[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-960-gbc3bd7a
Volker Lendecke
vl at samba.org
Sat Dec 29 22:20:22 GMT 2007
The branch, v3-2-test has been updated
via bc3bd7a8e7c6e9e27acb195c86abb92c0f53112f (commit)
via 387936ec3952f88d46df2d4943bbc4e408ad2bb5 (commit)
via 54576733d6c0511dc7379f964b1cb035913b7c8d (commit)
via 8aec5d09ba023413bd8ecbdfbc7d23904df94389 (commit)
from 22a98bf7b81fb89dce1f32ef65cfe6caaba985b3 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit bc3bd7a8e7c6e9e27acb195c86abb92c0f53112f
Author: Volker Lendecke <vl at samba.org>
Date: Sat Dec 29 23:00:49 2007 +0100
Remove tiny code duplication
ndr_size_security_descriptor does the same as sec_desc_size
commit 387936ec3952f88d46df2d4943bbc4e408ad2bb5
Author: Volker Lendecke <vl at samba.org>
Date: Sat Dec 29 22:54:51 2007 +0100
Make [un]marshall_sec_desc use librpc/ndr
commit 54576733d6c0511dc7379f964b1cb035913b7c8d
Author: Volker Lendecke <vl at samba.org>
Date: Sat Dec 29 22:47:03 2007 +0100
Make use of [un]marshall_sec_desc
commit 8aec5d09ba023413bd8ecbdfbc7d23904df94389
Author: Volker Lendecke <vl at samba.org>
Date: Sat Dec 29 22:16:31 2007 +0100
Remove tiny code duplication
sid_size did the same as ndr_size_dom_sid
-----------------------------------------------------------------------
Summary of changes:
source/lib/secace.c | 4 +-
source/lib/secdesc.c | 87 +++++++++++++------------------------
source/lib/sharesec.c | 2 +-
source/lib/util_sid.c | 18 +------
source/libads/ldap.c | 20 +++++----
source/libsmb/cliquota.c | 4 +-
source/libsmb/clisecdesc.c | 45 +++++++------------
source/modules/nfs4_acls.c | 2 +-
source/printing/nt_printing.c | 10 +++--
source/registry/reg_api.c | 2 +-
source/registry/regfio.c | 5 +-
source/rpc_parse/parse_buffer.c | 2 +-
source/rpc_parse/parse_sec.c | 6 +-
source/rpc_parse/parse_spoolss.c | 4 +-
source/rpc_parse/parse_srv.c | 5 +-
source/rpc_server/srv_srvsvc_nt.c | 2 +-
source/rpc_server/srv_svcctl_nt.c | 2 +-
source/smbd/nttrans.c | 5 +-
source/smbd/trans2.c | 8 ++--
source/winbindd/winbindd_cm.c | 11 +++--
20 files changed, 103 insertions(+), 141 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/lib/secace.c b/source/lib/secace.c
index 90ecc34..8760a61 100644
--- a/source/lib/secace.c
+++ b/source/lib/secace.c
@@ -59,7 +59,7 @@ void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, enum security_ace_type type,
{
t->type = type;
t->flags = flag;
- t->size = sid_size(sid) + 8;
+ t->size = ndr_size_dom_sid(sid, 0) + 8;
t->access_mask = mask;
ZERO_STRUCTP(&t->trustee);
@@ -86,7 +86,7 @@ NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsign
(*pp_new)[i].type = SEC_ACE_TYPE_ACCESS_ALLOWED;
(*pp_new)[i].flags = 0;
- (*pp_new)[i].size = SEC_ACE_HEADER_SIZE + sid_size(sid);
+ (*pp_new)[i].size = SEC_ACE_HEADER_SIZE + ndr_size_dom_sid(sid, 0);
(*pp_new)[i].access_mask = mask;
sid_copy(&(*pp_new)[i].trustee, sid);
return NT_STATUS_OK;
diff --git a/source/lib/secdesc.c b/source/lib/secdesc.c
index 123c3bc..44ae232 100644
--- a/source/lib/secdesc.c
+++ b/source/lib/secdesc.c
@@ -32,35 +32,6 @@ const struct generic_mapping file_generic_mapping = {
};
/*******************************************************************
- Works out the linearization size of a SEC_DESC.
-********************************************************************/
-
-size_t sec_desc_size(SEC_DESC *psd)
-{
- size_t offset;
-
- if (!psd) return 0;
-
- offset = SEC_DESC_HEADER_SIZE;
-
- /* don't align */
-
- if (psd->owner_sid != NULL)
- offset += sid_size(psd->owner_sid);
-
- if (psd->group_sid != NULL)
- offset += sid_size(psd->group_sid);
-
- if (psd->sacl != NULL)
- offset += psd->sacl->size;
-
- if (psd->dacl != NULL)
- offset += psd->dacl->size;
-
- return offset;
-}
-
-/*******************************************************************
Compares two SEC_DESC structures
********************************************************************/
@@ -235,11 +206,11 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
}
if (dst->owner_sid != NULL) {
- offset += sid_size(dst->owner_sid);
+ offset += ndr_size_dom_sid(dst->owner_sid, 0);
}
if (dst->group_sid != NULL) {
- offset += sid_size(dst->group_sid);
+ offset += ndr_size_dom_sid(dst->group_sid, 0);
}
*sd_size = (size_t)offset;
@@ -274,25 +245,21 @@ NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx,
struct security_descriptor *secdesc,
uint8 **data, size_t *len)
{
- prs_struct ps;
-
- if (!prs_init(&ps, sec_desc_size(secdesc), mem_ctx, MARSHALL)) {
- return NT_STATUS_NO_MEMORY;
- }
+ DATA_BLOB blob;
+ enum ndr_err_code ndr_err;
- if (!sec_io_desc("security_descriptor", &secdesc, &ps, 1)) {
- prs_mem_free(&ps);
- return NT_STATUS_INVALID_PARAMETER;
- }
+ ndr_err = ndr_push_struct_blob(
+ &blob, mem_ctx, secdesc,
+ (ndr_push_flags_fn_t)ndr_push_security_descriptor);
- if (!(*data = (uint8 *)talloc_memdup(mem_ctx, ps.data_p,
- prs_offset(&ps)))) {
- prs_mem_free(&ps);
- return NT_STATUS_NO_MEMORY;
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(0, ("ndr_push_security_descriptor failed: %s\n",
+ ndr_errstr(ndr_err)));
+ return ndr_map_error2ntstatus(ndr_err);;
}
- *len = prs_offset(&ps);
- prs_mem_free(&ps);
+ *data = blob.data;
+ *len = blob.length;
return NT_STATUS_OK;
}
@@ -302,25 +269,33 @@ NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx,
NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len,
struct security_descriptor **psecdesc)
{
- prs_struct ps;
- struct security_descriptor *secdesc = NULL;
+ DATA_BLOB blob;
+ enum ndr_err_code ndr_err;
+ struct security_descriptor *result;
- if (!(secdesc = TALLOC_ZERO_P(mem_ctx, struct security_descriptor))) {
- return NT_STATUS_NO_MEMORY;
+ if ((data == NULL) || (len == 0)) {
+ return NT_STATUS_INVALID_PARAMETER;
}
- if (!prs_init(&ps, 0, secdesc, UNMARSHALL)) {
+ result = TALLOC_ZERO_P(mem_ctx, struct security_descriptor);
+ if (result == NULL) {
return NT_STATUS_NO_MEMORY;
}
- prs_give_memory(&ps, (char *)data, len, False);
+ blob = data_blob_const(data, len);
- if (!sec_io_desc("security_descriptor", &secdesc, &ps, 1)) {
- return NT_STATUS_INVALID_PARAMETER;
+ ndr_err = ndr_pull_struct_blob(
+ &blob, result, result,
+ (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
+
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(0, ("ndr_pull_security_descriptor failed: %s\n",
+ ndr_errstr(ndr_err)));
+ TALLOC_FREE(result);
+ return ndr_map_error2ntstatus(ndr_err);;
}
- prs_mem_free(&ps);
- *psecdesc = secdesc;
+ *psecdesc = result;
return NT_STATUS_OK;
}
diff --git a/source/lib/sharesec.c b/source/lib/sharesec.c
index 0027a88..ba025da 100644
--- a/source/lib/sharesec.c
+++ b/source/lib/sharesec.c
@@ -144,7 +144,7 @@ SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
}
if (psd)
- *psize = sec_desc_size(psd);
+ *psize = ndr_size_security_descriptor(psd, 0);
return psd;
}
diff --git a/source/lib/util_sid.c b/source/lib/util_sid.c
index 52f65aa..222b32e 100644
--- a/source/lib/util_sid.c
+++ b/source/lib/util_sid.c
@@ -382,7 +382,7 @@ bool sid_linearize(char *outbuf, size_t len, const DOM_SID *sid)
{
size_t i;
- if (len < sid_size(sid))
+ if (len < ndr_size_dom_sid(sid, 0))
return False;
SCVAL(outbuf,0,sid->sid_rev_num);
@@ -495,18 +495,6 @@ bool sid_equal(const DOM_SID *sid1, const DOM_SID *sid2)
}
/*****************************************************************
- Calculates size of a sid.
-*****************************************************************/
-
-size_t sid_size(const DOM_SID *sid)
-{
- if (sid == NULL)
- return 0;
-
- return sid->num_auths * sizeof(uint32) + 8;
-}
-
-/*****************************************************************
Returns true if SID is internal (and non-mappable).
*****************************************************************/
@@ -535,7 +523,7 @@ bool non_mappable_sid(DOM_SID *sid)
char *sid_binstring(const DOM_SID *sid)
{
char *buf, *s;
- int len = sid_size(sid);
+ int len = ndr_size_dom_sid(sid, 0);
buf = (char *)SMB_MALLOC(len);
if (!buf)
return NULL;
@@ -553,7 +541,7 @@ char *sid_binstring(const DOM_SID *sid)
char *sid_binstring_hex(const DOM_SID *sid)
{
char *buf, *s;
- int len = sid_size(sid);
+ int len = ndr_size_dom_sid(sid, 0);
buf = (char *)SMB_MALLOC(len);
if (!buf)
return NULL;
diff --git a/source/libads/ldap.c b/source/libads/ldap.c
index 348ccac..953693c 100644
--- a/source/libads/ldap.c
+++ b/source/libads/ldap.c
@@ -2384,20 +2384,22 @@ int ads_count_replies(ADS_STRUCT *ads, void *res)
LDAPMessage *msg, const char *field, SEC_DESC **sd)
{
struct berval **values;
- bool ret = False;
+ bool ret = true;
values = ldap_get_values_len(ads->ldap.ld, msg, field);
- if (!values) return False;
+ if (!values) return false;
if (values[0]) {
- prs_struct ps;
- prs_init(&ps, values[0]->bv_len, mem_ctx, UNMARSHALL);
- prs_copy_data_in(&ps, values[0]->bv_val, values[0]->bv_len);
- prs_set_offset(&ps,0);
-
- ret = sec_io_desc("sd", sd, &ps, 1);
- prs_mem_free(&ps);
+ NTSTATUS status;
+ status = unmarshall_sec_desc(mem_ctx,
+ (uint8 *)values[0]->bv_val,
+ values[0]->bv_len, sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("unmarshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
+ ret = false;
+ }
}
ldap_value_free_len(values);
diff --git a/source/libsmb/cliquota.c b/source/libsmb/cliquota.c
index 206576f..f369d28 100644
--- a/source/libsmb/cliquota.c
+++ b/source/libsmb/cliquota.c
@@ -150,7 +150,7 @@ bool cli_get_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC
SIVAL(params, 8,0x00000000);
SIVAL(params,12,0x00000024);
- sid_len = sid_size(&pqt->sid);
+ sid_len = ndr_size_dom_sid(&pqt->sid, 0);
data_len = sid_len+8;
SIVAL(data, 0, 0x00000000);
SIVAL(data, 4, sid_len);
@@ -213,7 +213,7 @@ bool cli_set_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC
SSVAL(params,0,quota_fnum);
- sid_len = sid_size(&pqt->sid);
+ sid_len = ndr_size_dom_sid(&pqt->sid, 0);
SIVAL(data,0,0);
SIVAL(data,4,sid_len);
SBIG_UINT(data, 8,(SMB_BIG_UINT)0);
diff --git a/source/libsmb/clisecdesc.c b/source/libsmb/clisecdesc.c
index 46a6609..adc6fba 100644
--- a/source/libsmb/clisecdesc.c
+++ b/source/libsmb/clisecdesc.c
@@ -28,9 +28,8 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli, int fnum,
char param[8];
char *rparam=NULL, *rdata=NULL;
unsigned int rparam_count=0, rdata_count=0;
- prs_struct pd;
- bool pd_initialized = False;
SEC_DESC *psd = NULL;
+ NTSTATUS status;
SIVAL(param, 0, fnum);
SIVAL(param, 4, 0x7);
@@ -56,15 +55,12 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli, int fnum,
if (cli_is_error(cli))
goto cleanup;
- if (!prs_init(&pd, rdata_count, mem_ctx, UNMARSHALL)) {
- goto cleanup;
- }
- pd_initialized = True;
- prs_copy_data_in(&pd, rdata, rdata_count);
- prs_set_offset(&pd,0);
+ status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
+ &psd);
- if (!sec_io_desc("sd data", &psd, &pd, 1)) {
- DEBUG(1,("Failed to parse secdesc\n"));
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
goto cleanup;
}
@@ -73,8 +69,6 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli, int fnum,
SAFE_FREE(rparam);
SAFE_FREE(rdata);
- if (pd_initialized)
- prs_mem_free(&pd);
return psd;
}
@@ -87,20 +81,16 @@ bool cli_set_secdesc(struct cli_state *cli, int fnum, SEC_DESC *sd)
char *rparam=NULL, *rdata=NULL;
unsigned int rparam_count=0, rdata_count=0;
uint32 sec_info = 0;
- TALLOC_CTX *mem_ctx;
- prs_struct pd;
+ TALLOC_CTX *frame = talloc_stackframe();
bool ret = False;
-
- if ((mem_ctx = talloc_init("cli_set_secdesc")) == NULL) {
- DEBUG(0,("talloc_init failed.\n"));
- goto cleanup;
- }
-
- prs_init(&pd, 0, mem_ctx, MARSHALL);
- prs_give_memory(&pd, NULL, 0, True);
-
- if (!sec_io_desc("sd data", &sd, &pd, 1)) {
- DEBUG(1,("Failed to marshall secdesc\n"));
+ uint8 *data;
+ size_t len;
+ NTSTATUS status;
+
+ status = marshall_sec_desc(talloc_tos(), sd, &data, &len);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("marshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
goto cleanup;
}
@@ -119,7 +109,7 @@ bool cli_set_secdesc(struct cli_state *cli, int fnum, SEC_DESC *sd)
0,
NULL, 0, 0,
param, 8, 0,
- prs_data_p(&pd), prs_offset(&pd), 0)) {
+ (char *)data, len, 0)) {
DEBUG(1,("Failed to send NT_TRANSACT_SET_SECURITY_DESC\n"));
goto cleanup;
}
@@ -139,8 +129,7 @@ bool cli_set_secdesc(struct cli_state *cli, int fnum, SEC_DESC *sd)
SAFE_FREE(rparam);
SAFE_FREE(rdata);
- talloc_destroy(mem_ctx);
+ TALLOC_FREE(frame);
- prs_mem_free(&pd);
return ret;
}
diff --git a/source/modules/nfs4_acls.c b/source/modules/nfs4_acls.c
index 70bb6a0..6d2972d 100644
--- a/source/modules/nfs4_acls.c
+++ b/source/modules/nfs4_acls.c
@@ -309,7 +309,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
}
DEBUG(10, ("smb_get_nt_acl_nfs4_common successfully exited with sd_size %d\n",
- sec_desc_size(*ppdesc)));
+ ndr_size_security_descriptor(*ppdesc, 0)));
return NT_STATUS_OK;
}
diff --git a/source/printing/nt_printing.c b/source/printing/nt_printing.c
index f83f898..f115fba 100644
--- a/source/printing/nt_printing.c
+++ b/source/printing/nt_printing.c
@@ -429,7 +429,8 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
/* store it back */
- sd_size = sec_desc_size(sd_store->sd) + sizeof(SEC_DESC_BUF);
+ sd_size = ndr_size_security_descriptor(sd_store->sd, 0)
+ + sizeof(SEC_DESC_BUF);
prs_init(&ps, sd_size, ctx, MARSHALL);
if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_store, &ps, 1 ) ) {
@@ -5389,8 +5390,9 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
/* Store the security descriptor in a tdb */
- prs_init(&ps, (uint32)sec_desc_size(new_secdesc_ctr->sd) +
- sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL);
+ prs_init(&ps,
+ (uint32)ndr_size_security_descriptor(new_secdesc_ctr->sd, 0)
+ + sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL);
if (!sec_io_desc_buf("nt_printing_setsec", &new_secdesc_ctr,
&ps, 1)) {
@@ -5534,7 +5536,7 @@ bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
/* Save default security descriptor for later */
- prs_init(&ps, (uint32)sec_desc_size((*secdesc_ctr)->sd) +
+ prs_init(&ps, (uint32)ndr_size_security_descriptor((*secdesc_ctr)->sd, 0) +
sizeof(SEC_DESC_BUF), ctx, MARSHALL);
if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) {
diff --git a/source/registry/reg_api.c b/source/registry/reg_api.c
index b3d024d..bc4508f 100644
--- a/source/registry/reg_api.c
+++ b/source/registry/reg_api.c
@@ -378,7 +378,7 @@ WERROR reg_queryinfokey(struct registry_key *key, uint32_t *num_subkeys,
return err;
}
- *secdescsize = sec_desc_size(secdesc);
+ *secdescsize = ndr_size_security_descriptor(secdesc, 0);
TALLOC_FREE(mem_ctx);
*last_changed_time = 0;
diff --git a/source/registry/regfio.c b/source/registry/regfio.c
index 22700e6..92077aa 100644
--- a/source/registry/regfio.c
+++ b/source/registry/regfio.c
@@ -1554,7 +1554,7 @@ static uint32 sk_record_data_size( SEC_DESC * sd )
/* the record size is sizeof(hdr) + name + static members + data_size_field */
- size = sizeof(uint32)*5 + sec_desc_size( sd ) + sizeof(uint32);
+ size = sizeof(uint32)*5 + ndr_size_security_descriptor(sd, 0) + sizeof(uint32);
/* multiple of 8 */
size_mod8 = size & 0xfffffff8;
@@ -1784,7 +1784,8 @@ static int hashrec_cmp( REGF_HASH_REC *h1, REGF_HASH_REC *h2 )
nk->sec_desc->ref_count = 0;
/* size value must be self-inclusive */
- nk->sec_desc->size = sec_desc_size(sec_desc) + sizeof(uint32);
+ nk->sec_desc->size = ndr_size_security_descriptor(sec_desc, 0)
+ + sizeof(uint32);
DLIST_ADD_END( file->sec_desc_list, nk->sec_desc, REGF_SK_REC *);
diff --git a/source/rpc_parse/parse_buffer.c b/source/rpc_parse/parse_buffer.c
index c30ad48..e98822d 100644
--- a/source/rpc_parse/parse_buffer.c
+++ b/source/rpc_parse/parse_buffer.c
@@ -435,7 +435,7 @@ bool smb_io_relsecdesc(const char *desc, RPC_BUFFER *buffer, int depth, SEC_DESC
}
if (*secdesc != NULL) {
- buffer->string_at_end -= sec_desc_size(*secdesc);
+ buffer->string_at_end -= ndr_size_security_descriptor(*secdesc, 0);
if(!prs_set_offset(ps, buffer->string_at_end))
return False;
diff --git a/source/rpc_parse/parse_sec.c b/source/rpc_parse/parse_sec.c
index 6198a78..6ea128d 100644
--- a/source/rpc_parse/parse_sec.c
+++ b/source/rpc_parse/parse_sec.c
@@ -291,14 +291,14 @@ bool sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
if (psd->owner_sid != NULL) {
off_owner_sid = offset;
- offset += sid_size(psd->owner_sid);
+ offset += ndr_size_dom_sid(psd->owner_sid, 0);
} else {
off_owner_sid = 0;
}
if (psd->group_sid != NULL) {
off_grp_sid = offset;
- offset += sid_size(psd->group_sid);
+ offset += ndr_size_dom_sid(psd->group_sid, 0);
} else {
off_grp_sid = 0;
}
@@ -426,7 +426,7 @@ bool sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int
if(!prs_uint32 ("ptr ", ps, depth, &ptr))
return False;
- len = sec_desc_size(psdb->sd);
+ len = ndr_size_security_descriptor(psdb->sd, 0);
if(!prs_uint32_pre("len ", ps, depth, &len, &off_len))
return False;
diff --git a/source/rpc_parse/parse_spoolss.c b/source/rpc_parse/parse_spoolss.c
--
Samba Shared Repository
More information about the samba-cvs
mailing list