Line data Source code
1 : /*
2 : * Unix SMB/Netbios implementation.
3 : * SEC_ACL handling routines
4 : * Copyright (C) Andrew Tridgell 1992-1998,
5 : * Copyright (C) Jeremy R. Allison 1995-2003.
6 : * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
7 : * Copyright (C) Paul Ashton 1997-1998.
8 : *
9 : * This program is free software; you can redistribute it and/or modify
10 : * it under the terms of the GNU General Public License as published by
11 : * the Free Software Foundation; either version 3 of the License, or
12 : * (at your option) any later version.
13 : *
14 : * This program is distributed in the hope that it will be useful,
15 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 : * GNU General Public License for more details.
18 : *
19 : * You should have received a copy of the GNU General Public License
20 : * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 : */
22 :
23 : #include "includes.h"
24 : #include "librpc/gen_ndr/ndr_security.h"
25 : #include "libcli/security/secace.h"
26 : #include "libcli/security/secacl.h"
27 :
28 : #define SEC_ACL_HEADER_SIZE (2 * sizeof(uint16_t) + sizeof(uint32_t))
29 :
30 : /*******************************************************************
31 : Create a SEC_ACL structure.
32 : ********************************************************************/
33 :
34 21507 : struct security_acl *make_sec_acl(
35 : TALLOC_CTX *ctx,
36 : enum security_acl_revision revision,
37 : int num_aces,
38 : const struct security_ace *ace_list)
39 : {
40 : struct security_acl *dst;
41 : int i;
42 :
43 21507 : dst = talloc(ctx, struct security_acl);
44 21507 : if (dst == NULL) {
45 0 : return NULL;
46 : }
47 :
48 21507 : dst->revision = revision;
49 21507 : dst->num_aces = num_aces;
50 21507 : dst->size = SEC_ACL_HEADER_SIZE;
51 21507 : dst->aces = NULL;
52 :
53 : /* Now we need to return a non-NULL address for the ace list even
54 : if the number of aces required is zero. This is because there
55 : is a distinct difference between a NULL ace and an ace with zero
56 : entries in it. This is achieved by checking that num_aces is a
57 : positive number. */
58 :
59 21507 : if (num_aces == 0) {
60 0 : return dst;
61 : }
62 :
63 21507 : dst->aces = talloc_array(dst, struct security_ace, num_aces);
64 21507 : if (dst->aces == NULL) {
65 0 : TALLOC_FREE(dst);
66 0 : return NULL;
67 : }
68 :
69 74444 : for (i = 0; i < num_aces; i++) {
70 52937 : dst->aces[i] = ace_list[i]; /* Structure copy. */
71 52937 : dst->size += ace_list[i].size;
72 : }
73 :
74 21507 : return dst;
75 : }
|
