source: branches/samba-3.0/source/lib/secace.c@ 715

Last change on this file since 715 was 39, checked in by Paul Smedley, 19 years ago

Upgrade source to 3.0.25a
File size: 9.0 KB
Line 
1/*
2 * Unix SMB/Netbios implementation.
3 * SEC_ACE handling functions
4 * Copyright (C) Andrew Tridgell 1992-1998,
5 * Copyright (C) Jeremy R. Allison 1995-2003.
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
7 * Copyright (C) Paul Ashton 1997-1998.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24#include "includes.h"
25
26/*******************************************************************
27 Check if ACE has OBJECT type.
28********************************************************************/
29
30BOOL sec_ace_object(uint8 type)
31{
32 if (type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
33 type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT ||
34 type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT ||
35 type == SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT) {
36 return True;
37 }
38 return False;
39}
40
41/*******************************************************************
42 copy a SEC_ACE structure.
43********************************************************************/
44void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
45{
46 ace_dest->type = ace_src->type;
47 ace_dest->flags = ace_src->flags;
48 ace_dest->size = ace_src->size;
49 ace_dest->access_mask = ace_src->access_mask;
50 ace_dest->obj_flags = ace_src->obj_flags;
51 memcpy(&ace_dest->obj_guid, &ace_src->obj_guid, sizeof(struct GUID));
52 memcpy(&ace_dest->inh_guid, &ace_src->inh_guid, sizeof(struct GUID));
53 sid_copy(&ace_dest->trustee, &ace_src->trustee);
54}
55
56/*******************************************************************
57 Sets up a SEC_ACE structure.
58********************************************************************/
59
60void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag)
61{
62 t->type = type;
63 t->flags = flag;
64 t->size = sid_size(sid) + 8;
65 t->access_mask = mask;
66
67 ZERO_STRUCTP(&t->trustee);
68 sid_copy(&t->trustee, sid);
69}
70
71/*******************************************************************
72 adds new SID with its permissions to ACE list
73********************************************************************/
74
75NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, SEC_ACE **pp_new, SEC_ACE *old, unsigned *num, DOM_SID *sid, uint32 mask)
76{
77 unsigned int i = 0;
78
79 if (!ctx || !pp_new || !old || !sid || !num) return NT_STATUS_INVALID_PARAMETER;
80
81 *num += 1;
82
83 if((pp_new[0] = TALLOC_ZERO_ARRAY(ctx, SEC_ACE, *num )) == 0)
84 return NT_STATUS_NO_MEMORY;
85
86 for (i = 0; i < *num - 1; i ++)
87 sec_ace_copy(&(*pp_new)[i], &old[i]);
88
89 (*pp_new)[i].type = 0;
90 (*pp_new)[i].flags = 0;
91 (*pp_new)[i].size = SEC_ACE_HEADER_SIZE + sid_size(sid);
92 (*pp_new)[i].access_mask = mask;
93 sid_copy(&(*pp_new)[i].trustee, sid);
94 return NT_STATUS_OK;
95}