Changeset 134 for trunk/include

Timestamp:

01/16/09 13:36:04 (15 years ago)

Author:

tim

Message:

rewrote winsec library, stripping out Samba dependencies

eliminated remaining Samba prs functions

added support for 'li' subkey list records

Location:

trunk/include

Files:

• regfi.h (modified) (4 diffs)
• smb_deps.h (modified) (5 diffs)
• winsec.h (modified) (3 diffs)

trunk/include/regfi.h

@@ -1 +1 @@
 /*
- * Branched from Samba project, Subversion repository version #6903:
+ * Branched from Samba project Subversion repository, version #6903:
  *   http://viewcvs.samba.org/cgi-bin/viewcvs.cgi/trunk/source/include/regfio.h?rev=6903&view=auto
  *
- * Unix SMB/CIFS implementation.
- * Windows NT registry I/O library
+ * Windows NT (and later) registry parsing library
  *
  * Copyright (C) 2005-2009 Timothy D. Morgan
@@ -11 +10 @@
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
+ * the Free Software Foundation; version 3 of the License.
  *
  * This program is distributed in the hope that it will be useful,
@@ -191 +190 @@
   uint32 cell_size;     /* ((start_offset - end_offset) & 0xfffffff8) */
 
-  SEC_DESC* sec_desc;
+  WINSEC_DESC* sec_desc;
   uint32 hbin_off;      /* offset from beginning of this hbin block */
   
@@ -316 +315 @@
 int                   regfi_type_str2val(const char* str);
 
-char*                 regfi_get_sacl(SEC_DESC* sec_desc);
-char*                 regfi_get_dacl(SEC_DESC* sec_desc);
-char*                 regfi_get_owner(SEC_DESC* sec_desc);
-char*                 regfi_get_group(SEC_DESC* sec_desc);
+char*                 regfi_get_sacl(WINSEC_DESC* sec_desc);
+char*                 regfi_get_dacl(WINSEC_DESC* sec_desc);
+char*                 regfi_get_owner(WINSEC_DESC* sec_desc);
+char*                 regfi_get_group(WINSEC_DESC* sec_desc);
 
 REGF_FILE*            regfi_open(const char* filename);

trunk/include/smb_deps.h

@@ -29 +29 @@
 #include <stdlib.h>
 #include <stdbool.h>
+#include <stdint.h>
 #include <stdio.h>
 #include <string.h>
@@ -46 +47 @@
 /* From includes.h */
 
-#define uint8 unsigned char
-#define int16 short
-#define uint16 unsigned short
-#define int32 int
-#define uint32 unsigned int
-
-#define SMB_STRUCT_STAT struct stat
-#define QSORT_CAST (int (*)(const void *, const void *))
+#define uint8  uint8_t
+#define int16  int8_t
+#define uint16 uint16_t
+#define int32  int32_t
+#define uint32 uint32_t
 
 #define MIN(a,b) ((a)<(b)?(a):(b))
@@ -59 +57 @@
 
 extern int DEBUGLEVEL;
-
-#define DLIST_ADD(list, p) \
-{ \
-        if (!(list)) { \
-                (list) = (p); \
-                (p)->next = (p)->prev = NULL; \
-        } else { \
-                (list)->prev = (p); \
-                (p)->next = (list); \
-                (p)->prev = NULL; \
-                (list) = (p); \
-        }\
-}
 
 /* End of stuff from includes.h */
@@ -84 +69 @@
 
 /* End of stuff from smb.h */
-
-/* From smb_macros.h */
-
-#define TALLOC_ZERO_P(ctx, type) (type *)_talloc_zero(ctx, sizeof(type), #type)
-#define SMB_MALLOC_P(type) (type *)malloc_(sizeof(type))
-#define TALLOC_ARRAY(ctx, type, count) (type *)_talloc_array(ctx, sizeof(type), count, #type)
-#define TALLOC_ZERO_ARRAY(ctx, type, count) (type *)_talloc_zero_array(ctx, sizeof(type), count, #type)
-#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
-
-/* End of stuff from smb_macros.h */
-
-/* From ntdomain.h */
-
-struct uuid {
-       uint32 time_low;
-       uint16 time_mid;
-       uint16 time_hi_and_version;
-       uint8  clock_seq[2];
-       uint8  node[6];
-};
-
-typedef struct _prs_struct {
-        bool io; /* parsing in or out of data stream */
-        /* 
-         * If the (incoming) data is big-endian. On output we are
-          * always little-endian.
-           */ 
-           bool bigendian_data;
-           uint8 align; /* data alignment */
-           bool is_dynamic; /* Do we own this memory or not ? */
-           uint32 data_offset; /* Current working offset into data. */
-           uint32 buffer_size; /* Current allocated size of the buffer. */
-           uint32 grow_size; /* size requested via prs_grow() calls */
-           char *data_p; /* The buffer itself. */
-           void *mem_ctx; /* When unmarshalling, use this.... */
-} prs_struct;
-
-#define MARSHALL 0
-#define UNMARSHALL 1
-
-#define RPC_LITTLE_ENDIAN  0
-#define RPC_PARSE_ALIGN    4
-
-/* End of stuff from ntdomain.h */
-
 
 /* From lib/time.c */
@@ -143 +83 @@
 /* End of stuff from lib/time.c */
 
-/* From rpc_dce.h */
-
-#define MAX_PDU_FRAG_LEN 0x10b8 /* this is what w2k sets */
-
-/* End of stuff from rpc_dce.h */
-
-/* From parse_prs.h */
-
-bool prs_grow(prs_struct *ps, uint32 extra_space);
-bool prs_align(prs_struct *ps);
-bool prs_init(prs_struct *ps, uint32 size, void *ctx, bool io);
-char *prs_mem_get(prs_struct *ps, uint32 extra_size);
-bool prs_uint32(const char *name, prs_struct *ps, int depth, uint32 *data32);
-bool prs_uint32s(const char *name, prs_struct *ps, 
-                 int depth, uint32 *data32s, int len);
-bool prs_uint16(const char *name, prs_struct *ps, int depth, uint16 *data16);
-bool prs_uint16_pre(const char *name, prs_struct *ps, int depth, 
-                    uint16 *data16, uint32 *offset);
-bool prs_uint16_post(const char *name, prs_struct *ps, int depth, 
-                     uint16 *data16, uint32 ptr_uint16, uint32 start_offset);
-bool prs_uint8(const char *name, prs_struct *ps, int depth, uint8 *data8);
-bool prs_uint8s(const char *name, prs_struct *ps, int depth, 
-                uint8* data8s, int len);
-bool prs_set_offset(prs_struct *ps, uint32 offset);
-
-/* End of stuff from parse_prs.h */
-
-
-/* From pstring.h */
-
-#define FSTRING_LEN 256
-typedef char fstring[FSTRING_LEN];
-
-/* End of stuff from pstring.h */
-
-/* From rpc_parse/parse_misc.c */
-
-bool smb_io_uuid(const char *desc, struct uuid *uuid, 
-                 prs_struct *ps, int depth);
-bool smb_io_time(const char *desc, NTTIME *nttime, prs_struct *ps, int depth);
-
-/* End of stuff from rpc_parse/parse_misc.c */
-
 #endif /* _SMB_DEPS_H */

trunk/include/winsec.h

@@ -3 +3 @@
  * Security Descriptors. See:
  *   http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/source/
+ *
+ * Revisions have been made based on information provided by Microsoft
+ * at: 
+ *    http://msdn.microsoft.com/en-us/library/cc230366(PROT.10).aspx
  *
  * Copyright (C) 2005,2009 Timothy D. Morgan
@@ -23 +27 @@
  */
 
+#ifndef _WINSEC_H
+#define _WINSEC_H
+
 #include <stdlib.h>
 #include <stdbool.h>
+#include <stdint.h>
 #include <stdio.h>
 #include <string.h>
@@ -36 +44 @@
 
 
-#define MAXSUBAUTHS 15
+/* This is the maximum number of subauths in a SID, as defined here:
+ *   http://msdn.microsoft.com/en-us/library/cc230371(PROT.10).aspx
+ */
+#define WINSEC_MAX_SUBAUTHS 15
 
-#define SEC_DESC_HEADER_SIZE     (2 * sizeof(uint16) + 4 * sizeof(uint32))
-                                 /*thanks for Jim McDonough <jmcd@us.ibm.com>*/
-#define SEC_DESC_DACL_PRESENT    0x0004
-#define SEC_DESC_SACL_PRESENT    0x0010
+#define WINSEC_DESC_HEADER_SIZE     (5 * sizeof(uint32_t))
+#define WINSEC_ACL_HEADER_SIZE      (2 * sizeof(uint32_t))
+#define WINSEC_ACE_MIN_SIZE         16
 
-#define SEC_ACE_OBJECT_PRESENT              0x00000001 
-#define SEC_ACE_OBJECT_INHERITED_PRESENT    0x00000002
-#define SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT  0x5
-#define SEC_ACE_TYPE_ACCESS_DENIED_OBJECT   0x6
-#define SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT    0x7
-#define SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT    0x8
+/* TODO: Fill in definitions of other flags */
+/* This means offsets contained in the descriptor are relative to the
+ * descriptor's offset.  This had better be true in the registry. 
+ */
+#define WINSEC_DESC_SELF_RELATIVE   0x8000
+#define WINSEC_DESC_SACL_PRESENT    0x0010
+#define WINSEC_DESC_DACL_PRESENT    0x0004
+
+#define WINSEC_ACE_OBJECT_PRESENT              0x00000001 
+#define WINSEC_ACE_OBJECT_INHERITED_PRESENT    0x00000002
+#define WINSEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT  0x5
+#define WINSEC_ACE_TYPE_ACCESS_DENIED_OBJECT   0x6
+#define WINSEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT    0x7
+#define WINSEC_ACE_TYPE_SYSTEM_ALARM_OBJECT    0x8
 
 
-typedef struct sid_info
+typedef struct _winsec_uuid 
 {
-  uint8  sid_rev_num;             /**< SID revision number */
-  uint8  num_auths;               /**< Number of sub-authorities */
-  uint8  id_auth[6];              /**< Identifier Authority */
+       uint32 time_low;
+       uint16 time_mid;
+       uint16 time_hi_and_version;
+       uint8  clock_seq[2];
+       uint8  node[6];
+} WINSEC_UUID;
+
+
+typedef struct _winsec_sid
+{
+  uint8_t  sid_rev_num;             /* SID revision number */
+  uint8_t  num_auths;               /* Number of sub-authorities */
+  uint8_t  id_auth[6];              /* Identifier Authority */
   /*
    *  Pointer to sub-authorities.
    *
-   * @note The values in these uint32's are in *native* byteorder, not
+   * @note The values in these uint32_t's are in *native* byteorder, not
    * neccessarily little-endian...... JRA.
    */
-  uint32 sub_auths[MAXSUBAUTHS];
-} DOM_SID;
+  /* XXX: Make this dynamically allocated? */
+  uint32_t sub_auths[WINSEC_MAX_SUBAUTHS];
+} WINSEC_DOM_SID;
 
 
-typedef struct security_info_info
+typedef struct _winsec_ace
 {
-        uint32 mask;
-
-} SEC_ACCESS;
-
-typedef struct security_ace_info
-{
-        uint8 type;  /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
-        uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
-        uint16 size;
-
-        SEC_ACCESS info;
+        uint8_t type;  /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
+        uint8_t flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
+        uint16_t size;
+        uint32_t access_mask;
 
         /* this stuff may be present when type is XXXX_TYPE_XXXX_OBJECT */
-        uint32  obj_flags; /* xxxx_ACE_OBJECT_xxxx e.g present/inherited present etc */
-        struct uuid obj_guid;  /* object GUID */
-        struct uuid inh_guid;  /* inherited object GUID */              
+        uint32_t  obj_flags;   /* xxxx_ACE_OBJECT_xxxx e.g present/inherited present etc */
+        WINSEC_UUID* obj_guid;  /* object GUID */
+        WINSEC_UUID* inh_guid;  /* inherited object GUID */             
         /* eof object stuff */
 
-        DOM_SID trustee;
+        WINSEC_DOM_SID* trustee;
 
-} SEC_ACE;
+} WINSEC_ACE;
 
-typedef struct security_acl_info
+typedef struct _winsec_acl
 {
-        uint16 revision; /* 0x0003 */
-        uint16 size; /* size in bytes of the entire ACL structure */
-        uint32 num_aces; /* number of Access Control Entries */
+        uint16_t revision; /* 0x0003 */
+        uint16_t size;     /* size in bytes of the entire ACL structure */
+        uint32_t num_aces; /* number of Access Control Entries */
 
-        SEC_ACE *ace;
+        WINSEC_ACE** aces;
 
-} SEC_ACL;
+} WINSEC_ACL;
 
-typedef struct security_descriptor_info
+typedef struct _winsec_desc
 {
-        uint16 revision; /* 0x0001 */
-        uint16 type;     /* SEC_DESC_xxxx flags */
+        uint8_t revision; /* 0x01 */
+        uint8_t sbz1;     /* "If the Control field has the RM flag set,
+                           *  then this field contains the resource
+                           *  manager (RM) control value. ... Otherwise,
+                           *  this field is reserved and MUST be set to
+                           *  zero." -- Microsoft.  See reference above.
+                           */
+        uint16_t control; /* WINSEC_DESC_* flags */
 
-        uint32 off_owner_sid; /* offset to owner sid */
-        uint32 off_grp_sid  ; /* offset to group sid */
-        uint32 off_sacl     ; /* offset to system list of permissions */
-        uint32 off_dacl     ; /* offset to list of permissions */
+        uint32_t off_owner_sid; /* offset to owner sid */
+        uint32_t off_grp_sid  ; /* offset to group sid */
+        uint32_t off_sacl     ; /* offset to system list of permissions */
+        uint32_t off_dacl     ; /* offset to list of permissions */
 
-        SEC_ACL *dacl; /* user ACL */
-        SEC_ACL *sacl; /* system ACL */
-        DOM_SID *owner_sid; 
-        DOM_SID *grp_sid;
+        WINSEC_DOM_SID* owner_sid; 
+        WINSEC_DOM_SID* grp_sid;
+        WINSEC_ACL* sacl;       /* system ACL */
+        WINSEC_ACL* dacl;       /* user ACL */
 
-} SEC_DESC;
+} WINSEC_DESC;
 
 
+/* XXX: Need API functions to deallocate these structures */
+WINSEC_DESC* winsec_parse_desc(const uint8_t* buf, uint32_t buf_len);
+WINSEC_ACL* winsec_parse_acl(const uint8_t* buf, uint32_t buf_len);
+WINSEC_ACE* winsec_parse_ace(const uint8_t* buf, uint32_t buf_len);
+WINSEC_DOM_SID* winsec_parse_dom_sid(const uint8_t* buf, uint32_t buf_len);
+WINSEC_UUID* winsec_parse_uuid(const uint8_t* buf, uint32_t buf_len);
 
-bool smb_io_dom_sid(const char *desc, DOM_SID *sid, prs_struct *ps, int depth);
-bool sec_io_access(const char *desc, SEC_ACCESS *t, prs_struct *ps, int depth);
-bool sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps, int depth);
-bool sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth);
-bool sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth);
+size_t winsec_sid_size(const WINSEC_DOM_SID* sid);
+int winsec_sid_compare_auth(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2);
+int winsec_sid_compare(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2);
+bool winsec_sid_equal(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2);
+bool winsec_desc_equal(WINSEC_DESC* s1, WINSEC_DESC* s2);
+bool winsec_acl_equal(WINSEC_ACL* s1, WINSEC_ACL* s2);
+bool winsec_ace_equal(WINSEC_ACE* s1, WINSEC_ACE* s2);
+bool winsec_ace_object(uint8_t type);
 
-size_t sid_size(const DOM_SID *sid);
-int sid_compare_auth(const DOM_SID *sid1, const DOM_SID *sid2);
-int sid_compare(const DOM_SID *sid1, const DOM_SID *sid2);
-bool sec_ace_equal(SEC_ACE *s1, SEC_ACE *s2);
-bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2);
-bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2);
-bool sid_equal(const DOM_SID *sid1, const DOM_SID *sid2);
-bool sec_ace_object(uint8 type);
+#endif /* _WINSEC_H */