Changeset 745 for trunk/server/source3/modules/vfs_afsacl.c

Timestamp:

Nov 27, 2012, 4:43:17 PM (13 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: updated trunk to 3.6.0

Location:

trunk/server

Files:

• . (modified) (1 prop)
• source3/modules/vfs_afsacl.c (modified) (18 diffs)

trunk/server/source3/modules/vfs_afsacl.c

@@ -19 +19 @@
 
 #include "includes.h"
+#include "system/filesys.h"
+#include "smbd/smbd.h"
+#include "../librpc/gen_ndr/lsa.h"
+#include "../libcli/security/security.h"
+#include "../libcli/security/dom_sid.h"
+#include "passdb.h"
 
 #undef DBGC_CLASS
@@ -31 +37 @@
 #define MAXSIZE 2048
 
-extern const DOM_SID global_sid_World;
-extern const DOM_SID global_sid_Builtin_Administrators;
-extern const DOM_SID global_sid_Builtin_Backup_Operators;
-extern const DOM_SID global_sid_Authenticated_Users;
-extern const DOM_SID global_sid_NULL;
+extern const struct dom_sid global_sid_World;
+extern const struct dom_sid global_sid_Builtin_Administrators;
+extern const struct dom_sid global_sid_Builtin_Backup_Operators;
+extern const struct dom_sid global_sid_Authenticated_Users;
+extern const struct dom_sid global_sid_NULL;
 
 static char space_replacement = '%';
@@ -47 +53 @@
         bool positive;
         char *name;
-        DOM_SID sid;
+        struct dom_sid sid;
         enum lsa_SidType type;
         uint32 rights;
@@ -109 +115 @@
                                    const char *name, uint32 rights)
 {
-        DOM_SID sid;
+        struct dom_sid sid;
         enum lsa_SidType type;
         struct afs_ace *result;
@@ -418 +424 @@
 {
         return ( (x->positive == y->positive) &&
-                 (sid_compare(&x->sid, &y->sid) == 0) );
+                 (dom_sid_compare(&x->sid, &y->sid) == 0) );
 }
 
@@ -515 +521 @@
         /* FULL inherit only -- counterpart to previous one */
         { 0, SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_INHERIT_ONLY,
-          PERMS_FULL | GENERIC_RIGHT_WRITE_ACCESS, 127 /* rlidwka */ },
+          PERMS_FULL | SEC_GENERIC_WRITE, 127 /* rlidwka */ },
 
         /* CHANGE without inheritance -- in all cases here we also get
@@ -523 +529 @@
         /* CHANGE inherit only -- counterpart to previous one */
         { 0, SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_INHERIT_ONLY,
-          PERMS_CHANGE | GENERIC_RIGHT_WRITE_ACCESS, 63 /* rlidwk */ },
+          PERMS_CHANGE | SEC_GENERIC_WRITE, 63 /* rlidwk */ },
 
         /* End marker, hopefully there's no afs right 9999 :-) */
@@ -529 +535 @@
 };
 
-static uint32 nt_to_afs_dir_rights(const char *filename, const SEC_ACE *ace)
+static uint32 nt_to_afs_dir_rights(const char *filename, const struct security_ace *ace)
 {
         uint32 result = 0;
@@ -570 +576 @@
 }
 
-static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace)
+static uint32 nt_to_afs_file_rights(const char *filename, const struct security_ace *ace)
 {
         uint32 result = 0;
@@ -591 +597 @@
                                    struct security_descriptor **ppdesc)
 {
-        SEC_ACE *nt_ace_list;
-        DOM_SID owner_sid, group_sid;
-        SEC_ACL *psa = NULL;
+        struct security_ace *nt_ace_list;
+        struct dom_sid owner_sid, group_sid;
+        struct security_acl *psa = NULL;
         int good_aces;
         size_t sd_size;
@@ -604 +610 @@
 
         if (afs_acl->num_aces) {
-                nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
+                nt_ace_list = TALLOC_ARRAY(mem_ctx, struct security_ace, afs_acl->num_aces);
 
                 if (nt_ace_list == NULL)
@@ -643 +649 @@
                 return 0;
 
-        *ppdesc = make_sec_desc(mem_ctx, SEC_DESC_REVISION,
+        *ppdesc = make_sec_desc(mem_ctx, SD_REVISION,
                                 SEC_DESC_SELF_RELATIVE,
-                                (security_info & OWNER_SECURITY_INFORMATION)
+                                (security_info & SECINFO_OWNER)
                                 ? &owner_sid : NULL,
-                                (security_info & GROUP_SECURITY_INFORMATION)
+                                (security_info & SECINFO_GROUP)
                                 ? &group_sid : NULL,
                                 NULL, psa, &sd_size);
@@ -683 +689 @@
         SMB_STRUCT_STAT sbuf;
 
-        if (fsp->is_directory || fsp->fh->fd == -1) {
+        if (fsp->fh->fd == -1) {
                 /* Get the stat struct for the owner info. */
                 return afs_to_nt_acl(afs_acl, fsp->conn, fsp->fsp_name,
@@ -696 +702 @@
 }
 
-static bool mappable_sid(const DOM_SID *sid)
-{
-        DOM_SID domain_sid;
+static bool mappable_sid(const struct dom_sid *sid)
+{
+        struct dom_sid domain_sid;
         
-        if (sid_compare(sid, &global_sid_Builtin_Administrators) == 0)
+        if (dom_sid_compare(sid, &global_sid_Builtin_Administrators) == 0)
                 return True;
 
-        if (sid_compare(sid, &global_sid_World) == 0)
+        if (dom_sid_compare(sid, &global_sid_World) == 0)
                 return True;
 
-        if (sid_compare(sid, &global_sid_Authenticated_Users) == 0)
+        if (dom_sid_compare(sid, &global_sid_Authenticated_Users) == 0)
                 return True;
 
-        if (sid_compare(sid, &global_sid_Builtin_Backup_Operators) == 0)
+        if (dom_sid_compare(sid, &global_sid_Builtin_Backup_Operators) == 0)
                 return True;
 
@@ -724 +730 @@
                           const struct security_descriptor *psd,
                           uint32 (*nt_to_afs_rights)(const char *filename,
-                                                     const SEC_ACE *ace),
+                                                     const struct security_ace *ace),
                           struct afs_acl *afs_acl)
 {
-        const SEC_ACL *dacl;
+        const struct security_acl *dacl;
         int i;
 
         /* Currently we *only* look at the dacl */
 
-        if (((security_info_sent & DACL_SECURITY_INFORMATION) == 0) ||
+        if (((security_info_sent & SECINFO_DACL) == 0) ||
             (psd->dacl == NULL))
                 return True;
@@ -742 +748 @@
 
         for (i = 0; i < dacl->num_aces; i++) {
-                const SEC_ACE *ace = &(dacl->aces[i]);
+                const struct security_ace *ace = &(dacl->aces[i]);
                 const char *dom_name, *name;
                 enum lsa_SidType name_type;
@@ -758 +764 @@
                 }
 
-                if (sid_compare(&ace->trustee,
+                if (dom_sid_compare(&ace->trustee,
                                 &global_sid_Builtin_Administrators) == 0) {
 
                         name = "system:administrators";
 
-                } else if (sid_compare(&ace->trustee,
+                } else if (dom_sid_compare(&ace->trustee,
                                        &global_sid_World) == 0) {
 
                         name = "system:anyuser";
 
-                } else if (sid_compare(&ace->trustee,
+                } else if (dom_sid_compare(&ace->trustee,
                                        &global_sid_Authenticated_Users) == 0) {
 
                         name = "system:authuser";
 
-                } else if (sid_compare(&ace->trustee,
+                } else if (dom_sid_compare(&ace->trustee,
                                        &global_sid_Builtin_Backup_Operators)
                            == 0) {
@@ -1057 +1063 @@
                          files_struct *fsp,
                          uint32 security_info_sent,
-                         const SEC_DESC *psd)
+                         const struct security_descriptor *psd)
 {
         return afs_set_nt_acl(handle, fsp, security_info_sent, psd);