From 99b86e4a266b99634f6a65015f6df115c421d3e5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 20 Dec 2007 22:27:01 +0100 Subject: Some C++ fixes (This used to be commit 5c392c4c6e277a24d0d477902dc7856b2b46ee53) --- source3/lib/secdesc.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'source3/lib/secdesc.c') diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index 4a9785009b..123c3bcc9b 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -182,7 +182,9 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU Creates a SEC_DESC structure ********************************************************************/ -SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type, +SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, + enum security_descriptor_revision revision, + uint16 type, const DOM_SID *owner_sid, const DOM_SID *grp_sid, SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size) { @@ -329,8 +331,9 @@ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len, SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid, SEC_ACL *dacl, size_t *sd_size) { - return make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, - owner_sid, grp_sid, NULL, dacl, sd_size); + return make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, NULL, + dacl, sd_size); } /******************************************************************* @@ -557,7 +560,8 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, correct. Perhaps the user and group should be passed in as parameters by the caller? */ - sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, + sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE, parent_ctr->owner_sid, parent_ctr->group_sid, parent_ctr->sacl, -- cgit From a59280792cab616f5b269960ab68bc44ccc1fd38 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 29 Dec 2007 22:16:31 +0100 Subject: Remove tiny code duplication sid_size did the same as ndr_size_dom_sid (This used to be commit 8aec5d09ba023413bd8ecbdfbc7d23904df94389) --- source3/lib/secdesc.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/lib/secdesc.c') diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index 123c3bcc9b..883fac57e4 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -46,10 +46,10 @@ size_t sec_desc_size(SEC_DESC *psd) /* don't align */ if (psd->owner_sid != NULL) - offset += sid_size(psd->owner_sid); + offset += ndr_size_dom_sid(psd->owner_sid, 0); if (psd->group_sid != NULL) - offset += sid_size(psd->group_sid); + offset += ndr_size_dom_sid(psd->group_sid, 0); if (psd->sacl != NULL) offset += psd->sacl->size; @@ -235,11 +235,11 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, } if (dst->owner_sid != NULL) { - offset += sid_size(dst->owner_sid); + offset += ndr_size_dom_sid(dst->owner_sid, 0); } if (dst->group_sid != NULL) { - offset += sid_size(dst->group_sid); + offset += ndr_size_dom_sid(dst->group_sid, 0); } *sd_size = (size_t)offset; -- cgit From 7be5525792a2f4aa19c308afb516ef1fe02b7be2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 29 Dec 2007 22:54:51 +0100 Subject: Make [un]marshall_sec_desc use librpc/ndr (This used to be commit 387936ec3952f88d46df2d4943bbc4e408ad2bb5) --- source3/lib/secdesc.c | 54 +++++++++++++++++++++++++++------------------------ 1 file changed, 29 insertions(+), 25 deletions(-) (limited to 'source3/lib/secdesc.c') diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index 883fac57e4..5e5042e521 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -274,25 +274,21 @@ NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx, struct security_descriptor *secdesc, uint8 **data, size_t *len) { - prs_struct ps; - - if (!prs_init(&ps, sec_desc_size(secdesc), mem_ctx, MARSHALL)) { - return NT_STATUS_NO_MEMORY; - } + DATA_BLOB blob; + enum ndr_err_code ndr_err; - if (!sec_io_desc("security_descriptor", &secdesc, &ps, 1)) { - prs_mem_free(&ps); - return NT_STATUS_INVALID_PARAMETER; - } + ndr_err = ndr_push_struct_blob( + &blob, mem_ctx, secdesc, + (ndr_push_flags_fn_t)ndr_push_security_descriptor); - if (!(*data = (uint8 *)talloc_memdup(mem_ctx, ps.data_p, - prs_offset(&ps)))) { - prs_mem_free(&ps); - return NT_STATUS_NO_MEMORY; + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + DEBUG(0, ("ndr_push_security_descriptor failed: %s\n", + ndr_errstr(ndr_err))); + return ndr_map_error2ntstatus(ndr_err);; } - *len = prs_offset(&ps); - prs_mem_free(&ps); + *data = blob.data; + *len = blob.length; return NT_STATUS_OK; } @@ -302,25 +298,33 @@ NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx, NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len, struct security_descriptor **psecdesc) { - prs_struct ps; - struct security_descriptor *secdesc = NULL; + DATA_BLOB blob; + enum ndr_err_code ndr_err; + struct security_descriptor *result; - if (!(secdesc = TALLOC_ZERO_P(mem_ctx, struct security_descriptor))) { - return NT_STATUS_NO_MEMORY; + if ((data == NULL) || (len == 0)) { + return NT_STATUS_INVALID_PARAMETER; } - if (!prs_init(&ps, 0, secdesc, UNMARSHALL)) { + result = TALLOC_ZERO_P(mem_ctx, struct security_descriptor); + if (result == NULL) { return NT_STATUS_NO_MEMORY; } - prs_give_memory(&ps, (char *)data, len, False); + blob = data_blob_const(data, len); - if (!sec_io_desc("security_descriptor", &secdesc, &ps, 1)) { - return NT_STATUS_INVALID_PARAMETER; + ndr_err = ndr_pull_struct_blob( + &blob, result, result, + (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); + + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + DEBUG(0, ("ndr_pull_security_descriptor failed: %s\n", + ndr_errstr(ndr_err))); + TALLOC_FREE(result); + return ndr_map_error2ntstatus(ndr_err);; } - prs_mem_free(&ps); - *psecdesc = secdesc; + *psecdesc = result; return NT_STATUS_OK; } -- cgit From 7cbdb48475b0340154fad60cb4b7cc53dc2bbcfd Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 29 Dec 2007 23:00:49 +0100 Subject: Remove tiny code duplication ndr_size_security_descriptor does the same as sec_desc_size (This used to be commit bc3bd7a8e7c6e9e27acb195c86abb92c0f53112f) --- source3/lib/secdesc.c | 29 ----------------------------- 1 file changed, 29 deletions(-) (limited to 'source3/lib/secdesc.c') diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index 5e5042e521..44ae23271e 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -31,35 +31,6 @@ const struct generic_mapping file_generic_mapping = { FILE_GENERIC_ALL }; -/******************************************************************* - Works out the linearization size of a SEC_DESC. -********************************************************************/ - -size_t sec_desc_size(SEC_DESC *psd) -{ - size_t offset; - - if (!psd) return 0; - - offset = SEC_DESC_HEADER_SIZE; - - /* don't align */ - - if (psd->owner_sid != NULL) - offset += ndr_size_dom_sid(psd->owner_sid, 0); - - if (psd->group_sid != NULL) - offset += ndr_size_dom_sid(psd->group_sid, 0); - - if (psd->sacl != NULL) - offset += psd->sacl->size; - - if (psd->dacl != NULL) - offset += psd->dacl->size; - - return offset; -} - /******************************************************************* Compares two SEC_DESC structures ********************************************************************/ -- cgit