summaryrefslogtreecommitdiff
path: root/librpc/gen_ndr
diff options
context:
space:
mode:
Diffstat (limited to 'librpc/gen_ndr')
-rw-r--r--librpc/gen_ndr/ndr_security.c50
-rw-r--r--librpc/gen_ndr/ndr_security.h3
-rw-r--r--librpc/gen_ndr/security.h13
3 files changed, 66 insertions, 0 deletions
diff --git a/librpc/gen_ndr/ndr_security.c b/librpc/gen_ndr/ndr_security.c
index c227170779..0bc039d967 100644
--- a/librpc/gen_ndr/ndr_security.c
+++ b/librpc/gen_ndr/ndr_security.c
@@ -850,6 +850,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_token(struct ndr_push *ndr, int ndr
NDR_CHECK(ndr_push_unique_ptr(ndr, r->sids[cntr_sids_0]));
}
NDR_CHECK(ndr_push_udlong(ndr, NDR_SCALARS, r->privilege_mask));
+ NDR_CHECK(ndr_push_unique_ptr(ndr, r->default_dacl));
}
if (ndr_flags & NDR_BUFFERS) {
if (r->user_sid) {
@@ -863,6 +864,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_token(struct ndr_push *ndr, int ndr
NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0]));
}
}
+ if (r->default_dacl) {
+ NDR_CHECK(ndr_push_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->default_dacl));
+ }
}
return NDR_ERR_SUCCESS;
}
@@ -877,6 +881,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr
uint32_t cntr_sids_0;
TALLOC_CTX *_mem_save_sids_0;
TALLOC_CTX *_mem_save_sids_1;
+ uint32_t _ptr_default_dacl;
+ TALLOC_CTX *_mem_save_default_dacl_0;
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user_sid));
@@ -906,6 +912,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr
}
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_0, 0);
NDR_CHECK(ndr_pull_udlong(ndr, NDR_SCALARS, &r->privilege_mask));
+ NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_default_dacl));
+ if (_ptr_default_dacl) {
+ NDR_PULL_ALLOC(ndr, r->default_dacl);
+ } else {
+ r->default_dacl = NULL;
+ }
if (r->sids) {
NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->sids, r->num_sids));
}
@@ -934,6 +946,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr
}
}
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_0, 0);
+ if (r->default_dacl) {
+ _mem_save_default_dacl_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->default_dacl, 0);
+ NDR_CHECK(ndr_pull_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->default_dacl));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_default_dacl_0, 0);
+ }
}
return NDR_ERR_SUCCESS;
}
@@ -972,6 +990,12 @@ _PUBLIC_ void ndr_print_security_token(struct ndr_print *ndr, const char *name,
}
ndr->depth--;
ndr_print_udlong(ndr, "privilege_mask", r->privilege_mask);
+ ndr_print_ptr(ndr, "default_dacl", r->default_dacl);
+ ndr->depth++;
+ if (r->default_dacl) {
+ ndr_print_security_acl(ndr, "default_dacl", r->default_dacl);
+ }
+ ndr->depth--;
ndr->depth--;
}
@@ -1030,3 +1054,29 @@ _PUBLIC_ void ndr_print_kerb_EncTypes(struct ndr_print *ndr, const char *name, u
ndr->depth--;
}
+_PUBLIC_ enum ndr_err_code ndr_push_security_autoinherit(struct ndr_push *ndr, int ndr_flags, uint32_t r)
+{
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r));
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_security_autoinherit(struct ndr_pull *ndr, int ndr_flags, uint32_t *r)
+{
+ uint32_t v;
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v));
+ *r = v;
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_security_autoinherit(struct ndr_print *ndr, const char *name, uint32_t r)
+{
+ ndr_print_uint32(ndr, name, r);
+ ndr->depth++;
+ ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SEC_DACL_AUTO_INHERIT", SEC_DACL_AUTO_INHERIT, r);
+ ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SEC_SACL_AUTO_INHERIT", SEC_SACL_AUTO_INHERIT, r);
+ ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SEC_DEFAULT_DESCRIPTOR", SEC_DEFAULT_DESCRIPTOR, r);
+ ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SEC_OWNER_FROM_PARENT", SEC_OWNER_FROM_PARENT, r);
+ ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SEC_GROUP_FROM_PARENT", SEC_GROUP_FROM_PARENT, r);
+ ndr->depth--;
+}
+
diff --git a/librpc/gen_ndr/ndr_security.h b/librpc/gen_ndr/ndr_security.h
index eddd3c3507..b900d54742 100644
--- a/librpc/gen_ndr/ndr_security.h
+++ b/librpc/gen_ndr/ndr_security.h
@@ -51,4 +51,7 @@ void ndr_print_security_secinfo(struct ndr_print *ndr, const char *name, uint32_
enum ndr_err_code ndr_push_kerb_EncTypes(struct ndr_push *ndr, int ndr_flags, uint32_t r);
enum ndr_err_code ndr_pull_kerb_EncTypes(struct ndr_pull *ndr, int ndr_flags, uint32_t *r);
void ndr_print_kerb_EncTypes(struct ndr_print *ndr, const char *name, uint32_t r);
+enum ndr_err_code ndr_push_security_autoinherit(struct ndr_push *ndr, int ndr_flags, uint32_t r);
+enum ndr_err_code ndr_pull_security_autoinherit(struct ndr_pull *ndr, int ndr_flags, uint32_t *r);
+void ndr_print_security_autoinherit(struct ndr_print *ndr, const char *name, uint32_t r);
#endif /* _HEADER_NDR_security */
diff --git a/librpc/gen_ndr/security.h b/librpc/gen_ndr/security.h
index d1dcbe552a..e0a3528251 100644
--- a/librpc/gen_ndr/security.h
+++ b/librpc/gen_ndr/security.h
@@ -76,6 +76,11 @@
#define STANDARD_RIGHTS_READ_ACCESS ( SEC_STD_READ_CONTROL )
#define STANDARD_RIGHTS_WRITE_ACCESS ( (SEC_STD_WRITE_OWNER|SEC_STD_WRITE_DAC|SEC_STD_DELETE) )
#define STANDARD_RIGHTS_REQUIRED_ACCESS ( (SEC_STD_DELETE|SEC_STD_READ_CONTROL|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER) )
+#define SEC_ADS_GENERIC_ALL_DS ( (SEC_STD_DELETE|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|SEC_ADS_CREATE_CHILD|SEC_ADS_DELETE_CHILD|SEC_ADS_DELETE_TREE|SEC_ADS_CONTROL_ACCESS) )
+#define SEC_ADS_GENERIC_EXECUTE ( SEC_STD_READ_CONTROL|SEC_ADS_LIST )
+#define SEC_ADS_GENERIC_WRITE ( (SEC_STD_READ_CONTROL|SEC_ADS_SELF_WRITE|SEC_ADS_WRITE_PROP) )
+#define SEC_ADS_GENERIC_READ ( (SEC_STD_READ_CONTROL|SEC_ADS_LIST|SEC_ADS_READ_PROP|SEC_ADS_LIST_OBJECT) )
+#define SEC_ADS_GENERIC_ALL ( (SEC_ADS_GENERIC_EXECUTE|SEC_ADS_GENERIC_WRITE|SEC_ADS_GENERIC_READ|SEC_ADS_GENERIC_ALL_DS) )
#define SID_NULL ( "S-1-0-0" )
#define NAME_WORLD ( "WORLD" )
#define SID_WORLD_DOMAIN ( "S-1-1" )
@@ -341,6 +346,7 @@ struct security_token {
uint32_t num_sids;
struct dom_sid **sids;/* [unique,size_is(num_sids)] */
uint64_t privilege_mask;
+ struct security_acl *default_dacl;/* [unique] */
}/* [public] */;
/* bitmap security_secinfo */
@@ -360,4 +366,11 @@ struct security_token {
#define KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 ( 0x00000008 )
#define KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 ( 0x00000010 )
+/* bitmap security_autoinherit */
+#define SEC_DACL_AUTO_INHERIT ( 0x00000001 )
+#define SEC_SACL_AUTO_INHERIT ( 0x00000002 )
+#define SEC_DEFAULT_DESCRIPTOR ( 0x00000004 )
+#define SEC_OWNER_FROM_PARENT ( 0x00000008 )
+#define SEC_GROUP_FROM_PARENT ( 0x00000010 )
+
#endif /* _HEADER_security */