diff options
| author | Tim Potter <tpot@samba.org> | 2000-12-12 06:06:10 +0000 |
|---|---|---|
| committer | Tim Potter <tpot@samba.org> | 2000-12-12 06:06:10 +0000 |
| commit | cbddae005f1e6e787be925fab6e4b34f2a3471f0 (patch) | |
| tree | 8d0dd7ad24c8592ef1afe9a5ad21f2381a5ff4d7 /source3/utils | |
| parent | 65fd1be1524ad0ec7d5b27dc9dd0ce4f94e737b8 (diff) | |
| download | samba-cbddae005f1e6e787be925fab6e4b34f2a3471f0.tar.gz samba-cbddae005f1e6e787be925fab6e4b34f2a3471f0.tar.bz2 samba-cbddae005f1e6e787be925fab6e4b34f2a3471f0.zip | |
Better error checking for ACL parsing.
Print an error when attempting to delete a non-existent ACL.
(This used to be commit d119782d0d8d2738650da47fa11134d26134ce17)
Diffstat (limited to 'source3/utils')
| -rw-r--r-- | source3/utils/smbcacls.c | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 4d6622b0ef..aff5244fc5 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -281,10 +281,12 @@ static SEC_DESC *sec_desc_parse(char *str) if (strncmp(tok,"REVISION:", 9) == 0) { revision = strtol(tok+9, NULL, 16); + continue; } if (strncmp(tok,"TYPE:", 5) == 0) { type = strtol(tok+5, NULL, 16); + continue; } if (strncmp(tok,"OWNER:", 6) == 0) { @@ -294,6 +296,7 @@ static SEC_DESC *sec_desc_parse(char *str) printf("Failed to parse owner sid\n"); return NULL; } + continue; } if (strncmp(tok,"GROUP:", 6) == 0) { @@ -303,6 +306,7 @@ static SEC_DESC *sec_desc_parse(char *str) printf("Failed to parse group sid\n"); return NULL; } + continue; } if (strncmp(tok,"ACL:", 4) == 0) { @@ -312,7 +316,11 @@ static SEC_DESC *sec_desc_parse(char *str) printf("Failed to parse ACL\n"); return NULL; } + continue; } + + printf("Failed to parse security descriptor\n"); + return NULL; } ret = make_sec_desc(revision, owner_sid, grp_sid, @@ -405,11 +413,8 @@ static void cacl_set(struct cli_state *cli, char *filename, unsigned sd_size; sd = sec_desc_parse(acl); - if (!sd) { - printf("Failed to parse security descriptor\n"); - return; - } + if (!sd) return; if (test_args) return; /* the desired access below is the only one I could find that works with @@ -426,6 +431,8 @@ static void cacl_set(struct cli_state *cli, char *filename, switch (mode) { case ACL_DELETE: for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) { + BOOL found = False; + for (j=0;old->dacl && j<old->dacl->num_aces;j++) { if (sec_ace_equal(&sd->dacl->ace[i], &old->dacl->ace[j])) { @@ -440,9 +447,17 @@ static void cacl_set(struct cli_state *cli, char *filename, old->dacl = NULL; old->off_dacl = 0; } + found = True; break; } } + + if (!found) { + fstring str; + + SidToString(str, &sd->dacl->ace[i].sid); + printf("ACL for SID %s not found\n", str); + } } break; @@ -475,10 +490,9 @@ static void cacl_set(struct cli_state *cli, char *filename, break; case ACL_SET: - free_sec_desc(&old); - old = sd; + free_sec_desc(&old); + old = sd; break; - } if (sd != old) { |