summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2008-05-09 11:14:45 -0700
committerJeremy Allison <jra@samba.org>2008-05-09 11:14:45 -0700
commit3f76504d92e0bde89472e569acd64494729778a5 (patch)
tree2045904f60ce0a3e205397599071341c1c85975b /source3
parent1830d6b1599c93b81fd79b4cdc982f20263e1249 (diff)
downloadsamba-3f76504d92e0bde89472e569acd64494729778a5.tar.gz
samba-3f76504d92e0bde89472e569acd64494729778a5.tar.bz2
samba-3f76504d92e0bde89472e569acd64494729778a5.zip
Remove a couple of uses of SMB_VFS_GET_NT_ACL(), use
SMB_VFS_FGET_NT_ACL instead. I'd like to ultimately remove SMB_VFS_GET_NT_ACL. Jeremy. (This used to be commit 4221937b68e2414295279b27c5f12a80f826ed4b)
Diffstat (limited to 'source3')
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c55
-rw-r--r--source3/smbd/nttrans.c10
2 files changed, 44 insertions, 21 deletions
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 18c6f4de53..947ad46568 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -2029,20 +2029,18 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
char *qualname = NULL;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
- WERROR werr;
+ WERROR werr = WERR_ACCESS_DENIED;
struct current_user user;
connection_struct *conn = NULL;
bool became_user = False;
TALLOC_CTX *ctx = p->mem_ctx;
- struct sec_desc_buf *sd_buf;
+ struct sec_desc_buf *sd_buf = NULL;
+ files_struct *fsp = NULL;
ZERO_STRUCT(st);
- werr = WERR_OK;
-
qualname = talloc_strdup(ctx, r->in.share);
if (!qualname) {
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2064,14 +2062,12 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
if (!become_user(conn, conn->vuid)) {
DEBUG(0,("_srvsvc_NetGetFileSecurity: Can't become connected user!\n"));
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
became_user = True;
filename_in = talloc_strdup(ctx, r->in.file);
if (!filename_in) {
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2079,7 +2075,6 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetGetFileSecurity: bad pathname %s\n",
filename));
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2087,11 +2082,37 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetGetFileSecurity: can't access %s\n",
filename));
- werr = WERR_ACCESS_DENIED;
goto error_exit;
}
- nt_status = SMB_VFS_GET_NT_ACL(conn, filename,
+ if (!(S_ISDIR(st.st_mode))) {
+ nt_status = open_file_ntcreate(conn, NULL, filename, &st,
+ FILE_READ_ATTRIBUTES,
+ FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN,
+ 0,
+ FILE_ATTRIBUTE_NORMAL,
+ 0,
+ NULL, &fsp);
+
+ } else {
+ nt_status = open_directory(conn, NULL, filename, &st,
+ FILE_READ_ATTRIBUTES,
+ FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN,
+ 0,
+ FILE_ATTRIBUTE_DIRECTORY,
+ NULL, &fsp);
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: can't open %s\n",
+ filename));
+ werr = ntstatus_to_werror(nt_status);
+ goto error_exit;
+ }
+
+ nt_status = SMB_VFS_FGET_NT_ACL(fsp,
(OWNER_SECURITY_INFORMATION
|GROUP_SECURITY_INFORMATION
|DACL_SECURITY_INFORMATION), &psd);
@@ -2118,17 +2139,25 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
psd->dacl->revision = NT4_ACL_REVISION;
+ close_file(fsp, NORMAL_CLOSE);
+
unbecome_user();
close_cnum(conn, user.vuid);
- return werr;
+ return WERR_OK;
error_exit:
- if (became_user)
+ if(fsp) {
+ close_file(fsp, NORMAL_CLOSE);
+ }
+
+ if (became_user) {
unbecome_user();
+ }
- if (conn)
+ if (conn) {
close_cnum(conn, user.vuid);
+ }
return werr;
}
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 362823d78a..bd34b5a361 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1612,14 +1612,8 @@ static void call_nt_transact_query_security_desc(connection_struct *conn,
if (!lp_nt_acl_support(SNUM(conn))) {
status = get_null_nt_acl(talloc_tos(), &psd);
} else {
- if (fsp->fh->fd != -1) {
- status = SMB_VFS_FGET_NT_ACL(
- fsp, security_info_wanted, &psd);
- }
- else {
- status = SMB_VFS_GET_NT_ACL(
- conn, fsp->fsp_name, security_info_wanted, &psd);
- }
+ status = SMB_VFS_FGET_NT_ACL(
+ fsp, security_info_wanted, &psd);
}
if (!NT_STATUS_IS_OK(status)) {