Context Navigation

smb_deps.c @ 84

Last change on this file since 84 was 84, checked in by tim, 17 years ago

rearranged structure contents to reduce fragmentation on 64 bit systems.

make regfi interface return const structures to help enforce separation

removed a little cruft from some parsing functions

Property svn:keywords set to Id

File size: 29.1 KB

Line
1	/*
2	* This file contains miscellaneous pieces of code which regfio.c
3	* depends upon, from the Samba Subversion tree. See:
4	* http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/source/
5	*
6	* Copyright (C) 2005-2006 Timothy D. Morgan
7	* Copyright (C) 1992-2005 Samba development team
8	* (see individual files under Subversion for details.)
9	*
10	* This program is free software; you can redistribute it and/or modify
11	* it under the terms of the GNU General Public License as published by
12	* the Free Software Foundation; version 2 of the License.
13	*
14	* This program is distributed in the hope that it will be useful,
15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17	* GNU General Public License for more details.
18	*
19	* You should have received a copy of the GNU General Public License
20	* along with this program; if not, write to the Free Software
21	* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22	*
23	* $Id: smb_deps.c 84 2007-01-19 14:52:25Z tim $
24	*/
25
26	#include "../include/smb_deps.h"
27
28
29	/* These act as replacements for numerous Samba memory allocation
30	* functions.
31	*/
32	void* zalloc(size_t size)
33	{
34	void* ret_val = NULL;
35	if((ret_val = (void*)malloc(size)) != NULL)
36	memset(ret_val, 0, size);
37	return ret_val;
38	}
39
40	void* zcalloc(size_t size, unsigned int count)
41	{
42	return zalloc(size*count);
43	}
44
45	/* From lib/time.c */
46
47	/****************************************************************************
48	Put a 8 byte filetime from a time_t
49	This takes real GMT as input and converts to kludge-GMT
50	****************************************************************************/
51	void unix_to_nt_time(NTTIME *nt, time_t t)
52	{
53	double d;
54
55	if (t==0)
56	{
57	nt->low = 0;
58	nt->high = 0;
59	return;
60	}
61
62	if (t == TIME_T_MAX)
63	{
64	nt->low = 0xffffffff;
65	nt->high = 0x7fffffff;
66	return;
67	}
68
69	if (t == -1)
70	{
71	nt->low = 0xffffffff;
72	nt->high = 0xffffffff;
73	return;
74	}
75
76	/* this converts GMT to kludge-GMT */
77	/* XXX: This was removed due to difficult dependency requirements.
78	* So far, times appear to be correct without this adjustment, but
79	* that may be proven wrong with adequate testing.
80	*/
81	/* t -= TimeDiff(t) - get_serverzone(); */
82
83	d = (double)(t);
84	d += TIME_FIXUP_CONSTANT;
85	d *= 1.0e7;
86
87	nt->high = (uint32)(d * (1.0/(4.0*(double)(1<<30))));
88	nt->low = (uint32)(d - ((double)nt->high)4.0(double)(1<<30));
89	}
90
91
92	/****************************************************************************
93	Interpret an 8 byte "filetime" structure to a time_t
94	It's originally in "100ns units since jan 1st 1601"
95
96	An 8 byte value of 0xffffffffffffffff will be returned as (time_t)0.
97
98	It appears to be kludge-GMT (at least for file listings). This means
99	its the GMT you get by taking a localtime and adding the
100	serverzone. This is NOT the same as GMT in some cases. This routine
101	converts this to real GMT.
102	****************************************************************************/
103	time_t nt_time_to_unix(const NTTIME* nt)
104	{
105	double d;
106	time_t ret;
107	/* The next two lines are a fix needed for the
108	broken SCO compiler. JRA. */
109	time_t l_time_min = TIME_T_MIN;
110	time_t l_time_max = TIME_T_MAX;
111
112	if (nt->high == 0 \|\| (nt->high == 0xffffffff && nt->low == 0xffffffff))
113	return(0);
114
115	d = ((double)nt->high)4.0(double)(1<<30);
116	d += (nt->low&0xFFF00000);
117	d *= 1.0e-7;
118
119	/* now adjust by 369 years to make the secs since 1970 */
120	d -= TIME_FIXUP_CONSTANT;
121
122	if (d <= l_time_min)
123	return (l_time_min);
124
125	if (d >= l_time_max)
126	return (l_time_max);
127
128	ret = (time_t)(d+0.5);
129
130	/* this takes us from kludge-GMT to real GMT */
131	/* XXX: This was removed due to difficult dependency requirements.
132	* So far, times appear to be correct without this adjustment, but
133	* that may be proven wrong with adequate testing.
134	*/
135	/*
136	ret -= get_serverzone();
137	ret += LocTimeDiff(ret);
138	*/
139
140	return(ret);
141	}
142
143	/* End of stuff from lib/time.c */
144
145	/* From parse_prs.c */
146
147	/*******************************************************************
148	Attempt, if needed, to grow a data buffer.
149	Also depends on the data stream mode (io).
150	********************************************************************/
151	bool prs_grow(prs_struct *ps, uint32 extra_space)
152	{
153	uint32 new_size;
154	char *new_data;
155
156	ps->grow_size = MAX(ps->grow_size, ps->data_offset + extra_space);
157
158	if(ps->data_offset + extra_space <= ps->buffer_size)
159	return true;
160
161	/*
162	* We cannot grow the buffer if we're not reading
163	* into the prs_struct, or if we don't own the memory.
164	*/
165
166	if(ps->io \|\| !ps->is_dynamic)
167	return false;
168
169	/*
170	* Decide how much extra space we really need.
171	*/
172	extra_space -= (ps->buffer_size - ps->data_offset);
173	if(ps->buffer_size == 0)
174	{
175	/*
176	* Ensure we have at least a PDU's length, or extra_space,
177	* whichever is greater.
178	*/
179	new_size = MAX(MAX_PDU_FRAG_LEN,extra_space);
180
181	if((new_data = zalloc(new_size)) == NULL)
182	return false;
183	}
184	else
185	{
186	/*
187	* If the current buffer size is bigger than the space needed, just
188	* double it, else add extra_space.
189	*/
190	new_size = MAX(ps->buffer_size*2, ps->buffer_size + extra_space);
191
192	if ((new_data = (char*)realloc(ps->data_p, new_size)) == NULL)
193	return false;
194
195	memset(&new_data[ps->buffer_size], '\0',
196	(size_t)(new_size - ps->buffer_size));
197	}
198	ps->buffer_size = new_size;
199	ps->data_p = new_data;
200
201	return true;
202	}
203
204
205	/*******************************************************************
206	Align a the data_len to a multiple of align bytes - filling with
207	zeros.
208	********************************************************************/
209	bool prs_align(prs_struct *ps)
210	{
211	uint32 mod = ps->data_offset & (ps->align-1);
212
213	if (ps->align != 0 && mod != 0)
214	{
215	uint32 extra_space = (ps->align - mod);
216	if(!prs_grow(ps, extra_space))
217	return false;
218	memset(&ps->data_p[ps->data_offset], '\0', (size_t)extra_space);
219	ps->data_offset += extra_space;
220	}
221
222	return true;
223	}
224
225
226	/**
227	* Initialise an expandable parse structure.
228	*
229	* @param size Initial buffer size. If >0, a new buffer will be
230	* created with malloc().
231	*
232	* @return false if allocation fails, otherwise true.
233	**/
234
235	bool prs_init(prs_struct ps, uint32 size, void ctx, bool io)
236	{
237	if(ps == NULL)
238	return false;
239	memset(ps, 0, sizeof(prs_struct));
240
241	ps->io = io;
242	ps->bigendian_data = RPC_LITTLE_ENDIAN;
243	ps->align = RPC_PARSE_ALIGN;
244	ps->is_dynamic = false;
245	ps->data_offset = 0;
246	ps->buffer_size = 0;
247	ps->data_p = NULL;
248	ps->mem_ctx = ctx;
249
250	if (size != 0)
251	{
252	ps->buffer_size = size;
253	if((ps->data_p = (char *)zalloc((size_t)size)) == NULL)
254	return false;
255
256	ps->is_dynamic = true; /* We own this memory. */
257	}
258
259	return true;
260	}
261
262
263	char prs_mem_get(prs_struct ps, uint32 extra_size)
264	{
265	if(ps->io)
266	{
267	/*
268	* If reading, ensure that we can read the requested size item.
269	*/
270	if (ps->data_offset + extra_size > ps->buffer_size)
271	return NULL;
272	}
273	else
274	{
275	/*
276	* Writing - grow the buffer if needed.
277	*/
278	if(!prs_grow(ps, extra_size))
279	return NULL;
280	}
281
282	return &ps->data_p[ps->data_offset];
283	}
284
285
286	/*******************************************************************
287	Stream a uint32.
288	********************************************************************/
289	bool prs_uint32(const char name, prs_struct ps, int depth, uint32 *data32)
290	{
291	char *q = prs_mem_get(ps, sizeof(uint32));
292	if (q == NULL)
293	return false;
294
295	if (ps->io)
296	{
297	if (ps->bigendian_data)
298	*data32 = RIVAL(q,0);
299	else
300	*data32 = IVAL(q,0);
301	}
302	else
303	{
304	if (ps->bigendian_data)
305	RSIVAL(q,0,*data32);
306	else
307	SIVAL(q,0,*data32);
308	}
309	ps->data_offset += sizeof(uint32);
310
311	return true;
312	}
313
314
315	/******************************************************************
316	Stream an array of uint32s. Length is number of uint32s.
317	********************************************************************/
318	bool prs_uint32s(const char name, prs_struct ps,
319	int depth, uint32 *data32s, int len)
320	{
321	int i;
322	char q = prs_mem_get(ps, len sizeof(uint32));
323	if (q == NULL)
324	return false;
325
326	if (ps->io)
327	{
328	if (ps->bigendian_data)
329	{
330	for (i = 0; i < len; i++)
331	data32s[i] = RIVAL(q, 4*i);
332	}
333	else
334	{
335	for (i = 0; i < len; i++)
336	data32s[i] = IVAL(q, 4*i);
337	}
338	}
339	else
340	{
341	if (ps->bigendian_data)
342	{
343	for (i = 0; i < len; i++)
344	RSIVAL(q, 4*i, data32s[i]);
345	}
346	else
347	{
348	for (i = 0; i < len; i++)
349	SIVAL(q, 4*i, data32s[i]);
350	}
351	}
352	ps->data_offset += (len * sizeof(uint32));
353
354	return true;
355	}
356
357
358	/*******************************************************************
359	Stream a uint16.
360	********************************************************************/
361	bool prs_uint16(const char name, prs_struct ps, int depth, uint16 *data16)
362	{
363	char *q = prs_mem_get(ps, sizeof(uint16));
364	if (q == NULL)
365	return false;
366
367	if (ps->io)
368	{
369	if (ps->bigendian_data)
370	*data16 = RSVAL(q,0);
371	else
372	*data16 = SVAL(q,0);
373	}
374	else
375	{
376	if (ps->bigendian_data)
377	RSSVAL(q,0,*data16);
378	else
379	SSVAL(q,0,*data16);
380	}
381	ps->data_offset += sizeof(uint16);
382
383	return true;
384	}
385
386
387	/*******************************************************************
388	prs_uint16 wrapper. Call this and it sets up a pointer to where the
389	uint16 should be stored, or gets the size if reading.
390	********************************************************************/
391	bool prs_uint16_pre(const char name, prs_struct ps, int depth,
392	uint16 data16, uint32 offset)
393	{
394	*offset = ps->data_offset;
395	if (ps->io)
396	{
397	/* reading. */
398	return prs_uint16(name, ps, depth, data16);
399	}
400	else
401	{
402	char *q = prs_mem_get(ps, sizeof(uint16));
403	if(q ==NULL)
404	return false;
405	ps->data_offset += sizeof(uint16);
406	}
407	return true;
408	}
409
410
411	/*******************************************************************
412	prs_uint16 wrapper. call this and it retrospectively stores the size.
413	does nothing on reading, as that is already handled by ...._pre()
414	********************************************************************/
415	bool prs_uint16_post(const char name, prs_struct ps, int depth,
416	uint16 *data16, uint32 ptr_uint16, uint32 start_offset)
417	{
418	if (!ps->io)
419	{
420	/*
421	* Writing - temporarily move the offset pointer.
422	*/
423	uint16 data_size = ps->data_offset - start_offset;
424	uint32 old_offset = ps->data_offset;
425
426	ps->data_offset = ptr_uint16;
427	if(!prs_uint16(name, ps, depth, &data_size))
428	{
429	ps->data_offset = old_offset;
430	return false;
431	}
432	ps->data_offset = old_offset;
433	}
434	else
435	ps->data_offset = start_offset + (uint32)(*data16);
436
437	return true;
438	}
439
440
441	/*******************************************************************
442	Stream a uint8.
443	********************************************************************/
444	bool prs_uint8(const char name, prs_struct ps, int depth, uint8 *data8)
445	{
446	char *q = prs_mem_get(ps, 1);
447	if (q == NULL)
448	return false;
449
450	if (ps->io)
451	*data8 = CVAL(q,0);
452	else
453	SCVAL(q,0,*data8);
454
455	ps->data_offset += 1;
456
457	return true;
458	}
459
460
461	/******************************************************************
462	Stream an array of uint8s. Length is number of uint8s.
463	********************************************************************/
464	bool prs_uint8s(const char name, prs_struct ps, int depth,
465	uint8* data8s, int len)
466	{
467	int i;
468	char *q = prs_mem_get(ps, len);
469	if (q == NULL)
470	return false;
471
472	if (ps->io)
473	{
474	for (i = 0; i < len; i++)
475	data8s[i] = CVAL(q,i);
476	}
477	else
478	{
479	for (i = 0; i < len; i++)
480	SCVAL(q, i, data8s[i]);
481	}
482
483	ps->data_offset += len;
484
485	return true;
486	}
487
488
489	/*******************************************************************
490	Set the current offset (external interface).
491	********************************************************************/
492	bool prs_set_offset(prs_struct *ps, uint32 offset)
493	{
494	if(offset <= ps->data_offset)
495	{
496	ps->data_offset = offset;
497	return true;
498	}
499
500	if(!prs_grow(ps, offset - ps->data_offset))
501	return false;
502
503	ps->data_offset = offset;
504	return true;
505	}
506
507	/* End of stuff from parse_prs.c */
508
509	/* From rpc_parse/parse_misc.c */
510
511	/*******************************************************************
512	Reads or writes a struct uuid
513	********************************************************************/
514	bool smb_io_uuid(const char desc, struct uuid uuid,
515	prs_struct *ps, int depth)
516	{
517	if (uuid == NULL)
518	return false;
519	depth++;
520
521	if(!prs_uint32 ("data ", ps, depth, &uuid->time_low))
522	return false;
523	if(!prs_uint16 ("data ", ps, depth, &uuid->time_mid))
524	return false;
525	if(!prs_uint16 ("data ", ps, depth, &uuid->time_hi_and_version))
526	return false;
527
528	if(!prs_uint8s ("data ", ps, depth,
529	uuid->clock_seq, sizeof(uuid->clock_seq)))
530	return false;
531
532	if(!prs_uint8s ("data ", ps, depth, uuid->node, sizeof(uuid->node)))
533	return false;
534
535	return true;
536	}
537
538
539	/*******************************************************************
540	Reads or writes an NTTIME structure.
541	********************************************************************/
542	bool smb_io_time(const char desc, NTTIME nttime, prs_struct *ps, int depth)
543	{
544	if (nttime == NULL)
545	return false;
546	depth++;
547
548	if(!prs_align(ps))
549	return false;
550
551	if(!prs_uint32("low ", ps, depth, &nttime->low)) /* low part */
552	return false;
553	if(!prs_uint32("high", ps, depth, &nttime->high)) /* high part */
554	return false;
555
556	return true;
557	}
558
559
560	/*******************************************************************
561	Reads or writes a DOM_SID structure.
562	********************************************************************/
563	bool smb_io_dom_sid(const char desc, DOM_SID sid, prs_struct *ps, int depth)
564	{
565	int i;
566
567	if (sid == NULL)
568	return false;
569	depth++;
570
571	if(!prs_uint8 ("sid_rev_num", ps, depth, &sid->sid_rev_num))
572	return false;
573
574	if(!prs_uint8 ("num_auths ", ps, depth, &sid->num_auths))
575	return false;
576
577	for (i = 0; i < 6; i++)
578	{
579	fstring tmp;
580	snprintf(tmp, sizeof(tmp) - 1, "id_auth[%d] ", i);
581	if(!prs_uint8 (tmp, ps, depth, &sid->id_auth[i]))
582	return false;
583	}
584
585	/* oops! XXXX should really issue a warning here... */
586	if (sid->num_auths > MAXSUBAUTHS)
587	sid->num_auths = MAXSUBAUTHS;
588
589	if(!prs_uint32s("sub_auths ", ps, depth,
590	sid->sub_auths, sid->num_auths))
591	{ return false; }
592
593	return true;
594	}
595
596	/* End of stuff from rpc_parse/parse_misc.c */
597
598	/* From lib/util_sid.c */
599
600	/*****************************************************************
601	Calculates size of a sid.
602	*****************************************************************/
603	size_t sid_size(const DOM_SID *sid)
604	{
605	if (sid == NULL)
606	return 0;
607
608	return sid->num_auths * sizeof(uint32) + 8;
609	}
610
611
612	/*****************************************************************
613	Compare the auth portion of two sids.
614	*****************************************************************/
615	int sid_compare_auth(const DOM_SID sid1, const DOM_SID sid2)
616	{
617	int i;
618
619	if (sid1 == sid2)
620	return 0;
621	if (!sid1)
622	return -1;
623	if (!sid2)
624	return 1;
625
626	if (sid1->sid_rev_num != sid2->sid_rev_num)
627	return sid1->sid_rev_num - sid2->sid_rev_num;
628
629	for (i = 0; i < 6; i++)
630	if (sid1->id_auth[i] != sid2->id_auth[i])
631	return sid1->id_auth[i] - sid2->id_auth[i];
632
633	return 0;
634	}
635
636
637	/*****************************************************************
638	Compare two sids.
639	*****************************************************************/
640	int sid_compare(const DOM_SID sid1, const DOM_SID sid2)
641	{
642	int i;
643
644	if (sid1 == sid2)
645	return 0;
646	if (!sid1)
647	return -1;
648	if (!sid2)
649	return 1;
650
651	/* Compare most likely different rids, first: i.e start at end */
652	if (sid1->num_auths != sid2->num_auths)
653	return sid1->num_auths - sid2->num_auths;
654
655	for (i = sid1->num_auths-1; i >= 0; --i)
656	if (sid1->sub_auths[i] != sid2->sub_auths[i])
657	return sid1->sub_auths[i] - sid2->sub_auths[i];
658
659	return sid_compare_auth(sid1, sid2);
660	}
661
662
663	/*****************************************************************
664	Compare two sids.
665	*****************************************************************/
666	bool sid_equal(const DOM_SID sid1, const DOM_SID sid2)
667	{
668	return sid_compare(sid1, sid2) == 0;
669	}
670
671	/* End of stuff from lib/util_sid.c */
672
673	/* From lib/secace.c */
674
675	/*******************************************************************
676	Check if ACE has OBJECT type.
677	********************************************************************/
678
679	bool sec_ace_object(uint8 type)
680	{
681	if (type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT \|\|
682	type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT \|\|
683	type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT \|\|
684	type == SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT) {
685	return true;
686	}
687	return false;
688	}
689
690	/* End of stuff from lib/secace.c */
691
692	/* From rpc_parse/parse_sec.c */
693
694	/*******************************************************************
695	Reads or writes a SEC_ACCESS structure.
696	********************************************************************/
697	bool sec_io_access(const char desc, SEC_ACCESS t, prs_struct *ps, int depth)
698	{
699	if (t == NULL)
700	return false;
701
702	depth++;
703
704	if(!prs_uint32("mask", ps, depth, &t->mask))
705	return false;
706
707	return true;
708	}
709
710
711	/*******************************************************************
712	Reads or writes a SEC_ACE structure.
713	********************************************************************/
714	bool sec_io_ace(const char desc, SEC_ACE psa, prs_struct *ps, int depth)
715	{
716	uint32 old_offset;
717	uint32 offset_ace_size;
718
719	if (psa == NULL)
720	return false;
721
722	depth++;
723
724	old_offset = ps->data_offset;
725
726	if(!prs_uint8("type ", ps, depth, &psa->type))
727	return false;
728
729	if(!prs_uint8("flags", ps, depth, &psa->flags))
730	return false;
731
732	if(!prs_uint16_pre("size ", ps, depth, &psa->size, &offset_ace_size))
733	return false;
734
735	if(!sec_io_access("info ", &psa->info, ps, depth))
736	return false;
737
738	/* check whether object access is present */
739	if (!sec_ace_object(psa->type))
740	{
741	if (!smb_io_dom_sid("trustee ", &psa->trustee , ps, depth))
742	return false;
743	}
744	else
745	{
746	if (!prs_uint32("obj_flags", ps, depth, &psa->obj_flags))
747	return false;
748
749	if (psa->obj_flags & SEC_ACE_OBJECT_PRESENT)
750	if (!smb_io_uuid("obj_guid", &psa->obj_guid, ps,depth))
751	return false;
752
753	if (psa->obj_flags & SEC_ACE_OBJECT_INHERITED_PRESENT)
754	if (!smb_io_uuid("inh_guid", &psa->inh_guid, ps,depth))
755	return false;
756
757	if(!smb_io_dom_sid("trustee ", &psa->trustee , ps, depth))
758	return false;
759	}
760
761	/* Theorectically an ACE can have a size greater than the
762	* sum of its components. When marshalling, pad with extra null bytes
763	* up to the
764	* correct size.
765	*/
766	if (!ps->io && (psa->size > ps->data_offset - old_offset))
767	{
768	uint32 extra_len = psa->size - (ps->data_offset - old_offset);
769	uint32 i;
770	uint8 c = 0;
771
772	for (i = 0; i < extra_len; i++)
773	{
774	if (!prs_uint8("ace extra space", ps, depth, &c))
775	return false;
776	}
777	}
778
779	if(!prs_uint16_post("size ", ps, depth, &psa->size,
780	offset_ace_size, old_offset))
781	{ return false; }
782
783	return true;
784	}
785
786
787	/*******************************************************************
788	Reads or writes a SEC_ACL structure.
789
790	First of the xx_io_xx functions that allocates its data structures
791	for you as it reads them.
792	********************************************************************/
793	bool sec_io_acl(const char desc, SEC_ACL ppsa, prs_struct ps, int depth)
794	{
795	unsigned int i;
796	uint32 old_offset;
797	uint32 offset_acl_size;
798	SEC_ACL* psa;
799
800	/*
801	* Note that the size is always a multiple of 4 bytes due to the
802	* nature of the data structure. Therefore the prs_align() calls
803	* have been removed as they through us off when doing two-layer
804	* marshalling such as in the printing code (RPC_BUFFER). --jerry
805	*/
806
807	if (ppsa == NULL \|\| ps == NULL)
808	return false;
809
810	psa = *ppsa;
811
812	if(ps->io && psa == NULL)
813	{
814	/*
815	* This is a read and we must allocate the stuct to read into.
816	*/
817	if((psa = (SEC_ACL*)zalloc(sizeof(SEC_ACL))) == NULL)
818	return false;
819	*ppsa = psa;
820	}
821
822	depth++;
823	old_offset = ps->data_offset;
824
825	if(!prs_uint16("revision", ps, depth, &psa->revision)
826	\|\| !prs_uint16_pre("size ", ps, depth, &psa->size, &offset_acl_size)
827	\|\| !prs_uint32("num_aces ", ps, depth, &psa->num_aces))
828	{
829	free(psa);
830	*ppsa = NULL;
831	return false;
832	}
833
834	if (ps->io)
835	{
836	/*
837	* Even if the num_aces is zero, allocate memory as there's a difference
838	* between a non-present DACL (allow all access) and a DACL with no ACE's
839	* (allow no access).
840	*/
841	if((psa->ace = (SEC_ACE*)zcalloc(sizeof(SEC_ACE), psa->num_aces+1)) == NULL)
842	{
843	free(psa);
844	*ppsa = NULL;
845	return false;
846	}
847	}
848
849	for (i = 0; i < psa->num_aces; i++)
850	{
851	fstring tmp;
852	snprintf(tmp, sizeof(tmp)-1, "ace_list[%02d]: ", i);
853	if(!sec_io_ace(tmp, &psa->ace[i], ps, depth))
854	{
855	free(psa);
856	*ppsa = NULL;
857	return false;
858	}
859	}
860
861	/* Theoretically an ACL can have a size greater than the
862	* sum of its components. When marshalling, pad with extra null
863	* bytes up to the
864	* correct size.
865	*/
866	if (!ps->io && (psa->size > ps->data_offset - old_offset))
867	{
868	uint32 extra_len = psa->size - (ps->data_offset - old_offset);
869	uint8 c = 0;
870
871	for (i = 0; i < extra_len; i++)
872	{
873	if (!prs_uint8("acl extra space", ps, depth, &c))
874	{
875	free(psa);
876	*ppsa = NULL;
877	return false;
878	}
879	}
880	}
881
882	if(!prs_uint16_post("size ", ps, depth, &psa->size,
883	offset_acl_size, old_offset))
884	{
885	free(psa);
886	*ppsa = NULL;
887	return false;
888	}
889
890	return true;
891	}
892
893
894	/*******************************************************************
895	Reads or writes a SEC_DESC structure.
896	If reading and the *ppsd = NULL, allocates the structure.
897	********************************************************************/
898	bool sec_io_desc(const char desc, SEC_DESC ppsd, prs_struct ps, int depth)
899	{
900	uint32 old_offset;
901	uint32 max_offset = 0; /* after we're done, move offset to end */
902	uint32 tmp_offset = 0;
903
904	SEC_DESC *psd;
905
906	if (ppsd == NULL \|\| ps == NULL)
907	return false;
908
909	psd = *ppsd;
910	if (psd == NULL)
911	{
912	if(ps->io)
913	{
914	if((psd = (SEC_DESC*)zalloc(sizeof(SEC_DESC))) == NULL)
915	return false;
916	*ppsd = psd;
917	}
918	else
919	{
920	/* Marshalling - just ignore. */
921	return true;
922	}
923	}
924
925	depth++;
926
927	/* start of security descriptor stored for back-calc offset purposes */
928	old_offset = ps->data_offset;
929
930	if(!prs_uint16("revision ", ps, depth, &psd->revision)
931	\|\| !prs_uint16("type ", ps, depth, &psd->type))
932	{
933	free(psd);
934	*ppsd = NULL;
935	return false;
936	}
937
938	if (!ps->io)
939	{
940	uint32 offset = SEC_DESC_HEADER_SIZE;
941
942	/*
943	* Work out the offsets here, as we write it out.
944	*/
945
946	if (psd->sacl != NULL)
947	{
948	psd->off_sacl = offset;
949	offset += psd->sacl->size;
950	}
951	else
952	psd->off_sacl = 0;
953
954	if (psd->dacl != NULL)
955	{
956	psd->off_dacl = offset;
957	offset += psd->dacl->size;
958	}
959	else
960	psd->off_dacl = 0;
961
962	if (psd->owner_sid != NULL)
963	{
964	psd->off_owner_sid = offset;
965	offset += sid_size(psd->owner_sid);
966	}
967	else
968	psd->off_owner_sid = 0;
969
970	if (psd->grp_sid != NULL)
971	{
972	psd->off_grp_sid = offset;
973	offset += sid_size(psd->grp_sid);
974	}
975	else
976	psd->off_grp_sid = 0;
977	}
978
979	if(!prs_uint32("off_owner_sid", ps, depth, &psd->off_owner_sid)
980	\|\| !prs_uint32("off_grp_sid ", ps, depth, &psd->off_grp_sid)
981	\|\| !prs_uint32("off_sacl ", ps, depth, &psd->off_sacl)
982	\|\| !prs_uint32("off_dacl ", ps, depth, &psd->off_dacl))
983	{
984	free(psd);
985	*ppsd = NULL;
986	return false;
987	}
988	max_offset = MAX(max_offset, ps->data_offset);
989
990	if (psd->off_owner_sid != 0)
991	{
992	tmp_offset = ps->data_offset;
993	if(!prs_set_offset(ps, old_offset + psd->off_owner_sid))
994	{
995	free(psd);
996	*ppsd = NULL;
997	return false;
998	}
999
1000	if (ps->io)
1001	{
1002	/* reading */
1003	if((psd->owner_sid = (DOM_SID*)zalloc(sizeof(DOM_SID))) == NULL)
1004	{
1005	free(psd);
1006	*ppsd = NULL;
1007	return false;
1008	}
1009	}
1010
1011	if(!smb_io_dom_sid("owner_sid ", psd->owner_sid , ps, depth))
1012	{
1013	if(ps->io)
1014	free(psd->owner_sid);
1015	free(psd);
1016	*ppsd = NULL;
1017	return false;
1018	}
1019
1020	max_offset = MAX(max_offset, ps->data_offset);
1021
1022	if (!prs_set_offset(ps,tmp_offset))
1023	{
1024	if(ps->io)
1025	free(psd->owner_sid);
1026	free(psd);
1027	*ppsd = NULL;
1028	return false;
1029	}
1030	}
1031
1032	if (psd->off_grp_sid != 0)
1033	{
1034	tmp_offset = ps->data_offset;
1035	if(!prs_set_offset(ps, old_offset + psd->off_grp_sid))
1036	{
1037	if(ps->io)
1038	free(psd->owner_sid);
1039	free(psd);
1040	*ppsd = NULL;
1041	return false;
1042	}
1043
1044	if (ps->io)
1045	{
1046	/* reading */
1047	if((psd->grp_sid = (DOM_SID*)zalloc(sizeof(DOM_SID))) == NULL)
1048	{
1049	free(psd->owner_sid);
1050	free(psd);
1051	*ppsd = NULL;
1052	return false;
1053	}
1054	}
1055
1056	if(!smb_io_dom_sid("grp_sid", psd->grp_sid, ps, depth))
1057	{
1058	if(ps->io)
1059	{
1060	free(psd->grp_sid);
1061	free(psd->owner_sid);
1062	}
1063	free(psd);
1064	*ppsd = NULL;
1065	return false;
1066	}
1067
1068	max_offset = MAX(max_offset, ps->data_offset);
1069
1070	if (!prs_set_offset(ps,tmp_offset))
1071	{
1072	if(ps->io)
1073	{
1074	free(psd->grp_sid);
1075	free(psd->owner_sid);
1076	}
1077	free(psd);
1078	*ppsd = NULL;
1079	return false;
1080	}
1081	}
1082
1083	if ((psd->type & SEC_DESC_SACL_PRESENT) && psd->off_sacl)
1084	{
1085	tmp_offset = ps->data_offset;
1086	if(!prs_set_offset(ps, old_offset + psd->off_sacl)
1087	\|\| !sec_io_acl("sacl", &psd->sacl, ps, depth))
1088	{
1089	if(ps->io)
1090	{
1091	free(psd->grp_sid);
1092	free(psd->owner_sid);
1093	}
1094	free(psd);
1095	*ppsd = NULL;
1096	return false;
1097	}
1098	max_offset = MAX(max_offset, ps->data_offset);
1099	if (!prs_set_offset(ps,tmp_offset))
1100	{
1101	if(ps->io)
1102	{
1103	free(psd->grp_sid);
1104	free(psd->owner_sid);
1105	}
1106	free(psd);
1107	*ppsd = NULL;
1108	return false;
1109	}
1110	}
1111
1112	if ((psd->type & SEC_DESC_DACL_PRESENT) && psd->off_dacl != 0)
1113	{
1114	tmp_offset = ps->data_offset;
1115	if(!prs_set_offset(ps, old_offset + psd->off_dacl)
1116	\|\| !sec_io_acl("dacl", &psd->dacl, ps, depth))
1117	{
1118	if(ps->io)
1119	{
1120	free(psd->grp_sid);
1121	free(psd->owner_sid);
1122	}
1123	free(psd);
1124	*ppsd = NULL;
1125	return false;
1126	}
1127	max_offset = MAX(max_offset, ps->data_offset);
1128	if (!prs_set_offset(ps,tmp_offset))
1129	{
1130	if(ps->io)
1131	{
1132	free(psd->grp_sid);
1133	free(psd->owner_sid);
1134	}
1135	free(psd);
1136	*ppsd = NULL;
1137	return false;
1138	}
1139	}
1140
1141	if(!prs_set_offset(ps, max_offset))
1142	{
1143	if(ps->io)
1144	{
1145	free(psd->grp_sid);
1146	free(psd->owner_sid);
1147	}
1148	free(psd);
1149	*ppsd = NULL;
1150	return false;
1151	}
1152
1153	return true;
1154	}
1155
1156	/* End of stuff from rpc_parse/parse_sec.c */
1157
1158	/* From lib/secace.c */
1159
1160	/*******************************************************************
1161	Compares two SEC_ACE structures
1162	********************************************************************/
1163	bool sec_ace_equal(SEC_ACE s1, SEC_ACE s2)
1164	{
1165	/* Trivial cases */
1166	if (!s1 && !s2)
1167	return true;
1168	if (!s1 \|\| !s2)
1169	return false;
1170
1171	/* Check top level stuff */
1172	if (s1->type != s2->type \|\| s1->flags != s2->flags \|\|
1173	s1->info.mask != s2->info.mask)
1174	{ return false; }
1175
1176	/* Check SID */
1177	if (!sid_equal(&s1->trustee, &s2->trustee))
1178	return false;
1179
1180	return true;
1181	}
1182
1183	/* End of stuff from lib/secace.c */
1184
1185	/* From lib/secacl.c */
1186
1187	/*******************************************************************
1188	Compares two SEC_ACL structures
1189	********************************************************************/
1190
1191	bool sec_acl_equal(SEC_ACL s1, SEC_ACL s2)
1192	{
1193	unsigned int i, j;
1194
1195	/* Trivial cases */
1196	if (!s1 && !s2)
1197	return true;
1198	if (!s1 \|\| !s2)
1199	return false;
1200
1201	/* Check top level stuff */
1202	if (s1->revision != s2->revision)
1203	return false;
1204
1205	if (s1->num_aces != s2->num_aces)
1206	return false;
1207
1208	/* The ACEs could be in any order so check each ACE in s1 against
1209	each ACE in s2. */
1210
1211	for (i = 0; i < s1->num_aces; i++)
1212	{
1213	bool found = false;
1214
1215	for (j = 0; j < s2->num_aces; j++)
1216	{
1217	if (sec_ace_equal(&s1->ace[i], &s2->ace[j]))
1218	{
1219	found = true;
1220	break;
1221	}
1222	}
1223
1224	if (!found)
1225	return false;
1226	}
1227
1228	return true;
1229	}
1230
1231	/* End of stuff from lib/secacl.c */
1232
1233	/* From lib/secdesc.c */
1234
1235	/*******************************************************************
1236	Compares two SEC_DESC structures
1237	********************************************************************/
1238	bool sec_desc_equal(SEC_DESC s1, SEC_DESC s2)
1239	{
1240	/* Trivial cases */
1241	if (!s1 && !s2)
1242	return true;
1243	if (!s1 \|\| !s2)
1244	return false;
1245
1246	/* Check top level stuff */
1247	if (s1->revision != s2->revision)
1248	return false;
1249
1250	if (s1->type!= s2->type)
1251	return false;
1252
1253	/* Check owner and group */
1254	if (!sid_equal(s1->owner_sid, s2->owner_sid))
1255	return false;
1256
1257	if (!sid_equal(s1->grp_sid, s2->grp_sid))
1258	return false;
1259
1260	/* Check ACLs present in one but not the other */
1261	if ((s1->dacl && !s2->dacl) \|\| (!s1->dacl && s2->dacl) \|\|
1262	(s1->sacl && !s2->sacl) \|\| (!s1->sacl && s2->sacl))
1263	{ return false; }
1264
1265	/* Sigh - we have to do it the hard way by iterating over all
1266	the ACEs in the ACLs */
1267	if(!sec_acl_equal(s1->dacl, s2->dacl) \|\| !sec_acl_equal(s1->sacl, s2->sacl))
1268	return false;
1269
1270	return true;
1271	}
1272
1273	/* End of stuff from lib/secdesc.c */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/lib/smb_deps.c @ 84

Download in other formats: