OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. BP--openafs-stable-1_6_x-43-gfcca1f7

Gerrit Code Review gerrit@openafs.org
Tue, 7 Sep 2010 20:48:07 -0700 (PDT) 

The following commit has been merged in the openafs-stable-1_6_x branch:
commit fcca1f7bbee8198d8aeead3003bbff28f5dd9080
Author: Jeffrey Altman <jaltman@your-file-system.com>
Date:   Tue Sep 7 08:21:12 2010 -0400

    Windows: Improve SMB detection of Local System account
    
    Depending on the authentication method, the smb session authenticated
    name for the "local system" account may be the nul string.  In this
    case it is impossible to use the name to determine if the authenticated
    entity is the "local system" account as required by smb_SetToken.
    To work around this problem, smb_AuthenticateUserExt() will now obtain
    the Security Identifier (SID) for the authenticated account.  The string
    representation of the SID will be used in place of the name by
    smb_ReceiveV3SessionSetupX() when constructing the smb_user_t object.
    A new flag, SMB_USERNAMEFLAG_SID, indicates when the name is in fact
    a SID.
    
    smb_userIsLocalSystem() checks for the SMB_USERNAMEFLAG_SID flag and
    performs a SID comparison when it is set.
    
    smb_SetToken() will accept either MACHINE\user or a SID string as
    the smbname.  It will obtain the SID if possible and create a SID-based
    smb_user_t.
    
    It is possible that a SYSTEM service will use an anonymous (S-1-5-7)
    SMB connection.  In that case, we also check the RPC Impersonation
    SID to see if it is SYSTEM.  If so, the RPC identity supercedes the
    SMB identity for SetToken.
    
    smb_IoctlRead, smb_IoctlV3Read and smb_IoctlRawRead are now all
    consistent with regards to name processing.
    
    Fixed a couple of comments as well.
    
    FIXES 128022
    
    LICENSE MIT
    
    Change-Id: I8f9ccd4a4dddea52d151288855c7e129e2f31b28
    Reviewed-on: http://gerrit.openafs.org/2709
    Tested-by: Jeffrey Altman <jaltman@openafs.org>
    Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
    (cherry picked from commit 19f50c13b4542cc84c33eaca4b2cc6ac0b75eb98)
    Reviewed-on: http://gerrit.openafs.org/2711

 src/WINNT/afsd/cm_ioctl.c  |    2 +-
 src/WINNT/afsd/cm_rpc.c    |   49 ++++++++++-
 src/WINNT/afsd/cm_rpc.h    |    4 +-
 src/WINNT/afsd/smb.c       |   13 ++-
 src/WINNT/afsd/smb.h       |    8 ++
 src/WINNT/afsd/smb3.c      |  203 +++++++++++++++++++++++++++++++++++++++++++-
 src/WINNT/afsd/smb3.h      |    5 +
 src/WINNT/afsd/smb_ioctl.c |  182 ++++++++++++++++++++++++++++++---------
 8 files changed, 410 insertions(+), 56 deletions(-)

-- 
OpenAFS Master Repository