sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-01 04:58:35 +03:00
Code

vfs_acl_common: rename psd to psd_blob in get_nt_acl_internal()

Browse Source 
This makes it explicit where the SD is originating from. No change in
behaviour.

This just paves the way for a later change that will simplify the whole
logic and talloc hierarchy, therefor this also strictly renames the
occurences after the out label.

Logically, behind the out label, we're dealing with a variable that
points to what we're going to return, so the name psd_blob is
misleading, but I'm desperately trying to avoid logic changes in this
commit and therefor I'm just strictly renaming.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 2367eea928593f12f8914f7e7ba613b1b15516de)
This commit is contained in:
Ralph Boehme 2016-08-23 13:08:12 +02:00 committed by Karolin Seeger
parent 2a8582638e
commit 9c29eb4972
1 changed files with 30 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
source3/modules/vfs_acl_common.c
View File

@ -488,7 +488,7 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
uint8_t sys_acl_hash[XATTR_SD_HASH_SIZE]; uint8_t sys_acl_hash[XATTR_SD_HASH_SIZE];
uint8_t hash_tmp[XATTR_SD_HASH_SIZE]; uint8_t hash_tmp[XATTR_SD_HASH_SIZE];
uint8_t sys_acl_hash_tmp[XATTR_SD_HASH_SIZE]; uint8_t sys_acl_hash_tmp[XATTR_SD_HASH_SIZE];
struct security_descriptor *psd = NULL; struct security_descriptor *psd_blob = NULL;
struct security_descriptor *pdesc_next = NULL; struct security_descriptor *pdesc_next = NULL;
bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn), bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn),
ACL_MODULE_NAME, ACL_MODULE_NAME,
@ -506,25 +506,25 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("get_nt_acl_internal: get_acl_blob returned %s\n", DEBUG(10, ("get_nt_acl_internal: get_acl_blob returned %s\n",
nt_errstr(status))); nt_errstr(status)));
psd = NULL; psd_blob = NULL;
goto out; goto out;
} else { } else {
status = parse_acl_blob(&blob, mem_ctx, &psd, status = parse_acl_blob(&blob, mem_ctx, &psd_blob,
&hash_type, &xattr_version, &hash[0], &sys_acl_hash[0]); &hash_type, &xattr_version, &hash[0], &sys_acl_hash[0]);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("parse_acl_blob returned %s\n", DEBUG(10, ("parse_acl_blob returned %s\n",
nt_errstr(status))); nt_errstr(status)));
psd = NULL; psd_blob = NULL;
goto out; goto out;
} }
} }
/* Ensure we don't leak psd if we don't choose it. /* Ensure we don't leak psd_blob if we don't choose it.
* *
* We don't allocate it onto frame as it is preferred not to * We don't allocate it onto frame as it is preferred not to
* steal from a talloc pool. * steal from a talloc pool.
*/ */
talloc_steal(frame, psd); talloc_steal(frame, psd_blob);
/* determine which type of xattr we got */ /* determine which type of xattr we got */
switch (xattr_version) { switch (xattr_version) {
@ -547,8 +547,8 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
"mismatch (%u) for file %s\n", "mismatch (%u) for file %s\n",
(unsigned int)hash_type, (unsigned int)hash_type,
name)); name));
TALLOC_FREE(psd); TALLOC_FREE(psd_blob);
psd = NULL; psd_blob = NULL;
goto out; goto out;
} }
@ -558,8 +558,8 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
"(%u) unexpected for file %s\n", "(%u) unexpected for file %s\n",
(unsigned int)hash_type, (unsigned int)hash_type,
name)); name));
TALLOC_FREE(psd); TALLOC_FREE(psd_blob);
psd = NULL; psd_blob = NULL;
goto out; goto out;
} }
@ -642,8 +642,8 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
status = hash_sd_sha256(pdesc_next, hash_tmp); status = hash_sd_sha256(pdesc_next, hash_tmp);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(psd); TALLOC_FREE(psd_blob);
psd = pdesc_next; psd_blob = pdesc_next;
goto out; goto out;
} }
@ -667,12 +667,12 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
NDR_PRINT_DEBUG(security_descriptor, pdesc_next); NDR_PRINT_DEBUG(security_descriptor, pdesc_next);
} }
TALLOC_FREE(psd); TALLOC_FREE(psd_blob);
psd = pdesc_next; psd_blob = pdesc_next;
} }
out: out:
if (psd == NULL) { if (psd_blob == NULL) {
/* Get the full underlying sd, as we failed to get the /* Get the full underlying sd, as we failed to get the
* blob for the hash, or the revision/hash type wasn't * blob for the hash, or the revision/hash type wasn't
* known */ * known */
@ -705,10 +705,10 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
* steal from a talloc pool. * steal from a talloc pool.
*/ */
talloc_steal(frame, pdesc_next); talloc_steal(frame, pdesc_next);
psd = pdesc_next; psd_blob = pdesc_next;
} }
if (psd != pdesc_next) { if (psd_blob != pdesc_next) {
/* We're returning the blob, throw /* We're returning the blob, throw
* away the filesystem SD. */ * away the filesystem SD. */
TALLOC_FREE(pdesc_next); TALLOC_FREE(pdesc_next);
@ -761,20 +761,20 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
status = make_default_filesystem_acl(mem_ctx, status = make_default_filesystem_acl(mem_ctx,
name, name,
psbuf, psbuf,
&psd); &psd_blob);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame); TALLOC_FREE(frame);
return status; return status;
} }
} else { } else {
if (is_directory && if (is_directory &&
!sd_has_inheritable_components(psd, !sd_has_inheritable_components(psd_blob,
true)) { true)) {
status = add_directory_inheritable_components( status = add_directory_inheritable_components(
handle, handle,
name, name,
psbuf, psbuf,
psd); psd_blob);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame); TALLOC_FREE(frame);
return status; return status;
@ -784,35 +784,35 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
the ~SEC_DESC_DACL_PROTECTED bit, as ACLs the ~SEC_DESC_DACL_PROTECTED bit, as ACLs
can't be inherited in this way under POSIX. can't be inherited in this way under POSIX.
Remove it for Windows-style ACLs. */ Remove it for Windows-style ACLs. */
psd->type &= ~SEC_DESC_DACL_PROTECTED; psd_blob->type &= ~SEC_DESC_DACL_PROTECTED;
} }
} }
if (!(security_info & SECINFO_OWNER)) { if (!(security_info & SECINFO_OWNER)) {
psd->owner_sid = NULL; psd_blob->owner_sid = NULL;
} }
if (!(security_info & SECINFO_GROUP)) { if (!(security_info & SECINFO_GROUP)) {
psd->group_sid = NULL; psd_blob->group_sid = NULL;
} }
if (!(security_info & SECINFO_DACL)) { if (!(security_info & SECINFO_DACL)) {
psd->type &= ~SEC_DESC_DACL_PRESENT; psd_blob->type &= ~SEC_DESC_DACL_PRESENT;
psd->dacl = NULL; psd_blob->dacl = NULL;
} }
if (!(security_info & SECINFO_SACL)) { if (!(security_info & SECINFO_SACL)) {
psd->type &= ~SEC_DESC_SACL_PRESENT; psd_blob->type &= ~SEC_DESC_SACL_PRESENT;
psd->sacl = NULL; psd_blob->sacl = NULL;
} }
TALLOC_FREE(blob.data); TALLOC_FREE(blob.data);
if (DEBUGLEVEL >= 10) { if (DEBUGLEVEL >= 10) {
DEBUG(10,("get_nt_acl_internal: returning acl for %s is:\n", DEBUG(10,("get_nt_acl_internal: returning acl for %s is:\n",
name )); name));
NDR_PRINT_DEBUG(security_descriptor, psd); NDR_PRINT_DEBUG(security_descriptor, psd_blob);
} }
/* The VFS API is that the ACL is expected to be on mem_ctx */ /* The VFS API is that the ACL is expected to be on mem_ctx */
*ppdesc = talloc_move(mem_ctx, &psd); *ppdesc = talloc_move(mem_ctx, &psd_blob);
TALLOC_FREE(frame); TALLOC_FREE(frame);
return NT_STATUS_OK; return NT_STATUS_OK;