Changeset 594 for vendor/current/source3/modules

Timestamp:

Jul 1, 2011, 4:02:23 PM (14 years ago)

Author:

Herwig Bauernfeind

Message:

Samba 3.5: Update vendor to version 3.5.8

Location:

vendor/current/source3/modules

Files:

• onefs_open.c (modified) (1 diff)
• vfs_acl_common.c (modified) (9 diffs)
• vfs_acl_tdb.c (modified) (2 diffs)
• vfs_acl_xattr.c (modified) (2 diffs)
• vfs_default.c (modified) (4 diffs)
• vfs_gpfs.c (modified) (3 diffs)
• vfs_scannedonly.c (modified) (2 diffs)

vendor/current/source3/modules/onefs_open.c

@@ -2095 +2095 @@
         /* Get the file name if root_dir_fid was specified. */
         if (root_dir_fid != 0) {
+                struct smb_filename *smb_fname_out = NULL;
                 status = get_relative_fid_filename(conn, req, root_dir_fid,
-                                                   smb_fname);
+                                                   smb_fname, &smb_fname_out);
                 if (!NT_STATUS_IS_OK(status)) {
                         goto fail;
                 }
+                smb_fname = smb_fname_out;
         }
 

vendor/current/source3/modules/vfs_acl_common.c

@@ -255 +255 @@
         struct security_descriptor *psd = NULL;
         struct security_descriptor *pdesc_next = NULL;
+        bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn),
+                                                ACL_MODULE_NAME,
+                                                "ignore system acls",
+                                                false);
 
         if (fsp && name == NULL) {
@@ -318 +322 @@
         }
 
+        if (ignore_file_system_acl) {
+                goto out;
+        }
 
         status = hash_sd_sha256(pdesc_next, hash_tmp);
@@ -328 +335 @@
         if (memcmp(&hash[0], &hash_tmp[0], XATTR_SD_HASH_SIZE) == 0) {
                 /* Hash matches, return blob sd. */
+                DEBUG(10, ("get_nt_acl_internal: blob hash "
+                        "matches for file %s\n",
+                        name ));
                 goto out;
         }
@@ -351 +361 @@
                  */
                 if (fsp) {
-                        is_directory = fsp->is_directory;
+                        status = vfs_stat_fsp(fsp);
+                        if (!NT_STATUS_IS_OK(status)) {
+                                return status;
+                        }
                         psbuf = &fsp->fsp_name->st;
                 } else {
-                        if (vfs_stat_smb_fname(handle->conn,
+                        int ret = vfs_stat_smb_fname(handle->conn,
                                                 name,
-                                                &sbuf) == 0) {
-                                is_directory = S_ISDIR(sbuf.st_ex_mode);
+                                                &sbuf);
+                        if (ret == -1) {
+                                return map_nt_error_from_unix(errno);
                         }
                 }
-                if (is_directory &&
+                is_directory = S_ISDIR(sbuf.st_ex_mode);
+
+                if (ignore_file_system_acl) {
+                        TALLOC_FREE(pdesc_next);
+                        status = make_default_filesystem_acl(talloc_tos(),
+                                                name,
+                                                psbuf,
+                                                &psd);
+                        if (!NT_STATUS_IS_OK(status)) {
+                                return status;
+                        }
+                } else {
+                        if (is_directory &&
                                 !sd_has_inheritable_components(psd,
                                                         true)) {
-                        add_directory_inheritable_components(handle,
+                                add_directory_inheritable_components(handle,
                                                         name,
                                                         psbuf,
                                                         psd);
+                        }
+                        /* The underlying POSIX module always sets
+                           the ~SEC_DESC_DACL_PROTECTED bit, as ACLs
+                           can't be inherited in this way under POSIX.
+                           Remove it for Windows-style ACLs. */
+                        psd->type &= ~SEC_DESC_DACL_PROTECTED;
                 }
         }
@@ -385 +417 @@
         TALLOC_FREE(blob.data);
         *ppdesc = psd;
+
+        if (DEBUGLEVEL >= 10) {
+                DEBUG(10,("get_nt_acl_internal: returning acl for %s is:\n",
+                        name ));
+                NDR_PRINT_DEBUG(security_descriptor, psd);
+        }
+
         return NT_STATUS_OK;
 }
@@ -661 +700 @@
 
 static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp,
-        uint32_t security_info_sent, const struct security_descriptor *psd)
+        uint32_t security_info_sent, const struct security_descriptor *orig_psd)
 {
         NTSTATUS status;
         DATA_BLOB blob;
         struct security_descriptor *pdesc_next = NULL;
+        struct security_descriptor *psd = NULL;
         uint8_t hash[XATTR_SD_HASH_SIZE];
 
@@ -672 +712 @@
                           fsp_str_dbg(fsp)));
                 NDR_PRINT_DEBUG(security_descriptor,
-                        CONST_DISCARD(struct security_descriptor *,psd));
-        }
-
-        /* Ensure we have OWNER/GROUP/DACL set. */
-
-        if ((security_info_sent & (OWNER_SECURITY_INFORMATION|
-                                GROUP_SECURITY_INFORMATION|
-                                DACL_SECURITY_INFORMATION)) !=
-                                (OWNER_SECURITY_INFORMATION|
-                                 GROUP_SECURITY_INFORMATION|
-                                 DACL_SECURITY_INFORMATION)) {
-                /* No we don't - read from the existing SD. */
-                struct security_descriptor *nc_psd = NULL;
-
-                status = get_nt_acl_internal(handle, fsp,
-                                NULL,
-                                (OWNER_SECURITY_INFORMATION|
-                                 GROUP_SECURITY_INFORMATION|
-                                 DACL_SECURITY_INFORMATION),
-                                &nc_psd);
-
-                if (!NT_STATUS_IS_OK(status)) {
-                        return status;
-                }
-
-                /* This is safe as nc_psd is discarded at fn exit. */
-                if (security_info_sent & OWNER_SECURITY_INFORMATION) {
-                        nc_psd->owner_sid = psd->owner_sid;
-                }
-                security_info_sent |= OWNER_SECURITY_INFORMATION;
-
-                if (security_info_sent & GROUP_SECURITY_INFORMATION) {
-                        nc_psd->group_sid = psd->group_sid;
-                }
-                security_info_sent |= GROUP_SECURITY_INFORMATION;
-
-                if (security_info_sent & DACL_SECURITY_INFORMATION) {
-                        nc_psd->dacl = dup_sec_acl(talloc_tos(), psd->dacl);
-                        if (nc_psd->dacl == NULL) {
-                                return NT_STATUS_NO_MEMORY;
-                        }
-                }
-                security_info_sent |= DACL_SECURITY_INFORMATION;
-                psd = nc_psd;
+                        CONST_DISCARD(struct security_descriptor *,orig_psd));
+        }
+
+        status = get_nt_acl_internal(handle, fsp,
+                        NULL,
+                        SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL,
+                        &psd);
+
+        if (!NT_STATUS_IS_OK(status)) {
+                return status;
+        }
+
+        psd->revision = orig_psd->revision;
+        /* All our SD's are self relative. */
+        psd->type = orig_psd->type | SEC_DESC_SELF_RELATIVE;
+
+        if ((security_info_sent & SECINFO_OWNER) && (orig_psd->owner_sid != NULL)) {
+                psd->owner_sid = orig_psd->owner_sid;
+        }
+        if ((security_info_sent & SECINFO_GROUP) && (orig_psd->group_sid != NULL)) {
+                psd->group_sid = orig_psd->group_sid;
+        }
+        if (security_info_sent & SECINFO_DACL) {
+                psd->dacl = orig_psd->dacl;
+                psd->type |= SEC_DESC_DACL_PRESENT;
+        }
+        if (security_info_sent & SECINFO_SACL) {
+                psd->sacl = orig_psd->sacl;
+                psd->type |= SEC_DESC_SACL_PRESENT;
         }
 
@@ -902 +927 @@
                                         &info);
 
+        if (!NT_STATUS_IS_OK(status)) {
+                goto out;
+        }
+
         if (info != FILE_WAS_CREATED) {
                 /* File/directory was opened, not created. */
@@ -909 +938 @@
         fsp = *result;
 
-        if (!NT_STATUS_IS_OK(status) || fsp == NULL) {
+        if (fsp == NULL) {
                 /* Only handle success. */
                 goto out;

vendor/current/source3/modules/vfs_acl_tdb.c

@@ -29 +29 @@
 #define DBGC_CLASS DBGC_VFS
 
+#define ACL_MODULE_NAME "acl_tdb"
 #include "modules/vfs_acl_common.c"
 
@@ -315 +316 @@
         }
 
-        /* Ensure we have "inherit acls = yes" if we're
+        /* Ensure we have the parameters correct if we're
          * using this module. */
         DEBUG(2,("connect_acl_tdb: setting 'inherit acls = true' "
-                "and 'dos filemode = true' for service %s\n",
+                "'dos filemode = true' and "
+                "'force unknown acl user = true' for service %s\n",
                 service ));
+
         lp_do_parameter(SNUM(handle->conn), "inherit acls", "true");
         lp_do_parameter(SNUM(handle->conn), "dos filemode", "true");
+        lp_do_parameter(SNUM(handle->conn), "force unknown acl user", "true");
 
         return 0;

vendor/current/source3/modules/vfs_acl_xattr.c

@@ -30 +30 @@
 
 /* Pull in the common functions. */
+#define ACL_MODULE_NAME "acl_xattr"
+
 #include "modules/vfs_acl_common.c"
 
@@ -184 +186 @@
         }
 
-        /* Ensure we have "inherit acls = yes" if we're
-         * using this module. */
-        DEBUG(2,("connect_acl_xattr: setting 'inherit acls = true' "
-                "and 'dos filemode = true' for service %s\n",
-                service ));
+        /* Ensure we have the parameters correct if we're
+         * using this module. */
+        DEBUG(2,("connect_acl_xattr: setting 'inherit acls = true' "
+                "'dos filemode = true' and "
+                "'force unknown acl user = true' for service %s\n",
+                service ));
 
         lp_do_parameter(SNUM(handle->conn), "inherit acls", "true");
         lp_do_parameter(SNUM(handle->conn), "dos filemode", "true");
+        lp_do_parameter(SNUM(handle->conn), "force unknown acl user", "true");
 
         return 0;

vendor/current/source3/modules/vfs_default.c

@@ -218 +218 @@
             && parent_dirname(talloc_tos(), path, &parent, NULL)
             && (has_dacl = directory_has_default_acl(handle->conn, parent)))
-                mode = 0777;
+                mode = (0777 & lp_dir_mask(SNUM(handle->conn)));
 
         TALLOC_FREE(parent);
@@ -899 +899 @@
                 result = utimensat(AT_FDCWD, smb_fname->base_name, NULL, 0);
         }
-#elif defined(HAVE_UTIMES)
+        if (!((result == -1) && (errno == ENOSYS))) {
+                goto out;
+        }
+#endif
+#if defined(HAVE_UTIMES)
         if (ft != NULL) {
                 struct timeval tv[2];
@@ -908 +912 @@
                 result = utimes(smb_fname->base_name, NULL);
         }
-#elif defined(HAVE_UTIME)
+        if (!((result == -1) && (errno == ENOSYS))) {
+                goto out;
+        }
+#endif
+#if defined(HAVE_UTIME)
         if (ft != NULL) {
                 struct utimbuf times;
@@ -917 +925 @@
                 result = utime(smb_fname->base_name, NULL);
         }
-#else
+        if (!((result == -1) && (errno == ENOSYS))) {
+                goto out;
+        }
+#endif
         errno = ENOSYS;
         result = -1;
-#endif
 
  out:

vendor/current/source3/modules/vfs_gpfs.c

@@ -940 +940 @@
                                 GPFS_WINATTR_SET_ATTRS, &attrs);
         if ( ret == -1){
+                if (errno == ENOSYS) {
+                        return SMB_VFS_NEXT_SETXATTR(handle, path, name, value,
+                                                     size, flags);
+                }
+
                 DEBUG(1, ("gpfs_set_xattr:Set GPFS attributes failed %d\n",ret));
                 return -1;
@@ -965 +970 @@
         ret = get_gpfs_winattrs(CONST_DISCARD(char *, path), &attrs);
         if ( ret == -1){
+                if (errno == ENOSYS) {
+                        return SMB_VFS_NEXT_GETXATTR(handle, path, name, value,
+                                                     size);
+                }
+
                 DEBUG(1, ("gpfs_get_xattr: Get GPFS attributes failed: %d\n",ret));
                 return -1;
@@ -1096 +1106 @@
         ret = set_gpfs_winattrs(CONST_DISCARD(char *, path),
                                 GPFS_WINATTR_SET_CREATION_TIME, &attrs);
-        if(ret == -1){
+        if(ret == -1 && errno != ENOSYS){
                 DEBUG(1,("vfs_gpfs_ntimes: set GPFS ntimes failed %d\n",ret));
                 return -1;

vendor/current/source3/modules/vfs_scannedonly.c

@@ -427 +427 @@
         }
         if (retval == 0 && VALID_STAT(cache_smb_fname->st)) {
-                if (timespec_is_newer(&smb_fname->st.st_ex_mtime,
-                                      &cache_smb_fname->st.st_ex_mtime)) {
+                if (timespec_is_newer(&smb_fname->st.st_ex_ctime,
+                                      &cache_smb_fname->st.st_ex_ctime)) {
                         talloc_free(cache_smb_fname);
                         return true;
@@ -490 +490 @@
         /* still no cachefile, or still too old, return 0 */
         if (retval != 0
-            || !timespec_is_newer(&smb_fname->st.st_ex_mtime,
-                                  &cache_smb_fname->st.st_ex_mtime)) {
+            || !timespec_is_newer(&smb_fname->st.st_ex_ctime,
+                                  &cache_smb_fname->st.st_ex_ctime)) {
                 DEBUG(SCANNEDONLY_DEBUG,
                       ("retval=%d, return 0\n",retval));