(this should have been part of the previous commit)

Add a function to display 'sid types' as strings - makes rpcclient outptut
and DEBUG() logs much eaiser to understand.

Move the enum for SID types to smb.h, becouse is really isn't LSA specific any
more.

Andrew Bartlett

diff --git a/source/include/rpc_lsa.h b/source/include/rpc_lsa.h
index ceb0e17d5c8ae460e80c89c10f0dc6555b52da67..8e42ac7d2cb9a345e455edb59221b8f01f77148f 100644 (file)
--- a/source/include/rpc_lsa.h
+++ b/source/include/rpc_lsa.h
@@ -25,19 +25,6 @@
 
 #include "rpc_misc.h"
 
-enum SID_NAME_USE
-{
-       SID_NAME_USE_NONE = 0,/* NOTUSED */
-       SID_NAME_USER    = 1, /* user */
-       SID_NAME_DOM_GRP = 2, /* domain group */
-       SID_NAME_DOMAIN  = 3, /* domain: don't know what this is */
-       SID_NAME_ALIAS   = 4, /* local group */
-       SID_NAME_WKN_GRP = 5, /* well-known group */
-       SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
-       SID_NAME_INVALID = 7, /* invalid account */
-       SID_NAME_UNKNOWN = 8  /* oops. */
-};
-
 /* Opcodes available on PIPE_LSARPC */
 
 #define LSA_CLOSE              0x00

diff --git a/source/include/smb.h b/source/include/smb.h
index b095c3d8fa35017afffc9f11ce1dd296a3220180..a67101ff0997bfa2bd5a28f4e5b64a1a45796995 100644 (file)
--- a/source/include/smb.h
+++ b/source/include/smb.h
@@ -248,6 +248,20 @@ typedef uint32 WERROR;
 #define MAXSUBAUTHS 15 /* max sub authorities in a SID */
 #endif
 
+/* SID Types */
+enum SID_NAME_USE
+{
+       SID_NAME_USE_NONE = 0,/* NOTUSED */
+       SID_NAME_USER    = 1, /* user */
+       SID_NAME_DOM_GRP = 2, /* domain group */
+       SID_NAME_DOMAIN  = 3, /* domain: don't know what this is */
+       SID_NAME_ALIAS   = 4, /* local group */
+       SID_NAME_WKN_GRP = 5, /* well-known group */
+       SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
+       SID_NAME_INVALID = 7, /* invalid account */
+       SID_NAME_UNKNOWN = 8  /* oops. */
+};
+
 /**
  * @brief Security Identifier
  *

diff --git a/source/lib/util_sid.c b/source/lib/util_sid.c
index 7d3bd848efd65aa96bbbebdb02d4fc4f1c5c8770..3293026c7d143d412d1bb9b9c25e2522e3137e5b 100644 (file)
--- a/source/lib/util_sid.c
+++ b/source/lib/util_sid.c
@@ -43,7 +43,6 @@ DOM_SID global_sid_Network;                                   /* Network rids */
 static DOM_SID global_sid_Creator_Owner;               /* Creator Owner */
 static DOM_SID global_sid_Creator_Group;              /* Creator Group */
 static DOM_SID global_sid_Anonymous;                           /* Anonymous login */
-static const DOM_SID *global_sid_everyone = &global_sid_World;
 
 /*
  * An NT compatible anonymous token.
@@ -56,6 +55,43 @@ NT_USER_TOKEN anonymous_token = {
     anon_sid_array
 };
 
+/****************************************************************************
+ Lookup string names for SID types.
+****************************************************************************/
+
+const static struct {
+       enum SID_NAME_USE sid_type;
+       char *string;
+} sid_name_type[] = {
+       {SID_NAME_USER, "user"},
+       {SID_NAME_DOM_GRP, "domain group"},
+       {SID_NAME_DOMAIN, "domain"},
+       {SID_NAME_ALIAS, "local group"},
+       {SID_NAME_WKN_GRP, "well-known group"},
+       {SID_NAME_DELETED, "deleted account"},
+       {SID_NAME_INVALID, "invalid account"},
+       {SID_NAME_UNKNOWN, "UNKNOWN"},
+
+       {SID_NAME_USE_NONE, NULL}
+};
+
+const char *sid_type_lookup(uint32 sid_type) 
+{
+       int i = 0;
+
+       /* Look through list */
+       while(sid_name_type[i].sid_type != 0) {
+               if (sid_name_type[i].sid_type == sid_type)
+                       return sid_name_type[i].string;
+               i++;
+       }
+
+       /* Default return */
+       return "SID *TYPE* is INVALID";
+       
+}
+
+
 /****************************************************************************
  Creates some useful well known sids
 ****************************************************************************/