s3-privs Remove a pointer indirection from revoke_privilege()

Signed-off-by: Andrew Tridgell <tridge@samba.org>

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 6be2c1c85435557e4c9a07f58f41b70d5e47bd8a..7e8053de43e71438794537b8d238ac4801d89fa0 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -638,7 +638,7 @@ NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
                             struct dom_sid **sids, int *num_sids);
 bool grant_privilege(const struct dom_sid *sid, const uint64_t *priv_mask);
 bool grant_privilege_by_name(struct dom_sid *sid, const char *name);
-bool revoke_privilege(const struct dom_sid *sid, const uint64_t *priv_mask);
+bool revoke_privilege(const struct dom_sid *sid, const uint64_t priv_mask);
 bool revoke_all_privileges( struct dom_sid *sid );
 bool revoke_privilege_by_name(struct dom_sid *sid, const char *name);
 NTSTATUS privilege_create_account(const struct dom_sid *sid );

diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 61425e827284cc35af368a19ddd3f44d52ab517d..57c4d81fa4a6e177998d41d7f3fe56001cc53608 100644 (file)
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -313,7 +313,7 @@ bool grant_privilege_by_name(struct dom_sid *sid, const char *name)
  Remove privilege from sid
 ****************************************************************************/
 
-bool revoke_privilege(const struct dom_sid *sid, const uint64_t *priv_mask)
+bool revoke_privilege(const struct dom_sid *sid, const uint64_t priv_mask)
 {
        uint64_t mask;
 
@@ -326,7 +326,7 @@ bool revoke_privilege(const struct dom_sid *sid, const uint64_t *priv_mask)
 
        DEBUGADD( 10, ("original privilege mask: 0x%llx\n", (unsigned long long)mask));
 
-       se_priv_remove( &mask, priv_mask );
+       mask &= ~priv_mask;
 
        DEBUGADD( 10, ("new privilege mask:      0x%llx\n", (unsigned long long)mask));
 
@@ -339,7 +339,7 @@ bool revoke_privilege(const struct dom_sid *sid, const uint64_t *priv_mask)
 
 bool revoke_all_privileges( struct dom_sid *sid )
 {
-       return revoke_privilege( sid, &se_priv_all );
+       return revoke_privilege( sid, SE_ALL_PRIVS);
 }
 
 /*********************************************************************
@@ -356,7 +356,7 @@ bool revoke_privilege_by_name(struct dom_sid *sid, const char *name)
                return False;
        }
 
-       return revoke_privilege(sid, &mask);
+       return revoke_privilege(sid, mask);
 
 }
 

diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index c787502a357c9820bd08c9c9c8ed1d081a3b526b..e54bd9613f5dd17090306321611676b7c4905af9 100644 (file)
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -2048,7 +2048,7 @@ NTSTATUS _lsa_RemovePrivilegesFromAccount(struct pipes_struct *p,
        if ( !privilege_set_to_se_priv( &mask, set ) )
                return NT_STATUS_NO_SUCH_PRIVILEGE;
 
-       if ( !revoke_privilege( &info->sid, &mask ) ) {
+       if ( !revoke_privilege( &info->sid, mask ) ) {
                DEBUG(3,("_lsa_RemovePrivilegesFromAccount: revoke_privilege(%s) failed!\n",
                         sid_string_dbg(&info->sid) ));
                DEBUG(3,("Privilege mask: 0x%llx\n", (unsigned long long)mask));

diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index 6a9e261ea085e70c3a36bb370835159f45598a30..113818200efb55c49be1d6e7066456965e5fa2ea 100644 (file)
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -752,7 +752,7 @@ static int net_sam_rights_revoke(struct net_context *c, int argc,
                        return -1;
                }
 
-               if (!revoke_privilege(&sid, &mask)) {
+               if (!revoke_privilege(&sid, mask)) {
                        d_fprintf(stderr, _("Could not revoke privilege\n"));
                        return -1;
                }