From 7b40bd0a5f7adbca91ce42ae36bb4908a4515fa8 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 16 Nov 2003 06:00:15 +0000 Subject: use the "subcontext" magic flag for sec_desc_buf (This used to be commit 05ed2f6dc986111ce448123c91380f9340799ecc) --- source4/librpc/idl/lsa.idl | 6 ++++++ source4/librpc/ndr/ndr.c | 35 ++++++++++++++++++++++++++++++ source4/librpc/ndr/ndr_basic.c | 2 ++ source4/librpc/ndr/ndr_lsa.c | 37 ++++++++++++++++++++++++++++++- source4/librpc/ndr/ndr_lsa.h | 5 +++++ source4/librpc/ndr/ndr_sec.c | 49 ------------------------------------------ source4/librpc/ndr/ndr_sec.h | 16 -------------- 7 files changed, 84 insertions(+), 66 deletions(-) (limited to 'source4/librpc') diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 7209602728..3628fcb8cc 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -51,6 +51,12 @@ /******************/ /* Function: 0x03 */ + + typedef struct { + uint32 size; + [subcontext] security_descriptor *sd; + } sec_desc_buf; + NTSTATUS lsa_QuerySecObj ( [in,ref] policy_handle *handle, [in] uint32 sec_info, diff --git a/source4/librpc/ndr/ndr.c b/source4/librpc/ndr/ndr.c index 5add5112e7..cd744ab778 100644 --- a/source4/librpc/ndr/ndr.c +++ b/source4/librpc/ndr/ndr.c @@ -370,3 +370,38 @@ NTSTATUS ndr_push_error(struct ndr_push *ndr, enum ndr_err_code err, const char /* we should map to different status codes */ return NT_STATUS_INVALID_PARAMETER; } + + +/* + handle subcontext buffers, which in midl land are user-marshalled, but + we use magic in pidl to make them easier to cope with +*/ +NTSTATUS ndr_pull_subcontext_fn(struct ndr_pull *ndr, + void *base, + NTSTATUS (*fn)(struct ndr_pull *, void *)) +{ + uint32 size; + struct ndr_pull ndr2; + + NDR_CHECK(ndr_pull_uint32(ndr, &size)); + NDR_CHECK(ndr_pull_subcontext(ndr, &ndr2, size)); + NDR_CHECK(fn(&ndr2, base)); + NDR_CHECK(ndr_pull_advance(ndr, size)); + return NT_STATUS_OK; +} + + +NTSTATUS ndr_pull_subcontext_flags_fn(struct ndr_pull *ndr, + void *base, + NTSTATUS (*fn)(struct ndr_pull *, int , void *)) +{ + uint32 size; + struct ndr_pull ndr2; + + NDR_CHECK(ndr_pull_uint32(ndr, &size)); + NDR_CHECK(ndr_pull_subcontext(ndr, &ndr2, size)); + NDR_CHECK(fn(&ndr2, NDR_SCALARS|NDR_BUFFERS, base)); + NDR_CHECK(ndr_pull_advance(ndr, size)); + return NT_STATUS_OK; +} + diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c index 6239e56b3f..31e16b6812 100644 --- a/source4/librpc/ndr/ndr_basic.c +++ b/source4/librpc/ndr/ndr_basic.c @@ -510,3 +510,5 @@ void ndr_print_GUID(struct ndr_print *ndr, const char *name, struct GUID *guid) guid->info[10], guid->info[11], guid->info[12], guid->info[13], guid->info[14], guid->info[15]); } + + diff --git a/source4/librpc/ndr/ndr_lsa.c b/source4/librpc/ndr/ndr_lsa.c index 4d43ce4a94..a6bf580557 100644 --- a/source4/librpc/ndr/ndr_lsa.c +++ b/source4/librpc/ndr/ndr_lsa.c @@ -21,7 +21,7 @@ static NTSTATUS ndr_push_lsa_Name(struct ndr_push *ndr, int ndr_flags, struct ls if (!(ndr_flags & NDR_SCALARS)) goto buffers; NDR_CHECK(ndr_push_align(ndr, 4)); NDR_CHECK(ndr_push_uint16(ndr, 2*strlen_m(r->name))); - NDR_CHECK(ndr_push_uint16(ndr, 2*strlen_m(r->name))); + NDR_CHECK(ndr_push_uint16(ndr, r->name_len)); NDR_CHECK(ndr_push_ptr(ndr, r->name)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; @@ -582,6 +582,27 @@ NTSTATUS ndr_pull_lsa_EnumPrivs(struct ndr_pull *ndr, struct lsa_EnumPrivs *r) return NT_STATUS_OK; } +static NTSTATUS ndr_pull_sec_desc_buf(struct ndr_pull *ndr, int ndr_flags, struct sec_desc_buf *r) +{ + uint32 _ptr_sd; + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->size)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sd)); + if (_ptr_sd) { + NDR_ALLOC(ndr, r->sd); + } else { + r->sd = NULL; + } +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->sd) { + NDR_CHECK(ndr_pull_subcontext_fn(ndr, r->sd, (ndr_pull_fn_t) ndr_pull_security_descriptor)); + } +done: + return NT_STATUS_OK; +} + NTSTATUS ndr_pull_lsa_QuerySecObj(struct ndr_pull *ndr, struct lsa_QuerySecObj *r) { uint32 _ptr_sd; @@ -1622,6 +1643,20 @@ void ndr_print_lsa_PrivArray(struct ndr_print *ndr, const char *name, struct lsa ndr->depth--; } +void ndr_print_sec_desc_buf(struct ndr_print *ndr, const char *name, struct sec_desc_buf *r) +{ + ndr_print_struct(ndr, name, "sec_desc_buf"); + ndr->depth++; + ndr_print_uint32(ndr, "size", r->size); + ndr_print_ptr(ndr, "sd", r->sd); + ndr->depth++; + if (r->sd) { + ndr_print_security_descriptor(ndr, "sd", r->sd); + } + ndr->depth--; + ndr->depth--; +} + void ndr_print_lsa_QosInfo(struct ndr_print *ndr, const char *name, struct lsa_QosInfo *r) { ndr_print_struct(ndr, name, "lsa_QosInfo"); diff --git a/source4/librpc/ndr/ndr_lsa.h b/source4/librpc/ndr/ndr_lsa.h index 22a2451442..68d8d4c473 100644 --- a/source4/librpc/ndr/ndr_lsa.h +++ b/source4/librpc/ndr/ndr_lsa.h @@ -55,6 +55,11 @@ struct lsa_EnumPrivs { }; +struct sec_desc_buf { + uint32 size; + struct security_descriptor *sd; +}; + struct lsa_QuerySecObj { struct { struct policy_handle *handle; diff --git a/source4/librpc/ndr/ndr_sec.c b/source4/librpc/ndr/ndr_sec.c index 5e4afe31a5..06abbd355e 100644 --- a/source4/librpc/ndr/ndr_sec.c +++ b/source4/librpc/ndr/ndr_sec.c @@ -424,52 +424,3 @@ void ndr_print_security_descriptor(struct ndr_print *ndr, ndr->depth--; } - - -/* - implementation of sec_desc_buf - an encapsulated security descriptor -*/ -NTSTATUS ndr_pull_sec_desc_buf(struct ndr_pull *ndr, int ndr_flags, - struct sec_desc_buf *sdbuf) -{ - if (ndr_flags & NDR_SCALARS) { - uint32 _ptr; - NDR_CHECK(ndr_pull_uint32(ndr, &sdbuf->size)); - NDR_CHECK(ndr_pull_uint32(ndr, &_ptr)); - if (_ptr) { - NDR_ALLOC(ndr, sdbuf->sd); - } else { - sdbuf->sd = NULL; - } - } - if (ndr_flags & NDR_BUFFERS) { - if (sdbuf->sd) { - struct ndr_pull ndr2; - uint32 size; - NDR_CHECK(ndr_pull_uint32(ndr, &size)); - if (size != sdbuf->size) { - return NT_STATUS_INFO_LENGTH_MISMATCH; - } - NDR_CHECK(ndr_pull_subcontext(ndr, &ndr2, sdbuf->size)); - NDR_CHECK(ndr_pull_security_descriptor(&ndr2, sdbuf->sd)); - NDR_CHECK(ndr_pull_advance(ndr, sdbuf->size)); - } - } - return NT_STATUS_OK; -} - - -/* - print a sec_desc_buf -*/ -void ndr_print_sec_desc_buf(struct ndr_print *ndr, const char *name, - struct sec_desc_buf *sdbuf) -{ - ndr_print_struct(ndr, name, "sec_desc_buf"); - ndr->depth++; - ndr_print_uint32(ndr, "size", sdbuf->size); - ndr_print_ptr(ndr, "sd", sdbuf->sd); - if (sdbuf->sd) { - ndr_print_security_descriptor(ndr, "sd", sdbuf->sd); - } -} diff --git a/source4/librpc/ndr/ndr_sec.h b/source4/librpc/ndr/ndr_sec.h index 81a3d6a944..60408082e4 100644 --- a/source4/librpc/ndr/ndr_sec.h +++ b/source4/librpc/ndr/ndr_sec.h @@ -73,22 +73,6 @@ struct security_descriptor { }; -/* - a security descriptor encapsulated in a buffer. - It is like this IDL: - typedef struct { - uint32 size; - [size_is(size)] uint8 *buf; - } sec_desc_buf; -*/ -struct sec_desc_buf { - uint32 size; /* the sd wire size - auto-generated */ - struct security_descriptor *sd; -}; - - - - /* query security descriptor */ struct smb_query_secdesc { struct { -- cgit