summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorMichael Adam <obnox@samba.org>2007-12-05 09:53:10 +0100
committerMichael Adam <obnox@samba.org>2007-12-19 23:08:01 +0100
commit233eb0e560acb26f8706fd3ab96d4c6379458414 (patch)
tree6605af3247d222d425cadd7376250008a72ed249 /source3/smbd
parent9460dfc93343f395f6a3867f9f8ec4dfb47bfbc7 (diff)
downloadsamba-233eb0e560acb26f8706fd3ab96d4c6379458414.tar.gz
samba-233eb0e560acb26f8706fd3ab96d4c6379458414.tar.bz2
samba-233eb0e560acb26f8706fd3ab96d4c6379458414.zip
Change the prototype of the vfs function get_nt_acl().
Up to now, get_nt_acl() took a files_struct pointer (fsp) and a file name. All the underlying functions should need and now do need (after the previous preparatory work), is a connection_struct and a file name. The connection_struct is already there in the vfs_handle passed to the vfs functions. So the files_struct argument can be eliminated. This eliminates the need of calling open_file_stat in a couple of places to produce the fsp needed. Michael (This used to be commit b5f600fab53c9d159a958c59795db3ba4a8acc63)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/file_access.c67
-rw-r--r--source3/smbd/nttrans.c2
-rw-r--r--source3/smbd/posix_acls.c2
3 files changed, 7 insertions, 64 deletions
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index a58bcdd891..964d1af258 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -25,67 +25,6 @@ extern struct current_user current_user;
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_ACLS
-/****************************************************************************
- Helper function that gets a security descriptor by connection and
- file name.
- NOTE: This is transitional, in the sense that SMB_VFS_GET_NT_ACL really
- should *not* get a files_struct pointer but a connection_struct ptr
- (automatic by the vfs handle) and the file name and _use_ that!
-****************************************************************************/
-static NTSTATUS conn_get_nt_acl(TALLOC_CTX *mem_ctx,
- struct connection_struct *conn,
- const char *fname,
- SMB_STRUCT_STAT *psbuf,
- struct security_descriptor **psd)
-{
- NTSTATUS status;
- struct files_struct *fsp = NULL;
- struct security_descriptor *secdesc = NULL;
-
- if (!VALID_STAT(*psbuf)) {
- if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
- return map_nt_error_from_unix(errno);
- }
- }
-
- /* fake a files_struct ptr: */
-
- if (S_ISDIR(psbuf->st_mode)) {
- status = open_directory(conn, NULL, fname, psbuf,
- READ_CONTROL_ACCESS,
- FILE_SHARE_READ|FILE_SHARE_WRITE,
- FILE_OPEN,
- 0,
- FILE_ATTRIBUTE_DIRECTORY,
- NULL, &fsp);
- }
- else {
- status = open_file_stat(conn, NULL, fname, psbuf, &fsp);
- }
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(3, ("Unable to open file %s: %s\n", fname,
- nt_errstr(status)));
- return status;
- }
-
- status = SMB_VFS_GET_NT_ACL(fsp, fname,
- (OWNER_SECURITY_INFORMATION |
- GROUP_SECURITY_INFORMATION |
- DACL_SECURITY_INFORMATION),
- &secdesc);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(5, ("Unable to get NT ACL for file %s\n", fname));
- goto done;
- }
-
- *psd = talloc_move(mem_ctx, &secdesc);
-
-done:
- close_file(fsp, NORMAL_CLOSE);
- return status;
-}
-
static bool can_access_file_acl(struct connection_struct *conn,
const char * fname, SMB_STRUCT_STAT *psbuf,
uint32_t access_mask)
@@ -95,7 +34,11 @@ static bool can_access_file_acl(struct connection_struct *conn,
uint32_t access_granted;
struct security_descriptor *secdesc = NULL;
- status = conn_get_nt_acl(talloc_tos(), conn, fname, psbuf, &secdesc);
+ status = SMB_VFS_GET_NT_ACL(conn, fname,
+ (OWNER_SECURITY_INFORMATION |
+ GROUP_SECURITY_INFORMATION |
+ DACL_SECURITY_INFORMATION),
+ &secdesc);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5, ("Could not get acl: %s\n", nt_errstr(status)));
return false;
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 1fbb681c72..cb98a8139c 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1640,7 +1640,7 @@ static void call_nt_transact_query_security_desc(connection_struct *conn,
}
else {
status = SMB_VFS_GET_NT_ACL(
- fsp, fsp->fsp_name, security_info_wanted, &psd);
+ conn, fsp->fsp_name, security_info_wanted, &psd);
}
}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index d9782cfdb8..d8794e2114 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3307,7 +3307,7 @@ static NTSTATUS append_parent_acl(files_struct *fsp,
return status;
}
- status = SMB_VFS_GET_NT_ACL(parent_fsp, parent_fsp->fsp_name,
+ status = SMB_VFS_GET_NT_ACL(parent_fsp->conn, parent_fsp->fsp_name,
DACL_SECURITY_INFORMATION, &parent_sd );
close_file(parent_fsp, NORMAL_CLOSE);