diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-08-24 14:47:26 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-09-11 18:46:03 +1000 |
commit | 42a98a570b57c3b4625f56179c6697a45427e8a6 (patch) | |
tree | 3f13de3cc137eb3f35e44593c14bb08bd60fef91 | |
parent | b8f28c2e70b3fa332313126ea6f1f2f42fb46a90 (diff) | |
download | samba-42a98a570b57c3b4625f56179c6697a45427e8a6.tar.gz samba-42a98a570b57c3b4625f56179c6697a45427e8a6.tar.bz2 samba-42a98a570b57c3b4625f56179c6697a45427e8a6.zip |
s3:privileges Change SE_PRIV to be just a uint64_t
We don't need 128 possible privileges here, as we only use 12.
This reverts some of 46e5effea948931509283cb84b27007d34b521c8
by Jerry back in 2005, where he introduced the SE_PRIV structure
to replace the uint32_t used at the time.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r-- | source3/include/privileges.h | 39 | ||||
-rw-r--r-- | source3/lib/privileges_basic.c | 29 |
2 files changed, 22 insertions, 46 deletions
diff --git a/source3/include/privileges.h b/source3/include/privileges.h index 35fccd38a8..ba09f57fae 100644 --- a/source3/include/privileges.h +++ b/source3/include/privileges.h @@ -29,38 +29,33 @@ /* privilege bitmask */ -#define SE_PRIV_MASKSIZE 4 - -typedef struct { - uint32 mask[SE_PRIV_MASKSIZE]; -} SE_PRIV; - +typedef uint64_t SE_PRIV; /* common privilege defines */ -#define SE_END { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_NONE { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_ALL_PRIVS { { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF } } +#define SE_END 0x0 +#define SE_NONE 0x0 +#define SE_ALL_PRIVS (SE_PRIV)-1 /* * We will use our own set of privileges since it makes no sense * to implement all of the Windows set when only a portion will - * be used. Use 128-bit mask to give room to grow. + * be used. Use 64-bit mask to give room to grow. */ -#define SE_NETWORK_LOGON { { 0x00000001, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_INTERACTIVE_LOGON { { 0x00000002, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_BATCH_LOGON { { 0x00000004, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_SERVICE_LOGON { { 0x00000008, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_MACHINE_ACCOUNT { { 0x00000010, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_PRINT_OPERATOR { { 0x00000020, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_ADD_USERS { { 0x00000040, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_DISK_OPERATOR { { 0x00000080, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_REMOTE_SHUTDOWN { { 0x00000100, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_BACKUP { { 0x00000200, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_RESTORE { { 0x00000400, 0x00000000, 0x00000000, 0x00000000 } } -#define SE_TAKE_OWNERSHIP { { 0x00000800, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_NETWORK_LOGON 0x00000001 +#define SE_INTERACTIVE_LOGON 0x00000002 +#define SE_BATCH_LOGON 0x00000004 +#define SE_SERVICE_LOGON 0x00000008 +#define SE_MACHINE_ACCOUNT 0x00000010 +#define SE_PRINT_OPERATOR 0x00000020 +#define SE_ADD_USERS 0x00000040 +#define SE_DISK_OPERATOR 0x00000080 +#define SE_REMOTE_SHUTDOWN 0x00000100 +#define SE_BACKUP 0x00000200 +#define SE_RESTORE 0x00000400 +#define SE_TAKE_OWNERSHIP 0x00000800 /* defined in lib/privilegs_basic.c */ diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c index f6080690f7..962b5e8514 100644 --- a/source3/lib/privileges_basic.c +++ b/source3/lib/privileges_basic.c @@ -148,11 +148,7 @@ bool se_priv_put_all_privileges(SE_PRIV *mask) void se_priv_add( SE_PRIV *mask, const SE_PRIV *addpriv ) { - int i; - - for ( i=0; i<SE_PRIV_MASKSIZE; i++ ) { - mask->mask[i] |= addpriv->mask[i]; - } + *mask |= *addpriv; } /*************************************************************************** @@ -162,11 +158,7 @@ void se_priv_add( SE_PRIV *mask, const SE_PRIV *addpriv ) void se_priv_remove( SE_PRIV *mask, const SE_PRIV *removepriv ) { - int i; - - for ( i=0; i<SE_PRIV_MASKSIZE; i++ ) { - mask->mask[i] &= ~removepriv->mask[i]; - } + *mask &= ~*removepriv; } /*************************************************************************** @@ -188,7 +180,7 @@ static void se_priv_invert( SE_PRIV *new_mask, const SE_PRIV *mask ) bool se_priv_equal( const SE_PRIV *mask1, const SE_PRIV *mask2 ) { - return ( memcmp(mask1, mask2, sizeof(SE_PRIV)) == 0 ); + return *mask1 == *mask2; } /*************************************************************************** @@ -198,13 +190,10 @@ bool se_priv_equal( const SE_PRIV *mask1, const SE_PRIV *mask2 ) static bool se_priv_empty( const SE_PRIV *mask ) { SE_PRIV p1; - int i; se_priv_copy( &p1, mask ); - for ( i=0; i<SE_PRIV_MASKSIZE; i++ ) { - p1.mask[i] &= se_priv_all.mask[i]; - } + p1 &= se_priv_all; return se_priv_equal( &p1, &se_priv_none ); } @@ -233,15 +222,7 @@ bool se_priv_from_name( const char *name, SE_PRIV *mask ) void dump_se_priv( int dbg_cl, int dbg_lvl, const SE_PRIV *mask ) { - int i; - - DEBUGADDC( dbg_cl, dbg_lvl,("SE_PRIV ")); - - for ( i=0; i<SE_PRIV_MASKSIZE; i++ ) { - DEBUGADDC( dbg_cl, dbg_lvl,(" 0x%x", mask->mask[i] )); - } - - DEBUGADDC( dbg_cl, dbg_lvl, ("\n")); + DEBUGADDC( dbg_cl, dbg_lvl,("SE_PRIV 0x%llx\n", (unsigned long long)*mask)); } /**************************************************************************** |