/usr/include/winsec.h is in libregfi-dev 1.0.1+svn287-6.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 | /*
* Copyright (C) 2005,2009-2011 Timothy D. Morgan
* Copyright (C) 1992-2005 Samba development team
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* $Id$
*/
/**
* @file
*
* A small library for interpreting Windows Security Descriptors.
* This library was originally based on Samba source from:
* http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/source/
*
* The library has been heavily rewritten and improved based on information
* provided by Microsoft at:
* http://msdn.microsoft.com/en-us/library/cc230366%28PROT.10%29.aspx
*/
#ifndef _WINSEC_H
#define _WINSEC_H
#include <stdlib.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <talloc.h>
#include "compat.h"
#include "byteorder.h"
/* This is the maximum number of subauths in a SID, as defined here:
* http://msdn.microsoft.com/en-us/library/cc230371(PROT.10).aspx
*/
#define WINSEC_MAX_SUBAUTHS 15
#define WINSEC_DESC_HEADER_SIZE (5 * sizeof(uint32_t))
#define WINSEC_ACL_HEADER_SIZE (2 * sizeof(uint32_t))
#define WINSEC_ACE_MIN_SIZE 16
/* XXX: Fill in definitions of other flags */
/* This self relative flag means offsets contained in the descriptor are relative
* to the descriptor's offset. This had better be true in the registry.
*/
#define WINSEC_DESC_SELF_RELATIVE 0x8000
#define WINSEC_DESC_SACL_PRESENT 0x0010
#define WINSEC_DESC_DACL_PRESENT 0x0004
#define WINSEC_ACE_OBJECT_PRESENT 0x00000001
#define WINSEC_ACE_OBJECT_INHERITED_PRESENT 0x00000002
#define WINSEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT 0x5
#define WINSEC_ACE_TYPE_ACCESS_DENIED_OBJECT 0x6
#define WINSEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT 0x7
#define WINSEC_ACE_TYPE_SYSTEM_ALARM_OBJECT 0x8
/** XXX: document this. */
typedef struct _winsec_uuid
{
/** XXX: document this. */
uint32_t time_low;
/** XXX: document this. */
uint16_t time_mid;
/** XXX: document this. */
uint16_t time_hi_and_version;
/** XXX: document this. */
uint8_t clock_seq[2];
/** XXX: document this. */
uint8_t node[6];
} WINSEC_UUID;
/** XXX: document this. */
typedef struct _winsec_sid
{
/** SID revision number */
uint8_t sid_rev_num;
/** Number of sub-authorities */
uint8_t num_auths;
/** Identifier Authority */
uint8_t id_auth[6];
/** Pointer to sub-authorities.
*
* @note The values in these uint32_t's are in *native* byteorder, not
* neccessarily little-endian...... JRA.
*/
uint32_t sub_auths[WINSEC_MAX_SUBAUTHS]; /* XXX: Make this dynamically allocated? */
} WINSEC_DOM_SID;
/** XXX: document this. */
typedef struct _winsec_ace
{
/** xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
uint8_t type;
/** xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
uint8_t flags;
/** XXX: finish documenting */
uint16_t size;
/** XXX: finish documenting */
uint32_t access_mask;
/* This stuff may be present when type is XXXX_TYPE_XXXX_OBJECT */
/** xxxx_ACE_OBJECT_xxxx e.g present/inherited present etc */
uint32_t obj_flags;
/** Object GUID */
WINSEC_UUID* obj_guid;
/** Inherited object GUID */
WINSEC_UUID* inh_guid;
/* eof object stuff */
/** XXX: finish documenting */
WINSEC_DOM_SID* trustee;
} WINSEC_ACE;
/** XXX: document this. */
typedef struct _winsec_acl
{
/** 0x0003 */
uint16_t revision;
/** Size, in bytes, of the entire ACL structure */
uint16_t size;
/** Number of Access Control Entries */
uint32_t num_aces;
/** XXX: document this. */
WINSEC_ACE** aces;
} WINSEC_ACL;
/** XXX: document this. */
typedef struct _winsec_desc
{
/** 0x01 */
uint8_t revision;
/** XXX: better explain this
*
* "If the Control field has the RM flag set, then this field contains the
* resource manager (RM) control value. ... Otherwise, this field is reserved
* and MUST be set to zero." -- Microsoft.
* See:
* http://msdn.microsoft.com/en-us/library/cc230371%28PROT.10%29.aspx
*/
uint8_t sbz1;
/** WINSEC_DESC_* flags */
uint16_t control;
/** Offset to owner sid */
uint32_t off_owner_sid;
/** Offset to group sid */
uint32_t off_grp_sid;
/** Offset to system list of permissions */
uint32_t off_sacl;
/** Offset to list of permissions */
uint32_t off_dacl;
/** XXX: document this */
WINSEC_DOM_SID* owner_sid;
/** XXX: document this */
WINSEC_DOM_SID* grp_sid;
/** System ACL */
WINSEC_ACL* sacl;
/** User ACL */
WINSEC_ACL* dacl;
} WINSEC_DESC;
/**
*
* XXX: finish documenting
*/
_EXPORT()
WINSEC_DESC* winsec_parse_descriptor(const uint8_t* buf, uint32_t buf_len);
/**
*
* XXX: finish documenting
*/
_EXPORT()
void winsec_free_descriptor(WINSEC_DESC* desc);
/**
*
* XXX: finish documenting
*/
_EXPORT()
WINSEC_DESC* winsec_parse_desc(void* talloc_ctx,
const uint8_t* buf, uint32_t buf_len);
/**
*
* XXX: finish documenting
*/
_EXPORT()
WINSEC_ACL* winsec_parse_acl(void* talloc_ctx,
const uint8_t* buf, uint32_t buf_len);
/**
*
* XXX: finish documenting
*/
_EXPORT()
WINSEC_ACE* winsec_parse_ace(void* talloc_ctx,
const uint8_t* buf, uint32_t buf_len);
/**
*
* XXX: finish documenting
*/
_EXPORT()
WINSEC_DOM_SID* winsec_parse_dom_sid(void* talloc_ctx,
const uint8_t* buf, uint32_t buf_len);
/**
*
* XXX: finish documenting
*/
_EXPORT()
WINSEC_UUID* winsec_parse_uuid(void* talloc_ctx,
const uint8_t* buf, uint32_t buf_len);
/**
*
* XXX: finish documenting
*/
_EXPORT()
size_t winsec_sid_size(const WINSEC_DOM_SID* sid);
/**
*
* XXX: finish documenting
*/
_EXPORT()
int winsec_sid_compare_auth(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2);
/**
*
* XXX: finish documenting
*/
_EXPORT()
int winsec_sid_compare(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2);
/**
*
* XXX: finish documenting
*/
_EXPORT()
bool winsec_sid_equal(const WINSEC_DOM_SID* sid1, const WINSEC_DOM_SID* sid2);
/**
*
* XXX: finish documenting
*/
_EXPORT()
char* winsec_sid2str(const WINSEC_DOM_SID* sid);
/**
*
* XXX: finish documenting
*/
_EXPORT()
bool winsec_desc_equal(WINSEC_DESC* s1, WINSEC_DESC* s2);
/**
*
* XXX: finish documenting
*/
_EXPORT()
bool winsec_acl_equal(WINSEC_ACL* s1, WINSEC_ACL* s2);
/**
*
* XXX: finish documenting
*/
_EXPORT()
bool winsec_ace_equal(WINSEC_ACE* s1, WINSEC_ACE* s2);
/**
*
* XXX: finish documenting
*/
_EXPORT()
bool winsec_ace_object(uint8_t type);
#endif /* _WINSEC_H */
|