s3-auth struct security_unix_token replaces UNIX_USER_TOKEN

11 files changed, 29 insertions, 36 deletions

diff --git a/source3/include/auth.h b/source3/include/auth.h
index 93e42b8f275..3b3f6dc6d1b 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -30,7 +30,7 @@ struct auth_serversupplied_info {
 	bool guest;
 	bool system;
 
-	struct unix_user_token utok;
+	struct security_unix_token utok;
 
 	/* NT group information taken from the info3 structure */
 
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 0a78acda378..96317b9e7f7 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3040,12 +3040,12 @@ void del_deferred_open_entry(struct share_mode_lock *lck, uint64_t mid,
 bool remove_share_oplock(struct share_mode_lock *lck, files_struct *fsp);
 bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp);
 NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode);
-const UNIX_USER_TOKEN *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash);
+const struct security_unix_token *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash);
 void set_delete_on_close_lck(files_struct *fsp,
 			struct share_mode_lock *lck,
 			bool delete_on_close,
-			const UNIX_USER_TOKEN *tok);
-bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const UNIX_USER_TOKEN *tok);
+			const struct security_unix_token *tok);
+bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const struct security_unix_token *tok);
 bool is_delete_on_close_set(struct share_mode_lock *lck, uint32_t name_hash);
 bool set_sticky_write_time(struct file_id fileid, struct timespec write_time);
 bool set_write_time(struct file_id fileid, struct timespec write_time);
@@ -5112,7 +5112,7 @@ void server_encryption_shutdown(void);
 
 /* The following definitions come from smbd/sec_ctx.c  */
 
-bool unix_token_equal(const UNIX_USER_TOKEN *t1, const UNIX_USER_TOKEN *t2);
+bool unix_token_equal(const struct security_unix_token *t1, const struct security_unix_token *t2);
 bool push_sec_ctx(void);
 void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct security_token *token);
 void set_root_sec_ctx(void);
@@ -5282,7 +5282,7 @@ bool become_user(connection_struct *conn, uint16 vuid);
 bool unbecome_user(void);
 uid_t get_current_uid(connection_struct *conn);
 gid_t get_current_gid(connection_struct *conn);
-const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn);
+const struct security_unix_token *get_current_utok(connection_struct *conn);
 const struct security_token *get_current_nttok(connection_struct *conn);
 uint16_t get_current_vuid(connection_struct *conn);
 
@@ -5421,7 +5421,7 @@ NTSTATUS access_check_object( struct security_descriptor *psd, struct security_t
 			      uint32 des_access, uint32 *acc_granted,
 			      const char *debug );
 void map_max_allowed_access(const struct security_token *nt_token,
-			    const struct unix_user_token *unix_token,
+			    const struct security_unix_token *unix_token,
 			    uint32_t *pacc_requested);
 
 /* The following definitions come from ../libds/common/flag_mapping.c  */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 7c9f60d2fe4..882b23471b0 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -203,13 +203,6 @@ struct lsa_name_info {
 #define PRIMARY_USER_SID_INDEX 0
 #define PRIMARY_GROUP_SID_INDEX 1
 
-typedef struct unix_user_token {
-	uid_t uid;
-	gid_t gid;
-	uint32_t ngroups;
-	gid_t *groups;
-} UNIX_USER_TOKEN;
-
 typedef struct write_cache {
 	SMB_OFF_T file_size;
 	SMB_OFF_T offset;
@@ -521,7 +514,7 @@ typedef struct connection_struct {
 struct current_user {
 	connection_struct *conn;
 	uint16 vuid;
-	UNIX_USER_TOKEN ut;
+	struct security_unix_token ut;
 	struct security_token *nt_user_token;
 };
 
@@ -689,7 +682,7 @@ Offset  Data			length.
 struct delete_token_list {
 	struct delete_token_list *next, *prev;
 	uint32_t name_hash;
-	UNIX_USER_TOKEN *delete_token;
+	struct security_unix_token *delete_token;
 };
 
 struct share_mode_lock {
diff --git a/source3/locking/locking.c b/source3/locking/locking.c
index 1942f440195..00f384a13bd 100644
--- a/source3/locking/locking.c
+++ b/source3/locking/locking.c
@@ -584,7 +584,7 @@ static int parse_delete_tokens_list(struct share_mode_lock *lck,
 		memcpy(&pdtl->name_hash, p, sizeof(pdtl->name_hash));
 		p += sizeof(pdtl->name_hash);
 
-		pdtl->delete_token = TALLOC_ZERO_P(pdtl, UNIX_USER_TOKEN);
+		pdtl->delete_token = TALLOC_ZERO_P(pdtl, struct security_unix_token);
 		if (pdtl->delete_token == NULL) {
 			DEBUG(0,("parse_delete_tokens_list: talloc failed"));
 			return -1;
@@ -808,7 +808,7 @@ static TDB_DATA unparse_share_modes(const struct share_mode_lock *lck)
 
 	/* Store any delete on close tokens. */
 	for (pdtl = lck->delete_tokens; pdtl; pdtl = pdtl->next) {
-		UNIX_USER_TOKEN *pdt = pdtl->delete_token;
+		struct security_unix_token *pdt = pdtl->delete_token;
 		uint32_t token_size = sizeof(uint32_t) +
 					sizeof(uint32_t) +
 					sizeof(uid_t) +
@@ -1461,15 +1461,15 @@ NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode)
 }
 
 /*************************************************************************
- Return a talloced copy of a UNIX_USER_TOKEN. NULL on fail.
+ Return a talloced copy of a struct security_unix_token. NULL on fail.
  (Should this be in locking.c.... ?).
 *************************************************************************/
 
-static UNIX_USER_TOKEN *copy_unix_token(TALLOC_CTX *ctx, const UNIX_USER_TOKEN *tok)
+static struct security_unix_token *copy_unix_token(TALLOC_CTX *ctx, const struct security_unix_token *tok)
 {
-	UNIX_USER_TOKEN *cpy;
+	struct security_unix_token *cpy;
 
-	cpy = TALLOC_P(ctx, UNIX_USER_TOKEN);
+	cpy = TALLOC_P(ctx, struct security_unix_token);
 	if (!cpy) {
 		return NULL;
 	}
@@ -1494,7 +1494,7 @@ static UNIX_USER_TOKEN *copy_unix_token(TALLOC_CTX *ctx, const UNIX_USER_TOKEN *
 
 static bool add_delete_on_close_token(struct share_mode_lock *lck,
 			uint32_t name_hash,
-			const UNIX_USER_TOKEN *tok)
+			const struct security_unix_token *tok)
 {
 	struct delete_token_list *dtl;
 
@@ -1521,14 +1521,14 @@ static bool add_delete_on_close_token(struct share_mode_lock *lck,
  changed the delete on close flag. This will be noticed
  in the close code, the last closer will delete the file
  if flag is set.
- This makes a copy of any UNIX_USER_TOKEN into the
+ This makes a copy of any struct security_unix_token into the
  lck entry. This function is used when the lock is already granted.
 ****************************************************************************/
 
 void set_delete_on_close_lck(files_struct *fsp,
 			struct share_mode_lock *lck,
 			bool delete_on_close,
-			const UNIX_USER_TOKEN *tok)
+			const struct security_unix_token *tok)
 {
 	struct delete_token_list *dtl;
 	bool ret;
@@ -1565,7 +1565,7 @@ void set_delete_on_close_lck(files_struct *fsp,
 	SMB_ASSERT(ret);
 }
 
-bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const UNIX_USER_TOKEN *tok)
+bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const struct security_unix_token *tok)
 {
 	struct share_mode_lock *lck;
 	
@@ -1596,7 +1596,7 @@ bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const UNIX_USE
 	return True;
 }
 
-const UNIX_USER_TOKEN *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash)
+const struct security_unix_token *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash)
 {
 	struct delete_token_list *dtl;
 
diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index d53d859f552..57965cda741 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -250,7 +250,7 @@ done:
 ********************************************************************/
 
 void map_max_allowed_access(const struct security_token *nt_token,
-			    const struct unix_user_token *unix_token,
+			    const struct security_unix_token *unix_token,
 			    uint32_t *pacc_requested)
 {
 	if (!((*pacc_requested) & MAXIMUM_ALLOWED_ACCESS)) {
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index 4234f32b7fd..547705bc571 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -275,7 +275,7 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
 	NTSTATUS status = NT_STATUS_OK;
 	NTSTATUS tmp_status;
 	struct file_id id;
-	const UNIX_USER_TOKEN *del_token = NULL;
+	const struct security_unix_token *del_token = NULL;
 
 	/* Ensure any pending write time updates are done. */
 	if (fsp->update_write_time_event) {
@@ -958,7 +958,7 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
 	bool delete_dir = False;
 	NTSTATUS status = NT_STATUS_OK;
 	NTSTATUS status1 = NT_STATUS_OK;
-	const UNIX_USER_TOKEN *del_token = NULL;
+	const struct security_unix_token *del_token = NULL;
 
 	/*
 	 * NT can set delete_on_close of the last open
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index b10268e6d7b..de012483a0c 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -78,7 +78,7 @@ extern struct smb_srv_trans_enc_ctx *partial_srv_trans_enc_ctx;
 extern struct smb_srv_trans_enc_ctx *srv_trans_enc_ctx;
 
 struct sec_ctx {
-	UNIX_USER_TOKEN ut;
+	struct security_unix_token ut;
 	struct security_token *token;
 };
 /* A stack of security contexts.  We include the current context as being
diff --git a/source3/smbd/msg_idmap.c b/source3/smbd/msg_idmap.c
index 0987e87064d..8e4d47586c9 100644
--- a/source3/smbd/msg_idmap.c
+++ b/source3/smbd/msg_idmap.c
@@ -85,7 +85,7 @@ static bool gid_in_use(const struct user_struct* user, gid_t gid)
 	while (user) {
 		if (user->session_info != NULL) {
 			int i;
-			struct unix_user_token utok = user->session_info->utok;
+			struct security_unix_token utok = user->session_info->utok;
 			if (utok.gid == gid) {
 				return true;
 			}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 8707ff799c6..5faf26f8b09 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1306,7 +1306,7 @@ static bool uid_entry_in_group(connection_struct *conn, canon_ace *uid_ace, cano
 	 * and don't need to do the complex user_in_group_sid() call
 	 */
 	if (uid_ace->unix_ug.uid == get_current_uid(conn)) {
-		const UNIX_USER_TOKEN *curr_utok = NULL;
+		const struct security_unix_token *curr_utok = NULL;
 		size_t i;
 
 		if (group_ace->unix_ug.gid == get_current_gid(conn)) {
@@ -2652,7 +2652,7 @@ static canon_ace *canonicalise_acl(struct connection_struct *conn,
 static bool current_user_in_group(connection_struct *conn, gid_t gid)
 {
 	int i;
-	const UNIX_USER_TOKEN *utok = get_current_utok(conn);
+	const struct security_unix_token *utok = get_current_utok(conn);
 
 	for (i = 0; i < utok->ngroups; i++) {
 		if (utok->groups[i] == gid) {
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index a7479ed67c3..9e409dee41a 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -27,7 +27,7 @@ extern struct current_user current_user;
  Are two UNIX tokens equal ?
 ****************************************************************************/
 
-bool unix_token_equal(const UNIX_USER_TOKEN *t1, const UNIX_USER_TOKEN *t2)
+bool unix_token_equal(const struct security_unix_token *t1, const struct security_unix_token *t2)
 {
 	if (t1->uid != t2->uid || t1->gid != t2->gid ||
 			t1->ngroups != t2->ngroups) {
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 0890ae698cf..9a6b06dd0fb 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -536,7 +536,7 @@ gid_t get_current_gid(connection_struct *conn)
  doesn't alter this value.
 ****************************************************************************/
 
-const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn)
+const struct security_unix_token *get_current_utok(connection_struct *conn)
 {
 	return &current_user.ut;
 }