s3: smbd: Remove smbd_calculate_maximum_allowed_access(). No longer used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 0a6b691195ec88fc7f6e7a6cdc24ebd0d68d793b..1eea2e8ffd28f94525c99bc66800f225374f5f67 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3189,91 +3189,6 @@ static void schedule_async_open(struct smb_request *req)
        }
 }
 
-#if 0
-/****************************************************************************
- Work out what access_mask to use from what the client sent us.
-****************************************************************************/
-
-static NTSTATUS smbd_calculate_maximum_allowed_access(
-       connection_struct *conn,
-       struct files_struct *dirfsp,
-       const struct smb_filename *smb_fname,
-       bool use_privs,
-       uint32_t *p_access_mask)
-{
-       struct security_descriptor *sd;
-       uint32_t access_granted;
-       NTSTATUS status;
-
-       SMB_ASSERT(dirfsp == conn->cwd_fsp);
-
-       if (!use_privs && (get_current_uid(conn) == (uid_t)0)) {
-               *p_access_mask |= FILE_GENERIC_ALL;
-               return NT_STATUS_OK;
-       }
-
-       status = SMB_VFS_GET_NT_ACL_AT(conn,
-                               dirfsp,
-                               smb_fname,
-                               (SECINFO_OWNER |
-                                       SECINFO_GROUP |
-                                       SECINFO_DACL),
-                               talloc_tos(),
-                               &sd);
-
-       if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
-               /*
-                * File did not exist
-                */
-               *p_access_mask = FILE_GENERIC_ALL;
-               return NT_STATUS_OK;
-       }
-       if (!NT_STATUS_IS_OK(status)) {
-               DEBUG(10,("Could not get acl on file %s: %s\n",
-                         smb_fname_str_dbg(smb_fname),
-                         nt_errstr(status)));
-               return NT_STATUS_ACCESS_DENIED;
-       }
-
-       /*
-        * If we can access the path to this file, by
-        * default we have FILE_READ_ATTRIBUTES from the
-        * containing directory. See the section:
-        * "Algorithm to Check Access to an Existing File"
-        * in MS-FSA.pdf.
-        *
-        * se_file_access_check()
-        * also takes care of owner WRITE_DAC and READ_CONTROL.
-        */
-       status = se_file_access_check(sd,
-                                get_current_nttok(conn),
-                                use_privs,
-                                (*p_access_mask & ~FILE_READ_ATTRIBUTES),
-                                &access_granted);
-
-       TALLOC_FREE(sd);
-
-       if (!NT_STATUS_IS_OK(status)) {
-               DEBUG(10, ("Access denied on file %s: "
-                          "when calculating maximum access\n",
-                          smb_fname_str_dbg(smb_fname)));
-               return NT_STATUS_ACCESS_DENIED;
-       }
-       *p_access_mask = (access_granted | FILE_READ_ATTRIBUTES);
-
-       if (!(access_granted & DELETE_ACCESS)) {
-               if (can_delete_file_in_directory(conn,
-                               conn->cwd_fsp,
-                               smb_fname))
-               {
-                       *p_access_mask |= DELETE_ACCESS;
-               }
-       }
-
-       return NT_STATUS_OK;
-}
-#endif
-
 /****************************************************************************
  Work out what access_mask to use from what the client sent us.
 ****************************************************************************/