diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 4 | ||||
-rw-r--r-- | source3/include/rpc_secdes.h | 7 | ||||
-rw-r--r-- | source3/lib/secdesc.c | 18 | ||||
-rw-r--r-- | source3/lib/sharesec.c | 6 | ||||
-rw-r--r-- | source3/lib/util_nttoken.c | 2 | ||||
-rw-r--r-- | source3/libads/disp_sec.c | 2 | ||||
-rw-r--r-- | source3/libgpo/gpo_reg.c | 2 | ||||
-rw-r--r-- | source3/libsmb/libsmb_xattr.c | 28 | ||||
-rw-r--r-- | source3/modules/nfs4_acls.c | 10 | ||||
-rw-r--r-- | source3/modules/onefs_acl.c | 10 | ||||
-rw-r--r-- | source3/modules/vfs_afsacl.c | 12 | ||||
-rw-r--r-- | source3/printing/nt_printing.c | 4 | ||||
-rw-r--r-- | source3/registry/reg_dispatcher.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_srvsvc_nt.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_svcctl_nt.c | 2 | ||||
-rw-r--r-- | source3/services/services_db.c | 2 | ||||
-rw-r--r-- | source3/smbd/posix_acls.c | 28 | ||||
-rw-r--r-- | source3/utils/sharesec.c | 25 | ||||
-rw-r--r-- | source3/utils/smbcacls.c | 29 |
21 files changed, 97 insertions, 102 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 69e64d71f0..66babb51f5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -523,7 +523,7 @@ bool dbghdr(int level, const char *location, const char *func); char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type); void display_sec_access(uint32_t *info); void display_sec_ace_flags(uint8_t flags); -void display_sec_ace(SEC_ACE *ace); +void display_sec_ace(struct security_ace *ace); void display_sec_acl(SEC_ACL *sec_acl); void display_acl_type(uint16 type); void display_sec_desc(SEC_DESC *sec); @@ -1282,7 +1282,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx, const struct nt_user_token *token_1, const struct nt_user_token *token_2, struct nt_user_token **token_out); -bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace); +bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace); /* The following definitions come from lib/util_pw.c */ diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h index 0d3db799f4..1936668a80 100644 --- a/source3/include/rpc_secdes.h +++ b/source3/include/rpc_secdes.h @@ -67,13 +67,6 @@ PROTECTED_SACL_SECURITY_INFORMATION|\ PROTECTED_DACL_SECURITY_INFORMATION) -/* SEC_ACE */ -typedef struct security_ace SEC_ACE; - -#ifndef ACL_REVISION -#define ACL_REVISION 0x3 -#endif - #ifndef _SEC_ACL /* SEC_ACL */ typedef struct security_acl SEC_ACL; diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index b3505e7e1b..a540aa684c 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -413,7 +413,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 { SEC_DESC *sd = 0; SEC_ACL *dacl = 0; - SEC_ACE *ace = 0; + struct security_ace *ace = 0; NTSTATUS status; if (!ctx || !psd || !sid || !sd_size) @@ -465,7 +465,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t { SEC_DESC *sd = 0; SEC_ACL *dacl = 0; - SEC_ACE *ace = 0; + struct security_ace *ace = 0; NTSTATUS status; if (!ctx || !psd[0] || !sid || !sd_size) @@ -491,10 +491,10 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t } /* - * Determine if an ACE is inheritable + * Determine if an struct security_ace is inheritable */ -static bool is_inheritable_ace(const SEC_ACE *ace, +static bool is_inheritable_ace(const struct security_ace *ace, bool container) { if (!container) { @@ -524,7 +524,7 @@ bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container) const SEC_ACL *the_acl = parent_ctr->dacl; for (i = 0; i < the_acl->num_aces; i++) { - const SEC_ACE *ace = &the_acl->aces[i]; + const struct security_ace *ace = &the_acl->aces[i]; if (is_inheritable_ace(ace, container)) { return true; @@ -546,7 +546,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, bool container) { SEC_ACL *new_dacl = NULL, *the_acl = NULL; - SEC_ACE *new_ace_list = NULL; + struct security_ace *new_ace_list = NULL; unsigned int new_ace_list_ndx = 0, i; *ppsd = NULL; @@ -563,7 +563,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, return NT_STATUS_NO_MEMORY; } - if (!(new_ace_list = TALLOC_ARRAY(ctx, SEC_ACE, + if (!(new_ace_list = TALLOC_ARRAY(ctx, struct security_ace, 2*the_acl->num_aces))) { return NT_STATUS_NO_MEMORY; } @@ -572,8 +572,8 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, } for (i = 0; i < the_acl->num_aces; i++) { - const SEC_ACE *ace = &the_acl->aces[i]; - SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx]; + const struct security_ace *ace = &the_acl->aces[i]; + struct security_ace *new_ace = &new_ace_list[new_ace_list_ndx]; const DOM_SID *ptrustee = &ace->trustee; const DOM_SID *creator = NULL; uint8 new_flags = ace->flags; diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c index a1a543e6a1..5aaadece3f 100644 --- a/source3/lib/sharesec.c +++ b/source3/lib/sharesec.c @@ -228,7 +228,7 @@ bool share_info_db_init(void) SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access) { uint32_t sa; - SEC_ACE ace; + struct security_ace ace; SEC_ACL *psa = NULL; SEC_DESC *psd = NULL; uint32 spec_access = def_access; @@ -435,7 +435,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd) size_t s_size = 0; const char *pacl = acl_str; int num_aces = 0; - SEC_ACE *ace_list = NULL; + struct security_ace *ace_list = NULL; SEC_ACL *psa = NULL; SEC_DESC *psd = NULL; size_t sd_size = 0; @@ -458,7 +458,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd) /* Add the number of ',' characters to get the number of aces. */ num_aces += count_chars(pacl,','); - ace_list = TALLOC_ARRAY(ctx, SEC_ACE, num_aces); + ace_list = TALLOC_ARRAY(ctx, struct security_ace, num_aces); if (!ace_list) { return False; } diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c index 76e7402422..edacafd91b 100644 --- a/source3/lib/util_nttoken.c +++ b/source3/lib/util_nttoken.c @@ -117,7 +117,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx, } /******************************************************************* - Check if this ACE has a SID in common with the token. + Check if this struct security_ace has a SID in common with the token. ********************************************************************/ bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace) diff --git a/source3/libads/disp_sec.c b/source3/libads/disp_sec.c index 3bf0b6f7a7..a7d15fa1e1 100644 --- a/source3/libads/disp_sec.c +++ b/source3/libads/disp_sec.c @@ -129,7 +129,7 @@ static void ads_disp_sec_ace_object(ADS_STRUCT *ads, } /* display ACE */ -static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_ACE *sec_ace) +static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace *sec_ace) { const char *access_type = "UNKNOWN"; diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c index b4a9e29177..885d7806d6 100644 --- a/source3/libgpo/gpo_reg.c +++ b/source3/libgpo/gpo_reg.c @@ -691,7 +691,7 @@ static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx, struct security_descriptor **sd, size_t *sd_size) { - SEC_ACE ace[6]; + struct security_ace ace[6]; uint32_t mask; SEC_ACL *theacl = NULL; diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index 6a01aec9c5..fa01ca8cbb 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -54,8 +54,8 @@ find_lsa_pipe_hnd(struct cli_state *ipc_cli) */ static int -ace_compare(SEC_ACE *ace1, - SEC_ACE *ace2) +ace_compare(struct security_ace *ace1, + struct security_ace *ace2) { bool b1; bool b2; @@ -136,7 +136,7 @@ ace_compare(SEC_ACE *ace1, return ace1->size - ace2->size; } - return memcmp(ace1, ace2, sizeof(SEC_ACE)); + return memcmp(ace1, ace2, sizeof(struct security_ace)); } @@ -249,11 +249,11 @@ done: } -/* parse an ACE in the same format as print_ace() */ +/* parse an struct security_ace in the same format as print_ace() */ static bool parse_ace(struct cli_state *ipc_cli, struct policy_handle *pol, - SEC_ACE *ace, + struct security_ace *ace, bool numeric, char *str) { @@ -386,26 +386,26 @@ done: return true; } -/* add an ACE to a list of ACEs in a SEC_ACL */ +/* add an struct security_ace to a list of struct security_aces in a SEC_ACL */ static bool add_ace(SEC_ACL **the_acl, - SEC_ACE *ace, + struct security_ace *ace, TALLOC_CTX *ctx) { SEC_ACL *newacl; - SEC_ACE *aces; + struct security_ace *aces; if (! *the_acl) { (*the_acl) = make_sec_acl(ctx, 3, 1, ace); return True; } - if ((aces = SMB_CALLOC_ARRAY(SEC_ACE, + if ((aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces)) == NULL) { return False; } - memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE)); - memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE)); + memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct security_ace)); + memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace)); newacl = make_sec_acl(ctx, (*the_acl)->revision, 1+(*the_acl)->num_aces, aces); SAFE_FREE(aces); @@ -503,7 +503,7 @@ sec_desc_parse(TALLOC_CTX *ctx, } if (StrnCaseCmp(tok,"ACL:", 4) == 0) { - SEC_ACE ace; + struct security_ace ace; if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) { DEBUG(5, ("Failed to parse ACL %s\n", tok)); goto done; @@ -516,7 +516,7 @@ sec_desc_parse(TALLOC_CTX *ctx, } if (StrnCaseCmp(tok,"ACL+:", 5) == 0) { - SEC_ACE ace; + struct security_ace ace; if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) { DEBUG(5, ("Failed to parse ACL %s\n", tok)); goto done; @@ -1053,7 +1053,7 @@ cacl_get(SMBCCTX *context, /* Add aces to value buffer */ for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) { - SEC_ACE *ace = &sd->dacl->aces[i]; + struct security_ace *ace = &sd->dacl->aces[i]; convert_sid_to_string(ipc_cli, pol, sidstr, numeric, &ace->trustee); diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 80bd65f5b8..7696d5e664 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -200,13 +200,13 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */ DOM_SID *psid_owner, /* in */ DOM_SID *psid_group, /* in */ bool is_directory, /* in */ - SEC_ACE **ppnt_ace_list, /* out */ + struct security_ace **ppnt_ace_list, /* out */ int *pgood_aces /* out */ ) { SMB_ACL4_INT_T *aclint = (SMB_ACL4_INT_T *)theacl; SMB_ACE4_INT_T *aceint; - SEC_ACE *nt_ace_list = NULL; + struct security_ace *nt_ace_list = NULL; int good_aces = 0; DEBUG(10, ("smbacl_nfs42win entered\n")); @@ -214,7 +214,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */ aclint = get_validated_aclint(theacl); /* We do not check for naces being 0 or theacl being NULL here because it is done upstream */ /* in smb_get_nt_acl_nfs4(). */ - nt_ace_list = (SEC_ACE *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(SEC_ACE)); + nt_ace_list = (struct security_ace *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(struct security_ace)); if (nt_ace_list==NULL) { DEBUG(10, ("talloc error")); @@ -295,7 +295,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, int good_aces = 0; DOM_SID sid_owner, sid_group; size_t sd_size = 0; - SEC_ACE *nt_ace_list = NULL; + struct security_ace *nt_ace_list = NULL; SEC_ACL *psa = NULL; TALLOC_CTX *mem_ctx = talloc_tos(); @@ -543,7 +543,7 @@ static bool smbacl4_fill_ace4( smbacl4_vfs_params *params, uid_t ownerUID, gid_t ownerGID, - const SEC_ACE *ace_nt, /* input */ + const struct security_ace *ace_nt, /* input */ SMB_ACE4PROP_T *ace_v4 /* output */ ) { diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c index 2593012805..81ee81e787 100644 --- a/source3/modules/onefs_acl.c +++ b/source3/modules/onefs_acl.c @@ -167,7 +167,7 @@ sid_in_ignore_list(DOM_SID * sid, int snum) * Convert a trustee to a struct identity */ static bool -onefs_samba_ace_to_ace(SEC_ACE * samba_ace, struct ifs_ace * ace, +onefs_samba_ace_to_ace(struct security_ace * samba_ace, struct ifs_ace * ace, bool *mapped, int snum) { struct ifs_identity ident = {.type=IFS_ID_TYPE_LAST, .id.uid=0}; @@ -240,7 +240,7 @@ onefs_samba_acl_to_acl(SEC_ACL *samba_acl, struct ifs_security_acl **acl, { int num_aces = 0; struct ifs_ace *aces = NULL; - SEC_ACE *samba_aces; + struct security_ace *samba_aces; bool mapped; int i, j; @@ -292,7 +292,7 @@ err_free: static bool onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl) { - SEC_ACE *samba_aces = NULL; + struct security_ace *samba_aces = NULL; SEC_ACL *tmp_samba_acl = NULL; int i, num_aces = 0; @@ -313,13 +313,13 @@ onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl) /* Allocate the ace list. */ if (num_aces > 0) { - if ((samba_aces = SMB_MALLOC_ARRAY(SEC_ACE, num_aces)) == NULL) + if ((samba_aces = SMB_MALLOC_ARRAY(struct security_ace, num_aces)) == NULL) { DEBUG(0, ("Unable to malloc space for %d aces.\n", num_aces)); return false; } - memset(samba_aces, '\0', (num_aces) * sizeof(SEC_ACE)); + memset(samba_aces, '\0', (num_aces) * sizeof(struct security_ace)); } for (i = 0; i < num_aces; i++) { diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c index 82c1799129..1bf8366acc 100644 --- a/source3/modules/vfs_afsacl.c +++ b/source3/modules/vfs_afsacl.c @@ -528,7 +528,7 @@ static struct static_dir_ace_mapping { { 0, 0, 0, 9999 } }; -static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace) +static uint32 nt_to_afs_dir_rights(const char *filename, const struct security_ace *ace) { uint32 result = 0; uint32 rights = ace->access_mask; @@ -569,7 +569,7 @@ static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace) return result; } -static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace) +static uint32 nt_to_afs_file_rights(const char *filename, const struct security_ace *ace) { uint32 result = 0; uint32 rights = ace->access_mask; @@ -590,7 +590,7 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl, uint32 security_info, struct security_descriptor **ppdesc) { - SEC_ACE *nt_ace_list; + struct security_ace *nt_ace_list; DOM_SID owner_sid, group_sid; SEC_ACL *psa = NULL; int good_aces; @@ -603,7 +603,7 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl, gid_to_sid(&group_sid, psbuf->st_ex_gid); if (afs_acl->num_aces) { - nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces); + nt_ace_list = TALLOC_ARRAY(mem_ctx, struct security_ace, afs_acl->num_aces); if (nt_ace_list == NULL) return 0; @@ -723,7 +723,7 @@ static bool nt_to_afs_acl(const char *filename, uint32 security_info_sent, const struct security_descriptor *psd, uint32 (*nt_to_afs_rights)(const char *filename, - const SEC_ACE *ace), + const struct security_ace *ace), struct afs_acl *afs_acl) { const SEC_ACL *dacl; @@ -741,7 +741,7 @@ static bool nt_to_afs_acl(const char *filename, dacl = psd->dacl; for (i = 0; i < dacl->num_aces; i++) { - const SEC_ACE *ace = &(dacl->aces[i]); + const struct security_ace *ace = &(dacl->aces[i]); const char *dom_name, *name; enum lsa_SidType name_type; char *p; diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 141966ebdc..f83e4b4da3 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -2634,7 +2634,7 @@ WERROR spoolss_create_default_devmode(TALLOC_CTX *mem_ctx, WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx, struct spoolss_security_descriptor **secdesc) { - SEC_ACE ace[5]; /* max number of ace entries */ + struct security_ace ace[5]; /* max number of ace entries */ int i = 0; uint32_t sa; SEC_ACL *psa = NULL; @@ -5586,7 +5586,7 @@ WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ct static struct sec_desc_buf *construct_default_printer_sdb(TALLOC_CTX *ctx) { - SEC_ACE ace[5]; /* max number of ace entries */ + struct security_ace ace[5]; /* max number of ace entries */ int i = 0; uint32_t sa; SEC_ACL *psa = NULL; diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c index 874977d622..8a516be8e2 100644 --- a/source3/registry/reg_dispatcher.c +++ b/source3/registry/reg_dispatcher.c @@ -37,7 +37,7 @@ static const struct generic_mapping reg_generic_map = static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd) { - SEC_ACE ace[3]; + struct security_ace ace[3]; size_t i = 0; SEC_DESC *sd; SEC_ACL *theacl; diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index afb85baef2..dd0fe1c4f8 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -317,7 +317,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s DOM_SID *sid, uint32_t sid_access) { DOM_SID adm_sid; - SEC_ACE ace[5]; + struct security_ace ace[5]; size_t i = 0; SEC_ACL *psa = NULL; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 832ada5bc1..2620f2d3e5 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -127,7 +127,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd DOM_SID *sid, uint32 sid_access ) { DOM_SID domadmin_sid; - SEC_ACE ace[5]; /* at most 5 entries */ + struct security_ace ace[5]; /* at most 5 entries */ size_t i = 0; SEC_ACL *psa = NULL; diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 73875c1c08..50c37c3ce0 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -334,7 +334,7 @@ static void map_generic_share_sd_bits(SEC_DESC *psd) return; for (i = 0; i < ps_dacl->num_aces; i++) { - SEC_ACE *psa = &ps_dacl->aces[i]; + struct security_ace *psa = &ps_dacl->aces[i]; uint32 orig_mask = psa->access_mask; se_map_generic(&psa->access_mask, &file_generic_mapping); diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index ab446f9c0b..d664306e4d 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -137,7 +137,7 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) { - SEC_ACE ace[2]; + struct security_ace ace[2]; size_t i = 0; SEC_DESC *sd; SEC_ACL *theacl; diff --git a/source3/services/services_db.c b/source3/services/services_db.c index 749770102b..e501848ddd 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -90,7 +90,7 @@ struct service_display_info common_unix_svcs[] = { static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx ) { - SEC_ACE ace[4]; + struct security_ace ace[4]; size_t i = 0; SEC_DESC *sd = NULL; SEC_ACL *theacl = NULL; diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index e47a260050..7d8dbc1f10 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -1600,7 +1600,7 @@ static bool create_canon_ace_lists(files_struct *fsp, */ for(i = 0; i < dacl->num_aces; i++) { - SEC_ACE *psa = &dacl->aces[i]; + struct security_ace *psa = &dacl->aces[i]; if((psa->type != SEC_ACE_TYPE_ACCESS_ALLOWED) && (psa->type != SEC_ACE_TYPE_ACCESS_DENIED)) { DEBUG(3,("create_canon_ace_lists: unable to set anything but an ALLOW or DENY ACE.\n")); @@ -1637,10 +1637,10 @@ static bool create_canon_ace_lists(files_struct *fsp, */ for(i = 0; i < dacl->num_aces; i++) { - SEC_ACE *psa1 = &dacl->aces[i]; + struct security_ace *psa1 = &dacl->aces[i]; for (j = i + 1; j < dacl->num_aces; j++) { - SEC_ACE *psa2 = &dacl->aces[j]; + struct security_ace *psa2 = &dacl->aces[j]; if (psa1->access_mask != psa2->access_mask) continue; @@ -1668,7 +1668,7 @@ static bool create_canon_ace_lists(files_struct *fsp, } for(i = 0; i < dacl->num_aces; i++) { - SEC_ACE *psa = &dacl->aces[i]; + struct security_ace *psa = &dacl->aces[i]; /* * Create a cannon_ace entry representing this NT DACL ACE. @@ -3064,7 +3064,7 @@ static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file Based on code from "Jim McDonough" <jmcd@us.ibm.com>. ****************************************************************************/ -static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces) +static size_t merge_default_aces( struct security_ace *nt_ace_list, size_t num_aces) { size_t i, j; @@ -3096,7 +3096,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces) (i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0); if (num_aces - i - 1 > 0) memmove(&nt_ace_list[i], &nt_ace_list[i+1], (num_aces-i-1) * - sizeof(SEC_ACE)); + sizeof(struct security_ace)); DEBUG(10,("merge_default_aces: Merging zero access ACE %u onto ACE %u.\n", (unsigned int)i, (unsigned int)j )); @@ -3110,7 +3110,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces) (i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0); if (num_aces - j - 1 > 0) memmove(&nt_ace_list[j], &nt_ace_list[j+1], (num_aces-j-1) * - sizeof(SEC_ACE)); + sizeof(struct security_ace)); DEBUG(10,("merge_default_aces: Merging ACE %u onto ACE %u.\n", (unsigned int)j, (unsigned int)i )); @@ -3135,7 +3135,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces) * any reallocation of memory. */ -static void add_or_replace_ace(SEC_ACE *nt_ace_list, size_t *num_aces, +static void add_or_replace_ace(struct security_ace *nt_ace_list, size_t *num_aces, const DOM_SID *sid, enum security_ace_type type, uint32_t mask, uint8_t flags) { @@ -3185,7 +3185,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, size_t num_aces = 0; canon_ace *file_ace = NULL; canon_ace *dir_ace = NULL; - SEC_ACE *nt_ace_list = NULL; + struct security_ace *nt_ace_list = NULL; size_t num_profile_acls = 0; DOM_SID orig_owner_sid; SEC_DESC *psd = NULL; @@ -3297,12 +3297,12 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, num_def_acls = count_canon_ace_list(dir_ace); /* Allocate the ace list. */ - if ((nt_ace_list = SMB_MALLOC_ARRAY(SEC_ACE,num_acls + num_profile_acls + num_def_acls)) == NULL) { + if ((nt_ace_list = SMB_MALLOC_ARRAY(struct security_ace,num_acls + num_profile_acls + num_def_acls)) == NULL) { DEBUG(0,("get_nt_acl: Unable to malloc space for nt_ace_list.\n")); goto done; } - memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(SEC_ACE) ); + memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(struct security_ace) ); /* * Create the NT ACE list from the canonical ace lists. @@ -3635,7 +3635,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, files_struct *parent_fsp = NULL; TALLOC_CTX *mem_ctx = talloc_tos(); char *parent_name = NULL; - SEC_ACE *new_ace = NULL; + struct security_ace *new_ace = NULL; unsigned int num_aces = pcsd->dacl->num_aces; NTSTATUS status; int info; @@ -3704,7 +3704,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, num_aces += parent_sd->dacl->num_aces; - if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, SEC_ACE, + if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, struct security_ace, num_aces)) == NULL) { return NT_STATUS_NO_MEMORY; } @@ -3721,7 +3721,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, /* Finally append any inherited ACEs. */ for (j = 0; j < parent_sd->dacl->num_aces; j++) { - SEC_ACE *se = &parent_sd->dacl->aces[j]; + struct security_ace *se = &parent_sd->dacl->aces[j]; if (fsp->is_directory) { if (!(se->flags & SEC_ACE_FLAG_CONTAINER_INHERIT)) { diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index 00b6975bf0..d4d381c95f 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -64,7 +64,7 @@ static const struct perm_value standard_values[] = { print an ACE on a FILE ********************************************************************/ -static void print_ace(FILE *f, SEC_ACE *ace) +static void print_ace(FILE *f, struct security_ace *ace) { const struct perm_value *v; int do_print = 0; @@ -138,7 +138,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd) /* Print aces */ for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) { - SEC_ACE *ace = &sd->dacl->aces[i]; + struct security_ace *ace = &sd->dacl->aces[i]; fprintf(f, "ACL:"); print_ace(f, ace); fprintf(f, "\n"); @@ -149,7 +149,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd) parse an ACE in the same format as print_ace() ********************************************************************/ -static bool parse_ace(SEC_ACE *ace, const char *orig_str) +static bool parse_ace(struct security_ace *ace, const char *orig_str) { char *p; const char *cp; @@ -297,7 +297,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size ) { SEC_DESC *sd = NULL; - SEC_ACE *ace; + struct security_ace *ace; SEC_ACL *theacl; int num_ace; const char *pacl; @@ -309,7 +309,7 @@ static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t pacl = szACL; num_ace = count_chars( pacl, ',' ) + 1; - if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, SEC_ACE, num_ace )) ) + if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, struct security_ace, num_ace )) ) return NULL; for ( i=0; i<num_ace; i++ ) { @@ -336,19 +336,20 @@ static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t } /* add an ACE to a list of ACEs in a SEC_ACL */ -static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, SEC_ACE *ace) +static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, struct security_ace *ace) { SEC_ACL *new_ace; - SEC_ACE *aces; + struct security_ace *aces; if (! *the_acl) { return (((*the_acl) = make_sec_acl(mem_ctx, 3, 1, ace)) != NULL); } - if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) { + if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) { return False; } - memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE)); - memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE)); + memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct + security_ace)); + memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace)); new_ace = make_sec_acl(mem_ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces); SAFE_FREE(aces); (*the_acl) = new_ace; @@ -360,7 +361,7 @@ static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, SEC_ACE *ace) computer running Windows NT 5.0" if denied ACEs do not appear before allowed ACEs. */ -static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2) +static int ace_compare(struct security_ace *ace1, struct security_ace *ace2) { if (sec_ace_equal(ace1, ace2)) return 0; @@ -380,7 +381,7 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2) if (ace1->size != ace2->size) return ace1->size - ace2->size; - return memcmp(ace1, ace2, sizeof(SEC_ACE)); + return memcmp(ace1, ace2, sizeof(struct security_ace)); } static void sort_acl(SEC_ACL *the_acl) diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 817b07933b..a8e46123a4 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -267,7 +267,7 @@ static void print_ace_flags(FILE *f, uint8_t flags) } /* print an ACE on a FILE, using either numeric or ascii representation */ -static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace) +static void print_ace(struct cli_state *cli, FILE *f, struct security_ace *ace) { const struct perm_value *v; fstring sidstr; @@ -363,7 +363,7 @@ static bool parse_ace_flags(const char *str, unsigned int *pflags) } /* parse an ACE in the same format as print_ace() */ -static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, +static bool parse_ace(struct cli_state *cli, struct security_ace *ace, const char *orig_str) { char *p; @@ -530,20 +530,21 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, } /* add an ACE to a list of ACEs in a SEC_ACL */ -static bool add_ace(SEC_ACL **the_acl, SEC_ACE *ace) +static bool add_ace(SEC_ACL **the_acl, struct security_ace *ace) { SEC_ACL *new_ace; - SEC_ACE *aces; + struct security_ace *aces; if (! *the_acl) { return (((*the_acl) = make_sec_acl(talloc_tos(), 3, 1, ace)) != NULL); } - if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) { + if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) { return False; } - memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE)); - memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE)); + memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct + security_ace)); + memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace)); new_ace = make_sec_acl(talloc_tos(),(*the_acl)->revision,1+(*the_acl)->num_aces, aces); SAFE_FREE(aces); (*the_acl) = new_ace; @@ -596,7 +597,7 @@ static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *st } if (strncmp(tok,"ACL:", 4) == 0) { - SEC_ACE ace; + struct security_ace ace; if (!parse_ace(cli, &ace, tok+4)) { goto done; } @@ -651,7 +652,7 @@ static void sec_desc_print(struct cli_state *cli, FILE *f, SEC_DESC *sd) /* Print aces */ for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) { - SEC_ACE *ace = &sd->dacl->aces[i]; + struct security_ace *ace = &sd->dacl->aces[i]; fprintf(f, "ACL:"); print_ace(cli, f, ace); fprintf(f, "\n"); @@ -814,7 +815,7 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode, canonical order is specified as "Explicit Deny, Explicit Allow, Inherited ACEs unchanged" */ -static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2) +static int ace_compare(struct security_ace *ace1, struct security_ace *ace2) { if (sec_ace_equal(ace1, ace2)) return 0; @@ -844,7 +845,7 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2) if (ace1->size != ace2->size) return ace1->size - ace2->size; - return memcmp(ace1, ace2, sizeof(SEC_ACE)); + return memcmp(ace1, ace2, sizeof(struct security_ace)); } static void sort_acl(SEC_ACL *the_acl) @@ -1023,7 +1024,7 @@ static int inherit(struct cli_state *cli, const char *filename, string_replace(parentname, '/', '\\'); parent = get_secdesc(cli,parentname); for (i=0;i<parent->dacl->num_aces;i++) { - SEC_ACE *ace=&parent->dacl->aces[i]; + struct security_ace *ace=&parent->dacl->aces[i]; if ((oldattr & aDIR) == aDIR) { if ((ace->flags & SEC_ACE_FLAG_CONTAINER_INHERIT) == SEC_ACE_FLAG_CONTAINER_INHERIT) { @@ -1051,7 +1052,7 @@ static int inherit(struct cli_state *cli, const char *filename, SEC_ACL *temp=old->dacl; old->dacl=make_sec_acl(talloc_tos(), 3, 0, NULL); for (i=temp->num_aces-1;i>=0;i--) { - SEC_ACE *ace=&temp->aces[i]; + struct security_ace *ace=&temp->aces[i]; /* Remove all ace with INHERITED flag set */ if ((ace->flags & SEC_ACE_FLAG_INHERITED_ACE) != SEC_ACE_FLAG_INHERITED_ACE) { @@ -1072,7 +1073,7 @@ static int inherit(struct cli_state *cli, const char *filename, if (old->dacl) { int i; for (i=0;i<old->dacl->num_aces;i++) { - SEC_ACE *ace=&old->dacl->aces[i]; + struct security_ace *ace=&old->dacl->aces[i]; /* Remove INHERITED FLAG from all aces */ ace->flags=ace->flags&(~SEC_ACE_FLAG_INHERITED_ACE); } |