summaryrefslogtreecommitdiff
path: root/source4/libcli/security
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libcli/security')
-rw-r--r--source4/libcli/security/dom_sid.c10
-rw-r--r--source4/libcli/security/privilege.c10
-rw-r--r--source4/libcli/security/sddl.c36
-rw-r--r--source4/libcli/security/security_descriptor.c72
-rw-r--r--source4/libcli/security/security_token.c32
5 files changed, 80 insertions, 80 deletions
diff --git a/source4/libcli/security/dom_sid.c b/source4/libcli/security/dom_sid.c
index 1ba3edd9bf..f5457e7e0e 100644
--- a/source4/libcli/security/dom_sid.c
+++ b/source4/libcli/security/dom_sid.c
@@ -241,24 +241,24 @@ NTSTATUS dom_sid_split_rid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
}
/*
- return True if the 2nd sid is in the domain given by the first sid
+ return true if the 2nd sid is in the domain given by the first sid
*/
-BOOL dom_sid_in_domain(const struct dom_sid *domain_sid,
+bool dom_sid_in_domain(const struct dom_sid *domain_sid,
const struct dom_sid *sid)
{
int i;
if (!domain_sid || !sid) {
- return False;
+ return false;
}
if (domain_sid->num_auths > sid->num_auths) {
- return False;
+ return false;
}
for (i = domain_sid->num_auths-1; i >= 0; --i) {
if (domain_sid->sub_auths[i] != sid->sub_auths[i]) {
- return False;
+ return false;
}
}
diff --git a/source4/libcli/security/privilege.c b/source4/libcli/security/privilege.c
index 103e2e3c14..2cbef13538 100644
--- a/source4/libcli/security/privilege.c
+++ b/source4/libcli/security/privilege.c
@@ -192,21 +192,21 @@ static uint64_t sec_privilege_mask(enum sec_privilege privilege)
/*
- return True if a security_token has a particular privilege bit set
+ return true if a security_token has a particular privilege bit set
*/
-BOOL security_token_has_privilege(const struct security_token *token, enum sec_privilege privilege)
+bool security_token_has_privilege(const struct security_token *token, enum sec_privilege privilege)
{
uint64_t mask;
if (privilege < 1 || privilege > 64) {
- return False;
+ return false;
}
mask = sec_privilege_mask(privilege);
if (token->privilege_mask & mask) {
- return True;
+ return true;
}
- return False;
+ return false;
}
/*
diff --git a/source4/libcli/security/sddl.c b/source4/libcli/security/sddl.c
index d4efab9b64..09522f182a 100644
--- a/source4/libcli/security/sddl.c
+++ b/source4/libcli/security/sddl.c
@@ -32,7 +32,7 @@ struct flag_map {
/*
map a series of letter codes into a uint32_t
*/
-static BOOL sddl_map_flags(const struct flag_map *map, const char *str,
+static bool sddl_map_flags(const struct flag_map *map, const char *str,
uint32_t *flags, size_t *len)
{
const char *str0 = str;
@@ -51,10 +51,10 @@ static BOOL sddl_map_flags(const struct flag_map *map, const char *str,
}
if (map[i].name == NULL) {
DEBUG(1, ("Unknown flag - %s in %s\n", str, str0));
- return False;
+ return false;
}
}
- return True;
+ return true;
}
/*
@@ -176,10 +176,10 @@ static const struct flag_map ace_access_mask[] = {
/*
decode an ACE
- return True on success, False on failure
+ return true on success, false on failure
note that this routine modifies the string
*/
-static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char *str,
+static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char *str,
const struct dom_sid *domain_sid)
{
const char *tok[6];
@@ -194,7 +194,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
tok[0] = str;
for (i=0;i<5;i++) {
char *ptr = strchr(str, ';');
- if (ptr == NULL) return False;
+ if (ptr == NULL) return false;
*ptr = 0;
str = ptr+1;
tok[i+1] = str;
@@ -202,13 +202,13 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
/* parse ace type */
if (!sddl_map_flags(ace_types, tok[0], &v, NULL)) {
- return False;
+ return false;
}
ace->type = v;
/* ace flags */
if (!sddl_map_flags(ace_flags, tok[1], &v, NULL)) {
- return False;
+ return false;
}
ace->flags = v;
@@ -217,7 +217,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
ace->access_mask = strtol(tok[2], NULL, 16);
} else {
if (!sddl_map_flags(ace_access_mask, tok[2], &v, NULL)) {
- return False;
+ return false;
}
ace->access_mask = v;
}
@@ -227,7 +227,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
NTSTATUS status = GUID_from_string(tok[3],
&ace->object.object.type.type);
if (!NT_STATUS_IS_OK(status)) {
- return False;
+ return false;
}
ace->object.object.flags |= SEC_ACE_OBJECT_TYPE_PRESENT;
}
@@ -237,7 +237,7 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
NTSTATUS status = GUID_from_string(tok[4],
&ace->object.object.inherited_type.inherited_type);
if (!NT_STATUS_IS_OK(status)) {
- return False;
+ return false;
}
ace->object.object.flags |= SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT;
}
@@ -246,13 +246,13 @@ static BOOL sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
s = tok[5];
sid = sddl_decode_sid(mem_ctx, &s, domain_sid);
if (sid == NULL) {
- return False;
+ return false;
}
ace->trustee = *sid;
talloc_steal(mem_ctx, sid->sub_auths);
talloc_free(sid);
- return True;
+ return true;
}
static const struct flag_map acl_flags[] = {
@@ -388,7 +388,7 @@ failed:
turn a set of flags into a string
*/
static char *sddl_flags_to_string(TALLOC_CTX *mem_ctx, const struct flag_map *map,
- uint32_t flags, BOOL check_all)
+ uint32_t flags, bool check_all)
{
int i;
char *s;
@@ -477,13 +477,13 @@ static char *sddl_encode_ace(TALLOC_CTX *mem_ctx, const struct security_ace *ace
return NULL;
}
- s_type = sddl_flags_to_string(tmp_ctx, ace_types, ace->type, True);
+ s_type = sddl_flags_to_string(tmp_ctx, ace_types, ace->type, true);
if (s_type == NULL) goto failed;
- s_flags = sddl_flags_to_string(tmp_ctx, ace_flags, ace->flags, True);
+ s_flags = sddl_flags_to_string(tmp_ctx, ace_flags, ace->flags, true);
if (s_flags == NULL) goto failed;
- s_mask = sddl_flags_to_string(tmp_ctx, ace_access_mask, ace->access_mask, True);
+ s_mask = sddl_flags_to_string(tmp_ctx, ace_access_mask, ace->access_mask, true);
if (s_mask == NULL) {
s_mask = talloc_asprintf(tmp_ctx, "0x%08x", ace->access_mask);
if (s_mask == NULL) goto failed;
@@ -525,7 +525,7 @@ static char *sddl_encode_acl(TALLOC_CTX *mem_ctx, const struct security_acl *acl
int i;
/* add any ACL flags */
- sddl = sddl_flags_to_string(mem_ctx, acl_flags, flags, False);
+ sddl = sddl_flags_to_string(mem_ctx, acl_flags, flags, false);
if (sddl == NULL) goto failed;
/* now the ACEs, encoded in braces */
diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c
index 1e33e1950b..7ed619d0c4 100644
--- a/source4/libcli/security/security_descriptor.c
+++ b/source4/libcli/security/security_descriptor.c
@@ -242,77 +242,77 @@ NTSTATUS security_descriptor_dacl_del(struct security_descriptor *sd,
/*
compare two security ace structures
*/
-BOOL security_ace_equal(const struct security_ace *ace1,
+bool security_ace_equal(const struct security_ace *ace1,
const struct security_ace *ace2)
{
- if (ace1 == ace2) return True;
- if (!ace1 || !ace2) return False;
- if (ace1->type != ace2->type) return False;
- if (ace1->flags != ace2->flags) return False;
- if (ace1->access_mask != ace2->access_mask) return False;
- if (!dom_sid_equal(&ace1->trustee, &ace2->trustee)) return False;
-
- return True;
+ if (ace1 == ace2) return true;
+ if (!ace1 || !ace2) return false;
+ if (ace1->type != ace2->type) return false;
+ if (ace1->flags != ace2->flags) return false;
+ if (ace1->access_mask != ace2->access_mask) return false;
+ if (!dom_sid_equal(&ace1->trustee, &ace2->trustee)) return false;
+
+ return true;
}
/*
compare two security acl structures
*/
-BOOL security_acl_equal(const struct security_acl *acl1,
+bool security_acl_equal(const struct security_acl *acl1,
const struct security_acl *acl2)
{
int i;
- if (acl1 == acl2) return True;
- if (!acl1 || !acl2) return False;
- if (acl1->revision != acl2->revision) return False;
- if (acl1->num_aces != acl2->num_aces) return False;
+ if (acl1 == acl2) return true;
+ if (!acl1 || !acl2) return false;
+ if (acl1->revision != acl2->revision) return false;
+ if (acl1->num_aces != acl2->num_aces) return false;
for (i=0;i<acl1->num_aces;i++) {
- if (!security_ace_equal(&acl1->aces[i], &acl2->aces[i])) return False;
+ if (!security_ace_equal(&acl1->aces[i], &acl2->aces[i])) return false;
}
- return True;
+ return true;
}
/*
compare two security descriptors.
*/
-BOOL security_descriptor_equal(const struct security_descriptor *sd1,
+bool security_descriptor_equal(const struct security_descriptor *sd1,
const struct security_descriptor *sd2)
{
- if (sd1 == sd2) return True;
- if (!sd1 || !sd2) return False;
- if (sd1->revision != sd2->revision) return False;
- if (sd1->type != sd2->type) return False;
+ if (sd1 == sd2) return true;
+ if (!sd1 || !sd2) return false;
+ if (sd1->revision != sd2->revision) return false;
+ if (sd1->type != sd2->type) return false;
- if (!dom_sid_equal(sd1->owner_sid, sd2->owner_sid)) return False;
- if (!dom_sid_equal(sd1->group_sid, sd2->group_sid)) return False;
- if (!security_acl_equal(sd1->sacl, sd2->sacl)) return False;
- if (!security_acl_equal(sd1->dacl, sd2->dacl)) return False;
+ if (!dom_sid_equal(sd1->owner_sid, sd2->owner_sid)) return false;
+ if (!dom_sid_equal(sd1->group_sid, sd2->group_sid)) return false;
+ if (!security_acl_equal(sd1->sacl, sd2->sacl)) return false;
+ if (!security_acl_equal(sd1->dacl, sd2->dacl)) return false;
- return True;
+ return true;
}
/*
compare two security descriptors, but allow certain (missing) parts
to be masked out of the comparison
*/
-BOOL security_descriptor_mask_equal(const struct security_descriptor *sd1,
+bool security_descriptor_mask_equal(const struct security_descriptor *sd1,
const struct security_descriptor *sd2,
uint32_t mask)
{
- if (sd1 == sd2) return True;
- if (!sd1 || !sd2) return False;
- if (sd1->revision != sd2->revision) return False;
- if ((sd1->type & mask) != (sd2->type & mask)) return False;
+ if (sd1 == sd2) return true;
+ if (!sd1 || !sd2) return false;
+ if (sd1->revision != sd2->revision) return false;
+ if ((sd1->type & mask) != (sd2->type & mask)) return false;
- if (!dom_sid_equal(sd1->owner_sid, sd2->owner_sid)) return False;
- if (!dom_sid_equal(sd1->group_sid, sd2->group_sid)) return False;
- if ((mask & SEC_DESC_DACL_PRESENT) && !security_acl_equal(sd1->dacl, sd2->dacl)) return False;
- if ((mask & SEC_DESC_SACL_PRESENT) && !security_acl_equal(sd1->sacl, sd2->sacl)) return False;
+ if (!dom_sid_equal(sd1->owner_sid, sd2->owner_sid)) return false;
+ if (!dom_sid_equal(sd1->group_sid, sd2->group_sid)) return false;
+ if ((mask & SEC_DESC_DACL_PRESENT) && !security_acl_equal(sd1->dacl, sd2->dacl)) return false;
+ if ((mask & SEC_DESC_SACL_PRESENT) && !security_acl_equal(sd1->sacl, sd2->sacl)) return false;
- return True;
+ return true;
}
diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c
index 684c3de7e6..e126340c46 100644
--- a/source4/libcli/security/security_token.c
+++ b/source4/libcli/security/security_token.c
@@ -79,19 +79,19 @@ void security_token_debug(int dbg_lev, const struct security_token *token)
/* These really should be cheaper... */
-BOOL security_token_is_sid(const struct security_token *token, const struct dom_sid *sid)
+bool security_token_is_sid(const struct security_token *token, const struct dom_sid *sid)
{
if (dom_sid_equal(token->user_sid, sid)) {
- return True;
+ return true;
}
- return False;
+ return false;
}
-BOOL security_token_is_sid_string(const struct security_token *token, const char *sid_string)
+bool security_token_is_sid_string(const struct security_token *token, const char *sid_string)
{
- BOOL ret;
+ bool ret;
struct dom_sid *sid = dom_sid_parse_talloc(NULL, sid_string);
- if (!sid) return False;
+ if (!sid) return false;
ret = security_token_is_sid(token, sid);
@@ -99,32 +99,32 @@ BOOL security_token_is_sid_string(const struct security_token *token, const char
return ret;
}
-BOOL security_token_is_system(const struct security_token *token)
+bool security_token_is_system(const struct security_token *token)
{
return security_token_is_sid_string(token, SID_NT_SYSTEM);
}
-BOOL security_token_is_anonymous(const struct security_token *token)
+bool security_token_is_anonymous(const struct security_token *token)
{
return security_token_is_sid_string(token, SID_NT_ANONYMOUS);
}
-BOOL security_token_has_sid(const struct security_token *token, const struct dom_sid *sid)
+bool security_token_has_sid(const struct security_token *token, const struct dom_sid *sid)
{
int i;
for (i = 0; i < token->num_sids; i++) {
if (dom_sid_equal(token->sids[i], sid)) {
- return True;
+ return true;
}
}
- return False;
+ return false;
}
-BOOL security_token_has_sid_string(const struct security_token *token, const char *sid_string)
+bool security_token_has_sid_string(const struct security_token *token, const char *sid_string)
{
- BOOL ret;
+ bool ret;
struct dom_sid *sid = dom_sid_parse_talloc(NULL, sid_string);
- if (!sid) return False;
+ if (!sid) return false;
ret = security_token_has_sid(token, sid);
@@ -132,12 +132,12 @@ BOOL security_token_has_sid_string(const struct security_token *token, const cha
return ret;
}
-BOOL security_token_has_builtin_administrators(const struct security_token *token)
+bool security_token_has_builtin_administrators(const struct security_token *token)
{
return security_token_has_sid_string(token, SID_BUILTIN_ADMINISTRATORS);
}
-BOOL security_token_has_nt_authenticated_users(const struct security_token *token)
+bool security_token_has_nt_authenticated_users(const struct security_token *token)
{
return security_token_has_sid_string(token, SID_NT_AUTHENTICATED_USERS);
}