Fix bug #8157 - std_pcap_cache_reload() fails to parse a cups printcap file correctly.
[Samba.git] / libcli / security / secacl.c
blob29afe460b16485a17b7796f4c04b60ca4b6b3ddd
1 /*
2 * Unix SMB/Netbios implementation.
3 * SEC_ACL handling routines
4 * Copyright (C) Andrew Tridgell 1992-1998,
5 * Copyright (C) Jeremy R. Allison 1995-2003.
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
7 * Copyright (C) Paul Ashton 1997-1998.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
23 #include "includes.h"
24 #include "librpc/gen_ndr/ndr_security.h"
25 #include "libcli/security/secace.h"
27 #define SEC_ACL_HEADER_SIZE (2 * sizeof(uint16_t) + sizeof(uint32_t))
29 /*******************************************************************
30 Create a SEC_ACL structure.
31 ********************************************************************/
33 struct security_acl *make_sec_acl(TALLOC_CTX *ctx,
34 enum security_acl_revision revision,
35 int num_aces, struct security_ace *ace_list)
37 struct security_acl *dst;
38 int i;
40 if((dst = talloc_zero(ctx, struct security_acl)) == NULL)
41 return NULL;
43 dst->revision = revision;
44 dst->num_aces = num_aces;
45 dst->size = SEC_ACL_HEADER_SIZE;
47 /* Now we need to return a non-NULL address for the ace list even
48 if the number of aces required is zero. This is because there
49 is a distinct difference between a NULL ace and an ace with zero
50 entries in it. This is achieved by checking that num_aces is a
51 positive number. */
53 if ((num_aces) &&
54 ((dst->aces = talloc_array(dst, struct security_ace, num_aces))
55 == NULL)) {
56 return NULL;
59 for (i = 0; i < num_aces; i++) {
60 dst->aces[i] = ace_list[i]; /* Structure copy. */
61 dst->size += ace_list[i].size;
64 return dst;
67 /*******************************************************************
68 Duplicate a SEC_ACL structure.
69 ********************************************************************/
71 struct security_acl *dup_sec_acl(TALLOC_CTX *ctx, struct security_acl *src)
73 if(src == NULL)
74 return NULL;
76 return make_sec_acl(ctx, src->revision, src->num_aces, src->aces);
79 /*******************************************************************
80 Compares two SEC_ACL structures
81 ********************************************************************/
83 bool sec_acl_equal(struct security_acl *s1, struct security_acl *s2)
85 unsigned int i, j;
87 /* Trivial cases */
89 if (!s1 && !s2) return true;
90 if (!s1 || !s2) return false;
92 /* Check top level stuff */
94 if (s1->revision != s2->revision) {
95 DEBUG(10, ("sec_acl_equal(): revision differs (%d != %d)\n",
96 s1->revision, s2->revision));
97 return false;
100 if (s1->num_aces != s2->num_aces) {
101 DEBUG(10, ("sec_acl_equal(): num_aces differs (%d != %d)\n",
102 s1->revision, s2->revision));
103 return false;
106 /* The ACEs could be in any order so check each ACE in s1 against
107 each ACE in s2. */
109 for (i = 0; i < s1->num_aces; i++) {
110 bool found = false;
112 for (j = 0; j < s2->num_aces; j++) {
113 if (sec_ace_equal(&s1->aces[i], &s2->aces[j])) {
114 found = true;
115 break;
119 if (!found) return false;
122 return true;