From cb4b187f10ae92aab6689a454d17bbbd382ebe63 Mon Sep 17 00:00:00 2001
From: cinap_lenrek <cinap_lenrek@felloff.net>
Date: Wed, 11 May 2016 02:10:05 +0200
Subject: devssl, devtls: fix permission checks

---
 sys/src/9/port/devssl.c | 21 +--------------------
 sys/src/9/port/devtls.c | 21 ++-------------------
 2 files changed, 3 insertions(+), 39 deletions(-)

(limited to 'sys/src')

diff --git a/sys/src/9/port/devssl.c b/sys/src/9/port/devssl.c
index 6f2b7e61e..9c46a8fde 100644
--- a/sys/src/9/port/devssl.c
+++ b/sys/src/9/port/devssl.c
@@ -263,23 +263,8 @@ static Chan*
 sslopen(Chan *c, int omode)
 {
 	Dstate *s, **pp;
-	int perm;
 	int ft;
 
-	perm = 0;
-	omode &= 3;
-	switch(omode) {
-	case OREAD:
-		perm = 4;
-		break;
-	case OWRITE:
-		perm = 2;
-		break;
-	case ORDWR:
-		perm = 6;
-		break;
-	}
-
 	ft = TYPE(c->qid);
 	switch(ft) {
 	default:
@@ -309,11 +294,7 @@ sslopen(Chan *c, int omode)
 		if(s == 0)
 			dsnew(c, pp);
 		else {
-			if((perm & (s->perm>>6)) != perm
-			   && (strcmp(up->user, s->user) != 0
-			     || (perm & s->perm) != perm))
-				error(Eperm);
-
+			devpermcheck(s->user, s->perm, omode);
 			s->ref++;
 		}
 		unlock(&dslock);
diff --git a/sys/src/9/port/devtls.c b/sys/src/9/port/devtls.c
index 58ed58b35..f5d4fa493 100644
--- a/sys/src/9/port/devtls.c
+++ b/sys/src/9/port/devtls.c
@@ -424,21 +424,7 @@ static Chan*
 tlsopen(Chan *c, int omode)
 {
 	TlsRec *tr, **pp;
-	int t, perm;
-
-	perm = 0;
-	omode &= 3;
-	switch(omode) {
-	case OREAD:
-		perm = 4;
-		break;
-	case OWRITE:
-		perm = 2;
-		break;
-	case ORDWR:
-		perm = 6;
-		break;
-	}
+	int t;
 
 	t = TYPE(c->qid);
 	switch(t) {
@@ -471,10 +457,7 @@ tlsopen(Chan *c, int omode)
 		tr = *pp;
 		if(tr == nil)
 			error("must open connection using clone");
-		if((perm & (tr->perm>>6)) != perm
-		&& (strcmp(up->user, tr->user) != 0
-		    || (perm & tr->perm) != perm))
-			error(Eperm);
+		devpermcheck(tr->user, tr->perm, omode);
 		if(t == Qhand){
 			if(waserror()){
 				unlock(&tr->hqlock);
-- 
cgit v1.2.3