s3: VFS: acl_common: Add a dirfsp parameter to validate_nt_acl_blob().

This sucks, as it's the only function that I've been
unable to easily split into a _fsp and a _pathname version,
it just does too much. Bite the bullet and add a dirfsp
parameter as well as the fsp and smb_fname parameters.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index f4fe7972552a2cef7663ee2bb1fa8409c0434bf6..71a48163b701cdeb38936c5f1967053a6a25389d 100644 (file)
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -409,12 +409,13 @@ static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle,
  * need it as well.
  **/
 static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
-                                    vfs_handle_struct *handle,
-                                    files_struct *fsp,
-                                    const struct smb_filename *smb_fname,
-                                    const DATA_BLOB *blob,
-                                    struct security_descriptor **ppsd,
-                                    bool *psd_is_from_fs)
+                               vfs_handle_struct *handle,
+                               struct files_struct *fsp,
+                               struct files_struct *dirfsp,
+                               const struct smb_filename *smb_fname,
+                               const DATA_BLOB *blob,
+                               struct security_descriptor **ppsd,
+                               bool *psd_is_from_fs)
 {
        NTSTATUS status;
        uint16_t hash_type = XATTR_SD_HASH_TYPE_NONE;
@@ -626,12 +627,13 @@ NTSTATUS fget_nt_acl_common(
        status = fget_acl_blob_fn(mem_ctx, handle, fsp, &blob);
        if (NT_STATUS_IS_OK(status)) {
                status = validate_nt_acl_blob(mem_ctx,
-                                             handle,
-                                             fsp,
-                                             smb_fname,
-                                             &blob,
-                                             &psd,
-                                             &psd_is_from_fs);
+                                       handle,
+                                       fsp,
+                                       NULL,
+                                       smb_fname,
+                                       &blob,
+                                       &psd,
+                                       &psd_is_from_fs);
                TALLOC_FREE(blob.data);
                if (!NT_STATUS_IS_OK(status)) {
                        DBG_DEBUG("ACL validation for [%s] failed\n",
@@ -779,12 +781,13 @@ NTSTATUS get_nt_acl_common_at(
                                &blob);
        if (NT_STATUS_IS_OK(status)) {
                status = validate_nt_acl_blob(mem_ctx,
-                                             handle,
-                                             NULL,
-                                             smb_fname_in,
-                                             &blob,
-                                             &psd,
-                                             &psd_is_from_fs);
+                                       handle,
+                                       NULL,
+                                       dirfsp,
+                                       smb_fname_in,
+                                       &blob,
+                                       &psd,
+                                       &psd_is_from_fs);
                TALLOC_FREE(blob.data);
                if (!NT_STATUS_IS_OK(status)) {
                        DBG_DEBUG("ACL validation for [%s] failed\n",