From 7aa07a4832b5f5db6e8d19c617e9df3c64b76949 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 7 Mar 2006 15:17:01 +0000 Subject: r13945: Move display_sec.c to lib/ (as suggested by Volker). Guenther (This used to be commit 7e80d5358eb181c3515acb732a3594e80391261b) --- source3/lib/display_sec.c | 187 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 187 insertions(+) create mode 100644 source3/lib/display_sec.c (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c new file mode 100644 index 0000000000..bc735fa00c --- /dev/null +++ b/source3/lib/display_sec.c @@ -0,0 +1,187 @@ +/* + Unix SMB/CIFS implementation. + Samba utility functions + Copyright (C) Andrew Tridgell 1992-1999 + Copyright (C) Luke Kenneth Casson Leighton 1996 - 1999 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "rpcclient.h" + +/**************************************************************************** +convert a security permissions into a string +****************************************************************************/ +char *get_sec_mask_str(uint32 type) +{ + static fstring typestr=""; + + typestr[0] = 0; + + if (type & GENERIC_ALL_ACCESS) + fstrcat(typestr, "Generic all access "); + if (type & GENERIC_EXECUTE_ACCESS) + fstrcat(typestr, "Generic execute access "); + if (type & GENERIC_WRITE_ACCESS) + fstrcat(typestr, "Generic write access "); + if (type & GENERIC_READ_ACCESS) + fstrcat(typestr, "Generic read access "); + if (type & MAXIMUM_ALLOWED_ACCESS) + fstrcat(typestr, "MAXIMUM_ALLOWED_ACCESS "); + if (type & SYSTEM_SECURITY_ACCESS) + fstrcat(typestr, "SYSTEM_SECURITY_ACCESS "); + if (type & SYNCHRONIZE_ACCESS) + fstrcat(typestr, "SYNCHRONIZE_ACCESS "); + if (type & WRITE_OWNER_ACCESS) + fstrcat(typestr, "WRITE_OWNER_ACCESS "); + if (type & WRITE_DAC_ACCESS) + fstrcat(typestr, "WRITE_DAC_ACCESS "); + if (type & READ_CONTROL_ACCESS) + fstrcat(typestr, "READ_CONTROL_ACCESS "); + if (type & DELETE_ACCESS) + fstrcat(typestr, "DELETE_ACCESS "); + + printf("\t\tSpecific bits: 0x%lx\n", (unsigned long)type&SPECIFIC_RIGHTS_MASK); + + return typestr; +} + +/**************************************************************************** + display sec_access structure + ****************************************************************************/ +void display_sec_access(SEC_ACCESS *info) +{ + printf("\t\tPermissions: 0x%x: %s\n", info->mask, get_sec_mask_str(info->mask)); +} + +/**************************************************************************** + display sec_ace structure + ****************************************************************************/ +void display_sec_ace(SEC_ACE *ace) +{ + fstring sid_str; + + printf("\tACE\n\t\ttype: "); + switch (ace->type) { + case SEC_ACE_TYPE_ACCESS_ALLOWED: + printf("ACCESS ALLOWED"); + break; + case SEC_ACE_TYPE_ACCESS_DENIED: + printf("ACCESS DENIED"); + break; + case SEC_ACE_TYPE_SYSTEM_AUDIT: + printf("SYSTEM AUDIT"); + break; + case SEC_ACE_TYPE_SYSTEM_ALARM: + printf("SYSTEM ALARM"); + break; + default: + printf("????"); + break; + } + printf(" (%d) flags: %d\n", ace->type, ace->flags); + display_sec_access(&ace->info); + sid_to_string(sid_str, &ace->trustee); + printf("\t\tSID: %s\n\n", sid_str); +} + +/**************************************************************************** + display sec_acl structure + ****************************************************************************/ +void display_sec_acl(SEC_ACL *sec_acl) +{ + int i; + + printf("\tACL\tNum ACEs:\t%d\trevision:\t%x\n", + sec_acl->num_aces, sec_acl->revision); + printf("\t---\n"); + + if (sec_acl->size != 0 && sec_acl->num_aces != 0) + for (i = 0; i < sec_acl->num_aces; i++) + display_sec_ace(&sec_acl->ace[i]); + +} + +void display_acl_type(uint16 type) +{ + static fstring typestr=""; + + typestr[0] = 0; + + if (type & SEC_DESC_OWNER_DEFAULTED) /* 0x0001 */ + fstrcat(typestr, "SEC_DESC_OWNER_DEFAULTED "); + if (type & SEC_DESC_GROUP_DEFAULTED) /* 0x0002 */ + fstrcat(typestr, "SEC_DESC_GROUP_DEFAULTED "); + if (type & SEC_DESC_DACL_PRESENT) /* 0x0004 */ + fstrcat(typestr, "SEC_DESC_DACL_PRESENT "); + if (type & SEC_DESC_DACL_DEFAULTED) /* 0x0008 */ + fstrcat(typestr, "SEC_DESC_DACL_DEFAULTED "); + if (type & SEC_DESC_SACL_PRESENT) /* 0x0010 */ + fstrcat(typestr, "SEC_DESC_SACL_PRESENT "); + if (type & SEC_DESC_SACL_DEFAULTED) /* 0x0020 */ + fstrcat(typestr, "SEC_DESC_SACL_DEFAULTED "); + if (type & SEC_DESC_DACL_TRUSTED) /* 0x0040 */ + fstrcat(typestr, "SEC_DESC_DACL_TRUSTED "); + if (type & SEC_DESC_SERVER_SECURITY) /* 0x0080 */ + fstrcat(typestr, "SEC_DESC_SERVER_SECURITY "); + if (type & 0x0100) fstrcat(typestr, "0x0100 "); + if (type & 0x0200) fstrcat(typestr, "0x0200 "); + if (type & 0x0400) fstrcat(typestr, "0x0400 "); + if (type & 0x0800) fstrcat(typestr, "0x0800 "); + if (type & 0x1000) fstrcat(typestr, "0x1000 "); + if (type & 0x2000) fstrcat(typestr, "0x2000 "); + if (type & 0x4000) fstrcat(typestr, "0x4000 "); + if (type & SEC_DESC_SELF_RELATIVE) /* 0x8000 */ + fstrcat(typestr, "SEC_DESC_SELF_RELATIVE "); + + printf("type: 0x%04x: %s\n", type, typestr); +} + +/**************************************************************************** + display sec_desc structure + ****************************************************************************/ +void display_sec_desc(SEC_DESC *sec) +{ + fstring sid_str; + + if (!sec) { + printf("NULL\n"); + return; + } + + printf("revision: %d\n", sec->revision); + display_acl_type(sec->type); + + if (sec->sacl) { + printf("SACL\n"); + display_sec_acl(sec->sacl); + } + + if (sec->dacl) { + printf("DACL\n"); + display_sec_acl(sec->dacl); + } + + if (sec->owner_sid) { + sid_to_string(sid_str, sec->owner_sid); + printf("\tOwner SID:\t%s\n", sid_str); + } + + if (sec->grp_sid) { + sid_to_string(sid_str, sec->grp_sid); + printf("\tParent SID:\t%s\n", sid_str); + } +} -- cgit From a0b0ac5b6a9f5ecdf588f89a6c1d1239d159c263 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Tue, 7 Mar 2006 15:32:18 +0000 Subject: r13948: Fix the build. Remove rpcclient.h include. (This used to be commit 6bf879bee3c59ba54b1b4c465c777e3dd0043f83) --- source3/lib/display_sec.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index bc735fa00c..49a86c261c 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -20,7 +20,6 @@ */ #include "includes.h" -#include "rpcclient.h" /**************************************************************************** convert a security permissions into a string -- cgit From 4db7642caa99c1b054322a8971c4b673556487ce Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 20 Sep 2006 22:23:12 +0000 Subject: r18745: Use the Samba4 data structures for security descriptors and security descriptor buffers. Make security access masks simply a uint32 rather than a structure with a uint32 in it. (This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366) --- source3/lib/display_sec.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index 49a86c261c..2b3542922c 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -63,7 +63,7 @@ char *get_sec_mask_str(uint32 type) ****************************************************************************/ void display_sec_access(SEC_ACCESS *info) { - printf("\t\tPermissions: 0x%x: %s\n", info->mask, get_sec_mask_str(info->mask)); + printf("\t\tPermissions: 0x%x: %s\n", *info, get_sec_mask_str(*info)); } /**************************************************************************** @@ -92,7 +92,7 @@ void display_sec_ace(SEC_ACE *ace) break; } printf(" (%d) flags: %d\n", ace->type, ace->flags); - display_sec_access(&ace->info); + display_sec_access(&ace->access_mask); sid_to_string(sid_str, &ace->trustee); printf("\t\tSID: %s\n\n", sid_str); } @@ -110,7 +110,7 @@ void display_sec_acl(SEC_ACL *sec_acl) if (sec_acl->size != 0 && sec_acl->num_aces != 0) for (i = 0; i < sec_acl->num_aces; i++) - display_sec_ace(&sec_acl->ace[i]); + display_sec_ace(&sec_acl->aces[i]); } @@ -179,8 +179,8 @@ void display_sec_desc(SEC_DESC *sec) printf("\tOwner SID:\t%s\n", sid_str); } - if (sec->grp_sid) { - sid_to_string(sid_str, sec->grp_sid); + if (sec->group_sid) { + sid_to_string(sid_str, sec->group_sid); printf("\tParent SID:\t%s\n", sid_str); } } -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/lib/display_sec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index 2b3542922c..d22992ace1 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -6,7 +6,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/lib/display_sec.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index d22992ace1..b7864bfd06 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -15,8 +15,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit From 5d95214cf77aed7ef3c0625fdfaf05154b43c6c0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 11 Jul 2007 15:23:51 +0000 Subject: r23841: Show all acl types when displaying a security descriptor. Guenther (This used to be commit 06418a63a0bf5df0e0e76172137d5dff026feaa6) --- source3/lib/display_sec.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index b7864bfd06..cb8f151a4e 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -135,13 +135,20 @@ void display_acl_type(uint16 type) fstrcat(typestr, "SEC_DESC_DACL_TRUSTED "); if (type & SEC_DESC_SERVER_SECURITY) /* 0x0080 */ fstrcat(typestr, "SEC_DESC_SERVER_SECURITY "); - if (type & 0x0100) fstrcat(typestr, "0x0100 "); - if (type & 0x0200) fstrcat(typestr, "0x0200 "); - if (type & 0x0400) fstrcat(typestr, "0x0400 "); - if (type & 0x0800) fstrcat(typestr, "0x0800 "); - if (type & 0x1000) fstrcat(typestr, "0x1000 "); - if (type & 0x2000) fstrcat(typestr, "0x2000 "); - if (type & 0x4000) fstrcat(typestr, "0x4000 "); + if (type & SEC_DESC_DACL_AUTO_INHERIT_REQ) /* 0x0100 */ + fstrcat(typestr, "SEC_DESC_DACL_AUTO_INHERIT_REQ "); + if (type & SEC_DESC_SACL_AUTO_INHERIT_REQ) /* 0x0200 */ + fstrcat(typestr, "SEC_DESC_SACL_AUTO_INHERIT_REQ "); + if (type & SEC_DESC_DACL_AUTO_INHERITED) /* 0x0400 */ + fstrcat(typestr, "SEC_DESC_DACL_AUTO_INHERITED "); + if (type & SEC_DESC_SACL_AUTO_INHERITED) /* 0x0800 */ + fstrcat(typestr, "SEC_DESC_SACL_AUTO_INHERITED "); + if (type & SEC_DESC_DACL_PROTECTED) /* 0x1000 */ + fstrcat(typestr, "SEC_DESC_DACL_PROTECTED "); + if (type & SEC_DESC_SACL_PROTECTED) /* 0x2000 */ + fstrcat(typestr, "SEC_DESC_SACL_PROTECTED "); + if (type & SEC_DESC_RM_CONTROL_VALID) /* 0x4000 */ + fstrcat(typestr, "SEC_DESC_RM_CONTROL_VALID "); if (type & SEC_DESC_SELF_RELATIVE) /* 0x8000 */ fstrcat(typestr, "SEC_DESC_SELF_RELATIVE "); -- cgit From f28dc0280dde74ae9512a00b6c4e276f8d78a55d Mon Sep 17 00:00:00 2001 From: Guenther Deschner Date: Thu, 11 Oct 2007 02:25:44 +0200 Subject: Display ace_objects in security descriptors. Guenther (This used to be commit 5fa3fc81b765f1d9682170de13d2e10994fdd889) --- source3/lib/display_sec.c | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index cb8f151a4e..487ac8f4a0 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -65,6 +65,23 @@ void display_sec_access(SEC_ACCESS *info) printf("\t\tPermissions: 0x%x: %s\n", *info, get_sec_mask_str(*info)); } +/**************************************************************************** + display sec_ace object + ****************************************************************************/ +static void disp_sec_ace_object(struct security_ace_object *object) +{ + if (object->flags & SEC_ACE_OBJECT_PRESENT) { + printf("Object type: SEC_ACE_OBJECT_PRESENT\n"); + printf("Object GUID: %s\n", smb_uuid_string_static( + object->type.type)); + } + if (object->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) { + printf("Object type: SEC_ACE_OBJECT_INHERITED_PRESENT\n"); + printf("Object GUID: %s\n", smb_uuid_string_static( + object->inherited_type.inherited_type)); + } +} + /**************************************************************************** display sec_ace structure ****************************************************************************/ @@ -86,14 +103,35 @@ void display_sec_ace(SEC_ACE *ace) case SEC_ACE_TYPE_SYSTEM_ALARM: printf("SYSTEM ALARM"); break; + case SEC_ACE_TYPE_ALLOWED_COMPOUND: + printf("SEC_ACE_TYPE_ALLOWED_COMPOUND"); + break; + case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: + printf("SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT"); + break; + case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT: + printf("SEC_ACE_TYPE_ACCESS_DENIED_OBJECT"); + break; + case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT: + printf("SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT"); + break; + case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT: + printf("SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT"); + break; default: printf("????"); break; } + printf(" (%d) flags: %d\n", ace->type, ace->flags); display_sec_access(&ace->access_mask); sid_to_string(sid_str, &ace->trustee); printf("\t\tSID: %s\n\n", sid_str); + + if (sec_ace_object(ace->type)) { + disp_sec_ace_object(&ace->object.object); + } + } /**************************************************************************** @@ -110,7 +148,6 @@ void display_sec_acl(SEC_ACL *sec_acl) if (sec_acl->size != 0 && sec_acl->num_aces != 0) for (i = 0; i < sec_acl->num_aces; i++) display_sec_ace(&sec_acl->aces[i]); - } void display_acl_type(uint16 type) @@ -187,6 +224,6 @@ void display_sec_desc(SEC_DESC *sec) if (sec->group_sid) { sid_to_string(sid_str, sec->group_sid); - printf("\tParent SID:\t%s\n", sid_str); + printf("\tGroup SID:\t%s\n", sid_str); } } -- cgit From e83e0f36846ba2b7831a63cb8717432617b337fd Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 26 Oct 2007 12:58:01 +0200 Subject: Display sec ace flags. Guenther (This used to be commit 52bf835c5e9b2fa759c61bf4a7a364eeaeae6043) --- source3/lib/display_sec.c | 34 +++++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index 487ac8f4a0..8e92c84f3c 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -65,6 +65,31 @@ void display_sec_access(SEC_ACCESS *info) printf("\t\tPermissions: 0x%x: %s\n", *info, get_sec_mask_str(*info)); } +/**************************************************************************** + display sec_ace flags + ****************************************************************************/ +void display_sec_ace_flags(uint8_t flags) +{ + if (flags & SEC_ACE_FLAG_OBJECT_INHERIT) + printf("SEC_ACE_FLAG_OBJECT_INHERIT "); + if (flags & SEC_ACE_FLAG_CONTAINER_INHERIT) + printf(" SEC_ACE_FLAG_CONTAINER_INHERIT "); + if (flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT) + printf("SEC_ACE_FLAG_NO_PROPAGATE_INHERIT "); + if (flags & SEC_ACE_FLAG_INHERIT_ONLY) + printf("SEC_ACE_FLAG_INHERIT_ONLY "); + if (flags & SEC_ACE_FLAG_INHERITED_ACE) + printf("SEC_ACE_FLAG_INHERITED_ACE "); +/* if (flags & SEC_ACE_FLAG_VALID_INHERIT) + printf("SEC_ACE_FLAG_VALID_INHERIT "); */ + if (flags & SEC_ACE_FLAG_SUCCESSFUL_ACCESS) + printf("SEC_ACE_FLAG_SUCCESSFUL_ACCESS "); + if (flags & SEC_ACE_FLAG_FAILED_ACCESS) + printf("SEC_ACE_FLAG_FAILED_ACCESS "); + + printf("\n"); +} + /**************************************************************************** display sec_ace object ****************************************************************************/ @@ -123,7 +148,8 @@ void display_sec_ace(SEC_ACE *ace) break; } - printf(" (%d) flags: %d\n", ace->type, ace->flags); + printf(" (%d) flags: 0x%02x ", ace->type, ace->flags); + display_sec_ace_flags(ace->flags); display_sec_access(&ace->access_mask); sid_to_string(sid_str, &ace->trustee); printf("\t\tSID: %s\n\n", sid_str); @@ -145,9 +171,11 @@ void display_sec_acl(SEC_ACL *sec_acl) sec_acl->num_aces, sec_acl->revision); printf("\t---\n"); - if (sec_acl->size != 0 && sec_acl->num_aces != 0) - for (i = 0; i < sec_acl->num_aces; i++) + if (sec_acl->size != 0 && sec_acl->num_aces != 0) { + for (i = 0; i < sec_acl->num_aces; i++) { display_sec_ace(&sec_acl->aces[i]); + } + } } void display_acl_type(uint16 type) -- cgit From 1011b32678c7b32472a909b9f515698947d2a389 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 25 Nov 2007 10:10:52 +0100 Subject: Remove some statics (This used to be commit 1fab16ffb888cd4ec18e52d9da33976a67a5d104) --- source3/lib/display_sec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index 8e92c84f3c..caa13a6a5e 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -97,12 +97,12 @@ static void disp_sec_ace_object(struct security_ace_object *object) { if (object->flags & SEC_ACE_OBJECT_PRESENT) { printf("Object type: SEC_ACE_OBJECT_PRESENT\n"); - printf("Object GUID: %s\n", smb_uuid_string_static( + printf("Object GUID: %s\n", smb_uuid_string(talloc_tos(), object->type.type)); } if (object->flags & SEC_ACE_OBJECT_INHERITED_PRESENT) { printf("Object type: SEC_ACE_OBJECT_INHERITED_PRESENT\n"); - printf("Object GUID: %s\n", smb_uuid_string_static( + printf("Object GUID: %s\n", smb_uuid_string(talloc_tos(), object->inherited_type.inherited_type)); } } -- cgit From 2e07c2ade89f4ff281c61f74cb88e09990cf5f46 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Dec 2007 22:47:30 +0100 Subject: s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546) --- source3/lib/display_sec.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index caa13a6a5e..f6a6bb6465 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -151,7 +151,7 @@ void display_sec_ace(SEC_ACE *ace) printf(" (%d) flags: 0x%02x ", ace->type, ace->flags); display_sec_ace_flags(ace->flags); display_sec_access(&ace->access_mask); - sid_to_string(sid_str, &ace->trustee); + sid_to_fstring(sid_str, &ace->trustee); printf("\t\tSID: %s\n\n", sid_str); if (sec_ace_object(ace->type)) { @@ -246,12 +246,12 @@ void display_sec_desc(SEC_DESC *sec) } if (sec->owner_sid) { - sid_to_string(sid_str, sec->owner_sid); + sid_to_fstring(sid_str, sec->owner_sid); printf("\tOwner SID:\t%s\n", sid_str); } if (sec->group_sid) { - sid_to_string(sid_str, sec->group_sid); + sid_to_fstring(sid_str, sec->group_sid); printf("\tGroup SID:\t%s\n", sid_str); } } -- cgit From 2d1b03d67a7218cf2cf0a0f4cf8b49819b39ce23 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 17 Dec 2007 18:32:27 -0800 Subject: More static pstring elimination. Jeremy. (This used to be commit 92acc0115d8d4111289c2ade1db7bb060ee908db) --- source3/lib/display_sec.c | 112 +++++++++++++++++++++++++++++++++++----------- 1 file changed, 86 insertions(+), 26 deletions(-) (limited to 'source3/lib/display_sec.c') diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index f6a6bb6465..67392e4568 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -23,34 +23,92 @@ /**************************************************************************** convert a security permissions into a string ****************************************************************************/ -char *get_sec_mask_str(uint32 type) + +char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type) { - static fstring typestr=""; + char *typestr = talloc_strdup(ctx, ""); - typestr[0] = 0; + if (!typestr) { + return NULL; + } - if (type & GENERIC_ALL_ACCESS) - fstrcat(typestr, "Generic all access "); - if (type & GENERIC_EXECUTE_ACCESS) - fstrcat(typestr, "Generic execute access "); - if (type & GENERIC_WRITE_ACCESS) - fstrcat(typestr, "Generic write access "); - if (type & GENERIC_READ_ACCESS) - fstrcat(typestr, "Generic read access "); - if (type & MAXIMUM_ALLOWED_ACCESS) - fstrcat(typestr, "MAXIMUM_ALLOWED_ACCESS "); - if (type & SYSTEM_SECURITY_ACCESS) - fstrcat(typestr, "SYSTEM_SECURITY_ACCESS "); - if (type & SYNCHRONIZE_ACCESS) - fstrcat(typestr, "SYNCHRONIZE_ACCESS "); - if (type & WRITE_OWNER_ACCESS) - fstrcat(typestr, "WRITE_OWNER_ACCESS "); - if (type & WRITE_DAC_ACCESS) - fstrcat(typestr, "WRITE_DAC_ACCESS "); - if (type & READ_CONTROL_ACCESS) - fstrcat(typestr, "READ_CONTROL_ACCESS "); - if (type & DELETE_ACCESS) - fstrcat(typestr, "DELETE_ACCESS "); + if (type & GENERIC_ALL_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "Generic all access "); + if (!typestr) { + return NULL; + } + } + if (type & GENERIC_EXECUTE_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "Generic execute access"); + if (!typestr) { + return NULL; + } + } + if (type & GENERIC_WRITE_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "Generic write access "); + if (!typestr) { + return NULL; + } + } + if (type & GENERIC_READ_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "Generic read access "); + if (!typestr) { + return NULL; + } + } + if (type & MAXIMUM_ALLOWED_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "MAXIMUM_ALLOWED_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SYSTEM_SECURITY_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "SYSTEM_SECURITY_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SYNCHRONIZE_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "SYNCHRONIZE_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & WRITE_OWNER_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "WRITE_OWNER_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & WRITE_DAC_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "WRITE_DAC_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & READ_CONTROL_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "READ_CONTROL_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & DELETE_ACCESS) { + typestr = talloc_asprintf_append(typestr, + "DELETE_ACCESS "); + if (!typestr) { + return NULL; + } + } printf("\t\tSpecific bits: 0x%lx\n", (unsigned long)type&SPECIFIC_RIGHTS_MASK); @@ -62,7 +120,9 @@ char *get_sec_mask_str(uint32 type) ****************************************************************************/ void display_sec_access(SEC_ACCESS *info) { - printf("\t\tPermissions: 0x%x: %s\n", *info, get_sec_mask_str(*info)); + char *mask_str = get_sec_mask_str(NULL, *info); + printf("\t\tPermissions: 0x%x: %s\n", *info, mask_str ? mask_str : ""); + TALLOC_FREE(mask_str); } /**************************************************************************** -- cgit