1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/libcli
Douglas Bagnall 6a07d2fe44 libcli/security: separate out claim_v1_to_ace_composite_unchecked()
For SDDL Resource ACE conversions we don't want to check too much
claim validity so that a semi-invalid ACE can round-trip through
deserialisation and serialisation. This is because Windows allows it,
but also because if the check puts the values in a sorted order that
makes the round-trip less round (that is, the return string is
semantically the same but possibly different in byte order).

The validity we're talking about is mostly uniqueness. For example
`S:(RA;;;;;WD;("foo",TU,0,7,5,7))` has two 7s, and that would be
invalid as a claim, but this is not checked while in ACE form.

On the other hand `S:(RA;;;;;WD;("foo",TU,0,3,2))` is valid, but the
return string will have 3 and 2 reversed when the check is made. We
prefer the ACE to stay the same while it is just being an ACE.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-27 22:37:32 +00:00
..
auth libcli/auth: Remove unnecessary casts 2023-08-21 23:37:29 +00:00
cldap libcli: Don’t call memcpy() with a NULL pointer 2023-05-29 22:32:28 +00:00
dns libcli: Add missing newlines to logging messages 2023-08-08 04:39:36 +00:00
drsuapi libcli:drsuapi: Fix code spelling 2023-04-27 14:25:38 +00:00
echo s4: torture: Change torture_register_suite() to add a TALLOC_CTX *. 2017-05-05 15:52:11 +02:00
http libcli: Add missing newlines to logging messages 2023-08-08 04:39:36 +00:00
ldap libcli/util: add struct tstream_context to tstream_read_pdu_blob_full_fn_t 2023-10-25 22:23:38 +00:00
lsarpc libcli/lsarpc: add struct trustAuthInOutBlob; forward declaration 2014-04-02 09:03:42 +02:00
named_pipe_auth libcli/named_pipe_auth: let tstream_npa_existing_socket use tstream_bsd_fail_readv_first_error(true) 2023-10-24 09:36:38 +00:00
nbt Use python.h from libreplace 2023-11-20 15:37:33 +00:00
netlogon libcli: Covscan: unchecked return value for file_save() 2022-05-14 03:49:32 +00:00
registry
samsync smbdes: convert sam_rid_crypt() to use gnutls 2019-12-10 00:30:30 +00:00
security libcli/security: separate out claim_v1_to_ace_composite_unchecked() 2023-11-27 22:37:32 +00:00
smb Use python.h from libreplace 2023-11-20 15:37:33 +00:00
smbreadline libcli:smbreadline: Fix code spelling 2023-06-23 13:44:31 +00:00
tstream_binding_handle remove problematic include (seems to bring in conflicted definitions) 2023-10-25 22:23:38 +00:00
util libcli/util: add struct tstream_context to tstream_read_pdu_blob_full_fn_t 2023-10-25 22:23:38 +00:00
wsp libcli/wsp: Test AQS parser 2023-10-25 22:23:38 +00:00