import "misc.idl";
-/*
+/*
use the same structure for dom_sid2 as dom_sid. A dom_sid2 is really
just a dom sid, but with the sub_auths represented as a conformant
array. As with all in-structure conformant arrays, the array length
cpp_quote("#define dom_sid0 dom_sid")
[
+ pyhelper("librpc/ndr/py_security.c"),
pointer_default(unique)
]
interface security
{
+
+ typedef [public,gensize,noprint,nosize,nopull,nopush] struct {
+ uint8 sid_rev_num; /**< SID revision number */
+ [range(0,15)] int8 num_auths; /**< Number of sub-authorities */
+ uint8 id_auth[6]; /**< Identifier Authority */
+ uint32 sub_auths[15];
+ } dom_sid;
/*
access masks are divided up like this:
0xabccdddd
const int SEC_RIGHTS_DIR_EXECUTE = SEC_RIGHTS_FILE_EXECUTE;
const int SEC_RIGHTS_DIR_ALL = SEC_RIGHTS_FILE_ALL;
+ /* combinations of standard masks. */
+ const int STANDARD_RIGHTS_ALL_ACCESS = SEC_STD_ALL; /* 0x001f0000 */
+ const int STANDARD_RIGHTS_MODIFY_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */
+ const int STANDARD_RIGHTS_EXECUTE_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */
+ const int STANDARD_RIGHTS_READ_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */
+ const int STANDARD_RIGHTS_WRITE_ACCESS =
+ (SEC_STD_WRITE_OWNER |
+ SEC_STD_WRITE_DAC |
+ SEC_STD_DELETE); /* 0x000d0000 */
+ const int STANDARD_RIGHTS_REQUIRED_ACCESS =
+ (SEC_STD_DELETE |
+ SEC_STD_READ_CONTROL |
+ SEC_STD_WRITE_DAC |
+ SEC_STD_WRITE_OWNER); /* 0x000f0000 */
/***************************************************************/
/* WELL KNOWN SIDS */
} sec_privilege;
- typedef [bitmap8bit] bitmap {
+ typedef [public,bitmap8bit] bitmap {
SEC_ACE_FLAG_OBJECT_INHERIT = 0x01,
SEC_ACE_FLAG_CONTAINER_INHERIT = 0x02,
SEC_ACE_FLAG_NO_PROPAGATE_INHERIT = 0x04,
SEC_ACE_FLAG_FAILED_ACCESS = 0x80
} security_ace_flags;
- typedef [enum8bit] enum {
+ typedef [public,enum8bit] enum {
SEC_ACE_TYPE_ACCESS_ALLOWED = 0,
SEC_ACE_TYPE_ACCESS_DENIED = 1,
SEC_ACE_TYPE_SYSTEM_AUDIT = 2,
[switch_is(flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)] security_ace_object_inherited_type inherited_type;
} security_ace_object;
- typedef [nodiscriminant] union {
+ typedef [public,nodiscriminant] union {
[case(SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT)] security_ace_object object;
[case(SEC_ACE_TYPE_ACCESS_DENIED_OBJECT)] security_ace_object object;
[case(SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT)] security_ace_object object;
[default];
} security_ace_object_ctr;
- typedef [public,gensize,nosize] struct {
+ typedef [public,nopull,gensize,nosize] struct {
security_ace_type type; /* SEC_ACE_TYPE_* */
security_ace_flags flags; /* SEC_ACE_FLAG_* */
- [value(ndr_size_security_ace(r,ndr->flags))] uint16 size;
+ [value(ndr_size_security_ace(r,ndr->iconv_convenience,ndr->flags))] uint16 size;
uint32 access_mask;
[switch_is(type)] security_ace_object_ctr object;
dom_sid trustee;
typedef [public,gensize,nosize] struct {
security_acl_revision revision;
- [value(ndr_size_security_acl(r,ndr->flags))] uint16 size;
+ [value(ndr_size_security_acl(r,ndr->iconv_convenience,ndr->flags))] uint16 size;
[range(0,1000)] uint32 num_aces;
security_ace aces[num_aces];
} security_acl;
} security_descriptor;
typedef [public] struct {
- [range(0,0x40000),value(ndr_size_security_descriptor(sd,ndr->flags))] uint32 sd_size;
+ [range(0,0x40000),value(ndr_size_security_descriptor(sd,ndr->iconv_convenience,ndr->flags))] uint32 sd_size;
[subcontext(4)] security_descriptor *sd;
} sec_desc_buf;
KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010
} kerb_EncTypes;
+
}