diff options
Diffstat (limited to 'libtrivfs')
-rw-r--r-- | libtrivfs/dir-lookup.c | 9 | ||||
-rw-r--r-- | libtrivfs/fsys-getroot.c | 9 | ||||
-rw-r--r-- | libtrivfs/io-reauthenticate.c | 14 | ||||
-rw-r--r-- | libtrivfs/io-restrict-auth.c | 51 |
4 files changed, 56 insertions, 27 deletions
diff --git a/libtrivfs/dir-lookup.c b/libtrivfs/dir-lookup.c index 604df8cc..5a0013aa 100644 --- a/libtrivfs/dir-lookup.c +++ b/libtrivfs/dir-lookup.c @@ -1,5 +1,5 @@ /* - Copyright (C) 1994, 1998, 1999 Free Software Foundation + Copyright (C) 1994,98,99,2001 Free Software Foundation This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as @@ -64,7 +64,12 @@ trivfs_S_dir_lookup (struct trivfs_protid *cred, err = (*trivfs_check_open_hook) (cred->po->cntl, cred->user, flags); if (!err) { - struct iouser *user = iohelp_dup_iouser (cred->user); + struct iouser *user; + + err = iohelp_dup_iouser (&user, cred->user); + if (err) + return err; + err = trivfs_open (cred->po->cntl, user, flags, cred->realnode, &newcred); if (err) diff --git a/libtrivfs/fsys-getroot.c b/libtrivfs/fsys-getroot.c index d91b9fa8..90a93d13 100644 --- a/libtrivfs/fsys-getroot.c +++ b/libtrivfs/fsys-getroot.c @@ -44,7 +44,6 @@ trivfs_S_fsys_getroot (struct trivfs_control *cntl, mach_port_t new_realnode; struct trivfs_protid *cred; struct iouser *user; - struct idvec *uvec, *gvec; if (!cntl) return EOPNOTSUPP; @@ -75,11 +74,9 @@ trivfs_S_fsys_getroot (struct trivfs_control *cntl, if (err) return err; - uvec = make_idvec (); - gvec = make_idvec (); - idvec_set_ids (uvec, uids, nuids); - idvec_set_ids (gvec, gids, ngids); - user = iohelp_create_iouser (uvec, gvec); /* XXX check return value? */ + err = iohelp_create_complex_iouser (&user, uids, nuids, gids, ngids); + if (err) + return err; /* Validate permissions. */ if (! trivfs_check_access_hook) diff --git a/libtrivfs/io-reauthenticate.c b/libtrivfs/io-reauthenticate.c index 7a1865f5..3c675e84 100644 --- a/libtrivfs/io-reauthenticate.c +++ b/libtrivfs/io-reauthenticate.c @@ -1,5 +1,5 @@ /* - Copyright (C) 1993,94,95,96,2000 Free Software Foundation, Inc. + Copyright (C) 1993,94,95,96,2000,01 Free Software Foundation, Inc. This file is part of the GNU Hurd. @@ -51,13 +51,15 @@ trivfs_S_io_reauthenticate (struct trivfs_protid *cred, newright = ports_get_send_right (newcred); assert (newright != MACH_PORT_NULL); - newcred->user = iohelp_reauth (auth, rendport, newright, 1); - if (idvec_contains (newcred->user->uids, 0)) - newcred->isroot = 1; - + err = iohelp_reauth (&newcred->user, auth, rendport, newright, 1); mach_port_deallocate (mach_task_self (), rendport); - mach_port_deallocate (mach_task_self (), newright); mach_port_deallocate (mach_task_self (), auth); + if (err) + return err; + + mach_port_deallocate (mach_task_self (), newright); + if (idvec_contains (newcred->user->uids, 0)) + newcred->isroot = 1; newcred->hook = cred->hook; diff --git a/libtrivfs/io-restrict-auth.c b/libtrivfs/io-restrict-auth.c index a1324410..9ff6168e 100644 --- a/libtrivfs/io-restrict-auth.c +++ b/libtrivfs/io-restrict-auth.c @@ -1,5 +1,5 @@ /* - Copyright (C) 1993, 1994, 1995, 1996 Free Software Foundation + Copyright (C) 1993,94,95,96,2001 Free Software Foundation This file is part of the GNU Hurd. @@ -44,7 +44,7 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred, uid_t *gids, u_int ngids) { int i; - error_t err = 0; + error_t err; struct trivfs_protid *newcred; struct idvec *uvec, *gvec; struct iouser *user; @@ -52,26 +52,51 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred, if (!cred) return EOPNOTSUPP; - uvec = make_idvec (); - gvec = make_idvec (); - - user = iohelp_create_iouser (uvec, gvec); - if (cred->isroot) + /* CRED has root access, and so may use any ids. */ { - /* CRED has root access, and so may use any ids. */ - idvec_set_ids (uvec, uids, nuids); - idvec_set_ids (gvec, gids, ngids); + err = iohelp_create_complex_iouser (&user, uids, nuids, gids, ngids); + if (err) + return err; } else { + uvec = make_idvec (); + if (! uvec) + return ENOMEM; + + gvec = make_idvec (); + if (! gvec) + { + idvec_free (uvec); + return ENOMEM; + } + /* Otherwise, use any of the requested ids that CRED already has. */ for (i = 0; i < cred->user->uids->num; i++) if (listmember (uids, cred->user->uids->ids[i], nuids)) - idvec_add (uvec, cred->user->uids->ids[i]); + { + err = idvec_add (uvec, cred->user->uids->ids[i]); + if (err) + goto out; + } + for (i = 0; i < cred->user->gids->num; i++) if (listmember (gids, cred->user->gids->ids[i], ngids)) - idvec_add (gvec, cred->user->gids->ids[i]); + { + err = idvec_add (gvec, cred->user->gids->ids[i]); + if (err) + goto out; + } + + err = iohelp_create_iouser (&user, uvec, gvec); + if (err) + { + out: + idvec_free (uvec); + idvec_free (gvec); + return err; + } } err = ports_create_port (cred->po->cntl->protid_class, @@ -89,7 +114,7 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred, newcred->po = cred->po; newcred->po->refcnt++; mutex_unlock (&cred->po->cntl->lock); - if (cred->isroot && idvec_contains (uvec, 0)) + if (cred->isroot && idvec_contains (user->uids, 0)) newcred->isroot = 1; newcred->user = user; newcred->hook = cred->hook; |