From 795920cf4a25ab4ea061d5620b19ba27884921dd Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 29 Aug 2012 13:37:51 -0700
Subject: [PATCH] Change the other two places where we set a security
 descriptor given by the client to got through set_sd(), the canonicalize sd
 function.

---
 source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 21 +--------------------
 source3/smbd/open.c                       |  6 +-----
 2 files changed, 2 insertions(+), 25 deletions(-)

diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index 7f34ec28e03..2d34b9b4d1c 100644
--- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
@@ -2332,26 +2332,7 @@ WERROR _srvsvc_NetSetFileSecurity(struct pipes_struct *p,
 	psd = r->in.sd_buf->sd;
 	security_info_sent = r->in.securityinformation;
 
-	if (psd->owner_sid==0) {
-		security_info_sent &= ~SECINFO_OWNER;
-	}
-	if (psd->group_sid==0) {
-		security_info_sent &= ~SECINFO_GROUP;
-	}
-	if (psd->sacl==0) {
-		security_info_sent &= ~SECINFO_SACL;
-	}
-	if (psd->dacl==0) {
-		security_info_sent &= ~SECINFO_DACL;
-	}
-
-	/* Convert all the generic bits. */
-	security_acl_map_generic(psd->dacl, &file_generic_mapping);
-	security_acl_map_generic(psd->sacl, &file_generic_mapping);
-
-	nt_status = SMB_VFS_FSET_NT_ACL(fsp,
-					security_info_sent,
-					psd);
+	nt_status = set_sd(fsp, psd, security_info_sent);
 
 	if (!NT_STATUS_IS_OK(nt_status) ) {
 		DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to set NT ACL "
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index d078638aaee..415f6adf2e2 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3757,15 +3757,11 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
 
 			fsp->access_mask = FILE_GENERIC_ALL;
 
-			/* Convert all the generic bits. */
-			security_acl_map_generic(sd->dacl, &file_generic_mapping);
-			security_acl_map_generic(sd->sacl, &file_generic_mapping);
-
 			if (sec_info_sent & (SECINFO_OWNER|
 						SECINFO_GROUP|
 						SECINFO_DACL|
 						SECINFO_SACL)) {
-				status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
+				status = set_sd(fsp, sd, sec_info_sent);
 			}
 
 			fsp->access_mask = saved_access_mask;
-- 
2.34.1