summaryrefslogtreecommitdiff
path: root/libgpo/gpo_sec.c
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2018-11-02 21:28:59 +0100
committerJeremy Allison <jra@samba.org>2018-11-09 22:42:29 +0100
commit5cad0fc6c0bbca861cbed04acc940af7121317f3 (patch)
tree5517b8da9f69fa25a647b00f33632936e4efef7f /libgpo/gpo_sec.c
parent87ae595b3880862589743e07dd2d08bfc0d35883 (diff)
downloadsamba-5cad0fc6c0bbca861cbed04acc940af7121317f3.tar.gz
libgpo: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'libgpo/gpo_sec.c')
-rw-r--r--libgpo/gpo_sec.c15
1 files changed, 4 insertions, 11 deletions
diff --git a/libgpo/gpo_sec.c b/libgpo/gpo_sec.c
index 98ee8eb3cc9..82887bc7e19 100644
--- a/libgpo/gpo_sec.c
+++ b/libgpo/gpo_sec.c
@@ -103,16 +103,13 @@ static bool gpo_sd_check_read_access_bits(uint32_t access_mask)
static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
const struct security_token *token)
{
- char *sid_str;
-
if (gpo_sd_check_agp_object(ace) &&
gpo_sd_check_agp_access_bits(ace->access_mask) &&
security_token_has_sid(token, &ace->trustee)) {
- sid_str = dom_sid_string(NULL, &ace->trustee);
+ struct dom_sid_buf sid_str;
DEBUG(10,("gpo_sd_check_ace_denied_object: "
"Access denied as of ace for %s\n",
- sid_str));
- talloc_free(sid_str);
+ dom_sid_str_buf(&ace->trustee, &sid_str)));
return NT_STATUS_ACCESS_DENIED;
}
@@ -125,17 +122,13 @@ static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace,
const struct security_token *token)
{
- char *sid_str;
-
if (gpo_sd_check_agp_object(ace) &&
gpo_sd_check_agp_access_bits(ace->access_mask) &&
security_token_has_sid(token, &ace->trustee)) {
- sid_str = dom_sid_string(NULL, &ace->trustee);
+ struct dom_sid_buf sid_str;
DEBUG(10,("gpo_sd_check_ace_allowed_object: "
"Access granted as of ace for %s\n",
- sid_str));
- talloc_free(sid_str);
-
+ dom_sid_str_buf(&ace->trustee, &sid_str)));
return NT_STATUS_OK;
}
View Lorry Controller Status