00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024 #include "includes.h"
00025
00026
00027
00028
00029 size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags)
00030 {
00031 if (!sid) return 0;
00032 return 8 + 4*sid->num_auths;
00033 }
00034
00035
00036
00037
00038 size_t ndr_size_security_ace(const struct security_ace *ace, int flags)
00039 {
00040 if (!ace) return 0;
00041 return 8 + ndr_size_dom_sid(&ace->trustee, flags);
00042 }
00043
00044
00045
00046
00047
00048 size_t ndr_size_security_acl(const struct security_acl *acl, int flags)
00049 {
00050 size_t ret;
00051 int i;
00052 if (!acl) return 0;
00053 ret = 8;
00054 for (i=0;i<acl->num_aces;i++) {
00055 ret += ndr_size_security_ace(&acl->aces[i], flags);
00056 }
00057 return ret;
00058 }
00059
00060
00061
00062
00063 size_t ndr_size_security_descriptor(const struct security_descriptor *sd, int flags)
00064 {
00065 size_t ret;
00066 if (!sd) return 0;
00067
00068 ret = 20;
00069 ret += ndr_size_dom_sid(sd->owner_sid, flags);
00070 ret += ndr_size_dom_sid(sd->group_sid, flags);
00071 ret += ndr_size_security_acl(sd->dacl, flags);
00072 ret += ndr_size_security_acl(sd->sacl, flags);
00073 return ret;
00074 }
00075
00076
00077
00078
00079 void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
00080 {
00081 ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid));
00082 }
00083
00084 void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
00085 {
00086 ndr_print_dom_sid(ndr, name, sid);
00087 }
00088
00089 void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
00090 {
00091 ndr_print_dom_sid(ndr, name, sid);
00092 }
00093
00094 static NTSTATUS ndr_push_security_ace_flags(struct ndr_push *ndr, int ndr_flags, uint8_t r)
00095 {
00096 NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r));
00097 return NT_STATUS_OK;
00098 }
00099
00100 static NTSTATUS ndr_pull_security_ace_flags(struct ndr_pull *ndr, int ndr_flags, uint8_t *r)
00101 {
00102 uint8_t v;
00103 NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &v));
00104 *r = v;
00105 return NT_STATUS_OK;
00106 }
00107
00108 void ndr_print_security_ace_flags(struct ndr_print *ndr, const char *name, uint8_t r)
00109 {
00110 ndr_print_uint8(ndr, name, r);
00111 ndr->depth++;
00112 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_OBJECT_INHERIT", SEC_ACE_FLAG_OBJECT_INHERIT, r);
00113 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_CONTAINER_INHERIT", SEC_ACE_FLAG_CONTAINER_INHERIT, r);
00114 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_NO_PROPAGATE_INHERIT", SEC_ACE_FLAG_NO_PROPAGATE_INHERIT, r);
00115 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_INHERIT_ONLY", SEC_ACE_FLAG_INHERIT_ONLY, r);
00116 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_INHERITED_ACE", SEC_ACE_FLAG_INHERITED_ACE, r);
00117 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_VALID_INHERIT", SEC_ACE_FLAG_VALID_INHERIT, r);
00118 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_SUCCESSFUL_ACCESS", SEC_ACE_FLAG_SUCCESSFUL_ACCESS, r);
00119 ndr_print_bitmap_flag(ndr, sizeof(uint8_t), "SEC_ACE_FLAG_FAILED_ACCESS", SEC_ACE_FLAG_FAILED_ACCESS, r);
00120 ndr->depth--;
00121 }
00122
00123 static NTSTATUS ndr_push_security_ace_type(struct ndr_push *ndr, int ndr_flags, enum security_ace_type r)
00124 {
00125 NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r));
00126 return NT_STATUS_OK;
00127 }
00128
00129 static NTSTATUS ndr_pull_security_ace_type(struct ndr_pull *ndr, int ndr_flags, enum security_ace_type *r)
00130 {
00131 uint8_t v;
00132 NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &v));
00133 *r = (enum security_ace_type)v;
00134 return NT_STATUS_OK;
00135 }
00136
00137 void ndr_print_security_ace_type(struct ndr_print *ndr, const char *name, enum security_ace_type r)
00138 {
00139 const char *val = NULL;
00140
00141 switch (r) {
00142 case SEC_ACE_TYPE_ACCESS_ALLOWED: val = "SEC_ACE_TYPE_ACCESS_ALLOWED"; break;
00143 case SEC_ACE_TYPE_ACCESS_DENIED: val = "SEC_ACE_TYPE_ACCESS_DENIED"; break;
00144 case SEC_ACE_TYPE_SYSTEM_AUDIT: val = "SEC_ACE_TYPE_SYSTEM_AUDIT"; break;
00145 case SEC_ACE_TYPE_SYSTEM_ALARM: val = "SEC_ACE_TYPE_SYSTEM_ALARM"; break;
00146 case SEC_ACE_TYPE_ALLOWED_COMPOUND: val = "SEC_ACE_TYPE_ALLOWED_COMPOUND"; break;
00147 case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: val = "SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT"; break;
00148 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT: val = "SEC_ACE_TYPE_ACCESS_DENIED_OBJECT"; break;
00149 case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT: val = "SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT"; break;
00150 case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT: val = "SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT"; break;
00151 }
00152 ndr_print_enum(ndr, name, "ENUM", val, r);
00153 }
00154
00155 static NTSTATUS ndr_push_security_ace_object_flags(struct ndr_push *ndr, int ndr_flags, uint32_t r)
00156 {
00157 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r));
00158 return NT_STATUS_OK;
00159 }
00160
00161 static NTSTATUS ndr_pull_security_ace_object_flags(struct ndr_pull *ndr, int ndr_flags, uint32_t *r)
00162 {
00163 uint32_t v;
00164 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v));
00165 *r = v;
00166 return NT_STATUS_OK;
00167 }
00168
00169 void ndr_print_security_ace_object_flags(struct ndr_print *ndr, const char *name, uint32_t r)
00170 {
00171 ndr_print_uint32(ndr, name, r);
00172 ndr->depth++;
00173 ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SEC_ACE_OBJECT_TYPE_PRESENT", SEC_ACE_OBJECT_TYPE_PRESENT, r);
00174 ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT", SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT, r);
00175 ndr->depth--;
00176 }
00177
00178 static NTSTATUS ndr_push_security_ace_object_type(struct ndr_push *ndr, int ndr_flags, const union security_ace_object_type *r)
00179 {
00180 int level;
00181 level = ndr_push_get_switch_value(ndr, r);
00182 if (ndr_flags & NDR_SCALARS) {
00183 switch (level) {
00184 case SEC_ACE_OBJECT_TYPE_PRESENT:
00185 NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->type));
00186 break;
00187
00188 default:
00189 break;
00190
00191 }
00192 }
00193 if (ndr_flags & NDR_BUFFERS) {
00194 switch (level) {
00195 case SEC_ACE_OBJECT_TYPE_PRESENT:
00196 break;
00197
00198 default:
00199 break;
00200
00201 }
00202 }
00203 return NT_STATUS_OK;
00204 }
00205
00206 static NTSTATUS ndr_pull_security_ace_object_type(struct ndr_pull *ndr, int ndr_flags, union security_ace_object_type *r)
00207 {
00208 int level;
00209 level = ndr_pull_get_switch_value(ndr, r);
00210 if (ndr_flags & NDR_SCALARS) {
00211 switch (level) {
00212 case SEC_ACE_OBJECT_TYPE_PRESENT: {
00213 NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->type));
00214 break; }
00215
00216 default: {
00217 break; }
00218
00219 }
00220 }
00221 if (ndr_flags & NDR_BUFFERS) {
00222 switch (level) {
00223 case SEC_ACE_OBJECT_TYPE_PRESENT:
00224 break;
00225
00226 default:
00227 break;
00228
00229 }
00230 }
00231 return NT_STATUS_OK;
00232 }
00233
00234 void ndr_print_security_ace_object_type(struct ndr_print *ndr, const char *name, const union security_ace_object_type *r)
00235 {
00236 int level;
00237 level = ndr_print_get_switch_value(ndr, r);
00238 ndr_print_union(ndr, name, level, "security_ace_object_type");
00239 switch (level) {
00240 case SEC_ACE_OBJECT_TYPE_PRESENT:
00241 ndr_print_GUID(ndr, "type", &r->type);
00242 break;
00243
00244 default:
00245 break;
00246
00247 }
00248 }
00249
00250 static NTSTATUS ndr_push_security_ace_object_inherited_type(struct ndr_push *ndr, int ndr_flags, const union security_ace_object_inherited_type *r)
00251 {
00252 int level;
00253 level = ndr_push_get_switch_value(ndr, r);
00254 if (ndr_flags & NDR_SCALARS) {
00255 switch (level) {
00256 case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT:
00257 NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->inherited_type));
00258 break;
00259
00260 default:
00261 break;
00262
00263 }
00264 }
00265 if (ndr_flags & NDR_BUFFERS) {
00266 switch (level) {
00267 case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT:
00268 break;
00269
00270 default:
00271 break;
00272
00273 }
00274 }
00275 return NT_STATUS_OK;
00276 }
00277
00278 static NTSTATUS ndr_pull_security_ace_object_inherited_type(struct ndr_pull *ndr, int ndr_flags, union security_ace_object_inherited_type *r)
00279 {
00280 int level;
00281 level = ndr_pull_get_switch_value(ndr, r);
00282 if (ndr_flags & NDR_SCALARS) {
00283 switch (level) {
00284 case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT: {
00285 NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->inherited_type));
00286 break; }
00287
00288 default: {
00289 break; }
00290
00291 }
00292 }
00293 if (ndr_flags & NDR_BUFFERS) {
00294 switch (level) {
00295 case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT:
00296 break;
00297
00298 default:
00299 break;
00300
00301 }
00302 }
00303 return NT_STATUS_OK;
00304 }
00305
00306 void ndr_print_security_ace_object_inherited_type(struct ndr_print *ndr, const char *name, const union security_ace_object_inherited_type *r)
00307 {
00308 int level;
00309 level = ndr_print_get_switch_value(ndr, r);
00310 ndr_print_union(ndr, name, level, "security_ace_object_inherited_type");
00311 switch (level) {
00312 case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT:
00313 ndr_print_GUID(ndr, "inherited_type", &r->inherited_type);
00314 break;
00315
00316 default:
00317 break;
00318
00319 }
00320 }
00321
00322 static NTSTATUS ndr_push_security_ace_object(struct ndr_push *ndr, int ndr_flags, const struct security_ace_object *r)
00323 {
00324 if (ndr_flags & NDR_SCALARS) {
00325 NDR_CHECK(ndr_push_align(ndr, 4));
00326 NDR_CHECK(ndr_push_security_ace_object_flags(ndr, NDR_SCALARS, r->flags));
00327 NDR_CHECK(ndr_push_set_switch_value(ndr, &r->type, r->flags&SEC_ACE_OBJECT_TYPE_PRESENT));
00328 NDR_CHECK(ndr_push_security_ace_object_type(ndr, NDR_SCALARS, &r->type));
00329 NDR_CHECK(ndr_push_set_switch_value(ndr, &r->inherited_type, r->flags&SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT));
00330 NDR_CHECK(ndr_push_security_ace_object_inherited_type(ndr, NDR_SCALARS, &r->inherited_type));
00331 }
00332 if (ndr_flags & NDR_BUFFERS) {
00333 NDR_CHECK(ndr_push_security_ace_object_type(ndr, NDR_BUFFERS, &r->type));
00334 NDR_CHECK(ndr_push_security_ace_object_inherited_type(ndr, NDR_BUFFERS, &r->inherited_type));
00335 }
00336 return NT_STATUS_OK;
00337 }
00338
00339 static NTSTATUS ndr_pull_security_ace_object(struct ndr_pull *ndr, int ndr_flags, struct security_ace_object *r)
00340 {
00341 if (ndr_flags & NDR_SCALARS) {
00342 NDR_CHECK(ndr_pull_align(ndr, 4));
00343 NDR_CHECK(ndr_pull_security_ace_object_flags(ndr, NDR_SCALARS, &r->flags));
00344 NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->type, r->flags&SEC_ACE_OBJECT_TYPE_PRESENT));
00345 NDR_CHECK(ndr_pull_security_ace_object_type(ndr, NDR_SCALARS, &r->type));
00346 NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->inherited_type, r->flags&SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT));
00347 NDR_CHECK(ndr_pull_security_ace_object_inherited_type(ndr, NDR_SCALARS, &r->inherited_type));
00348 }
00349 if (ndr_flags & NDR_BUFFERS) {
00350 NDR_CHECK(ndr_pull_security_ace_object_type(ndr, NDR_BUFFERS, &r->type));
00351 NDR_CHECK(ndr_pull_security_ace_object_inherited_type(ndr, NDR_BUFFERS, &r->inherited_type));
00352 }
00353 return NT_STATUS_OK;
00354 }
00355
00356 void ndr_print_security_ace_object(struct ndr_print *ndr, const char *name, const struct security_ace_object *r)
00357 {
00358 ndr_print_struct(ndr, name, "security_ace_object");
00359 ndr->depth++;
00360 ndr_print_security_ace_object_flags(ndr, "flags", r->flags);
00361 ndr_print_set_switch_value(ndr, &r->type, r->flags&SEC_ACE_OBJECT_TYPE_PRESENT);
00362 ndr_print_security_ace_object_type(ndr, "type", &r->type);
00363 ndr_print_set_switch_value(ndr, &r->inherited_type, r->flags&SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT);
00364 ndr_print_security_ace_object_inherited_type(ndr, "inherited_type", &r->inherited_type);
00365 ndr->depth--;
00366 }
00367
00368 static NTSTATUS ndr_push_security_ace_object_ctr(struct ndr_push *ndr, int ndr_flags, const union security_ace_object_ctr *r)
00369 {
00370 int level;
00371 level = ndr_push_get_switch_value(ndr, r);
00372 if (ndr_flags & NDR_SCALARS) {
00373 switch (level) {
00374 case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
00375 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_SCALARS, &r->object));
00376 break;
00377
00378 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
00379 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_SCALARS, &r->object));
00380 break;
00381
00382 case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT:
00383 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_SCALARS, &r->object));
00384 break;
00385
00386 case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT:
00387 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_SCALARS, &r->object));
00388 break;
00389
00390 default:
00391 break;
00392
00393 }
00394 }
00395 if (ndr_flags & NDR_BUFFERS) {
00396 switch (level) {
00397 case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
00398 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00399 break;
00400
00401 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
00402 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00403 break;
00404
00405 case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT:
00406 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00407 break;
00408
00409 case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT:
00410 NDR_CHECK(ndr_push_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00411 break;
00412
00413 default:
00414 break;
00415
00416 }
00417 }
00418 return NT_STATUS_OK;
00419 }
00420
00421 static NTSTATUS ndr_pull_security_ace_object_ctr(struct ndr_pull *ndr, int ndr_flags, union security_ace_object_ctr *r)
00422 {
00423 int level;
00424 level = ndr_pull_get_switch_value(ndr, r);
00425 if (ndr_flags & NDR_SCALARS) {
00426 switch (level) {
00427 case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: {
00428 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_SCALARS, &r->object));
00429 break; }
00430
00431 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT: {
00432 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_SCALARS, &r->object));
00433 break; }
00434
00435 case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT: {
00436 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_SCALARS, &r->object));
00437 break; }
00438
00439 case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT: {
00440 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_SCALARS, &r->object));
00441 break; }
00442
00443 default: {
00444 break; }
00445
00446 }
00447 }
00448 if (ndr_flags & NDR_BUFFERS) {
00449 switch (level) {
00450 case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
00451 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00452 break;
00453
00454 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
00455 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00456 break;
00457
00458 case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT:
00459 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00460 break;
00461
00462 case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT:
00463 NDR_CHECK(ndr_pull_security_ace_object(ndr, NDR_BUFFERS, &r->object));
00464 break;
00465
00466 default:
00467 break;
00468
00469 }
00470 }
00471 return NT_STATUS_OK;
00472 }
00473
00474 void ndr_print_security_ace_object_ctr(struct ndr_print *ndr, const char *name, const union security_ace_object_ctr *r)
00475 {
00476 int level;
00477 level = ndr_print_get_switch_value(ndr, r);
00478 ndr_print_union(ndr, name, level, "security_ace_object_ctr");
00479 switch (level) {
00480 case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
00481 ndr_print_security_ace_object(ndr, "object", &r->object);
00482 break;
00483
00484 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
00485 ndr_print_security_ace_object(ndr, "object", &r->object);
00486 break;
00487
00488 case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT:
00489 ndr_print_security_ace_object(ndr, "object", &r->object);
00490 break;
00491
00492 case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT:
00493 ndr_print_security_ace_object(ndr, "object", &r->object);
00494 break;
00495
00496 default:
00497 break;
00498
00499 }
00500 }
00501
00502 NTSTATUS ndr_push_security_ace(struct ndr_push *ndr, int ndr_flags, const struct security_ace *r)
00503 {
00504 if (ndr_flags & NDR_SCALARS) {
00505 NDR_CHECK(ndr_push_align(ndr, 4));
00506 NDR_CHECK(ndr_push_security_ace_type(ndr, NDR_SCALARS, r->type));
00507 NDR_CHECK(ndr_push_security_ace_flags(ndr, NDR_SCALARS, r->flags));
00508 NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, ndr_size_security_ace(r,ndr->flags)));
00509 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->access_mask));
00510 NDR_CHECK(ndr_push_set_switch_value(ndr, &r->object, r->type));
00511 NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, NDR_SCALARS, &r->object));
00512 NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, &r->trustee));
00513 }
00514 if (ndr_flags & NDR_BUFFERS) {
00515 NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object));
00516 }
00517 return NT_STATUS_OK;
00518 }
00519
00520 NTSTATUS ndr_pull_security_ace(struct ndr_pull *ndr, int ndr_flags, struct security_ace *r)
00521 {
00522 if (ndr_flags & NDR_SCALARS) {
00523 NDR_CHECK(ndr_pull_align(ndr, 4));
00524 NDR_CHECK(ndr_pull_security_ace_type(ndr, NDR_SCALARS, &r->type));
00525 NDR_CHECK(ndr_pull_security_ace_flags(ndr, NDR_SCALARS, &r->flags));
00526 NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->size));
00527 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->access_mask));
00528 NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->object, r->type));
00529 NDR_CHECK(ndr_pull_security_ace_object_ctr(ndr, NDR_SCALARS, &r->object));
00530 NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, &r->trustee));
00531 }
00532 if (ndr_flags & NDR_BUFFERS) {
00533 NDR_CHECK(ndr_pull_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object));
00534 }
00535 return NT_STATUS_OK;
00536 }
00537
00538 void ndr_print_security_ace(struct ndr_print *ndr, const char *name, const struct security_ace *r)
00539 {
00540 ndr_print_struct(ndr, name, "security_ace");
00541 ndr->depth++;
00542 ndr_print_security_ace_type(ndr, "type", r->type);
00543 ndr_print_security_ace_flags(ndr, "flags", r->flags);
00544 ndr_print_uint16(ndr, "size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_security_ace(r,ndr->flags):r->size);
00545 ndr_print_uint32(ndr, "access_mask", r->access_mask);
00546 ndr_print_set_switch_value(ndr, &r->object, r->type);
00547 ndr_print_security_ace_object_ctr(ndr, "object", &r->object);
00548 ndr_print_dom_sid(ndr, "trustee", &r->trustee);
00549 ndr->depth--;
00550 }
00551
00552 static NTSTATUS ndr_push_security_acl_revision(struct ndr_push *ndr, int ndr_flags, enum security_acl_revision r)
00553 {
00554 NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r));
00555 return NT_STATUS_OK;
00556 }
00557
00558 static NTSTATUS ndr_pull_security_acl_revision(struct ndr_pull *ndr, int ndr_flags, enum security_acl_revision *r)
00559 {
00560 uint16_t v;
00561 NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v));
00562 *r = (enum security_acl_revision)v;
00563 return NT_STATUS_OK;
00564 }
00565
00566 void ndr_print_security_acl_revision(struct ndr_print *ndr, const char *name, enum security_acl_revision r)
00567 {
00568 const char *val = NULL;
00569
00570 switch (r) {
00571 case SECURITY_ACL_REVISION_NT4: val = "SECURITY_ACL_REVISION_NT4"; break;
00572 case SECURITY_ACL_REVISION_ADS: val = "SECURITY_ACL_REVISION_ADS"; break;
00573 }
00574 ndr_print_enum(ndr, name, "ENUM", val, r);
00575 }
00576
00577 NTSTATUS ndr_push_security_acl(struct ndr_push *ndr, int ndr_flags, const struct security_acl *r)
00578 {
00579 uint32_t cntr_aces_0;
00580 if (ndr_flags & NDR_SCALARS) {
00581 NDR_CHECK(ndr_push_align(ndr, 4));
00582 NDR_CHECK(ndr_push_security_acl_revision(ndr, NDR_SCALARS, r->revision));
00583 NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, ndr_size_security_acl(r,ndr->flags)));
00584 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->num_aces));
00585 for (cntr_aces_0 = 0; cntr_aces_0 < r->num_aces; cntr_aces_0++) {
00586 NDR_CHECK(ndr_push_security_ace(ndr, NDR_SCALARS, &r->aces[cntr_aces_0]));
00587 }
00588 }
00589 if (ndr_flags & NDR_BUFFERS) {
00590 for (cntr_aces_0 = 0; cntr_aces_0 < r->num_aces; cntr_aces_0++) {
00591 NDR_CHECK(ndr_push_security_ace(ndr, NDR_BUFFERS, &r->aces[cntr_aces_0]));
00592 }
00593 }
00594 return NT_STATUS_OK;
00595 }
00596
00597 NTSTATUS ndr_pull_security_acl(struct ndr_pull *ndr, int ndr_flags, struct security_acl *r)
00598 {
00599 uint32_t cntr_aces_0;
00600 TALLOC_CTX *_mem_save_aces_0;
00601 if (ndr_flags & NDR_SCALARS) {
00602 NDR_CHECK(ndr_pull_align(ndr, 4));
00603 NDR_CHECK(ndr_pull_security_acl_revision(ndr, NDR_SCALARS, &r->revision));
00604 NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->size));
00605 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_aces));
00606 if (r->num_aces > 1000) {
00607 return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
00608 }
00609 NDR_PULL_ALLOC_N(ndr, r->aces, r->num_aces);
00610 _mem_save_aces_0 = NDR_PULL_GET_MEM_CTX(ndr);
00611 NDR_PULL_SET_MEM_CTX(ndr, r->aces, 0);
00612 for (cntr_aces_0 = 0; cntr_aces_0 < r->num_aces; cntr_aces_0++) {
00613 NDR_CHECK(ndr_pull_security_ace(ndr, NDR_SCALARS, &r->aces[cntr_aces_0]));
00614 }
00615 NDR_PULL_SET_MEM_CTX(ndr, _mem_save_aces_0, 0);
00616 }
00617 if (ndr_flags & NDR_BUFFERS) {
00618 _mem_save_aces_0 = NDR_PULL_GET_MEM_CTX(ndr);
00619 NDR_PULL_SET_MEM_CTX(ndr, r->aces, 0);
00620 for (cntr_aces_0 = 0; cntr_aces_0 < r->num_aces; cntr_aces_0++) {
00621 NDR_CHECK(ndr_pull_security_ace(ndr, NDR_BUFFERS, &r->aces[cntr_aces_0]));
00622 }
00623 NDR_PULL_SET_MEM_CTX(ndr, _mem_save_aces_0, 0);
00624 }
00625 return NT_STATUS_OK;
00626 }
00627
00628 void ndr_print_security_acl(struct ndr_print *ndr, const char *name, const struct security_acl *r)
00629 {
00630 uint32_t cntr_aces_0;
00631 ndr_print_struct(ndr, name, "security_acl");
00632 ndr->depth++;
00633 ndr_print_security_acl_revision(ndr, "revision", r->revision);
00634 ndr_print_uint16(ndr, "size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_security_acl(r,ndr->flags):r->size);
00635 ndr_print_uint32(ndr, "num_aces", r->num_aces);
00636 ndr->print(ndr, "%s: ARRAY(%d)", "aces", r->num_aces);
00637 ndr->depth++;
00638 for (cntr_aces_0=0;cntr_aces_0<r->num_aces;cntr_aces_0++) {
00639 char *idx_0=NULL;
00640 asprintf(&idx_0, "[%d]", cntr_aces_0);
00641 if (idx_0) {
00642 ndr_print_security_ace(ndr, "aces", &r->aces[cntr_aces_0]);
00643 free(idx_0);
00644 }
00645 }
00646 ndr->depth--;
00647 ndr->depth--;
00648 }
00649
00650 static NTSTATUS ndr_push_security_descriptor_revision(struct ndr_push *ndr, int ndr_flags, enum security_descriptor_revision r)
00651 {
00652 NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r));
00653 return NT_STATUS_OK;
00654 }
00655
00656 static NTSTATUS ndr_pull_security_descriptor_revision(struct ndr_pull *ndr, int ndr_flags, enum security_descriptor_revision *r)
00657 {
00658 uint8_t v;
00659 NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &v));
00660 *r = (enum security_descriptor_revision)v;
00661 return NT_STATUS_OK;
00662 }
00663
00664 void ndr_print_security_descriptor_revision(struct ndr_print *ndr, const char *name, enum security_descriptor_revision r)
00665 {
00666 const char *val = NULL;
00667
00668 switch (r) {
00669 case SECURITY_DESCRIPTOR_REVISION_1: val = "SECURITY_DESCRIPTOR_REVISION_1"; break;
00670 }
00671 ndr_print_enum(ndr, name, "ENUM", val, r);
00672 }
00673
00674 static NTSTATUS ndr_push_security_descriptor_type(struct ndr_push *ndr, int ndr_flags, uint16_t r)
00675 {
00676 NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r));
00677 return NT_STATUS_OK;
00678 }
00679
00680 static NTSTATUS ndr_pull_security_descriptor_type(struct ndr_pull *ndr, int ndr_flags, uint16_t *r)
00681 {
00682 uint16_t v;
00683 NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v));
00684 *r = v;
00685 return NT_STATUS_OK;
00686 }
00687
00688 void ndr_print_security_descriptor_type(struct ndr_print *ndr, const char *name, uint16_t r)
00689 {
00690 ndr_print_uint16(ndr, name, r);
00691 ndr->depth++;
00692 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_OWNER_DEFAULTED", SEC_DESC_OWNER_DEFAULTED, r);
00693 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_GROUP_DEFAULTED", SEC_DESC_GROUP_DEFAULTED, r);
00694 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_DACL_PRESENT", SEC_DESC_DACL_PRESENT, r);
00695 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_DACL_DEFAULTED", SEC_DESC_DACL_DEFAULTED, r);
00696 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_SACL_PRESENT", SEC_DESC_SACL_PRESENT, r);
00697 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_SACL_DEFAULTED", SEC_DESC_SACL_DEFAULTED, r);
00698 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_DACL_TRUSTED", SEC_DESC_DACL_TRUSTED, r);
00699 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_SERVER_SECURITY", SEC_DESC_SERVER_SECURITY, r);
00700 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_DACL_AUTO_INHERIT_REQ", SEC_DESC_DACL_AUTO_INHERIT_REQ, r);
00701 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_SACL_AUTO_INHERIT_REQ", SEC_DESC_SACL_AUTO_INHERIT_REQ, r);
00702 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_DACL_AUTO_INHERITED", SEC_DESC_DACL_AUTO_INHERITED, r);
00703 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_SACL_AUTO_INHERITED", SEC_DESC_SACL_AUTO_INHERITED, r);
00704 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_DACL_PROTECTED", SEC_DESC_DACL_PROTECTED, r);
00705 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_SACL_PROTECTED", SEC_DESC_SACL_PROTECTED, r);
00706 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_RM_CONTROL_VALID", SEC_DESC_RM_CONTROL_VALID, r);
00707 ndr_print_bitmap_flag(ndr, sizeof(uint16_t), "SEC_DESC_SELF_RELATIVE", SEC_DESC_SELF_RELATIVE, r);
00708 ndr->depth--;
00709 }
00710
00711 NTSTATUS ndr_push_security_descriptor(struct ndr_push *ndr, int ndr_flags, const struct security_descriptor *r)
00712 {
00713 {
00714 uint32_t _flags_save_STRUCT = ndr->flags;
00715 ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN);
00716 if (ndr_flags & NDR_SCALARS) {
00717 NDR_CHECK(ndr_push_align(ndr, 4));
00718 NDR_CHECK(ndr_push_security_descriptor_revision(ndr, NDR_SCALARS, r->revision));
00719 NDR_CHECK(ndr_push_security_descriptor_type(ndr, NDR_SCALARS, r->type));
00720 NDR_CHECK(ndr_push_relative_ptr1(ndr, r->owner_sid));
00721 NDR_CHECK(ndr_push_relative_ptr1(ndr, r->group_sid));
00722 NDR_CHECK(ndr_push_relative_ptr1(ndr, r->sacl));
00723 NDR_CHECK(ndr_push_relative_ptr1(ndr, r->dacl));
00724 }
00725 if (ndr_flags & NDR_BUFFERS) {
00726 if (r->owner_sid) {
00727 NDR_CHECK(ndr_push_relative_ptr2(ndr, r->owner_sid));
00728 NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->owner_sid));
00729 }
00730 if (r->group_sid) {
00731 NDR_CHECK(ndr_push_relative_ptr2(ndr, r->group_sid));
00732 NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->group_sid));
00733 }
00734 if (r->sacl) {
00735 NDR_CHECK(ndr_push_relative_ptr2(ndr, r->sacl));
00736 NDR_CHECK(ndr_push_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->sacl));
00737 }
00738 if (r->dacl) {
00739 NDR_CHECK(ndr_push_relative_ptr2(ndr, r->dacl));
00740 NDR_CHECK(ndr_push_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->dacl));
00741 }
00742 }
00743 ndr->flags = _flags_save_STRUCT;
00744 }
00745 return NT_STATUS_OK;
00746 }
00747
00748 NTSTATUS ndr_pull_security_descriptor(struct ndr_pull *ndr, int ndr_flags, struct security_descriptor *r)
00749 {
00750 uint32_t _ptr_owner_sid;
00751 TALLOC_CTX *_mem_save_owner_sid_0;
00752 uint32_t _ptr_group_sid;
00753 TALLOC_CTX *_mem_save_group_sid_0;
00754 uint32_t _ptr_sacl;
00755 TALLOC_CTX *_mem_save_sacl_0;
00756 uint32_t _ptr_dacl;
00757 TALLOC_CTX *_mem_save_dacl_0;
00758 {
00759 uint32_t _flags_save_STRUCT = ndr->flags;
00760 ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN);
00761 if (ndr_flags & NDR_SCALARS) {
00762 NDR_CHECK(ndr_pull_align(ndr, 4));
00763 NDR_CHECK(ndr_pull_security_descriptor_revision(ndr, NDR_SCALARS, &r->revision));
00764 NDR_CHECK(ndr_pull_security_descriptor_type(ndr, NDR_SCALARS, &r->type));
00765 NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_owner_sid));
00766 if (_ptr_owner_sid) {
00767 NDR_PULL_ALLOC(ndr, r->owner_sid);
00768 NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->owner_sid, _ptr_owner_sid));
00769 } else {
00770 r->owner_sid = NULL;
00771 }
00772 NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_group_sid));
00773 if (_ptr_group_sid) {
00774 NDR_PULL_ALLOC(ndr, r->group_sid);
00775 NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->group_sid, _ptr_group_sid));
00776 } else {
00777 r->group_sid = NULL;
00778 }
00779 NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sacl));
00780 if (_ptr_sacl) {
00781 NDR_PULL_ALLOC(ndr, r->sacl);
00782 NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->sacl, _ptr_sacl));
00783 } else {
00784 r->sacl = NULL;
00785 }
00786 NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_dacl));
00787 if (_ptr_dacl) {
00788 NDR_PULL_ALLOC(ndr, r->dacl);
00789 NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->dacl, _ptr_dacl));
00790 } else {
00791 r->dacl = NULL;
00792 }
00793 }
00794 if (ndr_flags & NDR_BUFFERS) {
00795 if (r->owner_sid) {
00796 struct ndr_pull_save _relative_save;
00797 ndr_pull_save(ndr, &_relative_save);
00798 NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->owner_sid));
00799 _mem_save_owner_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
00800 NDR_PULL_SET_MEM_CTX(ndr, r->owner_sid, 0);
00801 NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->owner_sid));
00802 NDR_PULL_SET_MEM_CTX(ndr, _mem_save_owner_sid_0, 0);
00803 ndr_pull_restore(ndr, &_relative_save);
00804 }
00805 if (r->group_sid) {
00806 struct ndr_pull_save _relative_save;
00807 ndr_pull_save(ndr, &_relative_save);
00808 NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->group_sid));
00809 _mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
00810 NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0);
00811 NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid));
00812 NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0);
00813 ndr_pull_restore(ndr, &_relative_save);
00814 }
00815 if (r->sacl) {
00816 struct ndr_pull_save _relative_save;
00817 ndr_pull_save(ndr, &_relative_save);
00818 NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->sacl));
00819 _mem_save_sacl_0 = NDR_PULL_GET_MEM_CTX(ndr);
00820 NDR_PULL_SET_MEM_CTX(ndr, r->sacl, 0);
00821 NDR_CHECK(ndr_pull_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->sacl));
00822 NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sacl_0, 0);
00823 ndr_pull_restore(ndr, &_relative_save);
00824 }
00825 if (r->dacl) {
00826 struct ndr_pull_save _relative_save;
00827 ndr_pull_save(ndr, &_relative_save);
00828 NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->dacl));
00829 _mem_save_dacl_0 = NDR_PULL_GET_MEM_CTX(ndr);
00830 NDR_PULL_SET_MEM_CTX(ndr, r->dacl, 0);
00831 NDR_CHECK(ndr_pull_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->dacl));
00832 NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dacl_0, 0);
00833 ndr_pull_restore(ndr, &_relative_save);
00834 }
00835 }
00836 ndr->flags = _flags_save_STRUCT;
00837 }
00838 return NT_STATUS_OK;
00839 }
00840
00841 void ndr_print_security_descriptor(struct ndr_print *ndr, const char *name, const struct security_descriptor *r)
00842 {
00843 ndr_print_struct(ndr, name, "security_descriptor");
00844 {
00845 uint32_t _flags_save_STRUCT = ndr->flags;
00846 ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN);
00847 ndr->depth++;
00848 ndr_print_security_descriptor_revision(ndr, "revision", r->revision);
00849 ndr_print_security_descriptor_type(ndr, "type", r->type);
00850 ndr_print_ptr(ndr, "owner_sid", r->owner_sid);
00851 ndr->depth++;
00852 if (r->owner_sid) {
00853 ndr_print_dom_sid(ndr, "owner_sid", r->owner_sid);
00854 }
00855 ndr->depth--;
00856 ndr_print_ptr(ndr, "group_sid", r->group_sid);
00857 ndr->depth++;
00858 if (r->group_sid) {
00859 ndr_print_dom_sid(ndr, "group_sid", r->group_sid);
00860 }
00861 ndr->depth--;
00862 ndr_print_ptr(ndr, "sacl", r->sacl);
00863 ndr->depth++;
00864 if (r->sacl) {
00865 ndr_print_security_acl(ndr, "sacl", r->sacl);
00866 }
00867 ndr->depth--;
00868 ndr_print_ptr(ndr, "dacl", r->dacl);
00869 ndr->depth++;
00870 if (r->dacl) {
00871 ndr_print_security_acl(ndr, "dacl", r->dacl);
00872 }
00873 ndr->depth--;
00874 ndr->depth--;
00875 ndr->flags = _flags_save_STRUCT;
00876 }
00877 }
00878
00879 NTSTATUS ndr_push_security_secinfo(struct ndr_push *ndr, int ndr_flags, uint32_t r)
00880 {
00881 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r));
00882 return NT_STATUS_OK;
00883 }
00884
00885 NTSTATUS ndr_pull_security_secinfo(struct ndr_pull *ndr, int ndr_flags, uint32_t *r)
00886 {
00887 uint32_t v;
00888 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v));
00889 *r = v;
00890 return NT_STATUS_OK;
00891 }
00892
00893 void ndr_print_security_secinfo(struct ndr_print *ndr, const char *name, uint32_t r)
00894 {
00895 ndr_print_uint32(ndr, name, r);
00896 ndr->depth++;
00897 ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SECINFO_OWNER", SECINFO_OWNER, r);
00898 ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SECINFO_GROUP", SECINFO_GROUP, r);
00899 ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SECINFO_DACL", SECINFO_DACL, r);
00900 ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SECINFO_SACL", SECINFO_SACL, r);
00901 ndr->depth--;
00902 }
00903
