mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
libcli:security: allow spaces after BAD:
In AD_DS_Classes_Windows_Server_v1903.ldf from https://www.microsoft.com/en-us/download/details.aspx?id=23782, we see defaultSecurityDescriptor: O:BAG:BAD: (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPLCLORC;;;AU) BUG: https://bugzilla.samba.org/show_bug.cgi?id=15685 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Thu Jul 25 06:27:27 UTC 2024 on atb-devel-224
This commit is contained in:
parent
97677b1588
commit
8903876f65
@ -814,6 +814,11 @@ static struct security_acl *sddl_decode_acl(struct security_descriptor *sd,
|
||||
return acl;
|
||||
}
|
||||
|
||||
/* Windows AD allows spaces here */
|
||||
while (*sddl == ' ') {
|
||||
sddl++;
|
||||
}
|
||||
|
||||
/* work out the ACL flags */
|
||||
if (!sddl_map_flags(acl_flags, sddl, flags, &len, true)) {
|
||||
*msg = talloc_strdup(sd, "bad ACL flags");
|
||||
|
@ -670,6 +670,11 @@ class SddlNonCanonical(SddlDecodeEncodeBase):
|
||||
("O:LAG:BAD:(A;;CCDCLCSWRPWPDTLOCR;;;WD)"))),
|
||||
|
||||
("D:(A;;FAGX;;;SY)", "D:(A;;0x201f01ff;;;SY)"),
|
||||
# whitespace before ACL string flags is ignored.
|
||||
("D: (A;;GA;;;LG)", "D:(A;;GA;;;LG)"),
|
||||
("D: AI(A;;GA;;;LG)", "D:AI(A;;GA;;;LG)"),
|
||||
("D: P(A;;GA;;;LG)", "D:P(A;;GA;;;LG)"),
|
||||
("D: S:","D:S:"),
|
||||
]
|
||||
|
||||
|
||||
@ -818,17 +823,12 @@ class SddlWindowsIsLessFussy(SddlDecodeEncodeBase):
|
||||
strings = [
|
||||
# whitespace is ignored, repaired on return
|
||||
("D:(A;;GA;;; LG)", "D:(A;;GA;;;LG)"),
|
||||
("D: (A;;GA;;;LG)", "D:(A;;GA;;;LG)"),
|
||||
# whitespace before ACL string flags is ignored.
|
||||
("D: AI(A;;GA;;;LG)", "D:AI(A;;GA;;;LG)"),
|
||||
# wrong case on type is ignored, fixed
|
||||
("D:(a;;GA;;;LG)", "D:(A;;GA;;;LG)"),
|
||||
("D:(A;;GA;;;lg)", "D:(A;;GA;;;LG)"),
|
||||
("D:(A;;ga;;;LG)", "D:(A;;GA;;;LG)"),
|
||||
("D: S:","D:S:"),
|
||||
|
||||
# whitespace around ACL flags
|
||||
("D: P(A;;GA;;;LG)", "D:P(A;;GA;;;LG)"),
|
||||
("D:P (A;;GA;;;LG)", "D:P(A;;GA;;;LG)"),
|
||||
|
||||
# whitespace between ACES
|
||||
|
Loading…
Reference in New Issue
Block a user