[PATCH] store SID's in SAM_ACCOUNT
Simo Sorce
simo.sorce at xsec.it
Fri May 31 03:47:03 GMT 2002
On Fri, 2002-05-31 at 12:20, metze at metzemix.de wrote:
> Hi Andrew and Simo,
>
> this patches are only for discussion,( not completely ready)
>
> please take look at it the Patch for Makefile.in should be cleaner but I
> don't know how to do this... So it would be nice if someoneelse could do that.
> The reason for changing Makefile.in is that the global_sam_sid should be
> get with the function get_global_sam_sid(), witch is in
> passdb/machine_sid.c and depends code from passdb/secrets.c
> libsmb/smbencrypt.c libsmb/smbdes.c
>
>
> code Patch
> ---------------------------------------------------------
[snip]
> diff -Nur HEAD/source/rpc_server/srv_samr_nt.c
> HEAD-fix/source/rpc_server/srv_samr_nt.c
> --- HEAD/source/rpc_server/srv_samr_nt.c Mon May 27 13:11:02 2002
> +++ HEAD-fix/source/rpc_server/srv_samr_nt.c Wed May 29 13:16:56 2002
> @@ -31,7 +31,6 @@
>
[snip]
> @@ -1982,19 +1981,10 @@
> account));
> return NT_STATUS_ACCESS_DENIED;
> }
> -
> - /* Get the domain SID stored in the domain policy */
> - if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) {
> - pdb_free_sam(&sam_pass);
> - return NT_STATUS_INVALID_HANDLE;
> - }
> -
> - /* append the user's RID to it */
> - if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) {
> - pdb_free_sam(&sam_pass);
> - return NT_STATUS_NO_SUCH_USER;
> - }
>
> + /* Get the user's SID */
> + sid_copy(&sid,(DOM_SID *)pdb_get_user_sid(sam_pass));
> +
> /* associate the user's SID with the new handle. */
> if ((info = get_samr_info_by_sid(&sid)) == NULL) {
> pdb_free_sam(&sam_pass);
> @@ -2709,7 +2699,7 @@
the above piece is wrong!
wrong seem to be the original code. (an unjustified pdb_free_sam ?)
I'll check it.
Wrong is the patch!
Why have you got out get_lsa_policy_samr_sid() ?
The code here creates the SID form the info that come from the remote,
while instead you are creating a user SID from the RID only.
Simo.
--
Simo Sorce - simo.sorce at xsec.it
Xsec s.r.l.
via Durando 10 Ed. G - 20158 - Milano
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20020531/6504b6d2/attachment.bin
More information about the samba-technical
mailing list