2005-04-11 03:08:04 +04:00
/*
Unix SMB / CIFS implementation .
fast routines for getting the wire size of security objects
Copyright ( C ) Andrew Tridgell 2003
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
# include "includes.h"
2006-03-16 03:23:11 +03:00
# include "librpc/gen_ndr/ndr_security.h"
2005-04-11 03:08:04 +04:00
/*
return the wire size of a dom_sid
*/
2005-06-24 05:18:56 +04:00
size_t ndr_size_dom_sid ( const struct dom_sid * sid )
2005-04-11 03:08:04 +04:00
{
if ( ! sid ) return 0 ;
return 8 + 4 * sid - > num_auths ;
}
/*
return the wire size of a dom_sid
*/
2005-06-24 05:18:56 +04:00
size_t ndr_length_dom_sid ( const struct dom_sid * sid )
2005-04-11 03:08:04 +04:00
{
if ( ! sid ) return 0 ;
if ( sid - > sid_rev_num = = 0 ) return 0 ;
return 8 + 4 * sid - > num_auths ;
}
/*
return the wire size of a security_ace
*/
2005-06-24 05:18:56 +04:00
size_t ndr_size_security_ace ( const struct security_ace * ace )
2005-04-11 03:08:04 +04:00
{
if ( ! ace ) return 0 ;
return 8 + ndr_size_dom_sid ( & ace - > trustee ) ;
}
/*
return the wire size of a security_acl
*/
2005-06-24 05:18:56 +04:00
size_t ndr_size_security_acl ( const struct security_acl * acl )
2005-04-11 03:08:04 +04:00
{
size_t ret ;
int i ;
if ( ! acl ) return 0 ;
ret = 8 ;
for ( i = 0 ; i < acl - > num_aces ; i + + ) {
ret + = ndr_size_security_ace ( & acl - > aces [ i ] ) ;
}
return ret ;
}
/*
return the wire size of a security descriptor
*/
2005-06-24 05:18:56 +04:00
size_t ndr_size_security_descriptor ( const struct security_descriptor * sd )
2005-04-11 03:08:04 +04:00
{
size_t ret ;
if ( ! sd ) return 0 ;
ret = 20 ;
ret + = ndr_size_dom_sid ( sd - > owner_sid ) ;
ret + = ndr_size_dom_sid ( sd - > group_sid ) ;
ret + = ndr_size_security_acl ( sd - > dacl ) ;
ret + = ndr_size_security_acl ( sd - > sacl ) ;
return ret ;
}
/*
print a dom_sid
*/
2005-06-24 05:18:56 +04:00
void ndr_print_dom_sid ( struct ndr_print * ndr , const char * name , const struct dom_sid * sid )
2005-04-11 03:08:04 +04:00
{
ndr - > print ( ndr , " %-25s: %s " , name , dom_sid_string ( ndr , sid ) ) ;
}
2005-06-24 05:18:56 +04:00
void ndr_print_dom_sid2 ( struct ndr_print * ndr , const char * name , const struct dom_sid * sid )
2005-04-11 03:08:04 +04:00
{
ndr_print_dom_sid ( ndr , name , sid ) ;
}
2005-06-24 05:18:56 +04:00
void ndr_print_dom_sid28 ( struct ndr_print * ndr , const char * name , const struct dom_sid * sid )
2005-04-11 03:08:04 +04:00
{
ndr_print_dom_sid ( ndr , name , sid ) ;
}
/*
convert a dom_sid to a string
*/
char * dom_sid_string ( TALLOC_CTX * mem_ctx , const struct dom_sid * sid )
{
int i , ofs , maxlen ;
uint32_t ia ;
char * ret ;
if ( ! sid ) {
return talloc_strdup ( mem_ctx , " (NULL SID) " ) ;
}
maxlen = sid - > num_auths * 11 + 25 ;
ret = talloc_size ( mem_ctx , maxlen ) ;
if ( ! ret ) return talloc_strdup ( mem_ctx , " (SID ERR) " ) ;
ia = ( sid - > id_auth [ 5 ] ) +
( sid - > id_auth [ 4 ] < < 8 ) +
( sid - > id_auth [ 3 ] < < 16 ) +
( sid - > id_auth [ 2 ] < < 24 ) ;
ofs = snprintf ( ret , maxlen , " S-%u-%lu " ,
( uint_t ) sid - > sid_rev_num , ( unsigned long ) ia ) ;
for ( i = 0 ; i < sid - > num_auths ; i + + ) {
ofs + = snprintf ( ret + ofs , maxlen - ofs , " -%lu " , ( unsigned long ) sid - > sub_auths [ i ] ) ;
}
return ret ;
}