mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s3:auth Remove NT_USER_TOKEN
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
Andrew Bartlett
parent
4bfc8d3b1a
commit
d1bb21b0d5
@ -594,7 +594,7 @@ NTSTATUS init_gp_extensions(TALLOC_CTX *mem_ctx)
|
||||
}
|
||||
|
||||
if (!reg_ctx) {
|
||||
NT_USER_TOKEN *token;
|
||||
struct security_token *token;
|
||||
|
||||
token = registry_create_system_token(mem_ctx);
|
||||
NT_STATUS_HAVE_NO_MEMORY(token);
|
||||
@ -678,7 +678,7 @@ void debug_gpext_header(int lvl,
|
||||
NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid)
|
||||
@ -692,7 +692,7 @@ NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
|
||||
NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid,
|
||||
|
||||
@ -65,7 +65,7 @@ struct gp_extension_methods {
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
struct registry_key *root_key,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
@ -73,7 +73,7 @@ struct gp_extension_methods {
|
||||
NTSTATUS (*process_group_policy2)(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extension_guid);
|
||||
|
||||
@ -109,14 +109,14 @@ void debug_gpext_header(int lvl,
|
||||
NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extension_guid,
|
||||
const char *snapin_guid);
|
||||
NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
uint32_t flags,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid,
|
||||
|
||||
14
libgpo/gpo.h
14
libgpo/gpo.h
@ -156,7 +156,7 @@ struct gp_registry_entries {
|
||||
};
|
||||
|
||||
struct gp_registry_context {
|
||||
const NT_USER_TOKEN *token;
|
||||
const struct security_token *token;
|
||||
const char *path;
|
||||
struct registry_key *curr_key;
|
||||
};
|
||||
@ -215,18 +215,18 @@ ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
|
||||
ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
NT_USER_TOKEN **token);
|
||||
struct security_token **token);
|
||||
ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
uint32_t flags,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT **gpo_list);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_sec.c */
|
||||
|
||||
NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo,
|
||||
const NT_USER_TOKEN *token);
|
||||
const struct security_token *token);
|
||||
|
||||
/* The following definitions come from libgpo/gpo_util.c */
|
||||
|
||||
@ -245,14 +245,14 @@ void dump_gpo_list(ADS_STRUCT *ads,
|
||||
void dump_gplink(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GP_LINK *gp_link);
|
||||
ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid_filter,
|
||||
uint32_t flags);
|
||||
ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extensions_guid_filter,
|
||||
uint32_t flags);
|
||||
@ -282,7 +282,7 @@ ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct loadparm_context *lp_ctx,
|
||||
const char *dn,
|
||||
NT_USER_TOKEN **token);
|
||||
struct security_token **token);
|
||||
|
||||
|
||||
#include "../libgpo/gpext/gpext.h"
|
||||
|
||||
@ -552,7 +552,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
|
||||
struct GP_LINK *gp_link,
|
||||
enum GPO_LINK_TYPE link_type,
|
||||
bool only_add_forced_gpos,
|
||||
const NT_USER_TOKEN *token)
|
||||
const struct security_token *token)
|
||||
{
|
||||
ADS_STATUS status;
|
||||
int i;
|
||||
@ -619,7 +619,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
|
||||
ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
NT_USER_TOKEN **token)
|
||||
struct security_token **token)
|
||||
{
|
||||
ADS_STATUS status;
|
||||
struct dom_sid object_sid;
|
||||
@ -628,7 +628,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
|
||||
size_t num_ad_token_sids = 0;
|
||||
struct dom_sid *token_sids;
|
||||
uint32_t num_token_sids = 0;
|
||||
NT_USER_TOKEN *new_token = NULL;
|
||||
struct security_token *new_token = NULL;
|
||||
int i;
|
||||
|
||||
status = ads_get_tokensids(ads, mem_ctx, dn,
|
||||
@ -710,7 +710,7 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *dn,
|
||||
uint32_t flags,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT **gpo_list)
|
||||
{
|
||||
/* (L)ocal (S)ite (D)omain (O)rganizational(U)nit */
|
||||
|
||||
@ -101,7 +101,7 @@ static bool gpo_sd_check_read_access_bits(uint32_t access_mask)
|
||||
****************************************************************/
|
||||
|
||||
static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
|
||||
const NT_USER_TOKEN *token)
|
||||
const struct security_token *token)
|
||||
{
|
||||
char *sid_str;
|
||||
|
||||
@ -123,7 +123,7 @@ static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
|
||||
****************************************************************/
|
||||
|
||||
static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace,
|
||||
const NT_USER_TOKEN *token)
|
||||
const struct security_token *token)
|
||||
{
|
||||
char *sid_str;
|
||||
|
||||
@ -146,7 +146,7 @@ static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace,
|
||||
****************************************************************/
|
||||
|
||||
static NTSTATUS gpo_sd_check_ace(const struct security_ace *ace,
|
||||
const NT_USER_TOKEN *token)
|
||||
const struct security_token *token)
|
||||
{
|
||||
switch (ace->type) {
|
||||
case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
|
||||
@ -162,7 +162,7 @@ static NTSTATUS gpo_sd_check_ace(const struct security_ace *ace,
|
||||
****************************************************************/
|
||||
|
||||
NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo,
|
||||
const NT_USER_TOKEN *token)
|
||||
const struct security_token *token)
|
||||
{
|
||||
struct security_descriptor *sd = gpo->security_descriptor;
|
||||
struct security_acl *dacl = NULL;
|
||||
|
||||
@ -448,7 +448,7 @@ static bool gpo_get_gp_ext_from_gpo(TALLOC_CTX *mem_ctx,
|
||||
|
||||
ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo,
|
||||
const char *extension_guid_filter,
|
||||
@ -505,7 +505,7 @@ ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
|
||||
|
||||
static ADS_STATUS gpo_process_gpo_list_by_ext(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct registry_key *root_key,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extensions_guid,
|
||||
@ -543,7 +543,7 @@ static ADS_STATUS gpo_process_gpo_list_by_ext(ADS_STRUCT *ads,
|
||||
|
||||
ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
const char *extensions_guid_filter,
|
||||
uint32_t flags)
|
||||
@ -840,9 +840,9 @@ ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct loadparm_context *lp_ctx,
|
||||
const char *dn,
|
||||
NT_USER_TOKEN **token)
|
||||
struct security_token **token)
|
||||
{
|
||||
NT_USER_TOKEN *ad_token = NULL;
|
||||
struct security_token *ad_token = NULL;
|
||||
ADS_STATUS status;
|
||||
#if _SAMBA_BUILD_ == 4
|
||||
struct auth_session_info *info;
|
||||
|
||||
@ -388,7 +388,7 @@ bool make_user_info_guest(struct auth_usersupplied_info **user_info)
|
||||
return NT_STATUS_IS_OK(nt_status) ? True : False;
|
||||
}
|
||||
|
||||
static NTSTATUS log_nt_token(NT_USER_TOKEN *token)
|
||||
static NTSTATUS log_nt_token(struct security_token *token)
|
||||
{
|
||||
TALLOC_CTX *frame = talloc_stackframe();
|
||||
char *command;
|
||||
@ -929,7 +929,7 @@ const struct auth_serversupplied_info *get_server_info_system(void)
|
||||
bool copy_current_user(struct current_user *dst, struct current_user *src)
|
||||
{
|
||||
gid_t *groups;
|
||||
NT_USER_TOKEN *nt_token;
|
||||
struct security_token *nt_token;
|
||||
|
||||
groups = (gid_t *)memdup(src->ut.groups,
|
||||
sizeof(gid_t) * src->ut.ngroups);
|
||||
|
||||
@ -31,10 +31,10 @@
|
||||
#include "../librpc/gen_ndr/netlogon.h"
|
||||
|
||||
/****************************************************************************
|
||||
Check for a SID in an NT_USER_TOKEN
|
||||
Check for a SID in an struct security_token
|
||||
****************************************************************************/
|
||||
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token )
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token )
|
||||
{
|
||||
int i;
|
||||
|
||||
@ -49,7 +49,7 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token
|
||||
return False;
|
||||
}
|
||||
|
||||
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
|
||||
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid )
|
||||
{
|
||||
struct dom_sid domain_sid;
|
||||
|
||||
@ -79,7 +79,7 @@ bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
|
||||
Create a copy if your need to change it.
|
||||
******************************************************************************/
|
||||
|
||||
NT_USER_TOKEN *get_root_nt_token( void )
|
||||
struct security_token *get_root_nt_token( void )
|
||||
{
|
||||
struct security_token *token, *for_cache;
|
||||
struct dom_sid u_sid, g_sid;
|
||||
@ -649,10 +649,10 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result,
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
prints a NT_USER_TOKEN to debug output.
|
||||
prints a struct security_token to debug output.
|
||||
****************************************************************************/
|
||||
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token)
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ struct auth_serversupplied_info {
|
||||
|
||||
/* NT group information taken from the info3 structure */
|
||||
|
||||
NT_USER_TOKEN *ptok;
|
||||
struct security_token *ptok;
|
||||
|
||||
/* This is the final session key, as used by SMB signing, and
|
||||
* (truncated to 16 bytes) encryption on the SAMR and LSA pipes
|
||||
|
||||
@ -241,9 +241,9 @@ NTSTATUS pass_check(const struct passwd *pass,
|
||||
|
||||
/* The following definitions come from auth/token_util.c */
|
||||
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
|
||||
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
|
||||
NT_USER_TOKEN *get_root_nt_token( void );
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
|
||||
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
|
||||
struct security_token *get_root_nt_token( void );
|
||||
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
|
||||
struct security_token *token);
|
||||
NTSTATUS create_builtin_users(const struct dom_sid *sid);
|
||||
@ -258,7 +258,7 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
|
||||
struct netr_SamInfo3 *info3,
|
||||
struct extra_auth_info *extra,
|
||||
struct security_token **ntok);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
|
||||
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
|
||||
int n_groups, gid_t *groups);
|
||||
|
||||
@ -663,8 +663,8 @@ void dump_se_priv( int dbg_cl, int dbg_lvl, const uint64_t *mask );
|
||||
bool is_privilege_assigned(const uint64_t *privileges,
|
||||
const uint64_t *check);
|
||||
const char* get_privilege_dispname( const char *name );
|
||||
bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege);
|
||||
bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege);
|
||||
bool user_has_privileges(const struct security_token *token, const uint64_t *privilege);
|
||||
bool user_has_any_privilege(struct security_token *token, const uint64_t *privilege);
|
||||
int count_all_privileges( void );
|
||||
struct lsa_LUIDAttribute get_privilege_luid( uint64_t *mask );
|
||||
const char *luid_to_privilege_name(const struct lsa_LUID *set);
|
||||
@ -756,7 +756,7 @@ struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *ser
|
||||
size_t *psize);
|
||||
bool set_share_security(const char *share_name, struct security_descriptor *psd);
|
||||
bool delete_share_security(const char *servicename);
|
||||
bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
|
||||
bool share_access_check(const struct security_token *token, const char *sharename,
|
||||
uint32 desired_access);
|
||||
bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd);
|
||||
|
||||
@ -1286,12 +1286,12 @@ void smb_nscd_flush_group_cache(void);
|
||||
|
||||
/* The following definitions come from lib/util_nttoken.c */
|
||||
|
||||
NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken);
|
||||
struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_token *ptoken);
|
||||
NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
|
||||
const struct security_token *token_1,
|
||||
const struct security_token *token_2,
|
||||
struct security_token **token_out);
|
||||
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
|
||||
bool token_sid_in_ace(const struct security_token *token, const struct security_ace *ace);
|
||||
|
||||
/* The following definitions come from lib/util_pw.c */
|
||||
|
||||
@ -1314,7 +1314,7 @@ bool pull_reg_multi_sz(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const char **
|
||||
void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping);
|
||||
void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping);
|
||||
void se_map_standard(uint32 *access_mask, const struct standard_mapping *mapping);
|
||||
NTSTATUS se_access_check(const struct security_descriptor *sd, const NT_USER_TOKEN *token,
|
||||
NTSTATUS se_access_check(const struct security_descriptor *sd, const struct security_token *token,
|
||||
uint32 acc_desired, uint32 *acc_granted);
|
||||
|
||||
/* The following definitions come from lib/util_sec.c */
|
||||
@ -1339,7 +1339,7 @@ bool is_setuid_root(void) ;
|
||||
/* The following definitions come from lib/util_sid.c */
|
||||
|
||||
const char *sid_type_lookup(uint32 sid_type) ;
|
||||
NT_USER_TOKEN *get_system_token(void) ;
|
||||
struct security_token *get_system_token(void) ;
|
||||
char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid);
|
||||
char *sid_string_talloc(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
|
||||
char *sid_string_dbg(const struct dom_sid *sid);
|
||||
@ -1368,7 +1368,7 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t
|
||||
bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
|
||||
uint32 rid, uint32 **pp_rids, size_t *p_num);
|
||||
bool is_null_sid(const struct dom_sid *sid);
|
||||
bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid);
|
||||
bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid);
|
||||
NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
|
||||
const struct netr_SamInfo3 *info3,
|
||||
struct dom_sid **user_sids,
|
||||
@ -4450,11 +4450,11 @@ bool init_service_op_table( void );
|
||||
/* The following definitions come from services/services_db.c */
|
||||
|
||||
void svcctl_init_keys( void );
|
||||
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
|
||||
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token );
|
||||
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
|
||||
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
|
||||
struct regval_ctr *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token );
|
||||
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token );
|
||||
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token );
|
||||
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token );
|
||||
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token );
|
||||
struct regval_ctr *svcctl_fetch_regvalues( const char *name, struct security_token *token );
|
||||
|
||||
/* The following definitions come from services/svc_netlogon.c */
|
||||
|
||||
@ -5033,7 +5033,7 @@ void reply_nttranss(struct smb_request *req);
|
||||
|
||||
NTSTATUS smb1_file_se_access_check(connection_struct *conn,
|
||||
const struct security_descriptor *sd,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
uint32_t access_desired,
|
||||
uint32_t *access_granted);
|
||||
NTSTATUS fd_close(files_struct *fsp);
|
||||
@ -5409,7 +5409,7 @@ void server_encryption_shutdown(void);
|
||||
|
||||
bool unix_token_equal(const UNIX_USER_TOKEN *t1, const UNIX_USER_TOKEN *t2);
|
||||
bool push_sec_ctx(void);
|
||||
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token);
|
||||
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token);
|
||||
void set_root_sec_ctx(void);
|
||||
bool pop_sec_ctx(void);
|
||||
void init_sec_ctx(void);
|
||||
@ -5575,7 +5575,7 @@ bool unbecome_user(void);
|
||||
uid_t get_current_uid(connection_struct *conn);
|
||||
gid_t get_current_gid(connection_struct *conn);
|
||||
const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn);
|
||||
const NT_USER_TOKEN *get_current_nttok(connection_struct *conn);
|
||||
const struct security_token *get_current_nttok(connection_struct *conn);
|
||||
uint16_t get_current_vuid(connection_struct *conn);
|
||||
|
||||
/* The following definitions come from smbd/utmp.c */
|
||||
@ -5666,11 +5666,11 @@ struct tevent_req *fncall_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
|
||||
int fncall_recv(struct tevent_req *req, int *perr);
|
||||
|
||||
/* The following definitions come from rpc_server/srv_samr_nt.c */
|
||||
NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
|
||||
NTSTATUS access_check_object( struct security_descriptor *psd, struct security_token *token,
|
||||
uint64_t *rights, uint32 rights_mask,
|
||||
uint32 des_access, uint32 *acc_granted,
|
||||
const char *debug);
|
||||
void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
|
||||
void map_max_allowed_access(const struct security_token *nt_token,
|
||||
const struct unix_user_token *unix_token,
|
||||
uint32_t *pacc_requested);
|
||||
|
||||
|
||||
@ -49,7 +49,7 @@ struct registry_ops {
|
||||
bool (*store_values)( const char *key, struct regval_ctr *val );
|
||||
bool (*reg_access_check)( const char *keyname, uint32 requested,
|
||||
uint32 *granted,
|
||||
const NT_USER_TOKEN *token );
|
||||
const struct security_token *token );
|
||||
WERROR (*get_secdesc)(TALLOC_CTX *mem_ctx, const char *key,
|
||||
struct security_descriptor **psecdesc);
|
||||
WERROR (*set_secdesc)(const char *key,
|
||||
|
||||
@ -232,8 +232,6 @@ extern const struct dom_sid global_sid_Unix_Groups;
|
||||
#define PRIMARY_USER_SID_INDEX 0
|
||||
#define PRIMARY_GROUP_SID_INDEX 1
|
||||
|
||||
typedef struct security_token NT_USER_TOKEN;
|
||||
|
||||
typedef struct unix_user_token {
|
||||
uid_t uid;
|
||||
gid_t gid;
|
||||
@ -551,7 +549,7 @@ struct current_user {
|
||||
connection_struct *conn;
|
||||
uint16 vuid;
|
||||
UNIX_USER_TOKEN ut;
|
||||
NT_USER_TOKEN *nt_user_token;
|
||||
struct security_token *nt_user_token;
|
||||
};
|
||||
|
||||
struct smbd_smb2_request;
|
||||
|
||||
@ -281,7 +281,7 @@ const char* get_privilege_dispname( const char *name )
|
||||
at a time here.
|
||||
*****************************************************************************/
|
||||
|
||||
bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege)
|
||||
bool user_has_privileges(const struct security_token *token, const uint64_t *privilege)
|
||||
{
|
||||
if ( !token )
|
||||
return False;
|
||||
@ -294,7 +294,7 @@ bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege)
|
||||
at a time here.
|
||||
*****************************************************************************/
|
||||
|
||||
bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege)
|
||||
bool user_has_any_privilege(struct security_token *token, const uint64_t *privilege)
|
||||
{
|
||||
if ( !token )
|
||||
return False;
|
||||
|
||||
@ -407,7 +407,7 @@ bool delete_share_security(const char *servicename)
|
||||
Can this user access with share with the required permissions ?
|
||||
********************************************************************/
|
||||
|
||||
bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
|
||||
bool share_access_check(const struct security_token *token, const char *sharename,
|
||||
uint32 desired_access)
|
||||
{
|
||||
uint32 granted;
|
||||
|
||||
@ -31,14 +31,14 @@
|
||||
Duplicate a SID token.
|
||||
****************************************************************************/
|
||||
|
||||
NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken)
|
||||
struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_token *ptoken)
|
||||
{
|
||||
NT_USER_TOKEN *token;
|
||||
struct security_token *token;
|
||||
|
||||
if (!ptoken)
|
||||
return NULL;
|
||||
|
||||
token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
|
||||
token = TALLOC_ZERO_P(mem_ctx, struct security_token);
|
||||
if (token == NULL) {
|
||||
DEBUG(0, ("talloc failed\n"));
|
||||
return NULL;
|
||||
@ -120,7 +120,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
|
||||
Check if this struct security_ace has a SID in common with the token.
|
||||
********************************************************************/
|
||||
|
||||
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
|
||||
bool token_sid_in_ace(const struct security_token *token, const struct security_ace *ace)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
extern NT_USER_TOKEN anonymous_token;
|
||||
extern struct security_token anonymous_token;
|
||||
|
||||
/* Map generic access rights to object specific rights. This technique is
|
||||
used to give meaning to assigning read, write, execute and all access to
|
||||
@ -106,7 +106,7 @@ void se_map_standard(uint32 *access_mask, const struct standard_mapping *mapping
|
||||
perform a SEC_FLAG_MAXIMUM_ALLOWED access check
|
||||
*/
|
||||
static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
|
||||
const NT_USER_TOKEN *token)
|
||||
const struct security_token *token)
|
||||
{
|
||||
uint32_t denied = 0, granted = 0;
|
||||
unsigned i;
|
||||
@ -154,7 +154,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
|
||||
to by the access_granted pointer.
|
||||
*/
|
||||
NTSTATUS se_access_check(const struct security_descriptor *sd,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
uint32_t access_desired,
|
||||
uint32_t *access_granted)
|
||||
{
|
||||
|
||||
@ -107,11 +107,11 @@ static struct dom_sid anon_sid_array[3] =
|
||||
{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
|
||||
{ 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
|
||||
{ 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
|
||||
NT_USER_TOKEN anonymous_token = { 3, anon_sid_array, SE_NONE };
|
||||
struct security_token anonymous_token = { 3, anon_sid_array, SE_NONE };
|
||||
|
||||
static struct dom_sid system_sid_array[1] =
|
||||
{ { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
|
||||
NT_USER_TOKEN system_token = { 1, system_sid_array, SE_ALL_PRIVS };
|
||||
struct security_token system_token = { 1, system_sid_array, SE_ALL_PRIVS };
|
||||
|
||||
/****************************************************************************
|
||||
Lookup string names for SID types.
|
||||
@ -153,7 +153,7 @@ const char *sid_type_lookup(uint32 sid_type)
|
||||
Create the SYSTEM token.
|
||||
***************************************************************************/
|
||||
|
||||
NT_USER_TOKEN *get_system_token(void)
|
||||
struct security_token *get_system_token(void)
|
||||
{
|
||||
return &system_token;
|
||||
}
|
||||
@ -668,7 +668,7 @@ bool is_null_sid(const struct dom_sid *sid)
|
||||
return sid_equal(sid, &null_sid);
|
||||
}
|
||||
|
||||
bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid)
|
||||
bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid)
|
||||
{
|
||||
int i;
|
||||
|
||||
|
||||
@ -28,16 +28,16 @@
|
||||
* - disk operators privilege
|
||||
*/
|
||||
NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
|
||||
NT_USER_TOKEN **ptoken)
|
||||
struct security_token **ptoken)
|
||||
{
|
||||
NTSTATUS status;
|
||||
NT_USER_TOKEN *token = NULL;
|
||||
struct security_token *token = NULL;
|
||||
|
||||
if (ptoken == NULL) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
|
||||
token = TALLOC_ZERO_P(mem_ctx, struct security_token);
|
||||
if (token == NULL) {
|
||||
DEBUG(1, ("talloc failed\n"));
|
||||
status = NT_STATUS_NO_MEMORY;
|
||||
|
||||
@ -21,6 +21,6 @@
|
||||
#define _REG_UTIL_TOKEN_H
|
||||
|
||||
NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
|
||||
NT_USER_TOKEN **ptoken);
|
||||
struct security_token **ptoken);
|
||||
|
||||
#endif /* _REG_UTIL_TOKEN_H */
|
||||
|
||||
@ -69,7 +69,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( struct pipes_struct * p,
|
||||
/********************************************************************
|
||||
********************************************************************/
|
||||
|
||||
static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
|
||||
static bool elog_check_access( EVENTLOG_INFO *info, struct security_token *token )
|
||||
{
|
||||
char *tdbname = elog_tdbname(talloc_tos(), info->logname );
|
||||
struct security_descriptor *sec_desc;
|
||||
|
||||
@ -179,7 +179,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, struct security_descriptor
|
||||
level of access for further checks.
|
||||
********************************************************************/
|
||||
|
||||
NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
|
||||
NTSTATUS access_check_object( struct security_descriptor *psd, struct security_token *token,
|
||||
uint64_t *rights, uint32 rights_mask,
|
||||
uint32 des_access, uint32 *acc_granted,
|
||||
const char *debug )
|
||||
@ -241,7 +241,7 @@ done:
|
||||
Map any MAXIMUM_ALLOWED_ACCESS request to a valid access set.
|
||||
********************************************************************/
|
||||
|
||||
void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
|
||||
void map_max_allowed_access(const struct security_token *nt_token,
|
||||
const struct unix_user_token *unix_token,
|
||||
uint32_t *pacc_requested)
|
||||
{
|
||||
|
||||
@ -150,7 +150,7 @@ const struct standard_mapping printserver_std_mapping = {
|
||||
|
||||
struct xcv_api_table {
|
||||
const char *name;
|
||||
WERROR(*fn) (TALLOC_CTX *mem_ctx, NT_USER_TOKEN *token, DATA_BLOB *in, DATA_BLOB *out, uint32_t *needed);
|
||||
WERROR(*fn) (TALLOC_CTX *mem_ctx, struct security_token *token, DATA_BLOB *in, DATA_BLOB *out, uint32_t *needed);
|
||||
};
|
||||
|
||||
static void prune_printername_cache(void);
|
||||
@ -357,7 +357,7 @@ static bool close_printer_handle(struct pipes_struct *p, struct policy_handle *h
|
||||
Delete a printer given a handle.
|
||||
****************************************************************************/
|
||||
|
||||
static WERROR delete_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
|
||||
static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
|
||||
const char *sharename,
|
||||
struct messaging_context *msg_ctx)
|
||||
{
|
||||
@ -5859,7 +5859,7 @@ static bool check_printer_ok(TALLOC_CTX *mem_ctx,
|
||||
/****************************************************************************
|
||||
****************************************************************************/
|
||||
|
||||
static WERROR add_port_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, const char *portname, const char *uri)
|
||||
static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const char *portname, const char *uri)
|
||||
{
|
||||
char *cmd = lp_addport_cmd();
|
||||
char *command = NULL;
|
||||
@ -5908,7 +5908,7 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, const char *p
|
||||
/****************************************************************************
|
||||
****************************************************************************/
|
||||
|
||||
static bool add_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
|
||||
static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
|
||||
struct spoolss_SetPrinterInfo2 *info2,
|
||||
const char *remote_machine,
|
||||
struct messaging_context *msg_ctx)
|
||||
@ -9540,7 +9540,7 @@ static bool push_monitorui_buf(TALLOC_CTX *mem_ctx, DATA_BLOB *buf,
|
||||
*******************************************************************/
|
||||
|
||||
static WERROR xcvtcp_monitorui(TALLOC_CTX *mem_ctx,
|
||||
NT_USER_TOKEN *token, DATA_BLOB *in,
|
||||
struct security_token *token, DATA_BLOB *in,
|
||||
DATA_BLOB *out, uint32_t *needed)
|
||||
{
|
||||
const char *dllname = "tcpmonui.dll";
|
||||
@ -9595,7 +9595,7 @@ static bool pull_port_data_2(TALLOC_CTX *mem_ctx,
|
||||
*******************************************************************/
|
||||
|
||||
static WERROR xcvtcp_addport(TALLOC_CTX *mem_ctx,
|
||||
NT_USER_TOKEN *token, DATA_BLOB *in,
|
||||
struct security_token *token, DATA_BLOB *in,
|
||||
DATA_BLOB *out, uint32_t *needed)
|
||||
{
|
||||
struct spoolss_PortData1 port1;
|
||||
@ -9687,7 +9687,7 @@ struct xcv_api_table xcvtcp_cmds[] = {
|
||||
};
|
||||
|
||||
static WERROR process_xcvtcp_command(TALLOC_CTX *mem_ctx,
|
||||
NT_USER_TOKEN *token, const char *command,
|
||||
struct security_token *token, const char *command,
|
||||
DATA_BLOB *inbuf,
|
||||
DATA_BLOB *outbuf,
|
||||
uint32_t *needed )
|
||||
@ -9709,7 +9709,7 @@ static WERROR process_xcvtcp_command(TALLOC_CTX *mem_ctx,
|
||||
#if 0 /* don't support management using the "Local Port" monitor */
|
||||
|
||||
static WERROR xcvlocal_monitorui(TALLOC_CTX *mem_ctx,
|
||||
NT_USER_TOKEN *token, DATA_BLOB *in,
|
||||
struct security_token *token, DATA_BLOB *in,
|
||||
DATA_BLOB *out, uint32_t *needed)
|
||||
{
|
||||
const char *dllname = "localui.dll";
|
||||
@ -9746,7 +9746,7 @@ struct xcv_api_table xcvlocal_cmds[] = {
|
||||
*******************************************************************/
|
||||
|
||||
static WERROR process_xcvlocal_command(TALLOC_CTX *mem_ctx,
|
||||
NT_USER_TOKEN *token, const char *command,
|
||||
struct security_token *token, const char *command,
|
||||
DATA_BLOB *inbuf, DATA_BLOB *outbuf,
|
||||
uint32_t *needed)
|
||||
{
|
||||
|
||||
@ -123,7 +123,7 @@ static struct service_control_op* find_service_by_name( const char *name )
|
||||
/********************************************************************
|
||||
********************************************************************/
|
||||
|
||||
static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, NT_USER_TOKEN *token,
|
||||
static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, struct security_token *token,
|
||||
uint32 access_desired, uint32 *access_granted )
|
||||
{
|
||||
if ( geteuid() == sec_initial_uid() ) {
|
||||
@ -387,7 +387,7 @@ WERROR _svcctl_QueryServiceStatus(struct pipes_struct *p,
|
||||
/********************************************************************
|
||||
********************************************************************/
|
||||
|
||||
static int enumerate_status( TALLOC_CTX *ctx, struct ENUM_SERVICE_STATUSW **status, NT_USER_TOKEN *token )
|
||||
static int enumerate_status( TALLOC_CTX *ctx, struct ENUM_SERVICE_STATUSW **status, struct security_token *token )
|
||||
{
|
||||
int num_services = 0;
|
||||
int i;
|
||||
@ -430,7 +430,7 @@ WERROR _svcctl_EnumServicesStatusW(struct pipes_struct *p,
|
||||
size_t buffer_size = 0;
|
||||
WERROR result = WERR_OK;
|
||||
SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
|
||||
NT_USER_TOKEN *token = p->server_info->ptok;
|
||||
struct security_token *token = p->server_info->ptok;
|
||||
DATA_BLOB blob = data_blob_null;
|
||||
|
||||
/* perform access checks */
|
||||
@ -642,7 +642,7 @@ WERROR _svcctl_QueryServiceStatusEx(struct pipes_struct *p,
|
||||
|
||||
static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name,
|
||||
struct QUERY_SERVICE_CONFIG *config,
|
||||
NT_USER_TOKEN *token )
|
||||
struct security_token *token )
|
||||
{
|
||||
struct regval_ctr *values;
|
||||
struct regval_blob *val;
|
||||
|
||||
@ -502,7 +502,7 @@ void svcctl_init_keys( void )
|
||||
in case of any failure.
|
||||
********************************************************************/
|
||||
|
||||
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
|
||||
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token )
|
||||
{
|
||||
struct registry_key_handle *key = NULL;
|
||||
struct regval_ctr *values = NULL;
|
||||
@ -564,7 +564,7 @@ done:
|
||||
Wrapper to make storing a Service sd easier
|
||||
********************************************************************/
|
||||
|
||||
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token )
|
||||
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token )
|
||||
{
|
||||
struct registry_key_handle *key = NULL;
|
||||
WERROR wresult;
|
||||
@ -618,7 +618,7 @@ bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_desc
|
||||
/********************************************************************
|
||||
********************************************************************/
|
||||
|
||||
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
|
||||
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token )
|
||||
{
|
||||
const char *display_name = NULL;
|
||||
struct registry_key_handle *key = NULL;
|
||||
@ -671,7 +671,7 @@ fail:
|
||||
/********************************************************************
|
||||
********************************************************************/
|
||||
|
||||
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
|
||||
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token )
|
||||
{
|
||||
const char *description = NULL;
|
||||
struct registry_key_handle *key = NULL;
|
||||
@ -722,7 +722,7 @@ const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER
|
||||
/********************************************************************
|
||||
********************************************************************/
|
||||
|
||||
struct regval_ctr *svcctl_fetch_regvalues(const char *name, NT_USER_TOKEN *token)
|
||||
struct regval_ctr *svcctl_fetch_regvalues(const char *name, struct security_token *token)
|
||||
{
|
||||
struct registry_key_handle *key = NULL;
|
||||
struct regval_ctr *values = NULL;
|
||||
|
||||
@ -85,7 +85,7 @@ extern struct smb_srv_trans_enc_ctx *srv_trans_enc_ctx;
|
||||
|
||||
struct sec_ctx {
|
||||
UNIX_USER_TOKEN ut;
|
||||
NT_USER_TOKEN *token;
|
||||
struct security_token *token;
|
||||
};
|
||||
/* A stack of security contexts. We include the current context as being
|
||||
the first one, so there is room for another MAX_SEC_CTX_DEPTH more. */
|
||||
|
||||
@ -56,7 +56,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
|
||||
|
||||
NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
|
||||
const struct security_descriptor *sd,
|
||||
const NT_USER_TOKEN *token,
|
||||
const struct security_token *token,
|
||||
uint32_t access_desired,
|
||||
uint32_t *access_granted)
|
||||
{
|
||||
|
||||
@ -300,7 +300,7 @@ static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *grou
|
||||
Set the current security context to a given user.
|
||||
****************************************************************************/
|
||||
|
||||
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token)
|
||||
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token)
|
||||
{
|
||||
struct sec_ctx *ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
|
||||
|
||||
|
||||
@ -538,7 +538,7 @@ const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn)
|
||||
return ¤t_user.ut;
|
||||
}
|
||||
|
||||
const NT_USER_TOKEN *get_current_nttok(connection_struct *conn)
|
||||
const struct security_token *get_current_nttok(connection_struct *conn)
|
||||
{
|
||||
return current_user.nt_user_token;
|
||||
}
|
||||
|
||||
@ -26,9 +26,9 @@
|
||||
|
||||
/* The following definitions come from auth/token_util.c */
|
||||
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
|
||||
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
|
||||
NT_USER_TOKEN *get_root_nt_token( void );
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
|
||||
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
|
||||
struct security_token *get_root_nt_token( void );
|
||||
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
|
||||
struct security_token *token);
|
||||
struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
|
||||
@ -36,7 +36,7 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
|
||||
bool is_guest,
|
||||
int num_groupsids,
|
||||
const struct dom_sid *groupsids);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
|
||||
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
|
||||
int n_groups, gid_t *groups);
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ static WERROR open_hive(TALLOC_CTX *ctx, const char *path,
|
||||
char **subkeyname)
|
||||
{
|
||||
WERROR werr;
|
||||
NT_USER_TOKEN *token = NULL;
|
||||
struct security_token *token = NULL;
|
||||
char *hivename = NULL;
|
||||
char *tmp_subkeyname = NULL;
|
||||
TALLOC_CTX *tmp_ctx = talloc_stackframe();
|
||||
|
||||
@ -4114,7 +4114,7 @@ static NTSTATUS rpc_aliaslist_internals(struct net_context *c,
|
||||
return result;
|
||||
}
|
||||
|
||||
static void init_user_token(NT_USER_TOKEN *token, struct dom_sid *user_sid)
|
||||
static void init_user_token(struct security_token *token, struct dom_sid *user_sid)
|
||||
{
|
||||
token->num_sids = 4;
|
||||
|
||||
@ -4130,12 +4130,12 @@ static void init_user_token(NT_USER_TOKEN *token, struct dom_sid *user_sid)
|
||||
sid_copy(&token->sids[3], &global_sid_Authenticated_Users);
|
||||
}
|
||||
|
||||
static void free_user_token(NT_USER_TOKEN *token)
|
||||
static void free_user_token(struct security_token *token)
|
||||
{
|
||||
SAFE_FREE(token->sids);
|
||||
}
|
||||
|
||||
static void add_sid_to_token(NT_USER_TOKEN *token, struct dom_sid *sid)
|
||||
static void add_sid_to_token(struct security_token *token, struct dom_sid *sid)
|
||||
{
|
||||
if (is_sid_in_token(token, sid))
|
||||
return;
|
||||
@ -4152,7 +4152,7 @@ static void add_sid_to_token(NT_USER_TOKEN *token, struct dom_sid *sid)
|
||||
|
||||
struct user_token {
|
||||
fstring name;
|
||||
NT_USER_TOKEN token;
|
||||
struct security_token token;
|
||||
};
|
||||
|
||||
static void dump_user_token(struct user_token *token)
|
||||
@ -4178,7 +4178,7 @@ static bool is_alias_member(struct dom_sid *sid, struct full_alias *alias)
|
||||
return false;
|
||||
}
|
||||
|
||||
static void collect_sid_memberships(NT_USER_TOKEN *token, struct dom_sid sid)
|
||||
static void collect_sid_memberships(struct security_token *token, struct dom_sid sid)
|
||||
{
|
||||
int i;
|
||||
|
||||
@ -4195,7 +4195,7 @@ static void collect_sid_memberships(NT_USER_TOKEN *token, struct dom_sid sid)
|
||||
* add them to the token.
|
||||
*/
|
||||
|
||||
static void collect_alias_memberships(NT_USER_TOKEN *token)
|
||||
static void collect_alias_memberships(struct security_token *token)
|
||||
{
|
||||
int num_global_sids = token->num_sids;
|
||||
int i;
|
||||
@ -4205,7 +4205,7 @@ static void collect_alias_memberships(NT_USER_TOKEN *token)
|
||||
}
|
||||
}
|
||||
|
||||
static bool get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *token)
|
||||
static bool get_user_sids(const char *domain, const char *user, struct security_token *token)
|
||||
{
|
||||
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
|
||||
enum wbcSidType type;
|
||||
|
||||
@ -26,9 +26,9 @@
|
||||
|
||||
/* The following definitions come from auth/token_util.c */
|
||||
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
|
||||
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
|
||||
NT_USER_TOKEN *get_root_nt_token( void );
|
||||
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
|
||||
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
|
||||
struct security_token *get_root_nt_token( void );
|
||||
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
|
||||
struct security_token *token);
|
||||
struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
|
||||
@ -36,7 +36,7 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
|
||||
bool is_guest,
|
||||
int num_groupsids,
|
||||
const struct dom_sid *groupsids);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
|
||||
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
|
||||
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
|
||||
int n_groups, gid_t *groups);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user