diff options
-rw-r--r-- | libcli/security/privileges.c | 20 | ||||
-rw-r--r-- | libcli/security/privileges.h | 2 | ||||
-rw-r--r-- | libcli/security/security_token.c | 10 | ||||
-rw-r--r-- | libcli/security/security_token.h | 2 | ||||
-rw-r--r-- | source4/auth/session.c | 2 | ||||
-rw-r--r-- | source4/dsdb/samdb/samdb.c | 2 | ||||
-rw-r--r-- | source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 2 | ||||
-rw-r--r-- | source4/rpc_server/drsuapi/drsutil.c | 4 |
8 files changed, 23 insertions, 21 deletions
diff --git a/libcli/security/privileges.c b/libcli/security/privileges.c index 65000aa754..5d4cf77490 100644 --- a/libcli/security/privileges.c +++ b/libcli/security/privileges.c @@ -443,31 +443,33 @@ void security_token_set_right_bit(struct security_token *token, uint32_t right_b token->rights_mask |= right_bit; } -void security_token_debug_privileges(int dbg_lev, const struct security_token *token) +void security_token_debug_privileges(int dbg_class, int dbg_lev, const struct security_token *token) { - DEBUGADD(dbg_lev, (" Privileges (0x%16llX):\n", - (unsigned long long) token->privilege_mask)); + DEBUGADDC(dbg_class, dbg_lev, (" Privileges (0x%16llX):\n", + (unsigned long long) token->privilege_mask)); if (token->privilege_mask) { int idx = 0; int i = 0; for (idx = 0; idx<ARRAY_SIZE(privs); idx++) { if (token->privilege_mask & privs[idx].privilege_mask) { - DEBUGADD(dbg_lev, (" Privilege[%3lu]: %s\n", (unsigned long)i++, - privs[idx].name)); + DEBUGADDC(dbg_class, dbg_lev, + (" Privilege[%3lu]: %s\n", (unsigned long)i++, + privs[idx].name)); } } } - DEBUGADD(dbg_lev, (" Rights (0x%16lX):\n", - (unsigned long) token->rights_mask)); + DEBUGADDC(dbg_class, dbg_lev, (" Rights (0x%16lX):\n", + (unsigned long) token->rights_mask)); if (token->rights_mask) { int idx = 0; int i = 0; for (idx = 0; idx<ARRAY_SIZE(rights); idx++) { if (token->rights_mask & rights[idx].right_mask) { - DEBUGADD(dbg_lev, (" Right[%3lu]: %s\n", (unsigned long)i++, - rights[idx].name)); + DEBUGADDC(dbg_class, dbg_lev, + (" Right[%3lu]: %s\n", (unsigned long)i++, + rights[idx].name)); } } } diff --git a/libcli/security/privileges.h b/libcli/security/privileges.h index f67a38bc27..a65dbdfcd7 100644 --- a/libcli/security/privileges.h +++ b/libcli/security/privileges.h @@ -98,6 +98,6 @@ void security_token_set_privilege(struct security_token *token, enum sec_privile */ void security_token_set_right_bit(struct security_token *token, uint32_t right_bit); -void security_token_debug_privileges(int dbg_lev, const struct security_token *token); +void security_token_debug_privileges(int dbg_class, int dbg_lev, const struct security_token *token); #endif /* PRIVILEGES_H */ diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c index 4e5aff87da..03dc528b93 100644 --- a/libcli/security/security_token.c +++ b/libcli/security/security_token.c @@ -44,13 +44,13 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx) /**************************************************************************** prints a struct security_token to debug output. ****************************************************************************/ -void security_token_debug(int dbg_lev, const struct security_token *token) +void security_token_debug(int dbg_class, int dbg_lev, const struct security_token *token) { TALLOC_CTX *mem_ctx; uint32_t i; if (!token) { - DEBUG(dbg_lev, ("Security token: (NULL)\n")); + DEBUGC(dbg_class, dbg_lev, ("Security token: (NULL)\n")); return; } @@ -59,14 +59,14 @@ void security_token_debug(int dbg_lev, const struct security_token *token) return; } - DEBUG(dbg_lev, ("Security token SIDs (%lu):\n", + DEBUGC(dbg_class, dbg_lev, ("Security token SIDs (%lu):\n", (unsigned long)token->num_sids)); for (i = 0; i < token->num_sids; i++) { - DEBUGADD(dbg_lev, (" SID[%3lu]: %s\n", (unsigned long)i, + DEBUGADDC(dbg_class, dbg_lev, (" SID[%3lu]: %s\n", (unsigned long)i, dom_sid_string(mem_ctx, &token->sids[i]))); } - security_token_debug_privileges(dbg_lev, token); + security_token_debug_privileges(dbg_class, dbg_lev, token); talloc_free(mem_ctx); } diff --git a/libcli/security/security_token.h b/libcli/security/security_token.h index 87978e2811..b8ca990035 100644 --- a/libcli/security/security_token.h +++ b/libcli/security/security_token.h @@ -37,7 +37,7 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx); /**************************************************************************** prints a struct security_token to debug output. ****************************************************************************/ -void security_token_debug(int dbg_lev, const struct security_token *token); +void security_token_debug(int dbg_class, int dbg_lev, const struct security_token *token); bool security_token_is_sid(const struct security_token *token, const struct dom_sid *sid); diff --git a/source4/auth/session.c b/source4/auth/session.c index ce7ea3b64c..dce00b9043 100644 --- a/source4/auth/session.c +++ b/source4/auth/session.c @@ -213,6 +213,6 @@ void auth_session_info_debug(int dbg_lev, return; } - security_token_debug(dbg_lev, session_info->security_token); + security_token_debug(0, dbg_lev, session_info->security_token); } diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index d8c1728d3f..c7d2c3085d 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -230,7 +230,7 @@ NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, return status; } - security_token_debug(10, ptoken); + security_token_debug(0, 10, ptoken); *token = ptoken; diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c index 4fb8c6ed69..7b48521a6d 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c @@ -826,7 +826,7 @@ static WERROR dcesrv_drsuapi_DsReplicaGetInfo(struct dcesrv_call_state *dce_call level = security_session_user_level(dce_call->conn->auth_state.session_info, NULL); if (level < SECURITY_ADMINISTRATOR) { DEBUG(1,(__location__ ": Administrator access required for DsReplicaGetInfo\n")); - security_token_debug(2, dce_call->conn->auth_state.session_info->security_token); + security_token_debug(0, 2, dce_call->conn->auth_state.session_info->security_token); return WERR_DS_DRA_ACCESS_DENIED; } } diff --git a/source4/rpc_server/drsuapi/drsutil.c b/source4/rpc_server/drsuapi/drsutil.c index ca2d3863c5..0a4bd1ffcc 100644 --- a/source4/rpc_server/drsuapi/drsutil.c +++ b/source4/rpc_server/drsuapi/drsutil.c @@ -102,7 +102,7 @@ WERROR drs_security_level_check(struct dcesrv_call_state *dce_call, if (call) { DEBUG(0,("%s refused for security token (level=%u)\n", call, (unsigned)level)); - security_token_debug(2, dce_call->conn->auth_state.session_info->security_token); + security_token_debug(0, 2, dce_call->conn->auth_state.session_info->security_token); } return WERR_DS_DRA_ACCESS_DENIED; } @@ -165,7 +165,7 @@ static WERROR drs_security_access_check_log(struct ldb_context *sam_ctx, if (ret == LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS) { DEBUG(3,("%s refused for security token on %s\n", ext_right, ldb_dn_get_linearized(dn))); - security_token_debug(2, token); + security_token_debug(2, 0, token); return WERR_DS_DRA_ACCESS_DENIED; } else if (ret != LDB_SUCCESS) { DEBUG(1,("Failed to perform access check on %s\n", ldb_dn_get_linearized(dn))); |