From: Günther Deschner <gd@samba.org>
Date: Fri, 15 Jan 2016 13:43:12 +0000 (+0100)
Subject: s3-util: add helper functions to deal with the S-1-18 domain.
X-Git-Url: http://git.samba.org/?p=obnox%2Fsamba%2Fsamba-obnox.git;a=commitdiff_plain;h=a92420911d4786e6fe58091f9641e2b193513f0c

s3-util: add helper functions to deal with the S-1-18 domain.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11677

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
---

diff --git a/source3/include/proto.h b/source3/include/proto.h
index a53aabd1a6a..809cb95a40f 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1174,6 +1174,11 @@ bool sid_check_is_in_unix_groups(const struct dom_sid *sid);
 const char *unix_groups_domain_name(void);
 bool lookup_unix_group_name(const char *name, struct dom_sid *sid);
 
+/* The following definitions come from lib/util_specialsids.c  */
+bool sid_check_is_asserted_identity(const struct dom_sid *sid);
+bool sid_check_is_in_asserted_identity(const struct dom_sid *sid);
+const char *asserted_identity_domain_name(void);
+
 /* The following definitions come from lib/filename_util.c */
 
 NTSTATUS get_full_smb_filename(TALLOC_CTX *ctx, const struct smb_filename *smb_fname,
diff --git a/source3/lib/util_specialsids.c b/source3/lib/util_specialsids.c
new file mode 100644
index 00000000000..4c402d6dade
--- /dev/null
+++ b/source3/lib/util_specialsids.c
@@ -0,0 +1,40 @@
+/*
+   Unix SMB/CIFS implementation.
+   Copyright (C) Guenther Deschner 2016
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../libcli/security/security.h"
+
+bool sid_check_is_asserted_identity(const struct dom_sid *sid)
+{
+	return dom_sid_equal(sid, &global_sid_Asserted_Identity);
+}
+
+bool sid_check_is_in_asserted_identity(const struct dom_sid *sid)
+{
+	struct dom_sid dom_sid;
+
+	sid_copy(&dom_sid, sid);
+	sid_split_rid(&dom_sid, NULL);
+
+	return sid_check_is_asserted_identity(&dom_sid);
+}
+
+const char *asserted_identity_domain_name(void)
+{
+	return "Asserted Identity";
+}
diff --git a/source3/wscript_build b/source3/wscript_build
index 9d5d0d044a4..b8eaecaa880 100755
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -253,6 +253,7 @@ bld.SAMBA3_SUBSYSTEM('samba3util',
                    lib/recvfile.c
                    lib/time.c
                    lib/util_sid.c
+                   lib/util_specialsids.c
                    lib/util_file.c
                    lib/util.c
                    lib/util_path.c