smbd: Add mem_ctx to sys_acl_init() and all callers

This changes from allocation on NULL to allocation on the supplied
memory context.

Currently that supplied context is talloc_tos() at the the final consumer of
the ACL.

Andrew Bartlett

diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c
index a786a234d40a144d9e98980aa5bf01ba71175feb..3b918483a840d1aa5edbb3812815a41564f1714b 100644 (file)
--- a/examples/VFS/skel_opaque.c
+++ b/examples/VFS/skel_opaque.c
@@ -574,13 +574,18 @@ static int skel_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, mode_t
        return -1;
 }
 
-static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle,  const char *path_p, SMB_ACL_TYPE_T type)
+static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle,
+                                      const char *path_p,
+                                      SMB_ACL_TYPE_T type,
+                                      TALLOC_CTX *mem_ctx)
 {
        errno = ENOSYS;
        return (SMB_ACL_T)NULL;
 }
 
-static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp)
+static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle,
+                                    files_struct *fsp,
+                                    TALLOC_CTX *mem_ctx)
 {
        errno = ENOSYS;
        return (SMB_ACL_T)NULL;

diff --git a/examples/VFS/skel_transparent.c b/examples/VFS/skel_transparent.c
index 02a994c07f7923dcb733c616b67d0025a189c8f9..a00b0e1bef6b8415bff0b55e63a70adcdf95ddef 100644 (file)
--- a/examples/VFS/skel_transparent.c
+++ b/examples/VFS/skel_transparent.c
@@ -689,14 +689,19 @@ static int skel_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, mode_t
        return SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode);
 }
 
-static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle,  const char *path_p, SMB_ACL_TYPE_T type)
+static SMB_ACL_T skel_sys_acl_get_file(vfs_handle_struct *handle,
+                                      const char *path_p,
+                                      SMB_ACL_TYPE_T type,
+                                      TALLOC_CTX *mem_ctx)
 {
-       return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
+       return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx);
 }
 
-static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp)
+static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct *handle,
+                                    files_struct *fsp,
+                                    TALLOC_CTX *mem_ctx)
 {
-       return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
+       return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
 }
 
 static int skel_sys_acl_blob_get_file(vfs_handle_struct *handle,  const char *path_p, SMB_ACL_TYPE_T type,

diff --git a/source3/include/smb_acls.h b/source3/include/smb_acls.h
index dbcf3b7269c930c9960caf84c7cf9d49f4849819..3ac23dbbfd35f8a84d824070f7eeb32b0365f479 100644 (file)
--- a/source3/include/smb_acls.h
+++ b/source3/include/smb_acls.h
@@ -44,7 +44,7 @@ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d);
 int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm);
 int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm);
 char *sys_acl_to_text(const struct smb_acl_t *acl_d, ssize_t *len_p);
-SMB_ACL_T sys_acl_init(void);
+SMB_ACL_T sys_acl_init(TALLOC_CTX *mem_ctx);
 int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p);
 int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type);
 int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p);
@@ -52,8 +52,10 @@ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d);
 int sys_acl_free_text(char *text);
 int sys_acl_valid(SMB_ACL_T acl_d);
 SMB_ACL_T sys_acl_get_file(struct vfs_handle_struct *handle,
-                          const char *path_p, SMB_ACL_TYPE_T type);
-SMB_ACL_T sys_acl_get_fd(struct vfs_handle_struct *handle, struct files_struct *fsp);
+                          const char *path_p, SMB_ACL_TYPE_T type,
+                          TALLOC_CTX *mem_ctx);
+SMB_ACL_T sys_acl_get_fd(struct vfs_handle_struct *handle, struct files_struct *fsp,
+                        TALLOC_CTX *mem_ctx);
 int sys_acl_set_file(struct vfs_handle_struct *handle,
                     const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d);
 int sys_acl_set_fd(struct vfs_handle_struct *handle, struct files_struct *fsp,

diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index c83e7ed54b8fe17eb9c886ff98b63d237382d3ae..4ba11be94e1e03df2d862f0e438945a07678ba94 100644 (file)
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -692,8 +692,13 @@ struct vfs_fn_pointers {
        int (*chmod_acl_fn)(struct vfs_handle_struct *handle, const char *name, mode_t mode);
        int (*fchmod_acl_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp, mode_t mode);
 
-       SMB_ACL_T (*sys_acl_get_file_fn)(struct vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type);
-       SMB_ACL_T (*sys_acl_get_fd_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp);
+       SMB_ACL_T (*sys_acl_get_file_fn)(struct vfs_handle_struct *handle,
+                                        const char *path_p,
+                                        SMB_ACL_TYPE_T type,
+                                        TALLOC_CTX *mem_ctx);
+       SMB_ACL_T (*sys_acl_get_fd_fn)(struct vfs_handle_struct *handle,
+                                      struct files_struct *fsp,
+                                      TALLOC_CTX *mem_ctx);
        int (*sys_acl_blob_get_file_fn)(struct vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type,      
                                        TALLOC_CTX *mem_ctx, char **blob_description,
                                        DATA_BLOB *blob);
@@ -1094,9 +1099,11 @@ int smb_vfs_call_fchmod_acl(struct vfs_handle_struct *handle,
                            struct files_struct *fsp, mode_t mode);
 SMB_ACL_T smb_vfs_call_sys_acl_get_file(struct vfs_handle_struct *handle,
                                        const char *path_p,
-                                       SMB_ACL_TYPE_T type);
+                                       SMB_ACL_TYPE_T type,
+                                       TALLOC_CTX *mem_ctx);
 SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle,
-                                     struct files_struct *fsp);
+                                     struct files_struct *fsp,
+                                     TALLOC_CTX *mem_ctx);
 int smb_vfs_call_sys_acl_blob_get_file(struct vfs_handle_struct *handle,
                                       const char *path_p,
                                       SMB_ACL_TYPE_T type,     

diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h
index 4eca1b074841bf2bae2935e26d04bfc2a923ce18..f1bc8ffa4cab462658fd1a9875e6127c142ac23d 100644 (file)
--- a/source3/include/vfs_macros.h
+++ b/source3/include/vfs_macros.h
@@ -429,15 +429,15 @@
 #define SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode) \
        smb_vfs_call_fchmod_acl((handle)->next, (fsp), (mode))
 
-#define SMB_VFS_SYS_ACL_GET_FILE(conn, path_p, type) \
-       smb_vfs_call_sys_acl_get_file((conn)->vfs_handles, (path_p), (type))
-#define SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type) \
-       smb_vfs_call_sys_acl_get_file((handle)->next, (path_p), (type))
-
-#define SMB_VFS_SYS_ACL_GET_FD(fsp) \
-       smb_vfs_call_sys_acl_get_fd((fsp)->conn->vfs_handles, (fsp))
-#define SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp) \
-       smb_vfs_call_sys_acl_get_fd((handle)->next, (fsp))
+#define SMB_VFS_SYS_ACL_GET_FILE(conn, path_p, type, mem_ctx)          \
+       smb_vfs_call_sys_acl_get_file((conn)->vfs_handles, (path_p), (type), (mem_ctx))
+#define SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx)           \
+       smb_vfs_call_sys_acl_get_file((handle)->next, (path_p), (type), (mem_ctx))
+
+#define SMB_VFS_SYS_ACL_GET_FD(fsp, mem_ctx) \
+       smb_vfs_call_sys_acl_get_fd((fsp)->conn->vfs_handles, (fsp), (mem_ctx))
+#define SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx) \
+       smb_vfs_call_sys_acl_get_fd((handle)->next, (fsp), (mem_ctx))
 
 #define SMB_VFS_SYS_ACL_BLOB_GET_FILE(conn, path_p, type, mem_ctx, blob_description, blob)     \
        smb_vfs_call_sys_acl_blob_get_file((conn)->vfs_handles, (path_p), (type), (mem_ctx), (blob_description), (blob))

diff --git a/source3/lib/sysacls.c b/source3/lib/sysacls.c
index a5430d6a0db805f72ce14040299a5d2471d08d37..22454910309b6729ee7e1b6782fb15b2f9e52d92 100644 (file)
--- a/source3/lib/sysacls.c
+++ b/source3/lib/sysacls.c
@@ -249,11 +249,11 @@ char *sys_acl_to_text(const struct smb_acl_t *acl_d, ssize_t *len_p)
        return text;
 }
 
-SMB_ACL_T sys_acl_init(void)
+SMB_ACL_T sys_acl_init(TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T       a;
 
-       if ((a = talloc(NULL, struct smb_acl_t)) == NULL) {
+       if ((a = talloc(mem_ctx, struct smb_acl_t)) == NULL) {
                errno = ENOMEM;
                return NULL;
        }
@@ -364,14 +364,14 @@ int sys_acl_valid(SMB_ACL_T acl_d)
 #if defined(HAVE_POSIX_ACLS)
  
 SMB_ACL_T sys_acl_get_file(vfs_handle_struct *handle, 
-                          const char *path_p, SMB_ACL_TYPE_T type)
+                          const char *path_p, SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx)
 {
-       return posixacl_sys_acl_get_file(handle, path_p, type);
+       return posixacl_sys_acl_get_file(handle, path_p, type, mem_ctx);
 }
  
-SMB_ACL_T sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp)
+SMB_ACL_T sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp, TALLOC_CTX *mem_ctx)
 {
-       return posixacl_sys_acl_get_fd(handle, fsp);
+       return posixacl_sys_acl_get_fd(handle, fsp, mem_ctx);
 }
  
 int sys_acl_set_file(vfs_handle_struct *handle,

diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c
index dd705ea319e314e3e0f2f2df766da809101dfe68..0d754d7b4378691eca4239d47c4d7fa0f3000d3c 100644 (file)
--- a/source3/modules/vfs_aixacl2.c
+++ b/source3/modules/vfs_aixacl2.c
@@ -200,7 +200,7 @@ static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle,
                                   pacl);
 }
 
-static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type)
+static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type, TALLOC_CTX *mem_ctx)
 {
         aixc_acl_t *pacl;
        AIXJFS2_ACL_T *acl;
@@ -222,7 +222,7 @@ static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type)
         DEBUG(10, ("len: %d, mode: %d\n",
                    pacl->acl_len, pacl->acl_mode));
 
-        result = aixacl_to_smbacl(pacl);
+        result = aixacl_to_smbacl(pacl, mem_ctx);
         if (result == NULL) {
                 goto done;
         }
@@ -236,7 +236,8 @@ static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type)
 
 SMB_ACL_T aixjfs2_sys_acl_get_file(vfs_handle_struct *handle,
                                     const char *path_p,
-                                    SMB_ACL_TYPE_T type)
+                                  SMB_ACL_TYPE_T type,
+                                  TALLOC_CTX *mem_ctx)
 {
         acl_type_t aixjfs2_type;
 
@@ -252,7 +253,7 @@ SMB_ACL_T aixjfs2_sys_acl_get_file(vfs_handle_struct *handle,
                 smb_panic("exiting");
         }
 
-        return aixjfs2_get_posix_acl(path_p, aixjfs2_type);
+        return aixjfs2_get_posix_acl(path_p, aixjfs2_type, mem_ctx);
 }
 
 SMB_ACL_T aixjfs2_sys_acl_get_fd(vfs_handle_struct *handle,

diff --git a/source3/modules/vfs_aixacl_util.c b/source3/modules/vfs_aixacl_util.c
index 82e8bd15802730c8415d3baeb0baa45effad1b65..1194d27df22b48aeb57a632550aeeb4173e89b3d 100644 (file)
--- a/source3/modules/vfs_aixacl_util.c
+++ b/source3/modules/vfs_aixacl_util.c
@@ -22,12 +22,12 @@
 #include "smbd/smbd.h"
 #include "vfs_aixacl_util.h"
 
-SMB_ACL_T aixacl_to_smbacl(struct acl *file_acl)
+SMB_ACL_T aixacl_to_smbacl(struct acl *file_acl, TALLOC_CTX *mem_ctx)
 {
        struct acl_entry *acl_entry;
        struct ace_id *idp;
        
-       struct smb_acl_t *result = sys_acl_init();
+       struct smb_acl_t *result = sys_acl_init(mem_ctx);
        struct smb_acl_entry *ace;
        int i;
        

diff --git a/source3/modules/vfs_aixacl_util.h b/source3/modules/vfs_aixacl_util.h
index 2447252ebaa5fc9ca91ce84d944196012d13fb3f..e283a3d1d4c771ff96e4226f7a2c97c37bc7992f 100644 (file)
--- a/source3/modules/vfs_aixacl_util.h
+++ b/source3/modules/vfs_aixacl_util.h
@@ -17,6 +17,6 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl);
+SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl, TALLOC_CTX *mem_ctx);
 struct acl *aixacl_smb_to_aixacl(SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl);
 

diff --git a/source3/modules/vfs_cap.c b/source3/modules/vfs_cap.c
index 2454e12b6fa662fc970b1071ea507b5631545b7e..f2f8d7174f1349881a8c2356ec72b4387d6c7df9 100644 (file)
--- a/source3/modules/vfs_cap.c
+++ b/source3/modules/vfs_cap.c
@@ -409,7 +409,9 @@ static int cap_chmod_acl(vfs_handle_struct *handle, const char *path, mode_t mod
        return SMB_VFS_NEXT_CHMOD_ACL(handle, cappath, mode);
 }
 
-static SMB_ACL_T cap_sys_acl_get_file(vfs_handle_struct *handle, const char *path, SMB_ACL_TYPE_T type)
+static SMB_ACL_T cap_sys_acl_get_file(vfs_handle_struct *handle,
+                                     const char *path, SMB_ACL_TYPE_T type,
+                                     TALLOC_CTX *mem_ctx)
 {
        char *cappath = capencode(talloc_tos(), path);
 
@@ -417,7 +419,7 @@ static SMB_ACL_T cap_sys_acl_get_file(vfs_handle_struct *handle, const char *pat
                errno = ENOMEM;
                return (SMB_ACL_T)NULL;
        }
-       return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, cappath, type);
+       return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, cappath, type, mem_ctx);
 }
 
 static int cap_sys_acl_set_file(vfs_handle_struct *handle, const char *path, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)

diff --git a/source3/modules/vfs_catia.c b/source3/modules/vfs_catia.c
index 821a755e0608e59b454da8258116e509b541ca9c..a2bef443701749bfcc097ab6485d51dd19cb7ff6 100644 (file)
--- a/source3/modules/vfs_catia.c
+++ b/source3/modules/vfs_catia.c
@@ -745,7 +745,8 @@ catia_chmod_acl(vfs_handle_struct *handle,
 static SMB_ACL_T
 catia_sys_acl_get_file(vfs_handle_struct *handle,
                       const char *path,
-                      SMB_ACL_TYPE_T type)
+                      SMB_ACL_TYPE_T type,
+                      TALLOC_CTX *mem_ctx)
 {
        char *mapped_name = NULL;
        NTSTATUS status;
@@ -758,7 +759,7 @@ catia_sys_acl_get_file(vfs_handle_struct *handle,
                return NULL;
        }
 
-       ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, mapped_name, type);
+       ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, mapped_name, type, mem_ctx);
        TALLOC_FREE(mapped_name);
 
        return ret;

diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index 8392feb8c43261e5f8939ef600654d37b00b672f..aa91a48a2ea3b7b36a262c91c97131ddf3186e67 100644 (file)
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -2111,14 +2111,19 @@ static int vfswrap_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, mode
 #endif
 }
 
-static SMB_ACL_T vfswrap_sys_acl_get_file(vfs_handle_struct *handle,  const char *path_p, SMB_ACL_TYPE_T type)
+static SMB_ACL_T vfswrap_sys_acl_get_file(vfs_handle_struct *handle,
+                                         const char *path_p,
+                                         SMB_ACL_TYPE_T type,
+                                         TALLOC_CTX *mem_ctx)
 {
-       return sys_acl_get_file(handle, path_p, type);
+       return sys_acl_get_file(handle, path_p, type, mem_ctx);
 }
 
-static SMB_ACL_T vfswrap_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp)
+static SMB_ACL_T vfswrap_sys_acl_get_fd(vfs_handle_struct *handle,
+                                       files_struct *fsp,
+                                       TALLOC_CTX *mem_ctx)
 {
-       return sys_acl_get_fd(handle, fsp);
+       return sys_acl_get_fd(handle, fsp, mem_ctx);
 }
 
 static int vfswrap_sys_acl_set_file(vfs_handle_struct *handle,  const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)

diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c
index 6390b67395b13924a5d8a36a3b3ed651e638d043..a6e01b061ef187c9a9cd908dee6229ef1bbf2206 100644 (file)
--- a/source3/modules/vfs_fake_acls.c
+++ b/source3/modules/vfs_fake_acls.c
@@ -189,11 +189,10 @@ static int fake_acls_fstat(vfs_handle_struct *handle, files_struct *fsp, SMB_STR
        return ret;
 }
 
-static SMB_ACL_T fake_acls_blob2acl(DATA_BLOB *blob)
+static SMB_ACL_T fake_acls_blob2acl(DATA_BLOB *blob, TALLOC_CTX *mem_ctx)
 {
        enum ndr_err_code ndr_err;
-       /* For now, ACLs are allocated on NULL */
-       struct smb_acl_t *acl = talloc(NULL, struct smb_acl_t);
+       struct smb_acl_t *acl = talloc(mem_ctx, struct smb_acl_t);
        if (!acl) {
                errno = ENOMEM;
                return NULL;
@@ -226,7 +225,10 @@ static DATA_BLOB fake_acls_acl2blob(TALLOC_CTX *mem_ctx, SMB_ACL_T acl)
        return blob;
 }
 
-static SMB_ACL_T fake_acls_sys_acl_get_file(struct vfs_handle_struct *handle, const char *path, SMB_ACL_TYPE_T type)
+static SMB_ACL_T fake_acls_sys_acl_get_file(struct vfs_handle_struct *handle,
+                                           const char *path,
+                                           SMB_ACL_TYPE_T type,
+                                           TALLOC_CTX *mem_ctx)
 {
        DATA_BLOB blob = data_blob_null;
        ssize_t length;
@@ -258,13 +260,15 @@ static SMB_ACL_T fake_acls_sys_acl_get_file(struct vfs_handle_struct *handle, co
                return NULL;
        }
        if (length != -1) {
-               acl = fake_acls_blob2acl(&blob);
+               acl = fake_acls_blob2acl(&blob, mem_ctx);
        }
        TALLOC_FREE(frame);
        return acl;
 }
 
-static SMB_ACL_T fake_acls_sys_acl_get_fd(struct vfs_handle_struct *handle, files_struct *fsp)
+static SMB_ACL_T fake_acls_sys_acl_get_fd(struct vfs_handle_struct *handle,
+                                         files_struct *fsp,
+                                         TALLOC_CTX *mem_ctx)
 {
        DATA_BLOB blob = data_blob_null;
        ssize_t length;
@@ -288,7 +292,7 @@ static SMB_ACL_T fake_acls_sys_acl_get_fd(struct vfs_handle_struct *handle, file
                return NULL;
        }
        if (length != -1) {
-               acl = fake_acls_blob2acl(&blob);
+               acl = fake_acls_blob2acl(&blob, mem_ctx);
        }
        TALLOC_FREE(frame);
        return acl;

diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
index 6050c550276eec42e9c3fa33c9839f77039997ef..e56c4a82a0deba2916521a72fc73ad3761e3fa75 100644 (file)
--- a/source3/modules/vfs_full_audit.c
+++ b/source3/modules/vfs_full_audit.c
@@ -1803,11 +1803,12 @@ static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fs
 
 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
                                        const char *path_p,
-                                       SMB_ACL_TYPE_T type)
+                                                SMB_ACL_TYPE_T type,
+                                                TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result;
 
-       result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
+       result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx);
 
        do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
               "%s", path_p);
@@ -1816,11 +1817,11 @@ static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
 }
 
 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
-                                     files_struct *fsp)
+                                              files_struct *fsp, TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result;
 
-       result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
+       result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
 
        do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
               "%s", fsp_str_do_log(fsp));

diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 8959fe6056fbbb0ea19161e7b8b6364a315cec87..412c48c440462cbe5969d18b6f9bb2f6eaa1f5c8 100644 (file)
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -549,12 +549,12 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp
        return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd);
 }
 
-static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl)
+static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result;
        gpfs_aclCount_t i;
 
-       result = sys_acl_init();
+       result = sys_acl_init(mem_ctx);
        if (result == NULL) {
                errno = ENOMEM;
                return NULL;
@@ -614,7 +614,8 @@ static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl)
        return result;
 }
 
-static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type)
+static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type,
+                                      TALLOC_CTX *mem_ctx)
 {
        struct gpfs_acl *pacl;
        SMB_ACL_T result = NULL;
@@ -641,7 +642,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type)
                   pacl->acl_len, pacl->acl_level, pacl->acl_version,
                   pacl->acl_nace));
 
-       result = gpfs2smb_acl(pacl);
+       result = gpfs2smb_acl(pacl, mem_ctx);
        if (result != NULL) {
                errno = 0;
        }
@@ -656,7 +657,8 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type)
 
 static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle,
                                          const char *path_p,
-                                         SMB_ACL_TYPE_T type)
+                                         SMB_ACL_TYPE_T type,
+                                         TALLOC_CTX *mem_ctx)
 {
        gpfs_aclType_t gpfs_type;
        struct gpfs_config_data *config;
@@ -666,7 +668,8 @@ static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle,
                                return NULL);
 
        if (!config->acl) {
-               return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
+               return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p,
+                                                    type, mem_ctx);
        }
 
        switch(type) {
@@ -681,11 +684,12 @@ static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle,
                smb_panic("exiting");
        }
 
-       return gpfsacl_get_posix_acl(path_p, gpfs_type);
+       return gpfsacl_get_posix_acl(path_p, gpfs_type, mem_ctx);
 }
 
 static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
-                                       files_struct *fsp)
+                                       files_struct *fsp,
+                                       TALLOC_CTX *mem_ctx)
 {
        struct gpfs_config_data *config;
 
@@ -694,11 +698,11 @@ static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
                                return NULL);
 
        if (!config->acl) {
-               return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
+               return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
        }
 
        return gpfsacl_get_posix_acl(fsp->fsp_name->base_name,
-                                    GPFS_ACL_TYPE_ACCESS);
+                                    GPFS_ACL_TYPE_ACCESS, mem_ctx);
 }
 
 static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,

diff --git a/source3/modules/vfs_hpuxacl.c b/source3/modules/vfs_hpuxacl.c
index 884cc5c6f6a8add9ea8f51e18fee1462190c8d44..6a0fb9b618405dc7716873472195ea0f2e25c409 100644 (file)
--- a/source3/modules/vfs_hpuxacl.c
+++ b/source3/modules/vfs_hpuxacl.c
@@ -112,7 +112,7 @@ static bool smb_acl_to_hpux_acl(SMB_ACL_T smb_acl,
                HPUX_ACL_T *solariacl, int *count, 
                SMB_ACL_TYPE_T type);
 static SMB_ACL_T hpux_acl_to_smb_acl(HPUX_ACL_T hpuxacl, int count,
-               SMB_ACL_TYPE_T type);
+                                    SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx);
 static HPUX_ACL_TAG_T smb_tag_to_hpux_tag(SMB_ACL_TAG_T smb_tag);
 static SMB_ACL_TAG_T hpux_tag_to_smb_tag(HPUX_ACL_TAG_T hpux_tag);
 static bool hpux_add_to_acl(HPUX_ACL_T *hpux_acl, int *count,
@@ -140,7 +140,8 @@ static bool hpux_aclsort_call_present(void);
 
 SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle,
                                      const char *path_p,
-                                     SMB_ACL_TYPE_T type)
+                                  SMB_ACL_TYPE_T type,
+                                  TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result = NULL;
        int count;
@@ -168,7 +169,7 @@ SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle,
        if (!hpux_acl_get_file(path_p, &hpux_acl, &count)) {
                goto done;
        }
-       result = hpux_acl_to_smb_acl(hpux_acl, count, type);
+       result = hpux_acl_to_smb_acl(hpux_acl, count, type, mem_ctx);
        if (result == NULL) {
                DEBUG(10, ("conversion hpux_acl -> smb_acl failed (%s).\n",
                           strerror(errno)));
@@ -186,7 +187,8 @@ SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle,
  * get the access ACL of a file referred to by a fd
  */
 SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle,
-                                files_struct *fsp)
+                                files_struct *fsp,
+                                TALLOC_CTX *mem_ctx)
 {
         /* 
         * HPUX doesn't have the facl call. Fake it using the path.... JRA. 
@@ -200,7 +202,8 @@ SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle,
 
         return hpuxacl_sys_acl_get_file(handle,
                                        fsp->fsp_name->base_name,
-                                       SMB_ACL_TYPE_ACCESS);
+                                       SMB_ACL_TYPE_ACCESS,
+                                       mem_ctx);
 }
 
 
@@ -490,12 +493,12 @@ static bool smb_acl_to_hpux_acl(SMB_ACL_T smb_acl,
  * soaris acl to the SMB_ACL format.
  */
 static SMB_ACL_T hpux_acl_to_smb_acl(HPUX_ACL_T hpux_acl, int count, 
-                                       SMB_ACL_TYPE_T type)
+                                    SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result;
        int i;
 
-       if ((result = sys_acl_init()) == NULL) {
+       if ((result = sys_acl_init(mem_ctx)) == NULL) {
                DEBUG(10, ("error allocating memory for SMB_ACL\n"));
                goto fail;
        }

diff --git a/source3/modules/vfs_media_harmony.c b/source3/modules/vfs_media_harmony.c
index 647db7c161aef93a6cdc9c80e194ea993bcc50ef..a10eb5e5d392a9b03c961c6ad265e3442319a8c9 100644 (file)
--- a/source3/modules/vfs_media_harmony.c
+++ b/source3/modules/vfs_media_harmony.c
@@ -2085,8 +2085,9 @@ out:
  * Failure: set errno, return NULL
  */
 static SMB_ACL_T mh_sys_acl_get_file(vfs_handle_struct *handle,
-               const char *path_p,
-               SMB_ACL_TYPE_T type)
+                                    const char *path_p,
+                                    SMB_ACL_TYPE_T type,
+                                    TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T ret;
        char *clientPath;
@@ -2095,7 +2096,7 @@ static SMB_ACL_T mh_sys_acl_get_file(vfs_handle_struct *handle,
        DEBUG(MH_INFO_DEBUG, ("Entering mh_sys_acl_get_file\n"));
        if (!is_in_media_files(path_p))
        {
-               ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
+               ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx);
                goto out;
        }
 
@@ -2110,7 +2111,7 @@ static SMB_ACL_T mh_sys_acl_get_file(vfs_handle_struct *handle,
                goto err;
        }
 
-       ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, clientPath, type);
+       ret = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, clientPath, type, mem_ctx);
 err:
        TALLOC_FREE(clientPath);
 out:

diff --git a/source3/modules/vfs_posixacl.c b/source3/modules/vfs_posixacl.c
index 50487ff4dedcdb17346e2343886a165d47e28ddd..1714b137d6c5f02f3ffaf9c85b836819fc8875b5 100644 (file)
--- a/source3/modules/vfs_posixacl.c
+++ b/source3/modules/vfs_posixacl.c
@@ -26,7 +26,7 @@
 
 static bool smb_ace_to_internal(acl_entry_t posix_ace,
                                struct smb_acl_entry *ace);
-static struct smb_acl_t *smb_acl_to_internal(acl_t acl);
+static struct smb_acl_t *smb_acl_to_internal(acl_t acl, TALLOC_CTX *mem_ctx);
 static int smb_acl_set_mode(acl_entry_t entry, SMB_ACL_PERM_T perm);
 static acl_t smb_acl_to_posix(const struct smb_acl_t *acl);
 
@@ -35,7 +35,8 @@ static acl_t smb_acl_to_posix(const struct smb_acl_t *acl);
 
 SMB_ACL_T posixacl_sys_acl_get_file(vfs_handle_struct *handle,
                                    const char *path_p,
-                                   SMB_ACL_TYPE_T type)
+                                   SMB_ACL_TYPE_T type,
+                                   TALLOC_CTX *mem_ctx)
 {
        struct smb_acl_t *result;
        acl_type_t acl_type;
@@ -59,13 +60,13 @@ SMB_ACL_T posixacl_sys_acl_get_file(vfs_handle_struct *handle,
                return NULL;
        }
 
-       result = smb_acl_to_internal(acl);
+       result = smb_acl_to_internal(acl, mem_ctx);
        acl_free(acl);
        return result;
 }
 
 SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle,
-                                 files_struct *fsp)
+                                 files_struct *fsp, TALLOC_CTX *mem_ctx)
 {
        struct smb_acl_t *result;
        acl_t acl = acl_get_fd(fsp->fh->fd);
@@ -74,7 +75,7 @@ SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle,
                return NULL;
        }
 
-       result = smb_acl_to_internal(acl);
+       result = smb_acl_to_internal(acl, mem_ctx);
        acl_free(acl);
        return result;
 }
@@ -212,9 +213,9 @@ static bool smb_ace_to_internal(acl_entry_t posix_ace,
        return True;
 }
 
-static struct smb_acl_t *smb_acl_to_internal(acl_t acl)
+static struct smb_acl_t *smb_acl_to_internal(acl_t acl, TALLOC_CTX *mem_ctx)
 {
-       struct smb_acl_t *result = sys_acl_init();
+       struct smb_acl_t *result = sys_acl_init(mem_ctx);
        int entry_id = ACL_FIRST_ENTRY;
        acl_entry_t e;
        if (result == NULL) {

diff --git a/source3/modules/vfs_posixacl.h b/source3/modules/vfs_posixacl.h
index 9ef3f8662042501a7647c14a802ec778c2b9de3b..b0fe841e1ba63d41ce732090e192bedefed82111 100644 (file)
--- a/source3/modules/vfs_posixacl.h
+++ b/source3/modules/vfs_posixacl.h
@@ -23,10 +23,12 @@
 
 SMB_ACL_T posixacl_sys_acl_get_file(vfs_handle_struct *handle,
                                    const char *path_p,
-                                   SMB_ACL_TYPE_T type);
+                                   SMB_ACL_TYPE_T type,
+                                   TALLOC_CTX *mem_ctx);
 
 SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle,
-                                 files_struct *fsp);
+                                 files_struct *fsp,
+                                 TALLOC_CTX *mem_ctx);
 
 int posixacl_sys_acl_set_file(vfs_handle_struct *handle,
                              const char *name,

diff --git a/source3/modules/vfs_solarisacl.c b/source3/modules/vfs_solarisacl.c
index 10b6f707d7941c28cde84d573858844e8fb7e1dc..ad25e88f62c4d418b3643e8ed9acf30d7f2dbe8c 100644 (file)
--- a/source3/modules/vfs_solarisacl.c
+++ b/source3/modules/vfs_solarisacl.c
@@ -45,7 +45,7 @@ static bool smb_acl_to_solaris_acl(SMB_ACL_T smb_acl,
                SOLARIS_ACL_T *solariacl, int *count, 
                SMB_ACL_TYPE_T type);
 static SMB_ACL_T solaris_acl_to_smb_acl(SOLARIS_ACL_T solarisacl, int count,
-               SMB_ACL_TYPE_T type);
+                                       SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx);
 static SOLARIS_ACL_TAG_T smb_tag_to_solaris_tag(SMB_ACL_TAG_T smb_tag);
 static SMB_ACL_TAG_T solaris_tag_to_smb_tag(SOLARIS_ACL_TAG_T solaris_tag);
 static bool solaris_add_to_acl(SOLARIS_ACL_T *solaris_acl, int *count,
@@ -64,7 +64,7 @@ static bool solaris_acl_check(SOLARIS_ACL_T solaris_acl, int count);
 
 SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle,
                                      const char *path_p,
-                                     SMB_ACL_TYPE_T type)
+                                     SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result = NULL;
        int count;
@@ -85,7 +85,7 @@ SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle,
        if (!solaris_acl_get_file(path_p, &solaris_acl, &count)) {
                goto done;
        }
-       result = solaris_acl_to_smb_acl(solaris_acl, count, type);
+       result = solaris_acl_to_smb_acl(solaris_acl, count, type, mem_ctx);
        if (result == NULL) {
                DEBUG(10, ("conversion solaris_acl -> smb_acl failed (%s).\n",
                           strerror(errno)));
@@ -103,7 +103,7 @@ SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle,
  * get the access ACL of a file referred to by a fd
  */
 SMB_ACL_T solarisacl_sys_acl_get_fd(vfs_handle_struct *handle,
-                                   files_struct *fsp)
+                                   files_struct *fsp, TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result = NULL;
        int count;
@@ -424,12 +424,12 @@ static bool smb_acl_to_solaris_acl(SMB_ACL_T smb_acl,
  * soaris acl to the SMB_ACL format.
  */
 static SMB_ACL_T solaris_acl_to_smb_acl(SOLARIS_ACL_T solaris_acl, int count, 
-                                       SMB_ACL_TYPE_T type)
+                                       SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result;
        int i;
 
-       if ((result = sys_acl_init()) == NULL) {
+       if ((result = sys_acl_init(mem_ctx)) == NULL) {
                DEBUG(10, ("error allocating memory for SMB_ACL\n"));
                goto fail;
        }

diff --git a/source3/modules/vfs_time_audit.c b/source3/modules/vfs_time_audit.c
index 7571b2f3403f6ae4cc1dd9b1d76e7d0f5158f67c..b7d399b2631fe0c94f3605232fa6877110b2030d 100644 (file)
--- a/source3/modules/vfs_time_audit.c
+++ b/source3/modules/vfs_time_audit.c
@@ -1772,14 +1772,15 @@ static int smb_time_audit_fchmod_acl(vfs_handle_struct *handle,
 
 static SMB_ACL_T smb_time_audit_sys_acl_get_file(vfs_handle_struct *handle,
                                                 const char *path_p,
-                                                SMB_ACL_TYPE_T type)
+                                                SMB_ACL_TYPE_T type,
+                                                TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result;
        struct timespec ts1,ts2;
        double timediff;
 
        clock_gettime_mono(&ts1);
-       result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
+       result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type, mem_ctx);
        clock_gettime_mono(&ts2);
        timediff = nsec_time_diff(&ts2,&ts1)*1.0e-9;
 
@@ -1791,14 +1792,15 @@ static SMB_ACL_T smb_time_audit_sys_acl_get_file(vfs_handle_struct *handle,
 }
 
 static SMB_ACL_T smb_time_audit_sys_acl_get_fd(vfs_handle_struct *handle,
-                                              files_struct *fsp)
+                                              files_struct *fsp,
+                                              TALLOC_CTX *mem_ctx)
 {
        SMB_ACL_T result;
        struct timespec ts1,ts2;
        double timediff;
 
        clock_gettime_mono(&ts1);
-       result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
+       result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
        clock_gettime_mono(&ts2);
        timediff = nsec_time_diff(&ts2,&ts1)*1.0e-9;
 

diff --git a/source3/modules/vfs_tru64acl.c b/source3/modules/vfs_tru64acl.c
index 918f7c6d00fe9de502faed5f0123d3c3e53edbdb..6eadee613c7c2ec234b1d39e475c959cd8ea014d 100644 (file)
--- a/source3/modules/vfs_tru64acl.c
+++ b/source3/modules/vfs_tru64acl.c
@@ -24,7 +24,8 @@
 
 /* prototypes for private functions first - for clarity */
 
-static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl);
+static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl,
+                                             TALLOC_CTX *mem_ctx);
 static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace, 
                                struct smb_acl_entry *smb_ace);
 static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl);
@@ -38,7 +39,8 @@ static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset);
 
 SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle,
                                    const char *path_p,
-                                   SMB_ACL_TYPE_T type)
+                                   SMB_ACL_TYPE_T type,
+                                   TALLOC_CTX *mem_ctx)
 {
         struct smb_acl_t *result;
         acl_type_t the_acl_type;
@@ -64,13 +66,14 @@ SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle,
                 return NULL;
         }
 
-        result = tru64_acl_to_smb_acl(tru64_acl);
+        result = tru64_acl_to_smb_acl(tru64_acl, mem_ctx);
         acl_free(tru64_acl);
         return result;
 }
 
 SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle,
-                                 files_struct *fsp)
+                                 files_struct *fsp,
+                                 TALLOC_CTX *mem_ctx)
 {
        struct smb_acl_t *result;
        acl_t tru64_acl = acl_get_fd(fsp->fh->fd, ACL_TYPE_ACCESS);
@@ -79,7 +82,7 @@ SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle,
                return NULL;
        }
        
-       result = tru64_acl_to_smb_acl(tru64_acl);
+       result = tru64_acl_to_smb_acl(tru64_acl, mem_ctx);
        acl_free(tru64_acl);
        return result;
 }
@@ -153,14 +156,15 @@ int tru64acl_sys_acl_delete_def_file(vfs_handle_struct *handle,
 
 /* private functions */
 
-static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl) 
+static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl,
+                                             TALLOC_CTX *mem_ctx)
 {
        struct smb_acl_t *result;
        acl_entry_t entry;
 
        DEBUG(10, ("Hi! This is tru64_acl_to_smb_acl.\n"));
        
-       if ((result = sys_acl_init()) == NULL) {
+       if ((result = sys_acl_init(mem_ctx)) == NULL) {
                DEBUG(0, ("sys_acl_init() failed in tru64_acl_to_smb_acl\n"));
                errno = ENOMEM;
                goto fail;

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 45a921f747c70e844c323346960bbc77b7201287..c535502efee0640c5eff4eb7c996f03fe44246a2 100644 (file)
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -2915,7 +2915,7 @@ static bool set_canon_ace_list(files_struct *fsp,
 {
        connection_struct *conn = fsp->conn;
        bool ret = False;
-       SMB_ACL_T the_acl = sys_acl_init();
+       SMB_ACL_T the_acl = sys_acl_init(talloc_tos());
        canon_ace *p_ace;
        int i;
        SMB_ACL_ENTRY_T mask_entry;
@@ -3675,7 +3675,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
        }
 
        /* Get the ACL from the fd. */
-       posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
+       posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos());
 
        pal = fload_inherited_info(fsp);
 
@@ -3712,11 +3712,14 @@ NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name,
        }
 
        /* Get the ACL from the path. */
-       posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_ACCESS);
+       posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name,
+                                            SMB_ACL_TYPE_ACCESS, talloc_tos());
 
        /* If it's a directory get the default POSIX ACL. */
        if(S_ISDIR(smb_fname.st.st_ex_mode)) {
-               def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name, SMB_ACL_TYPE_DEFAULT);
+               def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, name,
+                                                   SMB_ACL_TYPE_DEFAULT,
+                                                   talloc_tos());
                def_acl = free_empty_sys_acl(conn, def_acl);
        }
 
@@ -4353,7 +4356,8 @@ int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode
        SMB_ACL_T posix_acl;
        int result = -1;
 
-       posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname, SMB_ACL_TYPE_ACCESS);
+       posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname,
+                                            SMB_ACL_TYPE_ACCESS, talloc_tos());
        if (posix_acl == (SMB_ACL_T)NULL)
                return -1;
 
@@ -4461,7 +4465,9 @@ static int copy_access_posix_acl(connection_struct *conn, const char *from, cons
        SMB_ACL_T posix_acl = NULL;
        int ret = -1;
 
-       if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from, SMB_ACL_TYPE_ACCESS)) == NULL)
+       if ((posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, from,
+                                                 SMB_ACL_TYPE_ACCESS,
+                                                 talloc_tos())) == NULL)
                return -1;
 
        if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1)
@@ -4492,7 +4498,9 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode)
 
 static bool directory_has_default_posix_acl(connection_struct *conn, const char *fname)
 {
-       SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_DEFAULT);
+       SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname,
+                                                    SMB_ACL_TYPE_DEFAULT,
+                                                    talloc_tos());
        bool has_acl = False;
        SMB_ACL_ENTRY_T entry;
 
@@ -4531,7 +4539,7 @@ int fchmod_acl(files_struct *fsp, mode_t mode)
        SMB_ACL_T posix_acl = NULL;
        int ret = -1;
 
-       if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp)) == NULL)
+       if ((posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos())) == NULL)
                return -1;
 
        if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1)
@@ -4613,10 +4621,13 @@ static bool unix_ex_wire_to_tagtype(unsigned char wire_tt, SMB_ACL_TAG_T *p_tt)
  FIXME ! How does the share mask/mode fit into this.... ?
 ****************************************************************************/
 
-static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn, uint16 num_acls, const char *pdata)
+static SMB_ACL_T create_posix_acl_from_wire(connection_struct *conn,
+                                           uint16 num_acls,
+                                           const char *pdata,
+                                           TALLOC_CTX *mem_ctx)
 {
        unsigned int i;
-       SMB_ACL_T the_acl = sys_acl_init();
+       SMB_ACL_T the_acl = sys_acl_init(mem_ctx);
 
        if (the_acl == NULL) {
                return NULL;
@@ -4729,7 +4740,9 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname, cons
                return True;
        }
 
-       if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls, pdata)) == NULL) {
+       if ((def_acl = create_posix_acl_from_wire(conn, num_def_acls,
+                                                 pdata,
+                                                 talloc_tos())) == NULL) {
                return False;
        }
 
@@ -4760,7 +4773,7 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c
        SMB_ACL_ENTRY_T entry;
        bool ret = False;
        /* Create a new ACL with only 3 entries, u/g/w. */
-       SMB_ACL_T new_file_acl = sys_acl_init();
+       SMB_ACL_T new_file_acl = sys_acl_init(talloc_tos());
        SMB_ACL_ENTRY_T user_ent = NULL;
        SMB_ACL_ENTRY_T group_ent = NULL;
        SMB_ACL_ENTRY_T other_ent = NULL;
@@ -4806,9 +4819,11 @@ static bool remove_posix_acl(connection_struct *conn, files_struct *fsp, const c
 
        /* Get the current file ACL. */
        if (fsp && fsp->fh->fd != -1) {
-               file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
+               file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, talloc_tos());
        } else {
-               file_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_ACCESS);
+               file_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fname,
+                                                   SMB_ACL_TYPE_ACCESS,
+                                                   talloc_tos());
        }
 
        if (file_acl == NULL) {
@@ -4898,7 +4913,9 @@ bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *
                return remove_posix_acl(conn, fsp, fname);
        }
 
-       if ((file_acl = create_posix_acl_from_wire(conn, num_acls, pdata)) == NULL) {
+       if ((file_acl = create_posix_acl_from_wire(conn, num_acls,
+                                                  pdata,
+                                                  talloc_tos())) == NULL) {
                return False;
        }
 

diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 4012e6e3c76c1a4a3a6d500c93d0a6dca70d78f0..66aba21fa816a109831a4a13d24f7f161f7333ac 100644 (file)
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -154,98 +154,99 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
 
 static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
 {
+       TALLOC_CTX *frame = talloc_stackframe();
+
        mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE;
 
        mode_t mode_user = (chmod_mode & 0700) >> 16;
        mode_t mode_group = (chmod_mode & 070) >> 8;
        mode_t mode_other = chmod_mode &  07;
-
        SMB_ACL_ENTRY_T entry;
-       SMB_ACL_T acl = sys_acl_init();
+       SMB_ACL_T acl = sys_acl_init(frame);
 
        if (!acl) {
                return NULL;
        }
 
        if (sys_acl_create_entry(&acl, &entry) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_tag_type(entry, SMB_ACL_USER_OBJ) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_permset(entry, &mode_user) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_create_entry(&acl, &entry) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP_OBJ) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_permset(entry, &mode_group) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_create_entry(&acl, &entry) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_tag_type(entry, SMB_ACL_OTHER) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_permset(entry, &mode_other) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (gid != -1) {
                if (sys_acl_create_entry(&acl, &entry) != 0) {
-                       TALLOC_FREE(acl);
+                       TALLOC_FREE(frame);
                        return NULL;
                }
 
                if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP) != 0) {
-                       TALLOC_FREE(acl);
+                       TALLOC_FREE(frame);
                        return NULL;
                }
 
                if (sys_acl_set_qualifier(entry, &gid) != 0) {
-                       TALLOC_FREE(acl);
+                       TALLOC_FREE(frame);
                        return NULL;
                }
 
                if (sys_acl_set_permset(entry, &mode_group) != 0) {
-                       TALLOC_FREE(acl);
+                       TALLOC_FREE(frame);
                        return NULL;
                }
        }
 
        if (sys_acl_create_entry(&acl, &entry) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_tag_type(entry, SMB_ACL_MASK) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
 
        if (sys_acl_set_permset(entry, &mode) != 0) {
-               TALLOC_FREE(acl);
+               TALLOC_FREE(frame);
                return NULL;
        }
        return acl;
@@ -455,7 +456,7 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args)
 
        smbd_vfs_init(conn);
 
-       acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type);
+       acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, acl_type, frame);
        if (!acl) {
                TALLOC_FREE(frame);
                status = map_nt_error_from_unix_common(errno);
@@ -463,7 +464,6 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args)
                PyErr_NTSTATUS_IS_ERR_RAISE(status);
        }
 
-       talloc_steal(frame, acl);
        conn_free(conn);
 
        py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "t", acl, acl);

diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 44c457cae5d14395a16acc4bf12a053bdd57879b..61d755c03f8c851dda98042a34a879180ffecd39 100644 (file)
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -4911,12 +4911,14 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn,
                                uint16 num_def_acls = 0;
 
                                if (fsp && fsp->fh->fd != -1) {
-                                       file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp);
+                                       file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp,
+                                               talloc_tos());
                                } else {
                                        file_acl =
                                            SMB_VFS_SYS_ACL_GET_FILE(conn,
                                                smb_fname->base_name,
-                                               SMB_ACL_TYPE_ACCESS);
+                                               SMB_ACL_TYPE_ACCESS,
+                                               talloc_tos());
                                }
 
                                if (file_acl == NULL && no_acl_syscall_error(errno)) {
@@ -4933,13 +4935,15 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn,
                                                    SMB_VFS_SYS_ACL_GET_FILE(
                                                            conn,
                                                            fsp->fsp_name->base_name,
-                                                           SMB_ACL_TYPE_DEFAULT);
+                                                           SMB_ACL_TYPE_DEFAULT,
+                                                           talloc_tos());
                                        } else {
                                                def_acl =
                                                    SMB_VFS_SYS_ACL_GET_FILE(
                                                            conn,
                                                            smb_fname->base_name,
-                                                           SMB_ACL_TYPE_DEFAULT);
+                                                           SMB_ACL_TYPE_DEFAULT,
+                                                           talloc_tos());
                                        }
                                        def_acl = free_empty_sys_acl(conn, def_acl);
                                }

diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index fe99ee29e99a2e9e640042019d8da185e9651c63..182e334ade389cc64de3fcb951b3730c3a3cf8ac 100644 (file)
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -2221,17 +2221,19 @@ int smb_vfs_call_fchmod_acl(struct vfs_handle_struct *handle,
 
 SMB_ACL_T smb_vfs_call_sys_acl_get_file(struct vfs_handle_struct *handle,
                                        const char *path_p,
-                                       SMB_ACL_TYPE_T type)
+                                       SMB_ACL_TYPE_T type,
+                                       TALLOC_CTX *mem_ctx)
 {
        VFS_FIND(sys_acl_get_file);
-       return handle->fns->sys_acl_get_file_fn(handle, path_p, type);
+       return handle->fns->sys_acl_get_file_fn(handle, path_p, type, mem_ctx);
 }
 
 SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle,
-                                     struct files_struct *fsp)
+                                     struct files_struct *fsp,
+                                     TALLOC_CTX *mem_ctx)
 {
        VFS_FIND(sys_acl_get_fd);
-       return handle->fns->sys_acl_get_fd_fn(handle, fsp);
+       return handle->fns->sys_acl_get_fd_fn(handle, fsp, mem_ctx);
 }
 
 int smb_vfs_call_sys_acl_blob_get_file(struct vfs_handle_struct *handle,

diff --git a/source3/torture/cmd_vfs.c b/source3/torture/cmd_vfs.c
index 236b9c09f84c2be4b5796c6af58bd81bf2910b73..7755f8ac2af2012ba9b9ea39ad412e2d1d94a8c9 100644 (file)
--- a/source3/torture/cmd_vfs.c
+++ b/source3/torture/cmd_vfs.c
@@ -1572,7 +1572,7 @@ static NTSTATUS cmd_sys_acl_get_fd(struct vfs_state *vfs, TALLOC_CTX *mem_ctx,
                return NT_STATUS_OK;
        }
 
-       acl = SMB_VFS_SYS_ACL_GET_FD(vfs->files[fd]);
+       acl = SMB_VFS_SYS_ACL_GET_FD(vfs->files[fd], talloc_tos());
        if (!acl) {
                printf("sys_acl_get_fd failed (%s)\n", strerror(errno));
                return status;
@@ -1597,7 +1597,7 @@ static NTSTATUS cmd_sys_acl_get_file(struct vfs_state *vfs, TALLOC_CTX *mem_ctx,
        }
 
        type = atoi(argv[2]);
-       acl = SMB_VFS_SYS_ACL_GET_FILE(vfs->conn, argv[1], type);
+       acl = SMB_VFS_SYS_ACL_GET_FILE(vfs->conn, argv[1], type, talloc_tos());
        if (!acl) {
                printf("sys_acl_get_file failed (%s)\n", strerror(errno));
                return status;