diff options
| author | Günther Deschner <gd@samba.org> | 2008-02-29 18:23:53 +0100 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2008-02-29 18:23:53 +0100 |
| commit | 72b8392f9c48d87dcd351ec3a24cc6f68516011f (patch) | |
| tree | 36129035bb60c2d8890add4752e87e376461b1c2 /source3 | |
| parent | f3efceace4ad097882f6574b533318d332bff6b1 (diff) | |
| download | samba-72b8392f9c48d87dcd351ec3a24cc6f68516011f.tar.gz samba-72b8392f9c48d87dcd351ec3a24cc6f68516011f.tar.bz2 samba-72b8392f9c48d87dcd351ec3a24cc6f68516011f.zip | |
Add gp_get_machine_token().
Guenther
(This used to be commit 2f1bc7ddad97b9137ae4cce696bf4e08f9b7ca20)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/lib/util_nttoken.c | 50 | ||||
| -rw-r--r-- | source3/libgpo/gpo_util.c | 25 |
2 files changed, 75 insertions, 0 deletions
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c index 13c66a5f45..f81191af58 100644 --- a/source3/lib/util_nttoken.c +++ b/source3/lib/util_nttoken.c @@ -7,6 +7,7 @@ * Copyright (C) Rafal Szczesniak 2002 * Copyright (C) Volker Lendecke 2006 * Copyright (C) Michael Adam 2007 + * Copyright (C) Guenther Deschner 2007 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -67,3 +68,52 @@ NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken) return token; } +/**************************************************************************** + merge NT tokens +****************************************************************************/ + +NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx, + const struct nt_user_token *token_1, + const struct nt_user_token *token_2, + struct nt_user_token **token_out) +{ + struct nt_user_token *token = NULL; + NTSTATUS status; + int i; + + if (!token_1 || !token_2 || !token_out) { + return NT_STATUS_INVALID_PARAMETER; + } + + token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token); + NT_STATUS_HAVE_NO_MEMORY(token); + + for (i=0; i < token_1->num_sids; i++) { + status = add_sid_to_array_unique(mem_ctx, + &token_1->user_sids[i], + &token->user_sids, + &token->num_sids); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(token); + return status; + } + } + + for (i=0; i < token_2->num_sids; i++) { + status = add_sid_to_array_unique(mem_ctx, + &token_2->user_sids[i], + &token->user_sids, + &token->num_sids); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(token); + return status; + } + } + + se_priv_add(&token->privileges, &token_1->privileges); + se_priv_add(&token->privileges, &token_2->privileges); + + *token_out = token; + + return NT_STATUS_OK; +} diff --git a/source3/libgpo/gpo_util.c b/source3/libgpo/gpo_util.c index 79f2690245..b9053d0ae5 100644 --- a/source3/libgpo/gpo_util.c +++ b/source3/libgpo/gpo_util.c @@ -750,3 +750,28 @@ NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_SUCH_FILE; } +/**************************************************************** +****************************************************************/ + +ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads, + TALLOC_CTX *mem_ctx, + const char *dn, + struct nt_user_token **token) +{ + struct nt_user_token *ad_token = NULL; + ADS_STATUS status; + NTSTATUS ntstatus; + + status = ads_get_sid_token(ads, mem_ctx, dn, &ad_token); + if (!ADS_ERR_OK(status)) { + return status; + } + + ntstatus = merge_nt_token(mem_ctx, ad_token, get_system_token(), + token); + if (!NT_STATUS_IS_OK(ntstatus)) { + return ADS_ERROR_NT(ntstatus); + } + + return ADS_SUCCESS; +} |