s3-util_sid Tidy up global struct security_token

This no longer needs to be global, and should be const.  We now also
init it with the C99 style initialisers.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 03196c30ed98a5733248cb18754c7751f576e64f..73fe868d8459d1847f8fdece86cc7e9b557b74a8 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1319,7 +1319,7 @@ bool is_setuid_root(void) ;
 /* The following definitions come from lib/util_sid.c  */
 
 const char *sid_type_lookup(uint32 sid_type) ;
-struct security_token *get_system_token(void) ;
+const struct security_token *get_system_token(void) ;
 char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid);
 char *sid_string_talloc(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
 char *sid_string_dbg(const struct dom_sid *sid);

diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 7e803fcfce681b7eee648d927fda0e2e63a9e799..6c16fea5857b1da37717c52df4f195974f7ba12a 100644 (file)
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -22,8 +22,6 @@
 
 #include "includes.h"
 
-extern struct security_token anonymous_token;
-
 /* Map generic access rights to object specific rights.  This technique is
    used to give meaning to assigning read, write, execute and all access to
    objects.  Each type of object has its own mapping of generic to object

diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 0e5c2043781b1c4a76d0253480c4510b9f0e262b..4e0ddd2e491409eaf101d159ba6639e87f1a7f42 100644 (file)
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -99,19 +99,13 @@ const struct dom_sid global_sid_Unix_Groups =                       /* Unmapped Unix groups */
 #define SECURITY_NT_AUTHORITY          5
 #endif
 
-/*
- * An NT compatible anonymous token.
- */
-
-static struct dom_sid anon_sid_array[3] =
-{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
-  { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
-  { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
-struct security_token anonymous_token = { 3, anon_sid_array, SE_NONE };
-
 static struct dom_sid system_sid_array[1] =
 { { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
-struct security_token system_token = { 1, system_sid_array, SE_ALL_PRIVS };
+static const struct security_token system_token = {
+       .num_sids       = ARRAY_SIZE(system_sid_array),
+       .sids           = system_sid_array,
+       .privilege_mask = SE_ALL_PRIVS
+};
 
 /****************************************************************************
  Lookup string names for SID types.
@@ -153,7 +147,7 @@ const char *sid_type_lookup(uint32 sid_type)
  Create the SYSTEM token.
 ***************************************************************************/
 
-struct security_token *get_system_token(void)
+const struct security_token *get_system_token(void)
 {
        return &system_token;
 }

diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c
index 1fc9337a565e0e7be8325e7ce4d10182eb39013d..96787a374f2f6defe46dbcf125a7da4542f9567a 100644 (file)
--- a/source3/rpc_server/srv_eventlog_nt.c
+++ b/source3/rpc_server/srv_eventlog_nt.c
@@ -69,7 +69,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( struct pipes_struct * p,
 /********************************************************************
 ********************************************************************/
 
-static bool elog_check_access( EVENTLOG_INFO *info, struct security_token *token )
+static bool elog_check_access( EVENTLOG_INFO *info, const struct security_token *token )
 {
        char *tdbname = elog_tdbname(talloc_tos(), info->logname );
        struct security_descriptor *sec_desc;