[v5 2/4] server: add a helper function for querying token owner

Thu Sep 21 05:04:41 CDT 2017

Signed-off-by: Jonathan Doron <jond at wizery.com>
---
 server/object.c   |  2 +-
 server/security.h |  1 +
 server/token.c    | 21 ++++++++++++---------
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/server/object.c b/server/object.c
index 4455718..f2487f9 100644
--- a/server/object.c
+++ b/server/object.c
@@ -561,7 +561,7 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri
     }
     else if (token)
     {
-        owner = token_get_user( token );
+        owner = token_get_owner( token );
         new_sd.owner_len = security_sid_len( owner );
     }
     else new_sd.owner_len = 0;
diff --git a/server/security.h b/server/security.h
index 873bbc6..6bae283 100644
--- a/server/security.h
+++ b/server/security.h
@@ -62,6 +62,7 @@ extern int token_check_privileges( struct token *token, int all_required,
 extern const ACL *token_get_default_dacl( struct token *token );
 extern const SID *token_get_user( struct token *token );
 extern const SID *token_get_primary_group( struct token *token );
+extern const SID *token_get_owner( struct token *token );
 extern int token_sid_present( struct token *token, const SID *sid, int deny);
 
 static inline const ACE_HEADER *ace_next( const ACE_HEADER *ace )
diff --git a/server/token.c b/server/token.c
index 532d7b7..80eba24 100644
--- a/server/token.c
+++ b/server/token.c
@@ -1146,6 +1146,17 @@ const SID *token_get_primary_group( struct token *token )
     return token->primary_group;
 }
 
+const SID *token_get_owner( struct token *token )
+{
+    struct group *group;
+    LIST_FOR_EACH_ENTRY( group, &token->groups, struct group, entry )
+    {
+        if (group->owner)
+            return &group->sid;
+    }
+    return NULL;
+}
+
 int check_object_access(struct object *obj, unsigned int *access)
 {
     GENERIC_MAPPING mapping;
@@ -1425,15 +1436,7 @@ DECL_HANDLER(get_token_sid)
             break;
         case TokenOwner:
         {
-            struct group *group;
-            LIST_FOR_EACH_ENTRY( group, &token->groups, struct group, entry )
-            {
-                if (group->owner)
-                {
-                    sid = &group->sid;
-                    break;
-                }
-            }
+            sid = token_get_owner(token);
             break;
         }
         default:
-- 
2.9.4


