s3-auth Use security_token_debug() from common code

This prints the security token including the privileges as strings
instead of just a bitmap.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

diff --git a/libgpo/gpo_ldap.c b/libgpo/gpo_ldap.c
index 38a040533a2ba7c9278291288041b0871fb91005..e6b9609bab20c56b0cb7755f7394bcdbf0873dd5 100644 (file)
--- a/libgpo/gpo_ldap.c
+++ b/libgpo/gpo_ldap.c
@@ -671,7 +671,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
 
        *token = new_token;
 
-       debug_nt_user_token(DBGC_CLASS, 5, *token);
+       security_token_debug(DBGC_CLASS, 5, *token);
 
        return ADS_ERROR_LDAP(LDAP_SUCCESS);
 }

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 98cef7914119ba3a63f2c75737b3e54387671699..73713093c2183140b4c2461644b039daf7745792 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -516,7 +516,7 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info)
                                        &server_info->ptok->num_sids);
        }
 
-       debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok);
+       security_token_debug(DBGC_AUTH, 10, server_info->ptok);
        debug_unix_user_token(DBGC_AUTH, 10,
                              server_info->utok.uid,
                              server_info->utok.gid,

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 17078d1e96e1ec71213f03575c47f6ab7a170f71..1a7c4816e8223e0cdc6e3c615d8eb58af4bf5581 100644 (file)
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -641,32 +641,6 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result,
        return NT_STATUS_OK;
 }
 
-/****************************************************************************
- prints a struct security_token to debug output.
-****************************************************************************/
-
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token)
-{
-       size_t     i;
-
-       if (!token) {
-               DEBUGC(dbg_class, dbg_lev, ("NT user token: (NULL)\n"));
-               return;
-       }
-
-       DEBUGC(dbg_class, dbg_lev,
-              ("NT user token of user %s\n",
-               sid_string_dbg(&token->sids[0]) ));
-       DEBUGADDC(dbg_class, dbg_lev,
-                 ("contains %lu SIDs\n", (unsigned long)token->num_sids));
-       for (i = 0; i < token->num_sids; i++)
-               DEBUGADDC(dbg_class, dbg_lev,
-                         ("SID[%3lu]: %s\n", (unsigned long)i,
-                          sid_string_dbg(&token->sids[i])));
-
-       DEBUGADDC(dbg_class, dbg_lev,("Privilege mask: 0x%llx\n", (unsigned long long)token->privilege_mask));
-}
-
 /****************************************************************************
  prints a UNIX 'token' to debug output.
 ****************************************************************************/

diff --git a/source3/include/proto.h b/source3/include/proto.h
index b40f32a0b9dc4f6a9c64c28cb9a996e859a3f093..42ff86751af4a44f1755383a3059905fb2271ec5 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -261,7 +261,6 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
                                          struct netr_SamInfo3 *info3,
                                          struct extra_auth_info *extra,
                                          struct security_token **ntok);
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
 void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
                           int n_groups, gid_t *groups);
 

diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c
index ee2b419696c2c37a3ca267182111830c943a2bc5..000b605913d7099e61dfd221eb652150b7660b11 100644 (file)
--- a/source3/rpc_server/srv_wkssvc_nt.c
+++ b/source3/rpc_server/srv_wkssvc_nt.c
@@ -359,7 +359,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p,
                                    "Users %s:\n",
                                    sid_string_dbg(
                                            &global_sid_Authenticated_Users)));
-                       debug_nt_user_token(DBGC_CLASS, 3,
+                       security_token_debug(DBGC_CLASS, 3,
                                            p->server_info->ptok);
                        return WERR_ACCESS_DENIED;
                }
@@ -377,7 +377,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p,
                        DEBUGADD(3,(" - does not have sid for Administrators "
                                    "group %s, sids are:\n",
                                    sid_string_dbg(&global_sid_Builtin_Administrators)));
-                       debug_nt_user_token(DBGC_CLASS, 3,
+                       security_token_debug(DBGC_CLASS, 3,
                                            p->server_info->ptok);
                        return WERR_ACCESS_DENIED;
                }
@@ -562,7 +562,7 @@ WERROR _wkssvc_NetWkstaEnumUsers(struct pipes_struct *p,
                DEBUGADD(3,(" - does not have sid for Administrators group "
                            "%s\n", sid_string_dbg(
                                    &global_sid_Builtin_Administrators)));
-               debug_nt_user_token(DBGC_CLASS, 3, p->server_info->ptok);
+               security_token_debug(DBGC_CLASS, 3, p->server_info->ptok);
                return WERR_ACCESS_DENIED;
        }
 

diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index 017613cf1e986f0858fb915897f10125855a0809..2405eb51d4ad8f4e2310b4d4e9278b570ee02ab4 100644 (file)
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -19,6 +19,7 @@
 
 #include "includes.h"
 #include "smbd/globals.h"
+#include "libcli/security/security_token.h"
 
 extern struct current_user current_user;
 
@@ -309,7 +310,7 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, struct securi
        DEBUG(3, ("setting sec ctx (%u, %u) - sec_ctx_stack_ndx = %d\n", 
                (unsigned int)uid, (unsigned int)gid, sec_ctx_stack_ndx));
 
-       debug_nt_user_token(DBGC_CLASS, 5, token);
+       security_token_debug(DBGC_CLASS, 5, token);
        debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups);
 
        /* Change uid, gid and supplementary group list. */

diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h
index b06b7f9771f0aeb82929131f8597aa74e74e621e..8422d280fd54db8b539d36eab98ffd5d849a5789 100644 (file)
--- a/source3/utils/net_proto.h
+++ b/source3/utils/net_proto.h
@@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
                                            bool is_guest,
                                            int num_groupsids,
                                            const struct dom_sid *groupsids);
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
 void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
                           int n_groups, gid_t *groups);
 

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 6850b75d445bc7b46aee3e3e9448a050d6c225bb..b4a1b9d7c4158be19e3db35eaaea95c5d1610fdd 100644 (file)
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -321,7 +321,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
                return status;
        }
 
-       debug_nt_user_token(DBGC_CLASS, 10, token);
+       security_token_debug(DBGC_CLASS, 10, token);
 
        for (i=0; i<num_require_membership_of_sid; i++) {
                DEBUG(10, ("Checking SID %s\n", sid_string_dbg(

diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 3588af1bffcf3d9d93aeaf30e70af808ae19ebc0..3a7a29885b6b5e98488b75890a9fdd122317a6fa 100644 (file)
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -36,7 +36,6 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
                                            bool is_guest,
                                            int num_groupsids,
                                            const struct dom_sid *groupsids);
-void debug_nt_user_token(int dbg_class, int dbg_lev, struct security_token *token);
 void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
                           int n_groups, gid_t *groups);