return NDR_ERR_SUCCESS;
}
+
+static inline enum ndr_err_code ndr_maybe_push_security_ace_object_ctr(struct ndr_push *ndr,
+ ndr_flags_type ndr_flags,
+ const struct security_ace *r)
+{
+ /*
+ * ndr_push_security_ace_object_ctr() does nothing (except tallocing
+ * and ndr_token fiddling) unless the ACE is an object ACE, which is
+ * usually very unlikely.
+ */
+ bool is_object = sec_ace_object(r->type);
+ if (is_object) {
+ NDR_CHECK(ndr_push_set_switch_value(ndr, &r->object, is_object));
+ NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, ndr_flags, &r->object));
+ }
+ return NDR_ERR_SUCCESS;
+}
+
_PUBLIC_ enum ndr_err_code ndr_push_security_ace(struct ndr_push *ndr, ndr_flags_type ndr_flags, const struct security_ace *r)
{
NDR_PUSH_CHECK_FLAGS(ndr, ndr_flags);
NDR_CHECK(ndr_push_security_ace_flags(ndr, NDR_SCALARS, r->flags));
NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, ndr_size_security_ace(r, ndr->flags)));
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->access_mask));
- NDR_CHECK(ndr_push_set_switch_value(ndr, &r->object, sec_ace_object(r->type)));
- NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, NDR_SCALARS, &r->object));
+ NDR_CHECK(ndr_maybe_push_security_ace_object_ctr(ndr, NDR_SCALARS, r));
NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, &r->trustee));
if (sec_ace_has_extra_blob(r->type)) {
struct ndr_push *_ndr_coda;
NDR_CHECK(ndr_push_trailer_align(ndr, 5));
}
if (ndr_flags & NDR_BUFFERS) {
- NDR_CHECK(ndr_push_set_switch_value(ndr, &r->object, sec_ace_object(r->type)));
- NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object));
+ NDR_CHECK(ndr_maybe_push_security_ace_object_ctr(ndr, NDR_BUFFERS, r));
}
return NDR_ERR_SUCCESS;
}