[PATCH] samr4: Use <SID=%s> in GetGroupsForUser
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Sep 1 14:41:57 UTC 2015
Hi!
Review&push appreciated!
Thanks,
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From 0c6e66e412311cca57458f0042cd16c551d7e28a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 1 Sep 2015 08:41:04 +0200
Subject: [PATCH] samr4: Use <SID=%s> in GetGroupsForUser
This way we avoid quoting problems in user's DNs
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source4/rpc_server/samr/dcesrv_samr.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index d0c748e..9f3bd10 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -3575,17 +3575,23 @@ static NTSTATUS dcesrv_samr_GetGroupsForUser(struct dcesrv_call_state *dce_call,
const char * const attrs[2] = { "objectSid", NULL };
struct samr_RidWithAttributeArray *array;
int i, count;
+ char membersidstr[DOM_SID_STR_BUFLEN];
DCESRV_PULL_HANDLE(h, r->in.user_handle, SAMR_HANDLE_USER);
a_state = h->data;
d_state = a_state->domain_state;
+ dom_sid_string_buf(a_state->account_sid,
+ membersidstr, sizeof(membersidstr)),
+
count = samdb_search_domain(a_state->sam_ctx, mem_ctx,
d_state->domain_dn, &res,
attrs, d_state->domain_sid,
- "(&(member=%s)(|(grouptype=%d)(grouptype=%d))(objectclass=group))",
- ldb_dn_get_linearized(a_state->account_dn),
+ "(&(member=<SID=%s>)"
+ "(|(grouptype=%d)(grouptype=%d))"
+ "(objectclass=group))",
+ membersidstr,
GTYPE_SECURITY_UNIVERSAL_GROUP,
GTYPE_SECURITY_GLOBAL_GROUP);
if (count < 0)
--
1.9.1
More information about the samba-technical
mailing list