|
regfi
|
winsec.h
Go to the documentation of this file.
00001 /* 00002 * Copyright (C) 2005,2009-2011 Timothy D. Morgan 00003 * Copyright (C) 1992-2005 Samba development team 00004 * 00005 * This program is free software; you can redistribute it and/or modify 00006 * it under the terms of the GNU General Public License as published by 00007 * the Free Software Foundation; version 3 of the License. 00008 * 00009 * This program is distributed in the hope that it will be useful, 00010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00012 * GNU General Public License for more details. 00013 * 00014 * You should have received a copy of the GNU General Public License 00015 * along with this program; if not, write to the Free Software 00016 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 00017 * 00018 * $Id: winsec.h 261 2011-06-17 00:55:49Z tim $ 00019 */ 00020 00033 #ifndef _WINSEC_H 00034 #define _WINSEC_H 00035 00036 #include <stdlib.h> 00037 #include <stdbool.h> 00038 #include <stdint.h> 00039 #include <stdio.h> 00040 #include <string.h> 00041 #include <errno.h> 00042 #include <fcntl.h> 00043 #include <sys/stat.h> 00044 #include <sys/types.h> 00045 #include <unistd.h> 00046 #include <talloc.h> 00047 00048 #include "compat.h" 00049 #include "byteorder.h" 00050 00051 00052 /* This is the maximum number of subauths in a SID, as defined here: 00053 * http://msdn.microsoft.com/en-us/library/cc230371(PROT.10).aspx 00054 */ 00055 #define WINSEC_MAX_SUBAUTHS 15 00056 00057 #define WINSEC_DESC_HEADER_SIZE (5 * sizeof(uint32_t)) 00058 #define WINSEC_ACL_HEADER_SIZE (2 * sizeof(uint32_t)) 00059 #define WINSEC_ACE_MIN_SIZE 16 00060 00061 /* XXX: Fill in definitions of other flags */ 00062 /* This self relative flag means offsets contained in the descriptor are relative 00063 * to the descriptor's offset. This had better be true in the registry. 00064 */ 00065 #define WINSEC_DESC_SELF_RELATIVE 0x8000 00066 #define WINSEC_DESC_SACL_PRESENT 0x0010 00067 #define WINSEC_DESC_DACL_PRESENT 0x0004 00068 00069 #define WINSEC_ACE_OBJECT_PRESENT 0x00000001 00070 #define WINSEC_ACE_OBJECT_INHERITED_PRESENT 0x00000002 00071 #define WINSEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT 0x5 00072 #define WINSEC_ACE_TYPE_ACCESS_DENIED_OBJECT 0x6 00073 #define WINSEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT 0x7 00074 #define WINSEC_ACE_TYPE_SYSTEM_ALARM_OBJECT 0x8 00075 00076 00078 typedef struct _winsec_uuid 00079 { 00081 uint32_t time_low; 00082 00084 uint16_t time_mid; 00085 00087 uint16_t time_hi_and_version; 00088 00090 uint8_t clock_seq[2]; 00091 00093 uint8_t node[6]; 00094 } WINSEC_UUID; 00095 00096 00098 typedef struct _winsec_sid 00099 { 00101 uint8_t sid_rev_num; 00102 00104 uint8_t num_auths; 00105 00107 uint8_t id_auth[6]; 00108 00114 uint32_t sub_auths[WINSEC_MAX_SUBAUTHS]; /* XXX: Make this dynamically allocated? */ 00115 } WINSEC_DOM_SID; 00116 00117 00119 typedef struct _winsec_ace 00120 { 00122 uint8_t type; 00123 00125 uint8_t flags; 00126 00128 uint16_t size; 00129 00131 uint32_t access_mask; 00132 00133 /* This stuff may be present when type is XXXX_TYPE_XXXX_OBJECT */ 00134 00136 uint32_t obj_flags; 00137 00139 WINSEC_UUID* obj_guid; 00140 00142 WINSEC_UUID* inh_guid; 00143 00144 /* eof object stuff */ 00145 00147 WINSEC_DOM_SID* trustee; 00148 00149 } WINSEC_ACE; 00150 00151 00153 typedef struct _winsec_acl 00154 { 00156 uint16_t revision; 00157 00159 uint16_t size; 00160 00162 uint32_t num_aces; 00163 00165 WINSEC_ACE** aces; 00166 00167 } WINSEC_ACL; 00168 00169 00171 typedef struct _winsec_desc 00172 { 00174 uint8_t revision; 00175 00184 uint8_t sbz1; 00185 00187 uint16_t control; 00188 00190 uint32_t off_owner_sid; 00191 00193 uint32_t off_grp_sid; 00194 00196 uint32_t off_sacl; 00197 00199 uint32_t off_dacl; 00200 00202 WINSEC_DOM_SID* owner_sid; 00203 00205 WINSEC_DOM_SID* grp_sid; 00206 00208 WINSEC_ACL* sacl; 00209 00211 WINSEC_ACL* dacl; 00212 00213 } WINSEC_DESC; 00214 00215 00220 _EXPORT() 00221 WINSEC_DESC* winsec_parse_descriptor(const uint8_t* buf, uint32_t buf_len); 00222 00223 00228 _EXPORT() 00229 void winsec_free_descriptor(WINSEC_DESC* desc); 00230 00235 _EXPORT() 00236 WINSEC_DESC* winsec_parse_desc(void* talloc_ctx, 00237 const uint8_t* buf, uint32_t buf_len); 00238 00243 _EXPORT() 00244 WINSEC_ACL* winsec_parse_acl(void* talloc_ctx, 00245 const uint8_t* buf, uint32_t buf_len); 00246 00251 _EXPORT() 00252 WINSEC_ACE* winsec_parse_ace(void* talloc_ctx, 00253 const uint8_t* buf, uint32_t buf_len); 00254 00259 _EXPORT() 00260 WINSEC_DOM_SID* winsec_parse_dom_sid(void* talloc_ctx, 00261 const uint8_t* buf, uint32_t buf_len); 00262 00267 _EXPORT() 00268 WINSEC_UUID* winsec_parse_uuid(void* talloc_ctx, 00269 const uint8_t* buf, uint32_t buf_len); 00270 00271 00276 _EXPORT() 00277 size_t winsec_sid_size(const WINSEC_DOM_SID* sid); 00278 00283 _EXPORT() 00284 int winsec_sid_compare_auth(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2); 00285 00290 _EXPORT() 00291 int winsec_sid_compare(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2); 00292 00297 _EXPORT() 00298 bool winsec_sid_equal(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2); 00299 00304 _EXPORT() 00305 char* winsec_sid2str(const WINSEC_DOM_SID* sid); 00306 00311 _EXPORT() 00312 bool winsec_desc_equal(WINSEC_DESC* s1, WINSEC_DESC* s2); 00313 00318 _EXPORT() 00319 bool winsec_acl_equal(WINSEC_ACL* s1, WINSEC_ACL* s2); 00320 00325 _EXPORT() 00326 bool winsec_ace_equal(WINSEC_ACE* s1, WINSEC_ACE* s2); 00327 00332 _EXPORT() 00333 bool winsec_ace_object(uint8_t type); 00334 00335 #endif /* _WINSEC_H */
