2025-08-26 01:49:31 +03:00 · 2023-04-18 12:09:45 +02:00
parent 1d11e0489b
commit ebbb93cc7a
4 changed files with 31 additions and 0 deletions
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@ -66,6 +66,9 @@ extern const struct dom_sid global_sid_Unix_NFS_Mode;
 extern const struct dom_sid global_sid_Unix_NFS_Other;
 extern const struct dom_sid global_sid_Samba_SMB3;

+extern const struct dom_sid global_sid_Samba_NPA_Flags;
+#define SAMBA_NPA_FLAGS_NEED_IDLE 1
+
 struct auth_SidAttr;
 enum lsa_SidType;

--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@ -165,6 +165,13 @@ const struct dom_sid global_sid_Unix_NFS_Other =		/* Unix other, MS NFS and Appl
 const struct dom_sid global_sid_Samba_SMB3 =
 {1, 1, {0,0,0,0,0,22}, {1397571891, }};

+const struct dom_sid global_sid_Samba_NPA_Flags = {1,
+						   1,
+						   {0, 0, 0, 0, 0, 22},
+						   {
+							   2041152804,
+						   }};
+
 /* Unused, left here for documentary purposes */
 #if 0
 #define SECURITY_NULL_SID_AUTHORITY    0
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@ -437,6 +437,8 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
 			      struct dom_sid **user_sids,
 			      uint32_t *num_user_sids,
 			      bool include_user_group_rid);
+bool security_token_find_npa_flags(const struct security_token *token,
+				   uint32_t *_flags);

 /* The following definitions come from lib/util_sock.c  */

--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@ -170,3 +170,22 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,

 	return NT_STATUS_OK;
 }
+
+bool security_token_find_npa_flags(const struct security_token *token,
+				   uint32_t *_flags)
+{
+	const struct dom_sid *npa_flags_sid = NULL;
+	size_t num_npa_sids;
+
+	num_npa_sids =
+		security_token_count_flag_sids(token,
+					       &global_sid_Samba_NPA_Flags,
+					       1,
+					       &npa_flags_sid);
+	if (num_npa_sids != 1) {
+		return false;
+	}
+
+	sid_peek_rid(npa_flags_sid, _flags);
+	return true;
+}