diff options
author | Günther Deschner <gd@samba.org> | 2007-07-17 11:52:23 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:28:45 -0500 |
commit | d9c902cb5959ab40be0a7f5a4d10f7fe84e927a4 (patch) | |
tree | bca25bb71ce736ab94132e161b48544076d92e18 | |
parent | 4b4a3c7df1b894c32473ee559185f6253b895800 (diff) | |
download | samba-d9c902cb5959ab40be0a7f5a4d10f7fe84e927a4.tar.gz samba-d9c902cb5959ab40be0a7f5a4d10f7fe84e927a4.tar.bz2 samba-d9c902cb5959ab40be0a7f5a4d10f7fe84e927a4.zip |
r23929: Deleting gpo_sd_check_trustee_in_sid_token() as nt_token_check_sid() is what we
need here.
Guenther
(This used to be commit 465c89ee4a0c287203121037052c875b1c6ca41e)
-rw-r--r-- | source3/libgpo/gpo_sec.c | 21 |
1 files changed, 2 insertions, 19 deletions
diff --git a/source3/libgpo/gpo_sec.c b/source3/libgpo/gpo_sec.c index 5286da57de..3f104df299 100644 --- a/source3/libgpo/gpo_sec.c +++ b/source3/libgpo/gpo_sec.c @@ -92,29 +92,12 @@ static BOOL gpo_sd_check_read_access_bits(uint32 access_mask) /**************************************************************** ****************************************************************/ -static BOOL gpo_sd_check_trustee_in_sid_token(const DOM_SID *trustee, - const struct nt_user_token *token) -{ - int i; - - for (i = 0; i < token->num_sids; i++) { - if (sid_equal(trustee, &token->user_sids[i])) { - return True; - } - } - - return False; -} - -/**************************************************************** -****************************************************************/ - static NTSTATUS gpo_sd_check_ace_denied_object(const SEC_ACE *ace, const struct nt_user_token *token) { if (gpo_sd_check_agp_object(ace) && gpo_sd_check_agp_access_bits(ace->access_mask) && - gpo_sd_check_trustee_in_sid_token(&ace->trustee, token)) { + nt_token_check_sid(&ace->trustee, token)) { DEBUG(10,("gpo_sd_check_ace_denied_object: Access denied as of ace for %s\n", sid_string_static(&ace->trustee))); return NT_STATUS_ACCESS_DENIED; @@ -131,7 +114,7 @@ static NTSTATUS gpo_sd_check_ace_allowed_object(const SEC_ACE *ace, { if (gpo_sd_check_agp_object(ace) && gpo_sd_check_agp_access_bits(ace->access_mask) && - gpo_sd_check_trustee_in_sid_token(&ace->trustee, token)) { + nt_token_check_sid(&ace->trustee, token)) { DEBUG(10,("gpo_sd_check_ace_allowed_object: Access granted as of ace for %s\n", sid_string_static(&ace->trustee))); return NT_STATUS_OK; |