[patch] clean up sid when writing to tdb

Andrew Bartlett abartlet at samba.org
Sat Oct 13 06:55:18 UTC 2018

On Fri, 2018-10-12 at 18:26 +0200, Volker Lendecke via samba-technical
> On Fri, Oct 12, 2018 at 05:04:32PM +0200, Philipp Gesang via samba-technical wrote:
> > Hey guys,
> > 
> > I’d appreciate feedback on the attached patch.
> Shouldn't we just store the required bytes determined with
> ndr_size_dom_sid() and ndr_push/pull_dom_sid? This has the obvious
> upgrade issues, but maybe we can handle that somehow.
> Just my 2ct.


You are quite correct, pushing a buffer is a really bad idea.  The structure is:

struct dom_sid {
        uint8_t sid_rev_num;
        int8_t num_auths;/* [range(0,15)] */
        uint8_t id_auth[6];
        uint32_t sub_auths[15];

and so the sub_auths would be endian-dependant. 

Not that we get much swapping of tdb files between hosts, but we are
meant to be able.  

Note, while not directly relevant here, we will have to be more careful
about this if we make broader use of lmdb, which is host endian
dependent per

Now as to how to fix this while being backward and forward compatible
and portable across byte orders?  Trickier. 

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list