diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-09-17 15:31:28 +1000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2010-10-14 02:35:04 +0000 |
| commit | 170b345e0c688b178eb37a73a8110dec68a8ae31 (patch) | |
| tree | 79e5191ba2681c55e8846cd301662b8cc0749ede | |
| parent | 58cf83732a3af2cf2098b1b2108e4b5f36e8fa9e (diff) | |
| download | samba-170b345e0c688b178eb37a73a8110dec68a8ae31.tar.gz samba-170b345e0c688b178eb37a73a8110dec68a8ae31.tar.bz2 samba-170b345e0c688b178eb37a73a8110dec68a8ae31.zip | |
s3-auth Use security_token_debug() from common code
This prints the security token including the privileges as strings
instead of just a bitmap.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
| -rw-r--r-- | libgpo/gpo_ldap.c | 2 | ||||
| -rw-r--r-- | source3/auth/auth_util.c | 2 | ||||
| -rw-r--r-- | source3/auth/token_util.c | 26 | ||||
| -rw-r--r-- | source3/include/proto.h | 1 | ||||
| -rw-r--r-- | source3/rpc_server/srv_wkssvc_nt.c | 6 | ||||
| -rw-r--r-- | source3/smbd/sec_ctx.c | 3 | ||||
| -rw-r--r-- | source3/utils/net_proto.h | 1 | ||||
| -rw-r--r-- | source3/winbindd/winbindd_pam.c | 2 | ||||
| -rw-r--r-- | source3/winbindd/winbindd_proto.h | 1 |
9 files changed, 8 insertions, 36 deletions
diff --git a/libgpo/gpo_ldap.c b/libgpo/gpo_ldap.c index 38a040533a..e6b9609bab 100644 --- a/libgpo/gpo_ldap.c +++ b/libgpo/gpo_ldap.c @@ -671,7 +671,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads, *token = new_token; - debug_nt_user_token(DBGC_CLASS, 5, *token); + security_token_debug(DBGC_CLASS, 5, *token); return ADS_ERROR_LDAP(LDAP_SUCCESS); } diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 98cef79141..73713093c2 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -516,7 +516,7 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info) &server_info->ptok->num_sids); } - debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok); + security_token_debug(DBGC_AUTH, 10, server_info->ptok); debug_unix_user_token(DBGC_AUTH, 10, server_info->utok.uid, server_info->utok.gid, diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c index 17078d1e96..1a7c4816e8 100644 --- a/source3/auth/token_util.c +++ b/source3/auth/token_util.c @@ -642,32 +642,6 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result, } /**************************************************************************** - prints a struct security_token to debug output. -****************************************************************************/ - -void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token) -{ - size_t i; - - if (!token) { - DEBUGC(dbg_class, dbg_lev, ("NT user token: (NULL)\n")); - return; - } - - DEBUGC(dbg_class, dbg_lev, - ("NT user token of user %s\n", - sid_string_dbg(&token->sids[0]) )); - DEBUGADDC(dbg_class, dbg_lev, - ("contains %lu SIDs\n", (unsigned long)token->num_sids)); - for (i = 0; i < token->num_sids; i++) - DEBUGADDC(dbg_class, dbg_lev, - ("SID[%3lu]: %s\n", (unsigned long)i, - sid_string_dbg(&token->sids[i]))); - - DEBUGADDC(dbg_class, dbg_lev,("Privilege mask: 0x%llx\n", (unsigned long long)token->privilege_mask)); -} - -/**************************************************************************** prints a UNIX 'token' to debug output. ****************************************************************************/ diff --git a/source3/include/proto.h b/source3/include/proto.h index b40f32a0b9..42ff86751a 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -261,7 +261,6 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx, struct netr_SamInfo3 *info3, struct extra_auth_info *extra, struct security_token **ntok); -void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token); void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, int n_groups, gid_t *groups); diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index ee2b419696..000b605913 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -359,7 +359,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, "Users %s:\n", sid_string_dbg( &global_sid_Authenticated_Users))); - debug_nt_user_token(DBGC_CLASS, 3, + security_token_debug(DBGC_CLASS, 3, p->server_info->ptok); return WERR_ACCESS_DENIED; } @@ -377,7 +377,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, DEBUGADD(3,(" - does not have sid for Administrators " "group %s, sids are:\n", sid_string_dbg(&global_sid_Builtin_Administrators))); - debug_nt_user_token(DBGC_CLASS, 3, + security_token_debug(DBGC_CLASS, 3, p->server_info->ptok); return WERR_ACCESS_DENIED; } @@ -562,7 +562,7 @@ WERROR _wkssvc_NetWkstaEnumUsers(struct pipes_struct *p, DEBUGADD(3,(" - does not have sid for Administrators group " "%s\n", sid_string_dbg( &global_sid_Builtin_Administrators))); - debug_nt_user_token(DBGC_CLASS, 3, p->server_info->ptok); + security_token_debug(DBGC_CLASS, 3, p->server_info->ptok); return WERR_ACCESS_DENIED; } diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c index 017613cf1e..2405eb51d4 100644 --- a/source3/smbd/sec_ctx.c +++ b/source3/smbd/sec_ctx.c @@ -19,6 +19,7 @@ #include "includes.h" #include "smbd/globals.h" +#include "libcli/security/security_token.h" extern struct current_user current_user; @@ -309,7 +310,7 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct securi DEBUG(3, ("setting sec ctx (%u, %u) - sec_ctx_stack_ndx = %d\n", (unsigned int)uid, (unsigned int)gid, sec_ctx_stack_ndx)); - debug_nt_user_token(DBGC_CLASS, 5, token); + security_token_debug(DBGC_CLASS, 5, token); debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups); /* Change uid, gid and supplementary group list. */ diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h index b06b7f9771..8422d280fd 100644 --- a/source3/utils/net_proto.h +++ b/source3/utils/net_proto.h @@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx, bool is_guest, int num_groupsids, const struct dom_sid *groupsids); -void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token); void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, int n_groups, gid_t *groups); diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 6850b75d44..b4a1b9d7c4 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -321,7 +321,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3, return status; } - debug_nt_user_token(DBGC_CLASS, 10, token); + security_token_debug(DBGC_CLASS, 10, token); for (i=0; i<num_require_membership_of_sid; i++) { DEBUG(10, ("Checking SID %s\n", sid_string_dbg( diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 3588af1bff..3a7a29885b 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx, bool is_guest, int num_groupsids, const struct dom_sid *groupsids); -void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token); void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, int n_groups, gid_t *groups); |