summaryrefslogtreecommitdiff
path: root/source4/libcli/security
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2007-10-10 12:42:55 +0200
committerStefan Metzmacher <metze@samba.org>2007-12-21 05:42:48 +0100
commit34d166111e4faca4dd13f0d2fc111eb1167e9b04 (patch)
tree04205b35b0f007ad92db99665a14f2f610e60f55 /source4/libcli/security
parent33032276f532f5344d56ca6c436befb2e3b74fc5 (diff)
downloadsamba-34d166111e4faca4dd13f0d2fc111eb1167e9b04.tar.gz
samba-34d166111e4faca4dd13f0d2fc111eb1167e9b04.tar.bz2
samba-34d166111e4faca4dd13f0d2fc111eb1167e9b04.zip
r25604: Add security_descriptor_append() helper function.
Guenther (This used to be commit 7d8f53b1c73dc4025821d96d8f675b6866407acb)
Diffstat (limited to 'source4/libcli/security')
-rw-r--r--source4/libcli/security/security_descriptor.c42
1 files changed, 42 insertions, 0 deletions
diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c
index 7ed619d0c4..1d8549a605 100644
--- a/source4/libcli/security/security_descriptor.c
+++ b/source4/libcli/security/security_descriptor.c
@@ -336,6 +336,48 @@ bool security_descriptor_mask_equal(const struct security_descriptor *sd1,
NULL);
that would create a sd with one DACL ACE
*/
+
+struct security_descriptor *security_descriptor_append(struct security_descriptor *sd,
+ ...)
+{
+ va_list ap;
+ const char *sidstr;
+
+ va_start(ap, sd);
+ while ((sidstr = va_arg(ap, const char *))) {
+ struct dom_sid *sid;
+ struct security_ace *ace = talloc(sd, struct security_ace);
+ NTSTATUS status;
+
+ if (ace == NULL) {
+ talloc_free(sd);
+ va_end(ap);
+ return NULL;
+ }
+ ace->type = va_arg(ap, unsigned int);
+ ace->access_mask = va_arg(ap, unsigned int);
+ ace->flags = va_arg(ap, unsigned int);
+ sid = dom_sid_parse_talloc(ace, sidstr);
+ if (sid == NULL) {
+ va_end(ap);
+ talloc_free(sd);
+ return NULL;
+ }
+ ace->trustee = *sid;
+ status = security_descriptor_dacl_add(sd, ace);
+ /* TODO: check: would talloc_free(ace) here be correct? */
+ if (!NT_STATUS_IS_OK(status)) {
+ va_end(ap);
+ talloc_free(sd);
+ return NULL;
+ }
+ }
+ va_end(ap);
+
+ return sd;
+
+}
+
struct security_descriptor *security_descriptor_create(TALLOC_CTX *mem_ctx,
const char *owner_sid,
const char *group_sid,