libcli: Simplify desc_ace_has_generic()
authorVolker Lendecke <vl@samba.org>
Tue, 27 May 2014 07:04:38 +0000 (07:04 +0000)
committerDavid Disseldorp <ddiss@samba.org>
Tue, 27 May 2014 15:32:12 +0000 (17:32 +0200)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
libcli/security/create_descriptor.c

index 33c9b10c6bf59b62566aced8d77295a810d44316..03c0658485eb1356124a5fffc3d3e0f14ad3b9b4 100644 (file)
@@ -107,17 +107,14 @@ static bool object_in_list(struct GUID *object_list, struct GUID *object)
 /* returns true if the ACE gontains generic information
  * that needs to be processed additionally */
  
-static bool desc_ace_has_generic(TALLOC_CTX *mem_ctx,
-                            struct security_ace *ace)
+static bool desc_ace_has_generic(struct security_ace *ace)
 {
-       struct dom_sid *co, *cg;
-       co = dom_sid_parse_talloc(mem_ctx,  SID_CREATOR_OWNER);
-       cg = dom_sid_parse_talloc(mem_ctx,  SID_CREATOR_GROUP);
        if (ace->access_mask & SEC_GENERIC_ALL || ace->access_mask & SEC_GENERIC_READ ||
            ace->access_mask & SEC_GENERIC_WRITE || ace->access_mask & SEC_GENERIC_EXECUTE) {
                return true;
        }
-       if (dom_sid_equal(&ace->trustee, co) || dom_sid_equal(&ace->trustee, cg)) {
+       if (dom_sid_equal(&ace->trustee, &global_sid_Creator_Owner) ||
+           dom_sid_equal(&ace->trustee, &global_sid_Creator_Group)) {
                return true;
        }
        return false;
@@ -175,7 +172,7 @@ static struct security_acl *calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
                        tmp_acl->aces[tmp_acl->num_aces].flags |= SEC_ACE_FLAG_INHERITED_ACE;
                        /* remove IO flag from the child's ace */
                        if (ace->flags & SEC_ACE_FLAG_INHERIT_ONLY &&
-                           !desc_ace_has_generic(tmp_ctx, ace)) {
+                           !desc_ace_has_generic(ace)) {
                                tmp_acl->aces[tmp_acl->num_aces].flags &= ~SEC_ACE_FLAG_INHERIT_ONLY;
                        }
 
@@ -208,7 +205,7 @@ static struct security_acl *calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
                        tmp_acl->num_aces++;
                        if (is_container) {
                                if (!(ace->flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT) &&
-                                   (desc_ace_has_generic(tmp_ctx, ace))) {
+                                   (desc_ace_has_generic(ace))) {
                                            tmp_acl->aces = talloc_realloc(tmp_acl,
                                                                           tmp_acl->aces,
                                                                           struct security_ace,
@@ -287,7 +284,7 @@ static struct security_acl *process_user_acl(TALLOC_CTX *mem_ctx,
                /* if the ACE contains CO, CG, GA, GE, GR or GW, and is inheritable
                 * it has to be expanded to two aces, the original as IO,
                 * and another one where these are translated */
-               if (desc_ace_has_generic(tmp_ctx, ace)) {
+               if (desc_ace_has_generic(ace)) {
                        if (!(ace->flags & SEC_ACE_FLAG_CONTAINER_INHERIT)) {
                                desc_expand_generic(&tmp_acl->aces[tmp_acl->num_aces-1],
                                                    owner,