If AFSRequestExtentsAsync() fails to obtain requested extents
due to STATUS_ACCESS_DENIED using the AuthGroup associated with
the Context Control Block, try to find an alternate AuthGroup
to use to perform the extent request. We have already told
Windows what permissions the application has when the file was
opened. Windows will perform its own validation checks prior
to permitting the data to be accessed or altered.
Change-Id: I430657e8c8e30c9f636a5ec81065af4122c926d7
Reviewed-on: http://gerrit.openafs.org/6397
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
NULL,
NULL);
+ if ( ntStatus == STATUS_ACCESS_DENIED)
+ {
+ GUID stAuthGroup;
+ DWORD ntStatus2;
+
+ ntStatus2 = AFSRetrieveValidAuthGroup( Fcb,
+ NULL,
+ TRUE,
+ &stAuthGroup);
+
+ if ( NT_SUCCESS( ntStatus2) &&
+ RtlCompareMemory( &stAuthGroup,
+ &Ccb->AuthGroup,
+ sizeof( GUID)) != sizeof( GUID))
+ {
+
+ ntStatus = AFSProcessRequest( AFS_REQUEST_TYPE_REQUEST_FILE_EXTENTS,
+ 0,
+ &stAuthGroup,
+ NULL,
+ &Fcb->ObjectInformation->FileId,
+ &request,
+ sizeof( AFSRequestExtentsCB ),
+ NULL,
+ NULL);
+ }
+ }
+
if( NT_SUCCESS( ntStatus))
{