[PATCH] A few more dom_sid_str_buf calls
Jeremy Allison
jra at samba.org
Mon Jan 7 18:15:11 UTC 2019
On Mon, Jan 07, 2019 at 03:40:38PM +0100, Volker Lendecke via samba-technical wrote:
> Hi!
>
> Review appreciated!
Great cleanups, thanks ! RB+ and pushed.
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: 0551-370000-0, mailto:kontakt at sernet.de
> Gesch.F.: Dr. Johannes Loxen und Reinhild Jung
> AG Göttingen: HR-B 2816 - http://www.sernet.de
> From 026e08a362bd658f73fe3cc17afea1fabebf6536 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Thu, 20 Dec 2018 21:53:17 +0100
> Subject: [PATCH 01/13] auth3: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/auth/token_util.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
> index bfc2c3029b2..f7ebd23e4aa 100644
> --- a/source3/auth/token_util.c
> +++ b/source3/auth/token_util.c
> @@ -1212,15 +1212,18 @@ bool user_sid_in_group_sid(const struct dom_sid *sid, const struct dom_sid *grou
> bool result = false;
> enum lsa_SidType type;
> TALLOC_CTX *mem_ctx = talloc_stackframe();
> + struct dom_sid_buf buf;
>
> if (!lookup_sid(mem_ctx, sid,
> NULL, NULL, &type)) {
> - DEBUG(1, ("lookup_sid for %s failed\n", dom_sid_string(mem_ctx, sid)));
> + DEBUG(1, ("lookup_sid for %s failed\n",
> + dom_sid_str_buf(sid, &buf)));
> goto done;
> }
>
> if (type != SID_NAME_USER) {
> - DEBUG(5, ("%s is a %s, not a user\n", dom_sid_string(mem_ctx, sid),
> + DEBUG(5, ("%s is a %s, not a user\n",
> + dom_sid_str_buf(sid, &buf),
> sid_type_lookup(type)));
> goto done;
> }
> @@ -1230,7 +1233,8 @@ bool user_sid_in_group_sid(const struct dom_sid *sid, const struct dom_sid *grou
> &token);
>
> if (!NT_STATUS_IS_OK(status)) {
> - DEBUG(10, ("could not create token for %s\n", dom_sid_string(mem_ctx, sid)));
> + DEBUG(10, ("could not create token for %s\n",
> + dom_sid_str_buf(sid, &buf)));
> goto done;
> }
>
> --
> 2.11.0
>
>
> From a8f48736130eba16e2f78806d7bee62adf3ee529 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Thu, 20 Dec 2018 21:57:21 +0100
> Subject: [PATCH 02/13] winbindd: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/winbindd/winbindd_cm.c | 18 ++++++++++--------
> 1 file changed, 10 insertions(+), 8 deletions(-)
>
> diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
> index 2e98c7634e8..22d3dcaa92b 100644
> --- a/source3/winbindd/winbindd_cm.c
> +++ b/source3/winbindd/winbindd_cm.c
> @@ -2552,15 +2552,15 @@ no_dssetup:
> !dom_sid_equal(&domain->sid,
> lsa_info->dns.sid))
> {
> + struct dom_sid_buf buf1, buf2;
> DEBUG(1, ("set_dc_type_and_flags_connect: DC "
> "for domain %s (%s) claimed it was "
> "a DC for domain %s, refusing to "
> "initialize\n",
> - dom_sid_string(talloc_tos(),
> - &domain->sid),
> + dom_sid_str_buf(&domain->sid, &buf1),
> domain->name,
> - dom_sid_string(talloc_tos(),
> - lsa_info->dns.sid)));
> + dom_sid_str_buf(lsa_info->dns.sid,
> + &buf2)));
> TALLOC_FREE(cli);
> TALLOC_FREE(mem_ctx);
> return;
> @@ -2611,16 +2611,18 @@ no_dssetup:
> !dom_sid_equal(&domain->sid,
> lsa_info->account_domain.sid))
> {
> + struct dom_sid_buf buf1, buf2;
> DEBUG(1,
> ("set_dc_type_and_flags_connect: "
> "DC for domain %s (%s) claimed "
> "it was a DC for domain %s, "
> "refusing to initialize\n",
> - dom_sid_string(talloc_tos(),
> - &domain->sid),
> + dom_sid_str_buf(
> + &domain->sid, &buf1),
> domain->name,
> - dom_sid_string(talloc_tos(),
> - lsa_info->account_domain.sid)));
> + dom_sid_str_buf(
> + lsa_info->account_domain.sid,
> + &buf2)));
> TALLOC_FREE(cli);
> TALLOC_FREE(mem_ctx);
> return;
> --
> 2.11.0
>
>
> From 977d126f2bbb0f53dc4e94c7aa7831ace6b415de Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 21 Dec 2018 09:27:43 +0100
> Subject: [PATCH 03/13] libcli: Simplify smblsa_lookup_name
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source4/libcli/util/clilsa.c | 11 ++++-------
> 1 file changed, 4 insertions(+), 7 deletions(-)
>
> diff --git a/source4/libcli/util/clilsa.c b/source4/libcli/util/clilsa.c
> index 0599c76f694..b9f220f48ab 100644
> --- a/source4/libcli/util/clilsa.c
> +++ b/source4/libcli/util/clilsa.c
> @@ -301,9 +301,8 @@ NTSTATUS smblsa_lookup_name(struct smbcli_state *cli,
> struct lsa_RefDomainList *domains = NULL;
> uint32_t count = 1;
> NTSTATUS status;
> - struct dom_sid *sid;
> + struct dom_sid sid;
> TALLOC_CTX *mem_ctx2 = talloc_new(mem_ctx);
> - uint32_t rid;
>
> status = smblsa_connect(cli);
> if (!NT_STATUS_IS_OK(status)) {
> @@ -343,11 +342,9 @@ NTSTATUS smblsa_lookup_name(struct smbcli_state *cli,
> return NT_STATUS_INVALID_NETWORK_RESPONSE;
> }
>
> - sid = domains->domains[0].sid;
> - rid = sids.sids[0].rid;
> -
> - (*sid_str) = talloc_asprintf(mem_ctx, "%s-%u",
> - dom_sid_string(mem_ctx2, sid), rid);
> + sid_compose(&sid, domains->domains[0].sid, sids.sids[0].rid);
> +
> + (*sid_str) = dom_sid_string(mem_ctx, &sid);
>
> talloc_free(mem_ctx2);
>
> --
> 2.11.0
>
>
> From 2b3ee34eee6abc542fa89c217a896bbe1ae68043 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 21 Dec 2018 09:30:58 +0100
> Subject: [PATCH 04/13] smbclient: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/client/client.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/source3/client/client.c b/source3/client/client.c
> index e8faed55dc4..3a31463cdbb 100644
> --- a/source3/client/client.c
> +++ b/source3/client/client.c
> @@ -3359,9 +3359,10 @@ static int cmd_posix_whoami(void)
> }
> d_printf("NUM_SIDS:%" PRIu32 "\n", num_sids);
> for (i = 0; i < num_sids; i++) {
> - char *sid_str = dom_sid_string(ctx, &sids[i]);
> - d_printf("SIDS[%" PRIu32 "]:%s\n", i, sid_str);
> - TALLOC_FREE(sid_str);
> + struct dom_sid_buf buf;
> + d_printf("SIDS[%" PRIu32 "]:%s\n",
> + i,
> + dom_sid_str_buf(&sids[i], &buf));
> }
> return 0;
> }
> --
> 2.11.0
>
>
> From 5a1ee7d74f93a713219bf438318b8d6150552fff Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 21 Dec 2018 09:32:41 +0100
> Subject: [PATCH 05/13] libndr: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> librpc/ndr/ndr_sec_helper.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/librpc/ndr/ndr_sec_helper.c b/librpc/ndr/ndr_sec_helper.c
> index ecc05115d4b..5a2ed16e33e 100644
> --- a/librpc/ndr/ndr_sec_helper.c
> +++ b/librpc/ndr/ndr_sec_helper.c
> @@ -147,7 +147,8 @@ size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags)
> */
> void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
> {
> - ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid));
> + struct dom_sid_buf buf;
> + ndr->print(ndr, "%-25s: %s", name, dom_sid_str_buf(sid, &buf));
> }
>
> void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid)
> --
> 2.11.0
>
>
> From 429e07387c411f548267f5bccdd4fa1371887c7f Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 21 Dec 2018 09:34:34 +0100
> Subject: [PATCH 06/13] pydsdb: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source4/dsdb/pydsdb.c | 10 ++--------
> 1 file changed, 2 insertions(+), 8 deletions(-)
>
> diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c
> index 7bbceb35a92..297943b1a54 100644
> --- a/source4/dsdb/pydsdb.c
> +++ b/source4/dsdb/pydsdb.c
> @@ -191,8 +191,8 @@ static PyObject *py_samdb_get_domain_sid(PyLdbObject *self, PyObject *args)
> PyObject *py_ldb;
> struct ldb_context *ldb;
> const struct dom_sid *sid;
> + struct dom_sid_buf buf;
> PyObject *ret;
> - char *retstr;
>
> if (!PyArg_ParseTuple(args, "O", &py_ldb))
> return NULL;
> @@ -205,13 +205,7 @@ static PyObject *py_samdb_get_domain_sid(PyLdbObject *self, PyObject *args)
> return NULL;
> }
>
> - retstr = dom_sid_string(NULL, sid);
> - if (retstr == NULL) {
> - PyErr_NoMemory();
> - return NULL;
> - }
> - ret = PyStr_FromString(retstr);
> - talloc_free(retstr);
> + ret = PyStr_FromString(dom_sid_str_buf(sid, &buf));
> return ret;
> }
>
> --
> 2.11.0
>
>
> From b6989e489405d6f8fe23b1a44e37e947e14e0b92 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 14 Dec 2018 20:30:10 +0100
> Subject: [PATCH 07/13] winbind: Fix a typo
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/winbindd/idmap_autorid.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c
> index 6e38a57805b..1d0f0fafb82 100644
> --- a/source3/winbindd/idmap_autorid.c
> +++ b/source3/winbindd/idmap_autorid.c
> @@ -464,7 +464,7 @@ static NTSTATUS idmap_autorid_sid_to_id_alloc_action(
> return ret;
> }
>
> - DEBUG(10, ("Sepecial sid %s not mapped. falling back to "
> + DEBUG(10, ("Special sid %s not mapped. falling back to "
> "regular allocation\n",
> dom_sid_str_buf(ctx->map->sid, &buf)));
> }
> --
> 2.11.0
>
>
> From a53c1fba9a743e7bcae3344b3445fb30d4174ec9 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sun, 16 Dec 2018 16:59:32 +0100
> Subject: [PATCH 08/13] passdb: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/passdb/pdb_samba_dsdb.c | 97 +++++++++++++++++++++++++++--------------
> 1 file changed, 64 insertions(+), 33 deletions(-)
>
> diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c
> index 951ab81c22c..0753d38b5f6 100644
> --- a/source3/passdb/pdb_samba_dsdb.c
> +++ b/source3/passdb/pdb_samba_dsdb.c
> @@ -155,7 +155,8 @@ static struct ldb_message *pdb_samba_dsdb_get_samu_private(
> struct pdb_samba_dsdb_state *state = talloc_get_type_abort(
> m->private_data, struct pdb_samba_dsdb_state);
> struct ldb_message *msg;
> - char *sidstr, *filter;
> + struct dom_sid_buf sidstr;
> + char *filter;
> NTSTATUS status;
>
> msg = (struct ldb_message *)
> @@ -165,14 +166,10 @@ static struct ldb_message *pdb_samba_dsdb_get_samu_private(
> return talloc_get_type_abort(msg, struct ldb_message);
> }
>
> - sidstr = dom_sid_string(talloc_tos(), pdb_get_user_sid(sam));
> - if (sidstr == NULL) {
> - return NULL;
> - }
> -
> filter = talloc_asprintf(
> - talloc_tos(), "(&(objectsid=%s)(objectclass=user))", sidstr);
> - TALLOC_FREE(sidstr);
> + talloc_tos(),
> + "(&(objectsid=%s)(objectclass=user))",
> + dom_sid_str_buf(pdb_get_user_sid(sam), &sidstr));
> if (filter == NULL) {
> return NULL;
> }
> @@ -725,15 +722,11 @@ static NTSTATUS pdb_samba_dsdb_getsampwsid(struct pdb_methods *m,
> NTSTATUS status;
> struct pdb_samba_dsdb_state *state = talloc_get_type_abort(
> m->private_data, struct pdb_samba_dsdb_state);
> - char *sidstr;
> -
> - sidstr = dom_sid_string(talloc_tos(), sid);
> - NT_STATUS_HAVE_NO_MEMORY(sidstr);
> + struct dom_sid_buf buf;
>
> status = pdb_samba_dsdb_getsampwfilter(m, state, sam_acct,
> "(&(objectsid=%s)(objectclass=user))",
> - sidstr);
> - talloc_free(sidstr);
> + dom_sid_str_buf(sid, &buf));
> return status;
> }
>
> @@ -771,10 +764,15 @@ static NTSTATUS pdb_samba_dsdb_delete_user(struct pdb_methods *m,
> m->private_data, struct pdb_samba_dsdb_state);
> struct ldb_dn *dn;
> int rc;
> + struct dom_sid_buf buf;
> TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
> NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
>
> - dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, pdb_get_user_sid(sam)));
> + dn = ldb_dn_new_fmt(
> + tmp_ctx,
> + state->ldb,
> + "<SID=%s>",
> + dom_sid_str_buf(pdb_get_user_sid(sam), &buf));
> if (!dn || !ldb_dn_validate(dn)) {
> talloc_free(tmp_ctx);
> return NT_STATUS_NO_MEMORY;
> @@ -1110,6 +1108,7 @@ static NTSTATUS pdb_samba_dsdb_delete_dom_group(struct pdb_methods *m,
> struct ldb_message *msg;
> struct ldb_dn *dn;
> int rc;
> + struct dom_sid_buf buf;
> TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
> NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
>
> @@ -1120,7 +1119,11 @@ static NTSTATUS pdb_samba_dsdb_delete_dom_group(struct pdb_methods *m,
> return NT_STATUS_INTERNAL_ERROR;
> }
>
> - dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, &sid));
> + dn = ldb_dn_new_fmt(
> + tmp_ctx,
> + state->ldb,
> + "<SID=%s>",
> + dom_sid_str_buf(&sid, &buf));
> if (!dn || !ldb_dn_validate(dn)) {
> talloc_free(tmp_ctx);
> ldb_transaction_cancel(state->ldb);
> @@ -1193,11 +1196,16 @@ static NTSTATUS pdb_samba_dsdb_enum_group_members(struct pdb_methods *m,
> uint32_t *members;
> struct ldb_dn *dn;
> NTSTATUS status;
> + struct dom_sid_buf buf;
>
> TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
> NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
>
> - dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, group));
> + dn = ldb_dn_new_fmt(
> + tmp_ctx,
> + state->ldb,
> + "<SID=%s>",
> + dom_sid_str_buf(group, &buf));
> if (!dn || !ldb_dn_validate(dn)) {
> return NT_STATUS_NO_MEMORY;
> }
> @@ -1285,10 +1293,11 @@ static NTSTATUS fake_enum_group_memberships(struct pdb_samba_dsdb_state *state,
> if (id_map.xid.type == ID_TYPE_GID || id_map.xid.type == ID_TYPE_BOTH) {
> gids[0] = id_map.xid.id;
> } else {
> + struct dom_sid_buf buf1, buf2;
> DEBUG(1, (__location__
> "Group %s, of which %s is a member, could not be converted to a GID\n",
> - dom_sid_string(tmp_ctx, &group_sids[0]),
> - dom_sid_string(tmp_ctx, &user->user_sid)));
> + dom_sid_str_buf(&group_sids[0], &buf1),
> + dom_sid_str_buf(&user->user_sid, &buf2)));
> talloc_free(tmp_ctx);
> /* We must error out, otherwise a user might
> * avoid a DENY acl based on a group they
> @@ -1392,9 +1401,11 @@ static NTSTATUS pdb_samba_dsdb_enum_group_memberships(struct pdb_methods *m,
> if (id_map.xid.type == ID_TYPE_GID || id_map.xid.type == ID_TYPE_BOTH) {
> gids[num_groups] = id_map.xid.id;
> } else {
> + struct dom_sid_buf buf;
> DEBUG(1, (__location__
> "Group %s, of which %s is a member, could not be converted to a GID\n",
> - dom_sid_string(tmp_ctx, &group_sids[num_groups]),
> + dom_sid_str_buf(&group_sids[num_groups],
> + &buf),
> ldb_dn_get_linearized(msg->dn)));
> talloc_free(tmp_ctx);
> /* We must error out, otherwise a user might
> @@ -1434,6 +1445,7 @@ static NTSTATUS pdb_samba_dsdb_mod_groupmem_by_sid(struct pdb_methods *m,
> struct ldb_message *msg;
> int ret;
> struct ldb_message_element *el;
> + struct dom_sid_buf buf;
> TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
> NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
> msg = ldb_msg_new(tmp_ctx);
> @@ -1442,12 +1454,20 @@ static NTSTATUS pdb_samba_dsdb_mod_groupmem_by_sid(struct pdb_methods *m,
> return NT_STATUS_NO_MEMORY;
> }
>
> - msg->dn = ldb_dn_new_fmt(msg, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, groupsid));
> + msg->dn = ldb_dn_new_fmt(
> + msg,
> + state->ldb,
> + "<SID=%s>",
> + dom_sid_str_buf(groupsid, &buf));
> if (!msg->dn || !ldb_dn_validate(msg->dn)) {
> talloc_free(tmp_ctx);
> return NT_STATUS_NO_MEMORY;
> }
> - ret = ldb_msg_add_fmt(msg, "member", "<SID=%s>", dom_sid_string(tmp_ctx, membersid));
> + ret = ldb_msg_add_fmt(
> + msg,
> + "member",
> + "<SID=%s>",
> + dom_sid_str_buf(membersid, &buf));
> if (ret != LDB_SUCCESS) {
> talloc_free(tmp_ctx);
> return NT_STATUS_NO_MEMORY;
> @@ -1551,10 +1571,15 @@ static NTSTATUS pdb_samba_dsdb_delete_alias(struct pdb_methods *m,
> struct ldb_message *msg;
> struct ldb_dn *dn;
> int rc;
> + struct dom_sid_buf buf;
> TALLOC_CTX *tmp_ctx = talloc_stackframe();
> NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
>
> - dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, sid));
> + dn = ldb_dn_new_fmt(
> + tmp_ctx,
> + state->ldb,
> + "<SID=%s>",
> + dom_sid_str_buf(sid, &buf));
> if (!dn || !ldb_dn_validate(dn)) {
> talloc_free(tmp_ctx);
> return NT_STATUS_NO_MEMORY;
> @@ -1713,10 +1738,15 @@ static NTSTATUS pdb_samba_dsdb_enum_aliasmem(struct pdb_methods *m,
> struct ldb_dn *dn;
> unsigned int num_members;
> NTSTATUS status;
> + struct dom_sid_buf buf;
> TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
> NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
>
> - dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, alias));
> + dn = ldb_dn_new_fmt(
> + tmp_ctx,
> + state->ldb,
> + "<SID=%s>",
> + dom_sid_str_buf(alias, &buf));
> if (!dn || !ldb_dn_validate(dn)) {
> return NT_STATUS_NO_MEMORY;
> }
> @@ -1747,7 +1777,6 @@ static NTSTATUS pdb_samba_dsdb_enum_alias_memberships(struct pdb_methods *m,
> unsigned int num_groupSIDs = 0;
> char *filter;
> NTSTATUS status;
> - const char *sid_string;
> const char *sid_dn;
> DATA_BLOB sid_blob;
>
> @@ -1765,13 +1794,12 @@ static NTSTATUS pdb_samba_dsdb_enum_alias_memberships(struct pdb_methods *m,
> }
>
> for (i = 0; i < num_members; i++) {
> - sid_string = dom_sid_string(tmp_ctx, &members[i]);
> - if (sid_string == NULL) {
> - TALLOC_FREE(tmp_ctx);
> - return NT_STATUS_NO_MEMORY;
> - }
> + struct dom_sid_buf buf;
>
> - sid_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", sid_string);
> + sid_dn = talloc_asprintf(
> + tmp_ctx,
> + "<SID=%s>",
> + dom_sid_str_buf(&members[i], &buf));
> if (sid_dn == NULL) {
> TALLOC_FREE(tmp_ctx);
> return NT_STATUS_NO_MEMORY;
> @@ -3136,13 +3164,15 @@ static NTSTATUS pdb_samba_dsdb_get_trusted_domain_by_sid(struct pdb_methods *m,
> };
> struct ldb_message *msg = NULL;
> struct pdb_trusted_domain *d = NULL;
> + struct dom_sid_buf buf;
> NTSTATUS status;
>
> status = dsdb_trust_search_tdo_by_sid(state->ldb, sid,
> attrs, tmp_ctx, &msg);
> if (!NT_STATUS_IS_OK(status)) {
> DBG_ERR("dsdb_trust_search_tdo_by_sid(%s) - %s ",
> - dom_sid_string(tmp_ctx, sid), nt_errstr(status));
> + dom_sid_str_buf(sid, &buf),
> + nt_errstr(status));
> TALLOC_FREE(tmp_ctx);
> return status;
> }
> @@ -3150,7 +3180,8 @@ static NTSTATUS pdb_samba_dsdb_get_trusted_domain_by_sid(struct pdb_methods *m,
> status = pdb_samba_dsdb_msg_to_trusted_domain(msg, mem_ctx, &d);
> if (!NT_STATUS_IS_OK(status)) {
> DBG_ERR("pdb_samba_dsdb_msg_to_trusted_domain(%s) - %s ",
> - dom_sid_string(tmp_ctx, sid), nt_errstr(status));
> + dom_sid_str_buf(sid, &buf),
> + nt_errstr(status));
> TALLOC_FREE(tmp_ctx);
> return status;
> }
> --
> 2.11.0
>
>
> From b7a75c1c78eeca768a9c3b2fbe3167e0c72aa0ef Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sun, 16 Dec 2018 17:02:54 +0100
> Subject: [PATCH 09/13] ntpd: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source4/ntp_signd/ntp_signd.c | 15 +++++++++------
> 1 file changed, 9 insertions(+), 6 deletions(-)
>
> diff --git a/source4/ntp_signd/ntp_signd.c b/source4/ntp_signd/ntp_signd.c
> index 5999bf81540..5db4892ae09 100644
> --- a/source4/ntp_signd/ntp_signd.c
> +++ b/source4/ntp_signd/ntp_signd.c
> @@ -112,6 +112,7 @@ static NTSTATUS ntp_signd_process(struct ntp_signd_connection *ntp_signd_conn,
> MD5_CTX ctx;
> struct samr_Password *nt_hash;
> uint32_t user_account_control;
> + struct dom_sid_buf buf;
> int ret;
>
> ndr_err = ndr_pull_struct_blob_all(input, mem_ctx,
> @@ -171,7 +172,7 @@ static NTSTATUS ntp_signd_process(struct ntp_signd_connection *ntp_signd_conn,
> if (ret != LDB_SUCCESS) {
> DEBUG(2, ("Failed to search for SID %s in SAM for NTP signing: "
> "%s\n",
> - dom_sid_string(mem_ctx, sid),
> + dom_sid_str_buf(sid, &buf),
> ldb_errstring(ntp_signd_conn->ntp_signd->samdb)));
> return signing_failure(ntp_signd_conn,
> mem_ctx,
> @@ -181,14 +182,15 @@ static NTSTATUS ntp_signd_process(struct ntp_signd_connection *ntp_signd_conn,
>
> if (res->count == 0) {
> DEBUG(2, ("Failed to find SID %s in SAM for NTP signing\n",
> - dom_sid_string(mem_ctx, sid)));
> + dom_sid_str_buf(sid, &buf)));
> return signing_failure(ntp_signd_conn,
> mem_ctx,
> output,
> sign_request.packet_id);
> } else if (res->count != 1) {
> DEBUG(1, ("Found SID %s %u times in SAM for NTP signing\n",
> - dom_sid_string(mem_ctx, sid), res->count));
> + dom_sid_str_buf(sid, &buf),
> + res->count));
> return signing_failure(ntp_signd_conn,
> mem_ctx,
> output,
> @@ -202,21 +204,22 @@ static NTSTATUS ntp_signd_process(struct ntp_signd_connection *ntp_signd_conn,
> if (user_account_control & UF_ACCOUNTDISABLE) {
> DEBUG(1, ("Account %s for SID [%s] is disabled\n",
> ldb_dn_get_linearized(res->msgs[0]->dn),
> - dom_sid_string(mem_ctx, sid)));
> + dom_sid_str_buf(sid, &buf)));
> return NT_STATUS_ACCESS_DENIED;
> }
>
> if (!(user_account_control & (UF_INTERDOMAIN_TRUST_ACCOUNT|UF_SERVER_TRUST_ACCOUNT|UF_WORKSTATION_TRUST_ACCOUNT))) {
> DEBUG(1, ("Account %s for SID [%s] is not a trust account\n",
> ldb_dn_get_linearized(res->msgs[0]->dn),
> - dom_sid_string(mem_ctx, sid)));
> + dom_sid_str_buf(sid, &buf)));
> return NT_STATUS_ACCESS_DENIED;
> }
>
> nt_hash = samdb_result_hash(mem_ctx, res->msgs[0], "unicodePwd");
> if (!nt_hash) {
> DEBUG(1, ("No unicodePwd found on record of SID %s "
> - "for NTP signing\n", dom_sid_string(mem_ctx, sid)));
> + "for NTP signing\n",
> + dom_sid_str_buf(sid, &buf)));
> return signing_failure(ntp_signd_conn,
> mem_ctx,
> output,
> --
> 2.11.0
>
>
> From 36d19a8e2de014e44fdf87911502e0c3927bfce7 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sun, 16 Dec 2018 17:11:55 +0100
> Subject: [PATCH 10/13] auth4: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source4/auth/sam.c | 16 +++++++---------
> source4/auth/session.c | 15 +++++----------
> source4/auth/unix_token.c | 18 +++++++++---------
> 3 files changed, 21 insertions(+), 28 deletions(-)
>
> diff --git a/source4/auth/sam.c b/source4/auth/sam.c
> index 38c4a248027..709e901b45b 100644
> --- a/source4/auth/sam.c
> +++ b/source4/auth/sam.c
> @@ -350,7 +350,7 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
> char *filter = NULL;
> /* SIDs for the account and his primary group */
> struct dom_sid *account_sid;
> - const char *primary_group_string;
> + struct dom_sid_buf buf;
> const char *primary_group_dn;
> DATA_BLOB primary_group_blob;
> /* SID structures for the expanded group memberships */
> @@ -404,13 +404,10 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
> return status;
> }
>
> - primary_group_string = dom_sid_string(tmp_ctx, &sids[PRIMARY_GROUP_SID_INDEX]);
> - if (primary_group_string == NULL) {
> - TALLOC_FREE(user_info_dc);
> - return NT_STATUS_NO_MEMORY;
> - }
> -
> - primary_group_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", primary_group_string);
> + primary_group_dn = talloc_asprintf(
> + tmp_ctx,
> + "<SID=%s>",
> + dom_sid_str_buf(&sids[PRIMARY_GROUP_SID_INDEX], &buf));
> if (primary_group_dn == NULL) {
> TALLOC_FREE(user_info_dc);
> return NT_STATUS_NO_MEMORY;
> @@ -755,8 +752,9 @@ NTSTATUS authsam_get_user_info_dc_principal(TALLOC_CTX *mem_ctx,
> "(&(objectSid=%s)(objectClass=domain))",
> ldap_encode_ndr_dom_sid(tmp_ctx, domain_sid));
> if (!domain_dn) {
> + struct dom_sid_buf buf;
> DEBUG(3, ("authsam_get_user_info_dc_principal: Failed to find domain with: SID %s\n",
> - dom_sid_string(tmp_ctx, domain_sid)));
> + dom_sid_str_buf(domain_sid, &buf)));
> return NT_STATUS_NO_SUCH_USER;
> }
>
> diff --git a/source4/auth/session.c b/source4/auth/session.c
> index e324ecfb3b6..3a8c40b7fb8 100644
> --- a/source4/auth/session.c
> +++ b/source4/auth/session.c
> @@ -178,19 +178,14 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
>
> /* Search for each group in the token */
> for (i = 0; i < num_sids; i++) {
> - char *sid_string;
> + struct dom_sid_buf buf;
> const char *sid_dn;
> DATA_BLOB sid_blob;
>
> - sid_string = dom_sid_string(tmp_ctx,
> - &sids[i]);
> - if (sid_string == NULL) {
> - TALLOC_FREE(user_info_dc);
> - return NT_STATUS_NO_MEMORY;
> - }
> -
> - sid_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", sid_string);
> - talloc_free(sid_string);
> + sid_dn = talloc_asprintf(
> + tmp_ctx,
> + "<SID=%s>",
> + dom_sid_str_buf(&sids[i], &buf));
> if (sid_dn == NULL) {
> TALLOC_FREE(user_info_dc);
> return NT_STATUS_NO_MEMORY;
> diff --git a/source4/auth/unix_token.c b/source4/auth/unix_token.c
> index fdfbb240682..f3a93b658e5 100644
> --- a/source4/auth/unix_token.c
> +++ b/source4/auth/unix_token.c
> @@ -91,11 +91,11 @@ NTSTATUS security_token_to_unix_token(TALLOC_CTX *mem_ctx,
> } else if (ids[0].xid.type == ID_TYPE_UID) {
> (*sec)->uid = ids[0].xid.id;
> } else {
> - char *sid_str = dom_sid_string(mem_ctx, ids[0].sid);
> + struct dom_sid_buf buf;
> DEBUG(0, ("Unable to convert first SID (%s) in user token to a UID. Conversion was returned as type %d, full token:\n",
> - sid_str, (int)ids[0].xid.type));
> + dom_sid_str_buf(ids[0].sid, &buf),
> + (int)ids[0].xid.type));
> security_token_debug(DBGC_AUTH, 0, token);
> - talloc_free(sid_str);
> return NT_STATUS_INVALID_SID;
> }
>
> @@ -105,11 +105,11 @@ NTSTATUS security_token_to_unix_token(TALLOC_CTX *mem_ctx,
> (*sec)->groups[g] = ids[1].xid.id;
> g++;
> } else {
> - char *sid_str = dom_sid_string(mem_ctx, ids[1].sid);
> + struct dom_sid_buf buf;
> DEBUG(0, ("Unable to convert second SID (%s) in user token to a GID. Conversion was returned as type %d, full token:\n",
> - sid_str, (int)ids[1].xid.type));
> + dom_sid_str_buf(ids[1].sid, &buf),
> + (int)ids[1].xid.type));
> security_token_debug(DBGC_AUTH, 0, token);
> - talloc_free(sid_str);
> return NT_STATUS_INVALID_SID;
> }
>
> @@ -119,11 +119,11 @@ NTSTATUS security_token_to_unix_token(TALLOC_CTX *mem_ctx,
> (*sec)->groups[g] = ids[s].xid.id;
> g++;
> } else {
> - char *sid_str = dom_sid_string(mem_ctx, ids[s].sid);
> + struct dom_sid_buf buf;
> DEBUG(0, ("Unable to convert SID (%s) at index %u in user token to a GID. Conversion was returned as type %d, full token:\n",
> - sid_str, (unsigned int)s, (int)ids[s].xid.type));
> + dom_sid_str_buf(ids[s].sid, &buf),
> + (unsigned int)s, (int)ids[s].xid.type));
> security_token_debug(DBGC_AUTH, 0, token);
> - talloc_free(sid_str);
> return NT_STATUS_INVALID_SID;
> }
> }
> --
> 2.11.0
>
>
> From 8a4e078bad436425d36271234ca567038b0eabab Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sun, 16 Dec 2018 17:12:19 +0100
> Subject: [PATCH 11/13] pysecurity: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source4/librpc/ndr/py_security.c | 11 +++++------
> 1 file changed, 5 insertions(+), 6 deletions(-)
>
> diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c
> index 8288748b2be..eb5224dc243 100644
> --- a/source4/librpc/ndr/py_security.c
> +++ b/source4/librpc/ndr/py_security.c
> @@ -114,18 +114,17 @@ static int py_dom_sid_cmp(PyObject *py_self, PyObject *py_other)
> static PyObject *py_dom_sid_str(PyObject *py_self)
> {
> struct dom_sid *self = pytalloc_get_ptr(py_self);
> - char *str = dom_sid_string(NULL, self);
> - PyObject *ret = PyStr_FromString(str);
> - talloc_free(str);
> + struct dom_sid_buf buf;
> + PyObject *ret = PyStr_FromString(dom_sid_str_buf(self, &buf));
> return ret;
> }
>
> static PyObject *py_dom_sid_repr(PyObject *py_self)
> {
> struct dom_sid *self = pytalloc_get_ptr(py_self);
> - char *str = dom_sid_string(NULL, self);
> - PyObject *ret = PyStr_FromFormat("dom_sid('%s')", str);
> - talloc_free(str);
> + struct dom_sid_buf buf;
> + PyObject *ret = PyStr_FromFormat(
> + "dom_sid('%s')", dom_sid_str_buf(self, &buf));
> return ret;
> }
>
> --
> 2.11.0
>
>
> From e464823eefff7d04877122a3d61c80bd9a84875b Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sun, 16 Dec 2018 17:17:58 +0100
> Subject: [PATCH 12/13] winbind4: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source4/winbind/idmap.c | 30 ++++++++++++++++--------------
> 1 file changed, 16 insertions(+), 14 deletions(-)
>
> diff --git a/source4/winbind/idmap.c b/source4/winbind/idmap.c
> index 86fd354b606..c944132ee76 100644
> --- a/source4/winbind/idmap.c
> +++ b/source4/winbind/idmap.c
> @@ -401,7 +401,8 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> struct ldb_result *res = NULL;
> int trans = -1;
> uint32_t low, high, hwm, new_xid;
> - char *sid_string, *unixid_string, *hwm_string;
> + struct dom_sid_buf sid_string;
> + char *unixid_string, *hwm_string;
> bool hwm_entry_exists;
> TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
> const char *sam_attrs[] = {"uidNumber", "gidNumber", "samAccountType", NULL};
> @@ -445,6 +446,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> */
>
> if (lpcfg_parm_bool(idmap_ctx->lp_ctx, NULL, "idmap_ldb", "use rfc2307", false)) {
> + struct dom_sid_buf buf;
> ret = dsdb_search_one(idmap_ctx->samdb, tmp_ctx, &sam_msg,
> ldb_get_default_basedn(idmap_ctx->samdb),
> LDB_SCOPE_SUBTREE, sam_attrs, 0,
> @@ -452,7 +454,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> "(|(sAMaccountType=%u)(sAMaccountType=%u)(sAMaccountType=%u)"
> "(sAMaccountType=%u)(sAMaccountType=%u))"
> "(|(uidNumber=*)(gidNumber=*)))",
> - dom_sid_string(tmp_ctx, sid),
> + dom_sid_str_buf(sid, &buf),
> ATYPE_ACCOUNT, ATYPE_WORKSTATION_TRUST, ATYPE_INTERDOMAIN_TRUST,
> ATYPE_SECURITY_GLOBAL_GROUP, ATYPE_SECURITY_LOCAL_GROUP);
> } else {
> @@ -461,8 +463,9 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> }
>
> if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
> + struct dom_sid_buf buf;
> DEBUG(1, ("Search for objectSid=%s gave duplicate results, failing to map to a unix ID!\n",
> - dom_sid_string(tmp_ctx, sid)));
> + dom_sid_str_buf(sid, &buf)));
> status = NT_STATUS_NONE_MAPPED;
> goto failed;
> } else if (ret == LDB_SUCCESS) {
> @@ -491,8 +494,10 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> }
> }
> } else if (ret != LDB_ERR_NO_SUCH_OBJECT) {
> + struct dom_sid_buf buf;
> DEBUG(1, ("Search for objectSid=%s gave '%s', failing to map to a SID!\n",
> - dom_sid_string(tmp_ctx, sid), ldb_errstring(idmap_ctx->samdb)));
> + dom_sid_str_buf(sid, &buf),
> + ldb_errstring(idmap_ctx->samdb)));
>
> status = NT_STATUS_NONE_MAPPED;
> goto failed;
> @@ -620,11 +625,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> goto failed;
> }
>
> - sid_string = dom_sid_string(tmp_ctx, sid);
> - if (sid_string == NULL) {
> - status = NT_STATUS_NO_MEMORY;
> - goto failed;
> - }
> + dom_sid_str_buf(sid, &sid_string);
>
> unixid_string = talloc_asprintf(tmp_ctx, "%u", new_xid);
> if (unixid_string == NULL) {
> @@ -700,7 +701,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> goto failed;
> }
>
> - map_msg->dn = ldb_dn_new_fmt(tmp_ctx, ldb, "CN=%s", sid_string);
> + map_msg->dn = ldb_dn_new_fmt(tmp_ctx, ldb, "CN=%s", sid_string.buf);
> if (map_msg->dn == NULL) {
> status = NT_STATUS_NO_MEMORY;
> goto failed;
> @@ -731,7 +732,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
> goto failed;
> }
>
> - ret = ldb_msg_add_string(map_msg, "cn", sid_string);
> + ret = ldb_msg_add_string(map_msg, "cn", sid_string.buf);
> if (ret != LDB_SUCCESS) {
> status = NT_STATUS_NONE_MAPPED;
> goto failed;
> @@ -840,10 +841,11 @@ NTSTATUS idmap_sids_to_xids(struct idmap_context *idmap_ctx,
> &id[i]->xid);
> }
> if (!NT_STATUS_IS_OK(status)) {
> - char *str = dom_sid_string(mem_ctx, id[i]->sid);
> + struct dom_sid_buf buf;
> DEBUG(1, ("idmapping sid_to_xid failed for id[%d]=%s: %s\n",
> - i, str, nt_errstr(status)));
> - talloc_free(str);
> + i,
> + dom_sid_str_buf(id[i]->sid, &buf),
> + nt_errstr(status)));
> error_count++;
> id[i]->status = ID_UNMAPPED;
> } else {
> --
> 2.11.0
>
>
> From bb2d63ebdf8b5c37049eb51051c2d166126d89f0 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sun, 16 Dec 2018 17:24:36 +0100
> Subject: [PATCH 13/13] libnet4: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source4/libnet/libnet_join.c | 11 +++++++----
> source4/libnet/libnet_samdump.c | 4 +++-
> source4/libnet/libnet_samsync_ldb.c | 27 +++++++++++----------------
> 3 files changed, 21 insertions(+), 21 deletions(-)
>
> diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c
> index 245485f69cd..825a81579cc 100644
> --- a/source4/libnet/libnet_join.c
> +++ b/source4/libnet/libnet_join.c
> @@ -610,10 +610,13 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
> status = od.out.result;
> }
> if (!NT_STATUS_IS_OK(status)) {
> - r->out.error_string = talloc_asprintf(mem_ctx,
> - "samr_OpenDomain for [%s] failed: %s",
> - dom_sid_string(tmp_ctx, connect_with_info->out.domain_sid),
> - nt_errstr(status));
> + struct dom_sid_buf buf;
> + r->out.error_string = talloc_asprintf(
> + mem_ctx,
> + "samr_OpenDomain for [%s] failed: %s",
> + dom_sid_str_buf(connect_with_info->out.domain_sid,
> + &buf),
> + nt_errstr(status));
> talloc_free(tmp_ctx);
> return status;
> }
> diff --git a/source4/libnet/libnet_samdump.c b/source4/libnet/libnet_samdump.c
> index 326d8041b26..097a6efe54e 100644
> --- a/source4/libnet/libnet_samdump.c
> +++ b/source4/libnet/libnet_samdump.c
> @@ -183,6 +183,7 @@ NTSTATUS libnet_SamDump(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
> for (s=samdump_state->secrets; s; s=s->next) {
> size_t converted_size = 0;
> char *secret_string;
> + struct dom_sid_buf buf;
> if (strcasecmp_m(s->name, secret_name) != 0) {
> continue;
> }
> @@ -196,7 +197,8 @@ NTSTATUS libnet_SamDump(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
> return NT_STATUS_INVALID_PARAMETER;
> }
> printf("%s\t%s\t%s\n",
> - t->name, dom_sid_string(mem_ctx, t->sid),
> + t->name,
> + dom_sid_str_buf(t->sid, &buf),
> secret_string);
> }
> }
> diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c
> index 9ea7dce041c..3171138886c 100644
> --- a/source4/libnet/libnet_samsync_ldb.c
> +++ b/source4/libnet/libnet_samsync_ldb.c
> @@ -71,7 +71,7 @@ static NTSTATUS samsync_ldb_add_foreignSecurityPrincipal(TALLOC_CTX *mem_ctx,
> struct ldb_dn **fsp_dn,
> char **error_string)
> {
> - const char *sidstr = dom_sid_string(mem_ctx, sid);
> + struct dom_sid_buf buf;
> /* We assume that ForeignSecurityPrincipals are under the BASEDN of the main domain */
> struct ldb_dn *basedn = samdb_search_dn(state->sam_ldb, mem_ctx,
> state->base_dn[SAM_DATABASE_DOMAIN],
> @@ -79,10 +79,6 @@ static NTSTATUS samsync_ldb_add_foreignSecurityPrincipal(TALLOC_CTX *mem_ctx,
> struct ldb_message *msg;
> int ret;
>
> - if (!sidstr) {
> - return NT_STATUS_NO_MEMORY;
> - }
> -
> if (basedn == NULL) {
> *error_string = talloc_asprintf(mem_ctx,
> "Failed to find DN for "
> @@ -98,7 +94,8 @@ static NTSTATUS samsync_ldb_add_foreignSecurityPrincipal(TALLOC_CTX *mem_ctx,
>
> /* add core elements to the ldb_message for the alias */
> msg->dn = basedn;
> - if ( ! ldb_dn_add_child_fmt(msg->dn, "CN=%s", sidstr))
> + if ( ! ldb_dn_add_child_fmt(
> + msg->dn, "CN=%s", dom_sid_str_buf(sid, &buf)))
> return NT_STATUS_UNSUCCESSFUL;
>
> ldb_msg_add_string(msg, "objectClass", "foreignSecurityPrincipal");
> @@ -973,20 +970,15 @@ static NTSTATUS samsync_ldb_handle_account(TALLOC_CTX *mem_ctx,
> struct ldb_message *msg;
> int ret;
> uint32_t i;
> - char *dnstr, *sidstr;
> + char *dnstr;
> + struct dom_sid_buf buf;
>
> msg = ldb_msg_new(mem_ctx);
> if (msg == NULL) {
> return NT_STATUS_NO_MEMORY;
> }
>
> - sidstr = dom_sid_string(msg, sid);
> - if (sidstr == NULL) {
> - TALLOC_FREE(msg);
> - return NT_STATUS_NO_MEMORY;
> - }
> -
> - dnstr = talloc_asprintf(msg, "sid=%s", sidstr);
> + dnstr = talloc_asprintf(msg, "sid=%s", dom_sid_str_buf(sid, &buf));
> if (dnstr == NULL) {
> TALLOC_FREE(msg);
> return NT_STATUS_NO_MEMORY;
> @@ -1050,8 +1042,11 @@ static NTSTATUS samsync_ldb_delete_account(TALLOC_CTX *mem_ctx,
> } else if (ret == 0) {
> return NT_STATUS_NO_SUCH_USER;
> } else if (ret > 1) {
> - *error_string = talloc_asprintf(mem_ctx, "More than one account with SID: %s",
> - dom_sid_string(mem_ctx, sid));
> + struct dom_sid_buf buf;
> + *error_string = talloc_asprintf(
> + mem_ctx,
> + "More than one account with SID: %s",
> + dom_sid_str_buf(sid, &buf));
> return NT_STATUS_INTERNAL_DB_CORRUPTION;
> } else {
> msg->dn = talloc_steal(msg, msgs[0]->dn);
> --
> 2.11.0
>
More information about the samba-technical
mailing list