diff options
author | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2009-09-20 13:50:34 -0700 |
---|---|---|
committer | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2009-09-20 15:16:17 -0700 |
commit | 6283f2caaa42c7238bdc9c2e8bc1246207645019 (patch) | |
tree | ee794f628d78b9325abcda5820ed4ec2716d97f2 /libcli/security | |
parent | ae56b0f2f96cea7a77b0a19c0d16d94ad971fb3f (diff) | |
download | samba-6283f2caaa42c7238bdc9c2e8bc1246207645019.tar.gz samba-6283f2caaa42c7238bdc9c2e8bc1246207645019.tar.bz2 samba-6283f2caaa42c7238bdc9c2e8bc1246207645019.zip |
Initial implementation of security descriptor creation in DS
TODO's:
ACE sorting and clarifying the inheritance of object specific ace's.
Diffstat (limited to 'libcli/security')
-rw-r--r-- | libcli/security/security_descriptor.c | 50 | ||||
-rw-r--r-- | libcli/security/security_descriptor.h | 4 |
2 files changed, 54 insertions, 0 deletions
diff --git a/libcli/security/security_descriptor.c b/libcli/security/security_descriptor.c index dbe11604fd..b77a281852 100644 --- a/libcli/security/security_descriptor.c +++ b/libcli/security/security_descriptor.c @@ -77,6 +77,56 @@ struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx, } +struct security_acl *security_acl_concatenate(TALLOC_CTX *mem_ctx, + const struct security_acl *acl1, + const struct security_acl *acl2) +{ + struct security_acl *nacl; + int i; + + if (!acl1 && !acl2) + return NULL; + + if (!acl1){ + nacl = security_acl_dup(mem_ctx, acl2); + return nacl; + } + + if (!acl2){ + nacl = security_acl_dup(mem_ctx, acl1); + return nacl; + } + + nacl = talloc (mem_ctx, struct security_acl); + if (nacl == NULL) { + return NULL; + } + + nacl->revision = acl1->revision; + nacl->size = acl1->size + acl2->size; + nacl->num_aces = acl1->num_aces + acl2->num_aces; + + if (nacl->num_aces == 0) + return nacl; + + nacl->aces = (struct security_ace *)talloc_array (mem_ctx, struct security_ace, acl1->num_aces+acl2->num_aces); + if ((nacl->aces == NULL) && (nacl->num_aces > 0)) { + goto failed; + } + + for (i = 0; i < acl1->num_aces; i++) + nacl->aces[i] = acl1->aces[i]; + for (i = 0; i < acl2->num_aces; i++) + nacl->aces[i + acl1->num_aces] = acl2->aces[i]; + + return nacl; + + failed: + talloc_free (nacl); + return NULL; + +} + /* talloc and copy a security descriptor */ diff --git a/libcli/security/security_descriptor.h b/libcli/security/security_descriptor.h index a377ef59ce..bc5761ab6f 100644 --- a/libcli/security/security_descriptor.h +++ b/libcli/security/security_descriptor.h @@ -64,4 +64,8 @@ struct security_ace *security_ace_create(TALLOC_CTX *mem_ctx, struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx, const struct security_acl *oacl); +struct security_acl *security_acl_concatenate(TALLOC_CTX *mem_ctx, + const struct security_acl *acl1, + const struct security_acl *acl2); + #endif /* __SECURITY_DESCRIPTOR_H__ */ |