void display_sec_access(uint32_t *info);
void display_sec_ace_flags(uint8_t flags);
void display_sec_ace(struct security_ace *ace);
-void display_sec_acl(SEC_ACL *sec_acl);
+void display_sec_acl(struct security_acl *sec_acl);
void display_acl_type(uint16 type);
void display_sec_desc(SEC_DESC *sec);
enum security_descriptor_revision revision,
uint16 type,
const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size);
+ struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size);
SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src);
NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx,
struct security_descriptor *secdesc,
NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len,
struct sec_desc_buf **psecdesc_buf);
SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *dacl, size_t *sd_size);
+ struct security_acl *dacl, size_t *sd_size);
struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc);
struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src);
NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size);
PROTECTED_SACL_SECURITY_INFORMATION|\
PROTECTED_DACL_SECURITY_INFORMATION)
-#ifndef _SEC_ACL
-/* SEC_ACL */
-typedef struct security_acl SEC_ACL;
-#define _SEC_ACL
-#endif
-
#ifndef SEC_DESC_REVISION
#define SEC_DESC_REVISION 0x1
#endif
{
DOM_SID *owner_sid, *group_sid;
struct sec_desc_buf *return_sdb;
- SEC_ACL *dacl, *sacl;
+ struct security_acl *dacl, *sacl;
SEC_DESC *psd = NULL;
uint16 secdesc_type;
size_t secdesc_size;
SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb)
{
DOM_SID *owner_sid, *group_sid;
- SEC_ACL *dacl, *sacl;
+ struct security_acl *dacl, *sacl;
SEC_DESC *psd = NULL;
uint16 secdesc_type;
size_t secdesc_size;
enum security_descriptor_revision revision,
uint16 type,
const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size)
+ struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size)
{
SEC_DESC *dst;
uint32 offset = 0;
********************************************************************/
SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
- SEC_ACL *dacl, size_t *sd_size)
+ struct security_acl *dacl, size_t *sd_size)
{
return make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, NULL,
NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size)
{
SEC_DESC *sd = 0;
- SEC_ACL *dacl = 0;
+ struct security_acl *dacl = 0;
struct security_ace *ace = 0;
NTSTATUS status;
NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size)
{
SEC_DESC *sd = 0;
- SEC_ACL *dacl = 0;
+ struct security_acl *dacl = 0;
struct security_ace *ace = 0;
NTSTATUS status;
bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container)
{
unsigned int i;
- const SEC_ACL *the_acl = parent_ctr->dacl;
+ const struct security_acl *the_acl = parent_ctr->dacl;
for (i = 0; i < the_acl->num_aces; i++) {
const struct security_ace *ace = &the_acl->aces[i];
const DOM_SID *group_sid,
bool container)
{
- SEC_ACL *new_dacl = NULL, *the_acl = NULL;
+ struct security_acl *new_dacl = NULL, *the_acl = NULL;
struct security_ace *new_ace_list = NULL;
unsigned int new_ace_list_ndx = 0, i;
{
uint32_t sa;
struct security_ace ace;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
SEC_DESC *psd = NULL;
uint32 spec_access = def_access;
const char *pacl = acl_str;
int num_aces = 0;
struct security_ace *ace_list = NULL;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
SEC_DESC *psd = NULL;
size_t sd_size = 0;
int i;
}
/* display ACL */
-static void ads_disp_acl(SEC_ACL *sec_acl, const char *type)
+static void ads_disp_acl(struct security_acl *sec_acl, const char *type)
{
if (!sec_acl)
printf("------- (%s) ACL not present\n", type);
struct security_ace ace[6];
uint32_t mask;
- SEC_ACL *theacl = NULL;
+ struct security_acl *theacl = NULL;
uint8_t inherit_flags;
static void
-sort_acl(SEC_ACL *the_acl)
+sort_acl(struct security_acl *the_acl)
{
uint32 i;
if (!the_acl) return;
return true;
}
-/* add an struct security_ace to a list of struct security_aces in a SEC_ACL */
+/* add an struct security_ace to a list of struct security_aces in a struct security_acl */
static bool
-add_ace(SEC_ACL **the_acl,
+add_ace(struct security_acl **the_acl,
struct security_ace *ace,
TALLOC_CTX *ctx)
{
- SEC_ACL *newacl;
+ struct security_acl *newacl;
struct security_ace *aces;
if (! *the_acl) {
size_t sd_size;
DOM_SID *group_sid=NULL;
DOM_SID *owner_sid=NULL;
- SEC_ACL *dacl=NULL;
+ struct security_acl *dacl=NULL;
int revision=1;
while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) {
uint16_t fnum = (uint16_t)-1;
int err = 0;
SEC_DESC *sd = NULL, *old;
- SEC_ACL *dacl = NULL;
+ struct security_acl *dacl = NULL;
DOM_SID *owner_sid = NULL;
DOM_SID *group_sid = NULL;
uint32 i, j;
DOM_SID sid_owner, sid_group;
size_t sd_size = 0;
struct security_ace *nt_ace_list = NULL;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
TALLOC_CTX *mem_ctx = talloc_tos();
if (theacl==NULL || smb_get_naces(theacl)==0)
static SMB4ACL_T *smbacl4_win2nfs4(
const char *filename,
- const SEC_ACL *dacl,
+ const struct security_acl *dacl,
smbacl4_vfs_params *pparams,
uid_t ownerUID,
gid_t ownerGID
}
/**
- * Convert a SEC_ACL to a struct ifs_security_acl
+ * Convert a struct security_acl to a struct ifs_security_acl
*/
static bool
-onefs_samba_acl_to_acl(SEC_ACL *samba_acl, struct ifs_security_acl **acl,
+onefs_samba_acl_to_acl(struct security_acl *samba_acl, struct ifs_security_acl **acl,
bool * ignore_aces, int snum)
{
int num_aces = 0;
}
/**
- * Convert a struct ifs_security_acl to a SEC_ACL
+ * Convert a struct ifs_security_acl to a struct security_acl
*/
static bool
-onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl)
+onefs_acl_to_samba_acl(struct ifs_security_acl *acl, struct security_acl **samba_acl)
{
struct security_ace *samba_aces = NULL;
- SEC_ACL *tmp_samba_acl = NULL;
+ struct security_acl *tmp_samba_acl = NULL;
int i, num_aces = 0;
if (!samba_acl)
struct ifs_security_descriptor *sd = NULL;
DOM_SID owner_sid, group_sid;
DOM_SID *ownerp, *groupp;
- SEC_ACL *dacl, *sacl;
+ struct security_acl *dacl, *sacl;
SEC_DESC *pdesc;
bool alloced = false;
bool new_aces_alloced = false;
{
struct security_ace *nt_ace_list;
DOM_SID owner_sid, group_sid;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
int good_aces;
size_t sd_size;
TALLOC_CTX *mem_ctx = talloc_tos();
const struct security_ace *ace),
struct afs_acl *afs_acl)
{
- const SEC_ACL *dacl;
+ const struct security_acl *dacl;
int i;
/* Currently we *only* look at the dacl */
struct security_ace ace[5]; /* max number of ace entries */
int i = 0;
uint32_t sa;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
SEC_DESC *psd = NULL;
DOM_SID adm_sid;
size_t sd_size;
if (!secdesc_ctr->sd->owner_sid || !secdesc_ctr->sd->group_sid) {
DOM_SID *owner_sid, *group_sid;
- SEC_ACL *dacl, *sacl;
+ struct security_acl *dacl, *sacl;
SEC_DESC *psd = NULL;
size_t size;
struct security_ace ace[5]; /* max number of ace entries */
int i = 0;
uint32_t sa;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
struct sec_desc_buf *sdb = NULL;
SEC_DESC *psd = NULL;
DOM_SID adm_sid;
}
if (DEBUGLEVEL >= 10) {
- SEC_ACL *the_acl = (*secdesc_ctr)->sd->dacl;
+ struct security_acl *the_acl = (*secdesc_ctr)->sd->dacl;
int i;
DEBUG(10, ("secdesc_ctr for %s has %d aces:\n",
struct security_ace ace[3];
size_t i = 0;
SEC_DESC *sd;
- SEC_ACL *theacl;
+ struct security_acl *theacl;
size_t sd_size;
/* basic access for Everyone */
struct security_ace ace[5];
size_t i = 0;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
/* READ|EXECUTE access for Everyone */
struct security_ace ace[5]; /* at most 5 entries */
size_t i = 0;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
/* basic access for Everyone */
{
struct samr_user_info *uinfo;
uint32 i;
- SEC_ACL *dacl;
+ struct security_acl *dacl;
bool ret;
struct samu *sampass=NULL;
NTSTATUS status;
}
if (DEBUGLEVEL >= 10) {
- SEC_ACL *the_acl;
+ struct security_acl *the_acl;
int i;
the_acl = old_secdesc_ctr->sd->dacl;
*/
if (!secdesc->owner_sid || !secdesc->group_sid) {
DOM_SID *owner_sid, *group_sid;
- SEC_ACL *dacl, *sacl;
+ struct security_acl *dacl, *sacl;
size_t size;
result = winreg_get_printer_secdesc(tmp_ctx,
static void map_generic_share_sd_bits(SEC_DESC *psd)
{
int i;
- SEC_ACL *ps_dacl = NULL;
+ struct security_acl *ps_dacl = NULL;
if (!psd)
return;
struct security_ace ace[2];
size_t i = 0;
SEC_DESC *sd;
- SEC_ACL *theacl;
+ struct security_acl *theacl;
size_t sd_size;
/* basic access for Everyone */
struct security_ace ace[4];
size_t i = 0;
SEC_DESC *sd = NULL;
- SEC_ACL *theacl = NULL;
+ struct security_acl *theacl = NULL;
size_t sd_size;
/* basic access for Everyone */
DOM_SID *pfile_grp_sid,
canon_ace **ppfile_ace,
canon_ace **ppdir_ace,
- const SEC_ACL *dacl)
+ const struct security_acl *dacl)
{
bool all_aces_are_inherit_only = (fsp->is_directory ? True : False);
canon_ace *file_ace = NULL;
DOM_SID owner_sid;
DOM_SID group_sid;
size_t sd_size = 0;
- SEC_ACL *psa = NULL;
+ struct security_acl *psa = NULL;
size_t num_acls = 0;
size_t num_def_acls = 0;
size_t num_aces = 0;
static bool swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 )
{
- SEC_ACL *theacl;
+ struct security_acl *theacl;
int i;
bool update = False;
{
SEC_DESC *sd = NULL;
struct security_ace *ace;
- SEC_ACL *theacl;
+ struct security_acl *theacl;
int num_ace;
const char *pacl;
int i;
return sd;
}
-/* add an ACE to a list of ACEs in a SEC_ACL */
-static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, struct security_ace *ace)
+/* add an ACE to a list of ACEs in a struct security_acl */
+static bool add_ace(TALLOC_CTX *mem_ctx, struct security_acl **the_acl, struct security_ace *ace)
{
- SEC_ACL *new_ace;
+ struct security_acl *new_ace;
struct security_ace *aces;
if (! *the_acl) {
return (((*the_acl) = make_sec_acl(mem_ctx, 3, 1, ace)) != NULL);
return memcmp(ace1, ace2, sizeof(struct security_ace));
}
-static void sort_acl(SEC_ACL *the_acl)
+static void sort_acl(struct security_acl *the_acl)
{
uint32 i;
if (!the_acl) return;
return True;
}
-/* add an ACE to a list of ACEs in a SEC_ACL */
-static bool add_ace(SEC_ACL **the_acl, struct security_ace *ace)
+/* add an ACE to a list of ACEs in a struct security_acl */
+static bool add_ace(struct security_acl **the_acl, struct security_ace *ace)
{
- SEC_ACL *new_ace;
+ struct security_acl *new_ace;
struct security_ace *aces;
if (! *the_acl) {
return (((*the_acl) = make_sec_acl(talloc_tos(), 3, 1, ace))
SEC_DESC *ret = NULL;
size_t sd_size;
DOM_SID *grp_sid=NULL, *owner_sid=NULL;
- SEC_ACL *dacl=NULL;
+ struct security_acl *dacl=NULL;
int revision=1;
while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) {
return memcmp(ace1, ace2, sizeof(struct security_ace));
}
-static void sort_acl(SEC_ACL *the_acl)
+static void sort_acl(struct security_acl *the_acl)
{
uint32 i;
if (!the_acl) return;
/* remove all inherited ACL's. */
if (old->dacl) {
int i;
- SEC_ACL *temp=old->dacl;
+ struct security_acl *temp=old->dacl;
old->dacl=make_sec_acl(talloc_tos(), 3, 0, NULL);
for (i=temp->num_aces-1;i>=0;i--) {
struct security_ace *ace=&temp->aces[i];