| 1 | #include "idl_types.h" | 
|---|
| 2 |  | 
|---|
| 3 | /* | 
|---|
| 4 | IDL structures for xattr file attributes | 
|---|
| 5 |  | 
|---|
| 6 | this has nothing to do with RPC, we are just using our NDR/IDL | 
|---|
| 7 | infrastructure as a convenient way to store linearised information | 
|---|
| 8 | about a file in a architecture independent manner | 
|---|
| 9 | */ | 
|---|
| 10 |  | 
|---|
| 11 | import "security.idl"; | 
|---|
| 12 |  | 
|---|
| 13 | [ | 
|---|
| 14 | uuid("12345778-1234-abcd-0001-00000002"), | 
|---|
| 15 | version(0.0), | 
|---|
| 16 | helper("../librpc/ndr/ndr_xattr.h"), | 
|---|
| 17 | pyhelper("librpc/ndr/py_xattr.c"), | 
|---|
| 18 | pointer_default(unique) | 
|---|
| 19 | ] | 
|---|
| 20 | interface xattr | 
|---|
| 21 | { | 
|---|
| 22 | const char *XATTR_DOSATTRIB_NAME = "user.DosAttrib"; | 
|---|
| 23 | const int XATTR_DOSATTRIB_ESTIMATED_SIZE = 64; | 
|---|
| 24 |  | 
|---|
| 25 | /* we store basic dos attributes in a DosAttrib xattr. By | 
|---|
| 26 | using a union we can cope with new version of this | 
|---|
| 27 | structure more easily */ | 
|---|
| 28 |  | 
|---|
| 29 | /* | 
|---|
| 30 | * the FFFF level is never really used, | 
|---|
| 31 | * it's used to pass the information from | 
|---|
| 32 | * the old hex string attrib information | 
|---|
| 33 | * we have a handwritten parser which converts | 
|---|
| 34 | * the hex string to the xattr_DosInfoFFFFCompat strucure | 
|---|
| 35 | */ | 
|---|
| 36 |  | 
|---|
| 37 | typedef struct { | 
|---|
| 38 | uint32 attrib; | 
|---|
| 39 | } xattr_DosInfoFFFFCompat; | 
|---|
| 40 |  | 
|---|
| 41 | typedef struct { | 
|---|
| 42 | uint32 attrib; | 
|---|
| 43 | uint32 ea_size; | 
|---|
| 44 | udlong size; | 
|---|
| 45 | udlong alloc_size; | 
|---|
| 46 | NTTIME create_time; | 
|---|
| 47 | NTTIME change_time; | 
|---|
| 48 | } xattr_DosInfo1; | 
|---|
| 49 |  | 
|---|
| 50 | /* | 
|---|
| 51 | We use xattrDosInfo1 again when we store values. | 
|---|
| 52 | Because the sticky write time is now stored in the opendb | 
|---|
| 53 | and xattr_DosInfo2Old is only present to parse existing | 
|---|
| 54 | values from disk. | 
|---|
| 55 |  | 
|---|
| 56 | const int XATTR_ATTRIB_FLAG_STICKY_WRITE_TIME = 0x1; | 
|---|
| 57 | */ | 
|---|
| 58 | typedef struct { | 
|---|
| 59 | uint32     flags; | 
|---|
| 60 | uint32     attrib; | 
|---|
| 61 | uint32     ea_size; | 
|---|
| 62 | udlong     size; | 
|---|
| 63 | udlong     alloc_size; | 
|---|
| 64 | NTTIME     create_time; | 
|---|
| 65 | NTTIME     change_time; | 
|---|
| 66 | NTTIME     write_time; /* only used when sticky write time is set */ | 
|---|
| 67 | utf8string name; | 
|---|
| 68 | } xattr_DosInfo2Old; | 
|---|
| 69 |  | 
|---|
| 70 | typedef [bitmap32bit] bitmap { | 
|---|
| 71 | XATTR_DOSINFO_ATTRIB            = 0x00000001, | 
|---|
| 72 | XATTR_DOSINFO_EA_SIZE           = 0x00000002, | 
|---|
| 73 | XATTR_DOSINFO_SIZE              = 0x00000004, | 
|---|
| 74 | XATTR_DOSINFO_ALLOC_SIZE        = 0x00000008, | 
|---|
| 75 | XATTR_DOSINFO_CREATE_TIME       = 0x00000010, | 
|---|
| 76 | XATTR_DOSINFO_CHANGE_TIME       = 0x00000020 | 
|---|
| 77 | } xattr_DosInfoValidFlags; | 
|---|
| 78 |  | 
|---|
| 79 | typedef struct { | 
|---|
| 80 | xattr_DosInfoValidFlags valid_flags; | 
|---|
| 81 | uint32 attrib; | 
|---|
| 82 | uint32 ea_size; | 
|---|
| 83 | udlong size; | 
|---|
| 84 | udlong alloc_size; | 
|---|
| 85 | NTTIME create_time; | 
|---|
| 86 | NTTIME change_time; | 
|---|
| 87 | } xattr_DosInfo3; | 
|---|
| 88 |  | 
|---|
| 89 | typedef [public,switch_type(uint16)] union { | 
|---|
| 90 | [case(0xFFFF)] xattr_DosInfoFFFFCompat compatinfoFFFF; | 
|---|
| 91 | [case(1)] xattr_DosInfo1 info1; | 
|---|
| 92 | [case(2)] xattr_DosInfo2Old oldinfo2; | 
|---|
| 93 | [case(3)] xattr_DosInfo3 info3; | 
|---|
| 94 | } xattr_DosInfo; | 
|---|
| 95 |  | 
|---|
| 96 | typedef [public] struct { | 
|---|
| 97 | uint16 version; | 
|---|
| 98 | [switch_is(version)] xattr_DosInfo info; | 
|---|
| 99 | } xattr_DosAttrib; | 
|---|
| 100 |  | 
|---|
| 101 | typedef [public,nopush,nopull,noprint] struct { | 
|---|
| 102 | astring attrib_hex; | 
|---|
| 103 | uint16 version; | 
|---|
| 104 | [switch_is(version)] xattr_DosInfo info; | 
|---|
| 105 | } xattr_DOSATTRIB; | 
|---|
| 106 |  | 
|---|
| 107 | void xattr_parse_DOSATTRIB( | 
|---|
| 108 | [in] xattr_DOSATTRIB x | 
|---|
| 109 | ); | 
|---|
| 110 |  | 
|---|
| 111 | /* we store DOS style extended attributes in a DosEAs xattr */ | 
|---|
| 112 | const char *XATTR_DOSEAS_NAME = "user.DosEAs"; | 
|---|
| 113 |  | 
|---|
| 114 | typedef struct { | 
|---|
| 115 | utf8string name; | 
|---|
| 116 | DATA_BLOB value; | 
|---|
| 117 | } xattr_EA; | 
|---|
| 118 |  | 
|---|
| 119 | typedef [public] struct { | 
|---|
| 120 | uint16 num_eas; | 
|---|
| 121 | [size_is(num_eas)] xattr_EA *eas; | 
|---|
| 122 | } xattr_DosEAs; | 
|---|
| 123 |  | 
|---|
| 124 | /* Slightly different version, used by the vfs_xattr_tdb module */ | 
|---|
| 125 | typedef [public] struct { | 
|---|
| 126 | uint32 num_eas; | 
|---|
| 127 | xattr_EA eas[num_eas]; | 
|---|
| 128 | } tdb_xattrs; | 
|---|
| 129 |  | 
|---|
| 130 | /* we store stream information in this xattr structure. Then | 
|---|
| 131 | the streams themselves are stored in | 
|---|
| 132 | user.DosStream.STREAMNAME or in external files, according | 
|---|
| 133 | to the flags */ | 
|---|
| 134 | const char *XATTR_DOSSTREAMS_NAME = "user.DosStreams"; | 
|---|
| 135 |  | 
|---|
| 136 | const int XATTR_STREAM_FLAG_INTERNAL = 0x00000001; | 
|---|
| 137 |  | 
|---|
| 138 | /* stream data is stored in attributes with the given prefix */ | 
|---|
| 139 | const char *XATTR_DOSSTREAM_PREFIX = "user.DosStream."; | 
|---|
| 140 |  | 
|---|
| 141 | const int XATTR_MAX_STREAM_SIZE     = 0x4000; | 
|---|
| 142 | const int XATTR_MAX_STREAM_SIZE_TDB = 0x100000; | 
|---|
| 143 |  | 
|---|
| 144 | typedef struct { | 
|---|
| 145 | uint32     flags; | 
|---|
| 146 | udlong     size; | 
|---|
| 147 | udlong     alloc_size; | 
|---|
| 148 | utf8string name; | 
|---|
| 149 | } xattr_DosStream; | 
|---|
| 150 |  | 
|---|
| 151 | typedef [public] struct { | 
|---|
| 152 | uint32 num_streams; | 
|---|
| 153 | [size_is(num_streams)] xattr_DosStream *streams; | 
|---|
| 154 | } xattr_DosStreams; | 
|---|
| 155 |  | 
|---|
| 156 |  | 
|---|
| 157 | /* we store the NT ACL a NTACL xattr. It is versioned so we | 
|---|
| 158 | can later add other acl attribs (such as posix acl mapping) | 
|---|
| 159 |  | 
|---|
| 160 | we put this xattr in the security namespace to ensure that | 
|---|
| 161 | only trusted users can write to the ACL | 
|---|
| 162 |  | 
|---|
| 163 | stored in "security.NTACL" | 
|---|
| 164 |  | 
|---|
| 165 | Version 1. raw SD stored as Samba4 does it. | 
|---|
| 166 | Version 2. raw SD + last changed hash so we | 
|---|
| 167 | can discard if this doesn't match the underlying ACL hash. | 
|---|
| 168 | */ | 
|---|
| 169 |  | 
|---|
| 170 | const char *XATTR_NTACL_NAME = "security.NTACL"; | 
|---|
| 171 |  | 
|---|
| 172 | const int XATTR_SD_HASH_SIZE = 64; | 
|---|
| 173 | const int XATTR_SD_HASH_TYPE_NONE = 0x0; | 
|---|
| 174 | const int XATTR_SD_HASH_TYPE_SHA256 = 0x1; | 
|---|
| 175 |  | 
|---|
| 176 | typedef [public] struct { | 
|---|
| 177 | security_descriptor *sd; | 
|---|
| 178 | uint8 hash[16]; | 
|---|
| 179 | } security_descriptor_hash_v2; /* Hash never used in this version. */ | 
|---|
| 180 |  | 
|---|
| 181 | typedef [public] struct { | 
|---|
| 182 | security_descriptor *sd; | 
|---|
| 183 | uint16 hash_type; | 
|---|
| 184 | uint8 hash[64]; /* 64 bytes hash. */ | 
|---|
| 185 | } security_descriptor_hash_v3; | 
|---|
| 186 |  | 
|---|
| 187 | typedef [switch_type(uint16)] union { | 
|---|
| 188 | [case(1)] security_descriptor *sd; | 
|---|
| 189 | [case(2)] security_descriptor_hash_v2 *sd_hs2; | 
|---|
| 190 | [case(3)] security_descriptor_hash_v3 *sd_hs3; | 
|---|
| 191 | } xattr_NTACL_Info; | 
|---|
| 192 |  | 
|---|
| 193 | typedef [public] struct { | 
|---|
| 194 | uint16 version; | 
|---|
| 195 | [switch_is(version)] xattr_NTACL_Info info; | 
|---|
| 196 | } xattr_NTACL; | 
|---|
| 197 | } | 
|---|