summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libcli/security/sddl.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/source4/libcli/security/sddl.c b/source4/libcli/security/sddl.c
index a1b8346969..643cb7a82c 100644
--- a/source4/libcli/security/sddl.c
+++ b/source4/libcli/security/sddl.c
@@ -221,6 +221,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
if (!NT_STATUS_IS_OK(status)) {
return False;
}
+ ace->object.object.flags |= SEC_ACE_OBJECT_TYPE_PRESENT;
}
/* inherit object */
@@ -230,6 +231,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
if (!NT_STATUS_IS_OK(status)) {
return False;
}
+ ace->object.object.flags |= SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT;
}
/* trustee */
@@ -460,18 +462,21 @@ static char *sddl_encode_ace(TALLOC_CTX *mem_ctx, const struct security_ace *ace
if (s_flags == NULL) goto failed;
s_mask = sddl_flags_to_string(tmp_ctx, ace_access_mask, ace->access_mask, True);
- if (s_mask == NULL) goto failed;
+ if (s_mask == NULL) {
+ s_mask = talloc_asprintf(tmp_ctx, "0x%08x", ace->access_mask);
+ if (s_mask == NULL) goto failed;
+ }
if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
ace->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT ||
ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT ||
ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT) {
- if (!GUID_all_zero(&ace->object.object.type.type)) {
+ if (ace->object.object.flags & SEC_ACE_OBJECT_TYPE_PRESENT) {
s_object = GUID_string(tmp_ctx, &ace->object.object.type.type);
if (s_object == NULL) goto failed;
}
- if (!GUID_all_zero(&ace->object.object.inherited_type.inherited_type)) {
+ if (ace->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) {
s_iobject = GUID_string(tmp_ctx, &ace->object.object.inherited_type.inherited_type);
if (s_iobject == NULL) goto failed;
}