diff options
Diffstat (limited to 'src/responder/pac/pacsrv_utils.c')
-rw-r--r-- | src/responder/pac/pacsrv_utils.c | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/src/responder/pac/pacsrv_utils.c b/src/responder/pac/pacsrv_utils.c new file mode 100644 index 000000000..9f2932be9 --- /dev/null +++ b/src/responder/pac/pacsrv_utils.c @@ -0,0 +1,66 @@ +/* + SSSD + + PAC Responder - utility finctions + + Copyright (C) Sumit Bose <sbose@redhat.com> 2012 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ +#include <stdbool.h> +#include <util/data_blob.h> +#include <gen_ndr/security.h> + +#include "util/util.h" +#include "responder/pac/pacsrv.h" + +errno_t get_rid(struct dom_sid *sid, uint32_t *rid) +{ + if (sid == NULL || sid->num_auths < 1 || rid == NULL) { + return EINVAL; + } + + *rid = sid->sub_auths[sid->num_auths - 1]; + + return EOK; +} + +errno_t local_sid_to_id(struct local_mapping_ranges *map, struct dom_sid *sid, + uint32_t *id) +{ + int ret; + uint32_t rid; + + if (map == NULL || sid == NULL || id == NULL) { + return EINVAL; + } + + ret = get_rid(sid, &rid); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("get_rid failed.\n")); + return ret; + } + + if (rid >= map->primary_rids.min && rid <= map->primary_rids.max) { + *id = map->local_ids.min + (rid - map->primary_rids.min); + } else if (rid >= map->secondary_rids.min && + rid <= map->secondary_rids.max) { + *id = map->local_ids.min + (rid - map->secondary_rids.min); + } else { + return ENOENT; + } + + return EOK; +} + |