diff options
author | Günther Deschner <gd@samba.org> | 2010-06-05 02:39:11 +0200 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2010-06-07 10:33:36 +0200 |
commit | 4591fdbc18b0d7a1117de196675067e88bc341b7 (patch) | |
tree | 9eeb1685964f4ce048b05bcf8e16458b7a0b5142 | |
parent | f7696717800e82193e2b1ab1b3467e117306a769 (diff) | |
download | samba-4591fdbc18b0d7a1117de196675067e88bc341b7.tar.gz samba-4591fdbc18b0d7a1117de196675067e88bc341b7.tar.bz2 samba-4591fdbc18b0d7a1117de196675067e88bc341b7.zip |
s3-privileges: use LUID defines from lsa IDL.
Guenther
-rw-r--r-- | source3/include/privileges.h | 16 | ||||
-rw-r--r-- | source3/include/proto.h | 6 | ||||
-rw-r--r-- | source3/lib/privileges.c | 8 | ||||
-rw-r--r-- | source3/lib/privileges_basic.c | 22 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 10 |
5 files changed, 26 insertions, 36 deletions
diff --git a/source3/include/privileges.h b/source3/include/privileges.h index 57d3fc0686..35fccd38a8 100644 --- a/source3/include/privileges.h +++ b/source3/include/privileges.h @@ -25,6 +25,8 @@ #ifndef PRIVILEGES_H #define PRIVILEGES_H +#include "../librpc/gen_ndr/lsa.h" + /* privilege bitmask */ #define SE_PRIV_MASKSIZE 4 @@ -79,28 +81,18 @@ extern const SE_PRIV se_take_ownership; */ typedef struct { - uint32 high; - uint32 low; -} LUID; - -typedef struct { - LUID luid; - uint32 attr; -} LUID_ATTR; - -typedef struct { TALLOC_CTX *mem_ctx; bool ext_ctx; uint32 count; uint32 control; - LUID_ATTR *set; + struct lsa_LUIDAttribute *set; } PRIVILEGE_SET; typedef struct { SE_PRIV se_priv; const char *name; const char *description; - LUID luid; + struct lsa_LUID luid; } PRIVS; #endif /* PRIVILEGES_H */ diff --git a/source3/include/proto.h b/source3/include/proto.h index 41ab440fd8..86a725ade8 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -694,7 +694,7 @@ NTSTATUS privilege_delete_account(const struct dom_sid *sid); NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set); NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set); void privilege_set_free(PRIVILEGE_SET *priv_set); -NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la, int count); +NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la, struct lsa_LUIDAttribute *old_la, int count); bool is_privileged_sid( const struct dom_sid *sid ); bool grant_all_privileges( const struct dom_sid *sid ); @@ -713,8 +713,8 @@ const char* get_privilege_dispname( const char *name ); bool user_has_privileges(const NT_USER_TOKEN *token, const SE_PRIV *privilege); bool user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege); int count_all_privileges( void ); -LUID_ATTR get_privilege_luid( SE_PRIV *mask ); -const char *luid_to_privilege_name(const LUID *set); +struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask ); +const char *luid_to_privilege_name(const struct lsa_LUID *set); bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask ); bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset ); diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 6da8aaa48d..86f84904f3 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -441,7 +441,7 @@ void privilege_set_free(PRIVILEGE_SET *priv_set) duplicate alloc luid_attr ****************************************************************************/ -NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la, int count) +NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la, struct lsa_LUIDAttribute *old_la, int count) { int i; @@ -449,9 +449,9 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l return NT_STATUS_OK; if (count) { - *new_la = TALLOC_ARRAY(mem_ctx, LUID_ATTR, count); + *new_la = TALLOC_ARRAY(mem_ctx, struct lsa_LUIDAttribute, count); if ( !*new_la ) { - DEBUG(0,("dup_luid_attr: failed to alloc new LUID_ATTR array [%d]\n", count)); + DEBUG(0,("dup_luid_attr: failed to alloc new struct lsa_LUIDAttribute array [%d]\n", count)); return NT_STATUS_NO_MEMORY; } } else { @@ -461,7 +461,7 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l for (i=0; i<count; i++) { (*new_la)[i].luid.high = old_la[i].luid.high; (*new_la)[i].luid.low = old_la[i].luid.low; - (*new_la)[i].attr = old_la[i].attr; + (*new_la)[i].attribute = old_la[i].attribute; } return NT_STATUS_OK; diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c index 323983b168..d174c70d8c 100644 --- a/source3/lib/privileges_basic.c +++ b/source3/lib/privileges_basic.c @@ -310,7 +310,7 @@ static bool is_any_privilege_assigned( SE_PRIV *privileges, const SE_PRIV *check } /********************************************************************* - Generate the LUID_ATTR structure based on a bitmask + Generate the struct lsa_LUIDAttribute structure based on a bitmask *********************************************************************/ const char* get_privilege_dispname( const char *name ) @@ -375,14 +375,14 @@ int count_all_privileges( void ) /********************************************************************* - Generate the LUID_ATTR structure based on a bitmask + Generate the struct lsa_LUIDAttribute structure based on a bitmask The assumption here is that the privilege has already been validated so we are guaranteed to find it in the list. *********************************************************************/ -LUID_ATTR get_privilege_luid( SE_PRIV *mask ) +struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask ) { - LUID_ATTR priv_luid; + struct lsa_LUIDAttribute priv_luid; int i; ZERO_STRUCT( priv_luid ); @@ -402,7 +402,7 @@ LUID_ATTR get_privilege_luid( SE_PRIV *mask ) Convert a LUID to a named string ****************************************************************************/ -const char *luid_to_privilege_name(const LUID *set) +const char *luid_to_privilege_name(const struct lsa_LUID *set) { int i; @@ -423,13 +423,13 @@ const char *luid_to_privilege_name(const LUID *set) add a privilege to a privilege array ****************************************************************************/ -static bool privilege_set_add(PRIVILEGE_SET *priv_set, LUID_ATTR set) +static bool privilege_set_add(PRIVILEGE_SET *priv_set, struct lsa_LUIDAttribute set) { - LUID_ATTR *new_set; + struct lsa_LUIDAttribute *new_set; /* we can allocate memory to add the new privilege */ - new_set = TALLOC_REALLOC_ARRAY(priv_set->mem_ctx, priv_set->set, LUID_ATTR, priv_set->count + 1); + new_set = TALLOC_REALLOC_ARRAY(priv_set->mem_ctx, priv_set->set, struct lsa_LUIDAttribute, priv_set->count + 1); if ( !new_set ) { DEBUG(0,("privilege_set_add: failed to allocate memory!\n")); return False; @@ -437,7 +437,7 @@ static bool privilege_set_add(PRIVILEGE_SET *priv_set, LUID_ATTR set) new_set[priv_set->count].luid.high = set.luid.high; new_set[priv_set->count].luid.low = set.luid.low; - new_set[priv_set->count].attr = set.attr; + new_set[priv_set->count].attribute = set.attribute; priv_set->count++; priv_set->set = new_set; @@ -452,9 +452,9 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask ) { int i; uint32 num_privs = count_all_privileges(); - LUID_ATTR luid; + struct lsa_LUIDAttribute luid; - luid.attr = 0; + luid.attribute = 0; luid.luid.high = 0; for ( i=0; i<num_privs; i++ ) { diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index fffb912782..fce0565eac 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -1449,7 +1449,7 @@ NTSTATUS _lsa_EnumPrivs(pipes_struct *p, uint32 enum_context = *r->in.resume_handle; int num_privs = count_all_privileges(); struct lsa_PrivEntry *entries = NULL; - LUID_ATTR luid; + struct lsa_LUIDAttribute luid; /* remember that the enum_context starts at 0 and not 1 */ @@ -1873,9 +1873,7 @@ NTSTATUS _lsa_EnumPrivsAccount(pipes_struct *p, } for (i=0; i<privileges.count; i++) { - luid_attrs[i].luid.low = privileges.set[i].luid.low; - luid_attrs[i].luid.high = privileges.set[i].luid.high; - luid_attrs[i].attribute = privileges.set[i].attr; + luid_attrs[i] = privileges.set[i]; } priv_set->count = privileges.count; @@ -2086,7 +2084,7 @@ NTSTATUS _lsa_LookupPrivName(pipes_struct *p, return NT_STATUS_ACCESS_DENIED; } - name = luid_to_privilege_name((LUID *)r->in.luid); + name = luid_to_privilege_name(r->in.luid); if (!name) { return NT_STATUS_NO_SUCH_PRIVILEGE; } @@ -2401,7 +2399,7 @@ NTSTATUS _lsa_LookupPrivValue(pipes_struct *p, { struct lsa_info *info = NULL; const char *name = NULL; - LUID_ATTR priv_luid; + struct lsa_LUIDAttribute priv_luid; SE_PRIV mask; /* find the connection policy handle. */ |