mirror of
https://github.com/samba-team/samba.git
synced 2025-02-02 09:47:23 +03:00
s3-secdesc: remove "typedef struct security_ace SEC_ACE".
Guenther
This commit is contained in:
Günther Deschner
parent
8bc9c343c4
commit
a8b01d1f3b
@ -523,7 +523,7 @@ bool dbghdr(int level, const char *location, const char *func);
|
||||
char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type);
|
||||
void display_sec_access(uint32_t *info);
|
||||
void display_sec_ace_flags(uint8_t flags);
|
||||
void display_sec_ace(SEC_ACE *ace);
|
||||
void display_sec_ace(struct security_ace *ace);
|
||||
void display_sec_acl(SEC_ACL *sec_acl);
|
||||
void display_acl_type(uint16 type);
|
||||
void display_sec_desc(SEC_DESC *sec);
|
||||
@ -1282,7 +1282,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
|
||||
const struct nt_user_token *token_1,
|
||||
const struct nt_user_token *token_2,
|
||||
struct nt_user_token **token_out);
|
||||
bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
|
||||
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
|
||||
|
||||
/* The following definitions come from lib/util_pw.c */
|
||||
|
||||
|
||||
@ -67,13 +67,6 @@
|
||||
PROTECTED_SACL_SECURITY_INFORMATION|\
|
||||
PROTECTED_DACL_SECURITY_INFORMATION)
|
||||
|
||||
/* SEC_ACE */
|
||||
typedef struct security_ace SEC_ACE;
|
||||
|
||||
#ifndef ACL_REVISION
|
||||
#define ACL_REVISION 0x3
|
||||
#endif
|
||||
|
||||
#ifndef _SEC_ACL
|
||||
/* SEC_ACL */
|
||||
typedef struct security_acl SEC_ACL;
|
||||
|
||||
@ -413,7 +413,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
|
||||
{
|
||||
SEC_DESC *sd = 0;
|
||||
SEC_ACL *dacl = 0;
|
||||
SEC_ACE *ace = 0;
|
||||
struct security_ace *ace = 0;
|
||||
NTSTATUS status;
|
||||
|
||||
if (!ctx || !psd || !sid || !sd_size)
|
||||
@ -465,7 +465,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
|
||||
{
|
||||
SEC_DESC *sd = 0;
|
||||
SEC_ACL *dacl = 0;
|
||||
SEC_ACE *ace = 0;
|
||||
struct security_ace *ace = 0;
|
||||
NTSTATUS status;
|
||||
|
||||
if (!ctx || !psd[0] || !sid || !sd_size)
|
||||
@ -491,10 +491,10 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
|
||||
}
|
||||
|
||||
/*
|
||||
* Determine if an ACE is inheritable
|
||||
* Determine if an struct security_ace is inheritable
|
||||
*/
|
||||
|
||||
static bool is_inheritable_ace(const SEC_ACE *ace,
|
||||
static bool is_inheritable_ace(const struct security_ace *ace,
|
||||
bool container)
|
||||
{
|
||||
if (!container) {
|
||||
@ -524,7 +524,7 @@ bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container)
|
||||
const SEC_ACL *the_acl = parent_ctr->dacl;
|
||||
|
||||
for (i = 0; i < the_acl->num_aces; i++) {
|
||||
const SEC_ACE *ace = &the_acl->aces[i];
|
||||
const struct security_ace *ace = &the_acl->aces[i];
|
||||
|
||||
if (is_inheritable_ace(ace, container)) {
|
||||
return true;
|
||||
@ -546,7 +546,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
|
||||
bool container)
|
||||
{
|
||||
SEC_ACL *new_dacl = NULL, *the_acl = NULL;
|
||||
SEC_ACE *new_ace_list = NULL;
|
||||
struct security_ace *new_ace_list = NULL;
|
||||
unsigned int new_ace_list_ndx = 0, i;
|
||||
|
||||
*ppsd = NULL;
|
||||
@ -563,7 +563,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
if (!(new_ace_list = TALLOC_ARRAY(ctx, SEC_ACE,
|
||||
if (!(new_ace_list = TALLOC_ARRAY(ctx, struct security_ace,
|
||||
2*the_acl->num_aces))) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -572,8 +572,8 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
|
||||
}
|
||||
|
||||
for (i = 0; i < the_acl->num_aces; i++) {
|
||||
const SEC_ACE *ace = &the_acl->aces[i];
|
||||
SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx];
|
||||
const struct security_ace *ace = &the_acl->aces[i];
|
||||
struct security_ace *new_ace = &new_ace_list[new_ace_list_ndx];
|
||||
const DOM_SID *ptrustee = &ace->trustee;
|
||||
const DOM_SID *creator = NULL;
|
||||
uint8 new_flags = ace->flags;
|
||||
|
||||
@ -228,7 +228,7 @@ bool share_info_db_init(void)
|
||||
SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access)
|
||||
{
|
||||
uint32_t sa;
|
||||
SEC_ACE ace;
|
||||
struct security_ace ace;
|
||||
SEC_ACL *psa = NULL;
|
||||
SEC_DESC *psd = NULL;
|
||||
uint32 spec_access = def_access;
|
||||
@ -435,7 +435,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
|
||||
size_t s_size = 0;
|
||||
const char *pacl = acl_str;
|
||||
int num_aces = 0;
|
||||
SEC_ACE *ace_list = NULL;
|
||||
struct security_ace *ace_list = NULL;
|
||||
SEC_ACL *psa = NULL;
|
||||
SEC_DESC *psd = NULL;
|
||||
size_t sd_size = 0;
|
||||
@ -458,7 +458,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
|
||||
/* Add the number of ',' characters to get the number of aces. */
|
||||
num_aces += count_chars(pacl,',');
|
||||
|
||||
ace_list = TALLOC_ARRAY(ctx, SEC_ACE, num_aces);
|
||||
ace_list = TALLOC_ARRAY(ctx, struct security_ace, num_aces);
|
||||
if (!ace_list) {
|
||||
return False;
|
||||
}
|
||||
|
||||
@ -117,7 +117,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
/*******************************************************************
|
||||
Check if this ACE has a SID in common with the token.
|
||||
Check if this struct security_ace has a SID in common with the token.
|
||||
********************************************************************/
|
||||
|
||||
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
|
||||
|
||||
@ -129,7 +129,7 @@ static void ads_disp_sec_ace_object(ADS_STRUCT *ads,
|
||||
}
|
||||
|
||||
/* display ACE */
|
||||
static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_ACE *sec_ace)
|
||||
static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace *sec_ace)
|
||||
{
|
||||
const char *access_type = "UNKNOWN";
|
||||
|
||||
|
||||
@ -691,7 +691,7 @@ static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx,
|
||||
struct security_descriptor **sd,
|
||||
size_t *sd_size)
|
||||
{
|
||||
SEC_ACE ace[6];
|
||||
struct security_ace ace[6];
|
||||
uint32_t mask;
|
||||
|
||||
SEC_ACL *theacl = NULL;
|
||||
|
||||
@ -54,8 +54,8 @@ find_lsa_pipe_hnd(struct cli_state *ipc_cli)
|
||||
*/
|
||||
|
||||
static int
|
||||
ace_compare(SEC_ACE *ace1,
|
||||
SEC_ACE *ace2)
|
||||
ace_compare(struct security_ace *ace1,
|
||||
struct security_ace *ace2)
|
||||
{
|
||||
bool b1;
|
||||
bool b2;
|
||||
@ -136,7 +136,7 @@ ace_compare(SEC_ACE *ace1,
|
||||
return ace1->size - ace2->size;
|
||||
}
|
||||
|
||||
return memcmp(ace1, ace2, sizeof(SEC_ACE));
|
||||
return memcmp(ace1, ace2, sizeof(struct security_ace));
|
||||
}
|
||||
|
||||
|
||||
@ -249,11 +249,11 @@ done:
|
||||
}
|
||||
|
||||
|
||||
/* parse an ACE in the same format as print_ace() */
|
||||
/* parse an struct security_ace in the same format as print_ace() */
|
||||
static bool
|
||||
parse_ace(struct cli_state *ipc_cli,
|
||||
struct policy_handle *pol,
|
||||
SEC_ACE *ace,
|
||||
struct security_ace *ace,
|
||||
bool numeric,
|
||||
char *str)
|
||||
{
|
||||
@ -386,26 +386,26 @@ done:
|
||||
return true;
|
||||
}
|
||||
|
||||
/* add an ACE to a list of ACEs in a SEC_ACL */
|
||||
/* add an struct security_ace to a list of struct security_aces in a SEC_ACL */
|
||||
static bool
|
||||
add_ace(SEC_ACL **the_acl,
|
||||
SEC_ACE *ace,
|
||||
struct security_ace *ace,
|
||||
TALLOC_CTX *ctx)
|
||||
{
|
||||
SEC_ACL *newacl;
|
||||
SEC_ACE *aces;
|
||||
struct security_ace *aces;
|
||||
|
||||
if (! *the_acl) {
|
||||
(*the_acl) = make_sec_acl(ctx, 3, 1, ace);
|
||||
return True;
|
||||
}
|
||||
|
||||
if ((aces = SMB_CALLOC_ARRAY(SEC_ACE,
|
||||
if ((aces = SMB_CALLOC_ARRAY(struct security_ace,
|
||||
1+(*the_acl)->num_aces)) == NULL) {
|
||||
return False;
|
||||
}
|
||||
memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
|
||||
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
|
||||
memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct security_ace));
|
||||
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
|
||||
newacl = make_sec_acl(ctx, (*the_acl)->revision,
|
||||
1+(*the_acl)->num_aces, aces);
|
||||
SAFE_FREE(aces);
|
||||
@ -503,7 +503,7 @@ sec_desc_parse(TALLOC_CTX *ctx,
|
||||
}
|
||||
|
||||
if (StrnCaseCmp(tok,"ACL:", 4) == 0) {
|
||||
SEC_ACE ace;
|
||||
struct security_ace ace;
|
||||
if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
|
||||
DEBUG(5, ("Failed to parse ACL %s\n", tok));
|
||||
goto done;
|
||||
@ -516,7 +516,7 @@ sec_desc_parse(TALLOC_CTX *ctx,
|
||||
}
|
||||
|
||||
if (StrnCaseCmp(tok,"ACL+:", 5) == 0) {
|
||||
SEC_ACE ace;
|
||||
struct security_ace ace;
|
||||
if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
|
||||
DEBUG(5, ("Failed to parse ACL %s\n", tok));
|
||||
goto done;
|
||||
@ -1053,7 +1053,7 @@ cacl_get(SMBCCTX *context,
|
||||
/* Add aces to value buffer */
|
||||
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
|
||||
|
||||
SEC_ACE *ace = &sd->dacl->aces[i];
|
||||
struct security_ace *ace = &sd->dacl->aces[i];
|
||||
convert_sid_to_string(ipc_cli, pol,
|
||||
sidstr, numeric,
|
||||
&ace->trustee);
|
||||
|
||||
@ -200,13 +200,13 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */
|
||||
DOM_SID *psid_owner, /* in */
|
||||
DOM_SID *psid_group, /* in */
|
||||
bool is_directory, /* in */
|
||||
SEC_ACE **ppnt_ace_list, /* out */
|
||||
struct security_ace **ppnt_ace_list, /* out */
|
||||
int *pgood_aces /* out */
|
||||
)
|
||||
{
|
||||
SMB_ACL4_INT_T *aclint = (SMB_ACL4_INT_T *)theacl;
|
||||
SMB_ACE4_INT_T *aceint;
|
||||
SEC_ACE *nt_ace_list = NULL;
|
||||
struct security_ace *nt_ace_list = NULL;
|
||||
int good_aces = 0;
|
||||
|
||||
DEBUG(10, ("smbacl_nfs42win entered\n"));
|
||||
@ -214,7 +214,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */
|
||||
aclint = get_validated_aclint(theacl);
|
||||
/* We do not check for naces being 0 or theacl being NULL here because it is done upstream */
|
||||
/* in smb_get_nt_acl_nfs4(). */
|
||||
nt_ace_list = (SEC_ACE *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(SEC_ACE));
|
||||
nt_ace_list = (struct security_ace *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(struct security_ace));
|
||||
if (nt_ace_list==NULL)
|
||||
{
|
||||
DEBUG(10, ("talloc error"));
|
||||
@ -295,7 +295,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
|
||||
int good_aces = 0;
|
||||
DOM_SID sid_owner, sid_group;
|
||||
size_t sd_size = 0;
|
||||
SEC_ACE *nt_ace_list = NULL;
|
||||
struct security_ace *nt_ace_list = NULL;
|
||||
SEC_ACL *psa = NULL;
|
||||
TALLOC_CTX *mem_ctx = talloc_tos();
|
||||
|
||||
@ -543,7 +543,7 @@ static bool smbacl4_fill_ace4(
|
||||
smbacl4_vfs_params *params,
|
||||
uid_t ownerUID,
|
||||
gid_t ownerGID,
|
||||
const SEC_ACE *ace_nt, /* input */
|
||||
const struct security_ace *ace_nt, /* input */
|
||||
SMB_ACE4PROP_T *ace_v4 /* output */
|
||||
)
|
||||
{
|
||||
|
||||
@ -167,7 +167,7 @@ sid_in_ignore_list(DOM_SID * sid, int snum)
|
||||
* Convert a trustee to a struct identity
|
||||
*/
|
||||
static bool
|
||||
onefs_samba_ace_to_ace(SEC_ACE * samba_ace, struct ifs_ace * ace,
|
||||
onefs_samba_ace_to_ace(struct security_ace * samba_ace, struct ifs_ace * ace,
|
||||
bool *mapped, int snum)
|
||||
{
|
||||
struct ifs_identity ident = {.type=IFS_ID_TYPE_LAST, .id.uid=0};
|
||||
@ -240,7 +240,7 @@ onefs_samba_acl_to_acl(SEC_ACL *samba_acl, struct ifs_security_acl **acl,
|
||||
{
|
||||
int num_aces = 0;
|
||||
struct ifs_ace *aces = NULL;
|
||||
SEC_ACE *samba_aces;
|
||||
struct security_ace *samba_aces;
|
||||
bool mapped;
|
||||
int i, j;
|
||||
|
||||
@ -292,7 +292,7 @@ err_free:
|
||||
static bool
|
||||
onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl)
|
||||
{
|
||||
SEC_ACE *samba_aces = NULL;
|
||||
struct security_ace *samba_aces = NULL;
|
||||
SEC_ACL *tmp_samba_acl = NULL;
|
||||
int i, num_aces = 0;
|
||||
|
||||
@ -313,13 +313,13 @@ onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl)
|
||||
|
||||
/* Allocate the ace list. */
|
||||
if (num_aces > 0) {
|
||||
if ((samba_aces = SMB_MALLOC_ARRAY(SEC_ACE, num_aces)) == NULL)
|
||||
if ((samba_aces = SMB_MALLOC_ARRAY(struct security_ace, num_aces)) == NULL)
|
||||
{
|
||||
DEBUG(0, ("Unable to malloc space for %d aces.\n",
|
||||
num_aces));
|
||||
return false;
|
||||
}
|
||||
memset(samba_aces, '\0', (num_aces) * sizeof(SEC_ACE));
|
||||
memset(samba_aces, '\0', (num_aces) * sizeof(struct security_ace));
|
||||
}
|
||||
|
||||
for (i = 0; i < num_aces; i++) {
|
||||
|
||||
@ -528,7 +528,7 @@ static struct static_dir_ace_mapping {
|
||||
{ 0, 0, 0, 9999 }
|
||||
};
|
||||
|
||||
static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace)
|
||||
static uint32 nt_to_afs_dir_rights(const char *filename, const struct security_ace *ace)
|
||||
{
|
||||
uint32 result = 0;
|
||||
uint32 rights = ace->access_mask;
|
||||
@ -569,7 +569,7 @@ static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace)
|
||||
return result;
|
||||
}
|
||||
|
||||
static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace)
|
||||
static uint32 nt_to_afs_file_rights(const char *filename, const struct security_ace *ace)
|
||||
{
|
||||
uint32 result = 0;
|
||||
uint32 rights = ace->access_mask;
|
||||
@ -590,7 +590,7 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl,
|
||||
uint32 security_info,
|
||||
struct security_descriptor **ppdesc)
|
||||
{
|
||||
SEC_ACE *nt_ace_list;
|
||||
struct security_ace *nt_ace_list;
|
||||
DOM_SID owner_sid, group_sid;
|
||||
SEC_ACL *psa = NULL;
|
||||
int good_aces;
|
||||
@ -603,7 +603,7 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl,
|
||||
gid_to_sid(&group_sid, psbuf->st_ex_gid);
|
||||
|
||||
if (afs_acl->num_aces) {
|
||||
nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
|
||||
nt_ace_list = TALLOC_ARRAY(mem_ctx, struct security_ace, afs_acl->num_aces);
|
||||
|
||||
if (nt_ace_list == NULL)
|
||||
return 0;
|
||||
@ -723,7 +723,7 @@ static bool nt_to_afs_acl(const char *filename,
|
||||
uint32 security_info_sent,
|
||||
const struct security_descriptor *psd,
|
||||
uint32 (*nt_to_afs_rights)(const char *filename,
|
||||
const SEC_ACE *ace),
|
||||
const struct security_ace *ace),
|
||||
struct afs_acl *afs_acl)
|
||||
{
|
||||
const SEC_ACL *dacl;
|
||||
@ -741,7 +741,7 @@ static bool nt_to_afs_acl(const char *filename,
|
||||
dacl = psd->dacl;
|
||||
|
||||
for (i = 0; i < dacl->num_aces; i++) {
|
||||
const SEC_ACE *ace = &(dacl->aces[i]);
|
||||
const struct security_ace *ace = &(dacl->aces[i]);
|
||||
const char *dom_name, *name;
|
||||
enum lsa_SidType name_type;
|
||||
char *p;
|
||||
|
||||
@ -2634,7 +2634,7 @@ WERROR spoolss_create_default_devmode(TALLOC_CTX *mem_ctx,
|
||||
WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
|
||||
struct spoolss_security_descriptor **secdesc)
|
||||
{
|
||||
SEC_ACE ace[5]; /* max number of ace entries */
|
||||
struct security_ace ace[5]; /* max number of ace entries */
|
||||
int i = 0;
|
||||
uint32_t sa;
|
||||
SEC_ACL *psa = NULL;
|
||||
@ -5586,7 +5586,7 @@ WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ct
|
||||
|
||||
static struct sec_desc_buf *construct_default_printer_sdb(TALLOC_CTX *ctx)
|
||||
{
|
||||
SEC_ACE ace[5]; /* max number of ace entries */
|
||||
struct security_ace ace[5]; /* max number of ace entries */
|
||||
int i = 0;
|
||||
uint32_t sa;
|
||||
SEC_ACL *psa = NULL;
|
||||
|
||||
@ -37,7 +37,7 @@ static const struct generic_mapping reg_generic_map =
|
||||
|
||||
static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd)
|
||||
{
|
||||
SEC_ACE ace[3];
|
||||
struct security_ace ace[3];
|
||||
size_t i = 0;
|
||||
SEC_DESC *sd;
|
||||
SEC_ACL *theacl;
|
||||
|
||||
@ -317,7 +317,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s
|
||||
DOM_SID *sid, uint32_t sid_access)
|
||||
{
|
||||
DOM_SID adm_sid;
|
||||
SEC_ACE ace[5];
|
||||
struct security_ace ace[5];
|
||||
size_t i = 0;
|
||||
|
||||
SEC_ACL *psa = NULL;
|
||||
|
||||
@ -127,7 +127,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
|
||||
DOM_SID *sid, uint32 sid_access )
|
||||
{
|
||||
DOM_SID domadmin_sid;
|
||||
SEC_ACE ace[5]; /* at most 5 entries */
|
||||
struct security_ace ace[5]; /* at most 5 entries */
|
||||
size_t i = 0;
|
||||
|
||||
SEC_ACL *psa = NULL;
|
||||
|
||||
@ -334,7 +334,7 @@ static void map_generic_share_sd_bits(SEC_DESC *psd)
|
||||
return;
|
||||
|
||||
for (i = 0; i < ps_dacl->num_aces; i++) {
|
||||
SEC_ACE *psa = &ps_dacl->aces[i];
|
||||
struct security_ace *psa = &ps_dacl->aces[i];
|
||||
uint32 orig_mask = psa->access_mask;
|
||||
|
||||
se_map_generic(&psa->access_mask, &file_generic_mapping);
|
||||
|
||||
@ -137,7 +137,7 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
|
||||
|
||||
static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
|
||||
{
|
||||
SEC_ACE ace[2];
|
||||
struct security_ace ace[2];
|
||||
size_t i = 0;
|
||||
SEC_DESC *sd;
|
||||
SEC_ACL *theacl;
|
||||
|
||||
@ -90,7 +90,7 @@ struct service_display_info common_unix_svcs[] = {
|
||||
|
||||
static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx )
|
||||
{
|
||||
SEC_ACE ace[4];
|
||||
struct security_ace ace[4];
|
||||
size_t i = 0;
|
||||
SEC_DESC *sd = NULL;
|
||||
SEC_ACL *theacl = NULL;
|
||||
|
||||
@ -1600,7 +1600,7 @@ static bool create_canon_ace_lists(files_struct *fsp,
|
||||
*/
|
||||
|
||||
for(i = 0; i < dacl->num_aces; i++) {
|
||||
SEC_ACE *psa = &dacl->aces[i];
|
||||
struct security_ace *psa = &dacl->aces[i];
|
||||
|
||||
if((psa->type != SEC_ACE_TYPE_ACCESS_ALLOWED) && (psa->type != SEC_ACE_TYPE_ACCESS_DENIED)) {
|
||||
DEBUG(3,("create_canon_ace_lists: unable to set anything but an ALLOW or DENY ACE.\n"));
|
||||
@ -1637,10 +1637,10 @@ static bool create_canon_ace_lists(files_struct *fsp,
|
||||
*/
|
||||
|
||||
for(i = 0; i < dacl->num_aces; i++) {
|
||||
SEC_ACE *psa1 = &dacl->aces[i];
|
||||
struct security_ace *psa1 = &dacl->aces[i];
|
||||
|
||||
for (j = i + 1; j < dacl->num_aces; j++) {
|
||||
SEC_ACE *psa2 = &dacl->aces[j];
|
||||
struct security_ace *psa2 = &dacl->aces[j];
|
||||
|
||||
if (psa1->access_mask != psa2->access_mask)
|
||||
continue;
|
||||
@ -1668,7 +1668,7 @@ static bool create_canon_ace_lists(files_struct *fsp,
|
||||
}
|
||||
|
||||
for(i = 0; i < dacl->num_aces; i++) {
|
||||
SEC_ACE *psa = &dacl->aces[i];
|
||||
struct security_ace *psa = &dacl->aces[i];
|
||||
|
||||
/*
|
||||
* Create a cannon_ace entry representing this NT DACL ACE.
|
||||
@ -3064,7 +3064,7 @@ static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file
|
||||
Based on code from "Jim McDonough" <jmcd@us.ibm.com>.
|
||||
****************************************************************************/
|
||||
|
||||
static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
|
||||
static size_t merge_default_aces( struct security_ace *nt_ace_list, size_t num_aces)
|
||||
{
|
||||
size_t i, j;
|
||||
|
||||
@ -3096,7 +3096,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
|
||||
(i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
|
||||
if (num_aces - i - 1 > 0)
|
||||
memmove(&nt_ace_list[i], &nt_ace_list[i+1], (num_aces-i-1) *
|
||||
sizeof(SEC_ACE));
|
||||
sizeof(struct security_ace));
|
||||
|
||||
DEBUG(10,("merge_default_aces: Merging zero access ACE %u onto ACE %u.\n",
|
||||
(unsigned int)i, (unsigned int)j ));
|
||||
@ -3110,7 +3110,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
|
||||
(i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
|
||||
if (num_aces - j - 1 > 0)
|
||||
memmove(&nt_ace_list[j], &nt_ace_list[j+1], (num_aces-j-1) *
|
||||
sizeof(SEC_ACE));
|
||||
sizeof(struct security_ace));
|
||||
|
||||
DEBUG(10,("merge_default_aces: Merging ACE %u onto ACE %u.\n",
|
||||
(unsigned int)j, (unsigned int)i ));
|
||||
@ -3135,7 +3135,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
|
||||
* any reallocation of memory.
|
||||
*/
|
||||
|
||||
static void add_or_replace_ace(SEC_ACE *nt_ace_list, size_t *num_aces,
|
||||
static void add_or_replace_ace(struct security_ace *nt_ace_list, size_t *num_aces,
|
||||
const DOM_SID *sid, enum security_ace_type type,
|
||||
uint32_t mask, uint8_t flags)
|
||||
{
|
||||
@ -3185,7 +3185,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
|
||||
size_t num_aces = 0;
|
||||
canon_ace *file_ace = NULL;
|
||||
canon_ace *dir_ace = NULL;
|
||||
SEC_ACE *nt_ace_list = NULL;
|
||||
struct security_ace *nt_ace_list = NULL;
|
||||
size_t num_profile_acls = 0;
|
||||
DOM_SID orig_owner_sid;
|
||||
SEC_DESC *psd = NULL;
|
||||
@ -3297,12 +3297,12 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
|
||||
num_def_acls = count_canon_ace_list(dir_ace);
|
||||
|
||||
/* Allocate the ace list. */
|
||||
if ((nt_ace_list = SMB_MALLOC_ARRAY(SEC_ACE,num_acls + num_profile_acls + num_def_acls)) == NULL) {
|
||||
if ((nt_ace_list = SMB_MALLOC_ARRAY(struct security_ace,num_acls + num_profile_acls + num_def_acls)) == NULL) {
|
||||
DEBUG(0,("get_nt_acl: Unable to malloc space for nt_ace_list.\n"));
|
||||
goto done;
|
||||
}
|
||||
|
||||
memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(SEC_ACE) );
|
||||
memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(struct security_ace) );
|
||||
|
||||
/*
|
||||
* Create the NT ACE list from the canonical ace lists.
|
||||
@ -3635,7 +3635,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
|
||||
files_struct *parent_fsp = NULL;
|
||||
TALLOC_CTX *mem_ctx = talloc_tos();
|
||||
char *parent_name = NULL;
|
||||
SEC_ACE *new_ace = NULL;
|
||||
struct security_ace *new_ace = NULL;
|
||||
unsigned int num_aces = pcsd->dacl->num_aces;
|
||||
NTSTATUS status;
|
||||
int info;
|
||||
@ -3704,7 +3704,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
|
||||
|
||||
num_aces += parent_sd->dacl->num_aces;
|
||||
|
||||
if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, SEC_ACE,
|
||||
if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, struct security_ace,
|
||||
num_aces)) == NULL) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -3721,7 +3721,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
|
||||
|
||||
/* Finally append any inherited ACEs. */
|
||||
for (j = 0; j < parent_sd->dacl->num_aces; j++) {
|
||||
SEC_ACE *se = &parent_sd->dacl->aces[j];
|
||||
struct security_ace *se = &parent_sd->dacl->aces[j];
|
||||
|
||||
if (fsp->is_directory) {
|
||||
if (!(se->flags & SEC_ACE_FLAG_CONTAINER_INHERIT)) {
|
||||
|
||||
@ -64,7 +64,7 @@ static const struct perm_value standard_values[] = {
|
||||
print an ACE on a FILE
|
||||
********************************************************************/
|
||||
|
||||
static void print_ace(FILE *f, SEC_ACE *ace)
|
||||
static void print_ace(FILE *f, struct security_ace *ace)
|
||||
{
|
||||
const struct perm_value *v;
|
||||
int do_print = 0;
|
||||
@ -138,7 +138,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
|
||||
|
||||
/* Print aces */
|
||||
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
|
||||
SEC_ACE *ace = &sd->dacl->aces[i];
|
||||
struct security_ace *ace = &sd->dacl->aces[i];
|
||||
fprintf(f, "ACL:");
|
||||
print_ace(f, ace);
|
||||
fprintf(f, "\n");
|
||||
@ -149,7 +149,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
|
||||
parse an ACE in the same format as print_ace()
|
||||
********************************************************************/
|
||||
|
||||
static bool parse_ace(SEC_ACE *ace, const char *orig_str)
|
||||
static bool parse_ace(struct security_ace *ace, const char *orig_str)
|
||||
{
|
||||
char *p;
|
||||
const char *cp;
|
||||
@ -297,7 +297,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str)
|
||||
static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size )
|
||||
{
|
||||
SEC_DESC *sd = NULL;
|
||||
SEC_ACE *ace;
|
||||
struct security_ace *ace;
|
||||
SEC_ACL *theacl;
|
||||
int num_ace;
|
||||
const char *pacl;
|
||||
@ -309,7 +309,7 @@ static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t
|
||||
pacl = szACL;
|
||||
num_ace = count_chars( pacl, ',' ) + 1;
|
||||
|
||||
if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, SEC_ACE, num_ace )) )
|
||||
if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, struct security_ace, num_ace )) )
|
||||
return NULL;
|
||||
|
||||
for ( i=0; i<num_ace; i++ ) {
|
||||
@ -336,19 +336,20 @@ static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t
|
||||
}
|
||||
|
||||
/* add an ACE to a list of ACEs in a SEC_ACL */
|
||||
static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, SEC_ACE *ace)
|
||||
static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, struct security_ace *ace)
|
||||
{
|
||||
SEC_ACL *new_ace;
|
||||
SEC_ACE *aces;
|
||||
struct security_ace *aces;
|
||||
if (! *the_acl) {
|
||||
return (((*the_acl) = make_sec_acl(mem_ctx, 3, 1, ace)) != NULL);
|
||||
}
|
||||
|
||||
if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
|
||||
if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) {
|
||||
return False;
|
||||
}
|
||||
memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
|
||||
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
|
||||
memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct
|
||||
security_ace));
|
||||
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
|
||||
new_ace = make_sec_acl(mem_ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
|
||||
SAFE_FREE(aces);
|
||||
(*the_acl) = new_ace;
|
||||
@ -360,7 +361,7 @@ static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, SEC_ACE *ace)
|
||||
computer running Windows NT 5.0" if denied ACEs do not appear before
|
||||
allowed ACEs. */
|
||||
|
||||
static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
|
||||
static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
|
||||
{
|
||||
if (sec_ace_equal(ace1, ace2))
|
||||
return 0;
|
||||
@ -380,7 +381,7 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
|
||||
if (ace1->size != ace2->size)
|
||||
return ace1->size - ace2->size;
|
||||
|
||||
return memcmp(ace1, ace2, sizeof(SEC_ACE));
|
||||
return memcmp(ace1, ace2, sizeof(struct security_ace));
|
||||
}
|
||||
|
||||
static void sort_acl(SEC_ACL *the_acl)
|
||||
|
||||
@ -267,7 +267,7 @@ static void print_ace_flags(FILE *f, uint8_t flags)
|
||||
}
|
||||
|
||||
/* print an ACE on a FILE, using either numeric or ascii representation */
|
||||
static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace)
|
||||
static void print_ace(struct cli_state *cli, FILE *f, struct security_ace *ace)
|
||||
{
|
||||
const struct perm_value *v;
|
||||
fstring sidstr;
|
||||
@ -363,7 +363,7 @@ static bool parse_ace_flags(const char *str, unsigned int *pflags)
|
||||
}
|
||||
|
||||
/* parse an ACE in the same format as print_ace() */
|
||||
static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
|
||||
static bool parse_ace(struct cli_state *cli, struct security_ace *ace,
|
||||
const char *orig_str)
|
||||
{
|
||||
char *p;
|
||||
@ -530,20 +530,21 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
|
||||
}
|
||||
|
||||
/* add an ACE to a list of ACEs in a SEC_ACL */
|
||||
static bool add_ace(SEC_ACL **the_acl, SEC_ACE *ace)
|
||||
static bool add_ace(SEC_ACL **the_acl, struct security_ace *ace)
|
||||
{
|
||||
SEC_ACL *new_ace;
|
||||
SEC_ACE *aces;
|
||||
struct security_ace *aces;
|
||||
if (! *the_acl) {
|
||||
return (((*the_acl) = make_sec_acl(talloc_tos(), 3, 1, ace))
|
||||
!= NULL);
|
||||
}
|
||||
|
||||
if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
|
||||
if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) {
|
||||
return False;
|
||||
}
|
||||
memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
|
||||
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
|
||||
memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct
|
||||
security_ace));
|
||||
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
|
||||
new_ace = make_sec_acl(talloc_tos(),(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
|
||||
SAFE_FREE(aces);
|
||||
(*the_acl) = new_ace;
|
||||
@ -596,7 +597,7 @@ static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *st
|
||||
}
|
||||
|
||||
if (strncmp(tok,"ACL:", 4) == 0) {
|
||||
SEC_ACE ace;
|
||||
struct security_ace ace;
|
||||
if (!parse_ace(cli, &ace, tok+4)) {
|
||||
goto done;
|
||||
}
|
||||
@ -651,7 +652,7 @@ static void sec_desc_print(struct cli_state *cli, FILE *f, SEC_DESC *sd)
|
||||
|
||||
/* Print aces */
|
||||
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
|
||||
SEC_ACE *ace = &sd->dacl->aces[i];
|
||||
struct security_ace *ace = &sd->dacl->aces[i];
|
||||
fprintf(f, "ACL:");
|
||||
print_ace(cli, f, ace);
|
||||
fprintf(f, "\n");
|
||||
@ -814,7 +815,7 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode,
|
||||
canonical order is specified as "Explicit Deny, Explicit Allow,
|
||||
Inherited ACEs unchanged" */
|
||||
|
||||
static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
|
||||
static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
|
||||
{
|
||||
if (sec_ace_equal(ace1, ace2))
|
||||
return 0;
|
||||
@ -844,7 +845,7 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
|
||||
if (ace1->size != ace2->size)
|
||||
return ace1->size - ace2->size;
|
||||
|
||||
return memcmp(ace1, ace2, sizeof(SEC_ACE));
|
||||
return memcmp(ace1, ace2, sizeof(struct security_ace));
|
||||
}
|
||||
|
||||
static void sort_acl(SEC_ACL *the_acl)
|
||||
@ -1023,7 +1024,7 @@ static int inherit(struct cli_state *cli, const char *filename,
|
||||
string_replace(parentname, '/', '\\');
|
||||
parent = get_secdesc(cli,parentname);
|
||||
for (i=0;i<parent->dacl->num_aces;i++) {
|
||||
SEC_ACE *ace=&parent->dacl->aces[i];
|
||||
struct security_ace *ace=&parent->dacl->aces[i];
|
||||
if ((oldattr & aDIR) == aDIR) {
|
||||
if ((ace->flags & SEC_ACE_FLAG_CONTAINER_INHERIT) ==
|
||||
SEC_ACE_FLAG_CONTAINER_INHERIT) {
|
||||
@ -1051,7 +1052,7 @@ static int inherit(struct cli_state *cli, const char *filename,
|
||||
SEC_ACL *temp=old->dacl;
|
||||
old->dacl=make_sec_acl(talloc_tos(), 3, 0, NULL);
|
||||
for (i=temp->num_aces-1;i>=0;i--) {
|
||||
SEC_ACE *ace=&temp->aces[i];
|
||||
struct security_ace *ace=&temp->aces[i];
|
||||
/* Remove all ace with INHERITED flag set */
|
||||
if ((ace->flags & SEC_ACE_FLAG_INHERITED_ACE) !=
|
||||
SEC_ACE_FLAG_INHERITED_ACE) {
|
||||
@ -1072,7 +1073,7 @@ static int inherit(struct cli_state *cli, const char *filename,
|
||||
if (old->dacl) {
|
||||
int i;
|
||||
for (i=0;i<old->dacl->num_aces;i++) {
|
||||
SEC_ACE *ace=&old->dacl->aces[i];
|
||||
struct security_ace *ace=&old->dacl->aces[i];
|
||||
/* Remove INHERITED FLAG from all aces */
|
||||
ace->flags=ace->flags&(~SEC_ACE_FLAG_INHERITED_ACE);
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user