mirror of
https://github.com/samba-team/samba.git
synced 2025-01-08 21:18:16 +03:00
s3-auth Use security_token_debug() from common code
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
parent
58cf83732a
commit
170b345e0c
@ -671,7 +671,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
|
||||
|
||||
*token = new_token;
|
||||
|
||||
debug_nt_user_token(DBGC_CLASS, 5, *token);
|
||||
security_token_debug(DBGC_CLASS, 5, *token);
|
||||
|
||||
return ADS_ERROR_LDAP(LDAP_SUCCESS);
|
||||
}
|
||||
|
@ -516,7 +516,7 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info)
|
||||
&server_info->ptok->num_sids);
|
||||
}
|
||||
|
||||
debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok);
|
||||
security_token_debug(DBGC_AUTH, 10, server_info->ptok);
|
||||
debug_unix_user_token(DBGC_AUTH, 10,
|
||||
server_info->utok.uid,
|
||||
server_info->utok.gid,
|
||||
|
@ -641,32 +641,6 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result,
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
prints a struct security_token to debug output.
|
||||
****************************************************************************/
|
||||
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if (!token) {
|
||||
DEBUGC(dbg_class, dbg_lev, ("NT user token: (NULL)\n"));
|
||||
return;
|
||||
}
|
||||
|
||||
DEBUGC(dbg_class, dbg_lev,
|
||||
("NT user token of user %s\n",
|
||||
sid_string_dbg(&token->sids[0]) ));
|
||||
DEBUGADDC(dbg_class, dbg_lev,
|
||||
("contains %lu SIDs\n", (unsigned long)token->num_sids));
|
||||
for (i = 0; i < token->num_sids; i++)
|
||||
DEBUGADDC(dbg_class, dbg_lev,
|
||||
("SID[%3lu]: %s\n", (unsigned long)i,
|
||||
sid_string_dbg(&token->sids[i])));
|
||||
|
||||
DEBUGADDC(dbg_class, dbg_lev,("Privilege mask: 0x%llx\n", (unsigned long long)token->privilege_mask));
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
prints a UNIX 'token' to debug output.
|
||||
****************************************************************************/
|
||||
|
@ -261,7 +261,6 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
|
||||
struct netr_SamInfo3 *info3,
|
||||
struct extra_auth_info *extra,
|
||||
struct security_token **ntok);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
|
||||
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
|
||||
int n_groups, gid_t *groups);
|
||||
|
||||
|
@ -359,7 +359,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p,
|
||||
"Users %s:\n",
|
||||
sid_string_dbg(
|
||||
&global_sid_Authenticated_Users)));
|
||||
debug_nt_user_token(DBGC_CLASS, 3,
|
||||
security_token_debug(DBGC_CLASS, 3,
|
||||
p->server_info->ptok);
|
||||
return WERR_ACCESS_DENIED;
|
||||
}
|
||||
@ -377,7 +377,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p,
|
||||
DEBUGADD(3,(" - does not have sid for Administrators "
|
||||
"group %s, sids are:\n",
|
||||
sid_string_dbg(&global_sid_Builtin_Administrators)));
|
||||
debug_nt_user_token(DBGC_CLASS, 3,
|
||||
security_token_debug(DBGC_CLASS, 3,
|
||||
p->server_info->ptok);
|
||||
return WERR_ACCESS_DENIED;
|
||||
}
|
||||
@ -562,7 +562,7 @@ WERROR _wkssvc_NetWkstaEnumUsers(struct pipes_struct *p,
|
||||
DEBUGADD(3,(" - does not have sid for Administrators group "
|
||||
"%s\n", sid_string_dbg(
|
||||
&global_sid_Builtin_Administrators)));
|
||||
debug_nt_user_token(DBGC_CLASS, 3, p->server_info->ptok);
|
||||
security_token_debug(DBGC_CLASS, 3, p->server_info->ptok);
|
||||
return WERR_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
|
@ -19,6 +19,7 @@
|
||||
|
||||
#include "includes.h"
|
||||
#include "smbd/globals.h"
|
||||
#include "libcli/security/security_token.h"
|
||||
|
||||
extern struct current_user current_user;
|
||||
|
||||
@ -309,7 +310,7 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct securi
|
||||
DEBUG(3, ("setting sec ctx (%u, %u) - sec_ctx_stack_ndx = %d\n",
|
||||
(unsigned int)uid, (unsigned int)gid, sec_ctx_stack_ndx));
|
||||
|
||||
debug_nt_user_token(DBGC_CLASS, 5, token);
|
||||
security_token_debug(DBGC_CLASS, 5, token);
|
||||
debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups);
|
||||
|
||||
/* Change uid, gid and supplementary group list. */
|
||||
|
@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
|
||||
bool is_guest,
|
||||
int num_groupsids,
|
||||
const struct dom_sid *groupsids);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
|
||||
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
|
||||
int n_groups, gid_t *groups);
|
||||
|
||||
|
@ -321,7 +321,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
|
||||
return status;
|
||||
}
|
||||
|
||||
debug_nt_user_token(DBGC_CLASS, 10, token);
|
||||
security_token_debug(DBGC_CLASS, 10, token);
|
||||
|
||||
for (i=0; i<num_require_membership_of_sid; i++) {
|
||||
DEBUG(10, ("Checking SID %s\n", sid_string_dbg(
|
||||
|
@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
|
||||
bool is_guest,
|
||||
int num_groupsids,
|
||||
const struct dom_sid *groupsids);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
|
||||
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
|
||||
int n_groups, gid_t *groups);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user