summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2006-07-17 08:05:02 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:10:11 -0500
commit152ea280f1982831c31071eec5c5a17f072073b0 (patch)
tree816e312de7253a7bdb7542128d795d1eca1b8c38 /source4/libcli
parent73b066281e6f80beb46bbfdb9742e26d3550dfce (diff)
downloadsamba-152ea280f1982831c31071eec5c5a17f072073b0.tar.gz
samba-152ea280f1982831c31071eec5c5a17f072073b0.tar.bz2
samba-152ea280f1982831c31071eec5c5a17f072073b0.zip
r17082: Add a test that walks and tests denying tconX access via the share security
descriptor. This is something that W2k3 does _not_ pass and probably is not expected to, it seems the don't check access at tconX time. Thanks to metze for the hint how in the srvsvc_NetShareInfo1501 struct the length of the sd can be encoded in idl. As metze says, there's probably more to the share secdesc, this needs more testing. This one is here to walk the samba3 code. Volker (This used to be commit 67185508229a8d7f144c22cb194f573c932d6de5)
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/security/dom_sid.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/source4/libcli/security/dom_sid.c b/source4/libcli/security/dom_sid.c
index 951c0f5956..54242eb515 100644
--- a/source4/libcli/security/dom_sid.c
+++ b/source4/libcli/security/dom_sid.c
@@ -215,6 +215,24 @@ struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx,
return sid;
}
+/*
+ Split up a SID into its domain and RID part
+*/
+NTSTATUS dom_sid_split_rid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
+ struct dom_sid **domain, uint32_t *rid)
+{
+ if (sid->num_auths == 0) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!(*domain = dom_sid_dup(mem_ctx, sid))) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ (*domain)->num_auths -= 1;
+ *rid = (*domain)->sub_auths[(*domain)->num_auths];
+ return NT_STATUS_OK;
+}
/*
return True if the 2nd sid is in the domain given by the first sid