1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00

s3:auth Remove NT_USER_TOKEN

The all UPPER case typedef is no longer the preferred Samba style
and this makes it easier to see that this is the IDL-derivied structure

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
Andrew Bartlett 2010-08-26 22:08:22 +10:00
parent 4bfc8d3b1a
commit d1bb21b0d5
32 changed files with 119 additions and 121 deletions

View File

@ -594,7 +594,7 @@ NTSTATUS init_gp_extensions(TALLOC_CTX *mem_ctx)
}
if (!reg_ctx) {
NT_USER_TOKEN *token;
struct security_token *token;
token = registry_create_system_token(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(token);
@ -678,7 +678,7 @@ void debug_gpext_header(int lvl,
NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extension_guid,
const char *snapin_guid)
@ -692,7 +692,7 @@ NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct registry_key *root_key,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,

View File

@ -65,7 +65,7 @@ struct gp_extension_methods {
TALLOC_CTX *mem_ctx,
uint32_t flags,
struct registry_key *root_key,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid);
@ -73,7 +73,7 @@ struct gp_extension_methods {
NTSTATUS (*process_group_policy2)(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extension_guid);
@ -109,14 +109,14 @@ void debug_gpext_header(int lvl,
NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extension_guid,
const char *snapin_guid);
NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct registry_key *root_key,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,

View File

@ -156,7 +156,7 @@ struct gp_registry_entries {
};
struct gp_registry_context {
const NT_USER_TOKEN *token;
const struct security_token *token;
const char *path;
struct registry_key *curr_key;
};
@ -215,18 +215,18 @@ ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *dn,
NT_USER_TOKEN **token);
struct security_token **token);
ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *dn,
uint32_t flags,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT **gpo_list);
/* The following definitions come from libgpo/gpo_sec.c */
NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo,
const NT_USER_TOKEN *token);
const struct security_token *token);
/* The following definitions come from libgpo/gpo_util.c */
@ -245,14 +245,14 @@ void dump_gpo_list(ADS_STRUCT *ads,
void dump_gplink(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GP_LINK *gp_link);
ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct registry_key *root_key,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid_filter,
uint32_t flags);
ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extensions_guid_filter,
uint32_t flags);
@ -282,7 +282,7 @@ ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx,
const char *dn,
NT_USER_TOKEN **token);
struct security_token **token);
#include "../libgpo/gpext/gpext.h"

View File

@ -552,7 +552,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
struct GP_LINK *gp_link,
enum GPO_LINK_TYPE link_type,
bool only_add_forced_gpos,
const NT_USER_TOKEN *token)
const struct security_token *token)
{
ADS_STATUS status;
int i;
@ -619,7 +619,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *dn,
NT_USER_TOKEN **token)
struct security_token **token)
{
ADS_STATUS status;
struct dom_sid object_sid;
@ -628,7 +628,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
size_t num_ad_token_sids = 0;
struct dom_sid *token_sids;
uint32_t num_token_sids = 0;
NT_USER_TOKEN *new_token = NULL;
struct security_token *new_token = NULL;
int i;
status = ads_get_tokensids(ads, mem_ctx, dn,
@ -710,7 +710,7 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *dn,
uint32_t flags,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT **gpo_list)
{
/* (L)ocal (S)ite (D)omain (O)rganizational(U)nit */

View File

@ -101,7 +101,7 @@ static bool gpo_sd_check_read_access_bits(uint32_t access_mask)
****************************************************************/
static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
const NT_USER_TOKEN *token)
const struct security_token *token)
{
char *sid_str;
@ -123,7 +123,7 @@ static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
****************************************************************/
static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace,
const NT_USER_TOKEN *token)
const struct security_token *token)
{
char *sid_str;
@ -146,7 +146,7 @@ static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace,
****************************************************************/
static NTSTATUS gpo_sd_check_ace(const struct security_ace *ace,
const NT_USER_TOKEN *token)
const struct security_token *token)
{
switch (ace->type) {
case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
@ -162,7 +162,7 @@ static NTSTATUS gpo_sd_check_ace(const struct security_ace *ace,
****************************************************************/
NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo,
const NT_USER_TOKEN *token)
const struct security_token *token)
{
struct security_descriptor *sd = gpo->security_descriptor;
struct security_acl *dacl = NULL;

View File

@ -448,7 +448,7 @@ static bool gpo_get_gp_ext_from_gpo(TALLOC_CTX *mem_ctx,
ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct registry_key *root_key,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid_filter,
@ -505,7 +505,7 @@ ADS_STATUS gpo_process_a_gpo(ADS_STRUCT *ads,
static ADS_STATUS gpo_process_gpo_list_by_ext(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct registry_key *root_key,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extensions_guid,
@ -543,7 +543,7 @@ static ADS_STATUS gpo_process_gpo_list_by_ext(ADS_STRUCT *ads,
ADS_STATUS gpo_process_gpo_list(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const NT_USER_TOKEN *token,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extensions_guid_filter,
uint32_t flags)
@ -840,9 +840,9 @@ ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx,
const char *dn,
NT_USER_TOKEN **token)
struct security_token **token)
{
NT_USER_TOKEN *ad_token = NULL;
struct security_token *ad_token = NULL;
ADS_STATUS status;
#if _SAMBA_BUILD_ == 4
struct auth_session_info *info;

View File

@ -388,7 +388,7 @@ bool make_user_info_guest(struct auth_usersupplied_info **user_info)
return NT_STATUS_IS_OK(nt_status) ? True : False;
}
static NTSTATUS log_nt_token(NT_USER_TOKEN *token)
static NTSTATUS log_nt_token(struct security_token *token)
{
TALLOC_CTX *frame = talloc_stackframe();
char *command;
@ -929,7 +929,7 @@ const struct auth_serversupplied_info *get_server_info_system(void)
bool copy_current_user(struct current_user *dst, struct current_user *src)
{
gid_t *groups;
NT_USER_TOKEN *nt_token;
struct security_token *nt_token;
groups = (gid_t *)memdup(src->ut.groups,
sizeof(gid_t) * src->ut.ngroups);

View File

@ -31,10 +31,10 @@
#include "../librpc/gen_ndr/netlogon.h"
/****************************************************************************
Check for a SID in an NT_USER_TOKEN
Check for a SID in an struct security_token
****************************************************************************/
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token )
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token )
{
int i;
@ -49,7 +49,7 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token
return False;
}
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid )
{
struct dom_sid domain_sid;
@ -79,7 +79,7 @@ bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
Create a copy if your need to change it.
******************************************************************************/
NT_USER_TOKEN *get_root_nt_token( void )
struct security_token *get_root_nt_token( void )
{
struct security_token *token, *for_cache;
struct dom_sid u_sid, g_sid;
@ -649,10 +649,10 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result,
}
/****************************************************************************
prints a NT_USER_TOKEN to debug output.
prints a struct security_token to debug output.
****************************************************************************/
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token)
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token)
{
size_t i;

View File

@ -34,7 +34,7 @@ struct auth_serversupplied_info {
/* NT group information taken from the info3 structure */
NT_USER_TOKEN *ptok;
struct security_token *ptok;
/* This is the final session key, as used by SMB signing, and
* (truncated to 16 bytes) encryption on the SAMR and LSA pipes

View File

@ -241,9 +241,9 @@ NTSTATUS pass_check(const struct passwd *pass,
/* The following definitions come from auth/token_util.c */
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
NT_USER_TOKEN *get_root_nt_token( void );
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
struct security_token *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
struct security_token *token);
NTSTATUS create_builtin_users(const struct dom_sid *sid);
@ -258,7 +258,7 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 *info3,
struct extra_auth_info *extra,
struct security_token **ntok);
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups);
@ -663,8 +663,8 @@ void dump_se_priv( int dbg_cl, int dbg_lvl, const uint64_t *mask );
bool is_privilege_assigned(const uint64_t *privileges,
const uint64_t *check);
const char* get_privilege_dispname( const char *name );
bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege);
bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege);
bool user_has_privileges(const struct security_token *token, const uint64_t *privilege);
bool user_has_any_privilege(struct security_token *token, const uint64_t *privilege);
int count_all_privileges( void );
struct lsa_LUIDAttribute get_privilege_luid( uint64_t *mask );
const char *luid_to_privilege_name(const struct lsa_LUID *set);
@ -756,7 +756,7 @@ struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *ser
size_t *psize);
bool set_share_security(const char *share_name, struct security_descriptor *psd);
bool delete_share_security(const char *servicename);
bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
bool share_access_check(const struct security_token *token, const char *sharename,
uint32 desired_access);
bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd);
@ -1286,12 +1286,12 @@ void smb_nscd_flush_group_cache(void);
/* The following definitions come from lib/util_nttoken.c */
NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken);
struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_token *ptoken);
NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
const struct security_token *token_1,
const struct security_token *token_2,
struct security_token **token_out);
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
bool token_sid_in_ace(const struct security_token *token, const struct security_ace *ace);
/* The following definitions come from lib/util_pw.c */
@ -1314,7 +1314,7 @@ bool pull_reg_multi_sz(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const char **
void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping);
void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping);
void se_map_standard(uint32 *access_mask, const struct standard_mapping *mapping);
NTSTATUS se_access_check(const struct security_descriptor *sd, const NT_USER_TOKEN *token,
NTSTATUS se_access_check(const struct security_descriptor *sd, const struct security_token *token,
uint32 acc_desired, uint32 *acc_granted);
/* The following definitions come from lib/util_sec.c */
@ -1339,7 +1339,7 @@ bool is_setuid_root(void) ;
/* The following definitions come from lib/util_sid.c */
const char *sid_type_lookup(uint32 sid_type) ;
NT_USER_TOKEN *get_system_token(void) ;
struct security_token *get_system_token(void) ;
char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid);
char *sid_string_talloc(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
char *sid_string_dbg(const struct dom_sid *sid);
@ -1368,7 +1368,7 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t
bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
uint32 rid, uint32 **pp_rids, size_t *p_num);
bool is_null_sid(const struct dom_sid *sid);
bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid);
bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid);
NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
const struct netr_SamInfo3 *info3,
struct dom_sid **user_sids,
@ -4450,11 +4450,11 @@ bool init_service_op_table( void );
/* The following definitions come from services/services_db.c */
void svcctl_init_keys( void );
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token );
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
struct regval_ctr *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token );
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token );
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token );
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token );
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token );
struct regval_ctr *svcctl_fetch_regvalues( const char *name, struct security_token *token );
/* The following definitions come from services/svc_netlogon.c */
@ -5033,7 +5033,7 @@ void reply_nttranss(struct smb_request *req);
NTSTATUS smb1_file_se_access_check(connection_struct *conn,
const struct security_descriptor *sd,
const NT_USER_TOKEN *token,
const struct security_token *token,
uint32_t access_desired,
uint32_t *access_granted);
NTSTATUS fd_close(files_struct *fsp);
@ -5409,7 +5409,7 @@ void server_encryption_shutdown(void);
bool unix_token_equal(const UNIX_USER_TOKEN *t1, const UNIX_USER_TOKEN *t2);
bool push_sec_ctx(void);
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token);
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token);
void set_root_sec_ctx(void);
bool pop_sec_ctx(void);
void init_sec_ctx(void);
@ -5575,7 +5575,7 @@ bool unbecome_user(void);
uid_t get_current_uid(connection_struct *conn);
gid_t get_current_gid(connection_struct *conn);
const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn);
const NT_USER_TOKEN *get_current_nttok(connection_struct *conn);
const struct security_token *get_current_nttok(connection_struct *conn);
uint16_t get_current_vuid(connection_struct *conn);
/* The following definitions come from smbd/utmp.c */
@ -5666,11 +5666,11 @@ struct tevent_req *fncall_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
int fncall_recv(struct tevent_req *req, int *perr);
/* The following definitions come from rpc_server/srv_samr_nt.c */
NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
NTSTATUS access_check_object( struct security_descriptor *psd, struct security_token *token,
uint64_t *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug);
void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
void map_max_allowed_access(const struct security_token *nt_token,
const struct unix_user_token *unix_token,
uint32_t *pacc_requested);

View File

@ -49,7 +49,7 @@ struct registry_ops {
bool (*store_values)( const char *key, struct regval_ctr *val );
bool (*reg_access_check)( const char *keyname, uint32 requested,
uint32 *granted,
const NT_USER_TOKEN *token );
const struct security_token *token );
WERROR (*get_secdesc)(TALLOC_CTX *mem_ctx, const char *key,
struct security_descriptor **psecdesc);
WERROR (*set_secdesc)(const char *key,

View File

@ -232,8 +232,6 @@ extern const struct dom_sid global_sid_Unix_Groups;
#define PRIMARY_USER_SID_INDEX 0
#define PRIMARY_GROUP_SID_INDEX 1
typedef struct security_token NT_USER_TOKEN;
typedef struct unix_user_token {
uid_t uid;
gid_t gid;
@ -551,7 +549,7 @@ struct current_user {
connection_struct *conn;
uint16 vuid;
UNIX_USER_TOKEN ut;
NT_USER_TOKEN *nt_user_token;
struct security_token *nt_user_token;
};
struct smbd_smb2_request;

View File

@ -281,7 +281,7 @@ const char* get_privilege_dispname( const char *name )
at a time here.
*****************************************************************************/
bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege)
bool user_has_privileges(const struct security_token *token, const uint64_t *privilege)
{
if ( !token )
return False;
@ -294,7 +294,7 @@ bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege)
at a time here.
*****************************************************************************/
bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege)
bool user_has_any_privilege(struct security_token *token, const uint64_t *privilege)
{
if ( !token )
return False;

View File

@ -407,7 +407,7 @@ bool delete_share_security(const char *servicename)
Can this user access with share with the required permissions ?
********************************************************************/
bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
bool share_access_check(const struct security_token *token, const char *sharename,
uint32 desired_access)
{
uint32 granted;

View File

@ -31,14 +31,14 @@
Duplicate a SID token.
****************************************************************************/
NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken)
struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_token *ptoken)
{
NT_USER_TOKEN *token;
struct security_token *token;
if (!ptoken)
return NULL;
token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
token = TALLOC_ZERO_P(mem_ctx, struct security_token);
if (token == NULL) {
DEBUG(0, ("talloc failed\n"));
return NULL;
@ -120,7 +120,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
Check if this struct security_ace has a SID in common with the token.
********************************************************************/
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
bool token_sid_in_ace(const struct security_token *token, const struct security_ace *ace)
{
size_t i;

View File

@ -22,7 +22,7 @@
#include "includes.h"
extern NT_USER_TOKEN anonymous_token;
extern struct security_token anonymous_token;
/* Map generic access rights to object specific rights. This technique is
used to give meaning to assigning read, write, execute and all access to
@ -106,7 +106,7 @@ void se_map_standard(uint32 *access_mask, const struct standard_mapping *mapping
perform a SEC_FLAG_MAXIMUM_ALLOWED access check
*/
static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
const NT_USER_TOKEN *token)
const struct security_token *token)
{
uint32_t denied = 0, granted = 0;
unsigned i;
@ -154,7 +154,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
to by the access_granted pointer.
*/
NTSTATUS se_access_check(const struct security_descriptor *sd,
const NT_USER_TOKEN *token,
const struct security_token *token,
uint32_t access_desired,
uint32_t *access_granted)
{

View File

@ -107,11 +107,11 @@ static struct dom_sid anon_sid_array[3] =
{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
{ 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
{ 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
NT_USER_TOKEN anonymous_token = { 3, anon_sid_array, SE_NONE };
struct security_token anonymous_token = { 3, anon_sid_array, SE_NONE };
static struct dom_sid system_sid_array[1] =
{ { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
NT_USER_TOKEN system_token = { 1, system_sid_array, SE_ALL_PRIVS };
struct security_token system_token = { 1, system_sid_array, SE_ALL_PRIVS };
/****************************************************************************
Lookup string names for SID types.
@ -153,7 +153,7 @@ const char *sid_type_lookup(uint32 sid_type)
Create the SYSTEM token.
***************************************************************************/
NT_USER_TOKEN *get_system_token(void)
struct security_token *get_system_token(void)
{
return &system_token;
}
@ -668,7 +668,7 @@ bool is_null_sid(const struct dom_sid *sid)
return sid_equal(sid, &null_sid);
}
bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid)
bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid)
{
int i;

View File

@ -28,16 +28,16 @@
* - disk operators privilege
*/
NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
NT_USER_TOKEN **ptoken)
struct security_token **ptoken)
{
NTSTATUS status;
NT_USER_TOKEN *token = NULL;
struct security_token *token = NULL;
if (ptoken == NULL) {
return NT_STATUS_INVALID_PARAMETER;
}
token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
token = TALLOC_ZERO_P(mem_ctx, struct security_token);
if (token == NULL) {
DEBUG(1, ("talloc failed\n"));
status = NT_STATUS_NO_MEMORY;

View File

@ -21,6 +21,6 @@
#define _REG_UTIL_TOKEN_H
NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
NT_USER_TOKEN **ptoken);
struct security_token **ptoken);
#endif /* _REG_UTIL_TOKEN_H */

View File

@ -69,7 +69,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( struct pipes_struct * p,
/********************************************************************
********************************************************************/
static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
static bool elog_check_access( EVENTLOG_INFO *info, struct security_token *token )
{
char *tdbname = elog_tdbname(talloc_tos(), info->logname );
struct security_descriptor *sec_desc;

View File

@ -179,7 +179,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, struct security_descriptor
level of access for further checks.
********************************************************************/
NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
NTSTATUS access_check_object( struct security_descriptor *psd, struct security_token *token,
uint64_t *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug )
@ -241,7 +241,7 @@ done:
Map any MAXIMUM_ALLOWED_ACCESS request to a valid access set.
********************************************************************/
void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
void map_max_allowed_access(const struct security_token *nt_token,
const struct unix_user_token *unix_token,
uint32_t *pacc_requested)
{

View File

@ -150,7 +150,7 @@ const struct standard_mapping printserver_std_mapping = {
struct xcv_api_table {
const char *name;
WERROR(*fn) (TALLOC_CTX *mem_ctx, NT_USER_TOKEN *token, DATA_BLOB *in, DATA_BLOB *out, uint32_t *needed);
WERROR(*fn) (TALLOC_CTX *mem_ctx, struct security_token *token, DATA_BLOB *in, DATA_BLOB *out, uint32_t *needed);
};
static void prune_printername_cache(void);
@ -357,7 +357,7 @@ static bool close_printer_handle(struct pipes_struct *p, struct policy_handle *h
Delete a printer given a handle.
****************************************************************************/
static WERROR delete_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
const char *sharename,
struct messaging_context *msg_ctx)
{
@ -5859,7 +5859,7 @@ static bool check_printer_ok(TALLOC_CTX *mem_ctx,
/****************************************************************************
****************************************************************************/
static WERROR add_port_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, const char *portname, const char *uri)
static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const char *portname, const char *uri)
{
char *cmd = lp_addport_cmd();
char *command = NULL;
@ -5908,7 +5908,7 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, const char *p
/****************************************************************************
****************************************************************************/
static bool add_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
struct spoolss_SetPrinterInfo2 *info2,
const char *remote_machine,
struct messaging_context *msg_ctx)
@ -9540,7 +9540,7 @@ static bool push_monitorui_buf(TALLOC_CTX *mem_ctx, DATA_BLOB *buf,
*******************************************************************/
static WERROR xcvtcp_monitorui(TALLOC_CTX *mem_ctx,
NT_USER_TOKEN *token, DATA_BLOB *in,
struct security_token *token, DATA_BLOB *in,
DATA_BLOB *out, uint32_t *needed)
{
const char *dllname = "tcpmonui.dll";
@ -9595,7 +9595,7 @@ static bool pull_port_data_2(TALLOC_CTX *mem_ctx,
*******************************************************************/
static WERROR xcvtcp_addport(TALLOC_CTX *mem_ctx,
NT_USER_TOKEN *token, DATA_BLOB *in,
struct security_token *token, DATA_BLOB *in,
DATA_BLOB *out, uint32_t *needed)
{
struct spoolss_PortData1 port1;
@ -9687,7 +9687,7 @@ struct xcv_api_table xcvtcp_cmds[] = {
};
static WERROR process_xcvtcp_command(TALLOC_CTX *mem_ctx,
NT_USER_TOKEN *token, const char *command,
struct security_token *token, const char *command,
DATA_BLOB *inbuf,
DATA_BLOB *outbuf,
uint32_t *needed )
@ -9709,7 +9709,7 @@ static WERROR process_xcvtcp_command(TALLOC_CTX *mem_ctx,
#if 0 /* don't support management using the "Local Port" monitor */
static WERROR xcvlocal_monitorui(TALLOC_CTX *mem_ctx,
NT_USER_TOKEN *token, DATA_BLOB *in,
struct security_token *token, DATA_BLOB *in,
DATA_BLOB *out, uint32_t *needed)
{
const char *dllname = "localui.dll";
@ -9746,7 +9746,7 @@ struct xcv_api_table xcvlocal_cmds[] = {
*******************************************************************/
static WERROR process_xcvlocal_command(TALLOC_CTX *mem_ctx,
NT_USER_TOKEN *token, const char *command,
struct security_token *token, const char *command,
DATA_BLOB *inbuf, DATA_BLOB *outbuf,
uint32_t *needed)
{

View File

@ -123,7 +123,7 @@ static struct service_control_op* find_service_by_name( const char *name )
/********************************************************************
********************************************************************/
static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, NT_USER_TOKEN *token,
static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, struct security_token *token,
uint32 access_desired, uint32 *access_granted )
{
if ( geteuid() == sec_initial_uid() ) {
@ -387,7 +387,7 @@ WERROR _svcctl_QueryServiceStatus(struct pipes_struct *p,
/********************************************************************
********************************************************************/
static int enumerate_status( TALLOC_CTX *ctx, struct ENUM_SERVICE_STATUSW **status, NT_USER_TOKEN *token )
static int enumerate_status( TALLOC_CTX *ctx, struct ENUM_SERVICE_STATUSW **status, struct security_token *token )
{
int num_services = 0;
int i;
@ -430,7 +430,7 @@ WERROR _svcctl_EnumServicesStatusW(struct pipes_struct *p,
size_t buffer_size = 0;
WERROR result = WERR_OK;
SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
NT_USER_TOKEN *token = p->server_info->ptok;
struct security_token *token = p->server_info->ptok;
DATA_BLOB blob = data_blob_null;
/* perform access checks */
@ -642,7 +642,7 @@ WERROR _svcctl_QueryServiceStatusEx(struct pipes_struct *p,
static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name,
struct QUERY_SERVICE_CONFIG *config,
NT_USER_TOKEN *token )
struct security_token *token )
{
struct regval_ctr *values;
struct regval_blob *val;

View File

@ -502,7 +502,7 @@ void svcctl_init_keys( void )
in case of any failure.
********************************************************************/
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
struct registry_key_handle *key = NULL;
struct regval_ctr *values = NULL;
@ -564,7 +564,7 @@ done:
Wrapper to make storing a Service sd easier
********************************************************************/
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token )
bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token )
{
struct registry_key_handle *key = NULL;
WERROR wresult;
@ -618,7 +618,7 @@ bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_desc
/********************************************************************
********************************************************************/
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
const char *display_name = NULL;
struct registry_key_handle *key = NULL;
@ -671,7 +671,7 @@ fail:
/********************************************************************
********************************************************************/
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
const char *description = NULL;
struct registry_key_handle *key = NULL;
@ -722,7 +722,7 @@ const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER
/********************************************************************
********************************************************************/
struct regval_ctr *svcctl_fetch_regvalues(const char *name, NT_USER_TOKEN *token)
struct regval_ctr *svcctl_fetch_regvalues(const char *name, struct security_token *token)
{
struct registry_key_handle *key = NULL;
struct regval_ctr *values = NULL;

View File

@ -85,7 +85,7 @@ extern struct smb_srv_trans_enc_ctx *srv_trans_enc_ctx;
struct sec_ctx {
UNIX_USER_TOKEN ut;
NT_USER_TOKEN *token;
struct security_token *token;
};
/* A stack of security contexts. We include the current context as being
the first one, so there is room for another MAX_SEC_CTX_DEPTH more. */

View File

@ -56,7 +56,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
const struct security_descriptor *sd,
const NT_USER_TOKEN *token,
const struct security_token *token,
uint32_t access_desired,
uint32_t *access_granted)
{

View File

@ -300,7 +300,7 @@ static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *grou
Set the current security context to a given user.
****************************************************************************/
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token)
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token)
{
struct sec_ctx *ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];

View File

@ -538,7 +538,7 @@ const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn)
return &current_user.ut;
}
const NT_USER_TOKEN *get_current_nttok(connection_struct *conn)
const struct security_token *get_current_nttok(connection_struct *conn)
{
return current_user.nt_user_token;
}

View File

@ -26,9 +26,9 @@
/* The following definitions come from auth/token_util.c */
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
NT_USER_TOKEN *get_root_nt_token( void );
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
struct security_token *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
struct security_token *token);
struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
@ -36,7 +36,7 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
bool is_guest,
int num_groupsids,
const struct dom_sid *groupsids);
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups);

View File

@ -41,7 +41,7 @@ static WERROR open_hive(TALLOC_CTX *ctx, const char *path,
char **subkeyname)
{
WERROR werr;
NT_USER_TOKEN *token = NULL;
struct security_token *token = NULL;
char *hivename = NULL;
char *tmp_subkeyname = NULL;
TALLOC_CTX *tmp_ctx = talloc_stackframe();

View File

@ -4114,7 +4114,7 @@ static NTSTATUS rpc_aliaslist_internals(struct net_context *c,
return result;
}
static void init_user_token(NT_USER_TOKEN *token, struct dom_sid *user_sid)
static void init_user_token(struct security_token *token, struct dom_sid *user_sid)
{
token->num_sids = 4;
@ -4130,12 +4130,12 @@ static void init_user_token(NT_USER_TOKEN *token, struct dom_sid *user_sid)
sid_copy(&token->sids[3], &global_sid_Authenticated_Users);
}
static void free_user_token(NT_USER_TOKEN *token)
static void free_user_token(struct security_token *token)
{
SAFE_FREE(token->sids);
}
static void add_sid_to_token(NT_USER_TOKEN *token, struct dom_sid *sid)
static void add_sid_to_token(struct security_token *token, struct dom_sid *sid)
{
if (is_sid_in_token(token, sid))
return;
@ -4152,7 +4152,7 @@ static void add_sid_to_token(NT_USER_TOKEN *token, struct dom_sid *sid)
struct user_token {
fstring name;
NT_USER_TOKEN token;
struct security_token token;
};
static void dump_user_token(struct user_token *token)
@ -4178,7 +4178,7 @@ static bool is_alias_member(struct dom_sid *sid, struct full_alias *alias)
return false;
}
static void collect_sid_memberships(NT_USER_TOKEN *token, struct dom_sid sid)
static void collect_sid_memberships(struct security_token *token, struct dom_sid sid)
{
int i;
@ -4195,7 +4195,7 @@ static void collect_sid_memberships(NT_USER_TOKEN *token, struct dom_sid sid)
* add them to the token.
*/
static void collect_alias_memberships(NT_USER_TOKEN *token)
static void collect_alias_memberships(struct security_token *token)
{
int num_global_sids = token->num_sids;
int i;
@ -4205,7 +4205,7 @@ static void collect_alias_memberships(NT_USER_TOKEN *token)
}
}
static bool get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *token)
static bool get_user_sids(const char *domain, const char *user, struct security_token *token)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
enum wbcSidType type;

View File

@ -26,9 +26,9 @@
/* The following definitions come from auth/token_util.c */
bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
NT_USER_TOKEN *get_root_nt_token( void );
bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
struct security_token *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
struct security_token *token);
struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
@ -36,7 +36,7 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
bool is_guest,
int num_groupsids,
const struct dom_sid *groupsids);
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups);