From 6153f622af0cd7855ca349f73307988c1b9478b8 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Tue, 4 Nov 2008 18:08:03 -0800 Subject: s3: Refactor getting sec_info from a security_descriptor into separate function --- source3/include/proto.h | 1 + source3/lib/secdesc.c | 27 +++++++++++++++++++++++++++ source3/smbd/open.c | 15 ++------------- 3 files changed, 30 insertions(+), 13 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 9de64d018c..26d131e393 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -723,6 +723,7 @@ bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2); /* The following definitions come from lib/secdesc.c */ bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2); +uint32_t get_sec_info(const SEC_DESC *sd); SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb); SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, enum security_descriptor_revision revision, diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index df85336603..400f5f31b0 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -99,6 +99,33 @@ bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2) return True; } +/******************************************************************* + Given a security_descriptor return the sec_info. +********************************************************************/ + +uint32_t get_sec_info(const SEC_DESC *sd) +{ + uint32_t sec_info = ALL_SECURITY_INFORMATION; + + SMB_ASSERT(sd); + + if (sd->owner_sid == NULL) { + sec_info &= ~OWNER_SECURITY_INFORMATION; + } + if (sd->group_sid == NULL) { + sec_info &= ~GROUP_SECURITY_INFORMATION; + } + if (sd->sacl == NULL) { + sec_info &= ~SACL_SECURITY_INFORMATION; + } + if (sd->dacl == NULL) { + sec_info &= ~DACL_SECURITY_INFORMATION; + } + + return sec_info; +} + + /******************************************************************* Merge part of security descriptor old_sec in to the empty sections of security descriptor new_sec. diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 5bd28862e1..d59f018cfb 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2963,21 +2963,10 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, if ((sd != NULL) && (info == FILE_WAS_CREATED) && lp_nt_acl_support(SNUM(conn))) { - uint32_t sec_info_sent = ALL_SECURITY_INFORMATION; + uint32_t sec_info_sent; uint32_t saved_access_mask = fsp->access_mask; - if (sd->owner_sid == NULL) { - sec_info_sent &= ~OWNER_SECURITY_INFORMATION; - } - if (sd->group_sid == NULL) { - sec_info_sent &= ~GROUP_SECURITY_INFORMATION; - } - if (sd->sacl == NULL) { - sec_info_sent &= ~SACL_SECURITY_INFORMATION; - } - if (sd->dacl == NULL) { - sec_info_sent &= ~DACL_SECURITY_INFORMATION; - } + sec_info_sent = get_sec_info(sd); fsp->access_mask = FILE_GENERIC_ALL; -- cgit