reverted jeremy's c++-like security descriptor modifications as the

simplest method to get rpcclient's reggetsec command working.  the
buffers passed as arguments in do_reg_get_key_sec() do need to be
locally allocated not dynamically allocated, as two calls to
reg_get_key_sec() are needed.  on the first, the server fills in the
size of the security descriptor buffer needed.  on the second, the
server fills in the security descriptor buffer.
(This used to be commit b2d9cbef6f65bb696df8d8f49aa0c240e0bb1f50)

diff --git a/source3/include/proto.h b/source3/include/proto.h
index a09aa39ed2467581373ae1fb594b7d1a776efb1d..e64865b85c26653cc0f4c01da3b24b5d36bba7a2 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -535,7 +535,6 @@ void sid_copy(DOM_SID *sid1, const DOM_SID *sid2);
 BOOL sid_front_equal(const DOM_SID *sid1, const DOM_SID *sid2);
 BOOL sid_equal(const DOM_SID *sid1, const DOM_SID *sid2);
 int sid_size(const DOM_SID *sid);
-DOM_SID *sid_dup(DOM_SID *src);
 
 /*The following definitions come from  lib/util_sock.c  */
 
@@ -1796,10 +1795,9 @@ BOOL do_reg_unknown_1a(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, uint
 BOOL do_reg_query_info(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
                                char *type, uint32 *unk_0, uint32 *unk_1);
 BOOL do_reg_set_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
-                               SEC_DESC_BUF *sec_buf);
+                               uint32 sec_buf_size, SEC_DESC *sec_buf);
 BOOL do_reg_get_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
-                               uint32 *sec_buf_size,
-                               SEC_DESC_BUF **ppsec_desc_buf);
+                               uint32 *sec_buf_size, SEC_DESC_BUF *sec_buf);
 BOOL do_reg_delete_val(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, char *val_name);
 BOOL do_reg_delete_key(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, char *key_name);
 BOOL do_reg_create_key(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
@@ -2105,7 +2103,7 @@ void smb_io_lookup_level(char *desc, LOOKUP_LEVEL *level, prs_struct *ps, int de
 uint32 get_enum_hnd(ENUM_HND *enh);
 void make_enum_hnd(ENUM_HND *enh, uint32 hnd);
 void smb_io_enum_hnd(char *desc,  ENUM_HND *hnd, prs_struct *ps, int depth);
-BOOL smb_io_dom_sid(char *desc,  DOM_SID *sid, prs_struct *ps, int depth);
+void smb_io_dom_sid(char *desc,  DOM_SID *sid, prs_struct *ps, int depth);
 void make_dom_sid2(DOM_SID2 *sid2, DOM_SID *sid);
 void smb_io_dom_sid2(char *desc,  DOM_SID2 *sid, prs_struct *ps, int depth);
 void make_str_hdr(STRHDR *hdr, int max_len, int len, uint32 buffer);
@@ -2300,7 +2298,8 @@ void reg_io_r_flush_key(char *desc,  REG_R_FLUSH_KEY *r_r, prs_struct *ps, int d
 void make_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd,
                                char *name, char *class,
                                SEC_ACCESS *sam_access,
-                               SEC_DESC_BUF *sec_buf);
+                               SEC_DESC_BUF *sec_buf,
+                               int sec_len, SEC_DESC *sec);
 void reg_io_q_create_key(char *desc,  REG_Q_CREATE_KEY *r_q, prs_struct *ps, int depth);
 void reg_io_r_create_key(char *desc,  REG_R_CREATE_KEY *r_r, prs_struct *ps, int depth);
 void make_reg_q_delete_val(REG_Q_DELETE_VALUE *q_c, POLICY_HND *hnd,
@@ -2326,11 +2325,11 @@ void make_reg_q_close(REG_Q_CLOSE *q_c, POLICY_HND *hnd);
 void reg_io_q_close(char *desc,  REG_Q_CLOSE *q_u, prs_struct *ps, int depth);
 void reg_io_r_close(char *desc,  REG_R_CLOSE *r_u, prs_struct *ps, int depth);
 void make_reg_q_set_key_sec(REG_Q_SET_KEY_SEC *q_i, POLICY_HND *pol,
-                               SEC_DESC_BUF *sec_desc_buf);
+                               uint32 buf_len, SEC_DESC *sec_desc);
 void reg_io_q_set_key_sec(char *desc,  REG_Q_SET_KEY_SEC *r_q, prs_struct *ps, int depth);
 void reg_io_r_set_key_sec(char *desc, REG_R_SET_KEY_SEC *r_q, prs_struct *ps, int depth);
 void make_reg_q_get_key_sec(REG_Q_GET_KEY_SEC *q_i, POLICY_HND *pol, 
-                               uint32 sec_buf_size, SEC_DESC_BUF *psdb);
+                               uint32 buf_len, SEC_DESC_BUF *sec_buf);
 void reg_io_q_get_key_sec(char *desc,  REG_Q_GET_KEY_SEC *r_q, prs_struct *ps, int depth);
 void reg_io_r_get_key_sec(char *desc,  REG_R_GET_KEY_SEC *r_q, prs_struct *ps, int depth);
 void make_reg_q_info(REG_Q_INFO *q_i, POLICY_HND *pol, char *product_type,
@@ -2757,25 +2756,20 @@ void samr_io_r_chgpasswd_user(char *desc, SAMR_R_CHGPASSWD_USER *r_u, prs_struct
 
 /*The following definitions come from  rpc_parse/parse_sec.c  */
 
-void init_sec_access(SEC_ACCESS *t, uint32 mask);
-BOOL sec_io_access(char *desc, SEC_ACCESS *t, prs_struct *ps, int depth);
-void init_sec_ace(SEC_ACE *t, DOM_SID *sid, uint8 type, SEC_ACCESS mask,
-                               uint8 flag);
-BOOL sec_io_ace(char *desc, SEC_ACE *psa, prs_struct *ps, int depth);
-void free_sec_acl(SEC_ACL **ppsa);
-BOOL sec_io_acl(char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth);
-SEC_DESC *make_sec_desc(uint16 revision, uint16 type,
+void make_sec_access(SEC_ACCESS *t, uint32 mask);
+void sec_io_access(char *desc, SEC_ACCESS *t, prs_struct *ps, int depth);
+void make_sec_ace(SEC_ACE *t, DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag);
+void sec_io_ace(char *desc, SEC_ACE *t, prs_struct *ps, int depth);
+void make_sec_acl(SEC_ACL *t, uint16 revision, int num_aces, SEC_ACE *ace);
+void free_sec_acl(SEC_ACL *t);
+void sec_io_acl(char *desc, SEC_ACL *t, prs_struct *ps, int depth);
+int make_sec_desc(SEC_DESC *t, uint16 revision, uint16 type,
                        DOM_SID *owner_sid, DOM_SID *grp_sid,
-                       SEC_ACL *sacl, SEC_ACL *dacl, size_t *sec_desc_size);
-SEC_DESC *dup_sec_desc( SEC_DESC *src);
-void free_sec_desc(SEC_DESC **ppsd);
-SEC_DESC *make_standard_sec_desc(DOM_SID *owner_sid, DOM_SID *grp_sid,
-                                SEC_ACL *dacl, size_t *sec_desc_size);
-BOOL sec_io_desc(char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth);
-SEC_DESC_BUF *make_sec_desc_buf(int len, SEC_DESC *sec_desc);
-SEC_DESC_BUF *dup_sec_desc_buf(SEC_DESC_BUF *src);
-void free_sec_desc_buf(SEC_DESC_BUF **ppsdb);
-BOOL sec_io_desc_buf(char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int depth);
+                               SEC_ACL *sacl, SEC_ACL *dacl);
+void free_sec_desc(SEC_DESC *t);
+void make_sec_desc_buf(SEC_DESC_BUF *buf, int len, SEC_DESC *data);
+void free_sec_desc_buf(SEC_DESC_BUF *buf);
+void sec_io_desc_buf(char *desc, SEC_DESC_BUF *sec, prs_struct *ps, int depth);
 
 /*The following definitions come from  rpc_parse/parse_spoolss.c  */
 

diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index c2166c9a09f030274a883601c7556d7386557b4f..8a86fc98330873eee4366fdadde4e18ae41044c9 100644 (file)
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -97,7 +97,8 @@ typedef struct security_acl_info
        uint16 revision; /* 0x0002 */
        uint16 size; /* size in bytes of the entire ACL structure */
        uint32 num_aces; /* number of Access Control Entries */
-       SEC_ACE *ace_list;
+
+       SEC_ACE *ace;
 
 } SEC_ACL;
 

diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 77997df1e68da60b829cf7a7251aeedbf1a4beb4..dce398f36f14e399a8c64951470c878fff5618fa 100644 (file)
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -225,23 +225,3 @@ int sid_size(const DOM_SID *sid)
        }
        return sid->num_auths * sizeof(uint32) + 8;
 }
-
-
-/*****************************************************************
- Duplicates a sid - mallocs the target.
-*****************************************************************/
-
-DOM_SID *sid_dup(DOM_SID *src)
-{
-  DOM_SID *dst;
-
-  if(!src)
-    return NULL;
-
-  if((dst = malloc(sizeof(DOM_SID))) != NULL) {
-       memset(dst, '\0', sizeof(DOM_SID));
-       sid_copy( dst, src);
-  }
-
-  return dst;
-}

diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c
index c467d8abaa8383b72ffb3f1b8742d622a5f69163..89284e9743916d9d436164d49883ceef817d6f87 100644 (file)
--- a/source3/rpc_client/cli_reg.c
+++ b/source3/rpc_client/cli_reg.c
@@ -442,7 +442,7 @@ BOOL do_reg_query_info(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
 do a REG Set Key Security 
 ****************************************************************************/
 BOOL do_reg_set_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
-                               SEC_DESC_BUF *sec_buf)
+                               uint32 sec_buf_size, SEC_DESC *sec_buf)
 {
        prs_struct rbuf;
        prs_struct buf; 
@@ -458,7 +458,7 @@ BOOL do_reg_set_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
 
        DEBUG(4,("REG Set Key security.\n"));
 
-       make_reg_q_set_key_sec(&q_o, hnd, sec_buf);
+       make_reg_q_set_key_sec(&q_o, hnd, sec_buf_size, sec_buf);
 
        /* turn parameters into data stream */
        reg_io_q_set_key_sec("", &q_o, &buf, 0);
@@ -491,8 +491,7 @@ BOOL do_reg_set_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
 do a REG Query Key Security 
 ****************************************************************************/
 BOOL do_reg_get_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
-                               uint32 *sec_buf_size,
-                               SEC_DESC_BUF **ppsec_desc_buf)
+                               uint32 *sec_buf_size, SEC_DESC_BUF *sec_buf)
 {
        prs_struct rbuf;
        prs_struct buf; 
@@ -508,7 +507,7 @@ BOOL do_reg_get_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
 
        DEBUG(4,("REG query key security.  buf_size: %d\n", *sec_buf_size));
 
-       make_reg_q_get_key_sec(&q_o, hnd, *sec_buf_size, NULL);
+       make_reg_q_get_key_sec(&q_o, hnd, *sec_buf_size, sec_buf);
 
        /* turn parameters into data stream */
        reg_io_q_get_key_sec("", &q_o, &buf, 0);
@@ -521,6 +520,11 @@ BOOL do_reg_get_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
 
                ZERO_STRUCT(r_o);
 
+               r_o.data = sec_buf;
+               if (*sec_buf_size != 0)
+               {
+                       sec_buf->sec = (SEC_DESC*)malloc(*sec_buf_size);
+               }
                reg_io_r_get_key_sec("", &r_o, &rbuf, 0);
                p = rbuf.offset != 0;
 
@@ -543,7 +547,6 @@ BOOL do_reg_get_key_sec(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
                {
                        valid_query = True;
                        (*sec_buf_size) = r_o.data->len;
-                       *ppsec_desc_buf = r_o.data;
                }
        }
 
@@ -673,9 +676,9 @@ BOOL do_reg_create_key(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
        prs_struct buf; 
        REG_Q_CREATE_KEY q_o;
        BOOL valid_create = False;
-       SEC_DESC *sec;
-       SEC_DESC_BUF *sec_buf;
-       size_t sec_len;
+       SEC_DESC sec;
+       SEC_DESC_BUF sec_buf;
+       int sec_len;
 
        ZERO_STRUCT(sec);
        ZERO_STRUCT(sec_buf);
@@ -691,27 +694,13 @@ BOOL do_reg_create_key(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
        DEBUG(4,("REG Create Key: %s %s 0x%08x\n", key_name, key_class,
                sam_access != NULL ? sam_access->mask : 0));
 
-       sec = make_sec_desc(1, SEC_DESC_SELF_RELATIVE,
-                           NULL, NULL, NULL, NULL, &sec_len);
-       if (sec == NULL)
-       {
-               DEBUG(0,("make_sec_desc : malloc fail.\n"));
-               return False;
-       }
+       sec_len = make_sec_desc(&sec, 1, SEC_DESC_SELF_RELATIVE,
+                               NULL, NULL, NULL, NULL);
 
        DEBUG(10,("make_sec_desc: len = %d\n", sec_len));
 
-       sec_buf = make_sec_desc_buf( (int)sec_len, sec);
-       if (sec_buf == NULL)
-       {
-               DEBUG(0,("make_sec_desc : malloc fail (1)\n"));
-               free_sec_desc(&sec);
-               return False;
-       }
-       free_sec_desc(&sec);
-
        make_reg_q_create_key(&q_o, hnd, key_name, key_class, sam_access,
-                             sec_buf);
+                             &sec_buf, sec_len, &sec);
 
        /* turn parameters into data stream */
        reg_io_q_create_key("", &q_o, &buf, 0);
@@ -741,7 +730,7 @@ BOOL do_reg_create_key(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd,
                }
        }
 
-       free_sec_desc_buf(&sec_buf);
+       free_sec_desc(&sec);
 
        prs_mem_free(&rbuf);
        prs_mem_free(&buf );

diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index 4927886fc804129994c57570c59d8e121e505bd6..4bc44f20388d54d87ebd5bfbd5ec3f5a19a5d000 100644 (file)
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -133,11 +133,11 @@ void smb_io_enum_hnd(char *desc,  ENUM_HND *hnd, prs_struct *ps, int depth)
 /*******************************************************************
 reads or writes a DOM_SID structure.
 ********************************************************************/
-BOOL smb_io_dom_sid(char *desc,  DOM_SID *sid, prs_struct *ps, int depth)
+void smb_io_dom_sid(char *desc,  DOM_SID *sid, prs_struct *ps, int depth)
 {
        int i;
 
-       if (sid == NULL) return False;
+       if (sid == NULL) return;
 
        prs_debug(ps, depth, desc, "smb_io_dom_sid");
        depth++;
@@ -158,8 +158,6 @@ BOOL smb_io_dom_sid(char *desc,  DOM_SID *sid, prs_struct *ps, int depth)
        if (sid->num_auths > MAXSUBAUTHS) sid->num_auths = MAXSUBAUTHS;
 
        prs_uint32s(False, "sub_auths ", ps, depth, sid->sub_auths, sid->num_auths);
-
-       return True;
 }
 
 /*******************************************************************
@@ -167,7 +165,7 @@ creates a DOM_SID2 structure.
 ********************************************************************/
 void make_dom_sid2(DOM_SID2 *sid2, DOM_SID *sid)
 {
-        sid2->sid = *sid;
+        sid_copy(&sid2->sid, sid);
        sid2->num_auths = sid2->sid.num_auths;
 }
 

diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c
index b97fe3958b335bc47c139adc11700139d6ed19d8..47e1ae3af256da1717d165f3e5b076a1b1918f72 100644 (file)
--- a/source3/rpc_parse/parse_reg.c
+++ b/source3/rpc_parse/parse_reg.c
@@ -135,8 +135,7 @@ static void reg_io_hdrbuf_sec(uint32 ptr, uint32 *ptr3, BUFHDR *hdr_sec, SEC_DES
                }
                if (ptr3 == NULL || *ptr3 != 0)
                {
-                       /* JRA - this line is probably wrong... */
-                       sec_io_desc_buf("data   ", &data   , ps, depth);
+                       sec_io_desc_buf("data   ", data   , ps, depth);
                }
                smb_io_hdrbuf_post("hdr_sec", hdr_sec, ps, depth, hdr_offset,
                                   data->max_len, data->len);
@@ -152,7 +151,8 @@ creates a structure.
 void make_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd,
                                char *name, char *class,
                                SEC_ACCESS *sam_access,
-                               SEC_DESC_BUF *sec_buf)
+                               SEC_DESC_BUF *sec_buf,
+                               int sec_len, SEC_DESC *sec)
 {
        int len_name  = name  != NULL ? strlen(name ) + 1: 0;
        int len_class = class != NULL ? strlen(class) + 1: 0;
@@ -175,8 +175,9 @@ void make_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd,
 
        q_c->data = sec_buf;
        q_c->ptr2 = 1;
-       make_buf_hdr(&(q_c->hdr_sec), sec_buf->len, sec_buf->len);
+       make_buf_hdr(&(q_c->hdr_sec), sec_len, sec_len);
        q_c->ptr3 = 1;
+       make_sec_desc_buf(q_c->data, sec_len, sec);
 
        q_c->unknown_2 = 0x00000000;
 }
@@ -548,7 +549,7 @@ void reg_io_r_close(char *desc,  REG_R_CLOSE *r_u, prs_struct *ps, int depth)
 makes a structure.
 ********************************************************************/
 void make_reg_q_set_key_sec(REG_Q_SET_KEY_SEC *q_i, POLICY_HND *pol,
-                               SEC_DESC_BUF *sec_desc_buf)
+                               uint32 buf_len, SEC_DESC *sec_desc)
 {
        if (q_i == NULL) return;
 
@@ -557,8 +558,8 @@ void make_reg_q_set_key_sec(REG_Q_SET_KEY_SEC *q_i, POLICY_HND *pol,
        q_i->sec_info = DACL_SECURITY_INFORMATION;
 
        q_i->ptr = 1;
-       make_buf_hdr(&(q_i->hdr_sec), sec_desc_buf->len, sec_desc_buf->len);
-       q_i->data = sec_desc_buf;
+       make_buf_hdr(&(q_i->hdr_sec), buf_len, buf_len);
+       make_sec_desc_buf(q_i->data, buf_len, sec_desc);
 }
 
 /*******************************************************************
@@ -601,7 +602,7 @@ void reg_io_r_set_key_sec(char *desc, REG_R_SET_KEY_SEC *r_q, prs_struct *ps, in
 makes a structure.
 ********************************************************************/
 void make_reg_q_get_key_sec(REG_Q_GET_KEY_SEC *q_i, POLICY_HND *pol, 
-                               uint32 sec_buf_size, SEC_DESC_BUF *psdb)
+                               uint32 buf_len, SEC_DESC_BUF *sec_buf)
 {
        if (q_i == NULL) return;
 
@@ -611,10 +612,14 @@ void make_reg_q_get_key_sec(REG_Q_GET_KEY_SEC *q_i, POLICY_HND *pol,
                        GROUP_SECURITY_INFORMATION |
                        DACL_SECURITY_INFORMATION;
 
-       q_i->ptr = psdb != NULL ? 1 : 0;
-       q_i->data = psdb;
+       q_i->ptr = sec_buf != NULL ? 1 : 0;
+       q_i->data = sec_buf;
 
-       make_buf_hdr(&(q_i->hdr_sec), sec_buf_size, 0);
+       if (sec_buf != NULL)
+       {
+               make_buf_hdr(&(q_i->hdr_sec), buf_len, 0);
+               make_sec_desc_buf(q_i->data, buf_len, NULL);
+       }
 }
 
 /*******************************************************************
@@ -671,7 +676,8 @@ void reg_io_r_get_key_sec(char *desc,  REG_R_GET_KEY_SEC *r_q, prs_struct *ps, i
 
        if (r_q->ptr != 0)
        {
-               sec_io_desc_buf("", &r_q->data, ps, depth);
+               smb_io_hdrbuf("", &(r_q->hdr_sec), ps, depth);
+               sec_io_desc_buf("", r_q->data, ps, depth);
 
                prs_align(ps);
        }

diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c
index 886b3f334af4618f5580937e422b907d4383bbcc..2840070edce0f2e6328764161f989c62b395fcca 100644 (file)
--- a/source3/rpc_parse/parse_sec.c
+++ b/source3/rpc_parse/parse_sec.c
@@ -2,10 +2,10 @@
  *  Unix SMB/Netbios implementation.
  *  Version 1.9.
  *  RPC Pipe client / server routines
- *  Copyright (C) Andrew Tridgell              1992-1999,
- *  Copyright (C) Jeremy R. Allison            1995-1999
- *  Copyright (C) Luke Kenneth Casson Leighton 1996-1999,
- *  Copyright (C) Paul Ashton                  1997-1999.
+ *  Copyright (C) Andrew Tridgell              1992-1998,
+ *  Copyright (C) Jeremy R. Allison            1995-1998
+ *  Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
+ *  Copyright (C) Paul Ashton                  1997-1998.
  *  
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -29,24 +29,19 @@ extern int DEBUGLEVEL;
 
 
 /*******************************************************************
- Sets up a SEC_ACCESS structure.
+makes a structure.
 ********************************************************************/
-
-void init_sec_access(SEC_ACCESS *t, uint32 mask)
+void make_sec_access(SEC_ACCESS *t, uint32 mask)
 {
        t->mask = mask;
 }
 
 /*******************************************************************
- Reads or writes a SEC_ACCESS structure.
+reads or writes a structure.
 ********************************************************************/
-
-BOOL sec_io_access(char *desc, SEC_ACCESS *t, prs_struct *ps, int depth)
-{
-       if (t == NULL)
+void sec_io_access(char *desc, SEC_ACCESS *t, prs_struct *ps, int depth)
        {
-               return False;
-       }
+       if (t == NULL) return;
 
        prs_debug(ps, depth, desc, "sec_io_access");
        depth++;
@@ -54,39 +49,30 @@ BOOL sec_io_access(char *desc, SEC_ACCESS *t, prs_struct *ps, int depth)
        prs_align(ps);
        
        prs_uint32("mask", ps, depth, &(t->mask));
-       return True;
 }
 
 
 /*******************************************************************
- Sets up a SEC_ACE structure.
+makes a structure.
 ********************************************************************/
-
-void init_sec_ace(SEC_ACE *t, DOM_SID *sid, uint8 type, SEC_ACCESS mask,
-                               uint8 flag)
+void make_sec_ace(SEC_ACE *t, DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag)
 {
        t->type = type;
        t->flags = flag;
        t->size = sid_size(sid) + 8;
        t->info = mask;
 
-       ZERO_STRUCTP(&t->sid);
        sid_copy(&t->sid, sid);
 }
 
 /*******************************************************************
- Reads or writes a SEC_ACE structure.
+reads or writes a structure.
 ********************************************************************/
-
-BOOL sec_io_ace(char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
+void sec_io_ace(char *desc, SEC_ACE *t, prs_struct *ps, int depth)
 {
        uint32 old_offset;
        uint32 offset_ace_size;
-
-       if (psa == NULL)
-       {
-               return False;
-       }
+       if (t == NULL) return;
 
        prs_debug(ps, depth, desc, "sec_io_ace");
        depth++;
@@ -95,132 +81,58 @@ BOOL sec_io_ace(char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
        
        old_offset = ps->offset;
 
-       prs_uint8     ("type ", ps, depth, &psa->type);
-       prs_uint8     ("flags", ps, depth, &psa->flags);
-       prs_uint16_pre("size ", ps, depth, &psa->size, &offset_ace_size);
-
-       if (!sec_io_access("info ", &psa->info, ps, depth))
-       {
-               return False;
-       }
+       prs_uint8     ("type ", ps, depth, &(t->type));
+       prs_uint8     ("flags", ps, depth, &(t->flags));
+       prs_uint16_pre("size ", ps, depth, &(t->size ), &offset_ace_size);
 
+       sec_io_access   ("info ", &t->info, ps, depth);
        prs_align(ps);
-       if (!smb_io_dom_sid("sid  ", &psa->sid , ps, depth))
-       {
-               return False;
-       }
-
+       smb_io_dom_sid("sid  ", &t->sid , ps, depth);
 
-       prs_uint16_post("size ", ps, depth, &psa->size, offset_ace_size, old_offset);
-       return True;
+       prs_uint16_post("size ", ps, depth, &t->size, offset_ace_size, old_offset);
 }
 
 /*******************************************************************
- Create a SEC_ACL structure.  
+makes a structure.  
 ********************************************************************/
-
-SEC_ACL *make_sec_acl(uint16 revision, int num_aces, SEC_ACE *ace_list)
+void make_sec_acl(SEC_ACL *t, uint16 revision, int num_aces, SEC_ACE *ace)
 {
-       SEC_ACL *dst;
        int i;
-
-       dst = (SEC_ACL *)malloc(sizeof(SEC_ACL));
-       if (dst == NULL)
-       {
-               return NULL;
-       }
-
-       ZERO_STRUCTP(dst);
-
-       dst->revision = revision;
-       dst->num_aces = num_aces;
-       dst->size = 4;
-
-       if ((dst->ace_list = (SEC_ACE *)malloc( sizeof(SEC_ACE) * num_aces )) == NULL) {
-               free_sec_acl(&dst);
-               return NULL;
-       }
+       t->revision = revision;
+       t->num_aces = num_aces;
+       t->size = 4;
+       t->ace = ace;
 
        for (i = 0; i < num_aces; i++)
        {
-               dst->ace_list[i] = ace_list[i]; /* Structure copy. */
-               dst->size += ace_list[i].size;
-       }
-
-       return dst;
-}
-
-/*******************************************************************
- Duplicate a SEC_ACL structure.  
-********************************************************************/
-
-SEC_ACL *dup_sec_acl( SEC_ACL *src)
-{
-       if (src == NULL)
-       {
-               return NULL;
+               t->size += ace[i].size;
        }
-
-       return make_sec_acl( src->revision, src->num_aces, src->ace_list);
 }
 
 /*******************************************************************
- Delete a SEC_ACL structure.  
+frees a structure.  
 ********************************************************************/
-
-void free_sec_acl(SEC_ACL **ppsa)
+void free_sec_acl(SEC_ACL *t)
 {
-       SEC_ACL *psa;
-
-       if (ppsa == NULL || *ppsa == NULL)
+       if (t->ace != NULL)
        {
-               return;
+               free(t->ace);
        }
-
-       psa = *ppsa;
-       if (psa->ace_list != NULL)
-       {
-               free(psa->ace_list);
-       }
-
-       free(psa);
-       *ppsa = NULL;
 }
 
 /*******************************************************************
- Reads or writes a SEC_ACL structure.  
+reads or writes a structure.  
 
- First of the xx_io_xx functions that allocates its data structures
+first of the xx_io_xx functions that allocates its data structures
  for you as it reads them.
 ********************************************************************/
-
-BOOL sec_io_acl(char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth)
+void sec_io_acl(char *desc, SEC_ACL *t, prs_struct *ps, int depth)
 {
        int i;
        uint32 old_offset;
        uint32 offset_acl_size;
-       SEC_ACL *psa;
-
-       if (ppsa == NULL)
-       {
-               return False;
-       }
-
-       psa = *ppsa;
 
-       if (ps->io && psa == NULL)
-       {
-               /*
-                * This is a read and we must allocate the stuct to read into.
-                */
-               psa = (SEC_ACL *)malloc(sizeof(SEC_ACL));
-               if (psa == NULL)
-               {
-                       return False;
-               }
-               ZERO_STRUCTP(psa);
-               *ppsa = psa;
-       }
+       if (t == NULL) return;
 
        prs_debug(ps, depth, desc, "sec_io_acl");
        depth++;
@@ -229,216 +141,147 @@ BOOL sec_io_acl(char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth)
        
        old_offset = ps->offset;
 
-       prs_uint16("revision", ps, depth, &psa->revision);
-       prs_uint16_pre("size     ", ps, depth, &psa->size, &offset_acl_size);
-       prs_uint32("num_aces ", ps, depth, &psa->num_aces);
+       prs_uint16("revision", ps, depth, &(t->revision));
+       prs_uint16_pre("size     ", ps, depth, &(t->size     ), &offset_acl_size);
+       prs_uint32("num_aces ", ps, depth, &(t->num_aces ));
 
-       if (ps->io && psa->num_aces != 0)
+       if (ps->io && t->num_aces != 0)
        {
                /* reading */
-               psa->ace_list = malloc(sizeof(psa->ace_list[0]) * psa->num_aces);
-               if (psa->ace_list == NULL)
-               {
-                       return False;
+               t->ace = malloc(sizeof(t->ace[0]) * t->num_aces);
+               ZERO_STRUCTP(t->ace);
                }
-               ZERO_STRUCTP(psa->ace_list);
+
+       if (t->ace == NULL && t->num_aces != 0)
+       {
+               DEBUG(0,("INVALID ACL\n"));
+               ps->offset = 0xfffffffe;
+               return;
        }
 
-       for (i = 0; i < MIN(psa->num_aces, MAX_SEC_ACES); i++)
+       for (i = 0; i < MIN(t->num_aces, MAX_SEC_ACES); i++)
        {
                fstring tmp;
-               slprintf(tmp, sizeof(tmp)-1, "ace_list[%02d]: ", i);
-               if (!sec_io_ace(tmp, &psa->ace_list[i], ps, depth))
-               {
-                       return False;
-               }
+               slprintf(tmp, sizeof(tmp)-1, "ace[%02d]: ", i);
+               sec_io_ace(tmp, &t->ace[i], ps, depth);
        }
 
        prs_align(ps);
 
-       prs_uint16_post("size     ", ps, depth, &psa->size, offset_acl_size, old_offset);
-
-       return True;
+       prs_uint16_post("size     ", ps, depth, &t->size    , offset_acl_size, old_offset);
 }
 
 
 /*******************************************************************
- Creates a SEC_DESC structure
+makes a structure
 ********************************************************************/
-
-SEC_DESC *make_sec_desc(uint16 revision, uint16 type,
+int make_sec_desc(SEC_DESC *t, uint16 revision, uint16 type,
                        DOM_SID *owner_sid, DOM_SID *grp_sid,
-                       SEC_ACL *sacl, SEC_ACL *dacl, size_t *sec_desc_size)
+                               SEC_ACL *sacl, SEC_ACL *dacl)
 {
-       SEC_DESC *dst;
        uint32 offset;
 
-       *sec_desc_size = 0;
-
-       dst = (SEC_DESC *)malloc(sizeof(SEC_DESC));
-
-       if (dst == NULL)
-       {
-               return NULL;
-       }
-
-       ZERO_STRUCTP(dst);
-
-       dst->revision = revision;
-       dst->type     = type;
-
-       dst->off_owner_sid = 0;
-       dst->off_grp_sid   = 0;
-       dst->off_sacl      = 0;
-       dst->off_dacl      = 0;
-
-       /* duplicate sids and acls as necessary */
+       t->revision = revision;
+       t->type     = type;
 
-       if (dacl      != NULL) dst->dacl      = dup_sec_acl(dacl);
-       if (sacl      != NULL) dst->sacl      = dup_sec_acl(sacl);
-       if (owner_sid != NULL) dst->owner_sid = sid_dup(owner_sid);
-       if (grp_sid   != NULL) dst->grp_sid   = sid_dup(grp_sid);
+       t->off_owner_sid = 0;
+       t->off_grp_sid   = 0;
+       t->off_sacl      = 0;
+       t->off_dacl      = 0;
 
-       /* having duplicated sids and acls as necessary, check success */
-
-       if ((dacl      != NULL && dst->dacl      == NULL) ||
-           (sacl      != NULL && dst->sacl      == NULL) ||
-           (owner_sid != NULL && dst->owner_sid == NULL) ||
-           (grp_sid   != NULL && dst->grp_sid   == NULL))
-       {
-               *sec_desc_size = 0;
-               free_sec_desc(&dst);
-
-               return NULL;
-       }
+       t->dacl      = dacl;
+       t->sacl      = sacl;
+       t->owner_sid = owner_sid;
+       t->grp_sid   = grp_sid;
 
        offset = 0x0;
 
-       /*
-        * Work out the linearization sizes.
-        */
-
-       if (dst->dacl != NULL)
+       if (dacl != NULL)
        {
                if (offset == 0)
                {
                        offset = 0x14;
                }
-               dst->off_dacl = offset;
+               t->off_dacl = offset;
                offset += dacl->size;
        }
 
-       if (dst->sacl != NULL)
+       if (sacl != NULL)
        {
                if (offset == 0)
                {
                        offset = 0x14;
                }
-               dst->off_sacl = offset;
-               offset += sacl->size;
+               t->off_dacl = offset;
+               offset += dacl->size;
        }
 
-       if (dst->owner_sid != NULL)
+       if (owner_sid != NULL)
        {
                if (offset == 0)
                {
                        offset = 0x14;
                }
-               dst->off_owner_sid = offset;
-               offset += sid_size(dst->owner_sid);
+               t->off_owner_sid = offset;
+               offset += sid_size(owner_sid);
        }
 
-       if (dst->grp_sid != NULL)
+       if (grp_sid != NULL)
        {
                if (offset == 0)
                {
                        offset = 0x14;
                }
-               dst->off_grp_sid = offset;
-               offset += sid_size(dst->grp_sid);
+               t->off_grp_sid = offset;
+               offset += sid_size(grp_sid);
        }
 
-       *sec_desc_size = (size_t)((offset == 0) ? 0x14 : offset);
-       return dst;
+       return (offset == 0) ? 0x14 : offset;
 }
 
-/*******************************************************************
- Duplicate a SEC_DESC structure.  
-********************************************************************/
-
-SEC_DESC *dup_sec_desc( SEC_DESC *src)
-{
-       size_t dummy;
-
-       if (src == NULL)
-               return NULL;
-
-       return make_sec_desc( src->revision, src->type, 
-                               src->owner_sid, src->grp_sid, src->sacl,
-                               src->dacl, &dummy);
-}
 
 /*******************************************************************
- Deletes a SEC_DESC structure
+frees a structure
 ********************************************************************/
-
-void free_sec_desc(SEC_DESC **ppsd)
+void free_sec_desc(SEC_DESC *t)
 {
-       SEC_DESC *psd;
-
-       if (ppsd == NULL || *ppsd == NULL)
+       if (t->dacl != NULL)
        {
-               return;
+               free_sec_acl(t->dacl);
        }
 
-       psd = *ppsd;
-
-       free_sec_acl(&psd->dacl);
-       free_sec_acl(&psd->dacl);
-       free(psd->owner_sid);
-       free(psd->grp_sid);
-       free(psd);
-       *ppsd = NULL;
+       if (t->sacl != NULL)
+       {
+               free_sec_acl(t->dacl);
 }
 
-/*******************************************************************
- Creates a SEC_DESC structure with typical defaults.
-********************************************************************/
+       if (t->owner_sid != NULL)
+       {
+               free(t->owner_sid);
+       }
 
-SEC_DESC *make_standard_sec_desc(DOM_SID *owner_sid, DOM_SID *grp_sid,
-                                SEC_ACL *dacl, size_t *sec_desc_size)
+       if (t->grp_sid != NULL)
 {
-       return make_sec_desc(1, SEC_DESC_SELF_RELATIVE|SEC_DESC_DACL_PRESENT,
-                            owner_sid, grp_sid, NULL, dacl, sec_desc_size);
+               free(t->grp_sid);
+       }
 }
 
 
 /*******************************************************************
- Reads or writes a SEC_DESC structure.
- If reading and the *ppsd = NULL, allocates the structure.
+reads or writes a structure.
 ********************************************************************/
-
-BOOL sec_io_desc(char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
+static void sec_io_desc(char *desc, SEC_DESC *t, prs_struct *ps, int depth)
 {
+#if 0
+       uint32 off_owner_sid;
+       uint32 off_grp_sid  ;
+       uint32 off_sacl     ;
+       uint32 off_dacl     ;
+#endif
        uint32 old_offset;
        uint32 max_offset = 0; /* after we're done, move offset to end */
-       SEC_DESC *psd;
-
-       if (ppsd == NULL)
-               return False;
 
-       psd = *ppsd;
-
-       if (ps->io && psd == NULL)
-       {
-               psd = (SEC_DESC *)malloc(sizeof(SEC_DESC));
-               if (psd == NULL)
-               {
-                       return False;
-               }
-               ZERO_STRUCTP(psd);
-               *ppsd = psd;
-       }
+       if (t == NULL) return;
 
        prs_debug(ps, depth, desc, "sec_io_desc");
        depth++;
@@ -448,207 +291,218 @@ BOOL sec_io_desc(char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
        /* start of security descriptor stored for back-calc offset purposes */
        old_offset = ps->offset;
 
-       prs_uint16("revision ", ps, depth, &psd->revision);
-       prs_uint16("type     ", ps, depth, &psd->type);
-
-       prs_uint32("off_owner_sid", ps, depth, &psd->off_owner_sid);
-       prs_uint32("off_grp_sid  ", ps, depth, &psd->off_grp_sid);
-       prs_uint32("off_sacl     ", ps, depth, &psd->off_sacl);
-       prs_uint32("off_dacl     ", ps, depth, &psd->off_dacl);
-
+       prs_uint16("revision ", ps, depth, &(t->revision ));
+       prs_uint16("type     ", ps, depth, &(t->type     ));
+
+       prs_uint32("off_owner_sid", ps, depth, &(t->off_owner_sid));
+       prs_uint32("off_grp_sid  ", ps, depth, &(t->off_grp_sid  ));
+       prs_uint32("off_sacl     ", ps, depth, &(t->off_sacl     ));
+       prs_uint32("off_dacl     ", ps, depth, &(t->off_dacl     ));
+#if 0
+       prs_uint32_pre("off_owner_sid", ps, depth, &(t->off_owner_sid), &off_owner_sid);
+       prs_uint32_pre("off_grp_sid  ", ps, depth, &(t->off_grp_sid  ), &off_grp_sid  );
+       prs_uint32_pre("off_sacl     ", ps, depth, &(t->off_sacl     ), &off_sacl     );
+       prs_uint32_pre("off_dacl     ", ps, depth, &(t->off_dacl     ), &off_dacl     );
+#endif
        max_offset = MAX(max_offset, ps->offset);
 
-       if (IS_BITS_SET_ALL(psd->type, SEC_DESC_DACL_PRESENT) && psd->dacl)
+       if (IS_BITS_SET_ALL(t->type, SEC_DESC_DACL_PRESENT))
        {
-               ps->offset = old_offset + psd->off_dacl;
-               if (!sec_io_acl("dacl", &psd->dacl, ps, depth))
+#if 0
+               prs_uint32_post("off_dacl    ", ps, depth, &(t->off_dacl     ), off_dacl     , ps->offset - old_offset);
+#endif
+               ps->offset = old_offset + t->off_dacl;
+               if (ps->io)
                {
-                       return False;
-               }
-               prs_align(ps);
+                       /* reading */
+                       t->dacl = malloc(sizeof(*t->dacl));
+                       ZERO_STRUCTP(t->dacl);
        }
 
-       max_offset = MAX(max_offset, ps->offset);
-
-       if (IS_BITS_SET_ALL(psd->type, SEC_DESC_SACL_PRESENT) && psd->sacl)
-       {
-               ps->offset = old_offset + psd->off_sacl;
-               if (!sec_io_acl("sacl", &psd->sacl, ps, depth))
+               if (t->dacl == NULL)
                {
-                       return False;
+                       DEBUG(0,("INVALID DACL\n"));
+                       ps->offset = 0xfffffffe;
+                       return;
                }
+
+               sec_io_acl     ("dacl"        , t->dacl       , ps, depth);
                prs_align(ps);
        }
+#if 0
+       else
+       {
+               prs_uint32_post("off_dacl    ", ps, depth, &(t->off_dacl     ), off_dacl     , 0);
+       }
+#endif
 
        max_offset = MAX(max_offset, ps->offset);
 
-       if (psd->off_owner_sid != 0)
+       if (IS_BITS_SET_ALL(t->type, SEC_DESC_SACL_PRESENT))
        {
+#if 0
+               prs_uint32_post("off_sacl  ", ps, depth, &(t->off_sacl  ), off_sacl  , ps->offset - old_offset);
+#endif
+               ps->offset = old_offset + t->off_sacl;
                if (ps->io)
                {
-                       ps->offset = old_offset + psd->off_owner_sid;
                        /* reading */
-                       psd->owner_sid = malloc(sizeof(*psd->owner_sid));
-                       if (psd->owner_sid == NULL)
-                       {
-                               return False;
-                       }
-                       ZERO_STRUCTP(psd->owner_sid);
+                       t->sacl = malloc(sizeof(*t->sacl));
+                       ZERO_STRUCTP(t->sacl);
                }
 
-               if (!smb_io_dom_sid("owner_sid ", psd->owner_sid , ps, depth))
+               if (t->sacl == NULL)
                {
-                       return False;
+                       DEBUG(0,("INVALID SACL\n"));
+                       ps->offset = 0xfffffffe;
+                       return;
                }
+
+               sec_io_acl     ("sacl"      , t->sacl       , ps, depth);
                prs_align(ps);
        }
+#if 0
+       else
+       {
+               prs_uint32_post("off_sacl  ", ps, depth, &(t->off_sacl  ), off_sacl  , 0);
+       }
+#endif
 
        max_offset = MAX(max_offset, ps->offset);
 
-       if (psd->off_grp_sid != 0)
+#if 0
+       prs_uint32_post("off_owner_sid", ps, depth, &(t->off_owner_sid), off_owner_sid, ps->offset - old_offset);
+#endif
+       if (t->off_owner_sid != 0)
        {
                if (ps->io)
                {
-                       /* reading */
-                       ps->offset = old_offset + psd->off_grp_sid;
-                       psd->grp_sid = malloc(sizeof(*psd->grp_sid));
-                       if (psd->grp_sid == NULL)
-                       {
-                               return False;
+                       ps->offset = old_offset + t->off_owner_sid;
                        }
-                       ZERO_STRUCTP(psd->grp_sid);
+               if (ps->io)
+               {
+                       /* reading */
+                       t->owner_sid = malloc(sizeof(*t->owner_sid));
+                       ZERO_STRUCTP(t->owner_sid);
                }
 
-               if (!smb_io_dom_sid("grp_sid", psd->grp_sid, ps, depth))
+               if (t->owner_sid == NULL)
                {
-                       return False;
+                       DEBUG(0,("INVALID OWNER SID\n"));
+                       ps->offset = 0xfffffffe;
+                       return;
                }
+
+               smb_io_dom_sid("owner_sid ", t->owner_sid , ps, depth);
                prs_align(ps);
        }
 
        max_offset = MAX(max_offset, ps->offset);
 
-       ps->offset = max_offset;
-       return True;
+#if 0
+       prs_uint32_post("off_grp_sid  ", ps, depth, &(t->off_grp_sid  ), off_grp_sid  , ps->offset - old_offset);
+#endif
+       if (t->off_grp_sid != 0)
+       {
+               if (ps->io)
+               {
+                       ps->offset = old_offset + t->off_grp_sid;
 }
-
-/*******************************************************************
- Creates a SEC_DESC_BUF structure.
-********************************************************************/
-
-SEC_DESC_BUF *make_sec_desc_buf(int len, SEC_DESC *sec_desc)
+               if (ps->io)
 {
-       SEC_DESC_BUF *dst;
+                       /* reading */
+                       t->grp_sid = malloc(sizeof(*t->grp_sid));
+                       ZERO_STRUCTP(t->grp_sid);
+               }
 
-       dst = (SEC_DESC_BUF *)malloc(sizeof(SEC_DESC_BUF));
-       if (dst == NULL)
+               if (t->grp_sid == NULL)
        {
-               return NULL;
+                       DEBUG(0,("INVALID GROUP SID\n"));
+                       ps->offset = 0xfffffffe;
+                       return;
        }
 
-       ZERO_STRUCTP(dst);
-
-       /* max buffer size (allocated size) */
-       dst->max_len = len;
-       dst->len = len;
-
-       if (sec_desc && ((dst->sec = dup_sec_desc(sec_desc)) == NULL))
-       {
-               free_sec_desc_buf(&dst);
-               return NULL;
+               smb_io_dom_sid("grp_sid", t->grp_sid, ps, depth);
+               prs_align(ps);
        }
 
-       return dst;
+       max_offset = MAX(max_offset, ps->offset);
+
+       ps->offset = max_offset;
 }
 
 /*******************************************************************
- Duplicates a SEC_DESC_BUF structure.
+creates a SEC_DESC_BUF structure.
 ********************************************************************/
-
-SEC_DESC_BUF *dup_sec_desc_buf(SEC_DESC_BUF *src)
-{
-       if (src == NULL)
+void make_sec_desc_buf(SEC_DESC_BUF *buf, int len, SEC_DESC *data)
        {
-               return NULL;
-       }
+       ZERO_STRUCTP(buf);
 
-       return make_sec_desc_buf( src->len, src->sec);
+       /* max buffer size (allocated size) */
+       buf->max_len = len;
+       buf->undoc       = 0;
+       buf->len = data != NULL ? len : 0;
+       buf->sec = data;
 }
 
 /*******************************************************************
- Deletes a SEC_DESC_BUF structure.
+frees a SEC_DESC_BUF structure.
 ********************************************************************/
-
-void free_sec_desc_buf(SEC_DESC_BUF **ppsdb)
+void free_sec_desc_buf(SEC_DESC_BUF *buf)
 {
-       SEC_DESC_BUF *psdb;
-
-       if (ppsdb == NULL || *ppsdb == NULL)
+       if (buf->sec != NULL)
        {
-               return;
+               free_sec_desc(buf->sec);
+               free(buf->sec);
        }
-
-       psdb = *ppsdb;
-       free_sec_desc(&psdb->sec);
-       free(psdb);
-       *ppsdb = NULL;
 }
 
 
 /*******************************************************************
- Reads or writes a SEC_DESC_BUF structure.
+reads or writes a SEC_DESC_BUF structure.
 ********************************************************************/
-
-BOOL sec_io_desc_buf(char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int depth)
+void sec_io_desc_buf(char *desc, SEC_DESC_BUF *sec, prs_struct *ps, int depth)
 {
        uint32 off_len;
        uint32 off_max_len;
        uint32 old_offset;
        uint32 size;
-       SEC_DESC_BUF *psdb;
-
-       if (ppsdb == NULL)
-       {
-               return False;
-       }
-
-       psdb = *ppsdb;
 
-       if (ps->io && psdb == NULL)
-       {
-               psdb = (SEC_DESC_BUF *)malloc(sizeof(SEC_DESC_BUF));
-               if (psdb == NULL)
-               {
-                       return False;
-               }
-               ZERO_STRUCTP(psdb);
-               *ppsdb = psdb;
-       }
+       if (sec == NULL) return;
 
        prs_debug(ps, depth, desc, "sec_io_desc_buf");
        depth++;
 
        prs_align(ps);
        
-       prs_uint32_pre("max_len", ps, depth, &psdb->max_len, &off_max_len);
-       prs_uint32    ("undoc  ", ps, depth, &psdb->undoc);
-       prs_uint32_pre("len    ", ps, depth, &psdb->len, &off_len);
+       prs_uint32_pre("max_len", ps, depth, &(sec->max_len), &off_max_len);
+       prs_uint32    ("undoc  ", ps, depth, &(sec->undoc  ));
+       prs_uint32_pre("len    ", ps, depth, &(sec->len    ), &off_len);
 
        old_offset = ps->offset;
 
-       /* reading, length is non-zero; writing, descriptor is non-NULL */
-       if ((psdb->len != 0 || (!ps->io)) && psdb->sec != NULL)
+       if (sec->len != 0 && ps->io)
        {
-               if (!sec_io_desc("sec   ", &psdb->sec, ps, depth))
+               /* reading */
+               sec->sec = malloc(sizeof(*sec->sec));
+               ZERO_STRUCTP(sec->sec);
+
+               if (sec->sec == NULL)
                {
-                       return False;
+                       DEBUG(0,("INVALID SEC_DESC\n"));
+                       ps->offset = 0xfffffffe;
+                       return;
                }
        }
 
-       size = ps->offset - old_offset;
-       prs_uint32_post("max_len", ps, depth, &psdb->max_len, off_max_len, size == 0 ? psdb->max_len : size);
-       prs_uint32_post("len    ", ps, depth, &psdb->len, off_len, size);
+       /* reading, length is non-zero; writing, descriptor is non-NULL */
+       if ((sec->len != 0 || (!ps->io)) && sec->sec != NULL)
+       {
+               sec_io_desc("sec   ", sec->sec, ps, depth);
+       }
 
-       return True;
+       size = ps->offset - old_offset;
+       prs_uint32_post("max_len", ps, depth, &(sec->max_len), off_max_len, size == 0 ? sec->max_len : size);
+       prs_uint32_post("len    ", ps, depth, &(sec->len    ), off_len    , size);
 }
 

diff --git a/source3/rpcclient/cmd_reg.c b/source3/rpcclient/cmd_reg.c
index ed337a59f583d4ea872515fd8a74c2701087d68b..d5b032be90624275f4dbd2cec61eafddb44669ca 100644 (file)
--- a/source3/rpcclient/cmd_reg.c
+++ b/source3/rpcclient/cmd_reg.c
@@ -739,7 +739,7 @@ void cmd_reg_test_key_sec(struct client_info *info)
         */
 
        uint32 sec_buf_size;
-       SEC_DESC_BUF *psdb;
+       SEC_DESC_BUF sec_buf;
 
        DEBUG(5, ("cmd_reg_get_key_sec: smb_cli->fd:%d\n", smb_cli->fd));
 
@@ -771,28 +771,32 @@ void cmd_reg_test_key_sec(struct client_info *info)
        res3 = res ? do_reg_open_entry(smb_cli, fnum, &info->dom.reg_pol_connect,
                                 key_name, 0x02000000, &key_pol) : False;
 
-       /* Get the size. */
+       /* query key sec info.  first call sets sec_buf_size. */
        sec_buf_size = 0;
+       ZERO_STRUCT(sec_buf);
 
        res4 = res3 ? do_reg_get_key_sec(smb_cli, fnum, &key_pol,
-                               &sec_buf_size, &psdb) : False;
+                               &sec_buf_size, &sec_buf) : False;
        
-       free_sec_desc_buf(&psdb);
+       if (res4)
+       {
+               free_sec_desc_buf(&sec_buf);
+       }
 
        res4 = res4 ? do_reg_get_key_sec(smb_cli, fnum, &key_pol,
-                               &sec_buf_size, &psdb) : False;
+                               &sec_buf_size, &sec_buf) : False;
 
-       if (res4 && psdb->len > 0 && psdb->sec != NULL)
+       if (res4 && sec_buf.len > 0 && sec_buf.sec != NULL)
        {
-               display_sec_desc(out_hnd, ACTION_HEADER   , psdb->sec);
-               display_sec_desc(out_hnd, ACTION_ENUMERATE, psdb->sec);
-               display_sec_desc(out_hnd, ACTION_FOOTER   , psdb->sec);
+               display_sec_desc(out_hnd, ACTION_HEADER   , sec_buf.sec);
+               display_sec_desc(out_hnd, ACTION_ENUMERATE, sec_buf.sec);
+               display_sec_desc(out_hnd, ACTION_FOOTER   , sec_buf.sec);
 
                res4 = res4 ? do_reg_set_key_sec(smb_cli, fnum, &key_pol,
-                               psdb) : False;
+                               sec_buf_size, sec_buf.sec) : False;
 
+               free_sec_desc_buf(&sec_buf);
        }
-       free_sec_desc_buf(&psdb);
 
        /* close the key handle */
        if ((*key_name) != 0)
@@ -836,7 +840,7 @@ void cmd_reg_get_key_sec(struct client_info *info)
         */
 
        uint32 sec_buf_size;
-       SEC_DESC_BUF *psdb;
+       SEC_DESC_BUF sec_buf;
 
        DEBUG(5, ("cmd_reg_get_key_sec: smb_cli->fd:%d\n", smb_cli->fd));
 
@@ -868,25 +872,29 @@ void cmd_reg_get_key_sec(struct client_info *info)
        res3 = res ? do_reg_open_entry(smb_cli, fnum, &info->dom.reg_pol_connect,
                                 key_name, 0x02000000, &key_pol) : False;
 
-       /* Get the size. */
+       /* query key sec info.  first call sets sec_buf_size. */
        sec_buf_size = 0;
+       ZERO_STRUCT(sec_buf);
 
        res4 = res3 ? do_reg_get_key_sec(smb_cli, fnum, &key_pol,
-                               &sec_buf_size, &psdb) : False;
+                               &sec_buf_size, &sec_buf) : False;
        
-       free_sec_desc_buf(&psdb);
+       if (res4)
+       {
+               free_sec_desc_buf(&sec_buf);
+       }
 
        res4 = res4 ? do_reg_get_key_sec(smb_cli, fnum, &key_pol,
-                               &sec_buf_size, &psdb) : False;
+                               &sec_buf_size, &sec_buf) : False;
 
-       if (res4 && psdb->len > 0 && psdb->sec != NULL)
+       if (res4 && sec_buf.len > 0 && sec_buf.sec != NULL)
        {
-               display_sec_desc(out_hnd, ACTION_HEADER   , psdb->sec);
-               display_sec_desc(out_hnd, ACTION_ENUMERATE, psdb->sec);
-               display_sec_desc(out_hnd, ACTION_FOOTER   , psdb->sec);
+               display_sec_desc(out_hnd, ACTION_HEADER   , sec_buf.sec);
+               display_sec_desc(out_hnd, ACTION_ENUMERATE, sec_buf.sec);
+               display_sec_desc(out_hnd, ACTION_FOOTER   , sec_buf.sec);
 
+               free(sec_buf.sec);
        }
-       free_sec_desc_buf(&psdb);
 
        /* close the key handle */
        if ((*key_name) != 0)

diff --git a/source3/rpcclient/display.c b/source3/rpcclient/display.c
index 545258b36a1006b555f290000b945a834ec79903..fd876c54328880f49b18399b6f0f5c099f4d9a88 100644 (file)
--- a/source3/rpcclient/display.c
+++ b/source3/rpcclient/display.c
@@ -1355,9 +1355,9 @@ void display_sec_acl(FILE *out_hnd, enum action_type action, SEC_ACL *sec_acl)
                                int i;
                                for (i = 0; i < sec_acl->num_aces; i++)
                                {
-                                       display_sec_ace(out_hnd, ACTION_HEADER   , &sec_acl->ace_list[i]);
-                                       display_sec_ace(out_hnd, ACTION_ENUMERATE, &sec_acl->ace_list[i]);
-                                       display_sec_ace(out_hnd, ACTION_FOOTER   , &sec_acl->ace_list[i]);
+                                       display_sec_ace(out_hnd, ACTION_HEADER   , &sec_acl->ace[i]);
+                                       display_sec_ace(out_hnd, ACTION_ENUMERATE, &sec_acl->ace[i]);
+                                       display_sec_ace(out_hnd, ACTION_FOOTER   , &sec_acl->ace[i]);
                                }
                        }