Merge branch 'master' of ssh://git.samba.org/data/git/samba
authorJelmer Vernooij <jelmer@samba.org>
Mon, 15 Dec 2008 22:19:49 +0000 (23:19 +0100)
committerJelmer Vernooij <jelmer@samba.org>
Mon, 15 Dec 2008 22:19:49 +0000 (23:19 +0100)
25 files changed:
librpc/idl/security.idl
librpc/ndr/ndr_sec_helper.c
pidl/lib/Parse/Pidl/NDR.pm
pidl/lib/Parse/Pidl/Samba4/Python.pm
source3/include/proto.h
source3/include/smb.h
source3/librpc/gen_ndr/lsa.h
source3/librpc/gen_ndr/misc.h
source3/librpc/gen_ndr/ndr_drsblobs.c
source3/librpc/gen_ndr/ndr_security.c
source3/librpc/gen_ndr/ndr_security.h
source3/librpc/gen_ndr/ndr_srvsvc.c
source3/librpc/gen_ndr/ndr_srvsvc.h
source3/librpc/gen_ndr/security.h
source3/librpc/gen_ndr/srvsvc.h
source3/librpc/gen_ndr/winreg.h
source3/librpc/ndr/sid.c
source4/headermap.txt
source4/libcli/security/dom_sid.c
source4/libcli/security/sddl.c
source4/libcli/security/security_descriptor.c
source4/librpc/config.mk
source4/librpc/idl/dom_sid.idl
source4/librpc/ndr/ndr_dom_sid.c [deleted file]
source4/torture/unix/whoami.c

index 3f70e2c36e5919d977643d660b2e21bbaadee651..d88931fc69950cdd0cfc14f4da8c63b0e8aa2759 100644 (file)
@@ -7,12 +7,40 @@
 import "misc.idl";
 import "dom_sid.idl";
 
+/*
+   use the same structure for dom_sid2 as dom_sid. A dom_sid2 is really
+   just a dom sid, but with the sub_auths represented as a conformant
+   array. As with all in-structure conformant arrays, the array length
+   is placed before the start of the structure. That's what gives rise
+   to the extra num_auths elemenent. We don't want the Samba code to
+   have to bother with such esoteric NDR details, so its easier to just
+   define it as a dom_sid and use pidl magic to make it all work. It
+   just means you need to mark a sid as a "dom_sid2" in the IDL when you
+   know it is of the conformant array variety
+*/
+cpp_quote("#define dom_sid2 dom_sid")
+
+/* same struct as dom_sid but inside a 28 bytes fixed buffer in NDR */
+cpp_quote("#define dom_sid28 dom_sid")
+
+/* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */
+cpp_quote("#define dom_sid0 dom_sid")
+
+
+
 [
        helper("librpc/gen_ndr/ndr_dom_sid.h"),
        pointer_default(unique)
 ]
 interface security
 {
+
+       typedef [public,gensize,noprint,nosize,nopull,nopush] struct {
+               uint8  sid_rev_num;             /**< SID revision number */
+               [range(0,15)] int8  num_auths;  /**< Number of sub-authorities */
+               uint8  id_auth[6];              /**< Identifier Authority */
+               uint32 sub_auths[15];
+       } dom_sid;
        /*
          access masks are divided up like this:
                 0xabccdddd
@@ -388,4 +416,5 @@ interface security
                KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
                KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010
        } kerb_EncTypes;
+
 }
index 4b135505d883806337c2c3087aaa7d4c26ae406f..898a4287eaaf8e1fc39aadb364c6033db935a18e 100644 (file)
@@ -23,6 +23,9 @@
 
 #include "includes.h"
 #include "librpc/gen_ndr/ndr_security.h"
+#if _SAMBA_BUILD_ == 4
+#include "libcli/security/security.h"
+#endif
 
 /*
   return the wire size of a security_ace
@@ -116,3 +119,224 @@ size_t ndr_size_security_descriptor(const struct security_descriptor *sd, int fl
        return ret;
 }
 
+/*
+  return the wire size of a dom_sid
+*/
+size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags)
+{
+       if (!sid) return 0;
+       return 8 + 4*sid->num_auths;
+}
+
+size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags)
+{
+       struct dom_sid zero_sid;
+
+       if (!sid) return 0;
+
+       ZERO_STRUCT(zero_sid);
+
+       if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
+               return 0;
+       }
+
+       return 8 + 4*sid->num_auths;
+}
+
+size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags)
+{
+       return ndr_size_dom_sid28(sid, flags);
+}
+
+/*
+  print a dom_sid
+*/
+void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
+{
+       ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid));
+}
+
+void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
+{
+       ndr_print_dom_sid(ndr, name, sid);
+}
+
+void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
+{
+       ndr_print_dom_sid(ndr, name, sid);
+}
+
+void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
+{
+       ndr_print_dom_sid(ndr, name, sid);
+}
+
+
+/*
+  parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
+*/
+enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
+{
+       uint32_t num_auths;
+       if (!(ndr_flags & NDR_SCALARS)) {
+               return NDR_ERR_SUCCESS;
+       }
+       NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths));
+       NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid));
+       if (sid->num_auths != num_auths) {
+               return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, 
+                                     "Bad array size %u should exceed %u", 
+                                     num_auths, sid->num_auths);
+       }
+       return NDR_ERR_SUCCESS;
+}
+
+/*
+  parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
+*/
+enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
+{
+       if (!(ndr_flags & NDR_SCALARS)) {
+               return NDR_ERR_SUCCESS;
+       }
+       NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths));
+       return ndr_push_dom_sid(ndr, ndr_flags, sid);
+}
+
+/*
+  parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth
+*/
+enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
+{
+       enum ndr_err_code status;
+       struct ndr_pull *subndr;
+
+       if (!(ndr_flags & NDR_SCALARS)) {
+               return NDR_ERR_SUCCESS;
+       }
+
+       subndr = talloc_zero(ndr, struct ndr_pull);
+       NDR_ERR_HAVE_NO_MEMORY(subndr);
+       subndr->flags           = ndr->flags;
+       subndr->current_mem_ctx = ndr->current_mem_ctx;
+
+       subndr->data            = ndr->data + ndr->offset;
+       subndr->data_size       = 28;
+       subndr->offset          = 0;
+
+       NDR_CHECK(ndr_pull_advance(ndr, 28));
+
+       status = ndr_pull_dom_sid(subndr, ndr_flags, sid);
+       if (!NDR_ERR_CODE_IS_SUCCESS(status)) {
+               /* handle a w2k bug which send random data in the buffer */
+               ZERO_STRUCTP(sid);
+       } else if (sid->num_auths == 0 && sid->sub_auths) {
+               ZERO_STRUCT(sid->sub_auths);
+       }
+
+       return NDR_ERR_SUCCESS;
+}
+
+/*
+  push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer
+*/
+enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
+{
+       uint32_t old_offset;
+       uint32_t padding;
+
+       if (!(ndr_flags & NDR_SCALARS)) {
+               return NDR_ERR_SUCCESS;
+       }
+
+       if (sid->num_auths > 5) {
+               return ndr_push_error(ndr, NDR_ERR_RANGE, 
+                                     "dom_sid28 allows only upto 5 sub auth [%u]", 
+                                     sid->num_auths);
+       }
+
+       old_offset = ndr->offset;
+       NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid));
+
+       padding = 28 - (ndr->offset - old_offset);
+
+       if (padding > 0) {
+               NDR_CHECK(ndr_push_zero(ndr, padding));
+       }
+
+       return NDR_ERR_SUCCESS;
+}
+
+/*
+  parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty
+*/
+enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
+{
+       if (!(ndr_flags & NDR_SCALARS)) {
+               return NDR_ERR_SUCCESS;
+       }
+
+       if (ndr->data_size == ndr->offset) {
+               ZERO_STRUCTP(sid);
+               return NDR_ERR_SUCCESS;
+       }
+
+       return ndr_pull_dom_sid(ndr, ndr_flags, sid);
+}
+
+/*
+  push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty
+*/
+enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
+{
+       struct dom_sid zero_sid;
+
+       if (!(ndr_flags & NDR_SCALARS)) {
+               return NDR_ERR_SUCCESS;
+       }
+
+       if (!sid) {
+               return NDR_ERR_SUCCESS;
+       }
+
+       ZERO_STRUCT(zero_sid);
+
+       if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
+               return NDR_ERR_SUCCESS;
+       }
+
+       return ndr_push_dom_sid(ndr, ndr_flags, sid);
+}
+
+_PUBLIC_ enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r)
+{
+       uint32_t cntr_sub_auths_0;
+       if (ndr_flags & NDR_SCALARS) {
+               NDR_CHECK(ndr_push_align(ndr, 4));
+               NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num));
+               NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths));
+               NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
+               for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
+                       NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0]));
+               }
+       }
+       return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r)
+{
+       uint32_t cntr_sub_auths_0;
+       if (ndr_flags & NDR_SCALARS) {
+               NDR_CHECK(ndr_pull_align(ndr, 4));
+               NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num));
+               NDR_CHECK(ndr_pull_int8(ndr, NDR_SCALARS, &r->num_auths));
+               if (r->num_auths < 0 || r->num_auths > 15) {
+                       return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
+               }
+               NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
+               for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
+                       NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0]));
+               }
+       }
+       return NDR_ERR_SUCCESS;
+}
index 3daad24c5da5ea4fc63137d2e7cbf40afd728ea1..5ee26d16b68c76f611c4fedc832aab5671f513e1 100644 (file)
@@ -855,6 +855,7 @@ my %property_list = (
        "endpoint"              => ["INTERFACE"],
        "pointer_default"       => ["INTERFACE"],
        "helper"                => ["INTERFACE"],
+       "pyhelper"              => ["INTERFACE"],
        "authservice"           => ["INTERFACE"],
        "restricted"    => ["INTERFACE"],
 
index 90dcba0780dd7e588ba1c246849e2ee4d3b915a0..4c598b3ca0da5f45bbcb414cd5e6f4bd0a35401a 100644 (file)
@@ -224,7 +224,10 @@ sub PythonStruct($$$$$$)
        $self->pidl("static PyObject *py_$name\_new(PyTypeObject *self, PyObject *args, PyObject *kwargs)");
        $self->pidl("{");
        $self->indent;
+       $self->pidl("char *kwlist[] = {NULL};");
        $self->pidl("$cname *ret = talloc_zero(NULL, $cname);");
+       $self->pidl("if (!PyArg_ParseTupleAndKeywords(args, kwargs, \"\", kwlist))");
+       $self->pidl("\treturn NULL;");
        $self->pidl("return py_talloc_import(&$name\_Type, ret);");
        $self->deindent;
        $self->pidl("}");
@@ -280,6 +283,11 @@ sub PythonStruct($$$$$$)
                $self->indent;
                $self->pidl("{ \"__ndr_pack__\", (PyCFunction)py_$name\_ndr_pack, METH_NOARGS, \"S.pack() -> blob\\nNDR pack\" },");
                $self->pidl("{ \"__ndr_unpack__\", (PyCFunction)py_$name\_ndr_unpack, METH_VARARGS, \"S.unpack(blob) -> None\\nNDR unpack\" },");
+               $self->deindent;
+               $self->pidl("#ifdef ".uc("py_$name\_extra_methods"));
+               $self->pidl("\t" .uc("py_$name\_extra_methods"));
+               $self->pidl("#endif");
+               $self->indent;
                $self->pidl("{ NULL, NULL, 0, NULL }");
                $self->deindent;
                $self->pidl("};");
@@ -290,6 +298,10 @@ sub PythonStruct($$$$$$)
        $self->pidl_hdr("#define $name\_Check(op) PyObject_TypeCheck(op, &$name\_Type)\n");
        $self->pidl_hdr("#define $name\_CheckExact(op) ((op)->ob_type == &$name\_Type)\n");
        $self->pidl_hdr("\n");
+       $self->pidl("#ifndef ".uc("py_$name\_repr"));
+       $self->pidl("#define ".uc("py_$name\_repr") . " py_talloc_default_repr");
+       $self->pidl("#endif");
+       $self->pidl("");
        my $docstring = ($self->DocString($d, $name) or "NULL");
        my $typeobject = "$name\_Type";
        $self->pidl("PyTypeObject $typeobject = {");
@@ -299,7 +311,7 @@ sub PythonStruct($$$$$$)
        $self->pidl(".tp_basicsize = sizeof(py_talloc_Object),");
        $self->pidl(".tp_dealloc = py_talloc_dealloc,");
        $self->pidl(".tp_getset = $getsetters,");
-       $self->pidl(".tp_repr = py_talloc_default_repr,");
+       $self->pidl(".tp_repr = ".uc("py_$name\_repr").",");
        $self->pidl(".tp_doc = $docstring,");
        $self->pidl(".tp_methods = $py_methods,");
        $self->pidl(".tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,");
@@ -624,6 +636,10 @@ sub Interface($$$)
 
        $self->pidl_hdr("\n");
 
+       if (has_property($interface, "pyhelper")) {
+               $self->pidl("#include \"".unmake_str($interface->{PROPERTIES}->{pyhelper})."\"\n");
+       }
+
        $self->Const($_) foreach (@{$interface->{CONSTS}});
 
        foreach my $d (@{$interface->{TYPES}}) {
index 9d86f16e691ac4839601df5ab6a71a484224d898..24929f6d7fe1d0e0ec72c801fb223b844fd2425b 100644 (file)
@@ -2322,15 +2322,7 @@ void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct do
 
 /* The following definitions come from librpc/ndr/sid.c  */
 
-enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r);
-enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r);
 char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
-enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid);
-enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid);
-enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid);
-enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid);
-enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid);
-enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid);
 
 /* The following definitions come from librpc/rpc/binding.c  */
 
index 112b4e0f91c1e6fa33b1548829e76315e7d52459..891bd4aaf74139b29962cbcf812bda9bce57a0d1 100644 (file)
@@ -209,18 +209,7 @@ typedef uint32 codepoint_t;
  *
  * @sa http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/accctrl_38yn.asp
  **/
-typedef struct dom_sid {
-       uint8  sid_rev_num;             /**< SID revision number */
-       uint8  num_auths;               /**< Number of sub-authorities */
-       uint8  id_auth[6];              /**< Identifier Authority */
-       /*
-        *  Pointer to sub-authorities.
-        *
-        * @note The values in these uint32's are in *native* byteorder, not
-        * neccessarily little-endian...... JRA.
-        */
-       uint32 sub_auths[MAXSUBAUTHS];  
-} DOM_SID;
+typedef struct dom_sid DOM_SID;
 
 enum id_mapping {
        ID_UNKNOWN = 0,
index 0ccbcdf5b0c467930eb2601ac813b28e6c686c5f..ee8a31138d20b371894d33cf237d7d1fd9bee5e4 100644 (file)
@@ -17,7 +17,7 @@ struct lsa_String {
        uint16_t length;/* [value(2*strlen_m(string))] */
        uint16_t size;/* [value(2*strlen_m(string))] */
        const char *string;/* [unique,charset(UTF16),length_is(length/2),size_is(size/2)] */
-}/* [public,noejs] */;
+}/* [public] */;
 
 struct lsa_StringLarge {
        uint16_t length;/* [value(2*strlen_m(string))] */
index d1cf64e0ebf6e03d8f194b8c556970ed32beafb9..de4abdcae5932fdf1db707bef0dbaedf17ad4cb9 100644 (file)
@@ -11,7 +11,7 @@ struct GUID {
        uint16_t time_hi_and_version;
        uint8_t clock_seq[2];
        uint8_t node[6];
-}/* [noprint,gensize,public,noejs] */;
+}/* [noprint,gensize,public] */;
 
 struct ndr_syntax_id {
        struct GUID uuid;
index dd8d77ea15a4b65cded03f1c0a66e7f43c4cde34..d965e40bd27cfbaef506b05748f07720618985be 100644 (file)
@@ -2351,7 +2351,6 @@ static enum ndr_err_code ndr_push_AuthInfoNT4Owf(struct ndr_push *ndr, int ndr_f
                NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->password));
        }
        if (ndr_flags & NDR_BUFFERS) {
-               NDR_CHECK(ndr_push_samr_Password(ndr, NDR_BUFFERS, &r->password));
        }
        return NDR_ERR_SUCCESS;
 }
@@ -2364,7 +2363,6 @@ static enum ndr_err_code ndr_pull_AuthInfoNT4Owf(struct ndr_pull *ndr, int ndr_f
                NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->password));
        }
        if (ndr_flags & NDR_BUFFERS) {
-               NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_BUFFERS, &r->password));
        }
        return NDR_ERR_SUCCESS;
 }
@@ -2477,7 +2475,6 @@ static enum ndr_err_code ndr_push_AuthInfo(struct ndr_push *ndr, int ndr_flags,
                        break;
 
                        case TRUST_AUTH_TYPE_NT4OWF:
-                               NDR_CHECK(ndr_push_AuthInfoNT4Owf(ndr, NDR_BUFFERS, &r->nt4owf));
                        break;
 
                        case TRUST_AUTH_TYPE_CLEAR:
@@ -2525,7 +2522,6 @@ static enum ndr_err_code ndr_pull_AuthInfo(struct ndr_pull *ndr, int ndr_flags,
                        break;
 
                        case TRUST_AUTH_TYPE_NT4OWF:
-                               NDR_CHECK(ndr_pull_AuthInfoNT4Owf(ndr, NDR_BUFFERS, &r->nt4owf));
                        break;
 
                        case TRUST_AUTH_TYPE_CLEAR:
@@ -2584,7 +2580,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_AuthenticationInformation(struct ndr_push *n
                }
        }
        if (ndr_flags & NDR_BUFFERS) {
-               NDR_CHECK(ndr_push_AuthInfo(ndr, NDR_BUFFERS, &r->AuthInfo));
        }
        return NDR_ERR_SUCCESS;
 }
@@ -2605,7 +2600,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_AuthenticationInformation(struct ndr_pull *n
                }
        }
        if (ndr_flags & NDR_BUFFERS) {
-               NDR_CHECK(ndr_pull_AuthInfo(ndr, NDR_BUFFERS, &r->AuthInfo));
        }
        return NDR_ERR_SUCCESS;
 }
@@ -2641,7 +2635,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_trustCurrentPasswords(struct ndr_push *ndr,
                for (cntr_current_0 = 0; cntr_current_0 < r->count; cntr_current_0++) {
                        if (r->current[cntr_current_0]) {
                                NDR_CHECK(ndr_push_relative_ptr2(ndr, r->current[cntr_current_0]));
-                               NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->current[cntr_current_0]));
+                               NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_SCALARS, r->current[cntr_current_0]));
                        }
                }
        }
@@ -2681,7 +2675,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_trustCurrentPasswords(struct ndr_pull *ndr,
                                NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->current[cntr_current_0]));
                                _mem_save_current_1 = NDR_PULL_GET_MEM_CTX(ndr);
                                NDR_PULL_SET_MEM_CTX(ndr, r->current[cntr_current_0], 0);
-                               NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->current[cntr_current_0]));
+                               NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_SCALARS, r->current[cntr_current_0]));
                                NDR_PULL_SET_MEM_CTX(ndr, _mem_save_current_1, 0);
                                ndr->offset = _relative_save_offset;
                        }
index 108f2f689c2907a9ba4fd5ff0dc490d246f8b045..8339a40d40f031d87cd9318f500a41286a2f3500 100644 (file)
@@ -427,7 +427,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_ace(struct ndr_push *ndr, int ndr_f
        }
        if (ndr_flags & NDR_BUFFERS) {
                NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object));
-               NDR_CHECK(ndr_push_dom_sid(ndr, NDR_BUFFERS, &r->trustee));
        }
        return NDR_ERR_SUCCESS;
 }
@@ -621,11 +620,11 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_descriptor(struct ndr_push *ndr, in
                if (ndr_flags & NDR_BUFFERS) {
                        if (r->owner_sid) {
                                NDR_CHECK(ndr_push_relative_ptr2(ndr, r->owner_sid));
-                               NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->owner_sid));
+                               NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->owner_sid));
                        }
                        if (r->group_sid) {
                                NDR_CHECK(ndr_push_relative_ptr2(ndr, r->group_sid));
-                               NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid));
+                               NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->group_sid));
                        }
                        if (r->sacl) {
                                NDR_CHECK(ndr_push_relative_ptr2(ndr, r->sacl));
@@ -694,7 +693,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor(struct ndr_pull *ndr, in
                                NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->owner_sid));
                                _mem_save_owner_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
                                NDR_PULL_SET_MEM_CTX(ndr, r->owner_sid, 0);
-                               NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->owner_sid));
+                               NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->owner_sid));
                                NDR_PULL_SET_MEM_CTX(ndr, _mem_save_owner_sid_0, 0);
                                ndr->offset = _relative_save_offset;
                        }
@@ -704,7 +703,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor(struct ndr_pull *ndr, in
                                NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->group_sid));
                                _mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
                                NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0);
-                               NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid));
+                               NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid));
                                NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0);
                                ndr->offset = _relative_save_offset;
                        }
@@ -855,14 +854,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_token(struct ndr_push *ndr, int ndr
        }
        if (ndr_flags & NDR_BUFFERS) {
                if (r->user_sid) {
-                       NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->user_sid));
+                       NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->user_sid));
                }
                if (r->group_sid) {
-                       NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid));
+                       NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->group_sid));
                }
                for (cntr_sids_0 = 0; cntr_sids_0 < r->num_sids; cntr_sids_0++) {
                        if (r->sids[cntr_sids_0]) {
-                               NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids[cntr_sids_0]));
+                               NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0]));
                        }
                }
        }
@@ -916,13 +915,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr
                if (r->user_sid) {
                        _mem_save_user_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
                        NDR_PULL_SET_MEM_CTX(ndr, r->user_sid, 0);
-                       NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->user_sid));
+                       NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->user_sid));
                        NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_sid_0, 0);
                }
                if (r->group_sid) {
                        _mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
                        NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0);
-                       NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid));
+                       NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid));
                        NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0);
                }
                _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr);
@@ -931,7 +930,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr
                        if (r->sids[cntr_sids_0]) {
                                _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr);
                                NDR_PULL_SET_MEM_CTX(ndr, r->sids[cntr_sids_0], 0);
-                               NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids[cntr_sids_0]));
+                               NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0]));
                                NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0);
                        }
                }
index bddf1bd2b70ce60ae3e19f55b9ba37072b90b093..f8cbf4afa81c4384956e2d4a6ae23cbf4e8c488f 100644 (file)
@@ -8,6 +8,10 @@
 
 #include "librpc/gen_ndr/ndr_dom_sid.h"
 #define NDR_SECURITY_CALL_COUNT (0)
+enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r);
+enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r);
+void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *r);
+size_t ndr_size_dom_sid(const struct dom_sid *r, int flags);
 enum ndr_err_code ndr_push_security_ace_flags(struct ndr_push *ndr, int ndr_flags, uint8_t r);
 enum ndr_err_code ndr_pull_security_ace_flags(struct ndr_pull *ndr, int ndr_flags, uint8_t *r);
 void ndr_print_security_ace_flags(struct ndr_print *ndr, const char *name, uint8_t r);
index 9ac3aa82c9125c35e5b02389556192025b12a73d..125542d14a9a97a208b5dab7899ec3050c86c9c4 100644 (file)
@@ -6358,7 +6358,7 @@ _PUBLIC_ void ndr_print_srvsvc_PlatformId(struct ndr_print *ndr, const char *nam
        ndr_print_enum(ndr, name, "ENUM", val, r);
 }
 
-static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r)
+_PUBLIC_ enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r)
 {
        if (ndr_flags & NDR_SCALARS) {
                NDR_CHECK(ndr_push_align(ndr, 4));
@@ -6376,7 +6376,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int
        return NDR_ERR_SUCCESS;
 }
 
-static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r)
+_PUBLIC_ enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r)
 {
        uint32_t _ptr_server_name;
        TALLOC_CTX *_mem_save_server_name_0;
@@ -6421,7 +6421,7 @@ _PUBLIC_ void ndr_print_srvsvc_NetSrvInfo100(struct ndr_print *ndr, const char *
        ndr->depth--;
 }
 
-static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r)
+_PUBLIC_ enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r)
 {
        if (ndr_flags & NDR_SCALARS) {
                NDR_CHECK(ndr_push_align(ndr, 4));
@@ -6449,7 +6449,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int
        return NDR_ERR_SUCCESS;
 }
 
-static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r)
+_PUBLIC_ enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r)
 {
        uint32_t _ptr_server_name;
        TALLOC_CTX *_mem_save_server_name_0;
index 33569d187008c412dc1fc32764343b37a828f5dc..126680cad03c1a80fadd86d624da5890a2d591c9 100644 (file)
@@ -186,7 +186,11 @@ void ndr_print_srvsvc_NetShareInfoCtr(struct ndr_print *ndr, const char *name, c
 enum ndr_err_code ndr_push_srvsvc_PlatformId(struct ndr_push *ndr, int ndr_flags, enum srvsvc_PlatformId r);
 enum ndr_err_code ndr_pull_srvsvc_PlatformId(struct ndr_pull *ndr, int ndr_flags, enum srvsvc_PlatformId *r);
 void ndr_print_srvsvc_PlatformId(struct ndr_print *ndr, const char *name, enum srvsvc_PlatformId r);
+enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r);
+enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r);
 void ndr_print_srvsvc_NetSrvInfo100(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo100 *r);
+enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r);
+enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r);
 void ndr_print_srvsvc_NetSrvInfo101(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo101 *r);
 void ndr_print_srvsvc_NetSrvInfo102(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo102 *r);
 void ndr_print_srvsvc_NetSrvInfo402(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo402 *r);
index fe23347fdf0de61efbc372380bcd33d806267e0f..99e1f4b1c90cd5de70c275076581489fc6fcb8c3 100644 (file)
@@ -4,6 +4,9 @@
 
 #include "librpc/gen_ndr/misc.h"
 #include "librpc/gen_ndr/dom_sid.h"
+#define dom_sid2 dom_sid
+#define dom_sid28 dom_sid
+#define dom_sid0 dom_sid
 #ifndef _HEADER_security
 #define _HEADER_security
 
 #define DOMAIN_RID_ENTERPRISE_ADMINS   ( 519 )
 #define NT4_ACL_REVISION       ( SECURITY_ACL_REVISION_NT4 )
 #define SD_REVISION    ( SECURITY_DESCRIPTOR_REVISION_1 )
+struct dom_sid {
+       uint8_t sid_rev_num;
+       int8_t num_auths;/* [range(0,15)] */
+       uint8_t id_auth[6];
+       uint32_t sub_auths[15];
+}/* [noprint,gensize,nopull,public,nopush,nosize] */;
+
 enum sec_privilege
 #ifndef USE_UINT_ENUMS
  {
index b50213bb966c38794d881a9982f57d91113ff1c2..6467f72a5be45f21c42cb866fabd867ca16c29a6 100644 (file)
@@ -431,7 +431,7 @@ enum srvsvc_PlatformId
 struct srvsvc_NetSrvInfo100 {
        enum srvsvc_PlatformId platform_id;
        const char *server_name;/* [unique,charset(UTF16)] */
-};
+}/* [public] */;
 
 struct srvsvc_NetSrvInfo101 {
        enum srvsvc_PlatformId platform_id;
@@ -440,7 +440,7 @@ struct srvsvc_NetSrvInfo101 {
        uint32_t version_minor;
        uint32_t server_type;
        const char *comment;/* [unique,charset(UTF16)] */
-};
+}/* [public] */;
 
 struct srvsvc_NetSrvInfo102 {
        enum srvsvc_PlatformId platform_id;
index fbbab33c8d5d3b202fa43ed854aad4b71c14a7e0..a98120ccf5852d12db36539aad627e629d2a478a 100644 (file)
@@ -54,7 +54,7 @@ struct winreg_String {
        uint16_t name_len;/* [value(strlen_m_term(name)*2)] */
        uint16_t name_size;/* [value(strlen_m_term(name)*2)] */
        const char *name;/* [unique,charset(UTF16)] */
-}/* [public,noejs] */;
+}/* [public] */;
 
 struct KeySecurityData {
        uint8_t *data;/* [unique,length_is(len),size_is(size)] */
index 39b7e3cd59dee9b6a536aac10597fb4b8dbd3db6..252da85929102ceb229cab74d99554256251492f 100644 (file)
 
 #include "includes.h"
 
-/*
-  return the wire size of a dom_sid
-*/
-size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags)
-{
-       if (!sid) return 0;
-       return 8 + 4*sid->num_auths;
-}
-
-size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags)
-{
-       struct dom_sid zero_sid;
-
-       if (!sid) return 0;
-
-       ZERO_STRUCT(zero_sid);
-
-       if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
-               return 0;
-       }
-
-       return 8 + 4*sid->num_auths;
-}
-
-size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags)
-{
-       return ndr_size_dom_sid28(sid, flags);
-}
-
-enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r)
-{
-       uint32_t cntr_sub_auths_0;
-       if (ndr_flags & NDR_SCALARS) {
-               NDR_CHECK(ndr_push_align(ndr, 4));
-               NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num));
-               NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths));
-               NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
-               for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
-                       NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0]));
-               }
-       }
-       if (ndr_flags & NDR_BUFFERS) {
-       }
-       return NDR_ERR_SUCCESS;
-}
-
-enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r)
-{
-       uint32_t cntr_sub_auths_0;
-       if (ndr_flags & NDR_SCALARS) {
-               NDR_CHECK(ndr_pull_align(ndr, 4));
-               NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num));
-               NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->num_auths));
-               if (r->num_auths > 15) {
-                       return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
-               }
-               NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6));
-               for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) {
-                       NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0]));
-               }
-       }
-       if (ndr_flags & NDR_BUFFERS) {
-       }
-       return NDR_ERR_SUCCESS;
-}
-
 /*
   convert a dom_sid to a string
 */
@@ -123,161 +57,3 @@ char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
        
        return ret;
 }
-
-/*
-  parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
-*/
-enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
-{
-       uint32_t num_auths;
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-       NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths));
-       NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid));
-       if (sid->num_auths != num_auths) {
-               return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, 
-                                     "Bad array size %u should exceed %u", 
-                                     num_auths, sid->num_auths);
-       }
-       return NDR_ERR_SUCCESS;
-}
-
-/*
-  parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
-*/
-enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
-{
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-       NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths));
-       return ndr_push_dom_sid(ndr, ndr_flags, sid);
-}
-
-/*
-  parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth
-*/
-enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
-{
-       enum ndr_err_code status;
-       struct ndr_pull *subndr;
-
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       subndr = talloc_zero(ndr, struct ndr_pull);
-       NDR_ERR_HAVE_NO_MEMORY(subndr);
-       subndr->flags           = ndr->flags;
-       subndr->current_mem_ctx = ndr->current_mem_ctx;
-
-       subndr->data            = ndr->data + ndr->offset;
-       subndr->data_size       = 28;
-       subndr->offset          = 0;
-
-       NDR_CHECK(ndr_pull_advance(ndr, 28));
-
-       status = ndr_pull_dom_sid(subndr, ndr_flags, sid);
-       if (!NDR_ERR_CODE_IS_SUCCESS(status)) {
-               /* handle a w2k bug which send random data in the buffer */
-               ZERO_STRUCTP(sid);
-       }
-
-       return NDR_ERR_SUCCESS;
-}
-
-/*
-  push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer
-*/
-enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
-{
-       uint32_t old_offset;
-       uint32_t padding;
-
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       if (sid->num_auths > 5) {
-               return ndr_push_error(ndr, NDR_ERR_RANGE, 
-                                     "dom_sid28 allows only upto 5 sub auth [%u]", 
-                                     sid->num_auths);
-       }
-
-       old_offset = ndr->offset;
-       NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid));
-
-       padding = 28 - (ndr->offset - old_offset);
-
-       if (padding > 0) {
-               NDR_CHECK(ndr_push_zero(ndr, padding));
-       }
-
-       return NDR_ERR_SUCCESS;
-}
-
-/*
-  parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty
-*/
-enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
-{
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       if (ndr->data_size == ndr->offset) {
-               ZERO_STRUCTP(sid);
-               return NDR_ERR_SUCCESS;
-       }
-
-       return ndr_pull_dom_sid(ndr, ndr_flags, sid);
-}
-
-/*
-  push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty
-*/
-enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
-{
-       struct dom_sid zero_sid;
-
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       if (!sid) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       ZERO_STRUCT(zero_sid);
-
-       if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       return ndr_push_dom_sid(ndr, ndr_flags, sid);
-}
-
-/*
-  print a dom_sid
-*/
-void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid));
-}
-
-void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr_print_dom_sid(ndr, name, sid);
-}
-
-void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr_print_dom_sid(ndr, name, sid);
-}
-
-void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr_print_dom_sid(ndr, name, sid);
-}
-
index b6edaac41402160752357d24d7e1142af184bde3..c906282a31bf8dc64df606bc7c860e34769af97d 100644 (file)
@@ -50,7 +50,7 @@ rpc_server/dcerpc_server.h: dcerpc_server.h
 rpc_server/common/common.h: dcerpc_server/common.h
 libcli/auth/credentials.h: domain_credentials.h
 ../lib/util/charset/charset.h: charset.h
-libcli/ldap/ldap.h: ldap.h
+libcli/ldap/ldap.h: ldap-util.h
 ../lib/torture/torture.h: torture.h
 libcli/libcli.h: client.h
 librpc/gen_ndr/nbt.h: gen_ndr/nbt.h
index 1a7519e362988095b9bb945c7556a5f37f4adceb..d8a83f2abbce97e5f67b85c8523b6c88225a3c8f 100644 (file)
@@ -122,11 +122,6 @@ struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr)
                return NULL;
        }
 
-       ret->sub_auths = talloc_array(ret, uint32_t, num_sub_auths);
-       if (!ret->sub_auths) {
-               return NULL;
-       }
-
        ret->sid_rev_num = rev;
        ret->id_auth[0] = 0;
        ret->id_auth[1] = 0;
@@ -183,11 +178,6 @@ struct dom_sid *dom_sid_dup(TALLOC_CTX *mem_ctx, const struct dom_sid *dom_sid)
                return NULL;
        }
 
-       ret->sub_auths = talloc_array(ret, uint32_t, dom_sid->num_auths);
-       if (!ret->sub_auths) {
-               return NULL;
-       }
-
        ret->sid_rev_num = dom_sid->sid_rev_num;
        ret->id_auth[0] = dom_sid->id_auth[0];
        ret->id_auth[1] = dom_sid->id_auth[1];
@@ -206,7 +196,7 @@ struct dom_sid *dom_sid_dup(TALLOC_CTX *mem_ctx, const struct dom_sid *dom_sid)
 
 /*
   add a rid to a domain dom_sid to make a full dom_sid. This function
-  returns a new sid in the suppplied memory context
+  returns a new sid in the supplied memory context
 */
 struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, 
                                const struct dom_sid *domain_sid, 
@@ -219,11 +209,6 @@ struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx,
 
        *sid = *domain_sid;
 
-       sid->sub_auths = talloc_array(sid, uint32_t, sid->num_auths+1);
-       if (!sid->sub_auths) {
-               return NULL;
-       }
-       memcpy(sid->sub_auths, domain_sid->sub_auths, sid->num_auths*sizeof(uint32_t));
        sid->sub_auths[sid->num_auths] = rid;
        sid->num_auths++;
 
index 09522f182a8b6f1d8746c5626eb176d24d851b0a..a8d893f0855ff13b544bee3797815d04bdfe8c6f 100644 (file)
@@ -249,7 +249,6 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
                return false;
        }
        ace->trustee = *sid;
-       talloc_steal(mem_ctx, sid->sub_auths);
        talloc_free(sid);
 
        return true;
index 882284dd9b28ebe7ccd6aa7fae4d269971ccb128..2bce8e8b08a08a2ac3ecdb5583fefdaa291cab3c 100644 (file)
@@ -65,18 +65,6 @@ static struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx,
                goto failed;
        }
 
-       /* remapping array in trustee dom_sid from old acl to new acl */
-
-       for (i = 0; i < oacl->num_aces; i++) {
-               nacl->aces[i].trustee.sub_auths = 
-                       (uint32_t *)talloc_memdup(nacl->aces, nacl->aces[i].trustee.sub_auths,
-                                     sizeof(uint32_t) * nacl->aces[i].trustee.num_auths);
-
-               if ((nacl->aces[i].trustee.sub_auths == NULL) && (nacl->aces[i].trustee.num_auths > 0)) {
-                       goto failed;
-               }
-       }
-
        nacl->revision = oacl->revision;
        nacl->size = oacl->size;
        nacl->num_aces = oacl->num_aces;
@@ -175,14 +163,6 @@ static NTSTATUS security_descriptor_acl_add(struct security_descriptor *sd,
        }
 
        acl->aces[acl->num_aces] = *ace;
-       acl->aces[acl->num_aces].trustee.sub_auths =
-               (uint32_t *)talloc_memdup(acl->aces,
-                             acl->aces[acl->num_aces].trustee.sub_auths,
-                             sizeof(uint32_t) *
-                             acl->aces[acl->num_aces].trustee.num_auths);
-       if (acl->aces[acl->num_aces].trustee.sub_auths == NULL) {
-               return NT_STATUS_NO_MEMORY;
-       }
 
        switch (acl->aces[acl->num_aces].type) {
        case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
index adea0711857dded294b281f05888f9f8e52159ef..65c473779fb1d4ff23cd7df0fa2df222bc5a9e66 100644 (file)
@@ -54,10 +54,9 @@ PUBLIC_DEPENDENCIES = LIBNDR LIBSECURITY
 
 NDR_SECURITY_OBJ_FILES = $(gen_ndrsrcdir)/ndr_security.o \
                         ../librpc/ndr/ndr_sec_helper.o \
-                        $(gen_ndrsrcdir)/ndr_dom_sid.o \
-                        $(ndrsrcdir)/ndr_dom_sid.o
+                        $(gen_ndrsrcdir)/ndr_dom_sid.o
 
-PUBLIC_HEADERS += $(addprefix $(gen_ndrsrcdir)/, security.h dom_sid.h)
+PUBLIC_HEADERS += $(addprefix $(gen_ndrsrcdir)/, security.h)
 
 
 [SUBSYSTEM::NDR_AUDIOSRV]
@@ -737,15 +736,9 @@ PRIVATE_DEPENDENCIES = RPC_NDR_DRSUAPI PYTALLOC param swig_credentials python_dc
 
 python_drsuapi_OBJ_FILES = $(gen_ndrsrcdir)/py_drsuapi.o
 
-[PYTHON::python_dcerpc_dom_sid]
-LIBRARY_REALNAME = samba/dcerpc/dom_sid.$(SHLIBEXT)
-PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc_misc python_dcerpc
-
-python_dcerpc_dom_sid_OBJ_FILES = $(gen_ndrsrcdir)/py_dom_sid.o
-
 [PYTHON::python_dcerpc_security]
 LIBRARY_REALNAME = samba/dcerpc/security.$(SHLIBEXT)
-PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc_misc python_dcerpc_dom_sid python_dcerpc
+PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc_misc python_dcerpc
 
 python_dcerpc_security_OBJ_FILES = $(gen_ndrsrcdir)/py_security.o
 
index 1fc8ee2165593449fa072493a8acfc5f3db1d992..172dda4faedfe4509f89a56a8a91389fcac56962 100644 (file)
@@ -1,42 +1,12 @@
-/*
-   use the same structure for dom_sid2 as dom_sid. A dom_sid2 is really
-   just a dom sid, but with the sub_auths represented as a conformant
-   array. As with all in-structure conformant arrays, the array length
-   is placed before the start of the structure. That's what gives rise
-   to the extra num_auths elemenent. We don't want the Samba code to
-   have to bother with such esoteric NDR details, so its easier to just
-   define it as a dom_sid and use pidl magic to make it all work. It
-   just means you need to mark a sid as a "dom_sid2" in the IDL when you
-   know it is of the conformant array variety
-*/
-cpp_quote("#define dom_sid2 dom_sid")
-
-/* same struct as dom_sid but inside a 28 bytes fixed buffer in NDR */
-cpp_quote("#define dom_sid28 dom_sid")
-
-/* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */
-cpp_quote("#define dom_sid0 dom_sid")
-
 [
        pointer_default(unique)
 ]
 interface dom_sid
 {
-       /* a domain SID. Note that unlike Samba3 this contains a pointer,
-          so you can't copy them using assignment */
-       typedef [public,gensize,noprint,nosize] struct {
-               uint8  sid_rev_num;             /**< SID revision number */
-               [range(0,15)] int8  num_auths;  /**< Number of sub-authorities */
-               uint8  id_auth[6];              /**< Identifier Authority */
-               uint32 sub_auths[num_auths];
-       } dom_sid;
-
        /* id used to identify a endpoint, possibly in a cluster */
        typedef [public] struct {
                hyper id;
                uint32 id2;
                uint32 node;
        } server_id;
-
 }
-
diff --git a/source4/librpc/ndr/ndr_dom_sid.c b/source4/librpc/ndr/ndr_dom_sid.c
deleted file mode 100644 (file)
index b986231..0000000
+++ /dev/null
@@ -1,217 +0,0 @@
-/* 
-   Unix SMB/CIFS implementation.
-
-   fast routines for getting the wire size of security objects
-
-   Copyright (C) Andrew Tridgell 2003
-   Copyright (C) Stefan Metzmacher 2006-2008
-   
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-
-#include "includes.h"
-#include "librpc/gen_ndr/ndr_security.h"
-#include "libcli/security/security.h"
-
-/*
-  return the wire size of a dom_sid
-*/
-size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags)
-{
-       if (!sid) return 0;
-       return 8 + 4*sid->num_auths;
-}
-
-size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags)
-{
-       struct dom_sid zero_sid;
-
-       if (!sid) return 0;
-
-       ZERO_STRUCT(zero_sid);
-
-       if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
-               return 0;
-       }
-
-       return 8 + 4*sid->num_auths;
-}
-
-size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags)
-{
-       return ndr_size_dom_sid28(sid, flags);
-}
-
-/*
-  print a dom_sid
-*/
-void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid));
-}
-
-void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr_print_dom_sid(ndr, name, sid);
-}
-
-void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr_print_dom_sid(ndr, name, sid);
-}
-
-void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
-{
-       ndr_print_dom_sid(ndr, name, sid);
-}
-
-
-/*
-  parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
-*/
-enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
-{
-       uint32_t num_auths;
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-       NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths));
-       NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid));
-       if (sid->num_auths != num_auths) {
-               return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, 
-                                     "Bad array size %u should exceed %u", 
-                                     num_auths, sid->num_auths);
-       }
-       return NDR_ERR_SUCCESS;
-}
-
-/*
-  parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
-*/
-enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
-{
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-       NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths));
-       return ndr_push_dom_sid(ndr, ndr_flags, sid);
-}
-
-/*
-  parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth
-*/
-enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
-{
-       enum ndr_err_code status;
-       struct ndr_pull *subndr;
-
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       subndr = talloc_zero(ndr, struct ndr_pull);
-       NDR_ERR_HAVE_NO_MEMORY(subndr);
-       subndr->flags           = ndr->flags;
-       subndr->current_mem_ctx = ndr->current_mem_ctx;
-
-       subndr->data            = ndr->data + ndr->offset;
-       subndr->data_size       = 28;
-       subndr->offset          = 0;
-
-       NDR_CHECK(ndr_pull_advance(ndr, 28));
-
-       status = ndr_pull_dom_sid(subndr, ndr_flags, sid);
-       if (!NDR_ERR_CODE_IS_SUCCESS(status)) {
-               /* handle a w2k bug which send random data in the buffer */
-               ZERO_STRUCTP(sid);
-       } else if (sid->num_auths == 0 && sid->sub_auths) {
-               talloc_free(sid->sub_auths);
-               sid->sub_auths = NULL;
-       }
-
-       return NDR_ERR_SUCCESS;
-}
-
-/*
-  push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer
-*/
-enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
-{
-       uint32_t old_offset;
-       uint32_t padding;
-
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       if (sid->num_auths > 5) {
-               return ndr_push_error(ndr, NDR_ERR_RANGE, 
-                                     "dom_sid28 allows only upto 5 sub auth [%u]", 
-                                     sid->num_auths);
-       }
-
-       old_offset = ndr->offset;
-       NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid));
-
-       padding = 28 - (ndr->offset - old_offset);
-
-       if (padding > 0) {
-               NDR_CHECK(ndr_push_zero(ndr, padding));
-       }
-
-       return NDR_ERR_SUCCESS;
-}
-
-/*
-  parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty
-*/
-enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
-{
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       if (ndr->data_size == ndr->offset) {
-               ZERO_STRUCTP(sid);
-               return NDR_ERR_SUCCESS;
-       }
-
-       return ndr_pull_dom_sid(ndr, ndr_flags, sid);
-}
-
-/*
-  push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty
-*/
-enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
-{
-       struct dom_sid zero_sid;
-
-       if (!(ndr_flags & NDR_SCALARS)) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       if (!sid) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       ZERO_STRUCT(zero_sid);
-
-       if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
-               return NDR_ERR_SUCCESS;
-       }
-
-       return ndr_push_dom_sid(ndr, ndr_flags, sid);
-}
-
index 5e5a5e81cde1e8f38434e83b44f03a54b972a66c..b72b9fcb099de0af12dc993c121d8976d7ae6fe6 100644 (file)
@@ -127,11 +127,6 @@ static bool sid_parse(void *mem_ctx,
        torture_assert(torture, (*psid)->num_auths <= 15,
                        "invalid sub_auth value");
 
-       (*psid)->sub_auths = talloc_array(mem_ctx, uint32_t,
-                       (*psid)->num_auths);
-       torture_assert(torture, (*psid)->sub_auths != NULL,
-                       "out of memory");
-
         for (i = 0; i < (*psid)->num_auths; i++) {
                 (*psid)->sub_auths[i] = IVAL(data->data, *offset);
                (*offset) += 4;