summaryrefslogtreecommitdiff
path: root/libcli/security
diff options
context:
space:
mode:
authorNadezhda Ivanova <nadezhda.ivanova@postpath.com>2009-09-20 13:50:34 -0700
committerNadezhda Ivanova <nadezhda.ivanova@postpath.com>2009-09-20 15:16:17 -0700
commit6283f2caaa42c7238bdc9c2e8bc1246207645019 (patch)
treeee794f628d78b9325abcda5820ed4ec2716d97f2 /libcli/security
parentae56b0f2f96cea7a77b0a19c0d16d94ad971fb3f (diff)
downloadsamba-6283f2caaa42c7238bdc9c2e8bc1246207645019.tar.gz
samba-6283f2caaa42c7238bdc9c2e8bc1246207645019.tar.bz2
samba-6283f2caaa42c7238bdc9c2e8bc1246207645019.zip
Initial implementation of security descriptor creation in DS
TODO's: ACE sorting and clarifying the inheritance of object specific ace's.
Diffstat (limited to 'libcli/security')
-rw-r--r--libcli/security/security_descriptor.c50
-rw-r--r--libcli/security/security_descriptor.h4
2 files changed, 54 insertions, 0 deletions
diff --git a/libcli/security/security_descriptor.c b/libcli/security/security_descriptor.c
index dbe11604fd..b77a281852 100644
--- a/libcli/security/security_descriptor.c
+++ b/libcli/security/security_descriptor.c
@@ -77,6 +77,56 @@ struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx,
}
+struct security_acl *security_acl_concatenate(TALLOC_CTX *mem_ctx,
+ const struct security_acl *acl1,
+ const struct security_acl *acl2)
+{
+ struct security_acl *nacl;
+ int i;
+
+ if (!acl1 && !acl2)
+ return NULL;
+
+ if (!acl1){
+ nacl = security_acl_dup(mem_ctx, acl2);
+ return nacl;
+ }
+
+ if (!acl2){
+ nacl = security_acl_dup(mem_ctx, acl1);
+ return nacl;
+ }
+
+ nacl = talloc (mem_ctx, struct security_acl);
+ if (nacl == NULL) {
+ return NULL;
+ }
+
+ nacl->revision = acl1->revision;
+ nacl->size = acl1->size + acl2->size;
+ nacl->num_aces = acl1->num_aces + acl2->num_aces;
+
+ if (nacl->num_aces == 0)
+ return nacl;
+
+ nacl->aces = (struct security_ace *)talloc_array (mem_ctx, struct security_ace, acl1->num_aces+acl2->num_aces);
+ if ((nacl->aces == NULL) && (nacl->num_aces > 0)) {
+ goto failed;
+ }
+
+ for (i = 0; i < acl1->num_aces; i++)
+ nacl->aces[i] = acl1->aces[i];
+ for (i = 0; i < acl2->num_aces; i++)
+ nacl->aces[i + acl1->num_aces] = acl2->aces[i];
+
+ return nacl;
+
+ failed:
+ talloc_free (nacl);
+ return NULL;
+
+}
+
/*
talloc and copy a security descriptor
*/
diff --git a/libcli/security/security_descriptor.h b/libcli/security/security_descriptor.h
index a377ef59ce..bc5761ab6f 100644
--- a/libcli/security/security_descriptor.h
+++ b/libcli/security/security_descriptor.h
@@ -64,4 +64,8 @@ struct security_ace *security_ace_create(TALLOC_CTX *mem_ctx,
struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx,
const struct security_acl *oacl);
+struct security_acl *security_acl_concatenate(TALLOC_CTX *mem_ctx,
+ const struct security_acl *acl1,
+ const struct security_acl *acl2);
+
#endif /* __SECURITY_DESCRIPTOR_H__ */