From d735a4a9beb01e6a7260852fd7c7d8f2fa94ae4d Mon Sep 17 00:00:00 2001
From: David Disseldorp <ddiss@samba.org>
Date: Mon, 26 May 2014 12:23:47 +0200
Subject: libcli/sd: remove redundant sec_desc_add_sid()

This function adds an ACE to a security descriptor DACL. The same can be
achieved via the more flexible and much cleaner security_ace_create()
and security_descriptor_dacl_add() functions.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
---
 libcli/security/secdesc.c | 33 ---------------------------------
 libcli/security/secdesc.h |  5 -----
 2 files changed, 38 deletions(-)

(limited to 'libcli/security')

diff --git a/libcli/security/secdesc.c b/libcli/security/secdesc.c
index 90bf4805e9..31d134b6e7 100644
--- a/libcli/security/secdesc.c
+++ b/libcli/security/secdesc.c
@@ -424,39 +424,6 @@ struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src)
 	return make_sec_desc_buf( ctx, src->sd_size, src->sd);
 }
 
-/*******************************************************************
- Add a new SID with its permissions to struct security_descriptor.
-********************************************************************/
-
-NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, const struct dom_sid *sid, uint32_t mask, size_t *sd_size)
-{
-	struct security_descriptor *sd   = 0;
-	struct security_acl  *dacl = 0;
-	struct security_ace  *ace  = 0;
-	NTSTATUS  status;
-
-	if (!ctx || !psd || !sid || !sd_size)
-		return NT_STATUS_INVALID_PARAMETER;
-
-	*sd_size = 0;
-
-	status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->aces, &psd[0]->dacl->num_aces, sid, mask);
-
-	if (!NT_STATUS_IS_OK(status))
-		return status;
-
-	if (!(dacl = make_sec_acl(ctx, psd[0]->dacl->revision, psd[0]->dacl->num_aces, ace)))
-		return NT_STATUS_UNSUCCESSFUL;
-
-	if (!(sd = make_sec_desc(ctx, psd[0]->revision, psd[0]->type, psd[0]->owner_sid,
-		psd[0]->group_sid, psd[0]->sacl, dacl, sd_size)))
-		return NT_STATUS_UNSUCCESSFUL;
-
-	*psd = sd;
-	 sd  = 0;
-	return NT_STATUS_OK;
-}
-
 /*******************************************************************
  Modify a SID's permissions in a struct security_descriptor.
 ********************************************************************/
diff --git a/libcli/security/secdesc.h b/libcli/security/secdesc.h
index b8190a1e56..9002f7538e 100644
--- a/libcli/security/secdesc.h
+++ b/libcli/security/secdesc.h
@@ -94,11 +94,6 @@ struct sec_desc_buf *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, struct secur
 ********************************************************************/
 struct sec_desc_buf *dup_sec_desc_buf(TALLOC_CTX *ctx, struct sec_desc_buf *src);
 
-/*******************************************************************
- Add a new SID with its permissions to struct security_descriptor.
-********************************************************************/
-NTSTATUS sec_desc_add_sid(TALLOC_CTX *ctx, struct security_descriptor **psd, const struct dom_sid *sid, uint32_t mask, size_t *sd_size);
-
 /*******************************************************************
  Modify a SID's permissions in a struct security_descriptor.
 ********************************************************************/
-- 
cgit