From fdc9f417d89fdf9dd6afbc22843d70585e195c9d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 30 Nov 2004 04:33:27 +0000 Subject: r4011: get rid of rpc_secdes.h and replace it with a single sane set of definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d) --- source4/torture/basic/attr.c | 14 ++++-- source4/torture/basic/charset.c | 3 +- source4/torture/basic/delete.c | 93 +++++++++++++++++++++++--------------- source4/torture/basic/denytest.c | 51 +++++++++++---------- source4/torture/basic/dir.c | 8 +++- source4/torture/basic/disconnect.c | 3 +- source4/torture/basic/rename.c | 7 +-- source4/torture/basic/scanner.c | 11 +++-- source4/torture/basic/unlink.c | 3 +- source4/torture/basic/utable.c | 11 +++-- source4/torture/gentest.c | 5 +- source4/torture/nbench/nbio.c | 11 +++-- source4/torture/raw/acls.c | 20 ++++---- source4/torture/raw/chkpath.c | 43 +++++++++--------- source4/torture/raw/context.c | 7 +-- source4/torture/raw/eas.c | 5 +- source4/torture/raw/mux.c | 3 +- source4/torture/raw/notify.c | 3 +- source4/torture/raw/open.c | 15 +++--- source4/torture/raw/oplock.c | 9 ++-- source4/torture/raw/qfileinfo.c | 16 ++++--- source4/torture/raw/rename.c | 5 +- source4/torture/raw/streams.c | 5 +- source4/torture/rpc/samr.c | 2 +- source4/torture/rpc/svcctl.c | 1 + source4/torture/torture.c | 73 ++++++++++++++++-------------- source4/torture/torture_util.c | 18 ++++---- 27 files changed, 254 insertions(+), 191 deletions(-) (limited to 'source4/torture') diff --git a/source4/torture/basic/attr.c b/source4/torture/basic/attr.c index 5cd05d9647..07a36ea950 100644 --- a/source4/torture/basic/attr.c +++ b/source4/torture/basic/attr.c @@ -21,6 +21,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" extern int torture_failures; @@ -103,7 +104,9 @@ BOOL torture_openattrtest(void) for (k = 0, i = 0; i < sizeof(open_attrs_table)/sizeof(uint32_t); i++) { smbcli_setatr(cli1->tree, fname, 0, 0); smbcli_unlink(cli1->tree, fname); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SA_RIGHT_FILE_WRITE_DATA, open_attrs_table[i], + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_FILE_WRITE_DATA, + open_attrs_table[i], NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -118,10 +121,11 @@ BOOL torture_openattrtest(void) for (j = 0; j < ARRAY_SIZE(open_attrs_table); j++) { fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - SA_RIGHT_FILE_READ_DATA|SA_RIGHT_FILE_WRITE_DATA, - open_attrs_table[j], - NTCREATEX_SHARE_ACCESS_NONE, - NTCREATEX_DISP_OVERWRITE, 0, 0); + SEC_FILE_READ_DATA| + SEC_FILE_WRITE_DATA, + open_attrs_table[j], + NTCREATEX_SHARE_ACCESS_NONE, + NTCREATEX_DISP_OVERWRITE, 0, 0); if (fnum1 == -1) { for (l = 0; l < ARRAY_SIZE(attr_results); l++) { diff --git a/source4/torture/basic/charset.c b/source4/torture/basic/charset.c index 4f57eba64a..1024c1cd26 100644 --- a/source4/torture/basic/charset.c +++ b/source4/torture/basic/charset.c @@ -21,6 +21,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\chartest\\" @@ -67,7 +68,7 @@ static NTSTATUS unicode_open(struct smbcli_tree *tree, io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED; io.ntcreatex.in.root_fid = 0; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.alloc_size = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; diff --git a/source4/torture/basic/delete.c b/source4/torture/basic/delete.c index 742a51bcaa..99be602de9 100644 --- a/source4/torture/basic/delete.c +++ b/source4/torture/basic/delete.c @@ -21,6 +21,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" /* @@ -47,9 +48,11 @@ BOOL torture_test_delete(void) smbcli_setatr(cli1->tree, fname, 0, 0); smbcli_unlink(cli1->tree, fname); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OVERWRITE_IF, - NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OVERWRITE_IF, + NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); if (fnum1 == -1) { printf("(%s) open of %s failed (%s)\n", @@ -80,9 +83,10 @@ BOOL torture_test_delete(void) smbcli_setatr(cli1->tree, fname, 0, 0); smbcli_unlink(cli1->tree, fname); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, - FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, - NTCREATEX_DISP_OVERWRITE_IF, 0, 0); + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, + NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { printf("(%s) open of %s failed (%s)\n", @@ -124,7 +128,7 @@ BOOL torture_test_delete(void) smbcli_unlink(cli1->tree, fname); fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - GENERIC_RIGHTS_FILE_ALL_ACCESS, + SEC_RIGHTS_FULL_CONTROL, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); @@ -140,7 +144,7 @@ BOOL torture_test_delete(void) with SHARE_DELETE. */ fnum2 = smbcli_nt_create_full(cli1->tree, fname, 0, - GENERIC_RIGHTS_FILE_READ, + SEC_RIGHTS_FILE_READ, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE, NTCREATEX_DISP_OPEN, 0, 0); @@ -154,8 +158,11 @@ BOOL torture_test_delete(void) /* This should succeed. */ - fnum2 = smbcli_nt_create_full(cli1->tree, fname, 0, GENERIC_RIGHTS_FILE_READ, FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OPEN, 0, 0); + fnum2 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_RIGHTS_FILE_READ, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE, + NTCREATEX_DISP_OPEN, 0, 0); if (fnum2 == -1) { printf("(%s) open - 2 of %s failed (%s)\n", @@ -211,12 +218,12 @@ BOOL torture_test_delete(void) } fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - SA_RIGHT_FILE_READ_DATA | - SA_RIGHT_FILE_WRITE_DATA | - STD_RIGHT_DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE, - NTCREATEX_DISP_OVERWRITE_IF, 0, 0); + SEC_FILE_READ_DATA | + SEC_FILE_WRITE_DATA | + SEC_STD_DELETE, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { printf("(%s) open of %s failed (%s)\n", @@ -226,7 +233,8 @@ BOOL torture_test_delete(void) } /* This should succeed. */ - fnum2 = smbcli_nt_create_full(cli1->tree, fname, 0, GENERIC_RIGHTS_FILE_READ, + fnum2 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_RIGHTS_FILE_READ, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE | @@ -255,7 +263,7 @@ BOOL torture_test_delete(void) /* This should fail - no more opens once delete on close set. */ fnum2 = smbcli_nt_create_full(cli1->tree, fname, 0, - GENERIC_RIGHTS_FILE_READ, + SEC_RIGHTS_FILE_READ, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OPEN, 0, 0); @@ -309,7 +317,7 @@ BOOL torture_test_delete(void) smbcli_unlink(cli1->tree, fname); fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - SA_RIGHT_FILE_READ_DATA | SA_RIGHT_FILE_WRITE_DATA, + SEC_FILE_READ_DATA | SEC_FILE_WRITE_DATA, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE | @@ -346,10 +354,11 @@ BOOL torture_test_delete(void) smbcli_unlink(cli1->tree, fname); fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - SA_RIGHT_FILE_READ_DATA | - SA_RIGHT_FILE_WRITE_DATA | - STD_RIGHT_DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, 0, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); + SEC_FILE_READ_DATA | + SEC_FILE_WRITE_DATA | + SEC_STD_DELETE, + FILE_ATTRIBUTE_NORMAL, 0, + NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { printf("(%s) open of %s failed (%s)\n", @@ -409,9 +418,13 @@ BOOL torture_test_delete(void) goto fail; } - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SA_RIGHT_FILE_READ_DATA|SA_RIGHT_FILE_WRITE_DATA|STD_RIGHT_DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE, - NTCREATEX_DISP_OVERWRITE_IF, 0, 0); + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_FILE_READ_DATA| + SEC_FILE_WRITE_DATA| + SEC_STD_DELETE, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE, + NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { printf("(%s) open of %s failed (%s)\n", @@ -420,9 +433,13 @@ BOOL torture_test_delete(void) goto fail; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SA_RIGHT_FILE_READ_DATA|SA_RIGHT_FILE_WRITE_DATA|STD_RIGHT_DELETE_ACCESS, - FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE, - NTCREATEX_DISP_OPEN, 0, 0); + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, + SEC_FILE_READ_DATA| + SEC_FILE_WRITE_DATA| + SEC_STD_DELETE, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE, + NTCREATEX_DISP_OPEN, 0, 0); if (fnum2 == -1) { printf("(%s) open of %s failed (%s)\n", @@ -464,7 +481,7 @@ BOOL torture_test_delete(void) /* This should fail - we need to set DELETE_ACCESS. */ fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - SA_RIGHT_FILE_READ_DATA|SA_RIGHT_FILE_WRITE_DATA, + SEC_FILE_READ_DATA|SEC_FILE_WRITE_DATA, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, @@ -480,7 +497,9 @@ BOOL torture_test_delete(void) printf("ninth delete on close test succeeded.\n"); fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - SA_RIGHT_FILE_READ_DATA|SA_RIGHT_FILE_WRITE_DATA|STD_RIGHT_DELETE_ACCESS, + SEC_FILE_READ_DATA| + SEC_FILE_WRITE_DATA| + SEC_STD_DELETE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, @@ -514,9 +533,9 @@ BOOL torture_test_delete(void) smbcli_setatr(cli1->tree, fname, 0, 0); smbcli_unlink(cli1->tree, fname); - + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - GENERIC_RIGHTS_FILE_ALL_ACCESS, + SEC_RIGHTS_FULL_CONTROL, FILE_ATTRIBUTE_READONLY, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); @@ -551,9 +570,11 @@ BOOL torture_test_delete(void) /* test 12 - does having read only attribute still allow delete on close at time of open. */ - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, FILE_ATTRIBUTE_READONLY, - NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OVERWRITE_IF, - NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, + SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_READONLY, + NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OVERWRITE_IF, + NTCREATEX_OPTIONS_DELETE_ON_CLOSE, 0); if (fnum1 != -1) { printf("(%s) open of %s succeeded. Should fail with NT_STATUS_CANNOT_DELETE.\n", diff --git a/source4/torture/basic/denytest.c b/source4/torture/basic/denytest.c index 8373e786fe..70d7a2b2a1 100644 --- a/source4/torture/basic/denytest.c +++ b/source4/torture/basic/denytest.c @@ -20,6 +20,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" extern BOOL torture_showall; extern int torture_failures; @@ -1699,49 +1700,53 @@ static NTSTATUS predict_share_conflict(uint32_t sa1, uint32_t am1, uint32_t sa2, }} while (0) *res = A_0; - if (am2 & SA_RIGHT_FILE_WRITE_APPEND) { + if (am2 & (SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA)) { *res += A_W; } - if (am2 & SA_RIGHT_FILE_READ_DATA) { + if (am2 & SEC_FILE_READ_DATA) { *res += A_R; - } else if ((am2 & SA_RIGHT_FILE_EXECUTE) && + } else if ((am2 & SEC_FILE_EXECUTE) && (flags2 & FLAGS2_READ_PERMIT_EXECUTE)) { *res += A_R; } /* if either open involves no read.write or delete access then it can't conflict */ - if (!(am1 & (SA_RIGHT_FILE_WRITE_APPEND | - SA_RIGHT_FILE_READ_EXEC | - STD_RIGHT_DELETE_ACCESS))) { + if (!(am1 & (SEC_FILE_WRITE_DATA | + SEC_FILE_APPEND_DATA | + SEC_FILE_READ_DATA | + SEC_FILE_EXECUTE | + SEC_STD_DELETE))) { return NT_STATUS_OK; } - if (!(am2 & (SA_RIGHT_FILE_WRITE_APPEND | - SA_RIGHT_FILE_READ_EXEC | - STD_RIGHT_DELETE_ACCESS))) { + if (!(am2 & (SEC_FILE_WRITE_DATA | + SEC_FILE_APPEND_DATA | + SEC_FILE_READ_DATA | + SEC_FILE_EXECUTE | + SEC_STD_DELETE))) { return NT_STATUS_OK; } /* check the basic share access */ CHECK_MASK(am1, sa2, - SA_RIGHT_FILE_WRITE_APPEND, + SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA, NTCREATEX_SHARE_ACCESS_WRITE); CHECK_MASK(am2, sa1, - SA_RIGHT_FILE_WRITE_APPEND, + SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA, NTCREATEX_SHARE_ACCESS_WRITE); CHECK_MASK(am1, sa2, - SA_RIGHT_FILE_READ_EXEC, + SEC_FILE_READ_DATA | SEC_FILE_EXECUTE, NTCREATEX_SHARE_ACCESS_READ); CHECK_MASK(am2, sa1, - SA_RIGHT_FILE_READ_EXEC, + SEC_FILE_READ_DATA | SEC_FILE_EXECUTE, NTCREATEX_SHARE_ACCESS_READ); CHECK_MASK(am1, sa2, - STD_RIGHT_DELETE_ACCESS, + SEC_STD_DELETE, NTCREATEX_SHARE_ACCESS_DELETE); CHECK_MASK(am2, sa1, - STD_RIGHT_DELETE_ACCESS, + SEC_STD_DELETE, NTCREATEX_SHARE_ACCESS_DELETE); return NT_STATUS_OK; @@ -1758,14 +1763,14 @@ static BOOL torture_ntdenytest(struct smbcli_state *cli1, struct smbcli_state *c { NTCREATEX_SHARE_ACCESS_DELETE, "S_D" } }; const struct bit_value access_mask_bits[] = { - { SA_RIGHT_FILE_READ_DATA, "R_DATA" }, - { SA_RIGHT_FILE_WRITE_DATA, "W_DATA" }, - { SA_RIGHT_FILE_READ_ATTRIBUTES, "R_ATTR" }, - { SA_RIGHT_FILE_WRITE_ATTRIBUTES, "W_ATTR" }, - { SA_RIGHT_FILE_READ_EA, "R_EAS " }, - { SA_RIGHT_FILE_WRITE_EA, "W_EAS " }, - { SA_RIGHT_FILE_APPEND_DATA, "A_DATA" }, - { SA_RIGHT_FILE_EXECUTE, "EXEC " } + { SEC_FILE_READ_DATA, "R_DATA" }, + { SEC_FILE_WRITE_DATA, "W_DATA" }, + { SEC_FILE_READ_ATTRIBUTE, "R_ATTR" }, + { SEC_FILE_WRITE_ATTRIBUTE, "W_ATTR" }, + { SEC_FILE_READ_EA, "R_EAS " }, + { SEC_FILE_WRITE_EA, "W_EAS " }, + { SEC_FILE_APPEND_DATA, "A_DATA" }, + { SEC_FILE_EXECUTE, "EXEC " } }; int fnum1; int i; diff --git a/source4/torture/basic/dir.c b/source4/torture/basic/dir.c index 6e2e21fc08..0f962e6cf1 100644 --- a/source4/torture/basic/dir.c +++ b/source4/torture/basic/dir.c @@ -21,6 +21,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" static void list_fn(struct file_info *finfo, const char *name, void *state) { @@ -109,8 +110,11 @@ BOOL torture_dirtest2(void) for (i=0;itree, fname, 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, FILE_ATTRIBUTE_ARCHIVE, - NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); + fnum = smbcli_nt_create_full(cli->tree, fname, 0, + SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_ARCHIVE, + NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum == -1) { fprintf(stderr,"(%s) Failed to open %s, error=%s\n", __location__, fname, smbcli_errstr(cli->tree)); diff --git a/source4/torture/basic/disconnect.c b/source4/torture/basic/disconnect.c index a225178b96..898fc41b4e 100644 --- a/source4/torture/basic/disconnect.c +++ b/source4/torture/basic/disconnect.c @@ -22,6 +22,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\test_disconnect" @@ -47,7 +48,7 @@ static BOOL test_disconnect_open(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SA_RIGHT_FILE_READ_DATA; + io.ntcreatex.in.access_mask = SEC_FILE_READ_DATA; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ; diff --git a/source4/torture/basic/rename.c b/source4/torture/basic/rename.c index e26c85b5df..3f7be04a8e 100644 --- a/source4/torture/basic/rename.c +++ b/source4/torture/basic/rename.c @@ -21,6 +21,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" /* Test rename on files open with share delete and no share delete. @@ -42,7 +43,7 @@ BOOL torture_test_rename(void) smbcli_unlink(cli1->tree, fname); smbcli_unlink(cli1->tree, fname1); fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - GENERIC_RIGHTS_FILE_READ, + SEC_RIGHTS_FILE_READ, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); @@ -69,7 +70,7 @@ BOOL torture_test_rename(void) smbcli_unlink(cli1->tree, fname); smbcli_unlink(cli1->tree, fname1); fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - GENERIC_RIGHTS_FILE_READ, + SEC_RIGHTS_FILE_READ, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_DELETE|NTCREATEX_SHARE_ACCESS_READ, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); @@ -97,7 +98,7 @@ BOOL torture_test_rename(void) smbcli_unlink(cli1->tree, fname1); fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - STD_RIGHT_READ_CONTROL_ACCESS, + SEC_STD_READ_CONTROL, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); diff --git a/source4/torture/basic/scanner.c b/source4/torture/basic/scanner.c index ad4220b9ad..08a870334d 100644 --- a/source4/torture/basic/scanner.c +++ b/source4/torture/basic/scanner.c @@ -20,6 +20,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" #define VERBOSE 0 #define OP_MIN 0 @@ -255,10 +256,12 @@ BOOL torture_trans2_scan(void) printf("file open failed - %s\n", smbcli_errstr(cli->tree)); } dnum = smbcli_nt_create_full(cli->tree, "\\", - 0, GENERIC_RIGHTS_FILE_READ, FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE, - NTCREATEX_DISP_OPEN, - NTCREATEX_OPTIONS_DIRECTORY, 0); + 0, + SEC_RIGHTS_FILE_READ, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OPEN, + NTCREATEX_OPTIONS_DIRECTORY, 0); if (dnum == -1) { printf("directory open failed - %s\n", smbcli_errstr(cli->tree)); } diff --git a/source4/torture/basic/unlink.c b/source4/torture/basic/unlink.c index dd2ff5a5c5..3fe0ea8f28 100644 --- a/source4/torture/basic/unlink.c +++ b/source4/torture/basic/unlink.c @@ -22,6 +22,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" /* This test checks that @@ -81,7 +82,7 @@ BOOL torture_unlinktest(void) io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; status = smb_raw_open(cli->tree, cli, &io); if (!NT_STATUS_IS_OK(status)) { diff --git a/source4/torture/basic/utable.c b/source4/torture/basic/utable.c index 30d389dd92..dcd00b9fbb 100644 --- a/source4/torture/basic/utable.c +++ b/source4/torture/basic/utable.c @@ -20,6 +20,7 @@ #include "includes.h" #include "system/iconv.h" +#include "librpc/gen_ndr/ndr_security.h" BOOL torture_utable(void) { @@ -148,13 +149,13 @@ BOOL torture_casetable(void) fname = form_name(c); fnum = smbcli_nt_create_full(cli->tree, fname, 0, #if 0 - SEC_RIGHT_MAXIMUM_ALLOWED, + SEC_RIGHT_MAXIMUM_ALLOWED, #else - GENERIC_RIGHTS_FILE_ALL_ACCESS, + SEC_RIGHTS_FULL_CONTROL, #endif - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_NONE, - NTCREATEX_DISP_OPEN_IF, 0, 0); + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_NONE, + NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum == -1) { printf("Failed to create file with char %04x\n", c); diff --git a/source4/torture/gentest.c b/source4/torture/gentest.c index 4d3820793f..35b835b37f 100644 --- a/source4/torture/gentest.c +++ b/source4/torture/gentest.c @@ -23,6 +23,7 @@ #include "system/time.h" #include "request.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" #define NSERVERS 2 #define NINSTANCES 2 @@ -526,8 +527,8 @@ static uint32_t gen_ntcreatex_flags(void) */ static uint32_t gen_access_mask(void) { - if (gen_chance(50)) return SEC_RIGHT_MAXIMUM_ALLOWED; - if (gen_chance(20)) return GENERIC_RIGHTS_FILE_ALL_ACCESS; + if (gen_chance(50)) return SEC_RIGHTS_MAXIMUM_ALLOWED; + if (gen_chance(20)) return SEC_FILE_ALL; return gen_bits_mask(0xFFFFFFFF); } diff --git a/source4/torture/nbench/nbio.c b/source4/torture/nbench/nbio.c index e3c40f9ba1..34de81c5b3 100644 --- a/source4/torture/nbench/nbio.c +++ b/source4/torture/nbench/nbio.c @@ -23,6 +23,7 @@ #include "includes.h" #include "system/time.h" #include "dlinklist.h" +#include "librpc/gen_ndr/ndr_security.h" #define MAX_FILES 100 @@ -247,13 +248,13 @@ void nb_createx(const char *fname, mem_ctx = talloc_init("raw_open"); if (create_options & NTCREATEX_OPTIONS_DIRECTORY) { - desired_access = SA_RIGHT_FILE_READ_DATA; + desired_access = SEC_FILE_READ_DATA; } else { desired_access = - SA_RIGHT_FILE_READ_DATA | - SA_RIGHT_FILE_WRITE_DATA | - SA_RIGHT_FILE_READ_ATTRIBUTES | - SA_RIGHT_FILE_WRITE_ATTRIBUTES; + SEC_FILE_READ_DATA | + SEC_FILE_WRITE_DATA | + SEC_FILE_READ_ATTRIBUTE | + SEC_FILE_WRITE_ATTRIBUTE; flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK; diff --git a/source4/torture/raw/acls.c b/source4/torture/raw/acls.c index d0f4132be4..785e3c72dd 100644 --- a/source4/torture/raw/acls.c +++ b/source4/torture/raw/acls.c @@ -53,7 +53,7 @@ static BOOL test_sd(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = @@ -71,9 +71,9 @@ static BOOL test_sd(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) q.query_secdesc.level = RAW_FILEINFO_SEC_DESC; q.query_secdesc.in.fnum = fnum; q.query_secdesc.in.secinfo_flags = - OWNER_SECURITY_INFORMATION | - GROUP_SECURITY_INFORMATION | - DACL_SECURITY_INFORMATION; + SECINFO_OWNER | + SECINFO_GROUP | + SECINFO_DACL; status = smb_raw_fileinfo(cli->tree, mem_ctx, &q); CHECK_STATUS(status, NT_STATUS_OK); sd = q.query_secdesc.out.sd; @@ -84,7 +84,7 @@ static BOOL test_sd(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED; ace.flags = 0; - ace.access_mask = STD_RIGHT_ALL_ACCESS; + ace.access_mask = SEC_STD_ALL; ace.trustee = *test_sid; status = security_descriptor_dacl_add(sd, &ace); @@ -154,7 +154,7 @@ static BOOL test_nttrans_create(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTTRANS_CREATE; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = @@ -179,9 +179,9 @@ static BOOL test_nttrans_create(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) q.query_secdesc.level = RAW_FILEINFO_SEC_DESC; q.query_secdesc.in.fnum = fnum; q.query_secdesc.in.secinfo_flags = - OWNER_SECURITY_INFORMATION | - GROUP_SECURITY_INFORMATION | - DACL_SECURITY_INFORMATION; + SECINFO_OWNER | + SECINFO_GROUP | + SECINFO_DACL; status = smb_raw_fileinfo(cli->tree, mem_ctx, &q); CHECK_STATUS(status, NT_STATUS_OK); sd = q.query_secdesc.out.sd; @@ -194,7 +194,7 @@ static BOOL test_nttrans_create(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED; ace.flags = 0; - ace.access_mask = STD_RIGHT_ALL_ACCESS; + ace.access_mask = SEC_STD_ALL; ace.trustee = *test_sid; status = security_descriptor_dacl_add(sd, &ace); diff --git a/source4/torture/raw/chkpath.c b/source4/torture/raw/chkpath.c index 4948949886..6379c3ce8d 100644 --- a/source4/torture/raw/chkpath.c +++ b/source4/torture/raw/chkpath.c @@ -19,6 +19,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\rawchkpath" @@ -127,13 +128,13 @@ static BOOL test_chkpath(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) printf("testing Open on %s\n", "\\.\\\\\\\\\\\\."); /* findfirst seems to fail with a different error. */ fnum1 = smbcli_nt_create_full(cli->tree, "\\.\\\\\\\\\\\\.", - 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_DELETE| - NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE, - NTCREATEX_DISP_OVERWRITE_IF, - 0, 0); + 0, SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_DELETE| + NTCREATEX_SHARE_ACCESS_READ| + NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OVERWRITE_IF, + 0, 0); status = smbcli_nt_error(cli->tree); CHECK_STATUS(status, NT_STATUS_OBJECT_PATH_NOT_FOUND); @@ -168,13 +169,13 @@ static BOOL test_chkpath(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) printf("testing Open on %s\n", BASEDIR".\\.\\.\\.\\foo\\..\\.\\"); /* findfirst seems to fail with a different error. */ fnum1 = smbcli_nt_create_full(cli->tree, BASEDIR".\\.\\.\\.\\foo\\..\\.\\", - 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_DELETE| - NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE, - NTCREATEX_DISP_OVERWRITE_IF, - 0, 0); + 0, SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_DELETE| + NTCREATEX_SHARE_ACCESS_READ| + NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OVERWRITE_IF, + 0, 0); status = smbcli_nt_error(cli->tree); CHECK_STATUS(status, NT_STATUS_OBJECT_PATH_NOT_FOUND); @@ -186,13 +187,13 @@ static BOOL test_chkpath(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) /* findfirst seems to fail with a different error. */ printf("testing Open on %s\n", BASEDIR "\\nt\\V S\\VB98\\vb6.exe\\3"); fnum1 = smbcli_nt_create_full(cli->tree, BASEDIR "\\nt\\V S\\VB98\\vb6.exe\\3", - 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_DELETE| - NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE, - NTCREATEX_DISP_OVERWRITE_IF, - 0, 0); + 0, SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_DELETE| + NTCREATEX_SHARE_ACCESS_READ| + NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OVERWRITE_IF, + 0, 0); status = smbcli_nt_error(cli->tree); CHECK_STATUS(status, NT_STATUS_OBJECT_PATH_NOT_FOUND); diff --git a/source4/torture/raw/context.c b/source4/torture/raw/context.c index 446ada80a6..581705c1e4 100644 --- a/source4/torture/raw/context.c +++ b/source4/torture/raw/context.c @@ -20,6 +20,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\rawcontext" @@ -139,7 +140,7 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; @@ -241,7 +242,7 @@ static BOOL test_tree(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; @@ -326,7 +327,7 @@ static BOOL test_pid(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; diff --git a/source4/torture/raw/eas.c b/source4/torture/raw/eas.c index 57ca8de35c..949643872d 100644 --- a/source4/torture/raw/eas.c +++ b/source4/torture/raw/eas.c @@ -22,6 +22,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\testeas" @@ -105,7 +106,7 @@ static BOOL test_eas(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = @@ -206,7 +207,7 @@ static BOOL test_nttrans_create(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTTRANS_CREATE; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = diff --git a/source4/torture/raw/mux.c b/source4/torture/raw/mux.c index 9afbc7c506..fce036a5e6 100644 --- a/source4/torture/raw/mux.c +++ b/source4/torture/raw/mux.c @@ -20,6 +20,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\test_mux" @@ -51,7 +52,7 @@ static BOOL test_mux_open(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SA_RIGHT_FILE_READ_DATA; + io.ntcreatex.in.access_mask = SEC_FILE_READ_DATA; io.ntcreatex.in.create_options = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ; diff --git a/source4/torture/raw/notify.c b/source4/torture/raw/notify.c index 0156f5b251..2a5a0ca074 100644 --- a/source4/torture/raw/notify.c +++ b/source4/torture/raw/notify.c @@ -19,6 +19,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\test_notify" @@ -77,7 +78,7 @@ BOOL torture_raw_notify(void) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SA_RIGHT_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_FILE_ALL; io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; diff --git a/source4/torture/raw/open.c b/source4/torture/raw/open.c index f938c82cfb..9d8e360f00 100644 --- a/source4/torture/raw/open.c +++ b/source4/torture/raw/open.c @@ -21,6 +21,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" #include "system/time.h" +#include "librpc/gen_ndr/ndr_security.h" /* enum for whether reads/writes are possible on a file */ enum rdwr_mode {RDWR_NONE, RDWR_RDONLY, RDWR_WRONLY, RDWR_RDWR}; @@ -430,7 +431,7 @@ static BOOL test_openx(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.openx.in.open_func = OPENX_OPEN_FUNC_OPEN; status = smb_raw_open(cli->tree, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_VAL(io.openx.out.access_mask, STD_RIGHT_ALL_ACCESS); + CHECK_VAL(io.openx.out.access_mask, SEC_STD_ALL); smbcli_close(cli->tree, io.openx.out.fnum); done: @@ -620,7 +621,7 @@ static BOOL test_ntcreatex(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED; io.ntcreatex.in.root_fid = 0; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.alloc_size = 1024*1024; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; @@ -706,7 +707,7 @@ static BOOL test_ntcreatex(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) /* create a directory */ io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.alloc_size = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; @@ -718,7 +719,7 @@ static BOOL test_ntcreatex(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) smbcli_rmdir(cli->tree, fname); smbcli_unlink(cli->tree, fname); - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; @@ -793,7 +794,7 @@ static BOOL test_nttrans_create(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTTRANS_CREATE; io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED; io.ntcreatex.in.root_fid = 0; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.alloc_size = 1024*1024; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; @@ -881,7 +882,7 @@ static BOOL test_nttrans_create(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) /* create a directory */ io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.alloc_size = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; @@ -893,7 +894,7 @@ static BOOL test_nttrans_create(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) smbcli_rmdir(cli->tree, fname); smbcli_unlink(cli->tree, fname); - io.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + io.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; diff --git a/source4/torture/raw/oplock.c b/source4/torture/raw/oplock.c index 51e6a5de6c..78236246f4 100644 --- a/source4/torture/raw/oplock.c +++ b/source4/torture/raw/oplock.c @@ -19,6 +19,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" #define CHECK_VAL(v, correct) do { \ if ((v) != (correct)) { \ @@ -107,7 +108,7 @@ static BOOL test_oplock(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) */ io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.alloc_size = 0; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; @@ -275,7 +276,7 @@ static BOOL test_oplock(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK; - io.ntcreatex.in.access_mask = SA_RIGHT_FILE_READ_ATTRIBUTES|SA_RIGHT_FILE_WRITE_ATTRIBUTES|STD_RIGHT_SYNCHRONIZE_ACCESS; + io.ntcreatex.in.access_mask = SEC_FILE_READ_ATTRIBUTE|SEC_FILE_WRITE_ATTRIBUTE|SEC_STD_SYNCHRONIZE; status = smb_raw_open(cli->tree, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_OK); fnum2 = io.ntcreatex.out.fnum; @@ -292,7 +293,7 @@ static BOOL test_oplock(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK; - io.ntcreatex.in.access_mask = SA_RIGHT_FILE_READ_ATTRIBUTES|SA_RIGHT_FILE_WRITE_ATTRIBUTES|STD_RIGHT_SYNCHRONIZE_ACCESS; + io.ntcreatex.in.access_mask = SEC_FILE_READ_ATTRIBUTE|SEC_FILE_WRITE_ATTRIBUTE|SEC_STD_SYNCHRONIZE; io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; status = smb_raw_open(cli->tree, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_OK); @@ -307,7 +308,7 @@ static BOOL test_oplock(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; status = smb_raw_open(cli->tree, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_OK); diff --git a/source4/torture/raw/qfileinfo.c b/source4/torture/raw/qfileinfo.c index 45abecfa8d..23e9cad246 100644 --- a/source4/torture/raw/qfileinfo.c +++ b/source4/torture/raw/qfileinfo.c @@ -20,6 +20,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" static struct { const char *name; @@ -554,13 +555,14 @@ BOOL torture_raw_qfileinfo(void) /* and make sure we can open by alternate name */ smbcli_close(cli->tree, fnum); - fnum = smbcli_nt_create_full(cli->tree, correct_name, 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_DELETE| - NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE, - NTCREATEX_DISP_OVERWRITE_IF, - 0, 0); + fnum = smbcli_nt_create_full(cli->tree, correct_name, 0, + SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_DELETE| + NTCREATEX_SHARE_ACCESS_READ| + NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OVERWRITE_IF, + 0, 0); if (fnum == -1) { printf("Unable to open by alt_name - %s\n", smbcli_errstr(cli->tree)); ret = False; diff --git a/source4/torture/raw/rename.c b/source4/torture/raw/rename.c index c3fc739d6a..04071c2f80 100644 --- a/source4/torture/raw/rename.c +++ b/source4/torture/raw/rename.c @@ -19,6 +19,7 @@ */ #include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" #define CHECK_STATUS(status, correct) do { \ if (!NT_STATUS_EQUAL(status, correct)) { \ @@ -61,7 +62,7 @@ static BOOL test_mv(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) op.generic.level = RAW_OPEN_NTCREATEX; op.ntcreatex.in.root_fid = 0; op.ntcreatex.in.flags = 0; - op.ntcreatex.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + op.ntcreatex.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; op.ntcreatex.in.create_options = 0; op.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; op.ntcreatex.in.share_access = @@ -88,7 +89,7 @@ static BOOL test_mv(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) smbcli_close(cli->tree, fnum); - op.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_READ; + op.ntcreatex.in.access_mask = SEC_FILE_READ_DATA; op.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE | NTCREATEX_SHARE_ACCESS_READ | diff --git a/source4/torture/raw/streams.c b/source4/torture/raw/streams.c index 933a102989..3956e7d4c2 100644 --- a/source4/torture/raw/streams.c +++ b/source4/torture/raw/streams.c @@ -22,6 +22,7 @@ #include "includes.h" #include "libcli/raw/libcliraw.h" +#include "librpc/gen_ndr/ndr_security.h" #define BASEDIR "\\teststreams" @@ -108,7 +109,7 @@ static BOOL test_stream_io(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SA_RIGHT_FILE_WRITE_DATA; + io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA; io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = 0; @@ -187,7 +188,7 @@ static BOOL test_stream_io(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) io.ntcreatex.in.fname = sname2; io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DELETE_ON_CLOSE; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE; - io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FULL_CONTROL; io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; status = smb_raw_open(cli->tree, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_OK); diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 370f309b6c..29ae5b9273 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -1469,7 +1469,7 @@ static BOOL test_CreateAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, init_samr_String(&name, TEST_ALIASNAME); r.in.domain_handle = domain_handle; r.in.aliasname = &name; - r.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED; + r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; r.out.alias_handle = alias_handle; r.out.rid = &rid; diff --git a/source4/torture/rpc/svcctl.c b/source4/torture/rpc/svcctl.c index fd4dcf7894..3c40f06b32 100644 --- a/source4/torture/rpc/svcctl.c +++ b/source4/torture/rpc/svcctl.c @@ -21,6 +21,7 @@ #include "includes.h" #include "librpc/gen_ndr/ndr_svcctl.h" +#include "librpc/gen_ndr/ndr_security.h" static BOOL test_EnumServicesStatus(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *h) { diff --git a/source4/torture/torture.c b/source4/torture/torture.c index 7e1cd1f138..ca8c3342b6 100644 --- a/source4/torture/torture.c +++ b/source4/torture/torture.c @@ -26,6 +26,7 @@ #include "system/time.h" #include "system/wait.h" #include "ioctl.h" +#include "librpc/gen_ndr/ndr_security.h" int torture_nprocs=4; int torture_numops=100; @@ -895,9 +896,11 @@ static BOOL run_deferopen(struct smbcli_state *cli, int dummy) do { struct timeval tv; tv = timeval_current(); - fnum = smbcli_nt_create_full(cli->tree, fname, 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, - FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, - NTCREATEX_DISP_OPEN_IF, 0, 0); + fnum = smbcli_nt_create_full(cli->tree, fname, 0, + SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_NONE, + NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum != -1) { break; } @@ -1311,22 +1314,22 @@ static BOOL run_trans2test(void) /* FIRST_DESIRED_ACCESS 0xf019f */ -#define FIRST_DESIRED_ACCESS SA_RIGHT_FILE_READ_DATA|SA_RIGHT_FILE_WRITE_DATA|SA_RIGHT_FILE_APPEND_DATA|\ - SA_RIGHT_FILE_READ_EA| /* 0xf */ \ - SA_RIGHT_FILE_WRITE_EA|SA_RIGHT_FILE_READ_ATTRIBUTES| /* 0x90 */ \ - SA_RIGHT_FILE_WRITE_ATTRIBUTES| /* 0x100 */ \ - STD_RIGHT_DELETE_ACCESS|STD_RIGHT_READ_CONTROL_ACCESS|\ - STD_RIGHT_WRITE_DAC_ACCESS|STD_RIGHT_WRITE_OWNER_ACCESS /* 0xf0000 */ +#define FIRST_DESIRED_ACCESS SEC_FILE_READ_DATA|SEC_FILE_WRITE_DATA|SEC_FILE_APPEND_DATA|\ + SEC_FILE_READ_EA| /* 0xf */ \ + SEC_FILE_WRITE_EA|SEC_FILE_READ_ATTRIBUTE| /* 0x90 */ \ + SEC_FILE_WRITE_ATTRIBUTE| /* 0x100 */ \ + SEC_STD_DELETE|SEC_STD_READ_CONTROL|\ + SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER /* 0xf0000 */ /* SECOND_DESIRED_ACCESS 0xe0080 */ -#define SECOND_DESIRED_ACCESS SA_RIGHT_FILE_READ_ATTRIBUTES| /* 0x80 */ \ - STD_RIGHT_READ_CONTROL_ACCESS|STD_RIGHT_WRITE_DAC_ACCESS|\ - STD_RIGHT_WRITE_OWNER_ACCESS /* 0xe0000 */ +#define SECOND_DESIRED_ACCESS SEC_FILE_READ_ATTRIBUTE| /* 0x80 */ \ + SEC_STD_READ_CONTROL|SEC_STD_WRITE_DAC|\ + SEC_STD_WRITE_OWNER /* 0xe0000 */ #if 0 -#define THIRD_DESIRED_ACCESS FILE_READ_ATTRIBUTES| /* 0x80 */ \ - READ_CONTROL_ACCESS|WRITE_DAC_ACCESS|\ - SA_RIGHT_FILE_READ_DATA|\ - WRITE_OWNER_ACCESS /* */ +#define THIRD_DESIRED_ACCESS FILE_READ_ATTRIBUTE| /* 0x80 */ \ + READ_CONTROL|WRITE_DAC|\ + SEC_FILE_READ_DATA|\ + WRITE_OWNER /* */ #endif /* @@ -1346,9 +1349,11 @@ static BOOL run_xcopy(void) } fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, - FIRST_DESIRED_ACCESS, FILE_ATTRIBUTE_ARCHIVE, - NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, - 0x4044, 0); + FIRST_DESIRED_ACCESS, + FILE_ATTRIBUTE_ARCHIVE, + NTCREATEX_SHARE_ACCESS_NONE, + NTCREATEX_DISP_OVERWRITE_IF, + 0x4044, 0); if (fnum1 == -1) { printf("First open failed - %s\n", smbcli_errstr(cli1->tree)); @@ -1388,7 +1393,7 @@ static BOOL run_pipe_number(void) } while(1) { - fnum = smbcli_nt_create_full(cli1->tree, pipe_name, 0, SA_RIGHT_FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, + fnum = smbcli_nt_create_full(cli1->tree, pipe_name, 0, SEC_FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum == -1) { @@ -1705,7 +1710,7 @@ error_test4: printf("TEST #1 testing 2 non-io opens (no delete)\n"); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -1714,7 +1719,7 @@ error_test4: return False; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum2 == -1) { printf("test 1 open 2 of %s failed (%s)\n", fname, smbcli_errstr(cli2->tree)); @@ -1737,7 +1742,7 @@ error_test10: printf("TEST #2 testing 2 non-io opens (first with delete)\n"); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, STD_RIGHT_DELETE_ACCESS|SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SEC_STD_DELETE|SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -1746,7 +1751,7 @@ error_test10: return False; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum2 == -1) { @@ -1770,7 +1775,7 @@ error_test20: printf("TEST #3 testing 2 non-io opens (second with delete)\n"); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -1779,7 +1784,7 @@ error_test20: return False; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, STD_RIGHT_DELETE_ACCESS|SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SEC_STD_DELETE|SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum2 == -1) { @@ -1803,7 +1808,7 @@ error_test30: printf("TEST #4 testing 2 non-io opens (both with delete)\n"); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, STD_RIGHT_DELETE_ACCESS|SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SEC_STD_DELETE|SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -1812,7 +1817,7 @@ error_test30: return False; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, STD_RIGHT_DELETE_ACCESS|SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SEC_STD_DELETE|SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum2 != -1) { @@ -1834,7 +1839,7 @@ error_test40: printf("TEST #5 testing 2 non-io opens (both with delete - both with file share delete)\n"); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, STD_RIGHT_DELETE_ACCESS|SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SEC_STD_DELETE|SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -1843,7 +1848,7 @@ error_test40: return False; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, STD_RIGHT_DELETE_ACCESS|SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SEC_STD_DELETE|SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum2 == -1) { @@ -1868,7 +1873,7 @@ error_test50: smbcli_unlink(cli1->tree, fname); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SA_RIGHT_FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SEC_FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -1877,7 +1882,7 @@ error_test50: return False; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum2 == -1) { @@ -1902,7 +1907,7 @@ error_test60: smbcli_unlink(cli1->tree, fname); - fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SA_RIGHT_FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, + fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0, SEC_FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0); if (fnum1 == -1) { @@ -1911,7 +1916,7 @@ error_test60: return False; } - fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, STD_RIGHT_DELETE_ACCESS|SA_RIGHT_FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, + fnum2 = smbcli_nt_create_full(cli2->tree, fname, 0, SEC_STD_DELETE|SEC_FILE_READ_ATTRIBUTE, FILE_ATTRIBUTE_NORMAL, NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_DELETE, NTCREATEX_DISP_OPEN_IF, 0, 0); if (fnum2 != -1) { diff --git a/source4/torture/torture_util.c b/source4/torture/torture_util.c index af8a1ca065..edc00a571f 100644 --- a/source4/torture/torture_util.c +++ b/source4/torture/torture_util.c @@ -22,6 +22,7 @@ #include "libcli/raw/libcliraw.h" #include "system/shmem.h" #include "system/time.h" +#include "librpc/gen_ndr/ndr_security.h" /* @@ -52,7 +53,7 @@ int create_directory_handle(struct smbcli_tree *tree, const char *dname) io.generic.level = RAW_OPEN_NTCREATEX; io.ntcreatex.in.root_fid = 0; io.ntcreatex.in.flags = 0; - io.ntcreatex.in.access_mask = SA_RIGHT_FILE_ALL_ACCESS; + io.ntcreatex.in.access_mask = SEC_FILE_ALL; io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; @@ -86,13 +87,14 @@ int create_complex_file(struct smbcli_state *cli, TALLOC_CTX *mem_ctx, const cha NTSTATUS status; smbcli_unlink(cli->tree, fname); - fnum = smbcli_nt_create_full(cli->tree, fname, 0, GENERIC_RIGHTS_FILE_ALL_ACCESS, - FILE_ATTRIBUTE_NORMAL, - NTCREATEX_SHARE_ACCESS_DELETE| - NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE, - NTCREATEX_DISP_OVERWRITE_IF, - 0, 0); + fnum = smbcli_nt_create_full(cli->tree, fname, 0, + SEC_RIGHTS_FULL_CONTROL, + FILE_ATTRIBUTE_NORMAL, + NTCREATEX_SHARE_ACCESS_DELETE| + NTCREATEX_SHARE_ACCESS_READ| + NTCREATEX_SHARE_ACCESS_WRITE, + NTCREATEX_DISP_OVERWRITE_IF, + 0, 0); if (fnum == -1) return -1; smbcli_write(cli->tree, fnum, 0, buf, 0, sizeof(buf)); -- cgit