enum ndr_err_code ndr_pull_security_ace(struct ndr_pull *ndr, int ndr_flags, struct security_ace *r)
{
if (ndr_flags & NDR_SCALARS) {
uint32_t start_ofs = ndr->offset;
uint32_t size = 0;
uint32_t pad = 0;
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_security_ace_type(ndr, NDR_SCALARS, &r->type));
NDR_CHECK(ndr_pull_security_ace_flags(ndr, NDR_SCALARS, &r->flags));
NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->size));
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->access_mask));
NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->object, r->type));
NDR_CHECK(ndr_pull_security_ace_object_ctr(ndr, NDR_SCALARS, &r->object));
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, &r->trustee));
size = ndr->offset - start_ofs;
if (r->size < size) {
return ndr_pull_error(ndr, NDR_ERR_BUFSIZE,
"ndr_pull_security_ace: r->size %u < size %u",
(unsigned)r->size, size);
}
pad = r->size - size;
NDR_PULL_NEED_BYTES(ndr, pad);
ndr->offset += pad;
}
if (ndr_flags & NDR_BUFFERS) {
NDR_CHECK(ndr_pull_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object));
}
return NDR_ERR_SUCCESS;
}
/*
parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth
*/
enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
{
enum ndr_err_code status;
struct ndr_pull *subndr;
if (!(ndr_flags & NDR_SCALARS)) {
return NDR_ERR_SUCCESS;
}
subndr = talloc_zero(ndr, struct ndr_pull);
NDR_ERR_HAVE_NO_MEMORY(subndr);
subndr->flags = ndr->flags;
subndr->current_mem_ctx = ndr->current_mem_ctx;
subndr->data = ndr->data + ndr->offset;
subndr->data_size = 28;
subndr->offset = 0;
NDR_CHECK(ndr_pull_advance(ndr, 28));
status = ndr_pull_dom_sid(subndr, ndr_flags, sid);
if (!NDR_ERR_CODE_IS_SUCCESS(status)) {
/* handle a w2k bug which send random data in the buffer */
ZERO_STRUCTP(sid);
} else if (sid->num_auths == 0 && sid->sub_auths) {
ZERO_STRUCT(sid->sub_auths);
}
return NDR_ERR_SUCCESS;
}
_PUBLIC_ enum ndr_err_code ndr_pull_TRUSTED_DOM_PASS(struct ndr_pull *ndr, int ndr_flags, struct TRUSTED_DOM_PASS *r)
{
{
uint32_t _flags_save_STRUCT = ndr->flags;
ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN);
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->uni_name_len));
NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->uni_name, 32, sizeof(uint16_t), CH_UTF16));
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->pass_len));
{
uint32_t _flags_save_string = ndr->flags;
ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->pass));
ndr->flags = _flags_save_string;
}
NDR_CHECK(ndr_pull_time_t(ndr, NDR_SCALARS, &r->mod_time));
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, &r->domain_sid));
NDR_CHECK(ndr_pull_trailer_align(ndr, 4));
}
if (ndr_flags & NDR_BUFFERS) {
}
ndr->flags = _flags_save_STRUCT;
}
return NDR_ERR_SUCCESS;
}
/*
parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth
*/
NTSTATUS ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
{
NTSTATUS status;
struct ndr_pull *subndr;
if (!(ndr_flags & NDR_SCALARS)) {
return NT_STATUS_OK;
}
subndr = talloc_zero(ndr, struct ndr_pull);
NT_STATUS_HAVE_NO_MEMORY(subndr);
subndr->flags = ndr->flags;
subndr->current_mem_ctx = ndr->current_mem_ctx;
subndr->data = ndr->data + ndr->offset;
subndr->data_size = 28;
subndr->offset = 0;
NDR_CHECK(ndr_pull_advance(ndr, 28));
status = ndr_pull_dom_sid(subndr, ndr_flags, sid);
if (!NT_STATUS_IS_OK(status)) {
/* handle a w2k bug which send random data in the buffer */
ZERO_STRUCTP(sid);
}
return NT_STATUS_OK;
}
/*
parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty
*/
enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
{
if (!(ndr_flags & NDR_SCALARS)) {
return NDR_ERR_SUCCESS;
}
if (ndr->data_size == ndr->offset) {
ZERO_STRUCTP(sid);
return NDR_ERR_SUCCESS;
}
return ndr_pull_dom_sid(ndr, ndr_flags, sid);
}
/*
parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
*/
enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid)
{
uint32_t num_auths;
if (!(ndr_flags & NDR_SCALARS)) {
return NDR_ERR_SUCCESS;
}
NDR_CHECK(ndr_pull_uint3264(ndr, NDR_SCALARS, &num_auths));
NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid));
if (sid->num_auths != num_auths) {
return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE,
"Bad array size %u should exceed %u",
num_auths, sid->num_auths);
}
return NDR_ERR_SUCCESS;
}
NTSTATUS ndr_pull_security_ace(struct ndr_pull *ndr, int ndr_flags, struct security_ace *r)
{
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_security_ace_type(ndr, NDR_SCALARS, &r->type));
NDR_CHECK(ndr_pull_security_ace_flags(ndr, NDR_SCALARS, &r->flags));
NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->size));
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->access_mask));
NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->object, r->type));
NDR_CHECK(ndr_pull_security_ace_object_ctr(ndr, NDR_SCALARS, &r->object));
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, &r->trustee));
}
if (ndr_flags & NDR_BUFFERS) {
NDR_CHECK(ndr_pull_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object));
}
return NT_STATUS_OK;
}
_PUBLIC_ enum ndr_err_code ndr_pull_bkrp_access_check_v3(struct ndr_pull *ndr, int ndr_flags, struct bkrp_access_check_v3 *r)
{
if (ndr_flags & NDR_SCALARS) {
size_t ofs;
size_t pad;
NDR_CHECK(ndr_pull_align(ndr, 4));
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->magic));
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->nonce_len));
NDR_PULL_ALLOC_N(ndr, r->nonce, r->nonce_len);
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->nonce, r->nonce_len));
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, &r->sid));
ofs = ndr->offset + 64;
pad = ndr_align_size(ofs, 16);
NDR_CHECK(ndr_pull_advance(ndr, pad));
NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->hash, 64));
NDR_CHECK(ndr_pull_trailer_align(ndr, 4));
}
if (ndr_flags & NDR_BUFFERS) {
}
return NDR_ERR_SUCCESS;
}
_PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr_flags, struct security_token *r)
{
uint32_t _ptr_user_sid;
TALLOC_CTX *_mem_save_user_sid_0;
uint32_t _ptr_group_sid;
TALLOC_CTX *_mem_save_group_sid_0;
uint32_t _ptr_sids;
uint32_t cntr_sids_0;
TALLOC_CTX *_mem_save_sids_0;
TALLOC_CTX *_mem_save_sids_1;
uint32_t _ptr_default_dacl;
TALLOC_CTX *_mem_save_default_dacl_0;
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 5));
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user_sid));
if (_ptr_user_sid) {
NDR_PULL_ALLOC(ndr, r->user_sid);
} else {
r->user_sid = NULL;
}
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_group_sid));
if (_ptr_group_sid) {
NDR_PULL_ALLOC(ndr, r->group_sid);
} else {
r->group_sid = NULL;
}
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_sids));
NDR_CHECK(ndr_pull_array_size(ndr, &r->sids));
NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids));
_mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0);
for (cntr_sids_0 = 0; cntr_sids_0 < r->num_sids; cntr_sids_0++) {
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sids));
if (_ptr_sids) {
NDR_PULL_ALLOC(ndr, r->sids[cntr_sids_0]);
} else {
r->sids[cntr_sids_0] = NULL;
}
}
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_0, 0);
NDR_CHECK(ndr_pull_udlong(ndr, NDR_SCALARS, &r->privilege_mask));
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_default_dacl));
if (_ptr_default_dacl) {
NDR_PULL_ALLOC(ndr, r->default_dacl);
} else {
r->default_dacl = NULL;
}
if (r->sids) {
NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->sids, r->num_sids));
}
NDR_CHECK(ndr_pull_trailer_align(ndr, 5));
}
if (ndr_flags & NDR_BUFFERS) {
if (r->user_sid) {
_mem_save_user_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->user_sid, 0);
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->user_sid));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_sid_0, 0);
}
if (r->group_sid) {
_mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0);
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0);
}
_mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0);
for (cntr_sids_0 = 0; cntr_sids_0 < r->num_sids; cntr_sids_0++) {
if (r->sids[cntr_sids_0]) {
_mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->sids[cntr_sids_0], 0);
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0]));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0);
}
}
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_0, 0);
if (r->default_dacl) {
_mem_save_default_dacl_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->default_dacl, 0);
NDR_CHECK(ndr_pull_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->default_dacl));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_default_dacl_0, 0);
}
}
return NDR_ERR_SUCCESS;
}
_PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor(struct ndr_pull *ndr, int ndr_flags, struct security_descriptor *r)
{
uint32_t _ptr_owner_sid;
TALLOC_CTX *_mem_save_owner_sid_0;
uint32_t _ptr_group_sid;
TALLOC_CTX *_mem_save_group_sid_0;
uint32_t _ptr_sacl;
TALLOC_CTX *_mem_save_sacl_0;
uint32_t _ptr_dacl;
TALLOC_CTX *_mem_save_dacl_0;
{
uint32_t _flags_save_STRUCT = ndr->flags;
ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN);
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 5));
NDR_CHECK(ndr_pull_security_descriptor_revision(ndr, NDR_SCALARS, &r->revision));
NDR_CHECK(ndr_pull_security_descriptor_type(ndr, NDR_SCALARS, &r->type));
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_owner_sid));
if (_ptr_owner_sid) {
NDR_PULL_ALLOC(ndr, r->owner_sid);
NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->owner_sid, _ptr_owner_sid));
} else {
r->owner_sid = NULL;
}
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_group_sid));
if (_ptr_group_sid) {
NDR_PULL_ALLOC(ndr, r->group_sid);
NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->group_sid, _ptr_group_sid));
} else {
r->group_sid = NULL;
}
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sacl));
if (_ptr_sacl) {
NDR_PULL_ALLOC(ndr, r->sacl);
NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->sacl, _ptr_sacl));
} else {
r->sacl = NULL;
}
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_dacl));
if (_ptr_dacl) {
NDR_PULL_ALLOC(ndr, r->dacl);
NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->dacl, _ptr_dacl));
} else {
r->dacl = NULL;
}
NDR_CHECK(ndr_pull_trailer_align(ndr, 5));
}
if (ndr_flags & NDR_BUFFERS) {
if (r->owner_sid) {
uint32_t _relative_save_offset;
_relative_save_offset = ndr->offset;
NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->owner_sid));
_mem_save_owner_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->owner_sid, 0);
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->owner_sid));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_owner_sid_0, 0);
ndr->offset = _relative_save_offset;
}
if (r->group_sid) {
uint32_t _relative_save_offset;
_relative_save_offset = ndr->offset;
NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->group_sid));
_mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0);
NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0);
ndr->offset = _relative_save_offset;
}
if (r->sacl) {
uint32_t _relative_save_offset;
_relative_save_offset = ndr->offset;
NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->sacl));
_mem_save_sacl_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->sacl, 0);
NDR_CHECK(ndr_pull_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->sacl));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sacl_0, 0);
ndr->offset = _relative_save_offset;
}
if (r->dacl) {
uint32_t _relative_save_offset;
_relative_save_offset = ndr->offset;
NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->dacl));
_mem_save_dacl_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->dacl, 0);
NDR_CHECK(ndr_pull_security_acl(ndr, NDR_SCALARS|NDR_BUFFERS, r->dacl));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dacl_0, 0);
ndr->offset = _relative_save_offset;
}
}
ndr->flags = _flags_save_STRUCT;
}
return NDR_ERR_SUCCESS;
}
