[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1199-g2eff2de

Jelmer Vernooij jelmer at samba.org
Tue Apr 21 13:15:04 GMT 2009


The branch, master has been updated
       via  2eff2de2f81374483df99757046f1d5ee4050155 (commit)
       via  3e75c9bd33f838cb3d47d58441123a22f7b8d317 (commit)
      from  dfc79de607e94179114a8e1d0b0e56117f34595b (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 2eff2de2f81374483df99757046f1d5ee4050155
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Tue Apr 21 14:27:25 2009 +0200

    Move the security_descriptor utility code to the top-level.

commit 3e75c9bd33f838cb3d47d58441123a22f7b8d317
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Tue Apr 21 12:44:01 2009 +0200

    Use a static copy of the samsync header file as Samba3 doesn't generate
    prototype headers.

-----------------------------------------------------------------------

Summary of changes:
 libcli/samsync/config.mk                           |    4 -
 libcli/samsync/samsync.h                           |   34 ++++++++++
 libcli/security/config.mk                          |    2 +-
 .../security/security_descriptor.c                 |    0 
 libcli/security/security_descriptor.h              |   64 ++++++++++++++++++++
 source3/Makefile.in                                |    2 +-
 source3/include/includes.h                         |    1 +
 source4/libcli/security/config.mk                  |    3 +-
 source4/libcli/security/security.h                 |    1 +
 9 files changed, 103 insertions(+), 8 deletions(-)
 create mode 100644 libcli/samsync/samsync.h
 rename {source4/libcli => libcli}/security/security_descriptor.c (100%)
 create mode 100644 libcli/security/security_descriptor.h


Changeset truncated at 500 lines:

diff --git a/libcli/samsync/config.mk b/libcli/samsync/config.mk
index 69f7983..bea909e 100644
--- a/libcli/samsync/config.mk
+++ b/libcli/samsync/config.mk
@@ -4,7 +4,3 @@ PUBLIC_DEPENDENCIES = \
 
 LIBCLI_SAMSYNC_OBJ_FILES = $(addprefix $(libclicommonsrcdir)/samsync/, \
 		decrypt.o)
-
-PUBLIC_HEADERS += ../libcli/samsync/samsync.h
-
-$(eval $(call proto_header_template,$(libclicommonsrcdir)/samsync/samsync.h,$(LIBCLI_SAMSYNC_OBJ_FILES:.o=.c)))
diff --git a/libcli/samsync/samsync.h b/libcli/samsync/samsync.h
new file mode 100644
index 0000000..df76f1b
--- /dev/null
+++ b/libcli/samsync/samsync.h
@@ -0,0 +1,34 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   Extract the user/system database from a remote SamSync server
+
+   Copyright (C) Guenther Deschner <gd at samba.org> 2008
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef __SAMSYNC_SAMSYNC_H__ 
+#define __SAMSYNC_SAMSYNC_H__ 
+
+/**
+ * Fix up the delta, dealing with encryption issues so that the final
+ * callback need only do the printing or application logic
+ */
+NTSTATUS samsync_fix_delta(TALLOC_CTX *mem_ctx,
+			   struct netlogon_creds_CredentialState *creds,
+			   enum netr_SamDatabaseID database_id,
+			   struct netr_DELTA_ENUM *delta);
+
+#endif /* __SAMSYNC_SAMSYNC_H__ */
diff --git a/libcli/security/config.mk b/libcli/security/config.mk
index 7ade015..060429b 100644
--- a/libcli/security/config.mk
+++ b/libcli/security/config.mk
@@ -2,4 +2,4 @@
 PRIVATE_DEPENDENCIES = TALLOC
 
 LIBSECURITY_COMMON_OBJ_FILES = $(addprefix $(libclicommonsrcdir)/security/, \
-					dom_sid.o display_sec.o secace.o secacl.o)
+					dom_sid.o display_sec.o secace.o secacl.o security_descriptor.o)
diff --git a/source4/libcli/security/security_descriptor.c b/libcli/security/security_descriptor.c
similarity index 100%
rename from source4/libcli/security/security_descriptor.c
rename to libcli/security/security_descriptor.c
diff --git a/libcli/security/security_descriptor.h b/libcli/security/security_descriptor.h
new file mode 100644
index 0000000..c535f5d
--- /dev/null
+++ b/libcli/security/security_descriptor.h
@@ -0,0 +1,64 @@
+/*
+   Unix SMB/CIFS implementation.
+   Samba utility functions
+
+   Copyright (C) 2009 Jelmer Vernooij <jelmer at samba.org>
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef __SECURITY_DESCRIPTOR_H__
+#define __SECURITY_DESCRIPTOR_H__
+
+#include "librpc/gen_ndr/security.h"
+
+struct security_descriptor *security_descriptor_initialise(TALLOC_CTX *mem_ctx);
+struct security_descriptor *security_descriptor_copy(TALLOC_CTX *mem_ctx, 
+						     const struct security_descriptor *osd);
+NTSTATUS security_descriptor_sacl_add(struct security_descriptor *sd,
+				      const struct security_ace *ace);
+NTSTATUS security_descriptor_dacl_add(struct security_descriptor *sd,
+				      const struct security_ace *ace);
+NTSTATUS security_descriptor_dacl_del(struct security_descriptor *sd,
+				      const struct dom_sid *trustee);
+NTSTATUS security_descriptor_sacl_del(struct security_descriptor *sd,
+				      const struct dom_sid *trustee);
+bool security_ace_equal(const struct security_ace *ace1, 
+			const struct security_ace *ace2);
+bool security_acl_equal(const struct security_acl *acl1, 
+			const struct security_acl *acl2);
+bool security_descriptor_equal(const struct security_descriptor *sd1, 
+			       const struct security_descriptor *sd2);
+bool security_descriptor_mask_equal(const struct security_descriptor *sd1, 
+				    const struct security_descriptor *sd2, 
+				    uint32_t mask);
+struct security_descriptor *security_descriptor_append(struct security_descriptor *sd,
+						       ...);
+struct security_descriptor *security_descriptor_dacl_create(TALLOC_CTX *mem_ctx,
+							    uint16_t sd_type,
+							    const char *owner_sid,
+							    const char *group_sid,
+							    ...);
+struct security_descriptor *security_descriptor_sacl_create(TALLOC_CTX *mem_ctx,
+							    uint16_t sd_type,
+							    const char *owner_sid,
+							    const char *group_sid,
+							    ...);
+struct security_ace *security_ace_create(TALLOC_CTX *mem_ctx,
+					 const char *sid_str,
+					 enum security_ace_type type,
+					 uint32_t access_mask,
+					 uint8_t flags);
+
+#endif /* __SECURITY_DESCRIPTOR_H__ */
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 51a469b..ca42d5b 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -388,7 +388,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) $(UTIL_OBJ) $(CRYPTO_OBJ) \
 	  ../libcli/security/secacl.o \
 	  libads/krb5_errs.o lib/system_smbd.o lib/audit.o $(LIBNDR_OBJ) \
 	  lib/file_id.o lib/idmap_cache.o \
-	  ../libcli/security/dom_sid.o
+	  ../libcli/security/dom_sid.o ../libcli/security/security_descriptor.o
 
 LIB_DUMMY_OBJ = lib/dummysmbd.o lib/dummyroot.o
 LIB_NONSMBD_OBJ = $(LIB_OBJ) $(LIB_DUMMY_OBJ)
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 943de8d..596c772 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -702,6 +702,7 @@ enum flush_reason_enum {
 #endif
 #include "libcli/security/secace.h"
 #include "libcli/security/secacl.h"
+#include "libcli/security/security_descriptor.h"
 
 #if defined(HAVE_POSIX_ACLS)
 #include "modules/vfs_posixacl.h"
diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk
index 9d23fe9..d08c25d 100644
--- a/source4/libcli/security/config.mk
+++ b/source4/libcli/security/config.mk
@@ -2,7 +2,6 @@
 PUBLIC_DEPENDENCIES = LIBNDR LIBSECURITY_COMMON
 
 LIBSECURITY_OBJ_FILES = $(addprefix $(libclisrcdir)/security/, \
-					   security_token.o security_descriptor.o \
-					   access_check.o privilege.o sddl.o) \
+					   security_token.o access_check.o privilege.o sddl.o) \
 
 $(eval $(call proto_header_template,$(libclisrcdir)/security/proto.h,$(LIBSECURITY_OBJ_FILES:.o=.c)))
diff --git a/source4/libcli/security/security.h b/source4/libcli/security/security.h
index 2608c9f..6dbbe01 100644
--- a/source4/libcli/security/security.h
+++ b/source4/libcli/security/security.h
@@ -33,3 +33,4 @@ struct auth_session_info;
 #include "libcli/security/secace.h"
 #include "libcli/security/secacl.h"
 #include "libcli/security/proto.h"
+#include "libcli/security/security_descriptor.h"


-- 
Samba Shared Repository


More information about the samba-cvs mailing list