diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-12-11 05:41:19 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:06:31 -0500 |
commit | 6ca874f71ad77c82d6e161a3e4772100de2ad6c5 (patch) | |
tree | 6379d5d502d779df1da563911d40249030268ac6 /source4/libcli | |
parent | 280bb1cf0fc84c61e20f6f557cecbeba726e2749 (diff) | |
download | samba-6ca874f71ad77c82d6e161a3e4772100de2ad6c5.tar.gz samba-6ca874f71ad77c82d6e161a3e4772100de2ad6c5.tar.xz samba-6ca874f71ad77c82d6e161a3e4772100de2ad6c5.zip |
r4147: converted from NT_USER_TOKEN to struct security_token
this is mostly just a tidyup, but also adds the privilege_mask, which
I will be using shortly in ACL checking.
note that I had to move the definition of struct security_token out of
security.idl as pidl doesn't yet handle arrays of pointers, and the
usual workaround (to use a intermediate structure) would make things
too cumbersome for this structure, especially given we never encode it
to NDR.
(This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
Diffstat (limited to 'source4/libcli')
-rw-r--r-- | source4/libcli/auth/gensec_krb5.c | 29 | ||||
-rw-r--r-- | source4/libcli/security/access_check.c | 16 | ||||
-rw-r--r-- | source4/libcli/security/config.mk | 1 | ||||
-rw-r--r-- | source4/libcli/security/privilege.c | 84 | ||||
-rw-r--r-- | source4/libcli/security/security_token.c | 15 |
5 files changed, 111 insertions, 34 deletions
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c index c47d4f26b6..602e42a5ff 100644 --- a/source4/libcli/auth/gensec_krb5.c +++ b/source4/libcli/auth/gensec_krb5.c @@ -609,7 +609,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security struct auth_serversupplied_info *server_info = NULL; struct auth_session_info *session_info = NULL; struct PAC_LOGON_INFO *logon_info; - struct nt_user_token *ptoken; + struct security_token *ptoken; struct dom_sid *sid; char *p; char *principal; @@ -684,15 +684,15 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security talloc_free(server_info); - ptoken = talloc_p(session_info, struct nt_user_token); - if (!ptoken) { + ptoken = security_token_initialise(session_info); + if (ptoken == NULL) { return NT_STATUS_NO_MEMORY; } - ptoken->num_sids = 0; - - ptoken->user_sids = talloc_array_p(ptoken, struct dom_sid*, logon_info->groups_count + 2); - if (!ptoken->user_sids) { + ptoken->num_sids = 0; + ptoken->sids = talloc_array_p(ptoken, struct dom_sid *, + logon_info->groups_count + 2); + if (!ptoken->sids) { return NT_STATUS_NO_MEMORY; } @@ -702,21 +702,24 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security sid = dom_sid_dup(server_info, logon_info->dom_sid); server_info->primary_group_sid = dom_sid_add_rid(server_info, sid, logon_info->group_rid); - ptoken->user_sids[0] = talloc_reference(session_info, server_info->user_sid); + ptoken->user_sid = server_info->user_sid; + ptoken->group_sid = server_info->primary_group_sid; + ptoken->sids[0] = talloc_reference(ptoken, ptoken->user_sid); ptoken->num_sids++; - ptoken->user_sids[1] = talloc_reference(session_info, server_info->primary_group_sid); + ptoken->sids[1] = talloc_reference(ptoken, ptoken->group_sid); ptoken->num_sids++; - for (;ptoken->num_sids < (logon_info->groups_count + 2); ptoken->num_sids++) { + for (;ptoken->num_sids < (logon_info->groups_count + 2); + ptoken->num_sids++) { sid = dom_sid_dup(session_info, logon_info->dom_sid); - ptoken->user_sids[ptoken->num_sids] + ptoken->sids[ptoken->num_sids] = dom_sid_add_rid(session_info, sid, logon_info->groups[ptoken->num_sids - 2].rid); } - debug_nt_user_token(DBGC_AUTH, 0, ptoken); + debug_security_token(DBGC_AUTH, 0, ptoken); - session_info->nt_user_token = ptoken; + session_info->security_token = ptoken; } else { TALLOC_CTX *mem_ctx = talloc_named(gensec_krb5_state, 0, "PAC-less session info discovery for %s@%s", username, realm); if (!mem_ctx) { diff --git a/source4/libcli/security/access_check.c b/source4/libcli/security/access_check.c index 425a5c2b6d..c646ee693b 100644 --- a/source4/libcli/security/access_check.c +++ b/source4/libcli/security/access_check.c @@ -27,11 +27,12 @@ /* check if a sid is in the supplied token */ -static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token) +static BOOL sid_active_in_token(const struct dom_sid *sid, + const struct security_token *token) { int i; for (i=0;i<token->num_sids;i++) { - if (dom_sid_equal(sid, token->user_sids[i])) { + if (dom_sid_equal(sid, token->sids[i])) { return True; } } @@ -42,16 +43,15 @@ static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token /* perform a SEC_FLAG_MAXIMUM_ALLOWED access check */ -static uint32_t access_check_max_allowed(struct security_descriptor *sd, - struct nt_user_token *token) +static uint32_t access_check_max_allowed(const struct security_descriptor *sd, + const struct security_token *token) { uint32_t denied = 0, granted = 0; unsigned i; if (sid_active_in_token(sd->owner_sid, token)) { - granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL; + granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE; } - granted |= SEC_STD_DELETE; for (i = 0;i<sd->dacl->num_aces; i++) { struct security_ace *ace = &sd->dacl->aces[i]; @@ -77,8 +77,8 @@ static uint32_t access_check_max_allowed(struct security_descriptor *sd, /* the main entry point for access checking. */ -NTSTATUS sec_access_check(struct security_descriptor *sd, - struct nt_user_token *token, +NTSTATUS sec_access_check(const struct security_descriptor *sd, + const struct security_token *token, uint32_t access_desired, uint32_t *access_granted) { diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk index 900dbe780a..d6896535d6 100644 --- a/source4/libcli/security/config.mk +++ b/source4/libcli/security/config.mk @@ -13,6 +13,7 @@ ADD_OBJ_FILES = libcli/security/security_token.o \ libcli/security/security_descriptor.o \ libcli/security/dom_sid.o \ libcli/security/access_check.o \ + libcli/security/privilege.o \ librpc/ndr/ndr_sec.o REQUIRED_SUBSYSTEMS = LIB_SECURITY_NDR # End SUBSYSTEM LIB_SECURITY diff --git a/source4/libcli/security/privilege.c b/source4/libcli/security/privilege.c new file mode 100644 index 0000000000..1962aaa374 --- /dev/null +++ b/source4/libcli/security/privilege.c @@ -0,0 +1,84 @@ +/* + Unix SMB/CIFS implementation. + + manipulate privileges + + Copyright (C) Andrew Tridgell 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" + + +static const struct { + enum sec_privilege privilege; + const char *name; +} privilege_names[] = { + {SEC_PRIV_SECURITY, "SeSecurityPrivilege"}, + {SEC_PRIV_BACKUP, "SeBackupPrivilege"}, + {SEC_PRIV_RESTORE, "SeRestorePrivilege"}, + {SEC_PRIV_SYSTEMTIME, "SeSystemtimePrivilege"}, + {SEC_PRIV_SHUTDOWN, "SeShutdownPrivilege"}, + {SEC_PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege"}, + {SEC_PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege"}, + {SEC_PRIV_DEBUG, "SeDebugPrivilege"}, + {SEC_PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege"}, + {SEC_PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege"}, + {SEC_PRIV_PROFILE_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege"}, + {SEC_PRIV_INCREASE_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege"}, + {SEC_PRIV_LOAD_DRIVER, "SeLoadDriverPrivilege"}, + {SEC_PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege"}, + {SEC_PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege"}, + {SEC_PRIV_CHANGE_NOTIFY, "SeChangeNotifyPrivilege"}, + {SEC_PRIV_UNDOCK, "SeUndockPrivilege"}, + {SEC_PRIV_MANAGE_VOLUME, "SeManageVolumePrivilege"}, + {SEC_PRIV_IMPERSONATE, "SeImpersonatePrivilege"}, + {SEC_PRIV_CREATE_GLOBAL, "SeCreateGlobalPrivilege"}, + {SEC_PRIV_ENABLE_DELEGATION, "SeEnableDelegationPrivilege"}, + {SEC_PRIV_INTERACTIVE_LOGON, "SeInteractiveLogonRight"}, + {SEC_PRIV_NETWORK_LOGON, "SeNetworkLogonRight"}, + {SEC_PRIV_REMOTE_INTERACTIVE_LOGON, "SeRemoteInteractiveLogonRight"} +}; + + +/* + map a privilege id to the wire string constant +*/ +const char *sec_privilege_name(unsigned int privilege) +{ + int i; + for (i=0;i<ARRAY_SIZE(privilege_names);i++) { + if (privilege_names[i].privilege == privilege) { + return privilege_names[i].name; + } + } + return NULL; +} + +/* + map a privilege name to a privilege id. Return -1 if not found +*/ +int sec_privilege_id(const char *name) +{ + int i; + for (i=0;i<ARRAY_SIZE(privilege_names);i++) { + if (strcasecmp(privilege_names[i].name, name) == 0) { + return (int)privilege_names[i].privilege; + } + } + return -1; +} diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c index 9e26f5a385..a8ce989de7 100644 --- a/source4/libcli/security/security_token.c +++ b/source4/libcli/security/security_token.c @@ -24,7 +24,7 @@ #include "librpc/gen_ndr/ndr_security.h" /* - return a blank security descriptor (no owners, dacl or sacl) + return a blank security token */ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx) { @@ -35,22 +35,11 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx) return NULL; } - st->flags = 0; - st->user_sid = NULL; st->group_sid = NULL; - st->logon_sid = NULL; - st->num_sids = 0; st->sids = NULL; - - st->num_restricted_sids = 0; - st->restricted_sids = NULL; - - st->num_privileges = 0; - st->privileges = NULL; - - st->dacl = NULL; + st->privilege_mask = 0; return st; } |