From a69310eeab4519963d8cdab13a2ca8be5793458c Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 22 Nov 2024 14:21:23 +0100
Subject: [PATCH] librpc/ndr: add
 ndr_print_{struct,union,function}_secret_string()

Keep libndr at 6.0.0, this has not been released yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 librpc/ABI/ndr-6.0.0.sigs |  3 ++
 librpc/ndr/libndr.h       | 14 ++++++++
 librpc/ndr/ndr.c          | 67 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 84 insertions(+)

diff --git a/librpc/ABI/ndr-6.0.0.sigs b/librpc/ABI/ndr-6.0.0.sigs
index ed433a50b4c..f42814cfae1 100644
--- a/librpc/ABI/ndr-6.0.0.sigs
+++ b/librpc/ABI/ndr-6.0.0.sigs
@@ -51,6 +51,7 @@ ndr_print_double: void (struct ndr_print *, const char *, double)
 ndr_print_enum: void (struct ndr_print *, const char *, const char *, const char *, uint32_t)
 ndr_print_function_debug: void (ndr_print_function_t, const char *, ndr_flags_type, const void *)
 ndr_print_function_string: char *(TALLOC_CTX *, ndr_print_function_t, const char *, ndr_flags_type, const void *)
+ndr_print_function_secret_string: char *(TALLOC_CTX *, ndr_print_function_t, const char *, ndr_flags_type, const void *)
 ndr_print_gid_t: void (struct ndr_print *, const char *, gid_t)
 ndr_print_hyper: void (struct ndr_print *, const char *, uint64_t)
 ndr_print_int16: void (struct ndr_print *, const char *, int16_t)
@@ -77,6 +78,7 @@ ndr_print_string_array: void (struct ndr_print *, const char *, const char **)
 ndr_print_string_helper: void (struct ndr_print *, const char *, ...)
 ndr_print_struct: void (struct ndr_print *, const char *, const char *)
 ndr_print_struct_string: char *(TALLOC_CTX *, ndr_print_fn_t, const char *, const void *)
+ndr_print_struct_secret_string: char *(TALLOC_CTX *, ndr_print_fn_t, const char *, const void *)
 ndr_print_svcctl_ServerType: void (struct ndr_print *, const char *, uint32_t)
 ndr_print_time_t: void (struct ndr_print *, const char *, time_t)
 ndr_print_timespec: void (struct ndr_print *, const char *, const struct timespec *)
@@ -92,6 +94,7 @@ ndr_print_uint8: void (struct ndr_print *, const char *, uint8_t)
 ndr_print_union: void (struct ndr_print *, const char *, int, const char *)
 ndr_print_union_debug: void (ndr_print_fn_t, const char *, uint32_t, const void *)
 ndr_print_union_string: char *(TALLOC_CTX *, ndr_print_fn_t, const char *, uint32_t, const void *)
+ndr_print_union_secret_string: char *(TALLOC_CTX *, ndr_print_fn_t, const char *, uint32_t, const void *)
 ndr_print_winreg_Data: void (struct ndr_print *, const char *, const union winreg_Data *)
 ndr_print_winreg_Data_GPO: void (struct ndr_print *, const char *, const union winreg_Data_GPO *)
 ndr_print_winreg_Type: void (struct ndr_print *, const char *, enum winreg_Type)
diff --git a/librpc/ndr/libndr.h b/librpc/ndr/libndr.h
index 91d1cdac838..b26106985e7 100644
--- a/librpc/ndr/libndr.h
+++ b/librpc/ndr/libndr.h
@@ -685,16 +685,30 @@ char *ndr_print_struct_string(TALLOC_CTX *mem_ctx,
 			      ndr_print_fn_t fn,
 			      const char *name,
 			      const void *ptr);
+char *ndr_print_struct_secret_string(TALLOC_CTX *mem_ctx,
+				     ndr_print_fn_t fn,
+				     const char *name,
+				     const void *ptr);
 char *ndr_print_union_string(TALLOC_CTX *mem_ctx,
 			     ndr_print_fn_t fn,
 			     const char *name,
 			     uint32_t level,
 			     const void *ptr);
+char *ndr_print_union_secret_string(TALLOC_CTX *mem_ctx,
+				    ndr_print_fn_t fn,
+				    const char *name,
+				    uint32_t level,
+				    const void *ptr);
 char *ndr_print_function_string(TALLOC_CTX *mem_ctx,
 				ndr_print_function_t fn,
 				const char *name,
 				ndr_flags_type flags,
 				const void *ptr);
+char *ndr_print_function_secret_string(TALLOC_CTX *mem_ctx,
+				       ndr_print_function_t fn,
+				       const char *name,
+				       ndr_flags_type flags,
+				       const void *ptr);
 void ndr_set_flags(libndr_flags *pflags, libndr_flags new_flags);
 enum ndr_err_code _ndr_pull_error(struct ndr_pull *ndr,
 				  enum ndr_err_code ndr_err,
diff --git a/librpc/ndr/ndr.c b/librpc/ndr/ndr.c
index f7346248083..c25e8bd1ca5 100644
--- a/librpc/ndr/ndr.c
+++ b/librpc/ndr/ndr.c
@@ -527,6 +527,7 @@ static char *ndr_print_generic_string(TALLOC_CTX *mem_ctx,
 				      ndr_print_function_t inout_fn,
 				      ndr_flags_type inout_flags,
 				      ndr_print_fn_t single_fn,
+				      bool print_secrets,
 				      const char *name,
 				      const uint32_t *level,
 				      const void *ptr)
@@ -543,6 +544,7 @@ static char *ndr_print_generic_string(TALLOC_CTX *mem_ctx,
 	ndr->print = ndr_print_string_helper;
 	ndr->depth = 1;
 	ndr->flags = 0;
+	ndr->print_secrets = print_secrets;
 	if (level != NULL) {
 		ndr_print_set_switch_value(ndr, ptr, *level);
 	}
@@ -552,6 +554,9 @@ static char *ndr_print_generic_string(TALLOC_CTX *mem_ctx,
 		single_fn(ndr, name, ptr);
 	}
 	ret = talloc_steal(mem_ctx, (char *)ndr->private_data);
+	if (print_secrets) {
+		talloc_keep_secret(ret);
+	}
 failed:
 	TALLOC_FREE(ndr);
 	return ret;
@@ -569,6 +574,26 @@ _PUBLIC_ char *ndr_print_struct_string(TALLOC_CTX *mem_ctx,
 					NULL, /* inout_fn */
 					0,    /* inout_flags */
 					fn,   /* single_fn */
+					false, /* print_secrets */
+					name,
+					NULL, /* level */
+					ptr);
+}
+
+/*
+  a useful helper function for printing idl structures to a string
+  This includes values marked with NDR_SECRET
+*/
+_PUBLIC_ char *ndr_print_struct_secret_string(TALLOC_CTX *mem_ctx,
+					      ndr_print_fn_t fn,
+					      const char *name,
+					      const void *ptr)
+{
+	return ndr_print_generic_string(mem_ctx,
+					NULL, /* inout_fn */
+					0,    /* inout_flags */
+					fn,   /* single_fn */
+					true, /* print_secrets */
 					name,
 					NULL, /* level */
 					ptr);
@@ -587,6 +612,27 @@ _PUBLIC_ char *ndr_print_union_string(TALLOC_CTX *mem_ctx,
 					NULL, /* inout_fn */
 					0,    /* inout_flags */
 					fn,   /* single_fn */
+					false, /* print_secrets */
+					name,
+					&level,
+					ptr);
+}
+
+/*
+  a useful helper function for printing idl unions to a string
+  This includes values marked with NDR_SECRET
+*/
+_PUBLIC_ char *ndr_print_union_secret_string(TALLOC_CTX *mem_ctx,
+					     ndr_print_fn_t fn,
+					     const char *name,
+					     uint32_t level,
+					     const void *ptr)
+{
+	return ndr_print_generic_string(mem_ctx,
+					NULL, /* inout_fn */
+					0,    /* inout_flags */
+					fn,   /* single_fn */
+					true, /* print_secrets */
 					name,
 					&level,
 					ptr);
@@ -605,6 +651,27 @@ _PUBLIC_ char *ndr_print_function_string(TALLOC_CTX *mem_ctx,
 					fn,    /* inout_fn */
 					flags, /* inout_flags */
 					NULL,  /* single_fn */
+					false, /* print_secrets */
+					name,
+					NULL,  /* level */
+					ptr);
+}
+
+/*
+  a useful helper function for printing idl function calls to a string
+  This includes values marked with NDR_SECRET
+*/
+_PUBLIC_ char *ndr_print_function_secret_string(TALLOC_CTX *mem_ctx,
+						ndr_print_function_t fn,
+						const char *name,
+						ndr_flags_type flags,
+						const void *ptr)
+{
+	return ndr_print_generic_string(mem_ctx,
+					fn,    /* inout_fn */
+					flags, /* inout_flags */
+					NULL,  /* single_fn */
+					true, /* print_secrets */
 					name,
 					NULL,  /* level */
 					ptr);
-- 
2.47.3