- Add new server type "struct security_descriptor".
- Add tracing for this new type.
This commit is contained in:
Robert Shearman
Alexandre Julliard
parent
8016f6cc62
commit
7bff35428b
|
|
@ -162,6 +162,21 @@ typedef struct
|
|||
unsigned short attr;
|
||||
} char_info_t;
|
||||
|
||||
#define MAX_ACL_LEN 65535
|
||||
|
||||
struct security_descriptor
|
||||
{
|
||||
unsigned int control;
|
||||
size_t owner_len;
|
||||
size_t group_len;
|
||||
size_t sacl_len;
|
||||
size_t dacl_len;
|
||||
|
||||
|
||||
|
||||
|
||||
};
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -178,6 +178,21 @@ typedef struct
|
|||
unsigned short attr;
|
||||
} char_info_t;
|
||||
|
||||
#define MAX_ACL_LEN 65535
|
||||
|
||||
struct security_descriptor
|
||||
{
|
||||
unsigned int control; /* SE_ flags */
|
||||
size_t owner_len;
|
||||
size_t group_len;
|
||||
size_t sacl_len;
|
||||
size_t dacl_len;
|
||||
/* VARARGS(owner,SID); */
|
||||
/* VARARGS(group,SID); */
|
||||
/* VARARGS(sacl,ACL); */
|
||||
/* VARARGS(dacl,ACL); */
|
||||
};
|
||||
|
||||
/****************************************************************/
|
||||
/* Request declarations */
|
||||
|
||||
|
|
|
|||
112
server/trace.c
112
server/trace.c
|
|
@ -424,6 +424,118 @@ static void dump_varargs_LUID_AND_ATTRIBUTES( size_t size )
|
|||
remove_data( size );
|
||||
}
|
||||
|
||||
static void dump_inline_sid( const SID *sid, size_t size )
|
||||
{
|
||||
DWORD i;
|
||||
|
||||
/* security check */
|
||||
if ((size < sizeof(SID)) ||
|
||||
(FIELD_OFFSET(SID, SubAuthority[sid->SubAuthorityCount]) > size))
|
||||
return;
|
||||
|
||||
fputc( '{', stderr );
|
||||
fprintf( stderr, "S-%u-%lu", sid->Revision, MAKELONG(
|
||||
MAKEWORD( sid->IdentifierAuthority.Value[5],
|
||||
sid->IdentifierAuthority.Value[4] ),
|
||||
MAKEWORD( sid->IdentifierAuthority.Value[3],
|
||||
sid->IdentifierAuthority.Value[2] ) ) );
|
||||
for (i = 0; i < sid->SubAuthorityCount; i++)
|
||||
fprintf( stderr, "-%lu", sid->SubAuthority[i] );
|
||||
fputc( '}', stderr );
|
||||
}
|
||||
|
||||
static void dump_inline_acl( const ACL *acl, size_t size )
|
||||
{
|
||||
const ACE_HEADER *ace;
|
||||
ULONG i;
|
||||
fputc( '{', stderr );
|
||||
|
||||
if (size)
|
||||
{
|
||||
if (size < sizeof(ACL))
|
||||
return;
|
||||
size -= sizeof(ACL);
|
||||
ace = (const ACE_HEADER *)(acl + 1);
|
||||
for (i = 0; i < acl->AceCount; i++)
|
||||
{
|
||||
const SID *sid = NULL;
|
||||
|
||||
if (size < sizeof(ACE_HEADER))
|
||||
return;
|
||||
if (size < ace->AceSize)
|
||||
return;
|
||||
size -= ace->AceSize;
|
||||
fprintf( stderr, "{AceType=" );
|
||||
switch (ace->AceType)
|
||||
{
|
||||
case ACCESS_DENIED_ACE_TYPE:
|
||||
sid = (const SID *)&((const ACCESS_DENIED_ACE *)ace)->SidStart;
|
||||
fprintf( stderr, "ACCESS_DENIED_ACE_TYPE" );
|
||||
break;
|
||||
case ACCESS_ALLOWED_ACE_TYPE:
|
||||
sid = (const SID *)&((const ACCESS_ALLOWED_ACE *)ace)->SidStart;
|
||||
fprintf( stderr, "ACCESS_ALLOWED_ACE_TYPE" );
|
||||
break;
|
||||
case SYSTEM_AUDIT_ACE_TYPE:
|
||||
sid = (const SID *)&((const SYSTEM_AUDIT_ACE *)ace)->SidStart;
|
||||
fprintf( stderr, "SYSTEM_AUDIT_ACE_TYPE" );
|
||||
break;
|
||||
case SYSTEM_ALARM_ACE_TYPE:
|
||||
sid = (const SID *)&((const SYSTEM_ALARM_ACE *)ace)->SidStart;
|
||||
fprintf( stderr, "SYSTEM_ALARM_ACE_TYPE" );
|
||||
break;
|
||||
default:
|
||||
fprintf( stderr, "unknown<%d>", ace->AceType );
|
||||
break;
|
||||
}
|
||||
fprintf( stderr, ",AceFlags=%x,Sid=", ace->AceFlags );
|
||||
if (sid)
|
||||
dump_inline_sid( sid, size );
|
||||
ace = (const ACE_HEADER *)((const char *)ace + ace->AceSize);
|
||||
fputc( '}', stderr );
|
||||
}
|
||||
}
|
||||
fputc( '}', stderr );
|
||||
}
|
||||
|
||||
static void dump_inline_security_descriptor( const struct security_descriptor *sd, size_t size )
|
||||
{
|
||||
fputc( '{', stderr );
|
||||
if (size >= sizeof(struct security_descriptor))
|
||||
{
|
||||
size_t offset = sizeof(struct security_descriptor);
|
||||
fprintf( stderr, "control=%08x", sd->control );
|
||||
fprintf( stderr, ",owner=" );
|
||||
if ((sd->owner_len > FIELD_OFFSET(SID, SubAuthority[255])) || (offset + sd->owner_len > size))
|
||||
return;
|
||||
dump_inline_sid( (const SID *)((const char *)sd + offset), sd->owner_len );
|
||||
offset += sd->owner_len;
|
||||
fprintf( stderr, ",group=" );
|
||||
if ((sd->group_len > FIELD_OFFSET(SID, SubAuthority[255])) || (offset + sd->group_len > size))
|
||||
return;
|
||||
dump_inline_sid( (const SID *)((const char *)sd + offset), sd->group_len );
|
||||
offset += sd->group_len;
|
||||
fprintf( stderr, ",sacl=" );
|
||||
if ((sd->sacl_len >= MAX_ACL_LEN) || (offset + sd->sacl_len > size))
|
||||
return;
|
||||
dump_inline_acl( (const ACL *)((const char *)sd + offset), sd->sacl_len );
|
||||
offset += sd->sacl_len;
|
||||
fprintf( stderr, ",dacl=" );
|
||||
if ((sd->dacl_len >= MAX_ACL_LEN) || (offset + sd->dacl_len > size))
|
||||
return;
|
||||
dump_inline_acl( (const ACL *)((const char *)sd + offset), sd->dacl_len );
|
||||
offset += sd->dacl_len;
|
||||
}
|
||||
fputc( '}', stderr );
|
||||
}
|
||||
|
||||
static void dump_varargs_security_descriptor( size_t size )
|
||||
{
|
||||
const struct security_descriptor *sd = cur_data;
|
||||
dump_inline_security_descriptor( sd, size );
|
||||
remove_data( size );
|
||||
}
|
||||
|
||||
typedef void (*dump_func)( const void *req );
|
||||
|
||||
/* Everything below this line is generated automatically by tools/make_requests */
|
||||
|
|
|
|||
Loading…
Reference in New Issue