summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/include/proto.h4
-rw-r--r--source3/include/rpc_secdes.h7
-rw-r--r--source3/lib/secdesc.c18
-rw-r--r--source3/lib/sharesec.c6
-rw-r--r--source3/lib/util_nttoken.c2
-rw-r--r--source3/libads/disp_sec.c2
-rw-r--r--source3/libgpo/gpo_reg.c2
-rw-r--r--source3/libsmb/libsmb_xattr.c28
-rw-r--r--source3/modules/nfs4_acls.c10
-rw-r--r--source3/modules/onefs_acl.c10
-rw-r--r--source3/modules/vfs_afsacl.c12
-rw-r--r--source3/printing/nt_printing.c4
-rw-r--r--source3/registry/reg_dispatcher.c2
-rw-r--r--source3/rpc_server/srv_lsa_nt.c2
-rw-r--r--source3/rpc_server/srv_samr_nt.c2
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c2
-rw-r--r--source3/rpc_server/srv_svcctl_nt.c2
-rw-r--r--source3/services/services_db.c2
-rw-r--r--source3/smbd/posix_acls.c28
-rw-r--r--source3/utils/sharesec.c25
-rw-r--r--source3/utils/smbcacls.c29
21 files changed, 97 insertions, 102 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 69e64d71f0..66babb51f5 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -523,7 +523,7 @@ bool dbghdr(int level, const char *location, const char *func);
char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type);
void display_sec_access(uint32_t *info);
void display_sec_ace_flags(uint8_t flags);
-void display_sec_ace(SEC_ACE *ace);
+void display_sec_ace(struct security_ace *ace);
void display_sec_acl(SEC_ACL *sec_acl);
void display_acl_type(uint16 type);
void display_sec_desc(SEC_DESC *sec);
@@ -1282,7 +1282,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
const struct nt_user_token *token_1,
const struct nt_user_token *token_2,
struct nt_user_token **token_out);
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
+bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
/* The following definitions come from lib/util_pw.c */
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 0d3db799f4..1936668a80 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -67,13 +67,6 @@
PROTECTED_SACL_SECURITY_INFORMATION|\
PROTECTED_DACL_SECURITY_INFORMATION)
-/* SEC_ACE */
-typedef struct security_ace SEC_ACE;
-
-#ifndef ACL_REVISION
-#define ACL_REVISION 0x3
-#endif
-
#ifndef _SEC_ACL
/* SEC_ACL */
typedef struct security_acl SEC_ACL;
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index b3505e7e1b..a540aa684c 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -413,7 +413,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
{
SEC_DESC *sd = 0;
SEC_ACL *dacl = 0;
- SEC_ACE *ace = 0;
+ struct security_ace *ace = 0;
NTSTATUS status;
if (!ctx || !psd || !sid || !sd_size)
@@ -465,7 +465,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
{
SEC_DESC *sd = 0;
SEC_ACL *dacl = 0;
- SEC_ACE *ace = 0;
+ struct security_ace *ace = 0;
NTSTATUS status;
if (!ctx || !psd[0] || !sid || !sd_size)
@@ -491,10 +491,10 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
}
/*
- * Determine if an ACE is inheritable
+ * Determine if an struct security_ace is inheritable
*/
-static bool is_inheritable_ace(const SEC_ACE *ace,
+static bool is_inheritable_ace(const struct security_ace *ace,
bool container)
{
if (!container) {
@@ -524,7 +524,7 @@ bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container)
const SEC_ACL *the_acl = parent_ctr->dacl;
for (i = 0; i < the_acl->num_aces; i++) {
- const SEC_ACE *ace = &the_acl->aces[i];
+ const struct security_ace *ace = &the_acl->aces[i];
if (is_inheritable_ace(ace, container)) {
return true;
@@ -546,7 +546,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
bool container)
{
SEC_ACL *new_dacl = NULL, *the_acl = NULL;
- SEC_ACE *new_ace_list = NULL;
+ struct security_ace *new_ace_list = NULL;
unsigned int new_ace_list_ndx = 0, i;
*ppsd = NULL;
@@ -563,7 +563,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
return NT_STATUS_NO_MEMORY;
}
- if (!(new_ace_list = TALLOC_ARRAY(ctx, SEC_ACE,
+ if (!(new_ace_list = TALLOC_ARRAY(ctx, struct security_ace,
2*the_acl->num_aces))) {
return NT_STATUS_NO_MEMORY;
}
@@ -572,8 +572,8 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
}
for (i = 0; i < the_acl->num_aces; i++) {
- const SEC_ACE *ace = &the_acl->aces[i];
- SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx];
+ const struct security_ace *ace = &the_acl->aces[i];
+ struct security_ace *new_ace = &new_ace_list[new_ace_list_ndx];
const DOM_SID *ptrustee = &ace->trustee;
const DOM_SID *creator = NULL;
uint8 new_flags = ace->flags;
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index a1a543e6a1..5aaadece3f 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -228,7 +228,7 @@ bool share_info_db_init(void)
SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access)
{
uint32_t sa;
- SEC_ACE ace;
+ struct security_ace ace;
SEC_ACL *psa = NULL;
SEC_DESC *psd = NULL;
uint32 spec_access = def_access;
@@ -435,7 +435,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
size_t s_size = 0;
const char *pacl = acl_str;
int num_aces = 0;
- SEC_ACE *ace_list = NULL;
+ struct security_ace *ace_list = NULL;
SEC_ACL *psa = NULL;
SEC_DESC *psd = NULL;
size_t sd_size = 0;
@@ -458,7 +458,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
/* Add the number of ',' characters to get the number of aces. */
num_aces += count_chars(pacl,',');
- ace_list = TALLOC_ARRAY(ctx, SEC_ACE, num_aces);
+ ace_list = TALLOC_ARRAY(ctx, struct security_ace, num_aces);
if (!ace_list) {
return False;
}
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 76e7402422..edacafd91b 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -117,7 +117,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
}
/*******************************************************************
- Check if this ACE has a SID in common with the token.
+ Check if this struct security_ace has a SID in common with the token.
********************************************************************/
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
diff --git a/source3/libads/disp_sec.c b/source3/libads/disp_sec.c
index 3bf0b6f7a7..a7d15fa1e1 100644
--- a/source3/libads/disp_sec.c
+++ b/source3/libads/disp_sec.c
@@ -129,7 +129,7 @@ static void ads_disp_sec_ace_object(ADS_STRUCT *ads,
}
/* display ACE */
-static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_ACE *sec_ace)
+static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace *sec_ace)
{
const char *access_type = "UNKNOWN";
diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c
index b4a9e29177..885d7806d6 100644
--- a/source3/libgpo/gpo_reg.c
+++ b/source3/libgpo/gpo_reg.c
@@ -691,7 +691,7 @@ static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx,
struct security_descriptor **sd,
size_t *sd_size)
{
- SEC_ACE ace[6];
+ struct security_ace ace[6];
uint32_t mask;
SEC_ACL *theacl = NULL;
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 6a01aec9c5..fa01ca8cbb 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -54,8 +54,8 @@ find_lsa_pipe_hnd(struct cli_state *ipc_cli)
*/
static int
-ace_compare(SEC_ACE *ace1,
- SEC_ACE *ace2)
+ace_compare(struct security_ace *ace1,
+ struct security_ace *ace2)
{
bool b1;
bool b2;
@@ -136,7 +136,7 @@ ace_compare(SEC_ACE *ace1,
return ace1->size - ace2->size;
}
- return memcmp(ace1, ace2, sizeof(SEC_ACE));
+ return memcmp(ace1, ace2, sizeof(struct security_ace));
}
@@ -249,11 +249,11 @@ done:
}
-/* parse an ACE in the same format as print_ace() */
+/* parse an struct security_ace in the same format as print_ace() */
static bool
parse_ace(struct cli_state *ipc_cli,
struct policy_handle *pol,
- SEC_ACE *ace,
+ struct security_ace *ace,
bool numeric,
char *str)
{
@@ -386,26 +386,26 @@ done:
return true;
}
-/* add an ACE to a list of ACEs in a SEC_ACL */
+/* add an struct security_ace to a list of struct security_aces in a SEC_ACL */
static bool
add_ace(SEC_ACL **the_acl,
- SEC_ACE *ace,
+ struct security_ace *ace,
TALLOC_CTX *ctx)
{
SEC_ACL *newacl;
- SEC_ACE *aces;
+ struct security_ace *aces;
if (! *the_acl) {
(*the_acl) = make_sec_acl(ctx, 3, 1, ace);
return True;
}
- if ((aces = SMB_CALLOC_ARRAY(SEC_ACE,
+ if ((aces = SMB_CALLOC_ARRAY(struct security_ace,
1+(*the_acl)->num_aces)) == NULL) {
return False;
}
- memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
- memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct security_ace));
+ memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
newacl = make_sec_acl(ctx, (*the_acl)->revision,
1+(*the_acl)->num_aces, aces);
SAFE_FREE(aces);
@@ -503,7 +503,7 @@ sec_desc_parse(TALLOC_CTX *ctx,
}
if (StrnCaseCmp(tok,"ACL:", 4) == 0) {
- SEC_ACE ace;
+ struct security_ace ace;
if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
goto done;
@@ -516,7 +516,7 @@ sec_desc_parse(TALLOC_CTX *ctx,
}
if (StrnCaseCmp(tok,"ACL+:", 5) == 0) {
- SEC_ACE ace;
+ struct security_ace ace;
if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
goto done;
@@ -1053,7 +1053,7 @@ cacl_get(SMBCCTX *context,
/* Add aces to value buffer */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->aces[i];
+ struct security_ace *ace = &sd->dacl->aces[i];
convert_sid_to_string(ipc_cli, pol,
sidstr, numeric,
&ace->trustee);
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 80bd65f5b8..7696d5e664 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -200,13 +200,13 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */
DOM_SID *psid_owner, /* in */
DOM_SID *psid_group, /* in */
bool is_directory, /* in */
- SEC_ACE **ppnt_ace_list, /* out */
+ struct security_ace **ppnt_ace_list, /* out */
int *pgood_aces /* out */
)
{
SMB_ACL4_INT_T *aclint = (SMB_ACL4_INT_T *)theacl;
SMB_ACE4_INT_T *aceint;
- SEC_ACE *nt_ace_list = NULL;
+ struct security_ace *nt_ace_list = NULL;
int good_aces = 0;
DEBUG(10, ("smbacl_nfs42win entered\n"));
@@ -214,7 +214,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */
aclint = get_validated_aclint(theacl);
/* We do not check for naces being 0 or theacl being NULL here because it is done upstream */
/* in smb_get_nt_acl_nfs4(). */
- nt_ace_list = (SEC_ACE *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(SEC_ACE));
+ nt_ace_list = (struct security_ace *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(struct security_ace));
if (nt_ace_list==NULL)
{
DEBUG(10, ("talloc error"));
@@ -295,7 +295,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
int good_aces = 0;
DOM_SID sid_owner, sid_group;
size_t sd_size = 0;
- SEC_ACE *nt_ace_list = NULL;
+ struct security_ace *nt_ace_list = NULL;
SEC_ACL *psa = NULL;
TALLOC_CTX *mem_ctx = talloc_tos();
@@ -543,7 +543,7 @@ static bool smbacl4_fill_ace4(
smbacl4_vfs_params *params,
uid_t ownerUID,
gid_t ownerGID,
- const SEC_ACE *ace_nt, /* input */
+ const struct security_ace *ace_nt, /* input */
SMB_ACE4PROP_T *ace_v4 /* output */
)
{
diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c
index 2593012805..81ee81e787 100644
--- a/source3/modules/onefs_acl.c
+++ b/source3/modules/onefs_acl.c
@@ -167,7 +167,7 @@ sid_in_ignore_list(DOM_SID * sid, int snum)
* Convert a trustee to a struct identity
*/
static bool
-onefs_samba_ace_to_ace(SEC_ACE * samba_ace, struct ifs_ace * ace,
+onefs_samba_ace_to_ace(struct security_ace * samba_ace, struct ifs_ace * ace,
bool *mapped, int snum)
{
struct ifs_identity ident = {.type=IFS_ID_TYPE_LAST, .id.uid=0};
@@ -240,7 +240,7 @@ onefs_samba_acl_to_acl(SEC_ACL *samba_acl, struct ifs_security_acl **acl,
{
int num_aces = 0;
struct ifs_ace *aces = NULL;
- SEC_ACE *samba_aces;
+ struct security_ace *samba_aces;
bool mapped;
int i, j;
@@ -292,7 +292,7 @@ err_free:
static bool
onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl)
{
- SEC_ACE *samba_aces = NULL;
+ struct security_ace *samba_aces = NULL;
SEC_ACL *tmp_samba_acl = NULL;
int i, num_aces = 0;
@@ -313,13 +313,13 @@ onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl)
/* Allocate the ace list. */
if (num_aces > 0) {
- if ((samba_aces = SMB_MALLOC_ARRAY(SEC_ACE, num_aces)) == NULL)
+ if ((samba_aces = SMB_MALLOC_ARRAY(struct security_ace, num_aces)) == NULL)
{
DEBUG(0, ("Unable to malloc space for %d aces.\n",
num_aces));
return false;
}
- memset(samba_aces, '\0', (num_aces) * sizeof(SEC_ACE));
+ memset(samba_aces, '\0', (num_aces) * sizeof(struct security_ace));
}
for (i = 0; i < num_aces; i++) {
diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c
index 82c1799129..1bf8366acc 100644
--- a/source3/modules/vfs_afsacl.c
+++ b/source3/modules/vfs_afsacl.c
@@ -528,7 +528,7 @@ static struct static_dir_ace_mapping {
{ 0, 0, 0, 9999 }
};
-static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace)
+static uint32 nt_to_afs_dir_rights(const char *filename, const struct security_ace *ace)
{
uint32 result = 0;
uint32 rights = ace->access_mask;
@@ -569,7 +569,7 @@ static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace)
return result;
}
-static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace)
+static uint32 nt_to_afs_file_rights(const char *filename, const struct security_ace *ace)
{
uint32 result = 0;
uint32 rights = ace->access_mask;
@@ -590,7 +590,7 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl,
uint32 security_info,
struct security_descriptor **ppdesc)
{
- SEC_ACE *nt_ace_list;
+ struct security_ace *nt_ace_list;
DOM_SID owner_sid, group_sid;
SEC_ACL *psa = NULL;
int good_aces;
@@ -603,7 +603,7 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl,
gid_to_sid(&group_sid, psbuf->st_ex_gid);
if (afs_acl->num_aces) {
- nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
+ nt_ace_list = TALLOC_ARRAY(mem_ctx, struct security_ace, afs_acl->num_aces);
if (nt_ace_list == NULL)
return 0;
@@ -723,7 +723,7 @@ static bool nt_to_afs_acl(const char *filename,
uint32 security_info_sent,
const struct security_descriptor *psd,
uint32 (*nt_to_afs_rights)(const char *filename,
- const SEC_ACE *ace),
+ const struct security_ace *ace),
struct afs_acl *afs_acl)
{
const SEC_ACL *dacl;
@@ -741,7 +741,7 @@ static bool nt_to_afs_acl(const char *filename,
dacl = psd->dacl;
for (i = 0; i < dacl->num_aces; i++) {
- const SEC_ACE *ace = &(dacl->aces[i]);
+ const struct security_ace *ace = &(dacl->aces[i]);
const char *dom_name, *name;
enum lsa_SidType name_type;
char *p;
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 141966ebdc..f83e4b4da3 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -2634,7 +2634,7 @@ WERROR spoolss_create_default_devmode(TALLOC_CTX *mem_ctx,
WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
struct spoolss_security_descriptor **secdesc)
{
- SEC_ACE ace[5]; /* max number of ace entries */
+ struct security_ace ace[5]; /* max number of ace entries */
int i = 0;
uint32_t sa;
SEC_ACL *psa = NULL;
@@ -5586,7 +5586,7 @@ WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ct
static struct sec_desc_buf *construct_default_printer_sdb(TALLOC_CTX *ctx)
{
- SEC_ACE ace[5]; /* max number of ace entries */
+ struct security_ace ace[5]; /* max number of ace entries */
int i = 0;
uint32_t sa;
SEC_ACL *psa = NULL;
diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c
index 874977d622..8a516be8e2 100644
--- a/source3/registry/reg_dispatcher.c
+++ b/source3/registry/reg_dispatcher.c
@@ -37,7 +37,7 @@ static const struct generic_mapping reg_generic_map =
static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd)
{
- SEC_ACE ace[3];
+ struct security_ace ace[3];
size_t i = 0;
SEC_DESC *sd;
SEC_ACL *theacl;
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index afb85baef2..dd0fe1c4f8 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -317,7 +317,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s
DOM_SID *sid, uint32_t sid_access)
{
DOM_SID adm_sid;
- SEC_ACE ace[5];
+ struct security_ace ace[5];
size_t i = 0;
SEC_ACL *psa = NULL;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 832ada5bc1..2620f2d3e5 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -127,7 +127,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
DOM_SID *sid, uint32 sid_access )
{
DOM_SID domadmin_sid;
- SEC_ACE ace[5]; /* at most 5 entries */
+ struct security_ace ace[5]; /* at most 5 entries */
size_t i = 0;
SEC_ACL *psa = NULL;
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 73875c1c08..50c37c3ce0 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -334,7 +334,7 @@ static void map_generic_share_sd_bits(SEC_DESC *psd)
return;
for (i = 0; i < ps_dacl->num_aces; i++) {
- SEC_ACE *psa = &ps_dacl->aces[i];
+ struct security_ace *psa = &ps_dacl->aces[i];
uint32 orig_mask = psa->access_mask;
se_map_generic(&psa->access_mask, &file_generic_mapping);
diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c
index ab446f9c0b..d664306e4d 100644
--- a/source3/rpc_server/srv_svcctl_nt.c
+++ b/source3/rpc_server/srv_svcctl_nt.c
@@ -137,7 +137,7 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
{
- SEC_ACE ace[2];
+ struct security_ace ace[2];
size_t i = 0;
SEC_DESC *sd;
SEC_ACL *theacl;
diff --git a/source3/services/services_db.c b/source3/services/services_db.c
index 749770102b..e501848ddd 100644
--- a/source3/services/services_db.c
+++ b/source3/services/services_db.c
@@ -90,7 +90,7 @@ struct service_display_info common_unix_svcs[] = {
static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx )
{
- SEC_ACE ace[4];
+ struct security_ace ace[4];
size_t i = 0;
SEC_DESC *sd = NULL;
SEC_ACL *theacl = NULL;
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index e47a260050..7d8dbc1f10 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1600,7 +1600,7 @@ static bool create_canon_ace_lists(files_struct *fsp,
*/
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa = &dacl->aces[i];
+ struct security_ace *psa = &dacl->aces[i];
if((psa->type != SEC_ACE_TYPE_ACCESS_ALLOWED) && (psa->type != SEC_ACE_TYPE_ACCESS_DENIED)) {
DEBUG(3,("create_canon_ace_lists: unable to set anything but an ALLOW or DENY ACE.\n"));
@@ -1637,10 +1637,10 @@ static bool create_canon_ace_lists(files_struct *fsp,
*/
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa1 = &dacl->aces[i];
+ struct security_ace *psa1 = &dacl->aces[i];
for (j = i + 1; j < dacl->num_aces; j++) {
- SEC_ACE *psa2 = &dacl->aces[j];
+ struct security_ace *psa2 = &dacl->aces[j];
if (psa1->access_mask != psa2->access_mask)
continue;
@@ -1668,7 +1668,7 @@ static bool create_canon_ace_lists(files_struct *fsp,
}
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa = &dacl->aces[i];
+ struct security_ace *psa = &dacl->aces[i];
/*
* Create a cannon_ace entry representing this NT DACL ACE.
@@ -3064,7 +3064,7 @@ static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file
Based on code from "Jim McDonough" <jmcd@us.ibm.com>.
****************************************************************************/
-static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
+static size_t merge_default_aces( struct security_ace *nt_ace_list, size_t num_aces)
{
size_t i, j;
@@ -3096,7 +3096,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
(i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
if (num_aces - i - 1 > 0)
memmove(&nt_ace_list[i], &nt_ace_list[i+1], (num_aces-i-1) *
- sizeof(SEC_ACE));
+ sizeof(struct security_ace));
DEBUG(10,("merge_default_aces: Merging zero access ACE %u onto ACE %u.\n",
(unsigned int)i, (unsigned int)j ));
@@ -3110,7 +3110,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
(i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
if (num_aces - j - 1 > 0)
memmove(&nt_ace_list[j], &nt_ace_list[j+1], (num_aces-j-1) *
- sizeof(SEC_ACE));
+ sizeof(struct security_ace));
DEBUG(10,("merge_default_aces: Merging ACE %u onto ACE %u.\n",
(unsigned int)j, (unsigned int)i ));
@@ -3135,7 +3135,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
* any reallocation of memory.
*/
-static void add_or_replace_ace(SEC_ACE *nt_ace_list, size_t *num_aces,
+static void add_or_replace_ace(struct security_ace *nt_ace_list, size_t *num_aces,
const DOM_SID *sid, enum security_ace_type type,
uint32_t mask, uint8_t flags)
{
@@ -3185,7 +3185,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
size_t num_aces = 0;
canon_ace *file_ace = NULL;
canon_ace *dir_ace = NULL;
- SEC_ACE *nt_ace_list = NULL;
+ struct security_ace *nt_ace_list = NULL;
size_t num_profile_acls = 0;
DOM_SID orig_owner_sid;
SEC_DESC *psd = NULL;
@@ -3297,12 +3297,12 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
num_def_acls = count_canon_ace_list(dir_ace);
/* Allocate the ace list. */
- if ((nt_ace_list = SMB_MALLOC_ARRAY(SEC_ACE,num_acls + num_profile_acls + num_def_acls)) == NULL) {
+ if ((nt_ace_list = SMB_MALLOC_ARRAY(struct security_ace,num_acls + num_profile_acls + num_def_acls)) == NULL) {
DEBUG(0,("get_nt_acl: Unable to malloc space for nt_ace_list.\n"));
goto done;
}
- memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(SEC_ACE) );
+ memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(struct security_ace) );
/*
* Create the NT ACE list from the canonical ace lists.
@@ -3635,7 +3635,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
files_struct *parent_fsp = NULL;
TALLOC_CTX *mem_ctx = talloc_tos();
char *parent_name = NULL;
- SEC_ACE *new_ace = NULL;
+ struct security_ace *new_ace = NULL;
unsigned int num_aces = pcsd->dacl->num_aces;
NTSTATUS status;
int info;
@@ -3704,7 +3704,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
num_aces += parent_sd->dacl->num_aces;
- if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, SEC_ACE,
+ if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, struct security_ace,
num_aces)) == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -3721,7 +3721,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
/* Finally append any inherited ACEs. */
for (j = 0; j < parent_sd->dacl->num_aces; j++) {
- SEC_ACE *se = &parent_sd->dacl->aces[j];
+ struct security_ace *se = &parent_sd->dacl->aces[j];
if (fsp->is_directory) {
if (!(se->flags & SEC_ACE_FLAG_CONTAINER_INHERIT)) {
diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c
index 00b6975bf0..d4d381c95f 100644
--- a/source3/utils/sharesec.c
+++ b/source3/utils/sharesec.c
@@ -64,7 +64,7 @@ static const struct perm_value standard_values[] = {
print an ACE on a FILE
********************************************************************/
-static void print_ace(FILE *f, SEC_ACE *ace)
+static void print_ace(FILE *f, struct security_ace *ace)
{
const struct perm_value *v;
int do_print = 0;
@@ -138,7 +138,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
/* Print aces */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->aces[i];
+ struct security_ace *ace = &sd->dacl->aces[i];
fprintf(f, "ACL:");
print_ace(f, ace);
fprintf(f, "\n");
@@ -149,7 +149,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
parse an ACE in the same format as print_ace()
********************************************************************/
-static bool parse_ace(SEC_ACE *ace, const char *orig_str)
+static bool parse_ace(struct security_ace *ace, const char *orig_str)
{
char *p;
const char *cp;
@@ -297,7 +297,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str)
static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size )
{
SEC_DESC *sd = NULL;
- SEC_ACE *ace;
+ struct security_ace *ace;
SEC_ACL *theacl;
int num_ace;
const char *pacl;
@@ -309,7 +309,7 @@ static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t
pacl = szACL;
num_ace = count_chars( pacl, ',' ) + 1;
- if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, SEC_ACE, num_ace )) )
+ if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, struct security_ace, num_ace )) )
return NULL;
for ( i=0; i<num_ace; i++ ) {
@@ -336,19 +336,20 @@ static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t
}
/* add an ACE to a list of ACEs in a SEC_ACL */
-static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, SEC_ACE *ace)
+static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, struct security_ace *ace)
{
SEC_ACL *new_ace;
- SEC_ACE *aces;
+ struct security_ace *aces;
if (! *the_acl) {
return (((*the_acl) = make_sec_acl(mem_ctx, 3, 1, ace)) != NULL);
}
- if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
+ if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) {
return False;
}
- memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
- memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct
+ security_ace));
+ memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
new_ace = make_sec_acl(mem_ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
SAFE_FREE(aces);
(*the_acl) = new_ace;
@@ -360,7 +361,7 @@ static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, SEC_ACE *ace)
computer running Windows NT 5.0" if denied ACEs do not appear before
allowed ACEs. */
-static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
+static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
{
if (sec_ace_equal(ace1, ace2))
return 0;
@@ -380,7 +381,7 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
if (ace1->size != ace2->size)
return ace1->size - ace2->size;
- return memcmp(ace1, ace2, sizeof(SEC_ACE));
+ return memcmp(ace1, ace2, sizeof(struct security_ace));
}
static void sort_acl(SEC_ACL *the_acl)
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 817b07933b..a8e46123a4 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -267,7 +267,7 @@ static void print_ace_flags(FILE *f, uint8_t flags)
}
/* print an ACE on a FILE, using either numeric or ascii representation */
-static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace)
+static void print_ace(struct cli_state *cli, FILE *f, struct security_ace *ace)
{
const struct perm_value *v;
fstring sidstr;
@@ -363,7 +363,7 @@ static bool parse_ace_flags(const char *str, unsigned int *pflags)
}
/* parse an ACE in the same format as print_ace() */
-static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
+static bool parse_ace(struct cli_state *cli, struct security_ace *ace,
const char *orig_str)
{
char *p;
@@ -530,20 +530,21 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
}
/* add an ACE to a list of ACEs in a SEC_ACL */
-static bool add_ace(SEC_ACL **the_acl, SEC_ACE *ace)
+static bool add_ace(SEC_ACL **the_acl, struct security_ace *ace)
{
SEC_ACL *new_ace;
- SEC_ACE *aces;
+ struct security_ace *aces;
if (! *the_acl) {
return (((*the_acl) = make_sec_acl(talloc_tos(), 3, 1, ace))
!= NULL);
}
- if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
+ if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) {
return False;
}
- memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
- memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct
+ security_ace));
+ memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
new_ace = make_sec_acl(talloc_tos(),(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
SAFE_FREE(aces);
(*the_acl) = new_ace;
@@ -596,7 +597,7 @@ static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *st
}
if (strncmp(tok,"ACL:", 4) == 0) {
- SEC_ACE ace;
+ struct security_ace ace;
if (!parse_ace(cli, &ace, tok+4)) {
goto done;
}
@@ -651,7 +652,7 @@ static void sec_desc_print(struct cli_state *cli, FILE *f, SEC_DESC *sd)
/* Print aces */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->aces[i];
+ struct security_ace *ace = &sd->dacl->aces[i];
fprintf(f, "ACL:");
print_ace(cli, f, ace);
fprintf(f, "\n");
@@ -814,7 +815,7 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode,
canonical order is specified as "Explicit Deny, Explicit Allow,
Inherited ACEs unchanged" */
-static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
+static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
{
if (sec_ace_equal(ace1, ace2))
return 0;
@@ -844,7 +845,7 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
if (ace1->size != ace2->size)
return ace1->size - ace2->size;
- return memcmp(ace1, ace2, sizeof(SEC_ACE));
+ return memcmp(ace1, ace2, sizeof(struct security_ace));
}
static void sort_acl(SEC_ACL *the_acl)
@@ -1023,7 +1024,7 @@ static int inherit(struct cli_state *cli, const char *filename,
string_replace(parentname, '/', '\\');
parent = get_secdesc(cli,parentname);
for (i=0;i<parent->dacl->num_aces;i++) {
- SEC_ACE *ace=&parent->dacl->aces[i];
+ struct security_ace *ace=&parent->dacl->aces[i];
if ((oldattr & aDIR) == aDIR) {
if ((ace->flags & SEC_ACE_FLAG_CONTAINER_INHERIT) ==
SEC_ACE_FLAG_CONTAINER_INHERIT) {
@@ -1051,7 +1052,7 @@ static int inherit(struct cli_state *cli, const char *filename,
SEC_ACL *temp=old->dacl;
old->dacl=make_sec_acl(talloc_tos(), 3, 0, NULL);
for (i=temp->num_aces-1;i>=0;i--) {
- SEC_ACE *ace=&temp->aces[i];
+ struct security_ace *ace=&temp->aces[i];
/* Remove all ace with INHERITED flag set */
if ((ace->flags & SEC_ACE_FLAG_INHERITED_ACE) !=
SEC_ACE_FLAG_INHERITED_ACE) {
@@ -1072,7 +1073,7 @@ static int inherit(struct cli_state *cli, const char *filename,
if (old->dacl) {
int i;
for (i=0;i<old->dacl->num_aces;i++) {
- SEC_ACE *ace=&old->dacl->aces[i];
+ struct security_ace *ace=&old->dacl->aces[i];
/* Remove INHERITED FLAG from all aces */
ace->flags=ace->flags&(~SEC_ACE_FLAG_INHERITED_ACE);
}