Merge branch 'release/1.4'

2025-04-22 16:33:02 -05:00 · 2018-10-09 14:32:42 -07:00 · 2018-10-09 14:32:42 -07:00 · 74df26a28d
commit 74df26a28d
parent 60aee6867c 0de00e872f
3 changed files with 66 additions and 6 deletions
--- a/src/dotnet/FileSystemBase.cs
+++ b/src/dotnet/FileSystemBase.cs
@ -707,7 +707,7 @@ namespace Fsp
        /// Describes the modifications to apply to the file or directory security descriptor.
        /// </param>
        /// <returns>STATUS_SUCCESS or error code.</returns>
-        /// <seealso cref="ModifySecurityDescriptor"/>
+        /// <seealso cref="ModifySecurityDescriptorEx"/>
        public virtual Int32 SetSecurity(
            Object FileNode,
            Object FileDesc,
@ -1105,7 +1105,7 @@ namespace Fsp
            return (int)Api.FspFileSystemOperationProcessId();
        }
        /// <summary>
-        /// Modifies a security descriptor.
+        /// Modifies a security descriptor. [OBSOLETE]
        /// </summary>
        /// <remarks>
        /// This is a helper for implementing the SetSecurity operation.
@ -1121,6 +1121,7 @@ namespace Fsp
        /// </param>
        /// <returns>The modified security descriptor.</returns>
        /// <seealso cref="SetSecurity"/>
+        [Obsolete("use ModifySecurityDescriptorEx")]
        public static byte[] ModifySecurityDescriptor(
            Byte[] SecurityDescriptor,
            AccessControlSections Sections,
@ -1140,6 +1141,47 @@ namespace Fsp
                SecurityInformation,
                ModificationDescriptor);
        }
+        /// <summary>
+        /// Modifies a security descriptor.
+        /// </summary>
+        /// <remarks>
+        /// This is a helper for implementing the SetSecurity operation.
+        /// </remarks>
+        /// <param name="SecurityDescriptor">
+        /// The original security descriptor.
+        /// </param>
+        /// <param name="Sections">
+        /// Describes what parts of the file or directory security descriptor should be modified.
+        /// </param>
+        /// <param name="ModificationDescriptor">
+        /// Describes the modifications to apply to the file or directory security descriptor.
+        /// </param>
+        /// <param name="ModifiedDescriptor">
+        /// The modified security descriptor. This parameter is modified only on success.
+        /// </param>
+        /// <returns>STATUS_SUCCESS or error code.</returns>
+        /// <seealso cref="SetSecurity"/>
+        public static Int32 ModifySecurityDescriptorEx(
+            Byte[] SecurityDescriptor,
+            AccessControlSections Sections,
+            Byte[] ModificationDescriptor,
+            ref Byte[] ModifiedDescriptor)
+        {
+            UInt32 SecurityInformation = 0;
+            if (0 != (Sections & AccessControlSections.Owner))
+                SecurityInformation |= 1/*OWNER_SECURITY_INFORMATION*/;
+            if (0 != (Sections & AccessControlSections.Group))
+                SecurityInformation |= 2/*GROUP_SECURITY_INFORMATION*/;
+            if (0 != (Sections & AccessControlSections.Access))
+                SecurityInformation |= 4/*DACL_SECURITY_INFORMATION*/;
+            if (0 != (Sections & AccessControlSections.Audit))
+                SecurityInformation |= 8/*SACL_SECURITY_INFORMATION*/;
+            return Api.ModifySecurityDescriptorEx(
+                SecurityDescriptor,
+                SecurityInformation,
+                ModificationDescriptor,
+                ref ModifiedDescriptor);
+        }
        public Int32 SeekableReadDirectory(
            Object FileNode,
            Object FileDesc,
--- a/src/dotnet/Interop.cs
+++ b/src/dotnet/Interop.cs
@ -929,6 +929,26 @@ namespace Fsp.Interop
                    return SecurityDescriptorBytes;
                }
        }
+        internal unsafe static Int32 ModifySecurityDescriptorEx(
+            Byte[] SecurityDescriptorBytes,
+            UInt32 SecurityInformation,
+            Byte[] ModificationDescriptorBytes,
+            ref Byte[] ModifiedDescriptorBytes)
+        {
+            fixed (Byte *S = SecurityDescriptorBytes)
+                fixed (Byte *M = ModificationDescriptorBytes)
+                {
+                    IntPtr SecurityDescriptor;
+                    Int32 Result = FspSetSecurityDescriptor(
+                        (IntPtr)S, SecurityInformation, (IntPtr)M, out SecurityDescriptor);
+                    if (0 > Result)
+                        return Result;
+                    SecurityDescriptorBytes = MakeSecurityDescriptor(SecurityDescriptor);
+                    FspDeleteSecurityDescriptor(SecurityDescriptor, _FspSetSecurityDescriptorPtr);
+                    ModifiedDescriptorBytes = SecurityDescriptorBytes;
+                    return 0/*STATUS_SUCCESS*/;
+                }
+        }

        internal unsafe static Int32 CopyReparsePoint(
            Byte[] ReparseData,
--- a/tst/memfs-dotnet/Program.cs
+++ b/tst/memfs-dotnet/Program.cs
@ -783,10 +783,8 @@ namespace memfs
            if (null != FileNode.MainFileNode)
                FileNode = FileNode.MainFileNode;

-            FileNode.FileSecurity = ModifySecurityDescriptor(
-                FileNode.FileSecurity, Sections, SecurityDescriptor);
-
-            return STATUS_SUCCESS;
+            return ModifySecurityDescriptorEx(FileNode.FileSecurity, Sections, SecurityDescriptor,
+                ref FileNode.FileSecurity);
        }

        public override Boolean ReadDirectoryEntry(