summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libcli/security/dom_sid.h1
-rw-r--r--libcli/security/security_token.c10
-rw-r--r--source4/rpc_server/srvsvc/dcesrv_srvsvc.c2
3 files changed, 7 insertions, 6 deletions
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index 8c60f761e4..3d1161fdc7 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -30,6 +30,7 @@ extern const struct dom_sid global_sid_World_Domain;
extern const struct dom_sid global_sid_World;
extern const struct dom_sid global_sid_Creator_Owner_Domain;
extern const struct dom_sid global_sid_NT_Authority;
+extern const struct dom_sid global_sid_Enterprise_DCs;
extern const struct dom_sid global_sid_System;
extern const struct dom_sid global_sid_NULL;
extern const struct dom_sid global_sid_Authenticated_Users;
diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c
index 03dc528b93..40f13820ee 100644
--- a/libcli/security/security_token.c
+++ b/libcli/security/security_token.c
@@ -95,12 +95,12 @@ bool security_token_is_sid_string(const struct security_token *token, const char
bool security_token_is_system(const struct security_token *token)
{
- return security_token_is_sid_string(token, SID_NT_SYSTEM);
+ return security_token_is_sid(token, &global_sid_System);
}
bool security_token_is_anonymous(const struct security_token *token)
{
- return security_token_is_sid_string(token, SID_NT_ANONYMOUS);
+ return security_token_is_sid(token, &global_sid_Anonymous);
}
bool security_token_has_sid(const struct security_token *token, const struct dom_sid *sid)
@@ -128,15 +128,15 @@ bool security_token_has_sid_string(const struct security_token *token, const cha
bool security_token_has_builtin_administrators(const struct security_token *token)
{
- return security_token_has_sid_string(token, SID_BUILTIN_ADMINISTRATORS);
+ return security_token_has_sid(token, &global_sid_Builtin_Administrators);
}
bool security_token_has_nt_authenticated_users(const struct security_token *token)
{
- return security_token_has_sid_string(token, SID_NT_AUTHENTICATED_USERS);
+ return security_token_has_sid(token, &global_sid_Authenticated_Users);
}
bool security_token_has_enterprise_dcs(const struct security_token *token)
{
- return security_token_has_sid_string(token, SID_NT_ENTERPRISE_DCS);
+ return security_token_has_sid(token, &global_sid_Enterprise_DCs);
}
diff --git a/source4/rpc_server/srvsvc/dcesrv_srvsvc.c b/source4/rpc_server/srvsvc/dcesrv_srvsvc.c
index cf3651780d..41d89a9f56 100644
--- a/source4/rpc_server/srvsvc/dcesrv_srvsvc.c
+++ b/source4/rpc_server/srvsvc/dcesrv_srvsvc.c
@@ -33,7 +33,7 @@
#define SRVSVC_CHECK_ADMIN_ACCESS do { \
struct security_token *t = dce_call->conn->auth_state.session_info->security_token; \
if (!security_token_has_builtin_administrators(t) && \
- !security_token_has_sid_string(t, SID_BUILTIN_SERVER_OPERATORS)) { \
+ !security_token_has_sid(t, &global_sid_Builtin_Server_Operators)) { \
return WERR_ACCESS_DENIED; \
} \
} while (0)