[SCM] Samba Shared Repository - branch master updated

Günther Deschner gd at samba.org
Mon Jun 7 02:34:46 MDT 2010 

The branch, master has been updated
       via  4591fdb... s3-privileges: use LUID defines from lsa IDL.
      from  f769671... Fix bug with incorrect flag values for inherited ace in some cases.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 4591fdbc18b0d7a1117de196675067e88bc341b7
Author: Günther Deschner <gd at samba.org>
Date:   Sat Jun 5 02:39:11 2010 +0200

    s3-privileges: use LUID defines from lsa IDL.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/include/privileges.h    |   16 ++++------------
 source3/include/proto.h         |    6 +++---
 source3/lib/privileges.c        |    8 ++++----
 source3/lib/privileges_basic.c  |   22 +++++++++++-----------
 source3/rpc_server/srv_lsa_nt.c |   10 ++++------
 5 files changed, 26 insertions(+), 36 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/privileges.h b/source3/include/privileges.h
index 57d3fc0..35fccd3 100644
--- a/source3/include/privileges.h
+++ b/source3/include/privileges.h
@@ -25,6 +25,8 @@
 #ifndef PRIVILEGES_H
 #define PRIVILEGES_H
 
+#include "../librpc/gen_ndr/lsa.h"
+
 /* privilege bitmask */
 
 #define SE_PRIV_MASKSIZE 4
@@ -79,28 +81,18 @@ extern const SE_PRIV se_take_ownership;
  */
 
 typedef struct {
-	uint32 high;
-	uint32 low;
-} LUID;
-
-typedef struct {
-	LUID luid;
-	uint32 attr;
-} LUID_ATTR;
-
-typedef struct {
 	TALLOC_CTX *mem_ctx;
 	bool ext_ctx;
 	uint32 count;
 	uint32 control;
-	LUID_ATTR *set;
+	struct lsa_LUIDAttribute *set;
 } PRIVILEGE_SET;
 
 typedef struct {
 	SE_PRIV se_priv;
 	const char *name;
 	const char *description;
-	LUID luid;
+	struct lsa_LUID luid;
 } PRIVS;
 
 #endif /* PRIVILEGES_H */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 41ab440..86a725a 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -694,7 +694,7 @@ NTSTATUS privilege_delete_account(const struct dom_sid *sid);
 NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set);
 NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set);
 void privilege_set_free(PRIVILEGE_SET *priv_set);
-NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la, int count);
+NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la, struct lsa_LUIDAttribute *old_la, int count);
 bool is_privileged_sid( const struct dom_sid *sid );
 bool grant_all_privileges( const struct dom_sid *sid );
 
@@ -713,8 +713,8 @@ const char* get_privilege_dispname( const char *name );
 bool user_has_privileges(const NT_USER_TOKEN *token, const SE_PRIV *privilege);
 bool user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege);
 int count_all_privileges( void );
-LUID_ATTR get_privilege_luid( SE_PRIV *mask );
-const char *luid_to_privilege_name(const LUID *set);
+struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask );
+const char *luid_to_privilege_name(const struct lsa_LUID *set);
 bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask );
 bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset );
 
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 6da8aaa..86f8490 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -441,7 +441,7 @@ void privilege_set_free(PRIVILEGE_SET *priv_set)
  duplicate alloc luid_attr
  ****************************************************************************/
 
-NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la, int count)
+NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la, struct lsa_LUIDAttribute *old_la, int count)
 {
 	int i;
 
@@ -449,9 +449,9 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l
 		return NT_STATUS_OK;
 
 	if (count) {
-		*new_la = TALLOC_ARRAY(mem_ctx, LUID_ATTR, count);
+		*new_la = TALLOC_ARRAY(mem_ctx, struct lsa_LUIDAttribute, count);
 		if ( !*new_la ) {
-			DEBUG(0,("dup_luid_attr: failed to alloc new LUID_ATTR array [%d]\n", count));
+			DEBUG(0,("dup_luid_attr: failed to alloc new struct lsa_LUIDAttribute array [%d]\n", count));
 			return NT_STATUS_NO_MEMORY;
 		}
 	} else {
@@ -461,7 +461,7 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l
 	for (i=0; i<count; i++) {
 		(*new_la)[i].luid.high = old_la[i].luid.high;
 		(*new_la)[i].luid.low = old_la[i].luid.low;
-		(*new_la)[i].attr = old_la[i].attr;
+		(*new_la)[i].attribute = old_la[i].attribute;
 	}
 
 	return NT_STATUS_OK;
diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c
index 323983b..d174c70 100644
--- a/source3/lib/privileges_basic.c
+++ b/source3/lib/privileges_basic.c
@@ -310,7 +310,7 @@ static bool is_any_privilege_assigned( SE_PRIV *privileges, const SE_PRIV *check
 }
 
 /*********************************************************************
- Generate the LUID_ATTR structure based on a bitmask
+ Generate the struct lsa_LUIDAttribute structure based on a bitmask
 *********************************************************************/
 
 const char* get_privilege_dispname( const char *name )
@@ -375,14 +375,14 @@ int count_all_privileges( void )
 
 
 /*********************************************************************
- Generate the LUID_ATTR structure based on a bitmask
+ Generate the struct lsa_LUIDAttribute structure based on a bitmask
  The assumption here is that the privilege has already been validated
  so we are guaranteed to find it in the list.
 *********************************************************************/
 
-LUID_ATTR get_privilege_luid( SE_PRIV *mask )
+struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask )
 {
-	LUID_ATTR priv_luid;
+	struct lsa_LUIDAttribute priv_luid;
 	int i;
 
 	ZERO_STRUCT( priv_luid );
@@ -402,7 +402,7 @@ LUID_ATTR get_privilege_luid( SE_PRIV *mask )
  Convert a LUID to a named string
 ****************************************************************************/
 
-const char *luid_to_privilege_name(const LUID *set)
+const char *luid_to_privilege_name(const struct lsa_LUID *set)
 {
 	int i;
 
@@ -423,13 +423,13 @@ const char *luid_to_privilege_name(const LUID *set)
  add a privilege to a privilege array
  ****************************************************************************/
 
-static bool privilege_set_add(PRIVILEGE_SET *priv_set, LUID_ATTR set)
+static bool privilege_set_add(PRIVILEGE_SET *priv_set, struct lsa_LUIDAttribute set)
 {
-	LUID_ATTR *new_set;
+	struct lsa_LUIDAttribute *new_set;
 
 	/* we can allocate memory to add the new privilege */
 
-	new_set = TALLOC_REALLOC_ARRAY(priv_set->mem_ctx, priv_set->set, LUID_ATTR, priv_set->count + 1);
+	new_set = TALLOC_REALLOC_ARRAY(priv_set->mem_ctx, priv_set->set, struct lsa_LUIDAttribute, priv_set->count + 1);
 	if ( !new_set ) {
 		DEBUG(0,("privilege_set_add: failed to allocate memory!\n"));
 		return False;
@@ -437,7 +437,7 @@ static bool privilege_set_add(PRIVILEGE_SET *priv_set, LUID_ATTR set)
 
 	new_set[priv_set->count].luid.high = set.luid.high;
 	new_set[priv_set->count].luid.low = set.luid.low;
-	new_set[priv_set->count].attr = set.attr;
+	new_set[priv_set->count].attribute = set.attribute;
 
 	priv_set->count++;
 	priv_set->set = new_set;
@@ -452,9 +452,9 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask )
 {
 	int i;
 	uint32 num_privs = count_all_privileges();
-	LUID_ATTR luid;
+	struct lsa_LUIDAttribute luid;
 
-	luid.attr = 0;
+	luid.attribute = 0;
 	luid.luid.high = 0;
 
 	for ( i=0; i<num_privs; i++ ) {
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index fffb912..fce0565 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1449,7 +1449,7 @@ NTSTATUS _lsa_EnumPrivs(pipes_struct *p,
 	uint32 enum_context = *r->in.resume_handle;
 	int num_privs = count_all_privileges();
 	struct lsa_PrivEntry *entries = NULL;
-	LUID_ATTR luid;
+	struct lsa_LUIDAttribute luid;
 
 	/* remember that the enum_context starts at 0 and not 1 */
 
@@ -1873,9 +1873,7 @@ NTSTATUS _lsa_EnumPrivsAccount(pipes_struct *p,
 		}
 
 		for (i=0; i<privileges.count; i++) {
-			luid_attrs[i].luid.low = privileges.set[i].luid.low;
-			luid_attrs[i].luid.high = privileges.set[i].luid.high;
-			luid_attrs[i].attribute = privileges.set[i].attr;
+			luid_attrs[i] = privileges.set[i];
 		}
 
 		priv_set->count = privileges.count;
@@ -2086,7 +2084,7 @@ NTSTATUS _lsa_LookupPrivName(pipes_struct *p,
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	name = luid_to_privilege_name((LUID *)r->in.luid);
+	name = luid_to_privilege_name(r->in.luid);
 	if (!name) {
 		return NT_STATUS_NO_SUCH_PRIVILEGE;
 	}
@@ -2401,7 +2399,7 @@ NTSTATUS _lsa_LookupPrivValue(pipes_struct *p,
 {
 	struct lsa_info *info = NULL;
 	const char *name = NULL;
-	LUID_ATTR priv_luid;
+	struct lsa_LUIDAttribute priv_luid;
 	SE_PRIV mask;
 
 	/* find the connection policy handle. */


-- 
Samba Shared Repository

More information about the samba-cvs mailing list