char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type);
void display_sec_access(uint32_t *info);
void display_sec_ace_flags(uint8_t flags);
-void display_sec_ace(SEC_ACE *ace);
+void display_sec_ace(struct security_ace *ace);
void display_sec_acl(SEC_ACL *sec_acl);
void display_acl_type(uint16 type);
void display_sec_desc(SEC_DESC *sec);
const struct nt_user_token *token_1,
const struct nt_user_token *token_2,
struct nt_user_token **token_out);
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
+bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
/* The following definitions come from lib/util_pw.c */
PROTECTED_SACL_SECURITY_INFORMATION|\
PROTECTED_DACL_SECURITY_INFORMATION)
-/* SEC_ACE */
-typedef struct security_ace SEC_ACE;
-
-#ifndef ACL_REVISION
-#define ACL_REVISION 0x3
-#endif
-
#ifndef _SEC_ACL
/* SEC_ACL */
typedef struct security_acl SEC_ACL;
{
SEC_DESC *sd = 0;
SEC_ACL *dacl = 0;
- SEC_ACE *ace = 0;
+ struct security_ace *ace = 0;
NTSTATUS status;
if (!ctx || !psd || !sid || !sd_size)
{
SEC_DESC *sd = 0;
SEC_ACL *dacl = 0;
- SEC_ACE *ace = 0;
+ struct security_ace *ace = 0;
NTSTATUS status;
if (!ctx || !psd[0] || !sid || !sd_size)
}
/*
- * Determine if an ACE is inheritable
+ * Determine if an struct security_ace is inheritable
*/
-static bool is_inheritable_ace(const SEC_ACE *ace,
+static bool is_inheritable_ace(const struct security_ace *ace,
bool container)
{
if (!container) {
const SEC_ACL *the_acl = parent_ctr->dacl;
for (i = 0; i < the_acl->num_aces; i++) {
- const SEC_ACE *ace = &the_acl->aces[i];
+ const struct security_ace *ace = &the_acl->aces[i];
if (is_inheritable_ace(ace, container)) {
return true;
bool container)
{
SEC_ACL *new_dacl = NULL, *the_acl = NULL;
- SEC_ACE *new_ace_list = NULL;
+ struct security_ace *new_ace_list = NULL;
unsigned int new_ace_list_ndx = 0, i;
*ppsd = NULL;
return NT_STATUS_NO_MEMORY;
}
- if (!(new_ace_list = TALLOC_ARRAY(ctx, SEC_ACE,
+ if (!(new_ace_list = TALLOC_ARRAY(ctx, struct security_ace,
2*the_acl->num_aces))) {
return NT_STATUS_NO_MEMORY;
}
}
for (i = 0; i < the_acl->num_aces; i++) {
- const SEC_ACE *ace = &the_acl->aces[i];
- SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx];
+ const struct security_ace *ace = &the_acl->aces[i];
+ struct security_ace *new_ace = &new_ace_list[new_ace_list_ndx];
const DOM_SID *ptrustee = &ace->trustee;
const DOM_SID *creator = NULL;
uint8 new_flags = ace->flags;
SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access)
{
uint32_t sa;
- SEC_ACE ace;
+ struct security_ace ace;
SEC_ACL *psa = NULL;
SEC_DESC *psd = NULL;
uint32 spec_access = def_access;
size_t s_size = 0;
const char *pacl = acl_str;
int num_aces = 0;
- SEC_ACE *ace_list = NULL;
+ struct security_ace *ace_list = NULL;
SEC_ACL *psa = NULL;
SEC_DESC *psd = NULL;
size_t sd_size = 0;
/* Add the number of ',' characters to get the number of aces. */
num_aces += count_chars(pacl,',');
- ace_list = TALLOC_ARRAY(ctx, SEC_ACE, num_aces);
+ ace_list = TALLOC_ARRAY(ctx, struct security_ace, num_aces);
if (!ace_list) {
return False;
}
}
/*******************************************************************
- Check if this ACE has a SID in common with the token.
+ Check if this struct security_ace has a SID in common with the token.
********************************************************************/
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
}
/* display ACE */
-static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_ACE *sec_ace)
+static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace *sec_ace)
{
const char *access_type = "UNKNOWN";
struct security_descriptor **sd,
size_t *sd_size)
{
- SEC_ACE ace[6];
+ struct security_ace ace[6];
uint32_t mask;
SEC_ACL *theacl = NULL;
*/
static int
-ace_compare(SEC_ACE *ace1,
- SEC_ACE *ace2)
+ace_compare(struct security_ace *ace1,
+ struct security_ace *ace2)
{
bool b1;
bool b2;
return ace1->size - ace2->size;
}
- return memcmp(ace1, ace2, sizeof(SEC_ACE));
+ return memcmp(ace1, ace2, sizeof(struct security_ace));
}
}
-/* parse an ACE in the same format as print_ace() */
+/* parse an struct security_ace in the same format as print_ace() */
static bool
parse_ace(struct cli_state *ipc_cli,
struct policy_handle *pol,
- SEC_ACE *ace,
+ struct security_ace *ace,
bool numeric,
char *str)
{
return true;
}
-/* add an ACE to a list of ACEs in a SEC_ACL */
+/* add an struct security_ace to a list of struct security_aces in a SEC_ACL */
static bool
add_ace(SEC_ACL **the_acl,
- SEC_ACE *ace,
+ struct security_ace *ace,
TALLOC_CTX *ctx)
{
SEC_ACL *newacl;
- SEC_ACE *aces;
+ struct security_ace *aces;
if (! *the_acl) {
(*the_acl) = make_sec_acl(ctx, 3, 1, ace);
return True;
}
- if ((aces = SMB_CALLOC_ARRAY(SEC_ACE,
+ if ((aces = SMB_CALLOC_ARRAY(struct security_ace,
1+(*the_acl)->num_aces)) == NULL) {
return False;
}
- memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
- memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct security_ace));
+ memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
newacl = make_sec_acl(ctx, (*the_acl)->revision,
1+(*the_acl)->num_aces, aces);
SAFE_FREE(aces);
}
if (StrnCaseCmp(tok,"ACL:", 4) == 0) {
- SEC_ACE ace;
+ struct security_ace ace;
if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
goto done;
}
if (StrnCaseCmp(tok,"ACL+:", 5) == 0) {
- SEC_ACE ace;
+ struct security_ace ace;
if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
goto done;
/* Add aces to value buffer */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->aces[i];
+ struct security_ace *ace = &sd->dacl->aces[i];
convert_sid_to_string(ipc_cli, pol,
sidstr, numeric,
&ace->trustee);
DOM_SID *psid_owner, /* in */
DOM_SID *psid_group, /* in */
bool is_directory, /* in */
- SEC_ACE **ppnt_ace_list, /* out */
+ struct security_ace **ppnt_ace_list, /* out */
int *pgood_aces /* out */
)
{
SMB_ACL4_INT_T *aclint = (SMB_ACL4_INT_T *)theacl;
SMB_ACE4_INT_T *aceint;
- SEC_ACE *nt_ace_list = NULL;
+ struct security_ace *nt_ace_list = NULL;
int good_aces = 0;
DEBUG(10, ("smbacl_nfs42win entered\n"));
aclint = get_validated_aclint(theacl);
/* We do not check for naces being 0 or theacl being NULL here because it is done upstream */
/* in smb_get_nt_acl_nfs4(). */
- nt_ace_list = (SEC_ACE *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(SEC_ACE));
+ nt_ace_list = (struct security_ace *)TALLOC_ZERO_SIZE(mem_ctx, aclint->naces * sizeof(struct security_ace));
if (nt_ace_list==NULL)
{
DEBUG(10, ("talloc error"));
int good_aces = 0;
DOM_SID sid_owner, sid_group;
size_t sd_size = 0;
- SEC_ACE *nt_ace_list = NULL;
+ struct security_ace *nt_ace_list = NULL;
SEC_ACL *psa = NULL;
TALLOC_CTX *mem_ctx = talloc_tos();
smbacl4_vfs_params *params,
uid_t ownerUID,
gid_t ownerGID,
- const SEC_ACE *ace_nt, /* input */
+ const struct security_ace *ace_nt, /* input */
SMB_ACE4PROP_T *ace_v4 /* output */
)
{
* Convert a trustee to a struct identity
*/
static bool
-onefs_samba_ace_to_ace(SEC_ACE * samba_ace, struct ifs_ace * ace,
+onefs_samba_ace_to_ace(struct security_ace * samba_ace, struct ifs_ace * ace,
bool *mapped, int snum)
{
struct ifs_identity ident = {.type=IFS_ID_TYPE_LAST, .id.uid=0};
{
int num_aces = 0;
struct ifs_ace *aces = NULL;
- SEC_ACE *samba_aces;
+ struct security_ace *samba_aces;
bool mapped;
int i, j;
static bool
onefs_acl_to_samba_acl(struct ifs_security_acl *acl, SEC_ACL **samba_acl)
{
- SEC_ACE *samba_aces = NULL;
+ struct security_ace *samba_aces = NULL;
SEC_ACL *tmp_samba_acl = NULL;
int i, num_aces = 0;
/* Allocate the ace list. */
if (num_aces > 0) {
- if ((samba_aces = SMB_MALLOC_ARRAY(SEC_ACE, num_aces)) == NULL)
+ if ((samba_aces = SMB_MALLOC_ARRAY(struct security_ace, num_aces)) == NULL)
{
DEBUG(0, ("Unable to malloc space for %d aces.\n",
num_aces));
return false;
}
- memset(samba_aces, '\0', (num_aces) * sizeof(SEC_ACE));
+ memset(samba_aces, '\0', (num_aces) * sizeof(struct security_ace));
}
for (i = 0; i < num_aces; i++) {
{ 0, 0, 0, 9999 }
};
-static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace)
+static uint32 nt_to_afs_dir_rights(const char *filename, const struct security_ace *ace)
{
uint32 result = 0;
uint32 rights = ace->access_mask;
return result;
}
-static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace)
+static uint32 nt_to_afs_file_rights(const char *filename, const struct security_ace *ace)
{
uint32 result = 0;
uint32 rights = ace->access_mask;
uint32 security_info,
struct security_descriptor **ppdesc)
{
- SEC_ACE *nt_ace_list;
+ struct security_ace *nt_ace_list;
DOM_SID owner_sid, group_sid;
SEC_ACL *psa = NULL;
int good_aces;
gid_to_sid(&group_sid, psbuf->st_ex_gid);
if (afs_acl->num_aces) {
- nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
+ nt_ace_list = TALLOC_ARRAY(mem_ctx, struct security_ace, afs_acl->num_aces);
if (nt_ace_list == NULL)
return 0;
uint32 security_info_sent,
const struct security_descriptor *psd,
uint32 (*nt_to_afs_rights)(const char *filename,
- const SEC_ACE *ace),
+ const struct security_ace *ace),
struct afs_acl *afs_acl)
{
const SEC_ACL *dacl;
dacl = psd->dacl;
for (i = 0; i < dacl->num_aces; i++) {
- const SEC_ACE *ace = &(dacl->aces[i]);
+ const struct security_ace *ace = &(dacl->aces[i]);
const char *dom_name, *name;
enum lsa_SidType name_type;
char *p;
WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
struct spoolss_security_descriptor **secdesc)
{
- SEC_ACE ace[5]; /* max number of ace entries */
+ struct security_ace ace[5]; /* max number of ace entries */
int i = 0;
uint32_t sa;
SEC_ACL *psa = NULL;
static struct sec_desc_buf *construct_default_printer_sdb(TALLOC_CTX *ctx)
{
- SEC_ACE ace[5]; /* max number of ace entries */
+ struct security_ace ace[5]; /* max number of ace entries */
int i = 0;
uint32_t sa;
SEC_ACL *psa = NULL;
static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd)
{
- SEC_ACE ace[3];
+ struct security_ace ace[3];
size_t i = 0;
SEC_DESC *sd;
SEC_ACL *theacl;
DOM_SID *sid, uint32_t sid_access)
{
DOM_SID adm_sid;
- SEC_ACE ace[5];
+ struct security_ace ace[5];
size_t i = 0;
SEC_ACL *psa = NULL;
DOM_SID *sid, uint32 sid_access )
{
DOM_SID domadmin_sid;
- SEC_ACE ace[5]; /* at most 5 entries */
+ struct security_ace ace[5]; /* at most 5 entries */
size_t i = 0;
SEC_ACL *psa = NULL;
return;
for (i = 0; i < ps_dacl->num_aces; i++) {
- SEC_ACE *psa = &ps_dacl->aces[i];
+ struct security_ace *psa = &ps_dacl->aces[i];
uint32 orig_mask = psa->access_mask;
se_map_generic(&psa->access_mask, &file_generic_mapping);
static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
{
- SEC_ACE ace[2];
+ struct security_ace ace[2];
size_t i = 0;
SEC_DESC *sd;
SEC_ACL *theacl;
static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx )
{
- SEC_ACE ace[4];
+ struct security_ace ace[4];
size_t i = 0;
SEC_DESC *sd = NULL;
SEC_ACL *theacl = NULL;
*/
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa = &dacl->aces[i];
+ struct security_ace *psa = &dacl->aces[i];
if((psa->type != SEC_ACE_TYPE_ACCESS_ALLOWED) && (psa->type != SEC_ACE_TYPE_ACCESS_DENIED)) {
DEBUG(3,("create_canon_ace_lists: unable to set anything but an ALLOW or DENY ACE.\n"));
*/
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa1 = &dacl->aces[i];
+ struct security_ace *psa1 = &dacl->aces[i];
for (j = i + 1; j < dacl->num_aces; j++) {
- SEC_ACE *psa2 = &dacl->aces[j];
+ struct security_ace *psa2 = &dacl->aces[j];
if (psa1->access_mask != psa2->access_mask)
continue;
}
for(i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *psa = &dacl->aces[i];
+ struct security_ace *psa = &dacl->aces[i];
/*
* Create a cannon_ace entry representing this NT DACL ACE.
Based on code from "Jim McDonough" <jmcd@us.ibm.com>.
****************************************************************************/
-static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
+static size_t merge_default_aces( struct security_ace *nt_ace_list, size_t num_aces)
{
size_t i, j;
(i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
if (num_aces - i - 1 > 0)
memmove(&nt_ace_list[i], &nt_ace_list[i+1], (num_aces-i-1) *
- sizeof(SEC_ACE));
+ sizeof(struct security_ace));
DEBUG(10,("merge_default_aces: Merging zero access ACE %u onto ACE %u.\n",
(unsigned int)i, (unsigned int)j ));
(i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
if (num_aces - j - 1 > 0)
memmove(&nt_ace_list[j], &nt_ace_list[j+1], (num_aces-j-1) *
- sizeof(SEC_ACE));
+ sizeof(struct security_ace));
DEBUG(10,("merge_default_aces: Merging ACE %u onto ACE %u.\n",
(unsigned int)j, (unsigned int)i ));
* any reallocation of memory.
*/
-static void add_or_replace_ace(SEC_ACE *nt_ace_list, size_t *num_aces,
+static void add_or_replace_ace(struct security_ace *nt_ace_list, size_t *num_aces,
const DOM_SID *sid, enum security_ace_type type,
uint32_t mask, uint8_t flags)
{
size_t num_aces = 0;
canon_ace *file_ace = NULL;
canon_ace *dir_ace = NULL;
- SEC_ACE *nt_ace_list = NULL;
+ struct security_ace *nt_ace_list = NULL;
size_t num_profile_acls = 0;
DOM_SID orig_owner_sid;
SEC_DESC *psd = NULL;
num_def_acls = count_canon_ace_list(dir_ace);
/* Allocate the ace list. */
- if ((nt_ace_list = SMB_MALLOC_ARRAY(SEC_ACE,num_acls + num_profile_acls + num_def_acls)) == NULL) {
+ if ((nt_ace_list = SMB_MALLOC_ARRAY(struct security_ace,num_acls + num_profile_acls + num_def_acls)) == NULL) {
DEBUG(0,("get_nt_acl: Unable to malloc space for nt_ace_list.\n"));
goto done;
}
- memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(SEC_ACE) );
+ memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(struct security_ace) );
/*
* Create the NT ACE list from the canonical ace lists.
files_struct *parent_fsp = NULL;
TALLOC_CTX *mem_ctx = talloc_tos();
char *parent_name = NULL;
- SEC_ACE *new_ace = NULL;
+ struct security_ace *new_ace = NULL;
unsigned int num_aces = pcsd->dacl->num_aces;
NTSTATUS status;
int info;
num_aces += parent_sd->dacl->num_aces;
- if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, SEC_ACE,
+ if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, struct security_ace,
num_aces)) == NULL) {
return NT_STATUS_NO_MEMORY;
}
/* Finally append any inherited ACEs. */
for (j = 0; j < parent_sd->dacl->num_aces; j++) {
- SEC_ACE *se = &parent_sd->dacl->aces[j];
+ struct security_ace *se = &parent_sd->dacl->aces[j];
if (fsp->is_directory) {
if (!(se->flags & SEC_ACE_FLAG_CONTAINER_INHERIT)) {
print an ACE on a FILE
********************************************************************/
-static void print_ace(FILE *f, SEC_ACE *ace)
+static void print_ace(FILE *f, struct security_ace *ace)
{
const struct perm_value *v;
int do_print = 0;
/* Print aces */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->aces[i];
+ struct security_ace *ace = &sd->dacl->aces[i];
fprintf(f, "ACL:");
print_ace(f, ace);
fprintf(f, "\n");
parse an ACE in the same format as print_ace()
********************************************************************/
-static bool parse_ace(SEC_ACE *ace, const char *orig_str)
+static bool parse_ace(struct security_ace *ace, const char *orig_str)
{
char *p;
const char *cp;
static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size )
{
SEC_DESC *sd = NULL;
- SEC_ACE *ace;
+ struct security_ace *ace;
SEC_ACL *theacl;
int num_ace;
const char *pacl;
pacl = szACL;
num_ace = count_chars( pacl, ',' ) + 1;
- if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, SEC_ACE, num_ace )) )
+ if ( !(ace = TALLOC_ZERO_ARRAY( mem_ctx, struct security_ace, num_ace )) )
return NULL;
for ( i=0; i<num_ace; i++ ) {
}
/* add an ACE to a list of ACEs in a SEC_ACL */
-static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, SEC_ACE *ace)
+static bool add_ace(TALLOC_CTX *mem_ctx, SEC_ACL **the_acl, struct security_ace *ace)
{
SEC_ACL *new_ace;
- SEC_ACE *aces;
+ struct security_ace *aces;
if (! *the_acl) {
return (((*the_acl) = make_sec_acl(mem_ctx, 3, 1, ace)) != NULL);
}
- if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
+ if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) {
return False;
}
- memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
- memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct
+ security_ace));
+ memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
new_ace = make_sec_acl(mem_ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
SAFE_FREE(aces);
(*the_acl) = new_ace;
computer running Windows NT 5.0" if denied ACEs do not appear before
allowed ACEs. */
-static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
+static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
{
if (sec_ace_equal(ace1, ace2))
return 0;
if (ace1->size != ace2->size)
return ace1->size - ace2->size;
- return memcmp(ace1, ace2, sizeof(SEC_ACE));
+ return memcmp(ace1, ace2, sizeof(struct security_ace));
}
static void sort_acl(SEC_ACL *the_acl)
}
/* print an ACE on a FILE, using either numeric or ascii representation */
-static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace)
+static void print_ace(struct cli_state *cli, FILE *f, struct security_ace *ace)
{
const struct perm_value *v;
fstring sidstr;
}
/* parse an ACE in the same format as print_ace() */
-static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
+static bool parse_ace(struct cli_state *cli, struct security_ace *ace,
const char *orig_str)
{
char *p;
}
/* add an ACE to a list of ACEs in a SEC_ACL */
-static bool add_ace(SEC_ACL **the_acl, SEC_ACE *ace)
+static bool add_ace(SEC_ACL **the_acl, struct security_ace *ace)
{
SEC_ACL *new_ace;
- SEC_ACE *aces;
+ struct security_ace *aces;
if (! *the_acl) {
return (((*the_acl) = make_sec_acl(talloc_tos(), 3, 1, ace))
!= NULL);
}
- if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
+ if (!(aces = SMB_CALLOC_ARRAY(struct security_ace, 1+(*the_acl)->num_aces))) {
return False;
}
- memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
- memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
+ memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct
+ security_ace));
+ memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
new_ace = make_sec_acl(talloc_tos(),(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
SAFE_FREE(aces);
(*the_acl) = new_ace;
}
if (strncmp(tok,"ACL:", 4) == 0) {
- SEC_ACE ace;
+ struct security_ace ace;
if (!parse_ace(cli, &ace, tok+4)) {
goto done;
}
/* Print aces */
for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
- SEC_ACE *ace = &sd->dacl->aces[i];
+ struct security_ace *ace = &sd->dacl->aces[i];
fprintf(f, "ACL:");
print_ace(cli, f, ace);
fprintf(f, "\n");
canonical order is specified as "Explicit Deny, Explicit Allow,
Inherited ACEs unchanged" */
-static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
+static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
{
if (sec_ace_equal(ace1, ace2))
return 0;
if (ace1->size != ace2->size)
return ace1->size - ace2->size;
- return memcmp(ace1, ace2, sizeof(SEC_ACE));
+ return memcmp(ace1, ace2, sizeof(struct security_ace));
}
static void sort_acl(SEC_ACL *the_acl)
string_replace(parentname, '/', '\\');
parent = get_secdesc(cli,parentname);
for (i=0;i<parent->dacl->num_aces;i++) {
- SEC_ACE *ace=&parent->dacl->aces[i];
+ struct security_ace *ace=&parent->dacl->aces[i];
if ((oldattr & aDIR) == aDIR) {
if ((ace->flags & SEC_ACE_FLAG_CONTAINER_INHERIT) ==
SEC_ACE_FLAG_CONTAINER_INHERIT) {
SEC_ACL *temp=old->dacl;
old->dacl=make_sec_acl(talloc_tos(), 3, 0, NULL);
for (i=temp->num_aces-1;i>=0;i--) {
- SEC_ACE *ace=&temp->aces[i];
+ struct security_ace *ace=&temp->aces[i];
/* Remove all ace with INHERITED flag set */
if ((ace->flags & SEC_ACE_FLAG_INHERITED_ACE) !=
SEC_ACE_FLAG_INHERITED_ACE) {
if (old->dacl) {
int i;
for (i=0;i<old->dacl->num_aces;i++) {
- SEC_ACE *ace=&old->dacl->aces[i];
+ struct security_ace *ace=&old->dacl->aces[i];
/* Remove INHERITED FLAG from all aces */
ace->flags=ace->flags&(~SEC_ACE_FLAG_INHERITED_ACE);
}