svn commit: samba r5850 - in branches/SAMBA_4_0/source/librpc/idl: .
metze at samba.org
metze at samba.org
Thu Mar 17 04:24:36 GMT 2005
Author: metze
Date: 2005-03-17 04:24:35 +0000 (Thu, 17 Mar 2005)
New Revision: 5850
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=5850
Log:
enable parsing of revision 4 security acl's
metze
Modified:
branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl
branches/SAMBA_4_0/source/librpc/idl/security.idl
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl
===================================================================
--- branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl 2005-03-17 01:50:09 UTC (rev 5849)
+++ branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl 2005-03-17 04:24:35 UTC (rev 5850)
@@ -384,9 +384,7 @@
[case(DRSUAPI_ATTRIBUTE_objectSid)] drsuapi_DsAttributeValueCtrSID sid;
/* SecurityDescriptor */
- /* we can't parse some ads specific security_descriptors yet
[case(DRSUAPI_ATTRIBUTE_ntSecurityDescriptor)] drsuapi_DsAttributeValueCtrSecurityDescriptor security_descriptor;
- */
/* UnicodeString */
[case(DRSUAPI_ATTRIBUTE_description)] drsuapi_DsAttributeValueCtrUnicodeString unicode_string;
Modified: branches/SAMBA_4_0/source/librpc/idl/security.idl
===================================================================
--- branches/SAMBA_4_0/source/librpc/idl/security.idl 2005-03-17 01:50:09 UTC (rev 5849)
+++ branches/SAMBA_4_0/source/librpc/idl/security.idl 2005-03-17 04:24:35 UTC (rev 5850)
@@ -214,28 +214,55 @@
SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT = 8
} security_ace_type;
+ typedef bitmap {
+ SEC_ACE_OBJECT_TYPE_PRESENT = 0x00000001,
+ SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT = 0x00000002
+ } security_ace_object_flags;
+
+ typedef [nodiscriminant] union {
+ /* this is the 'schemaIDGUID' attribute of the attribute object in the schema naming context */
+ [case(SEC_ACE_OBJECT_TYPE_PRESENT)] GUID type;
+ [default];
+ } security_ace_object_type;
+
+ typedef [nodiscriminant] union {
+ /* this is the 'schemaIDGUID' attribute of the objectclass object in the schema naming context
+ * (of the parent container)
+ */
+ [case(SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)] GUID inherited_type;
+ [default];
+ } security_ace_object_inherited_type;
+
+ typedef struct {
+ security_ace_object_flags flags;
+ [switch_is(flags & SEC_ACE_OBJECT_TYPE_PRESENT)] security_ace_object_type type;
+ [switch_is(flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)] security_ace_object_inherited_type inherited_type;
+ } security_ace_object;
+
+ typedef [nodiscriminant] union {
+ [case(SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT)] security_ace_object object;
+ [case(SEC_ACE_TYPE_ACCESS_DENIED_OBJECT)] security_ace_object object;
+ [case(SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT)] security_ace_object object;
+ [case(SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT)] security_ace_object object;
+ [default];
+ } security_ace_object_ctr;
+
typedef [public] struct {
security_ace_type type; /* SEC_ACE_TYPE_* */
security_ace_flags flags; /* SEC_ACE_FLAG_* */
[value(ndr_size_security_ace(r))] uint16 size;
uint32 access_mask;
-
-#if 0
- /* the 'obj' part is present when type is XXXX_TYPE_XXXX_OBJECT */
- struct {
- uint32 flags;
- GUID object_guid;
- GUID inherit_guid;
- } *obj;
-#endif
-
+ [switch_is(type)] security_ace_object_ctr object;
dom_sid trustee;
} security_ace;
typedef enum {
- NT4_ACL_REVISION = 2
+ SECURITY_ACL_REVISION_NT4 = 2,
+ SECURITY_ACL_REVISION_ADS = 4
} security_acl_revision;
+ const uint NT4_ACL_REVISION = SECURITY_ACL_REVISION_NT4;
+
typedef [public] struct {
security_acl_revision revision;
[value(ndr_size_security_acl(r))] uint16 size;
@@ -245,10 +272,10 @@
/* default revision for new ACLs */
typedef [enum8bit] enum {
- SEC_DESC_REVISION_1 = 1
+ SECURITY_DESCRIPTOR_REVISION_1 = 1
} security_descriptor_revision;
- const int SD_REVISION = SEC_DESC_REVISION_1;
+ const int SD_REVISION = SECURITY_DESCRIPTOR_REVISION_1;
/* security_descriptor->type bits */
typedef [bitmap16bit] bitmap {
@@ -277,7 +304,6 @@
const int SECINFO_DACL = 0x00000004;
const int SECINFO_SACL = 0x00000008;
-
typedef [public,flag(NDR_LITTLE_ENDIAN)] struct {
security_descriptor_revision revision;
security_descriptor_type type; /* SEC_DESC_xxxx flags */
More information about the samba-cvs
mailing list