summaryrefslogtreecommitdiffstats
path: root/source3/lib/util_seaccess.c
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2001-08-27 17:52:23 +0000
committerAndrew Tridgell <tridge@samba.org>2001-08-27 17:52:23 +0000
commitee5f7237decfe446f4fdb08422beb2e6cb43af7f (patch)
tree80b217a2938d7e0d46a5d20517c9adb0807ecd1a /source3/lib/util_seaccess.c
parente8e98c9ea0690e3acf1126b50882e59e1056c7b3 (diff)
downloadsamba-ee5f7237decfe446f4fdb08422beb2e6cb43af7f.tar.gz
samba-ee5f7237decfe446f4fdb08422beb2e6cb43af7f.tar.xz
samba-ee5f7237decfe446f4fdb08422beb2e6cb43af7f.zip
started converting NTSTATUS to be a structure on systems with gcc in order to make it type incompatible with BOOL so we catch errors sooner. This has already found a number of bugs
(This used to be commit 1b778bc7d22efff3f90dc450eb12baa1241cf68f)
Diffstat (limited to 'source3/lib/util_seaccess.c')
-rw-r--r--source3/lib/util_seaccess.c17
1 files changed, 11 insertions, 6 deletions
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 8b75a5f487..1716226272 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -47,7 +47,8 @@ static BOOL token_sid_in_ace( NT_USER_TOKEN *token, SEC_ACE *ace)
bits not yet granted. Zero means permission allowed (no more needed bits).
**********************************************************************************/
-static uint32 check_ace(SEC_ACE *ace, NT_USER_TOKEN *token, uint32 acc_desired, uint32 *status)
+static uint32 check_ace(SEC_ACE *ace, NT_USER_TOKEN *token, uint32 acc_desired,
+ NTSTATUS *status)
{
uint32 mask = ace->info.mask;
@@ -106,7 +107,9 @@ static uint32 check_ace(SEC_ACE *ace, NT_USER_TOKEN *token, uint32 acc_desired,
include other bits requested.
**********************************************************************************/
-static BOOL get_max_access( SEC_ACL *the_acl, NT_USER_TOKEN *token, uint32 *granted, uint32 desired, uint32 *status)
+static BOOL get_max_access( SEC_ACL *the_acl, NT_USER_TOKEN *token, uint32 *granted,
+ uint32 desired,
+ NTSTATUS *status)
{
uint32 acc_denied = 0;
uint32 acc_granted = 0;
@@ -202,7 +205,8 @@ void se_map_generic(uint32 *access_mask, struct generic_mapping *mapping)
*****************************************************************************/
BOOL se_access_check(SEC_DESC *sd, struct current_user *user,
- uint32 acc_desired, uint32 *acc_granted, uint32 *status)
+ uint32 acc_desired, uint32 *acc_granted,
+ NTSTATUS *status)
{
extern NT_USER_TOKEN anonymous_token;
size_t i;
@@ -263,7 +267,8 @@ BOOL se_access_check(SEC_DESC *sd, struct current_user *user,
if (tmp_acc_desired & MAXIMUM_ALLOWED_ACCESS) {
tmp_acc_desired &= ~MAXIMUM_ALLOWED_ACCESS;
- return get_max_access( the_acl, token, acc_granted, tmp_acc_desired, status);
+ return get_max_access( the_acl, token, acc_granted, tmp_acc_desired,
+ status);
}
for ( i = 0 ; i < the_acl->num_aces && tmp_acc_desired != 0; i++) {
@@ -276,9 +281,9 @@ BOOL se_access_check(SEC_DESC *sd, struct current_user *user,
(unsigned int)tmp_acc_desired ));
tmp_acc_desired = check_ace( ace, token, tmp_acc_desired, status);
- if (*status != NT_STATUS_NOPROBLEMO) {
+ if (NT_STATUS_V(*status)) {
*acc_granted = 0;
- DEBUG(5,("se_access_check: ACE %u denied with status %x.\n", (unsigned int)i, (unsigned int)*status ));
+ DEBUG(5,("se_access_check: ACE %u denied with status %s.\n", (unsigned int)i, get_nt_error_msg(*status)));
return False;
}
}