DENIED;
-                               goto err_root_exit;
-                       } else {
-                               conn->read_only = True;
-                       }
+       share_access_check(conn->session_info->security_token,
+                          lp_servicename(snum), MAXIMUM_ALLOWED_ACCESS,
+                          &conn->share_access);
+
+       if ((conn->share_access & FILE_WRITE_DATA) == 0) {
+               if ((conn->share_access & FILE_READ_DATA) == 0) {
+                       /* No access, read or write. */
+                       DEBUG(0,("make_connection: connection to %s "
+                                "denied due to security "
+                                "descriptor.\n",
+                                lp_servicename(snum)));
+                       *pstatus = NT_STATUS_ACCESS_DENIED;
+                       goto err_root_exit;
+               } else {
+                       conn->read_only = True;
                 }
         }
         /* Initialise VFS function pointers */
author	Volker Lendecke <vl@samba.org>
	Mon, 4 Jul 2011 16:35:21 +0000 (18:35 +0200)
committer	Karolin Seeger <kseeger@samba.org>
	Wed, 13 Jul 2011 19:32:36 +0000 (21:32 +0200)
source3/include/smb.h		patch \| blob \| history
source3/smbd/service.c		patch \| blob \| history