/* The following definitions come from lib/secdesc.c */
bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2);
+uint32_t get_sec_info(const SEC_DESC *sd);
SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb);
SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
enum security_descriptor_revision revision,
return True;
}
+/*******************************************************************
+ Given a security_descriptor return the sec_info.
+********************************************************************/
+
+uint32_t get_sec_info(const SEC_DESC *sd)
+{
+ uint32_t sec_info = ALL_SECURITY_INFORMATION;
+
+ SMB_ASSERT(sd);
+
+ if (sd->owner_sid == NULL) {
+ sec_info &= ~OWNER_SECURITY_INFORMATION;
+ }
+ if (sd->group_sid == NULL) {
+ sec_info &= ~GROUP_SECURITY_INFORMATION;
+ }
+ if (sd->sacl == NULL) {
+ sec_info &= ~SACL_SECURITY_INFORMATION;
+ }
+ if (sd->dacl == NULL) {
+ sec_info &= ~DACL_SECURITY_INFORMATION;
+ }
+
+ return sec_info;
+}
+
+
/*******************************************************************
Merge part of security descriptor old_sec in to the empty sections of
security descriptor new_sec.
if ((sd != NULL) && (info == FILE_WAS_CREATED)
&& lp_nt_acl_support(SNUM(conn))) {
- uint32_t sec_info_sent = ALL_SECURITY_INFORMATION;
+ uint32_t sec_info_sent;
uint32_t saved_access_mask = fsp->access_mask;
- if (sd->owner_sid == NULL) {
- sec_info_sent &= ~OWNER_SECURITY_INFORMATION;
- }
- if (sd->group_sid == NULL) {
- sec_info_sent &= ~GROUP_SECURITY_INFORMATION;
- }
- if (sd->sacl == NULL) {
- sec_info_sent &= ~SACL_SECURITY_INFORMATION;
- }
- if (sd->dacl == NULL) {
- sec_info_sent &= ~DACL_SECURITY_INFORMATION;
- }
+ sec_info_sent = get_sec_info(sd);
fsp->access_mask = FILE_GENERIC_ALL;