[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Tue May 18 05:01:49 MDT 2010
The branch, master has been updated
via d4474ba... s3-secdesc: use SD_REVISION from security.idl.
via a531537... s3-secdesc: move SEC_DESC_HEADER_SIZE to its only user.
via 7f6bb48... s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".
via 8951c83... s3-secdesc: remove "typedef struct security_acl SEC_ACL".
via a8b01d1... s3-secdesc: remove "typedef struct security_ace SEC_ACE".
via 8bc9c34... s3-secdesc: remove "typedef struct sec_desc_buf SEC_DESC_BUF".
from f6445d8... s3-build: fix the build.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d4474ba470a70ce0476156a9399193ec024bb455
Author: Günther Deschner <gd at samba.org>
Date: Tue May 18 12:52:18 2010 +0200
s3-secdesc: use SD_REVISION from security.idl.
Guenther
commit a531537341d874ed2bfa7058ec45417e856bed4e
Author: Günther Deschner <gd at samba.org>
Date: Tue May 18 12:51:35 2010 +0200
s3-secdesc: move SEC_DESC_HEADER_SIZE to its only user.
Guenther
commit 7f6bb48bdf230465fd26514ff43d92e2c1f32fe6
Author: Günther Deschner <gd at samba.org>
Date: Tue May 18 10:29:34 2010 +0200
s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".
Guenther
commit 8951c8301ac8436d49e1641b2cc7775dda44d914
Author: Günther Deschner <gd at samba.org>
Date: Tue May 18 03:30:40 2010 +0200
s3-secdesc: remove "typedef struct security_acl SEC_ACL".
Guenther
commit a8b01d1f3b4025af7e7a9d8b61deec6156737322
Author: Günther Deschner <gd at samba.org>
Date: Tue May 18 03:25:38 2010 +0200
s3-secdesc: remove "typedef struct security_ace SEC_ACE".
Guenther
commit 8bc9c343c4fe4e6f6c0283fd15e86caf6b8c1085
Author: Günther Deschner <gd at samba.org>
Date: Tue May 18 02:56:17 2010 +0200
s3-secdesc: remove "typedef struct sec_desc_buf SEC_DESC_BUF".
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/client/client.c | 2 +-
source3/include/ads_protos.h | 2 +-
source3/include/nt_printing.h | 2 +-
source3/include/proto.h | 90 ++++++++++++++--------------
source3/include/regfio.h | 4 +-
source3/include/rpc_secdes.h | 30 ----------
source3/lib/secdesc.c | 104 +++++++++++++++++----------------
source3/lib/sharesec.c | 28 +++++-----
source3/lib/util_nttoken.c | 2 +-
source3/libads/disp_sec.c | 6 +-
source3/libads/ldap.c | 7 +-
source3/libgpo/gpo_reg.c | 6 +-
source3/libsmb/clisecdesc.c | 6 +-
source3/libsmb/libsmb_xattr.c | 46 +++++++-------
source3/modules/nfs4_acls.c | 24 ++++----
source3/modules/nfs4_acls.h | 6 +-
source3/modules/onefs.h | 10 ++-
source3/modules/onefs_acl.c | 35 ++++++-----
source3/modules/vfs_acl_common.c | 4 +-
source3/modules/vfs_afsacl.c | 20 +++---
source3/modules/vfs_aixacl2.c | 8 +-
source3/modules/vfs_default.c | 8 ++-
source3/modules/vfs_full_audit.c | 6 +-
source3/modules/vfs_gpfs.c | 8 +-
source3/modules/vfs_zfsacl.c | 2 +-
source3/param/loadparm.c | 4 +-
source3/printing/nt_printing.c | 58 +++++++++---------
source3/registry/reg_api.c | 2 +-
source3/registry/reg_dispatcher.c | 12 ++--
source3/registry/regfio.c | 6 +-
source3/rpc_server/srv_eventlog_nt.c | 2 +-
source3/rpc_server/srv_lsa_nt.c | 16 +++---
source3/rpc_server/srv_samr_nt.c | 24 ++++----
source3/rpc_server/srv_spoolss_nt.c | 6 +-
source3/rpc_server/srv_spoolss_util.c | 2 +-
source3/rpc_server/srv_srvsvc_nt.c | 18 +++---
source3/rpc_server/srv_svcctl_nt.c | 18 +++---
source3/rpcclient/cmd_lsarpc.c | 2 +-
source3/rpcclient/cmd_samr.c | 2 +-
source3/rpcclient/cmd_spoolss.c | 2 +-
source3/services/services_db.c | 16 +++---
source3/smbd/nttrans.c | 6 +-
source3/smbd/posix_acls.c | 65 ++++++++++----------
source3/utils/net_rpc.c | 4 +-
source3/utils/net_rpc_printer.c | 2 +-
source3/utils/net_usershare.c | 2 +-
source3/utils/profiles.c | 6 +-
source3/utils/sharesec.c | 45 +++++++-------
source3/utils/smbcacls.c | 61 ++++++++++----------
49 files changed, 414 insertions(+), 433 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/client/client.c b/source3/client/client.c
index 1361715..416a4bb 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -562,7 +562,7 @@ static void display_finfo(file_info *finfo, const char *dir)
afname,
cli_errstr( finfo->cli)));
} else {
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
sd = cli_query_secdesc(finfo->cli, fnum, ctx);
if (!sd) {
DEBUG( 0, ("display_finfo() failed to "
diff --git a/source3/include/ads_protos.h b/source3/include/ads_protos.h
index 97b5728..dc7922f 100644
--- a/source3/include/ads_protos.h
+++ b/source3/include/ads_protos.h
@@ -26,7 +26,7 @@ bool ads_pull_sid(ADS_STRUCT *ads, LDAPMessage *msg, const char *field,
int ads_pull_sids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
LDAPMessage *msg, const char *field, DOM_SID **sids);
bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
- LDAPMessage *msg, const char *field, SEC_DESC **sd);
+ LDAPMessage *msg, const char *field, struct security_descriptor **sd);
char *ads_pull_username(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
LDAPMessage *msg);
int ads_pull_sids_from_extendeddn(ADS_STRUCT *ads,
diff --git a/source3/include/nt_printing.h b/source3/include/nt_printing.h
index 713443a..0241a54 100644
--- a/source3/include/nt_printing.h
+++ b/source3/include/nt_printing.h
@@ -100,7 +100,7 @@ typedef struct nt_printer_info_level_2
fstring datatype;
fstring parameters;
NT_PRINTER_DATA *data;
- SEC_DESC_BUF *secdesc_buf;
+ struct sec_desc_buf *secdesc_buf;
uint32 changeid;
uint32 c_setprinter;
uint32 setuptime;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index eb9c63c..1853fa9 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -523,10 +523,10 @@ bool dbghdr(int level, const char *location, const char *func);
char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type);
void display_sec_access(uint32_t *info);
void display_sec_ace_flags(uint8_t flags);
-void display_sec_ace(SEC_ACE *ace);
-void display_sec_acl(SEC_ACL *sec_acl);
+void display_sec_ace(struct security_ace *ace);
+void display_sec_acl(struct security_acl *sec_acl);
void display_acl_type(uint16 type);
-void display_sec_desc(SEC_DESC *sec);
+void display_sec_desc(struct security_descriptor *sec);
/* The following definitions come from lib/dmallocmsg.c */
@@ -692,15 +692,15 @@ ssize_t drain_socket(int sockfd, size_t count);
/* The following definitions come from lib/secdesc.c */
-uint32_t get_sec_info(const SEC_DESC *sd);
-SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb);
-SEC_DESC_BUF *sec_desc_merge_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb);
-SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
+uint32_t get_sec_info(const struct security_descriptor *sd);
+struct security_descriptor *sec_desc_merge(TALLOC_CTX *ctx, struct security_descriptor *new_sdb, struct security_descriptor *old_sdb);
+struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *new_sdb, struct sec_desc_buf *old_sdb);
+struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx,
enum security_descriptor_revision revision,
uint16 type,
const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size);
-SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src);
+ struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size);
+struct security_descriptor *dup_sec_desc(TALLOC_CTX *ctx, const struct security_descriptor *src);
NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx,
struct security_descriptor *secdesc,
uint8 **data, size_t *len);
@@ -711,24 +711,24 @@ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len,
struct security_descriptor **psecdesc);
NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len,
struct sec_desc_buf **psecdesc_buf);
-SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *dacl, size_t *sd_size);
-SEC_DESC_BUF *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc);
-SEC_DESC_BUF *dup_sec_desc_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *src);
-NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size);
-NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask);
-NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size);
-bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container);
+struct security_descriptor *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
+ struct security_acl *dacl, size_t *sd_size);
+struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, struct security_descriptor *sec_desc);
+struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src);
+NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, uint32 mask, size_t *sd_size);
+NTSTATUS sec_desc_mod_sid(struct security_descriptor *sd, DOM_SID *sid, uint32 mask);
+NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, size_t *sd_size);
+bool sd_has_inheritable_components(const struct security_descriptor *parent_ctr, bool container);
NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
- SEC_DESC **ppsd,
+ struct security_descriptor **ppsd,
size_t *psize,
- const SEC_DESC *parent_ctr,
+ const struct security_descriptor *parent_ctr,
const DOM_SID *owner_sid,
const DOM_SID *group_sid,
bool container);
NTSTATUS se_create_child_secdesc_buf(TALLOC_CTX *ctx,
- SEC_DESC_BUF **ppsdb,
- const SEC_DESC *parent_ctr,
+ struct sec_desc_buf **ppsdb,
+ const struct security_descriptor *parent_ctr,
bool container);
/* The following definitions come from lib/select.c */
@@ -749,14 +749,14 @@ struct named_mutex *grab_named_mutex(TALLOC_CTX *mem_ctx, const char *name,
/* The following definitions come from lib/sharesec.c */
bool share_info_db_init(void);
-SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access);
-SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
+struct security_descriptor *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access);
+struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *servicename,
size_t *psize);
-bool set_share_security(const char *share_name, SEC_DESC *psd);
+bool set_share_security(const char *share_name, struct security_descriptor *psd);
bool delete_share_security(const char *servicename);
bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
uint32 desired_access);
-bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd);
+bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd);
/* The following definitions come from lib/smbldap.c */
@@ -1282,7 +1282,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
const struct nt_user_token *token_1,
const struct nt_user_token *token_2,
struct nt_user_token **token_out);
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
+bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
/* The following definitions come from lib/util_pw.c */
@@ -1304,7 +1304,7 @@ bool pull_reg_multi_sz(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const char **
void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping);
void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping);
void se_map_standard(uint32 *access_mask, struct standard_mapping *mapping);
-NTSTATUS se_access_check(const SEC_DESC *sd, const NT_USER_TOKEN *token,
+NTSTATUS se_access_check(const struct security_descriptor *sd, const NT_USER_TOKEN *token,
uint32 acc_desired, uint32 *acc_granted);
/* The following definitions come from lib/util_sec.c */
@@ -1744,7 +1744,7 @@ bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx,
/* The following definitions come from libads/disp_sec.c */
-void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd);
+void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd);
/* The following definitions come from libads/dns.c */
@@ -2844,9 +2844,9 @@ NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode,
/* The following definitions come from libsmb/clisecdesc.c */
-SEC_DESC *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
+struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
TALLOC_CTX *mem_ctx);
-bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, SEC_DESC *sd);
+bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd);
/* The following definitions come from libsmb/clispnego.c */
@@ -4235,7 +4235,7 @@ enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
char **pp_sharepath,
char **pp_comment,
char **pp_cp_share_name,
- SEC_DESC **ppsd,
+ struct security_descriptor **ppsd,
bool *pallow_guest);
int load_usershare_service(const char *servicename);
int load_usershare_shares(void);
@@ -4793,10 +4793,10 @@ bool printer_driver_files_in_use(TALLOC_CTX *mem_ctx,
WERROR delete_printer_driver(struct pipes_struct *rpc_pipe,
const struct spoolss_DriverInfo8 *r,
uint32 version, bool delete_files );
-WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr);
-bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **secdesc_ctr);
-void map_printer_permissions(SEC_DESC *sd);
-void map_job_permissions(SEC_DESC *sd);
+WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ctr);
+bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, struct sec_desc_buf **secdesc_ctr);
+void map_printer_permissions(struct security_descriptor *sd);
+void map_job_permissions(struct security_descriptor *sd);
bool print_access_check(struct auth_serversupplied_info *server_info, int snum,
int access_type);
bool print_time_access_check(const char *servicename);
@@ -5564,8 +5564,8 @@ bool init_service_op_table( void );
/* The following definitions come from services/services_db.c */
void svcctl_init_keys( void );
-SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
-bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token );
+struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
+bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token );
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
struct regval_ctr *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token );
@@ -6300,18 +6300,18 @@ uint32_t map_canon_ace_perms(int snum,
enum security_ace_type *pacl_type,
mode_t perms,
bool directory_ace);
-NTSTATUS unpack_nt_owners(connection_struct *conn, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const SEC_DESC *psd);
+NTSTATUS unpack_nt_owners(connection_struct *conn, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const struct security_descriptor *psd);
SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl);
NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
- SEC_DESC **ppdesc);
+ struct security_descriptor **ppdesc);
NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name,
- uint32_t security_info, SEC_DESC **ppdesc);
+ uint32_t security_info, struct security_descriptor **ppdesc);
int try_chown(connection_struct *conn, struct smb_filename *smb_fname,
uid_t uid, gid_t gid);
NTSTATUS append_parent_acl(files_struct *fsp,
- const SEC_DESC *pcsd,
- SEC_DESC **pp_new_sd);
-NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd);
+ const struct security_descriptor *pcsd,
+ struct security_descriptor **pp_new_sd);
+NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd);
int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode );
int chmod_acl(connection_struct *conn, const char *name, mode_t mode);
int inherit_access_posix_acl(connection_struct *conn, const char *inherit_from_dir,
@@ -6321,7 +6321,7 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname,
const SMB_STRUCT_STAT *psbuf,
uint16 num_def_acls, const char *pdata);
bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *fname, uint16 num_acls, const char *pdata);
-SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname);
+struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname);
/* The following definitions come from smbd/process.c */
@@ -6818,7 +6818,7 @@ struct tevent_req *fncall_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
int fncall_recv(struct tevent_req *req, int *perr);
/* The following definitions come from rpc_server/srv_samr_nt.c */
-NTSTATUS access_check_object( SEC_DESC *psd, NT_USER_TOKEN *token,
+NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
SE_PRIV *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug);
diff --git a/source3/include/regfio.h b/source3/include/regfio.h
index 61d74d7..840fbcd 100644
--- a/source3/include/regfio.h
+++ b/source3/include/regfio.h
@@ -129,7 +129,7 @@ typedef struct _regf_sk_rec {
uint32 next_sk_off;
uint32 ref_count;
uint32 size;
- SEC_DESC *sec_desc;
+ struct security_descriptor *sec_desc;
} REGF_SK_REC;
/* Key Name */
@@ -217,7 +217,7 @@ REGF_NK_REC* regfio_rootkey( REGF_FILE *file );
REGF_NK_REC* regfio_fetch_subkey( REGF_FILE *file, REGF_NK_REC *nk );
REGF_NK_REC* regfio_write_key ( REGF_FILE *file, const char *name,
struct regval_ctr *values, struct regsubkey_ctr *subkeys,
- SEC_DESC *sec_desc, REGF_NK_REC *parent );
+ struct security_descriptor *sec_desc, REGF_NK_REC *parent );
#endif /* _REGFIO_H */
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 6db3f2d..74c22fc 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -67,36 +67,6 @@
PROTECTED_SACL_SECURITY_INFORMATION|\
PROTECTED_DACL_SECURITY_INFORMATION)
-/* SEC_ACE */
-typedef struct security_ace SEC_ACE;
-
-#ifndef ACL_REVISION
-#define ACL_REVISION 0x3
-#endif
-
-#ifndef _SEC_ACL
-/* SEC_ACL */
-typedef struct security_acl SEC_ACL;
-#define _SEC_ACL
-#endif
-
-#ifndef SEC_DESC_REVISION
-#define SEC_DESC_REVISION 0x1
-#endif
-
-#ifndef _SEC_DESC
-/* SEC_DESC */
-typedef struct security_descriptor SEC_DESC;
-#define SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32))
-#define _SEC_DESC
-#endif
-
-#ifndef _SEC_DESC_BUF
-/* SEC_DESC_BUF */
-typedef struct sec_desc_buf SEC_DESC_BUF;
-#define _SEC_DESC_BUF
-#endif
-
/* A type to describe the mapping of generic access rights to object
specific access rights. */
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index 7f28c87..4964fd5 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -35,7 +35,7 @@ const struct generic_mapping file_generic_mapping = {
Given a security_descriptor return the sec_info.
********************************************************************/
-uint32_t get_sec_info(const SEC_DESC *sd)
+uint32_t get_sec_info(const struct security_descriptor *sd)
{
uint32_t sec_info = ALL_SECURITY_INFORMATION;
@@ -63,12 +63,12 @@ uint32_t get_sec_info(const SEC_DESC *sd)
security descriptor new_sec.
********************************************************************/
-SEC_DESC_BUF *sec_desc_merge_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb)
+struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *new_sdb, struct sec_desc_buf *old_sdb)
{
DOM_SID *owner_sid, *group_sid;
- SEC_DESC_BUF *return_sdb;
- SEC_ACL *dacl, *sacl;
- SEC_DESC *psd = NULL;
+ struct sec_desc_buf *return_sdb;
+ struct security_acl *dacl, *sacl;
+ struct security_descriptor *psd = NULL;
uint16 secdesc_type;
size_t secdesc_size;
@@ -108,11 +108,11 @@ SEC_DESC_BUF *sec_desc_merge_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DES
return(return_sdb);
}
-SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb)
+struct security_descriptor *sec_desc_merge(TALLOC_CTX *ctx, struct security_descriptor *new_sdb, struct security_descriptor *old_sdb)
{
DOM_SID *owner_sid, *group_sid;
- SEC_ACL *dacl, *sacl;
- SEC_DESC *psd = NULL;
+ struct security_acl *dacl, *sacl;
+ struct security_descriptor *psd = NULL;
uint16 secdesc_type;
size_t secdesc_size;
@@ -150,21 +150,23 @@ SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb)
}
/*******************************************************************
- Creates a SEC_DESC structure
+ Creates a struct security_descriptor structure
********************************************************************/
-SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
+#define SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32))
+
+struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx,
enum security_descriptor_revision revision,
uint16 type,
const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size)
+ struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size)
{
- SEC_DESC *dst;
+ struct security_descriptor *dst;
uint32 offset = 0;
*sd_size = 0;
- if(( dst = TALLOC_ZERO_P(ctx, SEC_DESC)) == NULL)
+ if(( dst = TALLOC_ZERO_P(ctx, struct security_descriptor)) == NULL)
return NULL;
dst->revision = revision;
@@ -223,10 +225,10 @@ error_exit:
}
/*******************************************************************
- Duplicate a SEC_DESC structure.
+ Duplicate a struct security_descriptor structure.
********************************************************************/
-SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src)
+struct security_descriptor *dup_sec_desc(TALLOC_CTX *ctx, const struct security_descriptor *src)
{
size_t dummy;
@@ -361,11 +363,11 @@ NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len,
}
/*******************************************************************
- Creates a SEC_DESC structure with typical defaults.
+ Creates a struct security_descriptor structure with typical defaults.
********************************************************************/
-SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *dacl, size_t *sd_size)
+struct security_descriptor *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
+ struct security_acl *dacl, size_t *sd_size)
{
return make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, NULL,
@@ -373,14 +375,14 @@ SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, cons
}
/*******************************************************************
- Creates a SEC_DESC_BUF structure.
+ Creates a struct sec_desc_buf structure.
********************************************************************/
-SEC_DESC_BUF *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc)
+struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, struct security_descriptor *sec_desc)
{
- SEC_DESC_BUF *dst;
+ struct sec_desc_buf *dst;
- if((dst = TALLOC_ZERO_P(ctx, SEC_DESC_BUF)) == NULL)
+ if((dst = TALLOC_ZERO_P(ctx, struct sec_desc_buf)) == NULL)
return NULL;
/* max buffer size (allocated size) */
@@ -394,10 +396,10 @@ SEC_DESC_BUF *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc)
}
/*******************************************************************
- Duplicates a SEC_DESC_BUF structure.
+ Duplicates a struct sec_desc_buf structure.
********************************************************************/
-SEC_DESC_BUF *dup_sec_desc_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *src)
+struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src)
{
if(src == NULL)
return NULL;
@@ -406,14 +408,14 @@ SEC_DESC_BUF *dup_sec_desc_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *src)
}
/*******************************************************************
- Add a new SID with its permissions to SEC_DESC.
+ Add a new SID with its permissions to struct security_descriptor.
********************************************************************/
-NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size)
+NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, uint32 mask, size_t *sd_size)
{
- SEC_DESC *sd = 0;
- SEC_ACL *dacl = 0;
- SEC_ACE *ace = 0;
+ struct security_descriptor *sd = 0;
+ struct security_acl *dacl = 0;
+ struct security_ace *ace = 0;
NTSTATUS status;
if (!ctx || !psd || !sid || !sd_size)
@@ -439,10 +441,10 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
}
/*******************************************************************
- Modify a SID's permissions in a SEC_DESC.
+ Modify a SID's permissions in a struct security_descriptor.
********************************************************************/
-NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask)
+NTSTATUS sec_desc_mod_sid(struct security_descriptor *sd, DOM_SID *sid, uint32 mask)
{
NTSTATUS status;
@@ -458,14 +460,14 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask)
}
/*******************************************************************
- Delete a SID from a SEC_DESC.
+ Delete a SID from a struct security_descriptor.
********************************************************************/
-NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size)
+NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, size_t *sd_size)
{
- SEC_DESC *sd = 0;
- SEC_ACL *dacl = 0;
- SEC_ACE *ace = 0;
+ struct security_descriptor *sd = 0;
+ struct security_acl *dacl = 0;
+ struct security_ace *ace = 0;
NTSTATUS status;
--
Samba Shared Repository
More information about the samba-cvs
mailing list