From 1bab4fdaafd5930a02ae5a0d603176720ef15220 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 24 Jul 2009 14:09:42 -0700
Subject: Fix hash function in acl_xattr to be SHA256, make the hash function
 selectable. Upgrade version. Compiles but not fully tested yet (coming). Make
 vfs_acl_tdb.c compile - this needs updating to match acl_xattr (also coming
 soon). Jeremy.

---
 librpc/idl/xattr.idl | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'librpc/idl/xattr.idl')

diff --git a/librpc/idl/xattr.idl b/librpc/idl/xattr.idl
index 4191ea67ce..c2b8bb0cc2 100644
--- a/librpc/idl/xattr.idl
+++ b/librpc/idl/xattr.idl
@@ -123,14 +123,25 @@ interface xattr
 
 	const char *XATTR_NTACL_NAME = "security.NTACL";
 
+	const int XATTR_SD_HASH_SIZE = 64;
+	const int XATTR_SD_HASH_TYPE_NONE = 0x0;
+	const int XATTR_SD_HASH_TYPE_SHA256 = 0x1;
+
 	typedef [public] struct {
 		security_descriptor *sd;
 		uint8 hash[16];
-	} security_descriptor_hash;
+	} security_descriptor_hash_v2; /* Hash never used in this version. */
+
+	typedef [public] struct {
+		security_descriptor *sd;
+		uint16 hash_type;
+		uint8 hash[XATTR_SD_HASH_SIZE]; /* 64 bytes hash. */
+	} security_descriptor_hash_v3;
 
 	typedef [switch_type(uint16)] union {
 		[case(1)] security_descriptor *sd;
-		[case(2)] security_descriptor_hash *sd_hs;
+		[case(2)] security_descriptor_hash_v2 *sd_hs2;
+		[case(3)] security_descriptor_hash_v3 *sd_hs3;
 	} xattr_NTACL_Info;
 
 	typedef [public] struct {
-- 
cgit