From 7f6bb48bdf230465fd26514ff43d92e2c1f32fe6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Tue, 18 May 2010 10:29:34 +0200 Subject: [PATCH] s3-secdesc: remove "typedef struct security_descriptor SEC_DESC". Guenther --- source3/client/client.c | 2 +- source3/include/ads_protos.h | 2 +- source3/include/proto.h | 70 ++++++++++++++-------------- source3/include/regfio.h | 4 +- source3/include/rpc_secdes.h | 5 -- source3/lib/secdesc.c | 52 ++++++++++----------- source3/lib/sharesec.c | 18 +++---- source3/libads/disp_sec.c | 2 +- source3/libads/ldap.c | 7 +-- source3/libsmb/clisecdesc.c | 6 +-- source3/libsmb/libsmb_xattr.c | 8 ++-- source3/modules/nfs4_acls.c | 8 ++-- source3/modules/nfs4_acls.h | 6 +-- source3/modules/onefs.h | 10 ++-- source3/modules/onefs_acl.c | 13 +++--- source3/modules/vfs_afsacl.c | 2 +- source3/modules/vfs_aixacl2.c | 8 ++-- source3/modules/vfs_default.c | 8 ++-- source3/modules/vfs_full_audit.c | 6 +-- source3/modules/vfs_gpfs.c | 8 ++-- source3/modules/vfs_zfsacl.c | 2 +- source3/param/loadparm.c | 4 +- source3/printing/nt_printing.c | 16 +++---- source3/registry/reg_api.c | 2 +- source3/registry/reg_dispatcher.c | 6 +-- source3/registry/regfio.c | 6 +-- source3/rpc_server/srv_eventlog_nt.c | 2 +- source3/rpc_server/srv_lsa_nt.c | 12 ++--- source3/rpc_server/srv_samr_nt.c | 18 +++---- source3/rpc_server/srv_srvsvc_nt.c | 14 +++--- source3/rpc_server/srv_svcctl_nt.c | 14 +++--- source3/rpcclient/cmd_spoolss.c | 2 +- source3/services/services_db.c | 12 ++--- source3/smbd/nttrans.c | 6 +-- source3/smbd/posix_acls.c | 33 ++++++------- source3/utils/net_rpc.c | 4 +- source3/utils/net_rpc_printer.c | 2 +- source3/utils/net_usershare.c | 2 +- source3/utils/profiles.c | 4 +- source3/utils/sharesec.c | 10 ++-- source3/utils/smbcacls.c | 22 ++++----- 41 files changed, 220 insertions(+), 218 deletions(-) diff --git a/source3/client/client.c b/source3/client/client.c index 13617155c7f..416a4bb6cff 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -562,7 +562,7 @@ static void display_finfo(file_info *finfo, const char *dir) afname, cli_errstr( finfo->cli))); } else { - SEC_DESC *sd = NULL; + struct security_descriptor *sd = NULL; sd = cli_query_secdesc(finfo->cli, fnum, ctx); if (!sd) { DEBUG( 0, ("display_finfo() failed to " diff --git a/source3/include/ads_protos.h b/source3/include/ads_protos.h index 97b5728b054..dc7922f5874 100644 --- a/source3/include/ads_protos.h +++ b/source3/include/ads_protos.h @@ -26,7 +26,7 @@ bool ads_pull_sid(ADS_STRUCT *ads, LDAPMessage *msg, const char *field, int ads_pull_sids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, LDAPMessage *msg, const char *field, DOM_SID **sids); bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - LDAPMessage *msg, const char *field, SEC_DESC **sd); + LDAPMessage *msg, const char *field, struct security_descriptor **sd); char *ads_pull_username(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, LDAPMessage *msg); int ads_pull_sids_from_extendeddn(ADS_STRUCT *ads, diff --git a/source3/include/proto.h b/source3/include/proto.h index ac989c1fc82..1853fa9b8b0 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -526,7 +526,7 @@ void display_sec_ace_flags(uint8_t flags); void display_sec_ace(struct security_ace *ace); void display_sec_acl(struct security_acl *sec_acl); void display_acl_type(uint16 type); -void display_sec_desc(SEC_DESC *sec); +void display_sec_desc(struct security_descriptor *sec); /* The following definitions come from lib/dmallocmsg.c */ @@ -692,15 +692,15 @@ ssize_t drain_socket(int sockfd, size_t count); /* The following definitions come from lib/secdesc.c */ -uint32_t get_sec_info(const SEC_DESC *sd); -SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb); +uint32_t get_sec_info(const struct security_descriptor *sd); +struct security_descriptor *sec_desc_merge(TALLOC_CTX *ctx, struct security_descriptor *new_sdb, struct security_descriptor *old_sdb); struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *new_sdb, struct sec_desc_buf *old_sdb); -SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, +struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx, enum security_descriptor_revision revision, uint16 type, const DOM_SID *owner_sid, const DOM_SID *grp_sid, struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size); -SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src); +struct security_descriptor *dup_sec_desc(TALLOC_CTX *ctx, const struct security_descriptor *src); NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx, struct security_descriptor *secdesc, uint8 **data, size_t *len); @@ -711,24 +711,24 @@ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len, struct security_descriptor **psecdesc); NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len, struct sec_desc_buf **psecdesc_buf); -SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid, +struct security_descriptor *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid, struct security_acl *dacl, size_t *sd_size); -struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc); +struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, struct security_descriptor *sec_desc); struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src); -NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size); -NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask); -NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size); -bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container); +NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, uint32 mask, size_t *sd_size); +NTSTATUS sec_desc_mod_sid(struct security_descriptor *sd, DOM_SID *sid, uint32 mask); +NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, size_t *sd_size); +bool sd_has_inheritable_components(const struct security_descriptor *parent_ctr, bool container); NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, - SEC_DESC **ppsd, + struct security_descriptor **ppsd, size_t *psize, - const SEC_DESC *parent_ctr, + const struct security_descriptor *parent_ctr, const DOM_SID *owner_sid, const DOM_SID *group_sid, bool container); NTSTATUS se_create_child_secdesc_buf(TALLOC_CTX *ctx, struct sec_desc_buf **ppsdb, - const SEC_DESC *parent_ctr, + const struct security_descriptor *parent_ctr, bool container); /* The following definitions come from lib/select.c */ @@ -749,14 +749,14 @@ struct named_mutex *grab_named_mutex(TALLOC_CTX *mem_ctx, const char *name, /* The following definitions come from lib/sharesec.c */ bool share_info_db_init(void); -SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access); -SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename, +struct security_descriptor *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access); +struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *servicename, size_t *psize); -bool set_share_security(const char *share_name, SEC_DESC *psd); +bool set_share_security(const char *share_name, struct security_descriptor *psd); bool delete_share_security(const char *servicename); bool share_access_check(const NT_USER_TOKEN *token, const char *sharename, uint32 desired_access); -bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd); +bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd); /* The following definitions come from lib/smbldap.c */ @@ -1304,7 +1304,7 @@ bool pull_reg_multi_sz(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const char ** void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping); void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping); void se_map_standard(uint32 *access_mask, struct standard_mapping *mapping); -NTSTATUS se_access_check(const SEC_DESC *sd, const NT_USER_TOKEN *token, +NTSTATUS se_access_check(const struct security_descriptor *sd, const NT_USER_TOKEN *token, uint32 acc_desired, uint32 *acc_granted); /* The following definitions come from lib/util_sec.c */ @@ -1744,7 +1744,7 @@ bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx, /* The following definitions come from libads/disp_sec.c */ -void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd); +void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd); /* The following definitions come from libads/dns.c */ @@ -2844,9 +2844,9 @@ NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode, /* The following definitions come from libsmb/clisecdesc.c */ -SEC_DESC *cli_query_secdesc(struct cli_state *cli, uint16_t fnum, +struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum, TALLOC_CTX *mem_ctx); -bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, SEC_DESC *sd); +bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd); /* The following definitions come from libsmb/clispnego.c */ @@ -4235,7 +4235,7 @@ enum usershare_err parse_usershare_file(TALLOC_CTX *ctx, char **pp_sharepath, char **pp_comment, char **pp_cp_share_name, - SEC_DESC **ppsd, + struct security_descriptor **ppsd, bool *pallow_guest); int load_usershare_service(const char *servicename); int load_usershare_shares(void); @@ -4795,8 +4795,8 @@ WERROR delete_printer_driver(struct pipes_struct *rpc_pipe, uint32 version, bool delete_files ); WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ctr); bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, struct sec_desc_buf **secdesc_ctr); -void map_printer_permissions(SEC_DESC *sd); -void map_job_permissions(SEC_DESC *sd); +void map_printer_permissions(struct security_descriptor *sd); +void map_job_permissions(struct security_descriptor *sd); bool print_access_check(struct auth_serversupplied_info *server_info, int snum, int access_type); bool print_time_access_check(const char *servicename); @@ -5564,8 +5564,8 @@ bool init_service_op_table( void ); /* The following definitions come from services/services_db.c */ void svcctl_init_keys( void ); -SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token ); -bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token ); +struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token ); +bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token ); const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token ); const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token ); struct regval_ctr *svcctl_fetch_regvalues( const char *name, NT_USER_TOKEN *token ); @@ -6300,18 +6300,18 @@ uint32_t map_canon_ace_perms(int snum, enum security_ace_type *pacl_type, mode_t perms, bool directory_ace); -NTSTATUS unpack_nt_owners(connection_struct *conn, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const SEC_DESC *psd); +NTSTATUS unpack_nt_owners(connection_struct *conn, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const struct security_descriptor *psd); SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl); NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, - SEC_DESC **ppdesc); + struct security_descriptor **ppdesc); NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name, - uint32_t security_info, SEC_DESC **ppdesc); + uint32_t security_info, struct security_descriptor **ppdesc); int try_chown(connection_struct *conn, struct smb_filename *smb_fname, uid_t uid, gid_t gid); NTSTATUS append_parent_acl(files_struct *fsp, - const SEC_DESC *pcsd, - SEC_DESC **pp_new_sd); -NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd); + const struct security_descriptor *pcsd, + struct security_descriptor **pp_new_sd); +NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd); int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode ); int chmod_acl(connection_struct *conn, const char *name, mode_t mode); int inherit_access_posix_acl(connection_struct *conn, const char *inherit_from_dir, @@ -6321,7 +6321,7 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname, const SMB_STRUCT_STAT *psbuf, uint16 num_def_acls, const char *pdata); bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *fname, uint16 num_acls, const char *pdata); -SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname); +struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname); /* The following definitions come from smbd/process.c */ @@ -6818,7 +6818,7 @@ struct tevent_req *fncall_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, int fncall_recv(struct tevent_req *req, int *perr); /* The following definitions come from rpc_server/srv_samr_nt.c */ -NTSTATUS access_check_object( SEC_DESC *psd, NT_USER_TOKEN *token, +NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token, SE_PRIV *rights, uint32 rights_mask, uint32 des_access, uint32 *acc_granted, const char *debug); diff --git a/source3/include/regfio.h b/source3/include/regfio.h index 61d74d7f2af..840fbcd89a5 100644 --- a/source3/include/regfio.h +++ b/source3/include/regfio.h @@ -129,7 +129,7 @@ typedef struct _regf_sk_rec { uint32 next_sk_off; uint32 ref_count; uint32 size; - SEC_DESC *sec_desc; + struct security_descriptor *sec_desc; } REGF_SK_REC; /* Key Name */ @@ -217,7 +217,7 @@ REGF_NK_REC* regfio_rootkey( REGF_FILE *file ); REGF_NK_REC* regfio_fetch_subkey( REGF_FILE *file, REGF_NK_REC *nk ); REGF_NK_REC* regfio_write_key ( REGF_FILE *file, const char *name, struct regval_ctr *values, struct regsubkey_ctr *subkeys, - SEC_DESC *sec_desc, REGF_NK_REC *parent ); + struct security_descriptor *sec_desc, REGF_NK_REC *parent ); #endif /* _REGFIO_H */ diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h index 0d0d14956c9..f1d1b1a18f9 100644 --- a/source3/include/rpc_secdes.h +++ b/source3/include/rpc_secdes.h @@ -71,12 +71,7 @@ #define SEC_DESC_REVISION 0x1 #endif -#ifndef _SEC_DESC -/* SEC_DESC */ -typedef struct security_descriptor SEC_DESC; #define SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32)) -#define _SEC_DESC -#endif /* A type to describe the mapping of generic access rights to object specific access rights. */ diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index a439b9e7c08..5791ab61539 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -35,7 +35,7 @@ const struct generic_mapping file_generic_mapping = { Given a security_descriptor return the sec_info. ********************************************************************/ -uint32_t get_sec_info(const SEC_DESC *sd) +uint32_t get_sec_info(const struct security_descriptor *sd) { uint32_t sec_info = ALL_SECURITY_INFORMATION; @@ -68,7 +68,7 @@ struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *ne DOM_SID *owner_sid, *group_sid; struct sec_desc_buf *return_sdb; struct security_acl *dacl, *sacl; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint16 secdesc_type; size_t secdesc_size; @@ -108,11 +108,11 @@ struct sec_desc_buf *sec_desc_merge_buf(TALLOC_CTX *ctx, struct sec_desc_buf *ne return(return_sdb); } -SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb) +struct security_descriptor *sec_desc_merge(TALLOC_CTX *ctx, struct security_descriptor *new_sdb, struct security_descriptor *old_sdb) { DOM_SID *owner_sid, *group_sid; struct security_acl *dacl, *sacl; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint16 secdesc_type; size_t secdesc_size; @@ -150,21 +150,21 @@ SEC_DESC *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC *new_sdb, SEC_DESC *old_sdb) } /******************************************************************* - Creates a SEC_DESC structure + Creates a struct security_descriptor structure ********************************************************************/ -SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, +struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx, enum security_descriptor_revision revision, uint16 type, const DOM_SID *owner_sid, const DOM_SID *grp_sid, struct security_acl *sacl, struct security_acl *dacl, size_t *sd_size) { - SEC_DESC *dst; + struct security_descriptor *dst; uint32 offset = 0; *sd_size = 0; - if(( dst = TALLOC_ZERO_P(ctx, SEC_DESC)) == NULL) + if(( dst = TALLOC_ZERO_P(ctx, struct security_descriptor)) == NULL) return NULL; dst->revision = revision; @@ -223,10 +223,10 @@ error_exit: } /******************************************************************* - Duplicate a SEC_DESC structure. + Duplicate a struct security_descriptor structure. ********************************************************************/ -SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src) +struct security_descriptor *dup_sec_desc(TALLOC_CTX *ctx, const struct security_descriptor *src) { size_t dummy; @@ -361,10 +361,10 @@ NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len, } /******************************************************************* - Creates a SEC_DESC structure with typical defaults. + Creates a struct security_descriptor structure with typical defaults. ********************************************************************/ -SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid, +struct security_descriptor *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid, struct security_acl *dacl, size_t *sd_size) { return make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1, @@ -376,7 +376,7 @@ SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, cons Creates a struct sec_desc_buf structure. ********************************************************************/ -struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc) +struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, struct security_descriptor *sec_desc) { struct sec_desc_buf *dst; @@ -406,12 +406,12 @@ struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src) } /******************************************************************* - Add a new SID with its permissions to SEC_DESC. + Add a new SID with its permissions to struct security_descriptor. ********************************************************************/ -NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 mask, size_t *sd_size) +NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, uint32 mask, size_t *sd_size) { - SEC_DESC *sd = 0; + struct security_descriptor *sd = 0; struct security_acl *dacl = 0; struct security_ace *ace = 0; NTSTATUS status; @@ -439,10 +439,10 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32 } /******************************************************************* - Modify a SID's permissions in a SEC_DESC. + Modify a SID's permissions in a struct security_descriptor. ********************************************************************/ -NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask) +NTSTATUS sec_desc_mod_sid(struct security_descriptor *sd, DOM_SID *sid, uint32 mask) { NTSTATUS status; @@ -458,12 +458,12 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask) } /******************************************************************* - Delete a SID from a SEC_DESC. + Delete a SID from a struct security_descriptor. ********************************************************************/ -NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size) +NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, DOM_SID *sid, size_t *sd_size) { - SEC_DESC *sd = 0; + struct security_descriptor *sd = 0; struct security_acl *dacl = 0; struct security_ace *ace = 0; NTSTATUS status; @@ -518,7 +518,7 @@ static bool is_inheritable_ace(const struct security_ace *ace, * the newly created type ? */ -bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container) +bool sd_has_inheritable_components(const struct security_descriptor *parent_ctr, bool container) { unsigned int i; const struct security_acl *the_acl = parent_ctr->dacl; @@ -538,9 +538,9 @@ bool sd_has_inheritable_components(const SEC_DESC *parent_ctr, bool container) non-container object. */ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, - SEC_DESC **ppsd, + struct security_descriptor **ppsd, size_t *psize, - const SEC_DESC *parent_ctr, + const struct security_descriptor *parent_ctr, const DOM_SID *owner_sid, const DOM_SID *group_sid, bool container) @@ -674,12 +674,12 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, NTSTATUS se_create_child_secdesc_buf(TALLOC_CTX *ctx, struct sec_desc_buf **ppsdb, - const SEC_DESC *parent_ctr, + const struct security_descriptor *parent_ctr, bool container) { NTSTATUS status; size_t size = 0; - SEC_DESC *sd = NULL; + struct security_descriptor *sd = NULL; *ppsdb = NULL; status = se_create_child_secdesc(ctx, diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c index 96ba5a3a2d7..ee384797e09 100644 --- a/source3/lib/sharesec.c +++ b/source3/lib/sharesec.c @@ -225,12 +225,12 @@ bool share_info_db_init(void) def_access is a GENERIC_XXX access mode. ********************************************************************/ -SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access) +struct security_descriptor *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access) { uint32_t sa; struct security_ace ace; struct security_acl *psa = NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint32 spec_access = def_access; se_map_generic(&spec_access, &file_generic_mapping); @@ -256,11 +256,11 @@ SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def Pull a security descriptor from the share tdb. ********************************************************************/ -SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename, +struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *servicename, size_t *psize) { char *key; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; TDB_DATA data; char *c_servicename = canonicalize_servicename(talloc_tos(), servicename); NTSTATUS status; @@ -316,7 +316,7 @@ SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename, Store a security descriptor in the share db. ********************************************************************/ -bool set_share_security(const char *share_name, SEC_DESC *psd) +bool set_share_security(const char *share_name, struct security_descriptor *psd) { TALLOC_CTX *frame = talloc_stackframe(); char *key; @@ -410,7 +410,7 @@ bool share_access_check(const NT_USER_TOKEN *token, const char *sharename, { uint32 granted; NTSTATUS status; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size; psd = get_share_security(talloc_tos(), sharename, &sd_size); @@ -430,14 +430,14 @@ bool share_access_check(const NT_USER_TOKEN *token, const char *sharename, Parse the contents of an acl string from a usershare file. ***************************************************************************/ -bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd) +bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd) { size_t s_size = 0; const char *pacl = acl_str; int num_aces = 0; struct security_ace *ace_list = NULL; struct security_acl *psa = NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size = 0; int i; @@ -445,7 +445,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd) /* If the acl string is blank return "Everyone:R" */ if (!*acl_str) { - SEC_DESC *default_psd = get_share_security_default(ctx, &s_size, GENERIC_READ_ACCESS); + struct security_descriptor *default_psd = get_share_security_default(ctx, &s_size, GENERIC_READ_ACCESS); if (!default_psd) { return False; } diff --git a/source3/libads/disp_sec.c b/source3/libads/disp_sec.c index df1fc9206d9..f8489e1e0b6 100644 --- a/source3/libads/disp_sec.c +++ b/source3/libads/disp_sec.c @@ -187,7 +187,7 @@ static void ads_disp_acl(struct security_acl *sec_acl, const char *type) } /* display SD */ -void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd) +void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd) { int i; char *tmp_path = NULL; diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index a72438bef9c..ed5aee1d8ae 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -2684,16 +2684,17 @@ int ads_count_replies(ADS_STRUCT *ads, void *res) } /** - * pull a SEC_DESC from a ADS result + * pull a struct security_descriptor from a ADS result * @param ads connection to ads server * @param mem_ctx TALLOC_CTX for allocating sid array * @param msg Results of search * @param field Attribute to retrieve - * @param sd Pointer to *SEC_DESC to store result (talloc()ed) + * @param sd Pointer to *struct security_descriptor to store result (talloc()ed) * @return boolean inidicating success */ bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - LDAPMessage *msg, const char *field, SEC_DESC **sd) + LDAPMessage *msg, const char *field, + struct security_descriptor **sd) { struct berval **values; bool ret = true; diff --git a/source3/libsmb/clisecdesc.c b/source3/libsmb/clisecdesc.c index f4f7c545e14..b6eff394c6b 100644 --- a/source3/libsmb/clisecdesc.c +++ b/source3/libsmb/clisecdesc.c @@ -22,13 +22,13 @@ /**************************************************************************** query the security descriptor for a open file ****************************************************************************/ -SEC_DESC *cli_query_secdesc(struct cli_state *cli, uint16_t fnum, +struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum, TALLOC_CTX *mem_ctx) { uint8_t param[8]; uint8_t *rdata=NULL; uint32_t rdata_count=0; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; NTSTATUS status; SIVAL(param, 0, fnum); @@ -69,7 +69,7 @@ SEC_DESC *cli_query_secdesc(struct cli_state *cli, uint16_t fnum, /**************************************************************************** set the security descriptor for a open file ****************************************************************************/ -bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, SEC_DESC *sd) +bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd) { char param[8]; char *rparam=NULL, *rdata=NULL; diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index 49a6a286af1..c9eb103a9ea 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -415,7 +415,7 @@ add_ace(struct security_acl **the_acl, /* parse a ascii version of a security descriptor */ -static SEC_DESC * +static struct security_descriptor * sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *ipc_cli, struct policy_handle *pol, @@ -424,7 +424,7 @@ sec_desc_parse(TALLOC_CTX *ctx, { const char *p = str; char *tok; - SEC_DESC *ret = NULL; + struct security_descriptor *ret = NULL; size_t sd_size; DOM_SID *group_sid=NULL; DOM_SID *owner_sid=NULL; @@ -726,7 +726,7 @@ cacl_get(SMBCCTX *context, bool numeric = True; bool determine_size = (bufsize == 0); uint16_t fnum; - SEC_DESC *sd; + struct security_descriptor *sd; fstring sidstr; fstring name_sandbox; char *name; @@ -1501,7 +1501,7 @@ cacl_set(SMBCCTX *context, { uint16_t fnum = (uint16_t)-1; int err = 0; - SEC_DESC *sd = NULL, *old; + struct security_descriptor *sd = NULL, *old; struct security_acl *dacl = NULL; DOM_SID *owner_sid = NULL; DOM_SID *group_sid = NULL; diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index ebb61459459..3201fa5482b 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -290,7 +290,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, uint32 security_info, - SEC_DESC **ppdesc, SMB4ACL_T *theacl) + struct security_descriptor **ppdesc, SMB4ACL_T *theacl) { int good_aces = 0; DOM_SID sid_owner, sid_group; @@ -338,7 +338,7 @@ static NTSTATUS smb_get_nt_acl_nfs4_common(const SMB_STRUCT_STAT *sbuf, NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp, uint32 security_info, - SEC_DESC **ppdesc, SMB4ACL_T *theacl) + struct security_descriptor **ppdesc, SMB4ACL_T *theacl) { SMB_STRUCT_STAT sbuf; @@ -354,7 +354,7 @@ NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp, NTSTATUS smb_get_nt_acl_nfs4(struct connection_struct *conn, const char *name, uint32 security_info, - SEC_DESC **ppdesc, SMB4ACL_T *theacl) + struct security_descriptor **ppdesc, SMB4ACL_T *theacl) { SMB_STRUCT_STAT sbuf; @@ -719,7 +719,7 @@ static SMB4ACL_T *smbacl4_win2nfs4( NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp, uint32 security_info_sent, - const SEC_DESC *psd, + const struct security_descriptor *psd, set_nfs4acl_native_fn_t set_nfs4_native) { smbacl4_vfs_params params; diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h index b2d1196b260..f4576b0c137 100644 --- a/source3/modules/nfs4_acls.h +++ b/source3/modules/nfs4_acls.h @@ -131,12 +131,12 @@ uint32 smb_get_naces(SMB4ACL_T *theacl); NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp, uint32 security_info, - SEC_DESC **ppdesc, SMB4ACL_T *theacl); + struct security_descriptor **ppdesc, SMB4ACL_T *theacl); NTSTATUS smb_get_nt_acl_nfs4(connection_struct *conn, const char *name, uint32 security_info, - SEC_DESC **ppdesc, SMB4ACL_T *theacl); + struct security_descriptor **ppdesc, SMB4ACL_T *theacl); /* Callback function needed to set the native acl * when applicable */ @@ -144,7 +144,7 @@ typedef bool (*set_nfs4acl_native_fn_t)(files_struct *, SMB4ACL_T *); NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp, uint32 security_info_sent, - const SEC_DESC *psd, + const struct security_descriptor *psd, set_nfs4acl_native_fn_t set_nfs4_native); #endif /* __NFS4_ACLS_H__ */ diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h index dd27d44cca0..cd7782cc373 100644 --- a/source3/modules/onefs.h +++ b/source3/modules/onefs.h @@ -120,19 +120,21 @@ NTSTATUS onefs_notify_watch(vfs_handle_struct *vfs_handle, void *handle_p); NTSTATUS onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info, SEC_DESC **ppdesc); + uint32 security_info, struct security_descriptor **ppdesc); NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, - uint32 security_info, SEC_DESC **ppdesc); + uint32 security_info, struct security_descriptor **ppdesc); NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info_sent, const SEC_DESC *psd); + uint32 security_info_sent, + const struct security_descriptor *psd); /* * Utility functions */ struct ifs_security_descriptor; -NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd, +NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, + const struct security_descriptor *psd, struct ifs_security_descriptor *sd, int snum, uint32_t *security_info_effective); diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c index 112ee43fcd4..440858b5786 100644 --- a/source3/modules/onefs_acl.c +++ b/source3/modules/onefs_acl.c @@ -604,7 +604,7 @@ static bool add_sfs_aces(files_struct *fsp, struct ifs_security_descriptor *sd) */ NTSTATUS onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info, SEC_DESC **ppdesc) + uint32 security_info, struct security_descriptor **ppdesc) { int error; uint32_t sd_size = 0; @@ -613,7 +613,7 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, DOM_SID owner_sid, group_sid; DOM_SID *ownerp, *groupp; struct security_acl *dacl, *sacl; - SEC_DESC *pdesc; + struct security_descriptor *pdesc; bool alloced = false; bool new_aces_alloced = false; bool fopened = false; @@ -790,7 +790,7 @@ out: */ NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, - uint32 security_info, SEC_DESC **ppdesc) + uint32 security_info, struct security_descriptor **ppdesc) { files_struct finfo; struct fd_handle fh; @@ -817,13 +817,14 @@ onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, /** * Isilon-specific function for setting up an ifs_security_descriptor, given a - * samba SEC_DESC. + * samba struct security_descriptor * * @param[out] sd ifs_security_descriptor to fill in * * @return NTSTATUS_OK if successful */ -NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd, +NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, + const struct security_descriptor *psd, struct ifs_security_descriptor *sd, int snum, uint32_t *security_info_effective) { @@ -909,7 +910,7 @@ NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd, */ NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32_t sec_info_sent, const SEC_DESC *psd) + uint32_t sec_info_sent, const struct security_descriptor *psd) { struct ifs_security_descriptor sd = {}; int fd = -1; diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c index 6e66bf2e01d..41af84fb59d 100644 --- a/source3/modules/vfs_afsacl.c +++ b/source3/modules/vfs_afsacl.c @@ -1056,7 +1056,7 @@ static NTSTATUS afsacl_get_nt_acl(struct vfs_handle_struct *handle, NTSTATUS afsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - const SEC_DESC *psd) + const struct security_descriptor *psd) { return afs_set_nt_acl(handle, fsp, security_info_sent, psd); } diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c index 2355f4eb9a7..fcf964b512f 100644 --- a/source3/modules/vfs_aixacl2.c +++ b/source3/modules/vfs_aixacl2.c @@ -155,7 +155,7 @@ static bool aixjfs2_get_nfs4_acl(const char *name, static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, - SEC_DESC **ppdesc) + struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; bool result; @@ -177,7 +177,7 @@ static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle, static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle, const char *name, - uint32 security_info, SEC_DESC **ppdesc) + uint32 security_info, struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; bool result; @@ -370,7 +370,7 @@ static bool aixjfs2_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd) { acl_type_t acl_type_info; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -394,7 +394,7 @@ static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_inf return result; } -NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd) { return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd); } diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 2b57f6bf36e..c2907822af0 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1269,7 +1269,8 @@ static void vfswrap_strict_unlock(struct vfs_handle_struct *handle, static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info, SEC_DESC **ppdesc) + uint32 security_info, + struct security_descriptor **ppdesc) { NTSTATUS result; @@ -1281,7 +1282,8 @@ static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle, static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle, const char *name, - uint32 security_info, SEC_DESC **ppdesc) + uint32 security_info, + struct security_descriptor **ppdesc) { NTSTATUS result; @@ -1291,7 +1293,7 @@ static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle, return result; } -static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd) { NTSTATUS result; diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 8a93695a81d..a89b95f05cc 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -1525,7 +1525,7 @@ static NTSTATUS smb_full_audit_translate_name(struct vfs_handle_struct *handle, static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, - SEC_DESC **ppdesc) + struct security_descriptor **ppdesc) { NTSTATUS result; @@ -1540,7 +1540,7 @@ static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_stru static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, const char *name, uint32 security_info, - SEC_DESC **ppdesc) + struct security_descriptor **ppdesc) { NTSTATUS result; @@ -1554,7 +1554,7 @@ static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - const SEC_DESC *psd) + const struct security_descriptor *psd) { NTSTATUS result; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 7c481d6ba0f..5fdcef94dbf 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -297,7 +297,7 @@ static int gpfs_get_nfs4_acl(const char *fname, SMB4ACL_T **ppacl) static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, - SEC_DESC **ppdesc) + struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; int result; @@ -319,7 +319,7 @@ static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle, static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle, const char *name, - uint32 security_info, SEC_DESC **ppdesc) + uint32 security_info, struct security_descriptor **ppdesc) { SMB4ACL_T *pacl = NULL; int result; @@ -435,7 +435,7 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd) { struct gpfs_acl *acl; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -463,7 +463,7 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_i return result; } -static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd) { return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c index a3de30e8085..4c11f09477a 100644 --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -218,7 +218,7 @@ static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle, static NTSTATUS zfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - const SEC_DESC *psd) + const struct security_descriptor *psd) { return zfs_set_nt_acl(handle, fsp, security_info_sent, psd); } diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 8a762d70e90..f79ac88da34 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -8568,7 +8568,7 @@ enum usershare_err parse_usershare_file(TALLOC_CTX *ctx, char **pp_sharepath, char **pp_comment, char **pp_cp_servicename, - SEC_DESC **ppsd, + struct security_descriptor **ppsd, bool *pallow_guest) { const char **prefixallowlist = lp_usershare_prefix_allow_list(); @@ -8773,7 +8773,7 @@ static int process_usershare_file(const char *dir_name, const char *file_name, i int fd = -1; int iService = -1; TALLOC_CTX *ctx = talloc_stackframe(); - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; bool guest_ok = False; char *canon_name = NULL; bool added_service = false; diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index d15faaabd57..e05b0da0d8e 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -335,7 +335,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key, NTSTATUS status; struct sec_desc_buf *sd_orig = NULL; struct sec_desc_buf *sd_new, *sd_store; - SEC_DESC *sec, *new_sec; + struct security_descriptor *sec, *new_sec; TALLOC_CTX *ctx = state; int result, i; uint32 sd_size; @@ -391,7 +391,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key, } } - /* create a new SEC_DESC with the appropriate owner and group SIDs */ + /* create a new struct security_descriptor with the appropriate owner and group SIDs */ new_sec = make_sec_desc( ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, &global_sid_Builtin_Administrators, @@ -2638,7 +2638,7 @@ WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx, int i = 0; uint32_t sa; struct security_acl *psa = NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; DOM_SID adm_sid; size_t sd_size; @@ -5503,7 +5503,7 @@ WERROR nt_printing_setsec(const char *sharename, struct sec_desc_buf *secdesc_ct if (!secdesc_ctr->sd->owner_sid || !secdesc_ctr->sd->group_sid) { DOM_SID *owner_sid, *group_sid; struct security_acl *dacl, *sacl; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t size; if (!nt_printing_getsec(mem_ctx, sharename, &old_secdesc_ctr)) { @@ -5591,7 +5591,7 @@ static struct sec_desc_buf *construct_default_printer_sdb(TALLOC_CTX *ctx) uint32_t sa; struct security_acl *psa = NULL; struct sec_desc_buf *sdb = NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; DOM_SID adm_sid; size_t sd_size; @@ -5721,7 +5721,7 @@ bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, struct sec_desc_ if (secrets_fetch_domain_sid(lp_workgroup(), &owner_sid)) { struct sec_desc_buf *new_secdesc_ctr = NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t size; /* Create new sd */ @@ -5812,7 +5812,7 @@ jfm: I should use this comment for the text file to explain It turns out that NT4 security descriptors use generic access rights and NT5 the object specific ones. */ -void map_printer_permissions(SEC_DESC *sd) +void map_printer_permissions(struct security_descriptor *sd) { int i; @@ -5822,7 +5822,7 @@ void map_printer_permissions(SEC_DESC *sd) } } -void map_job_permissions(SEC_DESC *sd) +void map_job_permissions(struct security_descriptor *sd) { int i; diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c index 27d71453750..0f130516c40 100644 --- a/source3/registry/reg_api.c +++ b/source3/registry/reg_api.c @@ -855,7 +855,7 @@ static WERROR reg_write_tree(REGF_FILE *regfile, const char *keypath, char *subkeyname; struct registry_key_handle registry_key; WERROR result = WERR_OK; - SEC_DESC *sec_desc = NULL; + struct security_descriptor *sec_desc = NULL; if (!regfile) { return WERR_GENERAL_FAILURE; diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c index 46a49403fbf..966935392fd 100644 --- a/source3/registry/reg_dispatcher.c +++ b/source3/registry/reg_dispatcher.c @@ -35,11 +35,11 @@ static const struct generic_mapping reg_generic_map = /******************************************************************** ********************************************************************/ -static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd) +static WERROR construct_registry_sd(TALLOC_CTX *ctx, struct security_descriptor **psd) { struct security_ace ace[3]; size_t i = 0; - SEC_DESC *sd; + struct security_descriptor *sd; struct security_acl *theacl; size_t sd_size; @@ -162,7 +162,7 @@ bool regkey_access_check(struct registry_key_handle *key, uint32 requested, uint32 *granted, const struct nt_user_token *token ) { - SEC_DESC *sec_desc; + struct security_descriptor *sec_desc; NTSTATUS status; WERROR err; diff --git a/source3/registry/regfio.c b/source3/registry/regfio.c index 1cb453d64fb..60a05040e26 100644 --- a/source3/registry/regfio.c +++ b/source3/registry/regfio.c @@ -954,7 +954,7 @@ static REGF_SK_REC* find_sk_record_by_offset( REGF_FILE *file, uint32 offset ) /******************************************************************* *******************************************************************/ -static REGF_SK_REC* find_sk_record_by_sec_desc( REGF_FILE *file, SEC_DESC *sd ) +static REGF_SK_REC* find_sk_record_by_sec_desc( REGF_FILE *file, struct security_descriptor *sd ) { REGF_SK_REC *p; @@ -1568,7 +1568,7 @@ done: /******************************************************************* *******************************************************************/ -static uint32 sk_record_data_size( SEC_DESC * sd ) +static uint32 sk_record_data_size( struct security_descriptor * sd ) { uint32 size, size_mod8; @@ -1718,7 +1718,7 @@ static int hashrec_cmp( REGF_HASH_REC *h1, REGF_HASH_REC *h2 ) REGF_NK_REC* regfio_write_key( REGF_FILE *file, const char *name, struct regval_ctr *values, struct regsubkey_ctr *subkeys, - SEC_DESC *sec_desc, REGF_NK_REC *parent ) + struct security_descriptor *sec_desc, REGF_NK_REC *parent ) { REGF_NK_REC *nk; REGF_HBIN *vlist_hbin = NULL; diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c index 84c04fe953e..4171ef6d971 100644 --- a/source3/rpc_server/srv_eventlog_nt.c +++ b/source3/rpc_server/srv_eventlog_nt.c @@ -72,7 +72,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( pipes_struct * p, static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token ) { char *tdbname = elog_tdbname(talloc_tos(), info->logname ); - SEC_DESC *sec_desc; + struct security_descriptor *sec_desc; NTSTATUS status; if ( !tdbname ) diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 9477ec0ba28..8540b59b0b7 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -312,7 +312,7 @@ static NTSTATUS lookup_lsa_sids(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *sd_size, +static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, struct security_descriptor **sd, size_t *sd_size, const struct generic_mapping *map, DOM_SID *sid, uint32_t sid_access) { @@ -366,7 +366,7 @@ NTSTATUS _lsa_OpenPolicy2(pipes_struct *p, struct lsa_OpenPolicy2 *r) { struct lsa_info *info; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size; uint32 des_access = r->in.access_mask; uint32 acc_granted; @@ -1759,7 +1759,7 @@ NTSTATUS _lsa_OpenAccount(pipes_struct *p, { struct lsa_info *handle; struct lsa_info *info; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size; uint32_t des_access = r->in.access_mask; uint32_t acc_granted; @@ -2115,7 +2115,7 @@ NTSTATUS _lsa_QuerySecurity(pipes_struct *p, struct lsa_QuerySecurity *r) { struct lsa_info *handle=NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size; NTSTATUS status; @@ -2160,7 +2160,7 @@ NTSTATUS _lsa_AddAccountRights(pipes_struct *p, struct lsa_info *info = NULL; int i = 0; uint32_t acc_granted = 0; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size; DOM_SID sid; NTSTATUS status; @@ -2229,7 +2229,7 @@ NTSTATUS _lsa_RemoveAccountRights(pipes_struct *p, { struct lsa_info *info = NULL; int i = 0; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size; DOM_SID sid; const char *privname = NULL; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 100a1762c78..1dd0088f9cc 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -122,7 +122,7 @@ static const struct generic_mapping ali_generic_mapping = { /******************************************************************* *******************************************************************/ -static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size, +static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, struct security_descriptor **psd, size_t *sd_size, const struct generic_mapping *map, DOM_SID *sid, uint32 sid_access ) { @@ -177,7 +177,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd level of access for further checks. ********************************************************************/ -NTSTATUS access_check_object( SEC_DESC *psd, NT_USER_TOKEN *token, +NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token, SE_PRIV *rights, uint32 rights_mask, uint32 des_access, uint32 *acc_granted, const char *debug ) @@ -537,7 +537,7 @@ NTSTATUS _samr_OpenDomain(pipes_struct *p, { struct samr_connect_info *cinfo; struct samr_domain_info *dinfo; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint32 acc_granted; uint32 des_access = r->in.access_mask; NTSTATUS status; @@ -775,7 +775,7 @@ NTSTATUS _samr_QuerySecurity(pipes_struct *p, struct samr_group_info *ginfo; struct samr_alias_info *ainfo; NTSTATUS status; - SEC_DESC * psd = NULL; + struct security_descriptor * psd = NULL; size_t sd_size = 0; cinfo = policy_handle_find(p, r->in.handle, @@ -2240,7 +2240,7 @@ NTSTATUS _samr_OpenUser(pipes_struct *p, DOM_SID sid; struct samr_domain_info *dinfo; struct samr_user_info *uinfo; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint32 acc_granted; uint32 des_access = r->in.access_mask; uint32_t extra_access = 0; @@ -3754,7 +3754,7 @@ NTSTATUS _samr_CreateUser2(pipes_struct *p, struct samr_user_info *uinfo; NTSTATUS nt_status; uint32 acc_granted; - SEC_DESC *psd; + struct security_descriptor *psd; size_t sd_size; /* check this, when giving away 'add computer to domain' privs */ uint32 des_access = GENERIC_RIGHTS_USER_ALL_ACCESS; @@ -3955,7 +3955,7 @@ NTSTATUS _samr_Connect2(pipes_struct *p, { struct samr_connect_info *info = NULL; struct policy_handle hnd; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint32 acc_granted; uint32 des_access = r->in.access_mask; NTSTATUS nt_status; @@ -4180,7 +4180,7 @@ NTSTATUS _samr_OpenAlias(pipes_struct *p, uint32 alias_rid = r->in.rid; struct samr_alias_info *ainfo; struct samr_domain_info *dinfo; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint32 acc_granted; uint32 des_access = r->in.access_mask; size_t sd_size; @@ -6247,7 +6247,7 @@ NTSTATUS _samr_OpenGroup(pipes_struct *p, GROUP_MAP map; struct samr_domain_info *dinfo; struct samr_group_info *ginfo; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; uint32 acc_granted; uint32 des_access = r->in.access_mask; size_t sd_size; diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 904664f2235..3888061ee43 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -321,7 +321,7 @@ static void init_srv_share_info_2(pipes_struct *p, struct srvsvc_NetShareInfo2 * Map any generic bits to file specific bits. ********************************************************************/ -static void map_generic_share_sd_bits(SEC_DESC *psd) +static void map_generic_share_sd_bits(struct security_descriptor *psd) { int i; struct security_acl *ps_dacl = NULL; @@ -373,7 +373,7 @@ static void init_srv_share_info_502(pipes_struct *p, struct srvsvc_NetShareInfo5 { const char *net_name = lp_servicename(snum); char *path = NULL; - SEC_DESC *sd = NULL; + struct security_descriptor *sd = NULL; struct sec_desc_buf *sd_buf = NULL; size_t sd_size = 0; TALLOC_CTX *ctx = p->mem_ctx; @@ -471,7 +471,7 @@ static void init_srv_share_info_1007(pipes_struct *p, struct srvsvc_NetShareInfo static void init_srv_share_info_1501(pipes_struct *p, struct sec_desc_buf *r, int snum) { - SEC_DESC *sd; + struct security_descriptor *sd; size_t sd_size; TALLOC_CTX *ctx = p->mem_ctx; @@ -1515,7 +1515,7 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, int snum; int ret; char *path = NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; SE_PRIV se_diskop = SE_DISK_OPERATOR; bool is_disk_op = False; int max_connections = 0; @@ -1711,7 +1711,7 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, /* Replace SD if changed. */ if (psd) { - SEC_DESC *old_sd; + struct security_descriptor *old_sd; size_t sd_size; old_sd = get_share_security(p->mem_ctx, lp_servicename(snum), &sd_size); @@ -1745,7 +1745,7 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p, int snum; int ret; char *path; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; SE_PRIV se_diskop = SE_DISK_OPERATOR; bool is_disk_op; int max_connections = 0; @@ -2074,7 +2074,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, struct srvsvc_NetGetFileSecurity *r) { struct smb_filename *smb_fname = NULL; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; size_t sd_size; fstring servicename; SMB_STRUCT_STAT st; diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index 0975ef98c71..604066e3722 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -121,7 +121,7 @@ static struct service_control_op* find_service_by_name( const char *name ) /******************************************************************** ********************************************************************/ -static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, +static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, NT_USER_TOKEN *token, uint32 access_desired, uint32 *access_granted ) { if ( geteuid() == sec_initial_uid() ) { @@ -135,11 +135,11 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, /******************************************************************** ********************************************************************/ -static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) +static struct security_descriptor* construct_scm_sd( TALLOC_CTX *ctx ) { struct security_ace ace[2]; size_t i = 0; - SEC_DESC *sd; + struct security_descriptor *sd; struct security_acl *theacl; size_t sd_size; @@ -255,7 +255,7 @@ done: WERROR _svcctl_OpenSCManagerW(pipes_struct *p, struct svcctl_OpenSCManagerW *r) { - SEC_DESC *sec_desc; + struct security_descriptor *sec_desc; uint32 access_granted = 0; NTSTATUS status; @@ -280,7 +280,7 @@ WERROR _svcctl_OpenSCManagerW(pipes_struct *p, WERROR _svcctl_OpenServiceW(pipes_struct *p, struct svcctl_OpenServiceW *r) { - SEC_DESC *sec_desc; + struct security_descriptor *sec_desc; uint32 access_granted = 0; NTSTATUS status; const char *service = NULL; @@ -854,7 +854,7 @@ WERROR _svcctl_QueryServiceObjectSecurity(pipes_struct *p, struct svcctl_QueryServiceObjectSecurity *r) { SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); - SEC_DESC *sec_desc; + struct security_descriptor *sec_desc; NTSTATUS status; uint8_t *buffer = NULL; size_t len = 0; @@ -905,7 +905,7 @@ WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p, struct svcctl_SetServiceObjectSecurity *r) { SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); - SEC_DESC *sec_desc = NULL; + struct security_descriptor *sec_desc = NULL; uint32 required_access; NTSTATUS status; diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index e3ad97c7139..018c7c82344 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -3184,7 +3184,7 @@ static bool compare_printer_secdesc( struct rpc_pipe_client *cli1, struct policy union spoolss_PrinterInfo info1, info2; WERROR werror; TALLOC_CTX *mem_ctx = talloc_init("compare_printer_secdesc"); - SEC_DESC *sd1, *sd2; + struct security_descriptor *sd1, *sd2; bool result = true; diff --git a/source3/services/services_db.c b/source3/services/services_db.c index 31a74d1a189..22e39e0e52a 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -88,11 +88,11 @@ struct service_display_info common_unix_svcs[] = { /******************************************************************** ********************************************************************/ -static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx ) +static struct security_descriptor* construct_service_sd( TALLOC_CTX *ctx ) { struct security_ace ace[4]; size_t i = 0; - SEC_DESC *sd = NULL; + struct security_descriptor *sd = NULL; struct security_acl *theacl = NULL; size_t sd_size; @@ -335,7 +335,7 @@ static void add_new_svc_name(struct registry_key_handle *key_parent, char *path = NULL; struct regval_ctr *values = NULL; struct regsubkey_ctr *svc_subkeys = NULL; - SEC_DESC *sd = NULL; + struct security_descriptor *sd = NULL; DATA_BLOB sd_blob; NTSTATUS status; @@ -497,12 +497,12 @@ void svcctl_init_keys( void ) in case of any failure. ********************************************************************/ -SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token ) +struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token ) { struct registry_key_handle *key = NULL; struct regval_ctr *values = NULL; struct regval_blob *val = NULL; - SEC_DESC *ret_sd = NULL; + struct security_descriptor *ret_sd = NULL; char *path= NULL; WERROR wresult; NTSTATUS status; @@ -558,7 +558,7 @@ done: Wrapper to make storing a Service sd easier ********************************************************************/ -bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token ) +bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, NT_USER_TOKEN *token ) { struct registry_key_handle *key = NULL; WERROR wresult; diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 6a6f620ee9d..b42d665668d 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -831,7 +831,7 @@ static void do_nt_transact_create_pipe(connection_struct *conn, NTSTATUS set_sd(files_struct *fsp, uint8_t *data, uint32_t sd_len, uint32_t security_info_sent) { - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; NTSTATUS status; if (sd_len == 0 || !lp_nt_acl_support(SNUM(fsp->conn))) { @@ -1755,7 +1755,7 @@ static void call_nt_transact_rename(connection_struct *conn, Fake up a completely empty SD. *******************************************************************************/ -static NTSTATUS get_null_nt_acl(TALLOC_CTX *mem_ctx, SEC_DESC **ppsd) +static NTSTATUS get_null_nt_acl(TALLOC_CTX *mem_ctx, struct security_descriptor **ppsd) { size_t sd_size; @@ -1784,7 +1784,7 @@ NTSTATUS smbd_do_query_security_desc(connection_struct *conn, size_t *psd_size) { NTSTATUS status; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; /* * Get the permissions to return. diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 24da3cf99e6..1b8af3b9264 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -1164,12 +1164,13 @@ static mode_t map_nt_perms( uint32 *mask, int type) } /**************************************************************************** - Unpack a SEC_DESC into a UNIX owner and group. + Unpack a struct security_descriptor into a UNIX owner and group. ****************************************************************************/ NTSTATUS unpack_nt_owners(struct connection_struct *conn, uid_t *puser, gid_t *pgrp, - uint32 security_info_sent, const SEC_DESC *psd) + uint32 security_info_sent, const struct + security_descriptor *psd) { DOM_SID owner_sid; DOM_SID grp_sid; @@ -1573,7 +1574,7 @@ static bool dup_owning_ace(canon_ace *dir_ace, canon_ace *ace) } /**************************************************************************** - Unpack a SEC_DESC into two canonical ace lists. + Unpack a struct security_descriptor into two canonical ace lists. ****************************************************************************/ static bool create_canon_ace_lists(files_struct *fsp, @@ -2307,7 +2308,7 @@ static mode_t create_default_mode(files_struct *fsp, bool interitable_mode) } /**************************************************************************** - Unpack a SEC_DESC into two canonical ace lists. We don't depend on this + Unpack a struct security_descriptor into two canonical ace lists. We don't depend on this succeeding. ****************************************************************************/ @@ -2318,7 +2319,7 @@ static bool unpack_canon_ace(files_struct *fsp, canon_ace **ppfile_ace, canon_ace **ppdir_ace, uint32 security_info_sent, - const SEC_DESC *psd) + const struct security_descriptor *psd) { SMB_STRUCT_STAT st; canon_ace *file_ace = NULL; @@ -3174,7 +3175,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, SMB_ACL_T posix_acl, SMB_ACL_T def_acl, uint32_t security_info, - SEC_DESC **ppdesc) + struct security_descriptor **ppdesc) { DOM_SID owner_sid; DOM_SID group_sid; @@ -3188,7 +3189,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, struct security_ace *nt_ace_list = NULL; size_t num_profile_acls = 0; DOM_SID orig_owner_sid; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; int i; /* @@ -3437,7 +3438,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, } NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, - SEC_DESC **ppdesc) + struct security_descriptor **ppdesc) { SMB_STRUCT_STAT sbuf; SMB_ACL_T posix_acl = NULL; @@ -3470,7 +3471,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, } NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name, - uint32_t security_info, SEC_DESC **ppdesc) + uint32_t security_info, struct security_descriptor **ppdesc) { SMB_ACL_T posix_acl = NULL; SMB_ACL_T def_acl = NULL; @@ -3627,11 +3628,11 @@ int try_chown(connection_struct *conn, struct smb_filename *smb_fname, ****************************************************************************/ NTSTATUS append_parent_acl(files_struct *fsp, - const SEC_DESC *pcsd, - SEC_DESC **pp_new_sd) + const struct security_descriptor *pcsd, + struct security_descriptor **pp_new_sd) { struct smb_filename *smb_dname = NULL; - SEC_DESC *parent_sd = NULL; + struct security_descriptor *parent_sd = NULL; files_struct *parent_fsp = NULL; TALLOC_CTX *mem_ctx = talloc_tos(); char *parent_name = NULL; @@ -3640,7 +3641,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, NTSTATUS status; int info; unsigned int i, j; - SEC_DESC *psd = dup_sec_desc(talloc_tos(), pcsd); + struct security_descriptor *psd = dup_sec_desc(talloc_tos(), pcsd); bool is_dacl_protected = (pcsd->type & SEC_DESC_DACL_PROTECTED); if (psd == NULL) { @@ -3826,7 +3827,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, This should be the only external function needed for the UNIX style set ACL. ****************************************************************************/ -NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd) { connection_struct *conn = fsp->conn; uid_t user = (uid_t)-1; @@ -4701,9 +4702,9 @@ bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char * Assume we are dealing with files (for now) ********************************************************************/ -SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname) +struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname) { - SEC_DESC *psd, *ret_sd; + struct security_descriptor *psd, *ret_sd; connection_struct *conn; files_struct finfo; struct fd_handle fh; diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 253e9771c2b..0ce2cd5d496 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -4420,8 +4420,8 @@ static void show_userlist(struct rpc_pipe_client *pipe_hnd, struct user_token *tokens) { uint16_t fnum; - SEC_DESC *share_sd = NULL; - SEC_DESC *root_sd = NULL; + struct security_descriptor *share_sd = NULL; + struct security_descriptor *root_sd = NULL; struct cli_state *cli = rpc_pipe_np_smb_conn(pipe_hnd); int i; union srvsvc_NetShareInfo info; diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c index f627f1916c4..e81e4c9610e 100644 --- a/source3/utils/net_rpc_printer.c +++ b/source3/utils/net_rpc_printer.c @@ -153,7 +153,7 @@ NTSTATUS net_copy_fileattr(struct net_context *c, NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; uint16_t fnum_src = 0; uint16_t fnum_dst = 0; - SEC_DESC *sd = NULL; + struct security_descriptor *sd = NULL; uint16_t attr; time_t f_atime, f_ctime, f_mtime; diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c index 05b3cbd0151..c005268d0bf 100644 --- a/source3/utils/net_usershare.c +++ b/source3/utils/net_usershare.c @@ -330,7 +330,7 @@ static int info_fn(struct file_list *fl, void *priv) struct net_context *c = pi->c; int fd = -1; int numlines = 0; - SEC_DESC *psd = NULL; + struct security_descriptor *psd = NULL; char *basepath; char *sharepath = NULL; char *comment = NULL; diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index ff82fbd10a2..e44b2f8e942 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -56,7 +56,7 @@ static void verbose_output(const char *format, ...) /******************************************************************** ********************************************************************/ -static bool swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 ) +static bool swap_sid_in_acl( struct security_descriptor *sd, DOM_SID *s1, DOM_SID *s2 ) { struct security_acl *theacl; int i; @@ -117,7 +117,7 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, const char *parentpath ) { REGF_NK_REC *key, *subkey; - SEC_DESC *new_sd; + struct security_descriptor *new_sd; struct regval_ctr *values; struct regsubkey_ctr *subkeys; int i; diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index da8dfa28b74..1264e4b51f2 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -124,7 +124,7 @@ static void print_ace(FILE *f, struct security_ace *ace) print an ascii version of a security descriptor on a FILE handle ********************************************************************/ -static void sec_desc_print(FILE *f, SEC_DESC *sd) +static void sec_desc_print(FILE *f, struct security_descriptor *sd) { uint32 i; @@ -294,9 +294,9 @@ static bool parse_ace(struct security_ace *ace, const char *orig_str) /******************************************************************** ********************************************************************/ -static SEC_DESC* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size ) +static struct security_descriptor* parse_acl_string(TALLOC_CTX *mem_ctx, const char *szACL, size_t *sd_size ) { - SEC_DESC *sd = NULL; + struct security_descriptor *sd = NULL; struct security_ace *ace; struct security_acl *theacl; int num_ace; @@ -407,8 +407,8 @@ static void sort_acl(struct security_acl *the_acl) static int change_share_sec(TALLOC_CTX *mem_ctx, const char *sharename, char *the_acl, enum acl_mode mode) { - SEC_DESC *sd = NULL; - SEC_DESC *old = NULL; + struct security_descriptor *sd = NULL; + struct security_descriptor *old = NULL; size_t sd_size = 0; uint32 i, j; diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index f4307e38705..2344f2f0ab3 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -552,11 +552,11 @@ static bool add_ace(struct security_acl **the_acl, struct security_ace *ace) } /* parse a ascii version of a security descriptor */ -static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *str) +static struct security_descriptor *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *str) { const char *p = str; char *tok; - SEC_DESC *ret = NULL; + struct security_descriptor *ret = NULL; size_t sd_size; DOM_SID *grp_sid=NULL, *owner_sid=NULL; struct security_acl *dacl=NULL; @@ -624,7 +624,7 @@ static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *st /* print a ascii version of a security descriptor on a FILE handle */ -static void sec_desc_print(struct cli_state *cli, FILE *f, SEC_DESC *sd) +static void sec_desc_print(struct cli_state *cli, FILE *f, struct security_descriptor *sd) { fstring sidstr; uint32 i; @@ -691,10 +691,10 @@ static uint16 get_fileinfo(struct cli_state *cli, const char *filename) /***************************************************** get sec desc for filename *******************************************************/ -static SEC_DESC *get_secdesc(struct cli_state *cli, const char *filename) +static struct security_descriptor *get_secdesc(struct cli_state *cli, const char *filename) { uint16_t fnum = (uint16_t)-1; - SEC_DESC *sd; + struct security_descriptor *sd; /* The desired access below is the only one I could find that works with NT4, W2KP and Samba */ @@ -721,7 +721,7 @@ static SEC_DESC *get_secdesc(struct cli_state *cli, const char *filename) set sec desc for filename *******************************************************/ static bool set_secdesc(struct cli_state *cli, const char *filename, - SEC_DESC *sd) + struct security_descriptor *sd) { uint16_t fnum = (uint16_t)-1; bool result=true; @@ -753,7 +753,7 @@ dump the acls for a file static int cacl_dump(struct cli_state *cli, const char *filename) { int result = EXIT_FAILED; - SEC_DESC *sd; + struct security_descriptor *sd; if (test_args) return EXIT_OK; @@ -782,7 +782,7 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode, const char *filename, const char *new_username) { DOM_SID sid; - SEC_DESC *sd, *old; + struct security_descriptor *sd, *old; size_t sd_size; if (!StringToSid(cli, &sid, new_username)) @@ -875,7 +875,7 @@ set the ACLs on a file given an ascii description static int cacl_set(struct cli_state *cli, const char *filename, char *the_acl, enum acl_mode mode) { - SEC_DESC *sd, *old; + struct security_descriptor *sd, *old; uint32 i, j; size_t sd_size; int result = EXIT_OK; @@ -993,7 +993,7 @@ set the inherit on a file static int inherit(struct cli_state *cli, const char *filename, const char *type) { - SEC_DESC *old,*sd; + struct security_descriptor *old,*sd; uint32 oldattr; size_t sd_size; int result = EXIT_OK; @@ -1011,7 +1011,7 @@ static int inherit(struct cli_state *cli, const char *filename, SEC_DESC_DACL_PROTECTED) { int i; char *parentname,*temp; - SEC_DESC *parent; + struct security_descriptor *parent; temp = talloc_strdup(talloc_tos(), filename); old->type=old->type & (~SEC_DESC_DACL_PROTECTED); -- 2.34.1