Merge branch 'master' of git://git.samba.org/samba into convenience

8 files changed, 38 insertions, 437 deletions

diff --git a/source3/Makefile.in b/source3/Makefile.in
index 8723b4f63f3..abf6cfb5f7c 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -370,7 +370,8 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) $(UTIL_OBJ) $(CRYPTO_OBJ) \
 	  lib/conn_tdb.o lib/adt_tree.o lib/gencache.o \
 	  lib/module.o lib/events.o @LIBTEVENT_OBJ0@ \
 	  lib/ldap_escape.o @CHARSET_STATIC@ \
-	  lib/secdesc.o lib/util_seaccess.o lib/secace.o lib/secacl.o \
+	  lib/secdesc.o lib/util_seaccess.o ../libcli/security/secace.o \
+	  ../libcli/security/secacl.o \
 	  libads/krb5_errs.o lib/system_smbd.o lib/audit.o $(LIBNDR_OBJ) \
 	  lib/file_id.o lib/idmap_cache.o \
 	  ../libcli/security/dom_sid.o
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 7f8c4082658..63c77ec1822 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -594,7 +594,7 @@ struct smb_iconv_convenience *lp_iconv_convenience(void *lp_ctx);
 #include "trans2.h"
 #include "../libcli/util/error.h"
 #include "ntioctl.h"
-#include "../lib/util/charset/charset.h"
+#include "charset.h"
 #include "dynconfig.h"
 #include "util_getent.h"
 #include "debugparse.h"
@@ -703,6 +703,8 @@ enum flush_reason_enum {
 #ifndef NO_PROTO_H
 #include "proto.h"
 #endif
+#include "libcli/security/secace.h"
+#include "libcli/security/secacl.h"
 
 #if defined(HAVE_POSIX_ACLS)
 #include "modules/vfs_posixacl.h"
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 0e6446be84a..e1eab8dc162 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -651,28 +651,6 @@ ssize_t sys_recvfile(int fromfd,
 			size_t count);
 ssize_t drain_socket(int sockfd, size_t count);
 
-/* The following definitions come from lib/secace.c  */
-
-bool sec_ace_object(uint8 type);
-void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src);
-void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, enum security_ace_type type,
-		  uint32 mask, uint8 flag);
-NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsigned *num, DOM_SID *sid, uint32 mask);
-NTSTATUS sec_ace_mod_sid(SEC_ACE *ace, size_t num, DOM_SID *sid, uint32 mask);
-NTSTATUS sec_ace_del_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, uint32 *num, DOM_SID *sid);
-bool sec_ace_equal(SEC_ACE *s1, SEC_ACE *s2);
-int nt_ace_inherit_comp( SEC_ACE *a1, SEC_ACE *a2);
-int nt_ace_canon_comp( SEC_ACE *a1, SEC_ACE *a2);
-void dacl_sort_into_canonical_order(SEC_ACE *srclist, unsigned int num_aces);
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
-
-/* The following definitions come from lib/secacl.c  */
-
-SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, enum security_acl_revision revision,
-		      int num_aces, SEC_ACE *ace_list);
-SEC_ACL *dup_sec_acl(TALLOC_CTX *ctx, SEC_ACL *src);
-bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2);
-
 /* The following definitions come from lib/secdesc.c  */
 
 bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2);
@@ -1253,6 +1231,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
 			const struct nt_user_token *token_1,
 			const struct nt_user_token *token_2,
 			struct nt_user_token **token_out);
+bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
 
 /* The following definitions come from lib/util_pw.c  */
 
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 4bf0d9cb9d6..c74d621f35d 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -69,7 +69,6 @@
 
 /* SEC_ACE */
 typedef struct security_ace SEC_ACE;
-#define  SEC_ACE_HEADER_SIZE (2 * sizeof(uint8) + sizeof(uint16) + sizeof(uint32))
 
 #ifndef ACL_REVISION
 #define ACL_REVISION 0x3
@@ -78,7 +77,6 @@ typedef struct security_ace SEC_ACE;
 #ifndef _SEC_ACL
 /* SEC_ACL */
 typedef struct security_acl SEC_ACL;
-#define  SEC_ACL_HEADER_SIZE (2 * sizeof(uint16) + sizeof(uint32))
 #define _SEC_ACL
 #endif
 
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 59c3c32346d..5c2bd12df0c 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -165,6 +165,10 @@ typedef union unid_t {
 #define COPY_UCS2_CHAR(dest,src) (((unsigned char *)(dest))[0] = ((unsigned char *)(src))[0],\
 				((unsigned char *)(dest))[1] = ((unsigned char *)(src))[1], (dest))
 
+/* Large data type for manipulating uint32 unicode codepoints */
+typedef uint32 codepoint_t;
+#define INVALID_CODEPOINT ((codepoint_t)-1)
+
 /* pipe string names */
 #define PIPE_LANMAN   "\\PIPE\\LANMAN"
 
@@ -1825,6 +1829,18 @@ struct unix_error_map {
 
 #define SAFE_NETBIOS_CHARS ". -_"
 
+/* generic iconv conversion structure */
+typedef struct _smb_iconv_t {
+	size_t (*direct)(void *cd, const char **inbuf, size_t *inbytesleft,
+			 char **outbuf, size_t *outbytesleft);
+	size_t (*pull)(void *cd, const char **inbuf, size_t *inbytesleft,
+		       char **outbuf, size_t *outbytesleft);
+	size_t (*push)(void *cd, const char **inbuf, size_t *inbytesleft,
+		       char **outbuf, size_t *outbytesleft);
+	void *cd_direct, *cd_pull, *cd_push;
+	char *from_name, *to_name;
+} *smb_iconv_t;
+
 /* The maximum length of a trust account password.
    Used when we randomly create it, 15 char passwords
    exceed NT4's max password length */
diff --git a/source3/lib/secace.c b/source3/lib/secace.c
deleted file mode 100644
index 878fac252b0..00000000000
--- a/source3/lib/secace.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/* 
- *  Unix SMB/Netbios implementation.
- *  SEC_ACE handling functions
- *  Copyright (C) Andrew Tridgell              1992-1998,
- *  Copyright (C) Jeremy R. Allison            1995-2003.
- *  Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
- *  Copyright (C) Paul Ashton                  1997-1998.
- *  
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 3 of the License, or
- *  (at your option) any later version.
- *  
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *  
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "includes.h"
-
-/*******************************************************************
- Check if ACE has OBJECT type.
-********************************************************************/
-
-bool sec_ace_object(uint8 type)
-{
-	if (type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
-            type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT ||
-            type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT ||
-            type == SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT) {
-		return True;
-	}
-	return False;
-}
-
-/*******************************************************************
- copy a SEC_ACE structure.
-********************************************************************/
-void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
-{
-	ace_dest->type  = ace_src->type;
-	ace_dest->flags = ace_src->flags;
-	ace_dest->size  = ace_src->size;
-	ace_dest->access_mask = ace_src->access_mask;
-	ace_dest->object = ace_src->object;
-	sid_copy(&ace_dest->trustee, &ace_src->trustee);
-}
-
-/*******************************************************************
- Sets up a SEC_ACE structure.
-********************************************************************/
-
-void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, enum security_ace_type type,
-		  uint32_t mask, uint8 flag)
-{
-	t->type = type;
-	t->flags = flag;
-	t->size = ndr_size_dom_sid(sid, NULL, 0) + 8;
-	t->access_mask = mask;
-
-	ZERO_STRUCTP(&t->trustee);
-	sid_copy(&t->trustee, sid);
-}
-
-/*******************************************************************
- adds new SID with its permissions to ACE list
-********************************************************************/
-
-NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsigned *num, DOM_SID *sid, uint32 mask)
-{
-	unsigned int i = 0;
-	
-	if (!ctx || !pp_new || !old || !sid || !num)  return NT_STATUS_INVALID_PARAMETER;
-
-	*num += 1;
-	
-	if((pp_new[0] = TALLOC_ZERO_ARRAY(ctx, SEC_ACE, *num )) == 0)
-		return NT_STATUS_NO_MEMORY;
-
-	for (i = 0; i < *num - 1; i ++)
-		sec_ace_copy(&(*pp_new)[i], &old[i]);
-
-	(*pp_new)[i].type  = SEC_ACE_TYPE_ACCESS_ALLOWED;
-	(*pp_new)[i].flags = 0;
-	(*pp_new)[i].size  = SEC_ACE_HEADER_SIZE + ndr_size_dom_sid(sid, NULL, 0);
-	(*pp_new)[i].access_mask = mask;
-	sid_copy(&(*pp_new)[i].trustee, sid);
-	return NT_STATUS_OK;
-}
-
-/*******************************************************************
-  modify SID's permissions at ACL 
-********************************************************************/
-
-NTSTATUS sec_ace_mod_sid(SEC_ACE *ace, size_t num, DOM_SID *sid, uint32 mask)
-{
-	unsigned int i = 0;
-
-	if (!ace || !sid)  return NT_STATUS_INVALID_PARAMETER;
-
-	for (i = 0; i < num; i ++) {
-		if (sid_compare(&ace[i].trustee, sid) == 0) {
-			ace[i].access_mask = mask;
-			return NT_STATUS_OK;
-		}
-	}
-	return NT_STATUS_NOT_FOUND;
-}
-
-/*******************************************************************
- delete SID from ACL
-********************************************************************/
-
-NTSTATUS sec_ace_del_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, uint32 *num, DOM_SID *sid)
-{
-	unsigned int i     = 0;
-	unsigned int n_del = 0;
-
-	if (!ctx || !pp_new || !old || !sid || !num)  return NT_STATUS_INVALID_PARAMETER;
-
-	if (*num) {
-		if((pp_new[0] = TALLOC_ZERO_ARRAY(ctx, SEC_ACE, *num )) == 0)
-			return NT_STATUS_NO_MEMORY;
-	} else {
-		pp_new[0] = NULL;
-	}
-
-	for (i = 0; i < *num; i ++) {
-		if (sid_compare(&old[i].trustee, sid) != 0)
-			sec_ace_copy(&(*pp_new)[i], &old[i]);
-		else
-			n_del ++;
-	}
-	if (n_del == 0)
-		return NT_STATUS_NOT_FOUND;
-	else {
-		*num -= n_del;
-		return NT_STATUS_OK;
-	}
-}
-
-/*******************************************************************
- Compares two SEC_ACE structures
-********************************************************************/
-
-bool sec_ace_equal(SEC_ACE *s1, SEC_ACE *s2)
-{
-	/* Trivial case */
-
-	if (!s1 && !s2) {
-		return True;
-	}
-
-	if (!s1 || !s2) {
-		return False;
-	}
-
-	/* Check top level stuff */
-
-	if (s1->type != s2->type || s1->flags != s2->flags ||
-	    s1->access_mask != s2->access_mask) {
-		return False;
-	}
-
-	/* Check SID */
-
-	if (!sid_equal(&s1->trustee, &s2->trustee)) {
-		return False;
-	}
-
-	return True;
-}
-
-int nt_ace_inherit_comp( SEC_ACE *a1, SEC_ACE *a2)
-{
-	int a1_inh = a1->flags & SEC_ACE_FLAG_INHERITED_ACE;
-	int a2_inh = a2->flags & SEC_ACE_FLAG_INHERITED_ACE;
-
-	if (a1_inh == a2_inh)
-		return 0;
-
-	if (!a1_inh && a2_inh)
-		return -1;
-	return 1;
-}
-
-/*******************************************************************
-  Comparison function to apply the order explained below in a group.
-*******************************************************************/
-
-int nt_ace_canon_comp( SEC_ACE *a1, SEC_ACE *a2)
-{
-	if ((a1->type == SEC_ACE_TYPE_ACCESS_DENIED) &&
-				(a2->type != SEC_ACE_TYPE_ACCESS_DENIED))
-		return -1;
-
-	if ((a2->type == SEC_ACE_TYPE_ACCESS_DENIED) &&
-				(a1->type != SEC_ACE_TYPE_ACCESS_DENIED))
-		return 1;
-
-	/* Both access denied or access allowed. */
-
-	/* 1. ACEs that apply to the object itself */
-
-	if (!(a1->flags & SEC_ACE_FLAG_INHERIT_ONLY) &&
-			(a2->flags & SEC_ACE_FLAG_INHERIT_ONLY))
-		return -1;
-	else if (!(a2->flags & SEC_ACE_FLAG_INHERIT_ONLY) &&
-			(a1->flags & SEC_ACE_FLAG_INHERIT_ONLY))
-		return 1;
-
-	/* 2. ACEs that apply to a subobject of the object, such as
-	 * a property set or property. */
-
-	if (a1->flags & (SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_OBJECT_INHERIT) &&
-			!(a2->flags & (SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_OBJECT_INHERIT)))
-		return -1;
-	else if (a2->flags & (SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_OBJECT_INHERIT) &&
-			!(a1->flags & (SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_OBJECT_INHERIT)))
-		return 1;
-
-	return 0;
-}
-
-/*******************************************************************
- Functions to convert a SEC_DESC ACE DACL list into canonical order.
- JRA.
-
---- from http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/order_of_aces_in_a_dacl.asp
-
-The following describes the preferred order:
-
- To ensure that noninherited ACEs have precedence over inherited ACEs,
- place all noninherited ACEs in a group before any inherited ACEs.
- This ordering ensures, for example, that a noninherited access-denied ACE
- is enforced regardless of any inherited ACE that allows access.
-
- Within the groups of noninherited ACEs and inherited ACEs, order ACEs according to ACE type, as the following shows:
-	1. Access-denied ACEs that apply to the object itself
-	2. Access-denied ACEs that apply to a subobject of the object, such as a property set or property
-	3. Access-allowed ACEs that apply to the object itself
-	4. Access-allowed ACEs that apply to a subobject of the object"
-
-********************************************************************/
-
-void dacl_sort_into_canonical_order(SEC_ACE *srclist, unsigned int num_aces)
-{
-	unsigned int i;
-
-	if (!srclist || num_aces == 0)
-		return;
-
-	/* Sort so that non-inherited ACE's come first. */
-	qsort( srclist, num_aces, sizeof(srclist[0]), QSORT_CAST nt_ace_inherit_comp);
-
-	/* Find the boundary between non-inherited ACEs. */
-	for (i = 0; i < num_aces; i++ ) {
-		SEC_ACE *curr_ace = &srclist[i];
-
-		if (curr_ace->flags & SEC_ACE_FLAG_INHERITED_ACE)
-			break;
-	}
-
-	/* i now points at entry number of the first inherited ACE. */
-
-	/* Sort the non-inherited ACEs. */
-	if (i)
-		qsort( srclist, i, sizeof(srclist[0]), QSORT_CAST nt_ace_canon_comp);
-
-	/* Now sort the inherited ACEs. */
-	if (num_aces - i)
-		qsort( &srclist[i], num_aces - i, sizeof(srclist[0]), QSORT_CAST nt_ace_canon_comp);
-}
-
-/*******************************************************************
- Check if this ACE has a SID in common with the token.
-********************************************************************/
-
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace)
-{
-	size_t i;
-
-	for (i = 0; i < token->num_sids; i++) {
-		if (sid_equal(&ace->trustee, &token->user_sids[i]))
-			return True;
-	}
-
-	return False;
-}
diff --git a/source3/lib/secacl.c b/source3/lib/secacl.c
deleted file mode 100644
index 5e82242e1b0..00000000000
--- a/source3/lib/secacl.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* 
- *  Unix SMB/Netbios implementation.
- *  SEC_ACL handling routines
- *  Copyright (C) Andrew Tridgell              1992-1998,
- *  Copyright (C) Jeremy R. Allison            1995-2003.
- *  Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
- *  Copyright (C) Paul Ashton                  1997-1998.
- *  
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 3 of the License, or
- *  (at your option) any later version.
- *  
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *  
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "includes.h"
-
-/*******************************************************************
- Create a SEC_ACL structure.  
-********************************************************************/
-
-SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, enum security_acl_revision revision,
-		      int num_aces, SEC_ACE *ace_list)
-{
-	SEC_ACL *dst;
-	int i;
-
-	if((dst = TALLOC_ZERO_P(ctx,SEC_ACL)) == NULL)
-		return NULL;
-
-	dst->revision = revision;
-	dst->num_aces = num_aces;
-	dst->size = SEC_ACL_HEADER_SIZE;
-
-	/* Now we need to return a non-NULL address for the ace list even
-	   if the number of aces required is zero.  This is because there
-	   is a distinct difference between a NULL ace and an ace with zero
-	   entries in it.  This is achieved by checking that num_aces is a
-	   positive number. */
-
-	if ((num_aces) && 
-            ((dst->aces = TALLOC_ARRAY(ctx, SEC_ACE, num_aces)) 
-             == NULL)) {
-		return NULL;
-	}
-        
-	for (i = 0; i < num_aces; i++) {
-		dst->aces[i] = ace_list[i]; /* Structure copy. */
-		dst->size += ace_list[i].size;
-	}
-
-	return dst;
-}
-
-/*******************************************************************
- Duplicate a SEC_ACL structure.  
-********************************************************************/
-
-SEC_ACL *dup_sec_acl(TALLOC_CTX *ctx, SEC_ACL *src)
-{
-	if(src == NULL)
-		return NULL;
-
-	return make_sec_acl(ctx, src->revision, src->num_aces, src->aces);
-}
-
-/*******************************************************************
- Compares two SEC_ACL structures
-********************************************************************/
-
-bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2)
-{
-	unsigned int i, j;
-
-	/* Trivial cases */
-
-	if (!s1 && !s2) return True;
-	if (!s1 || !s2) return False;
-
-	/* Check top level stuff */
-
-	if (s1->revision != s2->revision) {
-		DEBUG(10, ("sec_acl_equal(): revision differs (%d != %d)\n",
-			   s1->revision, s2->revision));
-		return False;
-	}
-
-	if (s1->num_aces != s2->num_aces) {
-		DEBUG(10, ("sec_acl_equal(): num_aces differs (%d != %d)\n",
-			   s1->revision, s2->revision));
-		return False;
-	}
-
-	/* The ACEs could be in any order so check each ACE in s1 against 
-	   each ACE in s2. */
-
-	for (i = 0; i < s1->num_aces; i++) {
-		bool found = False;
-
-		for (j = 0; j < s2->num_aces; j++) {
-			if (sec_ace_equal(&s1->aces[i], &s2->aces[j])) {
-				found = True;
-				break;
-			}
-		}
-
-		if (!found) return False;
-	}
-
-	return True;
-}
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 774ef498b7f..76e7402422a 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -115,3 +115,19 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
 
 	return NT_STATUS_OK;
 }
+
+/*******************************************************************
+ Check if this ACE has a SID in common with the token.
+********************************************************************/
+
+bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
+{
+	size_t i;
+
+	for (i = 0; i < token->num_sids; i++) {
+		if (sid_equal(&ace->trustee, &token->user_sids[i]))
+			return true;
+	}
+
+	return false;
+}