Pass down to smbd_check_access_rights_sd().
Always pass conn->cwd_fsp for now.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
/* Check we have SEC_DIR_LIST access on this fsp. */
dirfsp = dir_hnd_fetch_fsp(dir_hnd);
- status = smbd_check_access_rights_fsp(dirfsp,
+ status = smbd_check_access_rights_fsp(dirfsp->conn->cwd_fsp,
+ dirfsp,
false,
SEC_DIR_LIST);
if (!NT_STATUS_IS_OK(status)) {
/* Check we have SEC_DIR_LIST access on this fsp. */
dirfsp = dir_hnd_fetch_fsp(dir_hnd);
- status = smbd_check_access_rights_fsp(dirfsp,
+ status = smbd_check_access_rights_fsp(dirfsp->conn->cwd_fsp,
+ dirfsp,
false,
SEC_DIR_LIST);
if (!NT_STATUS_IS_OK(status)) {
fsp_set_fd(dirfsp, fd);
/* Now we have the handle, check access here. */
- status = smbd_check_access_rights_fsp(dirfsp,
+ status = smbd_check_access_rights_fsp(fspcwd,
+ dirfsp,
false,
SEC_DIR_LIST);
if (!NT_STATUS_IS_OK(status)) {
return NT_STATUS_ACCESS_DENIED;
}
- status = smbd_check_access_rights_fsp(smb_fname->fsp,
+ status = smbd_check_access_rights_fsp(conn->cwd_fsp,
+ smb_fname->fsp,
false,
FILE_WRITE_ATTRIBUTES);
if (NT_STATUS_IS_OK(status)) {
*/
ret = NT_STATUS_IS_OK(smbd_check_access_rights_fsp(
+ conn->cwd_fsp,
smb_fname_parent->fsp,
false,
FILE_DELETE_CHILD));
bool can_write_to_fsp(struct files_struct *fsp)
{
- return NT_STATUS_IS_OK(smbd_check_access_rights_fsp(fsp,
+ return NT_STATUS_IS_OK(smbd_check_access_rights_fsp(
+ fsp->conn->cwd_fsp,
+ fsp,
false,
FILE_WRITE_DATA));
}
return false;
}
- status = smbd_check_access_rights_fsp(fname->fsp,
+ status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+ fname->fsp,
false,
rights);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(filepath);
return false;
}
- status = smbd_check_access_rights_fsp(fname->fsp,
+ status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+ fname->fsp,
false,
rights);
if (!NT_STATUS_IS_OK(status)) {
return NT_STATUS_OK;
}
-NTSTATUS smbd_check_access_rights_fsp(struct files_struct *fsp,
+NTSTATUS smbd_check_access_rights_fsp(struct files_struct *dirfsp,
+ struct files_struct *fsp,
bool use_privs,
uint32_t access_mask)
{
}
return smbd_check_access_rights_sd(fsp->conn,
- fsp->conn->cwd_fsp,
+ dirfsp,
fsp->fsp_name,
sd,
use_privs,
}
}
- return smbd_check_access_rights_fsp(fsp,
+ return smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+ fsp,
false,
access_mask);
}
if (!fsp->base_fsp) {
/* Only do this check on non-stream open. */
if (file_existed) {
- status = smbd_check_access_rights_fsp(fsp,
+ status = smbd_check_access_rights_fsp(
+ fsp->conn->cwd_fsp,
+ fsp,
false,
access_mask);
}
}
- status = smbd_check_access_rights_fsp(fsp,
+ status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+ fsp,
false,
access_mask);
}
if (info == FILE_WAS_OPENED) {
- status = smbd_check_access_rights_fsp(fsp,
+ status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+ fsp,
false,
access_mask);
if (!NT_STATUS_IS_OK(status)) {
/* The following definitions come from smbd/open.c */
-NTSTATUS smbd_check_access_rights_fsp(struct files_struct *fsp,
+NTSTATUS smbd_check_access_rights_fsp(struct files_struct *dirfsp,
+ struct files_struct *fsp,
bool use_privs,
uint32_t access_mask);
NTSTATUS check_parent_access_fsp(struct files_struct *fsp,
else
mode &= ~FILE_ATTRIBUTE_DIRECTORY;
- status = smbd_check_access_rights_fsp(smb_fname->fsp,
+ status = smbd_check_access_rights_fsp(conn->cwd_fsp,
+ smb_fname->fsp,
false,
FILE_WRITE_ATTRIBUTES);
if (!NT_STATUS_IS_OK(status)) {
uint32_t access_mask)
{
if (!fsp->fsp_flags.is_fsa) {
- return smbd_check_access_rights_fsp(fsp,
+ return smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+ fsp,
false,
access_mask);
}