From: Andrew Bartlett Date: Fri, 17 Sep 2010 05:31:28 +0000 (+1000) Subject: s3-auth Use security_token_debug() from common code X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=170b345e0c688b178eb37a73a8110dec68a8ae31;p=abartlet%2Fsamba.git%2F.git s3-auth Use security_token_debug() from common code This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell --- diff --git a/libgpo/gpo_ldap.c b/libgpo/gpo_ldap.c index 38a040533a2..e6b9609bab2 100644 --- a/libgpo/gpo_ldap.c +++ b/libgpo/gpo_ldap.c @@ -671,7 +671,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads, *token = new_token; - debug_nt_user_token(DBGC_CLASS, 5, *token); + security_token_debug(DBGC_CLASS, 5, *token); return ADS_ERROR_LDAP(LDAP_SUCCESS); } diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 98cef791411..73713093c21 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -516,7 +516,7 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info) &server_info->ptok->num_sids); } - debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok); + security_token_debug(DBGC_AUTH, 10, server_info->ptok); debug_unix_user_token(DBGC_AUTH, 10, server_info->utok.uid, server_info->utok.gid, diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c index 17078d1e96e..1a7c4816e82 100644 --- a/source3/auth/token_util.c +++ b/source3/auth/token_util.c @@ -641,32 +641,6 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result, return NT_STATUS_OK; } -/**************************************************************************** - prints a struct security_token to debug output. -****************************************************************************/ - -void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token) -{ - size_t i; - - if (!token) { - DEBUGC(dbg_class, dbg_lev, ("NT user token: (NULL)\n")); - return; - } - - DEBUGC(dbg_class, dbg_lev, - ("NT user token of user %s\n", - sid_string_dbg(&token->sids[0]) )); - DEBUGADDC(dbg_class, dbg_lev, - ("contains %lu SIDs\n", (unsigned long)token->num_sids)); - for (i = 0; i < token->num_sids; i++) - DEBUGADDC(dbg_class, dbg_lev, - ("SID[%3lu]: %s\n", (unsigned long)i, - sid_string_dbg(&token->sids[i]))); - - DEBUGADDC(dbg_class, dbg_lev,("Privilege mask: 0x%llx\n", (unsigned long long)token->privilege_mask)); -} - /**************************************************************************** prints a UNIX 'token' to debug output. ****************************************************************************/ diff --git a/source3/include/proto.h b/source3/include/proto.h index b40f32a0b9d..42ff86751af 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -261,7 +261,6 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx, struct netr_SamInfo3 *info3, struct extra_auth_info *extra, struct security_token **ntok); -void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token); void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, int n_groups, gid_t *groups); diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index ee2b419696c..000b605913d 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -359,7 +359,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, "Users %s:\n", sid_string_dbg( &global_sid_Authenticated_Users))); - debug_nt_user_token(DBGC_CLASS, 3, + security_token_debug(DBGC_CLASS, 3, p->server_info->ptok); return WERR_ACCESS_DENIED; } @@ -377,7 +377,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, DEBUGADD(3,(" - does not have sid for Administrators " "group %s, sids are:\n", sid_string_dbg(&global_sid_Builtin_Administrators))); - debug_nt_user_token(DBGC_CLASS, 3, + security_token_debug(DBGC_CLASS, 3, p->server_info->ptok); return WERR_ACCESS_DENIED; } @@ -562,7 +562,7 @@ WERROR _wkssvc_NetWkstaEnumUsers(struct pipes_struct *p, DEBUGADD(3,(" - does not have sid for Administrators group " "%s\n", sid_string_dbg( &global_sid_Builtin_Administrators))); - debug_nt_user_token(DBGC_CLASS, 3, p->server_info->ptok); + security_token_debug(DBGC_CLASS, 3, p->server_info->ptok); return WERR_ACCESS_DENIED; } diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c index 017613cf1e9..2405eb51d4a 100644 --- a/source3/smbd/sec_ctx.c +++ b/source3/smbd/sec_ctx.c @@ -19,6 +19,7 @@ #include "includes.h" #include "smbd/globals.h" +#include "libcli/security/security_token.h" extern struct current_user current_user; @@ -309,7 +310,7 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct securi DEBUG(3, ("setting sec ctx (%u, %u) - sec_ctx_stack_ndx = %d\n", (unsigned int)uid, (unsigned int)gid, sec_ctx_stack_ndx)); - debug_nt_user_token(DBGC_CLASS, 5, token); + security_token_debug(DBGC_CLASS, 5, token); debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups); /* Change uid, gid and supplementary group list. */ diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h index b06b7f9771f..8422d280fd5 100644 --- a/source3/utils/net_proto.h +++ b/source3/utils/net_proto.h @@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx, bool is_guest, int num_groupsids, const struct dom_sid *groupsids); -void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token); void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, int n_groups, gid_t *groups); diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 6850b75d445..b4a1b9d7c41 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -321,7 +321,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3, return status; } - debug_nt_user_token(DBGC_CLASS, 10, token); + security_token_debug(DBGC_CLASS, 10, token); for (i=0; i