sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-23 09:57:40 +03:00
Code

security descriptors are no longer a "special" type, they are handled

Browse Source 
using the [relative] property

this also fixes level3 of PrinterInfo (a relative secdesc)
(This used to be commit d5a15257fdd5f6cfe2706765a7c29f623ec1c6f8)
This commit is contained in:
Andrew Tridgell 2003-11-17 06:27:45 +00:00
parent fa83432e10
commit 59df3ce5b5
17 changed files with 444 additions and 548 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source4/libcli/raw/rawacl.c
View File

@ -82,7 +82,7 @@ NTSTATUS smb_raw_query_secdesc_recv(struct cli_request *req,
if (!query->out.sd) {
return NT_STATUS_NO_MEMORY;
}
status = ndr_pull_security_descriptor(ndr, query->out.sd);
status = ndr_pull_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, query->out.sd);
return NT_STATUS_OK;
}

53
source4/librpc/idl/misc.idl Normal file
View File

@ -0,0 +1,53 @@
/*
miscellaneous IDL structures
*/
[ uuid(0-0-0-0-0),
version(0.0),
pointer_default(unique)
] interface misc
{
/* a domain SID. Note that unlike Samba3 this contains a pointer,
so you can't copy them using assignment */
typedef [public,noprint] struct {
uint8 sid_rev_num; /**< SID revision number */
uint8 num_auths; /**< Number of sub-authorities */
uint8 id_auth[6]; /**< Identifier Authority */
uint32 sub_auths[num_auths];
} dom_sid;
typedef [public] struct {
uint8 type; /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
uint32 access_mask;
#if 0
/* the 'obj' part is present when type is XXXX_TYPE_XXXX_OBJECT */
struct {
uint32 flags;
GUID object_guid;
GUID inherit_guid;
} *obj;
#endif
dom_sid trustee;
} security_ace;
typedef [public] struct {
uint16 revision;
uint32 num_aces;
security_ace aces[num_aces];
} security_acl;
typedef [public] struct {
uint8 revision;
uint16 type; /* SEC_DESC_xxxx flags */
[relative] dom_sid *owner_sid;
[relative] dom_sid *group_sid;
[relative] security_acl *sacl; /* system ACL */
[relative] security_acl *dacl; /* user (discretionary) ACL */
} security_descriptor;
}

14
source4/librpc/idl/spoolss.idl
View File

@ -45,7 +45,7 @@
uint32 reserved2;
uint32 panningwidth;
uint32 panningheight;
// uint8 private[driverextra];
uint8 private[driverextra];
} spoolss_DeviceMode;
typedef struct {
@ -81,7 +81,7 @@
typedef struct {
uint32 flags;
[relative] security_descriptor *secdesc;
security_descriptor secdesc;
} spoolss_PrinterInfo3;
typedef struct {
@ -153,9 +153,8 @@
[in] uint32 firstjob,
[in] uint32 numjobs,
[in] uint32 level,
[in,out] uint8_buf *buffer,
[in] uint32 offered,
[out] uint32 needed,
[in,out] DATA_BLOB *buffer,
[in,out,ref] uint32 *buf_size,
[out] uint32 numjobs
);
@ -537,13 +536,12 @@
[in,ref] policy_handle *handle,
[in] uint32 enum_index,
[in] uint32 value_offered,
[in] uint32 data_offered,
[out] uint32 value_len,
[out] unistr *value_name,
[out] uint32 value_needed,
[out] uint32 printerdata_type,
[out] uint8_buf printerdata,
[out] uint32 data_needed
[in,out] DATA_BLOB *buffer,
[in,out,ref] uint32 *buf_size
);
/******************/

1
source4/librpc/ndr/libndr.h
View File

@ -174,6 +174,7 @@ typedef void (*ndr_print_fn_t)(struct ndr_print *, const char *, void *);
typedef void (*ndr_print_union_fn_t)(struct ndr_print *, const char *, uint16, void *);
/* now pull in the individual parsers */
#include "librpc/ndr/ndr_basic.h"
#include "librpc/ndr/ndr_sec.h"
#include "librpc/ndr/ndr_misc.h"
#include "librpc/ndr/ndr_echo.h"

46
source4/librpc/ndr/ndr_basic.c
View File

@ -108,8 +108,11 @@ NTSTATUS ndr_pull_bytes(struct ndr_pull *ndr, char *data, uint32 n)
/*
pull an array of uint8
*/
NTSTATUS ndr_pull_array_uint8(struct ndr_pull *ndr, char *data, uint32 n)
NTSTATUS ndr_pull_array_uint8(struct ndr_pull *ndr, int ndr_flags, char *data, uint32 n)
{
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
return ndr_pull_bytes(ndr, data, n);
}
@ -117,9 +120,12 @@ NTSTATUS ndr_pull_array_uint8(struct ndr_pull *ndr, char *data, uint32 n)
/*
pull an array of uint16
*/
NTSTATUS ndr_pull_array_uint16(struct ndr_pull *ndr, uint16 *data, uint32 n)
NTSTATUS ndr_pull_array_uint16(struct ndr_pull *ndr, int ndr_flags, uint16 *data, uint32 n)
{
uint32 i;
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
for (i=0;i<n;i++) {
NDR_CHECK(ndr_pull_uint16(ndr, &data[i]));
}
@ -129,9 +135,12 @@ NTSTATUS ndr_pull_array_uint16(struct ndr_pull *ndr, uint16 *data, uint32 n)
/*
pull a const array of uint32
*/
NTSTATUS ndr_pull_array_uint32(struct ndr_pull *ndr, uint32 *data, uint32 n)
NTSTATUS ndr_pull_array_uint32(struct ndr_pull *ndr, int ndr_flags, uint32 *data, uint32 n)
{
uint32 i;
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
for (i=0;i<n;i++) {
NDR_CHECK(ndr_pull_uint32(ndr, &data[i]));
}
@ -224,17 +233,23 @@ NTSTATUS ndr_push_bytes(struct ndr_push *ndr, const char *data, uint32 n)
/*
push an array of uint8
*/
NTSTATUS ndr_push_array_uint8(struct ndr_push *ndr, const char *data, uint32 n)
NTSTATUS ndr_push_array_uint8(struct ndr_push *ndr, int ndr_flags, const char *data, uint32 n)
{
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
return ndr_push_bytes(ndr, data, n);
}
/*
push an array of uint32
*/
NTSTATUS ndr_push_array_uint32(struct ndr_push *ndr, const uint32 *data, uint32 n)
NTSTATUS ndr_push_array_uint32(struct ndr_push *ndr, int ndr_flags, const uint32 *data, uint32 n)
{
int i;
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
for (i=0;i<n;i++) {
NDR_CHECK(ndr_push_uint32(ndr, data[i]));
}
@ -599,3 +614,24 @@ NTSTATUS ndr_pull_DATA_BLOB(struct ndr_pull *ndr, DATA_BLOB *blob)
ndr->offset += length;
return NT_STATUS_OK;
}
/*
parse a policy handle
*/
NTSTATUS ndr_pull_policy_handle(struct ndr_pull *ndr,
struct policy_handle *r)
{
NDR_CHECK(ndr_pull_bytes(ndr, r->data, 20));
return NT_STATUS_OK;
}
/*
push a policy handle
*/
NTSTATUS ndr_push_policy_handle(struct ndr_push *ndr,
struct policy_handle *r)
{
NDR_CHECK(ndr_push_bytes(ndr, r->data, 20));
return NT_STATUS_OK;
}

25
source4/librpc/ndr/ndr_basic.h Normal file
View File

@ -0,0 +1,25 @@
/*
Unix SMB/CIFS implementation.
rpc interface definitions - basic types
Copyright (C) Andrew Tridgell 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
struct policy_handle {
uint8 data[20];
};

16
source4/librpc/ndr/ndr_dfs.c
View File

@ -126,7 +126,7 @@ buffers:
}
if (r->stores) {
NDR_CHECK(ndr_push_uint32(ndr, r->num_stores));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo));
}
done:
return NT_STATUS_OK;
@ -156,7 +156,7 @@ buffers:
NDR_CHECK(ndr_push_GUID(ndr, NDR_BUFFERS, &r->guid));
if (r->stores) {
NDR_CHECK(ndr_push_uint32(ndr, r->num_stores));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo));
}
done:
return NT_STATUS_OK;
@ -223,7 +223,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->s) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info1));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info1));
}
done:
return NT_STATUS_OK;
@ -241,7 +241,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->s) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info2));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info2));
}
done:
return NT_STATUS_OK;
@ -259,7 +259,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->s) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info3));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info3));
}
done:
return NT_STATUS_OK;
@ -277,7 +277,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->s) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info4));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info4));
}
done:
return NT_STATUS_OK;
@ -295,7 +295,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->s) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info200));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info200));
}
done:
return NT_STATUS_OK;
@ -313,7 +313,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->s) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info300));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info300));
}
done:
return NT_STATUS_OK;

8
source4/librpc/ndr/ndr_echo.c
View File

@ -14,7 +14,7 @@ NTSTATUS ndr_push_echo_EchoData(struct ndr_push *ndr, struct echo_EchoData *r)
NDR_CHECK(ndr_push_uint32(ndr, r->in.len));
if (r->in.in_data) {
NDR_CHECK(ndr_push_uint32(ndr, r->in.len));
NDR_CHECK(ndr_push_array_uint8(ndr, r->in.in_data, r->in.len));
NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.in_data, r->in.len));
}
return NT_STATUS_OK;
@ -25,7 +25,7 @@ NTSTATUS ndr_push_echo_SinkData(struct ndr_push *ndr, struct echo_SinkData *r)
NDR_CHECK(ndr_push_uint32(ndr, r->in.len));
if (r->in.data) {
NDR_CHECK(ndr_push_uint32(ndr, r->in.len));
NDR_CHECK(ndr_push_array_uint8(ndr, r->in.data, r->in.len));
NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.data, r->in.len));
}
return NT_STATUS_OK;
@ -62,7 +62,7 @@ NTSTATUS ndr_pull_echo_EchoData(struct ndr_pull *ndr, struct echo_EchoData *r)
}
}
NDR_ALLOC_N_SIZE(ndr, r->out.out_data, r->in.len, sizeof(r->out.out_data[0]));
NDR_CHECK(ndr_pull_array_uint8(ndr, r->out.out_data, r->in.len));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.out_data, r->in.len));
}
return NT_STATUS_OK;
@ -84,7 +84,7 @@ NTSTATUS ndr_pull_echo_SourceData(struct ndr_pull *ndr, struct echo_SourceData *
return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should be %u", _array_size, r->in.len);
}
}
NDR_CHECK(ndr_pull_array_uint8(ndr, r->out.data, r->in.len));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.data, r->in.len));
}
return NT_STATUS_OK;

31
source4/librpc/ndr/ndr_lsa.c
View File

@ -100,7 +100,7 @@ buffers:
NDR_CHECK(ndr_push_unistr(ndr, r->object_name));
}
if (r->sec_desc) {
NDR_CHECK(ndr_push_security_descriptor(ndr, r->sec_desc));
NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->sec_desc));
}
if (r->sec_qos) {
NDR_CHECK(ndr_push_lsa_QosInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->sec_qos));
@ -157,7 +157,7 @@ NTSTATUS ndr_push_lsa_SidPtr(struct ndr_push *ndr, int ndr_flags, struct lsa_Sid
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->sid) {
NDR_CHECK(ndr_push_dom_sid2(ndr, r->sid));
NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid));
}
done:
return NT_STATUS_OK;
@ -175,7 +175,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->sids) {
NDR_CHECK(ndr_push_uint32(ndr, r->num_sids));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->sids, sizeof(r->sids[0]), r->num_sids, (ndr_push_flags_fn_t)ndr_push_lsa_SidPtr));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids, sizeof(r->sids[0]), r->num_sids, (ndr_push_flags_fn_t)ndr_push_lsa_SidPtr));
}
done:
return NT_STATUS_OK;
@ -232,7 +232,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->sids) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->sids, sizeof(r->sids[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedSid));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids, sizeof(r->sids[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedSid));
}
done:
return NT_STATUS_OK;
@ -243,9 +243,8 @@ NTSTATUS ndr_push_lsa_LookupNames(struct ndr_push *ndr, struct lsa_LookupNames *
NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
NDR_CHECK(ndr_push_uint32(ndr, r->in.num_names));
if (r->in.names) {
int ndr_flags = NDR_SCALARS|NDR_BUFFERS;
NDR_CHECK(ndr_push_uint32(ndr, r->in.num_names));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->in.names, sizeof(r->in.names[0]), r->in.num_names, (ndr_push_flags_fn_t)ndr_push_lsa_Name));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.names, sizeof(r->in.names[0]), r->in.num_names, (ndr_push_flags_fn_t)ndr_push_lsa_Name));
}
NDR_CHECK(ndr_push_lsa_TransSidArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sids));
NDR_CHECK(ndr_push_uint16(ndr, r->in.level));
@ -282,7 +281,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->names) {
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->names, sizeof(r->names[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedName));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->names, sizeof(r->names[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedName));
}
done:
return NT_STATUS_OK;
@ -308,7 +307,7 @@ NTSTATUS ndr_push_CREATESECRET(struct ndr_push *ndr, struct CREATESECRET *r)
NTSTATUS ndr_push_lsa_OpenAccount(struct ndr_push *ndr, struct lsa_OpenAccount *r)
{
NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid));
NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sid));
NDR_CHECK(ndr_push_uint32(ndr, r->in.desired_access));
return NT_STATUS_OK;
@ -442,7 +441,7 @@ NTSTATUS ndr_push_ENUMACCTWITHRIGHT(struct ndr_push *ndr, struct ENUMACCTWITHRIG
NTSTATUS ndr_push_lsa_EnumAccountRights(struct ndr_push *ndr, struct lsa_EnumAccountRights *r)
{
NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid));
NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sid));
return NT_STATUS_OK;
}
@ -625,7 +624,7 @@ NTSTATUS ndr_pull_sec_desc_buf(struct ndr_pull *ndr, int ndr_flags, struct sec_d
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->sd) {
NDR_CHECK(ndr_pull_subcontext_fn(ndr, r->sd, (ndr_pull_fn_t) ndr_pull_security_descriptor));
NDR_CHECK(ndr_pull_subcontext_flags_fn(ndr, r->sd, (ndr_pull_flags_fn_t) ndr_pull_security_descriptor));
}
done:
return NT_STATUS_OK;
@ -704,7 +703,7 @@ buffers:
return ndr_pull_error(ndr, NDR_ERR_CONFORMANT_SIZE, "Bad conformant size %u should be %u", _conformant_size, r->count);
}
NDR_ALLOC_N_SIZE(ndr, r->settings, _conformant_size, sizeof(r->settings[0]));
NDR_CHECK(ndr_pull_array_uint32(ndr, r->settings, r->count));
NDR_CHECK(ndr_pull_array_uint32(ndr, NDR_SCALARS|NDR_BUFFERS, r->settings, r->count));
done:
return NT_STATUS_OK;
}
@ -750,7 +749,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->name));
if (r->sid) {
NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid));
NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid));
}
done:
return NT_STATUS_OK;
@ -882,7 +881,7 @@ buffers:
NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->dns_forest));
NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->domain_guid));
if (r->sid) {
NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid));
NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid));
}
done:
return NT_STATUS_OK;
@ -1061,7 +1060,7 @@ NTSTATUS ndr_pull_lsa_SidPtr(struct ndr_pull *ndr, int ndr_flags, struct lsa_Sid
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->sid) {
NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid));
NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid));
}
done:
return NT_STATUS_OK;
@ -1132,7 +1131,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->name));
if (r->sid) {
NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid));
NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid));
}
done:
return NT_STATUS_OK;
@ -1242,7 +1241,7 @@ buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->name));
if (r->sid) {
NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid));
NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid));
}
done:
return NT_STATUS_OK;

250
source4/librpc/ndr/ndr_misc.c
View File

@ -1,69 +1,217 @@
/*
Unix SMB/CIFS implementation.
routines for marshalling/unmarshalling miscellaneous rpc structures
Copyright (C) Andrew Tridgell 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
/* parser auto-generated by pidl */
#include "includes.h"
/*
parse a policy handle
*/
NTSTATUS ndr_pull_policy_handle(struct ndr_pull *ndr,
struct policy_handle *r)
NTSTATUS ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, struct dom_sid *r)
{
NDR_CHECK(ndr_pull_bytes(ndr, r->data, 20));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_push_struct_start(ndr));
NDR_CHECK(ndr_push_align(ndr, 4));
NDR_CHECK(ndr_push_uint8(ndr, r->sid_rev_num));
NDR_CHECK(ndr_push_uint8(ndr, r->num_auths));
NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
NDR_CHECK(ndr_push_array_uint32(ndr, NDR_SCALARS, r->sub_auths, r->num_auths));
ndr_push_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_push_array_uint8(ndr, NDR_BUFFERS, r->id_auth, 6));
NDR_CHECK(ndr_push_array_uint32(ndr, NDR_BUFFERS, r->sub_auths, r->num_auths));
done:
return NT_STATUS_OK;
}
/*
push a policy handle
*/
NTSTATUS ndr_push_policy_handle(struct ndr_push *ndr,
struct policy_handle *r)
NTSTATUS ndr_push_security_ace(struct ndr_push *ndr, int ndr_flags, struct security_ace *r)
{
NDR_CHECK(ndr_push_bytes(ndr, r->data, 20));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_push_struct_start(ndr));
NDR_CHECK(ndr_push_align(ndr, 4));
NDR_CHECK(ndr_push_uint8(ndr, r->type));
NDR_CHECK(ndr_push_uint8(ndr, r->flags));
NDR_CHECK(ndr_push_uint32(ndr, r->access_mask));
NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, &r->trustee));
ndr_push_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_push_dom_sid(ndr, NDR_BUFFERS, &r->trustee));
done:
return NT_STATUS_OK;
}
/*
push a buffer of bytes
*/
NTSTATUS ndr_push_uint8_buf(struct ndr_push *ndr, int ndr_flags,
struct uint8_buf *buf)
NTSTATUS ndr_push_security_acl(struct ndr_push *ndr, int ndr_flags, struct security_acl *r)
{
NDR_CHECK(ndr_push_uint32(ndr, buf->size));
NDR_CHECK(ndr_push_bytes(ndr, buf->data, buf->size));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_push_struct_start(ndr));
NDR_CHECK(ndr_push_align(ndr, 4));
NDR_CHECK(ndr_push_uint16(ndr, r->revision));
NDR_CHECK(ndr_push_uint32(ndr, r->num_aces));
NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS, r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_push_flags_fn_t)ndr_push_security_ace));
ndr_push_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_push_array(ndr, NDR_BUFFERS, r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_push_flags_fn_t)ndr_push_security_ace));
done:
return NT_STATUS_OK;
}
/*
pull a buffer of bytes
*/
NTSTATUS ndr_pull_uint8_buf(struct ndr_pull *ndr, int ndr_flags,
struct uint8_buf *buf)
NTSTATUS ndr_push_security_descriptor(struct ndr_push *ndr, int ndr_flags, struct security_descriptor *r)
{
NDR_CHECK(ndr_pull_uint32(ndr, &buf->size));
NDR_ALLOC_SIZE(ndr, buf->data, buf->size);
NDR_CHECK(ndr_pull_bytes(ndr, buf->data, buf->size));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_push_struct_start(ndr));
NDR_CHECK(ndr_push_align(ndr, 4));
NDR_CHECK(ndr_push_uint8(ndr, r->revision));
NDR_CHECK(ndr_push_uint16(ndr, r->type));
NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->owner_sid, (ndr_push_const_fn_t) ndr_push_dom_sid));
NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->group_sid, (ndr_push_const_fn_t) ndr_push_dom_sid));
NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->sacl, (ndr_push_const_fn_t) ndr_push_security_acl));
NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->dacl, (ndr_push_const_fn_t) ndr_push_security_acl));
ndr_push_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->owner_sid) {
NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->owner_sid, (ndr_push_const_fn_t) ndr_push_dom_sid));
}
if (r->group_sid) {
NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->group_sid, (ndr_push_const_fn_t) ndr_push_dom_sid));
}
if (r->sacl) {
NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->sacl, (ndr_push_const_fn_t) ndr_push_security_acl));
}
if (r->dacl) {
NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->dacl, (ndr_push_const_fn_t) ndr_push_security_acl));
}
done:
return NT_STATUS_OK;
}
NTSTATUS ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r)
{
NDR_CHECK(ndr_pull_struct_start(ndr));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_uint8(ndr, &r->sid_rev_num));
NDR_CHECK(ndr_pull_uint8(ndr, &r->num_auths));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
NDR_ALLOC_N_SIZE(ndr, r->sub_auths, r->num_auths, sizeof(r->sub_auths[0]));
NDR_CHECK(ndr_pull_array_uint32(ndr, NDR_SCALARS, r->sub_auths, r->num_auths));
ndr_pull_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_BUFFERS, r->id_auth, 6));
NDR_CHECK(ndr_pull_array_uint32(ndr, NDR_BUFFERS, r->sub_auths, r->num_auths));
done:
return NT_STATUS_OK;
}
NTSTATUS ndr_pull_security_ace(struct ndr_pull *ndr, int ndr_flags, struct security_ace *r)
{
NDR_CHECK(ndr_pull_struct_start(ndr));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_uint8(ndr, &r->type));
NDR_CHECK(ndr_pull_uint8(ndr, &r->flags));
NDR_CHECK(ndr_pull_uint32(ndr, &r->access_mask));
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, &r->trustee));
ndr_pull_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_BUFFERS, &r->trustee));
done:
return NT_STATUS_OK;
}
NTSTATUS ndr_pull_security_acl(struct ndr_pull *ndr, int ndr_flags, struct security_acl *r)
{
NDR_CHECK(ndr_pull_struct_start(ndr));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_uint16(ndr, &r->revision));
NDR_CHECK(ndr_pull_uint32(ndr, &r->num_aces));
NDR_ALLOC_N_SIZE(ndr, r->aces, r->num_aces, sizeof(r->aces[0]));
NDR_CHECK(ndr_pull_array(ndr, NDR_SCALARS, (void **)r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_pull_flags_fn_t)ndr_pull_security_ace));
ndr_pull_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_array(ndr, NDR_BUFFERS, (void **)r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_pull_flags_fn_t)ndr_pull_security_ace));
done:
return NT_STATUS_OK;
}
NTSTATUS ndr_pull_security_descriptor(struct ndr_pull *ndr, int ndr_flags, struct security_descriptor *r)
{
uint32 _ptr_owner_sid;
uint32 _ptr_group_sid;
uint32 _ptr_sacl;
uint32 _ptr_dacl;
NDR_CHECK(ndr_pull_struct_start(ndr));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_uint8(ndr, &r->revision));
NDR_CHECK(ndr_pull_uint16(ndr, &r->type));
NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->owner_sid, sizeof(*r->owner_sid), (ndr_pull_flags_fn_t)ndr_pull_dom_sid));
NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->group_sid, sizeof(*r->group_sid), (ndr_pull_flags_fn_t)ndr_pull_dom_sid));
NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->sacl, sizeof(*r->sacl), (ndr_pull_flags_fn_t)ndr_pull_security_acl));
NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->dacl, sizeof(*r->dacl), (ndr_pull_flags_fn_t)ndr_pull_security_acl));
ndr_pull_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
done:
return NT_STATUS_OK;
}
void ndr_print_security_ace(struct ndr_print *ndr, const char *name, struct security_ace *r)
{
ndr_print_struct(ndr, name, "security_ace");
ndr->depth++;
ndr_print_uint8(ndr, "type", r->type);
ndr_print_uint8(ndr, "flags", r->flags);
ndr_print_uint32(ndr, "access_mask", r->access_mask);
ndr_print_dom_sid(ndr, "trustee", &r->trustee);
ndr->depth--;
}
void ndr_print_security_acl(struct ndr_print *ndr, const char *name, struct security_acl *r)
{
ndr_print_struct(ndr, name, "security_acl");
ndr->depth++;
ndr_print_uint16(ndr, "revision", r->revision);
ndr_print_uint32(ndr, "num_aces", r->num_aces);
ndr_print_ptr(ndr, "aces", r->aces);
ndr->depth++;
ndr_print_array(ndr, "aces", r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_print_fn_t)ndr_print_security_ace);
ndr->depth--;
ndr->depth--;
}
void ndr_print_security_descriptor(struct ndr_print *ndr, const char *name, struct security_descriptor *r)
{
ndr_print_struct(ndr, name, "security_descriptor");
ndr->depth++;
ndr_print_uint8(ndr, "revision", r->revision);
ndr_print_uint16(ndr, "type", r->type);
ndr_print_ptr(ndr, "owner_sid", r->owner_sid);
ndr->depth++;
if (r->owner_sid) {
ndr_print_dom_sid(ndr, "owner_sid", r->owner_sid);
}
ndr->depth--;
ndr_print_ptr(ndr, "group_sid", r->group_sid);
ndr->depth++;
if (r->group_sid) {
ndr_print_dom_sid(ndr, "group_sid", r->group_sid);
}
ndr->depth--;
ndr_print_ptr(ndr, "sacl", r->sacl);
ndr->depth++;
if (r->sacl) {
ndr_print_security_acl(ndr, "sacl", r->sacl);
}
ndr->depth--;
ndr_print_ptr(ndr, "dacl", r->dacl);
ndr->depth++;
if (r->dacl) {
ndr_print_security_acl(ndr, "dacl", r->dacl);
}
ndr->depth--;
ndr->depth--;
}

55
source4/librpc/ndr/ndr_misc.h
View File

@ -1,32 +1,31 @@
/*
Unix SMB/CIFS implementation.
/* header auto-generated by pidl */
definitions for marshalling/unmarshalling miscellaneous structures
Copyright (C) Andrew Tridgell 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
/* policy handles are used all over the place */
struct policy_handle {
char data[20];
struct dom_sid {
uint8 sid_rev_num;
uint8 num_auths;
uint8 id_auth[6];
uint32 *sub_auths;
};
/* A buffer of uint8s */
struct uint8_buf {
uint32 size;
uint8 *data;
struct security_ace {
uint8 type;
uint8 flags;
uint32 access_mask;
struct dom_sid trustee;
};
struct security_acl {
uint16 revision;
uint32 num_aces;
struct security_ace *aces;
};
struct security_descriptor {
uint8 revision;
uint16 type;
struct dom_sid *owner_sid;
struct dom_sid *group_sid;
struct security_acl *sacl;
struct security_acl *dacl;
};

14
source4/librpc/ndr/ndr_samr.c
View File

@ -77,7 +77,7 @@ NTSTATUS ndr_push_samr_OpenDomain(struct ndr_push *ndr, struct samr_OpenDomain *
{
NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
NDR_CHECK(ndr_push_uint32(ndr, r->in.access_mask));
NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid));
NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sid));
return NT_STATUS_OK;
}
@ -546,7 +546,7 @@ NTSTATUS ndr_pull_samr_LookupDomain(struct ndr_pull *ndr, struct samr_LookupDoma
r->out.sid = NULL;
}
if (r->out.sid) {
NDR_CHECK(ndr_pull_dom_sid2(ndr, r->out.sid));
NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid));
}
NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
@ -1507,7 +1507,7 @@ buffers:
NDR_CHECK(ndr_pull_uint32(ndr, &_length));
if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset);
if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260);
NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length));
}
done:
return NT_STATUS_OK;
@ -1543,7 +1543,7 @@ buffers:
NDR_CHECK(ndr_pull_uint32(ndr, &_length));
if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset);
if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260);
NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length));
}
done:
return NT_STATUS_OK;
@ -1603,7 +1603,7 @@ buffers:
NDR_CHECK(ndr_pull_uint32(ndr, &_length));
if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset);
if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260);
NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length));
}
done:
return NT_STATUS_OK;
@ -1855,7 +1855,7 @@ buffers:
}
}
NDR_ALLOC_N_SIZE(ndr, r->buffer, r->buf_count, sizeof(r->buffer[0]));
NDR_CHECK(ndr_pull_array_uint8(ndr, r->buffer, r->buf_count));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->buffer, r->buf_count));
}
if (r->logon_hours) {
{
@ -1871,7 +1871,7 @@ buffers:
NDR_CHECK(ndr_pull_uint32(ndr, &_length));
if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset);
if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260);
NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length));
}
done:
return NT_STATUS_OK;

354
source4/librpc/ndr/ndr_sec.c
View File

@ -24,297 +24,29 @@
#include "includes.h"
/*
parse a security_ace
*/
NTSTATUS ndr_pull_security_ace(struct ndr_pull *ndr, struct security_ace *ace)
{
uint16 size;
struct ndr_pull_save save;
ndr_pull_save(ndr, &save);
NDR_CHECK(ndr_pull_uint8(ndr, &ace->type));
NDR_CHECK(ndr_pull_uint8(ndr, &ace->flags));
NDR_CHECK(ndr_pull_uint16(ndr, &size));
NDR_CHECK(ndr_pull_limit_size(ndr, size, 4));
NDR_CHECK(ndr_pull_uint32(ndr, &ace->access_mask));
if (sec_ace_object(ace->type)) {
NDR_ALLOC(ndr, ace->obj);
NDR_CHECK(ndr_pull_uint32(ndr, &ace->obj->flags));
if (ace->obj->flags & SEC_ACE_OBJECT_PRESENT) {
NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &ace->obj->object_guid));
}
if (ace->obj->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) {
NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &ace->obj->inherit_guid));
}
} else {
ace->obj = NULL;
}
NDR_CHECK(ndr_pull_dom_sid(ndr, &ace->trustee));
ndr_pull_restore(ndr, &save);
NDR_CHECK(ndr_pull_advance(ndr, size));
return NT_STATUS_OK;
}
/*
parse a security_acl
*/
NTSTATUS ndr_pull_security_acl(struct ndr_pull *ndr, struct security_acl *acl)
{
int i;
uint16 size;
struct ndr_pull_save save;
ndr_pull_save(ndr, &save);
NDR_CHECK(ndr_pull_uint16(ndr, &acl->revision));
NDR_CHECK(ndr_pull_uint16(ndr, &size));
NDR_CHECK(ndr_pull_limit_size(ndr, size, 4));
NDR_CHECK(ndr_pull_uint32(ndr, &acl->num_aces));
NDR_ALLOC_N(ndr, acl->aces, acl->num_aces);
for (i=0;i<acl->num_aces;i++) {
NDR_CHECK(ndr_pull_security_ace(ndr, &acl->aces[i]));
}
ndr_pull_restore(ndr, &save);
NDR_CHECK(ndr_pull_advance(ndr, size));
return NT_STATUS_OK;
}
/*
parse a security_acl offset and structure
*/
NTSTATUS ndr_pull_security_acl_ofs(struct ndr_pull *ndr, struct security_acl **acl)
{
uint32 ofs;
struct ndr_pull_save save;
NDR_CHECK(ndr_pull_uint32(ndr, &ofs));
if (ofs == 0) {
/* it is valid for an acl ptr to be NULL */
*acl = NULL;
return NT_STATUS_OK;
}
ndr_pull_save(ndr, &save);
NDR_CHECK(ndr_pull_set_offset(ndr, ofs));
NDR_ALLOC(ndr, *acl);
NDR_CHECK(ndr_pull_security_acl(ndr, *acl));
ndr_pull_restore(ndr, &save);
return NT_STATUS_OK;
}
/*
parse a dom_sid
*/
NTSTATUS ndr_pull_dom_sid(struct ndr_pull *ndr, struct dom_sid *sid)
{
int i;
NDR_CHECK(ndr_pull_uint8(ndr, &sid->sid_rev_num));
NDR_CHECK(ndr_pull_uint8(ndr, &sid->num_auths));
for (i=0;i<6;i++) {
NDR_CHECK(ndr_pull_uint8(ndr, &sid->id_auth[i]));
}
NDR_ALLOC_N(ndr, sid->sub_auths, sid->num_auths);
for (i=0;i<sid->num_auths;i++) {
NDR_CHECK(ndr_pull_uint32(ndr, &sid->sub_auths[i]));
}
return NT_STATUS_OK;
}
/*
parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
*/
NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, struct dom_sid *sid)
NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
{
uint32 num_auths;
NDR_CHECK(ndr_pull_uint32(ndr, &num_auths));
return ndr_pull_dom_sid(ndr, sid);
}
/*
parse a dom_sid offset and structure
*/
NTSTATUS ndr_pull_dom_sid_ofs(struct ndr_pull *ndr, struct dom_sid **sid)
{
uint32 ofs;
struct ndr_pull_save save;
NDR_CHECK(ndr_pull_uint32(ndr, &ofs));
if (ofs == 0) {
/* it is valid for a dom_sid ptr to be NULL */
*sid = NULL;
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
ndr_pull_save(ndr, &save);
NDR_CHECK(ndr_pull_set_offset(ndr, ofs));
NDR_ALLOC(ndr, *sid);
NDR_CHECK(ndr_pull_dom_sid(ndr, *sid));
ndr_pull_restore(ndr, &save);
return NT_STATUS_OK;
}
/*
parse a security descriptor
*/
NTSTATUS ndr_pull_security_descriptor(struct ndr_pull *ndr,
struct security_descriptor *sd)
{
NDR_CHECK(ndr_pull_uint8(ndr, &sd->revision));
NDR_CHECK(ndr_pull_uint16(ndr, &sd->type));
NDR_CHECK(ndr_pull_dom_sid_ofs(ndr, &sd->owner_sid));
NDR_CHECK(ndr_pull_dom_sid_ofs(ndr, &sd->group_sid));
NDR_CHECK(ndr_pull_security_acl_ofs(ndr, &sd->sacl));
NDR_CHECK(ndr_pull_security_acl_ofs(ndr, &sd->dacl));
return NT_STATUS_OK;
}
/*
parse a security_ace
*/
NTSTATUS ndr_push_security_ace(struct ndr_push *ndr, struct security_ace *ace)
{
struct ndr_push_save save1, save2;
NDR_CHECK(ndr_push_uint8(ndr, ace->type));
NDR_CHECK(ndr_push_uint8(ndr, ace->flags));
ndr_push_save(ndr, &save1);
NDR_CHECK(ndr_push_uint16(ndr, 0));
NDR_CHECK(ndr_push_uint32(ndr, ace->access_mask));
if (sec_ace_object(ace->type)) {
NDR_CHECK(ndr_push_uint32(ndr, ace->obj->flags));
if (ace->obj->flags & SEC_ACE_OBJECT_PRESENT) {
NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &ace->obj->object_guid));
}
if (ace->obj->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) {
NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &ace->obj->inherit_guid));
}
}
NDR_CHECK(ndr_push_dom_sid(ndr, &ace->trustee));
ndr_push_save(ndr, &save2);
ndr_push_restore(ndr, &save1);
NDR_CHECK(ndr_push_uint16(ndr, 2 + save2.offset - save1.offset));
ndr_push_restore(ndr, &save2);
return NT_STATUS_OK;
}
/*
push a security_acl
*/
NTSTATUS ndr_push_security_acl(struct ndr_push *ndr, struct security_acl *acl)
{
int i;
struct ndr_push_save save1, save2;
NDR_CHECK(ndr_push_uint16(ndr, acl->revision));
ndr_push_save(ndr, &save1);
NDR_CHECK(ndr_push_uint16(ndr, 0));
NDR_CHECK(ndr_push_uint32(ndr, acl->num_aces));
for (i=0;i<acl->num_aces;i++) {
NDR_CHECK(ndr_push_security_ace(ndr, &acl->aces[i]));
}
ndr_push_save(ndr, &save2);
ndr_push_restore(ndr, &save1);
NDR_CHECK(ndr_push_uint16(ndr, 2 + save2.offset - save1.offset));
ndr_push_restore(ndr, &save2);
return NT_STATUS_OK;
}
/*
push a dom_sid
*/
NTSTATUS ndr_push_dom_sid(struct ndr_push *ndr, struct dom_sid *sid)
{
int i;
NDR_CHECK(ndr_push_uint8(ndr, sid->sid_rev_num));
NDR_CHECK(ndr_push_uint8(ndr, sid->num_auths));
for (i=0;i<6;i++) {
NDR_CHECK(ndr_push_uint8(ndr, sid->id_auth[i]));
}
for (i=0;i<sid->num_auths;i++) {
NDR_CHECK(ndr_push_uint32(ndr, sid->sub_auths[i]));
}
return NT_STATUS_OK;
NDR_CHECK(ndr_pull_uint32(ndr, &num_auths));
return ndr_pull_dom_sid(ndr, ndr_flags, sid);
}
/*
parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
*/
NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, struct dom_sid *sid)
NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, struct dom_sid *sid)
{
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
NDR_CHECK(ndr_push_uint32(ndr, sid->num_auths));
return ndr_push_dom_sid(ndr, sid);
}
/*
generate a ndr security descriptor
*/
NTSTATUS ndr_push_security_descriptor(struct ndr_push *ndr,
struct security_descriptor *sd)
{
struct ndr_push_save save;
struct ndr_push_save ofs1, ofs2, ofs3, ofs4;
ndr_push_save(ndr, &save);
NDR_CHECK(ndr_push_uint8(ndr, sd->revision));
NDR_CHECK(ndr_push_uint16(ndr, sd->type));
NDR_CHECK(ndr_push_offset(ndr, &ofs1));
NDR_CHECK(ndr_push_offset(ndr, &ofs2));
NDR_CHECK(ndr_push_offset(ndr, &ofs3));
NDR_CHECK(ndr_push_offset(ndr, &ofs4));
if (sd->owner_sid) {
NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs1, &save));
NDR_CHECK(ndr_push_dom_sid(ndr, sd->owner_sid));
}
if (sd->group_sid) {
NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs2, &save));
NDR_CHECK(ndr_push_dom_sid(ndr, sd->group_sid));
}
if (sd->sacl) {
NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs3, &save));
NDR_CHECK(ndr_push_security_acl(ndr, sd->sacl));
}
if (sd->dacl) {
NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs4, &save));
NDR_CHECK(ndr_push_security_acl(ndr, sd->dacl));
}
return NT_STATUS_OK;
return ndr_push_dom_sid(ndr, ndr_flags, sid);
}
@ -356,71 +88,3 @@ void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, struct dom_sid2
ndr_print_dom_sid(ndr, name, sid);
}
/*
print a security_ace
*/
void ndr_print_security_ace(struct ndr_print *ndr, const char *name, struct security_ace *ace)
{
ndr_print_struct(ndr, name, "security_ace");
ndr->depth++;
ndr_print_uint8(ndr, "type", ace->type);
ndr_print_uint8(ndr, "flags", ace->flags);
ndr_print_uint32(ndr, "access_mask", ace->access_mask);
if (ace->obj) {
ndr_print_struct(ndr, name, "security_ace_obj");
ndr->depth++;
ndr_print_uint32(ndr, "flags", ace->obj->flags);
ndr_print_GUID(ndr, "object_guid", &ace->obj->object_guid);
ndr_print_GUID(ndr, "inherit_guid", &ace->obj->inherit_guid);
ndr->depth--;
}
ndr_print_dom_sid(ndr, "trustee", &ace->trustee);
ndr->depth--;
}
/*
print a security_acl
*/
void ndr_print_security_acl(struct ndr_print *ndr, const char *name, struct security_acl *acl)
{
ndr_print_struct(ndr, name, "security_acl");
ndr->depth++;
ndr_print_uint16(ndr, "revision", acl->revision);
ndr_print_uint32(ndr, "num_aces", acl->num_aces);
ndr_print_array(ndr, "aces", acl->aces,
sizeof(acl->aces[0]), acl->num_aces,
(ndr_print_fn_t) ndr_print_security_ace);
ndr->depth--;
}
/*
print a security descriptor
*/
void ndr_print_security_descriptor(struct ndr_print *ndr,
const char *name,
struct security_descriptor *sd)
{
ndr_print_struct(ndr, name, "security_descriptor");
ndr->depth++;
ndr_print_uint8(ndr, "revision", sd->revision);
ndr_print_uint16(ndr, "type", sd->type);
ndr_print_ptr(ndr, "owner_sid", sd->owner_sid);
if (sd->owner_sid) {
ndr_print_dom_sid(ndr, "owner_sid", sd->owner_sid);
}
ndr_print_ptr(ndr, "group_sid", sd->group_sid);
if (sd->group_sid) {
ndr_print_dom_sid(ndr, "group_sid", sd->group_sid);
}
ndr_print_ptr(ndr, "sacl", sd->sacl);
if (sd->sacl) {
ndr_print_security_acl(ndr, "sacl", sd->sacl);
}
ndr_print_ptr(ndr, "dacl", sd->dacl);
if (sd->dacl) {
ndr_print_security_acl(ndr, "dacl", sd->dacl);
}
ndr->depth--;
}

48
source4/librpc/ndr/ndr_sec.h
View File

@ -22,57 +22,9 @@
*/
/* a domain SID. Note that unlike Samba3 this contains a pointer,
so you can't copy them using assignment */
struct dom_sid {
uint8 sid_rev_num; /**< SID revision number */
uint8 num_auths; /**< Number of sub-authorities */
uint8 id_auth[6]; /**< Identifier Authority */
uint32 *sub_auths;
};
/* use the same structure for dom_sid2 as dom_sid */
#define dom_sid2 dom_sid
/* an access control element */
struct security_ace {
uint8 type; /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
uint32 access_mask;
/* the 'obj' part is present when type is XXXX_TYPE_XXXX_OBJECT */
struct {
uint32 flags;
GUID object_guid;
GUID inherit_guid;
} *obj;
struct dom_sid trustee;
};
/* a security ACL */
struct security_acl {
uint16 revision;
uint32 num_aces;
struct security_ace *aces;
};
/* a security descriptor */
struct security_descriptor {
uint8 revision;
uint16 type; /* SEC_DESC_xxxx flags */
struct dom_sid *owner_sid;
struct dom_sid *group_sid;
struct security_acl *sacl; /* system ACL */
struct security_acl *dacl; /* user (discretionary) ACL */
};
/* query security descriptor */
struct smb_query_secdesc {
struct {

53
source4/librpc/ndr/ndr_spoolss.c
View File

@ -41,11 +41,13 @@ NTSTATUS ndr_push_spoolss_DeviceMode(struct ndr_push *ndr, int ndr_flags, struct
NDR_CHECK(ndr_push_uint32(ndr, r->reserved2));
NDR_CHECK(ndr_push_uint32(ndr, r->panningwidth));
NDR_CHECK(ndr_push_uint32(ndr, r->panningheight));
NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->private, r->driverextra));
ndr_push_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_push_nstring(ndr, NDR_BUFFERS, &r->devicename));
NDR_CHECK(ndr_push_nstring(ndr, NDR_BUFFERS, &r->formname));
NDR_CHECK(ndr_push_array_uint8(ndr, NDR_BUFFERS, r->private, r->driverextra));
done:
return NT_STATUS_OK;
}
@ -125,13 +127,11 @@ NTSTATUS ndr_push_spoolss_PrinterInfo3(struct ndr_push *ndr, int ndr_flags, stru
NDR_CHECK(ndr_push_struct_start(ndr));
NDR_CHECK(ndr_push_align(ndr, 4));
NDR_CHECK(ndr_push_uint32(ndr, r->flags));
NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->secdesc, (ndr_push_const_fn_t) ndr_push_security_descriptor));
NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_SCALARS, &r->secdesc));
ndr_push_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->secdesc) {
NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->secdesc, (ndr_push_const_fn_t) ndr_push_security_descriptor));
}
NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_BUFFERS, &r->secdesc));
done:
return NT_STATUS_OK;
}
@ -331,9 +331,9 @@ NTSTATUS ndr_push_spoolss_EnumJobs(struct ndr_push *ndr, struct spoolss_EnumJobs
NDR_CHECK(ndr_push_uint32(ndr, r->in.level));
NDR_CHECK(ndr_push_ptr(ndr, r->in.buffer));
if (r->in.buffer) {
NDR_CHECK(ndr_push_uint8_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.buffer));
NDR_CHECK(ndr_push_DATA_BLOB(ndr, *r->in.buffer));
}
NDR_CHECK(ndr_push_uint32(ndr, r->in.offered));
NDR_CHECK(ndr_push_uint32(ndr, *r->in.buf_size));
return NT_STATUS_OK;
}
@ -852,7 +852,11 @@ NTSTATUS ndr_push_spoolss_EnumPrinterData(struct ndr_push *ndr, struct spoolss_E
NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
NDR_CHECK(ndr_push_uint32(ndr, r->in.enum_index));
NDR_CHECK(ndr_push_uint32(ndr, r->in.value_offered));
NDR_CHECK(ndr_push_uint32(ndr, r->in.data_offered));
NDR_CHECK(ndr_push_ptr(ndr, r->in.buffer));
if (r->in.buffer) {
NDR_CHECK(ndr_push_DATA_BLOB(ndr, *r->in.buffer));
}
NDR_CHECK(ndr_push_uint32(ndr, *r->in.buf_size));
return NT_STATUS_OK;
}
@ -1034,11 +1038,14 @@ NTSTATUS ndr_pull_spoolss_DeviceMode(struct ndr_pull *ndr, int ndr_flags, struct
NDR_CHECK(ndr_pull_uint32(ndr, &r->reserved2));
NDR_CHECK(ndr_pull_uint32(ndr, &r->panningwidth));
NDR_CHECK(ndr_pull_uint32(ndr, &r->panningheight));
NDR_ALLOC_N_SIZE(ndr, r->private, r->driverextra, sizeof(r->private[0]));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->private, r->driverextra));
ndr_pull_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_nstring(ndr, NDR_BUFFERS, &r->devicename));
NDR_CHECK(ndr_pull_nstring(ndr, NDR_BUFFERS, &r->formname));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_BUFFERS, r->private, r->driverextra));
done:
return NT_STATUS_OK;
}
@ -1096,15 +1103,15 @@ done:
NTSTATUS ndr_pull_spoolss_PrinterInfo3(struct ndr_pull *ndr, int ndr_flags, struct spoolss_PrinterInfo3 *r)
{
uint32 _ptr_secdesc;
NDR_CHECK(ndr_pull_struct_start(ndr));
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_uint32(ndr, &r->flags));
NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->secdesc, sizeof(*r->secdesc), (ndr_pull_flags_fn_t)ndr_pull_security_descriptor));
NDR_CHECK(ndr_pull_security_descriptor(ndr, NDR_SCALARS, &r->secdesc));
ndr_pull_struct_end(ndr);
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
NDR_CHECK(ndr_pull_security_descriptor(ndr, NDR_BUFFERS, &r->secdesc));
done:
return NT_STATUS_OK;
}
@ -1294,9 +1301,9 @@ NTSTATUS ndr_pull_spoolss_EnumJobs(struct ndr_pull *ndr, struct spoolss_EnumJobs
r->out.buffer = NULL;
}
if (r->out.buffer) {
NDR_CHECK(ndr_pull_uint8_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.buffer));
NDR_CHECK(ndr_pull_DATA_BLOB(ndr, r->out.buffer));
}
NDR_CHECK(ndr_pull_uint32(ndr, &r->out.needed));
NDR_CHECK(ndr_pull_uint32(ndr, r->out.buf_size));
NDR_CHECK(ndr_pull_uint32(ndr, &r->out.numjobs));
NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
@ -1788,6 +1795,7 @@ NTSTATUS ndr_pull_spoolss_47(struct ndr_pull *ndr, struct spoolss_47 *r)
NTSTATUS ndr_pull_spoolss_EnumPrinterData(struct ndr_pull *ndr, struct spoolss_EnumPrinterData *r)
{
uint32 _ptr_value_name;
uint32 _ptr_buffer;
NDR_CHECK(ndr_pull_uint32(ndr, &r->out.value_len));
NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_value_name));
if (_ptr_value_name) {
@ -1800,8 +1808,16 @@ NTSTATUS ndr_pull_spoolss_EnumPrinterData(struct ndr_pull *ndr, struct spoolss_E
}
NDR_CHECK(ndr_pull_uint32(ndr, &r->out.value_needed));
NDR_CHECK(ndr_pull_uint32(ndr, &r->out.printerdata_type));
NDR_CHECK(ndr_pull_uint8_buf(ndr, NDR_SCALARS|NDR_BUFFERS, &r->out.printerdata));
NDR_CHECK(ndr_pull_uint32(ndr, &r->out.data_needed));
NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_buffer));
if (_ptr_buffer) {
NDR_ALLOC(ndr, r->out.buffer);
} else {
r->out.buffer = NULL;
}
if (r->out.buffer) {
NDR_CHECK(ndr_pull_DATA_BLOB(ndr, r->out.buffer));
}
NDR_CHECK(ndr_pull_uint32(ndr, r->out.buf_size));
NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
return NT_STATUS_OK;
@ -2006,6 +2022,10 @@ void ndr_print_spoolss_DeviceMode(struct ndr_print *ndr, const char *name, struc
ndr_print_uint32(ndr, "reserved2", r->reserved2);
ndr_print_uint32(ndr, "panningwidth", r->panningwidth);
ndr_print_uint32(ndr, "panningheight", r->panningheight);
ndr_print_ptr(ndr, "private", r->private);
ndr->depth++;
ndr_print_array_uint8(ndr, "private", r->private, r->driverextra);
ndr->depth--;
ndr->depth--;
}
@ -2063,12 +2083,7 @@ void ndr_print_spoolss_PrinterInfo3(struct ndr_print *ndr, const char *name, str
ndr_print_struct(ndr, name, "spoolss_PrinterInfo3");
ndr->depth++;
ndr_print_uint32(ndr, "flags", r->flags);
ndr_print_ptr(ndr, "secdesc", r->secdesc);
ndr->depth++;
if (r->secdesc) {
ndr_print_security_descriptor(ndr, "secdesc", r->secdesc);
}
ndr->depth--;
ndr_print_security_descriptor(ndr, "secdesc", &r->secdesc);
ndr->depth--;
}

18
source4/librpc/ndr/ndr_spoolss.h
View File

@ -35,6 +35,7 @@ struct spoolss_DeviceMode {
uint32 reserved2;
uint32 panningwidth;
uint32 panningheight;
uint8 *private;
};
struct spoolss_PrinterInfo1 {
@ -70,7 +71,7 @@ struct spoolss_PrinterInfo2 {
struct spoolss_PrinterInfo3 {
uint32 flags;
struct security_descriptor *secdesc;
struct security_descriptor secdesc;
};
struct spoolss_PrinterInfo4 {
@ -165,13 +166,13 @@ struct spoolss_EnumJobs {
uint32 firstjob;
uint32 numjobs;
uint32 level;
struct uint8_buf *buffer;
uint32 offered;
DATA_BLOB *buffer;
uint32 *buf_size;
} in;
struct {
struct uint8_buf *buffer;
uint32 needed;
DATA_BLOB *buffer;
uint32 *buf_size;
uint32 numjobs;
NTSTATUS result;
} out;
@ -893,7 +894,8 @@ struct spoolss_EnumPrinterData {
struct policy_handle *handle;
uint32 enum_index;
uint32 value_offered;
uint32 data_offered;
DATA_BLOB *buffer;
uint32 *buf_size;
} in;
struct {
@ -901,8 +903,8 @@ struct spoolss_EnumPrinterData {
const char *value_name;
uint32 value_needed;
uint32 printerdata_type;
struct uint8_buf printerdata;
uint32 data_needed;
DATA_BLOB *buffer;
uint32 *buf_size;
NTSTATUS result;
} out;

4
source4/librpc/rpc/rpc_misc.c Normal file
View File

@ -0,0 +1,4 @@
/* dcerpc client calls auto-generated by pidl */
#include "includes.h"