s3: Refactor getting sec_info from a security_descriptor into separate function
authorTim Prouty <tprouty@samba.org>
Wed, 5 Nov 2008 02:08:03 +0000 (18:08 -0800)
committerTim Prouty <tprouty@samba.org>
Tue, 9 Dec 2008 22:51:48 +0000 (14:51 -0800)
source3/include/proto.h
source3/lib/secdesc.c
source3/smbd/open.c

index 9de64d0..26d131e 100644 (file)
@@ -723,6 +723,7 @@ bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2);
 /* The following definitions come from lib/secdesc.c  */
 
 bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2);
+uint32_t get_sec_info(const SEC_DESC *sd);
 SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb);
 SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
                        enum security_descriptor_revision revision,
index df85336..400f5f3 100644 (file)
@@ -99,6 +99,33 @@ bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2)
        return True;
 }
 
+/*******************************************************************
+ Given a security_descriptor return the sec_info.
+********************************************************************/
+
+uint32_t get_sec_info(const SEC_DESC *sd)
+{
+       uint32_t sec_info = ALL_SECURITY_INFORMATION;
+
+       SMB_ASSERT(sd);
+
+       if (sd->owner_sid == NULL) {
+               sec_info &= ~OWNER_SECURITY_INFORMATION;
+       }
+       if (sd->group_sid == NULL) {
+               sec_info &= ~GROUP_SECURITY_INFORMATION;
+       }
+       if (sd->sacl == NULL) {
+               sec_info &= ~SACL_SECURITY_INFORMATION;
+       }
+       if (sd->dacl == NULL) {
+               sec_info &= ~DACL_SECURITY_INFORMATION;
+       }
+
+       return sec_info;
+}
+
+
 /*******************************************************************
  Merge part of security descriptor old_sec in to the empty sections of 
  security descriptor new_sec.
index 5bd2886..d59f018 100644 (file)
@@ -2963,21 +2963,10 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
        if ((sd != NULL) && (info == FILE_WAS_CREATED)
            && lp_nt_acl_support(SNUM(conn))) {
 
-               uint32_t sec_info_sent = ALL_SECURITY_INFORMATION;
+               uint32_t sec_info_sent;
                uint32_t saved_access_mask = fsp->access_mask;
 
-               if (sd->owner_sid == NULL) {
-                       sec_info_sent &= ~OWNER_SECURITY_INFORMATION;
-               }
-               if (sd->group_sid == NULL) {
-                       sec_info_sent &= ~GROUP_SECURITY_INFORMATION;
-               }
-               if (sd->sacl == NULL) {
-                       sec_info_sent &= ~SACL_SECURITY_INFORMATION;
-               }
-               if (sd->dacl == NULL) {
-                       sec_info_sent &= ~DACL_SECURITY_INFORMATION;
-               }
+               sec_info_sent = get_sec_info(sd);
 
                fsp->access_mask = FILE_GENERIC_ALL;