summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2006-09-20 22:23:12 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:00:54 -0500
commit4db7642caa99c1b054322a8971c4b673556487ce (patch)
tree4ca6f040d613bc8127f43cd30a2bc12d3192471b /source3
parent3ef4b8cf2f4a52c08b71fa8cac1ce4e8409c160b (diff)
downloadsamba-4db7642caa99c1b054322a8971c4b673556487ce.tar.gz
samba-4db7642caa99c1b054322a8971c4b673556487ce.tar.bz2
samba-4db7642caa99c1b054322a8971c4b673556487ce.zip
r18745: Use the Samba4 data structures for security descriptors and security descriptor
buffers. Make security access masks simply a uint32 rather than a structure with a uint32 in it. (This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)
Diffstat (limited to 'source3')
-rw-r--r--source3/include/rpc_secdes.h61
-rw-r--r--source3/include/vfs.h10
-rw-r--r--source3/lib/display_sec.c10
-rw-r--r--source3/lib/secace.c16
-rw-r--r--source3/lib/secacl.c8
-rw-r--r--source3/lib/secdesc.c81
-rw-r--r--source3/lib/util_seaccess.c10
-rw-r--r--source3/libads/disp_sec.c14
-rw-r--r--source3/libmsrpc/cac_winreg.c4
-rw-r--r--source3/libsmb/clisecdesc.c6
-rw-r--r--source3/libsmb/libsmbclient.c60
-rw-r--r--source3/modules/vfs_afsacl.c12
-rw-r--r--source3/modules/vfs_cap.c2
-rw-r--r--source3/modules/vfs_catia.c4
-rw-r--r--source3/printing/nt_printing.c70
-rw-r--r--source3/registry/reg_printing.c4
-rw-r--r--source3/rpc_client/cli_reg.c2
-rw-r--r--source3/rpc_parse/parse_reg.c8
-rw-r--r--source3/rpc_parse/parse_sec.c91
-rw-r--r--source3/rpc_parse/parse_spoolss.c12
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c26
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c10
-rw-r--r--source3/rpcclient/cmd_lsarpc.c2
-rw-r--r--source3/rpcclient/cmd_samr.c2
-rw-r--r--source3/smbd/nttrans.c8
-rw-r--r--source3/smbd/posix_acls.c54
-rw-r--r--source3/tdb/include/tdbutil.h6
-rw-r--r--source3/utils/net_usershare.c8
-rw-r--r--source3/utils/profiles.c8
-rw-r--r--source3/utils/sharesec.c16
-rw-r--r--source3/utils/smbcacls.c52
31 files changed, 309 insertions, 368 deletions
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 83c3b66914..9b0694b08d 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -72,30 +72,10 @@
PROTECTED_DACL_SECURITY_INFORMATION)
/* SEC_ACCESS */
-typedef struct security_info_info
-{
- uint32 mask;
-
-} SEC_ACCESS;
+typedef uint32 SEC_ACCESS;
/* SEC_ACE */
-typedef struct security_ace_info
-{
- uint8 type; /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
- uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
- uint16 size;
-
- SEC_ACCESS info;
-
- /* this stuff may be present when type is XXXX_TYPE_XXXX_OBJECT */
- uint32 obj_flags; /* xxxx_ACE_OBJECT_xxxx e.g present/inherited present etc */
- struct GUID obj_guid; /* object GUID */
- struct GUID inh_guid; /* inherited object GUID */
- /* eof object stuff */
-
- DOM_SID trustee;
-
-} SEC_ACE;
+typedef struct security_ace SEC_ACE;
#define SEC_ACE_HEADER_SIZE (2 * sizeof(uint8) + sizeof(uint16) + sizeof(uint32))
#ifndef ACL_REVISION
@@ -104,15 +84,7 @@ typedef struct security_ace_info
#ifndef _SEC_ACL
/* SEC_ACL */
-typedef struct security_acl_info
-{
- uint16 revision; /* 0x0003 */
- uint16 size; /* size in bytes of the entire ACL structure */
- uint32 num_aces; /* number of Access Control Entries */
-
- SEC_ACE *ace;
-
-} SEC_ACL;
+typedef struct security_acl SEC_ACL;
#define SEC_ACL_HEADER_SIZE (2 * sizeof(uint16) + sizeof(uint32))
#define _SEC_ACL
#endif
@@ -123,37 +95,14 @@ typedef struct security_acl_info
#ifndef _SEC_DESC
/* SEC_DESC */
-typedef struct security_descriptor_info
-{
- uint16 revision; /* 0x0001 */
- uint16 type; /* SEC_DESC_xxxx flags */
-
- uint32 off_owner_sid; /* offset to owner sid */
- uint32 off_grp_sid ; /* offset to group sid */
- uint32 off_sacl ; /* offset to system list of permissions */
- uint32 off_dacl ; /* offset to list of permissions */
-
- SEC_ACL *dacl; /* user ACL */
- SEC_ACL *sacl; /* system ACL */
- DOM_SID *owner_sid;
- DOM_SID *grp_sid;
-
-} SEC_DESC;
+typedef struct security_descriptor SEC_DESC;
#define SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32))
#define _SEC_DESC
#endif
#ifndef _SEC_DESC_BUF
/* SEC_DESC_BUF */
-typedef struct sec_desc_buf_info
-{
- uint32 max_len;
- uint32 ptr;
- uint32 len;
-
- SEC_DESC *sec;
-
-} SEC_DESC_BUF;
+typedef struct sec_desc_buf SEC_DESC_BUF;
#define _SEC_DESC_BUF
#endif
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index 6ef9e829bc..185ca01f6c 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -85,7 +85,7 @@
struct vfs_handle_struct;
struct connection_struct;
struct files_struct;
-struct security_descriptor_info;
+struct security_descriptor;
struct vfs_statvfs_struct;
/*
@@ -275,10 +275,10 @@ struct vfs_ops {
/* NT ACL operations. */
- size_t (*fget_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info, struct security_descriptor_info **ppdesc);
- size_t (*get_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info, struct security_descriptor_info **ppdesc);
- BOOL (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor_info *psd);
- BOOL (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor_info *psd);
+ size_t (*fget_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info, struct security_descriptor **ppdesc);
+ size_t (*get_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info, struct security_descriptor **ppdesc);
+ BOOL (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor *psd);
+ BOOL (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd);
/* POSIX ACL operations. */
diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c
index 49a86c261c..2b3542922c 100644
--- a/source3/lib/display_sec.c
+++ b/source3/lib/display_sec.c
@@ -63,7 +63,7 @@ char *get_sec_mask_str(uint32 type)
****************************************************************************/
void display_sec_access(SEC_ACCESS *info)
{
- printf("\t\tPermissions: 0x%x: %s\n", info->mask, get_sec_mask_str(info->mask));
+ printf("\t\tPermissions: 0x%x: %s\n", *info, get_sec_mask_str(*info));
}
/****************************************************************************
@@ -92,7 +92,7 @@ void display_sec_ace(SEC_ACE *ace)
break;
}
printf(" (%d) flags: %d\n", ace->type, ace->flags);
- display_sec_access(&ace->info);
+ display_sec_access(&ace->access_mask);
sid_to_string(sid_str, &ace->trustee);
printf("\t\tSID: %s\n\n", sid_str);
}
@@ -110,7 +110,7 @@ void display_sec_acl(SEC_ACL *sec_acl)
if (sec_acl->size != 0 && sec_acl->num_aces != 0)
for (i = 0; i < sec_acl->num_aces; i++)
- display_sec_ace(&sec_acl->ace[i]);
+ display_sec_ace(&sec_acl->aces[i]);
}
@@ -179,8 +179,8 @@ void display_sec_desc(SEC_DESC *sec)
printf("\tOwner SID:\t%s\n", sid_str);
}
- if (sec->grp_sid) {
- sid_to_string(sid_str, sec->grp_sid);
+ if (sec->group_sid) {
+ sid_to_string(sid_str, sec->group_sid);
printf("\tParent SID:\t%s\n", sid_str);
}
}
diff --git a/source3/lib/secace.c b/source3/lib/secace.c
index eb2fdd5c2b..d60722c57e 100644
--- a/source3/lib/secace.c
+++ b/source3/lib/secace.c
@@ -46,10 +46,8 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
ace_dest->type = ace_src->type;
ace_dest->flags = ace_src->flags;
ace_dest->size = ace_src->size;
- ace_dest->info.mask = ace_src->info.mask;
- ace_dest->obj_flags = ace_src->obj_flags;
- memcpy(&ace_dest->obj_guid, &ace_src->obj_guid, sizeof(struct GUID));
- memcpy(&ace_dest->inh_guid, &ace_src->inh_guid, sizeof(struct GUID));
+ ace_dest->access_mask = ace_src->access_mask;
+ ace_dest->object = ace_src->object;
sid_copy(&ace_dest->trustee, &ace_src->trustee);
}
@@ -57,12 +55,12 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
Sets up a SEC_ACE structure.
********************************************************************/
-void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag)
+void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, uint32 mask, uint8 flag)
{
t->type = type;
t->flags = flag;
t->size = sid_size(sid) + 8;
- t->info = mask;
+ t->access_mask = mask;
ZERO_STRUCTP(&t->trustee);
sid_copy(&t->trustee, sid);
@@ -89,7 +87,7 @@ NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsign
(*pp_new)[i].type = 0;
(*pp_new)[i].flags = 0;
(*pp_new)[i].size = SEC_ACE_HEADER_SIZE + sid_size(sid);
- (*pp_new)[i].info.mask = mask;
+ (*pp_new)[i].access_mask = mask;
sid_copy(&(*pp_new)[i].trustee, sid);
return NT_STATUS_OK;
}
@@ -106,7 +104,7 @@ NTSTATUS sec_ace_mod_sid(SEC_ACE *ace, size_t num, DOM_SID *sid, uint32 mask)
for (i = 0; i < num; i ++) {
if (sid_compare(&ace[i].trustee, sid) == 0) {
- ace[i].info.mask = mask;
+ ace[i].access_mask = mask;
return NT_STATUS_OK;
}
}
@@ -160,7 +158,7 @@ BOOL sec_ace_equal(SEC_ACE *s1, SEC_ACE *s2)
/* Check top level stuff */
if (s1->type != s2->type || s1->flags != s2->flags ||
- s1->info.mask != s2->info.mask) {
+ s1->access_mask != s2->access_mask) {
return False;
}
diff --git a/source3/lib/secacl.c b/source3/lib/secacl.c
index e213e0d9a0..4e2178c195 100644
--- a/source3/lib/secacl.c
+++ b/source3/lib/secacl.c
@@ -46,13 +46,13 @@ SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, uint16 revision, int num_aces, SEC_ACE *a
positive number. */
if ((num_aces) &&
- ((dst->ace = TALLOC_ARRAY(ctx, SEC_ACE, num_aces))
+ ((dst->aces = TALLOC_ARRAY(ctx, SEC_ACE, num_aces))
== NULL)) {
return NULL;
}
for (i = 0; i < num_aces; i++) {
- dst->ace[i] = ace_list[i]; /* Structure copy. */
+ dst->aces[i] = ace_list[i]; /* Structure copy. */
dst->size += ace_list[i].size;
}
@@ -68,7 +68,7 @@ SEC_ACL *dup_sec_acl(TALLOC_CTX *ctx, SEC_ACL *src)
if(src == NULL)
return NULL;
- return make_sec_acl(ctx, src->revision, src->num_aces, src->ace);
+ return make_sec_acl(ctx, src->revision, src->num_aces, src->aces);
}
/*******************************************************************
@@ -105,7 +105,7 @@ BOOL sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2)
BOOL found = False;
for (j = 0; j < s2->num_aces; j++) {
- if (sec_ace_equal(&s1->ace[i], &s2->ace[j])) {
+ if (sec_ace_equal(&s1->aces[i], &s2->aces[j])) {
found = True;
break;
}
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index f8873277cf..2f592769b3 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -49,8 +49,8 @@ size_t sec_desc_size(SEC_DESC *psd)
if (psd->owner_sid != NULL)
offset += sid_size(psd->owner_sid);
- if (psd->grp_sid != NULL)
- offset += sid_size(psd->grp_sid);
+ if (psd->group_sid != NULL)
+ offset += sid_size(psd->group_sid);
if (psd->sacl != NULL)
offset += psd->sacl->size;
@@ -104,11 +104,11 @@ BOOL sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2)
return False;
}
- if (!sid_equal(s1->grp_sid, s2->grp_sid)) {
+ if (!sid_equal(s1->group_sid, s2->group_sid)) {
fstring str1, str2;
- sid_to_string(str1, s1->grp_sid);
- sid_to_string(str2, s2->grp_sid);
+ sid_to_string(str1, s1->group_sid);
+ sid_to_string(str2, s2->group_sid);
DEBUG(10, ("sec_desc_equal(): group differs (%s != %s)\n",
str1, str2));
@@ -154,13 +154,13 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU
/* Copy over owner and group sids. There seems to be no flag for
this so just check the pointer values. */
- owner_sid = new_sdb->sec->owner_sid ? new_sdb->sec->owner_sid :
- old_sdb->sec->owner_sid;
+ owner_sid = new_sdb->sd->owner_sid ? new_sdb->sd->owner_sid :
+ old_sdb->sd->owner_sid;
- group_sid = new_sdb->sec->grp_sid ? new_sdb->sec->grp_sid :
- old_sdb->sec->grp_sid;
+ group_sid = new_sdb->sd->group_sid ? new_sdb->sd->group_sid :
+ old_sdb->sd->group_sid;
- secdesc_type = new_sdb->sec->type;
+ secdesc_type = new_sdb->sd->type;
/* Ignore changes to the system ACL. This has the effect of making
changes through the security tab audit button not sticking.
@@ -172,14 +172,14 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU
/* Copy across discretionary ACL */
if (secdesc_type & SEC_DESC_DACL_PRESENT) {
- dacl = new_sdb->sec->dacl;
+ dacl = new_sdb->sd->dacl;
} else {
- dacl = old_sdb->sec->dacl;
+ dacl = old_sdb->sd->dacl;
}
/* Create new security descriptor from bits */
- psd = make_sec_desc(ctx, new_sdb->sec->revision, secdesc_type,
+ psd = make_sec_desc(ctx, new_sdb->sd->revision, secdesc_type,
owner_sid, group_sid, sacl, dacl, &secdesc_size);
return_sdb = make_sec_desc_buf(ctx, secdesc_size, psd);
@@ -211,15 +211,15 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type,
if (dacl)
dst->type |= SEC_DESC_DACL_PRESENT;
- dst->off_owner_sid = 0;
- dst->off_grp_sid = 0;
- dst->off_sacl = 0;
- dst->off_dacl = 0;
+ dst->owner_sid = NULL;
+ dst->group_sid = NULL;
+ dst->sacl = NULL;
+ dst->dacl = NULL;
if(owner_sid && ((dst->owner_sid = sid_dup_talloc(ctx,owner_sid)) == NULL))
goto error_exit;
- if(grp_sid && ((dst->grp_sid = sid_dup_talloc(ctx,grp_sid)) == NULL))
+ if(grp_sid && ((dst->group_sid = sid_dup_talloc(ctx,grp_sid)) == NULL))
goto error_exit;
if(sacl && ((dst->sacl = dup_sec_acl(ctx, sacl)) == NULL))
@@ -235,22 +235,18 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type,
*/
if (dst->sacl != NULL) {
- dst->off_sacl = offset;
offset += dst->sacl->size;
}
if (dst->dacl != NULL) {
- dst->off_dacl = offset;
offset += dst->dacl->size;
}
if (dst->owner_sid != NULL) {
- dst->off_owner_sid = offset;
offset += sid_size(dst->owner_sid);
}
- if (dst->grp_sid != NULL) {
- dst->off_grp_sid = offset;
- offset += sid_size(dst->grp_sid);
+ if (dst->group_sid != NULL) {
+ offset += sid_size(dst->group_sid);
}
*sd_size = (size_t)offset;
@@ -274,7 +270,7 @@ SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src)
return NULL;
return make_sec_desc( ctx, src->revision, src->type,
- src->owner_sid, src->grp_sid, src->sacl,
+ src->owner_sid, src->group_sid, src->sacl,
src->dacl, &dummy);
}
@@ -301,15 +297,12 @@ SEC_DESC_BUF *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc)
return NULL;
/* max buffer size (allocated size) */
- dst->max_len = (uint32)len;
- dst->len = (uint32)len;
+ dst->sd_size = (uint32)len;
- if(sec_desc && ((dst->sec = dup_sec_desc(ctx, sec_desc)) == NULL)) {
+ if(sec_desc && ((dst->sd = dup_sec_desc(ctx, sec_desc)) == NULL)) {
return NULL;
}
- dst->ptr = 0x1;
-
return dst;
}
@@ -322,7 +315,7 @@ SEC_DESC_BUF *dup_sec_desc_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *src)
if(src == NULL)
return NULL;
- return make_sec_desc_buf( ctx, src->len, src->sec);
+ return make_sec_desc_buf( ctx, src->sd_size, src->sd);
}
/*******************************************************************
@@ -341,7 +334,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
*sd_size = 0;
- status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid, mask);
+ status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->aces, &psd[0]->dacl->num_aces, sid, mask);
if (!NT_STATUS_IS_OK(status))
return status;
@@ -350,7 +343,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
return NT_STATUS_UNSUCCESSFUL;
if (!(sd = make_sec_desc(ctx, psd[0]->revision, psd[0]->type, psd[0]->owner_sid,
- psd[0]->grp_sid, psd[0]->sacl, dacl, sd_size)))
+ psd[0]->group_sid, psd[0]->sacl, dacl, sd_size)))
return NT_STATUS_UNSUCCESSFUL;
*psd = sd;
@@ -369,7 +362,7 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask)
if (!sd || !sid)
return NT_STATUS_INVALID_PARAMETER;
- status = sec_ace_mod_sid(sd->dacl->ace, sd->dacl->num_aces, sid, mask);
+ status = sec_ace_mod_sid(sd->dacl->aces, sd->dacl->num_aces, sid, mask);
if (!NT_STATUS_IS_OK(status))
return status;
@@ -393,7 +386,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
*sd_size = 0;
- status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid);
+ status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->aces, &psd[0]->dacl->num_aces, sid);
if (!NT_STATUS_IS_OK(status))
return status;
@@ -402,7 +395,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
return NT_STATUS_UNSUCCESSFUL;
if (!(sd = make_sec_desc(ctx, psd[0]->revision, psd[0]->type, psd[0]->owner_sid,
- psd[0]->grp_sid, psd[0]->sacl, dacl, sd_size)))
+ psd[0]->group_sid, psd[0]->sacl, dacl, sd_size)))
return NT_STATUS_UNSUCCESSFUL;
*psd = sd;
@@ -434,7 +427,7 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
return NULL;
for (i = 0; i < the_acl->num_aces; i++) {
- SEC_ACE *ace = &the_acl->ace[i];
+ SEC_ACE *ace = &the_acl->aces[i];
SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx];
uint8 new_flags = 0;
BOOL inherit = False;
@@ -490,17 +483,17 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
if (!inherit)
continue;
- init_sec_access(&new_ace->info, ace->info.mask);
+ init_sec_access(&new_ace->access_mask, ace->access_mask);
init_sec_ace(new_ace, &ace->trustee, ace->type,
- new_ace->info, new_flags);
+ new_ace->access_mask, new_flags);
sid_to_string(sid_str, &ace->trustee);
DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
" inherited as %s:%d/0x%02x/0x%08x\n", sid_str,
- ace->type, ace->flags, ace->info.mask,
+ ace->type, ace->flags, ace->access_mask,
sid_str, new_ace->type, new_ace->flags,
- new_ace->info.mask));
+ new_ace->access_mask));
new_ace_list_ndx++;
}
@@ -515,7 +508,7 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
parent_ctr->owner_sid,
- parent_ctr->grp_sid,
+ parent_ctr->group_sid,
parent_ctr->sacl,
new_dacl, &size);
@@ -528,9 +521,9 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
Sets up a SEC_ACCESS structure.
********************************************************************/
-void init_sec_access(SEC_ACCESS *t, uint32 mask)
+void init_sec_access(uint32 *t, uint32 mask)
{
- t->mask = mask;
+ *t = mask;
}
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 73fc45c844..7d14ed896f 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -31,7 +31,7 @@ extern NT_USER_TOKEN anonymous_token;
static uint32 check_ace(SEC_ACE *ace, const NT_USER_TOKEN *token, uint32 acc_desired,
NTSTATUS *status)
{
- uint32 mask = ace->info.mask;
+ uint32 mask = ace->access_mask;
/*
* Inherit only is ignored.
@@ -97,8 +97,8 @@ static BOOL get_max_access( SEC_ACL *the_acl, const NT_USER_TOKEN *token, uint32
size_t i;
for ( i = 0 ; i < the_acl->num_aces; i++) {
- SEC_ACE *ace = &the_acl->ace[i];
- uint32 mask = ace->info.mask;
+ SEC_ACE *ace = &the_acl->aces[i];
+ uint32 mask = ace->access_mask;
if (!token_sid_in_ace( token, ace))
continue;
@@ -281,12 +281,12 @@ BOOL se_access_check(const SEC_DESC *sd, const NT_USER_TOKEN *token,
}
for ( i = 0 ; i < the_acl->num_aces && tmp_acc_desired != 0; i++) {
- SEC_ACE *ace = &the_acl->ace[i];
+ SEC_ACE *ace = &the_acl->aces[i];
DEBUGADD(10,("se_access_check: ACE %u: type %d, flags = 0x%02x, SID = %s mask = %x, current desired = %x\n",
(unsigned int)i, ace->type, ace->flags,
sid_to_string(sid_str, &ace->trustee),
- (unsigned int) ace->info.mask,
+ (unsigned int) ace->access_mask,
(unsigned int)tmp_acc_desired ));
tmp_acc_desired = check_ace( ace, token, tmp_acc_desired, status);
diff --git a/source3/libads/disp_sec.c b/source3/libads/disp_sec.c
index c9de447e69..a768ba08f3 100644
--- a/source3/libads/disp_sec.c
+++ b/source3/libads/disp_sec.c
@@ -90,14 +90,14 @@ static void ads_disp_ace(SEC_ACE *sec_ace)
sec_ace->type,
sec_ace->flags,
sec_ace->size,
- sec_ace->info.mask);
+ sec_ace->access_mask);
} else {
printf("------- ACE (type: 0x%02x, flags: 0x%02x, size: 0x%02x, mask: 0x%x, object flags: 0x%x)\n",
sec_ace->type,
sec_ace->flags,
sec_ace->size,
- sec_ace->info.mask,
- sec_ace->obj_flags);
+ sec_ace->access_mask,
+ sec_ace->object.object.flags);
}
if (sec_ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED) {
@@ -117,7 +117,7 @@ static void ads_disp_ace(SEC_ACE *sec_ace)
printf("access SID: %s\naccess type: %s\n",
sid_string_static(&sec_ace->trustee), access_type);
- ads_disp_perms(sec_ace->info.mask);
+ ads_disp_perms(sec_ace->access_mask);
}
/* display ACL */
@@ -143,15 +143,15 @@ void ads_disp_sd(SEC_DESC *sd)
sd->revision,
sd->type);
printf("owner SID: %s\n", sid_string_static(sd->owner_sid));
- printf("group SID: %s\n", sid_string_static(sd->grp_sid));
+ printf("group SID: %s\n", sid_string_static(sd->group_sid));
ads_disp_acl(sd->sacl, "system");
for (i = 0; i < sd->sacl->num_aces; i ++)
- ads_disp_ace(&sd->sacl->ace[i]);
+ ads_disp_ace(&sd->sacl->aces[i]);
ads_disp_acl(sd->dacl, "user");
for (i = 0; i < sd->dacl->num_aces; i ++)
- ads_disp_ace(&sd->dacl->ace[i]);
+ ads_disp_ace(&sd->dacl->aces[i]);
printf("-------------- End Of Security Descriptor\n");
}
diff --git a/source3/libmsrpc/cac_winreg.c b/source3/libmsrpc/cac_winreg.c
index df3bbe154a..ea17efb811 100644
--- a/source3/libmsrpc/cac_winreg.c
+++ b/source3/libmsrpc/cac_winreg.c
@@ -860,8 +860,8 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG
return CAC_FAILURE;
}
- op->out.size = buf.len;
- op->out.descriptor = dup_sec_desc(mem_ctx, buf.sec);
+ op->out.size = buf.sd_size;
+ op->out.descriptor = dup_sec_desc(mem_ctx, buf.sd);
if (op->out.descriptor == NULL) {
return CAC_FAILURE;
diff --git a/source3/libsmb/clisecdesc.c b/source3/libsmb/clisecdesc.c
index 2475743479..e55be48e94 100644
--- a/source3/libsmb/clisecdesc.c
+++ b/source3/libsmb/clisecdesc.c
@@ -107,11 +107,11 @@ BOOL cli_set_secdesc(struct cli_state *cli, int fnum, SEC_DESC *sd)
SIVAL(param, 0, fnum);
- if (sd->off_dacl)
+ if (sd->dacl)
sec_info |= DACL_SECURITY_INFORMATION;
- if (sd->off_owner_sid)
+ if (sd->owner_sid)
sec_info |= OWNER_SECURITY_INFORMATION;
- if (sd->off_grp_sid)
+ if (sd->group_sid)
sec_info |= GROUP_SECURITY_INFORMATION;
SSVAL(param, 4, sec_info);
diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c
index 7b4e216961..15a1ad3055 100644
--- a/source3/libsmb/libsmbclient.c
+++ b/source3/libsmb/libsmbclient.c
@@ -3742,8 +3742,8 @@ ace_compare(SEC_ACE *ace1,
if (ace1->flags != ace2->flags)
return ace1->flags - ace2->flags;
- if (ace1->info.mask != ace2->info.mask)
- return ace1->info.mask - ace2->info.mask;
+ if (ace1->access_mask != ace2->access_mask)
+ return ace1->access_mask - ace2->access_mask;
if (ace1->size != ace2->size)
return ace1->size - ace2->size;
@@ -3758,14 +3758,14 @@ sort_acl(SEC_ACL *the_acl)
uint32 i;
if (!the_acl) return;
- qsort(the_acl->ace, the_acl->num_aces, sizeof(the_acl->ace[0]),
+ qsort(the_acl->aces, the_acl->num_aces, sizeof(the_acl->aces[0]),
QSORT_CAST ace_compare);
for (i=1;i<the_acl->num_aces;) {
- if (sec_ace_equal(&the_acl->ace[i-1], &the_acl->ace[i])) {
+ if (sec_ace_equal(&the_acl->aces[i-1], &the_acl->aces[i])) {
int j;
for (j=i; j<the_acl->num_aces-1; j++) {
- the_acl->ace[j] = the_acl->ace[j+1];
+ the_acl->aces[j] = the_acl->aces[j+1];
}
the_acl->num_aces--;
} else {
@@ -3970,7 +3970,7 @@ parse_ace(struct cli_state *ipc_cli,
}
done:
- mask.mask = amask;
+ mask = amask;
init_sec_ace(ace, &sid, atype, mask, aflags);
return True;
}
@@ -3992,7 +3992,7 @@ add_ace(SEC_ACL **the_acl,
if ((aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces)) == NULL) {
return False;
}
- memcpy(aces, (*the_acl)->ace, (*the_acl)->num_aces * sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
newacl = make_sec_acl(ctx, (*the_acl)->revision,
1+(*the_acl)->num_aces, aces);
@@ -4564,10 +4564,10 @@ cacl_get(SMBCCTX *context,
}
if (! exclude_nt_group) {
- if (sd->grp_sid) {
+ if (sd->group_sid) {
convert_sid_to_string(ipc_cli, pol,
sidstr, numeric,
- sd->grp_sid);
+ sd->group_sid);
} else {
fstrcpy(sidstr, "");
}
@@ -4612,7 +4612,7 @@ cacl_get(SMBCCTX *context,
/* Add aces to value buffer */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->ace[i];
+ SEC_ACE *ace = &sd->dacl->aces[i];
convert_sid_to_string(ipc_cli, pol,
sidstr, numeric,
&ace->trustee);
@@ -4626,7 +4626,7 @@ cacl_get(SMBCCTX *context,
sidstr,
ace->type,
ace->flags,
- ace->info.mask);
+ ace->access_mask);
if (!p) {
errno = ENOMEM;
return -1;
@@ -4639,7 +4639,7 @@ cacl_get(SMBCCTX *context,
sidstr,
ace->type,
ace->flags,
- ace->info.mask);
+ ace->access_mask);
}
} else if ((StrnCaseCmp(name, "acl", 3) == 0 &&
StrCaseCmp(name+3, sidstr) == 0) ||
@@ -4651,7 +4651,7 @@ cacl_get(SMBCCTX *context,
"%d/%d/0x%08x",
ace->type,
ace->flags,
- ace->info.mask);
+ ace->access_mask);
if (!p) {
errno = ENOMEM;
return -1;
@@ -4662,7 +4662,7 @@ cacl_get(SMBCCTX *context,
"%d/%d/0x%08x",
ace->type,
ace->flags,
- ace->info.mask);
+ ace->access_mask);
}
} else if (all_nt_acls) {
if (determine_size) {
@@ -4673,7 +4673,7 @@ cacl_get(SMBCCTX *context,
sidstr,
ace->type,
ace->flags,
- ace->info.mask);
+ ace->access_mask);
if (!p) {
errno = ENOMEM;
return -1;
@@ -4686,7 +4686,7 @@ cacl_get(SMBCCTX *context,
sidstr,
ace->type,
ace->flags,
- ace->info.mask);
+ ace->access_mask);
}
}
if (n > bufsize) {
@@ -5117,9 +5117,9 @@ cacl_set(TALLOC_CTX *ctx,
switch (mode) {
case SMBC_XATTR_MODE_REMOVE_ALL:
old->dacl->num_aces = 0;
- SAFE_FREE(old->dacl->ace);
+ SAFE_FREE(old->dacl->aces);
SAFE_FREE(old->dacl);
- old->off_dacl = 0;
+ old->dacl = NULL;
dacl = old->dacl;
break;
@@ -5128,18 +5128,18 @@ cacl_set(TALLOC_CTX *ctx,
BOOL found = False;
for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
- if (sec_ace_equal(&sd->dacl->ace[i],
- &old->dacl->ace[j])) {
+ if (sec_ace_equal(&sd->dacl->aces[i],
+ &old->dacl->aces[j])) {
uint32 k;
for (k=j; k<old->dacl->num_aces-1;k++) {
- old->dacl->ace[k] =
- old->dacl->ace[k+1];
+ old->dacl->aces[k] =
+ old->dacl->aces[k+1];
}
old->dacl->num_aces--;
if (old->dacl->num_aces == 0) {
- SAFE_FREE(old->dacl->ace);
+ SAFE_FREE(old->dacl->aces);
SAFE_FREE(old->dacl);
- old->off_dacl = 0;
+ old->dacl = NULL;
}
found = True;
dacl = old->dacl;
@@ -5160,14 +5160,14 @@ cacl_set(TALLOC_CTX *ctx,
BOOL found = False;
for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
- if (sid_equal(&sd->dacl->ace[i].trustee,
- &old->dacl->ace[j].trustee)) {
+ if (sid_equal(&sd->dacl->aces[i].trustee,
+ &old->dacl->aces[j].trustee)) {
if (!(flags & SMBC_XATTR_FLAG_CREATE)) {
err = EEXIST;
ret = -1;
goto failed;
}
- old->dacl->ace[j] = sd->dacl->ace[i];
+ old->dacl->aces[j] = sd->dacl->aces[i];
ret = -1;
found = True;
}
@@ -5180,7 +5180,7 @@ cacl_set(TALLOC_CTX *ctx,
}
for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
- add_ace(&old->dacl, &sd->dacl->ace[i], ctx);
+ add_ace(&old->dacl, &sd->dacl->aces[i], ctx);
}
}
dacl = old->dacl;
@@ -5189,7 +5189,7 @@ cacl_set(TALLOC_CTX *ctx,
case SMBC_XATTR_MODE_SET:
old = sd;
owner_sid = old->owner_sid;
- grp_sid = old->grp_sid;
+ grp_sid = old->group_sid;
dacl = old->dacl;
break;
@@ -5198,7 +5198,7 @@ cacl_set(TALLOC_CTX *ctx,
break;
case SMBC_XATTR_MODE_CHGRP:
- grp_sid = sd->grp_sid;
+ grp_sid = sd->group_sid;
break;
}
diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c
index 58d823c4f9..e485b3c526 100644
--- a/source3/modules/vfs_afsacl.c
+++ b/source3/modules/vfs_afsacl.c
@@ -589,7 +589,7 @@ static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace)
static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
struct files_struct *fsp,
uint32 security_info,
- struct security_descriptor_info **ppdesc)
+ struct security_descriptor **ppdesc)
{
SEC_ACE *nt_ace_list;
DOM_SID owner_sid, group_sid;
@@ -691,7 +691,7 @@ static BOOL mappable_sid(const DOM_SID *sid)
static BOOL nt_to_afs_acl(const char *filename,
uint32 security_info_sent,
- struct security_descriptor_info *psd,
+ struct security_descriptor *psd,
uint32 (*nt_to_afs_rights)(const char *filename,
const SEC_ACE *ace),
struct afs_acl *afs_acl)
@@ -827,7 +827,7 @@ static BOOL afs_get_afs_acl(char *filename, struct afs_acl *acl)
}
static size_t afs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
- struct security_descriptor_info **ppdesc)
+ struct security_descriptor **ppdesc)
{
struct afs_acl acl;
size_t sd_size;
@@ -881,7 +881,7 @@ static void merge_unknown_aces(struct afs_acl *src, struct afs_acl *dst)
static BOOL afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info_sent,
- struct security_descriptor_info *psd)
+ struct security_descriptor *psd)
{
struct afs_acl old_afs_acl, new_afs_acl;
struct afs_acl dir_acl, file_acl;
@@ -982,14 +982,14 @@ static BOOL afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
static size_t afsacl_fget_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
int fd, uint32 security_info,
- struct security_descriptor_info **ppdesc)
+ struct security_descriptor **ppdesc)
{
return afs_get_nt_acl(fsp, security_info, ppdesc);
}
static size_t afsacl_get_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
const char *name, uint32 security_info,
- struct security_descriptor_info **ppdesc)
+ struct security_descriptor **ppdesc)
{
return afs_get_nt_acl(fsp, security_info, ppdesc);
}
diff --git a/source3/modules/vfs_cap.c b/source3/modules/vfs_cap.c
index 54f74dde67..c4539ca34a 100644
--- a/source3/modules/vfs_cap.c
+++ b/source3/modules/vfs_cap.c
@@ -177,7 +177,7 @@ static char *cap_realpath(vfs_handle_struct *handle, const char *path, char *res
return SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
}
-static BOOL cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor_info *psd)
+static BOOL cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd)
{
pstring capname;
capencode(capname, name);
diff --git a/source3/modules/vfs_catia.c b/source3/modules/vfs_catia.c
index f5c7e95794..ccf637c3bc 100644
--- a/source3/modules/vfs_catia.c
+++ b/source3/modules/vfs_catia.c
@@ -222,7 +222,7 @@ static char *catia_realpath(vfs_handle_struct *handle,
static size_t catia_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info,
- struct security_descriptor_info **ppdesc)
+ struct security_descriptor **ppdesc)
{
return SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info,
ppdesc);
@@ -230,7 +230,7 @@ static size_t catia_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
static BOOL catia_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info_sent,
- struct security_descriptor_info *psd)
+ struct security_descriptor *psd)
{
return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
psd);
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index b74763b2e5..1ff29a67ee 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -373,7 +373,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
prs_mem_free( &ps );
return 0;
}
- sec = sd_orig->sec;
+ sec = sd_orig->sd;
/* is this even valid? */
@@ -385,17 +385,17 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
/* update access masks */
for ( i=0; i<sec->dacl->num_aces; i++ ) {
- switch ( sec->dacl->ace[i].info.mask ) {
+ switch ( sec->dacl->aces[i].access_mask ) {
case (GENERIC_READ_ACCESS | GENERIC_WRITE_ACCESS | GENERIC_EXECUTE_ACCESS):
- sec->dacl->ace[i].info.mask = PRINTER_ACE_PRINT;
+ sec->dacl->aces[i].access_mask = PRINTER_ACE_PRINT;
break;
case GENERIC_ALL_ACCESS:
- sec->dacl->ace[i].info.mask = PRINTER_ACE_FULL_CONTROL;
+ sec->dacl->aces[i].access_mask = PRINTER_ACE_FULL_CONTROL;
break;
case READ_CONTROL_ACCESS:
- sec->dacl->ace[i].info.mask = PRINTER_ACE_MANAGE_DOCUMENTS;
+ sec->dacl->aces[i].access_mask = PRINTER_ACE_MANAGE_DOCUMENTS;
default: /* no change */
break;
@@ -428,7 +428,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
/* store it back */
- sd_size = sec_desc_size(sd_store->sec) + sizeof(SEC_DESC_BUF);
+ sd_size = sec_desc_size(sd_store->sd) + sizeof(SEC_DESC_BUF);
prs_init(&ps, sd_size, ctx, MARSHALL);
if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_store, &ps, 1 ) ) {
@@ -4998,7 +4998,7 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
permissions through NT. If they are NULL in the new security
descriptor then copy them over from the old one. */
- if (!secdesc_ctr->sec->owner_sid || !secdesc_ctr->sec->grp_sid) {
+ if (!secdesc_ctr->sd->owner_sid || !secdesc_ctr->sd->group_sid) {
DOM_SID *owner_sid, *group_sid;
SEC_ACL *dacl, *sacl;
SEC_DESC *psd = NULL;
@@ -5011,25 +5011,25 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
/* Pick out correct owner and group sids */
- owner_sid = secdesc_ctr->sec->owner_sid ?
- secdesc_ctr->sec->owner_sid :
- old_secdesc_ctr->sec->owner_sid;
+ owner_sid = secdesc_ctr->sd->owner_sid ?
+ secdesc_ctr->sd->owner_sid :
+ old_secdesc_ctr->sd->owner_sid;
- group_sid = secdesc_ctr->sec->grp_sid ?
- secdesc_ctr->sec->grp_sid :
- old_secdesc_ctr->sec->grp_sid;
+ group_sid = secdesc_ctr->sd->group_sid ?
+ secdesc_ctr->sd->group_sid :
+ old_secdesc_ctr->sd->group_sid;
- dacl = secdesc_ctr->sec->dacl ?
- secdesc_ctr->sec->dacl :
- old_secdesc_ctr->sec->dacl;
+ dacl = secdesc_ctr->sd->dacl ?
+ secdesc_ctr->sd->dacl :
+ old_secdesc_ctr->sd->dacl;
- sacl = secdesc_ctr->sec->sacl ?
- secdesc_ctr->sec->sacl :
- old_secdesc_ctr->sec->sacl;
+ sacl = secdesc_ctr->sd->sacl ?
+ secdesc_ctr->sd->sacl :
+ old_secdesc_ctr->sd->sacl;
/* Make a deep copy of the security descriptor */
- psd = make_sec_desc(mem_ctx, secdesc_ctr->sec->revision, secdesc_ctr->sec->type,
+ psd = make_sec_desc(mem_ctx, secdesc_ctr->sd->revision, secdesc_ctr->sd->type,
owner_sid, group_sid,
sacl,
dacl,
@@ -5049,7 +5049,7 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
/* Store the security descriptor in a tdb */
- prs_init(&ps, (uint32)sec_desc_size(new_secdesc_ctr->sec) +
+ prs_init(&ps, (uint32)sec_desc_size(new_secdesc_ctr->sd) +
sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL);
if (!sec_io_desc_buf("nt_printing_setsec", &new_secdesc_ctr,
@@ -5194,7 +5194,7 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
/* Save default security descriptor for later */
- prs_init(&ps, (uint32)sec_desc_size((*secdesc_ctr)->sec) +
+ prs_init(&ps, (uint32)sec_desc_size((*secdesc_ctr)->sd) +
sizeof(SEC_DESC_BUF), ctx, MARSHALL);
if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) {
@@ -5212,7 +5212,7 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
this security descriptor has been created when winbindd was
down. Take ownership of security descriptor. */
- if (sid_equal((*secdesc_ctr)->sec->owner_sid, &global_sid_World)) {
+ if (sid_equal((*secdesc_ctr)->sd->owner_sid, &global_sid_World)) {
DOM_SID owner_sid;
/* Change sd owner to workgroup administrator */
@@ -5226,11 +5226,11 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
sid_append_rid(&owner_sid, DOMAIN_USER_RID_ADMIN);
- psd = make_sec_desc(ctx, (*secdesc_ctr)->sec->revision, (*secdesc_ctr)->sec->type,
+ psd = make_sec_desc(ctx, (*secdesc_ctr)->sd->revision, (*secdesc_ctr)->sd->type,
&owner_sid,
- (*secdesc_ctr)->sec->grp_sid,
- (*secdesc_ctr)->sec->sacl,
- (*secdesc_ctr)->sec->dacl,
+ (*secdesc_ctr)->sd->group_sid,
+ (*secdesc_ctr)->sd->sacl,
+ (*secdesc_ctr)->sd->dacl,
&size);
if (!psd) {
@@ -5253,7 +5253,7 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
}
if (DEBUGLEVEL >= 10) {
- SEC_ACL *the_acl = (*secdesc_ctr)->sec->dacl;
+ SEC_ACL *the_acl = (*secdesc_ctr)->sd->dacl;
int i;
DEBUG(10, ("secdesc_ctr for %s has %d aces:\n",
@@ -5262,11 +5262,11 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
for (i = 0; i < the_acl->num_aces; i++) {
fstring sid_str;
- sid_to_string(sid_str, &the_acl->ace[i].trustee);
+ sid_to_string(sid_str, &the_acl->aces[i].trustee);
DEBUG(10, ("%s %d %d 0x%08x\n", sid_str,
- the_acl->ace[i].type, the_acl->ace[i].flags,
- the_acl->ace[i].info.mask));
+ the_acl->aces[i].type, the_acl->aces[i].flags,
+ the_acl->aces[i].access_mask));
}
}
@@ -5318,7 +5318,7 @@ void map_printer_permissions(SEC_DESC *sd)
int i;
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- se_map_generic(&sd->dacl->ace[i].info.mask,
+ se_map_generic(&sd->dacl->aces[i].access_mask,
&printer_generic_mapping);
}
}
@@ -5396,7 +5396,7 @@ BOOL print_access_check(struct current_user *user, int snum, int access_type)
against. This is because print jobs are child objects
objects of a printer. */
- secdesc = se_create_child_secdesc(mem_ctx, parent_secdesc->sec, False);
+ secdesc = se_create_child_secdesc(mem_ctx, parent_secdesc->sd, False);
if (!secdesc) {
talloc_destroy(mem_ctx);
@@ -5415,9 +5415,9 @@ BOOL print_access_check(struct current_user *user, int snum, int access_type)
/* Check access */
- map_printer_permissions(secdesc->sec);
+ map_printer_permissions(secdesc->sd);
- result = se_access_check(secdesc->sec, user->nt_user_token, access_type,
+ result = se_access_check(secdesc->sd, user->nt_user_token, access_type,
&access_granted, &status);
DEBUG(4, ("access check was %s\n", result ? "SUCCESS" : "FAILURE"));
diff --git a/source3/registry/reg_printing.c b/source3/registry/reg_printing.c
index d8c25d802d..ba79092ea5 100644
--- a/source3/registry/reg_printing.c
+++ b/source3/registry/reg_printing.c
@@ -449,8 +449,8 @@ static void fill_in_printer_values( NT_PRINTER_INFO_LEVEL_2 *info2, REGVAL_CTR *
/* stream the printer security descriptor */
- if ( info2->secdesc_buf && info2->secdesc_buf->len ) {
- if ( sec_io_desc("sec_desc", &info2->secdesc_buf->sec, &prs, 0 ) ) {
+ if ( info2->secdesc_buf && info2->secdesc_buf->sd ) {
+ if ( sec_io_desc("sec_desc", &info2->secdesc_buf->sd, &prs, 0 ) ) {
offset = prs_offset( &prs );
regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&prs), offset );
}
diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c
index 6a544bba64..0f0c642d21 100644
--- a/source3/rpc_client/cli_reg.c
+++ b/source3/rpc_client/cli_reg.c
@@ -332,7 +332,7 @@ WERROR rpccli_reg_get_key_sec(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
return out.status;
sec_buf = out.data;
- *sec_buf_size = out.data->len;
+ *sec_buf_size = out.data->sd_size;
return out.status;
}
diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c
index 06a2b19095..f529ad1425 100644
--- a/source3/rpc_parse/parse_reg.c
+++ b/source3/rpc_parse/parse_reg.c
@@ -141,9 +141,9 @@ static BOOL reg_io_hdrbuf_sec(uint32 ptr, uint32 *ptr3, BUFHDR *hdr_sec,
}
if(!smb_io_hdrbuf_post("hdr_sec", hdr_sec, ps, depth,
- hdr_offset, data->max_len, data->len))
+ hdr_offset, data->sd_size, data->sd_size))
return False;
- if(!prs_set_offset(ps, old_offset + data->len +
+ if(!prs_set_offset(ps, old_offset + data->sd_size +
sizeof(uint32) * ((ptr3 != NULL) ? 5 : 3)))
return False;
@@ -181,7 +181,7 @@ void init_reg_q_create_key_ex(REG_Q_CREATE_KEY_EX *q_c, POLICY_HND *hnd,
q_c->data = sec_buf;
q_c->ptr2 = 1;
- init_buf_hdr(&q_c->hdr_sec, sec_buf->len, sec_buf->len);
+ init_buf_hdr(&q_c->hdr_sec, sec_buf->sd_size, sec_buf->sd_size);
q_c->ptr3 = 1;
q_c->disposition = TALLOC_P( get_talloc_ctx(), uint32 );
if (!q_c->disposition) {
@@ -704,7 +704,7 @@ void init_reg_q_set_key_sec(REG_Q_SET_KEY_SEC *q_u, POLICY_HND *pol,
q_u->sec_info = sec_info;
q_u->ptr = 1;
- init_buf_hdr(&q_u->hdr_sec, sec_desc_buf->len, sec_desc_buf->len);
+ init_buf_hdr(&q_u->hdr_sec, sec_desc_buf->sd_size, sec_desc_buf->sd_size);
q_u->data = sec_desc_buf;
}
diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c
index 6a752688a0..32a8a8cd32 100644
--- a/source3/rpc_parse/parse_sec.c
+++ b/source3/rpc_parse/parse_sec.c
@@ -39,7 +39,7 @@ BOOL sec_io_access(const char *desc, SEC_ACCESS *t, prs_struct *ps, int depth)
prs_debug(ps, depth, desc, "sec_io_access");
depth++;
- if(!prs_uint32("mask", ps, depth, &t->mask))
+ if(!prs_uint32("mask", ps, depth, t))
return False;
return True;
@@ -62,7 +62,7 @@ BOOL sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
old_offset = prs_offset(ps);
- if(!prs_uint8("type ", ps, depth, &psa->type))
+ if(!prs_uint8("type ", ps, depth, (uint8*)&psa->type))
return False;
if(!prs_uint8("flags", ps, depth, &psa->flags))
@@ -71,7 +71,7 @@ BOOL sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
if(!prs_uint16_pre("size ", ps, depth, &psa->size, &offset_ace_size))
return False;
- if(!sec_io_access("info ", &psa->info, ps, depth))
+ if(!prs_uint32("access_mask", ps, depth, &psa->access_mask))
return False;
/* check whether object access is present */
@@ -79,15 +79,15 @@ BOOL sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
if (!smb_io_dom_sid("trustee ", &psa->trustee , ps, depth))
return False;
} else {
- if (!prs_uint32("obj_flags", ps, depth, &psa->obj_flags))
+ if (!prs_uint32("obj_flags", ps, depth, &psa->object.object.flags))
return False;
- if (psa->obj_flags & SEC_ACE_OBJECT_PRESENT)
- if (!smb_io_uuid("obj_guid", &psa->obj_guid, ps,depth))
+ if (psa->object.object.flags & SEC_ACE_OBJECT_PRESENT)
+ if (!smb_io_uuid("obj_guid", &psa->object.object.type.type, ps,depth))
return False;
- if (psa->obj_flags & SEC_ACE_OBJECT_INHERITED_PRESENT)
- if (!smb_io_uuid("inh_guid", &psa->inh_guid, ps,depth))
+ if (psa->object.object.flags & SEC_ACE_OBJECT_INHERITED_PRESENT)
+ if (!smb_io_uuid("inh_guid", &psa->object.object.inherited_type.inherited_type, ps,depth))
return False;
if(!smb_io_dom_sid("trustee ", &psa->trustee , ps, depth))
@@ -155,7 +155,7 @@ BOOL sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth)
old_offset = prs_offset(ps);
- if(!prs_uint16("revision", ps, depth, &psa->revision))
+ if(!prs_uint16("revision", ps, depth, (uint16 *)&psa->revision))
return False;
if(!prs_uint16_pre("size ", ps, depth, &psa->size, &offset_acl_size))
@@ -170,14 +170,14 @@ BOOL sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth)
* between a non-present DACL (allow all access) and a DACL with no ACE's
* (allow no access).
*/
- if((psa->ace = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces+1)) == NULL)
+ if((psa->aces = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces+1)) == NULL)
return False;
}
for (i = 0; i < psa->num_aces; i++) {
fstring tmp;
slprintf(tmp, sizeof(tmp)-1, "ace_list[%02d]: ", i);
- if(!sec_io_ace(tmp, &psa->ace[i], ps, depth))
+ if(!sec_io_ace(tmp, &psa->aces[i], ps, depth))
return False;
}
@@ -211,6 +211,7 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
uint32 old_offset;
uint32 max_offset = 0; /* after we're done, move offset to end */
uint32 tmp_offset = 0;
+ uint32 off_sacl, off_dacl, off_owner_sid, off_grp_sid;
SEC_DESC *psd;
@@ -236,7 +237,7 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
/* start of security descriptor stored for back-calc offset purposes */
old_offset = prs_offset(ps);
- if(!prs_uint16("revision ", ps, depth, &psd->revision))
+ if(!prs_uint16("revision ", ps, depth, (uint16*)&psd->revision))
return False;
if(!prs_uint16("type ", ps, depth, &psd->type))
@@ -250,52 +251,52 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
*/
if (psd->sacl != NULL) {
- psd->off_sacl = offset;
+ off_sacl = offset;
offset += psd->sacl->size;
} else {
- psd->off_sacl = 0;
+ off_sacl = 0;
}
if (psd->dacl != NULL) {
- psd->off_dacl = offset;
+ off_dacl = offset;
offset += psd->dacl->size;
} else {
- psd->off_dacl = 0;
+ off_dacl = 0;
}
if (psd->owner_sid != NULL) {
- psd->off_owner_sid = offset;
+ off_owner_sid = offset;
offset += sid_size(psd->owner_sid);
} else {
- psd->off_owner_sid = 0;
+ off_owner_sid = 0;
}
- if (psd->grp_sid != NULL) {
- psd->off_grp_sid = offset;
- offset += sid_size(psd->grp_sid);
+ if (psd->group_sid != NULL) {
+ off_grp_sid = offset;
+ offset += sid_size(psd->group_sid);
} else {
- psd->off_grp_sid = 0;
+ off_grp_sid = 0;
}
}
- if(!prs_uint32("off_owner_sid", ps, depth, &psd->off_owner_sid))
+ if(!prs_uint32("off_owner_sid", ps, depth, &off_owner_sid))
return False;
- if(!prs_uint32("off_grp_sid ", ps, depth, &psd->off_grp_sid))
+ if(!prs_uint32("off_grp_sid ", ps, depth, &off_grp_sid))
return False;
- if(!prs_uint32("off_sacl ", ps, depth, &psd->off_sacl))
+ if(!prs_uint32("off_sacl ", ps, depth, &off_sacl))
return False;
- if(!prs_uint32("off_dacl ", ps, depth, &psd->off_dacl))
+ if(!prs_uint32("off_dacl ", ps, depth, &off_dacl))
return False;
max_offset = MAX(max_offset, prs_offset(ps));
- if (psd->off_owner_sid != 0) {
+ if (off_owner_sid != 0) {
tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + psd->off_owner_sid))
+ if(!prs_set_offset(ps, old_offset + off_owner_sid))
return False;
if (UNMARSHALLING(ps)) {
@@ -313,19 +314,19 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
return False;
}
- if (psd->off_grp_sid != 0) {
+ if (psd->group_sid != 0) {
tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + psd->off_grp_sid))
+ if(!prs_set_offset(ps, old_offset + off_grp_sid))
return False;
if (UNMARSHALLING(ps)) {
/* reading */
- if((psd->grp_sid = PRS_ALLOC_MEM(ps,DOM_SID,1)) == NULL)
+ if((psd->group_sid = PRS_ALLOC_MEM(ps,DOM_SID,1)) == NULL)
return False;
}
- if(!smb_io_dom_sid("grp_sid", psd->grp_sid, ps, depth))
+ if(!smb_io_dom_sid("grp_sid", psd->group_sid, ps, depth))
return False;
max_offset = MAX(max_offset, prs_offset(ps));
@@ -334,9 +335,9 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
return False;
}
- if ((psd->type & SEC_DESC_SACL_PRESENT) && psd->off_sacl) {
+ if ((psd->type & SEC_DESC_SACL_PRESENT) && off_sacl) {
tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + psd->off_sacl))
+ if(!prs_set_offset(ps, old_offset + off_sacl))
return False;
if(!sec_io_acl("sacl", &psd->sacl, ps, depth))
return False;
@@ -345,9 +346,9 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
return False;
}
- if ((psd->type & SEC_DESC_DACL_PRESENT) && psd->off_dacl != 0) {
+ if ((psd->type & SEC_DESC_DACL_PRESENT) && off_dacl != 0) {
tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + psd->off_dacl))
+ if(!prs_set_offset(ps, old_offset + off_dacl))
return False;
if(!sec_io_acl("dacl", &psd->dacl, ps, depth))
return False;
@@ -372,7 +373,9 @@ BOOL sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int
uint32 off_max_len;
uint32 old_offset;
uint32 size;
+ uint32 len;
SEC_DESC_BUF *psdb;
+ uint32 ptr;
if (ppsdb == NULL)
return False;
@@ -391,20 +394,22 @@ BOOL sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int
if(!prs_align(ps))
return False;
- if(!prs_uint32_pre("max_len", ps, depth, &psdb->max_len, &off_max_len))
+ if(!prs_uint32_pre("max_len", ps, depth, &psdb->sd_size, &off_max_len))
return False;
- if(!prs_uint32 ("ptr ", ps, depth, &psdb->ptr))
+ ptr = 1;
+ if(!prs_uint32 ("ptr ", ps, depth, &ptr))
return False;
- if(!prs_uint32_pre("len ", ps, depth, &psdb->len, &off_len))
+ len = sec_desc_size(psdb->sd);
+ if(!prs_uint32_pre("len ", ps, depth, &len, &off_len))
return False;
old_offset = prs_offset(ps);
/* reading, length is non-zero; writing, descriptor is non-NULL */
- if ((UNMARSHALLING(ps) && psdb->len != 0) || (MARSHALLING(ps) && psdb->sec != NULL)) {
- if(!sec_io_desc("sec ", &psdb->sec, ps, depth))
+ if ((UNMARSHALLING(ps) && psdb->sd_size != 0) || (MARSHALLING(ps) && psdb->sd != NULL)) {
+ if(!sec_io_desc("sec ", &psdb->sd, ps, depth))
return False;
}
@@ -412,10 +417,10 @@ BOOL sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int
return False;
size = prs_offset(ps) - old_offset;
- if(!prs_uint32_post("max_len", ps, depth, &psdb->max_len, off_max_len, size == 0 ? psdb->max_len : size))
+ if(!prs_uint32_post("max_len", ps, depth, &psdb->sd_size, off_max_len, size == 0 ? psdb->sd_size : size))
return False;
- if(!prs_uint32_post("len ", ps, depth, &psdb->len, off_len, size))
+ if(!prs_uint32_post("len ", ps, depth, &len, off_len, size))
return False;
return True;
diff --git a/source3/rpc_parse/parse_spoolss.c b/source3/rpc_parse/parse_spoolss.c
index ec64e10a59..e878744a1b 100644
--- a/source3/rpc_parse/parse_spoolss.c
+++ b/source3/rpc_parse/parse_spoolss.c
@@ -3775,10 +3775,8 @@ BOOL make_spoolss_q_setprinter(TALLOC_CTX *mem_ctx, SPOOL_Q_SETPRINTER *q_u,
q_u->secdesc_ctr = SMB_MALLOC_P(SEC_DESC_BUF);
if (!q_u->secdesc_ctr)
return False;
- q_u->secdesc_ctr->ptr = (secdesc != NULL) ? 1: 0;
- q_u->secdesc_ctr->max_len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
- q_u->secdesc_ctr->len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
- q_u->secdesc_ctr->sec = secdesc;
+ q_u->secdesc_ctr->sd = secdesc;
+ q_u->secdesc_ctr->sd_size = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
q_u->devmode_ctr.devmode_ptr = (devmode != NULL) ? 1 : 0;
q_u->devmode_ctr.size = (devmode != NULL) ? sizeof(DEVICEMODE) + (3*sizeof(uint32)) : 0;
@@ -3799,10 +3797,8 @@ BOOL make_spoolss_q_setprinter(TALLOC_CTX *mem_ctx, SPOOL_Q_SETPRINTER *q_u,
q_u->secdesc_ctr = SMB_MALLOC_P(SEC_DESC_BUF);
if (!q_u->secdesc_ctr)
return False;
- q_u->secdesc_ctr->ptr = (secdesc != NULL) ? 1: 0;
- q_u->secdesc_ctr->max_len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
- q_u->secdesc_ctr->len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
- q_u->secdesc_ctr->sec = secdesc;
+ q_u->secdesc_ctr->sd_size = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
+ q_u->secdesc_ctr->sd = secdesc;
break;
case 7:
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 16dec45318..1a396a2391 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -3008,8 +3008,8 @@ static void spoolss_notify_security_desc(int snum,
NT_PRINTER_INFO_LEVEL *printer,
TALLOC_CTX *mem_ctx)
{
- data->notify_data.sd.size = printer->info_2->secdesc_buf->len;
- data->notify_data.sd.desc = dup_sec_desc( mem_ctx, printer->info_2->secdesc_buf->sec ) ;
+ data->notify_data.sd.size = printer->info_2->secdesc_buf->sd_size;
+ data->notify_data.sd.desc = dup_sec_desc( mem_ctx, printer->info_2->secdesc_buf->sd ) ;
}
/*******************************************************************
@@ -4154,13 +4154,13 @@ static BOOL construct_printer_info_2(Printer_entry *print_hnd, PRINTER_INFO_2 *p
printer->secdesc = NULL;
if ( ntprinter->info_2->secdesc_buf
- && ntprinter->info_2->secdesc_buf->len != 0 )
+ && ntprinter->info_2->secdesc_buf->sd_size != 0 )
{
/* don't use talloc_steal() here unless you do a deep steal of all
the SEC_DESC members */
printer->secdesc = dup_sec_desc( get_talloc_ctx(),
- ntprinter->info_2->secdesc_buf->sec );
+ ntprinter->info_2->secdesc_buf->sd );
}
free_a_printer(&ntprinter, 2);
@@ -4194,12 +4194,12 @@ static BOOL construct_printer_info_3(Printer_entry *print_hnd, PRINTER_INFO_3 **
printer->flags = 0x4;
- if (ntprinter->info_2->secdesc_buf && ntprinter->info_2->secdesc_buf->len != 0) {
+ if (ntprinter->info_2->secdesc_buf && ntprinter->info_2->secdesc_buf->sd_size != 0) {
/* don't use talloc_steal() here unless you do a deep steal of all
the SEC_DESC members */
printer->secdesc = dup_sec_desc( get_talloc_ctx(),
- ntprinter->info_2->secdesc_buf->sec );
+ ntprinter->info_2->secdesc_buf->sd );
}
free_a_printer(&ntprinter, 2);
@@ -5845,20 +5845,20 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
SEC_ACL *the_acl;
int i;
- the_acl = old_secdesc_ctr->sec->dacl;
+ the_acl = old_secdesc_ctr->sd->dacl;
DEBUG(10, ("old_secdesc_ctr for %s has %d aces:\n",
PRINTERNAME(snum), the_acl->num_aces));
for (i = 0; i < the_acl->num_aces; i++) {
fstring sid_str;
- sid_to_string(sid_str, &the_acl->ace[i].trustee);
+ sid_to_string(sid_str, &the_acl->aces[i].trustee);
DEBUG(10, ("%s 0x%08x\n", sid_str,
- the_acl->ace[i].info.mask));
+ the_acl->aces[i].access_mask));
}
- the_acl = secdesc_ctr->sec->dacl;
+ the_acl = secdesc_ctr->sd->dacl;
if (the_acl) {
DEBUG(10, ("secdesc_ctr for %s has %d aces:\n",
@@ -5867,10 +5867,10 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
for (i = 0; i < the_acl->num_aces; i++) {
fstring sid_str;
- sid_to_string(sid_str, &the_acl->ace[i].trustee);
+ sid_to_string(sid_str, &the_acl->aces[i].trustee);
DEBUG(10, ("%s 0x%08x\n", sid_str,
- the_acl->ace[i].info.mask));
+ the_acl->aces[i].access_mask));
}
} else {
DEBUG(10, ("dacl for secdesc_ctr is NULL\n"));
@@ -5883,7 +5883,7 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
goto done;
}
- if (sec_desc_equal(new_secdesc_ctr->sec, old_secdesc_ctr->sec)) {
+ if (sec_desc_equal(new_secdesc_ctr->sd, old_secdesc_ctr->sd)) {
result = WERR_OK;
goto done;
}
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index c65401f1c4..21032a4ed9 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -309,11 +309,11 @@ static void map_generic_share_sd_bits(SEC_DESC *psd)
return;
for (i = 0; i < ps_dacl->num_aces; i++) {
- SEC_ACE *psa = &ps_dacl->ace[i];
- uint32 orig_mask = psa->info.mask;
+ SEC_ACE *psa = &ps_dacl->aces[i];
+ uint32 orig_mask = psa->access_mask;
- se_map_generic(&psa->info.mask, &file_generic_mapping);
- psa->info.mask |= orig_mask;
+ se_map_generic(&psa->access_mask, &file_generic_mapping);
+ psa->access_mask |= orig_mask;
}
}
@@ -1538,7 +1538,7 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
case 1501:
pstrcpy(pathname, lp_pathname(snum));
fstrcpy(comment, lp_comment(snum));
- psd = q_u->info.share.info1501.sdb->sec;
+ psd = q_u->info.share.info1501.sdb->sd;
map_generic_share_sd_bits(psd);
type = STYPE_DISKTREE;
break;
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index 3cd242cd4d..7134f5fbf2 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -834,7 +834,7 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
/* Print results */
- display_sec_desc(sdb->sec);
+ display_sec_desc(sdb->sd);
rpccli_lsa_close(cli, mem_ctx, &pol);
done:
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index cc0fe61990..04ffa002d2 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1994,7 +1994,7 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
if (!NT_STATUS_IS_OK(result))
goto done;
- display_sec_desc(sec_desc_buf->sec);
+ display_sec_desc(sec_desc_buf->sd);
rpccli_samr_close(cli, mem_ctx, &user_pol);
rpccli_samr_close(cli, mem_ctx, &domain_pol);
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index c5e48a6324..9cebd21d7d 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1009,16 +1009,16 @@ static NTSTATUS set_sd(files_struct *fsp, char *data, uint32 sd_len, uint32 secu
return NT_STATUS_NO_MEMORY;
}
- if (psd->off_owner_sid==0) {
+ if (psd->owner_sid==0) {
security_info_sent &= ~OWNER_SECURITY_INFORMATION;
}
- if (psd->off_grp_sid==0) {
+ if (psd->group_sid==0) {
security_info_sent &= ~GROUP_SECURITY_INFORMATION;
}
- if (psd->off_sacl==0) {
+ if (psd->sacl==0) {
security_info_sent &= ~SACL_SECURITY_INFORMATION;
}
- if (psd->off_dacl==0) {
+ if (psd->dacl==0) {
security_info_sent &= ~DACL_SECURITY_INFORMATION;
}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 18ef187f38..3b38b91547 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -860,36 +860,36 @@ static SEC_ACCESS map_canon_ace_perms(int snum, int *pacl_type, DOM_SID *powner_
#define FILE_SPECIFIC_WRITE_BITS (FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_WRITE_EA|FILE_WRITE_ATTRIBUTES)
#define FILE_SPECIFIC_EXECUTE_BITS (FILE_EXECUTE)
-static mode_t map_nt_perms( SEC_ACCESS sec_access, int type)
+static mode_t map_nt_perms( uint32 *mask, int type)
{
mode_t mode = 0;
switch(type) {
case S_IRUSR:
- if(sec_access.mask & GENERIC_ALL_ACCESS)
+ if((*mask) & GENERIC_ALL_ACCESS)
mode = S_IRUSR|S_IWUSR|S_IXUSR;
else {
- mode |= (sec_access.mask & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRUSR : 0;
- mode |= (sec_access.mask & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWUSR : 0;
- mode |= (sec_access.mask & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXUSR : 0;
+ mode |= ((*mask) & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRUSR : 0;
+ mode |= ((*mask) & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWUSR : 0;
+ mode |= ((*mask) & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXUSR : 0;
}
break;
case S_IRGRP:
- if(sec_access.mask & GENERIC_ALL_ACCESS)
+ if((*mask) & GENERIC_ALL_ACCESS)
mode = S_IRGRP|S_IWGRP|S_IXGRP;
else {
- mode |= (sec_access.mask & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRGRP : 0;
- mode |= (sec_access.mask & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWGRP : 0;
- mode |= (sec_access.mask & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXGRP : 0;
+ mode |= ((*mask) & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRGRP : 0;
+ mode |= ((*mask) & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWGRP : 0;
+ mode |= ((*mask) & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXGRP : 0;
}
break;
case S_IROTH:
- if(sec_access.mask & GENERIC_ALL_ACCESS)
+ if((*mask) & GENERIC_ALL_ACCESS)
mode = S_IROTH|S_IWOTH|S_IXOTH;
else {
- mode |= (sec_access.mask & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IROTH : 0;
- mode |= (sec_access.mask & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWOTH : 0;
- mode |= (sec_access.mask & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXOTH : 0;
+ mode |= ((*mask) & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IROTH : 0;
+ mode |= ((*mask) & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWOTH : 0;
+ mode |= ((*mask) & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXOTH : 0;
}
break;
}
@@ -950,7 +950,7 @@ BOOL unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_
*/
if (security_info_sent & GROUP_SECURITY_INFORMATION) {
- sid_copy(&grp_sid, psd->grp_sid);
+ sid_copy(&grp_sid, psd->group_sid);
if (!sid_to_gid( &grp_sid, pgrp)) {
if (lp_force_unknown_acl_user(snum)) {
/* this allows take group ownership to work
@@ -1254,7 +1254,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
*/
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa = &dacl->ace[i];
+ SEC_ACE *psa = &dacl->aces[i];
if((psa->type != SEC_ACE_TYPE_ACCESS_ALLOWED) && (psa->type != SEC_ACE_TYPE_ACCESS_DENIED)) {
DEBUG(3,("create_canon_ace_lists: unable to set anything but an ALLOW or DENY ACE.\n"));
@@ -1273,12 +1273,12 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
* Convert GENERIC bits to specific bits.
*/
- se_map_generic(&psa->info.mask, &file_generic_mapping);
+ se_map_generic(&psa->access_mask, &file_generic_mapping);
- psa->info.mask &= (UNIX_ACCESS_NONE|FILE_ALL_ACCESS);
+ psa->access_mask &= (UNIX_ACCESS_NONE|FILE_ALL_ACCESS);
- if(psa->info.mask != UNIX_ACCESS_NONE)
- psa->info.mask &= ~UNIX_ACCESS_NONE;
+ if(psa->access_mask != UNIX_ACCESS_NONE)
+ psa->access_mask &= ~UNIX_ACCESS_NONE;
}
}
@@ -1291,12 +1291,12 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
*/
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa1 = &dacl->ace[i];
+ SEC_ACE *psa1 = &dacl->aces[i];
for (j = i + 1; j < dacl->num_aces; j++) {
- SEC_ACE *psa2 = &dacl->ace[j];
+ SEC_ACE *psa2 = &dacl->aces[j];
- if (psa1->info.mask != psa2->info.mask)
+ if (psa1->access_mask != psa2->access_mask)
continue;
if (!sid_equal(&psa1->trustee, &psa2->trustee))
@@ -1322,7 +1322,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
}
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa = &dacl->ace[i];
+ SEC_ACE *psa = &dacl->aces[i];
/*
* Ignore non-mappable SIDs (NT Authority, BUILTIN etc).
@@ -1408,7 +1408,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
* S_I(R|W|X)USR bits.
*/
- current_ace->perms |= map_nt_perms( psa->info, S_IRUSR);
+ current_ace->perms |= map_nt_perms( &psa->access_mask, S_IRUSR);
current_ace->attr = (psa->type == SEC_ACE_TYPE_ACCESS_ALLOWED) ? ALLOW_ACE : DENY_ACE;
current_ace->inherited = ((psa->flags & SEC_ACE_FLAG_INHERITED_ACE) ? True : False);
@@ -2641,7 +2641,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
/* We know the lower number ACE's are file entries. */
if ((nt_ace_list[i].type == nt_ace_list[j].type) &&
(nt_ace_list[i].size == nt_ace_list[j].size) &&
- (nt_ace_list[i].info.mask == nt_ace_list[j].info.mask) &&
+ (nt_ace_list[i].access_mask == nt_ace_list[j].access_mask) &&
sid_equal(&nt_ace_list[i].trustee, &nt_ace_list[j].trustee) &&
(i_inh == j_inh) &&
(i_flags_ni == 0) &&
@@ -2654,7 +2654,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
* the non-inherited ACE onto the inherited ACE.
*/
- if (nt_ace_list[i].info.mask == 0) {
+ if (nt_ace_list[i].access_mask == 0) {
nt_ace_list[j].flags = SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|
(i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
if (num_aces - i - 1 > 0)
@@ -2954,7 +2954,7 @@ size_t get_nt_acl(files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc)
}
if (psd->dacl) {
- dacl_sort_into_canonical_order(psd->dacl->ace, (unsigned int)psd->dacl->num_aces);
+ dacl_sort_into_canonical_order(psd->dacl->aces, (unsigned int)psd->dacl->num_aces);
}
*ppdesc = psd;
diff --git a/source3/tdb/include/tdbutil.h b/source3/tdb/include/tdbutil.h
index 1bc000337b..72d1505f4e 100644
--- a/source3/tdb/include/tdbutil.h
+++ b/source3/tdb/include/tdbutil.h
@@ -47,9 +47,9 @@ int tdb_read_lock_bystring_with_timeout(TDB_CONTEXT *tdb, const char *keyval,
unsigned int timeout);
void tdb_read_unlock_bystring(TDB_CONTEXT *tdb, const char *keyval);
int32_t tdb_fetch_int32(struct tdb_context *tdb, const char *keystr);
-BOOL tdb_store_uint32(struct tdb_context *tdb, const char *keystr, uint32_t value);
+int tdb_store_uint32(struct tdb_context *tdb, const char *keystr, uint32_t value);
int tdb_store_int32(struct tdb_context *tdb, const char *keystr, int32_t v);
-BOOL tdb_fetch_uint32(struct tdb_context *tdb, const char *keystr, uint32_t *value);
+int tdb_fetch_uint32(struct tdb_context *tdb, const char *keystr, uint32_t *value);
int tdb_traverse_delete_fn(struct tdb_context *the_tdb, TDB_DATA key, TDB_DATA dbuf,
void *state);
int tdb_store_bystring(struct tdb_context *tdb, const char *keystr, TDB_DATA data, int flags);
@@ -63,7 +63,7 @@ TDB_DATA make_tdb_data(const char *dptr, size_t dsize);
TDB_DATA string_tdb_data(const char *string);
int tdb_trans_store(struct tdb_context *tdb, TDB_DATA key, TDB_DATA dbuf,
int flag);
-BOOL tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr,
+int tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr,
uint32 *oldval, uint32 change_val);
int tdb_chainlock_with_timeout( TDB_CONTEXT *tdb, TDB_DATA key,
unsigned int timeout);
diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c
index 6a306a9983..a41f9ec562 100644
--- a/source3/utils/net_usershare.c
+++ b/source3/utils/net_usershare.c
@@ -372,7 +372,7 @@ static int info_fn(struct file_list *fl, void *priv)
const char *name;
NTSTATUS ntstatus;
- ntstatus = net_lookup_name_from_sid(ctx, &psd->dacl->ace[num_aces].trustee, &domain, &name);
+ ntstatus = net_lookup_name_from_sid(ctx, &psd->dacl->aces[num_aces].trustee, &domain, &name);
if (NT_STATUS_IS_OK(ntstatus)) {
if (domain && *domain) {
@@ -382,15 +382,15 @@ static int info_fn(struct file_list *fl, void *priv)
pstrcat(acl_str,name);
} else {
fstring sidstr;
- sid_to_string(sidstr, &psd->dacl->ace[num_aces].trustee);
+ sid_to_string(sidstr, &psd->dacl->aces[num_aces].trustee);
pstrcat(acl_str,sidstr);
}
pstrcat(acl_str, ":");
- if (psd->dacl->ace[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
+ if (psd->dacl->aces[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
pstrcat(acl_str, "D,");
} else {
- if (psd->dacl->ace[num_aces].info.mask & GENERIC_ALL_ACCESS) {
+ if (psd->dacl->aces[num_aces].access_mask & GENERIC_ALL_ACCESS) {
pstrcat(acl_str, "F,");
} else {
pstrcat(acl_str, "R,");
diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c
index d40a2deea3..d5b14fdfb0 100644
--- a/source3/utils/profiles.c
+++ b/source3/utils/profiles.c
@@ -43,14 +43,14 @@ static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 )
update = True;
}
- if ( sid_equal( sd->grp_sid, s1 ) ) {
- sid_copy( sd->grp_sid, s2 );
+ if ( sid_equal( sd->group_sid, s1 ) ) {
+ sid_copy( sd->group_sid, s2 );
update = True;
}
for ( i=0; i<acl->num_aces; i++ ) {
- if ( sid_equal( &acl->ace[i].trustee, s1 ) ) {
- sid_copy( &acl->ace[i].trustee, s2 );
+ if ( sid_equal( &acl->aces[i].trustee, s1 ) ) {
+ sid_copy( &acl->aces[i].trustee, s2 );
update = True;
}
}
diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c
index 3f66d4da6e..5749cf2f55 100644
--- a/source3/utils/sharesec.c
+++ b/source3/utils/sharesec.c
@@ -75,7 +75,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
if (numeric) {
fprintf(f, "%d/%d/0x%08x",
- ace->type, ace->flags, ace->info.mask);
+ ace->type, ace->flags, ace->access_mask);
return;
}
@@ -96,7 +96,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
/* Standard permissions */
for (v = standard_values; v->perm; v++) {
- if (ace->info.mask == v->mask) {
+ if (ace->access_mask == v->mask) {
fprintf(f, "%s", v->perm);
return;
}
@@ -105,11 +105,11 @@ static void print_ace(FILE *f, SEC_ACE *ace)
/* Special permissions. Print out a hex value if we have
leftover bits in the mask. */
- got_mask = ace->info.mask;
+ got_mask = ace->access_mask;
again:
for (v = special_values; v->perm; v++) {
- if ((ace->info.mask & v->mask) == v->mask) {
+ if ((ace->access_mask & v->mask) == v->mask) {
if (do_print) {
fprintf(f, "%s", v->perm);
}
@@ -119,7 +119,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
if (!do_print) {
if (got_mask != 0) {
- fprintf(f, "0x%08x", ace->info.mask);
+ fprintf(f, "0x%08x", ace->access_mask);
} else {
do_print = 1;
goto again;
@@ -148,8 +148,8 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
fprintf(f, "OWNER:%s\n", sidstr);
- if (sd->grp_sid) {
- sid_to_string(sidstr, sd->grp_sid);
+ if (sd->group_sid) {
+ sid_to_string(sidstr, sd->group_sid);
} else {
fstrcpy(sidstr, "");
}
@@ -158,7 +158,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
/* Print aces */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->ace[i];
+ SEC_ACE *ace = &sd->dacl->aces[i];
fprintf(f, "ACL:");
print_ace(f, ace);
fprintf(f, "\n");
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 85c59db5ec..67de8c7335 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -172,7 +172,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
if (numeric) {
fprintf(f, "%d/%d/0x%08x",
- ace->type, ace->flags, ace->info.mask);
+ ace->type, ace->flags, ace->access_mask);
return;
}
@@ -193,7 +193,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
/* Standard permissions */
for (v = standard_values; v->perm; v++) {
- if (ace->info.mask == v->mask) {
+ if (ace->access_mask == v->mask) {
fprintf(f, "%s", v->perm);
return;
}
@@ -202,11 +202,11 @@ static void print_ace(FILE *f, SEC_ACE *ace)
/* Special permissions. Print out a hex value if we have
leftover bits in the mask. */
- got_mask = ace->info.mask;
+ got_mask = ace->access_mask;
again:
for (v = special_values; v->perm; v++) {
- if ((ace->info.mask & v->mask) == v->mask) {
+ if ((ace->access_mask & v->mask) == v->mask) {
if (do_print) {
fprintf(f, "%s", v->perm);
}
@@ -216,7 +216,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
if (!do_print) {
if (got_mask != 0) {
- fprintf(f, "0x%08x", ace->info.mask);
+ fprintf(f, "0x%08x", ace->access_mask);
} else {
do_print = 1;
goto again;
@@ -348,7 +348,7 @@ static BOOL parse_ace(SEC_ACE *ace, const char *orig_str)
}
done:
- mask.mask = amask;
+ mask = amask;
init_sec_ace(ace, &sid, atype, mask, aflags);
SAFE_FREE(str);
return True;
@@ -366,7 +366,7 @@ static BOOL add_ace(SEC_ACL **the_acl, SEC_ACE *ace)
if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
return False;
}
- memcpy(aces, (*the_acl)->ace, (*the_acl)->num_aces * sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
new_ace = make_sec_acl(ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
SAFE_FREE(aces);
@@ -465,8 +465,8 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
fprintf(f, "OWNER:%s\n", sidstr);
- if (sd->grp_sid) {
- SidToString(sidstr, sd->grp_sid);
+ if (sd->group_sid) {
+ SidToString(sidstr, sd->group_sid);
} else {
fstrcpy(sidstr, "");
}
@@ -475,7 +475,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
/* Print aces */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->ace[i];
+ SEC_ACE *ace = &sd->dacl->aces[i];
fprintf(f, "ACL:");
print_ace(f, ace);
fprintf(f, "\n");
@@ -593,8 +593,8 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
if (ace1->flags != ace2->flags)
return ace1->flags - ace2->flags;
- if (ace1->info.mask != ace2->info.mask)
- return ace1->info.mask - ace2->info.mask;
+ if (ace1->access_mask != ace2->access_mask)
+ return ace1->access_mask - ace2->access_mask;
if (ace1->size != ace2->size)
return ace1->size - ace2->size;
@@ -607,13 +607,13 @@ static void sort_acl(SEC_ACL *the_acl)
uint32 i;
if (!the_acl) return;
- qsort(the_acl->ace, the_acl->num_aces, sizeof(the_acl->ace[0]), QSORT_CAST ace_compare);
+ qsort(the_acl->aces, the_acl->num_aces, sizeof(the_acl->aces[0]), QSORT_CAST ace_compare);
for (i=1;i<the_acl->num_aces;) {
- if (sec_ace_equal(&the_acl->ace[i-1], &the_acl->ace[i])) {
+ if (sec_ace_equal(&the_acl->aces[i-1], &the_acl->aces[i])) {
int j;
for (j=i; j<the_acl->num_aces-1; j++) {
- the_acl->ace[j] = the_acl->ace[j+1];
+ the_acl->aces[j] = the_acl->aces[j+1];
}
the_acl->num_aces--;
} else {
@@ -665,11 +665,11 @@ static int cacl_set(struct cli_state *cli, char *filename,
BOOL found = False;
for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
- if (sec_ace_equal(&sd->dacl->ace[i],
- &old->dacl->ace[j])) {
+ if (sec_ace_equal(&sd->dacl->aces[i],
+ &old->dacl->aces[j])) {
uint32 k;
for (k=j; k<old->dacl->num_aces-1;k++) {
- old->dacl->ace[k] = old->dacl->ace[k+1];
+ old->dacl->aces[k] = old->dacl->aces[k+1];
}
old->dacl->num_aces--;
found = True;
@@ -679,7 +679,7 @@ static int cacl_set(struct cli_state *cli, char *filename,
if (!found) {
printf("ACL for ACE:");
- print_ace(stdout, &sd->dacl->ace[i]);
+ print_ace(stdout, &sd->dacl->aces[i]);
printf(" not found\n");
}
}
@@ -690,9 +690,9 @@ static int cacl_set(struct cli_state *cli, char *filename,
BOOL found = False;
for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
- if (sid_equal(&sd->dacl->ace[i].trustee,
- &old->dacl->ace[j].trustee)) {
- old->dacl->ace[j] = sd->dacl->ace[i];
+ if (sid_equal(&sd->dacl->aces[i].trustee,
+ &old->dacl->aces[j].trustee)) {
+ old->dacl->aces[j] = sd->dacl->aces[i];
found = True;
}
}
@@ -700,7 +700,7 @@ static int cacl_set(struct cli_state *cli, char *filename,
if (!found) {
fstring str;
- SidToString(str, &sd->dacl->ace[i].trustee);
+ SidToString(str, &sd->dacl->aces[i].trustee);
printf("ACL for SID %s not found\n", str);
}
}
@@ -709,15 +709,15 @@ static int cacl_set(struct cli_state *cli, char *filename,
old->owner_sid = sd->owner_sid;
}
- if (sd->grp_sid) {
- old->grp_sid = sd->grp_sid;
+ if (sd->group_sid) {
+ old->group_sid = sd->group_sid;
}
break;
case SMB_ACL_ADD:
for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
- add_ace(&old->dacl, &sd->dacl->ace[i]);
+ add_ace(&old->dacl, &sd->dacl->aces[i]);
}
break;
generated by cgit (git 2.34.1) at 2024-07-03 04:24:20 +0000