svn commit: samba r20798 - in branches/SAMBA_4_0/source/librpc/ndr: .

metze at samba.org metze at samba.org
Mon Jan 15 09:54:09 GMT 2007


Author: metze
Date: 2007-01-15 09:54:08 +0000 (Mon, 15 Jan 2007)
New Revision: 20798

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20798

Log:
fix ndr_size_security_ace() it should include the optional sub object
for ADS style ace's

metze
Modified:
   branches/SAMBA_4_0/source/librpc/ndr/ndr_sec_helper.c


Changeset:
Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_sec_helper.c
===================================================================
--- branches/SAMBA_4_0/source/librpc/ndr/ndr_sec_helper.c	2007-01-15 09:52:25 UTC (rev 20797)
+++ branches/SAMBA_4_0/source/librpc/ndr/ndr_sec_helper.c	2007-01-15 09:54:08 UTC (rev 20798)
@@ -54,11 +54,30 @@
 */
 size_t ndr_size_security_ace(const struct security_ace *ace, int flags)
 {
+	size_t ret;
+
 	if (!ace) return 0;
-	return 8 + ndr_size_dom_sid(&ace->trustee, flags);
+
+	ret = 8 + ndr_size_dom_sid(&ace->trustee, flags);
+
+	switch (ace->type) {
+	case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
+	case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
+	case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT:
+	case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT:
+		ret += 4; /* uint32 bitmap ace->object.object.flags */
+		if (ace->object.object.flags & SEC_ACE_OBJECT_TYPE_PRESENT) {
+			ret += 16; /* GUID ace->object.object.type.type */
+		}
+		if (ace->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) {
+			ret += 16; /* GUID ace->object.object.inherited_typeinherited_type */
+		}
+		break;
+	}
+
+	return ret;
 }
 
-
 /*
   return the wire size of a security_acl
 */



More information about the samba-cvs mailing list