From aefe60da8c6a5e48d807fa2e64d332b67fae25b8 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 4 Sep 2010 08:37:21 +1000 Subject: [PATCH] s3-util_sid Tidy up global struct security_token This no longer needs to be global, and should be const. We now also init it with the C99 style initialisers. Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/include/proto.h | 2 +- source3/lib/util_seaccess.c | 2 -- source3/lib/util_sid.c | 18 ++++++------------ source3/rpc_server/srv_eventlog_nt.c | 2 +- 4 files changed, 8 insertions(+), 16 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 03196c30ed9..73fe868d845 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1319,7 +1319,7 @@ bool is_setuid_root(void) ; /* The following definitions come from lib/util_sid.c */ const char *sid_type_lookup(uint32 sid_type) ; -struct security_token *get_system_token(void) ; +const struct security_token *get_system_token(void) ; char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid); char *sid_string_talloc(TALLOC_CTX *mem_ctx, const struct dom_sid *sid); char *sid_string_dbg(const struct dom_sid *sid); diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index 7e803fcfce6..6c16fea5857 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -22,8 +22,6 @@ #include "includes.h" -extern struct security_token anonymous_token; - /* Map generic access rights to object specific rights. This technique is used to give meaning to assigning read, write, execute and all access to objects. Each type of object has its own mapping of generic to object diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 0e5c2043781..4e0ddd2e491 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -99,19 +99,13 @@ const struct dom_sid global_sid_Unix_Groups = /* Unmapped Unix groups */ #define SECURITY_NT_AUTHORITY 5 #endif -/* - * An NT compatible anonymous token. - */ - -static struct dom_sid anon_sid_array[3] = -{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}, - { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}, - { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} }; -struct security_token anonymous_token = { 3, anon_sid_array, SE_NONE }; - static struct dom_sid system_sid_array[1] = { { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} }; -struct security_token system_token = { 1, system_sid_array, SE_ALL_PRIVS }; +static const struct security_token system_token = { + .num_sids = ARRAY_SIZE(system_sid_array), + .sids = system_sid_array, + .privilege_mask = SE_ALL_PRIVS +}; /**************************************************************************** Lookup string names for SID types. @@ -153,7 +147,7 @@ const char *sid_type_lookup(uint32 sid_type) Create the SYSTEM token. ***************************************************************************/ -struct security_token *get_system_token(void) +const struct security_token *get_system_token(void) { return &system_token; } diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c index 1fc9337a565..96787a374f2 100644 --- a/source3/rpc_server/srv_eventlog_nt.c +++ b/source3/rpc_server/srv_eventlog_nt.c @@ -69,7 +69,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( struct pipes_struct * p, /******************************************************************** ********************************************************************/ -static bool elog_check_access( EVENTLOG_INFO *info, struct security_token *token ) +static bool elog_check_access( EVENTLOG_INFO *info, const struct security_token *token ) { char *tdbname = elog_tdbname(talloc_tos(), info->logname ); struct security_descriptor *sec_desc; -- 2.34.1