Changeset 745 for trunk/server/source4/ntvfs/posix
- Timestamp:
- Nov 27, 2012, 4:43:17 PM (13 years ago)
- Location:
- trunk/server
- Files:
-
- 2 deleted
- 25 edited
- 5 copied
-
. (modified) (1 prop)
-
source4/ntvfs/posix/config.m4 (deleted)
-
source4/ntvfs/posix/config.mk (deleted)
-
source4/ntvfs/posix/pvfs_acl.c (modified) (23 diffs)
-
source4/ntvfs/posix/pvfs_acl_nfs4.c (modified) (9 diffs)
-
source4/ntvfs/posix/pvfs_acl_xattr.c (modified) (2 diffs)
-
source4/ntvfs/posix/pvfs_fileinfo.c (modified) (1 diff)
-
source4/ntvfs/posix/pvfs_fsinfo.c (modified) (1 diff)
-
source4/ntvfs/posix/pvfs_lock.c (modified) (1 diff)
-
source4/ntvfs/posix/pvfs_mkdir.c (modified) (6 diffs)
-
source4/ntvfs/posix/pvfs_notify.c (modified) (1 diff)
-
source4/ntvfs/posix/pvfs_open.c (modified) (35 diffs)
-
source4/ntvfs/posix/pvfs_qfileinfo.c (modified) (3 diffs)
-
source4/ntvfs/posix/pvfs_read.c (modified) (1 diff)
-
source4/ntvfs/posix/pvfs_rename.c (modified) (12 diffs)
-
source4/ntvfs/posix/pvfs_resolve.c (modified) (17 diffs)
-
source4/ntvfs/posix/pvfs_search.c (modified) (11 diffs)
-
source4/ntvfs/posix/pvfs_setfileinfo.c (modified) (5 diffs)
-
source4/ntvfs/posix/pvfs_shortname.c (modified) (4 diffs)
-
source4/ntvfs/posix/pvfs_streams.c (modified) (3 diffs)
-
source4/ntvfs/posix/pvfs_sys.c (copied) (copied from vendor/current/source4/ntvfs/posix/pvfs_sys.c )
-
source4/ntvfs/posix/pvfs_unlink.c (modified) (2 diffs)
-
source4/ntvfs/posix/pvfs_util.c (modified) (5 diffs)
-
source4/ntvfs/posix/pvfs_wait.c (modified) (1 diff)
-
source4/ntvfs/posix/pvfs_xattr.c (modified) (10 diffs)
-
source4/ntvfs/posix/python (copied) (copied from vendor/current/source4/ntvfs/posix/python )
-
source4/ntvfs/posix/python/pyxattr_native.c (copied) (copied from vendor/current/source4/ntvfs/posix/python/pyxattr_native.c )
-
source4/ntvfs/posix/python/pyxattr_tdb.c (copied) (copied from vendor/current/source4/ntvfs/posix/python/pyxattr_tdb.c )
-
source4/ntvfs/posix/vfs_posix.c (modified) (4 diffs)
-
source4/ntvfs/posix/vfs_posix.h (modified) (8 diffs)
-
source4/ntvfs/posix/wscript_build (copied) (copied from vendor/current/source4/ntvfs/posix/wscript_build )
-
source4/ntvfs/posix/xattr_tdb.c (modified) (12 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/server
- Property svn:mergeinfo changed
/vendor/current merged: 581,587,591,594,597,600,615,618,740
- Property svn:mergeinfo changed
-
trunk/server/source4/ntvfs/posix/pvfs_acl.c
r414 r745 26 26 #include "libcli/security/security.h" 27 27 #include "param/param.h" 28 28 #include "../lib/util/unix_privs.h" 29 30 #if defined(UID_WRAPPER) 31 #if !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE) 32 #define UID_WRAPPER_REPLACE 33 #include "../uid_wrapper/uid_wrapper.h" 34 #endif 35 #else 36 #define uwrap_enabled() 0 37 #endif 29 38 30 39 /* the list of currently registered ACL backends */ … … 84 93 { 85 94 static bool initialized = false; 86 extern NTSTATUS pvfs_acl_nfs4_init(void);87 extern NTSTATUS pvfs_acl_xattr_init(void);95 #define _MODULE_PROTO(init) extern NTSTATUS init(void); 96 STATIC_pvfs_acl_MODULES_PROTO; 88 97 init_module_fn static_init[] = { STATIC_pvfs_acl_MODULES }; 89 98 init_module_fn *shared_init; … … 149 158 struct security_ace ace; 150 159 mode_t mode; 151 struct id_map ping*ids;160 struct id_map *ids; 152 161 struct composite_context *ctx; 153 162 … … 158 167 sd = *psd; 159 168 160 ids = talloc_zero_array(sd, struct id_map ping, 2);169 ids = talloc_zero_array(sd, struct id_map, 2); 161 170 NT_STATUS_HAVE_NO_MEMORY(ids); 162 171 163 ids[0].unixid = talloc(ids, struct unixid); 164 NT_STATUS_HAVE_NO_MEMORY(ids[0].unixid); 165 166 ids[0].unixid->id = name->st.st_uid; 167 ids[0].unixid->type = ID_TYPE_UID; 172 ids[0].xid.id = name->st.st_uid; 173 ids[0].xid.type = ID_TYPE_UID; 168 174 ids[0].sid = NULL; 169 175 170 ids[1].unixid = talloc(ids, struct unixid); 171 NT_STATUS_HAVE_NO_MEMORY(ids[1].unixid); 172 173 ids[1].unixid->id = name->st.st_gid; 174 ids[1].unixid->type = ID_TYPE_GID; 176 ids[1].xid.id = name->st.st_gid; 177 ids[1].xid.type = ID_TYPE_GID; 175 178 ids[1].sid = NULL; 176 179 … … 291 294 uid_t new_uid = -1; 292 295 gid_t new_gid = -1; 293 struct id_map ping*ids;296 struct id_map *ids; 294 297 struct composite_context *ctx; 295 298 … … 304 307 } 305 308 306 ids = talloc(req, struct id_map ping);309 ids = talloc(req, struct id_map); 307 310 NT_STATUS_HAVE_NO_MEMORY(ids); 308 ids->unixid = NULL;311 ZERO_STRUCT(ids->xid); 309 312 ids->sid = NULL; 310 ids->status = NT_STATUS_NONE_MAPPED;313 ids->status = ID_UNKNOWN; 311 314 312 315 new_sd = info->set_secdesc.in.sd; … … 328 331 NT_STATUS_NOT_OK_RETURN(status); 329 332 330 if (ids-> unixid->type == ID_TYPE_BOTH ||331 ids-> unixid->type == ID_TYPE_UID) {332 new_uid = ids-> unixid->id;333 if (ids->xid.type == ID_TYPE_BOTH || 334 ids->xid.type == ID_TYPE_UID) { 335 new_uid = ids->xid.id; 333 336 } 334 337 } … … 346 349 NT_STATUS_NOT_OK_RETURN(status); 347 350 348 if (ids-> unixid->type == ID_TYPE_BOTH ||349 ids-> unixid->type == ID_TYPE_GID) {350 new_gid = ids-> unixid->id;351 if (ids->xid.type == ID_TYPE_BOTH || 352 ids->xid.type == ID_TYPE_GID) { 353 new_gid = ids->xid.id; 351 354 } 352 355 … … 384 387 } else { 385 388 ret = fchown(fd, new_uid, new_gid); 389 } 390 if (errno == EPERM) { 391 if (uwrap_enabled()) { 392 ret = 0; 393 } else { 394 /* try again as root if we have SEC_PRIV_RESTORE or 395 SEC_PRIV_TAKE_OWNERSHIP */ 396 if (security_token_has_privilege(req->session_info->security_token, 397 SEC_PRIV_RESTORE) || 398 security_token_has_privilege(req->session_info->security_token, 399 SEC_PRIV_TAKE_OWNERSHIP)) { 400 void *privs; 401 privs = root_privileges(); 402 if (fd == -1) { 403 ret = chown(name->full_name, new_uid, new_gid); 404 } else { 405 ret = fchown(fd, new_uid, new_gid); 406 } 407 talloc_free(privs); 408 } 409 } 386 410 } 387 411 if (ret == -1) { … … 483 507 for the common case of access check on files with no 484 508 specific NT ACL 485 */ 486 NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, 487 struct ntvfs_request *req, 488 struct pvfs_filename *name, 489 uint32_t *access_mask) 509 510 If name is NULL then treat as a new file creation 511 */ 512 static NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, 513 struct ntvfs_request *req, 514 struct pvfs_filename *name, 515 uint32_t *access_mask) 490 516 { 491 517 uid_t uid = geteuid(); 492 518 uint32_t max_bits = SEC_RIGHTS_FILE_READ | SEC_FILE_ALL; 519 struct security_token *token = req->session_info->security_token; 493 520 494 521 if (pvfs_read_only(pvfs, *access_mask)) { … … 496 523 } 497 524 498 /* owner and root get extra permissions */ 499 if (uid == 0) { 500 max_bits |= SEC_STD_ALL | SEC_FLAG_SYSTEM_SECURITY; 501 } else if (uid == name->st.st_uid) { 525 if (name == NULL || uid == name->st.st_uid) { 502 526 max_bits |= SEC_STD_ALL; 503 } 504 505 if ((name->st.st_mode & S_IWOTH) || 527 } else if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { 528 max_bits |= SEC_STD_DELETE; 529 } 530 531 if (name == NULL || 532 (name->st.st_mode & S_IWOTH) || 506 533 ((name->st.st_mode & S_IWGRP) && 507 534 pvfs_group_member(pvfs, name->st.st_gid))) { … … 517 544 } 518 545 519 if (*access_mask == SEC_FLAG_MAXIMUM_ALLOWED) { 520 *access_mask = max_bits; 521 return NT_STATUS_OK; 522 } 523 524 if (uid != 0 && (*access_mask & SEC_FLAG_SYSTEM_SECURITY)) { 525 return NT_STATUS_ACCESS_DENIED; 546 if (*access_mask & SEC_FLAG_MAXIMUM_ALLOWED) { 547 *access_mask |= max_bits; 548 *access_mask &= ~SEC_FLAG_MAXIMUM_ALLOWED; 549 } 550 551 if ((*access_mask & SEC_FLAG_SYSTEM_SECURITY) && 552 security_token_has_privilege(token, SEC_PRIV_SECURITY)) { 553 max_bits |= SEC_FLAG_SYSTEM_SECURITY; 554 } 555 556 if (((*access_mask & ~max_bits) & SEC_RIGHTS_PRIV_RESTORE) && 557 security_token_has_privilege(token, SEC_PRIV_RESTORE)) { 558 max_bits |= ~(SEC_RIGHTS_PRIV_RESTORE); 559 } 560 if (((*access_mask & ~max_bits) & SEC_RIGHTS_PRIV_BACKUP) && 561 security_token_has_privilege(token, SEC_PRIV_BACKUP)) { 562 max_bits |= ~(SEC_RIGHTS_PRIV_BACKUP); 526 563 } 527 564 528 565 if (*access_mask & ~max_bits) { 529 566 DEBUG(0,(__location__ " denied access to '%s' - wanted 0x%08x but got 0x%08x (missing 0x%08x)\n", 530 name ->full_name, *access_mask, max_bits, *access_mask & ~max_bits));567 name?name->full_name:"(new file)", *access_mask, max_bits, *access_mask & ~max_bits)); 531 568 return NT_STATUS_ACCESS_DENIED; 532 569 } … … 556 593 NTSTATUS status; 557 594 struct security_descriptor *sd; 595 bool allow_delete = false; 558 596 559 597 /* on SMB2 a blank access mask is always denied */ … … 567 605 } 568 606 607 if (*access_mask & SEC_FLAG_MAXIMUM_ALLOWED || 608 *access_mask & SEC_STD_DELETE) { 609 status = pvfs_access_check_parent(pvfs, req, 610 name, SEC_DIR_DELETE_CHILD); 611 if (NT_STATUS_IS_OK(status)) { 612 allow_delete = true; 613 *access_mask &= ~SEC_STD_DELETE; 614 } 615 } 616 569 617 acl = talloc(req, struct xattr_NTACL); 570 618 if (acl == NULL) { … … 581 629 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { 582 630 talloc_free(acl); 583 return pvfs_access_check_unix(pvfs, req, name, access_mask); 631 status = pvfs_access_check_unix(pvfs, req, name, access_mask); 632 goto done; 584 633 } 585 634 if (!NT_STATUS_IS_OK(status)) { … … 596 645 597 646 /* check the acl against the required access mask */ 598 status = sec_access_check(sd, token, *access_mask, access_mask); 599 647 status = se_access_check(sd, token, *access_mask, access_mask); 648 talloc_free(acl); 649 done: 600 650 if (pvfs->ntvfs->ctx->protocol != PROTOCOL_SMB2) { 601 651 /* on SMB, this bit is always granted, even if not … … 604 654 } 605 655 606 talloc_free(acl); 607 656 if (allow_delete) { 657 *access_mask |= SEC_STD_DELETE; 658 } 659 608 660 return status; 609 661 } … … 631 683 struct ntvfs_request *req, 632 684 struct pvfs_filename *name, 633 uint32_t *access_mask) 685 uint32_t *access_mask, 686 bool container, 687 struct security_descriptor **sd) 634 688 { 635 689 struct pvfs_filename *parent; 636 690 NTSTATUS status; 691 uint32_t parent_mask; 692 bool allow_delete = false; 693 694 if (pvfs_read_only(pvfs, *access_mask)) { 695 return NT_STATUS_ACCESS_DENIED; 696 } 637 697 638 698 status = pvfs_resolve_parent(pvfs, req, name, &parent); 699 NT_STATUS_NOT_OK_RETURN(status); 700 701 if (container) { 702 parent_mask = SEC_DIR_ADD_SUBDIR; 703 } else { 704 parent_mask = SEC_DIR_ADD_FILE; 705 } 706 if (*access_mask & SEC_FLAG_MAXIMUM_ALLOWED || 707 *access_mask & SEC_STD_DELETE) { 708 parent_mask |= SEC_DIR_DELETE_CHILD; 709 } 710 711 status = pvfs_access_check(pvfs, req, parent, &parent_mask); 712 if (NT_STATUS_IS_OK(status)) { 713 if (parent_mask & SEC_DIR_DELETE_CHILD) { 714 allow_delete = true; 715 } 716 } else if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { 717 /* 718 * on ACCESS_DENIED we get the rejected bits 719 * remove the non critical SEC_DIR_DELETE_CHILD 720 * and check if something else was rejected. 721 */ 722 parent_mask &= ~SEC_DIR_DELETE_CHILD; 723 if (parent_mask != 0) { 724 return NT_STATUS_ACCESS_DENIED; 725 } 726 status = NT_STATUS_OK; 727 } else { 728 return status; 729 } 730 731 if (*sd == NULL) { 732 status = pvfs_acl_inherited_sd(pvfs, req, req, parent, container, sd); 733 } 734 735 talloc_free(parent); 639 736 if (!NT_STATUS_IS_OK(status)) { 640 737 return status; 641 738 } 642 739 643 status = pvfs_access_check(pvfs, req, parent, access_mask); 644 if (!NT_STATUS_IS_OK(status)) { 645 return status; 646 } 647 648 if (! ((*access_mask) & SEC_DIR_ADD_FILE)) { 649 return pvfs_access_check_simple(pvfs, req, parent, SEC_DIR_ADD_FILE); 650 } 651 652 return status; 740 /* expand the generic access bits to file specific bits */ 741 *access_mask = pvfs_translate_mask(*access_mask); 742 743 if (*access_mask & SEC_FLAG_MAXIMUM_ALLOWED) { 744 *access_mask |= SEC_RIGHTS_FILE_ALL; 745 *access_mask &= ~SEC_FLAG_MAXIMUM_ALLOWED; 746 } 747 748 if (pvfs->ntvfs->ctx->protocol != PROTOCOL_SMB2) { 749 /* on SMB, this bit is always granted, even if not 750 asked for */ 751 *access_mask |= SEC_FILE_READ_ATTRIBUTE; 752 } 753 754 if (allow_delete) { 755 *access_mask |= SEC_STD_DELETE; 756 } 757 758 return NT_STATUS_OK; 653 759 } 654 760 … … 778 884 779 885 /* 780 setup an ACL on a new file/directory based on the inherited ACL from 781 the parent. If there is no inherited ACL then we don't set anything, 782 as the default ACL applies anyway 783 */ 784 NTSTATUS pvfs_acl_inherit(struct pvfs_state *pvfs, 785 struct ntvfs_request *req, 786 struct pvfs_filename *name, 787 int fd) 886 calculate the ACL on a new file/directory based on the inherited ACL 887 from the parent. If there is no inherited ACL then return a NULL 888 ACL, which means the default ACL should be used 889 */ 890 NTSTATUS pvfs_acl_inherited_sd(struct pvfs_state *pvfs, 891 TALLOC_CTX *mem_ctx, 892 struct ntvfs_request *req, 893 struct pvfs_filename *parent, 894 bool container, 895 struct security_descriptor **ret_sd) 788 896 { 789 897 struct xattr_NTACL *acl; 790 898 NTSTATUS status; 791 struct pvfs_filename *parent;792 899 struct security_descriptor *parent_sd, *sd; 793 bool container; 794 struct id_mapping *ids; 900 struct id_map *ids; 795 901 struct composite_context *ctx; 796 797 /* form the parents path */ 798 status = pvfs_resolve_parent(pvfs, req, name, &parent); 799 if (!NT_STATUS_IS_OK(status)) { 800 return status; 801 } 902 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); 903 904 *ret_sd = NULL; 802 905 803 906 acl = talloc(req, struct xattr_NTACL); 804 if (acl == NULL) { 805 return NT_STATUS_NO_MEMORY; 806 } 907 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(acl, tmp_ctx); 807 908 808 909 status = pvfs_acl_load(pvfs, parent, -1, acl); 809 910 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { 911 talloc_free(tmp_ctx); 810 912 return NT_STATUS_OK; 811 913 } 812 if (!NT_STATUS_IS_OK(status)) { 813 return status; 814 } 914 NT_STATUS_NOT_OK_RETURN_AND_FREE(status, tmp_ctx); 815 915 816 916 switch (acl->version) { … … 819 919 break; 820 920 default: 921 talloc_free(tmp_ctx); 821 922 return NT_STATUS_INVALID_ACL; 822 923 } … … 826 927 parent_sd->dacl->num_aces == 0) { 827 928 /* go with the default ACL */ 929 talloc_free(tmp_ctx); 828 930 return NT_STATUS_OK; 829 931 } … … 831 933 /* create the new sd */ 832 934 sd = security_descriptor_initialise(req); 833 if (sd == NULL) { 834 return NT_STATUS_NO_MEMORY; 835 } 836 837 ids = talloc_array(sd, struct id_mapping, 2); 838 NT_STATUS_HAVE_NO_MEMORY(ids); 839 840 ids[0].unixid = talloc(ids, struct unixid); 841 NT_STATUS_HAVE_NO_MEMORY(ids[0].unixid); 842 ids[0].unixid->id = name->st.st_uid; 843 ids[0].unixid->type = ID_TYPE_UID; 935 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sd, tmp_ctx); 936 937 ids = talloc_array(sd, struct id_map, 2); 938 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(ids, tmp_ctx); 939 940 ids[0].xid.id = geteuid(); 941 ids[0].xid.type = ID_TYPE_UID; 844 942 ids[0].sid = NULL; 845 ids[0].status = NT_STATUS_NONE_MAPPED; 846 847 ids[1].unixid = talloc(ids, struct unixid); 848 NT_STATUS_HAVE_NO_MEMORY(ids[1].unixid); 849 ids[1].unixid->id = name->st.st_gid; 850 ids[1].unixid->type = ID_TYPE_GID; 943 ids[0].status = ID_UNKNOWN; 944 945 ids[1].xid.id = getegid(); 946 ids[1].xid.type = ID_TYPE_GID; 851 947 ids[1].sid = NULL; 852 ids[1].status = NT_STATUS_NONE_MAPPED;948 ids[1].status = ID_UNKNOWN; 853 949 854 950 ctx = wbc_xids_to_sids_send(pvfs->wbc_ctx, ids, 2, ids); 855 NT_STATUS_HAVE_NO_MEMORY (ctx);951 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(ctx, tmp_ctx); 856 952 857 953 status = wbc_xids_to_sids_recv(ctx, &ids); 858 NT_STATUS_NOT_OK_RETURN (status);954 NT_STATUS_NOT_OK_RETURN_AND_FREE(status, tmp_ctx); 859 955 860 956 sd->owner_sid = talloc_steal(sd, ids[0].sid); … … 863 959 sd->type |= SEC_DESC_DACL_PRESENT; 864 960 865 container = (name->dos.attrib & FILE_ATTRIBUTE_DIRECTORY) ? true:false;866 867 961 /* fill in the aces from the parent */ 868 962 status = pvfs_acl_inherit_aces(pvfs, parent_sd, sd, container); 869 if (!NT_STATUS_IS_OK(status)) { 870 return status; 871 } 963 NT_STATUS_NOT_OK_RETURN_AND_FREE(status, tmp_ctx); 872 964 873 965 /* if there is nothing to inherit then we fallback to the 874 966 default acl */ 875 967 if (sd->dacl == NULL || sd->dacl->num_aces == 0) { 968 talloc_free(tmp_ctx); 876 969 return NT_STATUS_OK; 877 970 } 878 971 879 acl->info.sd = sd; 880 881 status = pvfs_acl_save(pvfs, name, fd, acl); 882 972 *ret_sd = talloc_steal(mem_ctx, sd); 973 974 talloc_free(tmp_ctx); 975 return NT_STATUS_OK; 976 } 977 978 979 /* 980 setup an ACL on a new file/directory based on the inherited ACL from 981 the parent. If there is no inherited ACL then we don't set anything, 982 as the default ACL applies anyway 983 */ 984 NTSTATUS pvfs_acl_inherit(struct pvfs_state *pvfs, 985 struct ntvfs_request *req, 986 struct pvfs_filename *name, 987 int fd) 988 { 989 struct xattr_NTACL acl; 990 NTSTATUS status; 991 struct security_descriptor *sd; 992 struct pvfs_filename *parent; 993 bool container; 994 995 /* form the parents path */ 996 status = pvfs_resolve_parent(pvfs, req, name, &parent); 997 NT_STATUS_NOT_OK_RETURN(status); 998 999 container = (name->dos.attrib & FILE_ATTRIBUTE_DIRECTORY) ? true:false; 1000 1001 status = pvfs_acl_inherited_sd(pvfs, req, req, parent, container, &sd); 1002 if (!NT_STATUS_IS_OK(status)) { 1003 talloc_free(parent); 1004 return status; 1005 } 1006 1007 if (sd == NULL) { 1008 return NT_STATUS_OK; 1009 } 1010 1011 acl.version = 1; 1012 acl.info.sd = sd; 1013 1014 status = pvfs_acl_save(pvfs, name, fd, &acl); 1015 talloc_free(sd); 1016 talloc_free(parent); 1017 883 1018 return status; 884 1019 } -
trunk/server/source4/ntvfs/posix/pvfs_acl_nfs4.c
r414 r745 40 40 struct security_descriptor *sd; 41 41 int i, num_ids; 42 struct id_map ping*ids;42 struct id_map *ids; 43 43 struct composite_context *ctx; 44 44 … … 48 48 status = pvfs_xattr_ndr_load(pvfs, mem_ctx, name->full_name, fd, 49 49 NFS4ACL_XATTR_NAME, 50 acl, ndr_pull_nfs4acl);50 acl, (void *) ndr_pull_nfs4acl); 51 51 if (!NT_STATUS_IS_OK(status)) { 52 52 talloc_free(acl); … … 63 63 /* the number of ids to map is the acl count plus uid and gid */ 64 64 num_ids = acl->a_count +2; 65 ids = talloc_array(sd, struct id_map ping, num_ids);65 ids = talloc_array(sd, struct id_map, num_ids); 66 66 NT_STATUS_HAVE_NO_MEMORY(ids); 67 67 68 ids[0].unixid = talloc(ids, struct unixid); 69 NT_STATUS_HAVE_NO_MEMORY(ids[0].unixid); 70 ids[0].unixid->id = name->st.st_uid; 71 ids[0].unixid->type = ID_TYPE_UID; 68 ids[0].xid.id = name->st.st_uid; 69 ids[0].xid.type = ID_TYPE_UID; 72 70 ids[0].sid = NULL; 73 ids[0].status = NT_STATUS_NONE_MAPPED; 74 75 ids[1].unixid = talloc(ids, struct unixid); 76 NT_STATUS_HAVE_NO_MEMORY(ids[1].unixid); 77 ids[1].unixid->id = name->st.st_gid; 78 ids[1].unixid->type = ID_TYPE_GID; 71 ids[0].status = ID_UNKNOWN; 72 73 ids[1].xid.id = name->st.st_gid; 74 ids[1].xid.type = ID_TYPE_GID; 79 75 ids[1].sid = NULL; 80 ids[1].status = NT_STATUS_NONE_MAPPED;76 ids[1].status = ID_UNKNOWN; 81 77 82 78 for (i=0;i<acl->a_count;i++) { 83 79 struct nfs4ace *a = &acl->ace[i]; 84 ids[i+2].unixid = talloc(ids, struct unixid); 85 NT_STATUS_HAVE_NO_MEMORY(ids[i+2].unixid); 86 ids[i+2].unixid->id = a->e_id; 80 ids[i+2].xid.id = a->e_id; 87 81 if (a->e_flags & ACE4_IDENTIFIER_GROUP) { 88 ids[i+2]. unixid->type = ID_TYPE_GID;82 ids[i+2].xid.type = ID_TYPE_GID; 89 83 } else { 90 ids[i+2]. unixid->type = ID_TYPE_UID;84 ids[i+2].xid.type = ID_TYPE_UID; 91 85 } 92 86 ids[i+2].sid = NULL; 93 ids[i+2].status = NT_STATUS_NONE_MAPPED;87 ids[i+2].status = ID_UNKNOWN; 94 88 } 95 89 … … 128 122 int i; 129 123 TALLOC_CTX *tmp_ctx; 130 struct id_map ping*ids;124 struct id_map *ids; 131 125 struct composite_context *ctx; 132 126 … … 147 141 } 148 142 149 ids = talloc_array(tmp_ctx, struct id_map ping, acl.a_count);143 ids = talloc_array(tmp_ctx, struct id_map, acl.a_count); 150 144 if (ids == NULL) { 151 145 talloc_free(tmp_ctx); … … 155 149 for (i=0;i<acl.a_count;i++) { 156 150 struct security_ace *ace = &sd->dacl->aces[i]; 157 ids[i].unixid = NULL;151 ZERO_STRUCT(ids[i].xid); 158 152 ids[i].sid = dom_sid_dup(ids, &ace->trustee); 159 153 if (ids[i].sid == NULL) { … … 161 155 return NT_STATUS_NO_MEMORY; 162 156 } 163 ids[i].status = NT_STATUS_NONE_MAPPED;157 ids[i].status = ID_UNKNOWN; 164 158 } 165 159 … … 181 175 a->e_flags = ace->flags; 182 176 a->e_mask = ace->access_mask; 183 if (ids[i]. unixid->type != ID_TYPE_UID) {177 if (ids[i].xid.type != ID_TYPE_UID) { 184 178 a->e_flags |= ACE4_IDENTIFIER_GROUP; 185 179 } 186 a->e_id = ids[i]. unixid->id;180 a->e_id = ids[i].xid.id; 187 181 a->e_who = ""; 188 182 } … … 191 185 status = pvfs_xattr_ndr_save(pvfs, name->full_name, fd, 192 186 NFS4ACL_XATTR_NAME, 193 &acl, ndr_push_nfs4acl);187 &acl, (void *) ndr_push_nfs4acl); 194 188 talloc_free(privs); 195 189 -
trunk/server/source4/ntvfs/posix/pvfs_acl_xattr.c
r414 r745 44 44 status = pvfs_xattr_ndr_load(pvfs, mem_ctx, name->full_name, fd, 45 45 XATTR_NTACL_NAME, 46 acl, 47 (ndr_pull_flags_fn_t)ndr_pull_xattr_NTACL); 46 acl, (void *) ndr_pull_xattr_NTACL); 48 47 49 48 if (!NT_STATUS_IS_OK(status)) { … … 84 83 status = pvfs_xattr_ndr_save(pvfs, name->full_name, fd, 85 84 XATTR_NTACL_NAME, 86 &acl, 87 (ndr_push_flags_fn_t)ndr_push_xattr_NTACL); 85 &acl, (void *) ndr_push_xattr_NTACL); 88 86 talloc_free(privs); 89 87 return status; -
trunk/server/source4/ntvfs/posix/pvfs_fileinfo.c
r414 r745 54 54 */ 55 55 NTSTATUS pvfs_fill_dos_info(struct pvfs_state *pvfs, struct pvfs_filename *name, 56 u int_t flags, int fd)56 unsigned int flags, int fd) 57 57 { 58 58 NTSTATUS status; -
trunk/server/source4/ntvfs/posix/pvfs_fsinfo.c
r414 r745 89 89 struct pvfs_state); 90 90 uint64_t blocks_free, blocks_total; 91 u int_t bpunit;91 unsigned int bpunit; 92 92 struct stat st; 93 93 const uint16_t block_size = 512; -
trunk/server/source4/ntvfs/posix/pvfs_lock.c
r414 r745 117 117 /* we don't retry on a cancel */ 118 118 if (reason == PVFS_WAIT_CANCEL) { 119 status = NT_STATUS_FILE_LOCK_CONFLICT; 119 if (pvfs->ntvfs->ctx->protocol != PROTOCOL_SMB2) { 120 status = NT_STATUS_FILE_LOCK_CONFLICT; 121 } else { 122 status = NT_STATUS_CANCELLED; 123 } 120 124 } else { 121 125 /* -
trunk/server/source4/ntvfs/posix/pvfs_mkdir.c
r414 r745 52 52 mode = pvfs_fileperms(pvfs, FILE_ATTRIBUTE_DIRECTORY); 53 53 54 if ( mkdir(name->full_name, mode) == -1) {54 if (pvfs_sys_mkdir(pvfs, name->full_name, mode) == -1) { 55 55 return pvfs_map_errno(pvfs, errno); 56 56 } … … 70 70 status = pvfs_acl_inherit(pvfs, req, name, -1); 71 71 if (!NT_STATUS_IS_OK(status)) { 72 rmdir(name->full_name);72 pvfs_sys_rmdir(pvfs, name->full_name); 73 73 return status; 74 74 } … … 79 79 md->t2mkdir.in.eas); 80 80 if (!NT_STATUS_IS_OK(status)) { 81 rmdir(name->full_name);81 pvfs_sys_rmdir(pvfs, name->full_name); 82 82 return status; 83 83 } … … 128 128 mode = pvfs_fileperms(pvfs, FILE_ATTRIBUTE_DIRECTORY); 129 129 130 if ( mkdir(name->full_name, mode) == -1) {130 if (pvfs_sys_mkdir(pvfs, name->full_name, mode) == -1) { 131 131 return pvfs_map_errno(pvfs, errno); 132 132 } … … 137 137 status = pvfs_acl_inherit(pvfs, req, name, -1); 138 138 if (!NT_STATUS_IS_OK(status)) { 139 rmdir(name->full_name);139 pvfs_sys_rmdir(pvfs, name->full_name); 140 140 return status; 141 141 } … … 180 180 } 181 181 182 if ( rmdir(name->full_name) == -1) {182 if (pvfs_sys_rmdir(pvfs, name->full_name) == -1) { 183 183 /* some olders systems don't return ENOTEMPTY to rmdir() */ 184 184 if (errno == EEXIST) { -
trunk/server/source4/ntvfs/posix/pvfs_notify.c
r414 r745 180 180 NTSTATUS status; 181 181 struct notify_entry e; 182 183 /* We may not fill in all the elements in this entry - 184 * structure may in future be shared with Samba3 */ 185 ZERO_STRUCT(e); 186 187 /* We may not fill in all the elements in this entry - 188 * structure may in future be shared with Samba3 */ 189 ZERO_STRUCT(e); 182 190 183 191 f->notify_buffer = talloc_zero(f, struct pvfs_notify_buffer); -
trunk/server/source4/ntvfs/posix/pvfs_open.c
r414 r745 74 74 delete_path, nt_errstr(status))); 75 75 } 76 if ( rmdir(delete_path) != 0) {76 if (pvfs_sys_rmdir(h->pvfs, delete_path) != 0) { 77 77 DEBUG(0,("pvfs_dir_handle_destructor: failed to rmdir '%s' - %s\n", 78 78 delete_path, strerror(errno))); … … 104 104 struct pvfs_filename *name, 105 105 int fd, struct pvfs_file *f, 106 union smb_open *io )107 { 108 NTSTATUS status; 109 struct security_descriptor *sd;106 union smb_open *io, 107 struct security_descriptor *sd) 108 { 109 NTSTATUS status = NT_STATUS_OK; 110 110 111 111 /* setup any EAs that were asked for */ … … 119 119 } 120 120 121 sd = io->ntcreatex.in.sec_desc;122 121 /* setup an initial sec_desc if requested */ 123 122 if (sd && (sd->type & SEC_DESC_DACL_PRESENT)) { … … 135 134 136 135 status = pvfs_acl_set(pvfs, req, name, fd, SEC_STD_WRITE_DAC, &set); 137 } else {138 /* otherwise setup an inherited acl from the parent */139 status = pvfs_acl_inherit(pvfs, req, name, fd);140 136 } 141 137 … … 186 182 uint32_t share_access; 187 183 bool forced; 184 struct security_descriptor *sd = NULL; 188 185 189 186 create_options = io->generic.in.create_options; … … 210 207 (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_DIRECTORY) && 211 208 (io->ntcreatex.in.create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) { 209 DEBUG(3,(__location__ ": Invalid access_mask/create_options 0x%08x 0x%08x for %s\n", 210 io->ntcreatex.in.access_mask, io->ntcreatex.in.create_options, name->original_name)); 212 211 return NT_STATUS_INVALID_PARAMETER; 213 212 } … … 233 232 case NTCREATEX_DISP_SUPERSEDE: 234 233 default: 234 DEBUG(3,(__location__ ": Invalid open disposition 0x%08x for %s\n", 235 io->generic.in.open_disposition, name->original_name)); 235 236 return NT_STATUS_INVALID_PARAMETER; 236 237 } … … 252 253 /* check the security descriptor */ 253 254 status = pvfs_access_check(pvfs, req, name, &access_mask); 254 } else { 255 status = pvfs_access_check_create(pvfs, req, name, &access_mask); 255 } else { 256 sd = io->ntcreatex.in.sec_desc; 257 status = pvfs_access_check_create(pvfs, req, name, &access_mask, true, &sd); 256 258 } 257 259 NT_STATUS_NOT_OK_RETURN(status); … … 279 281 f->handle->odb_locking_key = data_blob(NULL, 0); 280 282 f->handle->create_options = io->generic.in.create_options; 283 f->handle->private_flags = io->generic.in.private_flags; 281 284 f->handle->seek_offset = 0; 282 285 f->handle->position = 0; … … 342 345 mode_t mode = pvfs_fileperms(pvfs, attrib); 343 346 344 if ( mkdir(name->full_name, mode) == -1) {347 if (pvfs_sys_mkdir(pvfs, name->full_name, mode) == -1) { 345 348 return pvfs_map_errno(pvfs,errno); 346 349 } … … 353 356 } 354 357 355 status = pvfs_open_setup_eas_acl(pvfs, req, name, -1, f, io );358 status = pvfs_open_setup_eas_acl(pvfs, req, name, -1, f, io, sd); 356 359 if (!NT_STATUS_IS_OK(status)) { 357 360 goto cleanup_delete; … … 430 433 431 434 cleanup_delete: 432 rmdir(name->full_name);435 pvfs_sys_rmdir(pvfs, name->full_name); 433 436 return status; 434 437 } … … 512 515 delete_path, nt_errstr(status))); 513 516 } 514 if ( unlink(delete_path) != 0) {517 if (pvfs_sys_unlink(h->pvfs, delete_path) != 0) { 515 518 DEBUG(0,("pvfs_close: failed to delete '%s' - %s\n", 516 519 delete_path, strerror(errno))); … … 617 620 uint32_t oplock_level = OPLOCK_NONE, oplock_granted; 618 621 bool allow_level_II_oplock = false; 622 struct security_descriptor *sd = NULL; 619 623 620 624 if (io->ntcreatex.in.file_attr & ~FILE_ATTRIBUTE_ALL_MASK) { 625 DEBUG(3,(__location__ ": Invalid file_attr 0x%08x for %s\n", 626 io->ntcreatex.in.file_attr, name->original_name)); 621 627 return NT_STATUS_INVALID_PARAMETER; 622 628 } 623 629 624 630 if (io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_ENCRYPTED) { 631 DEBUG(3,(__location__ ": Invalid encryption request for %s\n", 632 name->original_name)); 625 633 return NT_STATUS_ACCESS_DENIED; 626 634 } … … 628 636 if ((io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_READONLY) && 629 637 (create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) { 638 DEBUG(4,(__location__ ": Invalid delete on close for readonly file %s\n", 639 name->original_name)); 630 640 return NT_STATUS_CANNOT_DELETE; 631 641 } 632 642 633 status = pvfs_access_check_create(pvfs, req, name, &access_mask); 643 sd = io->ntcreatex.in.sec_desc; 644 status = pvfs_access_check_create(pvfs, req, name, &access_mask, false, &sd); 634 645 NT_STATUS_NOT_OK_RETURN(status); 635 646 … … 667 678 668 679 /* create the file */ 669 fd = open(name->full_name, flags | O_CREAT | O_EXCL| O_NONBLOCK, mode);680 fd = pvfs_sys_open(pvfs, name->full_name, flags | O_CREAT | O_EXCL| O_NONBLOCK, mode); 670 681 if (fd == -1) { 671 682 return pvfs_map_errno(pvfs, errno); … … 699 710 700 711 701 status = pvfs_open_setup_eas_acl(pvfs, req, name, fd, f, io );712 status = pvfs_open_setup_eas_acl(pvfs, req, name, fd, f, io, sd); 702 713 if (!NT_STATUS_IS_OK(status)) { 703 714 goto cleanup_delete; … … 777 788 f->handle->fd = fd; 778 789 f->handle->create_options = io->generic.in.create_options; 790 f->handle->private_flags = io->generic.in.private_flags; 779 791 f->handle->seek_offset = 0; 780 792 f->handle->position = 0; … … 845 857 cleanup_delete: 846 858 close(fd); 847 unlink(name->full_name);859 pvfs_sys_unlink(pvfs, name->full_name); 848 860 return status; 849 861 } … … 1062 1074 f2->ntvfs->session_info == req->session_info && 1063 1075 f2->ntvfs->smbpid == req->smbpid && 1064 (f2->handle-> create_options &1076 (f2->handle->private_flags & 1065 1077 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | 1066 1078 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) && … … 1078 1090 /* quite an insane set of semantics ... */ 1079 1091 if (is_exe_filename(io->generic.in.fname) && 1080 (f2->handle-> create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {1092 (f2->handle->private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) { 1081 1093 return NT_STATUS_SHARING_VIOLATION; 1082 1094 } … … 1130 1142 struct timeval *final_timeout = NULL; 1131 1143 1132 if (io->generic.in. create_options &1144 if (io->generic.in.private_flags & 1133 1145 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) { 1134 1146 /* see if we can satisfy the request using the special DENY_DOS … … 1186 1198 struct ntvfs_handle *h; 1187 1199 NTSTATUS status; 1188 int fd ;1200 int fd, count; 1189 1201 struct odb_lock *lck; 1190 1202 uint32_t create_options; … … 1212 1224 1213 1225 if (share_access & ~NTCREATEX_SHARE_ACCESS_MASK) { 1226 DEBUG(3,(__location__ ": Invalid share_access 0x%08x for %s\n", 1227 share_access, io->ntcreatex.in.fname)); 1214 1228 return NT_STATUS_INVALID_PARAMETER; 1215 1229 } … … 1220 1234 */ 1221 1235 create_options_must_ignore_mask = NTCREATEX_OPTIONS_MUST_IGNORE_MASK; 1222 create_options_must_ignore_mask &= ~NTCREATEX_OPTIONS_PRIVATE_MASK;1223 1236 create_options &= ~create_options_must_ignore_mask; 1224 1237 … … 1230 1243 1231 1244 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) { 1245 DEBUG(3,(__location__ ": Invalid create_options 0x%08x for %s\n", 1246 create_options, io->ntcreatex.in.fname)); 1232 1247 return NT_STATUS_INVALID_PARAMETER; 1233 1248 } … … 1260 1275 if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) && 1261 1276 !(access_mask & SEC_STD_DELETE)) { 1277 DEBUG(3,(__location__ ": Invalid delete_on_close option 0x%08x with access_mask 0x%08x for %s\n", 1278 create_options, access_mask, io->ntcreatex.in.fname)); 1262 1279 return NT_STATUS_INVALID_PARAMETER; 1263 1280 } … … 1273 1290 } 1274 1291 1292 /* cope with non-zero root_fid */ 1293 if (io->ntcreatex.in.root_fid.ntvfs != NULL) { 1294 f = pvfs_find_fd(pvfs, req, io->ntcreatex.in.root_fid.ntvfs); 1295 if (f == NULL) { 1296 return NT_STATUS_INVALID_HANDLE; 1297 } 1298 if (f->handle->fd != -1) { 1299 return NT_STATUS_INVALID_DEVICE_REQUEST; 1300 } 1301 io->ntcreatex.in.fname = talloc_asprintf(req, "%s\\%s", 1302 f->handle->name->original_name, 1303 io->ntcreatex.in.fname); 1304 NT_STATUS_HAVE_NO_MEMORY(io->ntcreatex.in.fname); 1305 } 1306 1275 1307 if (io->ntcreatex.in.file_attr & (FILE_ATTRIBUTE_DEVICE| 1276 1308 FILE_ATTRIBUTE_VOLUME| 1277 1309 (~FILE_ATTRIBUTE_ALL_MASK))) { 1310 DEBUG(3,(__location__ ": Invalid file_attr 0x%08x for %s\n", 1311 io->ntcreatex.in.file_attr, io->ntcreatex.in.fname)); 1278 1312 return NT_STATUS_INVALID_PARAMETER; 1279 1313 } … … 1359 1393 1360 1394 default: 1395 DEBUG(3,(__location__ ": Invalid open disposition 0x%08x for %s\n", 1396 io->generic.in.open_disposition, name->original_name)); 1361 1397 return NT_STATUS_INVALID_PARAMETER; 1362 1398 } … … 1424 1460 f->handle->name = talloc_steal(f->handle, name); 1425 1461 f->handle->create_options = io->generic.in.create_options; 1462 f->handle->private_flags = io->generic.in.private_flags; 1426 1463 f->handle->seek_offset = 0; 1427 1464 f->handle->position = 0; … … 1513 1550 1514 1551 /* do the actual open */ 1515 fd = open(f->handle->name->full_name, flags | O_NONBLOCK);1552 fd = pvfs_sys_open(pvfs, f->handle->name->full_name, flags | O_NONBLOCK, 0); 1516 1553 if (fd == -1) { 1517 1554 status = pvfs_map_errno(f->pvfs, errno); … … 1533 1570 f->handle->fd = fd; 1534 1571 1572 status = brl_count(f->pvfs->brl_context, f->brl_handle, &count); 1573 if (!NT_STATUS_IS_OK(status)) { 1574 talloc_free(lck); 1575 return status; 1576 } 1577 1578 if (count != 0) { 1579 oplock_level = OPLOCK_NONE; 1580 } 1581 1535 1582 /* now really mark the file as open */ 1536 1583 status = odb_open_file(lck, f->handle, name->full_name, … … 1589 1636 if (f->handle->name->st.st_mode != mode && 1590 1637 f->handle->name->dos.attrib != attrib && 1591 fchmod(fd, mode) == -1) {1638 pvfs_sys_fchmod(pvfs, fd, mode) == -1) { 1592 1639 talloc_free(lck); 1593 1640 return pvfs_map_errno(pvfs, errno); … … 1699 1746 struct pvfs_file *f, *next; 1700 1747 1748 /* If pvfs is NULL, we never logged on, and no files are open. */ 1749 if(pvfs == NULL) { 1750 return NT_STATUS_OK; 1751 } 1752 1701 1753 for (f=pvfs->files.list;f;f=next) { 1702 1754 next = f->next; … … 1927 1979 NTCREATEX_SHARE_ACCESS_DELETE; 1928 1980 /* 1929 * I would have thought that we would need to pass 1930 * SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA here too 1931 * 1932 * But you only need SEC_FILE_WRITE_ATTRIBUTE permissions 1933 * to set the filesize. 1934 * 1935 * --metze 1981 * this code previous set only SEC_FILE_WRITE_ATTRIBUTE, with 1982 * a comment that this seemed to be wrong, but matched windows 1983 * behaviour. It now appears that this windows behaviour is 1984 * just a bug. 1936 1985 */ 1937 access_mask = SEC_FILE_WRITE_ATTRIBUTE ;1986 access_mask = SEC_FILE_WRITE_ATTRIBUTE | SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA; 1938 1987 delete_on_close = false; 1939 1988 break_to_none = true; -
trunk/server/source4/ntvfs/posix/pvfs_qfileinfo.c
r414 r745 46 46 break; 47 47 48 case RAW_FILEINFO_STREAM_INFO: 49 case RAW_FILEINFO_STREAM_INFORMATION: 50 needed = 0; 51 break; 52 48 53 case RAW_FILEINFO_SEC_DESC: 49 54 needed = 0; … … 72 77 NTSTATUS pvfs_query_ea_list(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx, 73 78 struct pvfs_filename *name, int fd, 74 u int_t num_names,79 unsigned int num_names, 75 80 struct ea_name *names, 76 81 struct smb_ea_list *eas) … … 319 324 info->all_info2.out.position = 0; /* only set by qfileinfo */ 320 325 info->all_info2.out.mode = 0; /* only set by qfileinfo */ 326 info->all_info2.out.alignment_requirement = 0; 321 327 /* windows wants the full path on disk for this 322 328 result, but I really don't want to expose that on -
trunk/server/source4/ntvfs/posix/pvfs_read.c
r414 r745 61 61 maxcnt = rd->readx.in.maxcnt; 62 62 if (maxcnt > 2*UINT16_MAX && req->ctx->protocol < PROTOCOL_SMB2) { 63 DEBUG(3,(__location__ ": Invalid SMB maxcnt 0x%x\n", maxcnt)); 63 64 return NT_STATUS_INVALID_PARAMETER; 64 65 } -
trunk/server/source4/ntvfs/posix/pvfs_rename.c
r414 r745 38 38 NTSTATUS status; 39 39 40 if ( rename(name1->full_name, name2) == -1) {40 if (pvfs_sys_rename(pvfs, name1->full_name, name2) == -1) { 41 41 return pvfs_map_errno(pvfs, errno); 42 42 } … … 96 96 */ 97 97 static const char *pvfs_resolve_wildcard_component(TALLOC_CTX *mem_ctx, 98 struct smb_iconv_convenience *iconv_convenience,99 98 const char *fname, 100 99 const char *pattern) … … 116 115 codepoint_t c1, c2; 117 116 size_t c_size1, c_size2; 118 c1 = next_codepoint _convenience(iconv_convenience,p1, &c_size1);119 c2 = next_codepoint _convenience(iconv_convenience,p2, &c_size2);117 c1 = next_codepoint(p1, &c_size1); 118 c2 = next_codepoint(p2, &c_size2); 120 119 if (c2 == '?') { 121 d += push_codepoint _convenience(iconv_convenience,d, c1);120 d += push_codepoint(d, c1); 122 121 } else if (c2 == '*') { 123 122 memcpy(d, p1, strlen(p1)); … … 125 124 break; 126 125 } else { 127 d += push_codepoint _convenience(iconv_convenience,d, c2);126 d += push_codepoint(d, c2); 128 127 } 129 128 … … 143 142 */ 144 143 static const char *pvfs_resolve_wildcard(TALLOC_CTX *mem_ctx, 145 struct smb_iconv_convenience *iconv_convenience,146 144 const char *fname, 147 145 const char *pattern) … … 176 174 } 177 175 178 base1 = pvfs_resolve_wildcard_component(mem_ctx, iconv_convenience,base1, base2);179 ext1 = pvfs_resolve_wildcard_component(mem_ctx, iconv_convenience,ext1, ext2);176 base1 = pvfs_resolve_wildcard_component(mem_ctx, base1, base2); 177 ext1 = pvfs_resolve_wildcard_component(mem_ctx, ext1, ext2); 180 178 if (base1 == NULL || ext1 == NULL) { 181 179 return NULL; … … 284 282 285 283 /* resolve the wildcard pattern for this name */ 286 fname2 = pvfs_resolve_wildcard(mem_ctx, lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx),fname1, fname2);284 fname2 = pvfs_resolve_wildcard(mem_ctx, fname1, fname2); 287 285 if (fname2 == NULL) { 288 286 return NT_STATUS_NO_MEMORY; … … 367 365 name2->full_name[strlen(dir_path)] != '/' || 368 366 strchr(name2->full_name + strlen(dir_path) + 1, '/')) { 367 DEBUG(3,(__location__ ": Invalid rename for %s -> %s\n", 368 name1->original_name, name2->original_name)); 369 369 return NT_STATUS_INVALID_PARAMETER; 370 370 } … … 481 481 482 482 if (name1->has_wildcard) { 483 DEBUG(3,(__location__ ": Invalid wildcard rename for %s\n", 484 name1->original_name)); 483 485 return NT_STATUS_INVALID_PARAMETER; 484 486 } 485 487 486 488 if (ren->ntrename.in.new_name[0] != ':') { 489 DEBUG(3,(__location__ ": Invalid rename for %s\n", 490 ren->ntrename.in.new_name)); 487 491 return NT_STATUS_INVALID_PARAMETER; 488 492 } … … 493 497 494 498 if (ren->ntrename.in.flags != RENAME_FLAG_RENAME) { 499 DEBUG(3,(__location__ ": Invalid rename flags 0x%x for %s\n", 500 ren->ntrename.in.flags, ren->ntrename.in.new_name)); 495 501 return NT_STATUS_INVALID_PARAMETER; 496 502 } … … 516 522 517 523 status = pvfs_stream_rename(pvfs, name1, -1, 518 ren->ntrename.in.new_name+1); 524 ren->ntrename.in.new_name+1, 525 true); 519 526 NT_STATUS_NOT_OK_RETURN(status); 520 527 … … 621 628 622 629 case RENAME_FLAG_MOVE_CLUSTER_INFORMATION: 630 DEBUG(3,(__location__ ": Invalid rename cluster for %s\n", 631 name1->original_name)); 623 632 return NT_STATUS_INVALID_PARAMETER; 624 633 -
trunk/server/source4/ntvfs/posix/pvfs_resolve.c
r414 r745 60 60 static NTSTATUS pvfs_case_search(struct pvfs_state *pvfs, 61 61 struct pvfs_filename *name, 62 u int_t flags)62 unsigned int flags) 63 63 { 64 64 /* break into a series of components */ … … 187 187 parse a alternate data stream name 188 188 */ 189 static NTSTATUS parse_stream_name(struct smb_iconv_convenience *ic, 190 struct pvfs_filename *name, 189 static NTSTATUS parse_stream_name(struct pvfs_filename *name, 191 190 const char *s) 192 191 { … … 204 203 while (*p) { 205 204 size_t c_size; 206 codepoint_t c = next_codepoint _convenience(ic,p, &c_size);205 codepoint_t c = next_codepoint(p, &c_size); 207 206 208 207 switch (c) { … … 257 256 */ 258 257 static NTSTATUS pvfs_unix_path(struct pvfs_state *pvfs, const char *cifs_name, 259 u int_t flags, struct pvfs_filename *name)258 unsigned int flags, struct pvfs_filename *name) 260 259 { 261 260 char *ret, *p, *p_start; 262 struct smb_iconv_convenience *ic = NULL;263 261 NTSTATUS status; 264 262 265 263 name->original_name = talloc_strdup(name, cifs_name); 264 265 /* remove any :$DATA */ 266 p = strrchr(name->original_name, ':'); 267 if (p && strcasecmp_m(p, ":$DATA") == 0) { 268 if (p > name->original_name && p[-1] == ':') { 269 p--; 270 } 271 *p = 0; 272 } 273 266 274 name->stream_name = NULL; 267 275 name->stream_id = 0; … … 291 299 p_start = p; 292 300 293 ic = lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx);294 301 while (*p) { 295 302 size_t c_size; 296 codepoint_t c = next_codepoint _convenience(ic,p, &c_size);303 codepoint_t c = next_codepoint(p, &c_size); 297 304 298 305 if (c <= 0x1F) { … … 327 334 return NT_STATUS_OBJECT_NAME_INVALID; 328 335 } 329 status = parse_stream_name( ic,name, p);336 status = parse_stream_name(name, p); 330 337 if (!NT_STATUS_IS_OK(status)) { 331 338 return status; … … 379 386 */ 380 387 static NTSTATUS pvfs_reduce_name(TALLOC_CTX *mem_ctx, 381 struct smb_iconv_convenience *iconv_convenience, 382 const char **fname, uint_t flags) 388 const char **fname, unsigned int flags) 383 389 { 384 390 codepoint_t c; … … 392 398 393 399 for (num_components=1, p=s; *p; p += c_size) { 394 c = next_codepoint _convenience(iconv_convenience,p, &c_size);400 c = next_codepoint(p, &c_size); 395 401 if (c == '\\') num_components++; 396 402 } … … 404 410 components[0] = s; 405 411 for (i=0, p=s; *p; p += c_size) { 406 c = next_codepoint _convenience(iconv_convenience,p, &c_size);412 c = next_codepoint(p, &c_size); 407 413 if (c == '\\') { 408 414 *p = 0; … … 499 505 TODO: ../ collapsing, and outside share checking 500 506 */ 501 NTSTATUS pvfs_resolve_name(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx, 507 NTSTATUS pvfs_resolve_name(struct pvfs_state *pvfs, 508 struct ntvfs_request *req, 502 509 const char *cifs_name, 503 u int_t flags, struct pvfs_filename **name)510 unsigned int flags, struct pvfs_filename **name) 504 511 { 505 512 NTSTATUS status; 506 513 507 *name = talloc( mem_ctx, struct pvfs_filename);514 *name = talloc(req, struct pvfs_filename); 508 515 if (*name == NULL) { 509 516 return NT_STATUS_NO_MEMORY; … … 515 522 if (!(pvfs->fs_attribs & FS_ATTR_NAMED_STREAMS)) { 516 523 flags &= ~PVFS_RESOLVE_STREAMS; 524 } 525 526 /* SMB2 doesn't allow a leading slash */ 527 if (req->ctx->protocol == PROTOCOL_SMB2 && 528 *cifs_name == '\\') { 529 return NT_STATUS_INVALID_PARAMETER; 517 530 } 518 531 … … 523 536 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_PATH_SYNTAX_BAD)) { 524 537 /* it might contain .. components which need to be reduced */ 525 status = pvfs_reduce_name(*name, lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx),&cifs_name, flags);538 status = pvfs_reduce_name(*name, &cifs_name, flags); 526 539 if (!NT_STATUS_IS_OK(status)) { 527 540 return status; … … 594 607 NTSTATUS pvfs_resolve_partial(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx, 595 608 const char *unix_dir, const char *fname, 596 u int_t flags, struct pvfs_filename **name)609 unsigned int flags, struct pvfs_filename **name) 597 610 { 598 611 NTSTATUS status; … … 631 644 */ 632 645 NTSTATUS pvfs_resolve_name_fd(struct pvfs_state *pvfs, int fd, 633 struct pvfs_filename *name, u int_t flags)646 struct pvfs_filename *name, unsigned int flags) 634 647 { 635 648 dev_t device = (dev_t)0; … … 680 693 if (h->have_opendb_entry) { 681 694 struct odb_lock *lck; 682 c onst char *name = NULL;695 char *name = NULL; 683 696 684 697 lck = odb_lock(h, h->pvfs->odb_context, &h->odb_locking_key); … … 691 704 } 692 705 693 status = odb_get_path(lck, &name);706 status = odb_get_path(lck, (const char **) &name); 694 707 if (NT_STATUS_IS_OK(status)) { 695 708 /* … … 703 716 const char *orig_dir; 704 717 const char *new_file; 705 c onst char *new_orig;718 char *new_orig; 706 719 char *delim; 707 720 -
trunk/server/source4/ntvfs/posix/pvfs_search.c
r414 r745 233 233 */ 234 234 static NTSTATUS pvfs_search_fill(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx, 235 u int_t max_count,235 unsigned int max_count, 236 236 struct pvfs_search_state *search, 237 237 enum smb_search_data_level level, 238 u int_t *reply_count,238 unsigned int *reply_count, 239 239 void *search_private, 240 240 bool (*callback)(void *, const union smb_search_data *)) … … 292 292 { 293 293 int i; 294 time_t t = time (NULL);294 time_t t = time_mono(NULL); 295 295 296 296 for (i=0;i<MAX_OLD_SEARCHES;i++) { … … 324 324 struct pvfs_state); 325 325 struct pvfs_search_state *search; 326 u int_t reply_count;326 unsigned int reply_count; 327 327 uint16_t search_attrib; 328 328 const char *pattern; … … 380 380 search->search_attrib = search_attrib & 0xFF; 381 381 search->must_attrib = (search_attrib>>8) & 0xFF; 382 search->last_used = time (NULL);382 search->last_used = time_mono(NULL); 383 383 search->te = NULL; 384 384 … … 416 416 struct pvfs_search_state *search; 417 417 struct pvfs_dir *dir; 418 u int_t reply_count, max_count;418 unsigned int reply_count, max_count; 419 419 uint16_t handle; 420 420 NTSTATUS status; … … 438 438 return status; 439 439 } 440 search->last_used = time (NULL);440 search->last_used = time_mono(NULL); 441 441 442 442 status = pvfs_search_fill(pvfs, req, max_count, search, io->generic.data_level, … … 468 468 struct pvfs_state); 469 469 struct pvfs_search_state *search; 470 u int_t reply_count;470 unsigned int reply_count; 471 471 uint16_t search_attrib, max_count; 472 472 const char *pattern; … … 566 566 struct pvfs_search_state *search; 567 567 struct pvfs_dir *dir; 568 u int_t reply_count;568 unsigned int reply_count; 569 569 uint16_t handle; 570 570 NTSTATUS status; … … 630 630 struct pvfs_state); 631 631 struct pvfs_search_state *search; 632 u int_t reply_count;632 unsigned int reply_count; 633 633 uint16_t max_count; 634 634 const char *pattern; … … 667 667 668 668 if (strequal("", f->handle->name->original_name)) { 669 pattern = talloc_asprintf(req, " \\%s", io->in.pattern);669 pattern = talloc_asprintf(req, "%s", io->in.pattern); 670 670 NT_STATUS_HAVE_NO_MEMORY(pattern); 671 671 } else { 672 pattern = talloc_asprintf(req, " \\%s\\%s",672 pattern = talloc_asprintf(req, "%s\\%s", 673 673 f->handle->name->original_name, 674 674 io->in.pattern); … … 733 733 struct pvfs_state); 734 734 struct pvfs_search_state *search; 735 u int_t reply_count;735 unsigned int reply_count; 736 736 uint16_t max_count; 737 737 NTSTATUS status; -
trunk/server/source4/ntvfs/posix/pvfs_setfileinfo.c
r414 r745 90 90 struct odb_lock *lck = NULL; 91 91 92 /* strangely, this gives a sharing violation, not invalid 93 parameter */ 92 94 if (info->rename_information.in.new_name[0] != ':') { 93 return NT_STATUS_ INVALID_PARAMETER;95 return NT_STATUS_SHARING_VIOLATION; 94 96 } 95 97 … … 107 109 108 110 status = pvfs_stream_rename(pvfs, name, fd, 109 info->rename_information.in.new_name+1); 111 info->rename_information.in.new_name+1, 112 info->rename_information.in.overwrite); 110 113 return status; 111 114 } … … 169 172 170 173 /* resolve the new name */ 171 status = pvfs_resolve_name(pvfs, name, new_name, 0, &name2);174 status = pvfs_resolve_name(pvfs, req, new_name, 0, &name2); 172 175 if (!NT_STATUS_IS_OK(status)) { 173 176 return status; … … 532 535 mode = pvfs_fileperms(pvfs, newstats.dos.attrib); 533 536 if (!(h->name->dos.attrib & FILE_ATTRIBUTE_DIRECTORY)) { 534 if ( fchmod(h->fd, mode) == -1) {537 if (pvfs_sys_fchmod(pvfs, h->fd, mode) == -1) { 535 538 return pvfs_map_errno(pvfs, errno); 536 539 } … … 857 860 if (newstats.dos.attrib != name->dos.attrib) { 858 861 mode_t mode = pvfs_fileperms(pvfs, newstats.dos.attrib); 859 if ( chmod(name->full_name, mode) == -1) {862 if (pvfs_sys_chmod(pvfs, name->full_name, mode) == -1) { 860 863 return pvfs_map_errno(pvfs, errno); 861 864 } -
trunk/server/source4/ntvfs/posix/pvfs_shortname.c
r414 r745 105 105 /* this is used to reverse the base 36 mapping */ 106 106 unsigned char base_reverse[256]; 107 108 struct smb_iconv_convenience *iconv_convenience;109 107 }; 110 108 … … 391 389 while (*name) { 392 390 size_t c_size; 393 codepoint_t c = next_codepoint _convenience(ctx->iconv_convenience,name, &c_size);391 codepoint_t c = next_codepoint(name, &c_size); 394 392 if (c == INVALID_CODEPOINT) { 395 393 return false; … … 616 614 } 617 615 618 ctx->iconv_convenience = lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx);619 620 616 /* by default have a max of 512 entries in the cache. */ 621 ctx->cache_size = lp _parm_int(pvfs->ntvfs->ctx->lp_ctx, NULL, "mangle", "cachesize", 512);617 ctx->cache_size = lpcfg_parm_int(pvfs->ntvfs->ctx->lp_ctx, NULL, "mangle", "cachesize", 512); 622 618 623 619 ctx->prefix_cache = talloc_array(ctx, char *, ctx->cache_size); … … 633 629 memset(ctx->prefix_cache_hashes, 0, sizeof(uint32_t) * ctx->cache_size); 634 630 635 ctx->mangle_prefix = lp _parm_int(pvfs->ntvfs->ctx->lp_ctx, NULL, "mangle", "prefix", -1);631 ctx->mangle_prefix = lpcfg_parm_int(pvfs->ntvfs->ctx->lp_ctx, NULL, "mangle", "prefix", -1); 636 632 if (ctx->mangle_prefix < 0 || ctx->mangle_prefix > 6) { 637 633 ctx->mangle_prefix = DEFAULT_MANGLE_PREFIX; -
trunk/server/source4/ntvfs/posix/pvfs_streams.c
r414 r745 241 241 */ 242 242 NTSTATUS pvfs_stream_rename(struct pvfs_state *pvfs, struct pvfs_filename *name, int fd, 243 const char *new_name )243 const char *new_name, bool overwrite) 244 244 { 245 245 struct xattr_DosStreams *streams; … … 290 290 s->name = new_name; 291 291 } else { 292 /* remove the old one and replace with the new one */ 293 streams->streams[found_old].name = new_name; 294 memmove(&streams->streams[found_new], 295 &streams->streams[found_new+1], 296 sizeof(streams->streams[0]) * 297 (streams->num_streams - (found_new+1))); 292 if (!overwrite) { 293 return NT_STATUS_OBJECT_NAME_COLLISION; 294 } 295 if (found_old != found_new) { 296 /* remove the old one and replace with the new one */ 297 streams->streams[found_old].name = new_name; 298 memmove(&streams->streams[found_new], 299 &streams->streams[found_new+1], 300 sizeof(streams->streams[0]) * 301 (streams->num_streams - (found_new+1))); 302 streams->num_streams--; 303 } 298 304 } 299 305 300 306 status = pvfs_streams_save(pvfs, name, fd, streams); 301 talloc_free(streams); 307 308 if (NT_STATUS_IS_OK(status)) { 309 310 /* update the in-memory copy of the name of the open file */ 311 talloc_free(name->stream_name); 312 name->stream_name = talloc_strdup(name, new_name); 313 314 talloc_free(streams); 315 } 302 316 303 317 return status; … … 533 547 status = pvfs_xattr_save(pvfs, name->full_name, fd, XATTR_DOSSTREAM_PREFIX, 534 548 name->stream_name, &blob); 535 data_blob_free(&blob);536 549 537 550 if (NT_STATUS_IS_OK(status)) { 538 551 status = pvfs_stream_update_size(pvfs, name, fd, blob.length); 539 552 } 553 data_blob_free(&blob); 540 554 541 555 return status; -
trunk/server/source4/ntvfs/posix/pvfs_unlink.c
r414 r745 110 110 struct pvfs_filename *name) 111 111 { 112 NTSTATUS status ;112 NTSTATUS status = NT_STATUS_OK; 113 113 114 114 if (name->dos.attrib & FILE_ATTRIBUTE_DIRECTORY) { … … 124 124 125 125 /* finally try the actual unlink */ 126 if ( unlink(name->full_name) == -1) {126 if (pvfs_sys_unlink(pvfs, name->full_name) == -1) { 127 127 status = pvfs_map_errno(pvfs, errno); 128 128 } -
trunk/server/source4/ntvfs/posix/pvfs_util.c
r414 r745 103 103 } 104 104 105 fd1 = open(name1->full_name, O_RDONLY);105 fd1 = pvfs_sys_open(pvfs, name1->full_name, O_RDONLY, 0); 106 106 if (fd1 == -1) { 107 107 talloc_free(buf); … … 109 109 } 110 110 111 fd2 = open(name2->full_name, O_CREAT|O_EXCL|O_WRONLY, 0);111 fd2 = pvfs_sys_open(pvfs, name2->full_name, O_CREAT|O_EXCL|O_WRONLY, 0); 112 112 if (fd2 == -1) { 113 113 close(fd1); … … 134 134 close(fd2); 135 135 talloc_free(buf); 136 unlink(name2->full_name);136 pvfs_sys_unlink(pvfs, name2->full_name); 137 137 if (ret2 == -1) { 138 138 return pvfs_map_errno(pvfs, errno); … … 146 146 147 147 mode = pvfs_fileperms(pvfs, name1->dos.attrib); 148 if ( fchmod(fd2, mode) == -1) {148 if (pvfs_sys_fchmod(pvfs, fd2, mode) == -1) { 149 149 status = pvfs_map_errno(pvfs, errno); 150 150 close(fd2); 151 unlink(name2->full_name);151 pvfs_sys_unlink(pvfs, name2->full_name); 152 152 return status; 153 153 } … … 159 159 if (!NT_STATUS_IS_OK(status)) { 160 160 close(fd2); 161 unlink(name2->full_name);161 pvfs_sys_unlink(pvfs, name2->full_name); 162 162 return status; 163 163 } -
trunk/server/source4/ntvfs/posix/pvfs_wait.c
r414 r745 103 103 pwait->reason = PVFS_WAIT_TIMEOUT; 104 104 105 talloc_increase_ref_count(req); 106 ntvfs_async_setup(pwait->req, pwait); 107 talloc_free(req); 105 req = talloc_reference(ev, req); 106 if (req != NULL) { 107 ntvfs_async_setup(req, pwait); 108 talloc_unlink(ev, req); 109 } 108 110 } 109 111 -
trunk/server/source4/ntvfs/posix/pvfs_xattr.c
r414 r745 118 118 119 119 /* pull the blob */ 120 ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx),121 p,(ndr_pull_flags_fn_t)pull_fn);120 ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, p, 121 (ndr_pull_flags_fn_t)pull_fn); 122 122 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 123 123 return ndr_map_error2ntstatus(ndr_err); … … 141 141 enum ndr_err_code ndr_err; 142 142 143 ndr_err = ndr_push_struct_blob(&blob, mem_ctx, lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx),p, (ndr_push_flags_fn_t)push_fn);143 ndr_err = ndr_push_struct_blob(&blob, mem_ctx, p, (ndr_push_flags_fn_t)push_fn); 144 144 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 145 145 talloc_free(mem_ctx); … … 177 177 status = pvfs_xattr_ndr_load(pvfs, mem_ctx, name->full_name, 178 178 fd, XATTR_DOSATTRIB_NAME, 179 &attrib, 180 ( ndr_pull_flags_fn_t)ndr_pull_xattr_DosAttrib);179 &attrib, 180 (void *) ndr_pull_xattr_DosAttrib); 181 181 182 182 /* not having a DosAttrib is not an error */ … … 272 272 return pvfs_xattr_ndr_save(pvfs, name->full_name, fd, 273 273 XATTR_DOSATTRIB_NAME, &attrib, 274 ( ndr_push_flags_fn_t)ndr_push_xattr_DosAttrib);274 (void *) ndr_push_xattr_DosAttrib); 275 275 } 276 276 … … 288 288 } 289 289 status = pvfs_xattr_ndr_load(pvfs, eas, name->full_name, fd, XATTR_DOSEAS_NAME, 290 eas, ( ndr_pull_flags_fn_t)ndr_pull_xattr_DosEAs);290 eas, (void *) ndr_pull_xattr_DosEAs); 291 291 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { 292 292 return NT_STATUS_OK; … … 305 305 } 306 306 return pvfs_xattr_ndr_save(pvfs, name->full_name, fd, XATTR_DOSEAS_NAME, eas, 307 ( ndr_push_flags_fn_t)ndr_push_xattr_DosEAs);307 (void *) ndr_push_xattr_DosEAs); 308 308 } 309 309 … … 323 323 XATTR_DOSSTREAMS_NAME, 324 324 streams, 325 ( ndr_pull_flags_fn_t)ndr_pull_xattr_DosStreams);325 (void *) ndr_pull_xattr_DosStreams); 326 326 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { 327 327 return NT_STATUS_OK; … … 342 342 XATTR_DOSSTREAMS_NAME, 343 343 streams, 344 ( ndr_push_flags_fn_t)ndr_push_xattr_DosStreams);344 (void *) ndr_push_xattr_DosStreams); 345 345 } 346 346 … … 360 360 XATTR_NTACL_NAME, 361 361 acl, 362 ( ndr_pull_flags_fn_t)ndr_pull_xattr_NTACL);362 (void *) ndr_pull_xattr_NTACL); 363 363 return status; 364 364 } … … 383 383 XATTR_NTACL_NAME, 384 384 acl, 385 ( ndr_push_flags_fn_t)ndr_push_xattr_NTACL);385 (void *) ndr_push_xattr_NTACL); 386 386 talloc_free(privs); 387 387 return status; -
trunk/server/source4/ntvfs/posix/vfs_posix.c
r414 r745 27 27 #include "vfs_posix.h" 28 28 #include "librpc/gen_ndr/security.h" 29 #include "../tdb/include/tdb.h"30 #include " tdb_wrap.h"29 #include <tdb.h> 30 #include "lib/util/tdb_wrap.h" 31 31 #include "libcli/security/security.h" 32 32 #include "lib/events/events.h" … … 40 40 struct share_config *scfg = pvfs->ntvfs->ctx->config; 41 41 const char *eadb; 42 bool def_perm_override = false; 42 43 43 44 if (share_bool_option(scfg, SHARE_MAP_HIDDEN, SHARE_MAP_HIDDEN_DEFAULT)) … … 60 61 pvfs->flags |= PVFS_FLAG_LINUX_AIO; 61 62 63 #if defined(O_DIRECTORY) && defined(O_NOFOLLOW) 64 /* set PVFS_PERM_OVERRIDE by default only if the system 65 * supports the necessary capabilities to make it secure 66 */ 67 def_perm_override = true; 68 #endif 69 if (share_bool_option(scfg, PVFS_PERM_OVERRIDE, def_perm_override)) 70 pvfs->flags |= PVFS_FLAG_PERM_OVERRIDE; 71 62 72 /* file perm options */ 63 73 pvfs->options.create_mask = share_int_option(scfg, … … 257 267 pvfs->ntvfs->ctx->server_id, 258 268 pvfs->ntvfs->ctx->msg_ctx, 259 pvfs->ntvfs->ctx->lp_ctx, 269 pvfs->ntvfs->ctx->lp_ctx, 260 270 pvfs->ntvfs->ctx->event_ctx, 261 271 pvfs->ntvfs->ctx->config); -
trunk/server/source4/ntvfs/posix/vfs_posix.h
r414 r745 41 41 42 42 const char *share_name; 43 u int_t flags;43 unsigned int flags; 44 44 45 45 struct pvfs_mangle_context *mangle_ctx; … … 55 55 56 56 /* the sharing violation timeout (nsecs) */ 57 u int_t sharing_violation_delay;57 unsigned int sharing_violation_delay; 58 58 59 59 /* the oplock break timeout (secs) */ 60 u int_t oplock_break_timeout;60 unsigned int oplock_break_timeout; 61 61 62 62 /* the write time update delay (nsecs) */ 63 u int_t writetime_delay;63 unsigned int writetime_delay; 64 64 65 65 /* filesystem attributes (see FS_ATTR_*) */ … … 85 85 86 86 /* how long to keep inactive searches around for */ 87 u int_t inactivity_time;87 unsigned int inactivity_time; 88 88 } search; 89 89 … … 125 125 */ 126 126 struct pvfs_filename { 127 c onst char *original_name;127 char *original_name; 128 128 char *full_name; 129 c onst char *stream_name; /* does not include :$DATA suffix */129 char *stream_name; /* does not include :$DATA suffix */ 130 130 uint32_t stream_id; /* this uses a hash, so is probabilistic */ 131 131 bool has_wildcard; … … 183 183 /* the open went through to completion */ 184 184 bool open_completed; 185 186 uint8_t private_flags; 185 187 }; 186 188 … … 223 225 uint16_t must_attrib; 224 226 struct pvfs_dir *dir; 225 time_t last_used; 226 u int_t num_ea_names;227 time_t last_used; /* monotonic clock time */ 228 unsigned int num_ea_names; 227 229 struct ea_name *ea_names; 228 230 struct tevent_timer *te; … … 245 247 #define PVFS_FLAG_FAKE_OPLOCKS (1<<8) 246 248 #define PVFS_FLAG_LINUX_AIO (1<<9) 249 #define PVFS_FLAG_PERM_OVERRIDE (1<<10) 247 250 248 251 /* forward declare some anonymous structures */ … … 267 270 #define PVFS_ACL "posix:acl" 268 271 #define PVFS_AIO "posix:aio" 272 #define PVFS_PERM_OVERRIDE "posix:permission override" 269 273 270 274 #define PVFS_XATTR_DEFAULT true -
trunk/server/source4/ntvfs/posix/xattr_tdb.c
r414 r745 21 21 22 22 #include "includes.h" 23 #include "lib/util/tdb_wrap.h" 24 #include <tdb.h> 23 25 #include "vfs_posix.h" 24 #include "../tdb/include/tdb.h"25 #include "tdb_wrap.h"26 26 27 27 #define XATTR_LIST_ATTR ".xattr_list" … … 31 31 can automatically clean them up 32 32 */ 33 static NTSTATUS xattr_tdb_add_list(struct pvfs_state *pvfs, const char *attr_name,33 static NTSTATUS xattr_tdb_add_list(struct tdb_wrap *ea_tdb, TALLOC_CTX *ctx, const char *attr_name, 34 34 const char *fname, int fd) 35 35 { … … 44 44 } 45 45 46 mem_ctx = talloc_new( pvfs);47 48 status = pull_xattr_blob_tdb (pvfs, mem_ctx, XATTR_LIST_ATTR,46 mem_ctx = talloc_new(ctx); 47 48 status = pull_xattr_blob_tdb_raw(ea_tdb, mem_ctx, XATTR_LIST_ATTR, 49 49 fname, fd, 100, &blob); 50 50 if (!NT_STATUS_IS_OK(status)) { … … 69 69 blob.length += len; 70 70 71 status = push_xattr_blob_tdb (pvfs, XATTR_LIST_ATTR, fname, fd, &blob);71 status = push_xattr_blob_tdb_raw(ea_tdb,ctx, XATTR_LIST_ATTR, fname, fd, &blob); 72 72 talloc_free(mem_ctx); 73 73 … … 76 76 77 77 /* 78 form a key for using in the ea_ db79 */ 80 static NTSTATUS get_ea_ db_key(TALLOC_CTX *mem_ctx,78 form a key for using in the ea_tdb 79 */ 80 static NTSTATUS get_ea_tdb_key(TALLOC_CTX *mem_ctx, 81 81 const char *attr_name, 82 82 const char *fname, int fd, … … 109 109 } 110 110 111 /* 112 pull a xattr as a blob, using the ea_db tdb 113 */ 114 NTSTATUS pull_xattr_blob_tdb(struct pvfs_state *pvfs, 111 112 113 /* 114 pull a xattr as a blob, using the ea_tdb_context tdb 115 */ 116 NTSTATUS pull_xattr_blob_tdb_raw(struct tdb_wrap *ea_tdb, 115 117 TALLOC_CTX *mem_ctx, 116 const char *attr_name, 117 const char *fname, 118 int fd, 118 const char *attr_name, 119 const char *fname, 120 int fd, 119 121 size_t estimated_size, 120 122 DATA_BLOB *blob) … … 123 125 NTSTATUS status; 124 126 125 status = get_ea_ db_key(mem_ctx, attr_name, fname, fd, &tkey);127 status = get_ea_tdb_key(mem_ctx, attr_name, fname, fd, &tkey); 126 128 if (!NT_STATUS_IS_OK(status)) { 127 129 return status; 128 130 } 129 131 130 tdata = tdb_fetch( pvfs->ea_db->tdb, tkey);132 tdata = tdb_fetch(ea_tdb->tdb, tkey); 131 133 if (tdata.dptr == NULL) { 132 134 return NT_STATUS_NOT_FOUND; … … 142 144 } 143 145 144 /* 145 push a xattr as a blob, using ea_db 146 */ 147 NTSTATUS push_xattr_blob_tdb(struct pvfs_state *pvfs, 148 const char *attr_name, 149 const char *fname, 150 int fd, 146 NTSTATUS pull_xattr_blob_tdb(struct pvfs_state *pvfs, 147 TALLOC_CTX *mem_ctx, 148 const char *attr_name, 149 const char *fname, 150 int fd, 151 size_t estimated_size, 152 DATA_BLOB *blob) 153 { 154 return pull_xattr_blob_tdb_raw(pvfs->ea_db,mem_ctx,attr_name,fname,fd,estimated_size,blob); 155 } 156 157 /* 158 push a xattr as a blob, using ea_tdb 159 */ 160 NTSTATUS push_xattr_blob_tdb_raw(struct tdb_wrap *ea_tdb, 161 TALLOC_CTX *mem_ctx, 162 const char *attr_name, 163 const char *fname, 164 int fd, 151 165 const DATA_BLOB *blob) 152 166 { … … 154 168 NTSTATUS status; 155 169 156 status = get_ea_ db_key(pvfs, attr_name, fname, fd, &tkey);170 status = get_ea_tdb_key(mem_ctx, attr_name, fname, fd, &tkey); 157 171 if (!NT_STATUS_IS_OK(status)) { 158 172 return status; … … 162 176 tdata.dsize = blob->length; 163 177 164 if (tdb_chainlock( pvfs->ea_db->tdb, tkey) != 0) {178 if (tdb_chainlock(ea_tdb->tdb, tkey) != 0) { 165 179 talloc_free(tkey.dptr); 166 180 return NT_STATUS_INTERNAL_DB_CORRUPTION; 167 181 } 168 182 169 status = xattr_tdb_add_list( pvfs, attr_name, fname, fd);183 status = xattr_tdb_add_list(ea_tdb,mem_ctx, attr_name, fname, fd); 170 184 if (!NT_STATUS_IS_OK(status)) { 171 185 goto done; 172 186 } 173 187 174 if (tdb_store( pvfs->ea_db->tdb, tkey, tdata, TDB_REPLACE) == -1) {188 if (tdb_store(ea_tdb->tdb, tkey, tdata, TDB_REPLACE) == -1) { 175 189 status = NT_STATUS_INTERNAL_DB_CORRUPTION; 176 190 } 177 191 178 192 done: 179 tdb_chainunlock( pvfs->ea_db->tdb, tkey);193 tdb_chainunlock(ea_tdb->tdb, tkey); 180 194 talloc_free(tkey.dptr); 181 195 return status; 182 196 } 197 NTSTATUS push_xattr_blob_tdb(struct pvfs_state *pvfs, 198 const char *attr_name, 199 const char *fname, 200 int fd, 201 const DATA_BLOB *blob) 202 { 203 return push_xattr_blob_tdb_raw(pvfs->ea_db,pvfs,attr_name,fname,fd,blob); 204 } 183 205 184 206 … … 192 214 NTSTATUS status; 193 215 194 status = get_ea_ db_key(NULL, attr_name, fname, fd, &tkey);216 status = get_ea_tdb_key(NULL, attr_name, fname, fd, &tkey); 195 217 if (!NT_STATUS_IS_OK(status)) { 196 218 return status; … … 218 240 NTSTATUS status; 219 241 220 status = pull_xattr_blob_tdb(pvfs, mem_ctx, XATTR_LIST_ATTR, 242 status = pull_xattr_blob_tdb(pvfs, mem_ctx, XATTR_LIST_ATTR, 221 243 fname, -1, 100, &blob); 222 244 if (!NT_STATUS_IS_OK(status)) {
Note:
See TracChangeset
for help on using the changeset viewer.
