summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2010-08-26 15:48:50 +0200
committerGünther Deschner <gd@samba.org>2010-09-20 14:04:37 -0700
commit4dbd743e467096624961533335afccadc67af0e6 (patch)
tree221fd5ed097893d3e48f07c926d7ef9bd8313276 /source3/lib
parent400616017974f057c8a2e817b62b90b1490d4129 (diff)
downloadsamba-4dbd743e467096624961533335afccadc67af0e6.tar.gz
samba-4dbd743e467096624961533335afccadc67af0e6.tar.bz2
samba-4dbd743e467096624961533335afccadc67af0e6.zip
s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.
Guenther
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/netapi/localgroup.c5
-rw-r--r--source3/lib/secdesc.c5
-rw-r--r--source3/lib/util_nttoken.c3
-rw-r--r--source3/lib/util_sid.c92
4 files changed, 15 insertions, 90 deletions
diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c
index 69cf974225..c9e1b722bd 100644
--- a/source3/lib/netapi/localgroup.c
+++ b/source3/lib/netapi/localgroup.c
@@ -27,6 +27,7 @@
#include "../librpc/gen_ndr/cli_lsa.h"
#include "rpc_client/cli_lsarpc.h"
#include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
static NTSTATUS libnetapi_samr_lookup_and_open_alias(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *pipe_cli,
@@ -1171,7 +1172,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx,
for (i=0; i < r->in.total_entries; i++) {
bool already_member = false;
for (k=0; k < current_sids.num_sids; k++) {
- if (sid_equal(&member_sids[i],
+ if (dom_sid_equal(&member_sids[i],
current_sids.sids[k].sid)) {
already_member = true;
break;
@@ -1193,7 +1194,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx,
for (k=0; k < current_sids.num_sids; k++) {
bool keep_member = false;
for (i=0; i < r->in.total_entries; i++) {
- if (sid_equal(&member_sids[i],
+ if (dom_sid_equal(&member_sids[i],
current_sids.sids[k].sid)) {
keep_member = true;
break;
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index b9ed955dee..b8bb0acf7b 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "../librpc/gen_ndr/ndr_security.h"
+#include "../libcli/security/dom_sid.h"
#define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\
SECINFO_DACL|SECINFO_SACL|\
@@ -607,10 +608,10 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
}
/* The CREATOR sids are special when inherited */
- if (sid_equal(ptrustee, &global_sid_Creator_Owner)) {
+ if (dom_sid_equal(ptrustee, &global_sid_Creator_Owner)) {
creator = &global_sid_Creator_Owner;
ptrustee = owner_sid;
- } else if (sid_equal(ptrustee, &global_sid_Creator_Group)) {
+ } else if (dom_sid_equal(ptrustee, &global_sid_Creator_Group)) {
creator = &global_sid_Creator_Group;
ptrustee = group_sid;
}
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 3130ed89fb..680dd29ba7 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -26,6 +26,7 @@
/* function(s) moved from auth/auth_util.c to minimize linker deps */
#include "includes.h"
+#include "../libcli/security/dom_sid.h"
/****************************************************************************
Duplicate a SID token.
@@ -120,7 +121,7 @@ bool token_sid_in_ace(const struct security_token *token, const struct security_
size_t i;
for (i = 0; i < token->num_sids; i++) {
- if (sid_equal(&ace->trustee, &token->sids[i]))
+ if (dom_sid_equal(&ace->trustee, &token->sids[i]))
return true;
}
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 92218ff2b2..1873692f0f 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -244,7 +244,7 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid
return False;
}
- if (sid_compare_domain(exp_dom_sid, sid)!=0){
+ if (dom_sid_compare_domain(exp_dom_sid, sid)!=0){
*rid=(-1);
return False;
}
@@ -308,84 +308,6 @@ bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid)
}
/*****************************************************************
- Compare the auth portion of two sids.
-*****************************************************************/
-
-static int sid_compare_auth(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
- int i;
-
- if (sid1 == sid2)
- return 0;
- if (!sid1)
- return -1;
- if (!sid2)
- return 1;
-
- if (sid1->sid_rev_num != sid2->sid_rev_num)
- return sid1->sid_rev_num - sid2->sid_rev_num;
-
- for (i = 0; i < 6; i++)
- if (sid1->id_auth[i] != sid2->id_auth[i])
- return sid1->id_auth[i] - sid2->id_auth[i];
-
- return 0;
-}
-
-/*****************************************************************
- Compare two sids.
-*****************************************************************/
-
-int sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
- int i;
-
- if (sid1 == sid2)
- return 0;
- if (!sid1)
- return -1;
- if (!sid2)
- return 1;
-
- /* Compare most likely different rids, first: i.e start at end */
- if (sid1->num_auths != sid2->num_auths)
- return sid1->num_auths - sid2->num_auths;
-
- for (i = sid1->num_auths-1; i >= 0; --i)
- if (sid1->sub_auths[i] != sid2->sub_auths[i])
- return sid1->sub_auths[i] - sid2->sub_auths[i];
-
- return sid_compare_auth(sid1, sid2);
-}
-
-/*****************************************************************
- See if 2 SIDs are in the same domain
- this just compares the leading sub-auths
-*****************************************************************/
-
-int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
- int n, i;
-
- n = MIN(sid1->num_auths, sid2->num_auths);
-
- for (i = n-1; i >= 0; --i)
- if (sid1->sub_auths[i] != sid2->sub_auths[i])
- return sid1->sub_auths[i] - sid2->sub_auths[i];
-
- return sid_compare_auth(sid1, sid2);
-}
-
-/*****************************************************************
- Compare two sids.
-*****************************************************************/
-
-bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
- return sid_compare(sid1, sid2) == 0;
-}
-
-/*****************************************************************
Returns true if SID is internal (and non-mappable).
*****************************************************************/
@@ -397,10 +319,10 @@ bool non_mappable_sid(struct dom_sid *sid)
sid_copy(&dom, sid);
sid_split_rid(&dom, &rid);
- if (sid_equal(&dom, &global_sid_Builtin))
+ if (dom_sid_equal(&dom, &global_sid_Builtin))
return True;
- if (sid_equal(&dom, &global_sid_NT_Authority))
+ if (dom_sid_equal(&dom, &global_sid_NT_Authority))
return True;
return False;
@@ -494,7 +416,7 @@ NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
size_t i;
for (i=0; i<(*num_sids); i++) {
- if (sid_compare(sid, &(*sids)[i]) == 0)
+ if (dom_sid_compare(sid, &(*sids)[i]) == 0)
return NT_STATUS_OK;
}
@@ -515,7 +437,7 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t
/* if we find the SID, then decrement the count
and break out of the loop */
- if ( sid_equal(sid, &sid_list[i]) ) {
+ if ( dom_sid_equal(sid, &sid_list[i]) ) {
*num -= 1;
break;
}
@@ -555,7 +477,7 @@ bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
bool is_null_sid(const struct dom_sid *sid)
{
static const struct dom_sid null_sid = {0};
- return sid_equal(sid, &null_sid);
+ return dom_sid_equal(sid, &null_sid);
}
bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid)
@@ -563,7 +485,7 @@ bool is_sid_in_token(const struct security_token *token, const struct dom_sid *s
int i;
for (i=0; i<token->num_sids; i++) {
- if (sid_compare(sid, &token->sids[i]) == 0)
+ if (dom_sid_compare(sid, &token->sids[i]) == 0)
return true;
}
return false;