git.samba.org / kamenim / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3ef4b8c)
r18745: Use the Samba4 data structures for security descriptors and security descriptor
authorJelmer Vernooij <jelmer@samba.org>
Wed, 20 Sep 2006 22:23:12 +0000 (22:23 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 17:00:54 +0000 (12:00 -0500)
buffers.

Make security access masks simply a uint32 rather than a structure
with a uint32 in it.
(This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)

31 files changed:
source3/include/rpc_secdes.h patch | blob | history
source3/include/vfs.h patch | blob | history
source3/lib/display_sec.c patch | blob | history
source3/lib/secace.c patch | blob | history
source3/lib/secacl.c patch | blob | history
source3/lib/secdesc.c patch | blob | history
source3/lib/util_seaccess.c patch | blob | history
source3/libads/disp_sec.c patch | blob | history
source3/libmsrpc/cac_winreg.c patch | blob | history
source3/libsmb/clisecdesc.c patch | blob | history
source3/libsmb/libsmbclient.c patch | blob | history
source3/modules/vfs_afsacl.c patch | blob | history
source3/modules/vfs_cap.c patch | blob | history
source3/modules/vfs_catia.c patch | blob | history
source3/printing/nt_printing.c patch | blob | history
source3/registry/reg_printing.c patch | blob | history
source3/rpc_client/cli_reg.c patch | blob | history
source3/rpc_parse/parse_reg.c patch | blob | history
source3/rpc_parse/parse_sec.c patch | blob | history
source3/rpc_parse/parse_spoolss.c patch | blob | history
source3/rpc_server/srv_spoolss_nt.c patch | blob | history
source3/rpc_server/srv_srvsvc_nt.c patch | blob | history
source3/rpcclient/cmd_lsarpc.c patch | blob | history
source3/rpcclient/cmd_samr.c patch | blob | history
source3/smbd/nttrans.c patch | blob | history
source3/smbd/posix_acls.c patch | blob | history
source3/tdb/include/tdbutil.h patch | blob | history
source3/utils/net_usershare.c patch | blob | history
source3/utils/profiles.c patch | blob | history
source3/utils/sharesec.c patch | blob | history
source3/utils/smbcacls.c patch | blob | history

diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 83c3b669144ec28b2af6c2707e810e04023015ac..9b0694b08d10bc1001342799d1d4fd85971ffcef 100644 (file)
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -72,30 +72,10 @@
                                        PROTECTED_DACL_SECURITY_INFORMATION)
 
 /* SEC_ACCESS */
-typedef struct security_info_info
-{
-       uint32 mask;
-
-} SEC_ACCESS;
+typedef uint32 SEC_ACCESS;
 
 /* SEC_ACE */
-typedef struct security_ace_info
-{
-       uint8 type;  /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
-       uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
-       uint16 size;
-
-       SEC_ACCESS info;
-
-       /* this stuff may be present when type is XXXX_TYPE_XXXX_OBJECT */
-       uint32  obj_flags; /* xxxx_ACE_OBJECT_xxxx e.g present/inherited present etc */
-       struct GUID obj_guid;  /* object GUID */
-       struct GUID inh_guid;  /* inherited object GUID */              
-        /* eof object stuff */
-
-       DOM_SID trustee;
-
-} SEC_ACE;
+typedef struct security_ace SEC_ACE;
 #define  SEC_ACE_HEADER_SIZE (2 * sizeof(uint8) + sizeof(uint16) + sizeof(uint32))
 
 #ifndef ACL_REVISION
@@ -104,15 +84,7 @@ typedef struct security_ace_info
 
 #ifndef _SEC_ACL
 /* SEC_ACL */
-typedef struct security_acl_info
-{
-       uint16 revision; /* 0x0003 */
-       uint16 size; /* size in bytes of the entire ACL structure */
-       uint32 num_aces; /* number of Access Control Entries */
-
-       SEC_ACE *ace;
-
-} SEC_ACL;
+typedef struct security_acl SEC_ACL;
 #define  SEC_ACL_HEADER_SIZE (2 * sizeof(uint16) + sizeof(uint32))
 #define _SEC_ACL
 #endif
@@ -123,37 +95,14 @@ typedef struct security_acl_info
 
 #ifndef _SEC_DESC
 /* SEC_DESC */
-typedef struct security_descriptor_info
-{
-       uint16 revision; /* 0x0001 */
-       uint16 type;     /* SEC_DESC_xxxx flags */
-
-       uint32 off_owner_sid; /* offset to owner sid */
-       uint32 off_grp_sid  ; /* offset to group sid */
-       uint32 off_sacl     ; /* offset to system list of permissions */
-       uint32 off_dacl     ; /* offset to list of permissions */
-
-       SEC_ACL *dacl; /* user ACL */
-       SEC_ACL *sacl; /* system ACL */
-       DOM_SID *owner_sid; 
-       DOM_SID *grp_sid;
-
-} SEC_DESC;
+typedef struct security_descriptor SEC_DESC;
 #define  SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32))
 #define _SEC_DESC
 #endif
 
 #ifndef _SEC_DESC_BUF
 /* SEC_DESC_BUF */
-typedef struct sec_desc_buf_info
-{
-       uint32 max_len;
-       uint32 ptr;
-       uint32 len;
-
-       SEC_DESC *sec;
-
-} SEC_DESC_BUF;
+typedef struct sec_desc_buf SEC_DESC_BUF;
 #define _SEC_DESC_BUF
 #endif
 
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index 6ef9e829bccc54b67ac3965619afd47b3f84ac18..185ca01f6c155fb16cd993ad7b6491e8d09037d1 100644 (file)
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -85,7 +85,7 @@
 struct vfs_handle_struct;
 struct connection_struct;
 struct files_struct;
-struct security_descriptor_info;
+struct security_descriptor;
 struct vfs_statvfs_struct;
 
 /*
@@ -275,10 +275,10 @@ struct vfs_ops {
                
                /* NT ACL operations. */
                
-               size_t (*fget_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd,  uint32 security_info, struct security_descriptor_info **ppdesc);
-               size_t (*get_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name,  uint32 security_info, struct security_descriptor_info **ppdesc);
-               BOOL (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor_info *psd);
-               BOOL (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor_info *psd);
+               size_t (*fget_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd,  uint32 security_info, struct security_descriptor **ppdesc);
+               size_t (*get_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name,  uint32 security_info, struct security_descriptor **ppdesc);
+               BOOL (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor *psd);
+               BOOL (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd);
                
                /* POSIX ACL operations. */
                
diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c
index 49a86c261ca44d6a5a21e4e78066d9007e3ba187..2b3542922c19798bc633e02d89b1dd2e7e44f959 100644 (file)
--- a/source3/lib/display_sec.c
+++ b/source3/lib/display_sec.c
@@ -63,7 +63,7 @@ char *get_sec_mask_str(uint32 type)
  ****************************************************************************/
 void display_sec_access(SEC_ACCESS *info)
 {
-       printf("\t\tPermissions: 0x%x: %s\n", info->mask, get_sec_mask_str(info->mask));
+       printf("\t\tPermissions: 0x%x: %s\n", *info, get_sec_mask_str(*info));
 }
 
 /****************************************************************************
@@ -92,7 +92,7 @@ void display_sec_ace(SEC_ACE *ace)
                        break;
        }
        printf(" (%d) flags: %d\n", ace->type, ace->flags);
-       display_sec_access(&ace->info);
+       display_sec_access(&ace->access_mask);
        sid_to_string(sid_str, &ace->trustee);
        printf("\t\tSID: %s\n\n", sid_str);
 }
@@ -110,7 +110,7 @@ void display_sec_acl(SEC_ACL *sec_acl)
 
        if (sec_acl->size != 0 && sec_acl->num_aces != 0)
                for (i = 0; i < sec_acl->num_aces; i++)
-                       display_sec_ace(&sec_acl->ace[i]);
+                       display_sec_ace(&sec_acl->aces[i]);
                                
 }
 
@@ -179,8 +179,8 @@ void display_sec_desc(SEC_DESC *sec)
                printf("\tOwner SID:\t%s\n", sid_str);
        }
 
-       if (sec->grp_sid) {
-               sid_to_string(sid_str, sec->grp_sid);
+       if (sec->group_sid) {
+               sid_to_string(sid_str, sec->group_sid);
                printf("\tParent SID:\t%s\n", sid_str);
        }
 }
diff --git a/source3/lib/secace.c b/source3/lib/secace.c
index eb2fdd5c2bdd16abafb9624a3874245f156ba9f9..d60722c57ee230ccca1e4a7e1425ac2e46540888 100644 (file)
--- a/source3/lib/secace.c
+++ b/source3/lib/secace.c
@@ -46,10 +46,8 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
        ace_dest->type  = ace_src->type;
        ace_dest->flags = ace_src->flags;
        ace_dest->size  = ace_src->size;
-       ace_dest->info.mask = ace_src->info.mask;
-       ace_dest->obj_flags = ace_src->obj_flags;
-       memcpy(&ace_dest->obj_guid, &ace_src->obj_guid, sizeof(struct GUID));
-       memcpy(&ace_dest->inh_guid, &ace_src->inh_guid, sizeof(struct GUID));
+       ace_dest->access_mask = ace_src->access_mask;
+       ace_dest->object = ace_src->object;
        sid_copy(&ace_dest->trustee, &ace_src->trustee);
 }
 
@@ -57,12 +55,12 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
  Sets up a SEC_ACE structure.
 ********************************************************************/
 
-void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag)
+void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, uint32 mask, uint8 flag)
 {
        t->type = type;
        t->flags = flag;
        t->size = sid_size(sid) + 8;
-       t->info = mask;
+       t->access_mask = mask;
 
        ZERO_STRUCTP(&t->trustee);
        sid_copy(&t->trustee, sid);
@@ -89,7 +87,7 @@ NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsign
        (*pp_new)[i].type  = 0;
        (*pp_new)[i].flags = 0;
        (*pp_new)[i].size  = SEC_ACE_HEADER_SIZE + sid_size(sid);
-       (*pp_new)[i].info.mask = mask;
+       (*pp_new)[i].access_mask = mask;
        sid_copy(&(*pp_new)[i].trustee, sid);
        return NT_STATUS_OK;
 }
@@ -106,7 +104,7 @@ NTSTATUS sec_ace_mod_sid(SEC_ACE *ace, size_t num, DOM_SID *sid, uint32 mask)
 
        for (i = 0; i < num; i ++) {
                if (sid_compare(&ace[i].trustee, sid) == 0) {
-                       ace[i].info.mask = mask;
+                       ace[i].access_mask = mask;
                        return NT_STATUS_OK;
                }
        }
@@ -160,7 +158,7 @@ BOOL sec_ace_equal(SEC_ACE *s1, SEC_ACE *s2)
        /* Check top level stuff */
 
        if (s1->type != s2->type || s1->flags != s2->flags ||
-           s1->info.mask != s2->info.mask) {
+           s1->access_mask != s2->access_mask) {
                return False;
        }
 
diff --git a/source3/lib/secacl.c b/source3/lib/secacl.c
index e213e0d9a0c2c2e5efcb29b14c113608d3557af2..4e2178c195ec42e40a89c85f58976a1a0343a9ff 100644 (file)
--- a/source3/lib/secacl.c
+++ b/source3/lib/secacl.c
@@ -46,13 +46,13 @@ SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, uint16 revision, int num_aces, SEC_ACE *a
           positive number. */
 
        if ((num_aces) && 
-            ((dst->ace = TALLOC_ARRAY(ctx, SEC_ACE, num_aces)) 
+            ((dst->aces = TALLOC_ARRAY(ctx, SEC_ACE, num_aces)) 
              == NULL)) {
                return NULL;
        }
         
        for (i = 0; i < num_aces; i++) {
-               dst->ace[i] = ace_list[i]; /* Structure copy. */
+               dst->aces[i] = ace_list[i]; /* Structure copy. */
                dst->size += ace_list[i].size;
        }
 
@@ -68,7 +68,7 @@ SEC_ACL *dup_sec_acl(TALLOC_CTX *ctx, SEC_ACL *src)
        if(src == NULL)
                return NULL;
 
-       return make_sec_acl(ctx, src->revision, src->num_aces, src->ace);
+       return make_sec_acl(ctx, src->revision, src->num_aces, src->aces);
 }
 
 /*******************************************************************
@@ -105,7 +105,7 @@ BOOL sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2)
                BOOL found = False;
 
                for (j = 0; j < s2->num_aces; j++) {
-                       if (sec_ace_equal(&s1->ace[i], &s2->ace[j])) {
+                       if (sec_ace_equal(&s1->aces[i], &s2->aces[j])) {
                                found = True;
                                break;
                        }
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index f8873277cf87ff5bccc7112a85bfc3fc495a265d..2f592769b3b14d95c371641a2e1167c83011aafc 100644 (file)
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -49,8 +49,8 @@ size_t sec_desc_size(SEC_DESC *psd)
        if (psd->owner_sid != NULL)
                offset += sid_size(psd->owner_sid);
 
-       if (psd->grp_sid != NULL)
-               offset += sid_size(psd->grp_sid);
+       if (psd->group_sid != NULL)
+               offset += sid_size(psd->group_sid);
 
        if (psd->sacl != NULL)
                offset += psd->sacl->size;
@@ -104,11 +104,11 @@ BOOL sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2)
                return False;
        }
 
-       if (!sid_equal(s1->grp_sid, s2->grp_sid)) {
+       if (!sid_equal(s1->group_sid, s2->group_sid)) {
                fstring str1, str2;
 
-               sid_to_string(str1, s1->grp_sid);
-               sid_to_string(str2, s2->grp_sid);
+               sid_to_string(str1, s1->group_sid);
+               sid_to_string(str2, s2->group_sid);
 
                DEBUG(10, ("sec_desc_equal(): group differs (%s != %s)\n",
                           str1, str2));
@@ -154,13 +154,13 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU
        /* Copy over owner and group sids.  There seems to be no flag for
           this so just check the pointer values. */
 
-       owner_sid = new_sdb->sec->owner_sid ? new_sdb->sec->owner_sid :
-               old_sdb->sec->owner_sid;
+       owner_sid = new_sdb->sd->owner_sid ? new_sdb->sd->owner_sid :
+               old_sdb->sd->owner_sid;
 
-       group_sid = new_sdb->sec->grp_sid ? new_sdb->sec->grp_sid :
-               old_sdb->sec->grp_sid;
+       group_sid = new_sdb->sd->group_sid ? new_sdb->sd->group_sid :
+               old_sdb->sd->group_sid;
        
-       secdesc_type = new_sdb->sec->type;
+       secdesc_type = new_sdb->sd->type;
 
        /* Ignore changes to the system ACL.  This has the effect of making
           changes through the security tab audit button not sticking. 
@@ -172,14 +172,14 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU
        /* Copy across discretionary ACL */
 
        if (secdesc_type & SEC_DESC_DACL_PRESENT) {
-               dacl = new_sdb->sec->dacl;
+               dacl = new_sdb->sd->dacl;
        } else {
-               dacl = old_sdb->sec->dacl;
+               dacl = old_sdb->sd->dacl;
        }
 
        /* Create new security descriptor from bits */
 
-       psd = make_sec_desc(ctx, new_sdb->sec->revision, secdesc_type,
+       psd = make_sec_desc(ctx, new_sdb->sd->revision, secdesc_type,
                            owner_sid, group_sid, sacl, dacl, &secdesc_size);
 
        return_sdb = make_sec_desc_buf(ctx, secdesc_size, psd);
@@ -211,15 +211,15 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type,
        if (dacl)
                dst->type |= SEC_DESC_DACL_PRESENT;
 
-       dst->off_owner_sid = 0;
-       dst->off_grp_sid   = 0;
-       dst->off_sacl      = 0;
-       dst->off_dacl      = 0;
+       dst->owner_sid = NULL;
+       dst->group_sid   = NULL;
+       dst->sacl      = NULL;
+       dst->dacl      = NULL;
 
        if(owner_sid && ((dst->owner_sid = sid_dup_talloc(ctx,owner_sid)) == NULL))
                goto error_exit;
 
-       if(grp_sid && ((dst->grp_sid = sid_dup_talloc(ctx,grp_sid)) == NULL))
+       if(grp_sid && ((dst->group_sid = sid_dup_talloc(ctx,grp_sid)) == NULL))
                goto error_exit;
 
        if(sacl && ((dst->sacl = dup_sec_acl(ctx, sacl)) == NULL))
@@ -235,22 +235,18 @@ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type,
         */
 
        if (dst->sacl != NULL) {
-               dst->off_sacl = offset;
                offset += dst->sacl->size;
        }
        if (dst->dacl != NULL) {
-               dst->off_dacl = offset;
                offset += dst->dacl->size;
        }
 
        if (dst->owner_sid != NULL) {
-               dst->off_owner_sid = offset;
                offset += sid_size(dst->owner_sid);
        }
 
-       if (dst->grp_sid != NULL) {
-               dst->off_grp_sid = offset;
-               offset += sid_size(dst->grp_sid);
+       if (dst->group_sid != NULL) {
+               offset += sid_size(dst->group_sid);
        }
 
        *sd_size = (size_t)offset;
@@ -274,7 +270,7 @@ SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src)
                return NULL;
 
        return make_sec_desc( ctx, src->revision, src->type,
-                               src->owner_sid, src->grp_sid, src->sacl,
+                               src->owner_sid, src->group_sid, src->sacl,
                                src->dacl, &dummy);
 }
 
@@ -301,15 +297,12 @@ SEC_DESC_BUF *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc)
                return NULL;
 
        /* max buffer size (allocated size) */
-       dst->max_len = (uint32)len;
-       dst->len = (uint32)len;
+       dst->sd_size = (uint32)len;
        
-       if(sec_desc && ((dst->sec = dup_sec_desc(ctx, sec_desc)) == NULL)) {
+       if(sec_desc && ((dst->sd = dup_sec_desc(ctx, sec_desc)) == NULL)) {
                return NULL;
        }
 
-       dst->ptr = 0x1;
-
        return dst;
 }
 
@@ -322,7 +315,7 @@ SEC_DESC_BUF *dup_sec_desc_buf(TALLOC_CTX *ctx, SEC_DESC_BUF *src)
        if(src == NULL)
                return NULL;
 
-       return make_sec_desc_buf( ctx, src->len, src->sec);
+       return make_sec_desc_buf( ctx, src->sd_size, src->sd);
 }
 
 /*******************************************************************
@@ -341,7 +334,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
 
        *sd_size = 0;
 
-       status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid, mask);
+       status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->aces, &psd[0]->dacl->num_aces, sid, mask);
        
        if (!NT_STATUS_IS_OK(status))
                return status;
@@ -350,7 +343,7 @@ NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, uint32
                return NT_STATUS_UNSUCCESSFUL;
        
        if (!(sd = make_sec_desc(ctx, psd[0]->revision, psd[0]->type, psd[0]->owner_sid, 
-               psd[0]->grp_sid, psd[0]->sacl, dacl, sd_size)))
+               psd[0]->group_sid, psd[0]->sacl, dacl, sd_size)))
                return NT_STATUS_UNSUCCESSFUL;
 
        *psd = sd;
@@ -369,7 +362,7 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask)
        if (!sd || !sid)
                return NT_STATUS_INVALID_PARAMETER;
 
-       status = sec_ace_mod_sid(sd->dacl->ace, sd->dacl->num_aces, sid, mask);
+       status = sec_ace_mod_sid(sd->dacl->aces, sd->dacl->num_aces, sid, mask);
 
        if (!NT_STATUS_IS_OK(status))
                return status;
@@ -393,7 +386,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
 
        *sd_size = 0;
        
-       status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid);
+       status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->aces, &psd[0]->dacl->num_aces, sid);
 
        if (!NT_STATUS_IS_OK(status))
                return status;
@@ -402,7 +395,7 @@ NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t
                return NT_STATUS_UNSUCCESSFUL;
        
        if (!(sd = make_sec_desc(ctx, psd[0]->revision, psd[0]->type, psd[0]->owner_sid, 
-               psd[0]->grp_sid, psd[0]->sacl, dacl, sd_size)))
+               psd[0]->group_sid, psd[0]->sacl, dacl, sd_size)))
                return NT_STATUS_UNSUCCESSFUL;
 
        *psd = sd;
@@ -434,7 +427,7 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
                return NULL;
 
        for (i = 0; i < the_acl->num_aces; i++) {
-               SEC_ACE *ace = &the_acl->ace[i];
+               SEC_ACE *ace = &the_acl->aces[i];
                SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx];
                uint8 new_flags = 0;
                BOOL inherit = False;
@@ -490,17 +483,17 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
                if (!inherit)
                        continue;
 
-               init_sec_access(&new_ace->info, ace->info.mask);
+               init_sec_access(&new_ace->access_mask, ace->access_mask);
                init_sec_ace(new_ace, &ace->trustee, ace->type,
-                            new_ace->info, new_flags);
+                            new_ace->access_mask, new_flags);
 
                sid_to_string(sid_str, &ace->trustee);
 
                DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
                          " inherited as %s:%d/0x%02x/0x%08x\n", sid_str,
-                         ace->type, ace->flags, ace->info.mask,
+                         ace->type, ace->flags, ace->access_mask,
                          sid_str, new_ace->type, new_ace->flags,
-                         new_ace->info.mask));
+                         new_ace->access_mask));
 
                new_ace_list_ndx++;
        }
@@ -515,7 +508,7 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
 
        sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
                           parent_ctr->owner_sid,
-                          parent_ctr->grp_sid,
+                          parent_ctr->group_sid,
                           parent_ctr->sacl,
                           new_dacl, &size);
 
@@ -528,9 +521,9 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
  Sets up a SEC_ACCESS structure.
 ********************************************************************/
 
-void init_sec_access(SEC_ACCESS *t, uint32 mask)
+void init_sec_access(uint32 *t, uint32 mask)
 {
-       t->mask = mask;
+       *t = mask;
 }
 
 
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 73fc45c844d432cb7af43bf5ef439c468de3b8e2..7d14ed896f666ade911ad61d6d661cee8e7bcb40 100644 (file)
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -31,7 +31,7 @@ extern NT_USER_TOKEN anonymous_token;
 static uint32 check_ace(SEC_ACE *ace, const NT_USER_TOKEN *token, uint32 acc_desired, 
                        NTSTATUS *status)
 {
-       uint32 mask = ace->info.mask;
+       uint32 mask = ace->access_mask;
 
        /*
         * Inherit only is ignored.
@@ -97,8 +97,8 @@ static BOOL get_max_access( SEC_ACL *the_acl, const NT_USER_TOKEN *token, uint32
        size_t i;
        
        for ( i = 0 ; i < the_acl->num_aces; i++) {
-               SEC_ACE *ace = &the_acl->ace[i];
-               uint32 mask = ace->info.mask;
+               SEC_ACE *ace = &the_acl->aces[i];
+               uint32 mask = ace->access_mask;
 
                if (!token_sid_in_ace( token, ace))
                        continue;
@@ -281,12 +281,12 @@ BOOL se_access_check(const SEC_DESC *sd, const NT_USER_TOKEN *token,
        }
 
        for ( i = 0 ; i < the_acl->num_aces && tmp_acc_desired != 0; i++) {
-               SEC_ACE *ace = &the_acl->ace[i];
+               SEC_ACE *ace = &the_acl->aces[i];
 
                DEBUGADD(10,("se_access_check: ACE %u: type %d, flags = 0x%02x, SID = %s mask = %x, current desired = %x\n",
                          (unsigned int)i, ace->type, ace->flags,
                          sid_to_string(sid_str, &ace->trustee),
-                         (unsigned int) ace->info.mask, 
+                         (unsigned int) ace->access_mask, 
                          (unsigned int)tmp_acc_desired ));
 
                tmp_acc_desired = check_ace( ace, token, tmp_acc_desired, status);
diff --git a/source3/libads/disp_sec.c b/source3/libads/disp_sec.c
index c9de447e698dfc4122a5f958a1c19cee529a086c..a768ba08f3e60b15c9650bf04477dcef2b00e2b5 100644 (file)
--- a/source3/libads/disp_sec.c
+++ b/source3/libads/disp_sec.c
@@ -90,14 +90,14 @@ static void ads_disp_ace(SEC_ACE *sec_ace)
                  sec_ace->type,
                  sec_ace->flags,
                  sec_ace->size,
-                 sec_ace->info.mask);                  
+                 sec_ace->access_mask);                        
        } else {
                printf("------- ACE (type: 0x%02x, flags: 0x%02x, size: 0x%02x, mask: 0x%x, object flags: 0x%x)\n", 
                  sec_ace->type,
                  sec_ace->flags,
                  sec_ace->size,
-                 sec_ace->info.mask,
-                 sec_ace->obj_flags);
+                 sec_ace->access_mask,
+                 sec_ace->object.object.flags);
        }
        
        if (sec_ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED) {
@@ -117,7 +117,7 @@ static void ads_disp_ace(SEC_ACE *sec_ace)
        printf("access SID:  %s\naccess type: %s\n", 
                sid_string_static(&sec_ace->trustee), access_type);
 
-       ads_disp_perms(sec_ace->info.mask);
+       ads_disp_perms(sec_ace->access_mask);
 }
 
 /* display ACL */
@@ -143,15 +143,15 @@ void ads_disp_sd(SEC_DESC *sd)
                sd->revision,
                sd->type);
        printf("owner SID: %s\n", sid_string_static(sd->owner_sid));
-       printf("group SID: %s\n", sid_string_static(sd->grp_sid));
+       printf("group SID: %s\n", sid_string_static(sd->group_sid));
 
        ads_disp_acl(sd->sacl, "system");
        for (i = 0; i < sd->sacl->num_aces; i ++)
-               ads_disp_ace(&sd->sacl->ace[i]);
+               ads_disp_ace(&sd->sacl->aces[i]);
        
        ads_disp_acl(sd->dacl, "user");
        for (i = 0; i < sd->dacl->num_aces; i ++)
-               ads_disp_ace(&sd->dacl->ace[i]);
+               ads_disp_ace(&sd->dacl->aces[i]);
 
        printf("-------------- End Of Security Descriptor\n");
 }
diff --git a/source3/libmsrpc/cac_winreg.c b/source3/libmsrpc/cac_winreg.c
index df3bbe154accf4606d4637c6537f4c3f3afb8f19..ea17efb811957cb8163c226410b1afec828efdd6 100644 (file)
--- a/source3/libmsrpc/cac_winreg.c
+++ b/source3/libmsrpc/cac_winreg.c
@@ -860,8 +860,8 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG
       return CAC_FAILURE;
    }
 
-   op->out.size = buf.len;
-   op->out.descriptor = dup_sec_desc(mem_ctx, buf.sec);
+   op->out.size = buf.sd_size;
+   op->out.descriptor = dup_sec_desc(mem_ctx, buf.sd);
 
    if (op->out.descriptor == NULL) {
           return CAC_FAILURE;
diff --git a/source3/libsmb/clisecdesc.c b/source3/libsmb/clisecdesc.c
index 24757434794068b23552c41f9aa4e1a5ee5293f7..e55be48e9401eb34922efdaef19bc05558283451 100644 (file)
--- a/source3/libsmb/clisecdesc.c
+++ b/source3/libsmb/clisecdesc.c
@@ -107,11 +107,11 @@ BOOL cli_set_secdesc(struct cli_state *cli, int fnum, SEC_DESC *sd)
 
        SIVAL(param, 0, fnum);
 
-       if (sd->off_dacl)
+       if (sd->dacl)
                sec_info |= DACL_SECURITY_INFORMATION;
-       if (sd->off_owner_sid)
+       if (sd->owner_sid)
                sec_info |= OWNER_SECURITY_INFORMATION;
-       if (sd->off_grp_sid)
+       if (sd->group_sid)
                sec_info |= GROUP_SECURITY_INFORMATION;
        SSVAL(param, 4, sec_info);
 
diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c
index 7b4e216961626c6b6ba24db7f3a5983503d6c2d7..15a1ad3055605af398da0a15b6be6caff7ce73e8 100644 (file)
--- a/source3/libsmb/libsmbclient.c
+++ b/source3/libsmb/libsmbclient.c
@@ -3742,8 +3742,8 @@ ace_compare(SEC_ACE *ace1,
        if (ace1->flags != ace2->flags) 
                return ace1->flags - ace2->flags;
 
-       if (ace1->info.mask != ace2->info.mask) 
-               return ace1->info.mask - ace2->info.mask;
+       if (ace1->access_mask != ace2->access_mask) 
+               return ace1->access_mask - ace2->access_mask;
 
        if (ace1->size != ace2->size) 
                return ace1->size - ace2->size;
@@ -3758,14 +3758,14 @@ sort_acl(SEC_ACL *the_acl)
        uint32 i;
        if (!the_acl) return;
 
-       qsort(the_acl->ace, the_acl->num_aces, sizeof(the_acl->ace[0]),
+       qsort(the_acl->aces, the_acl->num_aces, sizeof(the_acl->aces[0]),
               QSORT_CAST ace_compare);
 
        for (i=1;i<the_acl->num_aces;) {
-               if (sec_ace_equal(&the_acl->ace[i-1], &the_acl->ace[i])) {
+               if (sec_ace_equal(&the_acl->aces[i-1], &the_acl->aces[i])) {
                        int j;
                        for (j=i; j<the_acl->num_aces-1; j++) {
-                               the_acl->ace[j] = the_acl->ace[j+1];
+                               the_acl->aces[j] = the_acl->aces[j+1];
                        }
                        the_acl->num_aces--;
                } else {
@@ -3970,7 +3970,7 @@ parse_ace(struct cli_state *ipc_cli,
        }
 
  done:
-       mask.mask = amask;
+       mask = amask;
        init_sec_ace(ace, &sid, atype, mask, aflags);
        return True;
 }
@@ -3992,7 +3992,7 @@ add_ace(SEC_ACL **the_acl,
        if ((aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces)) == NULL) {
                return False;
        }
-       memcpy(aces, (*the_acl)->ace, (*the_acl)->num_aces * sizeof(SEC_ACE));
+       memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
        memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
        newacl = make_sec_acl(ctx, (*the_acl)->revision,
                               1+(*the_acl)->num_aces, aces);
@@ -4564,10 +4564,10 @@ cacl_get(SMBCCTX *context,
                 }
 
                 if (! exclude_nt_group) {
-                        if (sd->grp_sid) {
+                        if (sd->group_sid) {
                                 convert_sid_to_string(ipc_cli, pol,
                                                       sidstr, numeric,
-                                                      sd->grp_sid);
+                                                      sd->group_sid);
                         } else {
                                 fstrcpy(sidstr, "");
                         }
@@ -4612,7 +4612,7 @@ cacl_get(SMBCCTX *context,
                         /* Add aces to value buffer  */
                         for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
 
-                                SEC_ACE *ace = &sd->dacl->ace[i];
+                                SEC_ACE *ace = &sd->dacl->aces[i];
                                 convert_sid_to_string(ipc_cli, pol,
                                                       sidstr, numeric,
                                                       &ace->trustee);
@@ -4626,7 +4626,7 @@ cacl_get(SMBCCTX *context,
                                                         sidstr,
                                                         ace->type,
                                                         ace->flags,
-                                                        ace->info.mask);
+                                                        ace->access_mask);
                                                 if (!p) {
                                                         errno = ENOMEM;
                                                         return -1;
@@ -4639,7 +4639,7 @@ cacl_get(SMBCCTX *context,
                                                         sidstr,
                                                         ace->type,
                                                         ace->flags,
-                                                        ace->info.mask);
+                                                        ace->access_mask);
                                         }
                                 } else if ((StrnCaseCmp(name, "acl", 3) == 0 &&
                                             StrCaseCmp(name+3, sidstr) == 0) ||
@@ -4651,7 +4651,7 @@ cacl_get(SMBCCTX *context,
                                                         "%d/%d/0x%08x", 
                                                         ace->type,
                                                         ace->flags,
-                                                        ace->info.mask);
+                                                        ace->access_mask);
                                                 if (!p) {
                                                         errno = ENOMEM;
                                                         return -1;
@@ -4662,7 +4662,7 @@ cacl_get(SMBCCTX *context,
                                                              "%d/%d/0x%08x", 
                                                              ace->type,
                                                              ace->flags,
-                                                             ace->info.mask);
+                                                             ace->access_mask);
                                         }
                                 } else if (all_nt_acls) {
                                         if (determine_size) {
@@ -4673,7 +4673,7 @@ cacl_get(SMBCCTX *context,
                                                         sidstr,
                                                         ace->type,
                                                         ace->flags,
-                                                        ace->info.mask);
+                                                        ace->access_mask);
                                                 if (!p) {
                                                         errno = ENOMEM;
                                                         return -1;
@@ -4686,7 +4686,7 @@ cacl_get(SMBCCTX *context,
                                                              sidstr,
                                                              ace->type,
                                                              ace->flags,
-                                                             ace->info.mask);
+                                                             ace->access_mask);
                                         }
                                 }
                                 if (n > bufsize) {
@@ -5117,9 +5117,9 @@ cacl_set(TALLOC_CTX *ctx,
        switch (mode) {
        case SMBC_XATTR_MODE_REMOVE_ALL:
                 old->dacl->num_aces = 0;
-                SAFE_FREE(old->dacl->ace);
+                SAFE_FREE(old->dacl->aces);
                 SAFE_FREE(old->dacl);
-                old->off_dacl = 0;
+                old->dacl = NULL;
                 dacl = old->dacl;
                 break;
 
@@ -5128,18 +5128,18 @@ cacl_set(TALLOC_CTX *ctx,
                        BOOL found = False;
 
                        for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
-                                if (sec_ace_equal(&sd->dacl->ace[i],
-                                                  &old->dacl->ace[j])) {
+                                if (sec_ace_equal(&sd->dacl->aces[i],
+                                                  &old->dacl->aces[j])) {
                                        uint32 k;
                                        for (k=j; k<old->dacl->num_aces-1;k++) {
-                                               old->dacl->ace[k] =
-                                                        old->dacl->ace[k+1];
+                                               old->dacl->aces[k] =
+                                                        old->dacl->aces[k+1];
                                        }
                                        old->dacl->num_aces--;
                                        if (old->dacl->num_aces == 0) {
-                                               SAFE_FREE(old->dacl->ace);
+                                               SAFE_FREE(old->dacl->aces);
                                                SAFE_FREE(old->dacl);
-                                               old->off_dacl = 0;
+                                               old->dacl = NULL;
                                        }
                                        found = True;
                                         dacl = old->dacl;
@@ -5160,14 +5160,14 @@ cacl_set(TALLOC_CTX *ctx,
                        BOOL found = False;
 
                        for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
-                               if (sid_equal(&sd->dacl->ace[i].trustee,
-                                             &old->dacl->ace[j].trustee)) {
+                               if (sid_equal(&sd->dacl->aces[i].trustee,
+                                             &old->dacl->aces[j].trustee)) {
                                         if (!(flags & SMBC_XATTR_FLAG_CREATE)) {
                                                 err = EEXIST;
                                                 ret = -1;
                                                 goto failed;
                                         }
-                                        old->dacl->ace[j] = sd->dacl->ace[i];
+                                        old->dacl->aces[j] = sd->dacl->aces[i];
                                         ret = -1;
                                        found = True;
                                }
@@ -5180,7 +5180,7 @@ cacl_set(TALLOC_CTX *ctx,
                        }
                         
                         for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
-                                add_ace(&old->dacl, &sd->dacl->ace[i], ctx);
+                                add_ace(&old->dacl, &sd->dacl->aces[i], ctx);
                         }
                }
                 dacl = old->dacl;
@@ -5189,7 +5189,7 @@ cacl_set(TALLOC_CTX *ctx,
        case SMBC_XATTR_MODE_SET:
                old = sd;
                 owner_sid = old->owner_sid;
-                grp_sid = old->grp_sid;
+                grp_sid = old->group_sid;
                 dacl = old->dacl;
                break;
 
@@ -5198,7 +5198,7 @@ cacl_set(TALLOC_CTX *ctx,
                 break;
 
         case SMBC_XATTR_MODE_CHGRP:
-                grp_sid = sd->grp_sid;
+                grp_sid = sd->group_sid;
                 break;
        }
 
diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c
index 58d823c4f91dfe4570b3fe9694d972e37422acf8..e485b3c526b9c9cf043f1f4962e571bf326d32a0 100644 (file)
--- a/source3/modules/vfs_afsacl.c
+++ b/source3/modules/vfs_afsacl.c
@@ -589,7 +589,7 @@ static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace)
 static size_t afs_to_nt_acl(struct afs_acl *afs_acl, 
                            struct files_struct *fsp,
                            uint32 security_info,
-                           struct security_descriptor_info **ppdesc)
+                           struct security_descriptor **ppdesc)
 {
        SEC_ACE *nt_ace_list;
        DOM_SID owner_sid, group_sid;
@@ -691,7 +691,7 @@ static BOOL mappable_sid(const DOM_SID *sid)
 
 static BOOL nt_to_afs_acl(const char *filename,
                          uint32 security_info_sent,
-                         struct security_descriptor_info *psd,
+                         struct security_descriptor *psd,
                          uint32 (*nt_to_afs_rights)(const char *filename,
                                                     const SEC_ACE *ace),
                          struct afs_acl *afs_acl)
@@ -827,7 +827,7 @@ static BOOL afs_get_afs_acl(char *filename, struct afs_acl *acl)
 }
 
 static size_t afs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
-                            struct security_descriptor_info **ppdesc)
+                            struct security_descriptor **ppdesc)
 {
        struct afs_acl acl;
        size_t sd_size;
@@ -881,7 +881,7 @@ static void merge_unknown_aces(struct afs_acl *src, struct afs_acl *dst)
 
 static BOOL afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
                           uint32 security_info_sent,
-                          struct security_descriptor_info *psd)
+                          struct security_descriptor *psd)
 {
        struct afs_acl old_afs_acl, new_afs_acl;
        struct afs_acl dir_acl, file_acl;
@@ -982,14 +982,14 @@ static BOOL afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
 static size_t afsacl_fget_nt_acl(struct vfs_handle_struct *handle,
                                 struct files_struct *fsp,
                                 int fd,  uint32 security_info,
-                                struct security_descriptor_info **ppdesc)
+                                struct security_descriptor **ppdesc)
 {
        return afs_get_nt_acl(fsp, security_info, ppdesc);
 }
 static size_t afsacl_get_nt_acl(struct vfs_handle_struct *handle,
                                struct files_struct *fsp,
                                const char *name,  uint32 security_info,
-                               struct security_descriptor_info **ppdesc)
+                               struct security_descriptor **ppdesc)
 {
        return afs_get_nt_acl(fsp, security_info, ppdesc);
 }
diff --git a/source3/modules/vfs_cap.c b/source3/modules/vfs_cap.c
index 54f74dde678ddb48a8ef36df6990790ced0f7aed..c4539ca34a82344978ec7f14d039d2af4ddc9a9d 100644 (file)
--- a/source3/modules/vfs_cap.c
+++ b/source3/modules/vfs_cap.c
@@ -177,7 +177,7 @@ static char *cap_realpath(vfs_handle_struct *handle, const char *path, char *res
        return SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
 }
 
-static BOOL cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor_info *psd)
+static BOOL cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd)
 {
         pstring capname;
        capencode(capname, name);
diff --git a/source3/modules/vfs_catia.c b/source3/modules/vfs_catia.c
index f5c7e95794fa12a166c3581051ffad4b0e06a351..ccf637c3bcfb5816a0d4e153fb174ef901e06802 100644 (file)
--- a/source3/modules/vfs_catia.c
+++ b/source3/modules/vfs_catia.c
@@ -222,7 +222,7 @@ static char *catia_realpath(vfs_handle_struct *handle,
 
 static size_t catia_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
                               const char *name, uint32 security_info,
-                              struct  security_descriptor_info **ppdesc)
+                              struct  security_descriptor **ppdesc)
 {
         return SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info,
                                       ppdesc);
@@ -230,7 +230,7 @@ static size_t catia_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
 
 static BOOL catia_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, 
                             const char *name, uint32 security_info_sent,
-                            struct security_descriptor_info *psd)
+                            struct security_descriptor *psd)
 {
         return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
                                       psd);
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index b74763b2e5e9158a948fe1644e7b0103da91acb9..1ff29a67eee9b9d5d4ae9343df82dffb21fe90c0 100644 (file)
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -373,7 +373,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
                prs_mem_free( &ps );
                return 0;
        }
-       sec = sd_orig->sec;
+       sec = sd_orig->sd;
                
        /* is this even valid? */
        
@@ -385,17 +385,17 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
        /* update access masks */
        
        for ( i=0; i<sec->dacl->num_aces; i++ ) {
-               switch ( sec->dacl->ace[i].info.mask ) {
+               switch ( sec->dacl->aces[i].access_mask ) {
                        case (GENERIC_READ_ACCESS | GENERIC_WRITE_ACCESS | GENERIC_EXECUTE_ACCESS):
-                               sec->dacl->ace[i].info.mask = PRINTER_ACE_PRINT;
+                               sec->dacl->aces[i].access_mask = PRINTER_ACE_PRINT;
                                break;
                                
                        case GENERIC_ALL_ACCESS:
-                               sec->dacl->ace[i].info.mask = PRINTER_ACE_FULL_CONTROL;
+                               sec->dacl->aces[i].access_mask = PRINTER_ACE_FULL_CONTROL;
                                break;
                                
                        case READ_CONTROL_ACCESS:
-                               sec->dacl->ace[i].info.mask = PRINTER_ACE_MANAGE_DOCUMENTS;
+                               sec->dacl->aces[i].access_mask = PRINTER_ACE_MANAGE_DOCUMENTS;
                        
                        default:        /* no change */
                                break;
@@ -428,7 +428,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
 
        /* store it back */
        
-       sd_size = sec_desc_size(sd_store->sec) + sizeof(SEC_DESC_BUF);
+       sd_size = sec_desc_size(sd_store->sd) + sizeof(SEC_DESC_BUF);
        prs_init(&ps, sd_size, ctx, MARSHALL);
 
        if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_store, &ps, 1 ) ) {
@@ -4998,7 +4998,7 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
           permissions through NT.  If they are NULL in the new security
           descriptor then copy them over from the old one. */
 
-       if (!secdesc_ctr->sec->owner_sid || !secdesc_ctr->sec->grp_sid) {
+       if (!secdesc_ctr->sd->owner_sid || !secdesc_ctr->sd->group_sid) {
                DOM_SID *owner_sid, *group_sid;
                SEC_ACL *dacl, *sacl;
                SEC_DESC *psd = NULL;
@@ -5011,25 +5011,25 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
 
                /* Pick out correct owner and group sids */
 
-               owner_sid = secdesc_ctr->sec->owner_sid ?
-                       secdesc_ctr->sec->owner_sid :
-                       old_secdesc_ctr->sec->owner_sid;
+               owner_sid = secdesc_ctr->sd->owner_sid ?
+                       secdesc_ctr->sd->owner_sid :
+                       old_secdesc_ctr->sd->owner_sid;
 
-               group_sid = secdesc_ctr->sec->grp_sid ?
-                       secdesc_ctr->sec->grp_sid :
-                       old_secdesc_ctr->sec->grp_sid;
+               group_sid = secdesc_ctr->sd->group_sid ?
+                       secdesc_ctr->sd->group_sid :
+                       old_secdesc_ctr->sd->group_sid;
 
-               dacl = secdesc_ctr->sec->dacl ?
-                       secdesc_ctr->sec->dacl :
-                       old_secdesc_ctr->sec->dacl;
+               dacl = secdesc_ctr->sd->dacl ?
+                       secdesc_ctr->sd->dacl :
+                       old_secdesc_ctr->sd->dacl;
 
-               sacl = secdesc_ctr->sec->sacl ?
-                       secdesc_ctr->sec->sacl :
-                       old_secdesc_ctr->sec->sacl;
+               sacl = secdesc_ctr->sd->sacl ?
+                       secdesc_ctr->sd->sacl :
+                       old_secdesc_ctr->sd->sacl;
 
                /* Make a deep copy of the security descriptor */
 
-               psd = make_sec_desc(mem_ctx, secdesc_ctr->sec->revision, secdesc_ctr->sec->type,
+               psd = make_sec_desc(mem_ctx, secdesc_ctr->sd->revision, secdesc_ctr->sd->type,
                                    owner_sid, group_sid,
                                    sacl,
                                    dacl,
@@ -5049,7 +5049,7 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
 
        /* Store the security descriptor in a tdb */
 
-       prs_init(&ps, (uint32)sec_desc_size(new_secdesc_ctr->sec) +
+       prs_init(&ps, (uint32)sec_desc_size(new_secdesc_ctr->sd) +
                 sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL);
 
        if (!sec_io_desc_buf("nt_printing_setsec", &new_secdesc_ctr,
@@ -5194,7 +5194,7 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
 
                /* Save default security descriptor for later */
 
-               prs_init(&ps, (uint32)sec_desc_size((*secdesc_ctr)->sec) +
+               prs_init(&ps, (uint32)sec_desc_size((*secdesc_ctr)->sd) +
                                sizeof(SEC_DESC_BUF), ctx, MARSHALL);
 
                if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) {
@@ -5212,7 +5212,7 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
           this security descriptor has been created when winbindd was
           down.  Take ownership of security descriptor. */
 
-       if (sid_equal((*secdesc_ctr)->sec->owner_sid, &global_sid_World)) {
+       if (sid_equal((*secdesc_ctr)->sd->owner_sid, &global_sid_World)) {
                DOM_SID owner_sid;
 
                /* Change sd owner to workgroup administrator */
@@ -5226,11 +5226,11 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
 
                        sid_append_rid(&owner_sid, DOMAIN_USER_RID_ADMIN);
 
-                       psd = make_sec_desc(ctx, (*secdesc_ctr)->sec->revision, (*secdesc_ctr)->sec->type,
+                       psd = make_sec_desc(ctx, (*secdesc_ctr)->sd->revision, (*secdesc_ctr)->sd->type,
                                            &owner_sid,
-                                           (*secdesc_ctr)->sec->grp_sid,
-                                           (*secdesc_ctr)->sec->sacl,
-                                           (*secdesc_ctr)->sec->dacl,
+                                           (*secdesc_ctr)->sd->group_sid,
+                                           (*secdesc_ctr)->sd->sacl,
+                                           (*secdesc_ctr)->sd->dacl,
                                            &size);
 
                        if (!psd) {
@@ -5253,7 +5253,7 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
        }
 
        if (DEBUGLEVEL >= 10) {
-               SEC_ACL *the_acl = (*secdesc_ctr)->sec->dacl;
+               SEC_ACL *the_acl = (*secdesc_ctr)->sd->dacl;
                int i;
 
                DEBUG(10, ("secdesc_ctr for %s has %d aces:\n", 
@@ -5262,11 +5262,11 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
                for (i = 0; i < the_acl->num_aces; i++) {
                        fstring sid_str;
 
-                       sid_to_string(sid_str, &the_acl->ace[i].trustee);
+                       sid_to_string(sid_str, &the_acl->aces[i].trustee);
 
                        DEBUG(10, ("%s %d %d 0x%08x\n", sid_str,
-                                  the_acl->ace[i].type, the_acl->ace[i].flags, 
-                                  the_acl->ace[i].info.mask)); 
+                                  the_acl->aces[i].type, the_acl->aces[i].flags, 
+                                  the_acl->aces[i].access_mask)); 
                }
        }
 
@@ -5318,7 +5318,7 @@ void map_printer_permissions(SEC_DESC *sd)
        int i;
 
        for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
-               se_map_generic(&sd->dacl->ace[i].info.mask,
+               se_map_generic(&sd->dacl->aces[i].access_mask,
                               &printer_generic_mapping);
        }
 }
@@ -5396,7 +5396,7 @@ BOOL print_access_check(struct current_user *user, int snum, int access_type)
                   against.  This is because print jobs are child objects
                   objects of a printer. */
 
-               secdesc = se_create_child_secdesc(mem_ctx, parent_secdesc->sec, False);
+               secdesc = se_create_child_secdesc(mem_ctx, parent_secdesc->sd, False);
 
                if (!secdesc) {
                        talloc_destroy(mem_ctx);
@@ -5415,9 +5415,9 @@ BOOL print_access_check(struct current_user *user, int snum, int access_type)
        
        /* Check access */
        
-       map_printer_permissions(secdesc->sec);
+       map_printer_permissions(secdesc->sd);
 
-       result = se_access_check(secdesc->sec, user->nt_user_token, access_type,
+       result = se_access_check(secdesc->sd, user->nt_user_token, access_type,
                                 &access_granted, &status);
 
        DEBUG(4, ("access check was %s\n", result ? "SUCCESS" : "FAILURE"));
diff --git a/source3/registry/reg_printing.c b/source3/registry/reg_printing.c
index d8c25d802d3050abc767b303523d0137a50c8fe9..ba79092ea5b3fbf6a64fbce0e1450bdeaa0c3ce1 100644 (file)
--- a/source3/registry/reg_printing.c
+++ b/source3/registry/reg_printing.c
@@ -449,8 +449,8 @@ static void fill_in_printer_values( NT_PRINTER_INFO_LEVEL_2 *info2, REGVAL_CTR *
                
        /* stream the printer security descriptor */
        
-       if ( info2->secdesc_buf && info2->secdesc_buf->len )  {
-               if ( sec_io_desc("sec_desc", &info2->secdesc_buf->sec, &prs, 0 ) ) {
+       if ( info2->secdesc_buf && info2->secdesc_buf->sd )  {
+               if ( sec_io_desc("sec_desc", &info2->secdesc_buf->sd, &prs, 0 ) ) {
                        offset = prs_offset( &prs );
                        regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&prs), offset );
                }
diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c
index 6a544bba64c9b0e26ea2e7ba2b622493e7614127..0f0c642d21cc188dd2432e3c5572733487ed2532 100644 (file)
--- a/source3/rpc_client/cli_reg.c
+++ b/source3/rpc_client/cli_reg.c
@@ -332,7 +332,7 @@ WERROR rpccli_reg_get_key_sec(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
                return out.status;
        
        sec_buf       = out.data;
-       *sec_buf_size = out.data->len;
+       *sec_buf_size = out.data->sd_size;
                
        return out.status;      
 }
diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c
index 06a2b1909583837f44866caf589847a095f80942..f529ad14255d89d1301f444ff7a8061f453a9f62 100644 (file)
--- a/source3/rpc_parse/parse_reg.c
+++ b/source3/rpc_parse/parse_reg.c
@@ -141,9 +141,9 @@ static BOOL reg_io_hdrbuf_sec(uint32 ptr, uint32 *ptr3, BUFHDR *hdr_sec,
                }
 
                if(!smb_io_hdrbuf_post("hdr_sec", hdr_sec, ps, depth,
-                                      hdr_offset, data->max_len, data->len))
+                                      hdr_offset, data->sd_size, data->sd_size))
                                return False;
-               if(!prs_set_offset(ps, old_offset + data->len +
+               if(!prs_set_offset(ps, old_offset + data->sd_size +
                                       sizeof(uint32) * ((ptr3 != NULL) ? 5 : 3)))
                        return False;
 
@@ -181,7 +181,7 @@ void init_reg_q_create_key_ex(REG_Q_CREATE_KEY_EX *q_c, POLICY_HND *hnd,
 
        q_c->data = sec_buf;
        q_c->ptr2 = 1;
-       init_buf_hdr(&q_c->hdr_sec, sec_buf->len, sec_buf->len);
+       init_buf_hdr(&q_c->hdr_sec, sec_buf->sd_size, sec_buf->sd_size);
        q_c->ptr3 = 1;
        q_c->disposition = TALLOC_P( get_talloc_ctx(), uint32 );
        if (!q_c->disposition) {
@@ -704,7 +704,7 @@ void init_reg_q_set_key_sec(REG_Q_SET_KEY_SEC *q_u, POLICY_HND *pol,
        q_u->sec_info = sec_info;
 
        q_u->ptr = 1;
-       init_buf_hdr(&q_u->hdr_sec, sec_desc_buf->len, sec_desc_buf->len);
+       init_buf_hdr(&q_u->hdr_sec, sec_desc_buf->sd_size, sec_desc_buf->sd_size);
        q_u->data = sec_desc_buf;
 }
 
diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c
index 6a752688a0bc59ab5d48829b0c04368540c1e1b1..32a8a8cd3291026994a957e0edddadced2f550ae 100644 (file)
--- a/source3/rpc_parse/parse_sec.c
+++ b/source3/rpc_parse/parse_sec.c
@@ -39,7 +39,7 @@ BOOL sec_io_access(const char *desc, SEC_ACCESS *t, prs_struct *ps, int depth)
        prs_debug(ps, depth, desc, "sec_io_access");
        depth++;
        
-       if(!prs_uint32("mask", ps, depth, &t->mask))
+       if(!prs_uint32("mask", ps, depth, t))
                return False;
 
        return True;
@@ -62,7 +62,7 @@ BOOL sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
        
        old_offset = prs_offset(ps);
 
-       if(!prs_uint8("type ", ps, depth, &psa->type))
+       if(!prs_uint8("type ", ps, depth, (uint8*)&psa->type))
                return False;
 
        if(!prs_uint8("flags", ps, depth, &psa->flags))
@@ -71,7 +71,7 @@ BOOL sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
        if(!prs_uint16_pre("size ", ps, depth, &psa->size, &offset_ace_size))
                return False;
 
-       if(!sec_io_access("info ", &psa->info, ps, depth))
+       if(!prs_uint32("access_mask", ps, depth, &psa->access_mask))
                return False;
 
        /* check whether object access is present */
@@ -79,15 +79,15 @@ BOOL sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
                if (!smb_io_dom_sid("trustee  ", &psa->trustee , ps, depth))
                        return False;
        } else {
-               if (!prs_uint32("obj_flags", ps, depth, &psa->obj_flags))
+               if (!prs_uint32("obj_flags", ps, depth, &psa->object.object.flags))
                        return False;
 
-               if (psa->obj_flags & SEC_ACE_OBJECT_PRESENT)
-                       if (!smb_io_uuid("obj_guid", &psa->obj_guid, ps,depth))
+               if (psa->object.object.flags & SEC_ACE_OBJECT_PRESENT)
+                       if (!smb_io_uuid("obj_guid", &psa->object.object.type.type, ps,depth))
                                return False;
 
-               if (psa->obj_flags & SEC_ACE_OBJECT_INHERITED_PRESENT)
-                       if (!smb_io_uuid("inh_guid", &psa->inh_guid, ps,depth))
+               if (psa->object.object.flags & SEC_ACE_OBJECT_INHERITED_PRESENT)
+                       if (!smb_io_uuid("inh_guid", &psa->object.object.inherited_type.inherited_type, ps,depth))
                                return False;
 
                if(!smb_io_dom_sid("trustee  ", &psa->trustee , ps, depth))
@@ -155,7 +155,7 @@ BOOL sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth)
        
        old_offset = prs_offset(ps);
 
-       if(!prs_uint16("revision", ps, depth, &psa->revision))
+       if(!prs_uint16("revision", ps, depth, (uint16 *)&psa->revision))
                return False;
 
        if(!prs_uint16_pre("size     ", ps, depth, &psa->size, &offset_acl_size))
@@ -170,14 +170,14 @@ BOOL sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth)
                 * between a non-present DACL (allow all access) and a DACL with no ACE's
                 * (allow no access).
                 */
-               if((psa->ace = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces+1)) == NULL)
+               if((psa->aces = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces+1)) == NULL)
                        return False;
        }
 
        for (i = 0; i < psa->num_aces; i++) {
                fstring tmp;
                slprintf(tmp, sizeof(tmp)-1, "ace_list[%02d]: ", i);
-               if(!sec_io_ace(tmp, &psa->ace[i], ps, depth))
+               if(!sec_io_ace(tmp, &psa->aces[i], ps, depth))
                        return False;
        }
 
@@ -211,6 +211,7 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
        uint32 old_offset;
        uint32 max_offset = 0; /* after we're done, move offset to end */
        uint32 tmp_offset = 0;
+       uint32 off_sacl, off_dacl, off_owner_sid, off_grp_sid;
 
        SEC_DESC *psd;
 
@@ -236,7 +237,7 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
        /* start of security descriptor stored for back-calc offset purposes */
        old_offset = prs_offset(ps);
 
-       if(!prs_uint16("revision ", ps, depth, &psd->revision))
+       if(!prs_uint16("revision ", ps, depth, (uint16*)&psd->revision))
                return False;
 
        if(!prs_uint16("type     ", ps, depth, &psd->type))
@@ -250,52 +251,52 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
                 */
 
                if (psd->sacl != NULL) {
-                       psd->off_sacl = offset;
+                       off_sacl = offset;
                        offset += psd->sacl->size;
                } else {
-                       psd->off_sacl = 0;
+                       off_sacl = 0;
                }
 
                if (psd->dacl != NULL) {
-                       psd->off_dacl = offset;
+                       off_dacl = offset;
                        offset += psd->dacl->size;
                } else {
-                       psd->off_dacl = 0;
+                       off_dacl = 0;
                }
 
                if (psd->owner_sid != NULL) {
-                       psd->off_owner_sid = offset;
+                       off_owner_sid = offset;
                        offset += sid_size(psd->owner_sid);
                } else {
-                       psd->off_owner_sid = 0;
+                       off_owner_sid = 0;
                }
 
-               if (psd->grp_sid != NULL) {
-                       psd->off_grp_sid = offset;
-                       offset += sid_size(psd->grp_sid);
+               if (psd->group_sid != NULL) {
+                       off_grp_sid = offset;
+                       offset += sid_size(psd->group_sid);
                } else {
-                       psd->off_grp_sid = 0;
+                       off_grp_sid = 0;
                }
        }
 
-       if(!prs_uint32("off_owner_sid", ps, depth, &psd->off_owner_sid))
+       if(!prs_uint32("off_owner_sid", ps, depth, &off_owner_sid))
                return False;
 
-       if(!prs_uint32("off_grp_sid  ", ps, depth, &psd->off_grp_sid))
+       if(!prs_uint32("off_grp_sid  ", ps, depth, &off_grp_sid))
                return False;
 
-       if(!prs_uint32("off_sacl     ", ps, depth, &psd->off_sacl))
+       if(!prs_uint32("off_sacl     ", ps, depth, &off_sacl))
                return False;
 
-       if(!prs_uint32("off_dacl     ", ps, depth, &psd->off_dacl))
+       if(!prs_uint32("off_dacl     ", ps, depth, &off_dacl))
                return False;
 
        max_offset = MAX(max_offset, prs_offset(ps));
 
-       if (psd->off_owner_sid != 0) {
+       if (off_owner_sid != 0) {
 
                tmp_offset = prs_offset(ps);
-               if(!prs_set_offset(ps, old_offset + psd->off_owner_sid))
+               if(!prs_set_offset(ps, old_offset + off_owner_sid))
                        return False;
 
                if (UNMARSHALLING(ps)) {
@@ -313,19 +314,19 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
                        return False;
        }
 
-       if (psd->off_grp_sid != 0) {
+       if (psd->group_sid != 0) {
 
                tmp_offset = prs_offset(ps);
-               if(!prs_set_offset(ps, old_offset + psd->off_grp_sid))
+               if(!prs_set_offset(ps, old_offset + off_grp_sid))
                        return False;
 
                if (UNMARSHALLING(ps)) {
                        /* reading */
-                       if((psd->grp_sid = PRS_ALLOC_MEM(ps,DOM_SID,1)) == NULL)
+                       if((psd->group_sid = PRS_ALLOC_MEM(ps,DOM_SID,1)) == NULL)
                                return False;
                }
 
-               if(!smb_io_dom_sid("grp_sid", psd->grp_sid, ps, depth))
+               if(!smb_io_dom_sid("grp_sid", psd->group_sid, ps, depth))
                        return False;
                        
                max_offset = MAX(max_offset, prs_offset(ps));
@@ -334,9 +335,9 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
                        return False;
        }
 
-       if ((psd->type & SEC_DESC_SACL_PRESENT) && psd->off_sacl) {
+       if ((psd->type & SEC_DESC_SACL_PRESENT) && off_sacl) {
                tmp_offset = prs_offset(ps);
-               if(!prs_set_offset(ps, old_offset + psd->off_sacl))
+               if(!prs_set_offset(ps, old_offset + off_sacl))
                        return False;
                if(!sec_io_acl("sacl", &psd->sacl, ps, depth))
                        return False;
@@ -345,9 +346,9 @@ BOOL sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
                        return False;
        }
 
-       if ((psd->type & SEC_DESC_DACL_PRESENT) && psd->off_dacl != 0) {
+       if ((psd->type & SEC_DESC_DACL_PRESENT) && off_dacl != 0) {
                tmp_offset = prs_offset(ps);
-               if(!prs_set_offset(ps, old_offset + psd->off_dacl))
+               if(!prs_set_offset(ps, old_offset + off_dacl))
                        return False;
                if(!sec_io_acl("dacl", &psd->dacl, ps, depth))
                        return False;
@@ -372,7 +373,9 @@ BOOL sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int
        uint32 off_max_len;
        uint32 old_offset;
        uint32 size;
+       uint32 len;
        SEC_DESC_BUF *psdb;
+       uint32 ptr;
 
        if (ppsdb == NULL)
                return False;
@@ -391,20 +394,22 @@ BOOL sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int
        if(!prs_align(ps))
                return False;
        
-       if(!prs_uint32_pre("max_len", ps, depth, &psdb->max_len, &off_max_len))
+       if(!prs_uint32_pre("max_len", ps, depth, &psdb->sd_size, &off_max_len))
                return False;
 
-       if(!prs_uint32    ("ptr  ", ps, depth, &psdb->ptr))
+       ptr = 1;
+       if(!prs_uint32    ("ptr  ", ps, depth, &ptr))
                return False;
 
-       if(!prs_uint32_pre("len    ", ps, depth, &psdb->len, &off_len))
+       len = sec_desc_size(psdb->sd);
+       if(!prs_uint32_pre("len    ", ps, depth, &len, &off_len))
                return False;
 
        old_offset = prs_offset(ps);
 
        /* reading, length is non-zero; writing, descriptor is non-NULL */
-       if ((UNMARSHALLING(ps) && psdb->len != 0) || (MARSHALLING(ps) && psdb->sec != NULL)) {
-               if(!sec_io_desc("sec   ", &psdb->sec, ps, depth))
+       if ((UNMARSHALLING(ps) && psdb->sd_size != 0) || (MARSHALLING(ps) && psdb->sd != NULL)) {
+               if(!sec_io_desc("sec   ", &psdb->sd, ps, depth))
                        return False;
        }
 
@@ -412,10 +417,10 @@ BOOL sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int
                return False;
        
        size = prs_offset(ps) - old_offset;
-       if(!prs_uint32_post("max_len", ps, depth, &psdb->max_len, off_max_len, size == 0 ? psdb->max_len : size))
+       if(!prs_uint32_post("max_len", ps, depth, &psdb->sd_size, off_max_len, size == 0 ? psdb->sd_size : size))
                return False;
 
-       if(!prs_uint32_post("len    ", ps, depth, &psdb->len, off_len, size))
+       if(!prs_uint32_post("len    ", ps, depth, &len, off_len, size))
                return False;
 
        return True;
diff --git a/source3/rpc_parse/parse_spoolss.c b/source3/rpc_parse/parse_spoolss.c
index ec64e10a597e20712d51880acaf7dac86d3d6b5d..e878744a1bee91a6548ccc99adf5ca1972248972 100644 (file)
--- a/source3/rpc_parse/parse_spoolss.c
+++ b/source3/rpc_parse/parse_spoolss.c
@@ -3775,10 +3775,8 @@ BOOL make_spoolss_q_setprinter(TALLOC_CTX *mem_ctx, SPOOL_Q_SETPRINTER *q_u,
                q_u->secdesc_ctr = SMB_MALLOC_P(SEC_DESC_BUF);
                if (!q_u->secdesc_ctr)
                        return False;
-               q_u->secdesc_ctr->ptr = (secdesc != NULL) ? 1: 0;
-               q_u->secdesc_ctr->max_len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
-               q_u->secdesc_ctr->len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
-               q_u->secdesc_ctr->sec = secdesc;
+               q_u->secdesc_ctr->sd = secdesc;
+               q_u->secdesc_ctr->sd_size = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
 
                q_u->devmode_ctr.devmode_ptr = (devmode != NULL) ? 1 : 0;
                q_u->devmode_ctr.size = (devmode != NULL) ? sizeof(DEVICEMODE) + (3*sizeof(uint32)) : 0;
@@ -3799,10 +3797,8 @@ BOOL make_spoolss_q_setprinter(TALLOC_CTX *mem_ctx, SPOOL_Q_SETPRINTER *q_u,
                q_u->secdesc_ctr = SMB_MALLOC_P(SEC_DESC_BUF);
                if (!q_u->secdesc_ctr)
                        return False;
-               q_u->secdesc_ctr->ptr = (secdesc != NULL) ? 1: 0;
-               q_u->secdesc_ctr->max_len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
-               q_u->secdesc_ctr->len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
-               q_u->secdesc_ctr->sec = secdesc;
+               q_u->secdesc_ctr->sd_size = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0;
+               q_u->secdesc_ctr->sd = secdesc;
 
                break;
        case 7:
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 16dec45318c8e05565a9a61579287611a5e6abfe..1a396a2391c1bbdd4924c1ebf58bd20f5a87aa25 100644 (file)
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -3008,8 +3008,8 @@ static void spoolss_notify_security_desc(int snum,
                                         NT_PRINTER_INFO_LEVEL *printer,
                                         TALLOC_CTX *mem_ctx)
 {
-       data->notify_data.sd.size = printer->info_2->secdesc_buf->len;
-       data->notify_data.sd.desc = dup_sec_desc( mem_ctx, printer->info_2->secdesc_buf->sec ) ;
+       data->notify_data.sd.size = printer->info_2->secdesc_buf->sd_size;
+       data->notify_data.sd.desc = dup_sec_desc( mem_ctx, printer->info_2->secdesc_buf->sd ) ;
 }
 
 /*******************************************************************
@@ -4154,13 +4154,13 @@ static BOOL construct_printer_info_2(Printer_entry *print_hnd, PRINTER_INFO_2 *p
        printer->secdesc = NULL;
 
        if ( ntprinter->info_2->secdesc_buf 
-               && ntprinter->info_2->secdesc_buf->len != 0 ) 
+               && ntprinter->info_2->secdesc_buf->sd_size != 0 ) 
        {
                /* don't use talloc_steal() here unless you do a deep steal of all 
                   the SEC_DESC members */
 
                printer->secdesc = dup_sec_desc( get_talloc_ctx(), 
-                       ntprinter->info_2->secdesc_buf->sec );
+                       ntprinter->info_2->secdesc_buf->sd );
        }
 
        free_a_printer(&ntprinter, 2);
@@ -4194,12 +4194,12 @@ static BOOL construct_printer_info_3(Printer_entry *print_hnd, PRINTER_INFO_3 **
 
        printer->flags = 0x4; 
 
-       if (ntprinter->info_2->secdesc_buf && ntprinter->info_2->secdesc_buf->len != 0) {
+       if (ntprinter->info_2->secdesc_buf && ntprinter->info_2->secdesc_buf->sd_size != 0) {
                /* don't use talloc_steal() here unless you do a deep steal of all 
                   the SEC_DESC members */
 
                printer->secdesc = dup_sec_desc( get_talloc_ctx(), 
-                       ntprinter->info_2->secdesc_buf->sec );
+                       ntprinter->info_2->secdesc_buf->sd );
        }
 
        free_a_printer(&ntprinter, 2);
@@ -5845,20 +5845,20 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
                SEC_ACL *the_acl;
                int i;
 
-               the_acl = old_secdesc_ctr->sec->dacl;
+               the_acl = old_secdesc_ctr->sd->dacl;
                DEBUG(10, ("old_secdesc_ctr for %s has %d aces:\n", 
                           PRINTERNAME(snum), the_acl->num_aces));
 
                for (i = 0; i < the_acl->num_aces; i++) {
                        fstring sid_str;
 
-                       sid_to_string(sid_str, &the_acl->ace[i].trustee);
+                       sid_to_string(sid_str, &the_acl->aces[i].trustee);
 
                        DEBUG(10, ("%s 0x%08x\n", sid_str, 
-                                 the_acl->ace[i].info.mask));
+                                 the_acl->aces[i].access_mask));
                }
 
-               the_acl = secdesc_ctr->sec->dacl;
+               the_acl = secdesc_ctr->sd->dacl;
 
                if (the_acl) {
                        DEBUG(10, ("secdesc_ctr for %s has %d aces:\n", 
@@ -5867,10 +5867,10 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
                        for (i = 0; i < the_acl->num_aces; i++) {
                                fstring sid_str;
                                
-                               sid_to_string(sid_str, &the_acl->ace[i].trustee);
+                               sid_to_string(sid_str, &the_acl->aces[i].trustee);
                                
                                DEBUG(10, ("%s 0x%08x\n", sid_str, 
-                                          the_acl->ace[i].info.mask));
+                                          the_acl->aces[i].access_mask));
                        }
                } else {
                        DEBUG(10, ("dacl for secdesc_ctr is NULL\n"));
@@ -5883,7 +5883,7 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
                goto done;
        }
 
-       if (sec_desc_equal(new_secdesc_ctr->sec, old_secdesc_ctr->sec)) {
+       if (sec_desc_equal(new_secdesc_ctr->sd, old_secdesc_ctr->sd)) {
                result = WERR_OK;
                goto done;
        }
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index c65401f1c4d52fa7ade65e898c34d50e60cb2624..21032a4ed94aff93ba4cb1ad1e66200b63ba5deb 100644 (file)
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -309,11 +309,11 @@ static void map_generic_share_sd_bits(SEC_DESC *psd)
                return;
 
        for (i = 0; i < ps_dacl->num_aces; i++) {
-               SEC_ACE *psa = &ps_dacl->ace[i];
-               uint32 orig_mask = psa->info.mask;
+               SEC_ACE *psa = &ps_dacl->aces[i];
+               uint32 orig_mask = psa->access_mask;
 
-               se_map_generic(&psa->info.mask, &file_generic_mapping);
-               psa->info.mask |= orig_mask;
+               se_map_generic(&psa->access_mask, &file_generic_mapping);
+               psa->access_mask |= orig_mask;
        }       
 }
 
@@ -1538,7 +1538,7 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
        case 1501:
                pstrcpy(pathname, lp_pathname(snum));
                fstrcpy(comment, lp_comment(snum));
-               psd = q_u->info.share.info1501.sdb->sec;
+               psd = q_u->info.share.info1501.sdb->sd;
                map_generic_share_sd_bits(psd);
                type = STYPE_DISKTREE;
                break;
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index 3cd242cd4d86b562234aafec2b6edf314fdc335f..7134f5fbf273fa849ba267eaa364616cb2c38e90 100644 (file)
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -834,7 +834,7 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
 
        /* Print results */
 
-       display_sec_desc(sdb->sec);
+       display_sec_desc(sdb->sd);
 
        rpccli_lsa_close(cli, mem_ctx, &pol);
  done:
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index cc0fe619908d2f2ecbf28cf069c470bcff70274b..04ffa002d25127d31725b9b5fa3a038b3d634e00 100644 (file)
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1994,7 +1994,7 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
        if (!NT_STATUS_IS_OK(result))
                goto done;
 
-       display_sec_desc(sec_desc_buf->sec);
+       display_sec_desc(sec_desc_buf->sd);
 
        rpccli_samr_close(cli, mem_ctx, &user_pol);
        rpccli_samr_close(cli, mem_ctx, &domain_pol);
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index c5e48a6324a91a7dd558fbc4576d6f69c368b851..9cebd21d7d04a25cec8b378e0801c09f43c7904f 100644 (file)
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1009,16 +1009,16 @@ static NTSTATUS set_sd(files_struct *fsp, char *data, uint32 sd_len, uint32 secu
                return NT_STATUS_NO_MEMORY;
        }
        
-       if (psd->off_owner_sid==0) {
+       if (psd->owner_sid==0) {
                security_info_sent &= ~OWNER_SECURITY_INFORMATION;
        }
-       if (psd->off_grp_sid==0) {
+       if (psd->group_sid==0) {
                security_info_sent &= ~GROUP_SECURITY_INFORMATION;
        }
-       if (psd->off_sacl==0) {
+       if (psd->sacl==0) {
                security_info_sent &= ~SACL_SECURITY_INFORMATION;
        }
-       if (psd->off_dacl==0) {
+       if (psd->dacl==0) {
                security_info_sent &= ~DACL_SECURITY_INFORMATION;
        }
        
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 18ef187f382820ef1753fe6d0b9f7b9e6b30b47e..3b38b91547c0ec42970e9e3c8f7c66c161530468 100644 (file)
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -860,36 +860,36 @@ static SEC_ACCESS map_canon_ace_perms(int snum, int *pacl_type, DOM_SID *powner_
 #define FILE_SPECIFIC_WRITE_BITS (FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_WRITE_EA|FILE_WRITE_ATTRIBUTES)
 #define FILE_SPECIFIC_EXECUTE_BITS (FILE_EXECUTE)
 
-static mode_t map_nt_perms( SEC_ACCESS sec_access, int type)
+static mode_t map_nt_perms( uint32 *mask, int type)
 {
        mode_t mode = 0;
 
        switch(type) {
        case S_IRUSR:
-               if(sec_access.mask & GENERIC_ALL_ACCESS)
+               if((*mask) & GENERIC_ALL_ACCESS)
                        mode = S_IRUSR|S_IWUSR|S_IXUSR;
                else {
-                       mode |= (sec_access.mask & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRUSR : 0;
-                       mode |= (sec_access.mask & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWUSR : 0;
-                       mode |= (sec_access.mask & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXUSR : 0;
+                       mode |= ((*mask) & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRUSR : 0;
+                       mode |= ((*mask) & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWUSR : 0;
+                       mode |= ((*mask) & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXUSR : 0;
                }
                break;
        case S_IRGRP:
-               if(sec_access.mask & GENERIC_ALL_ACCESS)
+               if((*mask) & GENERIC_ALL_ACCESS)
                        mode = S_IRGRP|S_IWGRP|S_IXGRP;
                else {
-                       mode |= (sec_access.mask & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRGRP : 0;
-                       mode |= (sec_access.mask & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWGRP : 0;
-                       mode |= (sec_access.mask & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXGRP : 0;
+                       mode |= ((*mask) & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IRGRP : 0;
+                       mode |= ((*mask) & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWGRP : 0;
+                       mode |= ((*mask) & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXGRP : 0;
                }
                break;
        case S_IROTH:
-               if(sec_access.mask & GENERIC_ALL_ACCESS)
+               if((*mask) & GENERIC_ALL_ACCESS)
                        mode = S_IROTH|S_IWOTH|S_IXOTH;
                else {
-                       mode |= (sec_access.mask & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IROTH : 0;
-                       mode |= (sec_access.mask & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWOTH : 0;
-                       mode |= (sec_access.mask & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXOTH : 0;
+                       mode |= ((*mask) & (GENERIC_READ_ACCESS|FILE_SPECIFIC_READ_BITS)) ? S_IROTH : 0;
+                       mode |= ((*mask) & (GENERIC_WRITE_ACCESS|FILE_SPECIFIC_WRITE_BITS)) ? S_IWOTH : 0;
+                       mode |= ((*mask) & (GENERIC_EXECUTE_ACCESS|FILE_SPECIFIC_EXECUTE_BITS)) ? S_IXOTH : 0;
                }
                break;
        }
@@ -950,7 +950,7 @@ BOOL unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_
         */
 
        if (security_info_sent & GROUP_SECURITY_INFORMATION) {
-               sid_copy(&grp_sid, psd->grp_sid);
+               sid_copy(&grp_sid, psd->group_sid);
                if (!sid_to_gid( &grp_sid, pgrp)) {
                        if (lp_force_unknown_acl_user(snum)) {
                                /* this allows take group ownership to work
@@ -1254,7 +1254,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
         */
 
        for(i = 0; i < dacl->num_aces; i++) {
-               SEC_ACE *psa = &dacl->ace[i];
+               SEC_ACE *psa = &dacl->aces[i];
 
                if((psa->type != SEC_ACE_TYPE_ACCESS_ALLOWED) && (psa->type != SEC_ACE_TYPE_ACCESS_DENIED)) {
                        DEBUG(3,("create_canon_ace_lists: unable to set anything but an ALLOW or DENY ACE.\n"));
@@ -1273,12 +1273,12 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
                         * Convert GENERIC bits to specific bits.
                         */
  
-                       se_map_generic(&psa->info.mask, &file_generic_mapping);
+                       se_map_generic(&psa->access_mask, &file_generic_mapping);
 
-                       psa->info.mask &= (UNIX_ACCESS_NONE|FILE_ALL_ACCESS);
+                       psa->access_mask &= (UNIX_ACCESS_NONE|FILE_ALL_ACCESS);
 
-                       if(psa->info.mask != UNIX_ACCESS_NONE)
-                               psa->info.mask &= ~UNIX_ACCESS_NONE;
+                       if(psa->access_mask != UNIX_ACCESS_NONE)
+                               psa->access_mask &= ~UNIX_ACCESS_NONE;
                }
        }
 
@@ -1291,12 +1291,12 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
         */
 
        for(i = 0; i < dacl->num_aces; i++) {
-               SEC_ACE *psa1 = &dacl->ace[i];
+               SEC_ACE *psa1 = &dacl->aces[i];
 
                for (j = i + 1; j < dacl->num_aces; j++) {
-                       SEC_ACE *psa2 = &dacl->ace[j];
+                       SEC_ACE *psa2 = &dacl->aces[j];
 
-                       if (psa1->info.mask != psa2->info.mask)
+                       if (psa1->access_mask != psa2->access_mask)
                                continue;
 
                        if (!sid_equal(&psa1->trustee, &psa2->trustee))
@@ -1322,7 +1322,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
        }
 
        for(i = 0; i < dacl->num_aces; i++) {
-               SEC_ACE *psa = &dacl->ace[i];
+               SEC_ACE *psa = &dacl->aces[i];
 
                /*
                 * Ignore non-mappable SIDs (NT Authority, BUILTIN etc).
@@ -1408,7 +1408,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
                 * S_I(R|W|X)USR bits.
                 */
 
-               current_ace->perms |= map_nt_perms( psa->info, S_IRUSR);
+               current_ace->perms |= map_nt_perms( &psa->access_mask, S_IRUSR);
                current_ace->attr = (psa->type == SEC_ACE_TYPE_ACCESS_ALLOWED) ? ALLOW_ACE : DENY_ACE;
                current_ace->inherited = ((psa->flags & SEC_ACE_FLAG_INHERITED_ACE) ? True : False);
 
@@ -2641,7 +2641,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
                        /* We know the lower number ACE's are file entries. */
                        if ((nt_ace_list[i].type == nt_ace_list[j].type) &&
                                (nt_ace_list[i].size == nt_ace_list[j].size) &&
-                               (nt_ace_list[i].info.mask == nt_ace_list[j].info.mask) &&
+                               (nt_ace_list[i].access_mask == nt_ace_list[j].access_mask) &&
                                sid_equal(&nt_ace_list[i].trustee, &nt_ace_list[j].trustee) &&
                                (i_inh == j_inh) &&
                                (i_flags_ni == 0) &&
@@ -2654,7 +2654,7 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
                                 * the non-inherited ACE onto the inherited ACE.
                                 */
 
-                               if (nt_ace_list[i].info.mask == 0) {
+                               if (nt_ace_list[i].access_mask == 0) {
                                        nt_ace_list[j].flags = SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|
                                                                (i_inh ? SEC_ACE_FLAG_INHERITED_ACE : 0);
                                        if (num_aces - i - 1 > 0)
@@ -2954,7 +2954,7 @@ size_t get_nt_acl(files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc)
        }
 
        if (psd->dacl) {
-               dacl_sort_into_canonical_order(psd->dacl->ace, (unsigned int)psd->dacl->num_aces);
+               dacl_sort_into_canonical_order(psd->dacl->aces, (unsigned int)psd->dacl->num_aces);
        }
 
        *ppdesc = psd;
diff --git a/source3/tdb/include/tdbutil.h b/source3/tdb/include/tdbutil.h
index 1bc000337b1fc1a5c2e94accdc57bebea34bcb22..72d1505f4e8c9efafbd1f010f16a7382cf083ca2 100644 (file)
--- a/source3/tdb/include/tdbutil.h
+++ b/source3/tdb/include/tdbutil.h
@@ -47,9 +47,9 @@ int tdb_read_lock_bystring_with_timeout(TDB_CONTEXT *tdb, const char *keyval,
                                        unsigned int timeout);
 void tdb_read_unlock_bystring(TDB_CONTEXT *tdb, const char *keyval);
 int32_t tdb_fetch_int32(struct tdb_context *tdb, const char *keystr);
-BOOL tdb_store_uint32(struct tdb_context *tdb, const char *keystr, uint32_t value);
+int tdb_store_uint32(struct tdb_context *tdb, const char *keystr, uint32_t value);
 int tdb_store_int32(struct tdb_context *tdb, const char *keystr, int32_t v);
-BOOL tdb_fetch_uint32(struct tdb_context *tdb, const char *keystr, uint32_t *value);
+int tdb_fetch_uint32(struct tdb_context *tdb, const char *keystr, uint32_t *value);
 int tdb_traverse_delete_fn(struct tdb_context *the_tdb, TDB_DATA key, TDB_DATA dbuf,
                      void *state);
 int tdb_store_bystring(struct tdb_context *tdb, const char *keystr, TDB_DATA data, int flags);
@@ -63,7 +63,7 @@ TDB_DATA make_tdb_data(const char *dptr, size_t dsize);
 TDB_DATA string_tdb_data(const char *string);
 int tdb_trans_store(struct tdb_context *tdb, TDB_DATA key, TDB_DATA dbuf,
                    int flag);
-BOOL tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr,
+int tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr,
                              uint32 *oldval, uint32 change_val);
 int tdb_chainlock_with_timeout( TDB_CONTEXT *tdb, TDB_DATA key,
                                unsigned int timeout);
diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c
index 6a306a99830b33e919f6f2e6b4d3bd4915ce4b81..a41f9ec5623e9fe45afb7f86b7959e4854d8fef8 100644 (file)
--- a/source3/utils/net_usershare.c
+++ b/source3/utils/net_usershare.c
@@ -372,7 +372,7 @@ static int info_fn(struct file_list *fl, void *priv)
                const char *name;
                NTSTATUS ntstatus;
 
-               ntstatus = net_lookup_name_from_sid(ctx, &psd->dacl->ace[num_aces].trustee, &domain, &name);
+               ntstatus = net_lookup_name_from_sid(ctx, &psd->dacl->aces[num_aces].trustee, &domain, &name);
 
                if (NT_STATUS_IS_OK(ntstatus)) {
                        if (domain && *domain) {
@@ -382,15 +382,15 @@ static int info_fn(struct file_list *fl, void *priv)
                        pstrcat(acl_str,name);
                } else {
                        fstring sidstr;
-                       sid_to_string(sidstr, &psd->dacl->ace[num_aces].trustee);
+                       sid_to_string(sidstr, &psd->dacl->aces[num_aces].trustee);
                        pstrcat(acl_str,sidstr);
                }
                pstrcat(acl_str, ":");
 
-               if (psd->dacl->ace[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
+               if (psd->dacl->aces[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
                        pstrcat(acl_str, "D,");
                } else {
-                       if (psd->dacl->ace[num_aces].info.mask & GENERIC_ALL_ACCESS) {
+                       if (psd->dacl->aces[num_aces].access_mask & GENERIC_ALL_ACCESS) {
                                pstrcat(acl_str, "F,");
                        } else {
                                pstrcat(acl_str, "R,");
diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c
index d40a2deea3bac6a76b687a696ba298bac5bf3875..d5b14fdfb043abc910a405e01e65532872d35b00 100644 (file)
--- a/source3/utils/profiles.c
+++ b/source3/utils/profiles.c
@@ -43,14 +43,14 @@ static BOOL swap_sid_in_acl( SEC_DESC *sd, DOM_SID *s1, DOM_SID *s2 )
                update = True;
        }
 
-       if ( sid_equal( sd->grp_sid, s1 ) ) {
-               sid_copy( sd->grp_sid, s2 );
+       if ( sid_equal( sd->group_sid, s1 ) ) {
+               sid_copy( sd->group_sid, s2 );
                update = True;
        }
 
        for ( i=0; i<acl->num_aces; i++ ) {
-               if ( sid_equal( &acl->ace[i].trustee, s1 ) ) {
-                       sid_copy( &acl->ace[i].trustee, s2 );
+               if ( sid_equal( &acl->aces[i].trustee, s1 ) ) {
+                       sid_copy( &acl->aces[i].trustee, s2 );
                        update = True;
                }
        }
diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c
index 3f66d4da6e3fc51759ef86eb721ed79238797b67..5749cf2f555888259977b6169895cb166604a397 100644 (file)
--- a/source3/utils/sharesec.c
+++ b/source3/utils/sharesec.c
@@ -75,7 +75,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
 
        if (numeric) {
                fprintf(f, "%d/%d/0x%08x", 
-                       ace->type, ace->flags, ace->info.mask);
+                       ace->type, ace->flags, ace->access_mask);
                return;
        }
 
@@ -96,7 +96,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
        /* Standard permissions */
 
        for (v = standard_values; v->perm; v++) {
-               if (ace->info.mask == v->mask) {
+               if (ace->access_mask == v->mask) {
                        fprintf(f, "%s", v->perm);
                        return;
                }
@@ -105,11 +105,11 @@ static void print_ace(FILE *f, SEC_ACE *ace)
        /* Special permissions.  Print out a hex value if we have
           leftover bits in the mask. */
 
-       got_mask = ace->info.mask;
+       got_mask = ace->access_mask;
 
  again:
        for (v = special_values; v->perm; v++) {
-               if ((ace->info.mask & v->mask) == v->mask) {
+               if ((ace->access_mask & v->mask) == v->mask) {
                        if (do_print) {
                                fprintf(f, "%s", v->perm);
                        }
@@ -119,7 +119,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
 
        if (!do_print) {
                if (got_mask != 0) {
-                       fprintf(f, "0x%08x", ace->info.mask);
+                       fprintf(f, "0x%08x", ace->access_mask);
                } else {
                        do_print = 1;
                        goto again;
@@ -148,8 +148,8 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
 
        fprintf(f, "OWNER:%s\n", sidstr);
 
-       if (sd->grp_sid) {
-               sid_to_string(sidstr, sd->grp_sid);
+       if (sd->group_sid) {
+               sid_to_string(sidstr, sd->group_sid);
        } else {
                fstrcpy(sidstr, "");
        }
@@ -158,7 +158,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
 
        /* Print aces */
        for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
-               SEC_ACE *ace = &sd->dacl->ace[i];
+               SEC_ACE *ace = &sd->dacl->aces[i];
                fprintf(f, "ACL:");
                print_ace(f, ace);
                fprintf(f, "\n");
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 85c59db5ec31936158a438d997f1367e300f0309..67de8c73355a4ccbaf33e66ab85c8fc5bcdcbf9e 100644 (file)
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -172,7 +172,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
 
        if (numeric) {
                fprintf(f, "%d/%d/0x%08x", 
-                       ace->type, ace->flags, ace->info.mask);
+                       ace->type, ace->flags, ace->access_mask);
                return;
        }
 
@@ -193,7 +193,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
        /* Standard permissions */
 
        for (v = standard_values; v->perm; v++) {
-               if (ace->info.mask == v->mask) {
+               if (ace->access_mask == v->mask) {
                        fprintf(f, "%s", v->perm);
                        return;
                }
@@ -202,11 +202,11 @@ static void print_ace(FILE *f, SEC_ACE *ace)
        /* Special permissions.  Print out a hex value if we have
           leftover bits in the mask. */
 
-       got_mask = ace->info.mask;
+       got_mask = ace->access_mask;
 
  again:
        for (v = special_values; v->perm; v++) {
-               if ((ace->info.mask & v->mask) == v->mask) {
+               if ((ace->access_mask & v->mask) == v->mask) {
                        if (do_print) {
                                fprintf(f, "%s", v->perm);
                        }
@@ -216,7 +216,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
 
        if (!do_print) {
                if (got_mask != 0) {
-                       fprintf(f, "0x%08x", ace->info.mask);
+                       fprintf(f, "0x%08x", ace->access_mask);
                } else {
                        do_print = 1;
                        goto again;
@@ -348,7 +348,7 @@ static BOOL parse_ace(SEC_ACE *ace, const char *orig_str)
        }
 
  done:
-       mask.mask = amask;
+       mask = amask;
        init_sec_ace(ace, &sid, atype, mask, aflags);
        SAFE_FREE(str);
        return True;
@@ -366,7 +366,7 @@ static BOOL add_ace(SEC_ACL **the_acl, SEC_ACE *ace)
        if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
                return False;
        }
-       memcpy(aces, (*the_acl)->ace, (*the_acl)->num_aces * sizeof(SEC_ACE));
+       memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
        memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
        new_ace = make_sec_acl(ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
        SAFE_FREE(aces);
@@ -465,8 +465,8 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
 
        fprintf(f, "OWNER:%s\n", sidstr);
 
-       if (sd->grp_sid) {
-               SidToString(sidstr, sd->grp_sid);
+       if (sd->group_sid) {
+               SidToString(sidstr, sd->group_sid);
        } else {
                fstrcpy(sidstr, "");
        }
@@ -475,7 +475,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
 
        /* Print aces */
        for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
-               SEC_ACE *ace = &sd->dacl->ace[i];
+               SEC_ACE *ace = &sd->dacl->aces[i];
                fprintf(f, "ACL:");
                print_ace(f, ace);
                fprintf(f, "\n");
@@ -593,8 +593,8 @@ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
        if (ace1->flags != ace2->flags) 
                return ace1->flags - ace2->flags;
 
-       if (ace1->info.mask != ace2->info.mask) 
-               return ace1->info.mask - ace2->info.mask;
+       if (ace1->access_mask != ace2->access_mask) 
+               return ace1->access_mask - ace2->access_mask;
 
        if (ace1->size != ace2->size) 
                return ace1->size - ace2->size;
@@ -607,13 +607,13 @@ static void sort_acl(SEC_ACL *the_acl)
        uint32 i;
        if (!the_acl) return;
 
-       qsort(the_acl->ace, the_acl->num_aces, sizeof(the_acl->ace[0]), QSORT_CAST ace_compare);
+       qsort(the_acl->aces, the_acl->num_aces, sizeof(the_acl->aces[0]), QSORT_CAST ace_compare);
 
        for (i=1;i<the_acl->num_aces;) {
-               if (sec_ace_equal(&the_acl->ace[i-1], &the_acl->ace[i])) {
+               if (sec_ace_equal(&the_acl->aces[i-1], &the_acl->aces[i])) {
                        int j;
                        for (j=i; j<the_acl->num_aces-1; j++) {
-                               the_acl->ace[j] = the_acl->ace[j+1];
+                               the_acl->aces[j] = the_acl->aces[j+1];
                        }
                        the_acl->num_aces--;
                } else {
@@ -665,11 +665,11 @@ static int cacl_set(struct cli_state *cli, char *filename,
                        BOOL found = False;
 
                        for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
-                               if (sec_ace_equal(&sd->dacl->ace[i],
-                                                 &old->dacl->ace[j])) {
+                               if (sec_ace_equal(&sd->dacl->aces[i],
+                                                 &old->dacl->aces[j])) {
                                        uint32 k;
                                        for (k=j; k<old->dacl->num_aces-1;k++) {
-                                               old->dacl->ace[k] = old->dacl->ace[k+1];
+                                               old->dacl->aces[k] = old->dacl->aces[k+1];
                                        }
                                        old->dacl->num_aces--;
                                        found = True;
@@ -679,7 +679,7 @@ static int cacl_set(struct cli_state *cli, char *filename,
 
                        if (!found) {
                                printf("ACL for ACE:"); 
-                               print_ace(stdout, &sd->dacl->ace[i]);
+                               print_ace(stdout, &sd->dacl->aces[i]);
                                printf(" not found\n");
                        }
                }
@@ -690,9 +690,9 @@ static int cacl_set(struct cli_state *cli, char *filename,
                        BOOL found = False;
 
                        for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
-                               if (sid_equal(&sd->dacl->ace[i].trustee,
-                                             &old->dacl->ace[j].trustee)) {
-                                       old->dacl->ace[j] = sd->dacl->ace[i];
+                               if (sid_equal(&sd->dacl->aces[i].trustee,
+                                             &old->dacl->aces[j].trustee)) {
+                                       old->dacl->aces[j] = sd->dacl->aces[i];
                                        found = True;
                                }
                        }
@@ -700,7 +700,7 @@ static int cacl_set(struct cli_state *cli, char *filename,
                        if (!found) {
                                fstring str;
 
-                               SidToString(str, &sd->dacl->ace[i].trustee);
+                               SidToString(str, &sd->dacl->aces[i].trustee);
                                printf("ACL for SID %s not found\n", str);
                        }
                }
@@ -709,15 +709,15 @@ static int cacl_set(struct cli_state *cli, char *filename,
                        old->owner_sid = sd->owner_sid;
                }
 
-               if (sd->grp_sid) { 
-                       old->grp_sid = sd->grp_sid;
+               if (sd->group_sid) { 
+                       old->group_sid = sd->group_sid;
                }
 
                break;
 
        case SMB_ACL_ADD:
                for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
-                       add_ace(&old->dacl, &sd->dacl->ace[i]);
+                       add_ace(&old->dacl, &sd->dacl->aces[i]);
                }
                break;
 
Unnamed repository; edit this file 'description' to name the repository.