diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2006-04-29 17:34:49 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:05:17 -0500 |
commit | e002300f238dd0937dd9f768e366c006945e8baa (patch) | |
tree | 87bc52b059c4331faac801876d4a567f08659d85 /source4/librpc | |
parent | 1a4effad3d4c9d69a8aec4a7bb509c4dff309edb (diff) | |
download | samba-e002300f238dd0937dd9f768e366c006945e8baa.tar.gz samba-e002300f238dd0937dd9f768e366c006945e8baa.tar.bz2 samba-e002300f238dd0937dd9f768e366c006945e8baa.zip |
r15328: Move some functions around, remove dependencies.
Remove some autogenerated headers (which had prototypes now autogenerated by pidl)
Remove ndr_security.h from a few places - it's no longer necessary
(This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
Diffstat (limited to 'source4/librpc')
-rw-r--r-- | source4/librpc/config.mk | 34 | ||||
-rw-r--r-- | source4/librpc/idl/drsuapi.idl | 11 | ||||
-rw-r--r-- | source4/librpc/idl/krb5pac.idl | 3 | ||||
-rw-r--r-- | source4/librpc/idl/nbt.idl | 4 | ||||
-rw-r--r-- | source4/librpc/idl/security.idl | 23 | ||||
-rw-r--r-- | source4/librpc/ndr/libndr.h | 9 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_drsuapi.c | 2 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_sec.c | 120 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_sec_helper.c | 135 |
9 files changed, 134 insertions, 207 deletions
diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk index 0719804aca..57d6ddfbb3 100644 --- a/source4/librpc/config.mk +++ b/source4/librpc/config.mk @@ -28,16 +28,12 @@ PUBLIC_DEPENDENCIES = LIBCOMPRESSION # End SUBSYSTEM NDR_COMPRESSION ################################################ -[SUBSYSTEM::NDR_SECURITY_HELPER] -PRIVATE_PROTO_HEADER = ndr/ndr_sec.h -OBJ_FILES = ndr/ndr_sec_helper.o ndr/ndr_sec.o - [LIBRARY::NDR_SECURITY] VERSION = 0.0.1 SO_VERSION = 0 -OBJ_FILES = gen_ndr/ndr_security.o +OBJ_FILES = gen_ndr/ndr_security.o ndr/ndr_sec_helper.o PUBLIC_HEADERS = gen_ndr/security.h -PUBLIC_DEPENDENCIES = NDR_MISC NDR_SECURITY_HELPER +PUBLIC_DEPENDENCIES = NDR_MISC LIBSECURITY [LIBRARY::NDR_AUDIOSRV] VERSION = 0.0.1 @@ -65,7 +61,7 @@ PUBLIC_DEPENDENCIES = LIBNDR VERSION = 0.0.1 SO_VERSION = 0 OBJ_FILES = gen_ndr/ndr_irpc.o -PUBLIC_DEPENDENCIES = LIBNDR +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY [LIBRARY::NDR_DSBACKUP] VERSION = 0.0.1 @@ -77,7 +73,7 @@ PUBLIC_DEPENDENCIES = LIBNDR VERSION = 0.0.1 SO_VERSION = 0 OBJ_FILES = gen_ndr/ndr_efs.o -PUBLIC_DEPENDENCIES = LIBNDR +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY [SUBSYSTEM::NDR_MISC] OBJ_FILES = gen_ndr/ndr_misc.o @@ -93,7 +89,7 @@ VERSION = 0.0.1 SO_VERSION = 0 OBJ_FILES = gen_ndr/ndr_lsa.o PUBLIC_HEADERS = gen_ndr/lsa.h -PUBLIC_DEPENDENCIES = LIBNDR +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY [LIBRARY::NDR_DFS] VERSION = 0.0.1 @@ -104,12 +100,8 @@ PUBLIC_DEPENDENCIES = LIBNDR [LIBRARY::NDR_DRSUAPI] VERSION = 0.0.1 SO_VERSION = 0 -OBJ_FILES = gen_ndr/ndr_drsuapi.o -PUBLIC_DEPENDENCIES = LIBNDR NDR_DRSUAPI_PRINT NDR_COMPRESSION NDR_SECURITY - -[SUBSYSTEM::NDR_DRSUAPI_PRINT] -PRIVATE_PROTO_HEADER = ndr/ndr_drsuapi.h -OBJ_FILES = ndr/ndr_drsuapi.o +OBJ_FILES = gen_ndr/ndr_drsuapi.o ndr/ndr_drsuapi.o +PUBLIC_DEPENDENCIES = LIBNDR NDR_COMPRESSION NDR_SECURITY [LIBRARY::NDR_DRSBLOBS] VERSION = 0.0.1 @@ -131,7 +123,7 @@ PUBLIC_DEPENDENCIES = LIBNDR VERSION = 0.0.1 SO_VERSION = 0 OBJ_FILES = gen_ndr/ndr_unixinfo.o -PUBLIC_DEPENDENCIES = LIBNDR +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY [LIBRARY::NDR_SAMR] VERSION = 0.0.1 @@ -309,12 +301,8 @@ OBJ_FILES = gen_ndr/ndr_keysvc.o PUBLIC_DEPENDENCIES = LIBNDR [SUBSYSTEM::NDR_KRB5PAC] -OBJ_FILES = gen_ndr/ndr_krb5pac.o -PUBLIC_DEPENDENCIES = LIBNDR NDR_KRB5PAC_UTIL NDR_NETLOGON - -[SUBSYSTEM::NDR_KRB5PAC_UTIL] -PRIVATE_PROTO_HEADER = ndr/ndr_krb5pac.h -OBJ_FILES = ndr/ndr_krb5pac.o +OBJ_FILES = gen_ndr/ndr_krb5pac.o ndr/ndr_krb5pac.o +PUBLIC_DEPENDENCIES = LIBNDR NDR_NETLOGON NDR_SECURITY [LIBRARY::NDR_XATTR] VERSION = 0.0.1 @@ -431,7 +419,7 @@ PUBLIC_DEPENDENCIES = dcerpc NDR_UNIXINFO VERSION = 0.0.1 SO_VERSION = 0 OBJ_FILES = gen_ndr/ndr_samr_c.o -PUBLIC_DEPENDENCIES = dcerpc NDR_SAMR +PUBLIC_DEPENDENCIES = dcerpc NDR_SAMR [LIBRARY::RPC_NDR_SPOOLSS] VERSION = 0.0.1 diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl index 83ffbb4baa..85a475175a 100644 --- a/source4/librpc/idl/drsuapi.idl +++ b/source4/librpc/idl/drsuapi.idl @@ -7,8 +7,7 @@ authservice("ldap"), helpstring("Active Directory Replication"), pointer_default(unique), - depends(security), - helper("librpc/ndr/ndr_drsuapi.h") + depends(security) ] interface drsuapi { @@ -122,7 +121,7 @@ interface drsuapi /* Function 0x02 */ typedef [public,gensize] struct { [value(ndr_size_drsuapi_DsReplicaObjectIdentifier(r, ndr->flags)-4)] uint32 __ndr_size; - [value(ndr_length_dom_sid(&r->sid))] uint32 __ndr_size_sid; + [value(ndr_size_dom_sid(&r->sid, ndr->flags))] uint32 __ndr_size_sid; GUID guid; dom_sid28 sid; [flag(STR_SIZE4|STR_CHARLEN|STR_CONFORMANT)] string dn; @@ -444,7 +443,7 @@ interface drsuapi /* DN String values */ typedef [public,gensize] struct { [value(ndr_size_drsuapi_DsReplicaObjectIdentifier3(r, ndr->flags))] uint32 __ndr_size; - [value(ndr_length_dom_sid(&r->sid))] uint32 __ndr_size_sid; + [value(ndr_size_dom_sid(&r->sid,ndr->flags))] uint32 __ndr_size_sid; GUID guid; dom_sid28 sid; [flag(STR_SIZE4|STR_CHARLEN)] string dn; @@ -473,7 +472,7 @@ interface drsuapi /* SID values */ typedef struct { - [range(0,10485760),value(ndr_size_dom_sid(sid))] uint32 __ndr_size; + [range(0,10485760),value(ndr_size_dom_sid(sid,ndr->flags))] uint32 __ndr_size; [subcontext(4)] dom_sid *sid; } drsuapi_DsAttributeValueSID; @@ -484,7 +483,7 @@ interface drsuapi /* SecurityDescriptor values */ typedef struct { - [range(0,10485760),value(ndr_size_security_descriptor(sd))] uint32 __ndr_size; + [range(0,10485760),value(ndr_size_security_descriptor(sd,ndr->flags))] uint32 __ndr_size; [subcontext(4)] security_descriptor *sd; } drsuapi_DsAttributeValueSecurityDescriptor; diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl index fff1946025..229ce3402d 100644 --- a/source4/librpc/idl/krb5pac.idl +++ b/source4/librpc/idl/krb5pac.idl @@ -9,8 +9,7 @@ version(0.0), pointer_default(unique), helpstring("Active Directory KRB5 PAC"), - depends(security,netlogon,samr), - helper("librpc/ndr/ndr_krb5pac.h") + depends(security,netlogon,samr) ] interface krb5pac { diff --git a/source4/librpc/idl/nbt.idl b/source4/librpc/idl/nbt.idl index a948a79ff1..65ae20111e 100644 --- a/source4/librpc/idl/nbt.idl +++ b/source4/librpc/idl/nbt.idl @@ -427,7 +427,7 @@ nstring unicode_domain; uint32 db_count; nbt_db_change dbchange[db_count]; - [value(ndr_size_dom_sid(&sid))] uint32 sid_size; + [value(ndr_size_dom_sid(&sid, ndr->flags))] uint32 sid_size; [flag(NDR_ALIGN4)] DATA_BLOB _pad2; dom_sid sid; uint32 nt_version; @@ -547,7 +547,7 @@ nstring user_name; astring mailslot_name; uint32 acct_control; - [value(ndr_size_dom_sid(&sid))] uint32 sid_size; + [value(ndr_size_dom_sid(&sid, ndr->flags))] uint32 sid_size; [flag(NDR_ALIGN4)] DATA_BLOB _pad; dom_sid sid; uint32 nt_version; diff --git a/source4/librpc/idl/security.idl b/source4/librpc/idl/security.idl index f22e6b6836..c756a1a6d0 100644 --- a/source4/librpc/idl/security.idl +++ b/source4/librpc/idl/security.idl @@ -6,8 +6,7 @@ [ pointer_default(unique), - depends(misc), - helper("librpc/ndr/ndr_sec.h") + depends(misc,security) ] interface security { @@ -22,9 +21,9 @@ interface security common combinations of bits are prefixed with SEC_RIGHTS_ */ - const int SEC_MASK_GENERIC = 0xF0000000; - const int SEC_MASK_FLAGS = 0x0F000000; - const int SEC_MASK_STANDARD = 0x00FF0000; + const int SEC_MASK_GENERIC = 0xF0000000; + const int SEC_MASK_FLAGS = 0x0F000000; + const int SEC_MASK_STANDARD = 0x00FF0000; const int SEC_MASK_SPECIFIC = 0x0000FFFF; /* generic bits */ @@ -210,7 +209,7 @@ interface security /* a domain SID. Note that unlike Samba3 this contains a pointer, so you can't copy them using assignment */ - typedef [public,noprint,noejs] struct { + typedef [public,gensize,noprint,noejs,nosize] struct { uint8 sid_rev_num; /**< SID revision number */ [range(0,15)] int8 num_auths; /**< Number of sub-authorities */ uint8 id_auth[6]; /**< Identifier Authority */ @@ -273,10 +272,10 @@ interface security [default]; } security_ace_object_ctr; - typedef [public] struct { + typedef [public,gensize,nosize] struct { security_ace_type type; /* SEC_ACE_TYPE_* */ security_ace_flags flags; /* SEC_ACE_FLAG_* */ - [value(ndr_size_security_ace(r))] uint16 size; + [value(ndr_size_security_ace(r,ndr->flags))] uint16 size; uint32 access_mask; [switch_is(type)] security_ace_object_ctr object; dom_sid trustee; @@ -289,9 +288,9 @@ interface security const uint NT4_ACL_REVISION = SECURITY_ACL_REVISION_NT4; - typedef [public] struct { + typedef [public,gensize,nosize] struct { security_acl_revision revision; - [value(ndr_size_security_acl(r))] uint16 size; + [value(ndr_size_security_acl(r,ndr->flags))] uint16 size; [range(0,1000)] uint32 num_aces; security_ace aces[num_aces]; } security_acl; @@ -323,7 +322,7 @@ interface security SEC_DESC_SELF_RELATIVE = 0x8000 } security_descriptor_type; - typedef [public,flag(NDR_LITTLE_ENDIAN)] struct { + typedef [gensize,nosize,public,flag(NDR_LITTLE_ENDIAN)] struct { security_descriptor_revision revision; security_descriptor_type type; /* SEC_DESC_xxxx flags */ [relative] dom_sid *owner_sid; @@ -333,7 +332,7 @@ interface security } security_descriptor; typedef [public] struct { - [range(0,0x40000),value(ndr_size_security_descriptor(sd))] uint32 sd_size; + [range(0,0x40000),value(ndr_size_security_descriptor(sd,ndr->flags))] uint32 sd_size; [subcontext(4)] security_descriptor *sd; } sec_desc_buf; diff --git a/source4/librpc/ndr/libndr.h b/source4/librpc/ndr/libndr.h index 4b6d128ec4..c83e70ff50 100644 --- a/source4/librpc/ndr/libndr.h +++ b/source4/librpc/ndr/libndr.h @@ -291,4 +291,13 @@ extern const struct dcerpc_syntax_id ndr64_transfer_syntax; #include "librpc/gen_ndr/misc.h" #include "librpc/ndr/libndr_proto.h" +/* FIXME: Use represent_as instead */ +struct dom_sid; +NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); +NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); +void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid); +NTSTATUS ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); +NTSTATUS ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); +void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid); + #endif /* __LIBNDR_H__ */ diff --git a/source4/librpc/ndr/ndr_drsuapi.c b/source4/librpc/ndr/ndr_drsuapi.c index 6f6dd74ea4..0c57425b25 100644 --- a/source4/librpc/ndr/ndr_drsuapi.c +++ b/source4/librpc/ndr/ndr_drsuapi.c @@ -37,7 +37,7 @@ void ndr_print_drsuapi_DsReplicaObjectListItem(struct ndr_print *ndr, const char } } -void ndr_print_drsuapi_DsReplicaObjectListItemEx(struct ndr_print *ndr, const char *name, struct drsuapi_DsReplicaObjectListItemEx *r) +void ndr_print_drsuapi_DsReplicaObjectListItemEx(struct ndr_print *ndr, const char *name, const struct drsuapi_DsReplicaObjectListItemEx *r) { ndr_print_struct(ndr, name, "drsuapi_DsReplicaObjectListItemEx"); ndr->depth++; diff --git a/source4/librpc/ndr/ndr_sec.c b/source4/librpc/ndr/ndr_sec.c deleted file mode 100644 index fb18d48909..0000000000 --- a/source4/librpc/ndr/ndr_sec.c +++ /dev/null @@ -1,120 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - routines for marshalling/unmarshalling security descriptors - and related structures - - Copyright (C) Andrew Tridgell 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - - -#include "includes.h" -#include "librpc/gen_ndr/ndr_security.h" - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - uint32_t num_auths; - if (!(ndr_flags & NDR_SCALARS)) { - return NT_STATUS_OK; - } - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths)); - NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid)); - if (sid->num_auths != num_auths) { - return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, - "Bad array size %u should exceed %u", - num_auths, sid->num_auths); - } - return NT_STATUS_OK; -} - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NT_STATUS_OK; - } - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths)); - return ndr_push_dom_sid(ndr, ndr_flags, sid); -} - -/* - parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth -*/ -NTSTATUS ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - NTSTATUS status; - struct ndr_pull *subndr; - - if (!(ndr_flags & NDR_SCALARS)) { - return NT_STATUS_OK; - } - - subndr = talloc_zero(ndr, struct ndr_pull); - NT_STATUS_HAVE_NO_MEMORY(subndr); - subndr->flags = ndr->flags; - subndr->current_mem_ctx = ndr->current_mem_ctx; - - subndr->data = ndr->data + ndr->offset; - subndr->data_size = 28; - subndr->offset = 0; - - NDR_CHECK(ndr_pull_advance(ndr, 28)); - - status = ndr_pull_dom_sid(subndr, ndr_flags, sid); - if (!NT_STATUS_IS_OK(status)) { - /* handle a w2k bug which send random data in the buffer */ - ZERO_STRUCTP(sid); - } - - return NT_STATUS_OK; -} - -/* - push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer -*/ -NTSTATUS ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - uint32_t old_offset; - uint32_t padding; - - if (!(ndr_flags & NDR_SCALARS)) { - return NT_STATUS_OK; - } - - if (sid->num_auths > 5) { - return ndr_push_error(ndr, NDR_ERR_RANGE, - "dom_sid28 allows only upto 5 sub auth [%u]", - sid->num_auths); - } - - old_offset = ndr->offset; - NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid)); - - padding = 28 - (ndr->offset - old_offset); - - if (padding > 0) { - NDR_CHECK(ndr_push_zero(ndr, padding)); - } - - return NT_STATUS_OK; -} - diff --git a/source4/librpc/ndr/ndr_sec_helper.c b/source4/librpc/ndr/ndr_sec_helper.c index 8325aef93d..dd4435daf1 100644 --- a/source4/librpc/ndr/ndr_sec_helper.c +++ b/source4/librpc/ndr/ndr_sec_helper.c @@ -23,47 +23,38 @@ #include "includes.h" #include "librpc/gen_ndr/ndr_security.h" +#include "libcli/security/security.h" /* return the wire size of a dom_sid */ -size_t ndr_size_dom_sid(const struct dom_sid *sid) +size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags) { if (!sid) return 0; return 8 + 4*sid->num_auths; } /* - return the wire size of a dom_sid -*/ -size_t ndr_length_dom_sid(const struct dom_sid *sid) -{ - if (!sid) return 0; - if (sid->sid_rev_num == 0) return 0; - return 8 + 4*sid->num_auths; -} - -/* return the wire size of a security_ace */ -size_t ndr_size_security_ace(const struct security_ace *ace) +size_t ndr_size_security_ace(const struct security_ace *ace, int flags) { if (!ace) return 0; - return 8 + ndr_size_dom_sid(&ace->trustee); + return 8 + ndr_size_dom_sid(&ace->trustee, flags); } /* return the wire size of a security_acl */ -size_t ndr_size_security_acl(const struct security_acl *acl) +size_t ndr_size_security_acl(const struct security_acl *acl, int flags) { size_t ret; int i; if (!acl) return 0; ret = 8; for (i=0;i<acl->num_aces;i++) { - ret += ndr_size_security_ace(&acl->aces[i]); + ret += ndr_size_security_ace(&acl->aces[i], flags); } return ret; } @@ -71,16 +62,16 @@ size_t ndr_size_security_acl(const struct security_acl *acl) /* return the wire size of a security descriptor */ -size_t ndr_size_security_descriptor(const struct security_descriptor *sd) +size_t ndr_size_security_descriptor(const struct security_descriptor *sd, int flags) { size_t ret; if (!sd) return 0; ret = 20; - ret += ndr_size_dom_sid(sd->owner_sid); - ret += ndr_size_dom_sid(sd->group_sid); - ret += ndr_size_security_acl(sd->dacl); - ret += ndr_size_security_acl(sd->sacl); + ret += ndr_size_dom_sid(sd->owner_sid, flags); + ret += ndr_size_dom_sid(sd->group_sid, flags); + ret += ndr_size_security_acl(sd->dacl, flags); + ret += ndr_size_security_acl(sd->sacl, flags); return ret; } @@ -102,35 +93,97 @@ void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct d ndr_print_dom_sid(ndr, name, sid); } + /* - convert a dom_sid to a string + parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field */ -char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid) +NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) { - int i, ofs, maxlen; - uint32_t ia; - char *ret; - - if (!sid) { - return talloc_strdup(mem_ctx, "(NULL SID)"); + uint32_t num_auths; + if (!(ndr_flags & NDR_SCALARS)) { + return NT_STATUS_OK; + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths)); + NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid)); + if (sid->num_auths != num_auths) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, + "Bad array size %u should exceed %u", + num_auths, sid->num_auths); } + return NT_STATUS_OK; +} - maxlen = sid->num_auths * 11 + 25; - ret = talloc_size(mem_ctx, maxlen); - if (!ret) return talloc_strdup(mem_ctx, "(SID ERR)"); +/* + parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field +*/ +NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + if (!(ndr_flags & NDR_SCALARS)) { + return NT_STATUS_OK; + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths)); + return ndr_push_dom_sid(ndr, ndr_flags, sid); +} - ia = (sid->id_auth[5]) + - (sid->id_auth[4] << 8 ) + - (sid->id_auth[3] << 16) + - (sid->id_auth[2] << 24); +/* + parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth +*/ +NTSTATUS ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) +{ + NTSTATUS status; + struct ndr_pull *subndr; - ofs = snprintf(ret, maxlen, "S-%u-%lu", - (uint_t)sid->sid_rev_num, (unsigned long)ia); + if (!(ndr_flags & NDR_SCALARS)) { + return NT_STATUS_OK; + } - for (i = 0; i < sid->num_auths; i++) { - ofs += snprintf(ret + ofs, maxlen - ofs, "-%lu", (unsigned long)sid->sub_auths[i]); + subndr = talloc_zero(ndr, struct ndr_pull); + NT_STATUS_HAVE_NO_MEMORY(subndr); + subndr->flags = ndr->flags; + subndr->current_mem_ctx = ndr->current_mem_ctx; + + subndr->data = ndr->data + ndr->offset; + subndr->data_size = 28; + subndr->offset = 0; + + NDR_CHECK(ndr_pull_advance(ndr, 28)); + + status = ndr_pull_dom_sid(subndr, ndr_flags, sid); + if (!NT_STATUS_IS_OK(status)) { + /* handle a w2k bug which send random data in the buffer */ + ZERO_STRUCTP(sid); } - - return ret; + + return NT_STATUS_OK; +} + +/* + push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer +*/ +NTSTATUS ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + uint32_t old_offset; + uint32_t padding; + + if (!(ndr_flags & NDR_SCALARS)) { + return NT_STATUS_OK; + } + + if (sid->num_auths > 5) { + return ndr_push_error(ndr, NDR_ERR_RANGE, + "dom_sid28 allows only upto 5 sub auth [%u]", + sid->num_auths); + } + + old_offset = ndr->offset; + NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid)); + + padding = 28 - (ndr->offset - old_offset); + + if (padding > 0) { + NDR_CHECK(ndr_push_zero(ndr, padding)); + } + + return NT_STATUS_OK; } |