[PATCH] Some refactoring
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Nov 17 15:32:06 UTC 2015
Hi!
Review&push appreciated!
Thanks, Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From c5a9a08f84ed9b0fd8cf4847234f646706452406 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 17 Nov 2015 14:57:50 +0100
Subject: [PATCH 1/4] smbd: Refactor check_access()
This is a micro-patch to make the next ones just obvious
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/smbd/trans2.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index e2e4c80..ec6d91b 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -67,6 +67,7 @@ NTSTATUS check_access(connection_struct *conn,
if (!(fsp->access_mask & access_mask)) {
return NT_STATUS_ACCESS_DENIED;
}
+ return NT_STATUS_OK;
} else {
NTSTATUS status = smbd_check_access_rights(conn,
smb_fname,
@@ -75,8 +76,8 @@ NTSTATUS check_access(connection_struct *conn,
if (!NT_STATUS_IS_OK(status)) {
return status;
}
+ return NT_STATUS_OK;
}
- return NT_STATUS_OK;
}
/********************************************************************
--
1.9.1
From 8254e0213ebf6bb1c74eb1929d50dcdaecd93ebf Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 17 Nov 2015 15:10:42 +0100
Subject: [PATCH 2/4] smbd: Factor out check_access_fsp() from check_access()
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/smbd/proto.h | 2 ++
source3/smbd/trans2.c | 15 +++++++++++----
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 7926dd6..be51182 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -1079,6 +1079,8 @@ int sys_statvfs(const char *path, vfs_statvfs_struct *statbuf);
/* The following definitions come from smbd/trans2.c */
+NTSTATUS check_access_fsp(const struct files_struct *fsp,
+ uint32_t access_mask);
NTSTATUS check_access(connection_struct *conn,
files_struct *fsp,
const struct smb_filename *smb_fname,
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index ec6d91b..dd226ee 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -54,6 +54,15 @@ static char *store_file_unix_basic_info2(connection_struct *conn,
files_struct *fsp,
const SMB_STRUCT_STAT *psbuf);
+NTSTATUS check_access_fsp(const struct files_struct *fsp,
+ uint32_t access_mask)
+{
+ if (!(fsp->access_mask & access_mask)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+ return NT_STATUS_OK;
+}
+
/********************************************************************
The canonical "check access" based on object handle or path function.
********************************************************************/
@@ -64,10 +73,8 @@ NTSTATUS check_access(connection_struct *conn,
uint32_t access_mask)
{
if (fsp) {
- if (!(fsp->access_mask & access_mask)) {
- return NT_STATUS_ACCESS_DENIED;
- }
- return NT_STATUS_OK;
+ NTSTATUS status = check_access_fsp(fsp, access_mask);
+ return status;
} else {
NTSTATUS status = smbd_check_access_rights(conn,
smb_fname,
--
1.9.1
From 69b11b02964d44b16f60c8165d29387a475eb825 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 17 Nov 2015 15:13:41 +0100
Subject: [PATCH 3/4] smbd: Use check_access_fsp where appropriate
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/smbd/smb2_ioctl_filesys.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/source3/smbd/smb2_ioctl_filesys.c b/source3/smbd/smb2_ioctl_filesys.c
index 187deaf..6e4a785 100644
--- a/source3/smbd/smb2_ioctl_filesys.c
+++ b/source3/smbd/smb2_ioctl_filesys.c
@@ -94,8 +94,7 @@ static NTSTATUS fsctl_set_cmprn(TALLOC_CTX *mem_ctx,
}
/* WRITE_DATA permission is required, WRITE_ATTRIBUTES is not */
- status = check_access(fsp->conn, fsp, NULL,
- FILE_WRITE_DATA);
+ status = check_access_fsp(fsp, FILE_WRITE_DATA);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -141,7 +140,7 @@ static NTSTATUS fsctl_zero_data(TALLOC_CTX *mem_ctx,
}
/* WRITE_DATA permission is required */
- status = check_access(fsp->conn, fsp, NULL, FILE_WRITE_DATA);
+ status = check_access_fsp(fsp, FILE_WRITE_DATA);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -333,7 +332,7 @@ static NTSTATUS fsctl_qar(TALLOC_CTX *mem_ctx,
}
/* READ_DATA permission is required */
- status = check_access(fsp->conn, fsp, NULL, FILE_READ_DATA);
+ status = check_access_fsp(fsp, FILE_READ_DATA);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
--
1.9.1
From 0db743c696b0adbfbcce139d2597c669b9bc25ab Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 17 Nov 2015 15:19:31 +0100
Subject: [PATCH 4/4] smbd: Simplify check_access()
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/smbd/trans2.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index dd226ee..11c97e8 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -72,19 +72,16 @@ NTSTATUS check_access(connection_struct *conn,
const struct smb_filename *smb_fname,
uint32_t access_mask)
{
+ NTSTATUS status;
+
if (fsp) {
- NTSTATUS status = check_access_fsp(fsp, access_mask);
- return status;
+ status = check_access_fsp(fsp, access_mask);
} else {
- NTSTATUS status = smbd_check_access_rights(conn,
- smb_fname,
- false,
- access_mask);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- return NT_STATUS_OK;
+ status = smbd_check_access_rights(conn, smb_fname,
+ false, access_mask);
}
+
+ return status;
}
/********************************************************************
--
1.9.1
More information about the samba-technical
mailing list