diff options
-rw-r--r-- | libcli/security/dom_sid.c | 18 | ||||
-rw-r--r-- | libcli/security/dom_sid.h | 2 |
2 files changed, 20 insertions, 0 deletions
diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c index 93f887134e..f94d952b4d 100644 --- a/libcli/security/dom_sid.c +++ b/libcli/security/dom_sid.c @@ -98,6 +98,24 @@ bool sid_append_rid(struct dom_sid *sid, uint32_t rid) return false; } +/* + See if 2 SIDs are in the same domain + this just compares the leading sub-auths +*/ +int dom_sid_compare_domain(const struct dom_sid *sid1, + const struct dom_sid *sid2) +{ + int n, i; + + n = MIN(sid1->num_auths, sid2->num_auths); + + for (i = n-1; i >= 0; --i) + if (sid1->sub_auths[i] != sid2->sub_auths[i]) + return sid1->sub_auths[i] - sid2->sub_auths[i]; + + return dom_sid_compare_auth(sid1, sid2); +} + /***************************************************************** Convert a string to a SID. Returns True on success, False on fail. *****************************************************************/ diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h index e89253554e..ac8669d725 100644 --- a/libcli/security/dom_sid.h +++ b/libcli/security/dom_sid.h @@ -26,6 +26,8 @@ #include "librpc/gen_ndr/security.h" int dom_sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2); +int dom_sid_compare_domain(const struct dom_sid *sid1, + const struct dom_sid *sid2); bool dom_sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2); bool dom_sid_parse(const char *sidstr, struct dom_sid *ret); struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr); |