libcli: Add security_token_count_flag_sids()

author Volker Lendecke <vl@samba.org>

Tue, 18 Apr 2023 09:31:16 +0000 (11:31 +0200)

committer Jule Anger <janger@samba.org>

Tue, 23 May 2023 07:13:09 +0000 (07:13 +0000)
author Volker Lendecke <vl@samba.org>
Tue, 18 Apr 2023 09:31:16 +0000 (11:31 +0200)
committer Jule Anger <janger@samba.org>
Tue, 23 May 2023 07:13:09 +0000 (07:13 +0000)
diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c

index 03e7bb70743ba29cd3309e16ddf7e29a06d54472..f788540e98eda595654f413924e9ad855ad95ed4 100644 (file)
--- a/libcli/security/security_token.c
+++ b/libcli/security/security_token.c
@@ -95,6 +95,42 @@ bool security_token_has_sid(const struct security_token *token, const struct dom
         return false;
  }
  
+size_t security_token_count_flag_sids(const struct security_token *token,
+                                     const struct dom_sid *prefix_sid,
+                                     size_t num_flags,
+                                     const struct dom_sid **_flag_sid)
+{
+       const size_t num_auths_expected = prefix_sid->num_auths + num_flags;
+       const struct dom_sid *found = NULL;
+       size_t num = 0;
+       uint32_t i;
+
+       SMB_ASSERT(num_auths_expected <= ARRAY_SIZE(prefix_sid->sub_auths));
+
+       for (i = 0; i < token->num_sids; i++) {
+               const struct dom_sid *sid = &token->sids[i];
+               int cmp;
+
+               if ((size_t)sid->num_auths != num_auths_expected) {
+                       continue;
+               }
+
+               cmp = dom_sid_compare_domain(sid, prefix_sid);
+               if (cmp != 0) {
+                       continue;
+               }
+
+               num += 1;
+               found = sid;
+       }
+
+       if ((num == 1) && (_flag_sid != NULL)) {
+               *_flag_sid = found;
+       }
+
+       return num;
+}
+
  bool security_token_has_builtin_guests(const struct security_token *token)
  {
         return security_token_has_sid(token, &global_sid_Builtin_Guests);
diff --git a/libcli/security/security_token.h b/libcli/security/security_token.h

index 15773df617fd41c5038c5811d4b9b2af520baf3c..c6898859b98242200244fa7624aff9a49b3c63df 100644 (file)
--- a/libcli/security/security_token.h
+++ b/libcli/security/security_token.h
@@ -47,6 +47,15 @@ bool security_token_is_anonymous(const struct security_token *token);
  
  bool security_token_has_sid(const struct security_token *token, const struct dom_sid *sid);
  
+/*
+ * Return any of the domain sids found in the token matching "domain"
+ * in _domain_sid, makes most sense if you just found one.
+ */
+size_t security_token_count_flag_sids(const struct security_token *token,
+                                     const struct dom_sid *prefix_sid,
+                                     size_t num_flags,
+                                     const struct dom_sid **_flag_sid);
+
  bool security_token_has_builtin_guests(const struct security_token *token);
  
  bool security_token_has_builtin_administrators(const struct security_token *token);
author	Volker Lendecke <vl@samba.org>
	Tue, 18 Apr 2023 09:31:16 +0000 (11:31 +0200)
committer	Jule Anger <janger@samba.org>
	Tue, 23 May 2023 07:13:09 +0000 (07:13 +0000)
libcli/security/security_token.c		patch \| blob \| history
libcli/security/security_token.h		patch \| blob \| history