From 6283f2caaa42c7238bdc9c2e8bc1246207645019 Mon Sep 17 00:00:00 2001
From: Nadezhda Ivanova <nadezhda.ivanova@postpath.com>
Date: Sun, 20 Sep 2009 13:50:34 -0700
Subject: Initial implementation of security descriptor creation in DS

TODO's:
ACE sorting and clarifying the inheritance of object specific ace's.
---
 libcli/security/security_descriptor.c | 50 +++++++++++++++++++++++++++++++++++
 libcli/security/security_descriptor.h |  4 +++
 2 files changed, 54 insertions(+)

(limited to 'libcli/security')

diff --git a/libcli/security/security_descriptor.c b/libcli/security/security_descriptor.c
index dbe11604fd..b77a281852 100644
--- a/libcli/security/security_descriptor.c
+++ b/libcli/security/security_descriptor.c
@@ -77,6 +77,56 @@ struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx,
 	
 }
 
+struct security_acl *security_acl_concatenate(TALLOC_CTX *mem_ctx,
+                                              const struct security_acl *acl1,
+                                              const struct security_acl *acl2)
+{
+        struct security_acl *nacl;
+        int i;
+
+        if (!acl1 && !acl2)
+                return NULL;
+
+        if (!acl1){
+                nacl = security_acl_dup(mem_ctx, acl2);
+                return nacl;
+        }
+
+        if (!acl2){
+                nacl = security_acl_dup(mem_ctx, acl1);
+                return nacl;
+        }
+
+        nacl = talloc (mem_ctx, struct security_acl);
+        if (nacl == NULL) {
+                return NULL;
+        }
+
+        nacl->revision = acl1->revision;
+        nacl->size = acl1->size + acl2->size;
+        nacl->num_aces = acl1->num_aces + acl2->num_aces;
+
+        if (nacl->num_aces == 0)
+                return nacl;
+
+        nacl->aces = (struct security_ace *)talloc_array (mem_ctx, struct security_ace, acl1->num_aces+acl2->num_aces);
+        if ((nacl->aces == NULL) && (nacl->num_aces > 0)) {
+                goto failed;
+        }
+
+        for (i = 0; i < acl1->num_aces; i++)
+                nacl->aces[i] = acl1->aces[i];
+        for (i = 0; i < acl2->num_aces; i++)
+                nacl->aces[i + acl1->num_aces] = acl2->aces[i];
+
+        return nacl;
+
+ failed:
+        talloc_free (nacl);
+        return NULL;
+
+}
+
 /* 
    talloc and copy a security descriptor
  */
diff --git a/libcli/security/security_descriptor.h b/libcli/security/security_descriptor.h
index a377ef59ce..bc5761ab6f 100644
--- a/libcli/security/security_descriptor.h
+++ b/libcli/security/security_descriptor.h
@@ -64,4 +64,8 @@ struct security_ace *security_ace_create(TALLOC_CTX *mem_ctx,
 struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx,
 				      const struct security_acl *oacl);
 
+struct security_acl *security_acl_concatenate(TALLOC_CTX *mem_ctx,
+                                              const struct security_acl *acl1,
+                                              const struct security_acl *acl2);
+
 #endif /* __SECURITY_DESCRIPTOR_H__ */
-- 
cgit