00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022 #include "includes.h"
00023
00024
00025
00026
00027 char *get_sec_mask_str(uint32 type)
00028 {
00029 static fstring typestr="";
00030
00031 typestr[0] = 0;
00032
00033 if (type & GENERIC_ALL_ACCESS)
00034 fstrcat(typestr, "Generic all access ");
00035 if (type & GENERIC_EXECUTE_ACCESS)
00036 fstrcat(typestr, "Generic execute access ");
00037 if (type & GENERIC_WRITE_ACCESS)
00038 fstrcat(typestr, "Generic write access ");
00039 if (type & GENERIC_READ_ACCESS)
00040 fstrcat(typestr, "Generic read access ");
00041 if (type & MAXIMUM_ALLOWED_ACCESS)
00042 fstrcat(typestr, "MAXIMUM_ALLOWED_ACCESS ");
00043 if (type & SYSTEM_SECURITY_ACCESS)
00044 fstrcat(typestr, "SYSTEM_SECURITY_ACCESS ");
00045 if (type & SYNCHRONIZE_ACCESS)
00046 fstrcat(typestr, "SYNCHRONIZE_ACCESS ");
00047 if (type & WRITE_OWNER_ACCESS)
00048 fstrcat(typestr, "WRITE_OWNER_ACCESS ");
00049 if (type & WRITE_DAC_ACCESS)
00050 fstrcat(typestr, "WRITE_DAC_ACCESS ");
00051 if (type & READ_CONTROL_ACCESS)
00052 fstrcat(typestr, "READ_CONTROL_ACCESS ");
00053 if (type & DELETE_ACCESS)
00054 fstrcat(typestr, "DELETE_ACCESS ");
00055
00056 printf("\t\tSpecific bits: 0x%lx\n", (unsigned long)type&SPECIFIC_RIGHTS_MASK);
00057
00058 return typestr;
00059 }
00060
00061
00062
00063
00064 void display_sec_access(SEC_ACCESS *info)
00065 {
00066 printf("\t\tPermissions: 0x%x: %s\n", *info, get_sec_mask_str(*info));
00067 }
00068
00069
00070
00071
00072 void display_sec_ace(SEC_ACE *ace)
00073 {
00074 fstring sid_str;
00075
00076 printf("\tACE\n\t\ttype: ");
00077 switch (ace->type) {
00078 case SEC_ACE_TYPE_ACCESS_ALLOWED:
00079 printf("ACCESS ALLOWED");
00080 break;
00081 case SEC_ACE_TYPE_ACCESS_DENIED:
00082 printf("ACCESS DENIED");
00083 break;
00084 case SEC_ACE_TYPE_SYSTEM_AUDIT:
00085 printf("SYSTEM AUDIT");
00086 break;
00087 case SEC_ACE_TYPE_SYSTEM_ALARM:
00088 printf("SYSTEM ALARM");
00089 break;
00090 default:
00091 printf("????");
00092 break;
00093 }
00094 printf(" (%d) flags: %d\n", ace->type, ace->flags);
00095 display_sec_access(&ace->access_mask);
00096 sid_to_string(sid_str, &ace->trustee);
00097 printf("\t\tSID: %s\n\n", sid_str);
00098 }
00099
00100
00101
00102
00103 void display_sec_acl(SEC_ACL *sec_acl)
00104 {
00105 int i;
00106
00107 printf("\tACL\tNum ACEs:\t%d\trevision:\t%x\n",
00108 sec_acl->num_aces, sec_acl->revision);
00109 printf("\t---\n");
00110
00111 if (sec_acl->size != 0 && sec_acl->num_aces != 0)
00112 for (i = 0; i < sec_acl->num_aces; i++)
00113 display_sec_ace(&sec_acl->aces[i]);
00114
00115 }
00116
00117 void display_acl_type(uint16 type)
00118 {
00119 static fstring typestr="";
00120
00121 typestr[0] = 0;
00122
00123 if (type & SEC_DESC_OWNER_DEFAULTED)
00124 fstrcat(typestr, "SEC_DESC_OWNER_DEFAULTED ");
00125 if (type & SEC_DESC_GROUP_DEFAULTED)
00126 fstrcat(typestr, "SEC_DESC_GROUP_DEFAULTED ");
00127 if (type & SEC_DESC_DACL_PRESENT)
00128 fstrcat(typestr, "SEC_DESC_DACL_PRESENT ");
00129 if (type & SEC_DESC_DACL_DEFAULTED)
00130 fstrcat(typestr, "SEC_DESC_DACL_DEFAULTED ");
00131 if (type & SEC_DESC_SACL_PRESENT)
00132 fstrcat(typestr, "SEC_DESC_SACL_PRESENT ");
00133 if (type & SEC_DESC_SACL_DEFAULTED)
00134 fstrcat(typestr, "SEC_DESC_SACL_DEFAULTED ");
00135 if (type & SEC_DESC_DACL_TRUSTED)
00136 fstrcat(typestr, "SEC_DESC_DACL_TRUSTED ");
00137 if (type & SEC_DESC_SERVER_SECURITY)
00138 fstrcat(typestr, "SEC_DESC_SERVER_SECURITY ");
00139 if (type & 0x0100) fstrcat(typestr, "0x0100 ");
00140 if (type & 0x0200) fstrcat(typestr, "0x0200 ");
00141 if (type & 0x0400) fstrcat(typestr, "0x0400 ");
00142 if (type & 0x0800) fstrcat(typestr, "0x0800 ");
00143 if (type & 0x1000) fstrcat(typestr, "0x1000 ");
00144 if (type & 0x2000) fstrcat(typestr, "0x2000 ");
00145 if (type & 0x4000) fstrcat(typestr, "0x4000 ");
00146 if (type & SEC_DESC_SELF_RELATIVE)
00147 fstrcat(typestr, "SEC_DESC_SELF_RELATIVE ");
00148
00149 printf("type: 0x%04x: %s\n", type, typestr);
00150 }
00151
00152
00153
00154
00155 void display_sec_desc(SEC_DESC *sec)
00156 {
00157 fstring sid_str;
00158
00159 if (!sec) {
00160 printf("NULL\n");
00161 return;
00162 }
00163
00164 printf("revision: %d\n", sec->revision);
00165 display_acl_type(sec->type);
00166
00167 if (sec->sacl) {
00168 printf("SACL\n");
00169 display_sec_acl(sec->sacl);
00170 }
00171
00172 if (sec->dacl) {
00173 printf("DACL\n");
00174 display_sec_acl(sec->dacl);
00175 }
00176
00177 if (sec->owner_sid) {
00178 sid_to_string(sid_str, sec->owner_sid);
00179 printf("\tOwner SID:\t%s\n", sid_str);
00180 }
00181
00182 if (sec->group_sid) {
00183 sid_to_string(sid_str, sec->group_sid);
00184 printf("\tParent SID:\t%s\n", sid_str);
00185 }
00186 }