summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2010-06-02 23:29:16 +0200
committerGünther Deschner <gd@samba.org>2010-06-03 10:59:54 +0200
commite24a59f932897888cadae31469366663aca1a414 (patch)
tree3b8bf82f734b6c9126e86ca749df05205fadfb7c
parent630c27bdad32086f16dbafdeab94d34fbc3b9b5e (diff)
downloadsamba-e24a59f932897888cadae31469366663aca1a414.tar.gz
samba-e24a59f932897888cadae31469366663aca1a414.tar.bz2
samba-e24a59f932897888cadae31469366663aca1a414.zip
s3-security: use shared SECINFO_SACL define.
Guenther
-rw-r--r--source3/include/rpc_secdes.h3
-rw-r--r--source3/lib/secdesc.c2
-rw-r--r--source3/modules/onefs_acl.c10
-rw-r--r--source3/modules/vfs_acl_common.c4
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c2
-rw-r--r--source3/rpc_server/srv_svcctl_nt.c2
-rw-r--r--source3/smbd/nttrans.c2
-rw-r--r--source3/smbd/open.c2
8 files changed, 13 insertions, 14 deletions
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 652c229fd4..f4eb22cfef 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -26,7 +26,6 @@
/* security information */
#define DACL_SECURITY_INFORMATION 0x00000004
-#define SACL_SECURITY_INFORMATION 0x00000008
/* Extra W2K flags. */
#define UNPROTECTED_SACL_SECURITY_INFORMATION 0x10000000
#define UNPROTECTED_DACL_SECURITY_INFORMATION 0x20000000
@@ -34,7 +33,7 @@
#define PROTECTED_DACL_SECURITY_INFORMATION 0x80000000
#define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\
- DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION|\
+ DACL_SECURITY_INFORMATION|SECINFO_SACL|\
UNPROTECTED_SACL_SECURITY_INFORMATION|\
UNPROTECTED_DACL_SECURITY_INFORMATION|\
PROTECTED_SACL_SECURITY_INFORMATION|\
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index 7624c3c590..b1e12c3f2b 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -49,7 +49,7 @@ uint32_t get_sec_info(const struct security_descriptor *sd)
sec_info &= ~SECINFO_GROUP;
}
if (sd->sacl == NULL) {
- sec_info &= ~SACL_SECURITY_INFORMATION;
+ sec_info &= ~SECINFO_SACL;
}
if (sd->dacl == NULL) {
sec_info &= ~DACL_SECURITY_INFORMATION;
diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c
index 51c6a233f9..4fa2e79c7b 100644
--- a/source3/modules/onefs_acl.c
+++ b/source3/modules/onefs_acl.c
@@ -629,7 +629,7 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
if (lp_parm_bool(SNUM(fsp->conn), PARM_ONEFS_TYPE,
PARM_IGNORE_SACLS, PARM_IGNORE_SACLS_DEFAULT)) {
DEBUG(5, ("Ignoring SACL on %s.\n", fsp_str_dbg(fsp)));
- security_info &= ~SACL_SECURITY_INFORMATION;
+ security_info &= ~SECINFO_SACL;
}
if (fsp->fh->fd == -1) {
@@ -733,7 +733,7 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
}
/* Copy SACL into ppdesc */
- if (security_info & SACL_SECURITY_INFORMATION) {
+ if (security_info & SECINFO_SACL) {
if (!onefs_acl_to_samba_acl(sd->sacl, &sacl)) {
status = NT_STATUS_INVALID_PARAMETER;
goto out;
@@ -870,12 +870,12 @@ NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent,
}
/* Setup SACL */
- if (security_info_sent & SACL_SECURITY_INFORMATION) {
+ if (security_info_sent & SECINFO_SACL) {
if (lp_parm_bool(snum, PARM_ONEFS_TYPE,
PARM_IGNORE_SACLS, PARM_IGNORE_SACLS_DEFAULT)) {
DEBUG(5, ("Ignoring SACL.\n"));
- *security_info_effective &= ~SACL_SECURITY_INFORMATION;
+ *security_info_effective &= ~SECINFO_SACL;
} else {
if (psd->sacl) {
if (!onefs_samba_acl_to_acl(psd->sacl,
@@ -884,7 +884,7 @@ NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent,
if (ignore_aces == true) {
*security_info_effective &=
- ~SACL_SECURITY_INFORMATION;
+ ~SECINFO_SACL;
}
}
}
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 08b4fbaf4d..59aa70310f 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -39,7 +39,7 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
#define HASH_SECURITY_INFO (SECINFO_OWNER | \
SECINFO_GROUP | \
DACL_SECURITY_INFORMATION | \
- SACL_SECURITY_INFORMATION)
+ SECINFO_SACL)
/*******************************************************************
Hash a security descriptor.
@@ -380,7 +380,7 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
if (!(security_info & DACL_SECURITY_INFORMATION)) {
psd->dacl = NULL;
}
- if (!(security_info & SACL_SECURITY_INFORMATION)) {
+ if (!(security_info & SECINFO_SACL)) {
psd->sacl = NULL;
}
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 08180a4f76..bdf7018147 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -2286,7 +2286,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
security_info_sent &= ~SECINFO_GROUP;
}
if (psd->sacl==0) {
- security_info_sent &= ~SACL_SECURITY_INFORMATION;
+ security_info_sent &= ~SECINFO_SACL;
}
if (psd->dacl==0) {
security_info_sent &= ~DACL_SECURITY_INFORMATION;
diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c
index 0e63fa8e6e..b8dcfbe1c6 100644
--- a/source3/rpc_server/srv_svcctl_nt.c
+++ b/source3/rpc_server/srv_svcctl_nt.c
@@ -931,7 +931,7 @@ WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p,
required_access = STD_RIGHT_WRITE_OWNER_ACCESS;
break;
- case SACL_SECURITY_INFORMATION:
+ case SECINFO_SACL:
return WERR_INVALID_PARAM;
default:
return WERR_INVALID_PARAM;
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 85b005f376..1b34b6ce80 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1806,7 +1806,7 @@ NTSTATUS smbd_do_query_security_desc(connection_struct *conn,
/* If the SACL/DACL is NULL, but was requested, we mark that it is
* present in the reply to match Windows behavior */
if (psd->sacl == NULL &&
- security_info_wanted & SACL_SECURITY_INFORMATION)
+ security_info_wanted & SECINFO_SACL)
psd->type |= SEC_DESC_SACL_PRESENT;
if (psd->dacl == NULL &&
security_info_wanted & DACL_SECURITY_INFORMATION)
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 8c9df72cbc..f6905eaaa1 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3212,7 +3212,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
if (sec_info_sent & (SECINFO_OWNER|
SECINFO_GROUP|
DACL_SECURITY_INFORMATION|
- SACL_SECURITY_INFORMATION)) {
+ SECINFO_SACL)) {
status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
}