From ed6b4ddd71ebdcdbdea7949ecbef11f409766534 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 30 Aug 2010 13:14:40 +1000
Subject: [PATCH] s3-privs Directly manipulate the privileges bitmap.

There is no longer any reason to go via the se_ functions to
manipulate this bitmap.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
---
 source3/lib/privileges.c   |  8 +++-----
 source3/lib/util_nttoken.c | 11 +++--------
 source3/libgpo/gpo_reg.c   |  2 +-
 3 files changed, 7 insertions(+), 14 deletions(-)

diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 349067f047e..42fccf8b717 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -130,7 +130,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc
 	int i;
 	bool found = False;
 
-	se_priv_copy( privileges, &se_priv_none );
+	*privileges = 0;
 
 	for ( i=0; i<scount; i++ ) {
 		/* don't add unless we actually have a privilege assigned */
@@ -142,7 +142,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc
 			 "set: 0x%llx\n", sid_string_dbg(&slist[i]),
 			 (unsigned long long)mask));
 
-		se_priv_add( privileges, &mask );
+		*privileges |= mask;
 		found = True;
 	}
 
@@ -224,8 +224,6 @@ NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids)
 
 	ZERO_STRUCT(priv);
 
-	se_priv_copy( &priv.privilege, &se_priv_none );
-
 	db->traverse_read(db, priv_traverse_fn, &priv);
 
 	/* give the memory away; caller will free */
@@ -252,7 +250,7 @@ NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
 
 	ZERO_STRUCT(priv);
 
-	se_priv_copy(&priv.privilege, mask);
+	priv.privilege = *mask;
 	priv.mem_ctx = mem_ctx;
 
 	db->traverse_read(db, priv_traverse_fn, &priv);
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 8efebaf9eb6..3130ed89fbf 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -56,12 +56,7 @@ struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_t
 		token->num_sids = ptoken->num_sids;
 	}
 	
-	/* copy the privileges; don't consider failure to be critical here */
-	
-	if ( !se_priv_copy( &token->privilege_mask, &ptoken->privilege_mask ) ) {
-		DEBUG(0,("dup_nt_token: Failure to copy privilages!.  "
-			 "Continuing with 0 privileges assigned.\n"));
-	}
+	token->privilege_mask = ptoken->privilege_mask;
 
 	return token;
 }
@@ -108,8 +103,8 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
 		}
 	}
 
-	se_priv_add(&token->privilege_mask, &token_1->privilege_mask);
-	se_priv_add(&token->privilege_mask, &token_2->privilege_mask);
+	token->privilege_mask |= token_1->privilege_mask;
+	token->privilege_mask |= token_2->privilege_mask;
 
 	*token_out = token;
 
diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c
index 39d072f689d..f599435e6cb 100644
--- a/source3/libgpo/gpo_reg.c
+++ b/source3/libgpo/gpo_reg.c
@@ -37,7 +37,7 @@ struct security_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
 		return NULL;
 	}
 
-	token->privilege_mask = se_priv_all;
+	token->privilege_mask = SE_ALL_PRIVS;
 
 	if (!NT_STATUS_IS_OK(add_sid_to_array(token, &global_sid_System,
 			 &token->sids, &token->num_sids))) {
-- 
2.34.1