diff options
author | Jeremy Allison <jra@samba.org> | 2008-05-09 11:14:45 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2008-05-09 11:14:45 -0700 |
commit | 3f76504d92e0bde89472e569acd64494729778a5 (patch) | |
tree | 2045904f60ce0a3e205397599071341c1c85975b /source3 | |
parent | 1830d6b1599c93b81fd79b4cdc982f20263e1249 (diff) | |
download | samba-3f76504d92e0bde89472e569acd64494729778a5.tar.gz samba-3f76504d92e0bde89472e569acd64494729778a5.tar.bz2 samba-3f76504d92e0bde89472e569acd64494729778a5.zip |
Remove a couple of uses of SMB_VFS_GET_NT_ACL(), use
SMB_VFS_FGET_NT_ACL instead. I'd like to ultimately
remove SMB_VFS_GET_NT_ACL.
Jeremy.
(This used to be commit 4221937b68e2414295279b27c5f12a80f826ed4b)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/rpc_server/srv_srvsvc_nt.c | 55 | ||||
-rw-r--r-- | source3/smbd/nttrans.c | 10 |
2 files changed, 44 insertions, 21 deletions
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 18c6f4de53..947ad46568 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2029,20 +2029,18 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, char *qualname = NULL; SMB_STRUCT_STAT st; NTSTATUS nt_status; - WERROR werr; + WERROR werr = WERR_ACCESS_DENIED; struct current_user user; connection_struct *conn = NULL; bool became_user = False; TALLOC_CTX *ctx = p->mem_ctx; - struct sec_desc_buf *sd_buf; + struct sec_desc_buf *sd_buf = NULL; + files_struct *fsp = NULL; ZERO_STRUCT(st); - werr = WERR_OK; - qualname = talloc_strdup(ctx, r->in.share); if (!qualname) { - werr = WERR_ACCESS_DENIED; goto error_exit; } @@ -2064,14 +2062,12 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, if (!become_user(conn, conn->vuid)) { DEBUG(0,("_srvsvc_NetGetFileSecurity: Can't become connected user!\n")); - werr = WERR_ACCESS_DENIED; goto error_exit; } became_user = True; filename_in = talloc_strdup(ctx, r->in.file); if (!filename_in) { - werr = WERR_ACCESS_DENIED; goto error_exit; } @@ -2079,7 +2075,6 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(3,("_srvsvc_NetGetFileSecurity: bad pathname %s\n", filename)); - werr = WERR_ACCESS_DENIED; goto error_exit; } @@ -2087,11 +2082,37 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(3,("_srvsvc_NetGetFileSecurity: can't access %s\n", filename)); - werr = WERR_ACCESS_DENIED; goto error_exit; } - nt_status = SMB_VFS_GET_NT_ACL(conn, filename, + if (!(S_ISDIR(st.st_mode))) { + nt_status = open_file_ntcreate(conn, NULL, filename, &st, + FILE_READ_ATTRIBUTES, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, + 0, + FILE_ATTRIBUTE_NORMAL, + 0, + NULL, &fsp); + + } else { + nt_status = open_directory(conn, NULL, filename, &st, + FILE_READ_ATTRIBUTES, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, + 0, + FILE_ATTRIBUTE_DIRECTORY, + NULL, &fsp); + } + + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(3,("_srvsvc_NetGetFileSecurity: can't open %s\n", + filename)); + werr = ntstatus_to_werror(nt_status); + goto error_exit; + } + + nt_status = SMB_VFS_FGET_NT_ACL(fsp, (OWNER_SECURITY_INFORMATION |GROUP_SECURITY_INFORMATION |DACL_SECURITY_INFORMATION), &psd); @@ -2118,17 +2139,25 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, psd->dacl->revision = NT4_ACL_REVISION; + close_file(fsp, NORMAL_CLOSE); + unbecome_user(); close_cnum(conn, user.vuid); - return werr; + return WERR_OK; error_exit: - if (became_user) + if(fsp) { + close_file(fsp, NORMAL_CLOSE); + } + + if (became_user) { unbecome_user(); + } - if (conn) + if (conn) { close_cnum(conn, user.vuid); + } return werr; } diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 362823d78a..bd34b5a361 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1612,14 +1612,8 @@ static void call_nt_transact_query_security_desc(connection_struct *conn, if (!lp_nt_acl_support(SNUM(conn))) { status = get_null_nt_acl(talloc_tos(), &psd); } else { - if (fsp->fh->fd != -1) { - status = SMB_VFS_FGET_NT_ACL( - fsp, security_info_wanted, &psd); - } - else { - status = SMB_VFS_GET_NT_ACL( - conn, fsp->fsp_name, security_info_wanted, &psd); - } + status = SMB_VFS_FGET_NT_ACL( + fsp, security_info_wanted, &psd); } if (!NT_STATUS_IS_OK(status)) { |