return sd;
}
-static struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx,
+struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx,
const struct security_acl *oacl)
{
struct security_acl *nacl;
+ if (oacl == NULL) {
+ return NULL;
+ }
+
nacl = talloc (mem_ctx, struct security_acl);
if (nacl == NULL) {
return NULL;
}
+struct security_acl *security_acl_concatenate(TALLOC_CTX *mem_ctx,
+ const struct security_acl *acl1,
+ const struct security_acl *acl2)
+{
+ struct security_acl *nacl;
+ uint32_t i;
+
+ if (!acl1 && !acl2)
+ return NULL;
+
+ if (!acl1){
+ nacl = security_acl_dup(mem_ctx, acl2);
+ return nacl;
+ }
+
+ if (!acl2){
+ nacl = security_acl_dup(mem_ctx, acl1);
+ return nacl;
+ }
+
+ nacl = talloc (mem_ctx, struct security_acl);
+ if (nacl == NULL) {
+ return NULL;
+ }
+
+ nacl->revision = acl1->revision;
+ nacl->size = acl1->size + acl2->size;
+ nacl->num_aces = acl1->num_aces + acl2->num_aces;
+
+ if (nacl->num_aces == 0)
+ return nacl;
+
+ nacl->aces = (struct security_ace *)talloc_array (mem_ctx, struct security_ace, acl1->num_aces+acl2->num_aces);
+ if ((nacl->aces == NULL) && (nacl->num_aces > 0)) {
+ goto failed;
+ }
+
+ for (i = 0; i < acl1->num_aces; i++)
+ nacl->aces[i] = acl1->aces[i];
+ for (i = 0; i < acl2->num_aces; i++)
+ nacl->aces[i + acl1->num_aces] = acl2->aces[i];
+
+ return nacl;
+
+ failed:
+ talloc_free (nacl);
+ return NULL;
+
+}
+
/*
talloc and copy a security descriptor
*/
bool sacl_del,
const struct dom_sid *trustee)
{
- int i;
+ uint32_t i;
bool found = false;
struct security_acl *acl = NULL;
bool security_acl_equal(const struct security_acl *acl1,
const struct security_acl *acl2)
{
- int i;
+ uint32_t i;
if (acl1 == acl2) return true;
if (!acl1 || !acl2) return false;
while ((sidstr = va_arg(ap, const char *))) {
struct dom_sid *sid;
- struct security_ace *ace = talloc(sd, struct security_ace);
+ struct security_ace *ace = talloc_zero(sd, struct security_ace);
NTSTATUS status;
if (ace == NULL) {
uint8_t flags)
{
- struct dom_sid *sid;
struct security_ace *ace;
+ bool ok;
ace = talloc_zero(mem_ctx, struct security_ace);
if (ace == NULL) {
return NULL;
}
- sid = dom_sid_parse_talloc(ace, sid_str);
- if (sid == NULL) {
+ ok = dom_sid_parse(sid_str, &ace->trustee);
+ if (!ok) {
talloc_free(ace);
return NULL;
}
-
- ace->trustee = *sid;
ace->type = type;
ace->access_mask = access_mask;
ace->flags = flags;