2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 NTSTATUS
ndr_push_dom_sid(struct ndr_push
*ndr
, int ndr_flags
, const struct dom_sid
*r
)
26 uint32_t cntr_sub_auths_0
;
27 if (ndr_flags
& NDR_SCALARS
) {
28 NDR_CHECK(ndr_push_align(ndr
, 4));
29 NDR_CHECK(ndr_push_uint8(ndr
, NDR_SCALARS
, r
->sid_rev_num
));
30 NDR_CHECK(ndr_push_int8(ndr
, NDR_SCALARS
, r
->num_auths
));
31 NDR_CHECK(ndr_push_array_uint8(ndr
, NDR_SCALARS
, r
->id_auth
, 6));
32 for (cntr_sub_auths_0
= 0; cntr_sub_auths_0
< r
->num_auths
; cntr_sub_auths_0
++) {
33 NDR_CHECK(ndr_push_uint32(ndr
, NDR_SCALARS
, r
->sub_auths
[cntr_sub_auths_0
]));
36 if (ndr_flags
& NDR_BUFFERS
) {
41 NTSTATUS
ndr_pull_dom_sid(struct ndr_pull
*ndr
, int ndr_flags
, struct dom_sid
*r
)
43 uint32_t cntr_sub_auths_0
;
44 if (ndr_flags
& NDR_SCALARS
) {
45 NDR_CHECK(ndr_pull_align(ndr
, 4));
46 NDR_CHECK(ndr_pull_uint8(ndr
, NDR_SCALARS
, &r
->sid_rev_num
));
47 NDR_CHECK(ndr_pull_uint8(ndr
, NDR_SCALARS
, &r
->num_auths
));
48 if (r
->num_auths
> 15) {
49 return ndr_pull_error(ndr
, NDR_ERR_RANGE
, "value out of range");
51 NDR_CHECK(ndr_pull_array_uint8(ndr
, NDR_SCALARS
, r
->id_auth
, 6));
52 for (cntr_sub_auths_0
= 0; cntr_sub_auths_0
< r
->num_auths
; cntr_sub_auths_0
++) {
53 NDR_CHECK(ndr_pull_uint32(ndr
, NDR_SCALARS
, &r
->sub_auths
[cntr_sub_auths_0
]));
56 if (ndr_flags
& NDR_BUFFERS
) {
62 convert a dom_sid to a string
64 char *dom_sid_string(TALLOC_CTX
*mem_ctx
, const struct dom_sid
*sid
)
71 return talloc_strdup(mem_ctx
, "(NULL SID)");
74 maxlen
= sid
->num_auths
* 11 + 25;
75 ret
= (char *)talloc_size(mem_ctx
, maxlen
);
76 if (!ret
) return talloc_strdup(mem_ctx
, "(SID ERR)");
78 ia
= (sid
->id_auth
[5]) +
79 (sid
->id_auth
[4] << 8 ) +
80 (sid
->id_auth
[3] << 16) +
81 (sid
->id_auth
[2] << 24);
83 ofs
= snprintf(ret
, maxlen
, "S-%u-%lu",
84 (unsigned int)sid
->sid_rev_num
, (unsigned long)ia
);
86 for (i
= 0; i
< sid
->num_auths
; i
++) {
87 ofs
+= snprintf(ret
+ ofs
, maxlen
- ofs
, "-%lu", (unsigned long)sid
->sub_auths
[i
]);
94 parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
96 NTSTATUS
ndr_pull_dom_sid2(struct ndr_pull
*ndr
, int ndr_flags
, struct dom_sid
*sid
)
99 if (!(ndr_flags
& NDR_SCALARS
)) {
102 NDR_CHECK(ndr_pull_uint32(ndr
, NDR_SCALARS
, &num_auths
));
103 NDR_CHECK(ndr_pull_dom_sid(ndr
, ndr_flags
, sid
));
104 if (sid
->num_auths
!= num_auths
) {
105 return ndr_pull_error(ndr
, NDR_ERR_ARRAY_SIZE
,
106 "Bad array size %u should exceed %u",
107 num_auths
, sid
->num_auths
);
113 parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
115 NTSTATUS
ndr_push_dom_sid2(struct ndr_push
*ndr
, int ndr_flags
, const struct dom_sid
*sid
)
117 if (!(ndr_flags
& NDR_SCALARS
)) {
120 NDR_CHECK(ndr_push_uint32(ndr
, NDR_SCALARS
, sid
->num_auths
));
121 return ndr_push_dom_sid(ndr
, ndr_flags
, sid
);
125 parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth
127 NTSTATUS
ndr_pull_dom_sid28(struct ndr_pull
*ndr
, int ndr_flags
, struct dom_sid
*sid
)
130 struct ndr_pull
*subndr
;
132 if (!(ndr_flags
& NDR_SCALARS
)) {
136 subndr
= talloc_zero(ndr
, struct ndr_pull
);
137 NT_STATUS_HAVE_NO_MEMORY(subndr
);
138 subndr
->flags
= ndr
->flags
;
139 subndr
->current_mem_ctx
= ndr
->current_mem_ctx
;
141 subndr
->data
= ndr
->data
+ ndr
->offset
;
142 subndr
->data_size
= 28;
145 NDR_CHECK(ndr_pull_advance(ndr
, 28));
147 status
= ndr_pull_dom_sid(subndr
, ndr_flags
, sid
);
148 if (!NT_STATUS_IS_OK(status
)) {
149 /* handle a w2k bug which send random data in the buffer */
157 push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer
159 NTSTATUS
ndr_push_dom_sid28(struct ndr_push
*ndr
, int ndr_flags
, const struct dom_sid
*sid
)
164 if (!(ndr_flags
& NDR_SCALARS
)) {
168 if (sid
->num_auths
> 5) {
169 return ndr_push_error(ndr
, NDR_ERR_RANGE
,
170 "dom_sid28 allows only upto 5 sub auth [%u]",
174 old_offset
= ndr
->offset
;
175 NDR_CHECK(ndr_push_dom_sid(ndr
, ndr_flags
, sid
));
177 padding
= 28 - (ndr
->offset
- old_offset
);
180 NDR_CHECK(ndr_push_zero(ndr
, padding
));
186 NTSTATUS
ndr_push_sec_desc_buf(struct ndr_push
*ndr
, int ndr_flags
, const struct sec_desc_buf
*r
)
188 if (ndr_flags
& NDR_SCALARS
) {
189 NDR_CHECK(ndr_push_align(ndr
, 4));
190 NDR_CHECK(ndr_push_uint32(ndr
, NDR_SCALARS
, ndr_size_security_descriptor(r
->sd
,ndr
->flags
)));
191 NDR_CHECK(ndr_push_unique_ptr(ndr
, r
->sd
));
193 if (ndr_flags
& NDR_BUFFERS
) {
196 struct ndr_push
*_ndr_sd
;
197 NDR_CHECK(ndr_push_subcontext_start(ndr
, &_ndr_sd
, 4, -1));
198 NDR_CHECK(ndr_push_security_descriptor(_ndr_sd
, NDR_SCALARS
|NDR_BUFFERS
, r
->sd
));
199 NDR_CHECK(ndr_push_subcontext_end(ndr
, _ndr_sd
, 4, -1));
206 NTSTATUS
ndr_pull_sec_desc_buf(struct ndr_pull
*ndr
, int ndr_flags
, struct sec_desc_buf
*r
)
209 TALLOC_CTX
*_mem_save_sd_0
;
210 if (ndr_flags
& NDR_SCALARS
) {
211 NDR_CHECK(ndr_pull_align(ndr
, 4));
212 NDR_CHECK(ndr_pull_uint32(ndr
, NDR_SCALARS
, &r
->sd_size
));
213 if (r
->sd_size
> 0x40000) { /* sd_size is unsigned */
214 return ndr_pull_error(ndr
, NDR_ERR_RANGE
, "value out of range");
216 NDR_CHECK(ndr_pull_generic_ptr(ndr
, &_ptr_sd
));
218 NDR_PULL_ALLOC(ndr
, r
->sd
);
223 if (ndr_flags
& NDR_BUFFERS
) {
225 _mem_save_sd_0
= NDR_PULL_GET_MEM_CTX(ndr
);
226 NDR_PULL_SET_MEM_CTX(ndr
, r
->sd
, 0);
228 struct ndr_pull
*_ndr_sd
;
229 NDR_CHECK(ndr_pull_subcontext_start(ndr
, &_ndr_sd
, 4, -1));
230 NDR_CHECK(ndr_pull_security_descriptor(_ndr_sd
, NDR_SCALARS
|NDR_BUFFERS
, r
->sd
));
231 NDR_CHECK(ndr_pull_subcontext_end(ndr
, _ndr_sd
, 4, -1));
233 NDR_PULL_SET_MEM_CTX(ndr
, _mem_save_sd_0
, 0);
239 void ndr_print_sec_desc_buf(struct ndr_print
*ndr
, const char *name
, const struct sec_desc_buf
*r
)
241 ndr_print_struct(ndr
, name
, "sec_desc_buf");
243 ndr_print_uint32(ndr
, "sd_size", (ndr
->flags
& LIBNDR_PRINT_SET_VALUES
)?ndr_size_security_descriptor(r
->sd
,ndr
->flags
):r
->sd_size
);
244 ndr_print_ptr(ndr
, "sd", r
->sd
);
247 ndr_print_security_descriptor(ndr
, "sd", r
->sd
);