diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-09-27 15:12:52 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2023-02-08 00:03:39 +0000 |
commit | 8ef6e7dba7f243310db3d9769f3fb4a3ad4d6daa (patch) | |
tree | 49a37d30a2a785468237961cb23df6aa98ca9c93 /libcli | |
parent | c0011bcdc8dbe6495180268a13b95d1f5b64f525 (diff) | |
download | samba-8ef6e7dba7f243310db3d9769f3fb4a3ad4d6daa.tar.gz |
libcli/security: Add auth_SidAttr utility functions
These functions are modelled on add_sid_to_array() and
add_sid_to_array_unique(). They differ in that they operate not on an
array of dom_sid, but of auth_SidAttr, and take an additional 'attrs'
parameter of type uint32_t.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/security/dom_sid.h | 7 | ||||
-rw-r--r-- | libcli/security/util_sid.c | 68 |
2 files changed, 75 insertions, 0 deletions
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h index 568916a159d..0f3b6b4a3b4 100644 --- a/libcli/security/dom_sid.h +++ b/libcli/security/dom_sid.h @@ -66,6 +66,7 @@ extern const struct dom_sid global_sid_Unix_NFS_Mode; extern const struct dom_sid global_sid_Unix_NFS_Other; extern const struct dom_sid global_sid_Samba_SMB3; +struct auth_SidAttr; enum lsa_SidType; NTSTATUS dom_sid_lookup_predefined_name(const char *name, @@ -122,6 +123,12 @@ NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, struct dom_sid **sids, uint32_t *num); NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, struct dom_sid **sids, uint32_t *num_sids); +NTSTATUS add_sid_to_array_attrs(TALLOC_CTX *mem_ctx, + const struct dom_sid *sid, uint32_t attrs, + struct auth_SidAttr **sids, uint32_t *num); +NTSTATUS add_sid_to_array_attrs_unique(TALLOC_CTX *mem_ctx, + const struct dom_sid *sid, uint32_t attrs, + struct auth_SidAttr **sids, uint32_t *num_sids); void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, uint32_t *num); bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx, diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c index 242d7dd9dd1..bd5103659e1 100644 --- a/libcli/security/util_sid.c +++ b/libcli/security/util_sid.c @@ -27,6 +27,8 @@ #include "../librpc/gen_ndr/ndr_security.h" #include "../librpc/gen_ndr/netlogon.h" #include "../libcli/security/security.h" +#include "auth/auth.h" + #undef strcasecmp #undef strncasecmp @@ -383,6 +385,72 @@ NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, return add_sid_to_array(mem_ctx, sid, sids, num_sids); } +/** + * Appends a SID and attribute to an array of auth_SidAttr. + * + * @param [in] mem_ctx Talloc memory context on which to allocate the array. + * @param [in] sid The SID to append. + * @param [in] attrs SE_GROUP_* flags to go with the SID. + * @param [inout] sids A pointer to the auth_SidAttr array. + * @param [inout] num A pointer to the size of the auth_SidArray array. + * @returns NT_STATUS_OK on success. + */ +NTSTATUS add_sid_to_array_attrs(TALLOC_CTX *mem_ctx, + const struct dom_sid *sid, uint32_t attrs, + struct auth_SidAttr **sids, uint32_t *num) +{ + struct auth_SidAttr *tmp = NULL; + + if ((*num) == UINT32_MAX) { + return NT_STATUS_INTEGER_OVERFLOW; + } + + tmp = talloc_realloc(mem_ctx, *sids, struct auth_SidAttr, (*num)+1); + if (tmp == NULL) { + *num = 0; + return NT_STATUS_NO_MEMORY; + } + *sids = tmp; + + sid_copy(&((*sids)[*num].sid), sid); + (*sids)[*num].attrs = attrs; + *num += 1; + + return NT_STATUS_OK; +} + + +/** + * Appends a SID and attribute to an array of auth_SidAttr, + * ensuring that it is not already there. + * + * @param [in] mem_ctx Talloc memory context on which to allocate the array. + * @param [in] sid The SID to append. + * @param [in] attrs SE_GROUP_* flags to go with the SID. + * @param [inout] sids A pointer to the auth_SidAttr array. + * @param [inout] num A pointer to the size of the auth_SidArray array. + * @returns NT_STATUS_OK on success. + */ +NTSTATUS add_sid_to_array_attrs_unique(TALLOC_CTX *mem_ctx, + const struct dom_sid *sid, uint32_t attrs, + struct auth_SidAttr **sids, uint32_t *num_sids) +{ + uint32_t i; + + for (i=0; i<(*num_sids); i++) { + if (attrs != (*sids)[i].attrs) { + continue; + } + if (!dom_sid_equal(sid, &(*sids)[i].sid)) { + continue; + } + + return NT_STATUS_OK; + } + + return add_sid_to_array_attrs(mem_ctx, sid, attrs, sids, num_sids); +} + /******************************************************************** Remove SID from an array ********************************************************************/ |