From 34d166111e4faca4dd13f0d2fc111eb1167e9b04 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Wed, 10 Oct 2007 12:42:55 +0200
Subject: r25604: Add security_descriptor_append() helper function.

Guenther
(This used to be commit 7d8f53b1c73dc4025821d96d8f675b6866407acb)
---
 source4/libcli/security/security_descriptor.c | 42 +++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

(limited to 'source4/libcli/security')

diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c
index 7ed619d0c4..1d8549a605 100644
--- a/source4/libcli/security/security_descriptor.c
+++ b/source4/libcli/security/security_descriptor.c
@@ -336,6 +336,48 @@ bool security_descriptor_mask_equal(const struct security_descriptor *sd1,
 				    NULL);
   that would create a sd with one DACL ACE
 */
+
+struct security_descriptor *security_descriptor_append(struct security_descriptor *sd,
+						       ...)
+{
+	va_list ap;
+	const char *sidstr;
+
+	va_start(ap, sd);
+	while ((sidstr = va_arg(ap, const char *))) {
+		struct dom_sid *sid;
+		struct security_ace *ace = talloc(sd, struct security_ace);
+		NTSTATUS status;
+
+		if (ace == NULL) {
+			talloc_free(sd);
+			va_end(ap);
+			return NULL;
+		}
+		ace->type = va_arg(ap, unsigned int);
+		ace->access_mask = va_arg(ap, unsigned int);
+		ace->flags = va_arg(ap, unsigned int);
+		sid = dom_sid_parse_talloc(ace, sidstr);
+		if (sid == NULL) {
+			va_end(ap);
+			talloc_free(sd);
+			return NULL;
+		}
+		ace->trustee = *sid;
+		status = security_descriptor_dacl_add(sd, ace);
+		/* TODO: check: would talloc_free(ace) here be correct? */
+		if (!NT_STATUS_IS_OK(status)) {
+			va_end(ap);
+			talloc_free(sd);
+			return NULL;
+		}
+	}
+	va_end(ap);
+
+	return sd;
+
+}
+
 struct security_descriptor *security_descriptor_create(TALLOC_CTX *mem_ctx,
 						       const char *owner_sid,
 						       const char *group_sid,
-- 
cgit