return NUM_SHORT_LIST_PRIVS;
}
-/****************************************************************************
- Convert a LUID to a named string
-****************************************************************************/
-
-const char *luid_to_privilege_name(const struct lsa_LUID *set)
-{
- int i;
-
- uint32_t num_privs = ARRAY_SIZE(privs);
-
- if (set->high != 0)
- return NULL;
-
- for ( i=0; i<num_privs; i++ ) {
- if ( set->low == privs[i].luid ) {
- return privs[i].name;
- }
- }
-
- return NULL;
-}
-
-
/****************************************************************************
add a privilege to a privilege array
****************************************************************************/
/*******************************************************************
*******************************************************************/
-static bool luid_to_se_priv( struct lsa_LUID *luid, uint64_t *privilege_mask )
-{
- int i;
- uint32_t num_privs = ARRAY_SIZE(privs);
-
- for ( i=0; i<num_privs; i++ ) {
- if ( luid->low == privs[i].luid ) {
- se_priv_copy( privilege_mask, &privs[i].privilege_mask );
- return true;
- }
- }
-
- return false;
-}
-
-/*******************************************************************
-*******************************************************************/
-
bool privilege_set_to_se_priv( uint64_t *privilege_mask, struct lsa_PrivilegeSet *privset )
{
int i;
if ( privset->set[i].luid.high != 0 )
return false;
- if ( luid_to_se_priv( &privset->set[i].luid, &r ) )
- se_priv_add( privilege_mask, &r );
+ r = sec_privilege_mask(privset->set[i].luid.low);
+ if (r) {
+ *privilege_mask |= r;
+ }
}
return true;
return NT_STATUS_ACCESS_DENIED;
}
- name = luid_to_privilege_name(r->in.luid);
+ if (r->in.luid->high != 0) {
+ return NT_STATUS_NO_SUCH_PRIVILEGE;
+ }
+
+ name = sec_privilege_name(r->in.luid->low);
if (!name) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
int num_priv = 0;
for (i=0; i<privileges->count; i++) {
-
- privname = luid_to_privilege_name(&privileges->set[i].luid);
+ if (privileges->set[i].luid.high) {
+ continue;
+ }
+ privname = sec_privilege_name(privileges->set[i].luid.low);
if (privname) {
if (!add_string_to_array(mem_ctx, privname,
&privname_array, &num_priv)) {