s4:dsdb: Make sids_contains_sid() usable by other Samba modules

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index e3be817dd439fdd838a9c0a35c3b80b24ed1f598..7a03af79e7620d805faf931b86ca4e875900d3ec 100644 (file)
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -141,6 +141,9 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids,
 bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
                             uint32_t rid, uint32_t **pp_rids, size_t *p_num);
 bool is_null_sid(const struct dom_sid *sid);
+bool sids_contains_sid(const struct auth_SidAttr *sids,
+                      const uint32_t num_sids,
+                      const struct dom_sid *sid,
+                      uint32_t attrs);
 
 #endif /*_DOM_SID_H_*/
-

diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c
index b2c21fc59b387a509a631f4e7fadf3223b85c9ba..f2eadd6ada69a25a41b314e40228305bcb16e0af 100644 (file)
--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@@ -517,6 +517,36 @@ bool is_null_sid(const struct dom_sid *sid)
        return dom_sid_equal(sid, &null_sid);
 }
 
+/**
+ * Return true if an array of auth_SidAttr contains a certain SID with certain
+ * attributes.
+ *
+ * @param [in] sids    The auth_SidAttr array.
+ * @param [in] num_sids        The size of the auth_SidArray array.
+ * @param [in] sid     The SID in question.
+ * @param [in] attrs   The attributes of the SID.
+ * @returns true if the array contains the SID.
+ */
+bool sids_contains_sid(const struct auth_SidAttr *sids,
+                      const uint32_t num_sids,
+                      const struct dom_sid *sid,
+                      uint32_t attrs)
+{
+       uint32_t i;
+
+       for (i = 0; i < num_sids; i++) {
+               if (attrs != sids[i].attrs) {
+                       continue;
+               }
+               if (!dom_sid_equal(&sids[i].sid, sid)) {
+                       continue;
+               }
+
+               return true;
+       }
+       return false;
+}
+
 /*
  * See [MS-LSAT] 3.1.1.1.1 Predefined Translation Database and Corresponding View
  */

diff --git a/source4/dsdb/common/util_groups.c b/source4/dsdb/common/util_groups.c
index c7a5e904707455e6d81e88d72acf9699c612378e..00706b419039ff20e839efe6ae567d059cd9e516 100644 (file)
--- a/source4/dsdb/common/util_groups.c
+++ b/source4/dsdb/common/util_groups.c
@@ -26,27 +26,6 @@
 #include "libcli/security/security.h"
 #include "dsdb/common/util.h"
 
-/* This function tests if a SID structure "sids" contains the SID "sid" */
-static bool sids_contains_sid(const struct auth_SidAttr *sids,
-                             const uint32_t num_sids,
-                             const struct dom_sid *sid,
-                             uint32_t attrs)
-{
-       uint32_t i;
-
-       for (i = 0; i < num_sids; i++) {
-               if (attrs != sids[i].attrs) {
-                       continue;
-               }
-               if (!dom_sid_equal(&sids[i].sid, sid)) {
-                       continue;
-               }
-
-               return true;
-       }
-       return false;
-}
-
 /*
  * This function generates the transitive closure of a given SAM object "dn_val"
  * (it basically expands nested memberships).

diff --git a/source4/dsdb/wscript_build b/source4/dsdb/wscript_build
index 766342fad8ee0e3215229f326d5ae2d7df26024e..d0d6439b6210a3ec2de42b4aa82713fa9aba88b8 100644 (file)
--- a/source4/dsdb/wscript_build
+++ b/source4/dsdb/wscript_build
@@ -16,7 +16,7 @@ bld.SAMBA_LIBRARY('samdb-common',
        source='common/util.c common/util_trusts.c common/util_groups.c common/util_samr.c common/dsdb_dn.c common/dsdb_access.c common/util_links.c common/rodc_helper.c',
        autoproto='common/proto.h',
        private_library=True,
-       deps='ldb NDR_DRSBLOBS util_ldb LIBCLI_AUTH samba-hostconfig samba_socket cli-ldap-common flag_mapping UTIL_RUNCMD SAMBA_VERSION'
+       deps='ldb NDR_DRSBLOBS util_ldb LIBCLI_AUTH samba-hostconfig samba_socket cli-ldap-common flag_mapping UTIL_RUNCMD SAMBA_VERSION samba-security'
        )