summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@sernet.de>2007-12-01 19:16:52 +0100
committerVolker Lendecke <vl@sernet.de>2007-12-05 13:45:12 +0100
commitffeb5aaaa42c7a779609c1bcd745e9e403f32a67 (patch)
tree7af4aeed3c22ad6ed659bb824d42fe0ef20d2f2c
parent825dddff8fe42d6f460ec06ad81374e382f0a4fc (diff)
downloadsamba-ffeb5aaaa42c7a779609c1bcd745e9e403f32a67.tar.gz
samba-ffeb5aaaa42c7a779609c1bcd745e9e403f32a67.tar.bz2
samba-ffeb5aaaa42c7a779609c1bcd745e9e403f32a67.zip
Split out sd parsing
(This used to be commit 5a9d147e41b260cb620f026291786eeb95ebc64f)
Diffstat
-rw-r--r--source3/smbd/nttrans.c38
1 files changed, 33 insertions, 5 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 139163cb87..38cda65eb1 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1264,6 +1264,7 @@ static void call_nt_transact_create(connection_struct *conn,
uint32 create_disposition;
uint32 create_options;
uint32 sd_len;
+ struct security_descriptor *sd;
uint32 ea_len;
uint16 root_dir_fid;
struct timespec c_timespec;
@@ -1331,6 +1332,18 @@ static void call_nt_transact_create(connection_struct *conn,
return;
}
+ if (sd_len) {
+ status = unmarshall_sec_desc(ctx, (uint8_t *)data, sd_len,
+ &sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("call_nt_transact_create: "
+ "unmarshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
+ reply_nterror(req, status);
+ return;
+ }
+ }
+
if (ea_len) {
if (!lp_ea_support(SNUM(conn))) {
DEBUG(10, ("call_nt_transact_create - ea_len = %u but "
@@ -1641,14 +1654,29 @@ static void call_nt_transact_create(connection_struct *conn,
* Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
*/
- if (lp_nt_acl_support(SNUM(conn)) && sd_len && info == FILE_WAS_CREATED) {
- uint32 saved_access_mask = fsp->access_mask;
-
- /* We have already checked that sd_len <= data_count here. */
+ if (lp_nt_acl_support(SNUM(conn)) && (info == FILE_WAS_CREATED)
+ && (sd != NULL)) {
+ uint32_t sec_info_sent = ALL_SECURITY_INFORMATION;
+ uint32_t saved_access_mask = fsp->access_mask;
fsp->access_mask = FILE_GENERIC_ALL;
- status = set_sd( fsp, data, sd_len, ALL_SECURITY_INFORMATION);
+ if (sd->owner_sid==0) {
+ sec_info_sent &= ~OWNER_SECURITY_INFORMATION;
+ }
+ if (sd->group_sid==0) {
+ sec_info_sent &= ~GROUP_SECURITY_INFORMATION;
+ }
+ if (sd->sacl==0) {
+ sec_info_sent &= ~SACL_SECURITY_INFORMATION;
+ }
+ if (sd->dacl==0) {
+ sec_info_sent &= ~DACL_SECURITY_INFORMATION;
+ }
+
+ status = SMB_VFS_FSET_NT_ACL(
+ fsp, fsp->fh->fd, sec_info_sent, sd);
+
if (!NT_STATUS_IS_OK(status)) {
close_file(fsp,ERROR_CLOSE);
TALLOC_FREE(case_state);
generated by cgit (git 2.34.1) at 2024-12-28 04:23:41 +0000