r4147: converted from NT_USER_TOKEN to struct security_token

this is mostly just a tidyup, but also adds the privilege_mask, which
I will be using shortly in ACL checking.

note that I had to move the definition of struct security_token out of
security.idl as pidl doesn't yet handle arrays of pointers, and the
usual workaround (to use a intermediate structure) would make things
too cumbersome for this structure, especially given we never encode it
to NDR.
(This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)

4 files changed, 95 insertions, 21 deletions

diff --git a/source4/libcli/security/access_check.c b/source4/libcli/security/access_check.c
index 425a5c2b6d..c646ee693b 100644
--- a/source4/libcli/security/access_check.c
+++ b/source4/libcli/security/access_check.c
@@ -27,11 +27,12 @@
 /*
   check if a sid is in the supplied token
 */
-static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token)
+static BOOL sid_active_in_token(const struct dom_sid *sid, 
+				const struct security_token *token)
 {
 	int i;
 	for (i=0;i<token->num_sids;i++) {
-		if (dom_sid_equal(sid, token->user_sids[i])) {
+		if (dom_sid_equal(sid, token->sids[i])) {
 			return True;
 		}
 	}
@@ -42,16 +43,15 @@ static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token
 /*
   perform a SEC_FLAG_MAXIMUM_ALLOWED access check
 */
-static uint32_t access_check_max_allowed(struct security_descriptor *sd, 
-					 struct nt_user_token *token)
+static uint32_t access_check_max_allowed(const struct security_descriptor *sd, 
+					 const struct security_token *token)
 {
 	uint32_t denied = 0, granted = 0;
 	unsigned i;
 	
 	if (sid_active_in_token(sd->owner_sid, token)) {
-		granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL;
+		granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
 	}
-	granted |= SEC_STD_DELETE;
 
 	for (i = 0;i<sd->dacl->num_aces; i++) {
 		struct security_ace *ace = &sd->dacl->aces[i];
@@ -77,8 +77,8 @@ static uint32_t access_check_max_allowed(struct security_descriptor *sd,
 /*
   the main entry point for access checking. 
 */
-NTSTATUS sec_access_check(struct security_descriptor *sd, 
-			  struct nt_user_token *token,
+NTSTATUS sec_access_check(const struct security_descriptor *sd, 
+			  const struct security_token *token,
 			  uint32_t access_desired,
 			  uint32_t *access_granted)
 {
diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk
index 900dbe780a..d6896535d6 100644
--- a/source4/libcli/security/config.mk
+++ b/source4/libcli/security/config.mk
@@ -13,6 +13,7 @@ ADD_OBJ_FILES = libcli/security/security_token.o \
 		libcli/security/security_descriptor.o \
 		libcli/security/dom_sid.o \
 		libcli/security/access_check.o \
+		libcli/security/privilege.o \
 		librpc/ndr/ndr_sec.o
 REQUIRED_SUBSYSTEMS = LIB_SECURITY_NDR
 # End SUBSYSTEM LIB_SECURITY
diff --git a/source4/libcli/security/privilege.c b/source4/libcli/security/privilege.c
new file mode 100644
index 0000000000..1962aaa374
--- /dev/null
+++ b/source4/libcli/security/privilege.c
@@ -0,0 +1,84 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   manipulate privileges
+
+   Copyright (C) Andrew Tridgell 2004
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "librpc/gen_ndr/ndr_security.h"
+
+
+static const struct {
+	enum sec_privilege privilege;
+	const char *name;
+} privilege_names[] = {
+	{SEC_PRIV_SECURITY,                   "SeSecurityPrivilege"},
+	{SEC_PRIV_BACKUP,                     "SeBackupPrivilege"},
+	{SEC_PRIV_RESTORE,                    "SeRestorePrivilege"},
+	{SEC_PRIV_SYSTEMTIME,                 "SeSystemtimePrivilege"},
+	{SEC_PRIV_SHUTDOWN,                   "SeShutdownPrivilege"},
+	{SEC_PRIV_REMOTE_SHUTDOWN,            "SeRemoteShutdownPrivilege"},
+	{SEC_PRIV_TAKE_OWNERSHIP,             "SeTakeOwnershipPrivilege"},
+	{SEC_PRIV_DEBUG,                      "SeDebugPrivilege"},
+	{SEC_PRIV_SYSTEM_ENVIRONMENT,         "SeSystemEnvironmentPrivilege"},
+	{SEC_PRIV_SYSTEM_PROFILE,             "SeSystemProfilePrivilege"},
+	{SEC_PRIV_PROFILE_SINGLE_PROCESS,     "SeProfileSingleProcessPrivilege"},
+	{SEC_PRIV_INCREASE_BASE_PRIORITY,     "SeIncreaseBasePriorityPrivilege"},
+	{SEC_PRIV_LOAD_DRIVER,                "SeLoadDriverPrivilege"},
+	{SEC_PRIV_CREATE_PAGEFILE,            "SeCreatePagefilePrivilege"},
+	{SEC_PRIV_INCREASE_QUOTA,             "SeIncreaseQuotaPrivilege"},
+	{SEC_PRIV_CHANGE_NOTIFY,              "SeChangeNotifyPrivilege"},
+	{SEC_PRIV_UNDOCK,                     "SeUndockPrivilege"},
+	{SEC_PRIV_MANAGE_VOLUME,              "SeManageVolumePrivilege"},
+	{SEC_PRIV_IMPERSONATE,                "SeImpersonatePrivilege"},
+	{SEC_PRIV_CREATE_GLOBAL,              "SeCreateGlobalPrivilege"},
+	{SEC_PRIV_ENABLE_DELEGATION,          "SeEnableDelegationPrivilege"},
+	{SEC_PRIV_INTERACTIVE_LOGON,          "SeInteractiveLogonRight"},
+	{SEC_PRIV_NETWORK_LOGON,              "SeNetworkLogonRight"},
+	{SEC_PRIV_REMOTE_INTERACTIVE_LOGON,   "SeRemoteInteractiveLogonRight"}
+};
+
+
+/*
+  map a privilege id to the wire string constant
+*/
+const char *sec_privilege_name(unsigned int privilege)
+{
+	int i;
+	for (i=0;i<ARRAY_SIZE(privilege_names);i++) {
+		if (privilege_names[i].privilege == privilege) {
+			return privilege_names[i].name;
+		}
+	}
+	return NULL;
+}
+
+/*
+  map a privilege name to a privilege id. Return -1 if not found
+*/
+int sec_privilege_id(const char *name)
+{
+	int i;
+	for (i=0;i<ARRAY_SIZE(privilege_names);i++) {
+		if (strcasecmp(privilege_names[i].name, name) == 0) {
+			return (int)privilege_names[i].privilege;
+		}
+	}
+	return -1;
+}
diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c
index 9e26f5a385..a8ce989de7 100644
--- a/source4/libcli/security/security_token.c
+++ b/source4/libcli/security/security_token.c
@@ -24,7 +24,7 @@
 #include "librpc/gen_ndr/ndr_security.h"
 
 /*
-  return a blank security descriptor (no owners, dacl or sacl)
+  return a blank security token
 */
 struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx)
 {
@@ -35,22 +35,11 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx)
 		return NULL;
 	}
 
-	st->flags = 0;
-
 	st->user_sid = NULL;
 	st->group_sid = NULL;
-	st->logon_sid = NULL;
-
 	st->num_sids = 0;
 	st->sids = NULL;
-
-	st->num_restricted_sids = 0;
-	st->restricted_sids = NULL;
-
-	st->num_privileges = 0;
-	st->privileges = NULL;
-
-	st->dacl = NULL;
+	st->privilege_mask = 0;
 
 	return st;
 }