1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

smbd: remove struct privilege_paths

The last user of this had been removed by
d485c43cc7.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 31 19:32:12 UTC 2020 on sn-devel-184
This commit is contained in:
Ralph Boehme 2020-03-30 08:06:10 +02:00 committed by Jeremy Allison
parent 89041a6d18
commit 9edd7268b6
4 changed files with 16 additions and 43 deletions

View File

@ -543,7 +543,6 @@ typedef struct connection_struct {
} connection_struct;
struct smbd_smb2_request;
struct privilege_paths;
struct referral;
struct smb_request {
@ -600,12 +599,6 @@ struct smb_request {
*/
struct smbd_smb2_request *smb2req;
/*
* Pathnames used if request done
* under privilege.
*/
struct privilege_paths *priv_paths;
/*
* Request list for chained requests, we're part of it.
*/

View File

@ -632,7 +632,6 @@ static bool init_smb_request(struct smb_request *req,
}
req->chain_fsp = NULL;
req->smb2req = NULL;
req->priv_paths = NULL;
req->chain = NULL;
req->posix_pathnames = lp_posix_pathnames();
smb_init_perfcount_data(&req->pcd);

View File

@ -26,15 +26,6 @@ struct dptr_struct;
#include "smbd/proto.h"
#include "locking/proto.h"
/*
* Pathnames used if request done
* under privilege.
*/
struct privilege_paths {
struct smb_filename parent_name;
struct smb_filename file_name;
};
struct trans_state {
struct trans_state *next, *prev;
uint64_t vuid; /* SMB2 compat */

View File

@ -1025,36 +1025,29 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
struct smb_filename *resolved_fname = NULL;
struct smb_filename *saved_dir_fname = NULL;
struct smb_filename *smb_fname_cwd = NULL;
struct privilege_paths *priv_paths = NULL;
int ret;
struct smb_filename parent_name = { 0 };
struct smb_filename file_name = { 0 };
DEBUG(3,("check_reduced_name_with_privilege [%s] [%s]\n",
smb_fname->base_name,
conn->connectpath));
priv_paths = talloc_zero(smbreq, struct privilege_paths);
if (!priv_paths) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
if (!parent_dirname(ctx, smb_fname->base_name,
&dir_name, &last_component)) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
priv_paths->parent_name.base_name = talloc_strdup(priv_paths, dir_name);
priv_paths->file_name.base_name = talloc_strdup(priv_paths, last_component);
if (priv_paths->parent_name.base_name == NULL ||
priv_paths->file_name.base_name == NULL) {
parent_name.base_name = dir_name;
file_name.base_name = talloc_strdup(ctx, last_component);
if (file_name.base_name == NULL) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
if (SMB_VFS_STAT(conn, &priv_paths->parent_name) != 0) {
if (SMB_VFS_STAT(conn, &parent_name) != 0) {
status = map_nt_error_from_unix(errno);
goto err;
}
@ -1065,7 +1058,7 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
goto err;
}
if (vfs_ChDir(conn, &priv_paths->parent_name) == -1) {
if (vfs_ChDir(conn, &parent_name) == -1) {
status = map_nt_error_from_unix(errno);
goto err;
}
@ -1092,7 +1085,7 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
}
DEBUG(10,("check_reduced_name_with_privilege: realpath [%s] -> [%s]\n",
priv_paths->parent_name.base_name,
parent_name.base_name,
resolved_name));
/* Now check the stat value is the same. */
@ -1102,11 +1095,11 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
}
/* Ensure we're pointing at the same place. */
if (!check_same_stat(&smb_fname_cwd->st, &priv_paths->parent_name.st)) {
if (!check_same_stat(&smb_fname_cwd->st, &parent_name.st)) {
DEBUG(0,("check_reduced_name_with_privilege: "
"device/inode/uid/gid on directory %s changed. "
"Denying access !\n",
priv_paths->parent_name.base_name));
parent_name.base_name));
status = NT_STATUS_ACCESS_DENIED;
goto err;
}
@ -1153,30 +1146,30 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
/* Now ensure that the last component either doesn't
exist, or is *NOT* a symlink. */
ret = SMB_VFS_LSTAT(conn, &priv_paths->file_name);
ret = SMB_VFS_LSTAT(conn, &file_name);
if (ret == -1) {
/* Errno must be ENOENT for this be ok. */
if (errno != ENOENT) {
status = map_nt_error_from_unix(errno);
DEBUG(2, ("check_reduced_name_with_privilege: "
"LSTAT on %s failed with %s\n",
priv_paths->file_name.base_name,
file_name.base_name,
nt_errstr(status)));
goto err;
}
}
if (VALID_STAT(priv_paths->file_name.st) &&
S_ISLNK(priv_paths->file_name.st.st_ex_mode)) {
if (VALID_STAT(file_name.st) &&
S_ISLNK(file_name.st.st_ex_mode))
{
DEBUG(2, ("check_reduced_name_with_privilege: "
"Last component %s is a symlink. Denying"
"access.\n",
priv_paths->file_name.base_name));
file_name.base_name));
status = NT_STATUS_ACCESS_DENIED;
goto err;
}
smbreq->priv_paths = priv_paths;
status = NT_STATUS_OK;
err:
@ -1186,9 +1179,6 @@ NTSTATUS check_reduced_name_with_privilege(connection_struct *conn,
TALLOC_FREE(saved_dir_fname);
}
TALLOC_FREE(resolved_fname);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(priv_paths);
}
TALLOC_FREE(dir_name);
return status;
}