diff options
| author | Simo Sorce <idra@samba.org> | 2008-02-01 14:24:31 -0500 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2008-02-01 14:24:31 -0500 |
| commit | 2fffc9a1b1fe2a1490e867bb38462e50c282d2b3 (patch) | |
| tree | 428e09c9b35138db8b7ca7161c659a71aa129d29 /source3/smbd/file_access.c | |
| parent | 93a3c5b3f9927973b4ad1496f593ea147052d1e1 (diff) | |
| parent | b708005a7106db26d7df689b887b419c9f2ea41c (diff) | |
| download | samba-2fffc9a1b1fe2a1490e867bb38462e50c282d2b3.tar.gz samba-2fffc9a1b1fe2a1490e867bb38462e50c282d2b3.tar.bz2 samba-2fffc9a1b1fe2a1490e867bb38462e50c282d2b3.zip | |
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test
(This used to be commit 7dbfc7bdc65314466a83e8121b35c9bcb24b2631)
Diffstat (limited to 'source3/smbd/file_access.c')
| -rw-r--r-- | source3/smbd/file_access.c | 67 |
1 files changed, 5 insertions, 62 deletions
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c index a58bcdd891..964d1af258 100644 --- a/source3/smbd/file_access.c +++ b/source3/smbd/file_access.c @@ -25,67 +25,6 @@ extern struct current_user current_user; #undef DBGC_CLASS #define DBGC_CLASS DBGC_ACLS -/**************************************************************************** - Helper function that gets a security descriptor by connection and - file name. - NOTE: This is transitional, in the sense that SMB_VFS_GET_NT_ACL really - should *not* get a files_struct pointer but a connection_struct ptr - (automatic by the vfs handle) and the file name and _use_ that! -****************************************************************************/ -static NTSTATUS conn_get_nt_acl(TALLOC_CTX *mem_ctx, - struct connection_struct *conn, - const char *fname, - SMB_STRUCT_STAT *psbuf, - struct security_descriptor **psd) -{ - NTSTATUS status; - struct files_struct *fsp = NULL; - struct security_descriptor *secdesc = NULL; - - if (!VALID_STAT(*psbuf)) { - if (SMB_VFS_STAT(conn, fname, psbuf) != 0) { - return map_nt_error_from_unix(errno); - } - } - - /* fake a files_struct ptr: */ - - if (S_ISDIR(psbuf->st_mode)) { - status = open_directory(conn, NULL, fname, psbuf, - READ_CONTROL_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_DIRECTORY, - NULL, &fsp); - } - else { - status = open_file_stat(conn, NULL, fname, psbuf, &fsp); - } - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(3, ("Unable to open file %s: %s\n", fname, - nt_errstr(status))); - return status; - } - - status = SMB_VFS_GET_NT_ACL(fsp, fname, - (OWNER_SECURITY_INFORMATION | - GROUP_SECURITY_INFORMATION | - DACL_SECURITY_INFORMATION), - &secdesc); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(5, ("Unable to get NT ACL for file %s\n", fname)); - goto done; - } - - *psd = talloc_move(mem_ctx, &secdesc); - -done: - close_file(fsp, NORMAL_CLOSE); - return status; -} - static bool can_access_file_acl(struct connection_struct *conn, const char * fname, SMB_STRUCT_STAT *psbuf, uint32_t access_mask) @@ -95,7 +34,11 @@ static bool can_access_file_acl(struct connection_struct *conn, uint32_t access_granted; struct security_descriptor *secdesc = NULL; - status = conn_get_nt_acl(talloc_tos(), conn, fname, psbuf, &secdesc); + status = SMB_VFS_GET_NT_ACL(conn, fname, + (OWNER_SECURITY_INFORMATION | + GROUP_SECURITY_INFORMATION | + DACL_SECURITY_INFORMATION), + &secdesc); if (!NT_STATUS_IS_OK(status)) { DEBUG(5, ("Could not get acl: %s\n", nt_errstr(status))); return false; |