Re-add set_sd(), called from set_sd_blob(). Allows us to centralize all ACL canonical...

diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 107e8f35584cc9634185a420020d489ebc20444a..1e28482fc9f173ffca386a0a6e56ad1dd32b6386 100644 (file)
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -831,19 +831,14 @@ static void do_nt_transact_create_pipe(connection_struct *conn,
 }
 
 /****************************************************************************
- Internal fn to set security descriptors from a data blob.
+ Internal fn to set security descriptors.
 ****************************************************************************/
 
-NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
+NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
                       uint32_t security_info_sent)
 {
-       struct security_descriptor *psd = NULL;
        NTSTATUS status;
 
-       if (sd_len == 0) {
-               return NT_STATUS_INVALID_PARAMETER;
-       }
-
        if (!CAN_WRITE(fsp->conn)) {
                return NT_STATUS_ACCESS_DENIED;
        }
@@ -852,12 +847,6 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
                return NT_STATUS_OK;
        }
 
-       status = unmarshall_sec_desc(talloc_tos(), data, sd_len, &psd);
-
-       if (!NT_STATUS_IS_OK(status)) {
-               return status;
-       }
-
        if (psd->owner_sid == NULL) {
                security_info_sent &= ~SECINFO_OWNER;
        }
@@ -910,7 +899,7 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
        }
 
        if (DEBUGLEVEL >= 10) {
-               DEBUG(10,("set_sd_blob for file %s\n", fsp_str_dbg(fsp)));
+               DEBUG(10,("set_sd for file %s\n", fsp_str_dbg(fsp)));
                NDR_PRINT_DEBUG(security_descriptor, psd);
        }
 
@@ -921,6 +910,29 @@ NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
        return status;
 }
 
+/****************************************************************************
+ Internal fn to set security descriptors from a data blob.
+****************************************************************************/
+
+NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
+                      uint32_t security_info_sent)
+{
+       struct security_descriptor *psd = NULL;
+       NTSTATUS status;
+
+       if (sd_len == 0) {
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
+       status = unmarshall_sec_desc(talloc_tos(), data, sd_len, &psd);
+
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       return set_sd(fsp, psd, security_info_sent);
+}
+
 /****************************************************************************
  Read a list of EA names and data from an incoming data buffer. Create an ea_list with them.
 ****************************************************************************/

diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 83555906e85077208656c05f7f95d4481f84f257..5f4947e9349484561694116a59f9fa0962c669ef 100644 (file)
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -577,6 +577,8 @@ void *init_quota_handle(TALLOC_CTX *mem_ctx);
 /* The following definitions come from smbd/nttrans.c  */
 
 void reply_ntcreate_and_X(struct smb_request *req);
+NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
+                       uint32_t security_info_sent);
 NTSTATUS set_sd_blob(files_struct *fsp, uint8_t *data, uint32_t sd_len,
                        uint32_t security_info_sent);
 struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx, const char *pdata, size_t data_size);