diff options
| author | Andrew Tridgell <tridge@samba.org> | 2003-11-22 08:11:32 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2003-11-22 08:11:32 +0000 |
| commit | 86a604429ee13aa8c3f930ea74b1fada278ced45 (patch) | |
| tree | 5d2699e261de3b8cd8d84983f54e4032cb4eb4c2 /source4/librpc/ndr/ndr_sec.c | |
| parent | 595002026669ec81e3e71f98e9a12adfd353751f (diff) | |
| download | samba-86a604429ee13aa8c3f930ea74b1fada278ced45.tar.gz samba-86a604429ee13aa8c3f930ea74b1fada278ced45.tar.bz2 samba-86a604429ee13aa8c3f930ea74b1fada278ced45.zip | |
a fairly major upgrade to the dcerpc system
* added a NDR validator. The way it works is that when the
DCERPC_DEBUG_VALIDATE_* flags are set the dcerpc system will
perform NDR buffer validation. On sending a request the packet is
first marshalled, then unmarahslled, then marshalled again, and it is
confirmed that the two marshalling results are idential. This
ensures that our pull and push routines are absolutely in sync, so
that we can be very confident that if a routine works in the client
then the corresponding routine must work on the server side. A
similar validation is performed on all replies.
* a result of this change is that pidl is fussier about the [ref]
tag. You can only use it on pointers (which is the only place it
makes sense)
* fixed a basic alignment bug in the push side of the NDR code
* added server side pull/push support. Our dcerpc system is now fully
ready to be used on the server side.
* fixed the relative offset pointer list. It must be traversed in
reverse order on push
* added automatic value setting for the size parameter in outgoing
SdBuf structures.
* expanded the ndr debugging code to always give a message on any
failure
* fixed the subcontext push code
* fixed some memory leaks in smbtorture RPC tests
(This used to be commit 8ecf720206a2eef3f8ea7cbdb1f460664a5dba9a)
Diffstat (limited to 'source4/librpc/ndr/ndr_sec.c')
| -rw-r--r-- | source4/librpc/ndr/ndr_sec.c | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/source4/librpc/ndr/ndr_sec.c b/source4/librpc/ndr/ndr_sec.c index 5a959b9b47..1a8d355149 100644 --- a/source4/librpc/ndr/ndr_sec.c +++ b/source4/librpc/ndr/ndr_sec.c @@ -88,3 +88,53 @@ void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, struct dom_sid2 ndr_print_dom_sid(ndr, name, sid); } + +/* + return the wire size of a security_ace +*/ +size_t ndr_size_security_ace(struct security_ace *ace) +{ + if (!ace) return 0; + return 8 + ndr_size_dom_sid(&ace->trustee); +} + + +/* + return the wire size of a security_acl +*/ +size_t ndr_size_security_acl(struct security_acl *acl) +{ + size_t ret; + int i; + if (!acl) return 0; + ret = 8; + for (i=0;i<acl->num_aces;i++) { + ret += ndr_size_security_ace(&acl->aces[i]); + } + return ret; +} + +/* + return the wire size of a dom_sid +*/ +size_t ndr_size_dom_sid(struct dom_sid *sid) +{ + if (!sid) return 0; + return 8 + 4*sid->num_auths; +} + +/* + return the wire size of a security descriptor +*/ +size_t ndr_size_security_descriptor(struct security_descriptor *sd) +{ + size_t ret; + if (!sd) return 0; + + ret = 20; + ret += ndr_size_dom_sid(sd->owner_sid); + ret += ndr_size_dom_sid(sd->group_sid); + ret += ndr_size_security_acl(sd->dacl); + ret += ndr_size_security_acl(sd->sacl); + return ret; +} |