search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r11228: Speed up string_to_sid by removing next_token calls, thus eliminating
[Samba/nascimento.git] / source3 / lib / util_sid.c
blobcc1f55330fe49c96bacf191e73eccad4cd9ab2ad
1 /*
2 Unix SMB/CIFS implementation.
3 Samba utility functions
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Luke Kenneth Caseson Leighton 1998-1999
6 Copyright (C) Jeremy Allison 1999
7 Copyright (C) Stefan (metze) Metzmacher 2002
8 Copyright (C) Simo Sorce 2002
9 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2005
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 2 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 */
25
26 #include "includes.h"
27
28 /*
29 * Some useful sids
30 */
31
32
33 const DOM_SID global_sid_World_Domain = /* Everyone domain */
34 { 1, 0, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
35 const DOM_SID global_sid_World = /* Everyone */
36 { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
37 const DOM_SID global_sid_Creator_Owner_Domain = /* Creator Owner domain */
38 { 1, 0, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
39 const DOM_SID global_sid_NT_Authority = /* NT Authority */
40 { 1, 0, {0,0,0,0,0,5}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
41 const DOM_SID global_sid_System = /* System */
42 { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
43 const DOM_SID global_sid_NULL = /* NULL sid */
44 { 1, 1, {0,0,0,0,0,0}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
45 const DOM_SID global_sid_Authenticated_Users = /* All authenticated rids */
46 { 1, 1, {0,0,0,0,0,5}, {11,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
47 const DOM_SID global_sid_Network = /* Network rids */
48 { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
49
50 const DOM_SID global_sid_Creator_Owner = /* Creator Owner */
51 { 1, 1, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
52 const DOM_SID global_sid_Creator_Group = /* Creator Group */
53 { 1, 1, {0,0,0,0,0,3}, {1,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
54 const DOM_SID global_sid_Anonymous = /* Anonymous login */
55 { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
56
57 const DOM_SID global_sid_Builtin = /* Local well-known domain */
58 { 1, 1, {0,0,0,0,0,5}, {32,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
59 const DOM_SID global_sid_Builtin_Administrators = /* Builtin administrators */
60 { 1, 2, {0,0,0,0,0,5}, {32,544,0,0,0,0,0,0,0,0,0,0,0,0,0}};
61 const DOM_SID global_sid_Builtin_Users = /* Builtin users */
62 { 1, 2, {0,0,0,0,0,5}, {32,545,0,0,0,0,0,0,0,0,0,0,0,0,0}};
63 const DOM_SID global_sid_Builtin_Guests = /* Builtin guest users */
64 { 1, 2, {0,0,0,0,0,5}, {32,546,0,0,0,0,0,0,0,0,0,0,0,0,0}};
65 const DOM_SID global_sid_Builtin_Power_Users = /* Builtin power users */
66 { 1, 2, {0,0,0,0,0,5}, {32,547,0,0,0,0,0,0,0,0,0,0,0,0,0}};
67 const DOM_SID global_sid_Builtin_Account_Operators = /* Builtin account operators */
68 { 1, 2, {0,0,0,0,0,5}, {32,548,0,0,0,0,0,0,0,0,0,0,0,0,0}};
69 const DOM_SID global_sid_Builtin_Server_Operators = /* Builtin server operators */
70 { 1, 2, {0,0,0,0,0,5}, {32,549,0,0,0,0,0,0,0,0,0,0,0,0,0}};
71 const DOM_SID global_sid_Builtin_Print_Operators = /* Builtin print operators */
72 { 1, 2, {0,0,0,0,0,5}, {32,550,0,0,0,0,0,0,0,0,0,0,0,0,0}};
73 const DOM_SID global_sid_Builtin_Backup_Operators = /* Builtin backup operators */
74 { 1, 2, {0,0,0,0,0,5}, {32,551,0,0,0,0,0,0,0,0,0,0,0,0,0}};
75 const DOM_SID global_sid_Builtin_Replicator = /* Builtin replicator */
76 { 1, 2, {0,0,0,0,0,5}, {32,552,0,0,0,0,0,0,0,0,0,0,0,0,0}};
77
78 #define SECURITY_NULL_SID_AUTHORITY 0
79 #define SECURITY_WORLD_SID_AUTHORITY 1
80 #define SECURITY_LOCAL_SID_AUTHORITY 2
81 #define SECURITY_CREATOR_SID_AUTHORITY 3
82 #define SECURITY_NT_AUTHORITY 5
83
84 /*
85 * An NT compatible anonymous token.
86 */
87
88 static DOM_SID anon_sid_array[3] =
89 { { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
90 { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
91 { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
92 NT_USER_TOKEN anonymous_token = { 3, anon_sid_array, SE_NONE };
93
94 static DOM_SID system_sid_array[1] =
95 { { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
96 NT_USER_TOKEN system_token = { 1, system_sid_array, SE_ALL_PRIVS };
97
98 /****************************************************************************
99 Lookup string names for SID types.
100 ****************************************************************************/
101
102 static const struct {
103 enum SID_NAME_USE sid_type;
104 const char *string;
105 } sid_name_type[] = {
106 {SID_NAME_USER, "User"},
107 {SID_NAME_DOM_GRP, "Domain Group"},
108 {SID_NAME_DOMAIN, "Domain"},
109 {SID_NAME_ALIAS, "Local Group"},
110 {SID_NAME_WKN_GRP, "Well-known Group"},
111 {SID_NAME_DELETED, "Deleted Account"},
112 {SID_NAME_INVALID, "Invalid Account"},
113 {SID_NAME_UNKNOWN, "UNKNOWN"},
114 {SID_NAME_COMPUTER, "Computer"},
115
116 {(enum SID_NAME_USE)0, NULL}
117 };
118
119 const char *sid_type_lookup(uint32 sid_type)
120 {
121 int i = 0;
122
123 /* Look through list */
124 while(sid_name_type[i].sid_type != 0) {
125 if (sid_name_type[i].sid_type == sid_type)
126 return sid_name_type[i].string;
127 i++;
128 }
129
130 /* Default return */
131 return "SID *TYPE* is INVALID";
132 }
133
134 /**************************************************************************
135 Create the SYSTEM token.
136 ***************************************************************************/
137
138 NT_USER_TOKEN *get_system_token(void)
139 {
140 return &system_token;
141 }
142
143 /******************************************************************
144 get the default domain/netbios name to be used when dealing
145 with our passdb list of accounts
146 ******************************************************************/
147
148 const char *get_global_sam_name(void)
149 {
150 if ((lp_server_role() == ROLE_DOMAIN_PDC) || (lp_server_role() == ROLE_DOMAIN_BDC)) {
151 return lp_workgroup();
152 }
153 return global_myname();
154 }
155
156 /**************************************************************************
157 Splits a name of format \DOMAIN\name or name into its two components.
158 Sets the DOMAIN name to global_myname() if it has not been specified.
159 ***************************************************************************/
160
161 void split_domain_name(const char *fullname, char *domain, char *name)
162 {
163 pstring full_name;
164 const char *sep;
165 char *p;
166
167 sep = lp_winbind_separator();
168
169 *domain = *name = '\0';
170
171 if (fullname[0] == sep[0] || fullname[0] == '\\')
172 fullname++;
173
174 pstrcpy(full_name, fullname);
175 p = strchr_m(full_name+1, '\\');
176 if (!p) p = strchr_m(full_name+1, sep[0]);
177
178 if (p != NULL) {
179 *p = 0;
180 fstrcpy(domain, full_name);
181 fstrcpy(name, p+1);
182 } else {
183 fstrcpy(domain, get_global_sam_name());
184 fstrcpy(name, full_name);
185 }
186
187 DEBUG(10,("split_domain_name:name '%s' split into domain :'%s' and user :'%s'\n",
188 fullname, domain, name));
189 }
190
191 /****************************************************************************
192 Test if a SID is wellknown and resolvable.
193 ****************************************************************************/
194
195 BOOL resolvable_wellknown_sid(DOM_SID *sid)
196 {
197 uint32 ia = (sid->id_auth[5]) +
198 (sid->id_auth[4] << 8 ) +
199 (sid->id_auth[3] << 16) +
200 (sid->id_auth[2] << 24);
201
202 if (sid->sid_rev_num != SEC_DESC_REVISION || sid->num_auths < 1)
203 return False;
204
205 return (ia == SECURITY_WORLD_SID_AUTHORITY ||
206 ia == SECURITY_CREATOR_SID_AUTHORITY);
207 }
208
209 /*****************************************************************
210 Convert a SID to an ascii string.
211 *****************************************************************/
212
213 char *sid_to_string(fstring sidstr_out, const DOM_SID *sid)
214 {
215 char subauth[16];
216 int i;
217 uint32 ia;
218
219 if (!sid) {
220 fstrcpy(sidstr_out, "(NULL SID)");
221 return sidstr_out;
222 }
223
224 /*
225 * BIG NOTE: this function only does SIDS where the identauth is not >= 2^32
226 * in a range of 2^48.
227 */
228 ia = (sid->id_auth[5]) +
229 (sid->id_auth[4] << 8 ) +
230 (sid->id_auth[3] << 16) +
231 (sid->id_auth[2] << 24);
232
233 slprintf(sidstr_out, sizeof(fstring) - 1, "S-%u-%lu", (unsigned int)sid->sid_rev_num, (unsigned long)ia);
234
235 for (i = 0; i < sid->num_auths; i++) {
236 slprintf(subauth, sizeof(subauth)-1, "-%lu", (unsigned long)sid->sub_auths[i]);
237 fstrcat(sidstr_out, subauth);
238 }
239
240 return sidstr_out;
241 }
242
243 /*****************************************************************
244 Useful function for debug lines.
245 *****************************************************************/
246
247 const char *sid_string_static(const DOM_SID *sid)
248 {
249 static fstring sid_str;
250 sid_to_string(sid_str, sid);
251 return sid_str;
252 }
253
254 /*****************************************************************
255 Convert a string to a SID. Returns True on success, False on fail.
256 *****************************************************************/
257
258 BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
259 {
260 const char *p;
261 char *q;
262 /* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
263 uint32 conv;
264
265 if (StrnCaseCmp( sidstr, "S-", 2)) {
266 DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
267 return False;
268 }
269
270 ZERO_STRUCTP(sidout);
271
272 /* Get the revision number. */
273 p = sidstr + 2;
274 conv = (uint32) strtoul(p, &q, 10);
275 if (!q || (*q != '-')) {
276 DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
277 return False;
278 }
279 sidout->sid_rev_num = (uint8) conv;
280 q++;
281
282 /* get identauth */
283 conv = (uint32) strtoul(q, &q, 10);
284 if (!q || (*q != '-')) {
285 DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
286 return False;
287 }
288 /* identauth in decimal should be < 2^32 */
289 /* NOTE - the conv value is in big-endian format. */
290 sidout->id_auth[0] = 0;
291 sidout->id_auth[1] = 0;
292 sidout->id_auth[2] = (conv & 0xff000000) >> 24;
293 sidout->id_auth[3] = (conv & 0x00ff0000) >> 16;
294 sidout->id_auth[4] = (conv & 0x0000ff00) >> 8;
295 sidout->id_auth[5] = (conv & 0x000000ff);
296
297 q++;
298 sidout->num_auths = 0;
299
300 for(conv = (uint32) strtoul(q, &q, 10);
301 q && (*q =='-' || *q =='\0') && (sidout->num_auths < MAXSUBAUTHS);
302 conv = (uint32) strtoul(q, &q, 10)) {
303 sid_append_rid(sidout, conv);
304 if (*q == '\0')
305 break;
306 q++;
307 }
308
309 return True;
310 }
311
312 DOM_SID *string_sid_talloc(TALLOC_CTX *mem_ctx, const char *sidstr)
313 {
314 DOM_SID *result = TALLOC_P(mem_ctx, DOM_SID);
315
316 if (result == NULL)
317 return NULL;
318
319 if (!string_to_sid(result, sidstr))
320 return NULL;
321
322 return result;
323 }
324
325 /*****************************************************************
326 Add a rid to the end of a sid
327 *****************************************************************/
328
329 BOOL sid_append_rid(DOM_SID *sid, uint32 rid)
330 {
331 if (sid->num_auths < MAXSUBAUTHS) {
332 sid->sub_auths[sid->num_auths++] = rid;
333 return True;
334 }
335 return False;
336 }
337
338 BOOL sid_compose(DOM_SID *dst, const DOM_SID *domain_sid, uint32 rid)
339 {
340 sid_copy(dst, domain_sid);
341 return sid_append_rid(dst, rid);
342 }
343
344 /*****************************************************************
345 Removes the last rid from the end of a sid
346 *****************************************************************/
347
348 BOOL sid_split_rid(DOM_SID *sid, uint32 *rid)
349 {
350 if (sid->num_auths > 0) {
351 sid->num_auths--;
352 *rid = sid->sub_auths[sid->num_auths];
353 return True;
354 }
355 return False;
356 }
357
358 /*****************************************************************
359 Return the last rid from the end of a sid
360 *****************************************************************/
361
362 BOOL sid_peek_rid(const DOM_SID *sid, uint32 *rid)
363 {
364 if (!sid || !rid)
365 return False;
366
367 if (sid->num_auths > 0) {
368 *rid = sid->sub_auths[sid->num_auths - 1];
369 return True;
370 }
371 return False;
372 }
373
374 /*****************************************************************
375 Return the last rid from the end of a sid
376 and check the sid against the exp_dom_sid
377 *****************************************************************/
378
379 BOOL sid_peek_check_rid(const DOM_SID *exp_dom_sid, const DOM_SID *sid, uint32 *rid)
380 {
381 if (!exp_dom_sid || !sid || !rid)
382 return False;
383
384 if (sid->num_auths != (exp_dom_sid->num_auths+1)) {
385 return False;
386 }
387
388 if (sid_compare_domain(exp_dom_sid, sid)!=0){
389 *rid=(-1);
390 return False;
391 }
392
393 return sid_peek_rid(sid, rid);
394 }
395
396 /*****************************************************************
397 Copies a sid
398 *****************************************************************/
399
400 void sid_copy(DOM_SID *dst, const DOM_SID *src)
401 {
402 int i;
403
404 ZERO_STRUCTP(dst);
405
406 dst->sid_rev_num = src->sid_rev_num;
407 dst->num_auths = src->num_auths;
408
409 memcpy(&dst->id_auth[0], &src->id_auth[0], sizeof(src->id_auth));
410
411 for (i = 0; i < src->num_auths; i++)
412 dst->sub_auths[i] = src->sub_auths[i];
413 }
414
415 /*****************************************************************
416 Write a sid out into on-the-wire format.
417 *****************************************************************/
418
419 BOOL sid_linearize(char *outbuf, size_t len, const DOM_SID *sid)
420 {
421 size_t i;
422
423 if (len < sid_size(sid))
424 return False;
425
426 SCVAL(outbuf,0,sid->sid_rev_num);
427 SCVAL(outbuf,1,sid->num_auths);
428 memcpy(&outbuf[2], sid->id_auth, 6);
429 for(i = 0; i < sid->num_auths; i++)
430 SIVAL(outbuf, 8 + (i*4), sid->sub_auths[i]);
431
432 return True;
433 }
434
435 /*****************************************************************
436 Parse a on-the-wire SID to a DOM_SID.
437 *****************************************************************/
438
439 BOOL sid_parse(const char *inbuf, size_t len, DOM_SID *sid)
440 {
441 int i;
442 if (len < 8)
443 return False;
444
445 ZERO_STRUCTP(sid);
446
447 sid->sid_rev_num = CVAL(inbuf, 0);
448 sid->num_auths = CVAL(inbuf, 1);
449 memcpy(sid->id_auth, inbuf+2, 6);
450 if (len < 8 + sid->num_auths*4)
451 return False;
452 for (i=0;i<sid->num_auths;i++)
453 sid->sub_auths[i] = IVAL(inbuf, 8+i*4);
454 return True;
455 }
456
457 /*****************************************************************
458 Compare the auth portion of two sids.
459 *****************************************************************/
460
461 static int sid_compare_auth(const DOM_SID *sid1, const DOM_SID *sid2)
462 {
463 int i;
464
465 if (sid1 == sid2)
466 return 0;
467 if (!sid1)
468 return -1;
469 if (!sid2)
470 return 1;
471
472 if (sid1->sid_rev_num != sid2->sid_rev_num)
473 return sid1->sid_rev_num - sid2->sid_rev_num;
474
475 for (i = 0; i < 6; i++)
476 if (sid1->id_auth[i] != sid2->id_auth[i])
477 return sid1->id_auth[i] - sid2->id_auth[i];
478
479 return 0;
480 }
481
482 /*****************************************************************
483 Compare two sids.
484 *****************************************************************/
485
486 int sid_compare(const DOM_SID *sid1, const DOM_SID *sid2)
487 {
488 int i;
489
490 if (sid1 == sid2)
491 return 0;
492 if (!sid1)
493 return -1;
494 if (!sid2)
495 return 1;
496
497 /* Compare most likely different rids, first: i.e start at end */
498 if (sid1->num_auths != sid2->num_auths)
499 return sid1->num_auths - sid2->num_auths;
500
501 for (i = sid1->num_auths-1; i >= 0; --i)
502 if (sid1->sub_auths[i] != sid2->sub_auths[i])
503 return sid1->sub_auths[i] - sid2->sub_auths[i];
504
505 return sid_compare_auth(sid1, sid2);
506 }
507
508 /*****************************************************************
509 See if 2 SIDs are in the same domain
510 this just compares the leading sub-auths
511 *****************************************************************/
512
513 int sid_compare_domain(const DOM_SID *sid1, const DOM_SID *sid2)
514 {
515 int n, i;
516
517 n = MIN(sid1->num_auths, sid2->num_auths);
518
519 for (i = n-1; i >= 0; --i)
520 if (sid1->sub_auths[i] != sid2->sub_auths[i])
521 return sid1->sub_auths[i] - sid2->sub_auths[i];
522
523 return sid_compare_auth(sid1, sid2);
524 }
525
526 /*****************************************************************
527 Compare two sids.
528 *****************************************************************/
529
530 BOOL sid_equal(const DOM_SID *sid1, const DOM_SID *sid2)
531 {
532 return sid_compare(sid1, sid2) == 0;
533 }
534
535 /*****************************************************************
536 Check if the SID is the builtin SID (S-1-5-32).
537 *****************************************************************/
538
539 BOOL sid_check_is_builtin(const DOM_SID *sid)
540 {
541 return sid_equal(sid, &global_sid_Builtin);
542 }
543
544 /*****************************************************************
545 Check if the SID is one of the builtin SIDs (S-1-5-32-a).
546 *****************************************************************/
547
548 BOOL sid_check_is_in_builtin(const DOM_SID *sid)
549 {
550 DOM_SID dom_sid;
551 uint32 rid;
552
553 sid_copy(&dom_sid, sid);
554 sid_split_rid(&dom_sid, &rid);
555
556 return sid_equal(&dom_sid, &global_sid_Builtin);
557 }
558
559 /*****************************************************************
560 Calculates size of a sid.
561 *****************************************************************/
562
563 size_t sid_size(const DOM_SID *sid)
564 {
565 if (sid == NULL)
566 return 0;
567
568 return sid->num_auths * sizeof(uint32) + 8;
569 }
570
571 /*****************************************************************
572 Returns true if SID is internal (and non-mappable).
573 *****************************************************************/
574
575 BOOL non_mappable_sid(DOM_SID *sid)
576 {
577 DOM_SID dom;
578 uint32 rid;
579
580 sid_copy(&dom, sid);
581 sid_split_rid(&dom, &rid);
582
583 if (sid_equal(&dom, &global_sid_Builtin))
584 return True;
585
586 if (sid_equal(&dom, &global_sid_NT_Authority))
587 return True;
588
589 return False;
590 }
591
592 /*****************************************************************
593 Return the binary string representation of a DOM_SID.
594 Caller must free.
595 *****************************************************************/
596
597 char *sid_binstring(const DOM_SID *sid)
598 {
599 char *buf, *s;
600 int len = sid_size(sid);
601 buf = SMB_MALLOC(len);
602 if (!buf)
603 return NULL;
604 sid_linearize(buf, len, sid);
605 s = binary_string(buf, len);
606 free(buf);
607 return s;
608 }
609
610 /*******************************************************************
611 Tallocs a duplicate SID.
612 ********************************************************************/
613
614 DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, const DOM_SID *src)
615 {
616 DOM_SID *dst;
617
618 if(!src)
619 return NULL;
620
621 if((dst = TALLOC_ZERO_P(ctx, DOM_SID)) != NULL) {
622 sid_copy( dst, src);
623 }
624
625 return dst;
626 }
627
628 /********************************************************************
629 Add SID to an array SIDs
630 ********************************************************************/
631
632 void add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
633 DOM_SID **sids, size_t *num)
634 {
635 if (mem_ctx != NULL)
636 *sids = TALLOC_REALLOC_ARRAY(mem_ctx, *sids, DOM_SID,
637 (*num)+1);
638 else
639 *sids = SMB_REALLOC_ARRAY(*sids, DOM_SID, (*num)+1);
640
641 if (*sids == NULL)
642 return;
643
644 sid_copy(&((*sids)[*num]), sid);
645 *num += 1;
646
647 return;
648 }
649
650
651 /********************************************************************
652 Add SID to an array SIDs ensuring that it is not already there
653 ********************************************************************/
654
655 void add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
656 DOM_SID **sids, size_t *num_sids)
657 {
658 size_t i;
659
660 for (i=0; i<(*num_sids); i++) {
661 if (sid_compare(sid, &(*sids)[i]) == 0)
662 return;
663 }
664
665 add_sid_to_array(mem_ctx, sid, sids, num_sids);
666 }
667
668 /********************************************************************
669 Remove SID from an array
670 ********************************************************************/
671
672 void del_sid_from_array(const DOM_SID *sid, DOM_SID **sids, size_t *num)
673 {
674 DOM_SID *sid_list = *sids;
675 size_t i;
676
677 for ( i=0; i<*num; i++ ) {
678
679 /* if we find the SID, then decrement the count
680 and break out of the loop */
681
682 if ( sid_equal(sid, &sid_list[i]) ) {
683 *num -= 1;
684 break;
685 }
686 }
687
688 /* This loop will copy the remainder of the array
689 if i < num of sids ni the array */
690
691 for ( ; i<*num; i++ )
692 sid_copy( &sid_list[i], &sid_list[i+1] );
693
694 return;
695 }