[SCM] Samba Shared Repository - branch v3-6-test updated

Jeremy Allison jra at samba.org
Thu Nov 18 10:59:31 MST 2010 

The branch, v3-6-test has been updated
       via  7c9515c Fix our privileges code to display privileges with the "high" 32-bit value set.
      from  886471d s3: Call sid_check_is_domain instead of dom_sid_equal

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -----------------------------------------------------------------
commit 7c9515cbe26364a5ecfe609f56ac0ee6b6115f67
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Nov 18 09:58:38 2010 -0800

    Fix our privileges code to display privileges with the "high" 32-bit value set.
    
    SeSecurityPrivilege is the first LUID we have added that has a non-zero
    "high" value, ensure our LUID code correctly supports it.
    
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/lib/privileges_basic.c |   20 ++++----------------
 1 files changed, 4 insertions(+), 16 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c
index 5843895..b4aca8e 100644
--- a/source3/lib/privileges_basic.c
+++ b/source3/lib/privileges_basic.c
@@ -408,11 +408,8 @@ const char *luid_to_privilege_name(const struct lsa_LUID *set)
 {
 	int i;
 
-	if (set->high != 0)
-		return NULL;
-
 	for ( i=0; !se_priv_equal(&privs[i].se_priv, &se_priv_end); i++ ) {
-		if ( set->low == privs[i].luid.low ) {
+		if (memcmp(set, &privs[i].luid, sizeof(struct lsa_LUID)) == 0) {
 			return privs[i].name;
 		}
 	}
@@ -437,9 +434,7 @@ static bool privilege_set_add(PRIVILEGE_SET *priv_set, struct lsa_LUIDAttribute
 		return False;
 	}
 
-	new_set[priv_set->count].luid.high = set.luid.high;
-	new_set[priv_set->count].luid.low = set.luid.low;
-	new_set[priv_set->count].attribute = set.attribute;
+	new_set[priv_set->count] = set;
 
 	priv_set->count++;
 	priv_set->set = new_set;
@@ -456,8 +451,7 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask )
 	uint32 num_privs = count_all_privileges();
 	struct lsa_LUIDAttribute luid;
 
-	luid.attribute = 0;
-	luid.luid.high = 0;
+	ZERO_STRUCT(luid);
 
 	for ( i=0; i<num_privs; i++ ) {
 		if ( !is_privilege_assigned(mask, &privs[i].se_priv) )
@@ -481,7 +475,7 @@ static bool luid_to_se_priv( struct lsa_LUID *luid, SE_PRIV *mask )
 	uint32 num_privs = count_all_privileges();
 
 	for ( i=0; i<num_privs; i++ ) {
-		if ( luid->low == privs[i].luid.low ) {
+		if (memcmp(luid, &privs[i].luid, sizeof(struct lsa_LUID)) == 0) {
 			se_priv_copy( mask, &privs[i].se_priv );
 			return True;
 		}
@@ -502,12 +496,6 @@ bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset )
 	for ( i=0; i<privset->count; i++ ) {
 		SE_PRIV r;
 
-		/* sanity check for invalid privilege.  we really
-		   only care about the low 32 bits */
-
-		if ( privset->set[i].luid.high != 0 )
-			return False;
-
 		if ( luid_to_se_priv( &privset->set[i].luid, &r ) )
 			se_priv_add( mask, &r );
 	}


-- 
Samba Shared Repository

More information about the samba-cvs mailing list