diff options
Diffstat (limited to 'source3/lib/secdesc.c')
-rw-r--r-- | source3/lib/secdesc.c | 81 |
1 files changed, 37 insertions, 44 deletions
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index f8873277cf..2f592769b3 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -49,8 +49,8 @@ size_t sec_desc_size(SEC_DESC *psd) if (psd->owner_sid != NULL) offset += sid_size(psd->owner_sid); - if (psd->grp_sid != NULL) - offset += sid_size(psd->grp_sid); + if (psd->group_sid != NULL) + offset += sid_size(psd->group_sid); if (psd->sacl != NULL) offset += psd->sacl->size; @@ -104,11 +104,11 @@ BOOL sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2) return False; } - if (!sid_equal(s1->grp_sid, s2->grp_sid)) { + if (!sid_equal(s1->group_sid, s2->group_sid)) { fstring str1, str2; - sid_to_string(str1, s1->grp_sid); - sid_to_string(str2, s2->grp_sid); + sid_to_string(str1, s1->group_sid); + sid_to_string(str2, s2->group_sid); DEBUG(10, ("sec_desc_equal(): group differs (%s != %s)\n", str1, str2)); @@ -154,13 +154,13 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU /* Copy over owner and group sids. There seems to be no flag for this so just check the pointer values. */ - owner_sid = new_sdb->sec->owner_sid ? new_sdb->sec->owner_sid : - old_sdb->sec->owner_sid; + owner_sid = new_sdb->sd->owner_sid ? new_sdb->sd->owner_sid : + old_sdb->sd->owner_sid; - group_sid = new_sdb->sec->grp_sid ? new_sdb->sec->grp_sid : - old_sdb->sec->grp_sid; + group_sid = new_sdb->sd->group_sid ? new_sdb->sd->group_sid : + old_sdb->sd->group_sid; - secdesc_type = new_sdb->sec->type; + secdesc_type = new_sdb->sd->type; /* Ignore changes to the system ACL. This has the effect of making changes through the security tab audit button not sticking. @@ -172,14 +172,14 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU /* Copy across discretionary ACL */ if (secdesc_type & SEC_DESC_DACL_PRESENT) { - dacl = new_sdb->sec->dacl; + dacl = new_sdb->sd->dacl; } else { - dacl = old_sdb->sec->dacl; + dacl = old_sdb->sd->dacl; } /* Create new security descriptor from bits */ - psd = make_sec_desc(ctx, new_sdb->sec->revision, secdesc_type, + psd = make_sec_desc(ctx, new_sdb->sd->revision, secdesc_type, owner_sid, group_sid, sacl, dacl, &secdesc_size); return_sdb = make_sec_desc_buf(ctx, secdesc_size, psd); @@ -211,15 +211,15 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type, if (dacl) dst->type |= SEC_DESC_DACL_PRESENT; - dst->off_owner_sid = 0; - dst->off_grp_sid = 0; - dst->off_sacl = 0; - dst->off_dacl = 0; + dst->owner_sid = NULL; + dst->group_sid = NULL; + dst->sacl = NULL; + dst->dacl = NULL; if(owner_sid && ((dst->owner_sid = sid_dup_talloc(ctx,owner_sid)) == NULL)) goto error_exit; - if(grp_sid && ((dst->grp_sid = sid_dup_talloc(ctx,grp_sid)) == NULL)) + if(grp_sid && ((dst->group_sid = sid_dup_talloc(ctx,grp_sid)) == NULL)) goto error_exit; if(sacl && ((dst->sacl = dup_sec_acl(ctx, sacl)) == NULL)) @@ -235,22 +235,18 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type, */ if (dst->sacl != NULL) { - dst->off_sacl = offset; offset += dst->sacl->size; } if (dst->dacl != NULL) { - dst->off_dacl = offset; offset += dst->dacl->size; } if (dst->owner_sid != NULL) { - dst->off_owner_sid = offset; offset += sid_size(dst->owner_sid); } - if (dst->grp_sid != NULL) { - dst->off_grp_sid = offset; - offset += sid_size(dst->grp_sid); + if (dst->group_sid != NULL) { + offset += sid_size(dst->group_sid); } *sd_size = (size_t)offset; @@ -274,7 +270,7 @@ SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src) return NULL; return make_sec_desc( ctx, src->revision, src->type, - src->owner_sid, src->grp_sid, src->sacl, + src->owner_sid, src->group_sid, src->sacl, src->dacl, &dummy); } @@ -301,15 +297,12 @@ SEC_DESC_BUF *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc) return NULL; /* max buffer size (allocated size) */ - dst->max_len = (uint32)len; - dst->len = (uint32)len; + dst->sd_size = (uint32)len; - if(sec_desc && ((dst->sec = dup_sec_desc(ctx, sec_desc)) == NULL)) { + if(sec_desc && ((dst->sd = dup_sec_desc(ctx, sec_desc)) == NULL)) { return NULL; } - dst->ptr = 0x1; - return dst; } @@ -322,7 +315,7 @@ SEC_DESC_BUF *dup_sec_desc_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *src) if(src == NULL) return NULL; - return make_sec_desc_buf( ctx, src->len, src->sec); + return make_sec_desc_buf( ctx, src->sd_size, src->sd); } /******************************************************************* @@ -341,7 +334,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 *sd_size = 0; - status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid, mask); + status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->aces, &psd[0]->dacl->num_aces, sid, mask); if (!NT_STATUS_IS_OK(status)) return status; @@ -350,7 +343,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 return NT_STATUS_UNSUCCESSFUL; if (!(sd = make_sec_desc(ctx, psd[0]->revision, psd[0]->type, psd[0]->owner_sid, - psd[0]->grp_sid, psd[0]->sacl, dacl, sd_size))) + psd[0]->group_sid, psd[0]->sacl, dacl, sd_size))) return NT_STATUS_UNSUCCESSFUL; *psd = sd; @@ -369,7 +362,7 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask) if (!sd || !sid) return NT_STATUS_INVALID_PARAMETER; - status = sec_ace_mod_sid(sd->dacl->ace, sd->dacl->num_aces, sid, mask); + status = sec_ace_mod_sid(sd->dacl->aces, sd->dacl->num_aces, sid, mask); if (!NT_STATUS_IS_OK(status)) return status; @@ -393,7 +386,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size = 0; - status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid); + status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->aces, &psd[0]->dacl->num_aces, sid); if (!NT_STATUS_IS_OK(status)) return status; @@ -402,7 +395,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t return NT_STATUS_UNSUCCESSFUL; if (!(sd = make_sec_desc(ctx, psd[0]->revision, psd[0]->type, psd[0]->owner_sid, - psd[0]->grp_sid, psd[0]->sacl, dacl, sd_size))) + psd[0]->group_sid, psd[0]->sacl, dacl, sd_size))) return NT_STATUS_UNSUCCESSFUL; *psd = sd; @@ -434,7 +427,7 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, return NULL; for (i = 0; i < the_acl->num_aces; i++) { - SEC_ACE *ace = &the_acl->ace[i]; + SEC_ACE *ace = &the_acl->aces[i]; SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx]; uint8 new_flags = 0; BOOL inherit = False; @@ -490,17 +483,17 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, if (!inherit) continue; - init_sec_access(&new_ace->info, ace->info.mask); + init_sec_access(&new_ace->access_mask, ace->access_mask); init_sec_ace(new_ace, &ace->trustee, ace->type, - new_ace->info, new_flags); + new_ace->access_mask, new_flags); sid_to_string(sid_str, &ace->trustee); DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x " " inherited as %s:%d/0x%02x/0x%08x\n", sid_str, - ace->type, ace->flags, ace->info.mask, + ace->type, ace->flags, ace->access_mask, sid_str, new_ace->type, new_ace->flags, - new_ace->info.mask)); + new_ace->access_mask)); new_ace_list_ndx++; } @@ -515,7 +508,7 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, parent_ctr->owner_sid, - parent_ctr->grp_sid, + parent_ctr->group_sid, parent_ctr->sacl, new_dacl, &size); @@ -528,9 +521,9 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, Sets up a SEC_ACCESS structure. ********************************************************************/ -void init_sec_access(SEC_ACCESS *t, uint32 mask) +void init_sec_access(uint32 *t, uint32 mask) { - t->mask = mask; + *t = mask; } |