svn commit: samba r23839 - in branches: SAMBA_3_2/source/libads
SAMBA_3_2_0/source/libads
gd at samba.org
gd at samba.org
Wed Jul 11 13:41:04 GMT 2007
Author: gd
Date: 2007-07-11 13:41:04 +0000 (Wed, 11 Jul 2007)
New Revision: 23839
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23839
Log:
Try to get the attribute name from schema GUIDs or the display name from
extended rights GUID from ad while dumping the security descriptors's aces.
This would perform much better with a guid cache, but for the rare cases where
it is used
net ads search cn=mymachine ntSecurityDescriptor -U user%pass
it should be ok for now.
Guenther
Modified:
branches/SAMBA_3_2/source/libads/disp_sec.c
branches/SAMBA_3_2/source/libads/ldap_schema.c
branches/SAMBA_3_2_0/source/libads/disp_sec.c
branches/SAMBA_3_2_0/source/libads/ldap_schema.c
Changeset:
Modified: branches/SAMBA_3_2/source/libads/disp_sec.c
===================================================================
--- branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 13:32:57 UTC (rev 23838)
+++ branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 13:41:04 UTC (rev 23839)
@@ -80,17 +80,45 @@
puts("");
}
-static void ads_disp_sec_ace_object(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace_object *object)
+static const char *ads_interprete_guid_from_object(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ const struct GUID *guid)
{
+ const char *ret = NULL;
+
+ ret = ads_get_attrname_by_guid(ads, ads->config.schema_path,
+ mem_ctx, guid);
+ if (ret) {
+ return talloc_asprintf(mem_ctx, "LDAP attribute: \"%s\"", ret);
+ }
+
+ ret = ads_get_extended_right_name_by_guid(ads, ads->config.config_path,
+ mem_ctx, guid);
+
+ if (ret) {
+ return talloc_asprintf(mem_ctx, "Extended right: \"%s\"", ret);
+ }
+
+ return ret;
+}
+
+static void ads_disp_sec_ace_object(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ struct security_ace_object *object)
+{
if (object->flags & SEC_ACE_OBJECT_PRESENT) {
printf("Object type: SEC_ACE_OBJECT_PRESENT\n");
- printf("Object GUID: %s\n", smb_uuid_string_static(
- object->type.type));
+ printf("Object GUID: %s (%s)\n", smb_uuid_string_static(
+ object->type.type),
+ ads_interprete_guid_from_object(ads, mem_ctx,
+ &object->type.type));
}
if (object->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) {
printf("Object type: SEC_ACE_OBJECT_INHERITED_PRESENT\n");
- printf("Object GUID: %s\n", smb_uuid_string_static(
- object->inherited_type.inherited_type));
+ printf("Object GUID: %s (%s)\n", smb_uuid_string_static(
+ object->inherited_type.inherited_type),
+ ads_interprete_guid_from_object(ads, mem_ctx,
+ &object->inherited_type.inherited_type));
}
}
@@ -156,7 +184,20 @@
void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd)
{
int i;
-
+ char *tmp_path = NULL;
+
+ if (!ads->config.schema_path) {
+ if (ADS_ERR_OK(ads_schema_path(ads, mem_ctx, &tmp_path))) {
+ ads->config.schema_path = SMB_STRDUP(tmp_path);
+ }
+ }
+
+ if (!ads->config.config_path) {
+ if (ADS_ERR_OK(ads_config_path(ads, mem_ctx, &tmp_path))) {
+ ads->config.config_path = SMB_STRDUP(tmp_path);
+ }
+ }
+
printf("-------------- Security Descriptor (revision: %d, type: 0x%02x)\n",
sd->revision,
sd->type);
Modified: branches/SAMBA_3_2/source/libads/ldap_schema.c
===================================================================
--- branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 13:32:57 UTC (rev 23838)
+++ branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 13:41:04 UTC (rev 23839)
@@ -195,7 +195,7 @@
/*********************************************************************
*********************************************************************/
-static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path)
+ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path)
{
ADS_STATUS status;
LDAPMessage *res;
Modified: branches/SAMBA_3_2_0/source/libads/disp_sec.c
===================================================================
--- branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 13:32:57 UTC (rev 23838)
+++ branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 13:41:04 UTC (rev 23839)
@@ -80,17 +80,45 @@
puts("");
}
-static void ads_disp_sec_ace_object(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace_object *object)
+static const char *ads_interprete_guid_from_object(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ const struct GUID *guid)
{
+ const char *ret = NULL;
+
+ ret = ads_get_attrname_by_guid(ads, ads->config.schema_path,
+ mem_ctx, guid);
+ if (ret) {
+ return talloc_asprintf(mem_ctx, "LDAP attribute: \"%s\"", ret);
+ }
+
+ ret = ads_get_extended_right_name_by_guid(ads, ads->config.config_path,
+ mem_ctx, guid);
+
+ if (ret) {
+ return talloc_asprintf(mem_ctx, "Extended right: \"%s\"", ret);
+ }
+
+ return ret;
+}
+
+static void ads_disp_sec_ace_object(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ struct security_ace_object *object)
+{
if (object->flags & SEC_ACE_OBJECT_PRESENT) {
printf("Object type: SEC_ACE_OBJECT_PRESENT\n");
- printf("Object GUID: %s\n", smb_uuid_string_static(
- object->type.type));
+ printf("Object GUID: %s (%s)\n", smb_uuid_string_static(
+ object->type.type),
+ ads_interprete_guid_from_object(ads, mem_ctx,
+ &object->type.type));
}
if (object->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) {
printf("Object type: SEC_ACE_OBJECT_INHERITED_PRESENT\n");
- printf("Object GUID: %s\n", smb_uuid_string_static(
- object->inherited_type.inherited_type));
+ printf("Object GUID: %s (%s)\n", smb_uuid_string_static(
+ object->inherited_type.inherited_type),
+ ads_interprete_guid_from_object(ads, mem_ctx,
+ &object->inherited_type.inherited_type));
}
}
@@ -156,7 +184,20 @@
void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd)
{
int i;
-
+ char *tmp_path = NULL;
+
+ if (!ads->config.schema_path) {
+ if (ADS_ERR_OK(ads_schema_path(ads, mem_ctx, &tmp_path))) {
+ ads->config.schema_path = SMB_STRDUP(tmp_path);
+ }
+ }
+
+ if (!ads->config.config_path) {
+ if (ADS_ERR_OK(ads_config_path(ads, mem_ctx, &tmp_path))) {
+ ads->config.config_path = SMB_STRDUP(tmp_path);
+ }
+ }
+
printf("-------------- Security Descriptor (revision: %d, type: 0x%02x)\n",
sd->revision,
sd->type);
Modified: branches/SAMBA_3_2_0/source/libads/ldap_schema.c
===================================================================
--- branches/SAMBA_3_2_0/source/libads/ldap_schema.c 2007-07-11 13:32:57 UTC (rev 23838)
+++ branches/SAMBA_3_2_0/source/libads/ldap_schema.c 2007-07-11 13:41:04 UTC (rev 23839)
@@ -195,7 +195,7 @@
/*********************************************************************
*********************************************************************/
-static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path)
+ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path)
{
ADS_STATUS status;
LDAPMessage *res;
More information about the samba-cvs
mailing list