[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-310-g4d3e84a
Michael Adam
obnox at samba.org
Tue Nov 13 14:51:56 GMT 2007
The branch, v3-2-test has been updated
via 4d3e84a3b3a39d3d2c9b86affa16c8124b1496e5 (commit)
via a2949fd7a567ba3357024c9e4a8429733009dde4 (commit)
via dcbe1bf942d017a3cd5084c6ef605a13912f795b (commit)
from 01663c2312467ceebeb2e2fb1aa432ad96c626e5 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 4d3e84a3b3a39d3d2c9b86affa16c8124b1496e5
Author: Michael Adam <obnox at samba.org>
Date: Mon Nov 12 12:49:40 2007 +0100
Fix build of the zfs_acl module.
There was one caller of smb_get_nt_acl_nfs4() forgotten
in the change of return value.
Michael
commit a2949fd7a567ba3357024c9e4a8429733009dde4
Author: Michael Adam <obnox at samba.org>
Date: Mon Nov 12 12:48:29 2007 +0100
Fix the build: correct prototype.
Adapt prototype of smb_get_nt_acl_nfs4() in the header file, too.
Michael
commit dcbe1bf942d017a3cd5084c6ef605a13912f795b
Author: Volker Lendecke <vl at sernet.de>
Date: Sat Oct 13 21:06:49 2007 +0200
Make [f]get_nt_acl return NTSTATUS
-----------------------------------------------------------------------
Summary of changes:
source/include/vfs.h | 12 ++++++++++--
source/modules/nfs4_acls.c | 20 ++++++++++++--------
source/modules/nfs4_acls.h | 2 +-
source/modules/vfs_afsacl.c | 24 ++++++++++++------------
source/modules/vfs_aixacl2.c | 8 ++++----
source/modules/vfs_catia.c | 2 +-
source/modules/vfs_default.c | 12 ++++++++----
source/modules/vfs_full_audit.c | 22 ++++++++++++----------
source/modules/vfs_gpfs.c | 8 ++++----
source/modules/vfs_zfsacl.c | 20 +++++++++++---------
source/rpc_server/srv_srvsvc_nt.c | 11 ++++++++---
source/smbd/dir.c | 11 +++++------
source/smbd/file_access.c | 15 +++++++--------
source/smbd/nttrans.c | 18 +++++++++++-------
source/smbd/posix_acls.c | 20 ++++++++++----------
15 files changed, 116 insertions(+), 89 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/vfs.h b/source/include/vfs.h
index 03af04d..b45320d 100644
--- a/source/include/vfs.h
+++ b/source/include/vfs.h
@@ -74,6 +74,7 @@
/* Leave at 22 - not yet released. Add file_id_create operation. --metze */
/* Leave at 22 - not yet released. Change all BOOL parameters (int) to bool. jra. */
/* Leave at 22 - not yet released. Added recvfile. */
+/* Leave at 22 - not yet released. Change get_nt_acl to return NTSTATUS - vl */
#define SMB_VFS_INTERFACE_VERSION 22
@@ -305,8 +306,15 @@ struct vfs_ops {
/* NT ACL operations. */
- size_t (*fget_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info, struct security_descriptor **ppdesc);
- size_t (*get_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info, struct security_descriptor **ppdesc);
+ NTSTATUS (*fget_nt_acl)(struct vfs_handle_struct *handle,
+ struct files_struct *fsp, int fd,
+ uint32 security_info,
+ struct security_descriptor **ppdesc);
+ NTSTATUS (*get_nt_acl)(struct vfs_handle_struct *handle,
+ struct files_struct *fsp,
+ const char *name,
+ uint32 security_info,
+ struct security_descriptor **ppdesc);
NTSTATUS (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor *psd);
NTSTATUS (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd);
diff --git a/source/modules/nfs4_acls.c b/source/modules/nfs4_acls.c
index 2d81739..207c2ab 100644
--- a/source/modules/nfs4_acls.c
+++ b/source/modules/nfs4_acls.c
@@ -257,7 +257,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *acl, /* in */
return True;
}
-size_t smb_get_nt_acl_nfs4(files_struct *fsp,
+NTSTATUS smb_get_nt_acl_nfs4(files_struct *fsp,
uint32 security_info,
SEC_DESC **ppdesc, SMB4ACL_T *acl)
{
@@ -272,23 +272,25 @@ size_t smb_get_nt_acl_nfs4(files_struct *fsp,
DEBUG(10, ("smb_get_nt_acl_nfs4 invoked for %s\n", fsp->fsp_name));
if (acl==NULL || smb_get_naces(acl)==0)
- return 0; /* special because we shouldn't alloc 0 for win */
+ return NT_STATUS_ACCESS_DENIED; /* special because we
+ * shouldn't alloc 0 for
+ * win */
if (smbacl4_GetFileOwner(fsp, &sbuf))
- return 0;
+ return map_nt_error_from_unix(errno);
uid_to_sid(&sid_owner, sbuf.st_uid);
gid_to_sid(&sid_group, sbuf.st_gid);
if (smbacl4_nfs42win(mem_ctx, acl, &sid_owner, &sid_group, &nt_ace_list, &good_aces)==False) {
DEBUG(8,("smbacl4_nfs42win failed\n"));
- return 0;
+ return map_nt_error_from_unix(errno);
}
psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, good_aces, nt_ace_list);
if (psa == NULL) {
DEBUG(2,("make_sec_acl failed\n"));
- return 0;
+ return NT_STATUS_NO_MEMORY;
}
DEBUG(10,("after make sec_acl\n"));
@@ -298,11 +300,13 @@ size_t smb_get_nt_acl_nfs4(files_struct *fsp,
NULL, psa, &sd_size);
if (*ppdesc==NULL) {
DEBUG(2,("make_sec_desc failed\n"));
- return 0;
+ return NT_STATUS_NO_MEMORY;
}
- DEBUG(10, ("smb_get_nt_acl_nfs4 successfully exited with sd_size %d\n", sd_size));
- return sd_size;
+ DEBUG(10, ("smb_get_nt_acl_nfs4 successfully exited with sd_size %d\n",
+ sec_desc_size(*ppdesc)));
+
+ return NT_STATUS_OK;
}
enum smbacl4_mode_enum {e_simple=0, e_special=1};
diff --git a/source/modules/nfs4_acls.h b/source/modules/nfs4_acls.h
index 08c2059..ceb66ec 100644
--- a/source/modules/nfs4_acls.h
+++ b/source/modules/nfs4_acls.h
@@ -129,7 +129,7 @@ SMB4ACE_T *smb_next_ace4(SMB4ACE_T *ace);
uint32 smb_get_naces(SMB4ACL_T *acl);
-size_t smb_get_nt_acl_nfs4(files_struct *fsp,
+NTSTATUS smb_get_nt_acl_nfs4(files_struct *fsp,
uint32 security_info,
SEC_DESC **ppdesc, SMB4ACL_T *acl);
diff --git a/source/modules/vfs_afsacl.c b/source/modules/vfs_afsacl.c
index a1043d6..eac70f4 100644
--- a/source/modules/vfs_afsacl.c
+++ b/source/modules/vfs_afsacl.c
@@ -829,8 +829,8 @@ static bool afs_get_afs_acl(char *filename, struct afs_acl *acl)
return True;
}
-static size_t afs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
- struct security_descriptor **ppdesc)
+static NTSTATUS afs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
+ struct security_descriptor **ppdesc)
{
struct afs_acl acl;
size_t sd_size;
@@ -840,14 +840,14 @@ static size_t afs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
sidpts = lp_parm_bool(SNUM(fsp->conn), "afsacl", "sidpts", False);
if (!afs_get_afs_acl(fsp->fsp_name, &acl)) {
- return 0;
+ return NT_STATUS_ACCESS_DENIED;
}
sd_size = afs_to_nt_acl(&acl, fsp, security_info, ppdesc);
free_afs_acl(&acl);
- return sd_size;
+ return (sd_size != 0) ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
}
/* For setting an AFS ACL we have to take care of the ACEs we could
@@ -982,17 +982,17 @@ static NTSTATUS afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
return (ret == 0) ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
}
-static size_t afsacl_fget_nt_acl(struct vfs_handle_struct *handle,
- struct files_struct *fsp,
- int fd, uint32 security_info,
- struct security_descriptor **ppdesc)
+static NTSTATUS afsacl_fget_nt_acl(struct vfs_handle_struct *handle,
+ struct files_struct *fsp,
+ int fd, uint32 security_info,
+ struct security_descriptor **ppdesc)
{
return afs_get_nt_acl(fsp, security_info, ppdesc);
}
-static size_t afsacl_get_nt_acl(struct vfs_handle_struct *handle,
- struct files_struct *fsp,
- const char *name, uint32 security_info,
- struct security_descriptor **ppdesc)
+static NTSTATUS afsacl_get_nt_acl(struct vfs_handle_struct *handle,
+ struct files_struct *fsp,
+ const char *name, uint32 security_info,
+ struct security_descriptor **ppdesc)
{
return afs_get_nt_acl(fsp, security_info, ppdesc);
}
diff --git a/source/modules/vfs_aixacl2.c b/source/modules/vfs_aixacl2.c
index 058fef1..756977d 100644
--- a/source/modules/vfs_aixacl2.c
+++ b/source/modules/vfs_aixacl2.c
@@ -158,7 +158,7 @@ static bool aixjfs2_get_nfs4_acl(files_struct *fsp,
return True;
}
-static size_t aixjfs2_get_nt_acl_common(files_struct *fsp,
+static NTSTATUS aixjfs2_get_nt_acl_common(files_struct *fsp,
uint32 security_info, SEC_DESC **ppdesc)
{
SMB4ACL_T *pacl = NULL;
@@ -173,19 +173,19 @@ static size_t aixjfs2_get_nt_acl_common(files_struct *fsp,
return get_nt_acl(fsp, security_info, ppdesc);
}
if (result==False)
- return 0;
+ return NT_STATUS_ACCESS_DENIED;
return smb_get_nt_acl_nfs4(fsp, security_info, ppdesc, pacl);
}
-size_t aixjfs2_fget_nt_acl(vfs_handle_struct *handle,
+NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle,
files_struct *fsp, int fd, uint32 security_info,
SEC_DESC **ppdesc)
{
return aixjfs2_get_nt_acl_common(fsp, security_info, ppdesc);
}
-size_t aixjfs2_get_nt_acl(vfs_handle_struct *handle,
+NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle,
files_struct *fsp, const char *name,
uint32 security_info, SEC_DESC **ppdesc)
{
diff --git a/source/modules/vfs_catia.c b/source/modules/vfs_catia.c
index 1f5a016..dbb9550 100644
--- a/source/modules/vfs_catia.c
+++ b/source/modules/vfs_catia.c
@@ -229,7 +229,7 @@ static char *catia_realpath(vfs_handle_struct *handle,
return SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
}
-static size_t catia_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS catia_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info,
struct security_descriptor **ppdesc)
{
diff --git a/source/modules/vfs_default.c b/source/modules/vfs_default.c
index 8c2bbfe..cce5430 100644
--- a/source/modules/vfs_default.c
+++ b/source/modules/vfs_default.c
@@ -943,9 +943,11 @@ static struct file_id vfswrap_file_id_create(struct vfs_handle_struct *handle, S
return file_id_create_dev(dev, inode);
}
-static size_t vfswrap_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info, SEC_DESC **ppdesc)
+static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle,
+ files_struct *fsp, int fd,
+ uint32 security_info, SEC_DESC **ppdesc)
{
- size_t result;
+ NTSTATUS result;
START_PROFILE(fget_nt_acl);
result = get_nt_acl(fsp, security_info, ppdesc);
@@ -953,9 +955,11 @@ static size_t vfswrap_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
return result;
}
-static size_t vfswrap_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info, SEC_DESC **ppdesc)
+static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle,
+ files_struct *fsp, const char *name,
+ uint32 security_info, SEC_DESC **ppdesc)
{
- size_t result;
+ NTSTATUS result;
START_PROFILE(get_nt_acl);
result = get_nt_acl(fsp, security_info, ppdesc);
diff --git a/source/modules/vfs_full_audit.c b/source/modules/vfs_full_audit.c
index c8a82e3..0f84c4d 100644
--- a/source/modules/vfs_full_audit.c
+++ b/source/modules/vfs_full_audit.c
@@ -190,10 +190,10 @@ static int smb_full_audit_chflags(vfs_handle_struct *handle,
const char *path, unsigned int flags);
static struct file_id smb_full_audit_file_id_create(struct vfs_handle_struct *handle,
SMB_DEV_T dev, SMB_INO_T inode);
-static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
int fd, uint32 security_info,
SEC_DESC **ppdesc);
-static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info,
SEC_DESC **ppdesc);
static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
@@ -1510,31 +1510,33 @@ static struct file_id smb_full_audit_file_id_create(struct vfs_handle_struct *ha
return result;
}
-static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
int fd, uint32 security_info,
SEC_DESC **ppdesc)
{
- size_t result;
+ NTSTATUS result;
result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, fd, security_info,
ppdesc);
- do_log(SMB_VFS_OP_FGET_NT_ACL, (result > 0), handle,
+ do_log(SMB_VFS_OP_FGET_NT_ACL, NT_STATUS_IS_OK(result), handle,
"%s", fsp->fsp_name);
return result;
}
-static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info,
- SEC_DESC **ppdesc)
+static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle,
+ files_struct *fsp,
+ const char *name,
+ uint32 security_info,
+ SEC_DESC **ppdesc)
{
- size_t result;
+ NTSTATUS result;
result = SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info,
ppdesc);
- do_log(SMB_VFS_OP_GET_NT_ACL, (result > 0), handle,
+ do_log(SMB_VFS_OP_GET_NT_ACL, NT_STATUS_IS_OK(result), handle,
"%s", fsp->fsp_name);
return result;
diff --git a/source/modules/vfs_gpfs.c b/source/modules/vfs_gpfs.c
index 0188e38..c207bbf 100644
--- a/source/modules/vfs_gpfs.c
+++ b/source/modules/vfs_gpfs.c
@@ -226,7 +226,7 @@ static int gpfs_get_nfs4_acl(const char *fname, SMB4ACL_T **ppacl)
return 0;
}
-static size_t gpfsacl_get_nt_acl_common(files_struct *fsp,
+static NTSTATUS gpfsacl_get_nt_acl_common(files_struct *fsp,
uint32 security_info, SEC_DESC **ppdesc)
{
SMB4ACL_T *pacl = NULL;
@@ -244,17 +244,17 @@ static size_t gpfsacl_get_nt_acl_common(files_struct *fsp,
}
/* GPFS ACL was not read, something wrong happened, error code is set in errno */
- return 0;
+ return map_nt_error_from_unix(errno);
}
-size_t gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
+NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
files_struct *fsp, int fd, uint32 security_info,
SEC_DESC **ppdesc)
{
return gpfsacl_get_nt_acl_common(fsp, security_info, ppdesc);
}
-size_t gpfsacl_get_nt_acl(vfs_handle_struct *handle,
+NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
files_struct *fsp, const char *name,
uint32 security_info, SEC_DESC **ppdesc)
{
diff --git a/source/modules/vfs_zfsacl.c b/source/modules/vfs_zfsacl.c
index a817022..0fe21b2 100644
--- a/source/modules/vfs_zfsacl.c
+++ b/source/modules/vfs_zfsacl.c
@@ -34,7 +34,7 @@
* read the local file's acls and return it in NT form
* using the NFSv4 format conversion
*/
-static size_t zfs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
+static NTSTATUS zfs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
struct security_descriptor **ppdesc)
{
int naces, i;
@@ -50,23 +50,24 @@ static size_t zfs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
DEBUG(9, ("acl(ACE_GETACLCNT, %s): %s ", fsp->fsp_name,
strerror(errno)));
}
- return 0;
+ return map_nt_error_from_unix(errno);
}
/* allocate the field of ZFS aces */
mem_ctx = talloc_tos();
acebuf = (ace_t *) talloc_size(mem_ctx, sizeof(ace_t)*naces);
if(acebuf == NULL) {
- errno = ENOMEM;
- return 0;
+ return NT_STATUS_NO_MEMORY;
}
/* read the aces into the field */
if(acl(fsp->fsp_name, ACE_GETACL, naces, acebuf) < 0) {
DEBUG(9, ("acl(ACE_GETACL, %s): %s ", fsp->fsp_name,
strerror(errno)));
- return 0;
+ return map_nt_error_from_unix(errno);
}
/* create SMB4ACL data */
- if((pacl = smb_create_smb4acl()) == NULL) return 0;
+ if((pacl = smb_create_smb4acl()) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
for(i=0; i<naces; i++) {
SMB_ACE4PROP_T aceprop;
@@ -87,7 +88,8 @@ static size_t zfs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
} else {
aceprop.flags = 0;
}
- if(smb_add_ace4(pacl, &aceprop) == NULL) return 0;
+ if(smb_add_ace4(pacl, &aceprop) == NULL)
+ return NT_STATUS_NO_MEMORY;
}
return smb_get_nt_acl_nfs4(fsp, security_info, ppdesc, pacl);
@@ -164,7 +166,7 @@ static NTSTATUS zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
zfs_process_smbacl);
}
-static size_t zfsacl_fget_nt_acl(struct vfs_handle_struct *handle,
+static NTSTATUS zfsacl_fget_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
int fd, uint32 security_info,
struct security_descriptor **ppdesc)
@@ -172,7 +174,7 @@ static size_t zfsacl_fget_nt_acl(struct vfs_handle_struct *handle,
return zfs_get_nt_acl(fsp, security_info, ppdesc);
}
-static size_t zfsacl_get_nt_acl(struct vfs_handle_struct *handle,
+static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
const char *name, uint32 security_info,
struct security_descriptor **ppdesc)
diff --git a/source/rpc_server/srv_srvsvc_nt.c b/source/rpc_server/srv_srvsvc_nt.c
index 55c30c5..5a3c451 100644
--- a/source/rpc_server/srv_srvsvc_nt.c
+++ b/source/rpc_server/srv_srvsvc_nt.c
@@ -2050,14 +2050,19 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
goto error_exit;
}
- sd_size = SMB_VFS_GET_NT_ACL(fsp, fsp->fsp_name, (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION), &psd);
+ nt_status = SMB_VFS_GET_NT_ACL(fsp, fsp->fsp_name,
+ (OWNER_SECURITY_INFORMATION
+ |GROUP_SECURITY_INFORMATION
+ |DACL_SECURITY_INFORMATION), &psd);
- if (sd_size == 0) {
+ if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_query_secdesc: Unable to get NT ACL for file %s\n", filename));
- r_u->status = WERR_ACCESS_DENIED;
+ r_u->status = ntstatus_to_werror(nt_status);
goto error_exit;
}
+ sd_size = sec_desc_size(psd);
+
r_u->ptr_response = 1;
r_u->size_response = sd_size;
r_u->ptr_secdesc = 1;
diff --git a/source/smbd/dir.c b/source/smbd/dir.c
index f6a8b27..05679ee 100644
--- a/source/smbd/dir.c
+++ b/source/smbd/dir.c
@@ -911,7 +911,6 @@ bool get_dir_entry(TALLOC_CTX *ctx,
static bool user_can_read_file(connection_struct *conn, char *name, SMB_STRUCT_STAT *pst)
{
SEC_DESC *psd = NULL;
- size_t sd_size;
files_struct *fsp;
NTSTATUS status;
uint32 access_granted;
@@ -951,12 +950,12 @@ static bool user_can_read_file(connection_struct *conn, char *name, SMB_STRUCT_S
}
/* Get NT ACL -allocated in main loop talloc context. No free needed here. */
- sd_size = SMB_VFS_FGET_NT_ACL(fsp, fsp->fh->fd,
+ status = SMB_VFS_FGET_NT_ACL(fsp, fsp->fh->fd,
(OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION), &psd);
close_file(fsp, NORMAL_CLOSE);
/* No access if SD get failed. */
- if (!sd_size) {
+ if (!NT_STATUS_IS_OK(status)) {
return False;
}
@@ -974,7 +973,6 @@ static bool user_can_read_file(connection_struct *conn, char *name, SMB_STRUCT_S
static bool user_can_write_file(connection_struct *conn, char *name, SMB_STRUCT_STAT *pst)
{
SEC_DESC *psd = NULL;
- size_t sd_size;
files_struct *fsp;
int info;
NTSTATUS status;
@@ -1014,13 +1012,14 @@ static bool user_can_write_file(connection_struct *conn, char *name, SMB_STRUCT_
}
/* Get NT ACL -allocated in main loop talloc context. No free needed here. */
- sd_size = SMB_VFS_FGET_NT_ACL(fsp, fsp->fh->fd,
+ status = SMB_VFS_FGET_NT_ACL(fsp, fsp->fh->fd,
(OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION), &psd);
close_file(fsp, NORMAL_CLOSE);
/* No access if SD get failed. */
- if (!sd_size)
+ if (!NT_STATUS_IS_OK(status)) {
return False;
+ }
return se_access_check(psd, current_user.nt_user_token, FILE_WRITE_DATA,
&access_granted, &status);
diff --git a/source/smbd/file_access.c b/source/smbd/file_access.c
index 121e7f7..4647266 100644
--- a/source/smbd/file_access.c
+++ b/source/smbd/file_access.c
@@ -41,7 +41,6 @@ static NTSTATUS conn_get_nt_acl(TALLOC_CTX *mem_ctx,
NTSTATUS status;
struct files_struct *fsp = NULL;
struct security_descriptor *secdesc = NULL;
- size_t secdesc_size;
if (!VALID_STAT(*psbuf)) {
if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
@@ -70,14 +69,14 @@ static NTSTATUS conn_get_nt_acl(TALLOC_CTX *mem_ctx,
return status;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list