libcli/sd: remove redundant sec_ace_add_sid()

This function adds a new allow-type ACE to an existing ACE list. With
the removal of sec_desc_add_sid(), this is no longer used internally.

The same behaviour can be achieved via the much cleaner
security_ace_create() function.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

libcli/security/secace.c

@@ -69,32 +69,6 @@ void init_sec_ace(struct security_ace *t, const struct dom_sid *sid, enum securi
 	t->trustee = *sid;
 }
 
-/*******************************************************************
- adds new SID with its permissions to ACE list
-********************************************************************/
-
-NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, struct security_ace **pp_new, struct security_ace *old, unsigned *num, const struct dom_sid *sid, uint32_t mask)
-{
-	unsigned int i = 0;
-	
-	if (!ctx || !pp_new || !old || !sid || !num)  return NT_STATUS_INVALID_PARAMETER;
-
-	*num += 1;
-	
-	if((pp_new[0] = talloc_zero_array(ctx, struct security_ace, *num )) == 0)
-		return NT_STATUS_NO_MEMORY;
-
-	for (i = 0; i < *num - 1; i ++)
-		sec_ace_copy(&(*pp_new)[i], &old[i]);
-
-	(*pp_new)[i].type  = SEC_ACE_TYPE_ACCESS_ALLOWED;
-	(*pp_new)[i].flags = 0;
-	(*pp_new)[i].size  = SEC_ACE_HEADER_SIZE + ndr_size_dom_sid(sid, 0);
-	(*pp_new)[i].access_mask = mask;
-	(*pp_new)[i].trustee = *sid;
-	return NT_STATUS_OK;
-}
-
 /*******************************************************************
   modify SID's permissions at ACL 
 ********************************************************************/

libcli/security/secace.h

@@ -27,7 +27,6 @@ bool sec_ace_object(uint8_t type);
 void sec_ace_copy(struct security_ace *ace_dest, const struct security_ace *ace_src);
 void init_sec_ace(struct security_ace *t, const struct dom_sid *sid, enum security_ace_type type,
 		  uint32_t mask, uint8_t flag);
-NTSTATUS sec_ace_add_sid(TALLOC_CTX *ctx, struct security_ace **pp_new, struct security_ace *old, unsigned *num, const struct dom_sid *sid, uint32_t mask);
 NTSTATUS sec_ace_mod_sid(struct security_ace *ace, size_t num, const struct dom_sid *sid, uint32_t mask);
 NTSTATUS sec_ace_del_sid(TALLOC_CTX *ctx, struct security_ace **pp_new, struct security_ace *old, uint32_t *num, const struct dom_sid *sid);
 bool sec_ace_equal(const struct security_ace *s1, const struct security_ace *s2);