return false;
}
+size_t security_token_count_flag_sids(const struct security_token *token,
+ const struct dom_sid *prefix_sid,
+ size_t num_flags,
+ const struct dom_sid **_flag_sid)
+{
+ const size_t num_auths_expected = prefix_sid->num_auths + num_flags;
+ const struct dom_sid *found = NULL;
+ size_t num = 0;
+ uint32_t i;
+
+ SMB_ASSERT(num_auths_expected <= ARRAY_SIZE(prefix_sid->sub_auths));
+
+ for (i = 0; i < token->num_sids; i++) {
+ const struct dom_sid *sid = &token->sids[i];
+ int cmp;
+
+ if ((size_t)sid->num_auths != num_auths_expected) {
+ continue;
+ }
+
+ cmp = dom_sid_compare_domain(sid, prefix_sid);
+ if (cmp != 0) {
+ continue;
+ }
+
+ num += 1;
+ found = sid;
+ }
+
+ if ((num == 1) && (_flag_sid != NULL)) {
+ *_flag_sid = found;
+ }
+
+ return num;
+}
+
bool security_token_has_builtin_guests(const struct security_token *token)
{
return security_token_has_sid(token, &global_sid_Builtin_Guests);
bool security_token_has_sid(const struct security_token *token, const struct dom_sid *sid);
+/*
+ * Return any of the domain sids found in the token matching "domain"
+ * in _domain_sid, makes most sense if you just found one.
+ */
+size_t security_token_count_flag_sids(const struct security_token *token,
+ const struct dom_sid *prefix_sid,
+ size_t num_flags,
+ const struct dom_sid **_flag_sid);
+
bool security_token_has_builtin_guests(const struct security_token *token);
bool security_token_has_builtin_administrators(const struct security_token *token);