From 710ea949886dd57c66dc6d397e0ea41c89736107 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 27 Apr 2006 16:09:17 +0000 Subject: r15297: Move create_security_token() to samdb as it requires SAMDB (and the rest of LIBSECURITY doesn't) Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal Some other dependency fixes (This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630) --- source4/libcli/security/config.mk | 8 ++-- source4/libcli/security/security_token.c | 74 -------------------------------- 2 files changed, 4 insertions(+), 78 deletions(-) (limited to 'source4/libcli/security') diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk index fb4f1f71b7..e19947203d 100644 --- a/source4/libcli/security/config.mk +++ b/source4/libcli/security/config.mk @@ -1,6 +1,6 @@ ################################# -# Start SUBSYSTEM LIB_SECURITY -[SUBSYSTEM::LIB_SECURITY] +# Start SUBSYSTEM LIBSECURITY +[SUBSYSTEM::LIBSECURITY] PRIVATE_PROTO_HEADER = proto.h OBJ_FILES = security_token.o \ security_descriptor.o \ @@ -8,6 +8,6 @@ OBJ_FILES = security_token.o \ access_check.o \ privilege.o \ sddl.o -PUBLIC_DEPENDENCIES = NDR_SECURITY -# End SUBSYSTEM LIB_SECURITY +PUBLIC_DEPENDENCIES = NDR_SECURITY +# End SUBSYSTEM LIBSECURITY ################################# diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c index d872376bff..0043678144 100644 --- a/source4/libcli/security/security_token.c +++ b/source4/libcli/security/security_token.c @@ -47,80 +47,6 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx) return st; } -/**************************************************************************** - Create the SID list for this user. -****************************************************************************/ -NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, - struct dom_sid *user_sid, - struct dom_sid *group_sid, - int n_groupSIDs, - struct dom_sid **groupSIDs, - BOOL is_authenticated, - struct security_token **token) -{ - struct security_token *ptoken; - int i; - NTSTATUS status; - - ptoken = security_token_initialise(mem_ctx); - NT_STATUS_HAVE_NO_MEMORY(ptoken); - - ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - - ptoken->user_sid = talloc_reference(ptoken, user_sid); - ptoken->group_sid = talloc_reference(ptoken, group_sid); - ptoken->privilege_mask = 0; - - ptoken->sids[0] = ptoken->user_sid; - ptoken->sids[1] = ptoken->group_sid; - - /* - * Finally add the "standard" SIDs. - * The only difference between guest and "anonymous" - * is the addition of Authenticated_Users. - */ - ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]); - ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]); - ptoken->num_sids = 4; - - if (is_authenticated) { - ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]); - ptoken->num_sids++; - } - - for (i = 0; i < n_groupSIDs; i++) { - size_t check_sid_idx; - for (check_sid_idx = 1; - check_sid_idx < ptoken->num_sids; - check_sid_idx++) { - if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) { - break; - } - } - - if (check_sid_idx == ptoken->num_sids) { - ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]); - } - } - - /* setup the privilege mask for this token */ - status = samdb_privilege_setup(ptoken); - if (!NT_STATUS_IS_OK(status)) { - talloc_free(ptoken); - return status; - } - - security_token_debug(10, ptoken); - - *token = ptoken; - - return NT_STATUS_OK; -} - /**************************************************************************** prints a struct security_token to debug output. ****************************************************************************/ -- cgit