+
+/* returns true if the ACE gontains generic information
+ * that needs to be processed additionally */
+
+static bool desc_ace_has_generic(TALLOC_CTX *mem_ctx,
+ struct security_ace *ace)
+{
+ struct dom_sid *co, *cg;
+ co = dom_sid_parse_talloc(mem_ctx, SID_CREATOR_OWNER);
+ cg = dom_sid_parse_talloc(mem_ctx, SID_CREATOR_GROUP);
+ if (ace->access_mask & SEC_GENERIC_ALL || ace->access_mask & SEC_GENERIC_READ ||
+ ace->access_mask & SEC_GENERIC_WRITE || ace->access_mask & SEC_GENERIC_EXECUTE) {
+ return true;
+ }
+ if (dom_sid_equal(&ace->trustee, co) || dom_sid_equal(&ace->trustee, cg)) {
+ return true;
+ }
+ return false;
+}
+
+/* creates an ace in which the generic information is expanded */
+
+static void desc_expand_generic(TALLOC_CTX *mem_ctx,
+ struct security_ace *new_ace,
+ struct dom_sid *owner,
+ struct dom_sid *group)
+{
+ struct dom_sid *co, *cg;
+ co = dom_sid_parse_talloc(mem_ctx, SID_CREATOR_OWNER);
+ cg = dom_sid_parse_talloc(mem_ctx, SID_CREATOR_GROUP);
+ new_ace->access_mask = map_generic_rights_ds(new_ace->access_mask);
+ if (dom_sid_equal(&new_ace->trustee, co)) {
+ new_ace->trustee = *owner;
+ }
+ if (dom_sid_equal(&new_ace->trustee, cg)) {
+ new_ace->trustee = *group;
+ }
+ new_ace->flags = 0x0;
+}