[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-2377-g4221937
Jeremy Allison
jra at samba.org
Fri May 9 18:15:10 GMT 2008
The branch, v3-3-test has been updated
via 4221937b68e2414295279b27c5f12a80f826ed4b (commit)
from 4b3617bf505a835a6d4bb9b80c4ad837a2082dea (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit 4221937b68e2414295279b27c5f12a80f826ed4b
Author: Jeremy Allison <jra at samba.org>
Date: Fri May 9 11:14:45 2008 -0700
Remove a couple of uses of SMB_VFS_GET_NT_ACL(), use
SMB_VFS_FGET_NT_ACL instead. I'd like to ultimately
remove SMB_VFS_GET_NT_ACL.
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source/rpc_server/srv_srvsvc_nt.c | 55 ++++++++++++++++++++++++++++---------
source/smbd/nttrans.c | 10 +-----
2 files changed, 44 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_server/srv_srvsvc_nt.c b/source/rpc_server/srv_srvsvc_nt.c
index 18c6f4d..947ad46 100644
--- a/source/rpc_server/srv_srvsvc_nt.c
+++ b/source/rpc_server/srv_srvsvc_nt.c
@@ -2029,20 +2029,18 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
char *qualname = NULL;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
- WERROR werr;
+ WERROR werr = WERR_ACCESS_DENIED;
struct current_user user;
connection_struct *conn = NULL;
bool became_user = False;
TALLOC_CTX *ctx = p->mem_ctx;
- struct sec_desc_buf *sd_buf;
+ struct sec_desc_buf *sd_buf = NULL;
+ files_struct *fsp = NULL;
ZERO_STRUCT(st);
- werr = WERR_OK;
-
qualname = talloc_strdup(ctx, r->in.share);
if (!qualname) {
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2064,14 +2062,12 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
if (!become_user(conn, conn->vuid)) {
DEBUG(0,("_srvsvc_NetGetFileSecurity: Can't become connected user!\n"));
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
became_user = True;
filename_in = talloc_strdup(ctx, r->in.file);
if (!filename_in) {
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2079,7 +2075,6 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetGetFileSecurity: bad pathname %s\n",
filename));
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2087,11 +2082,37 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetGetFileSecurity: can't access %s\n",
filename));
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
- nt_status = SMB_VFS_GET_NT_ACL(conn, filename,
+ if (!(S_ISDIR(st.st_mode))) {
+ nt_status = open_file_ntcreate(conn, NULL, filename, &st,
+ FILE_READ_ATTRIBUTES,
+ FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN,
+ 0,
+ FILE_ATTRIBUTE_NORMAL,
+ 0,
+ NULL, &fsp);
+
+ } else {
+ nt_status = open_directory(conn, NULL, filename, &st,
+ FILE_READ_ATTRIBUTES,
+ FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN,
+ 0,
+ FILE_ATTRIBUTE_DIRECTORY,
+ NULL, &fsp);
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: can't open %s\n",
+ filename));
+ werr = ntstatus_to_werror(nt_status);
+ goto error_exit;
+ }
+
+ nt_status = SMB_VFS_FGET_NT_ACL(fsp,
(OWNER_SECURITY_INFORMATION
|GROUP_SECURITY_INFORMATION
|DACL_SECURITY_INFORMATION), &psd);
@@ -2118,17 +2139,25 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
psd->dacl->revision = NT4_ACL_REVISION;
+ close_file(fsp, NORMAL_CLOSE);
+
unbecome_user();
close_cnum(conn, user.vuid);
- return werr;
+ return WERR_OK;
error_exit:
- if (became_user)
+ if(fsp) {
+ close_file(fsp, NORMAL_CLOSE);
+ }
+
+ if (became_user) {
unbecome_user();
+ }
- if (conn)
+ if (conn) {
close_cnum(conn, user.vuid);
+ }
return werr;
}
diff --git a/source/smbd/nttrans.c b/source/smbd/nttrans.c
index 362823d..bd34b5a 100644
--- a/source/smbd/nttrans.c
+++ b/source/smbd/nttrans.c
@@ -1612,14 +1612,8 @@ static void call_nt_transact_query_security_desc(connection_struct *conn,
if (!lp_nt_acl_support(SNUM(conn))) {
status = get_null_nt_acl(talloc_tos(), &psd);
} else {
- if (fsp->fh->fd != -1) {
- status = SMB_VFS_FGET_NT_ACL(
- fsp, security_info_wanted, &psd);
- }
- else {
- status = SMB_VFS_GET_NT_ACL(
- conn, fsp->fsp_name, security_info_wanted, &psd);
- }
+ status = SMB_VFS_FGET_NT_ACL(
+ fsp, security_info_wanted, &psd);
}
if (!NT_STATUS_IS_OK(status)) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list