summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_util.c4
-rw-r--r--source3/auth/token_util.c12
-rw-r--r--source3/include/auth.h2
-rw-r--r--source3/include/proto.h44
-rw-r--r--source3/include/registry.h2
-rw-r--r--source3/include/smb.h4
-rw-r--r--source3/lib/privileges_basic.c4
-rw-r--r--source3/lib/sharesec.c2
-rw-r--r--source3/lib/util_nttoken.c8
-rw-r--r--source3/lib/util_seaccess.c6
-rw-r--r--source3/lib/util_sid.c8
-rw-r--r--source3/registry/reg_util_token.c6
-rw-r--r--source3/registry/reg_util_token.h2
-rw-r--r--source3/rpc_server/srv_eventlog_nt.c2
-rw-r--r--source3/rpc_server/srv_samr_nt.c4
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c18
-rw-r--r--source3/rpc_server/srv_svcctl_nt.c8
-rw-r--r--source3/services/services_db.c10
-rw-r--r--source3/smbd/globals.h2
-rw-r--r--source3/smbd/open.c2
-rw-r--r--source3/smbd/sec_ctx.c2
-rw-r--r--source3/smbd/uid.c2
-rw-r--r--source3/utils/net_proto.h8
-rw-r--r--source3/utils/net_registry.c2
-rw-r--r--source3/utils/net_rpc.c14
-rw-r--r--source3/winbindd/winbindd_proto.h8
26 files changed, 92 insertions, 94 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 9dbe04f4ca..5e3091c7ae 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -388,7 +388,7 @@ bool make_user_info_guest(struct auth_usersupplied_info **user_info)
return NT_STATUS_IS_OK(nt_status) ? True : False;
}
-static NTSTATUS log_nt_token(NT_USER_TOKEN *token)
+static NTSTATUS log_nt_token(struct security_token *token)
{
TALLOC_CTX *frame = talloc_stackframe();
char *command;
@@ -929,7 +929,7 @@ const struct auth_serversupplied_info *get_server_info_system(void)
bool copy_current_user(struct current_user *dst, struct current_user *src)
{
gid_t *groups;
- NT_USER_TOKEN *nt_token;
+ struct security_token *nt_token;
groups = (gid_t *)memdup(src->ut.groups,
sizeof(gid_t) * src->ut.ngroups);
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index e9eee90d70..46637b348b 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -31,10 +31,10 @@
#include "../librpc/gen_ndr/netlogon.h"
/****************************************************************************
- Check for a SID in an NT_USER_TOKEN
+ Check for a SID in an struct security_token
****************************************************************************/
-bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token )
+bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token )
{
int i;
@@ -49,7 +49,7 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token
return False;
}
-bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
+bool nt_token_check_domain_rid( struct security_token *token, uint32 rid )
{
struct dom_sid domain_sid;
@@ -79,7 +79,7 @@ bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
Create a copy if your need to change it.
******************************************************************************/
-NT_USER_TOKEN *get_root_nt_token( void )
+struct security_token *get_root_nt_token( void )
{
struct security_token *token, *for_cache;
struct dom_sid u_sid, g_sid;
@@ -649,10 +649,10 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result,
}
/****************************************************************************
- prints a NT_USER_TOKEN to debug output.
+ prints a struct security_token to debug output.
****************************************************************************/
-void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token)
+void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token)
{
size_t i;
diff --git a/source3/include/auth.h b/source3/include/auth.h
index 659c6be103..94bd026709 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -34,7 +34,7 @@ struct auth_serversupplied_info {
/* NT group information taken from the info3 structure */
- NT_USER_TOKEN *ptok;
+ struct security_token *ptok;
/* This is the final session key, as used by SMB signing, and
* (truncated to 16 bytes) encryption on the SAMR and LSA pipes
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 76ef9aa36d..9ee09eb7fe 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -241,9 +241,9 @@ NTSTATUS pass_check(const struct passwd *pass,
/* The following definitions come from auth/token_util.c */
-bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
-bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
-NT_USER_TOKEN *get_root_nt_token( void );
+bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
+bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
+struct security_token *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
struct security_token *token);
NTSTATUS create_builtin_users(const struct dom_sid *sid);
@@ -258,7 +258,7 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 *info3,
struct extra_auth_info *extra,
struct security_token **ntok);
-void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
+void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups);
@@ -663,8 +663,8 @@ void dump_se_priv( int dbg_cl, int dbg_lvl, const uint64_t *mask );
bool is_privilege_assigned(const uint64_t *privileges,
const uint64_t *check);
const char* get_privilege_dispname( const char *name );
-bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege);
-bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege);
+bool user_has_privileges(const struct security_token *token, const uint64_t *privilege);
+bool user_has_any_privilege(struct security_token *token, const uint64_t *privilege);
int count_all_privileges( void );
struct lsa_LUIDAttribute get_privilege_luid( uint64_t *mask );
const char *luid_to_privilege_name(const struct lsa_LUID *set);
@@ -756,7 +756,7 @@ struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *ser
size_t *psize);
bool set_share_security(const char *share_name, struct security_descriptor *psd);
bool delete_share_security(const char *servicename);
-bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
+bool share_access_check(const struct security_token *token, const char *sharename,
uint32 desired_access);
bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd);
@@ -1286,12 +1286,12 @@ void smb_nscd_flush_group_cache(void);
/* The following definitions come from lib/util_nttoken.c */
-NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken);
+struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_token *ptoken);
NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
const struct security_token *token_1,
const struct security_token *token_2,
struct security_token **token_out);
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
+bool token_sid_in_ace(const struct security_token *token, const struct security_ace *ace);
/* The following definitions come from lib/util_pw.c */
@@ -1314,7 +1314,7 @@ bool pull_reg_multi_sz(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const char **
void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping);
void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping);
void se_map_standard(uint32 *access_mask, const struct standard_mapping *mapping);
-NTSTATUS se_access_check(const struct security_descriptor *sd, const NT_USER_TOKEN *token,
+NTSTATUS se_access_check(const struct security_descriptor *sd, const struct security_token *token,
uint32 acc_desired, uint32 *acc_granted);
/* The following definitions come from lib/util_sec.c */
@@ -1339,7 +1339,7 @@ bool is_setuid_root(void) ;
/* The following definitions come from lib/util_sid.c */
const char *sid_type_lookup(uint32 sid_type) ;
-NT_USER_TOKEN *get_system_token(void) ;
+struct security_token *get_system_token(void) ;
char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid);
char *sid_string_talloc(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
char *sid_string_dbg(const struct dom_sid *sid);
@@ -1368,7 +1368,7 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t
bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
uint32 rid, uint32 **pp_rids, size_t *p_num);
bool is_null_sid(const struct dom_sid *sid);
-bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid);
+bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid);
NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
const struct netr_SamInfo3 *info3,
struct dom_sid **user_sids,
@@ -4450,11 +4450,11 @@ bool init_service_op_table( void );
/* The following definitions come from services/services_db.c */
void svcctl_init_keys( void );
-struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
-bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token );
-const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
-const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
-struct regval_ctr *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token );
+struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token );
+bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token );
+const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token );
+const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token );
+struct regval_ctr *svcctl_fetch_regvalues( const char *name, struct security_token *token );
/* The following definitions come from services/svc_netlogon.c */
@@ -5033,7 +5033,7 @@ void reply_nttranss(struct smb_request *req);
NTSTATUS smb1_file_se_access_check(connection_struct *conn,
const struct security_descriptor *sd,
- const NT_USER_TOKEN *token,
+ const struct security_token *token,
uint32_t access_desired,
uint32_t *access_granted);
NTSTATUS fd_close(files_struct *fsp);
@@ -5409,7 +5409,7 @@ void server_encryption_shutdown(void);
bool unix_token_equal(const UNIX_USER_TOKEN *t1, const UNIX_USER_TOKEN *t2);
bool push_sec_ctx(void);
-void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token);
+void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token);
void set_root_sec_ctx(void);
bool pop_sec_ctx(void);
void init_sec_ctx(void);
@@ -5575,7 +5575,7 @@ bool unbecome_user(void);
uid_t get_current_uid(connection_struct *conn);
gid_t get_current_gid(connection_struct *conn);
const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn);
-const NT_USER_TOKEN *get_current_nttok(connection_struct *conn);
+const struct security_token *get_current_nttok(connection_struct *conn);
uint16_t get_current_vuid(connection_struct *conn);
/* The following definitions come from smbd/utmp.c */
@@ -5666,11 +5666,11 @@ struct tevent_req *fncall_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
int fncall_recv(struct tevent_req *req, int *perr);
/* The following definitions come from rpc_server/srv_samr_nt.c */
-NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
+NTSTATUS access_check_object( struct security_descriptor *psd, struct security_token *token,
uint64_t *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug);
-void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
+void map_max_allowed_access(const struct security_token *nt_token,
const struct unix_user_token *unix_token,
uint32_t *pacc_requested);
diff --git a/source3/include/registry.h b/source3/include/registry.h
index 303b7ed06d..66a364d97d 100644
--- a/source3/include/registry.h
+++ b/source3/include/registry.h
@@ -49,7 +49,7 @@ struct registry_ops {
bool (*store_values)( const char *key, struct regval_ctr *val );
bool (*reg_access_check)( const char *keyname, uint32 requested,
uint32 *granted,
- const NT_USER_TOKEN *token );
+ const struct security_token *token );
WERROR (*get_secdesc)(TALLOC_CTX *mem_ctx, const char *key,
struct security_descriptor **psecdesc);
WERROR (*set_secdesc)(const char *key,
diff --git a/source3/include/smb.h b/source3/include/smb.h
index e9b85beab1..62c901c021 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -232,8 +232,6 @@ extern const struct dom_sid global_sid_Unix_Groups;
#define PRIMARY_USER_SID_INDEX 0
#define PRIMARY_GROUP_SID_INDEX 1
-typedef struct security_token NT_USER_TOKEN;
-
typedef struct unix_user_token {
uid_t uid;
gid_t gid;
@@ -551,7 +549,7 @@ struct current_user {
connection_struct *conn;
uint16 vuid;
UNIX_USER_TOKEN ut;
- NT_USER_TOKEN *nt_user_token;
+ struct security_token *nt_user_token;
};
struct smbd_smb2_request;
diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c
index 4922435a95..c6705c5f55 100644
--- a/source3/lib/privileges_basic.c
+++ b/source3/lib/privileges_basic.c
@@ -281,7 +281,7 @@ const char* get_privilege_dispname( const char *name )
at a time here.
*****************************************************************************/
-bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege)
+bool user_has_privileges(const struct security_token *token, const uint64_t *privilege)
{
if ( !token )
return False;
@@ -294,7 +294,7 @@ bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege)
at a time here.
*****************************************************************************/
-bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege)
+bool user_has_any_privilege(struct security_token *token, const uint64_t *privilege)
{
if ( !token )
return False;
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index 1b137a66db..3c19e77fcc 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -407,7 +407,7 @@ bool delete_share_security(const char *servicename)
Can this user access with share with the required permissions ?
********************************************************************/
-bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
+bool share_access_check(const struct security_token *token, const char *sharename,
uint32 desired_access)
{
uint32 granted;
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 3be5634a06..8efebaf9eb 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -31,14 +31,14 @@
Duplicate a SID token.
****************************************************************************/
-NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken)
+struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_token *ptoken)
{
- NT_USER_TOKEN *token;
+ struct security_token *token;
if (!ptoken)
return NULL;
- token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
+ token = TALLOC_ZERO_P(mem_ctx, struct security_token);
if (token == NULL) {
DEBUG(0, ("talloc failed\n"));
return NULL;
@@ -120,7 +120,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
Check if this struct security_ace has a SID in common with the token.
********************************************************************/
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
+bool token_sid_in_ace(const struct security_token *token, const struct security_ace *ace)
{
size_t i;
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index b81db43d03..3bedec6865 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -22,7 +22,7 @@
#include "includes.h"
-extern NT_USER_TOKEN anonymous_token;
+extern struct security_token anonymous_token;
/* Map generic access rights to object specific rights. This technique is
used to give meaning to assigning read, write, execute and all access to
@@ -106,7 +106,7 @@ void se_map_standard(uint32 *access_mask, const struct standard_mapping *mapping
perform a SEC_FLAG_MAXIMUM_ALLOWED access check
*/
static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
- const NT_USER_TOKEN *token)
+ const struct security_token *token)
{
uint32_t denied = 0, granted = 0;
unsigned i;
@@ -154,7 +154,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
to by the access_granted pointer.
*/
NTSTATUS se_access_check(const struct security_descriptor *sd,
- const NT_USER_TOKEN *token,
+ const struct security_token *token,
uint32_t access_desired,
uint32_t *access_granted)
{
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 459636d5fc..0e5c204378 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -107,11 +107,11 @@ static struct dom_sid anon_sid_array[3] =
{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
{ 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
{ 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
-NT_USER_TOKEN anonymous_token = { 3, anon_sid_array, SE_NONE };
+struct security_token anonymous_token = { 3, anon_sid_array, SE_NONE };
static struct dom_sid system_sid_array[1] =
{ { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
-NT_USER_TOKEN system_token = { 1, system_sid_array, SE_ALL_PRIVS };
+struct security_token system_token = { 1, system_sid_array, SE_ALL_PRIVS };
/****************************************************************************
Lookup string names for SID types.
@@ -153,7 +153,7 @@ const char *sid_type_lookup(uint32 sid_type)
Create the SYSTEM token.
***************************************************************************/
-NT_USER_TOKEN *get_system_token(void)
+struct security_token *get_system_token(void)
{
return &system_token;
}
@@ -668,7 +668,7 @@ bool is_null_sid(const struct dom_sid *sid)
return sid_equal(sid, &null_sid);
}
-bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid)
+bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid)
{
int i;
diff --git a/source3/registry/reg_util_token.c b/source3/registry/reg_util_token.c
index f8cd5c590f..898b64b2a7 100644
--- a/source3/registry/reg_util_token.c
+++ b/source3/registry/reg_util_token.c
@@ -28,16 +28,16 @@
* - disk operators privilege
*/
NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
- NT_USER_TOKEN **ptoken)
+ struct security_token **ptoken)
{
NTSTATUS status;
- NT_USER_TOKEN *token = NULL;
+ struct security_token *token = NULL;
if (ptoken == NULL) {
return NT_STATUS_INVALID_PARAMETER;
}
- token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
+ token = TALLOC_ZERO_P(mem_ctx, struct security_token);
if (token == NULL) {
DEBUG(1, ("talloc failed\n"));
status = NT_STATUS_NO_MEMORY;
diff --git a/source3/registry/reg_util_token.h b/source3/registry/reg_util_token.h
index 80cec49fcc..558c78728a 100644
--- a/source3/registry/reg_util_token.h
+++ b/source3/registry/reg_util_token.h
@@ -21,6 +21,6 @@
#define _REG_UTIL_TOKEN_H
NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
- NT_USER_TOKEN **ptoken);
+ struct security_token **ptoken);
#endif /* _REG_UTIL_TOKEN_H */
diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c
index 33212b961f..1fc9337a56 100644
--- a/source3/rpc_server/srv_eventlog_nt.c
+++ b/source3/rpc_server/srv_eventlog_nt.c
@@ -69,7 +69,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( struct pipes_struct * p,
/********************************************************************
********************************************************************/
-static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
+static bool elog_check_access( EVENTLOG_INFO *info, struct security_token *token )
{
char *tdbname = elog_tdbname(talloc_tos(), info->logname );
struct security_descriptor *sec_desc;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 87e50a5d40..7755b3b7c3 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -179,7 +179,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, struct security_descriptor
level of access for further checks.
********************************************************************/
-NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
+NTSTATUS access_check_object( struct security_descriptor *psd, struct security_token *token,
uint64_t *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug )
@@ -241,7 +241,7 @@ done:
Map any MAXIMUM_ALLOWED_ACCESS request to a valid access set.
********************************************************************/
-void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
+void map_max_allowed_access(const struct security_token *nt_token,
const struct unix_user_token *unix_token,
uint32_t *pacc_requested)
{
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 9a9e3f52f1..58896b3c49 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -150,7 +150,7 @@ const struct standard_mapping printserver_std_mapping = {
struct xcv_api_table {
const char *name;
- WERROR(*fn) (TALLOC_CTX *mem_ctx, NT_USER_TOKEN *token, DATA_BLOB *in, DATA_BLOB *out, uint32_t *needed);
+ WERROR(*fn) (TALLOC_CTX *mem_ctx, struct security_token *token, DATA_BLOB *in, DATA_BLOB *out, uint32_t *needed);
};
static void prune_printername_cache(void);
@@ -357,7 +357,7 @@ static bool close_printer_handle(struct pipes_struct *p, struct policy_handle *h
Delete a printer given a handle.
****************************************************************************/
-static WERROR delete_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
+static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
const char *sharename,
struct messaging_context *msg_ctx)
{
@@ -5859,7 +5859,7 @@ static bool check_printer_ok(TALLOC_CTX *mem_ctx,
/****************************************************************************
****************************************************************************/
-static WERROR add_port_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, const char *portname, const char *uri)
+static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const char *portname, const char *uri)
{
char *cmd = lp_addport_cmd();
char *command = NULL;
@@ -5908,7 +5908,7 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, const char *p
/****************************************************************************
****************************************************************************/
-static bool add_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
+static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
struct spoolss_SetPrinterInfo2 *info2,
const char *remote_machine,
struct messaging_context *msg_ctx)
@@ -9540,7 +9540,7 @@ static bool push_monitorui_buf(TALLOC_CTX *mem_ctx, DATA_BLOB *buf,
*******************************************************************/
static WERROR xcvtcp_monitorui(TALLOC_CTX *mem_ctx,
- NT_USER_TOKEN *token, DATA_BLOB *in,
+ struct security_token *token, DATA_BLOB *in,
DATA_BLOB *out, uint32_t *needed)
{
const char *dllname = "tcpmonui.dll";
@@ -9595,7 +9595,7 @@ static bool pull_port_data_2(TALLOC_CTX *mem_ctx,
*******************************************************************/
static WERROR xcvtcp_addport(TALLOC_CTX *mem_ctx,
- NT_USER_TOKEN *token, DATA_BLOB *in,
+ struct security_token *token, DATA_BLOB *in,
DATA_BLOB *out, uint32_t *needed)
{
struct spoolss_PortData1 port1;
@@ -9687,7 +9687,7 @@ struct xcv_api_table xcvtcp_cmds[] = {
};
static WERROR process_xcvtcp_command(TALLOC_CTX *mem_ctx,
- NT_USER_TOKEN *token, const char *command,
+ struct security_token *token, const char *command,
DATA_BLOB *inbuf,
DATA_BLOB *outbuf,
uint32_t *needed )
@@ -9709,7 +9709,7 @@ static WERROR process_xcvtcp_command(TALLOC_CTX *mem_ctx,
#if 0 /* don't support management using the "Local Port" monitor */
static WERROR xcvlocal_monitorui(TALLOC_CTX *mem_ctx,
- NT_USER_TOKEN *token, DATA_BLOB *in,
+ struct security_token *token, DATA_BLOB *in,
DATA_BLOB *out, uint32_t *needed)
{
const char *dllname = "localui.dll";
@@ -9746,7 +9746,7 @@ struct xcv_api_table xcvlocal_cmds[] = {
*******************************************************************/
static WERROR process_xcvlocal_command(TALLOC_CTX *mem_ctx,
- NT_USER_TOKEN *token, const char *command,
+ struct security_token *token, const char *command,
DATA_BLOB *inbuf, DATA_BLOB *outbuf,
uint32_t *needed)
{
diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c
index e605109282..e55978c660 100644
--- a/source3/rpc_server/srv_svcctl_nt.c
+++ b/source3/rpc_server/srv_svcctl_nt.c
@@ -123,7 +123,7 @@ static struct service_control_op* find_service_by_name( const char *name )
/********************************************************************
********************************************************************/
-static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, NT_USER_TOKEN *token,
+static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, struct security_token *token,
uint32 access_desired, uint32 *access_granted )
{
if ( geteuid() == sec_initial_uid() ) {
@@ -387,7 +387,7 @@ WERROR _svcctl_QueryServiceStatus(struct pipes_struct *p,
/********************************************************************
********************************************************************/
-static int enumerate_status( TALLOC_CTX *ctx, struct ENUM_SERVICE_STATUSW **status, NT_USER_TOKEN *token )
+static int enumerate_status( TALLOC_CTX *ctx, struct ENUM_SERVICE_STATUSW **status, struct security_token *token )
{
int num_services = 0;
int i;
@@ -430,7 +430,7 @@ WERROR _svcctl_EnumServicesStatusW(struct pipes_struct *p,
size_t buffer_size = 0;
WERROR result = WERR_OK;
SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
- NT_USER_TOKEN *token = p->server_info->ptok;
+ struct security_token *token = p->server_info->ptok;
DATA_BLOB blob = data_blob_null;
/* perform access checks */
@@ -642,7 +642,7 @@ WERROR _svcctl_QueryServiceStatusEx(struct pipes_struct *p,
static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name,
struct QUERY_SERVICE_CONFIG *config,
- NT_USER_TOKEN *token )
+ struct security_token *token )
{
struct regval_ctr *values;
struct regval_blob *val;
diff --git a/source3/services/services_db.c b/source3/services/services_db.c
index 2672b95bca..0afc6c16b4 100644
--- a/source3/services/services_db.c
+++ b/source3/services/services_db.c
@@ -502,7 +502,7 @@ void svcctl_init_keys( void )
in case of any failure.
********************************************************************/
-struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
struct registry_key_handle *key = NULL;
struct regval_ctr *values = NULL;
@@ -564,7 +564,7 @@ done:
Wrapper to make storing a Service sd easier
********************************************************************/
-bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token )
+bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token )
{
struct registry_key_handle *key = NULL;
WERROR wresult;
@@ -618,7 +618,7 @@ bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_desc
/********************************************************************
********************************************************************/
-const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
const char *display_name = NULL;
struct registry_key_handle *key = NULL;
@@ -671,7 +671,7 @@ fail:
/********************************************************************
********************************************************************/
-const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token )
{
const char *description = NULL;
struct registry_key_handle *key = NULL;
@@ -722,7 +722,7 @@ const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER
/********************************************************************
********************************************************************/
-struct regval_ctr *svcctl_fetch_regvalues(const char *name, NT_USER_TOKEN *token)
+struct regval_ctr *svcctl_fetch_regvalues(const char *name, struct security_token *token)
{
struct registry_key_handle *key = NULL;
struct regval_ctr *values = NULL;
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index c4d65aa565..923dd1763c 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -85,7 +85,7 @@ extern struct smb_srv_trans_enc_ctx *srv_trans_enc_ctx;
struct sec_ctx {
UNIX_USER_TOKEN ut;
- NT_USER_TOKEN *token;
+ struct security_token *token;
};
/* A stack of security contexts. We include the current context as being
the first one, so there is room for another MAX_SEC_CTX_DEPTH more. */
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 2009d2ab15..e9f0e6cd4f 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -56,7 +56,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
const struct security_descriptor *sd,
- const NT_USER_TOKEN *token,
+ const struct security_token *token,
uint32_t access_desired,
uint32_t *access_granted)
{
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index 4b9e5d4727..017613cf1e 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -300,7 +300,7 @@ static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *grou
Set the current security context to a given user.
****************************************************************************/
-void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token)
+void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token)
{
struct sec_ctx *ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index d7ede293c1..3b40cefd36 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -538,7 +538,7 @@ const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn)
return &current_user.ut;
}
-const NT_USER_TOKEN *get_current_nttok(connection_struct *conn)
+const struct security_token *get_current_nttok(connection_struct *conn)
{
return current_user.nt_user_token;
}
diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h
index 1941418a1b..b06b7f9771 100644
--- a/source3/utils/net_proto.h
+++ b/source3/utils/net_proto.h
@@ -26,9 +26,9 @@
/* The following definitions come from auth/token_util.c */
-bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
-bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
-NT_USER_TOKEN *get_root_nt_token( void );
+bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
+bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
+struct security_token *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
struct security_token *token);
struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
@@ -36,7 +36,7 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
bool is_guest,
int num_groupsids,
const struct dom_sid *groupsids);
-void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
+void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups);
diff --git a/source3/utils/net_registry.c b/source3/utils/net_registry.c
index f90d05454b..31703223e9 100644
--- a/source3/utils/net_registry.c
+++ b/source3/utils/net_registry.c
@@ -41,7 +41,7 @@ static WERROR open_hive(TALLOC_CTX *ctx, const char *path,
char **subkeyname)
{
WERROR werr;
- NT_USER_TOKEN *token = NULL;
+ struct security_token *token = NULL;
char *hivename = NULL;
char *tmp_subkeyname = NULL;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 4dd00d3dc2..671f7e81e9 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -4114,7 +4114,7 @@ static NTSTATUS rpc_aliaslist_internals(struct net_context *c,
return result;
}
-static void init_user_token(NT_USER_TOKEN *token, struct dom_sid *user_sid)
+static void init_user_token(struct security_token *token, struct dom_sid *user_sid)
{
token->num_sids = 4;
@@ -4130,12 +4130,12 @@ static void init_user_token(NT_USER_TOKEN *token, struct dom_sid *user_sid)
sid_copy(&token->sids[3], &global_sid_Authenticated_Users);
}
-static void free_user_token(NT_USER_TOKEN *token)
+static void free_user_token(struct security_token *token)
{
SAFE_FREE(token->sids);
}
-static void add_sid_to_token(NT_USER_TOKEN *token, struct dom_sid *sid)
+static void add_sid_to_token(struct security_token *token, struct dom_sid *sid)
{
if (is_sid_in_token(token, sid))
return;
@@ -4152,7 +4152,7 @@ static void add_sid_to_token(NT_USER_TOKEN *token, struct dom_sid *sid)
struct user_token {
fstring name;
- NT_USER_TOKEN token;
+ struct security_token token;
};
static void dump_user_token(struct user_token *token)
@@ -4178,7 +4178,7 @@ static bool is_alias_member(struct dom_sid *sid, struct full_alias *alias)
return false;
}
-static void collect_sid_memberships(NT_USER_TOKEN *token, struct dom_sid sid)
+static void collect_sid_memberships(struct security_token *token, struct dom_sid sid)
{
int i;
@@ -4195,7 +4195,7 @@ static void collect_sid_memberships(NT_USER_TOKEN *token, struct dom_sid sid)
* add them to the token.
*/
-static void collect_alias_memberships(NT_USER_TOKEN *token)
+static void collect_alias_memberships(struct security_token *token)
{
int num_global_sids = token->num_sids;
int i;
@@ -4205,7 +4205,7 @@ static void collect_alias_memberships(NT_USER_TOKEN *token)
}
}
-static bool get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *token)
+static bool get_user_sids(const char *domain, const char *user, struct security_token *token)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
enum wbcSidType type;
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index c4f02a07f6..ae6401379a 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -26,9 +26,9 @@
/* The following definitions come from auth/token_util.c */
-bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token );
-bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
-NT_USER_TOKEN *get_root_nt_token( void );
+bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token );
+bool nt_token_check_domain_rid( struct security_token *token, uint32 rid );
+struct security_token *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
struct security_token *token);
struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
@@ -36,7 +36,7 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
bool is_guest,
int num_groupsids,
const struct dom_sid *groupsids);
-void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
+void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups);