From: Jeremy Allison <jra@samba.org>
Date: Tue, 8 Jun 2021 19:24:17 +0000 (-0700)
Subject: s3: smbd: smbd_check_access_rights_fsp(). Add dirfsp parameter.
X-Git-Tag: tevent-0.11.0~521
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=699356a245ed941b5d7e7446afc700fdd9a34bbf;p=thirdparty%2Fsamba.git

s3: smbd: smbd_check_access_rights_fsp(). Add dirfsp parameter.

Pass down to smbd_check_access_rights_sd().

Always pass conn->cwd_fsp for now.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
---

diff --git a/source3/modules/vfs_ceph_snapshots.c b/source3/modules/vfs_ceph_snapshots.c
index 35681e24e0b..41b7e0cfe91 100644
--- a/source3/modules/vfs_ceph_snapshots.c
+++ b/source3/modules/vfs_ceph_snapshots.c
@@ -209,7 +209,8 @@ static int ceph_snap_enum_snapdir(struct vfs_handle_struct *handle,
 
 	/* Check we have SEC_DIR_LIST access on this fsp. */
 	dirfsp = dir_hnd_fetch_fsp(dir_hnd);
-	status = smbd_check_access_rights_fsp(dirfsp,
+	status = smbd_check_access_rights_fsp(dirfsp->conn->cwd_fsp,
+					      dirfsp,
 					      false,
 					      SEC_DIR_LIST);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -529,7 +530,8 @@ static int ceph_snap_gmt_convert_dir(struct vfs_handle_struct *handle,
 
 	/* Check we have SEC_DIR_LIST access on this fsp. */
 	dirfsp = dir_hnd_fetch_fsp(dir_hnd);
-	status = smbd_check_access_rights_fsp(dirfsp,
+	status = smbd_check_access_rights_fsp(dirfsp->conn->cwd_fsp,
+					      dirfsp,
 					      false,
 					      SEC_DIR_LIST);
 	if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c
index 3945d661d08..9f004aff6b6 100644
--- a/source3/modules/vfs_shadow_copy2.c
+++ b/source3/modules/vfs_shadow_copy2.c
@@ -1995,7 +1995,8 @@ static int shadow_copy2_get_shadow_copy_data(
 	fsp_set_fd(dirfsp, fd);
 
 	/* Now we have the handle, check access here. */
-	status = smbd_check_access_rights_fsp(dirfsp,
+	status = smbd_check_access_rights_fsp(fspcwd,
+					dirfsp,
 					false,
 					SEC_DIR_LIST);
 	if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index 2528e47b446..ac6afe77464 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -503,7 +503,8 @@ NTSTATUS set_ea_dos_attribute(connection_struct *conn,
 			return NT_STATUS_ACCESS_DENIED;
 		}
 
-		status = smbd_check_access_rights_fsp(smb_fname->fsp,
+		status = smbd_check_access_rights_fsp(conn->cwd_fsp,
+					smb_fname->fsp,
 					false,
 					FILE_WRITE_ATTRIBUTES);
 		if (NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index 581c11cb7fe..9193c650316 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -124,6 +124,7 @@ bool can_delete_file_in_directory(connection_struct *conn,
 	 */
 
 	ret = NT_STATUS_IS_OK(smbd_check_access_rights_fsp(
+				conn->cwd_fsp,
 				smb_fname_parent->fsp,
 				false,
 				FILE_DELETE_CHILD));
@@ -140,7 +141,9 @@ bool can_delete_file_in_directory(connection_struct *conn,
 
 bool can_write_to_fsp(struct files_struct *fsp)
 {
-	return NT_STATUS_IS_OK(smbd_check_access_rights_fsp(fsp,
+	return NT_STATUS_IS_OK(smbd_check_access_rights_fsp(
+							fsp->conn->cwd_fsp,
+							fsp,
 							false,
 							FILE_WRITE_DATA));
 }
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index 64655a3084e..4de62aba4f1 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -669,7 +669,8 @@ static bool user_can_stat_name_under_fsp(files_struct *fsp, const char *name)
 			return false;
 		}
 
-		status = smbd_check_access_rights_fsp(fname->fsp,
+		status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+						  fname->fsp,
 						  false,
 						  rights);
 		if (!NT_STATUS_IS_OK(status)) {
@@ -711,7 +712,8 @@ static bool user_can_stat_name_under_fsp(files_struct *fsp, const char *name)
 		TALLOC_FREE(filepath);
 		return false;
 	}
-	status = smbd_check_access_rights_fsp(fname->fsp,
+	status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+					  fname->fsp,
 					  false,
 					  rights);
 	if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index edced0d6131..43b630c2d80 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -246,7 +246,8 @@ access_denied:
 	return NT_STATUS_OK;
 }
 
-NTSTATUS smbd_check_access_rights_fsp(struct files_struct *fsp,
+NTSTATUS smbd_check_access_rights_fsp(struct files_struct *dirfsp,
+				      struct files_struct *fsp,
 				      bool use_privs,
 				      uint32_t access_mask)
 {
@@ -290,7 +291,7 @@ NTSTATUS smbd_check_access_rights_fsp(struct files_struct *fsp,
 	}
 
 	return smbd_check_access_rights_sd(fsp->conn,
-					   fsp->conn->cwd_fsp,
+					   dirfsp,
 					   fsp->fsp_name,
 					   sd,
 					   use_privs,
@@ -436,7 +437,8 @@ static NTSTATUS check_base_file_access(struct files_struct *fsp,
 		}
 	}
 
-	return smbd_check_access_rights_fsp(fsp,
+	return smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+					fsp,
 					false,
 					access_mask);
 }
@@ -1362,7 +1364,9 @@ static NTSTATUS open_file(files_struct *fsp,
 		if (!fsp->base_fsp) {
 			/* Only do this check on non-stream open. */
 			if (file_existed) {
-				status = smbd_check_access_rights_fsp(fsp,
+				status = smbd_check_access_rights_fsp(
+						fsp->conn->cwd_fsp,
+						fsp,
 						false,
 						access_mask);
 
@@ -1547,7 +1551,8 @@ static NTSTATUS open_file(files_struct *fsp,
 			}
 		}
 
-		status = smbd_check_access_rights_fsp(fsp,
+		status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+						      fsp,
 						      false,
 						      access_mask);
 
@@ -4617,7 +4622,8 @@ static NTSTATUS open_directory(connection_struct *conn,
 	}
 
 	if (info == FILE_WAS_OPENED) {
-		status = smbd_check_access_rights_fsp(fsp,
+		status = smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+						fsp,
 						false,
 						access_mask);
 		if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index fd090f15655..68ce8b3332c 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -725,7 +725,8 @@ void reply_nttranss(struct smb_request *req);
 
 /* The following definitions come from smbd/open.c  */
 
-NTSTATUS smbd_check_access_rights_fsp(struct files_struct *fsp,
+NTSTATUS smbd_check_access_rights_fsp(struct files_struct *dirfsp,
+				      struct files_struct *fsp,
 				      bool use_privs,
 				      uint32_t access_mask);
 NTSTATUS check_parent_access_fsp(struct files_struct *fsp,
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index f3a262a79bb..d453eb5e6f4 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1507,7 +1507,8 @@ void reply_setatr(struct smb_request *req)
 		else
 			mode &= ~FILE_ATTRIBUTE_DIRECTORY;
 
-		status = smbd_check_access_rights_fsp(smb_fname->fsp,
+		status = smbd_check_access_rights_fsp(conn->cwd_fsp,
+					smb_fname->fsp,
 					false,
 					FILE_WRITE_ATTRIBUTES);
 		if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 983bd48c615..a1a3e92fafd 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -81,7 +81,8 @@ NTSTATUS check_access_fsp(struct files_struct *fsp,
 			  uint32_t access_mask)
 {
 	if (!fsp->fsp_flags.is_fsa) {
-		return smbd_check_access_rights_fsp(fsp,
+		return smbd_check_access_rights_fsp(fsp->conn->cwd_fsp,
+						    fsp,
 						    false,
 						    access_mask);
 	}