/* use ndr_print_* to convert a NDR formatted blob to a ldif formatted blob If mask_errors is true, then function succeeds but out data is set to "<Unable to decode binary data>" message \return 0 on success; -1 on error */ static int ldif_write_NDR(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out, size_t struct_size, ndr_pull_flags_fn_t pull_fn, ndr_print_fn_t print_fn, bool mask_errors) { uint8_t *p; enum ndr_err_code err; if (!(ldb_get_flags(ldb) & LDB_FLG_SHOW_BINARY)) { return ldb_handler_copy(ldb, mem_ctx, in, out); } p = talloc_size(mem_ctx, struct_size); err = ndr_pull_struct_blob(in, mem_ctx, p, pull_fn); if (err != NDR_ERR_SUCCESS) { /* fail in not in mask_error mode */ if (!mask_errors) { return -1; } talloc_free(p); out->data = (uint8_t *)talloc_strdup(mem_ctx, "<Unable to decode binary data>"); out->length = strlen((const char *)out->data); return 0; } out->data = (uint8_t *)ndr_print_struct_string(mem_ctx, print_fn, "NDR", p); talloc_free(p); if (out->data == NULL) { return ldb_handler_copy(ldb, mem_ctx, in, out); } out->length = strlen((char *)out->data); return 0; }
static void acl_debug(struct security_descriptor *sd, struct security_token *token, struct ldb_dn *dn, bool denied, int level) { if (denied) { DEBUG(level, ("Access on %s denied", ldb_dn_get_linearized(dn))); } else { DEBUG(level, ("Access on %s granted", ldb_dn_get_linearized(dn))); } DEBUG(level,("Security context: %s\n", ndr_print_struct_string(0,(ndr_print_fn_t)ndr_print_security_token,"", token))); DEBUG(level,("Security descriptor: %s\n", ndr_print_struct_string(0,(ndr_print_fn_t)ndr_print_security_descriptor,"", sd))); }
static int ldif_write_dn_binary_NDR(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out, size_t struct_size, ndr_pull_flags_fn_t pull_fn, ndr_print_fn_t print_fn, bool mask_errors) { uint8_t *p = NULL; enum ndr_err_code err; struct dsdb_dn *dsdb_dn = NULL; char *dn_str = NULL; char *str = NULL; if (!(ldb_get_flags(ldb) & LDB_FLG_SHOW_BINARY)) { return ldb_handler_copy(ldb, mem_ctx, in, out); } dsdb_dn = dsdb_dn_parse(mem_ctx, ldb, in, DSDB_SYNTAX_BINARY_DN); if (dsdb_dn == NULL) { return ldb_handler_copy(ldb, mem_ctx, in, out); } p = talloc_size(dsdb_dn, struct_size); if (p == NULL) { TALLOC_FREE(dsdb_dn); return ldb_handler_copy(ldb, mem_ctx, in, out); } err = ndr_pull_struct_blob(&dsdb_dn->extra_part, p, p, pull_fn); if (err != NDR_ERR_SUCCESS) { /* fail in not in mask_error mode */ if (!mask_errors) { return -1; } TALLOC_FREE(dsdb_dn); return ldb_handler_copy(ldb, mem_ctx, in, out); } dn_str = ldb_dn_get_extended_linearized(dsdb_dn, dsdb_dn->dn, 1); if (dn_str == NULL) { TALLOC_FREE(dsdb_dn); return ldb_handler_copy(ldb, mem_ctx, in, out); } str = ndr_print_struct_string(mem_ctx, print_fn, dn_str, p); TALLOC_FREE(dsdb_dn); if (str == NULL) { return ldb_handler_copy(ldb, mem_ctx, in, out); } *out = data_blob_string_const(str); return 0; }
/* convert a string formatted SDDL to a ldif formatted ntSecurityDescriptor (SDDL format) */ static int ldif_write_sddlSecurityDescriptor(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out) { if (ldb_get_flags(ldb) & LDB_FLG_SHOW_BINARY) { struct security_descriptor *sd; const struct dom_sid *sid = samdb_domain_sid(ldb); sd = sddl_decode(mem_ctx, (const char *)in->data, sid); out->data = (uint8_t *)ndr_print_struct_string(mem_ctx, (ndr_print_fn_t)ndr_print_security_descriptor, "SDDL", sd); out->length = strlen((const char *)out->data); talloc_free(sd); return 0; } return ldb_handler_copy(ldb, mem_ctx, in, out); }