if (!ptoken)
return NULL;
- token = TALLOC_P(mem_ctx, NT_USER_TOKEN);
+ token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
if (token == NULL) {
DEBUG(0, ("talloc failed\n"));
return NULL;
}
- ZERO_STRUCTP(token);
-
if (ptoken->user_sids && ptoken->num_sids) {
token->user_sids = (DOM_SID *)talloc_memdup(
token, ptoken->user_sids, sizeof(DOM_SID) * ptoken->num_sids );
return NT_STATUS_OK;
}
+
+/*******************************************************************
+ Check if this ACE has a SID in common with the token.
+********************************************************************/
+
+bool token_sid_in_ace(const NT_USER_TOKEN *token, const struct security_ace *ace)
+{
+ size_t i;
+
+ for (i = 0; i < token->num_sids; i++) {
+ if (sid_equal(&ace->trustee, &token->user_sids[i]))
+ return true;
+ }
+
+ return false;
+}