#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
-#include "rbtree.h"
-
-/* Red-black tree that maps SHA1 message digests of security descriptors to
- * security IDs, which are themselves indices into the table of security
- * descriptors in the 'struct wim_security_data'. */
-struct sd_set {
- struct wim_security_data *sd;
- struct rb_root rb_root;
-};
-
-struct sd_node {
- int security_id;
- u8 hash[SHA1_HASH_SIZE];
- struct rb_node rb_node;
-};
-
-static void free_sd_tree(struct rb_node *node)
-{
- if (node) {
- free_sd_tree(node->rb_left);
- free_sd_tree(node->rb_right);
- FREE(container_of(node, struct sd_node, rb_node));
- }
-}
-/* Frees a security descriptor index set. */
-static void destroy_sd_set(struct sd_set *sd_set)
-{
- free_sd_tree(sd_set->rb_root.rb_node);
-}
-
-/* Inserts a a new node into the security descriptor index tree. */
-static void insert_sd_node(struct sd_set *set, struct sd_node *new)
-{
- struct rb_root *root = &set->rb_root;
- struct rb_node **p = &(root->rb_node);
- struct rb_node *rb_parent = NULL;
-
- while (*p) {
- struct sd_node *this = container_of(*p, struct sd_node, rb_node);
- int cmp = hashes_cmp(new->hash, this->hash);
-
- rb_parent = *p;
- if (cmp < 0)
- p = &((*p)->rb_left);
- else if (cmp > 0)
- p = &((*p)->rb_right);
- else
- wimlib_assert(0); /* Duplicate SHA1 message digest */
- }
- rb_link_node(&new->rb_node, rb_parent, p);
- rb_insert_color(&new->rb_node, root);
-}
-
-/* Returns the index of the security descriptor having a SHA1 message digest of
- * @hash. If not found, return -1. */
-static int lookup_sd(struct sd_set *set, const u8 hash[SHA1_HASH_SIZE])
-{
- struct rb_node *node = set->rb_root.rb_node;
-
- while (node) {
- struct sd_node *sd_node = container_of(node, struct sd_node, rb_node);
- int cmp = hashes_cmp(hash, sd_node->hash);
- if (cmp < 0)
- node = node->rb_left;
- else if (cmp > 0)
- node = node->rb_right;
- else
- return sd_node->security_id;
- }
- return -1;
-}
-
-/*
- * Adds a security descriptor to the indexed security descriptor set as well as
- * the corresponding `struct wim_security_data', and returns the new security
- * ID; or, if there is an existing security descriptor that is the same, return
- * the security ID for it. If a new security descriptor cannot be allocated,
- * return -1.
- */
-static int sd_set_add_sd(struct sd_set *sd_set, const char descriptor[],
- size_t size)
-{
- u8 hash[SHA1_HASH_SIZE];
- int security_id;
- struct sd_node *new;
- u8 **descriptors;
- u64 *sizes;
- u8 *descr_copy;
- struct wim_security_data *sd;
-
- sha1_buffer((const u8*)descriptor, size, hash);
-
- security_id = lookup_sd(sd_set, hash);
- if (security_id >= 0) /* Identical descriptor already exists */
- return security_id;
-
- /* Need to add a new security descriptor */
- new = MALLOC(sizeof(*new));
- if (!new)
- goto out;
- descr_copy = MALLOC(size);
- if (!descr_copy)
- goto out_free_node;
-
- sd = sd_set->sd;
-
- memcpy(descr_copy, descriptor, size);
- new->security_id = sd->num_entries;
- copy_hash(new->hash, hash);
-
- descriptors = REALLOC(sd->descriptors,
- (sd->num_entries + 1) * sizeof(sd->descriptors[0]));
- if (!descriptors)
- goto out_free_descr;
- sd->descriptors = descriptors;
- sizes = REALLOC(sd->sizes,
- (sd->num_entries + 1) * sizeof(sd->sizes[0]));
- if (!sizes)
- goto out_free_descr;
- sd->sizes = sizes;
- sd->descriptors[sd->num_entries] = descr_copy;
- sd->sizes[sd->num_entries] = size;
- sd->num_entries++;
- DEBUG("There are now %d security descriptors", sd->num_entries);
- sd->total_length += size + sizeof(sd->sizes[0]);
- insert_sd_node(sd_set, new);
- return new->security_id;
-out_free_descr:
- FREE(descr_copy);
-out_free_node:
- FREE(new);
-out:
- return -1;
-}
+#include "security.h"
static inline ntfschar *attr_record_name(ATTR_RECORD *ar)
{