The branch, master has been updated
via 4591fdb... s3-privileges: use LUID defines from lsa IDL.
from f769671... Fix bug with incorrect flag values for inherited ace in
some cases.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 4591fdbc18b0d7a1117de196675067e88bc341b7
Author: Günther Deschner <g...@samba.org>
Date: Sat Jun 5 02:39:11 2010 +0200
s3-privileges: use LUID defines from lsa IDL.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/include/privileges.h | 16 ++++------------
source3/include/proto.h | 6 +++---
source3/lib/privileges.c | 8 ++++----
source3/lib/privileges_basic.c | 22 +++++++++++-----------
source3/rpc_server/srv_lsa_nt.c | 10 ++++------
5 files changed, 26 insertions(+), 36 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/privileges.h b/source3/include/privileges.h
index 57d3fc0..35fccd3 100644
--- a/source3/include/privileges.h
+++ b/source3/include/privileges.h
@@ -25,6 +25,8 @@
#ifndef PRIVILEGES_H
#define PRIVILEGES_H
+#include "../librpc/gen_ndr/lsa.h"
+
/* privilege bitmask */
#define SE_PRIV_MASKSIZE 4
@@ -79,28 +81,18 @@ extern const SE_PRIV se_take_ownership;
*/
typedef struct {
- uint32 high;
- uint32 low;
-} LUID;
-
-typedef struct {
- LUID luid;
- uint32 attr;
-} LUID_ATTR;
-
-typedef struct {
TALLOC_CTX *mem_ctx;
bool ext_ctx;
uint32 count;
uint32 control;
- LUID_ATTR *set;
+ struct lsa_LUIDAttribute *set;
} PRIVILEGE_SET;
typedef struct {
SE_PRIV se_priv;
const char *name;
const char *description;
- LUID luid;
+ struct lsa_LUID luid;
} PRIVS;
#endif /* PRIVILEGES_H */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 41ab440..86a725a 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -694,7 +694,7 @@ NTSTATUS privilege_delete_account(const struct dom_sid
*sid);
NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set);
NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET
*priv_set);
void privilege_set_free(PRIVILEGE_SET *priv_set);
-NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR
*old_la, int count);
+NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la,
struct lsa_LUIDAttribute *old_la, int count);
bool is_privileged_sid( const struct dom_sid *sid );
bool grant_all_privileges( const struct dom_sid *sid );
@@ -713,8 +713,8 @@ const char* get_privilege_dispname( const char *name );
bool user_has_privileges(const NT_USER_TOKEN *token, const SE_PRIV *privilege);
bool user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege);
int count_all_privileges( void );
-LUID_ATTR get_privilege_luid( SE_PRIV *mask );
-const char *luid_to_privilege_name(const LUID *set);
+struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask );
+const char *luid_to_privilege_name(const struct lsa_LUID *set);
bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask );
bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset
);
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 6da8aaa..86f8490 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -441,7 +441,7 @@ void privilege_set_free(PRIVILEGE_SET *priv_set)
duplicate alloc luid_attr
****************************************************************************/
-NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR
*old_la, int count)
+NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la,
struct lsa_LUIDAttribute *old_la, int count)
{
int i;
@@ -449,9 +449,9 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR
**new_la, LUID_ATTR *old_l
return NT_STATUS_OK;
if (count) {
- *new_la = TALLOC_ARRAY(mem_ctx, LUID_ATTR, count);
+ *new_la = TALLOC_ARRAY(mem_ctx, struct lsa_LUIDAttribute,
count);
if ( !*new_la ) {
- DEBUG(0,("dup_luid_attr: failed to alloc new LUID_ATTR
array [%d]\n", count));
+ DEBUG(0,("dup_luid_attr: failed to alloc new struct
lsa_LUIDAttribute array [%d]\n", count));
return NT_STATUS_NO_MEMORY;
}
} else {
@@ -461,7 +461,7 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR
**new_la, LUID_ATTR *old_l
for (i=0; i<count; i++) {
(*new_la)[i].luid.high = old_la[i].luid.high;
(*new_la)[i].luid.low = old_la[i].luid.low;
- (*new_la)[i].attr = old_la[i].attr;
+ (*new_la)[i].attribute = old_la[i].attribute;
}
return NT_STATUS_OK;
diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c
index 323983b..d174c70 100644
--- a/source3/lib/privileges_basic.c
+++ b/source3/lib/privileges_basic.c
@@ -310,7 +310,7 @@ static bool is_any_privilege_assigned( SE_PRIV *privileges,
const SE_PRIV *check
}
/*********************************************************************
- Generate the LUID_ATTR structure based on a bitmask
+ Generate the struct lsa_LUIDAttribute structure based on a bitmask
*********************************************************************/
const char* get_privilege_dispname( const char *name )
@@ -375,14 +375,14 @@ int count_all_privileges( void )
/*********************************************************************
- Generate the LUID_ATTR structure based on a bitmask
+ Generate the struct lsa_LUIDAttribute structure based on a bitmask
The assumption here is that the privilege has already been validated
so we are guaranteed to find it in the list.
*********************************************************************/
-LUID_ATTR get_privilege_luid( SE_PRIV *mask )
+struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask )
{
- LUID_ATTR priv_luid;
+ struct lsa_LUIDAttribute priv_luid;
int i;
ZERO_STRUCT( priv_luid );
@@ -402,7 +402,7 @@ LUID_ATTR get_privilege_luid( SE_PRIV *mask )
Convert a LUID to a named string
****************************************************************************/
-const char *luid_to_privilege_name(const LUID *set)
+const char *luid_to_privilege_name(const struct lsa_LUID *set)
{
int i;
@@ -423,13 +423,13 @@ const char *luid_to_privilege_name(const LUID *set)
add a privilege to a privilege array
****************************************************************************/
-static bool privilege_set_add(PRIVILEGE_SET *priv_set, LUID_ATTR set)
+static bool privilege_set_add(PRIVILEGE_SET *priv_set, struct
lsa_LUIDAttribute set)
{
- LUID_ATTR *new_set;
+ struct lsa_LUIDAttribute *new_set;
/* we can allocate memory to add the new privilege */
- new_set = TALLOC_REALLOC_ARRAY(priv_set->mem_ctx, priv_set->set,
LUID_ATTR, priv_set->count + 1);
+ new_set = TALLOC_REALLOC_ARRAY(priv_set->mem_ctx, priv_set->set, struct
lsa_LUIDAttribute, priv_set->count + 1);
if ( !new_set ) {
DEBUG(0,("privilege_set_add: failed to allocate memory!\n"));
return False;
@@ -437,7 +437,7 @@ static bool privilege_set_add(PRIVILEGE_SET *priv_set,
LUID_ATTR set)
new_set[priv_set->count].luid.high = set.luid.high;
new_set[priv_set->count].luid.low = set.luid.low;
- new_set[priv_set->count].attr = set.attr;
+ new_set[priv_set->count].attribute = set.attribute;
priv_set->count++;
priv_set->set = new_set;
@@ -452,9 +452,9 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV
*mask )
{
int i;
uint32 num_privs = count_all_privileges();
- LUID_ATTR luid;
+ struct lsa_LUIDAttribute luid;
- luid.attr = 0;
+ luid.attribute = 0;
luid.luid.high = 0;
for ( i=0; i<num_privs; i++ ) {
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index fffb912..fce0565 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1449,7 +1449,7 @@ NTSTATUS _lsa_EnumPrivs(pipes_struct *p,
uint32 enum_context = *r->in.resume_handle;
int num_privs = count_all_privileges();
struct lsa_PrivEntry *entries = NULL;
- LUID_ATTR luid;
+ struct lsa_LUIDAttribute luid;
/* remember that the enum_context starts at 0 and not 1 */
@@ -1873,9 +1873,7 @@ NTSTATUS _lsa_EnumPrivsAccount(pipes_struct *p,
}
for (i=0; i<privileges.count; i++) {
- luid_attrs[i].luid.low = privileges.set[i].luid.low;
- luid_attrs[i].luid.high = privileges.set[i].luid.high;
- luid_attrs[i].attribute = privileges.set[i].attr;
+ luid_attrs[i] = privileges.set[i];
}
priv_set->count = privileges.count;
@@ -2086,7 +2084,7 @@ NTSTATUS _lsa_LookupPrivName(pipes_struct *p,
return NT_STATUS_ACCESS_DENIED;
}
- name = luid_to_privilege_name((LUID *)r->in.luid);
+ name = luid_to_privilege_name(r->in.luid);
if (!name) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
@@ -2401,7 +2399,7 @@ NTSTATUS _lsa_LookupPrivValue(pipes_struct *p,
{
struct lsa_info *info = NULL;
const char *name = NULL;
- LUID_ATTR priv_luid;
+ struct lsa_LUIDAttribute priv_luid;
SE_PRIV mask;
/* find the connection policy handle. */
--
Samba Shared Repository
