s3-auth Use security_token_debug() from common code

This prints the security token including the privileges as strings
instead of just a bitmap.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

libgpo/gpo_ldap.c

@@ -671,7 +671,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
 
 	*token = new_token;
 
-	debug_nt_user_token(DBGC_CLASS, 5, *token);
+	security_token_debug(DBGC_CLASS, 5, *token);
 
 	return ADS_ERROR_LDAP(LDAP_SUCCESS);
 }

source3/auth/auth_util.c

@@ -516,7 +516,7 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info)
 					&server_info->ptok->num_sids);
 	}
 
-	debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok);
+	security_token_debug(DBGC_AUTH, 10, server_info->ptok);
 	debug_unix_user_token(DBGC_AUTH, 10,
 			      server_info->utok.uid,
 			      server_info->utok.gid,

source3/auth/token_util.c

@@ -641,32 +641,6 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result,
 	return NT_STATUS_OK;
 }
 
-/****************************************************************************
- prints a struct security_token to debug output.
-****************************************************************************/
-
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token)
-{
-	size_t     i;
-
-	if (!token) {
-		DEBUGC(dbg_class, dbg_lev, ("NT user token: (NULL)\n"));
-		return;
-	}
-
-	DEBUGC(dbg_class, dbg_lev,
-	       ("NT user token of user %s\n",
-		sid_string_dbg(&token->sids[0]) ));
-	DEBUGADDC(dbg_class, dbg_lev,
-		  ("contains %lu SIDs\n", (unsigned long)token->num_sids));
-	for (i = 0; i < token->num_sids; i++)
-		DEBUGADDC(dbg_class, dbg_lev,
-			  ("SID[%3lu]: %s\n", (unsigned long)i,
-			   sid_string_dbg(&token->sids[i])));
-
-	DEBUGADDC(dbg_class, dbg_lev,("Privilege mask: 0x%llx\n", (unsigned long long)token->privilege_mask));
-}
-
 /****************************************************************************
  prints a UNIX 'token' to debug output.
 ****************************************************************************/

source3/include/proto.h

@@ -261,7 +261,6 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
 					  struct netr_SamInfo3 *info3,
 					  struct extra_auth_info *extra,
 					  struct security_token **ntok);
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
 void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
 			   int n_groups, gid_t *groups);
 

source3/rpc_server/srv_wkssvc_nt.c

@@ -359,7 +359,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p,
 				    "Users %s:\n",
 				    sid_string_dbg(
 					    &global_sid_Authenticated_Users)));
-			debug_nt_user_token(DBGC_CLASS, 3,
+			security_token_debug(DBGC_CLASS, 3,
 					    p->server_info->ptok);
 			return WERR_ACCESS_DENIED;
 		}
@@ -377,7 +377,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p,
 			DEBUGADD(3,(" - does not have sid for Administrators "
 				    "group %s, sids are:\n",
 				    sid_string_dbg(&global_sid_Builtin_Administrators)));
-			debug_nt_user_token(DBGC_CLASS, 3,
+			security_token_debug(DBGC_CLASS, 3,
 					    p->server_info->ptok);
 			return WERR_ACCESS_DENIED;
 		}
@@ -562,7 +562,7 @@ WERROR _wkssvc_NetWkstaEnumUsers(struct pipes_struct *p,
 		DEBUGADD(3,(" - does not have sid for Administrators group "
 			    "%s\n", sid_string_dbg(
 				    &global_sid_Builtin_Administrators)));
-		debug_nt_user_token(DBGC_CLASS, 3, p->server_info->ptok);
+		security_token_debug(DBGC_CLASS, 3, p->server_info->ptok);
 		return WERR_ACCESS_DENIED;
 	}
 

source3/smbd/sec_ctx.c

@@ -19,6 +19,7 @@
 
 #include "includes.h"
 #include "smbd/globals.h"
+#include "libcli/security/security_token.h"
 
 extern struct current_user current_user;
 
@@ -309,7 +310,7 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct securi
 	DEBUG(3, ("setting sec ctx (%u, %u) - sec_ctx_stack_ndx = %d\n", 
 		(unsigned int)uid, (unsigned int)gid, sec_ctx_stack_ndx));
 
-	debug_nt_user_token(DBGC_CLASS, 5, token);
+	security_token_debug(DBGC_CLASS, 5, token);
 	debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups);
 
 	/* Change uid, gid and supplementary group list. */

source3/utils/net_proto.h

@@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
 					    bool is_guest,
 					    int num_groupsids,
 					    const struct dom_sid *groupsids);
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
 void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
 			   int n_groups, gid_t *groups);
 

source3/winbindd/winbindd_pam.c

@@ -321,7 +321,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
 		return status;
 	}
 
-	debug_nt_user_token(DBGC_CLASS, 10, token);
+	security_token_debug(DBGC_CLASS, 10, token);
 
 	for (i=0; i<num_require_membership_of_sid; i++) {
 		DEBUG(10, ("Checking SID %s\n", sid_string_dbg(

source3/winbindd/winbindd_proto.h

@@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
 					    bool is_guest,
 					    int num_groupsids,
 					    const struct dom_sid *groupsids);
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
 void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
 			   int n_groups, gid_t *groups);