summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libcli/security/secace.h39
-rw-r--r--libcli/security/secacl.h33
-rw-r--r--source3/include/includes.h2
-rw-r--r--source3/include/proto.h23
-rw-r--r--source4/libcli/security/security.h3
5 files changed, 77 insertions, 23 deletions
diff --git a/libcli/security/secace.h b/libcli/security/secace.h
new file mode 100644
index 00000000000..8b6625d07d3
--- /dev/null
+++ b/libcli/security/secace.h
@@ -0,0 +1,39 @@
+/*
+ Unix SMB/CIFS implementation.
+ Samba utility functions
+
+ Copyright (C) 2009 Jelmer Vernooij <jelmer@samba.org>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _ACE_H_
+#define _ACE_H_
+
+#include "librpc/gen_ndr/security.h"
+
+bool sec_ace_object(uint8_t type);
+void sec_ace_copy(struct security_ace *ace_dest, struct security_ace *ace_src);
+void init_sec_ace(struct security_ace *t, const struct dom_sid *sid, enum security_ace_type type,
+ uint32_t mask, uint8_t flag);
+NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, struct security_ace **pp_new, struct security_ace *old, unsigned *num, struct dom_sid *sid, uint32_t mask);
+NTSTATUS sec_ace_mod_sid(struct security_ace *ace, size_t num, struct dom_sid *sid, uint32_t mask);
+NTSTATUS sec_ace_del_sid(TALLOC_CTX *ctx, struct security_ace **pp_new, struct security_ace *old, uint32_t *num, struct dom_sid *sid);
+bool sec_ace_equal(struct security_ace *s1, struct security_ace *s2);
+int nt_ace_inherit_comp( struct security_ace *a1, struct security_ace *a2);
+int nt_ace_canon_comp( struct security_ace *a1, struct security_ace *a2);
+void dacl_sort_into_canonical_order(struct security_ace *srclist, unsigned int num_aces);
+
+#endif /*_ACE_H_*/
+
diff --git a/libcli/security/secacl.h b/libcli/security/secacl.h
new file mode 100644
index 00000000000..9f1e8fa183d
--- /dev/null
+++ b/libcli/security/secacl.h
@@ -0,0 +1,33 @@
+/*
+ Unix SMB/CIFS implementation.
+ Samba utility functions
+
+ Copyright (C) 2009 Jelmer Vernooij <jelmer@samba.org>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _SECACL_H_
+#define _SECACL_H_
+
+#include "librpc/gen_ndr/security.h"
+
+struct security_acl *make_sec_acl(TALLOC_CTX *ctx, enum security_acl_revision revision,
+ int num_aces, struct security_ace *ace_list);
+struct security_acl *dup_sec_acl(TALLOC_CTX *ctx, struct security_acl *src);
+bool sec_acl_equal(struct security_acl *s1, struct security_acl *s2);
+
+
+#endif /*_SECACL_H_*/
+
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 523a11e255d..63c77ec1822 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -703,6 +703,8 @@ enum flush_reason_enum {
#ifndef NO_PROTO_H
#include "proto.h"
#endif
+#include "libcli/security/secace.h"
+#include "libcli/security/secacl.h"
#if defined(HAVE_POSIX_ACLS)
#include "modules/vfs_posixacl.h"
diff --git a/source3/include/proto.h b/source3/include/proto.h
index eeb6f1928de..60f8ace74de 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -650,28 +650,6 @@ ssize_t sys_recvfile(int fromfd,
size_t count);
ssize_t drain_socket(int sockfd, size_t count);
-/* The following definitions come from lib/secace.c */
-
-bool sec_ace_object(uint8 type);
-void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src);
-void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, enum security_ace_type type,
- uint32 mask, uint8 flag);
-NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsigned *num, DOM_SID *sid, uint32 mask);
-NTSTATUS sec_ace_mod_sid(SEC_ACE *ace, size_t num, DOM_SID *sid, uint32 mask);
-NTSTATUS sec_ace_del_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, uint32 *num, DOM_SID *sid);
-bool sec_ace_equal(SEC_ACE *s1, SEC_ACE *s2);
-int nt_ace_inherit_comp( SEC_ACE *a1, SEC_ACE *a2);
-int nt_ace_canon_comp( SEC_ACE *a1, SEC_ACE *a2);
-void dacl_sort_into_canonical_order(SEC_ACE *srclist, unsigned int num_aces);
-bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
-
-/* The following definitions come from lib/secacl.c */
-
-SEC_ACL *make_sec_acl(TALLOC_CTX *ctx, enum security_acl_revision revision,
- int num_aces, SEC_ACE *ace_list);
-SEC_ACL *dup_sec_acl(TALLOC_CTX *ctx, SEC_ACL *src);
-bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2);
-
/* The following definitions come from lib/secdesc.c */
bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2);
@@ -1252,6 +1230,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
const struct nt_user_token *token_1,
const struct nt_user_token *token_2,
struct nt_user_token **token_out);
+bool token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace);
/* The following definitions come from lib/util_pw.c */
diff --git a/source4/libcli/security/security.h b/source4/libcli/security/security.h
index 517f3e8ebe4..2608c9f7ed2 100644
--- a/source4/libcli/security/security.h
+++ b/source4/libcli/security/security.h
@@ -30,5 +30,6 @@ struct auth_session_info;
/* Moved the dom_sid functions to the top level dir with manual proto header */
#include "libcli/security/dom_sid.h"
-
+#include "libcli/security/secace.h"
+#include "libcli/security/secacl.h"
#include "libcli/security/proto.h"