summaryrefslogtreecommitdiffstats
path: root/source3/smbd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/posix_acls.c47
-rw-r--r--source3/smbd/pysmbd.c40
-rw-r--r--source3/smbd/trans2.c12
-rw-r--r--source3/smbd/vfs.c10
4 files changed, 66 insertions, 43 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 45a921f747c..c535502efee 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -2915,7 +2915,7 @@ static bool set_canon_ace_list(files_struct *fsp,
{
connection_struct *conn = fsp->conn;
bool ret = False;
- SMB_ACL_T the_acl = sys_acl_init();
+ SMB_ACL_T the_acl = sys_acl_init(talloc_tos());
canon_ace *p_ace;
int i;
SMB_ACL_ENTRY_T mask_entry;
@@ -3675,7 +3675,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
}
/* Get the ACL from the fd. */
- posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
+ posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos());
pal = fload_inherited_info(fsp);
@@ -3712,11 +3712,14 @@ NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name,
}
/* Get the ACL from the path. */
- posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_ACCESS);
+ posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name,
+ SMB_ACL_TYPE_ACCESS, talloc_tos());
/* If it's a directory get the default POSIX ACL. */
if(S_ISDIR(smb_fname.st.st_ex_mode)) {
- def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_DEFAULT);
+ def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name,
+ SMB_ACL_TYPE_DEFAULT,
+ talloc_tos());
def_acl = free_empty_sys_acl(conn, def_acl);
}
@@ -4353,7 +4356,8 @@ int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode
SMB_ACL_T posix_acl;
int result = -1;
- posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, SMB_ACL_TYPE_ACCESS);
+ posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname,
+ SMB_ACL_TYPE_ACCESS, talloc_tos());
if (posix_acl == (SMB_ACL_T)NULL)
return -1;
@@ -4461,7 +4465,9 @@ static int copy_access_posix_acl(connection_struct *conn, const char *from, cons
SMB_ACL_T posix_acl = NULL;
int ret = -1;
- if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from, SMB_ACL_TYPE_ACCESS)) == NULL)
+ if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from,
+ SMB_ACL_TYPE_ACCESS,
+ talloc_tos())) == NULL)
return -1;
if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1)
@@ -4492,7 +4498,9 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode)
static bool directory_has_default_posix_acl(connection_struct *conn, const char *fname)
{
- SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_DEFAULT);
+ SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname,
+ SMB_ACL_TYPE_DEFAULT,
+ talloc_tos());
bool has_acl = False;
SMB_ACL_ENTRY_T entry;
@@ -4531,7 +4539,7 @@ int fchmod_acl(files_struct *fsp, mode_t mode)
SMB_ACL_T posix_acl = NULL;
int ret = -1;
- if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp)) == NULL)
+ if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos())) == NULL)
return -1;
if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1)
@@ -4613,10 +4621,13 @@ static bool unix_ex_wire_to_tagtype(unsigned char wire_tt, SMB_ACL_TAG_T *p_tt)
FIXME ! How does the share mask/mode fit into this.... ?
****************************************************************************/
-static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn, uint16 num_acls, const char *pdata)
+static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn,
+ uint16 num_acls,
+ const char *pdata,
+ TALLOC_CTX *mem_ctx)
{
unsigned int i;
- SMB_ACL_T the_acl = sys_acl_init();
+ SMB_ACL_T the_acl = sys_acl_init(mem_ctx);
if (the_acl == NULL) {
return NULL;
@@ -4729,7 +4740,9 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname, cons
return True;
}
- if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls, pdata)) == NULL) {
+ if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls,
+ pdata,
+ talloc_tos())) == NULL) {
return False;
}
@@ -4760,7 +4773,7 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c
SMB_ACL_ENTRY_T entry;
bool ret = False;
/* Create a new ACL with only 3 entries, u/g/w. */
- SMB_ACL_T new_file_acl = sys_acl_init();
+ SMB_ACL_T new_file_acl = sys_acl_init(talloc_tos());
SMB_ACL_ENTRY_T user_ent = NULL;
SMB_ACL_ENTRY_T group_ent = NULL;
SMB_ACL_ENTRY_T other_ent = NULL;
@@ -4806,9 +4819,11 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c
/* Get the current file ACL. */
if (fsp && fsp->fh->fd != -1) {
- file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
+ file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos());
} else {
- file_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_ACCESS);
+ file_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname,
+ SMB_ACL_TYPE_ACCESS,
+ talloc_tos());
}
if (file_acl == NULL) {
@@ -4898,7 +4913,9 @@ bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *
return remove_posix_acl(conn, fsp, fname);
}
- if ((file_acl = create_posix_acl_from_wire(conn, num_acls, pdata)) == NULL) {
+ if ((file_acl = create_posix_acl_from_wire(conn, num_acls,
+ pdata,
+ talloc_tos())) == NULL) {
return False;
}
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 4012e6e3c76..66aba21fa81 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -154,98 +154,99 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
{
+ TALLOC_CTX *frame = talloc_stackframe();
+
mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE;
mode_t mode_user = (chmod_mode & 0700) >> 16;
mode_t mode_group = (chmod_mode & 070) >> 8;
mode_t mode_other = chmod_mode & 07;
-
SMB_ACL_ENTRY_T entry;
- SMB_ACL_T acl = sys_acl_init();
+ SMB_ACL_T acl = sys_acl_init(frame);
if (!acl) {
return NULL;
}
if (sys_acl_create_entry(&acl, &entry) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_tag_type(entry, SMB_ACL_USER_OBJ) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_permset(entry, &mode_user) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_create_entry(&acl, &entry) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP_OBJ) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_permset(entry, &mode_group) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_create_entry(&acl, &entry) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_tag_type(entry, SMB_ACL_OTHER) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_permset(entry, &mode_other) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (gid != -1) {
if (sys_acl_create_entry(&acl, &entry) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_qualifier(entry, &gid) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_permset(entry, &mode_group) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
}
if (sys_acl_create_entry(&acl, &entry) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_tag_type(entry, SMB_ACL_MASK) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
if (sys_acl_set_permset(entry, &mode) != 0) {
- TALLOC_FREE(acl);
+ TALLOC_FREE(frame);
return NULL;
}
return acl;
@@ -455,7 +456,7 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args)
smbd_vfs_init(conn);
- acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type);
+ acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type, frame);
if (!acl) {
TALLOC_FREE(frame);
status = map_nt_error_from_unix_common(errno);
@@ -463,7 +464,6 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args)
PyErr_NTSTATUS_IS_ERR_RAISE(status);
}
- talloc_steal(frame, acl);
conn_free(conn);
py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "t", acl, acl);
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 44c457cae5d..61d755c03f8 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -4911,12 +4911,14 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn,
uint16 num_def_acls = 0;
if (fsp && fsp->fh->fd != -1) {
- file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
+ file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp,
+ talloc_tos());
} else {
file_acl =
SMB_VFS_SYS_ACL_GET_FILE(conn,
smb_fname->base_name,
- SMB_ACL_TYPE_ACCESS);
+ SMB_ACL_TYPE_ACCESS,
+ talloc_tos());
}
if (file_acl == NULL && no_acl_syscall_error(errno)) {
@@ -4933,13 +4935,15 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn,
SMB_VFS_SYS_ACL_GET_FILE(
conn,
fsp->fsp_name->base_name,
- SMB_ACL_TYPE_DEFAULT);
+ SMB_ACL_TYPE_DEFAULT,
+ talloc_tos());
} else {
def_acl =
SMB_VFS_SYS_ACL_GET_FILE(
conn,
smb_fname->base_name,
- SMB_ACL_TYPE_DEFAULT);
+ SMB_ACL_TYPE_DEFAULT,
+ talloc_tos());
}
def_acl = free_empty_sys_acl(conn, def_acl);
}
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index fe99ee29e99..182e334ade3 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -2221,17 +2221,19 @@ int smb_vfs_call_fchmod_acl(struct vfs_handle_struct *handle,
SMB_ACL_T smb_vfs_call_sys_acl_get_file(struct vfs_handle_struct *handle,
const char *path_p,
- SMB_ACL_TYPE_T type)
+ SMB_ACL_TYPE_T type,
+ TALLOC_CTX *mem_ctx)
{
VFS_FIND(sys_acl_get_file);
- return handle->fns->sys_acl_get_file_fn(handle, path_p, type);
+ return handle->fns->sys_acl_get_file_fn(handle, path_p, type, mem_ctx);
}
SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle,
- struct files_struct *fsp)
+ struct files_struct *fsp,
+ TALLOC_CTX *mem_ctx)
{
VFS_FIND(sys_acl_get_fd);
- return handle->fns->sys_acl_get_fd_fn(handle, fsp);
+ return handle->fns->sys_acl_get_fd_fn(handle, fsp, mem_ctx);
}
int smb_vfs_call_sys_acl_blob_get_file(struct vfs_handle_struct *handle,
generated by cgit (git 2.34.1) at 2024-06-23 12:06:41 +0000