lib: Add security_token_del_npa_flags() helper function

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/include/proto.h b/source3/include/proto.h
index a4ab57e84f324f2cdcd02d1143e1f47276a2b077..f71796b57ae9c38c564c9160c68ee6c956ecd578 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -439,6 +439,7 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
                              bool include_user_group_rid);
 bool security_token_find_npa_flags(const struct security_token *token,
                                   uint32_t *_flags);
+void security_token_del_npa_flags(struct security_token *token);
 
 /* The following definitions come from lib/util_sock.c  */
 

diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 9aebb363815a326f745c37f1381773ac1232ff8b..fd767f9c8b36ba8ebc5a1794c09975e2c6f9f408 100644 (file)
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -189,3 +189,18 @@ bool security_token_find_npa_flags(const struct security_token *token,
        sid_peek_rid(npa_flags_sid, _flags);
        return true;
 }
+
+void security_token_del_npa_flags(struct security_token *token)
+{
+       const struct dom_sid *npa_flags_sid = NULL;
+       size_t num_npa_sids;
+
+       num_npa_sids =
+               security_token_count_flag_sids(token,
+                                              &global_sid_Samba_NPA_Flags,
+                                              1,
+                                              &npa_flags_sid);
+       SMB_ASSERT(num_npa_sids == 1);
+
+       del_sid_from_array(npa_flags_sid, &token->sids, &token->num_sids);
+}