From f7ffc12e2d43bd2dddb0a29eb778ff69a6b2802d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 21 Sep 2010 07:14:38 +1000
Subject: libcli/security Use static SIDs rather than parsing from strings

This should make the security_token_is_*() calls a little faster.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
---
 libcli/security/dom_sid.h                 |  1 +
 libcli/security/security_token.c          | 10 +++++-----
 source4/rpc_server/srvsvc/dcesrv_srvsvc.c |  2 +-
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index 8c60f761e4..3d1161fdc7 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -30,6 +30,7 @@ extern const struct dom_sid global_sid_World_Domain;
 extern const struct dom_sid global_sid_World;
 extern const struct dom_sid global_sid_Creator_Owner_Domain;
 extern const struct dom_sid global_sid_NT_Authority;
+extern const struct dom_sid global_sid_Enterprise_DCs;
 extern const struct dom_sid global_sid_System;
 extern const struct dom_sid global_sid_NULL;
 extern const struct dom_sid global_sid_Authenticated_Users;
diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c
index 03dc528b93..40f13820ee 100644
--- a/libcli/security/security_token.c
+++ b/libcli/security/security_token.c
@@ -95,12 +95,12 @@ bool security_token_is_sid_string(const struct security_token *token, const char
 
 bool security_token_is_system(const struct security_token *token)
 {
-	return security_token_is_sid_string(token, SID_NT_SYSTEM);
+	return security_token_is_sid(token, &global_sid_System);
 }
 
 bool security_token_is_anonymous(const struct security_token *token)
 {
-	return security_token_is_sid_string(token, SID_NT_ANONYMOUS);
+	return security_token_is_sid(token, &global_sid_Anonymous);
 }
 
 bool security_token_has_sid(const struct security_token *token, const struct dom_sid *sid)
@@ -128,15 +128,15 @@ bool security_token_has_sid_string(const struct security_token *token, const cha
 
 bool security_token_has_builtin_administrators(const struct security_token *token)
 {
-	return security_token_has_sid_string(token, SID_BUILTIN_ADMINISTRATORS);
+	return security_token_has_sid(token, &global_sid_Builtin_Administrators);
 }
 
 bool security_token_has_nt_authenticated_users(const struct security_token *token)
 {
-	return security_token_has_sid_string(token, SID_NT_AUTHENTICATED_USERS);
+	return security_token_has_sid(token, &global_sid_Authenticated_Users);
 }
 
 bool security_token_has_enterprise_dcs(const struct security_token *token)
 {
-	return security_token_has_sid_string(token, SID_NT_ENTERPRISE_DCS);
+	return security_token_has_sid(token, &global_sid_Enterprise_DCs);
 }
diff --git a/source4/rpc_server/srvsvc/dcesrv_srvsvc.c b/source4/rpc_server/srvsvc/dcesrv_srvsvc.c
index cf3651780d..41d89a9f56 100644
--- a/source4/rpc_server/srvsvc/dcesrv_srvsvc.c
+++ b/source4/rpc_server/srvsvc/dcesrv_srvsvc.c
@@ -33,7 +33,7 @@
 #define SRVSVC_CHECK_ADMIN_ACCESS do { \
 	struct security_token *t = dce_call->conn->auth_state.session_info->security_token; \
 	if (!security_token_has_builtin_administrators(t) && \
-	    !security_token_has_sid_string(t, SID_BUILTIN_SERVER_OPERATORS)) { \
+	    !security_token_has_sid(t, &global_sid_Builtin_Server_Operators)) { \
 	    	return WERR_ACCESS_DENIED; \
 	} \
 } while (0)
-- 
cgit