what a wurst.

diff --git a/source/lib/util_nttoken.c b/source/lib/util_nttoken.c
index 13c66a5f4507888f677617413e0af0d5228aae3a..f81191af58a58039cd0049614a8522560d60cc96 100644 (file)
--- a/source/lib/util_nttoken.c
+++ b/source/lib/util_nttoken.c
@@ -7,6 +7,7 @@
  *  Copyright (C) Rafal Szczesniak 2002
  *  Copyright (C) Volker Lendecke 2006
  *  Copyright (C) Michael Adam 2007
+ *  Copyright (C) Guenther Deschner 2007
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -67,3 +68,52 @@ NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken)
        return token;
 }
 
+/****************************************************************************
+ merge NT tokens
+****************************************************************************/
+
+NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
+                       const struct nt_user_token *token_1,
+                       const struct nt_user_token *token_2,
+                       struct nt_user_token **token_out)
+{
+       struct nt_user_token *token = NULL;
+       NTSTATUS status;
+       int i;
+
+       if (!token_1 || !token_2 || !token_out) {
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
+       token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
+       NT_STATUS_HAVE_NO_MEMORY(token);
+
+       for (i=0; i < token_1->num_sids; i++) {
+               status = add_sid_to_array_unique(mem_ctx,
+                                                &token_1->user_sids[i],
+                                                &token->user_sids,
+                                                &token->num_sids);
+               if (!NT_STATUS_IS_OK(status)) {
+                       TALLOC_FREE(token);
+                       return status;
+               }
+       }
+
+       for (i=0; i < token_2->num_sids; i++) {
+               status = add_sid_to_array_unique(mem_ctx,
+                                                &token_2->user_sids[i],
+                                                &token->user_sids,
+                                                &token->num_sids);
+               if (!NT_STATUS_IS_OK(status)) {
+                       TALLOC_FREE(token);
+                       return status;
+               }
+       }
+
+       se_priv_add(&token->privileges, &token_1->privileges);
+       se_priv_add(&token->privileges, &token_2->privileges);
+
+       *token_out = token;
+
+       return NT_STATUS_OK;
+}

diff --git a/source/libgpo/gpo_util.c b/source/libgpo/gpo_util.c
index 79f2690245e49cdf60b1067920f9e62dfd7d5dec..b9053d0ae5b3ff961dca74905fc294b457f4c93b 100644 (file)
--- a/source/libgpo/gpo_util.c
+++ b/source/libgpo/gpo_util.c
@@ -750,3 +750,28 @@ NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
        return NT_STATUS_NO_SUCH_FILE;
 }
 
+/****************************************************************
+****************************************************************/
+
+ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
+                               TALLOC_CTX *mem_ctx,
+                               const char *dn,
+                               struct nt_user_token **token)
+{
+       struct nt_user_token *ad_token = NULL;
+       ADS_STATUS status;
+       NTSTATUS ntstatus;
+
+       status = ads_get_sid_token(ads, mem_ctx, dn, &ad_token);
+       if (!ADS_ERR_OK(status)) {
+               return status;
+       }
+
+       ntstatus = merge_nt_token(mem_ctx, ad_token, get_system_token(),
+                                 token);
+       if (!NT_STATUS_IS_OK(ntstatus)) {
+               return ADS_ERROR_NT(ntstatus);
+       }
+
+       return ADS_SUCCESS;
+}