negoex.idl: use DATA_BLOB for negoex_BYTE_VECTOR
[Samba.git] / libcli / security / secacl.c
blobb90e3ae2d4aae1d74314737684ce72624f530dc3
1 /*
2 * Unix SMB/Netbios implementation.
3 * SEC_ACL handling routines
4 * Copyright (C) Andrew Tridgell 1992-1998,
5 * Copyright (C) Jeremy R. Allison 1995-2003.
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
7 * Copyright (C) Paul Ashton 1997-1998.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
23 #include "includes.h"
24 #include "librpc/gen_ndr/ndr_security.h"
25 #include "libcli/security/secace.h"
26 #include "libcli/security/secacl.h"
28 #define SEC_ACL_HEADER_SIZE (2 * sizeof(uint16_t) + sizeof(uint32_t))
30 /*******************************************************************
31 Create a SEC_ACL structure.
32 ********************************************************************/
34 struct security_acl *make_sec_acl(TALLOC_CTX *ctx,
35 enum security_acl_revision revision,
36 int num_aces, struct security_ace *ace_list)
38 struct security_acl *dst;
39 int i;
41 dst = talloc(ctx, struct security_acl);
42 if (dst == NULL) {
43 return NULL;
46 dst->revision = revision;
47 dst->num_aces = num_aces;
48 dst->size = SEC_ACL_HEADER_SIZE;
49 dst->aces = NULL;
51 /* Now we need to return a non-NULL address for the ace list even
52 if the number of aces required is zero. This is because there
53 is a distinct difference between a NULL ace and an ace with zero
54 entries in it. This is achieved by checking that num_aces is a
55 positive number. */
57 if (num_aces == 0) {
58 return dst;
61 dst->aces = talloc_array(dst, struct security_ace, num_aces);
62 if (dst->aces == NULL) {
63 TALLOC_FREE(dst);
64 return NULL;
67 for (i = 0; i < num_aces; i++) {
68 dst->aces[i] = ace_list[i]; /* Structure copy. */
69 dst->size += ace_list[i].size;
72 return dst;