source/rpcclient/display_sec.c

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 1.9.
   4    Samba utility functions
   5    Copyright (C) Andrew Tridgell 1992-1999
   6    Copyright (C) Luke Kenneth Casson Leighton 1996 - 1999
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24
  25
  26 /****************************************************************************
  27 convert a security permissions into a string
  28 ****************************************************************************/
  29 char *get_sec_mask_str(uint32 type)
  30 {
  31         static fstring typestr;
  32         int i;
  33
  34         switch (type)
  35         {
  36                 case SEC_RIGHTS_FULL_CONTROL:
  37                 {
  38                         fstrcpy(typestr, "Full Control");
  39                         return typestr;
  40                 }
  41
  42                 case SEC_RIGHTS_READ:
  43                 {
  44                         fstrcpy(typestr, "Read");
  45                         return typestr;
  46                 }
  47                 default:
  48                 {
  49                         break;
  50                 }
  51         }
  52
  53         typestr[0] = 0;
  54         for (i = 0; i < 32; i++)
  55         {
  56                 if (IS_BITS_SET_ALL(type, 1 << i))
  57                 {
  58                         switch (1 << i)
  59                         {
  60                                 case SEC_RIGHTS_QUERY_VALUE    : fstrcat(typestr, "Query " ); break;
  61                                 case SEC_RIGHTS_SET_VALUE      : fstrcat(typestr, "Set " ); break;
  62                                 case SEC_RIGHTS_CREATE_SUBKEY  : fstrcat(typestr, "Create "); break;
  63                                 case SEC_RIGHTS_ENUM_SUBKEYS   : fstrcat(typestr, "Enum "); break;
  64                                 case SEC_RIGHTS_NOTIFY         : fstrcat(typestr, "Notify "); break;
  65                                 case SEC_RIGHTS_CREATE_LINK    : fstrcat(typestr, "CreateLink "); break;
  66                                 case SEC_RIGHTS_DELETE         : fstrcat(typestr, "Delete "); break;
  67                                 case SEC_RIGHTS_READ_CONTROL   : fstrcat(typestr, "ReadControl "); break;
  68                                 case SEC_RIGHTS_WRITE_DAC      : fstrcat(typestr, "WriteDAC "); break;
  69                                 case SEC_RIGHTS_WRITE_OWNER    : fstrcat(typestr, "WriteOwner "); break;
  70                         }
  71                         type &= ~(1 << i);
  72                 }
  73         }
  74
  75         /* remaining bits get added on as-is */
  76         if (type != 0)
  77         {
  78                 fstring tmp;
  79                 slprintf(tmp, sizeof(tmp)-1, "[%08x]", type);
  80                 fstrcat(typestr, tmp);
  81         }
  82
  83         /* remove last space */
  84         i = strlen(typestr)-1;
  85         if (typestr[i] == ' ') typestr[i] = 0;
  86
  87         return typestr;
  88 }
  89
  90 /****************************************************************************
  91  display sec_access structure
  92  ****************************************************************************/
  93 void display_sec_access(FILE *out_hnd, enum action_type action, SEC_ACCESS *const info)
  94 {
  95         switch (action)
  96         {
  97                 case ACTION_HEADER:
  98                 {
  99                         break;
 100                 }
 101                 case ACTION_ENUMERATE:
 102                 {
 103                         report(out_hnd, "\t\tPermissions:\t%s\n",
 104                                 get_sec_mask_str(info->mask));
 105                 }
 106                 case ACTION_FOOTER:
 107                 {
 108                         break;
 109                 }
 110         }
 111 }
 112
 113 /****************************************************************************
 114  display sec_ace structure
 115  ****************************************************************************/
 116 void display_sec_ace(FILE *out_hnd, enum action_type action, SEC_ACE *const ace)
 117 {
 118         switch (action)
 119         {
 120                 case ACTION_HEADER:
 121                 {
 122                         report(out_hnd, "\tACE\n");
 123                         break;
 124                 }
 125                 case ACTION_ENUMERATE:
 126                 {
 127                         fstring sid_str;
 128
 129                         display_sec_access(out_hnd, ACTION_HEADER   , &ace->info);
 130                         display_sec_access(out_hnd, ACTION_ENUMERATE, &ace->info);
 131                         display_sec_access(out_hnd, ACTION_FOOTER   , &ace->info);
 132
 133                         sid_to_string(sid_str, &ace->sid);
 134                         report(out_hnd, "\t\tSID:\t%s\n", sid_str);
 135                 }
 136                 case ACTION_FOOTER:
 137                 {
 138                         break;
 139                 }
 140         }
 141 }
 142
 143 /****************************************************************************
 144  display sec_acl structure
 145  ****************************************************************************/
 146 void display_sec_acl(FILE *out_hnd, enum action_type action, SEC_ACL *const sec_acl)
 147 {
 148         if (sec_acl == NULL)
 149         {
 150                 return;
 151         }
 152         switch (action)
 153         {
 154                 case ACTION_HEADER:
 155                 {
 156                         report(out_hnd, "\tACL\tNum ACEs:\t%d\trevision:\t%x\n",
 157                                          sec_acl->num_aces, sec_acl->revision);
 158                         report(out_hnd, "\t---\n");
 159
 160                         break;
 161                 }
 162                 case ACTION_ENUMERATE:
 163                 {
 164                         if (sec_acl->size != 0 && sec_acl->num_aces != 0)
 165                         {
 166                                 int i;
 167                                 for (i = 0; i < sec_acl->num_aces; i++)
 168                                 {
 169                                         display_sec_ace(out_hnd, ACTION_HEADER   , &sec_acl->ace[i]);
 170                                         display_sec_ace(out_hnd, ACTION_ENUMERATE, &sec_acl->ace[i]);
 171                                         display_sec_ace(out_hnd, ACTION_FOOTER   , &sec_acl->ace[i]);
 172                                 }
 173                         }
 174
 175                         break;
 176                 }
 177                 case ACTION_FOOTER:
 178                 {
 179                         report(out_hnd, "\n");
 180                         break;
 181                 }
 182         }
 183 }
 184
 185 /****************************************************************************
 186  display sec_desc structure
 187  ****************************************************************************/
 188 void display_sec_desc(FILE *out_hnd, enum action_type action, SEC_DESC *const sec)
 189 {
 190         switch (action)
 191         {
 192                 case ACTION_HEADER:
 193                 {
 194                         report(out_hnd, "\tSecurity Descriptor\trevision:\t%x\ttype:\t%x\n",
 195                                          sec->revision, sec->type);
 196                         report(out_hnd, "\t-------------------\n");
 197
 198                         break;
 199                 }
 200                 case ACTION_ENUMERATE:
 201                 {
 202                         fstring sid_str;
 203
 204                         if (sec->off_sacl != 0)
 205                         {
 206                                 display_sec_acl(out_hnd, ACTION_HEADER   , sec->sacl);
 207                                 display_sec_acl(out_hnd, ACTION_ENUMERATE, sec->sacl);
 208                                 display_sec_acl(out_hnd, ACTION_FOOTER   , sec->sacl);
 209                         }
 210                         if (sec->off_dacl != 0)
 211                         {
 212                                 display_sec_acl(out_hnd, ACTION_HEADER   , sec->dacl);
 213                                 display_sec_acl(out_hnd, ACTION_ENUMERATE, sec->dacl);
 214                                 display_sec_acl(out_hnd, ACTION_FOOTER   , sec->dacl);
 215                         }
 216                         if (sec->off_owner_sid != 0)
 217                         {
 218                                 sid_to_string(sid_str, sec->owner_sid);
 219                                 report(out_hnd, "\tOwner SID:\t%s\n", sid_str);
 220                         }
 221                         if (sec->off_grp_sid != 0)
 222                         {
 223                                 sid_to_string(sid_str, sec->grp_sid);
 224                                 report(out_hnd, "\tParent SID:\t%s\n", sid_str);
 225                         }
 226
 227                         break;
 228                 }
 229                 case ACTION_FOOTER:
 230                 {
 231                         report(out_hnd, "\n");
 232                         break;
 233                 }
 234         }
 235 }
 236