summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-08-30 15:38:18 +1000
committerAndrew Bartlett <abartlet@samba.org>2010-09-11 18:46:11 +1000
commit9883993b66826d2f692ebdd3c928f4f7a0cddc7d (patch)
tree7b7e52da490f28770e18d3e051c189efda748957 /source3/lib
parentad5ec58a714aba1f6c0894ca4e7207f1c5072949 (diff)
downloadsamba-9883993b66826d2f692ebdd3c928f4f7a0cddc7d.tar.gz
samba-9883993b66826d2f692ebdd3c928f4f7a0cddc7d.tar.bz2
samba-9883993b66826d2f692ebdd3c928f4f7a0cddc7d.zip
s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmap
This avoids us dealing with the privilege bitmap in the LSA server, and overhauls much of the rest of the handling to be currnet with the modern world of talloc. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/privileges.c67
1 files changed, 17 insertions, 50 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 181ea5c986..31b0e7dc55 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -149,6 +149,23 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc
return found;
}
+NTSTATUS get_privileges_for_sid_as_set(TALLOC_CTX *mem_ctx, PRIVILEGE_SET **privileges, struct dom_sid *sid)
+{
+ uint64_t mask;
+ if (!get_privileges(sid, &mask)) {
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
+ *privileges = talloc_zero(mem_ctx, PRIVILEGE_SET);
+ if (!*privileges) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!se_priv_to_privilege_set(*privileges, mask)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ return NT_STATUS_OK;
+}
/*********************************************************************
traversal functions for privilege_enumerate_accounts
@@ -435,56 +452,6 @@ NTSTATUS privilege_delete_account(const struct dom_sid *sid)
}
/****************************************************************************
- initialise a privilege list and set the talloc context
- ****************************************************************************/
-
-NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set)
-{
- TALLOC_CTX *mem_ctx;
-
- ZERO_STRUCTP( priv_set );
-
- mem_ctx = talloc_init("privilege set");
- if ( !mem_ctx ) {
- DEBUG(0,("privilege_set_init: failed to initialize talloc ctx!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- priv_set->mem_ctx = mem_ctx;
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- initialise a privilege list and with someone else's talloc context
-****************************************************************************/
-
-NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set)
-{
- ZERO_STRUCTP( priv_set );
-
- priv_set->mem_ctx = mem_ctx;
- priv_set->ext_ctx = True;
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- Free all memory used by a PRIVILEGE_SET
-****************************************************************************/
-
-void privilege_set_free(PRIVILEGE_SET *priv_set)
-{
- if ( !priv_set )
- return;
-
- if ( !( priv_set->ext_ctx ) )
- talloc_destroy( priv_set->mem_ctx );
-
- ZERO_STRUCTP( priv_set );
-}
-
-/****************************************************************************
duplicate alloc luid_attr
****************************************************************************/