s3: Add directory_has_default_acl_fsp().

Not yet used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index 3bb4036cfdb7fcfc6a549e493f660a1d667a482f..dcdbad2c75e108ffb5f7712d131349153dfefe9d 100644 (file)
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -190,6 +190,43 @@ bool directory_has_default_acl(connection_struct *conn,
        return false;
 }
 
+/****************************************************************************
+ Check for an existing default Windows ACL on a directory fsp.
+****************************************************************************/
+
+bool directory_has_default_acl_fsp(struct files_struct *fsp)
+{
+       struct security_descriptor *secdesc = NULL;
+       unsigned int i;
+       NTSTATUS status;
+
+       status = SMB_VFS_FGET_NT_ACL(fsp,
+                               SECINFO_DACL,
+                               talloc_tos(),
+                               &secdesc);
+
+       if (!NT_STATUS_IS_OK(status) ||
+           secdesc == NULL ||
+           secdesc->dacl == NULL)
+       {
+               TALLOC_FREE(secdesc);
+               return false;
+       }
+
+       for (i = 0; i < secdesc->dacl->num_aces; i++) {
+               struct security_ace *psa = &secdesc->dacl->aces[i];
+
+               if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT|
+                               SEC_ACE_FLAG_CONTAINER_INHERIT))
+               {
+                       TALLOC_FREE(secdesc);
+                       return true;
+               }
+       }
+       TALLOC_FREE(secdesc);
+       return false;
+}
+
 /****************************************************************************
  Check if setting delete on close is allowed on this fsp.
 ****************************************************************************/

diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index b29bc5a7155fc617d1538764f82badd37f3c62eb..f8c4db27e8784ba39331c14678d3305502f9aaa5 100644 (file)
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -340,6 +340,7 @@ bool can_write_to_file(connection_struct *conn,
 bool directory_has_default_acl(connection_struct *conn,
                        struct files_struct *dirfsp,
                        struct smb_filename *smb_fname);
+bool directory_has_default_acl_fsp(struct files_struct *fsp);
 NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32_t dosmode);
 
 /* The following definitions come from smbd/fileio.c  */