[1/2] server: Add requests to set and retrieve default dacl.
Hans Leidekker
hans at codeweavers.com
Tue Apr 21 02:53:16 CDT 2009
Supersedes patch set named "[1/2] server: Add request to retrieve default dacl".
-Hans
diff --git a/server/protocol.def b/server/protocol.def
index 004f4c9..8ae653b 100644
--- a/server/protocol.def
+++ b/server/protocol.def
@@ -2896,6 +2896,18 @@ enum message_type
VARARG(user,token_groups); /* groups the token's user belongs to */
@END
+ at REQ(get_token_default_dacl)
+ obj_handle_t handle; /* handle to the token */
+ at REPLY
+ data_size_t acl_len; /* length needed to store access control list */
+ VARARG(acl,ACL); /* access control list */
+ at END
+
+ at REQ(set_token_default_dacl)
+ obj_handle_t handle; /* handle to the token */
+ VARARG(acl,ACL); /* default dacl to set */
+ at END
+
@REQ(set_security_object)
obj_handle_t handle; /* handle to the object */
unsigned int security_info; /* which parts of security descriptor to set */
diff --git a/server/token.c b/server/token.c
index 7352ec2..ce896ac 100644
--- a/server/token.c
+++ b/server/token.c
@@ -1344,3 +1344,49 @@ DECL_HANDLER(get_token_statistics)
release_object( token );
}
}
+
+DECL_HANDLER(get_token_default_dacl)
+{
+ struct token *token;
+
+ reply->acl_len = 0;
+
+ if ((token = (struct token *)get_handle_obj( current->process, req->handle,
+ TOKEN_QUERY,
+ &token_ops )))
+ {
+ if (token->default_dacl)
+ reply->acl_len = token->default_dacl->AclSize;
+
+ if (reply->acl_len <= get_reply_max_size())
+ {
+ ACL *acl_reply = set_reply_data_size( reply->acl_len );
+ if (acl_reply)
+ memcpy( acl_reply, token->default_dacl, reply->acl_len );
+ }
+ else set_error( STATUS_BUFFER_TOO_SMALL );
+
+ release_object( token );
+ }
+}
+
+DECL_HANDLER(set_token_default_dacl)
+{
+ struct token *token;
+
+ if ((token = (struct token *)get_handle_obj( current->process, req->handle,
+ TOKEN_ADJUST_DEFAULT,
+ &token_ops )))
+ {
+ const ACL *acl = get_req_data();
+ unsigned int acl_size = get_req_data_size();
+
+ free( token->default_dacl );
+ token->default_dacl = NULL;
+
+ if (acl_size)
+ token->default_dacl = memdup( acl, acl_size );
+
+ release_object( token );
+ }
+}
diff --git a/server/trace.c b/server/trace.c
index 4a7bfa5..6781ef7 100644
--- a/server/trace.c
+++ b/server/trace.c
@@ -907,6 +907,13 @@ static void dump_inline_acl( const char *prefix, const ACL *acl, data_size_t siz
fputc( '}', stderr );
}
+static void dump_varargs_ACL( const char *prefix, data_size_t size )
+{
+ const ACL *acl = cur_data;
+ dump_inline_acl( prefix, acl, size );
+ remove_data( size );
+}
+
static void dump_inline_security_descriptor( const char *prefix, const struct security_descriptor *sd, data_size_t size )
{
fprintf( stderr,"%s{", prefix );
@@ -3461,6 +3468,23 @@ static void dump_get_token_groups_reply( const struct get_token_groups_reply *re
dump_varargs_token_groups( ", user=", cur_size );
}
+static void dump_get_token_default_dacl_request( const struct get_token_default_dacl_request *req )
+{
+ fprintf( stderr, " handle=%04x", req->handle );
+}
+
+static void dump_get_token_default_dacl_reply( const struct get_token_default_dacl_reply *req )
+{
+ fprintf( stderr, " acl_len=%u", req->acl_len );
+ dump_varargs_ACL( ", acl=", cur_size );
+}
+
+static void dump_set_token_default_dacl_request( const struct set_token_default_dacl_request *req )
+{
+ fprintf( stderr, " handle=%04x", req->handle );
+ dump_varargs_ACL( ", acl=", cur_size );
+}
+
static void dump_set_security_object_request( const struct set_security_object_request *req )
{
fprintf( stderr, " handle=%04x", req->handle );
@@ -3995,6 +4019,8 @@ static const dump_func req_dumpers[REQ_NB_REQUESTS] = {
(dump_func)dump_access_check_request,
(dump_func)dump_get_token_user_request,
(dump_func)dump_get_token_groups_request,
+ (dump_func)dump_get_token_default_dacl_request,
+ (dump_func)dump_set_token_default_dacl_request,
(dump_func)dump_set_security_object_request,
(dump_func)dump_get_security_object_request,
(dump_func)dump_create_mailslot_request,
@@ -4234,6 +4260,8 @@ static const dump_func reply_dumpers[REQ_NB_REQUESTS] = {
(dump_func)dump_access_check_reply,
(dump_func)dump_get_token_user_reply,
(dump_func)dump_get_token_groups_reply,
+ (dump_func)dump_get_token_default_dacl_reply,
+ NULL,
NULL,
(dump_func)dump_get_security_object_reply,
(dump_func)dump_create_mailslot_reply,
@@ -4473,6 +4501,8 @@ static const char * const req_names[REQ_NB_REQUESTS] = {
"access_check",
"get_token_user",
"get_token_groups",
+ "get_token_default_dacl",
+ "set_token_default_dacl",
"set_security_object",
"get_security_object",
"create_mailslot",
More information about the wine-patches
mailing list