sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

Re-add set_sd(), called from set_sd_blob(). Allows us to centralize all ACL canonicalization.

Browse Source
This commit is contained in:
Jeremy Allison 2012-08-29 13:29:34 -07:00
parent 8c84ecef89
commit 70ebf1da67
2 changed files with 28 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
source3/smbd/nttrans.c
View File

@ -831,19 +831,14 @@ static void do_nt_transact_create_pipe(connection_struct *conn,
}
/****************************************************************************
Internal fn to set security descriptors from a data blob.
Internal fn to set security descriptors.
****************************************************************************/
NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
uint32_t security_info_sent)
{
struct security_descriptor *psd = NULL;
NTSTATUS status;
if (sd_len == 0) {
return NT_STATUS_INVALID_PARAMETER;
}
if (!CAN_WRITE(fsp->conn)) {
return NT_STATUS_ACCESS_DENIED;
}
@ -852,12 +847,6 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
return NT_STATUS_OK;
}
status = unmarshall_sec_desc(talloc_tos(), data, sd_len, &psd);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (psd->owner_sid == NULL) {
security_info_sent &= ~SECINFO_OWNER;
}
@ -910,7 +899,7 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
}
if (DEBUGLEVEL >= 10) {
DEBUG(10,("set_sd_blob for file %s\n", fsp_str_dbg(fsp)));
DEBUG(10,("set_sd for file %s\n", fsp_str_dbg(fsp)));
NDR_PRINT_DEBUG(security_descriptor, psd);
}
@ -921,6 +910,29 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
return status;
}
/****************************************************************************
Internal fn to set security descriptors from a data blob.
****************************************************************************/
NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
uint32_t security_info_sent)
{
struct security_descriptor *psd = NULL;
NTSTATUS status;
if (sd_len == 0) {
return NT_STATUS_INVALID_PARAMETER;
}
status = unmarshall_sec_desc(talloc_tos(), data, sd_len, &psd);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return set_sd(fsp, psd, security_info_sent);
}
/****************************************************************************
Read a list of EA names and data from an incoming data buffer. Create an ea_list with them.
****************************************************************************/

2
source3/smbd/proto.h
View File

@ -577,6 +577,8 @@ void *init_quota_handle(TALLOC_CTX *mem_ctx);
/* The following definitions come from smbd/nttrans.c */
void reply_ntcreate_and_X(struct smb_request *req);
NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
uint32_t security_info_sent);
NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
uint32_t security_info_sent);
struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx, const char *pdata, size_t data_size);