s3-privs Directly manipulate the privileges bitmap.

There is no longer any reason to go via the se_ functions to
manipulate this bitmap.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 349067f047e0bc6fcb2b8ac066d89093852c96d6..42fccf8b717b7bbea306a1a33bf77fba0e5d0957 100644 (file)
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -130,7 +130,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc
        int i;
        bool found = False;
 
-       se_priv_copy( privileges, &se_priv_none );
+       *privileges = 0;
 
        for ( i=0; i<scount; i++ ) {
                /* don't add unless we actually have a privilege assigned */
@@ -142,7 +142,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc
                         "set: 0x%llx\n", sid_string_dbg(&slist[i]),
                         (unsigned long long)mask));
 
-               se_priv_add( privileges, &mask );
+               *privileges |= mask;
                found = True;
        }
 
@@ -224,8 +224,6 @@ NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids)
 
        ZERO_STRUCT(priv);
 
-       se_priv_copy( &priv.privilege, &se_priv_none );
-
        db->traverse_read(db, priv_traverse_fn, &priv);
 
        /* give the memory away; caller will free */
@@ -252,7 +250,7 @@ NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
 
        ZERO_STRUCT(priv);
 
-       se_priv_copy(&priv.privilege, mask);
+       priv.privilege = *mask;
        priv.mem_ctx = mem_ctx;
 
        db->traverse_read(db, priv_traverse_fn, &priv);

diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 8efebaf9eb6ebde468b379fa28461fdc6b3d1827..3130ed89fbf332955b2ccfc95923f8c342de8437 100644 (file)
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -56,12 +56,7 @@ struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_t
                token->num_sids = ptoken->num_sids;
        }
        
-       /* copy the privileges; don't consider failure to be critical here */
-       
-       if ( !se_priv_copy( &token->privilege_mask, &ptoken->privilege_mask ) ) {
-               DEBUG(0,("dup_nt_token: Failure to copy privilages!.  "
-                        "Continuing with 0 privileges assigned.\n"));
-       }
+       token->privilege_mask = ptoken->privilege_mask;
 
        return token;
 }
@@ -108,8 +103,8 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
                }
        }
 
-       se_priv_add(&token->privilege_mask, &token_1->privilege_mask);
-       se_priv_add(&token->privilege_mask, &token_2->privilege_mask);
+       token->privilege_mask |= token_1->privilege_mask;
+       token->privilege_mask |= token_2->privilege_mask;
 
        *token_out = token;
 

diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c
index 39d072f689dcbb5199a62f68346b322b43bc29b0..f599435e6cb4865d944b016df03f3c6405d7b67f 100644 (file)
--- a/source3/libgpo/gpo_reg.c
+++ b/source3/libgpo/gpo_reg.c
@@ -37,7 +37,7 @@ struct security_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
                return NULL;
        }
 
-       token->privilege_mask = se_priv_all;
+       token->privilege_mask = SE_ALL_PRIVS;
 
        if (!NT_STATUS_IS_OK(add_sid_to_array(token, &global_sid_System,
                         &token->sids, &token->num_sids))) {