summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libcli/security/privileges.c47
-rw-r--r--source3/rpc_server/srv_lsa_nt.c12
2 files changed, 13 insertions, 46 deletions
diff --git a/libcli/security/privileges.c b/libcli/security/privileges.c
index 3012f71345..309a532831 100644
--- a/libcli/security/privileges.c
+++ b/libcli/security/privileges.c
@@ -418,29 +418,6 @@ int num_privileges_in_short_list( void )
}
/****************************************************************************
- Convert a LUID to a named string
-****************************************************************************/
-
-const char *luid_to_privilege_name(const struct lsa_LUID *set)
-{
- int i;
-
- uint32_t num_privs = ARRAY_SIZE(privs);
-
- if (set->high != 0)
- return NULL;
-
- for ( i=0; i<num_privs; i++ ) {
- if ( set->low == privs[i].luid ) {
- return privs[i].name;
- }
- }
-
- return NULL;
-}
-
-
-/****************************************************************************
add a privilege to a privilege array
****************************************************************************/
@@ -495,24 +472,6 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, uint64_t privilege_mask )
/*******************************************************************
*******************************************************************/
-static bool luid_to_se_priv( struct lsa_LUID *luid, uint64_t *privilege_mask )
-{
- int i;
- uint32_t num_privs = ARRAY_SIZE(privs);
-
- for ( i=0; i<num_privs; i++ ) {
- if ( luid->low == privs[i].luid ) {
- se_priv_copy( privilege_mask, &privs[i].privilege_mask );
- return true;
- }
- }
-
- return false;
-}
-
-/*******************************************************************
-*******************************************************************/
-
bool privilege_set_to_se_priv( uint64_t *privilege_mask, struct lsa_PrivilegeSet *privset )
{
int i;
@@ -528,8 +487,10 @@ bool privilege_set_to_se_priv( uint64_t *privilege_mask, struct lsa_PrivilegeSet
if ( privset->set[i].luid.high != 0 )
return false;
- if ( luid_to_se_priv( &privset->set[i].luid, &r ) )
- se_priv_add( privilege_mask, &r );
+ r = sec_privilege_mask(privset->set[i].luid.low);
+ if (r) {
+ *privilege_mask |= r;
+ }
}
return true;
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 8074eadb69..e8ffb5cee9 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -2082,7 +2082,11 @@ NTSTATUS _lsa_LookupPrivName(struct pipes_struct *p,
return NT_STATUS_ACCESS_DENIED;
}
- name = luid_to_privilege_name(r->in.luid);
+ if (r->in.luid->high != 0) {
+ return NT_STATUS_NO_SUCH_PRIVILEGE;
+ }
+
+ name = sec_privilege_name(r->in.luid->low);
if (!name) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
@@ -2304,8 +2308,10 @@ static NTSTATUS init_lsa_right_set(TALLOC_CTX *mem_ctx,
int num_priv = 0;
for (i=0; i<privileges->count; i++) {
-
- privname = luid_to_privilege_name(&privileges->set[i].luid);
+ if (privileges->set[i].luid.high) {
+ continue;
+ }
+ privname = sec_privilege_name(privileges->set[i].luid.low);
if (privname) {
if (!add_string_to_array(mem_ctx, privname,
&privname_array, &num_priv)) {