[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Mon Sep 20 15:06:52 MDT 2010
The branch, master has been updated
via 102a70e s3-util: use shared dom_sid_dup.
via 4dbd743 s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.
via 4006160 libcli: add dom_sid_compare_domain()
from 62544c5 s3-build: only include smbldap.h where needed.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 102a70e809b262fca8ea09fbd4e2788511150006
Author: Günther Deschner <gd at samba.org>
Date: Thu Aug 26 17:21:39 2010 +0200
s3-util: use shared dom_sid_dup.
Guenther
commit 4dbd743e467096624961533335afccadc67af0e6
Author: Günther Deschner <gd at samba.org>
Date: Thu Aug 26 15:48:50 2010 +0200
s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.
Guenther
commit 400616017974f057c8a2e817b62b90b1490d4129
Author: Günther Deschner <gd at samba.org>
Date: Thu Aug 26 16:41:15 2010 +0200
libcli: add dom_sid_compare_domain()
Guenther
-----------------------------------------------------------------------
Summary of changes:
libcli/security/dom_sid.c | 18 +++++
libcli/security/dom_sid.h | 2 +
source3/auth/auth_util.c | 3 +-
source3/auth/server_info.c | 15 ++--
source3/auth/token_util.c | 4 +-
source3/groupdb/mapping_tdb.c | 9 ++-
source3/include/proto.h | 4 -
source3/lib/netapi/group.c | 5 +-
source3/lib/netapi/localgroup.c | 5 +-
source3/lib/netapi/user.c | 15 ++--
source3/lib/secdesc.c | 9 ++-
source3/lib/util_nttoken.c | 3 +-
source3/lib/util_sid.c | 111 ++------------------------------
source3/libnet/libnet_join.c | 7 +-
source3/libnet/libnet_samsync.c | 3 +-
source3/libnet/libnet_samsync_passdb.c | 3 +-
source3/libsmb/libsmb_xattr.c | 7 +-
source3/modules/vfs_afsacl.c | 18 +++---
source3/passdb/lookup_sid.c | 7 +-
source3/passdb/machine_sid.c | 5 +-
source3/passdb/pdb_get_set.c | 3 +-
source3/passdb/pdb_interface.c | 3 +-
source3/passdb/pdb_ldap.c | 9 ++-
source3/passdb/pdb_smbpasswd.c | 3 +-
source3/passdb/util_builtin.c | 3 +-
source3/passdb/util_unixsids.c | 5 +-
source3/passdb/util_wellknown.c | 5 +-
source3/rpc_client/cli_lsarpc.c | 3 +-
source3/rpc_server/srv_lsa_nt.c | 15 ++--
source3/rpc_server/srv_netlog_nt.c | 3 +-
source3/rpc_server/srv_samr_nt.c | 7 +-
source3/rpc_server/srv_spoolss_util.c | 3 +-
source3/rpcclient/cmd_samr.c | 3 +-
source3/smbd/posix_acls.c | 35 +++++-----
source3/torture/torture.c | 2 +-
source3/utils/net_rpc.c | 3 +-
source3/utils/net_rpc_samsync.c | 7 +-
source3/utils/profiles.c | 9 ++-
source3/utils/sharesec.c | 7 +-
source3/utils/smbcacls.c | 7 +-
source3/winbindd/idmap_ad.c | 3 +-
source3/winbindd/idmap_ldap.c | 3 +-
source3/winbindd/wb_getgrsid.c | 3 +-
source3/winbindd/winbindd_cache.c | 7 +-
source3/winbindd/winbindd_rpc.c | 5 +-
source3/winbindd/winbindd_util.c | 7 +-
46 files changed, 187 insertions(+), 229 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
index 93f8871..f94d952 100644
--- a/libcli/security/dom_sid.c
+++ b/libcli/security/dom_sid.c
@@ -98,6 +98,24 @@ bool sid_append_rid(struct dom_sid *sid, uint32_t rid)
return false;
}
+/*
+ See if 2 SIDs are in the same domain
+ this just compares the leading sub-auths
+*/
+int dom_sid_compare_domain(const struct dom_sid *sid1,
+ const struct dom_sid *sid2)
+{
+ int n, i;
+
+ n = MIN(sid1->num_auths, sid2->num_auths);
+
+ for (i = n-1; i >= 0; --i)
+ if (sid1->sub_auths[i] != sid2->sub_auths[i])
+ return sid1->sub_auths[i] - sid2->sub_auths[i];
+
+ return dom_sid_compare_auth(sid1, sid2);
+}
+
/*****************************************************************
Convert a string to a SID. Returns True on success, False on fail.
*****************************************************************/
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index e892535..ac8669d 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -26,6 +26,8 @@
#include "librpc/gen_ndr/security.h"
int dom_sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2);
+int dom_sid_compare_domain(const struct dom_sid *sid1,
+ const struct dom_sid *sid2);
bool dom_sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2);
bool dom_sid_parse(const char *sidstr, struct dom_sid *ret);
struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr);
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 5e3091c..8254520 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -26,6 +26,7 @@
#include "../libcli/auth/libcli_auth.h"
#include "../lib/crypto/arcfour.h"
#include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
@@ -664,7 +665,7 @@ static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx,
/* Domain sid */
sid_copy(&domain_sid, get_global_sam_sid());
- info3->base.domain_sid = sid_dup_talloc(mem_ctx, &domain_sid);
+ info3->base.domain_sid = dom_sid_dup(mem_ctx, &domain_sid);
if (info3->base.domain_sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index e457bd4..690838d 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -20,6 +20,7 @@
#include "includes.h"
#include "../lib/crypto/arcfour.h"
#include "../librpc/gen_ndr/netlogon.h"
+#include "../libcli/security/dom_sid.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
@@ -229,7 +230,7 @@ static NTSTATUS append_netr_SidAttr(TALLOC_CTX *mem_ctx,
if (*sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
- (*sids)[t].sid = sid_dup_talloc(*sids, asid);
+ (*sids)[t].sid = dom_sid_dup(*sids, asid);
if ((*sids)[t].sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -332,7 +333,7 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
/* check if this is a "Unix Users" domain user,
* we need to handle it in a special way if that's the case */
- if (sid_compare_domain(user_sid, &global_sid_Unix_Users) == 0) {
+ if (dom_sid_compare_domain(user_sid, &global_sid_Unix_Users) == 0) {
/* in info3 you can only set rids for the user and the
* primary group, and the domain sid must be that of
* the sam domain.
@@ -358,7 +359,7 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
/* check if this is a "Unix Groups" domain group,
* if so we need special handling */
- if (sid_compare_domain(group_sid, &global_sid_Unix_Groups) == 0) {
+ if (dom_sid_compare_domain(group_sid, &global_sid_Unix_Groups) == 0) {
/* in info3 you can only set rids for the user and the
* primary group, and the domain sid must be that of
* the sam domain.
@@ -467,7 +468,7 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
pdb_get_domain(samu));
RET_NOMEM(info3->base.domain.string);
- info3->base.domain_sid = sid_dup_talloc(info3, &domain_sid);
+ info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
RET_NOMEM(info3->base.domain_sid);
info3->base.acct_flags = pdb_get_acct_ctrl(samu);
@@ -547,7 +548,7 @@ struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
}
if (orig->base.domain_sid) {
- info3->base.domain_sid = sid_dup_talloc(info3, orig->base.domain_sid);
+ info3->base.domain_sid = dom_sid_dup(info3, orig->base.domain_sid);
RET_NOMEM(info3->base.domain_sid);
}
@@ -557,7 +558,7 @@ struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
orig->sidcount);
RET_NOMEM(info3->sids);
for (i = 0; i < orig->sidcount; i++) {
- info3->sids[i].sid = sid_dup_talloc(info3->sids,
+ info3->sids[i].sid = dom_sid_dup(info3->sids,
orig->sids[i].sid);
RET_NOMEM(info3->sids[i].sid);
info3->sids[i].attributes =
@@ -694,7 +695,7 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
RET_NOMEM(info3->base.domain.string);
}
- info3->base.domain_sid = sid_dup_talloc(info3, &domain_sid);
+ info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
RET_NOMEM(info3->base.domain_sid);
memcpy(info3->base.LMSessKey.key, info->lm_session_key, 8);
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index bc7d998..4385dc4 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -27,7 +27,7 @@
#include "includes.h"
#include "secrets.h"
#include "memcache.h"
-
+#include "../libcli/security/dom_sid.h"
#include "../librpc/gen_ndr/netlogon.h"
/****************************************************************************
@@ -42,7 +42,7 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token
return False;
for ( i=0; i<token->num_sids; i++ ) {
- if ( sid_equal( sid, &token->sids[i] ) )
+ if ( dom_sid_equal( sid, &token->sids[i] ) )
return True;
}
diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c
index 140fd28..dab2520 100644
--- a/source3/groupdb/mapping_tdb.c
+++ b/source3/groupdb/mapping_tdb.c
@@ -23,6 +23,7 @@
#include "includes.h"
#include "groupdb/mapping.h"
#include "dbwrap.h"
+#include "../libcli/security/dom_sid.h"
static struct db_context *db; /* used for driver files */
@@ -340,7 +341,7 @@ static int collect_map(struct db_record *rec, void *private_data)
}
if ((state->domsid != NULL) &&
- (sid_compare_domain(state->domsid, &map.sid) != 0)) {
+ (dom_sid_compare_domain(state->domsid, &map.sid) != 0)) {
DEBUG(11,("enum_group_mapping: group %s is not in domain\n",
sid_string_dbg(&map.sid)));
return 0;
@@ -455,7 +456,7 @@ static bool is_aliasmem(const struct dom_sid *alias, const struct dom_sid *membe
return False;
for (i=0; i<num; i++) {
- if (sid_compare(alias, &sids[i]) == 0) {
+ if (dom_sid_compare(alias, &sids[i]) == 0) {
TALLOC_FREE(sids);
return True;
}
@@ -576,7 +577,7 @@ static int collect_aliasmem(struct db_record *rec, void *priv)
if (!string_to_sid(&alias, alias_string))
continue;
- if (sid_compare(state->alias, &alias) != 0)
+ if (dom_sid_compare(state->alias, &alias) != 0)
continue;
/* Ok, we found the alias we're looking for in the membership
@@ -656,7 +657,7 @@ static NTSTATUS del_aliasmem(const struct dom_sid *alias, const struct dom_sid *
}
for (i=0; i<num; i++) {
- if (sid_compare(&sids[i], alias) == 0) {
+ if (dom_sid_compare(&sids[i], alias) == 0) {
found = True;
break;
}
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 9902198..d19cea8 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1294,13 +1294,9 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid
void sid_copy(struct dom_sid *dst, const struct dom_sid *src);
bool sid_linearize(char *outbuf, size_t len, const struct dom_sid *sid);
bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid);
-int sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2);
-int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2);
-bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2);
bool non_mappable_sid(struct dom_sid *sid);
char *sid_binstring(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
char *sid_binstring_hex(const struct dom_sid *sid);
-struct dom_sid *sid_dup_talloc(TALLOC_CTX *ctx, const struct dom_sid *src);
NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
struct dom_sid **sids, uint32_t *num);
NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c
index 53114b5..6a92695 100644
--- a/source3/lib/netapi/group.c
+++ b/source3/lib/netapi/group.c
@@ -25,6 +25,7 @@
#include "lib/netapi/libnetapi.h"
#include "../librpc/gen_ndr/cli_samr.h"
#include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
/****************************************************************
****************************************************************/
@@ -603,7 +604,7 @@ static WERROR map_group_info_to_buffer(TALLOC_CTX *mem_ctx,
info3.grpi3_name = info->name.string;
info3.grpi3_comment = info->description.string;
info3.grpi3_attributes = info->attributes;
- info3.grpi3_group_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+ info3.grpi3_group_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
*buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3, sizeof(info3));
@@ -1086,7 +1087,7 @@ static WERROR convert_samr_disp_groups_to_GROUP_INFO_3_buffer(TALLOC_CTX *mem_ct
groups->entries[i].account_name.string);
g3[i].grpi3_comment = talloc_strdup(mem_ctx,
groups->entries[i].description.string);
- g3[i].grpi3_group_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+ g3[i].grpi3_group_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
g3[i].grpi3_attributes = groups->entries[i].acct_flags;
W_ERROR_HAVE_NO_MEMORY(g3[i].grpi3_name);
}
diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c
index 69cf974..c9e1b72 100644
--- a/source3/lib/netapi/localgroup.c
+++ b/source3/lib/netapi/localgroup.c
@@ -27,6 +27,7 @@
#include "../librpc/gen_ndr/cli_lsa.h"
#include "rpc_client/cli_lsarpc.h"
#include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
static NTSTATUS libnetapi_samr_lookup_and_open_alias(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *pipe_cli,
@@ -1171,7 +1172,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx,
for (i=0; i < r->in.total_entries; i++) {
bool already_member = false;
for (k=0; k < current_sids.num_sids; k++) {
- if (sid_equal(&member_sids[i],
+ if (dom_sid_equal(&member_sids[i],
current_sids.sids[k].sid)) {
already_member = true;
break;
@@ -1193,7 +1194,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx,
for (k=0; k < current_sids.num_sids; k++) {
bool keep_member = false;
for (i=0; i < r->in.total_entries; i++) {
- if (sid_equal(&member_sids[i],
+ if (dom_sid_equal(&member_sids[i],
current_sids.sids[k].sid)) {
keep_member = true;
break;
diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c
index 67a7443..de0fc7d 100644
--- a/source3/lib/netapi/user.c
+++ b/source3/lib/netapi/user.c
@@ -27,6 +27,7 @@
#include "rpc_client/init_samr.h"
#include "../libds/common/flags.h"
#include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
/****************************************************************
****************************************************************/
@@ -705,12 +706,12 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx,
for (i=0; i<rid_array->count; i++) {
sid_compose(&sid, domain_sid, rid_array->rids[i].rid);
- sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
+ sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sid);
NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
}
sid_compose(&sid, domain_sid, rid);
- sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
+ sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sid);
NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx,
@@ -923,7 +924,7 @@ static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx,
if (!sid_compose(&sid, domain_sid, i21->rid)) {
return NT_STATUS_NO_MEMORY;
}
- i->usri4_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+ i->usri4_user_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
i->usri4_primary_group_id = i21->primary_gid;
i->usri4_profile = talloc_strdup(mem_ctx, i21->profile_path.string);
i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string);
@@ -1024,7 +1025,7 @@ static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx,
if (!sid_compose(&sid, domain_sid, i21->rid)) {
return NT_STATUS_NO_MEMORY;
}
- i->usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+ i->usri23_user_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
return NT_STATUS_OK;
}
@@ -2066,7 +2067,7 @@ static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx,
info2->usrmod2_domain_name =
talloc_strdup(mem_ctx, dom_info5.domain_name.string);
info2->usrmod2_domain_id =
- (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid);
+ (struct domsid *)dom_sid_dup(mem_ctx, domain_sid);
NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name);
NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id);
@@ -3334,7 +3335,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx,
goto done;
}
- sid_array.sids[0].sid = sid_dup_talloc(ctx, &user_sid);
+ sid_array.sids[0].sid = dom_sid_dup(ctx, &user_sid);
if (!sid_array.sids[0].sid) {
werr = WERR_NOMEM;
goto done;
@@ -3348,7 +3349,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx,
goto done;
}
- sid_array.sids[i+1].sid = sid_dup_talloc(ctx, &sid);
+ sid_array.sids[i+1].sid = dom_sid_dup(ctx, &sid);
if (!sid_array.sids[i+1].sid) {
werr = WERR_NOMEM;
goto done;
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index b9ed955..1125681 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "../librpc/gen_ndr/ndr_security.h"
+#include "../libcli/security/dom_sid.h"
#define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\
SECINFO_DACL|SECINFO_SACL|\
@@ -190,10 +191,10 @@ struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx,
dst->sacl = NULL;
dst->dacl = NULL;
- if(owner_sid && ((dst->owner_sid = sid_dup_talloc(dst,owner_sid)) == NULL))
+ if(owner_sid && ((dst->owner_sid = dom_sid_dup(dst,owner_sid)) == NULL))
goto error_exit;
- if(grp_sid && ((dst->group_sid = sid_dup_talloc(dst,grp_sid)) == NULL))
+ if(grp_sid && ((dst->group_sid = dom_sid_dup(dst,grp_sid)) == NULL))
goto error_exit;
if(sacl && ((dst->sacl = dup_sec_acl(dst, sacl)) == NULL))
@@ -607,10 +608,10 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
}
/* The CREATOR sids are special when inherited */
- if (sid_equal(ptrustee, &global_sid_Creator_Owner)) {
+ if (dom_sid_equal(ptrustee, &global_sid_Creator_Owner)) {
creator = &global_sid_Creator_Owner;
ptrustee = owner_sid;
- } else if (sid_equal(ptrustee, &global_sid_Creator_Group)) {
+ } else if (dom_sid_equal(ptrustee, &global_sid_Creator_Group)) {
creator = &global_sid_Creator_Group;
ptrustee = group_sid;
}
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 3130ed8..680dd29 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -26,6 +26,7 @@
/* function(s) moved from auth/auth_util.c to minimize linker deps */
#include "includes.h"
+#include "../libcli/security/dom_sid.h"
/****************************************************************************
Duplicate a SID token.
@@ -120,7 +121,7 @@ bool token_sid_in_ace(const struct security_token *token, const struct security_
size_t i;
for (i = 0; i < token->num_sids; i++) {
- if (sid_equal(&ace->trustee, &token->sids[i]))
+ if (dom_sid_equal(&ace->trustee, &token->sids[i]))
return true;
}
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 92218ff..d75c8e2 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -244,7 +244,7 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid
return False;
}
- if (sid_compare_domain(exp_dom_sid, sid)!=0){
+ if (dom_sid_compare_domain(exp_dom_sid, sid)!=0){
*rid=(-1);
return False;
}
@@ -308,84 +308,6 @@ bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid)
}
/*****************************************************************
- Compare the auth portion of two sids.
-*****************************************************************/
-
-static int sid_compare_auth(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
- int i;
-
- if (sid1 == sid2)
- return 0;
- if (!sid1)
- return -1;
- if (!sid2)
- return 1;
-
- if (sid1->sid_rev_num != sid2->sid_rev_num)
- return sid1->sid_rev_num - sid2->sid_rev_num;
-
- for (i = 0; i < 6; i++)
- if (sid1->id_auth[i] != sid2->id_auth[i])
- return sid1->id_auth[i] - sid2->id_auth[i];
-
- return 0;
-}
-
-/*****************************************************************
- Compare two sids.
-*****************************************************************/
-
-int sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
- int i;
-
- if (sid1 == sid2)
- return 0;
- if (!sid1)
- return -1;
- if (!sid2)
- return 1;
-
- /* Compare most likely different rids, first: i.e start at end */
- if (sid1->num_auths != sid2->num_auths)
- return sid1->num_auths - sid2->num_auths;
-
- for (i = sid1->num_auths-1; i >= 0; --i)
- if (sid1->sub_auths[i] != sid2->sub_auths[i])
- return sid1->sub_auths[i] - sid2->sub_auths[i];
-
- return sid_compare_auth(sid1, sid2);
-}
-
-/*****************************************************************
- See if 2 SIDs are in the same domain
- this just compares the leading sub-auths
-*****************************************************************/
-
-int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
- int n, i;
-
- n = MIN(sid1->num_auths, sid2->num_auths);
-
- for (i = n-1; i >= 0; --i)
- if (sid1->sub_auths[i] != sid2->sub_auths[i])
- return sid1->sub_auths[i] - sid2->sub_auths[i];
-
- return sid_compare_auth(sid1, sid2);
--
Samba Shared Repository
More information about the samba-cvs
mailing list