summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-12-11 05:41:19 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:06:31 -0500
commit6ca874f71ad77c82d6e161a3e4772100de2ad6c5 (patch)
tree6379d5d502d779df1da563911d40249030268ac6 /source4/libcli
parent280bb1cf0fc84c61e20f6f557cecbeba726e2749 (diff)
downloadsamba-6ca874f71ad77c82d6e161a3e4772100de2ad6c5.tar.gz
samba-6ca874f71ad77c82d6e161a3e4772100de2ad6c5.tar.bz2
samba-6ca874f71ad77c82d6e161a3e4772100de2ad6c5.zip
r4147: converted from NT_USER_TOKEN to struct security_token
this is mostly just a tidyup, but also adds the privilege_mask, which I will be using shortly in ACL checking. note that I had to move the definition of struct security_token out of security.idl as pidl doesn't yet handle arrays of pointers, and the usual workaround (to use a intermediate structure) would make things too cumbersome for this structure, especially given we never encode it to NDR. (This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/auth/gensec_krb5.c29
-rw-r--r--source4/libcli/security/access_check.c16
-rw-r--r--source4/libcli/security/config.mk1
-rw-r--r--source4/libcli/security/privilege.c84
-rw-r--r--source4/libcli/security/security_token.c15
5 files changed, 111 insertions, 34 deletions
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c
index c47d4f26b6..602e42a5ff 100644
--- a/source4/libcli/auth/gensec_krb5.c
+++ b/source4/libcli/auth/gensec_krb5.c
@@ -609,7 +609,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
struct auth_serversupplied_info *server_info = NULL;
struct auth_session_info *session_info = NULL;
struct PAC_LOGON_INFO *logon_info;
- struct nt_user_token *ptoken;
+ struct security_token *ptoken;
struct dom_sid *sid;
char *p;
char *principal;
@@ -684,15 +684,15 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
talloc_free(server_info);
- ptoken = talloc_p(session_info, struct nt_user_token);
- if (!ptoken) {
+ ptoken = security_token_initialise(session_info);
+ if (ptoken == NULL) {
return NT_STATUS_NO_MEMORY;
}
- ptoken->num_sids = 0;
-
- ptoken->user_sids = talloc_array_p(ptoken, struct dom_sid*, logon_info->groups_count + 2);
- if (!ptoken->user_sids) {
+ ptoken->num_sids = 0;
+ ptoken->sids = talloc_array_p(ptoken, struct dom_sid *,
+ logon_info->groups_count + 2);
+ if (!ptoken->sids) {
return NT_STATUS_NO_MEMORY;
}
@@ -702,21 +702,24 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
sid = dom_sid_dup(server_info, logon_info->dom_sid);
server_info->primary_group_sid = dom_sid_add_rid(server_info, sid, logon_info->group_rid);
- ptoken->user_sids[0] = talloc_reference(session_info, server_info->user_sid);
+ ptoken->user_sid = server_info->user_sid;
+ ptoken->group_sid = server_info->primary_group_sid;
+ ptoken->sids[0] = talloc_reference(ptoken, ptoken->user_sid);
ptoken->num_sids++;
- ptoken->user_sids[1] = talloc_reference(session_info, server_info->primary_group_sid);
+ ptoken->sids[1] = talloc_reference(ptoken, ptoken->group_sid);
ptoken->num_sids++;
- for (;ptoken->num_sids < (logon_info->groups_count + 2); ptoken->num_sids++) {
+ for (;ptoken->num_sids < (logon_info->groups_count + 2);
+ ptoken->num_sids++) {
sid = dom_sid_dup(session_info, logon_info->dom_sid);
- ptoken->user_sids[ptoken->num_sids]
+ ptoken->sids[ptoken->num_sids]
= dom_sid_add_rid(session_info, sid,
logon_info->groups[ptoken->num_sids - 2].rid);
}
- debug_nt_user_token(DBGC_AUTH, 0, ptoken);
+ debug_security_token(DBGC_AUTH, 0, ptoken);
- session_info->nt_user_token = ptoken;
+ session_info->security_token = ptoken;
} else {
TALLOC_CTX *mem_ctx = talloc_named(gensec_krb5_state, 0, "PAC-less session info discovery for %s@%s", username, realm);
if (!mem_ctx) {
diff --git a/source4/libcli/security/access_check.c b/source4/libcli/security/access_check.c
index 425a5c2b6d..c646ee693b 100644
--- a/source4/libcli/security/access_check.c
+++ b/source4/libcli/security/access_check.c
@@ -27,11 +27,12 @@
/*
check if a sid is in the supplied token
*/
-static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token)
+static BOOL sid_active_in_token(const struct dom_sid *sid,
+ const struct security_token *token)
{
int i;
for (i=0;i<token->num_sids;i++) {
- if (dom_sid_equal(sid, token->user_sids[i])) {
+ if (dom_sid_equal(sid, token->sids[i])) {
return True;
}
}
@@ -42,16 +43,15 @@ static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token
/*
perform a SEC_FLAG_MAXIMUM_ALLOWED access check
*/
-static uint32_t access_check_max_allowed(struct security_descriptor *sd,
- struct nt_user_token *token)
+static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
+ const struct security_token *token)
{
uint32_t denied = 0, granted = 0;
unsigned i;
if (sid_active_in_token(sd->owner_sid, token)) {
- granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL;
+ granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
}
- granted |= SEC_STD_DELETE;
for (i = 0;i<sd->dacl->num_aces; i++) {
struct security_ace *ace = &sd->dacl->aces[i];
@@ -77,8 +77,8 @@ static uint32_t access_check_max_allowed(struct security_descriptor *sd,
/*
the main entry point for access checking.
*/
-NTSTATUS sec_access_check(struct security_descriptor *sd,
- struct nt_user_token *token,
+NTSTATUS sec_access_check(const struct security_descriptor *sd,
+ const struct security_token *token,
uint32_t access_desired,
uint32_t *access_granted)
{
diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk
index 900dbe780a..d6896535d6 100644
--- a/source4/libcli/security/config.mk
+++ b/source4/libcli/security/config.mk
@@ -13,6 +13,7 @@ ADD_OBJ_FILES = libcli/security/security_token.o \
libcli/security/security_descriptor.o \
libcli/security/dom_sid.o \
libcli/security/access_check.o \
+ libcli/security/privilege.o \
librpc/ndr/ndr_sec.o
REQUIRED_SUBSYSTEMS = LIB_SECURITY_NDR
# End SUBSYSTEM LIB_SECURITY
diff --git a/source4/libcli/security/privilege.c b/source4/libcli/security/privilege.c
new file mode 100644
index 0000000000..1962aaa374
--- /dev/null
+++ b/source4/libcli/security/privilege.c
@@ -0,0 +1,84 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ manipulate privileges
+
+ Copyright (C) Andrew Tridgell 2004
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "librpc/gen_ndr/ndr_security.h"
+
+
+static const struct {
+ enum sec_privilege privilege;
+ const char *name;
+} privilege_names[] = {
+ {SEC_PRIV_SECURITY, "SeSecurityPrivilege"},
+ {SEC_PRIV_BACKUP, "SeBackupPrivilege"},
+ {SEC_PRIV_RESTORE, "SeRestorePrivilege"},
+ {SEC_PRIV_SYSTEMTIME, "SeSystemtimePrivilege"},
+ {SEC_PRIV_SHUTDOWN, "SeShutdownPrivilege"},
+ {SEC_PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege"},
+ {SEC_PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege"},
+ {SEC_PRIV_DEBUG, "SeDebugPrivilege"},
+ {SEC_PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege"},
+ {SEC_PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege"},
+ {SEC_PRIV_PROFILE_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege"},
+ {SEC_PRIV_INCREASE_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege"},
+ {SEC_PRIV_LOAD_DRIVER, "SeLoadDriverPrivilege"},
+ {SEC_PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege"},
+ {SEC_PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege"},
+ {SEC_PRIV_CHANGE_NOTIFY, "SeChangeNotifyPrivilege"},
+ {SEC_PRIV_UNDOCK, "SeUndockPrivilege"},
+ {SEC_PRIV_MANAGE_VOLUME, "SeManageVolumePrivilege"},
+ {SEC_PRIV_IMPERSONATE, "SeImpersonatePrivilege"},
+ {SEC_PRIV_CREATE_GLOBAL, "SeCreateGlobalPrivilege"},
+ {SEC_PRIV_ENABLE_DELEGATION, "SeEnableDelegationPrivilege"},
+ {SEC_PRIV_INTERACTIVE_LOGON, "SeInteractiveLogonRight"},
+ {SEC_PRIV_NETWORK_LOGON, "SeNetworkLogonRight"},
+ {SEC_PRIV_REMOTE_INTERACTIVE_LOGON, "SeRemoteInteractiveLogonRight"}
+};
+
+
+/*
+ map a privilege id to the wire string constant
+*/
+const char *sec_privilege_name(unsigned int privilege)
+{
+ int i;
+ for (i=0;i<ARRAY_SIZE(privilege_names);i++) {
+ if (privilege_names[i].privilege == privilege) {
+ return privilege_names[i].name;
+ }
+ }
+ return NULL;
+}
+
+/*
+ map a privilege name to a privilege id. Return -1 if not found
+*/
+int sec_privilege_id(const char *name)
+{
+ int i;
+ for (i=0;i<ARRAY_SIZE(privilege_names);i++) {
+ if (strcasecmp(privilege_names[i].name, name) == 0) {
+ return (int)privilege_names[i].privilege;
+ }
+ }
+ return -1;
+}
diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c
index 9e26f5a385..a8ce989de7 100644
--- a/source4/libcli/security/security_token.c
+++ b/source4/libcli/security/security_token.c
@@ -24,7 +24,7 @@
#include "librpc/gen_ndr/ndr_security.h"
/*
- return a blank security descriptor (no owners, dacl or sacl)
+ return a blank security token
*/
struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx)
{
@@ -35,22 +35,11 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx)
return NULL;
}
- st->flags = 0;
-
st->user_sid = NULL;
st->group_sid = NULL;
- st->logon_sid = NULL;
-
st->num_sids = 0;
st->sids = NULL;
-
- st->num_restricted_sids = 0;
- st->restricted_sids = NULL;
-
- st->num_privileges = 0;
- st->privileges = NULL;
-
- st->dacl = NULL;
+ st->privilege_mask = 0;
return st;
}