summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/client/client.c2
-rw-r--r--source3/include/ads_protos.h2
-rw-r--r--source3/include/proto.h70
-rw-r--r--source3/include/regfio.h4
-rw-r--r--source3/include/rpc_secdes.h5
-rw-r--r--source3/lib/secdesc.c52
-rw-r--r--source3/lib/sharesec.c18
-rw-r--r--source3/libads/disp_sec.c2
-rw-r--r--source3/libads/ldap.c7
-rw-r--r--source3/libsmb/clisecdesc.c6
-rw-r--r--source3/libsmb/libsmb_xattr.c8
-rw-r--r--source3/modules/nfs4_acls.c8
-rw-r--r--source3/modules/nfs4_acls.h6
-rw-r--r--source3/modules/onefs.h10
-rw-r--r--source3/modules/onefs_acl.c13
-rw-r--r--source3/modules/vfs_afsacl.c2
-rw-r--r--source3/modules/vfs_aixacl2.c8
-rw-r--r--source3/modules/vfs_default.c8
-rw-r--r--source3/modules/vfs_full_audit.c6
-rw-r--r--source3/modules/vfs_gpfs.c8
-rw-r--r--source3/modules/vfs_zfsacl.c2
-rw-r--r--source3/param/loadparm.c4
-rw-r--r--source3/printing/nt_printing.c16
-rw-r--r--source3/registry/reg_api.c2
-rw-r--r--source3/registry/reg_dispatcher.c6
-rw-r--r--source3/registry/regfio.c6
-rw-r--r--source3/rpc_server/srv_eventlog_nt.c2
-rw-r--r--source3/rpc_server/srv_lsa_nt.c12
-rw-r--r--source3/rpc_server/srv_samr_nt.c18
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c14
-rw-r--r--source3/rpc_server/srv_svcctl_nt.c14
-rw-r--r--source3/rpcclient/cmd_spoolss.c2
-rw-r--r--source3/services/services_db.c12
-rw-r--r--source3/smbd/nttrans.c6
-rw-r--r--source3/smbd/posix_acls.c33
-rw-r--r--source3/utils/net_rpc.c4
-rw-r--r--source3/utils/net_rpc_printer.c2
-rw-r--r--source3/utils/net_usershare.c2
-rw-r--r--source3/utils/profiles.c4
-rw-r--r--source3/utils/sharesec.c10
-rw-r--r--source3/utils/smbcacls.c22
41 files changed, 220 insertions, 218 deletions
diff --git a/source3/client/client.c b/source3/client/client.c
index 13617155c7..416a4bb6cf 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -562,7 +562,7 @@ static void display_finfo(file_info *finfo, const char *dir)
afname,
cli_errstr( finfo->cli)));
} else {
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
sd = cli_query_secdesc(finfo->cli, fnum, ctx);
if (!sd) {
DEBUG( 0, ("display_finfo() failed to "
diff --git a/source3/include/ads_protos.h b/source3/include/ads_protos.h
index 97b5728b05..dc7922f587 100644
--- a/source3/include/ads_protos.h
+++ b/source3/include/ads_protos.h
@@ -26,7 +26,7 @@ bool ads_pull_sid(ADS_STRUCT *ads, LDAPMessage *msg, const char *field,
int ads_pull_sids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
LDAPMessage *msg, const char *field, DOM_SID **sids);
bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
- LDAPMessage *msg, const char *field, SEC_DESC **sd);
+ LDAPMessage *msg, const char *field, struct security_descriptor **sd);
char *ads_pull_username(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
LDAPMessage *msg);
int ads_pull_sids_from_extendeddn(ADS_STRUCT *ads,
diff --git a/source3/include/proto.h b/source3/include/proto.h
index ac989c1fc8..1853fa9b8b 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -526,7 +526,7 @@ void display_sec_ace_flags(uint8_t flags);
void display_sec_ace(struct security_ace *ace);
void display_sec_acl(struct security_acl *sec_acl);
void display_acl_type(uint16 type);
-void display_sec_desc(SEC_DESC *sec);
+void display_sec_desc(struct security_descriptor *sec);
/* The following definitions come from lib/dmallocmsg.c */
@@ -692,15 +692,15 @@ ssize_t drain_socket(int sockfd, size_t count);
/* The following definitions come from lib/secdesc.c */
-uint32_t get_sec_info(const SEC_DESC *sd);
-SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb);
+uint32_t get_sec_info(const struct security_descriptor *sd);
+struct security_descriptor *sec_desc_merge(TALLOC_CTX *ctx, struct security_descriptor *new_sdb, struct security_descriptor *old_sdb);
struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *new_sdb, struct sec_desc_buf *old_sdb);
-SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
+struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx,
enum security_descriptor_revision revision,
uint16 type,
const DOM_SID *owner_sid, const DOM_SID *grp_sid,
struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size);
-SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src);
+struct security_descriptor *dup_sec_desc(TALLOC_CTX *ctx, const struct security_descriptor *src);
NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx,
struct security_descriptor *secdesc,
uint8 **data, size_t *len);
@@ -711,24 +711,24 @@ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len,
struct security_descriptor **psecdesc);
NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len,
struct sec_desc_buf **psecdesc_buf);
-SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
+struct security_descriptor *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
struct security_acl *dacl, size_t *sd_size);
-struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc);
+struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, struct security_descriptor *sec_desc);
struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src);
-NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size);
-NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask);
-NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size);
-bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container);
+NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, uint32 mask, size_t *sd_size);
+NTSTATUS sec_desc_mod_sid(struct security_descriptor *sd, DOM_SID *sid, uint32 mask);
+NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, size_t *sd_size);
+bool sd_has_inheritable_components(const struct security_descriptor *parent_ctr, bool container);
NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
- SEC_DESC **ppsd,
+ struct security_descriptor **ppsd,
size_t *psize,
- const SEC_DESC *parent_ctr,
+ const struct security_descriptor *parent_ctr,
const DOM_SID *owner_sid,
const DOM_SID *group_sid,
bool container);
NTSTATUS se_create_child_secdesc_buf(TALLOC_CTX *ctx,
struct sec_desc_buf **ppsdb,
- const SEC_DESC *parent_ctr,
+ const struct security_descriptor *parent_ctr,
bool container);
/* The following definitions come from lib/select.c */
@@ -749,14 +749,14 @@ struct named_mutex *grab_named_mutex(TALLOC_CTX *mem_ctx, const char *name,
/* The following definitions come from lib/sharesec.c */
bool share_info_db_init(void);
-SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access);
-SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
+struct security_descriptor *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access);
+struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *servicename,
size_t *psize);
-bool set_share_security(const char *share_name, SEC_DESC *psd);
+bool set_share_security(const char *share_name, struct security_descriptor *psd);
bool delete_share_security(const char *servicename);
bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
uint32 desired_access);
-bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd);
+bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd);
/* The following definitions come from lib/smbldap.c */
@@ -1304,7 +1304,7 @@ bool pull_reg_multi_sz(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const char **
void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping);
void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping);
void se_map_standard(uint32 *access_mask, struct standard_mapping *mapping);
-NTSTATUS se_access_check(const SEC_DESC *sd, const NT_USER_TOKEN *token,
+NTSTATUS se_access_check(const struct security_descriptor *sd, const NT_USER_TOKEN *token,
uint32 acc_desired, uint32 *acc_granted);
/* The following definitions come from lib/util_sec.c */
@@ -1744,7 +1744,7 @@ bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx,
/* The following definitions come from libads/disp_sec.c */
-void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd);
+void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd);
/* The following definitions come from libads/dns.c */
@@ -2844,9 +2844,9 @@ NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode,
/* The following definitions come from libsmb/clisecdesc.c */
-SEC_DESC *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
+struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
TALLOC_CTX *mem_ctx);
-bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, SEC_DESC *sd);
+bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd);
/* The following definitions come from libsmb/clispnego.c */
@@ -4235,7 +4235,7 @@ enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
char **pp_sharepath,
char **pp_comment,
char **pp_cp_share_name,
- SEC_DESC **ppsd,
+ struct security_descriptor **ppsd,
bool *pallow_guest);
int load_usershare_service(const char *servicename);
int load_usershare_shares(void);
@@ -4795,8 +4795,8 @@ WERROR delete_printer_driver(struct pipes_struct *rpc_pipe,
uint32 version, bool delete_files );
WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ctr);
bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, struct sec_desc_buf **secdesc_ctr);
-void map_printer_permissions(SEC_DESC *sd);
-void map_job_permissions(SEC_DESC *sd);
+void map_printer_permissions(struct security_descriptor *sd);
+void map_job_permissions(struct security_descriptor *sd);
bool print_access_check(struct auth_serversupplied_info *server_info, int snum,
int access_type);
bool print_time_access_check(const char *servicename);
@@ -5564,8 +5564,8 @@ bool init_service_op_table( void );
/* The following definitions come from services/services_db.c */
void svcctl_init_keys( void );
-SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
-bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token );
+struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
+bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token );
const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token );
struct regval_ctr *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token );
@@ -6300,18 +6300,18 @@ uint32_t map_canon_ace_perms(int snum,
enum security_ace_type *pacl_type,
mode_t perms,
bool directory_ace);
-NTSTATUS unpack_nt_owners(connection_struct *conn, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const SEC_DESC *psd);
+NTSTATUS unpack_nt_owners(connection_struct *conn, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const struct security_descriptor *psd);
SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl);
NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
- SEC_DESC **ppdesc);
+ struct security_descriptor **ppdesc);
NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name,
- uint32_t security_info, SEC_DESC **ppdesc);
+ uint32_t security_info, struct security_descriptor **ppdesc);
int try_chown(connection_struct *conn, struct smb_filename *smb_fname,
uid_t uid, gid_t gid);
NTSTATUS append_parent_acl(files_struct *fsp,
- const SEC_DESC *pcsd,
- SEC_DESC **pp_new_sd);
-NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd);
+ const struct security_descriptor *pcsd,
+ struct security_descriptor **pp_new_sd);
+NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd);
int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode );
int chmod_acl(connection_struct *conn, const char *name, mode_t mode);
int inherit_access_posix_acl(connection_struct *conn, const char *inherit_from_dir,
@@ -6321,7 +6321,7 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname,
const SMB_STRUCT_STAT *psbuf,
uint16 num_def_acls, const char *pdata);
bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *fname, uint16 num_acls, const char *pdata);
-SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname);
+struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname);
/* The following definitions come from smbd/process.c */
@@ -6818,7 +6818,7 @@ struct tevent_req *fncall_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
int fncall_recv(struct tevent_req *req, int *perr);
/* The following definitions come from rpc_server/srv_samr_nt.c */
-NTSTATUS access_check_object( SEC_DESC *psd, NT_USER_TOKEN *token,
+NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
SE_PRIV *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug);
diff --git a/source3/include/regfio.h b/source3/include/regfio.h
index 61d74d7f2a..840fbcd89a 100644
--- a/source3/include/regfio.h
+++ b/source3/include/regfio.h
@@ -129,7 +129,7 @@ typedef struct _regf_sk_rec {
uint32 next_sk_off;
uint32 ref_count;
uint32 size;
- SEC_DESC *sec_desc;
+ struct security_descriptor *sec_desc;
} REGF_SK_REC;
/* Key Name */
@@ -217,7 +217,7 @@ REGF_NK_REC* regfio_rootkey( REGF_FILE *file );
REGF_NK_REC* regfio_fetch_subkey( REGF_FILE *file, REGF_NK_REC *nk );
REGF_NK_REC* regfio_write_key ( REGF_FILE *file, const char *name,
struct regval_ctr *values, struct regsubkey_ctr *subkeys,
- SEC_DESC *sec_desc, REGF_NK_REC *parent );
+ struct security_descriptor *sec_desc, REGF_NK_REC *parent );
#endif /* _REGFIO_H */
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 0d0d14956c..f1d1b1a18f 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -71,12 +71,7 @@
#define SEC_DESC_REVISION 0x1
#endif
-#ifndef _SEC_DESC
-/* SEC_DESC */
-typedef struct security_descriptor SEC_DESC;
#define SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32))
-#define _SEC_DESC
-#endif
/* A type to describe the mapping of generic access rights to object
specific access rights. */
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index a439b9e7c0..5791ab6153 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -35,7 +35,7 @@ const struct generic_mapping file_generic_mapping = {
Given a security_descriptor return the sec_info.
********************************************************************/
-uint32_t get_sec_info(const SEC_DESC *sd)
+uint32_t get_sec_info(const struct security_descriptor *sd)
{
uint32_t sec_info = ALL_SECURITY_INFORMATION;
@@ -68,7 +68,7 @@ struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *ne
DOM_SID *owner_sid, *group_sid;
struct sec_desc_buf *return_sdb;
struct security_acl *dacl, *sacl;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint16 secdesc_type;
size_t secdesc_size;
@@ -108,11 +108,11 @@ struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *ne
return(return_sdb);
}
-SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb)
+struct security_descriptor *sec_desc_merge(TALLOC_CTX *ctx, struct security_descriptor *new_sdb, struct security_descriptor *old_sdb)
{
DOM_SID *owner_sid, *group_sid;
struct security_acl *dacl, *sacl;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint16 secdesc_type;
size_t secdesc_size;
@@ -150,21 +150,21 @@ SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb)
}
/*******************************************************************
- Creates a SEC_DESC structure
+ Creates a struct security_descriptor structure
********************************************************************/
-SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
+struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx,
enum security_descriptor_revision revision,
uint16 type,
const DOM_SID *owner_sid, const DOM_SID *grp_sid,
struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size)
{
- SEC_DESC *dst;
+ struct security_descriptor *dst;
uint32 offset = 0;
*sd_size = 0;
- if(( dst = TALLOC_ZERO_P(ctx, SEC_DESC)) == NULL)
+ if(( dst = TALLOC_ZERO_P(ctx, struct security_descriptor)) == NULL)
return NULL;
dst->revision = revision;
@@ -223,10 +223,10 @@ error_exit:
}
/*******************************************************************
- Duplicate a SEC_DESC structure.
+ Duplicate a struct security_descriptor structure.
********************************************************************/
-SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src)
+struct security_descriptor *dup_sec_desc(TALLOC_CTX *ctx, const struct security_descriptor *src)
{
size_t dummy;
@@ -361,10 +361,10 @@ NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len,
}
/*******************************************************************
- Creates a SEC_DESC structure with typical defaults.
+ Creates a struct security_descriptor structure with typical defaults.
********************************************************************/
-SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
+struct security_descriptor *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
struct security_acl *dacl, size_t *sd_size)
{
return make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
@@ -376,7 +376,7 @@ SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, cons
Creates a struct sec_desc_buf structure.
********************************************************************/
-struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc)
+struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, struct security_descriptor *sec_desc)
{
struct sec_desc_buf *dst;
@@ -406,12 +406,12 @@ struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src)
}
/*******************************************************************
- Add a new SID with its permissions to SEC_DESC.
+ Add a new SID with its permissions to struct security_descriptor.
********************************************************************/
-NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size)
+NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, uint32 mask, size_t *sd_size)
{
- SEC_DESC *sd = 0;
+ struct security_descriptor *sd = 0;
struct security_acl *dacl = 0;
struct security_ace *ace = 0;
NTSTATUS status;
@@ -439,10 +439,10 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
}
/*******************************************************************
- Modify a SID's permissions in a SEC_DESC.
+ Modify a SID's permissions in a struct security_descriptor.
********************************************************************/
-NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask)
+NTSTATUS sec_desc_mod_sid(struct security_descriptor *sd, DOM_SID *sid, uint32 mask)
{
NTSTATUS status;
@@ -458,12 +458,12 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask)
}
/*******************************************************************
- Delete a SID from a SEC_DESC.
+ Delete a SID from a struct security_descriptor.
********************************************************************/
-NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size)
+NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, size_t *sd_size)
{
- SEC_DESC *sd = 0;
+ struct security_descriptor *sd = 0;
struct security_acl *dacl = 0;
struct security_ace *ace = 0;
NTSTATUS status;
@@ -518,7 +518,7 @@ static bool is_inheritable_ace(const struct security_ace *ace,
* the newly created type ?
*/
-bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container)
+bool sd_has_inheritable_components(const struct security_descriptor *parent_ctr, bool container)
{
unsigned int i;
const struct security_acl *the_acl = parent_ctr->dacl;
@@ -538,9 +538,9 @@ bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container)
non-container object. */
NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
- SEC_DESC **ppsd,
+ struct security_descriptor **ppsd,
size_t *psize,
- const SEC_DESC *parent_ctr,
+ const struct security_descriptor *parent_ctr,
const DOM_SID *owner_sid,
const DOM_SID *group_sid,
bool container)
@@ -674,12 +674,12 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
NTSTATUS se_create_child_secdesc_buf(TALLOC_CTX *ctx,
struct sec_desc_buf **ppsdb,
- const SEC_DESC *parent_ctr,
+ const struct security_descriptor *parent_ctr,
bool container)
{
NTSTATUS status;
size_t size = 0;
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
*ppsdb = NULL;
status = se_create_child_secdesc(ctx,
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index 96ba5a3a2d..ee384797e0 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -225,12 +225,12 @@ bool share_info_db_init(void)
def_access is a GENERIC_XXX access mode.
********************************************************************/
-SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access)
+struct security_descriptor *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access)
{
uint32_t sa;
struct security_ace ace;
struct security_acl *psa = NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint32 spec_access = def_access;
se_map_generic(&spec_access, &file_generic_mapping);
@@ -256,11 +256,11 @@ SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def
Pull a security descriptor from the share tdb.
********************************************************************/
-SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
+struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *servicename,
size_t *psize)
{
char *key;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
TDB_DATA data;
char *c_servicename = canonicalize_servicename(talloc_tos(), servicename);
NTSTATUS status;
@@ -316,7 +316,7 @@ SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
Store a security descriptor in the share db.
********************************************************************/
-bool set_share_security(const char *share_name, SEC_DESC *psd)
+bool set_share_security(const char *share_name, struct security_descriptor *psd)
{
TALLOC_CTX *frame = talloc_stackframe();
char *key;
@@ -410,7 +410,7 @@ bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
{
uint32 granted;
NTSTATUS status;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size;
psd = get_share_security(talloc_tos(), sharename, &sd_size);
@@ -430,14 +430,14 @@ bool share_access_check(const NT_USER_TOKEN *token, const char *sharename,
Parse the contents of an acl string from a usershare file.
***************************************************************************/
-bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
+bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd)
{
size_t s_size = 0;
const char *pacl = acl_str;
int num_aces = 0;
struct security_ace *ace_list = NULL;
struct security_acl *psa = NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size = 0;
int i;
@@ -445,7 +445,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd)
/* If the acl string is blank return "Everyone:R" */
if (!*acl_str) {
- SEC_DESC *default_psd = get_share_security_default(ctx, &s_size, GENERIC_READ_ACCESS);
+ struct security_descriptor *default_psd = get_share_security_default(ctx, &s_size, GENERIC_READ_ACCESS);
if (!default_psd) {
return False;
}
diff --git a/source3/libads/disp_sec.c b/source3/libads/disp_sec.c
index df1fc9206d..f8489e1e0b 100644
--- a/source3/libads/disp_sec.c
+++ b/source3/libads/disp_sec.c
@@ -187,7 +187,7 @@ static void ads_disp_acl(struct security_acl *sec_acl, const char *type)
}
/* display SD */
-void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd)
+void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd)
{
int i;
char *tmp_path = NULL;
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index a72438bef9..ed5aee1d8a 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -2684,16 +2684,17 @@ int ads_count_replies(ADS_STRUCT *ads, void *res)
}
/**
- * pull a SEC_DESC from a ADS result
+ * pull a struct security_descriptor from a ADS result
* @param ads connection to ads server
* @param mem_ctx TALLOC_CTX for allocating sid array
* @param msg Results of search
* @param field Attribute to retrieve
- * @param sd Pointer to *SEC_DESC to store result (talloc()ed)
+ * @param sd Pointer to *struct security_descriptor to store result (talloc()ed)
* @return boolean inidicating success
*/
bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
- LDAPMessage *msg, const char *field, SEC_DESC **sd)
+ LDAPMessage *msg, const char *field,
+ struct security_descriptor **sd)
{
struct berval **values;
bool ret = true;
diff --git a/source3/libsmb/clisecdesc.c b/source3/libsmb/clisecdesc.c
index f4f7c545e1..b6eff394c6 100644
--- a/source3/libsmb/clisecdesc.c
+++ b/source3/libsmb/clisecdesc.c
@@ -22,13 +22,13 @@
/****************************************************************************
query the security descriptor for a open file
****************************************************************************/
-SEC_DESC *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
+struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
TALLOC_CTX *mem_ctx)
{
uint8_t param[8];
uint8_t *rdata=NULL;
uint32_t rdata_count=0;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
NTSTATUS status;
SIVAL(param, 0, fnum);
@@ -69,7 +69,7 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
/****************************************************************************
set the security descriptor for a open file
****************************************************************************/
-bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, SEC_DESC *sd)
+bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd)
{
char param[8];
char *rparam=NULL, *rdata=NULL;
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 49a6a286af..c9eb103a9e 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -415,7 +415,7 @@ add_ace(struct security_acl **the_acl,
/* parse a ascii version of a security descriptor */
-static SEC_DESC *
+static struct security_descriptor *
sec_desc_parse(TALLOC_CTX *ctx,
struct cli_state *ipc_cli,
struct policy_handle *pol,
@@ -424,7 +424,7 @@ sec_desc_parse(TALLOC_CTX *ctx,
{
const char *p = str;
char *tok;
- SEC_DESC *ret = NULL;
+ struct security_descriptor *ret = NULL;
size_t sd_size;
DOM_SID *group_sid=NULL;
DOM_SID *owner_sid=NULL;
@@ -726,7 +726,7 @@ cacl_get(SMBCCTX *context,
bool numeric = True;
bool determine_size = (bufsize == 0);
uint16_t fnum;
- SEC_DESC *sd;
+ struct security_descriptor *sd;
fstring sidstr;
fstring name_sandbox;
char *name;
@@ -1501,7 +1501,7 @@ cacl_set(SMBCCTX *context,
{
uint16_t fnum = (uint16_t)-1;
int err = 0;
- SEC_DESC *sd = NULL, *old;
+ struct security_descriptor *sd = NULL, *old;
struct security_acl *dacl = NULL;
DOM_SID *owner_sid = NULL;
DOM_SID *group_sid = NULL;
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index ebb6145945..3201fa5482 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -290,7 +290,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */
static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
uint32 security_info,
- SEC_DESC **ppdesc, SMB4ACL_T *theacl)
+ struct security_descriptor **ppdesc, SMB4ACL_T *theacl)
{
int good_aces = 0;
DOM_SID sid_owner, sid_group;
@@ -338,7 +338,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf,
NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
uint32 security_info,
- SEC_DESC **ppdesc, SMB4ACL_T *theacl)
+ struct security_descriptor **ppdesc, SMB4ACL_T *theacl)
{
SMB_STRUCT_STAT sbuf;
@@ -354,7 +354,7 @@ NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
NTSTATUS smb_get_nt_acl_nfs4(struct connection_struct *conn,
const char *name,
uint32 security_info,
- SEC_DESC **ppdesc, SMB4ACL_T *theacl)
+ struct security_descriptor **ppdesc, SMB4ACL_T *theacl)
{
SMB_STRUCT_STAT sbuf;
@@ -719,7 +719,7 @@ static SMB4ACL_T *smbacl4_win2nfs4(
NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp,
uint32 security_info_sent,
- const SEC_DESC *psd,
+ const struct security_descriptor *psd,
set_nfs4acl_native_fn_t set_nfs4_native)
{
smbacl4_vfs_params params;
diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h
index b2d1196b26..f4576b0c13 100644
--- a/source3/modules/nfs4_acls.h
+++ b/source3/modules/nfs4_acls.h
@@ -131,12 +131,12 @@ uint32 smb_get_naces(SMB4ACL_T *theacl);
NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
uint32 security_info,
- SEC_DESC **ppdesc, SMB4ACL_T *theacl);
+ struct security_descriptor **ppdesc, SMB4ACL_T *theacl);
NTSTATUS smb_get_nt_acl_nfs4(connection_struct *conn,
const char *name,
uint32 security_info,
- SEC_DESC **ppdesc, SMB4ACL_T *theacl);
+ struct security_descriptor **ppdesc, SMB4ACL_T *theacl);
/* Callback function needed to set the native acl
* when applicable */
@@ -144,7 +144,7 @@ typedef bool (*set_nfs4acl_native_fn_t)(files_struct *, SMB4ACL_T *);
NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp,
uint32 security_info_sent,
- const SEC_DESC *psd,
+ const struct security_descriptor *psd,
set_nfs4acl_native_fn_t set_nfs4_native);
#endif /* __NFS4_ACLS_H__ */
diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h
index dd27d44cca..cd7782cc37 100644
--- a/source3/modules/onefs.h
+++ b/source3/modules/onefs.h
@@ -120,19 +120,21 @@ NTSTATUS onefs_notify_watch(vfs_handle_struct *vfs_handle,
void *handle_p);
NTSTATUS onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- uint32 security_info, SEC_DESC **ppdesc);
+ uint32 security_info, struct security_descriptor **ppdesc);
NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name,
- uint32 security_info, SEC_DESC **ppdesc);
+ uint32 security_info, struct security_descriptor **ppdesc);
NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- uint32 security_info_sent, const SEC_DESC *psd);
+ uint32 security_info_sent,
+ const struct security_descriptor *psd);
/*
* Utility functions
*/
struct ifs_security_descriptor;
-NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd,
+NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent,
+ const struct security_descriptor *psd,
struct ifs_security_descriptor *sd, int snum,
uint32_t *security_info_effective);
diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c
index 112ee43fcd..440858b578 100644
--- a/source3/modules/onefs_acl.c
+++ b/source3/modules/onefs_acl.c
@@ -604,7 +604,7 @@ static bool add_sfs_aces(files_struct *fsp, struct ifs_security_descriptor *sd)
*/
NTSTATUS
onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- uint32 security_info, SEC_DESC **ppdesc)
+ uint32 security_info, struct security_descriptor **ppdesc)
{
int error;
uint32_t sd_size = 0;
@@ -613,7 +613,7 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
DOM_SID owner_sid, group_sid;
DOM_SID *ownerp, *groupp;
struct security_acl *dacl, *sacl;
- SEC_DESC *pdesc;
+ struct security_descriptor *pdesc;
bool alloced = false;
bool new_aces_alloced = false;
bool fopened = false;
@@ -790,7 +790,7 @@ out:
*/
NTSTATUS
onefs_get_nt_acl(vfs_handle_struct *handle, const char* name,
- uint32 security_info, SEC_DESC **ppdesc)
+ uint32 security_info, struct security_descriptor **ppdesc)
{
files_struct finfo;
struct fd_handle fh;
@@ -817,13 +817,14 @@ onefs_get_nt_acl(vfs_handle_struct *handle, const char* name,
/**
* Isilon-specific function for setting up an ifs_security_descriptor, given a
- * samba SEC_DESC.
+ * samba struct security_descriptor
*
* @param[out] sd ifs_security_descriptor to fill in
*
* @return NTSTATUS_OK if successful
*/
-NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd,
+NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent,
+ const struct security_descriptor *psd,
struct ifs_security_descriptor *sd, int snum,
uint32_t *security_info_effective)
{
@@ -909,7 +910,7 @@ NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd,
*/
NTSTATUS
onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- uint32_t sec_info_sent, const SEC_DESC *psd)
+ uint32_t sec_info_sent, const struct security_descriptor *psd)
{
struct ifs_security_descriptor sd = {};
int fd = -1;
diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c
index 6e66bf2e01..41af84fb59 100644
--- a/source3/modules/vfs_afsacl.c
+++ b/source3/modules/vfs_afsacl.c
@@ -1056,7 +1056,7 @@ static NTSTATUS afsacl_get_nt_acl(struct vfs_handle_struct *handle,
NTSTATUS afsacl_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
uint32 security_info_sent,
- const SEC_DESC *psd)
+ const struct security_descriptor *psd)
{
return afs_set_nt_acl(handle, fsp, security_info_sent, psd);
}
diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c
index 2355f4eb9a..fcf964b512 100644
--- a/source3/modules/vfs_aixacl2.c
+++ b/source3/modules/vfs_aixacl2.c
@@ -155,7 +155,7 @@ static bool aixjfs2_get_nfs4_acl(const char *name,
static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle,
files_struct *fsp, uint32 security_info,
- SEC_DESC **ppdesc)
+ struct security_descriptor **ppdesc)
{
SMB4ACL_T *pacl = NULL;
bool result;
@@ -177,7 +177,7 @@ static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle,
static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle,
const char *name,
- uint32 security_info, SEC_DESC **ppdesc)
+ uint32 security_info, struct security_descriptor **ppdesc)
{
SMB4ACL_T *pacl = NULL;
bool result;
@@ -370,7 +370,7 @@ static bool aixjfs2_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl)
return True;
}
-static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
+static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
acl_type_t acl_type_info;
NTSTATUS result = NT_STATUS_ACCESS_DENIED;
@@ -394,7 +394,7 @@ static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_inf
return result;
}
-NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
+NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
}
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index 2b57f6bf36..c2907822af 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -1269,7 +1269,8 @@ static void vfswrap_strict_unlock(struct vfs_handle_struct *handle,
static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
- uint32 security_info, SEC_DESC **ppdesc)
+ uint32 security_info,
+ struct security_descriptor **ppdesc)
{
NTSTATUS result;
@@ -1281,7 +1282,8 @@ static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle,
static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle,
const char *name,
- uint32 security_info, SEC_DESC **ppdesc)
+ uint32 security_info,
+ struct security_descriptor **ppdesc)
{
NTSTATUS result;
@@ -1291,7 +1293,7 @@ static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle,
return result;
}
-static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
+static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
NTSTATUS result;
diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
index 8a93695a81..a89b95f05c 100644
--- a/source3/modules/vfs_full_audit.c
+++ b/source3/modules/vfs_full_audit.c
@@ -1525,7 +1525,7 @@ static NTSTATUS smb_full_audit_translate_name(struct vfs_handle_struct *handle,
static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info,
- SEC_DESC **ppdesc)
+ struct security_descriptor **ppdesc)
{
NTSTATUS result;
@@ -1540,7 +1540,7 @@ static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_stru
static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle,
const char *name,
uint32 security_info,
- SEC_DESC **ppdesc)
+ struct security_descriptor **ppdesc)
{
NTSTATUS result;
@@ -1554,7 +1554,7 @@ static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle,
static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info_sent,
- const SEC_DESC *psd)
+ const struct security_descriptor *psd)
{
NTSTATUS result;
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 7c481d6ba0..5fdcef94db 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -297,7 +297,7 @@ static int gpfs_get_nfs4_acl(const char *fname, SMB4ACL_T **ppacl)
static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
files_struct *fsp, uint32 security_info,
- SEC_DESC **ppdesc)
+ struct security_descriptor **ppdesc)
{
SMB4ACL_T *pacl = NULL;
int result;
@@ -319,7 +319,7 @@ static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
const char *name,
- uint32 security_info, SEC_DESC **ppdesc)
+ uint32 security_info, struct security_descriptor **ppdesc)
{
SMB4ACL_T *pacl = NULL;
int result;
@@ -435,7 +435,7 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl)
return True;
}
-static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
+static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
struct gpfs_acl *acl;
NTSTATUS result = NT_STATUS_ACCESS_DENIED;
@@ -463,7 +463,7 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_i
return result;
}
-static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
+static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd);
}
diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c
index a3de30e808..4c11f09477 100644
--- a/source3/modules/vfs_zfsacl.c
+++ b/source3/modules/vfs_zfsacl.c
@@ -218,7 +218,7 @@ static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle,
static NTSTATUS zfsacl_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
uint32 security_info_sent,
- const SEC_DESC *psd)
+ const struct security_descriptor *psd)
{
return zfs_set_nt_acl(handle, fsp, security_info_sent, psd);
}
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 8a762d70e9..f79ac88da3 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -8568,7 +8568,7 @@ enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
char **pp_sharepath,
char **pp_comment,
char **pp_cp_servicename,
- SEC_DESC **ppsd,
+ struct security_descriptor **ppsd,
bool *pallow_guest)
{
const char **prefixallowlist = lp_usershare_prefix_allow_list();
@@ -8773,7 +8773,7 @@ static int process_usershare_file(const char *dir_name, const char *file_name, i
int fd = -1;
int iService = -1;
TALLOC_CTX *ctx = talloc_stackframe();
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
bool guest_ok = False;
char *canon_name = NULL;
bool added_service = false;
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index d15faaabd5..e05b0da0d8 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -335,7 +335,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
NTSTATUS status;
struct sec_desc_buf *sd_orig = NULL;
struct sec_desc_buf *sd_new, *sd_store;
- SEC_DESC *sec, *new_sec;
+ struct security_descriptor *sec, *new_sec;
TALLOC_CTX *ctx = state;
int result, i;
uint32 sd_size;
@@ -391,7 +391,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
}
}
- /* create a new SEC_DESC with the appropriate owner and group SIDs */
+ /* create a new struct security_descriptor with the appropriate owner and group SIDs */
new_sec = make_sec_desc( ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
&global_sid_Builtin_Administrators,
@@ -2638,7 +2638,7 @@ WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
int i = 0;
uint32_t sa;
struct security_acl *psa = NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
DOM_SID adm_sid;
size_t sd_size;
@@ -5503,7 +5503,7 @@ WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ct
if (!secdesc_ctr->sd->owner_sid || !secdesc_ctr->sd->group_sid) {
DOM_SID *owner_sid, *group_sid;
struct security_acl *dacl, *sacl;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t size;
if (!nt_printing_getsec(mem_ctx, sharename, &old_secdesc_ctr)) {
@@ -5591,7 +5591,7 @@ static struct sec_desc_buf *construct_default_printer_sdb(TALLOC_CTX *ctx)
uint32_t sa;
struct security_acl *psa = NULL;
struct sec_desc_buf *sdb = NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
DOM_SID adm_sid;
size_t sd_size;
@@ -5721,7 +5721,7 @@ bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, struct sec_desc_
if (secrets_fetch_domain_sid(lp_workgroup(), &owner_sid)) {
struct sec_desc_buf *new_secdesc_ctr = NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t size;
/* Create new sd */
@@ -5812,7 +5812,7 @@ jfm: I should use this comment for the text file to explain
It turns out that NT4 security descriptors use generic access rights and
NT5 the object specific ones. */
-void map_printer_permissions(SEC_DESC *sd)
+void map_printer_permissions(struct security_descriptor *sd)
{
int i;
@@ -5822,7 +5822,7 @@ void map_printer_permissions(SEC_DESC *sd)
}
}
-void map_job_permissions(SEC_DESC *sd)
+void map_job_permissions(struct security_descriptor *sd)
{
int i;
diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c
index 27d7145375..0f130516c4 100644
--- a/source3/registry/reg_api.c
+++ b/source3/registry/reg_api.c
@@ -855,7 +855,7 @@ static WERROR reg_write_tree(REGF_FILE *regfile, const char *keypath,
char *subkeyname;
struct registry_key_handle registry_key;
WERROR result = WERR_OK;
- SEC_DESC *sec_desc = NULL;
+ struct security_descriptor *sec_desc = NULL;
if (!regfile) {
return WERR_GENERAL_FAILURE;
diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c
index 46a49403fb..966935392f 100644
--- a/source3/registry/reg_dispatcher.c
+++ b/source3/registry/reg_dispatcher.c
@@ -35,11 +35,11 @@ static const struct generic_mapping reg_generic_map =
/********************************************************************
********************************************************************/
-static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd)
+static WERROR construct_registry_sd(TALLOC_CTX *ctx, struct security_descriptor **psd)
{
struct security_ace ace[3];
size_t i = 0;
- SEC_DESC *sd;
+ struct security_descriptor *sd;
struct security_acl *theacl;
size_t sd_size;
@@ -162,7 +162,7 @@ bool regkey_access_check(struct registry_key_handle *key, uint32 requested,
uint32 *granted,
const struct nt_user_token *token )
{
- SEC_DESC *sec_desc;
+ struct security_descriptor *sec_desc;
NTSTATUS status;
WERROR err;
diff --git a/source3/registry/regfio.c b/source3/registry/regfio.c
index 1cb453d64f..60a05040e2 100644
--- a/source3/registry/regfio.c
+++ b/source3/registry/regfio.c
@@ -954,7 +954,7 @@ static REGF_SK_REC* find_sk_record_by_offset( REGF_FILE *file, uint32 offset )
/*******************************************************************
*******************************************************************/
-static REGF_SK_REC* find_sk_record_by_sec_desc( REGF_FILE *file, SEC_DESC *sd )
+static REGF_SK_REC* find_sk_record_by_sec_desc( REGF_FILE *file, struct security_descriptor *sd )
{
REGF_SK_REC *p;
@@ -1568,7 +1568,7 @@ done:
/*******************************************************************
*******************************************************************/
-static uint32 sk_record_data_size( SEC_DESC * sd )
+static uint32 sk_record_data_size( struct security_descriptor * sd )
{
uint32 size, size_mod8;
@@ -1718,7 +1718,7 @@ static int hashrec_cmp( REGF_HASH_REC *h1, REGF_HASH_REC *h2 )
REGF_NK_REC* regfio_write_key( REGF_FILE *file, const char *name,
struct regval_ctr *values, struct regsubkey_ctr *subkeys,
- SEC_DESC *sec_desc, REGF_NK_REC *parent )
+ struct security_descriptor *sec_desc, REGF_NK_REC *parent )
{
REGF_NK_REC *nk;
REGF_HBIN *vlist_hbin = NULL;
diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c
index 84c04fe953..4171ef6d97 100644
--- a/source3/rpc_server/srv_eventlog_nt.c
+++ b/source3/rpc_server/srv_eventlog_nt.c
@@ -72,7 +72,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( pipes_struct * p,
static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
{
char *tdbname = elog_tdbname(talloc_tos(), info->logname );
- SEC_DESC *sec_desc;
+ struct security_descriptor *sec_desc;
NTSTATUS status;
if ( !tdbname )
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 9477ec0ba2..8540b59b0b 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -312,7 +312,7 @@ static NTSTATUS lookup_lsa_sids(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *sd_size,
+static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, struct security_descriptor **sd, size_t *sd_size,
const struct generic_mapping *map,
DOM_SID *sid, uint32_t sid_access)
{
@@ -366,7 +366,7 @@ NTSTATUS _lsa_OpenPolicy2(pipes_struct *p,
struct lsa_OpenPolicy2 *r)
{
struct lsa_info *info;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size;
uint32 des_access = r->in.access_mask;
uint32 acc_granted;
@@ -1759,7 +1759,7 @@ NTSTATUS _lsa_OpenAccount(pipes_struct *p,
{
struct lsa_info *handle;
struct lsa_info *info;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size;
uint32_t des_access = r->in.access_mask;
uint32_t acc_granted;
@@ -2115,7 +2115,7 @@ NTSTATUS _lsa_QuerySecurity(pipes_struct *p,
struct lsa_QuerySecurity *r)
{
struct lsa_info *handle=NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size;
NTSTATUS status;
@@ -2160,7 +2160,7 @@ NTSTATUS _lsa_AddAccountRights(pipes_struct *p,
struct lsa_info *info = NULL;
int i = 0;
uint32_t acc_granted = 0;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size;
DOM_SID sid;
NTSTATUS status;
@@ -2229,7 +2229,7 @@ NTSTATUS _lsa_RemoveAccountRights(pipes_struct *p,
{
struct lsa_info *info = NULL;
int i = 0;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size;
DOM_SID sid;
const char *privname = NULL;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 100a1762c7..1dd0088f9c 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -122,7 +122,7 @@ static const struct generic_mapping ali_generic_mapping = {
/*******************************************************************
*******************************************************************/
-static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size,
+static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, struct security_descriptor **psd, size_t *sd_size,
const struct generic_mapping *map,
DOM_SID *sid, uint32 sid_access )
{
@@ -177,7 +177,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
level of access for further checks.
********************************************************************/
-NTSTATUS access_check_object( SEC_DESC *psd, NT_USER_TOKEN *token,
+NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
SE_PRIV *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug )
@@ -537,7 +537,7 @@ NTSTATUS _samr_OpenDomain(pipes_struct *p,
{
struct samr_connect_info *cinfo;
struct samr_domain_info *dinfo;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint32 acc_granted;
uint32 des_access = r->in.access_mask;
NTSTATUS status;
@@ -775,7 +775,7 @@ NTSTATUS _samr_QuerySecurity(pipes_struct *p,
struct samr_group_info *ginfo;
struct samr_alias_info *ainfo;
NTSTATUS status;
- SEC_DESC * psd = NULL;
+ struct security_descriptor * psd = NULL;
size_t sd_size = 0;
cinfo = policy_handle_find(p, r->in.handle,
@@ -2240,7 +2240,7 @@ NTSTATUS _samr_OpenUser(pipes_struct *p,
DOM_SID sid;
struct samr_domain_info *dinfo;
struct samr_user_info *uinfo;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint32 acc_granted;
uint32 des_access = r->in.access_mask;
uint32_t extra_access = 0;
@@ -3754,7 +3754,7 @@ NTSTATUS _samr_CreateUser2(pipes_struct *p,
struct samr_user_info *uinfo;
NTSTATUS nt_status;
uint32 acc_granted;
- SEC_DESC *psd;
+ struct security_descriptor *psd;
size_t sd_size;
/* check this, when giving away 'add computer to domain' privs */
uint32 des_access = GENERIC_RIGHTS_USER_ALL_ACCESS;
@@ -3955,7 +3955,7 @@ NTSTATUS _samr_Connect2(pipes_struct *p,
{
struct samr_connect_info *info = NULL;
struct policy_handle hnd;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint32 acc_granted;
uint32 des_access = r->in.access_mask;
NTSTATUS nt_status;
@@ -4180,7 +4180,7 @@ NTSTATUS _samr_OpenAlias(pipes_struct *p,
uint32 alias_rid = r->in.rid;
struct samr_alias_info *ainfo;
struct samr_domain_info *dinfo;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint32 acc_granted;
uint32 des_access = r->in.access_mask;
size_t sd_size;
@@ -6247,7 +6247,7 @@ NTSTATUS _samr_OpenGroup(pipes_struct *p,
GROUP_MAP map;
struct samr_domain_info *dinfo;
struct samr_group_info *ginfo;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
uint32 acc_granted;
uint32 des_access = r->in.access_mask;
size_t sd_size;
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 904664f223..3888061ee4 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -321,7 +321,7 @@ static void init_srv_share_info_2(pipes_struct *p, struct srvsvc_NetShareInfo2 *
Map any generic bits to file specific bits.
********************************************************************/
-static void map_generic_share_sd_bits(SEC_DESC *psd)
+static void map_generic_share_sd_bits(struct security_descriptor *psd)
{
int i;
struct security_acl *ps_dacl = NULL;
@@ -373,7 +373,7 @@ static void init_srv_share_info_502(pipes_struct *p, struct srvsvc_NetShareInfo5
{
const char *net_name = lp_servicename(snum);
char *path = NULL;
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
struct sec_desc_buf *sd_buf = NULL;
size_t sd_size = 0;
TALLOC_CTX *ctx = p->mem_ctx;
@@ -471,7 +471,7 @@ static void init_srv_share_info_1007(pipes_struct *p, struct srvsvc_NetShareInfo
static void init_srv_share_info_1501(pipes_struct *p, struct sec_desc_buf *r, int snum)
{
- SEC_DESC *sd;
+ struct security_descriptor *sd;
size_t sd_size;
TALLOC_CTX *ctx = p->mem_ctx;
@@ -1515,7 +1515,7 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p,
int snum;
int ret;
char *path = NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
SE_PRIV se_diskop = SE_DISK_OPERATOR;
bool is_disk_op = False;
int max_connections = 0;
@@ -1711,7 +1711,7 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p,
/* Replace SD if changed. */
if (psd) {
- SEC_DESC *old_sd;
+ struct security_descriptor *old_sd;
size_t sd_size;
old_sd = get_share_security(p->mem_ctx, lp_servicename(snum), &sd_size);
@@ -1745,7 +1745,7 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
int snum;
int ret;
char *path;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
SE_PRIV se_diskop = SE_DISK_OPERATOR;
bool is_disk_op;
int max_connections = 0;
@@ -2074,7 +2074,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
struct srvsvc_NetGetFileSecurity *r)
{
struct smb_filename *smb_fname = NULL;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
size_t sd_size;
fstring servicename;
SMB_STRUCT_STAT st;
diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c
index 0975ef98c7..604066e372 100644
--- a/source3/rpc_server/srv_svcctl_nt.c
+++ b/source3/rpc_server/srv_svcctl_nt.c
@@ -121,7 +121,7 @@ static struct service_control_op* find_service_by_name( const char *name )
/********************************************************************
********************************************************************/
-static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
+static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, NT_USER_TOKEN *token,
uint32 access_desired, uint32 *access_granted )
{
if ( geteuid() == sec_initial_uid() ) {
@@ -135,11 +135,11 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
/********************************************************************
********************************************************************/
-static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
+static struct security_descriptor* construct_scm_sd( TALLOC_CTX *ctx )
{
struct security_ace ace[2];
size_t i = 0;
- SEC_DESC *sd;
+ struct security_descriptor *sd;
struct security_acl *theacl;
size_t sd_size;
@@ -255,7 +255,7 @@ done:
WERROR _svcctl_OpenSCManagerW(pipes_struct *p,
struct svcctl_OpenSCManagerW *r)
{
- SEC_DESC *sec_desc;
+ struct security_descriptor *sec_desc;
uint32 access_granted = 0;
NTSTATUS status;
@@ -280,7 +280,7 @@ WERROR _svcctl_OpenSCManagerW(pipes_struct *p,
WERROR _svcctl_OpenServiceW(pipes_struct *p,
struct svcctl_OpenServiceW *r)
{
- SEC_DESC *sec_desc;
+ struct security_descriptor *sec_desc;
uint32 access_granted = 0;
NTSTATUS status;
const char *service = NULL;
@@ -854,7 +854,7 @@ WERROR _svcctl_QueryServiceObjectSecurity(pipes_struct *p,
struct svcctl_QueryServiceObjectSecurity *r)
{
SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
- SEC_DESC *sec_desc;
+ struct security_descriptor *sec_desc;
NTSTATUS status;
uint8_t *buffer = NULL;
size_t len = 0;
@@ -905,7 +905,7 @@ WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p,
struct svcctl_SetServiceObjectSecurity *r)
{
SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
- SEC_DESC *sec_desc = NULL;
+ struct security_descriptor *sec_desc = NULL;
uint32 required_access;
NTSTATUS status;
diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c
index e3ad97c713..018c7c8234 100644
--- a/source3/rpcclient/cmd_spoolss.c
+++ b/source3/rpcclient/cmd_spoolss.c
@@ -3184,7 +3184,7 @@ static bool compare_printer_secdesc( struct rpc_pipe_client *cli1, struct policy
union spoolss_PrinterInfo info1, info2;
WERROR werror;
TALLOC_CTX *mem_ctx = talloc_init("compare_printer_secdesc");
- SEC_DESC *sd1, *sd2;
+ struct security_descriptor *sd1, *sd2;
bool result = true;
diff --git a/source3/services/services_db.c b/source3/services/services_db.c
index 31a74d1a18..22e39e0e52 100644
--- a/source3/services/services_db.c
+++ b/source3/services/services_db.c
@@ -88,11 +88,11 @@ struct service_display_info common_unix_svcs[] = {
/********************************************************************
********************************************************************/
-static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx )
+static struct security_descriptor* construct_service_sd( TALLOC_CTX *ctx )
{
struct security_ace ace[4];
size_t i = 0;
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
struct security_acl *theacl = NULL;
size_t sd_size;
@@ -335,7 +335,7 @@ static void add_new_svc_name(struct registry_key_handle *key_parent,
char *path = NULL;
struct regval_ctr *values = NULL;
struct regsubkey_ctr *svc_subkeys = NULL;
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
DATA_BLOB sd_blob;
NTSTATUS status;
@@ -497,12 +497,12 @@ void svcctl_init_keys( void )
in case of any failure.
********************************************************************/
-SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
+struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
{
struct registry_key_handle *key = NULL;
struct regval_ctr *values = NULL;
struct regval_blob *val = NULL;
- SEC_DESC *ret_sd = NULL;
+ struct security_descriptor *ret_sd = NULL;
char *path= NULL;
WERROR wresult;
NTSTATUS status;
@@ -558,7 +558,7 @@ done:
Wrapper to make storing a Service sd easier
********************************************************************/
-bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token )
+bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token )
{
struct registry_key_handle *key = NULL;
WERROR wresult;
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 6a6f620ee9..b42d665668 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -831,7 +831,7 @@ static void do_nt_transact_create_pipe(connection_struct *conn,
NTSTATUS set_sd(files_struct *fsp, uint8_t *data, uint32_t sd_len,
uint32_t security_info_sent)
{
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
NTSTATUS status;
if (sd_len == 0 || !lp_nt_acl_support(SNUM(fsp->conn))) {
@@ -1755,7 +1755,7 @@ static void call_nt_transact_rename(connection_struct *conn,
Fake up a completely empty SD.
*******************************************************************************/
-static NTSTATUS get_null_nt_acl(TALLOC_CTX *mem_ctx, SEC_DESC **ppsd)
+static NTSTATUS get_null_nt_acl(TALLOC_CTX *mem_ctx, struct security_descriptor **ppsd)
{
size_t sd_size;
@@ -1784,7 +1784,7 @@ NTSTATUS smbd_do_query_security_desc(connection_struct *conn,
size_t *psd_size)
{
NTSTATUS status;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
/*
* Get the permissions to return.
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 24da3cf99e..1b8af3b926 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1164,12 +1164,13 @@ static mode_t map_nt_perms( uint32 *mask, int type)
}
/****************************************************************************
- Unpack a SEC_DESC into a UNIX owner and group.
+ Unpack a struct security_descriptor into a UNIX owner and group.
****************************************************************************/
NTSTATUS unpack_nt_owners(struct connection_struct *conn,
uid_t *puser, gid_t *pgrp,
- uint32 security_info_sent, const SEC_DESC *psd)
+ uint32 security_info_sent, const struct
+ security_descriptor *psd)
{
DOM_SID owner_sid;
DOM_SID grp_sid;
@@ -1573,7 +1574,7 @@ static bool dup_owning_ace(canon_ace *dir_ace, canon_ace *ace)
}
/****************************************************************************
- Unpack a SEC_DESC into two canonical ace lists.
+ Unpack a struct security_descriptor into two canonical ace lists.
****************************************************************************/
static bool create_canon_ace_lists(files_struct *fsp,
@@ -2307,7 +2308,7 @@ static mode_t create_default_mode(files_struct *fsp, bool interitable_mode)
}
/****************************************************************************
- Unpack a SEC_DESC into two canonical ace lists. We don't depend on this
+ Unpack a struct security_descriptor into two canonical ace lists. We don't depend on this
succeeding.
****************************************************************************/
@@ -2318,7 +2319,7 @@ static bool unpack_canon_ace(files_struct *fsp,
canon_ace **ppfile_ace,
canon_ace **ppdir_ace,
uint32 security_info_sent,
- const SEC_DESC *psd)
+ const struct security_descriptor *psd)
{
SMB_STRUCT_STAT st;
canon_ace *file_ace = NULL;
@@ -3174,7 +3175,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
SMB_ACL_T posix_acl,
SMB_ACL_T def_acl,
uint32_t security_info,
- SEC_DESC **ppdesc)
+ struct security_descriptor **ppdesc)
{
DOM_SID owner_sid;
DOM_SID group_sid;
@@ -3188,7 +3189,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
struct security_ace *nt_ace_list = NULL;
size_t num_profile_acls = 0;
DOM_SID orig_owner_sid;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
int i;
/*
@@ -3437,7 +3438,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
}
NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
- SEC_DESC **ppdesc)
+ struct security_descriptor **ppdesc)
{
SMB_STRUCT_STAT sbuf;
SMB_ACL_T posix_acl = NULL;
@@ -3470,7 +3471,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
}
NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name,
- uint32_t security_info, SEC_DESC **ppdesc)
+ uint32_t security_info, struct security_descriptor **ppdesc)
{
SMB_ACL_T posix_acl = NULL;
SMB_ACL_T def_acl = NULL;
@@ -3627,11 +3628,11 @@ int try_chown(connection_struct *conn, struct smb_filename *smb_fname,
****************************************************************************/
NTSTATUS append_parent_acl(files_struct *fsp,
- const SEC_DESC *pcsd,
- SEC_DESC **pp_new_sd)
+ const struct security_descriptor *pcsd,
+ struct security_descriptor **pp_new_sd)
{
struct smb_filename *smb_dname = NULL;
- SEC_DESC *parent_sd = NULL;
+ struct security_descriptor *parent_sd = NULL;
files_struct *parent_fsp = NULL;
TALLOC_CTX *mem_ctx = talloc_tos();
char *parent_name = NULL;
@@ -3640,7 +3641,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
NTSTATUS status;
int info;
unsigned int i, j;
- SEC_DESC *psd = dup_sec_desc(talloc_tos(), pcsd);
+ struct security_descriptor *psd = dup_sec_desc(talloc_tos(), pcsd);
bool is_dacl_protected = (pcsd->type & SEC_DESC_DACL_PROTECTED);
if (psd == NULL) {
@@ -3826,7 +3827,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
This should be the only external function needed for the UNIX style set ACL.
****************************************************************************/
-NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
+NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
connection_struct *conn = fsp->conn;
uid_t user = (uid_t)-1;
@@ -4701,9 +4702,9 @@ bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *
Assume we are dealing with files (for now)
********************************************************************/
-SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname)
+struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname)
{
- SEC_DESC *psd, *ret_sd;
+ struct security_descriptor *psd, *ret_sd;
connection_struct *conn;
files_struct finfo;
struct fd_handle fh;
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 253e9771c2..0ce2cd5d49 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -4420,8 +4420,8 @@ static void show_userlist(struct rpc_pipe_client *pipe_hnd,
struct user_token *tokens)
{
uint16_t fnum;
- SEC_DESC *share_sd = NULL;
- SEC_DESC *root_sd = NULL;
+ struct security_descriptor *share_sd = NULL;
+ struct security_descriptor *root_sd = NULL;
struct cli_state *cli = rpc_pipe_np_smb_conn(pipe_hnd);
int i;
union srvsvc_NetShareInfo info;
diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c
index f627f1916c..e81e4c9610 100644
--- a/source3/utils/net_rpc_printer.c
+++ b/source3/utils/net_rpc_printer.c
@@ -153,7 +153,7 @@ NTSTATUS net_copy_fileattr(struct net_context *c,
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
uint16_t fnum_src = 0;
uint16_t fnum_dst = 0;
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
uint16_t attr;
time_t f_atime, f_ctime, f_mtime;
diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c
index 05b3cbd015..c005268d0b 100644
--- a/source3/utils/net_usershare.c
+++ b/source3/utils/net_usershare.c
@@ -330,7 +330,7 @@ static int info_fn(struct file_list *fl, void *priv)
struct net_context *c = pi->c;
int fd = -1;
int numlines = 0;
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
char *basepath;
char *sharepath = NULL;
char *comment = NULL;
diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c
index ff82fbd10a..e44b2f8e94 100644
--- a/source3/utils/profiles.c
+++ b/source3/utils/profiles.c
@@ -56,7 +56,7 @@ static void verbose_output(const char *format, ...)
/********************************************************************
********************************************************************/
-static bool swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 )
+static bool swap_sid_in_acl( struct security_descriptor *sd, DOM_SID *s1, DOM_SID *s2 )
{
struct security_acl *theacl;
int i;
@@ -117,7 +117,7 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
const char *parentpath )
{
REGF_NK_REC *key, *subkey;
- SEC_DESC *new_sd;
+ struct security_descriptor *new_sd;
struct regval_ctr *values;
struct regsubkey_ctr *subkeys;
int i;
diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c
index da8dfa28b7..1264e4b51f 100644
--- a/source3/utils/sharesec.c
+++ b/source3/utils/sharesec.c
@@ -124,7 +124,7 @@ static void print_ace(FILE *f, struct security_ace *ace)
print an ascii version of a security descriptor on a FILE handle
********************************************************************/
-static void sec_desc_print(FILE *f, SEC_DESC *sd)
+static void sec_desc_print(FILE *f, struct security_descriptor *sd)
{
uint32 i;
@@ -294,9 +294,9 @@ static bool parse_ace(struct security_ace *ace, const char *orig_str)
/********************************************************************
********************************************************************/
-static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size )
+static struct security_descriptor* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size )
{
- SEC_DESC *sd = NULL;
+ struct security_descriptor *sd = NULL;
struct security_ace *ace;
struct security_acl *theacl;
int num_ace;
@@ -407,8 +407,8 @@ static void sort_acl(struct security_acl *the_acl)
static int change_share_sec(TALLOC_CTX *mem_ctx, const char *sharename, char *the_acl, enum acl_mode mode)
{
- SEC_DESC *sd = NULL;
- SEC_DESC *old = NULL;
+ struct security_descriptor *sd = NULL;
+ struct security_descriptor *old = NULL;
size_t sd_size = 0;
uint32 i, j;
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index f4307e3870..2344f2f0ab 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -552,11 +552,11 @@ static bool add_ace(struct security_acl **the_acl, struct security_ace *ace)
}
/* parse a ascii version of a security descriptor */
-static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *str)
+static struct security_descriptor *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *str)
{
const char *p = str;
char *tok;
- SEC_DESC *ret = NULL;
+ struct security_descriptor *ret = NULL;
size_t sd_size;
DOM_SID *grp_sid=NULL, *owner_sid=NULL;
struct security_acl *dacl=NULL;
@@ -624,7 +624,7 @@ static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *st
/* print a ascii version of a security descriptor on a FILE handle */
-static void sec_desc_print(struct cli_state *cli, FILE *f, SEC_DESC *sd)
+static void sec_desc_print(struct cli_state *cli, FILE *f, struct security_descriptor *sd)
{
fstring sidstr;
uint32 i;
@@ -691,10 +691,10 @@ static uint16 get_fileinfo(struct cli_state *cli, const char *filename)
/*****************************************************
get sec desc for filename
*******************************************************/
-static SEC_DESC *get_secdesc(struct cli_state *cli, const char *filename)
+static struct security_descriptor *get_secdesc(struct cli_state *cli, const char *filename)
{
uint16_t fnum = (uint16_t)-1;
- SEC_DESC *sd;
+ struct security_descriptor *sd;
/* The desired access below is the only one I could find that works
with NT4, W2KP and Samba */
@@ -721,7 +721,7 @@ static SEC_DESC *get_secdesc(struct cli_state *cli, const char *filename)
set sec desc for filename
*******************************************************/
static bool set_secdesc(struct cli_state *cli, const char *filename,
- SEC_DESC *sd)
+ struct security_descriptor *sd)
{
uint16_t fnum = (uint16_t)-1;
bool result=true;
@@ -753,7 +753,7 @@ dump the acls for a file
static int cacl_dump(struct cli_state *cli, const char *filename)
{
int result = EXIT_FAILED;
- SEC_DESC *sd;
+ struct security_descriptor *sd;
if (test_args)
return EXIT_OK;
@@ -782,7 +782,7 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode,
const char *filename, const char *new_username)
{
DOM_SID sid;
- SEC_DESC *sd, *old;
+ struct security_descriptor *sd, *old;
size_t sd_size;
if (!StringToSid(cli, &sid, new_username))
@@ -875,7 +875,7 @@ set the ACLs on a file given an ascii description
static int cacl_set(struct cli_state *cli, const char *filename,
char *the_acl, enum acl_mode mode)
{
- SEC_DESC *sd, *old;
+ struct security_descriptor *sd, *old;
uint32 i, j;
size_t sd_size;
int result = EXIT_OK;
@@ -993,7 +993,7 @@ set the inherit on a file
static int inherit(struct cli_state *cli, const char *filename,
const char *type)
{
- SEC_DESC *old,*sd;
+ struct security_descriptor *old,*sd;
uint32 oldattr;
size_t sd_size;
int result = EXIT_OK;
@@ -1011,7 +1011,7 @@ static int inherit(struct cli_state *cli, const char *filename,
SEC_DESC_DACL_PROTECTED) {
int i;
char *parentname,*temp;
- SEC_DESC *parent;
+ struct security_descriptor *parent;
temp = talloc_strdup(talloc_tos(), filename);
old->type=old->type & (~SEC_DESC_DACL_PROTECTED);