diff options
| author | Volker Lendecke <vlendec@samba.org> | 2006-07-17 08:05:02 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:10:11 -0500 |
| commit | 152ea280f1982831c31071eec5c5a17f072073b0 (patch) | |
| tree | 816e312de7253a7bdb7542128d795d1eca1b8c38 /source4/libcli | |
| parent | 73b066281e6f80beb46bbfdb9742e26d3550dfce (diff) | |
| download | samba-152ea280f1982831c31071eec5c5a17f072073b0.tar.gz samba-152ea280f1982831c31071eec5c5a17f072073b0.tar.bz2 samba-152ea280f1982831c31071eec5c5a17f072073b0.zip | |
r17082: Add a test that walks and tests denying tconX access via the share security
descriptor. This is something that W2k3 does _not_ pass and probably is not
expected to, it seems the don't check access at tconX time.
Thanks to metze for the hint how in the srvsvc_NetShareInfo1501 struct the
length of the sd can be encoded in idl.
As metze says, there's probably more to the share secdesc, this needs more
testing. This one is here to walk the samba3 code.
Volker
(This used to be commit 67185508229a8d7f144c22cb194f573c932d6de5)
Diffstat (limited to 'source4/libcli')
| -rw-r--r-- | source4/libcli/security/dom_sid.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/source4/libcli/security/dom_sid.c b/source4/libcli/security/dom_sid.c index 951c0f5956..54242eb515 100644 --- a/source4/libcli/security/dom_sid.c +++ b/source4/libcli/security/dom_sid.c @@ -215,6 +215,24 @@ struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, return sid; } +/* + Split up a SID into its domain and RID part +*/ +NTSTATUS dom_sid_split_rid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, + struct dom_sid **domain, uint32_t *rid) +{ + if (sid->num_auths == 0) { + return NT_STATUS_INVALID_PARAMETER; + } + + if (!(*domain = dom_sid_dup(mem_ctx, sid))) { + return NT_STATUS_NO_MEMORY; + } + + (*domain)->num_auths -= 1; + *rid = (*domain)->sub_auths[(*domain)->num_auths]; + return NT_STATUS_OK; +} /* return True if the 2nd sid is in the domain given by the first sid |