source3/rpcclient/display_sec.c

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 1.9.
   4    Samba utility functions
   5    Copyright (C) Andrew Tridgell 1992-1999
   6    Copyright (C) Luke Kenneth Casson Leighton 1996 - 1999
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24
  25
  26 /****************************************************************************
  27 convert a security permissions into a string
  28 ****************************************************************************/
  29 char *get_sec_mask_str(uint32 type)
  30 {
  31         static fstring typestr;
  32         int i;
  33
  34         switch (type)
  35         {
  36                 case SEC_RIGHTS_FULL_CONTROL:
  37                 {
  38                         fstrcpy(typestr, "Full Control");
  39                         return typestr;
  40                 }
  41
  42                 case SEC_RIGHTS_READ:
  43                 {
  44                         fstrcpy(typestr, "Read");
  45                         return typestr;
  46                 }
  47                 default:
  48                 {
  49                         break;
  50                 }
  51         }
  52
  53         typestr[0] = 0;
  54         for (i = 0; i < 32; i++)
  55         {
  56                 if (IS_BITS_SET_ALL(type, 1 << i))
  57                 {
  58                         switch (1 << i)
  59                         {
  60                                 case SEC_RIGHTS_QUERY_VALUE    : fstrcat(typestr, "Query " ); break;
  61                                 case SEC_RIGHTS_SET_VALUE      : fstrcat(typestr, "Set " ); break;
  62                                 case SEC_RIGHTS_CREATE_SUBKEY  : fstrcat(typestr, "Create "); break;
  63                                 case SEC_RIGHTS_ENUM_SUBKEYS   : fstrcat(typestr, "Enum "); break;
  64                                 case SEC_RIGHTS_NOTIFY         : fstrcat(typestr, "Notify "); break;
  65                                 case SEC_RIGHTS_CREATE_LINK    : fstrcat(typestr, "CreateLink "); break;
  66                                 case SEC_RIGHTS_DELETE         : fstrcat(typestr, "Delete "); break;
  67                                 case SEC_RIGHTS_READ_CONTROL   : fstrcat(typestr, "ReadControl "); break;
  68                                 case SEC_RIGHTS_WRITE_DAC      : fstrcat(typestr, "WriteDAC "); break;
  69                                 case SEC_RIGHTS_WRITE_OWNER    : fstrcat(typestr, "WriteOwner "); break;
  70                         }
  71                         type &= ~(1 << i);
  72                 }
  73         }
  74
  75         /* remaining bits get added on as-is */
  76         if (type != 0)
  77         {
  78                 fstring tmp;
  79                 slprintf(tmp, sizeof(tmp)-1, "[%08x]", type);
  80                 fstrcat(typestr, tmp);
  81         }
  82
  83         /* remove last space */
  84         i = strlen(typestr)-1;
  85         if (typestr[i] == ' ') typestr[i] = 0;
  86
  87         return typestr;
  88 }
  89
  90 /****************************************************************************
  91  display sec_access structure
  92  ****************************************************************************/
  93 void display_sec_access(FILE *out_hnd, enum action_type action, SEC_ACCESS *const info)
  94 {
  95         switch (action)
  96         {
  97                 case ACTION_HEADER:
  98                 {
  99                         break;
 100                 }
 101                 case ACTION_ENUMERATE:
 102                 {
 103                         report(out_hnd, "\t\tPermissions:\t%s\n",
 104                                 get_sec_mask_str(info->mask));
 105                 }
 106                 case ACTION_FOOTER:
 107                 {
 108                         break;
 109                 }
 110         }
 111 }
 112
 113 /****************************************************************************
 114  display sec_ace structure
 115  ****************************************************************************/
 116 void display_sec_ace(FILE *out_hnd, enum action_type action, SEC_ACE *const ace)
 117 {
 118         switch (action)
 119         {
 120                 case ACTION_HEADER:
 121                 {
 122                         report(out_hnd, "\tACE\n");
 123                         break;
 124                 }
 125                 case ACTION_ENUMERATE:
 126                 {
 127                         fstring sid_str;
 128
 129                         display_sec_access(out_hnd, ACTION_HEADER   , &ace->info);
 130                         display_sec_access(out_hnd, ACTION_ENUMERATE, &ace->info);
 131                         display_sec_access(out_hnd, ACTION_FOOTER   , &ace->info);
 132
 133                         sid_to_string(sid_str, &ace->sid);
 134                         report(out_hnd, "\t\tSID:\t%s\n", sid_str);
 135                 }
 136                 case ACTION_FOOTER:
 137                 {
 138                         break;
 139                 }
 140         }
 141 }
 142
 143 /****************************************************************************
 144  display sec_acl structure
 145  ****************************************************************************/
 146 void display_sec_acl(FILE *out_hnd, enum action_type action, SEC_ACL *const sec_acl)
 147 {
 148         switch (action)
 149         {
 150                 case ACTION_HEADER:
 151                 {
 152                         report(out_hnd, "\tACL\tNum ACEs:\t%d\trevision:\t%x\n",
 153                                          sec_acl->num_aces, sec_acl->revision);
 154                         report(out_hnd, "\t---\n");
 155
 156                         break;
 157                 }
 158                 case ACTION_ENUMERATE:
 159                 {
 160                         if (sec_acl->size != 0 && sec_acl->num_aces != 0)
 161                         {
 162                                 int i;
 163                                 for (i = 0; i < sec_acl->num_aces; i++)
 164                                 {
 165                                         display_sec_ace(out_hnd, ACTION_HEADER   , &sec_acl->ace[i]);
 166                                         display_sec_ace(out_hnd, ACTION_ENUMERATE, &sec_acl->ace[i]);
 167                                         display_sec_ace(out_hnd, ACTION_FOOTER   , &sec_acl->ace[i]);
 168                                 }
 169                         }
 170
 171                         break;
 172                 }
 173                 case ACTION_FOOTER:
 174                 {
 175                         report(out_hnd, "\n");
 176                         break;
 177                 }
 178         }
 179 }
 180
 181 /****************************************************************************
 182  display sec_desc structure
 183  ****************************************************************************/
 184 void display_sec_desc(FILE *out_hnd, enum action_type action, SEC_DESC *const sec)
 185 {
 186         switch (action)
 187         {
 188                 case ACTION_HEADER:
 189                 {
 190                         report(out_hnd, "\tSecurity Descriptor\trevision:\t%x\ttype:\t%x\n",
 191                                          sec->revision, sec->type);
 192                         report(out_hnd, "\t-------------------\n");
 193
 194                         break;
 195                 }
 196                 case ACTION_ENUMERATE:
 197                 {
 198                         fstring sid_str;
 199
 200                         if (sec->off_sacl != 0)
 201                         {
 202                                 display_sec_acl(out_hnd, ACTION_HEADER   , sec->sacl);
 203                                 display_sec_acl(out_hnd, ACTION_ENUMERATE, sec->sacl);
 204                                 display_sec_acl(out_hnd, ACTION_FOOTER   , sec->sacl);
 205                         }
 206                         if (sec->off_dacl != 0)
 207                         {
 208                                 display_sec_acl(out_hnd, ACTION_HEADER   , sec->dacl);
 209                                 display_sec_acl(out_hnd, ACTION_ENUMERATE, sec->dacl);
 210                                 display_sec_acl(out_hnd, ACTION_FOOTER   , sec->dacl);
 211                         }
 212                         if (sec->off_owner_sid != 0)
 213                         {
 214                                 sid_to_string(sid_str, sec->owner_sid);
 215                                 report(out_hnd, "\tOwner SID:\t%s\n", sid_str);
 216                         }
 217                         if (sec->off_grp_sid != 0)
 218                         {
 219                                 sid_to_string(sid_str, sec->grp_sid);
 220                                 report(out_hnd, "\tParent SID:\t%s\n", sid_str);
 221                         }
 222
 223                         break;
 224                 }
 225                 case ACTION_FOOTER:
 226                 {
 227                         report(out_hnd, "\n");
 228                         break;
 229                 }
 230         }
 231 }
 232