From 59df3ce5b5c5b484793a0e16faeb581ef343e167 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 17 Nov 2003 06:27:45 +0000 Subject: security descriptors are no longer a "special" type, they are handled using the [relative] property this also fixes level3 of PrinterInfo (a relative secdesc) (This used to be commit d5a15257fdd5f6cfe2706765a7c29f623ec1c6f8) --- source4/librpc/ndr/libndr.h | 1 + source4/librpc/ndr/ndr_basic.c | 46 ++++- source4/librpc/ndr/ndr_basic.h | 25 +++ source4/librpc/ndr/ndr_dfs.c | 16 +- source4/librpc/ndr/ndr_echo.c | 8 +- source4/librpc/ndr/ndr_lsa.c | 31 ++-- source4/librpc/ndr/ndr_misc.c | 244 +++++++++++++++++++++------ source4/librpc/ndr/ndr_misc.h | 51 +++--- source4/librpc/ndr/ndr_samr.c | 14 +- source4/librpc/ndr/ndr_sec.c | 354 +-------------------------------------- source4/librpc/ndr/ndr_sec.h | 48 ------ source4/librpc/ndr/ndr_spoolss.c | 53 +++--- source4/librpc/ndr/ndr_spoolss.h | 18 +- 13 files changed, 375 insertions(+), 534 deletions(-) create mode 100644 source4/librpc/ndr/ndr_basic.h (limited to 'source4/librpc/ndr') diff --git a/source4/librpc/ndr/libndr.h b/source4/librpc/ndr/libndr.h index f210765497..8c224d9a01 100644 --- a/source4/librpc/ndr/libndr.h +++ b/source4/librpc/ndr/libndr.h @@ -174,6 +174,7 @@ typedef void (*ndr_print_fn_t)(struct ndr_print *, const char *, void *); typedef void (*ndr_print_union_fn_t)(struct ndr_print *, const char *, uint16, void *); /* now pull in the individual parsers */ +#include "librpc/ndr/ndr_basic.h" #include "librpc/ndr/ndr_sec.h" #include "librpc/ndr/ndr_misc.h" #include "librpc/ndr/ndr_echo.h" diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c index 8e90fc990f..ee03e5aaa2 100644 --- a/source4/librpc/ndr/ndr_basic.c +++ b/source4/librpc/ndr/ndr_basic.c @@ -108,8 +108,11 @@ NTSTATUS ndr_pull_bytes(struct ndr_pull *ndr, char *data, uint32 n) /* pull an array of uint8 */ -NTSTATUS ndr_pull_array_uint8(struct ndr_pull *ndr, char *data, uint32 n) +NTSTATUS ndr_pull_array_uint8(struct ndr_pull *ndr, int ndr_flags, char *data, uint32 n) { + if (!(ndr_flags & NDR_SCALARS)) { + return NT_STATUS_OK; + } return ndr_pull_bytes(ndr, data, n); } @@ -117,9 +120,12 @@ NTSTATUS ndr_pull_array_uint8(struct ndr_pull *ndr, char *data, uint32 n) /* pull an array of uint16 */ -NTSTATUS ndr_pull_array_uint16(struct ndr_pull *ndr, uint16 *data, uint32 n) +NTSTATUS ndr_pull_array_uint16(struct ndr_pull *ndr, int ndr_flags, uint16 *data, uint32 n) { uint32 i; + if (!(ndr_flags & NDR_SCALARS)) { + return NT_STATUS_OK; + } for (i=0;ioffset += length; return NT_STATUS_OK; } + + +/* + parse a policy handle +*/ +NTSTATUS ndr_pull_policy_handle(struct ndr_pull *ndr, + struct policy_handle *r) +{ + NDR_CHECK(ndr_pull_bytes(ndr, r->data, 20)); + return NT_STATUS_OK; +} + +/* + push a policy handle +*/ +NTSTATUS ndr_push_policy_handle(struct ndr_push *ndr, + struct policy_handle *r) +{ + NDR_CHECK(ndr_push_bytes(ndr, r->data, 20)); + return NT_STATUS_OK; +} diff --git a/source4/librpc/ndr/ndr_basic.h b/source4/librpc/ndr/ndr_basic.h new file mode 100644 index 0000000000..38f1252236 --- /dev/null +++ b/source4/librpc/ndr/ndr_basic.h @@ -0,0 +1,25 @@ +/* + Unix SMB/CIFS implementation. + rpc interface definitions - basic types + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + +struct policy_handle { + uint8 data[20]; +}; + diff --git a/source4/librpc/ndr/ndr_dfs.c b/source4/librpc/ndr/ndr_dfs.c index f0597a5b7d..9832735cb1 100644 --- a/source4/librpc/ndr/ndr_dfs.c +++ b/source4/librpc/ndr/ndr_dfs.c @@ -126,7 +126,7 @@ buffers: } if (r->stores) { NDR_CHECK(ndr_push_uint32(ndr, r->num_stores)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo)); } done: return NT_STATUS_OK; @@ -156,7 +156,7 @@ buffers: NDR_CHECK(ndr_push_GUID(ndr, NDR_BUFFERS, &r->guid)); if (r->stores) { NDR_CHECK(ndr_push_uint32(ndr, r->num_stores)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->stores, sizeof(r->stores[0]), r->num_stores, (ndr_push_flags_fn_t)ndr_push_dfs_StorageInfo)); } done: return NT_STATUS_OK; @@ -223,7 +223,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->s) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info1)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info1)); } done: return NT_STATUS_OK; @@ -241,7 +241,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->s) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info2)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info2)); } done: return NT_STATUS_OK; @@ -259,7 +259,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->s) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info3)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info3)); } done: return NT_STATUS_OK; @@ -277,7 +277,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->s) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info4)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info4)); } done: return NT_STATUS_OK; @@ -295,7 +295,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->s) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info200)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info200)); } done: return NT_STATUS_OK; @@ -313,7 +313,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->s) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info300)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->s, sizeof(r->s[0]), r->count, (ndr_push_flags_fn_t)ndr_push_dfs_Info300)); } done: return NT_STATUS_OK; diff --git a/source4/librpc/ndr/ndr_echo.c b/source4/librpc/ndr/ndr_echo.c index 74e55c7c19..0067518f89 100644 --- a/source4/librpc/ndr/ndr_echo.c +++ b/source4/librpc/ndr/ndr_echo.c @@ -14,7 +14,7 @@ NTSTATUS ndr_push_echo_EchoData(struct ndr_push *ndr, struct echo_EchoData *r) NDR_CHECK(ndr_push_uint32(ndr, r->in.len)); if (r->in.in_data) { NDR_CHECK(ndr_push_uint32(ndr, r->in.len)); - NDR_CHECK(ndr_push_array_uint8(ndr, r->in.in_data, r->in.len)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.in_data, r->in.len)); } return NT_STATUS_OK; @@ -25,7 +25,7 @@ NTSTATUS ndr_push_echo_SinkData(struct ndr_push *ndr, struct echo_SinkData *r) NDR_CHECK(ndr_push_uint32(ndr, r->in.len)); if (r->in.data) { NDR_CHECK(ndr_push_uint32(ndr, r->in.len)); - NDR_CHECK(ndr_push_array_uint8(ndr, r->in.data, r->in.len)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.data, r->in.len)); } return NT_STATUS_OK; @@ -62,7 +62,7 @@ NTSTATUS ndr_pull_echo_EchoData(struct ndr_pull *ndr, struct echo_EchoData *r) } } NDR_ALLOC_N_SIZE(ndr, r->out.out_data, r->in.len, sizeof(r->out.out_data[0])); - NDR_CHECK(ndr_pull_array_uint8(ndr, r->out.out_data, r->in.len)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.out_data, r->in.len)); } return NT_STATUS_OK; @@ -84,7 +84,7 @@ NTSTATUS ndr_pull_echo_SourceData(struct ndr_pull *ndr, struct echo_SourceData * return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should be %u", _array_size, r->in.len); } } - NDR_CHECK(ndr_pull_array_uint8(ndr, r->out.data, r->in.len)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.data, r->in.len)); } return NT_STATUS_OK; diff --git a/source4/librpc/ndr/ndr_lsa.c b/source4/librpc/ndr/ndr_lsa.c index 653274e580..f8c482f7a7 100644 --- a/source4/librpc/ndr/ndr_lsa.c +++ b/source4/librpc/ndr/ndr_lsa.c @@ -100,7 +100,7 @@ buffers: NDR_CHECK(ndr_push_unistr(ndr, r->object_name)); } if (r->sec_desc) { - NDR_CHECK(ndr_push_security_descriptor(ndr, r->sec_desc)); + NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->sec_desc)); } if (r->sec_qos) { NDR_CHECK(ndr_push_lsa_QosInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->sec_qos)); @@ -157,7 +157,7 @@ NTSTATUS ndr_push_lsa_SidPtr(struct ndr_push *ndr, int ndr_flags, struct lsa_Sid buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->sid) { - NDR_CHECK(ndr_push_dom_sid2(ndr, r->sid)); + NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid)); } done: return NT_STATUS_OK; @@ -175,7 +175,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->sids) { NDR_CHECK(ndr_push_uint32(ndr, r->num_sids)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->sids, sizeof(r->sids[0]), r->num_sids, (ndr_push_flags_fn_t)ndr_push_lsa_SidPtr)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids, sizeof(r->sids[0]), r->num_sids, (ndr_push_flags_fn_t)ndr_push_lsa_SidPtr)); } done: return NT_STATUS_OK; @@ -232,7 +232,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->sids) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->sids, sizeof(r->sids[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedSid)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids, sizeof(r->sids[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedSid)); } done: return NT_STATUS_OK; @@ -243,9 +243,8 @@ NTSTATUS ndr_push_lsa_LookupNames(struct ndr_push *ndr, struct lsa_LookupNames * NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); NDR_CHECK(ndr_push_uint32(ndr, r->in.num_names)); if (r->in.names) { - int ndr_flags = NDR_SCALARS|NDR_BUFFERS; NDR_CHECK(ndr_push_uint32(ndr, r->in.num_names)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->in.names, sizeof(r->in.names[0]), r->in.num_names, (ndr_push_flags_fn_t)ndr_push_lsa_Name)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.names, sizeof(r->in.names[0]), r->in.num_names, (ndr_push_flags_fn_t)ndr_push_lsa_Name)); } NDR_CHECK(ndr_push_lsa_TransSidArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sids)); NDR_CHECK(ndr_push_uint16(ndr, r->in.level)); @@ -282,7 +281,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->names) { NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->names, sizeof(r->names[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedName)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS|NDR_BUFFERS, r->names, sizeof(r->names[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedName)); } done: return NT_STATUS_OK; @@ -308,7 +307,7 @@ NTSTATUS ndr_push_CREATESECRET(struct ndr_push *ndr, struct CREATESECRET *r) NTSTATUS ndr_push_lsa_OpenAccount(struct ndr_push *ndr, struct lsa_OpenAccount *r) { NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); - NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid)); + NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sid)); NDR_CHECK(ndr_push_uint32(ndr, r->in.desired_access)); return NT_STATUS_OK; @@ -442,7 +441,7 @@ NTSTATUS ndr_push_ENUMACCTWITHRIGHT(struct ndr_push *ndr, struct ENUMACCTWITHRIG NTSTATUS ndr_push_lsa_EnumAccountRights(struct ndr_push *ndr, struct lsa_EnumAccountRights *r) { NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); - NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid)); + NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sid)); return NT_STATUS_OK; } @@ -625,7 +624,7 @@ NTSTATUS ndr_pull_sec_desc_buf(struct ndr_pull *ndr, int ndr_flags, struct sec_d buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->sd) { - NDR_CHECK(ndr_pull_subcontext_fn(ndr, r->sd, (ndr_pull_fn_t) ndr_pull_security_descriptor)); + NDR_CHECK(ndr_pull_subcontext_flags_fn(ndr, r->sd, (ndr_pull_flags_fn_t) ndr_pull_security_descriptor)); } done: return NT_STATUS_OK; @@ -704,7 +703,7 @@ buffers: return ndr_pull_error(ndr, NDR_ERR_CONFORMANT_SIZE, "Bad conformant size %u should be %u", _conformant_size, r->count); } NDR_ALLOC_N_SIZE(ndr, r->settings, _conformant_size, sizeof(r->settings[0])); - NDR_CHECK(ndr_pull_array_uint32(ndr, r->settings, r->count)); + NDR_CHECK(ndr_pull_array_uint32(ndr, NDR_SCALARS|NDR_BUFFERS, r->settings, r->count)); done: return NT_STATUS_OK; } @@ -750,7 +749,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->name)); if (r->sid) { - NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid)); } done: return NT_STATUS_OK; @@ -882,7 +881,7 @@ buffers: NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->dns_forest)); NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->domain_guid)); if (r->sid) { - NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid)); } done: return NT_STATUS_OK; @@ -1061,7 +1060,7 @@ NTSTATUS ndr_pull_lsa_SidPtr(struct ndr_pull *ndr, int ndr_flags, struct lsa_Sid buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; if (r->sid) { - NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid)); } done: return NT_STATUS_OK; @@ -1132,7 +1131,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->name)); if (r->sid) { - NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid)); } done: return NT_STATUS_OK; @@ -1242,7 +1241,7 @@ buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_BUFFERS, &r->name)); if (r->sid) { - NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid)); } done: return NT_STATUS_OK; diff --git a/source4/librpc/ndr/ndr_misc.c b/source4/librpc/ndr/ndr_misc.c index 08ec44c0b0..65e198ce96 100644 --- a/source4/librpc/ndr/ndr_misc.c +++ b/source4/librpc/ndr/ndr_misc.c @@ -1,69 +1,217 @@ -/* - Unix SMB/CIFS implementation. +/* parser auto-generated by pidl */ - routines for marshalling/unmarshalling miscellaneous rpc structures - - Copyright (C) Andrew Tridgell 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ +#include "includes.h" +NTSTATUS ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, struct dom_sid *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_struct_start(ndr)); + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint8(ndr, r->sid_rev_num)); + NDR_CHECK(ndr_push_uint8(ndr, r->num_auths)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); + NDR_CHECK(ndr_push_array_uint32(ndr, NDR_SCALARS, r->sub_auths, r->num_auths)); + ndr_push_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_BUFFERS, r->id_auth, 6)); + NDR_CHECK(ndr_push_array_uint32(ndr, NDR_BUFFERS, r->sub_auths, r->num_auths)); +done: + return NT_STATUS_OK; +} -#include "includes.h" +NTSTATUS ndr_push_security_ace(struct ndr_push *ndr, int ndr_flags, struct security_ace *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_struct_start(ndr)); + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint8(ndr, r->type)); + NDR_CHECK(ndr_push_uint8(ndr, r->flags)); + NDR_CHECK(ndr_push_uint32(ndr, r->access_mask)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, &r->trustee)); + ndr_push_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_BUFFERS, &r->trustee)); +done: + return NT_STATUS_OK; +} +NTSTATUS ndr_push_security_acl(struct ndr_push *ndr, int ndr_flags, struct security_acl *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_struct_start(ndr)); + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint16(ndr, r->revision)); + NDR_CHECK(ndr_push_uint32(ndr, r->num_aces)); + NDR_CHECK(ndr_push_array(ndr, NDR_SCALARS, r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_push_flags_fn_t)ndr_push_security_ace)); + ndr_push_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_push_array(ndr, NDR_BUFFERS, r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_push_flags_fn_t)ndr_push_security_ace)); +done: + return NT_STATUS_OK; +} -/* - parse a policy handle -*/ -NTSTATUS ndr_pull_policy_handle(struct ndr_pull *ndr, - struct policy_handle *r) +NTSTATUS ndr_push_security_descriptor(struct ndr_push *ndr, int ndr_flags, struct security_descriptor *r) { - NDR_CHECK(ndr_pull_bytes(ndr, r->data, 20)); + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_struct_start(ndr)); + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint8(ndr, r->revision)); + NDR_CHECK(ndr_push_uint16(ndr, r->type)); + NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->owner_sid, (ndr_push_const_fn_t) ndr_push_dom_sid)); + NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->group_sid, (ndr_push_const_fn_t) ndr_push_dom_sid)); + NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->sacl, (ndr_push_const_fn_t) ndr_push_security_acl)); + NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->dacl, (ndr_push_const_fn_t) ndr_push_security_acl)); + ndr_push_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->owner_sid) { + NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->owner_sid, (ndr_push_const_fn_t) ndr_push_dom_sid)); + } + if (r->group_sid) { + NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->group_sid, (ndr_push_const_fn_t) ndr_push_dom_sid)); + } + if (r->sacl) { + NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->sacl, (ndr_push_const_fn_t) ndr_push_security_acl)); + } + if (r->dacl) { + NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->dacl, (ndr_push_const_fn_t) ndr_push_security_acl)); + } +done: return NT_STATUS_OK; } -/* - push a policy handle -*/ -NTSTATUS ndr_push_policy_handle(struct ndr_push *ndr, - struct policy_handle *r) +NTSTATUS ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r) { - NDR_CHECK(ndr_push_bytes(ndr, r->data, 20)); + NDR_CHECK(ndr_pull_struct_start(ndr)); + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint8(ndr, &r->sid_rev_num)); + NDR_CHECK(ndr_pull_uint8(ndr, &r->num_auths)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); + NDR_ALLOC_N_SIZE(ndr, r->sub_auths, r->num_auths, sizeof(r->sub_auths[0])); + NDR_CHECK(ndr_pull_array_uint32(ndr, NDR_SCALARS, r->sub_auths, r->num_auths)); + ndr_pull_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_BUFFERS, r->id_auth, 6)); + NDR_CHECK(ndr_pull_array_uint32(ndr, NDR_BUFFERS, r->sub_auths, r->num_auths)); +done: return NT_STATUS_OK; } +NTSTATUS ndr_pull_security_ace(struct ndr_pull *ndr, int ndr_flags, struct security_ace *r) +{ + NDR_CHECK(ndr_pull_struct_start(ndr)); + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint8(ndr, &r->type)); + NDR_CHECK(ndr_pull_uint8(ndr, &r->flags)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->access_mask)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, &r->trustee)); + ndr_pull_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_BUFFERS, &r->trustee)); +done: + return NT_STATUS_OK; +} -/* - push a buffer of bytes -*/ -NTSTATUS ndr_push_uint8_buf(struct ndr_push *ndr, int ndr_flags, - struct uint8_buf *buf) +NTSTATUS ndr_pull_security_acl(struct ndr_pull *ndr, int ndr_flags, struct security_acl *r) { - NDR_CHECK(ndr_push_uint32(ndr, buf->size)); - NDR_CHECK(ndr_push_bytes(ndr, buf->data, buf->size)); + NDR_CHECK(ndr_pull_struct_start(ndr)); + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint16(ndr, &r->revision)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->num_aces)); + NDR_ALLOC_N_SIZE(ndr, r->aces, r->num_aces, sizeof(r->aces[0])); + NDR_CHECK(ndr_pull_array(ndr, NDR_SCALARS, (void **)r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_pull_flags_fn_t)ndr_pull_security_ace)); + ndr_pull_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_array(ndr, NDR_BUFFERS, (void **)r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_pull_flags_fn_t)ndr_pull_security_ace)); +done: return NT_STATUS_OK; } -/* - pull a buffer of bytes -*/ -NTSTATUS ndr_pull_uint8_buf(struct ndr_pull *ndr, int ndr_flags, - struct uint8_buf *buf) +NTSTATUS ndr_pull_security_descriptor(struct ndr_pull *ndr, int ndr_flags, struct security_descriptor *r) { - NDR_CHECK(ndr_pull_uint32(ndr, &buf->size)); - NDR_ALLOC_SIZE(ndr, buf->data, buf->size); - NDR_CHECK(ndr_pull_bytes(ndr, buf->data, buf->size)); + uint32 _ptr_owner_sid; + uint32 _ptr_group_sid; + uint32 _ptr_sacl; + uint32 _ptr_dacl; + NDR_CHECK(ndr_pull_struct_start(ndr)); + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint8(ndr, &r->revision)); + NDR_CHECK(ndr_pull_uint16(ndr, &r->type)); + NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->owner_sid, sizeof(*r->owner_sid), (ndr_pull_flags_fn_t)ndr_pull_dom_sid)); + NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->group_sid, sizeof(*r->group_sid), (ndr_pull_flags_fn_t)ndr_pull_dom_sid)); + NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->sacl, sizeof(*r->sacl), (ndr_pull_flags_fn_t)ndr_pull_security_acl)); + NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->dacl, sizeof(*r->dacl), (ndr_pull_flags_fn_t)ndr_pull_security_acl)); + ndr_pull_struct_end(ndr); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; +done: return NT_STATUS_OK; } + +void ndr_print_security_ace(struct ndr_print *ndr, const char *name, struct security_ace *r) +{ + ndr_print_struct(ndr, name, "security_ace"); + ndr->depth++; + ndr_print_uint8(ndr, "type", r->type); + ndr_print_uint8(ndr, "flags", r->flags); + ndr_print_uint32(ndr, "access_mask", r->access_mask); + ndr_print_dom_sid(ndr, "trustee", &r->trustee); + ndr->depth--; +} + +void ndr_print_security_acl(struct ndr_print *ndr, const char *name, struct security_acl *r) +{ + ndr_print_struct(ndr, name, "security_acl"); + ndr->depth++; + ndr_print_uint16(ndr, "revision", r->revision); + ndr_print_uint32(ndr, "num_aces", r->num_aces); + ndr_print_ptr(ndr, "aces", r->aces); + ndr->depth++; + ndr_print_array(ndr, "aces", r->aces, sizeof(r->aces[0]), r->num_aces, (ndr_print_fn_t)ndr_print_security_ace); + ndr->depth--; + ndr->depth--; +} + +void ndr_print_security_descriptor(struct ndr_print *ndr, const char *name, struct security_descriptor *r) +{ + ndr_print_struct(ndr, name, "security_descriptor"); + ndr->depth++; + ndr_print_uint8(ndr, "revision", r->revision); + ndr_print_uint16(ndr, "type", r->type); + ndr_print_ptr(ndr, "owner_sid", r->owner_sid); + ndr->depth++; + if (r->owner_sid) { + ndr_print_dom_sid(ndr, "owner_sid", r->owner_sid); + } + ndr->depth--; + ndr_print_ptr(ndr, "group_sid", r->group_sid); + ndr->depth++; + if (r->group_sid) { + ndr_print_dom_sid(ndr, "group_sid", r->group_sid); + } + ndr->depth--; + ndr_print_ptr(ndr, "sacl", r->sacl); + ndr->depth++; + if (r->sacl) { + ndr_print_security_acl(ndr, "sacl", r->sacl); + } + ndr->depth--; + ndr_print_ptr(ndr, "dacl", r->dacl); + ndr->depth++; + if (r->dacl) { + ndr_print_security_acl(ndr, "dacl", r->dacl); + } + ndr->depth--; + ndr->depth--; +} + diff --git a/source4/librpc/ndr/ndr_misc.h b/source4/librpc/ndr/ndr_misc.h index 1621bf6e05..8869b535ec 100644 --- a/source4/librpc/ndr/ndr_misc.h +++ b/source4/librpc/ndr/ndr_misc.h @@ -1,32 +1,31 @@ -/* - Unix SMB/CIFS implementation. +/* header auto-generated by pidl */ - definitions for marshalling/unmarshalling miscellaneous structures +struct dom_sid { + uint8 sid_rev_num; + uint8 num_auths; + uint8 id_auth[6]; + uint32 *sub_auths; +}; - Copyright (C) Andrew Tridgell 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ +struct security_ace { + uint8 type; + uint8 flags; + uint32 access_mask; + struct dom_sid trustee; +}; -/* policy handles are used all over the place */ -struct policy_handle { - char data[20]; +struct security_acl { + uint16 revision; + uint32 num_aces; + struct security_ace *aces; }; -/* A buffer of uint8s */ -struct uint8_buf { - uint32 size; - uint8 *data; +struct security_descriptor { + uint8 revision; + uint16 type; + struct dom_sid *owner_sid; + struct dom_sid *group_sid; + struct security_acl *sacl; + struct security_acl *dacl; }; + diff --git a/source4/librpc/ndr/ndr_samr.c b/source4/librpc/ndr/ndr_samr.c index a3786117b1..33750b767d 100644 --- a/source4/librpc/ndr/ndr_samr.c +++ b/source4/librpc/ndr/ndr_samr.c @@ -77,7 +77,7 @@ NTSTATUS ndr_push_samr_OpenDomain(struct ndr_push *ndr, struct samr_OpenDomain * { NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); NDR_CHECK(ndr_push_uint32(ndr, r->in.access_mask)); - NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid)); + NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sid)); return NT_STATUS_OK; } @@ -546,7 +546,7 @@ NTSTATUS ndr_pull_samr_LookupDomain(struct ndr_pull *ndr, struct samr_LookupDoma r->out.sid = NULL; } if (r->out.sid) { - NDR_CHECK(ndr_pull_dom_sid2(ndr, r->out.sid)); + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid)); } NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); @@ -1507,7 +1507,7 @@ buffers: NDR_CHECK(ndr_pull_uint32(ndr, &_length)); if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset); if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260); - NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length)); } done: return NT_STATUS_OK; @@ -1543,7 +1543,7 @@ buffers: NDR_CHECK(ndr_pull_uint32(ndr, &_length)); if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset); if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260); - NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length)); } done: return NT_STATUS_OK; @@ -1603,7 +1603,7 @@ buffers: NDR_CHECK(ndr_pull_uint32(ndr, &_length)); if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset); if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260); - NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length)); } done: return NT_STATUS_OK; @@ -1855,7 +1855,7 @@ buffers: } } NDR_ALLOC_N_SIZE(ndr, r->buffer, r->buf_count, sizeof(r->buffer[0])); - NDR_CHECK(ndr_pull_array_uint8(ndr, r->buffer, r->buf_count)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->buffer, r->buf_count)); } if (r->logon_hours) { { @@ -1871,7 +1871,7 @@ buffers: NDR_CHECK(ndr_pull_uint32(ndr, &_length)); if (_offset != 0) return ndr_pull_error(ndr, NDR_ERR_OFFSET, "Bad array offset 0x%08x", _offset); if (_length > 1260 || _length != r->units_per_week/8) return ndr_pull_error(ndr, NDR_ERR_LENGTH, "Bad array length 0x%08x > size 0x%08x", _offset, 1260); - NDR_CHECK(ndr_pull_array_uint8(ndr, r->logon_hours, _length)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS|NDR_BUFFERS, r->logon_hours, _length)); } done: return NT_STATUS_OK; diff --git a/source4/librpc/ndr/ndr_sec.c b/source4/librpc/ndr/ndr_sec.c index 06abbd355e..5a959b9b47 100644 --- a/source4/librpc/ndr/ndr_sec.c +++ b/source4/librpc/ndr/ndr_sec.c @@ -24,297 +24,29 @@ #include "includes.h" -/* - parse a security_ace -*/ -NTSTATUS ndr_pull_security_ace(struct ndr_pull *ndr, struct security_ace *ace) -{ - uint16 size; - struct ndr_pull_save save; - - ndr_pull_save(ndr, &save); - - NDR_CHECK(ndr_pull_uint8(ndr, &ace->type)); - NDR_CHECK(ndr_pull_uint8(ndr, &ace->flags)); - NDR_CHECK(ndr_pull_uint16(ndr, &size)); - NDR_CHECK(ndr_pull_limit_size(ndr, size, 4)); - - NDR_CHECK(ndr_pull_uint32(ndr, &ace->access_mask)); - - if (sec_ace_object(ace->type)) { - NDR_ALLOC(ndr, ace->obj); - NDR_CHECK(ndr_pull_uint32(ndr, &ace->obj->flags)); - if (ace->obj->flags & SEC_ACE_OBJECT_PRESENT) { - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &ace->obj->object_guid)); - } - if (ace->obj->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) { - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &ace->obj->inherit_guid)); - } - } else { - ace->obj = NULL; - } - - - NDR_CHECK(ndr_pull_dom_sid(ndr, &ace->trustee)); - - ndr_pull_restore(ndr, &save); - NDR_CHECK(ndr_pull_advance(ndr, size)); - - return NT_STATUS_OK; -} - -/* - parse a security_acl -*/ -NTSTATUS ndr_pull_security_acl(struct ndr_pull *ndr, struct security_acl *acl) -{ - int i; - uint16 size; - struct ndr_pull_save save; - - ndr_pull_save(ndr, &save); - - NDR_CHECK(ndr_pull_uint16(ndr, &acl->revision)); - NDR_CHECK(ndr_pull_uint16(ndr, &size)); - NDR_CHECK(ndr_pull_limit_size(ndr, size, 4)); - NDR_CHECK(ndr_pull_uint32(ndr, &acl->num_aces)); - - NDR_ALLOC_N(ndr, acl->aces, acl->num_aces); - - for (i=0;inum_aces;i++) { - NDR_CHECK(ndr_pull_security_ace(ndr, &acl->aces[i])); - } - - ndr_pull_restore(ndr, &save); - NDR_CHECK(ndr_pull_advance(ndr, size)); - - return NT_STATUS_OK; -} - -/* - parse a security_acl offset and structure -*/ -NTSTATUS ndr_pull_security_acl_ofs(struct ndr_pull *ndr, struct security_acl **acl) -{ - uint32 ofs; - struct ndr_pull_save save; - - NDR_CHECK(ndr_pull_uint32(ndr, &ofs)); - if (ofs == 0) { - /* it is valid for an acl ptr to be NULL */ - *acl = NULL; - return NT_STATUS_OK; - } - - ndr_pull_save(ndr, &save); - NDR_CHECK(ndr_pull_set_offset(ndr, ofs)); - NDR_ALLOC(ndr, *acl); - NDR_CHECK(ndr_pull_security_acl(ndr, *acl)); - ndr_pull_restore(ndr, &save); - - return NT_STATUS_OK; -} - - -/* - parse a dom_sid -*/ -NTSTATUS ndr_pull_dom_sid(struct ndr_pull *ndr, struct dom_sid *sid) -{ - int i; - - NDR_CHECK(ndr_pull_uint8(ndr, &sid->sid_rev_num)); - NDR_CHECK(ndr_pull_uint8(ndr, &sid->num_auths)); - for (i=0;i<6;i++) { - NDR_CHECK(ndr_pull_uint8(ndr, &sid->id_auth[i])); - } - - NDR_ALLOC_N(ndr, sid->sub_auths, sid->num_auths); - - for (i=0;inum_auths;i++) { - NDR_CHECK(ndr_pull_uint32(ndr, &sid->sub_auths[i])); - } - - return NT_STATUS_OK; -} - /* parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field */ -NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, struct dom_sid *sid) +NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) { uint32 num_auths; - NDR_CHECK(ndr_pull_uint32(ndr, &num_auths)); - return ndr_pull_dom_sid(ndr, sid); -} - -/* - parse a dom_sid offset and structure -*/ -NTSTATUS ndr_pull_dom_sid_ofs(struct ndr_pull *ndr, struct dom_sid **sid) -{ - uint32 ofs; - struct ndr_pull_save save; - - NDR_CHECK(ndr_pull_uint32(ndr, &ofs)); - if (ofs == 0) { - /* it is valid for a dom_sid ptr to be NULL */ - *sid = NULL; + if (!(ndr_flags & NDR_SCALARS)) { return NT_STATUS_OK; } - - ndr_pull_save(ndr, &save); - NDR_CHECK(ndr_pull_set_offset(ndr, ofs)); - NDR_ALLOC(ndr, *sid); - NDR_CHECK(ndr_pull_dom_sid(ndr, *sid)); - ndr_pull_restore(ndr, &save); - - return NT_STATUS_OK; -} - -/* - parse a security descriptor -*/ -NTSTATUS ndr_pull_security_descriptor(struct ndr_pull *ndr, - struct security_descriptor *sd) -{ - NDR_CHECK(ndr_pull_uint8(ndr, &sd->revision)); - NDR_CHECK(ndr_pull_uint16(ndr, &sd->type)); - NDR_CHECK(ndr_pull_dom_sid_ofs(ndr, &sd->owner_sid)); - NDR_CHECK(ndr_pull_dom_sid_ofs(ndr, &sd->group_sid)); - NDR_CHECK(ndr_pull_security_acl_ofs(ndr, &sd->sacl)); - NDR_CHECK(ndr_pull_security_acl_ofs(ndr, &sd->dacl)); - - return NT_STATUS_OK; -} - - -/* - parse a security_ace -*/ -NTSTATUS ndr_push_security_ace(struct ndr_push *ndr, struct security_ace *ace) -{ - struct ndr_push_save save1, save2; - - NDR_CHECK(ndr_push_uint8(ndr, ace->type)); - NDR_CHECK(ndr_push_uint8(ndr, ace->flags)); - ndr_push_save(ndr, &save1); - NDR_CHECK(ndr_push_uint16(ndr, 0)); - NDR_CHECK(ndr_push_uint32(ndr, ace->access_mask)); - - if (sec_ace_object(ace->type)) { - NDR_CHECK(ndr_push_uint32(ndr, ace->obj->flags)); - if (ace->obj->flags & SEC_ACE_OBJECT_PRESENT) { - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &ace->obj->object_guid)); - } - if (ace->obj->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) { - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &ace->obj->inherit_guid)); - } - } - - NDR_CHECK(ndr_push_dom_sid(ndr, &ace->trustee)); - - ndr_push_save(ndr, &save2); - ndr_push_restore(ndr, &save1); - NDR_CHECK(ndr_push_uint16(ndr, 2 + save2.offset - save1.offset)); - ndr_push_restore(ndr, &save2); - - return NT_STATUS_OK; -} - - -/* - push a security_acl -*/ -NTSTATUS ndr_push_security_acl(struct ndr_push *ndr, struct security_acl *acl) -{ - int i; - struct ndr_push_save save1, save2; - - NDR_CHECK(ndr_push_uint16(ndr, acl->revision)); - ndr_push_save(ndr, &save1); - NDR_CHECK(ndr_push_uint16(ndr, 0)); - NDR_CHECK(ndr_push_uint32(ndr, acl->num_aces)); - for (i=0;inum_aces;i++) { - NDR_CHECK(ndr_push_security_ace(ndr, &acl->aces[i])); - } - ndr_push_save(ndr, &save2); - ndr_push_restore(ndr, &save1); - NDR_CHECK(ndr_push_uint16(ndr, 2 + save2.offset - save1.offset)); - ndr_push_restore(ndr, &save2); - - return NT_STATUS_OK; -} - -/* - push a dom_sid -*/ -NTSTATUS ndr_push_dom_sid(struct ndr_push *ndr, struct dom_sid *sid) -{ - int i; - - NDR_CHECK(ndr_push_uint8(ndr, sid->sid_rev_num)); - NDR_CHECK(ndr_push_uint8(ndr, sid->num_auths)); - for (i=0;i<6;i++) { - NDR_CHECK(ndr_push_uint8(ndr, sid->id_auth[i])); - } - for (i=0;inum_auths;i++) { - NDR_CHECK(ndr_push_uint32(ndr, sid->sub_auths[i])); - } - - return NT_STATUS_OK; + NDR_CHECK(ndr_pull_uint32(ndr, &num_auths)); + return ndr_pull_dom_sid(ndr, ndr_flags, sid); } /* parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field */ -NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, struct dom_sid *sid) +NTSTATUS ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, struct dom_sid *sid) { - NDR_CHECK(ndr_push_uint32(ndr, sid->num_auths)); - return ndr_push_dom_sid(ndr, sid); -} - - -/* - generate a ndr security descriptor -*/ -NTSTATUS ndr_push_security_descriptor(struct ndr_push *ndr, - struct security_descriptor *sd) -{ - struct ndr_push_save save; - struct ndr_push_save ofs1, ofs2, ofs3, ofs4; - - ndr_push_save(ndr, &save); - - NDR_CHECK(ndr_push_uint8(ndr, sd->revision)); - NDR_CHECK(ndr_push_uint16(ndr, sd->type)); - - NDR_CHECK(ndr_push_offset(ndr, &ofs1)); - NDR_CHECK(ndr_push_offset(ndr, &ofs2)); - NDR_CHECK(ndr_push_offset(ndr, &ofs3)); - NDR_CHECK(ndr_push_offset(ndr, &ofs4)); - - if (sd->owner_sid) { - NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs1, &save)); - NDR_CHECK(ndr_push_dom_sid(ndr, sd->owner_sid)); - } - - if (sd->group_sid) { - NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs2, &save)); - NDR_CHECK(ndr_push_dom_sid(ndr, sd->group_sid)); - } - - if (sd->sacl) { - NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs3, &save)); - NDR_CHECK(ndr_push_security_acl(ndr, sd->sacl)); - } - - if (sd->dacl) { - NDR_CHECK(ndr_push_offset_ptr(ndr, &ofs4, &save)); - NDR_CHECK(ndr_push_security_acl(ndr, sd->dacl)); + if (!(ndr_flags & NDR_SCALARS)) { + return NT_STATUS_OK; } - - return NT_STATUS_OK; + NDR_CHECK(ndr_push_uint32(ndr, sid->num_auths)); + return ndr_push_dom_sid(ndr, ndr_flags, sid); } @@ -356,71 +88,3 @@ void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, struct dom_sid2 ndr_print_dom_sid(ndr, name, sid); } - -/* - print a security_ace -*/ -void ndr_print_security_ace(struct ndr_print *ndr, const char *name, struct security_ace *ace) -{ - ndr_print_struct(ndr, name, "security_ace"); - ndr->depth++; - ndr_print_uint8(ndr, "type", ace->type); - ndr_print_uint8(ndr, "flags", ace->flags); - ndr_print_uint32(ndr, "access_mask", ace->access_mask); - if (ace->obj) { - ndr_print_struct(ndr, name, "security_ace_obj"); - ndr->depth++; - ndr_print_uint32(ndr, "flags", ace->obj->flags); - ndr_print_GUID(ndr, "object_guid", &ace->obj->object_guid); - ndr_print_GUID(ndr, "inherit_guid", &ace->obj->inherit_guid); - ndr->depth--; - } - ndr_print_dom_sid(ndr, "trustee", &ace->trustee); - ndr->depth--; -} - -/* - print a security_acl -*/ -void ndr_print_security_acl(struct ndr_print *ndr, const char *name, struct security_acl *acl) -{ - ndr_print_struct(ndr, name, "security_acl"); - ndr->depth++; - ndr_print_uint16(ndr, "revision", acl->revision); - ndr_print_uint32(ndr, "num_aces", acl->num_aces); - ndr_print_array(ndr, "aces", acl->aces, - sizeof(acl->aces[0]), acl->num_aces, - (ndr_print_fn_t) ndr_print_security_ace); - ndr->depth--; -} - -/* - print a security descriptor -*/ -void ndr_print_security_descriptor(struct ndr_print *ndr, - const char *name, - struct security_descriptor *sd) -{ - ndr_print_struct(ndr, name, "security_descriptor"); - ndr->depth++; - ndr_print_uint8(ndr, "revision", sd->revision); - ndr_print_uint16(ndr, "type", sd->type); - ndr_print_ptr(ndr, "owner_sid", sd->owner_sid); - if (sd->owner_sid) { - ndr_print_dom_sid(ndr, "owner_sid", sd->owner_sid); - } - ndr_print_ptr(ndr, "group_sid", sd->group_sid); - if (sd->group_sid) { - ndr_print_dom_sid(ndr, "group_sid", sd->group_sid); - } - ndr_print_ptr(ndr, "sacl", sd->sacl); - if (sd->sacl) { - ndr_print_security_acl(ndr, "sacl", sd->sacl); - } - ndr_print_ptr(ndr, "dacl", sd->dacl); - if (sd->dacl) { - ndr_print_security_acl(ndr, "dacl", sd->dacl); - } - ndr->depth--; -} - diff --git a/source4/librpc/ndr/ndr_sec.h b/source4/librpc/ndr/ndr_sec.h index 60408082e4..27a1311adc 100644 --- a/source4/librpc/ndr/ndr_sec.h +++ b/source4/librpc/ndr/ndr_sec.h @@ -22,57 +22,9 @@ */ -/* a domain SID. Note that unlike Samba3 this contains a pointer, - so you can't copy them using assignment */ -struct dom_sid { - uint8 sid_rev_num; /**< SID revision number */ - uint8 num_auths; /**< Number of sub-authorities */ - uint8 id_auth[6]; /**< Identifier Authority */ - uint32 *sub_auths; -}; - /* use the same structure for dom_sid2 as dom_sid */ #define dom_sid2 dom_sid -/* an access control element */ -struct security_ace { - uint8 type; /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */ - uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */ - - uint32 access_mask; - - /* the 'obj' part is present when type is XXXX_TYPE_XXXX_OBJECT */ - struct { - uint32 flags; - GUID object_guid; - GUID inherit_guid; - } *obj; - - struct dom_sid trustee; -}; - - -/* a security ACL */ -struct security_acl { - uint16 revision; - uint32 num_aces; - - struct security_ace *aces; -}; - - -/* a security descriptor */ -struct security_descriptor { - uint8 revision; - uint16 type; /* SEC_DESC_xxxx flags */ - - struct dom_sid *owner_sid; - struct dom_sid *group_sid; - struct security_acl *sacl; /* system ACL */ - struct security_acl *dacl; /* user (discretionary) ACL */ -}; - - /* query security descriptor */ struct smb_query_secdesc { struct { diff --git a/source4/librpc/ndr/ndr_spoolss.c b/source4/librpc/ndr/ndr_spoolss.c index 2e2e911311..27227d1b90 100644 --- a/source4/librpc/ndr/ndr_spoolss.c +++ b/source4/librpc/ndr/ndr_spoolss.c @@ -41,11 +41,13 @@ NTSTATUS ndr_push_spoolss_DeviceMode(struct ndr_push *ndr, int ndr_flags, struct NDR_CHECK(ndr_push_uint32(ndr, r->reserved2)); NDR_CHECK(ndr_push_uint32(ndr, r->panningwidth)); NDR_CHECK(ndr_push_uint32(ndr, r->panningheight)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->private, r->driverextra)); ndr_push_struct_end(ndr); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; NDR_CHECK(ndr_push_nstring(ndr, NDR_BUFFERS, &r->devicename)); NDR_CHECK(ndr_push_nstring(ndr, NDR_BUFFERS, &r->formname)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_BUFFERS, r->private, r->driverextra)); done: return NT_STATUS_OK; } @@ -125,13 +127,11 @@ NTSTATUS ndr_push_spoolss_PrinterInfo3(struct ndr_push *ndr, int ndr_flags, stru NDR_CHECK(ndr_push_struct_start(ndr)); NDR_CHECK(ndr_push_align(ndr, 4)); NDR_CHECK(ndr_push_uint32(ndr, r->flags)); - NDR_CHECK(ndr_push_relative(ndr, NDR_SCALARS, r->secdesc, (ndr_push_const_fn_t) ndr_push_security_descriptor)); + NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_SCALARS, &r->secdesc)); ndr_push_struct_end(ndr); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; - if (r->secdesc) { - NDR_CHECK(ndr_push_relative(ndr, NDR_BUFFERS, r->secdesc, (ndr_push_const_fn_t) ndr_push_security_descriptor)); - } + NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_BUFFERS, &r->secdesc)); done: return NT_STATUS_OK; } @@ -331,9 +331,9 @@ NTSTATUS ndr_push_spoolss_EnumJobs(struct ndr_push *ndr, struct spoolss_EnumJobs NDR_CHECK(ndr_push_uint32(ndr, r->in.level)); NDR_CHECK(ndr_push_ptr(ndr, r->in.buffer)); if (r->in.buffer) { - NDR_CHECK(ndr_push_uint8_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.buffer)); + NDR_CHECK(ndr_push_DATA_BLOB(ndr, *r->in.buffer)); } - NDR_CHECK(ndr_push_uint32(ndr, r->in.offered)); + NDR_CHECK(ndr_push_uint32(ndr, *r->in.buf_size)); return NT_STATUS_OK; } @@ -852,7 +852,11 @@ NTSTATUS ndr_push_spoolss_EnumPrinterData(struct ndr_push *ndr, struct spoolss_E NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); NDR_CHECK(ndr_push_uint32(ndr, r->in.enum_index)); NDR_CHECK(ndr_push_uint32(ndr, r->in.value_offered)); - NDR_CHECK(ndr_push_uint32(ndr, r->in.data_offered)); + NDR_CHECK(ndr_push_ptr(ndr, r->in.buffer)); + if (r->in.buffer) { + NDR_CHECK(ndr_push_DATA_BLOB(ndr, *r->in.buffer)); + } + NDR_CHECK(ndr_push_uint32(ndr, *r->in.buf_size)); return NT_STATUS_OK; } @@ -1034,11 +1038,14 @@ NTSTATUS ndr_pull_spoolss_DeviceMode(struct ndr_pull *ndr, int ndr_flags, struct NDR_CHECK(ndr_pull_uint32(ndr, &r->reserved2)); NDR_CHECK(ndr_pull_uint32(ndr, &r->panningwidth)); NDR_CHECK(ndr_pull_uint32(ndr, &r->panningheight)); + NDR_ALLOC_N_SIZE(ndr, r->private, r->driverextra, sizeof(r->private[0])); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->private, r->driverextra)); ndr_pull_struct_end(ndr); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; NDR_CHECK(ndr_pull_nstring(ndr, NDR_BUFFERS, &r->devicename)); NDR_CHECK(ndr_pull_nstring(ndr, NDR_BUFFERS, &r->formname)); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_BUFFERS, r->private, r->driverextra)); done: return NT_STATUS_OK; } @@ -1096,15 +1103,15 @@ done: NTSTATUS ndr_pull_spoolss_PrinterInfo3(struct ndr_pull *ndr, int ndr_flags, struct spoolss_PrinterInfo3 *r) { - uint32 _ptr_secdesc; NDR_CHECK(ndr_pull_struct_start(ndr)); if (!(ndr_flags & NDR_SCALARS)) goto buffers; NDR_CHECK(ndr_pull_align(ndr, 4)); NDR_CHECK(ndr_pull_uint32(ndr, &r->flags)); - NDR_CHECK(ndr_pull_relative(ndr, (const void **)&r->secdesc, sizeof(*r->secdesc), (ndr_pull_flags_fn_t)ndr_pull_security_descriptor)); + NDR_CHECK(ndr_pull_security_descriptor(ndr, NDR_SCALARS, &r->secdesc)); ndr_pull_struct_end(ndr); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_security_descriptor(ndr, NDR_BUFFERS, &r->secdesc)); done: return NT_STATUS_OK; } @@ -1294,9 +1301,9 @@ NTSTATUS ndr_pull_spoolss_EnumJobs(struct ndr_pull *ndr, struct spoolss_EnumJobs r->out.buffer = NULL; } if (r->out.buffer) { - NDR_CHECK(ndr_pull_uint8_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.buffer)); + NDR_CHECK(ndr_pull_DATA_BLOB(ndr, r->out.buffer)); } - NDR_CHECK(ndr_pull_uint32(ndr, &r->out.needed)); + NDR_CHECK(ndr_pull_uint32(ndr, r->out.buf_size)); NDR_CHECK(ndr_pull_uint32(ndr, &r->out.numjobs)); NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); @@ -1788,6 +1795,7 @@ NTSTATUS ndr_pull_spoolss_47(struct ndr_pull *ndr, struct spoolss_47 *r) NTSTATUS ndr_pull_spoolss_EnumPrinterData(struct ndr_pull *ndr, struct spoolss_EnumPrinterData *r) { uint32 _ptr_value_name; + uint32 _ptr_buffer; NDR_CHECK(ndr_pull_uint32(ndr, &r->out.value_len)); NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_value_name)); if (_ptr_value_name) { @@ -1800,8 +1808,16 @@ NTSTATUS ndr_pull_spoolss_EnumPrinterData(struct ndr_pull *ndr, struct spoolss_E } NDR_CHECK(ndr_pull_uint32(ndr, &r->out.value_needed)); NDR_CHECK(ndr_pull_uint32(ndr, &r->out.printerdata_type)); - NDR_CHECK(ndr_pull_uint8_buf(ndr, NDR_SCALARS|NDR_BUFFERS, &r->out.printerdata)); - NDR_CHECK(ndr_pull_uint32(ndr, &r->out.data_needed)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_buffer)); + if (_ptr_buffer) { + NDR_ALLOC(ndr, r->out.buffer); + } else { + r->out.buffer = NULL; + } + if (r->out.buffer) { + NDR_CHECK(ndr_pull_DATA_BLOB(ndr, r->out.buffer)); + } + NDR_CHECK(ndr_pull_uint32(ndr, r->out.buf_size)); NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); return NT_STATUS_OK; @@ -2006,6 +2022,10 @@ void ndr_print_spoolss_DeviceMode(struct ndr_print *ndr, const char *name, struc ndr_print_uint32(ndr, "reserved2", r->reserved2); ndr_print_uint32(ndr, "panningwidth", r->panningwidth); ndr_print_uint32(ndr, "panningheight", r->panningheight); + ndr_print_ptr(ndr, "private", r->private); + ndr->depth++; + ndr_print_array_uint8(ndr, "private", r->private, r->driverextra); + ndr->depth--; ndr->depth--; } @@ -2063,12 +2083,7 @@ void ndr_print_spoolss_PrinterInfo3(struct ndr_print *ndr, const char *name, str ndr_print_struct(ndr, name, "spoolss_PrinterInfo3"); ndr->depth++; ndr_print_uint32(ndr, "flags", r->flags); - ndr_print_ptr(ndr, "secdesc", r->secdesc); - ndr->depth++; - if (r->secdesc) { - ndr_print_security_descriptor(ndr, "secdesc", r->secdesc); - } - ndr->depth--; + ndr_print_security_descriptor(ndr, "secdesc", &r->secdesc); ndr->depth--; } diff --git a/source4/librpc/ndr/ndr_spoolss.h b/source4/librpc/ndr/ndr_spoolss.h index 61aac510d9..3f156b732d 100644 --- a/source4/librpc/ndr/ndr_spoolss.h +++ b/source4/librpc/ndr/ndr_spoolss.h @@ -35,6 +35,7 @@ struct spoolss_DeviceMode { uint32 reserved2; uint32 panningwidth; uint32 panningheight; + uint8 *private; }; struct spoolss_PrinterInfo1 { @@ -70,7 +71,7 @@ struct spoolss_PrinterInfo2 { struct spoolss_PrinterInfo3 { uint32 flags; - struct security_descriptor *secdesc; + struct security_descriptor secdesc; }; struct spoolss_PrinterInfo4 { @@ -165,13 +166,13 @@ struct spoolss_EnumJobs { uint32 firstjob; uint32 numjobs; uint32 level; - struct uint8_buf *buffer; - uint32 offered; + DATA_BLOB *buffer; + uint32 *buf_size; } in; struct { - struct uint8_buf *buffer; - uint32 needed; + DATA_BLOB *buffer; + uint32 *buf_size; uint32 numjobs; NTSTATUS result; } out; @@ -893,7 +894,8 @@ struct spoolss_EnumPrinterData { struct policy_handle *handle; uint32 enum_index; uint32 value_offered; - uint32 data_offered; + DATA_BLOB *buffer; + uint32 *buf_size; } in; struct { @@ -901,8 +903,8 @@ struct spoolss_EnumPrinterData { const char *value_name; uint32 value_needed; uint32 printerdata_type; - struct uint8_buf printerdata; - uint32 data_needed; + DATA_BLOB *buffer; + uint32 *buf_size; NTSTATUS result; } out; -- cgit