1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

librpc/ndr: add LIBNDR_FLAG_IS_SECRET handling

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2017-06-12 17:58:20 +02:00
parent 91d8272e86
commit 32aa3a199d
3 changed files with 77 additions and 0 deletions

View File

@ -109,6 +109,7 @@ struct ndr_print {
void (*print)(struct ndr_print *, const char *, ...) PRINTF_ATTRIBUTE(2,3);
void *private_data;
bool no_newline;
bool print_secrets;
};
#define LIBNDR_FLAG_BIGENDIAN (1<<0)
@ -139,6 +140,12 @@ struct ndr_print {
LIBNDR_FLAG_STR_RAW8 | \
0)
/*
* Mark an element as SECRET, it won't be printed by
* via ndr_print* unless NDR_PRINT_SECRETS is specified.
*/
#define LIBNDR_FLAG_IS_SECRET (1<<14)
/* Disable string token compression */
#define LIBNDR_FLAG_NO_COMPRESSION (1<<15)
@ -210,6 +217,9 @@ struct ndr_print {
#define NDR_PRINT_OUT_STRING(ctx, type, p) NDR_PRINT_FUNCTION_STRING(ctx, type, NDR_OUT, p)
#define NDR_PRINT_IN_STRING(ctx, type, p) NDR_PRINT_FUNCTION_STRING(ctx, type, NDR_IN | NDR_SET_VALUES, p)
#define NDR_HIDE_SECRET(ndr) \
(unlikely(((ndr)->flags & LIBNDR_FLAG_IS_SECRET) && !(ndr)->print_secrets))
#define NDR_BE(ndr) (unlikely(((ndr)->flags & (LIBNDR_FLAG_BIGENDIAN|LIBNDR_FLAG_LITTLE_ENDIAN)) == LIBNDR_FLAG_BIGENDIAN))
enum ndr_err_code {

View File

@ -399,6 +399,12 @@ _PUBLIC_ void ndr_print_debugc(int dbgc_class, ndr_print_fn_t fn, const char *na
ndr->print = ndr_print_debugc_helper;
ndr->depth = 1;
ndr->flags = 0;
#ifdef DEBUG_PASSWORD
if (CHECK_DEBUGLVL(100)) {
ndr->print_secrets = true;
}
#endif
fn(ndr, name, ptr);
talloc_free(ndr);
}
@ -417,6 +423,12 @@ _PUBLIC_ void ndr_print_debug(ndr_print_fn_t fn, const char *name, void *ptr)
ndr->print = ndr_print_debug_helper;
ndr->depth = 1;
ndr->flags = 0;
#ifdef DEBUG_PASSWORD
if (CHECK_DEBUGLVL(100)) {
ndr->print_secrets = true;
}
#endif
fn(ndr, name, ptr);
talloc_free(ndr);
}
@ -435,6 +447,12 @@ _PUBLIC_ void ndr_print_union_debug(ndr_print_fn_t fn, const char *name, uint32_
ndr->print = ndr_print_debug_helper;
ndr->depth = 1;
ndr->flags = 0;
#ifdef DEBUG_PASSWORD
if (CHECK_DEBUGLVL(100)) {
ndr->print_secrets = true;
}
#endif
ndr_print_set_switch_value(ndr, ptr, level);
fn(ndr, name, ptr);
talloc_free(ndr);
@ -454,6 +472,11 @@ _PUBLIC_ void ndr_print_function_debug(ndr_print_function_t fn, const char *name
ndr->print = ndr_print_debug_helper;
ndr->depth = 1;
ndr->flags = 0;
#ifdef DEBUG_PASSWORD
if (CHECK_DEBUGLVL(100)) {
ndr->print_secrets = true;
}
#endif
fn(ndr, name, flags, ptr);
talloc_free(ndr);

View File

@ -1064,41 +1064,73 @@ _PUBLIC_ void ndr_print_bitmap_flag(struct ndr_print *ndr, size_t size, const ch
_PUBLIC_ void ndr_print_int8(struct ndr_print *ndr, const char *name, int8_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: %d", name, v);
}
_PUBLIC_ void ndr_print_uint8(struct ndr_print *ndr, const char *name, uint8_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: 0x%02x (%u)", name, v, v);
}
_PUBLIC_ void ndr_print_int16(struct ndr_print *ndr, const char *name, int16_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: %d", name, v);
}
_PUBLIC_ void ndr_print_uint16(struct ndr_print *ndr, const char *name, uint16_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: 0x%04x (%u)", name, v, v);
}
_PUBLIC_ void ndr_print_int32(struct ndr_print *ndr, const char *name, int32_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: %d", name, v);
}
_PUBLIC_ void ndr_print_uint32(struct ndr_print *ndr, const char *name, uint32_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: 0x%08x (%u)", name, v, v);
}
_PUBLIC_ void ndr_print_int3264(struct ndr_print *ndr, const char *name, int32_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: %d", name, v);
}
_PUBLIC_ void ndr_print_uint3264(struct ndr_print *ndr, const char *name, uint32_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: 0x%08x (%u)", name, v, v);
}
@ -1114,6 +1146,10 @@ _PUBLIC_ void ndr_print_udlongr(struct ndr_print *ndr, const char *name, uint64_
_PUBLIC_ void ndr_print_dlong(struct ndr_print *ndr, const char *name, int64_t v)
{
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%-25s: <REDACTED SECRET VALUE>", name);
return;
}
ndr->print(ndr, "%-25s: 0x%016llx (%lld)", name, (unsigned long long)v, (long long)v);
}
@ -1203,6 +1239,11 @@ _PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name,
return;
}
if (NDR_HIDE_SECRET(ndr)) {
ndr->print(ndr, "%s: ARRAY(%d): <REDACTED SECRET VALUES>", name, count);
return;
}
if (count <= _ONELINE_LIMIT && (ndr->flags & LIBNDR_PRINT_ARRAY_HEX)) {
char s[(_ONELINE_LIMIT + 1) * 2];
for (i=0;i<count;i++) {
@ -1243,6 +1284,9 @@ static void ndr_print_dump_data_cb(const char *buf, void *private_data)
*/
static void ndr_dump_data(struct ndr_print *ndr, const uint8_t *buf, int len)
{
if (NDR_HIDE_SECRET(ndr)) {
return;
}
ndr->no_newline = true;
dump_data_cb(buf, len, true, ndr_print_dump_data_cb, ndr);
ndr->no_newline = false;