[PATCH] A few more cleanups
Jeremy Allison
jra at samba.org
Mon Nov 26 22:47:40 UTC 2018
On Mon, Nov 26, 2018 at 09:23:42PM +0100, Volker Lendecke via samba-technical wrote:
> Mostly dom_sid_str_buf, but one other one.
>
> Review appreciated!
LGTM ! RB+ and pushed, thanks !
> --
> Besuchen Sie die verinice.XP 2019 in Berlin!
> Anwenderkonferenz für Informationssicherheit
> 26.-28. Februar 2019 - im Hotel Radisson Blu
> Info & Anmeldung hier: http://veriniceXP.org
>
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
> http://www.sernet.de, mailto:kontakt at sernet.de
> From fbbe388f80cbb927dea23b51584393bc182c2083 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 23 Nov 2018 12:34:50 +0100
> Subject: [PATCH 01/11] libads: Give krb5_errs.c its own header
>
> The protos were declared in lib/krb5_wrap but the functions are not
> available there.
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> lib/krb5_wrap/krb5_samba.h | 3 ---
> source3/libads/ads_status.c | 1 +
> source3/libads/authdata.c | 1 +
> source3/libads/kerberos.c | 1 +
> source3/libads/krb5_errs.c | 2 ++
> source3/libads/krb5_errs.h | 30 ++++++++++++++++++++++++++++++
> source3/libnet/libnet_dssync.c | 1 +
> source3/libnet/libnet_dssync_keytab.c | 1 +
> source3/libsmb/cliconnect.c | 1 +
> source3/passdb/machine_account_secrets.c | 1 +
> source3/winbindd/winbindd_cred_cache.c | 1 +
> source3/winbindd/winbindd_pam.c | 1 +
> 12 files changed, 41 insertions(+), 3 deletions(-)
> create mode 100644 source3/libads/krb5_errs.h
>
> diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
> index 8305c1f77af..fb3cb5f2ad8 100644
> --- a/lib/krb5_wrap/krb5_samba.h
> +++ b/lib/krb5_wrap/krb5_samba.h
> @@ -188,9 +188,6 @@ krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, const char *cli
> krb5_error_code smb_krb5_gen_netbios_krb5_address(smb_krb5_addresses **kerb_addr,
> const char *netbios_name);
> krb5_error_code smb_krb5_free_addresses(krb5_context context, smb_krb5_addresses *addr);
> -NTSTATUS krb5_to_nt_status(krb5_error_code kerberos_error);
> -krb5_error_code nt_status_to_krb5(NTSTATUS nt_status);
> -
> krb5_enctype smb_krb5_kt_get_enctype_from_entry(krb5_keytab_entry *kt_entry);
>
> krb5_error_code smb_krb5_enctype_to_string(krb5_context context,
> diff --git a/source3/libads/ads_status.c b/source3/libads/ads_status.c
> index 70569949aeb..fb3646386ca 100644
> --- a/source3/libads/ads_status.c
> +++ b/source3/libads/ads_status.c
> @@ -25,6 +25,7 @@
> #include "system/gssapi.h"
> #include "smb_ldap.h"
> #include "libads/ads_status.h"
> +#include "krb5_errs.h"
>
> /*
> build a ADS_STATUS structure
> diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
> index d8a6487dc27..86a1be71bf9 100644
> --- a/source3/libads/authdata.c
> +++ b/source3/libads/authdata.c
> @@ -32,6 +32,7 @@
> #include "auth/gensec/gensec.h"
> #include "auth/gensec/gensec_internal.h" /* TODO: remove this */
> #include "../libcli/auth/spnego.h"
> +#include "krb5_errs.h"
>
> #ifdef HAVE_KRB5
>
> diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
> index 58f38cdc55d..418e5a72243 100644
> --- a/source3/libads/kerberos.c
> +++ b/source3/libads/kerberos.c
> @@ -31,6 +31,7 @@
> #include "secrets.h"
> #include "../lib/tsocket/tsocket.h"
> #include "lib/util/asn1.h"
> +#include "krb5_errs.h"
>
> #ifdef HAVE_KRB5
>
> diff --git a/source3/libads/krb5_errs.c b/source3/libads/krb5_errs.c
> index 8eb5d8247b1..0c2ada59966 100644
> --- a/source3/libads/krb5_errs.c
> +++ b/source3/libads/krb5_errs.c
> @@ -20,6 +20,8 @@
> #include "includes.h"
> #include "smb_krb5.h"
>
> +#include "krb5_errs.h"
> +
> #ifdef HAVE_KRB5
>
> static const struct {
> diff --git a/source3/libads/krb5_errs.h b/source3/libads/krb5_errs.h
> new file mode 100644
> index 00000000000..57b6391ff74
> --- /dev/null
> +++ b/source3/libads/krb5_errs.h
> @@ -0,0 +1,30 @@
> +/*
> + * Unix SMB/CIFS implementation.
> + * Kerberos error mapping functions
> + * Copyright (C) Guenther Deschner 2005
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 3 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, see <http://www.gnu.org/licenses/>.
> + */
> +
> +#ifndef __KRB5_ERRS_H__
> +#define __KRB5_ERRS_H__
> +
> +#include "replace.h"
> +#include "libcli/util/ntstatus.h"
> +#include <krb5.h>
> +
> +NTSTATUS krb5_to_nt_status(krb5_error_code kerberos_error);
> +krb5_error_code nt_status_to_krb5(NTSTATUS nt_status);
> +
> +#endif
> diff --git a/source3/libnet/libnet_dssync.c b/source3/libnet/libnet_dssync.c
> index e593ae8536c..2b6995bd566 100644
> --- a/source3/libnet/libnet_dssync.c
> +++ b/source3/libnet/libnet_dssync.c
> @@ -25,6 +25,7 @@
> #include "rpc_client/cli_pipe.h"
> #include "../libcli/drsuapi/drsuapi.h"
> #include "../librpc/gen_ndr/ndr_drsuapi_c.h"
> +#include "libads/krb5_errs.h"
>
> /****************************************************************
> ****************************************************************/
> diff --git a/source3/libnet/libnet_dssync_keytab.c b/source3/libnet/libnet_dssync_keytab.c
> index 8999a3535fb..7526cd3294e 100644
> --- a/source3/libnet/libnet_dssync_keytab.c
> +++ b/source3/libnet/libnet_dssync_keytab.c
> @@ -23,6 +23,7 @@
> #include "libnet/libnet_dssync.h"
> #include "libnet/libnet_keytab.h"
> #include "librpc/gen_ndr/ndr_drsblobs.h"
> +#include "libads/krb5_errs.h"
>
> #if defined(HAVE_ADS)
>
> diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
> index 837299d9220..0a54d47227a 100644
> --- a/source3/libsmb/cliconnect.c
> +++ b/source3/libsmb/cliconnect.c
> @@ -41,6 +41,7 @@
> #include "../libcli/smb/smb_seal.h"
> #include "lib/param/param.h"
> #include "../libcli/smb/smb2_negotiate_context.h"
> +#include "libads/krb5_errs.h"
>
> #define STAR_SMBSERVER "*SMBSERVER"
>
> diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
> index d8ffcaa7fb6..b816b3aa7f8 100644
> --- a/source3/passdb/machine_account_secrets.c
> +++ b/source3/passdb/machine_account_secrets.c
> @@ -37,6 +37,7 @@
> #include "lib/krb5_wrap/krb5_samba.h"
> #include "lib/util/time_basic.h"
> #include "../libds/common/flags.h"
> +#include "libads/krb5_errs.h"
>
> #undef DBGC_CLASS
> #define DBGC_CLASS DBGC_PASSDB
> diff --git a/source3/winbindd/winbindd_cred_cache.c b/source3/winbindd/winbindd_cred_cache.c
> index c7332297982..85ad426446a 100644
> --- a/source3/winbindd/winbindd_cred_cache.c
> +++ b/source3/winbindd/winbindd_cred_cache.c
> @@ -26,6 +26,7 @@
> #include "../libcli/auth/libcli_auth.h"
> #include "smb_krb5.h"
> #include "libads/kerberos_proto.h"
> +#include "libads/krb5_errs.h"
>
> #undef DBGC_CLASS
> #define DBGC_CLASS DBGC_WINBIND
> diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
> index a02926decb2..873c2f6d3e8 100644
> --- a/source3/winbindd/winbindd_pam.c
> +++ b/source3/winbindd/winbindd_pam.c
> @@ -45,6 +45,7 @@
> #include "lib/afs/afs_funcs.h"
> #include "libsmb/samlogon_cache.h"
> #include "rpc_client/util_netlogon.h"
> +#include "libads/krb5_errs.h"
>
> #undef DBGC_CLASS
> #define DBGC_CLASS DBGC_WINBIND
> --
> 2.11.0
>
>
> From 3dd1c0eda5574e6591f6d8aa15112a44a2d1a198 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 23 Nov 2018 08:49:44 +0100
> Subject: [PATCH 02/11] libgpo: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> libgpo/gpo_reg.c | 18 +++++++++++++++---
> 1 file changed, 15 insertions(+), 3 deletions(-)
>
> diff --git a/libgpo/gpo_reg.c b/libgpo/gpo_reg.c
> index 18d0498c7e9..cb4e5c87c88 100644
> --- a/libgpo/gpo_reg.c
> +++ b/libgpo/gpo_reg.c
> @@ -26,6 +26,7 @@
> #include "registry/reg_api_util.h"
> #include "registry/reg_init_basic.h"
> #include "../libcli/security/security.h"
> +#include "libcli/security/dom_sid.h"
> #include "../libcli/registry/util_reg.h"
>
>
> @@ -306,12 +307,17 @@ static const char *gp_reg_groupmembership_path(TALLOC_CTX *mem_ctx,
> const struct dom_sid *sid,
> uint32_t flags)
> {
> + struct dom_sid_buf sidbuf;
> +
> if (flags & GPO_LIST_FLAG_MACHINE) {
> return "GroupMembership";
> }
>
> - return talloc_asprintf(mem_ctx, "%s\\%s", sid_string_tos(sid),
> - "GroupMembership");
> + return talloc_asprintf(
> + mem_ctx,
> + "%s\\%s",
> + dom_sid_str_buf(sid, &sidbuf),
> + "GroupMembership");
> }
>
> /****************************************************************
> @@ -435,11 +441,17 @@ static const char *gp_req_state_path(TALLOC_CTX *mem_ctx,
> const struct dom_sid *sid,
> uint32_t flags)
> {
> + struct dom_sid_buf sidbuf;
> +
> if (flags & GPO_LIST_FLAG_MACHINE) {
> return GPO_REG_STATE_MACHINE;
> }
>
> - return talloc_asprintf(mem_ctx, "%s\\%s", "State", sid_string_tos(sid));
> + return talloc_asprintf(
> + mem_ctx,
> + "%s\\%s",
> + "State",
> + dom_sid_str_buf(sid, &sidbuf));
> }
>
> /****************************************************************
> --
> 2.11.0
>
>
> From 31c214cbbaa6ed8b0ac0dba87940d744ea2c4a8c Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 23 Nov 2018 08:50:47 +0100
> Subject: [PATCH 03/11] libgpo: Align integer types
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> libgpo/gpo_reg.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libgpo/gpo_reg.c b/libgpo/gpo_reg.c
> index cb4e5c87c88..644b4d36d62 100644
> --- a/libgpo/gpo_reg.c
> +++ b/libgpo/gpo_reg.c
> @@ -348,7 +348,7 @@ static WERROR gp_reg_store_groupmembership(TALLOC_CTX *mem_ctx,
> {
> struct registry_key *key = NULL;
> WERROR werr;
> - int i = 0;
> + uint32_t i = 0;
> const char *valname = NULL;
> const char *path = NULL;
> const char *val = NULL;
> --
> 2.11.0
>
>
> From 3bc62cedd464e1295df5d68b476817354d5bda6c Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 23 Nov 2018 08:55:13 +0100
> Subject: [PATCH 04/11] winbind: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/winbindd/winbindd_getgroups.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/source3/winbindd/winbindd_getgroups.c b/source3/winbindd/winbindd_getgroups.c
> index 16c06395d70..39a8c3556cf 100644
> --- a/source3/winbindd/winbindd_getgroups.c
> +++ b/source3/winbindd/winbindd_getgroups.c
> @@ -20,6 +20,7 @@
> #include "includes.h"
> #include "winbindd.h"
> #include "passdb/lookup_sid.h" /* only for LOOKUP_NAME_NO_NSS flag */
> +#include "libcli/security/dom_sid.h"
>
> struct winbindd_getgroups_state {
> struct tevent_context *ev;
> @@ -204,6 +205,8 @@ static void winbindd_getgroups_sid2gid_done(struct tevent_req *subreq)
> }
>
> if (!include_gid) {
> + struct dom_sid_buf sidbuf;
> +
> if (debug_missing == NULL) {
> continue;
> }
> @@ -214,7 +217,7 @@ static void winbindd_getgroups_sid2gid_done(struct tevent_req *subreq)
> "This might be a security problem when ACLs "
> "contain DENY ACEs!\n",
> (unsigned)xids[i].id,
> - sid_string_tos(&state->sids[i]),
> + dom_sid_str_buf(&state->sids[i], &sidbuf),
> debug_missing));
> continue;
> }
> --
> 2.11.0
>
>
> From 6536c62ffc6408b71d011d9a61324e84da32bf3b Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 23 Nov 2018 08:53:45 +0100
> Subject: [PATCH 05/11] winbind: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/winbindd/winbindd_getusersids.c | 12 +++++-------
> 1 file changed, 5 insertions(+), 7 deletions(-)
>
> diff --git a/source3/winbindd/winbindd_getusersids.c b/source3/winbindd/winbindd_getusersids.c
> index 024bad2b9e5..9a6a24107b9 100644
> --- a/source3/winbindd/winbindd_getusersids.c
> +++ b/source3/winbindd/winbindd_getusersids.c
> @@ -104,13 +104,11 @@ NTSTATUS winbindd_getusersids_recv(struct tevent_req *req,
> }
>
> for (i=0; i<state->num_sids; i++) {
> - char *str = sid_string_tos(&state->sids[i]);
> - if (str == NULL) {
> - TALLOC_FREE(result);
> - return NT_STATUS_NO_MEMORY;
> - }
> - result = talloc_asprintf_append_buffer(result, "%s\n", str);
> - TALLOC_FREE(str);
> + struct dom_sid_buf sidbuf;
> + result = talloc_asprintf_append_buffer(
> + result,
> + "%s\n",
> + dom_sid_str_buf(&state->sids[i], &sidbuf));
> if (result == NULL) {
> return NT_STATUS_NO_MEMORY;
> }
> --
> 2.11.0
>
>
> From eb8c58592c89f8653195f6acbfa3991dbd9b5efa Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 23 Nov 2018 08:58:59 +0100
> Subject: [PATCH 06/11] winbind: Use dom_sid_str_buf
>
> Also fix a DBG format string specifier
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/winbindd/wb_lookupsids.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c
> index af02a0c9547..5c73d3843ea 100644
> --- a/source3/winbindd/wb_lookupsids.c
> +++ b/source3/winbindd/wb_lookupsids.c
> @@ -251,13 +251,16 @@ static bool wb_lookupsids_next(struct tevent_req *req,
>
> static bool wb_lookupsids_bulk(const struct dom_sid *sid)
> {
> + struct dom_sid_buf sidbuf;
> +
> if (sid->num_auths != 5) {
> /*
> * Only do "S-1-5-21-x-y-z-rid" domains via bulk
> * lookup
> */
> - DEBUG(10, ("No bulk setup for SID %s with %d subauths\n",
> - sid_string_dbg(sid), sid->num_auths));
> + DBG_DEBUG("No bulk setup for SID %s with %"PRIi8" subauths\n",
> + dom_sid_str_buf(sid, &sidbuf),
> + sid->num_auths);
> return false;
> }
>
> @@ -265,7 +268,8 @@ static bool wb_lookupsids_bulk(const struct dom_sid *sid)
> /*
> * Passdb lookup via lookuprids
> */
> - DEBUG(10, ("%s is in our domain\n", sid_string_tos(sid)));
> + DBG_DEBUG("%s is in our domain\n",
> + dom_sid_str_buf(sid, &sidbuf));
> return true;
> }
>
> --
> 2.11.0
>
>
> From 2b884bfd88f771746cdd4e7e8fe963c50652e29f Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Fri, 23 Nov 2018 09:03:13 +0100
> Subject: [PATCH 07/11] winbind: Fix "wbint_Principals" definition
>
> A signed integer does not make any sense for an IDL array length
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> librpc/idl/winbind.idl | 2 +-
> source3/winbindd/wb_query_user_list.c | 2 +-
> source3/winbindd/winbindd_lookuprids.c | 2 +-
> 3 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/librpc/idl/winbind.idl b/librpc/idl/winbind.idl
> index f5e3507bff5..258dd284ad5 100644
> --- a/librpc/idl/winbind.idl
> +++ b/librpc/idl/winbind.idl
> @@ -120,7 +120,7 @@ interface winbind
> } wbint_Principal;
>
> typedef [public] struct {
> - int num_principals;
> + uint32 num_principals;
> [size_is(num_principals)] wbint_Principal principals[];
> } wbint_Principals;
>
> diff --git a/source3/winbindd/wb_query_user_list.c b/source3/winbindd/wb_query_user_list.c
> index 6d699875e9b..5e80aae8469 100644
> --- a/source3/winbindd/wb_query_user_list.c
> +++ b/source3/winbindd/wb_query_user_list.c
> @@ -93,7 +93,7 @@ static void wb_query_user_list_done(struct tevent_req *subreq)
> struct wb_query_user_list_state *state = tevent_req_data(
> req, struct wb_query_user_list_state);
> NTSTATUS status, result;
> - int i;
> + uint32_t i;
>
> status = dcerpc_wbint_LookupRids_recv(subreq, state, &result);
> TALLOC_FREE(subreq);
> diff --git a/source3/winbindd/winbindd_lookuprids.c b/source3/winbindd/winbindd_lookuprids.c
> index 6d0c0efd429..ed5d951e7de 100644
> --- a/source3/winbindd/winbindd_lookuprids.c
> +++ b/source3/winbindd/winbindd_lookuprids.c
> @@ -117,7 +117,7 @@ NTSTATUS winbindd_lookuprids_recv(struct tevent_req *req,
> req, struct winbindd_lookuprids_state);
> NTSTATUS status;
> char *result;
> - int i;
> + uint32_t i;
>
> if (tevent_req_is_nterror(req, &status)) {
> DEBUG(5, ("Lookuprids failed: %s\n",nt_errstr(status)));
> --
> 2.11.0
>
>
> From d71992fd1a988d90bd8d5b4588a949c56c00243a Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sat, 24 Nov 2018 13:14:23 +0100
> Subject: [PATCH 08/11] idmap_cache: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/lib/idmap_cache.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/source3/lib/idmap_cache.c b/source3/lib/idmap_cache.c
> index 1d87bbdec45..77618dd5aa1 100644
> --- a/source3/lib/idmap_cache.c
> +++ b/source3/lib/idmap_cache.c
> @@ -414,6 +414,7 @@ bool idmap_cache_del_sid(const struct dom_sid *sid)
> bool ret = true;
> bool expired;
> struct unixid id;
> + struct dom_sid_buf sidbuf;
> const char *sid_key;
>
> if (!idmap_cache_find_sid2unixid(sid, &id, &expired)) {
> @@ -438,7 +439,7 @@ bool idmap_cache_del_sid(const struct dom_sid *sid)
> }
> }
>
> - sid_key = key_sid2xid_str(mem_ctx, dom_sid_string(mem_ctx, sid));
> + sid_key = key_sid2xid_str(mem_ctx, dom_sid_str_buf(sid, &sidbuf));
> if (sid_key == NULL) {
> return false;
> }
> --
> 2.11.0
>
>
> From d13bf0e2b710f3072c4bb0c7da28219d13a1e312 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sat, 24 Nov 2018 13:16:56 +0100
> Subject: [PATCH 09/11] libcli: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> libcli/security/secdesc.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/libcli/security/secdesc.c b/libcli/security/secdesc.c
> index 8cf44347c7c..53e0e023a7b 100644
> --- a/libcli/security/secdesc.c
> +++ b/libcli/security/secdesc.c
> @@ -492,6 +492,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
> const struct dom_sid *ptrustee = &ace->trustee;
> const struct dom_sid *creator = NULL;
> uint8_t new_flags = ace->flags;
> + struct dom_sid_buf sidbuf1, sidbuf2;
>
> if (!is_inheritable_ace(ace, container)) {
> continue;
> @@ -540,9 +541,9 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
>
> DEBUG(5,("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x"
> " inherited as %s:%d/0x%02x/0x%08x\n",
> - dom_sid_string(frame, &ace->trustee),
> + dom_sid_str_buf(&ace->trustee, &sidbuf1),
> ace->type, ace->flags, ace->access_mask,
> - dom_sid_string(frame, &new_ace->trustee),
> + dom_sid_str_buf(&new_ace->trustee, &sidbuf2),
> new_ace->type, new_ace->flags,
> new_ace->access_mask));
>
> @@ -565,9 +566,9 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
>
> DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
> " inherited as %s:%d/0x%02x/0x%08x\n",
> - dom_sid_string(frame, &ace->trustee),
> + dom_sid_str_buf(&ace->trustee, &sidbuf1),
> ace->type, ace->flags, ace->access_mask,
> - dom_sid_string(frame, &new_ace->trustee),
> + dom_sid_str_buf(&new_ace->trustee, &sidbuf2),
> new_ace->type, new_ace->flags,
> new_ace->access_mask));
>
> --
> 2.11.0
>
>
> From 701bb38006dd7226af0551f9bac9a765da5e8eac Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sat, 24 Nov 2018 13:16:56 +0100
> Subject: [PATCH 10/11] libcli: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> libcli/security/security_token.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c
> index 2e5a87be504..de75033deae 100644
> --- a/libcli/security/security_token.c
> +++ b/libcli/security/security_token.c
> @@ -62,8 +62,11 @@ void security_token_debug(int dbg_class, int dbg_lev, const struct security_toke
> DEBUGC(dbg_class, dbg_lev, ("Security token SIDs (%lu):\n",
> (unsigned long)token->num_sids));
> for (i = 0; i < token->num_sids; i++) {
> - DEBUGADDC(dbg_class, dbg_lev, (" SID[%3lu]: %s\n", (unsigned long)i,
> - dom_sid_string(mem_ctx, &token->sids[i])));
> + struct dom_sid_buf sidbuf;
> + DEBUGADDC(dbg_class,
> + dbg_lev,
> + (" SID[%3lu]: %s\n", (unsigned long)i,
> + dom_sid_str_buf(&token->sids[i], &sidbuf)));
> }
>
> security_token_debug_privileges(dbg_class, dbg_lev, token);
> --
> 2.11.0
>
>
> From 713af3eeebc717c86e2b29985c1fd2bc791692db Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Sat, 24 Nov 2018 13:25:25 +0100
> Subject: [PATCH 11/11] winbind: Use dom_sid_str_buf
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/winbindd/winbindd_pam.c | 16 ++++++----------
> 1 file changed, 6 insertions(+), 10 deletions(-)
>
> diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
> index 873c2f6d3e8..b7eb17556a4 100644
> --- a/source3/winbindd/winbindd_pam.c
> +++ b/source3/winbindd/winbindd_pam.c
> @@ -140,17 +140,13 @@ static NTSTATUS append_info3_as_txt(TALLOC_CTX *mem_ctx,
> }
>
> for (i=0; i < info3->sidcount; i++) {
> - char *sid;
> + struct dom_sid_buf sidbuf;
>
> - sid = dom_sid_string(frame, info3->sids[i].sid);
> - if (sid == NULL) {
> - status = NT_STATUS_NO_MEMORY;
> - goto out;
> - }
> -
> - ex = talloc_asprintf_append_buffer(ex, "%s:0x%08X\n",
> - sid,
> - info3->sids[i].attributes);
> + ex = talloc_asprintf_append_buffer(
> + ex,
> + "%s:0x%08X\n",
> + dom_sid_str_buf(info3->sids[i].sid, &sidbuf),
> + info3->sids[i].attributes);
> if (ex == NULL) {
> status = NT_STATUS_NO_MEMORY;
> goto out;
> --
> 2.11.0
>
More information about the samba-technical
mailing list