librpc/ndr/sid.c

説明を見る。
00001 /* 
00002    Unix SMB/CIFS implementation.
00003 
00004    libndr interface
00005 
00006    Copyright (C) Andrew Tridgell 2003
00007    
00008    This program is free software; you can redistribute it and/or modify
00009    it under the terms of the GNU General Public License as published by
00010    the Free Software Foundation; either version 2 of the License, or
00011    (at your option) any later version.
00012    
00013    This program is distributed in the hope that it will be useful,
00014    but WITHOUT ANY WARRANTY; without even the implied warranty of
00015    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00016    GNU General Public License for more details.
00017    
00018    You should have received a copy of the GNU General Public License
00019    along with this program; if not, write to the Free Software
00020    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
00021 */
00022 
00023 #include "includes.h"
00024 
00025 NTSTATUS ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r)
00026 {
00027         uint32_t cntr_sub_auths_0;
00028         if (ndr_flags & NDR_SCALARS) {
00029                 NDR_CHECK(ndr_push_align(ndr, 4));
00030                 NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num));
00031                 NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths));
00032                 NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
00033                 for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
00034                         NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0]));
00035                 }
00036         }
00037         if (ndr_flags & NDR_BUFFERS) {
00038         }
00039         return NT_STATUS_OK;
00040 }
00041 
00042 NTSTATUS ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r)
00043 {
00044         uint32_t cntr_sub_auths_0;
00045         if (ndr_flags & NDR_SCALARS) {
00046                 NDR_CHECK(ndr_pull_align(ndr, 4));
00047                 NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num));
00048                 NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->num_auths));
00049                 if (r->num_auths > 15) {
00050                         return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
00051                 }
00052                 NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
00053                 for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
00054                         NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0]));
00055                 }
00056         }
00057         if (ndr_flags & NDR_BUFFERS) {
00058         }
00059         return NT_STATUS_OK;
00060 }
00061 
00062 /*
00063   convert a dom_sid to a string
00064 */
00065 char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
00066 {
00067         int i, ofs, maxlen;
00068         uint32_t ia;
00069         char *ret;
00070         
00071         if (!sid) {
00072                 return talloc_strdup(mem_ctx, "(NULL SID)");
00073         }
00074 
00075         maxlen = sid->num_auths * 11 + 25;
00076         ret = (char *)talloc_size(mem_ctx, maxlen);
00077         if (!ret) return talloc_strdup(mem_ctx, "(SID ERR)");
00078 
00079         ia = (sid->id_auth[5]) +
00080                 (sid->id_auth[4] << 8 ) +
00081                 (sid->id_auth[3] << 16) +
00082                 (sid->id_auth[2] << 24);
00083 
00084         ofs = snprintf(ret, maxlen, "S-%u-%lu", 
00085                        (unsigned int)sid->sid_rev_num, (unsigned long)ia);
00086 
00087         for (i = 0; i < sid->num_auths; i++) {
00088                 ofs += snprintf(ret + ofs, maxlen - ofs, "-%lu", (unsigned long)sid->sub_auths[i]);
00089         }
00090         
00091         return ret;
00092 }
00093 
00094 /*
00095   parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
00096 */
00097 NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
00098 {
00099         uint32_t num_auths;
00100         if (!(ndr_flags & NDR_SCALARS)) {
00101                 return NT_STATUS_OK;
00102         }
00103         NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths));
00104         NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid));
00105         if (sid->num_auths != num_auths) {
00106                 return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, 
00107                                       "Bad array size %u should exceed %u", 
00108                                       num_auths, sid->num_auths);
00109         }
00110         return NT_STATUS_OK;
00111 }
00112 
00113 /*
00114   parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
00115 */
00116 NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
00117 {
00118         if (!(ndr_flags & NDR_SCALARS)) {
00119                 return NT_STATUS_OK;
00120         }
00121         NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths));
00122         return ndr_push_dom_sid(ndr, ndr_flags, sid);
00123 }
00124 
00125 /*
00126   parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth
00127 */
00128 NTSTATUS ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
00129 {
00130         NTSTATUS status;
00131         struct ndr_pull *subndr;
00132 
00133         if (!(ndr_flags & NDR_SCALARS)) {
00134                 return NT_STATUS_OK;
00135         }
00136 
00137         subndr = talloc_zero(ndr, struct ndr_pull);
00138         NT_STATUS_HAVE_NO_MEMORY(subndr);
00139         subndr->flags           = ndr->flags;
00140         subndr->current_mem_ctx = ndr->current_mem_ctx;
00141 
00142         subndr->data            = ndr->data + ndr->offset;
00143         subndr->data_size       = 28;
00144         subndr->offset          = 0;
00145 
00146         NDR_CHECK(ndr_pull_advance(ndr, 28));
00147 
00148         status = ndr_pull_dom_sid(subndr, ndr_flags, sid);
00149         if (!NT_STATUS_IS_OK(status)) {
00150                 /* handle a w2k bug which send random data in the buffer */
00151                 ZERO_STRUCTP(sid);
00152         }
00153 
00154         return NT_STATUS_OK;
00155 }
00156 
00157 /*
00158   push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer
00159 */
00160 NTSTATUS ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
00161 {
00162         uint32_t old_offset;
00163         uint32_t padding;
00164 
00165         if (!(ndr_flags & NDR_SCALARS)) {
00166                 return NT_STATUS_OK;
00167         }
00168 
00169         if (sid->num_auths > 5) {
00170                 return ndr_push_error(ndr, NDR_ERR_RANGE, 
00171                                       "dom_sid28 allows only upto 5 sub auth [%u]", 
00172                                       sid->num_auths);
00173         }
00174 
00175         old_offset = ndr->offset;
00176         NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid));
00177 
00178         padding = 28 - (ndr->offset - old_offset);
00179 
00180         if (padding > 0) {
00181                 NDR_CHECK(ndr_push_zero(ndr, padding));
00182         }
00183 
00184         return NT_STATUS_OK;
00185 }
00186 
00187 NTSTATUS ndr_push_sec_desc_buf(struct ndr_push *ndr, int ndr_flags, const struct sec_desc_buf *r)
00188 {
00189         if (ndr_flags & NDR_SCALARS) {
00190                 NDR_CHECK(ndr_push_align(ndr, 4));
00191                 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_size_security_descriptor(r->sd,ndr->flags)));
00192                 NDR_CHECK(ndr_push_unique_ptr(ndr, r->sd));
00193         }
00194         if (ndr_flags & NDR_BUFFERS) {
00195                 if (r->sd) {
00196                         {
00197                                 struct ndr_push *_ndr_sd;
00198                                 NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_sd, 4, -1));
00199                                 NDR_CHECK(ndr_push_security_descriptor(_ndr_sd, NDR_SCALARS|NDR_BUFFERS, r->sd));
00200                                 NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sd, 4, -1));
00201                         }
00202                 }
00203         }
00204         return NT_STATUS_OK;
00205 }
00206 
00207 NTSTATUS ndr_pull_sec_desc_buf(struct ndr_pull *ndr, int ndr_flags, struct sec_desc_buf *r)
00208 {
00209         uint32_t _ptr_sd;
00210         TALLOC_CTX *_mem_save_sd_0;
00211         if (ndr_flags & NDR_SCALARS) {
00212                 NDR_CHECK(ndr_pull_align(ndr, 4));
00213                 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sd_size));
00214                 if (r->sd_size > 0x40000) { /* sd_size is unsigned */
00215                         return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
00216                 }
00217                 NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sd));
00218                 if (_ptr_sd) {
00219                         NDR_PULL_ALLOC(ndr, r->sd);
00220                 } else {
00221                         r->sd = NULL;
00222                 }
00223         }
00224         if (ndr_flags & NDR_BUFFERS) {
00225                 if (r->sd) {
00226                         _mem_save_sd_0 = NDR_PULL_GET_MEM_CTX(ndr);
00227                         NDR_PULL_SET_MEM_CTX(ndr, r->sd, 0);
00228                         {
00229                                 struct ndr_pull *_ndr_sd;
00230                                 NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_sd, 4, -1));
00231                                 NDR_CHECK(ndr_pull_security_descriptor(_ndr_sd, NDR_SCALARS|NDR_BUFFERS, r->sd));
00232                                 NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sd, 4, -1));
00233                         }
00234                         NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sd_0, 0);
00235                 }
00236         }
00237         return NT_STATUS_OK;
00238 }
00239 
00240 void ndr_print_sec_desc_buf(struct ndr_print *ndr, const char *name, const struct sec_desc_buf *r)
00241 {
00242         ndr_print_struct(ndr, name, "sec_desc_buf");
00243         ndr->depth++;
00244         ndr_print_uint32(ndr, "sd_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_security_descriptor(r->sd,ndr->flags):r->sd_size);
00245         ndr_print_ptr(ndr, "sd", r->sd);
00246         ndr->depth++;
00247         if (r->sd) {
00248                 ndr_print_security_descriptor(ndr, "sd", r->sd);
00249         }
00250         ndr->depth--;
00251         ndr->depth--;
00252 }

Sambaに対してSat Aug 29 21:23:04 2009に生成されました。  doxygen 1.4.7