libcli/security: fix dom_sid_in_domain()

Ensure the SID has exactly one component more then the domain SID, eg Domain SID: S-1-5-21-1-2-3 SID: S-1-5-21-1-2-3-4 This will return true. If the SID has more components, eg SID: S-1-5-21-1-2-3-4-5, or SID: S-1-5-21-1-2-3-4-5-6-7-8 dom_sid_in_domain() must return false. This was verified against Windows: lsa_LookupSids: struct lsa_LookupSids out: struct lsa_LookupSids domains : * domains : * domains: struct lsa_RefDomainList count : 0x00000002 (2) domains : * domains: ARRAY(2) domains: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x000e (14) size : 0x0010 (16) string : * string : 'BUILTIN' sid : * sid : S-1-5-32 domains: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x0012 (18) size : 0x0014 (20) string : * string : 'W4EDOM-L4' sid : * sid : S-1-5-21-278041429-3399921908-1452754838 max_size : 0x00000020 (32) names : * names: struct lsa_TransNameArray count : 0x00000004 (4) names : * names: ARRAY(4) names: struct lsa_TranslatedName sid_type : SID_NAME_USER (1) name: struct lsa_String length : 0x001a (26) size : 0x001a (26) string : * string : 'Administrator' sid_index : 0x00000001 (1) names: struct lsa_TranslatedName sid_type : SID_NAME_UNKNOWN (8) name: struct lsa_String length : 0x005c (92) size : 0x005e (94) string : * string : 'S-1-5-21-278041429-3399921908-1452754838-500-1' sid_index : 0xffffffff (4294967295) names: struct lsa_TranslatedName sid_type : SID_NAME_ALIAS (4) name: struct lsa_String length : 0x001c (28) size : 0x001c (28) string : * string : 'Administrators' sid_index : 0x00000000 (0) names: struct lsa_TranslatedName sid_type : SID_NAME_UNKNOWN (8) name: struct lsa_String length : 0x001c (28) size : 0x001e (30) string : * string : 'S-1-5-32-544-9' sid_index : 0xffffffff (4294967295) count : * count : 0x00000002 (2) result : STATUS_SOME_UNMAPPED Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
author: Ralph Boehme <slow@samba.org> 2017-04-10 16:14:45 +0200
committer: Jeremy Allison <jra@samba.org> 2017-04-12 01:41:14 +0200
commit: a58b54a33435d26e9fe226d3d72e4392747aeedd (patch)
tree: fdbd8c397aa2bc24c3912e1c8041b299c7dfbb06 /libcli
parent: 26661218b3d3f0d4ee89039727bc110e972c2851 (diff)
download: samba-a58b54a33435d26e9fe226d3d72e4392747aeedd.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
index 5454c514c94..e6beff1a399 100644
--- a/libcli/security/dom_sid.c
+++ b/libcli/security/dom_sid.c
@@ -341,7 +341,11 @@ bool dom_sid_in_domain(const struct dom_sid *domain_sid,
 		return false;
 	}
 
-	if (domain_sid->num_auths > sid->num_auths) {
+	if (sid->num_auths < 2) {
+		return false;
+	}
+
+	if (domain_sid->num_auths != (sid->num_auths - 1)) {
 		return false;
 	}
author	Ralph Boehme <slow@samba.org>	2017-04-10 16:14:45 +0200
committer	Jeremy Allison <jra@samba.org>	2017-04-12 01:41:14 +0200
commit	a58b54a33435d26e9fe226d3d72e4392747aeedd (patch)
tree	fdbd8c397aa2bc24c3912e1c8041b299c7dfbb06 /libcli
parent	26661218b3d3f0d4ee89039727bc110e972c2851 (diff)
download	samba-a58b54a33435d26e9fe226d3d72e4392747aeedd.tar.gz