From d5f37ecf94e2b63511102b3fd34c0e7bcd8d7879 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Fri, 18 Nov 2005 11:45:24 +0000
Subject: r11780: it turns out that the MxAc tag isn't a security descriptor,
 its a request that the server return its own MxAc blob which contains the
 maximum allowed access_mask for the returned file handle (This used to be
 commit c0288aa8cd46ca384074f89430c226d725c39475)

---
 source4/torture/smb2/util.c | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

(limited to 'source4/torture/smb2/util.c')

diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c
index 7afce0137f..b39f53d8e1 100644
--- a/source4/torture/smb2/util.c
+++ b/source4/torture/smb2/util.c
@@ -103,7 +103,7 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname,
 
 	smb2_util_unlink(tree, fname);
 	ZERO_STRUCT(io);
-	io.in.access_mask = SEC_RIGHTS_FILE_ALL;
+	io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 	io.in.file_attr   = FILE_ATTRIBUTE_NORMAL;
 	io.in.open_disposition = NTCREATEX_DISP_OVERWRITE_IF;
 	io.in.share_access = 
@@ -119,18 +119,6 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname,
 		io.in.open_disposition = NTCREATEX_DISP_CREATE;
 	}
 
-	io.in.sd = security_descriptor_create(tmp_ctx,
-					      NULL, NULL,
-					      SID_NT_AUTHENTICATED_USERS,
-					      SEC_ACE_TYPE_ACCESS_ALLOWED,
-					      SEC_RIGHTS_FILE_ALL | SEC_STD_ALL,
-					      0,
-					      SID_WORLD,
-					      SEC_ACE_TYPE_ACCESS_ALLOWED,
-					      SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
-					      0,
-					      NULL);
-
 	if (strchr(fname, ':') == NULL) {
 		/* setup some EAs */
 		io.in.eas.num_eas = 2;
-- 
cgit