00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023 #include "includes.h"
00024
00025 NTSTATUS ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r)
00026 {
00027 uint32_t cntr_sub_auths_0;
00028 if (ndr_flags & NDR_SCALARS) {
00029 NDR_CHECK(ndr_push_align(ndr, 4));
00030 NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num));
00031 NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths));
00032 NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
00033 for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
00034 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0]));
00035 }
00036 }
00037 if (ndr_flags & NDR_BUFFERS) {
00038 }
00039 return NT_STATUS_OK;
00040 }
00041
00042 NTSTATUS ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r)
00043 {
00044 uint32_t cntr_sub_auths_0;
00045 if (ndr_flags & NDR_SCALARS) {
00046 NDR_CHECK(ndr_pull_align(ndr, 4));
00047 NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num));
00048 NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->num_auths));
00049 if (r->num_auths > 15) {
00050 return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
00051 }
00052 NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
00053 for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
00054 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0]));
00055 }
00056 }
00057 if (ndr_flags & NDR_BUFFERS) {
00058 }
00059 return NT_STATUS_OK;
00060 }
00061
00062
00063
00064
00065 char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
00066 {
00067 int i, ofs, maxlen;
00068 uint32_t ia;
00069 char *ret;
00070
00071 if (!sid) {
00072 return talloc_strdup(mem_ctx, "(NULL SID)");
00073 }
00074
00075 maxlen = sid->num_auths * 11 + 25;
00076 ret = (char *)talloc_size(mem_ctx, maxlen);
00077 if (!ret) return talloc_strdup(mem_ctx, "(SID ERR)");
00078
00079 ia = (sid->id_auth[5]) +
00080 (sid->id_auth[4] << 8 ) +
00081 (sid->id_auth[3] << 16) +
00082 (sid->id_auth[2] << 24);
00083
00084 ofs = snprintf(ret, maxlen, "S-%u-%lu",
00085 (unsigned int)sid->sid_rev_num, (unsigned long)ia);
00086
00087 for (i = 0; i < sid->num_auths; i++) {
00088 ofs += snprintf(ret + ofs, maxlen - ofs, "-%lu", (unsigned long)sid->sub_auths[i]);
00089 }
00090
00091 return ret;
00092 }
00093
00094
00095
00096
00097 NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
00098 {
00099 uint32_t num_auths;
00100 if (!(ndr_flags & NDR_SCALARS)) {
00101 return NT_STATUS_OK;
00102 }
00103 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths));
00104 NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid));
00105 if (sid->num_auths != num_auths) {
00106 return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE,
00107 "Bad array size %u should exceed %u",
00108 num_auths, sid->num_auths);
00109 }
00110 return NT_STATUS_OK;
00111 }
00112
00113
00114
00115
00116 NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
00117 {
00118 if (!(ndr_flags & NDR_SCALARS)) {
00119 return NT_STATUS_OK;
00120 }
00121 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths));
00122 return ndr_push_dom_sid(ndr, ndr_flags, sid);
00123 }
00124
00125
00126
00127
00128 NTSTATUS ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
00129 {
00130 NTSTATUS status;
00131 struct ndr_pull *subndr;
00132
00133 if (!(ndr_flags & NDR_SCALARS)) {
00134 return NT_STATUS_OK;
00135 }
00136
00137 subndr = talloc_zero(ndr, struct ndr_pull);
00138 NT_STATUS_HAVE_NO_MEMORY(subndr);
00139 subndr->flags = ndr->flags;
00140 subndr->current_mem_ctx = ndr->current_mem_ctx;
00141
00142 subndr->data = ndr->data + ndr->offset;
00143 subndr->data_size = 28;
00144 subndr->offset = 0;
00145
00146 NDR_CHECK(ndr_pull_advance(ndr, 28));
00147
00148 status = ndr_pull_dom_sid(subndr, ndr_flags, sid);
00149 if (!NT_STATUS_IS_OK(status)) {
00150
00151 ZERO_STRUCTP(sid);
00152 }
00153
00154 return NT_STATUS_OK;
00155 }
00156
00157
00158
00159
00160 NTSTATUS ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
00161 {
00162 uint32_t old_offset;
00163 uint32_t padding;
00164
00165 if (!(ndr_flags & NDR_SCALARS)) {
00166 return NT_STATUS_OK;
00167 }
00168
00169 if (sid->num_auths > 5) {
00170 return ndr_push_error(ndr, NDR_ERR_RANGE,
00171 "dom_sid28 allows only upto 5 sub auth [%u]",
00172 sid->num_auths);
00173 }
00174
00175 old_offset = ndr->offset;
00176 NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid));
00177
00178 padding = 28 - (ndr->offset - old_offset);
00179
00180 if (padding > 0) {
00181 NDR_CHECK(ndr_push_zero(ndr, padding));
00182 }
00183
00184 return NT_STATUS_OK;
00185 }
00186
00187 NTSTATUS ndr_push_sec_desc_buf(struct ndr_push *ndr, int ndr_flags, const struct sec_desc_buf *r)
00188 {
00189 if (ndr_flags & NDR_SCALARS) {
00190 NDR_CHECK(ndr_push_align(ndr, 4));
00191 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_size_security_descriptor(r->sd,ndr->flags)));
00192 NDR_CHECK(ndr_push_unique_ptr(ndr, r->sd));
00193 }
00194 if (ndr_flags & NDR_BUFFERS) {
00195 if (r->sd) {
00196 {
00197 struct ndr_push *_ndr_sd;
00198 NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_sd, 4, -1));
00199 NDR_CHECK(ndr_push_security_descriptor(_ndr_sd, NDR_SCALARS|NDR_BUFFERS, r->sd));
00200 NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sd, 4, -1));
00201 }
00202 }
00203 }
00204 return NT_STATUS_OK;
00205 }
00206
00207 NTSTATUS ndr_pull_sec_desc_buf(struct ndr_pull *ndr, int ndr_flags, struct sec_desc_buf *r)
00208 {
00209 uint32_t _ptr_sd;
00210 TALLOC_CTX *_mem_save_sd_0;
00211 if (ndr_flags & NDR_SCALARS) {
00212 NDR_CHECK(ndr_pull_align(ndr, 4));
00213 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sd_size));
00214 if (r->sd_size > 0x40000) {
00215 return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
00216 }
00217 NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sd));
00218 if (_ptr_sd) {
00219 NDR_PULL_ALLOC(ndr, r->sd);
00220 } else {
00221 r->sd = NULL;
00222 }
00223 }
00224 if (ndr_flags & NDR_BUFFERS) {
00225 if (r->sd) {
00226 _mem_save_sd_0 = NDR_PULL_GET_MEM_CTX(ndr);
00227 NDR_PULL_SET_MEM_CTX(ndr, r->sd, 0);
00228 {
00229 struct ndr_pull *_ndr_sd;
00230 NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_sd, 4, -1));
00231 NDR_CHECK(ndr_pull_security_descriptor(_ndr_sd, NDR_SCALARS|NDR_BUFFERS, r->sd));
00232 NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sd, 4, -1));
00233 }
00234 NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sd_0, 0);
00235 }
00236 }
00237 return NT_STATUS_OK;
00238 }
00239
00240 void ndr_print_sec_desc_buf(struct ndr_print *ndr, const char *name, const struct sec_desc_buf *r)
00241 {
00242 ndr_print_struct(ndr, name, "sec_desc_buf");
00243 ndr->depth++;
00244 ndr_print_uint32(ndr, "sd_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_security_descriptor(r->sd,ndr->flags):r->sd_size);
00245 ndr_print_ptr(ndr, "sd", r->sd);
00246 ndr->depth++;
00247 if (r->sd) {
00248 ndr_print_security_descriptor(ndr, "sd", r->sd);
00249 }
00250 ndr->depth--;
00251 ndr->depth--;
00252 }