summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-09-17 13:08:59 +1000
committerAndrew Tridgell <tridge@samba.org>2010-10-14 02:35:04 +0000
commitdeb7c0243663d3fa435531bad77d2897b1d15285 (patch)
tree61a4500d22c3641aa161dfa4dd053c1527503a7c /source3/lib
parentc41bb6e846b61b92295887fcbfa670e3f5fbbb46 (diff)
downloadsamba-deb7c0243663d3fa435531bad77d2897b1d15285.tar.gz
samba-deb7c0243663d3fa435531bad77d2897b1d15285.tar.bz2
samba-deb7c0243663d3fa435531bad77d2897b1d15285.zip
s3 Replace is_sid_in_token() with security_token_has_sid() from common code
The two routines are identical, so there is no need to keep both. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/util_seaccess.c8
-rw-r--r--source3/lib/util_sid.c11
2 files changed, 4 insertions, 15 deletions
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 13032b8779..af7ba24194 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -110,7 +110,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
uint32_t denied = 0, granted = 0;
unsigned i;
- if (is_sid_in_token(token, sd->owner_sid)) {
+ if (security_token_has_sid(token, sd->owner_sid)) {
granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
} else if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) {
granted |= SEC_STD_DELETE;
@@ -127,7 +127,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
continue;
}
- if (!is_sid_in_token(token, &ace->trustee)) {
+ if (!security_token_has_sid(token, &ace->trustee)) {
continue;
}
@@ -198,7 +198,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd,
/* the owner always gets SEC_STD_WRITE_DAC, SEC_STD_READ_CONTROL and SEC_STD_DELETE */
if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE)) &&
- is_sid_in_token(token, sd->owner_sid)) {
+ security_token_has_sid(token, sd->owner_sid)) {
bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE);
}
if ((bits_remaining & SEC_STD_DELETE) &&
@@ -218,7 +218,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd,
continue;
}
- if (!is_sid_in_token(token, &ace->trustee)) {
+ if (!security_token_has_sid(token, &ace->trustee)) {
continue;
}
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index d28333f9da..25933116c4 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -441,17 +441,6 @@ bool is_null_sid(const struct dom_sid *sid)
return dom_sid_equal(sid, &null_sid);
}
-bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid)
-{
- int i;
-
- for (i=0; i<token->num_sids; i++) {
- if (dom_sid_compare(sid, &token->sids[i]) == 0)
- return true;
- }
- return false;
-}
-
NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
const struct netr_SamInfo3 *info3,
struct dom_sid **user_sids,