This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
+#include "librpc/gen_ndr/security.h"
#include "libcli/security/security.h"
/*****************************************************************
Compare two sids.
*****************************************************************/
-BOOL dom_sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2)
+bool dom_sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2)
{
return dom_sid_compare(sid1, sid2) == 0;
}
-/*
- convert a dom_sid to a string
-*/
-char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
-{
- int i, ofs, maxlen;
- uint32_t ia;
- char *ret;
-
- if (!sid) {
- return talloc_strdup(mem_ctx, "(NULL SID)");
- }
-
- maxlen = sid->num_auths * 11 + 25;
- ret = talloc(mem_ctx, maxlen);
- if (!ret) return talloc_strdup(mem_ctx, "(SID ERR)");
-
- ia = (sid->id_auth[5]) +
- (sid->id_auth[4] << 8 ) +
- (sid->id_auth[3] << 16) +
- (sid->id_auth[2] << 24);
-
- ofs = snprintf(ret, maxlen, "S-%u-%lu",
- (uint_t)sid->sid_rev_num, (unsigned long)ia);
-
- for (i = 0; i < sid->num_auths; i++) {
- ofs += snprintf(ret + ofs, maxlen - ofs, "-%lu", (unsigned long)sid->sub_auths[i]);
- }
-
- return ret;
-}
-
/*
convert a string to a dom_sid, returning a talloc'd dom_sid
if (sidstr[i] == '-') num_sub_auths++;
}
- ret = talloc_p(mem_ctx, struct dom_sid);
+ ret = talloc(mem_ctx, struct dom_sid);
if (!ret) {
return NULL;
}
- ret->sub_auths = talloc_array_p(mem_ctx, uint32_t, num_sub_auths);
+ ret->sub_auths = talloc_array(ret, uint32_t, num_sub_auths);
if (!ret->sub_auths) {
return NULL;
}
{
struct dom_sid *ret;
int i;
- ret = talloc_p(mem_ctx, struct dom_sid);
+
+ if (!dom_sid) {
+ return NULL;
+ }
+
+ ret = talloc(mem_ctx, struct dom_sid);
if (!ret) {
return NULL;
}
- ret->sub_auths = talloc_array_p(ret, uint32_t, dom_sid->num_auths);
+ ret->sub_auths = talloc_array(ret, uint32_t, dom_sid->num_auths);
if (!ret->sub_auths) {
return NULL;
}
{
struct dom_sid *sid;
- sid = talloc_p(mem_ctx, struct dom_sid);
+ sid = talloc(mem_ctx, struct dom_sid);
if (!sid) return NULL;
*sid = *domain_sid;
- sid->sub_auths = talloc_array_p(sid, uint32_t, sid->num_auths+1);
+ sid->sub_auths = talloc_array(sid, uint32_t, sid->num_auths+1);
if (!sid->sub_auths) {
return NULL;
}
return sid;
}
+/*
+ Split up a SID into its domain and RID part
+*/
+NTSTATUS dom_sid_split_rid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
+ struct dom_sid **domain, uint32_t *rid)
+{
+ if (sid->num_auths == 0) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (domain) {
+ if (!(*domain = dom_sid_dup(mem_ctx, sid))) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ (*domain)->num_auths -= 1;
+ }
+
+ if (rid) {
+ *rid = sid->sub_auths[sid->num_auths - 1];
+ }
+
+ return NT_STATUS_OK;
+}
/*
return True if the 2nd sid is in the domain given by the first sid
return dom_sid_compare_auth(domain_sid, sid) == 0;
}
+
+/*
+ convert a dom_sid to a string
+*/
+char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
+{
+ int i, ofs, maxlen;
+ uint32_t ia;
+ char *ret;
+
+ if (!sid) {
+ return talloc_strdup(mem_ctx, "(NULL SID)");
+ }
+
+ maxlen = sid->num_auths * 11 + 25;
+ ret = talloc_array(mem_ctx, char, maxlen);
+ if (!ret) return talloc_strdup(mem_ctx, "(SID ERR)");
+
+ ia = (sid->id_auth[5]) +
+ (sid->id_auth[4] << 8 ) +
+ (sid->id_auth[3] << 16) +
+ (sid->id_auth[2] << 24);
+
+ ofs = snprintf(ret, maxlen, "S-%u-%lu",
+ (unsigned int)sid->sid_rev_num, (unsigned long)ia);
+
+ for (i = 0; i < sid->num_auths; i++) {
+ ofs += snprintf(ret + ofs, maxlen - ofs, "-%lu", (unsigned long)sid->sub_auths[i]);
+ }
+
+ return ret;
+}