From 0a0e18eeecc4d4e091c58109a8ddd9b3f28fa5cd Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 9 Jul 2008 16:54:38 -0700
Subject: Add in the IDL to store a NT Security descriptor in a blob. Use the
 same format as S4, but a new version as we'll need to store the timestamp to
 check for validity against the POSIX st_ctime. Jeremy. (This used to be
 commit 5c4ce1dac3769bfe533a4ea778c916d117603603)

---
 source3/librpc/gen_ndr/ndr_xattr.c | 225 +++++++++++++++++++++++++++++++++++++
 source3/librpc/gen_ndr/ndr_xattr.h |   7 ++
 source3/librpc/gen_ndr/xattr.h     |  15 +++
 source3/librpc/idl/xattr.idl       |  29 +++++
 4 files changed, 276 insertions(+)

diff --git a/source3/librpc/gen_ndr/ndr_xattr.c b/source3/librpc/gen_ndr/ndr_xattr.c
index 46c4249d21..9cde197444 100644
--- a/source3/librpc/gen_ndr/ndr_xattr.c
+++ b/source3/librpc/gen_ndr/ndr_xattr.c
@@ -100,3 +100,228 @@ _PUBLIC_ void ndr_print_tdb_xattrs(struct ndr_print *ndr, const char *name, cons
 	ndr->depth--;
 }
 
+_PUBLIC_ enum ndr_err_code ndr_push_security_descriptor_timestamp(struct ndr_push *ndr, int ndr_flags, const struct security_descriptor_timestamp *r)
+{
+	if (ndr_flags & NDR_SCALARS) {
+		NDR_CHECK(ndr_push_align(ndr, 4));
+		NDR_CHECK(ndr_push_unique_ptr(ndr, r->sd));
+		NDR_CHECK(ndr_push_NTTIME(ndr, NDR_SCALARS, r->last_changed));
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		if (r->sd) {
+			NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->sd));
+		}
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor_timestamp(struct ndr_pull *ndr, int ndr_flags, struct security_descriptor_timestamp *r)
+{
+	uint32_t _ptr_sd;
+	TALLOC_CTX *_mem_save_sd_0;
+	if (ndr_flags & NDR_SCALARS) {
+		NDR_CHECK(ndr_pull_align(ndr, 4));
+		NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sd));
+		if (_ptr_sd) {
+			NDR_PULL_ALLOC(ndr, r->sd);
+		} else {
+			r->sd = NULL;
+		}
+		NDR_CHECK(ndr_pull_NTTIME(ndr, NDR_SCALARS, &r->last_changed));
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		if (r->sd) {
+			_mem_save_sd_0 = NDR_PULL_GET_MEM_CTX(ndr);
+			NDR_PULL_SET_MEM_CTX(ndr, r->sd, 0);
+			NDR_CHECK(ndr_pull_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->sd));
+			NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sd_0, 0);
+		}
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_security_descriptor_timestamp(struct ndr_print *ndr, const char *name, const struct security_descriptor_timestamp *r)
+{
+	ndr_print_struct(ndr, name, "security_descriptor_timestamp");
+	ndr->depth++;
+	ndr_print_ptr(ndr, "sd", r->sd);
+	ndr->depth++;
+	if (r->sd) {
+		ndr_print_security_descriptor(ndr, "sd", r->sd);
+	}
+	ndr->depth--;
+	ndr_print_NTTIME(ndr, "last_changed", r->last_changed);
+	ndr->depth--;
+}
+
+static enum ndr_err_code ndr_push_xattr_NTACL_Info(struct ndr_push *ndr, int ndr_flags, const union xattr_NTACL_Info *r)
+{
+	if (ndr_flags & NDR_SCALARS) {
+		int level = ndr_push_get_switch_value(ndr, r);
+		NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, level));
+		switch (level) {
+			case 1: {
+				NDR_CHECK(ndr_push_unique_ptr(ndr, r->sd));
+			break; }
+
+			case 2: {
+				NDR_CHECK(ndr_push_unique_ptr(ndr, r->sd_ts));
+			break; }
+
+			default:
+				return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
+		}
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		int level = ndr_push_get_switch_value(ndr, r);
+		switch (level) {
+			case 1:
+				if (r->sd) {
+					NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->sd));
+				}
+			break;
+
+			case 2:
+				if (r->sd_ts) {
+					NDR_CHECK(ndr_push_security_descriptor_timestamp(ndr, NDR_SCALARS|NDR_BUFFERS, r->sd_ts));
+				}
+			break;
+
+			default:
+				return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
+		}
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_xattr_NTACL_Info(struct ndr_pull *ndr, int ndr_flags, union xattr_NTACL_Info *r)
+{
+	int level;
+	uint16_t _level;
+	TALLOC_CTX *_mem_save_sd_0;
+	TALLOC_CTX *_mem_save_sd_ts_0;
+	level = ndr_pull_get_switch_value(ndr, r);
+	if (ndr_flags & NDR_SCALARS) {
+		NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &_level));
+		if (_level != level) {
+			return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u for r", _level);
+		}
+		switch (level) {
+			case 1: {
+				uint32_t _ptr_sd;
+				NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sd));
+				if (_ptr_sd) {
+					NDR_PULL_ALLOC(ndr, r->sd);
+				} else {
+					r->sd = NULL;
+				}
+			break; }
+
+			case 2: {
+				uint32_t _ptr_sd_ts;
+				NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sd_ts));
+				if (_ptr_sd_ts) {
+					NDR_PULL_ALLOC(ndr, r->sd_ts);
+				} else {
+					r->sd_ts = NULL;
+				}
+			break; }
+
+			default:
+				return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
+		}
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		switch (level) {
+			case 1:
+				if (r->sd) {
+					_mem_save_sd_0 = NDR_PULL_GET_MEM_CTX(ndr);
+					NDR_PULL_SET_MEM_CTX(ndr, r->sd, 0);
+					NDR_CHECK(ndr_pull_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->sd));
+					NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sd_0, 0);
+				}
+			break;
+
+			case 2:
+				if (r->sd_ts) {
+					_mem_save_sd_ts_0 = NDR_PULL_GET_MEM_CTX(ndr);
+					NDR_PULL_SET_MEM_CTX(ndr, r->sd_ts, 0);
+					NDR_CHECK(ndr_pull_security_descriptor_timestamp(ndr, NDR_SCALARS|NDR_BUFFERS, r->sd_ts));
+					NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sd_ts_0, 0);
+				}
+			break;
+
+			default:
+				return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
+		}
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_xattr_NTACL_Info(struct ndr_print *ndr, const char *name, const union xattr_NTACL_Info *r)
+{
+	int level;
+	level = ndr_print_get_switch_value(ndr, r);
+	ndr_print_union(ndr, name, level, "xattr_NTACL_Info");
+	switch (level) {
+		case 1:
+			ndr_print_ptr(ndr, "sd", r->sd);
+			ndr->depth++;
+			if (r->sd) {
+				ndr_print_security_descriptor(ndr, "sd", r->sd);
+			}
+			ndr->depth--;
+		break;
+
+		case 2:
+			ndr_print_ptr(ndr, "sd_ts", r->sd_ts);
+			ndr->depth++;
+			if (r->sd_ts) {
+				ndr_print_security_descriptor_timestamp(ndr, "sd_ts", r->sd_ts);
+			}
+			ndr->depth--;
+		break;
+
+		default:
+			ndr_print_bad_level(ndr, name, level);
+	}
+}
+
+_PUBLIC_ enum ndr_err_code ndr_push_xattr_NTACL(struct ndr_push *ndr, int ndr_flags, const struct xattr_NTACL *r)
+{
+	if (ndr_flags & NDR_SCALARS) {
+		NDR_CHECK(ndr_push_align(ndr, 4));
+		NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->version));
+		NDR_CHECK(ndr_push_set_switch_value(ndr, &r->info, r->version));
+		NDR_CHECK(ndr_push_xattr_NTACL_Info(ndr, NDR_SCALARS, &r->info));
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		NDR_CHECK(ndr_push_xattr_NTACL_Info(ndr, NDR_BUFFERS, &r->info));
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_xattr_NTACL(struct ndr_pull *ndr, int ndr_flags, struct xattr_NTACL *r)
+{
+	if (ndr_flags & NDR_SCALARS) {
+		NDR_CHECK(ndr_pull_align(ndr, 4));
+		NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->version));
+		NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->info, r->version));
+		NDR_CHECK(ndr_pull_xattr_NTACL_Info(ndr, NDR_SCALARS, &r->info));
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		NDR_CHECK(ndr_pull_xattr_NTACL_Info(ndr, NDR_BUFFERS, &r->info));
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_xattr_NTACL(struct ndr_print *ndr, const char *name, const struct xattr_NTACL *r)
+{
+	ndr_print_struct(ndr, name, "xattr_NTACL");
+	ndr->depth++;
+	ndr_print_uint16(ndr, "version", r->version);
+	ndr_print_set_switch_value(ndr, &r->info, r->version);
+	ndr_print_xattr_NTACL_Info(ndr, "info", &r->info);
+	ndr->depth--;
+}
+
diff --git a/source3/librpc/gen_ndr/ndr_xattr.h b/source3/librpc/gen_ndr/ndr_xattr.h
index a18477f347..21c5ae03b5 100644
--- a/source3/librpc/gen_ndr/ndr_xattr.h
+++ b/source3/librpc/gen_ndr/ndr_xattr.h
@@ -13,4 +13,11 @@ void ndr_print_tdb_xattr(struct ndr_print *ndr, const char *name, const struct t
 enum ndr_err_code ndr_push_tdb_xattrs(struct ndr_push *ndr, int ndr_flags, const struct tdb_xattrs *r);
 enum ndr_err_code ndr_pull_tdb_xattrs(struct ndr_pull *ndr, int ndr_flags, struct tdb_xattrs *r);
 void ndr_print_tdb_xattrs(struct ndr_print *ndr, const char *name, const struct tdb_xattrs *r);
+enum ndr_err_code ndr_push_security_descriptor_timestamp(struct ndr_push *ndr, int ndr_flags, const struct security_descriptor_timestamp *r);
+enum ndr_err_code ndr_pull_security_descriptor_timestamp(struct ndr_pull *ndr, int ndr_flags, struct security_descriptor_timestamp *r);
+void ndr_print_security_descriptor_timestamp(struct ndr_print *ndr, const char *name, const struct security_descriptor_timestamp *r);
+void ndr_print_xattr_NTACL_Info(struct ndr_print *ndr, const char *name, const union xattr_NTACL_Info *r);
+enum ndr_err_code ndr_push_xattr_NTACL(struct ndr_push *ndr, int ndr_flags, const struct xattr_NTACL *r);
+enum ndr_err_code ndr_pull_xattr_NTACL(struct ndr_pull *ndr, int ndr_flags, struct xattr_NTACL *r);
+void ndr_print_xattr_NTACL(struct ndr_print *ndr, const char *name, const struct xattr_NTACL *r);
 #endif /* _HEADER_NDR_xattr */
diff --git a/source3/librpc/gen_ndr/xattr.h b/source3/librpc/gen_ndr/xattr.h
index ee30376be8..af1b633acb 100644
--- a/source3/librpc/gen_ndr/xattr.h
+++ b/source3/librpc/gen_ndr/xattr.h
@@ -15,4 +15,19 @@ struct tdb_xattrs {
 	struct tdb_xattr *xattrs;
 }/* [public] */;
 
+struct security_descriptor_timestamp {
+	struct security_descriptor *sd;/* [unique] */
+	NTTIME last_changed;
+}/* [public] */;
+
+union xattr_NTACL_Info {
+	struct security_descriptor *sd;/* [unique,case] */
+	struct security_descriptor_timestamp *sd_ts;/* [unique,case(2)] */
+}/* [switch_type(uint16)] */;
+
+struct xattr_NTACL {
+	uint16_t version;
+	union xattr_NTACL_Info info;/* [switch_is(version)] */
+}/* [public] */;
+
 #endif /* _HEADER_xattr */
diff --git a/source3/librpc/idl/xattr.idl b/source3/librpc/idl/xattr.idl
index ec230a4efb..e19e2f89d8 100644
--- a/source3/librpc/idl/xattr.idl
+++ b/source3/librpc/idl/xattr.idl
@@ -20,4 +20,33 @@ interface xattr
 		uint32 num_xattrs;
 		tdb_xattr xattrs[num_xattrs];
 	} tdb_xattrs;
+
+	/* we store the NT ACL a NTACL xattr. It is versioned so we
+	   can later add other acl attribs (such as posix acl mapping)
+
+	   we put this xattr in the security namespace to ensure that
+	   only trusted users can write to the ACL
+
+	   stored in "security.NTACL"
+
+	   Version 1. raw SD stored as Samba4 does it.
+	   Version 2. raw SD + last changed timestamp so we
+		      can discard if this doesn't match the POSIX st_ctime.
+        */
+
+	typedef [public] struct {
+		security_descriptor *sd;
+		NTTIME last_changed;
+	} security_descriptor_timestamp;
+
+        typedef [switch_type(uint16)] union {
+                [case(1)] security_descriptor *sd;
+		[case(2)] security_descriptor_timestamp *sd_ts;
+        } xattr_NTACL_Info;
+
+        typedef [public] struct {
+                uint16 version;
+                [switch_is(version)] xattr_NTACL_Info info;
+        } xattr_NTACL;
+
 }
-- 
cgit