summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libtrivfs/dir-lookup.c9
-rw-r--r--libtrivfs/fsys-getroot.c9
-rw-r--r--libtrivfs/io-reauthenticate.c14
-rw-r--r--libtrivfs/io-restrict-auth.c51
4 files changed, 56 insertions, 27 deletions
diff --git a/libtrivfs/dir-lookup.c b/libtrivfs/dir-lookup.c
index 604df8cc..5a0013aa 100644
--- a/libtrivfs/dir-lookup.c
+++ b/libtrivfs/dir-lookup.c
@@ -1,5 +1,5 @@
/*
- Copyright (C) 1994, 1998, 1999 Free Software Foundation
+ Copyright (C) 1994,98,99,2001 Free Software Foundation
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
@@ -64,7 +64,12 @@ trivfs_S_dir_lookup (struct trivfs_protid *cred,
err = (*trivfs_check_open_hook) (cred->po->cntl, cred->user, flags);
if (!err)
{
- struct iouser *user = iohelp_dup_iouser (cred->user);
+ struct iouser *user;
+
+ err = iohelp_dup_iouser (&user, cred->user);
+ if (err)
+ return err;
+
err = trivfs_open (cred->po->cntl, user, flags,
cred->realnode, &newcred);
if (err)
diff --git a/libtrivfs/fsys-getroot.c b/libtrivfs/fsys-getroot.c
index d91b9fa8..90a93d13 100644
--- a/libtrivfs/fsys-getroot.c
+++ b/libtrivfs/fsys-getroot.c
@@ -44,7 +44,6 @@ trivfs_S_fsys_getroot (struct trivfs_control *cntl,
mach_port_t new_realnode;
struct trivfs_protid *cred;
struct iouser *user;
- struct idvec *uvec, *gvec;
if (!cntl)
return EOPNOTSUPP;
@@ -75,11 +74,9 @@ trivfs_S_fsys_getroot (struct trivfs_control *cntl,
if (err)
return err;
- uvec = make_idvec ();
- gvec = make_idvec ();
- idvec_set_ids (uvec, uids, nuids);
- idvec_set_ids (gvec, gids, ngids);
- user = iohelp_create_iouser (uvec, gvec); /* XXX check return value? */
+ err = iohelp_create_complex_iouser (&user, uids, nuids, gids, ngids);
+ if (err)
+ return err;
/* Validate permissions. */
if (! trivfs_check_access_hook)
diff --git a/libtrivfs/io-reauthenticate.c b/libtrivfs/io-reauthenticate.c
index 7a1865f5..3c675e84 100644
--- a/libtrivfs/io-reauthenticate.c
+++ b/libtrivfs/io-reauthenticate.c
@@ -1,5 +1,5 @@
/*
- Copyright (C) 1993,94,95,96,2000 Free Software Foundation, Inc.
+ Copyright (C) 1993,94,95,96,2000,01 Free Software Foundation, Inc.
This file is part of the GNU Hurd.
@@ -51,13 +51,15 @@ trivfs_S_io_reauthenticate (struct trivfs_protid *cred,
newright = ports_get_send_right (newcred);
assert (newright != MACH_PORT_NULL);
- newcred->user = iohelp_reauth (auth, rendport, newright, 1);
- if (idvec_contains (newcred->user->uids, 0))
- newcred->isroot = 1;
-
+ err = iohelp_reauth (&newcred->user, auth, rendport, newright, 1);
mach_port_deallocate (mach_task_self (), rendport);
- mach_port_deallocate (mach_task_self (), newright);
mach_port_deallocate (mach_task_self (), auth);
+ if (err)
+ return err;
+
+ mach_port_deallocate (mach_task_self (), newright);
+ if (idvec_contains (newcred->user->uids, 0))
+ newcred->isroot = 1;
newcred->hook = cred->hook;
diff --git a/libtrivfs/io-restrict-auth.c b/libtrivfs/io-restrict-auth.c
index a1324410..9ff6168e 100644
--- a/libtrivfs/io-restrict-auth.c
+++ b/libtrivfs/io-restrict-auth.c
@@ -1,5 +1,5 @@
/*
- Copyright (C) 1993, 1994, 1995, 1996 Free Software Foundation
+ Copyright (C) 1993,94,95,96,2001 Free Software Foundation
This file is part of the GNU Hurd.
@@ -44,7 +44,7 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred,
uid_t *gids, u_int ngids)
{
int i;
- error_t err = 0;
+ error_t err;
struct trivfs_protid *newcred;
struct idvec *uvec, *gvec;
struct iouser *user;
@@ -52,26 +52,51 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred,
if (!cred)
return EOPNOTSUPP;
- uvec = make_idvec ();
- gvec = make_idvec ();
-
- user = iohelp_create_iouser (uvec, gvec);
-
if (cred->isroot)
+ /* CRED has root access, and so may use any ids. */
{
- /* CRED has root access, and so may use any ids. */
- idvec_set_ids (uvec, uids, nuids);
- idvec_set_ids (gvec, gids, ngids);
+ err = iohelp_create_complex_iouser (&user, uids, nuids, gids, ngids);
+ if (err)
+ return err;
}
else
{
+ uvec = make_idvec ();
+ if (! uvec)
+ return ENOMEM;
+
+ gvec = make_idvec ();
+ if (! gvec)
+ {
+ idvec_free (uvec);
+ return ENOMEM;
+ }
+
/* Otherwise, use any of the requested ids that CRED already has. */
for (i = 0; i < cred->user->uids->num; i++)
if (listmember (uids, cred->user->uids->ids[i], nuids))
- idvec_add (uvec, cred->user->uids->ids[i]);
+ {
+ err = idvec_add (uvec, cred->user->uids->ids[i]);
+ if (err)
+ goto out;
+ }
+
for (i = 0; i < cred->user->gids->num; i++)
if (listmember (gids, cred->user->gids->ids[i], ngids))
- idvec_add (gvec, cred->user->gids->ids[i]);
+ {
+ err = idvec_add (gvec, cred->user->gids->ids[i]);
+ if (err)
+ goto out;
+ }
+
+ err = iohelp_create_iouser (&user, uvec, gvec);
+ if (err)
+ {
+ out:
+ idvec_free (uvec);
+ idvec_free (gvec);
+ return err;
+ }
}
err = ports_create_port (cred->po->cntl->protid_class,
@@ -89,7 +114,7 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred,
newcred->po = cred->po;
newcred->po->refcnt++;
mutex_unlock (&cred->po->cntl->lock);
- if (cred->isroot && idvec_contains (uvec, 0))
+ if (cred->isroot && idvec_contains (user->uids, 0))
newcred->isroot = 1;
newcred->user = user;
newcred->hook = cred->hook;