summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--source3/auth/token_util.c28
-rw-r--r--source3/include/proto.h20
-rw-r--r--source3/include/registry.h10
-rw-r--r--source3/include/smb.h7
-rw-r--r--source3/lib/smbconf/smbconf_reg.c4
-rw-r--r--source3/lib/util_nttoken.c10
-rw-r--r--source3/libgpo/gpext/registry.c4
-rw-r--r--source3/libgpo/gpext/scripts.c6
-rw-r--r--source3/libgpo/gpext/security.c2
-rw-r--r--source3/libgpo/gpo_proto.h8
-rw-r--r--source3/libgpo/gpo_reg.c22
-rw-r--r--source3/registry/reg_api.c10
-rw-r--r--source3/registry/reg_backend_smbconf.c2
-rw-r--r--source3/registry/reg_dispatcher.c2
-rw-r--r--source3/registry/reg_dispatcher.h2
-rw-r--r--source3/registry/reg_util_legacy.c2
-rw-r--r--source3/registry/reg_util_legacy.h2
-rw-r--r--source3/rpc_server/srv_wkssvc_nt.c4
-rw-r--r--source3/smbd/share_access.c8
-rw-r--r--source3/utils/net_ads_gpo.c6
-rw-r--r--source3/utils/net_proto.h4
-rw-r--r--source3/winbindd/winbindd_pam.c4
-rw-r--r--source3/winbindd/winbindd_proto.h4
23 files changed, 84 insertions, 87 deletions
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 8253e86fe8f..e9eee90d707 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -81,7 +81,7 @@ bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
NT_USER_TOKEN *get_root_nt_token( void )
{
- struct nt_user_token *token, *for_cache;
+ struct security_token *token, *for_cache;
struct dom_sid u_sid, g_sid;
struct passwd *pw;
void *cache_data;
@@ -92,7 +92,7 @@ NT_USER_TOKEN *get_root_nt_token( void )
if (cache_data != NULL) {
return talloc_get_type_abort(
- cache_data, struct nt_user_token);
+ cache_data, struct security_token);
}
if ( !(pw = sys_getpwuid(0)) ) {
@@ -129,7 +129,7 @@ NT_USER_TOKEN *get_root_nt_token( void )
*/
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
- struct nt_user_token *token)
+ struct security_token *token)
{
uint32 *aliases;
size_t i, num_aliases;
@@ -174,7 +174,7 @@ done:
/*******************************************************************
*******************************************************************/
-static NTSTATUS add_builtin_administrators(struct nt_user_token *token,
+static NTSTATUS add_builtin_administrators(struct security_token *token,
const struct dom_sid *dom_sid)
{
struct dom_sid domadm;
@@ -339,23 +339,23 @@ NTSTATUS create_builtin_administrators(const struct dom_sid *dom_sid)
return status;
}
-static NTSTATUS finalize_local_nt_token(struct nt_user_token *result,
+static NTSTATUS finalize_local_nt_token(struct security_token *result,
bool is_guest);
NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
bool is_guest,
struct netr_SamInfo3 *info3,
struct extra_auth_info *extra,
- struct nt_user_token **ntok)
+ struct security_token **ntok)
{
- struct nt_user_token *usrtok = NULL;
+ struct security_token *usrtok = NULL;
NTSTATUS status;
int i;
DEBUG(10, ("Create local NT token for %s\n",
info3->base.account_name.string));
- usrtok = talloc_zero(mem_ctx, struct nt_user_token);
+ usrtok = talloc_zero(mem_ctx, struct security_token);
if (!usrtok) {
DEBUG(0, ("talloc failed\n"));
return NT_STATUS_NO_MEMORY;
@@ -458,20 +458,20 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
Create a NT token for the user, expanding local aliases
*******************************************************************/
-struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
+struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
const struct dom_sid *user_sid,
bool is_guest,
int num_groupsids,
const struct dom_sid *groupsids)
{
- struct nt_user_token *result = NULL;
+ struct security_token *result = NULL;
int i;
NTSTATUS status;
DEBUG(10, ("Create local NT token for %s\n",
sid_string_dbg(user_sid)));
- if (!(result = TALLOC_ZERO_P(mem_ctx, struct nt_user_token))) {
+ if (!(result = TALLOC_ZERO_P(mem_ctx, struct security_token))) {
DEBUG(0, ("talloc failed\n"));
return NULL;
}
@@ -521,7 +521,7 @@ struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
return result;
}
-static NTSTATUS finalize_local_nt_token(struct nt_user_token *result,
+static NTSTATUS finalize_local_nt_token(struct security_token *result,
bool is_guest)
{
struct dom_sid dom_sid;
@@ -716,7 +716,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
bool is_guest,
uid_t *uid, gid_t *gid,
char **found_username,
- struct nt_user_token **token)
+ struct security_token **token)
{
NTSTATUS result = NT_STATUS_NO_SUCH_USER;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
@@ -969,7 +969,7 @@ bool user_in_group_sid(const char *username, const struct dom_sid *group_sid)
uid_t uid;
gid_t gid;
char *found_username;
- struct nt_user_token *token;
+ struct security_token *token;
bool result;
TALLOC_CTX *mem_ctx = talloc_stackframe();
diff --git a/source3/include/proto.h b/source3/include/proto.h
index c547924c7d6..76ef9aa36d4 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -127,7 +127,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
bool is_guest,
uid_t *uid, gid_t *gid,
char **found_username,
- struct nt_user_token **token);
+ struct security_token **token);
bool user_in_group_sid(const char *username, const struct dom_sid *group_sid);
bool user_in_group(const char *username, const char *groupname);
NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info,
@@ -245,10 +245,10 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
NT_USER_TOKEN *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
- struct nt_user_token *token);
+ struct security_token *token);
NTSTATUS create_builtin_users(const struct dom_sid *sid);
NTSTATUS create_builtin_administrators(const struct dom_sid *sid);
-struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
+struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
const struct dom_sid *user_sid,
bool is_guest,
int num_groupsids,
@@ -257,7 +257,7 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
bool is_guest,
struct netr_SamInfo3 *info3,
struct extra_auth_info *extra,
- struct nt_user_token **ntok);
+ struct security_token **ntok);
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token);
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups);
@@ -1288,9 +1288,9 @@ void smb_nscd_flush_group_cache(void);
NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken);
NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
- const struct nt_user_token *token_1,
- const struct nt_user_token *token_2,
- struct nt_user_token **token_out);
+ const struct security_token *token_1,
+ const struct security_token *token_2,
+ struct security_token **token_out);
bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace);
/* The following definitions come from lib/util_pw.c */
@@ -5487,13 +5487,13 @@ void reply_sesssetup_and_X(struct smb_request *req);
bool token_contains_name_in_list(const char *username,
const char *domain,
const char *sharename,
- const struct nt_user_token *token,
+ const struct security_token *token,
const char **list);
bool user_ok_token(const char *username, const char *domain,
- const struct nt_user_token *token, int snum);
+ const struct security_token *token, int snum);
bool is_share_read_only_for_token(const char *username,
const char *domain,
- const struct nt_user_token *token,
+ const struct security_token *token,
connection_struct *conn);
/* The following definitions come from smbd/srvstr.c */
diff --git a/source3/include/registry.h b/source3/include/registry.h
index ca3a1d03642..303b7ed06d3 100644
--- a/source3/include/registry.h
+++ b/source3/include/registry.h
@@ -71,7 +71,7 @@ struct registry_key {
struct registry_key_handle *key;
struct regsubkey_ctr *subkeys;
struct regval_ctr *values;
- struct nt_user_token *token;
+ struct security_token *token;
};
@@ -134,7 +134,7 @@ struct registry_key {
WERROR reg_openhive(TALLOC_CTX *mem_ctx, const char *hive,
uint32 desired_access,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct registry_key **pkey);
WERROR reg_openkey(TALLOC_CTX *mem_ctx, struct registry_key *parent,
const char *name, uint32 desired_access,
@@ -173,7 +173,7 @@ WERROR reg_restorekey(struct registry_key *key, const char *fname);
WERROR reg_savekey(struct registry_key *key, const char *fname);
WERROR reg_deleteallvalues(struct registry_key *key);
WERROR reg_open_path(TALLOC_CTX *mem_ctx, const char *orig_path,
- uint32 desired_access, const struct nt_user_token *token,
+ uint32 desired_access, const struct security_token *token,
struct registry_key **pkey);
WERROR reg_deletekey_recursive(TALLOC_CTX *ctx,
struct registry_key *parent,
@@ -183,10 +183,10 @@ WERROR reg_deletesubkeys_recursive(TALLOC_CTX *ctx,
const char *path);
WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
uint32 desired_access,
- const struct nt_user_token *token,
+ const struct security_token *token,
enum winreg_CreateAction *paction,
struct registry_key **pkey);
-WERROR reg_delete_path(const struct nt_user_token *token,
+WERROR reg_delete_path(const struct security_token *token,
const char *orig_path);
/* The following definitions come from registry/reg_init_basic.c */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index f8b233ea6bc..e9b85beab1e 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -176,6 +176,7 @@ typedef union unid_t {
#include "librpc/gen_ndr/epmapper.h"
#include "librpc/gen_ndr/dcerpc.h"
+#include "librpc/gen_ndr/security.h"
struct lsa_dom_info {
bool valid;
@@ -231,11 +232,7 @@ extern const struct dom_sid global_sid_Unix_Groups;
#define PRIMARY_USER_SID_INDEX 0
#define PRIMARY_GROUP_SID_INDEX 1
-typedef struct nt_user_token {
- uint32_t num_sids;
- struct dom_sid *sids;
- uint64_t privilege_mask;
-} NT_USER_TOKEN;
+typedef struct security_token NT_USER_TOKEN;
typedef struct unix_user_token {
uid_t uid;
diff --git a/source3/lib/smbconf/smbconf_reg.c b/source3/lib/smbconf/smbconf_reg.c
index 08d559b3c77..ba27b482067 100644
--- a/source3/lib/smbconf/smbconf_reg.c
+++ b/source3/lib/smbconf/smbconf_reg.c
@@ -568,7 +568,7 @@ done:
static WERROR smbconf_reg_init(struct smbconf_ctx *ctx, const char *path)
{
WERROR werr = WERR_OK;
- struct nt_user_token *token;
+ struct security_token *token;
if (path == NULL) {
path = KEY_SMBCONF;
@@ -696,7 +696,7 @@ static WERROR smbconf_reg_drop(struct smbconf_ctx *ctx)
struct registry_key *new_key = NULL;
TALLOC_CTX* mem_ctx = talloc_stackframe();
enum winreg_CreateAction action;
- struct nt_user_token *token;
+ struct security_token *token;
werr = ntstatus_to_werror(registry_create_admin_token(ctx, &token));
if (!W_ERROR_IS_OK(werr)) {
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 737e5ebfc20..3be5634a061 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -71,11 +71,11 @@ NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken)
****************************************************************************/
NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
- const struct nt_user_token *token_1,
- const struct nt_user_token *token_2,
- struct nt_user_token **token_out)
+ const struct security_token *token_1,
+ const struct security_token *token_2,
+ struct security_token **token_out)
{
- struct nt_user_token *token = NULL;
+ struct security_token *token = NULL;
NTSTATUS status;
int i;
@@ -83,7 +83,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
return NT_STATUS_INVALID_PARAMETER;
}
- token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
+ token = TALLOC_ZERO_P(mem_ctx, struct security_token);
NT_STATUS_HAVE_NO_MEMORY(token);
for (i=0; i < token_1->num_sids; i++) {
diff --git a/source3/libgpo/gpext/registry.c b/source3/libgpo/gpext/registry.c
index 90e0a6906d2..eb49b19b203 100644
--- a/source3/libgpo/gpext/registry.c
+++ b/source3/libgpo/gpext/registry.c
@@ -218,7 +218,7 @@ static NTSTATUS reg_parse_registry(TALLOC_CTX *mem_ctx,
****************************************************************/
static WERROR reg_apply_registry(TALLOC_CTX *mem_ctx,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct registry_key *root_key,
uint32_t flags,
struct gp_registry_entry *entries,
@@ -273,7 +273,7 @@ static NTSTATUS registry_process_group_policy(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
struct registry_key *root_key,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid)
diff --git a/source3/libgpo/gpext/scripts.c b/source3/libgpo/gpext/scripts.c
index fee1461f011..bc62b811cfc 100644
--- a/source3/libgpo/gpext/scripts.c
+++ b/source3/libgpo/gpext/scripts.c
@@ -260,7 +260,7 @@ static WERROR scripts_store_reg_gpovals(TALLOC_CTX *mem_ctx,
****************************************************************/
static WERROR scripts_apply(TALLOC_CTX *mem_ctx,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct registry_key *root_key,
uint32_t flags,
const char *section,
@@ -280,7 +280,7 @@ static WERROR scripts_apply(TALLOC_CTX *mem_ctx,
#if 0
if (flags & GPO_INFO_FLAG_MACHINE) {
- struct nt_user_token *tmp_token;
+ struct security_token *tmp_token;
tmp_token = registry_create_system_token(mem_ctx);
W_ERROR_HAVE_NO_MEMORY(tmp_token);
@@ -337,7 +337,7 @@ static NTSTATUS scripts_process_group_policy(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
struct registry_key *root_key,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid)
diff --git a/source3/libgpo/gpext/security.c b/source3/libgpo/gpext/security.c
index 208db700ff5..dea0de33f93 100644
--- a/source3/libgpo/gpext/security.c
+++ b/source3/libgpo/gpext/security.c
@@ -144,7 +144,7 @@ static NTSTATUS security_process_group_policy(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
struct registry_key *root_key,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid)
diff --git a/source3/libgpo/gpo_proto.h b/source3/libgpo/gpo_proto.h
index e77e0351ec9..8bc5874c9dd 100644
--- a/source3/libgpo/gpo_proto.h
+++ b/source3/libgpo/gpo_proto.h
@@ -19,11 +19,11 @@ NTSTATUS parse_gpt_ini(TALLOC_CTX *mem_ctx,
/* The following definitions come from libgpo/gpo_reg.c */
-struct nt_user_token *registry_create_system_token(TALLOC_CTX *mem_ctx);
+struct security_token *registry_create_system_token(TALLOC_CTX *mem_ctx);
WERROR gp_init_reg_ctx(TALLOC_CTX *mem_ctx,
const char *initial_path,
uint32_t desired_access,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct gp_registry_context **reg_ctx);
void gp_free_reg_ctx(struct gp_registry_context *reg_ctx);
WERROR gp_store_reg_subkey(TALLOC_CTX *mem_ctx,
@@ -45,7 +45,7 @@ WERROR gp_read_reg_val_sz(TALLOC_CTX *mem_ctx,
WERROR gp_reg_state_store(TALLOC_CTX *mem_ctx,
uint32_t flags,
const char *dn,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list);
WERROR gp_reg_state_read(TALLOC_CTX *mem_ctx,
uint32_t flags,
@@ -73,5 +73,5 @@ WERROR reg_apply_registry_entry(TALLOC_CTX *mem_ctx,
struct registry_key *root_key,
struct gp_registry_context *reg_ctx,
struct gp_registry_entry *entry,
- const struct nt_user_token *token,
+ const struct security_token *token,
uint32_t flags);
diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c
index 9821dd21787..39d072f689d 100644
--- a/source3/libgpo/gpo_reg.c
+++ b/source3/libgpo/gpo_reg.c
@@ -27,11 +27,11 @@
/****************************************************************
****************************************************************/
-struct nt_user_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
+struct security_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
{
- struct nt_user_token *token = NULL;
+ struct security_token *token = NULL;
- token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
+ token = TALLOC_ZERO_P(mem_ctx, struct security_token);
if (!token) {
DEBUG(1,("talloc failed\n"));
return NULL;
@@ -54,7 +54,7 @@ struct nt_user_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
WERROR gp_init_reg_ctx(TALLOC_CTX *mem_ctx,
const char *initial_path,
uint32_t desired_access,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct gp_registry_context **reg_ctx)
{
struct gp_registry_context *tmp_ctx;
@@ -314,7 +314,7 @@ static const char *gp_reg_groupmembership_path(TALLOC_CTX *mem_ctx,
static WERROR gp_reg_del_groupmembership(TALLOC_CTX *mem_ctx,
struct registry_key *key,
- const struct nt_user_token *token,
+ const struct security_token *token,
uint32_t flags)
{
const char *path = NULL;
@@ -332,7 +332,7 @@ static WERROR gp_reg_del_groupmembership(TALLOC_CTX *mem_ctx,
static WERROR gp_reg_store_groupmembership(TALLOC_CTX *mem_ctx,
struct gp_registry_context *reg_ctx,
- const struct nt_user_token *token,
+ const struct security_token *token,
uint32_t flags)
{
struct registry_key *key = NULL;
@@ -377,7 +377,7 @@ static WERROR gp_reg_store_groupmembership(TALLOC_CTX *mem_ctx,
static WERROR gp_reg_read_groupmembership(TALLOC_CTX *mem_ctx,
struct gp_registry_context *reg_ctx,
const struct dom_sid *object_sid,
- struct nt_user_token **token,
+ struct security_token **token,
uint32_t flags)
{
struct registry_key *key = NULL;
@@ -388,9 +388,9 @@ static WERROR gp_reg_read_groupmembership(TALLOC_CTX *mem_ctx,
const char *path = NULL;
uint32_t count = 0;
int num_token_sids = 0;
- struct nt_user_token *tmp_token = NULL;
+ struct security_token *tmp_token = NULL;
- tmp_token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
+ tmp_token = TALLOC_ZERO_P(mem_ctx, struct security_token);
W_ERROR_HAVE_NO_MEMORY(tmp_token);
path = gp_reg_groupmembership_path(mem_ctx, object_sid, flags);
@@ -453,7 +453,7 @@ static WERROR gp_del_reg_state(TALLOC_CTX *mem_ctx,
WERROR gp_reg_state_store(TALLOC_CTX *mem_ctx,
uint32_t flags,
const char *dn,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list)
{
struct gp_registry_context *reg_ctx = NULL;
@@ -950,7 +950,7 @@ WERROR reg_apply_registry_entry(TALLOC_CTX *mem_ctx,
struct registry_key *root_key,
struct gp_registry_context *reg_ctx,
struct gp_registry_entry *entry,
- const struct nt_user_token *token,
+ const struct security_token *token,
uint32_t flags)
{
WERROR werr;
diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c
index 4e3d871f6ae..0352446e7b0 100644
--- a/source3/registry/reg_api.c
+++ b/source3/registry/reg_api.c
@@ -130,7 +130,7 @@ static int regkey_destructor(struct registry_key_handle *key)
static WERROR regkey_open_onelevel(TALLOC_CTX *mem_ctx,
struct registry_key *parent,
const char *name,
- const struct nt_user_token *token,
+ const struct security_token *token,
uint32 access_desired,
struct registry_key **pregkey)
{
@@ -235,7 +235,7 @@ done:
WERROR reg_openhive(TALLOC_CTX *mem_ctx, const char *hive,
uint32 desired_access,
- const struct nt_user_token *token,
+ const struct security_token *token,
struct registry_key **pkey)
{
SMB_ASSERT(hive != NULL);
@@ -1055,7 +1055,7 @@ WERROR reg_deleteallvalues(struct registry_key *key)
*/
WERROR reg_open_path(TALLOC_CTX *mem_ctx, const char *orig_path,
- uint32 desired_access, const struct nt_user_token *token,
+ uint32 desired_access, const struct security_token *token,
struct registry_key **pkey)
{
struct registry_key *hive, *key;
@@ -1222,7 +1222,7 @@ WERROR reg_deletesubkeys_recursive(TALLOC_CTX *ctx,
WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
uint32 desired_access,
- const struct nt_user_token *token,
+ const struct security_token *token,
enum winreg_CreateAction *paction,
struct registry_key **pkey)
{
@@ -1275,7 +1275,7 @@ WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
* before. Will not delete a hive.
*/
-WERROR reg_delete_path(const struct nt_user_token *token,
+WERROR reg_delete_path(const struct security_token *token,
const char *orig_path)
{
struct registry_key *hive;
diff --git a/source3/registry/reg_backend_smbconf.c b/source3/registry/reg_backend_smbconf.c
index 20868d16960..a2bf506e52b 100644
--- a/source3/registry/reg_backend_smbconf.c
+++ b/source3/registry/reg_backend_smbconf.c
@@ -58,7 +58,7 @@ static bool smbconf_store_values(const char *key, struct regval_ctr *val)
static bool smbconf_reg_access_check(const char *keyname, uint32 requested,
uint32 *granted,
- const struct nt_user_token *token)
+ const struct security_token *token)
{
if (!(user_has_privileges(token, &se_disk_operators))) {
return False;
diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c
index 0c61564d769..ea65c439b9b 100644
--- a/source3/registry/reg_dispatcher.c
+++ b/source3/registry/reg_dispatcher.c
@@ -161,7 +161,7 @@ int fetch_reg_values(struct registry_key_handle *key, struct regval_ctr *val)
bool regkey_access_check(struct registry_key_handle *key, uint32 requested,
uint32 *granted,
- const struct nt_user_token *token )
+ const struct security_token *token )
{
struct security_descriptor *sec_desc;
NTSTATUS status;
diff --git a/source3/registry/reg_dispatcher.h b/source3/registry/reg_dispatcher.h
index eb239334c39..c80ba15ec1d 100644
--- a/source3/registry/reg_dispatcher.h
+++ b/source3/registry/reg_dispatcher.h
@@ -31,7 +31,7 @@ int fetch_reg_keys(struct registry_key_handle *key,
int fetch_reg_values(struct registry_key_handle *key, struct regval_ctr *val);
bool regkey_access_check(struct registry_key_handle *key, uint32 requested,
uint32 *granted,
- const struct nt_user_token *token);
+ const struct security_token *token);
WERROR regkey_get_secdesc(TALLOC_CTX *mem_ctx, struct registry_key_handle *key,
struct security_descriptor **psecdesc);
WERROR regkey_set_secdesc(struct registry_key_handle *key,
diff --git a/source3/registry/reg_util_legacy.c b/source3/registry/reg_util_legacy.c
index 7f2eecc19e1..3a3f0207e2c 100644
--- a/source3/registry/reg_util_legacy.c
+++ b/source3/registry/reg_util_legacy.c
@@ -33,7 +33,7 @@
WERROR regkey_open_internal(TALLOC_CTX *ctx,
struct registry_key_handle **regkey,
const char *path,
- const struct nt_user_token *token,
+ const struct security_token *token,
uint32 access_desired )
{
struct registry_key *key;
diff --git a/source3/registry/reg_util_legacy.h b/source3/registry/reg_util_legacy.h
index 8b330fb0a3b..d0cb626fb21 100644
--- a/source3/registry/reg_util_legacy.h
+++ b/source3/registry/reg_util_legacy.h
@@ -39,7 +39,7 @@
WERROR regkey_open_internal(TALLOC_CTX *ctx,
struct registry_key_handle **regkey,
const char *path,
- const struct nt_user_token *token,
+ const struct security_token *token,
uint32 access_desired );
#endif /* _REG_UTIL_LEGACY_H */
diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c
index a90ac69f844..31513ed113e 100644
--- a/source3/rpc_server/srv_wkssvc_nt.c
+++ b/source3/rpc_server/srv_wkssvc_nt.c
@@ -812,7 +812,7 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p,
char *admin_domain = NULL;
char *admin_account = NULL;
WERROR werr;
- struct nt_user_token *token = p->server_info->ptok;
+ struct security_token *token = p->server_info->ptok;
if (!r->in.domain_name) {
return WERR_INVALID_PARAM;
@@ -887,7 +887,7 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p,
char *admin_domain = NULL;
char *admin_account = NULL;
WERROR werr;
- struct nt_user_token *token = p->server_info->ptok;
+ struct security_token *token = p->server_info->ptok;
if (!r->in.account || !r->in.encrypted_password) {
return WERR_INVALID_PARAM;
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index 6f3bfd020aa..72e7abe66a7 100644
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -67,7 +67,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx,
const char *username,
const char *domain,
const char *sharename,
- const struct nt_user_token *token,
+ const struct security_token *token,
const char *name)
{
const char *prefix;
@@ -155,7 +155,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx,
bool token_contains_name_in_list(const char *username,
const char *domain,
const char *sharename,
- const struct nt_user_token *token,
+ const struct security_token *token,
const char **list)
{
TALLOC_CTX *mem_ctx;
@@ -195,7 +195,7 @@ bool token_contains_name_in_list(const char *username,
*/
bool user_ok_token(const char *username, const char *domain,
- const struct nt_user_token *token, int snum)
+ const struct security_token *token, int snum)
{
if (lp_invalid_users(snum) != NULL) {
if (token_contains_name_in_list(username, domain,
@@ -255,7 +255,7 @@ bool user_ok_token(const char *username, const char *domain,
bool is_share_read_only_for_token(const char *username,
const char *domain,
- const struct nt_user_token *token,
+ const struct security_token *token,
connection_struct *conn)
{
int snum = SNUM(conn);
diff --git a/source3/utils/net_ads_gpo.c b/source3/utils/net_ads_gpo.c
index d6f392ae7ef..56451ab11e1 100644
--- a/source3/utils/net_ads_gpo.c
+++ b/source3/utils/net_ads_gpo.c
@@ -38,7 +38,7 @@ static int net_ads_gpo_refresh(struct net_context *c, int argc, const char **arg
uint32 flags = 0;
struct GROUP_POLICY_OBJECT *gpo;
NTSTATUS result;
- struct nt_user_token *token = NULL;
+ struct security_token *token = NULL;
if (argc < 1 || c->display_usage) {
d_printf("%s\n%s\n%s",
@@ -301,7 +301,7 @@ static int net_ads_gpo_list(struct net_context *c, int argc, const char **argv)
uint32 uac = 0;
uint32 flags = 0;
struct GROUP_POLICY_OBJECT *gpo_list;
- struct nt_user_token *token = NULL;
+ struct security_token *token = NULL;
if (argc < 1 || c->display_usage) {
d_printf("%s\n%s\n%s",
@@ -371,7 +371,7 @@ static int net_ads_gpo_apply(struct net_context *c, int argc, const char **argv)
struct GROUP_POLICY_OBJECT *gpo_list;
uint32 uac = 0;
uint32 flags = 0;
- struct nt_user_token *token = NULL;
+ struct security_token *token = NULL;
const char *filter = NULL;
if (argc < 1 || c->display_usage) {
diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h
index 4791223f2d4..1941418a1b8 100644
--- a/source3/utils/net_proto.h
+++ b/source3/utils/net_proto.h
@@ -30,8 +30,8 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
NT_USER_TOKEN *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
- struct nt_user_token *token);
-struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
+ struct security_token *token);
+struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
const struct dom_sid *user_sid,
bool is_guest,
int num_groupsids,
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 83f75f5e564..53eda47d2ec 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -261,7 +261,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
const char *p;
struct dom_sid sid;
size_t i;
- struct nt_user_token *token;
+ struct security_token *token;
TALLOC_CTX *frame = talloc_stackframe();
NTSTATUS status;
@@ -272,7 +272,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
return NT_STATUS_OK;
}
- token = talloc_zero(talloc_tos(), struct nt_user_token);
+ token = talloc_zero(talloc_tos(), struct security_token);
if (token == NULL) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(frame);
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 02b5c666129..c4f02a07f6b 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -30,8 +30,8 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const NT_USER_TOKEN *token
bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid );
NT_USER_TOKEN *get_root_nt_token( void );
NTSTATUS add_aliases(const struct dom_sid *domain_sid,
- struct nt_user_token *token);
-struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
+ struct security_token *token);
+struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
const struct dom_sid *user_sid,
bool is_guest,
int num_groupsids,