From f4195183a47b0e7c8bc9644d62b123f7880f3fcd Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 21 Apr 2009 18:15:59 +0200 Subject: [PATCH] s3: Use common security_descriptor_equal(). --- source3/include/proto.h | 1 - source3/lib/secdesc.c | 68 ----------------------------- source3/registry/regfio.c | 2 +- source3/rpc_server/srv_spoolss_nt.c | 2 +- source3/rpc_server/srv_srvsvc_nt.c | 2 +- source3/rpcclient/cmd_spoolss.c | 2 +- 6 files changed, 4 insertions(+), 73 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 3a706e4725e..82a16598ecd 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -647,7 +647,6 @@ ssize_t drain_socket(int sockfd, size_t count); /* The following definitions come from lib/secdesc.c */ -bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2); uint32_t get_sec_info(const SEC_DESC *sd); SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb); SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index a81c4ae82a2..5e351818341 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -31,74 +31,6 @@ const struct generic_mapping file_generic_mapping = { FILE_GENERIC_ALL }; -/******************************************************************* - Compares two SEC_DESC structures -********************************************************************/ - -bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2) -{ - /* Trivial case */ - - if (!s1 && !s2) { - goto done; - } - - if (!s1 || !s2) { - return False; - } - - /* Check top level stuff */ - - if (s1->revision != s2->revision) { - DEBUG(10, ("sec_desc_equal(): revision differs (%d != %d)\n", - s1->revision, s2->revision)); - return False; - } - - if (s1->type!= s2->type) { - DEBUG(10, ("sec_desc_equal(): type differs (%d != %d)\n", - s1->type, s2->type)); - return False; - } - - /* Check owner and group */ - - if (!sid_equal(s1->owner_sid, s2->owner_sid)) { - DEBUG(10, ("sec_desc_equal(): owner differs (%s != %s)\n", - sid_string_dbg(s1->owner_sid), - sid_string_dbg(s2->owner_sid))); - return False; - } - - if (!sid_equal(s1->group_sid, s2->group_sid)) { - DEBUG(10, ("sec_desc_equal(): group differs (%s != %s)\n", - sid_string_dbg(s1->group_sid), - sid_string_dbg(s2->group_sid))); - return False; - } - - /* Check ACLs present in one but not the other */ - - if ((s1->dacl && !s2->dacl) || (!s1->dacl && s2->dacl) || - (s1->sacl && !s2->sacl) || (!s1->sacl && s2->sacl)) { - DEBUG(10, ("sec_desc_equal(): dacl or sacl not present\n")); - return False; - } - - /* Sigh - we have to do it the hard way by iterating over all - the ACEs in the ACLs */ - - if (!sec_acl_equal(s1->dacl, s2->dacl) || - !sec_acl_equal(s1->sacl, s2->sacl)) { - DEBUG(10, ("sec_desc_equal(): dacl/sacl list not equal\n")); - return False; - } - - done: - DEBUG(10, ("sec_desc_equal(): secdescs are identical\n")); - return True; -} - /******************************************************************* Given a security_descriptor return the sec_info. ********************************************************************/ diff --git a/source3/registry/regfio.c b/source3/registry/regfio.c index e1c04c4777b..074e8414b11 100644 --- a/source3/registry/regfio.c +++ b/source3/registry/regfio.c @@ -958,7 +958,7 @@ static REGF_SK_REC* find_sk_record_by_sec_desc( REGF_FILE *file, SEC_DESC *sd ) REGF_SK_REC *p; for ( p=file->sec_desc_list; p; p=p->next ) { - if ( sec_desc_equal( p->sec_desc, sd ) ) + if ( security_descriptor_equal( p->sec_desc, sd ) ) return p; } diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 629e41c0033..64f18537e01 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -5864,7 +5864,7 @@ static WERROR update_printer_sec(struct policy_handle *handle, goto done; } - if (sec_desc_equal(new_secdesc_ctr->sd, old_secdesc_ctr->sd)) { + if (security_descriptor_equal(new_secdesc_ctr->sd, old_secdesc_ctr->sd)) { result = WERR_OK; goto done; } diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 056236f22dc..4f0e48bd9d0 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1675,7 +1675,7 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, old_sd = get_share_security(p->mem_ctx, lp_servicename(snum), &sd_size); - if (old_sd && !sec_desc_equal(old_sd, psd)) { + if (old_sd && !security_descriptor_equal(old_sd, psd)) { if (!set_share_security(share_name, psd)) DEBUG(0,("_srvsvc_NetShareSetInfo: Failed to change security info in share %s.\n", share_name )); diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index 4bcaa291e18..b7ea9640d24 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -2896,7 +2896,7 @@ static bool compare_printer_secdesc( struct rpc_pipe_client *cli1, struct policy goto done; } - if (!sec_desc_equal( sd1, sd2 ) ) { + if (!security_descriptor_equal( sd1, sd2 ) ) { printf("Security Descriptors *not* equal!\n"); result = false; goto done; -- 2.34.1