Re-add set_sd(), called from set_sd_blob(). Allows us to centralize all ACL canonical...

diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 7fb22e3ff2245fc76656cc0c6078ac7699c28150..f66285d4a1cc2e1d10c2f837928668d30f9ceb6e 100644 (file)
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -827,19 +827,14 @@ static void do_nt_transact_create_pipe(connection_struct *conn,
 }
 
 /****************************************************************************
- Internal fn to set security descriptors from a data blob.
+ Internal fn to set security descriptors.
 ****************************************************************************/
 
-NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
+NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
                       uint32_t security_info_sent)
 {
-       struct security_descriptor *psd = NULL;
        NTSTATUS status;
 
-       if (sd_len == 0) {
-               return NT_STATUS_INVALID_PARAMETER;
-       }
-
        if (!CAN_WRITE(fsp->conn)) {
                return NT_STATUS_ACCESS_DENIED;
        }
@@ -848,12 +843,6 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
                return NT_STATUS_OK;
        }
 
-       status = unmarshall_sec_desc(talloc_tos(), data, sd_len, &psd);
-
-       if (!NT_STATUS_IS_OK(status)) {
-               return status;
-       }
-
        if (psd->owner_sid == NULL) {
                security_info_sent &= ~SECINFO_OWNER;
        }
@@ -906,7 +895,7 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
        }
 
        if (DEBUGLEVEL >= 10) {
-               DEBUG(10,("set_sd_blob for file %s\n", fsp_str_dbg(fsp)));
+               DEBUG(10,("set_sd for file %s\n", fsp_str_dbg(fsp)));
                NDR_PRINT_DEBUG(security_descriptor, psd);
        }
 
@@ -917,6 +906,29 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
        return status;
 }
 
+/****************************************************************************
+ Internal fn to set security descriptors from a data blob.
+****************************************************************************/
+
+NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
+                      uint32_t security_info_sent)
+{
+       struct security_descriptor *psd = NULL;
+       NTSTATUS status;
+
+       if (sd_len == 0) {
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
+       status = unmarshall_sec_desc(talloc_tos(), data, sd_len, &psd);
+
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       return set_sd(fsp, psd, security_info_sent);
+}
+
 /****************************************************************************
  Read a list of EA names and data from an incoming data buffer. Create an ea_list with them.
 ****************************************************************************/

diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 9224ce710c4e7cf71819d86f5974053f83a50208..e80e01e4258e5dd84b02c97a4c374d15b64d7c0a 100644 (file)
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -561,6 +561,8 @@ void send_nt_replies(connection_struct *conn,
                     char *params, int paramsize,
                     char *pdata, int datasize);
 void reply_ntcreate_and_X(struct smb_request *req);
+NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
+                       uint32_t security_info_sent);
 NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
                        uint32_t security_info_sent);
 NTSTATUS smb_fsctl(struct files_struct *fsp,