From ae728ea761e82d6d0bd5c96e7c82f1b1115f2e24 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 15 Mar 2001 03:19:01 +0000
Subject: Last tweak (I promise :-). Fallback to returning our SID if we're a
 domain member but can't get the domain sid. Jeremy. (This used to be commit
 45e96777d0eeafbbf40759f02cd3f5e15b12c288)

---
 source3/rpc_server/srv_lsa_nt.c | 17 ++++++-----------
 source3/smbd/posix_acls.c       | 15 ++++++++++++---
 2 files changed, 18 insertions(+), 14 deletions(-)

(limited to 'source3')

diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 0a20aec8f4..87aebfa674 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -363,15 +363,12 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO
 				sid = &global_sam_sid;
 				break;
 			case ROLE_DOMAIN_MEMBER:
+				name = global_myname;
 				if (secrets_fetch_domain_sid(global_myworkgroup,
 					&domain_sid))
-				{
-					/* I'm sure this should be myname, not myworkgroup. JRA. */
-					name = global_myname;
-					sid = &domain_sid;
-				}
+						sid = &domain_sid;
 				else
-					return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+					sid = &global_sam_sid;
 				break;
 			case ROLE_STANDALONE:
 				name = global_myname;
@@ -392,14 +389,12 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO
 				sid = &global_sam_sid;
 				break;
 			case ROLE_DOMAIN_MEMBER:
+				name = global_myname;
 				if (secrets_fetch_domain_sid(global_myworkgroup,
 					&domain_sid))
-				{
-					name = global_myname;
-					sid = &domain_sid;
-				}
+						sid = &domain_sid;
 				else
-					return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+					sid = &global_sam_sid;
 				break;
 			case ROLE_STANDALONE:
 				name = global_myname;
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index fe2974b235..5c0878b9ca 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -961,9 +961,18 @@ static canon_ace *unix_canonicalise_acl(files_struct *fsp, SMB_STRUCT_STAT *psbu
 		other_ace->perms = unix_perms_to_acl_perms(mode, S_IROTH, S_IWOTH, S_IXOTH);
 	}
 
-	DLIST_ADD(list_head, other_ace);
-	DLIST_ADD(list_head, group_ace);
-	DLIST_ADD(list_head, owner_ace);
+	if (other_ace->perms) {
+		DLIST_ADD(list_head, other_ace);
+	} else
+		safe_free(other_ace);
+	if (group_ace->perms) {
+		DLIST_ADD(list_head, group_ace);
+	} else
+		safe_free(group_ace);
+	if (owner_ace->perms) {
+		DLIST_ADD(list_head, owner_ace);
+	} else
+		safe_free(owner_ace);
 
 	return list_head;
 
-- 
cgit