diff options
author | Volker Lendecke <vl@samba.org> | 2018-12-13 21:01:00 +0100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2018-12-20 23:40:25 +0100 |
commit | 6af7d7ffda8025a2d270ba1d01b0708efca511a2 (patch) | |
tree | eb4b76880841df18053a9d2ea3dd40a2ad39083a /source3/auth | |
parent | 59f29acb2cd947d2f594a5af3d73d0cbe8298d92 (diff) | |
download | samba-6af7d7ffda8025a2d270ba1d01b0708efca511a2.tar.gz |
auth3: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Diffstat (limited to 'source3/auth')
-rw-r--r-- | source3/auth/auth_util.c | 6 | ||||
-rw-r--r-- | source3/auth/server_info.c | 26 | ||||
-rw-r--r-- | source3/auth/token_util.c | 18 |
3 files changed, 31 insertions, 19 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index e31f8183439..d78dbed14b2 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -607,9 +607,10 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, if (ids[i].type != ID_TYPE_GID && ids[i].type != ID_TYPE_BOTH) { + struct dom_sid_buf buf; DEBUG(10, ("Could not convert SID %s to gid, " "ignoring it\n", - sid_string_dbg(&t->sids[i]))); + dom_sid_str_buf(&t->sids[i], &buf))); continue; } if (!add_gid_to_array_unique(session_info->unix_token, @@ -1084,10 +1085,11 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx, ids[i].type != ID_TYPE_BOTH) { struct security_token *nt_token = session_info->security_token; + struct dom_sid_buf buf; DEBUG(10, ("Could not convert SID %s to gid, " "ignoring it\n", - sid_string_dbg(&nt_token->sids[i]))); + dom_sid_str_buf(&nt_token->sids[i], &buf))); continue; } diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c index 6d5e9fb72fe..2c48d1bb7a9 100644 --- a/source3/auth/server_info.c +++ b/source3/auth/server_info.c @@ -310,13 +310,14 @@ static NTSTATUS merge_resource_sids(const struct PAC_LOGON_INFO *logon_info, NTSTATUS status; struct dom_sid new_sid; uint32_t attributes = rg->groups.rids[i].attributes; + struct dom_sid_buf buf; sid_compose(&new_sid, rg->domain_sid, rg->groups.rids[i].rid); DEBUG(10, ("Adding SID %s to extra SIDS\n", - sid_string_dbg(&new_sid))); + dom_sid_str_buf(&new_sid, &buf))); status = append_netr_SidAttr(info3, &info3->sids, &info3->sidcount, @@ -324,7 +325,7 @@ static NTSTATUS merge_resource_sids(const struct PAC_LOGON_INFO *logon_info, attributes); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("failed to append SID %s to extra SIDS: %s\n", - sid_string_dbg(&new_sid), + dom_sid_str_buf(&new_sid, &buf), nt_errstr(status))); return status; } @@ -431,6 +432,8 @@ static NTSTATUS SamInfo3_handle_sids(const char *username, struct dom_sid *domain_sid, struct extra_auth_info *extra) { + struct dom_sid_buf buf; + if (sid_check_is_in_unix_users(user_sid)) { /* in info3 you can only set rids for the user and the * primary group, and the domain sid must be that of @@ -445,7 +448,7 @@ static NTSTATUS SamInfo3_handle_sids(const char *username, DEBUG(10, ("Unix User found. Rid marked as " "special and sid (%s) saved as extra sid\n", - sid_string_dbg(user_sid))); + dom_sid_str_buf(user_sid, &buf))); } else { sid_copy(domain_sid, user_sid); sid_split_rid(domain_sid, &info3->base.rid); @@ -471,17 +474,18 @@ static NTSTATUS SamInfo3_handle_sids(const char *username, DEBUG(10, ("Unix Group found. Rid marked as " "special and sid (%s) saved as extra sid\n", - sid_string_dbg(group_sid))); + dom_sid_str_buf(group_sid, &buf))); } else { bool ok = sid_peek_check_rid(domain_sid, group_sid, &info3->base.primary_gid); if (!ok) { + struct dom_sid_buf buf2, buf3; DEBUG(1, ("The primary group domain sid(%s) does not " "match the domain sid(%s) for %s(%s)\n", - sid_string_dbg(group_sid), - sid_string_dbg(domain_sid), + dom_sid_str_buf(group_sid, &buf), + dom_sid_str_buf(domain_sid, &buf2), username, - sid_string_dbg(user_sid))); + dom_sid_str_buf(user_sid, &buf3))); return NT_STATUS_INVALID_SID; } } @@ -751,12 +755,14 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx, ok = sid_peek_check_rid(&domain_sid, &group_sid, &info3->base.primary_gid); if (!ok) { + struct dom_sid_buf buf1, buf2, buf3; + DEBUG(1, ("The primary group domain sid(%s) does not " "match the domain sid(%s) for %s(%s)\n", - sid_string_dbg(&group_sid), - sid_string_dbg(&domain_sid), + dom_sid_str_buf(&group_sid, &buf1), + dom_sid_str_buf(&domain_sid, &buf2), unix_username, - sid_string_dbg(&user_sid))); + dom_sid_str_buf(&user_sid, &buf3))); status = NT_STATUS_INVALID_SID; goto done; } diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c index 21ccb0d1fe7..bfc2c3029b2 100644 --- a/source3/auth/token_util.c +++ b/source3/auth/token_util.c @@ -430,9 +430,10 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx, int i; NTSTATUS status; uint32_t session_info_flags = 0; + struct dom_sid_buf buf; DEBUG(10, ("Create local NT token for %s\n", - sid_string_dbg(user_sid))); + dom_sid_str_buf(user_sid, &buf))); if (!(result = talloc_zero(mem_ctx, struct security_token))) { DEBUG(0, ("talloc failed\n")); @@ -554,8 +555,9 @@ static NTSTATUS add_local_groups(struct security_token *result, pass = getpwuid_alloc(tmp_ctx, uid); if (pass == NULL) { + struct dom_sid_buf buf; DEBUG(1, ("SID %s -> getpwuid(%u) failed\n", - sid_string_dbg(&result->sids[0]), + dom_sid_str_buf(&result->sids[0], &buf), (unsigned int)uid)); } } @@ -903,6 +905,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx, uint32_t i; uint32_t high, low; bool range_ok; + struct dom_sid_buf buf; if (sid_check_is_in_our_sam(user_sid)) { bool ret; @@ -922,7 +925,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx, if (!ret) { DEBUG(1, ("pdb_getsampwsid(%s) failed\n", - sid_string_dbg(user_sid))); + dom_sid_str_buf(user_sid, &buf))); DEBUGADD(1, ("Fall back to unix user\n")); goto unix_user; } @@ -932,7 +935,8 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx, &pdb_num_group_sids); if (!NT_STATUS_IS_OK(result)) { DEBUG(1, ("enum_group_memberships failed for %s: " - "%s\n", sid_string_dbg(user_sid), + "%s\n", + dom_sid_str_buf(user_sid, &buf), nt_errstr(result))); DEBUGADD(1, ("Fall back to unix uid lookup\n")); goto unix_user; @@ -995,7 +999,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx, if (!sid_to_uid(user_sid, uid)) { DEBUG(1, ("unix_user case, sid_to_uid for %s failed\n", - sid_string_dbg(user_sid))); + dom_sid_str_buf(user_sid, &buf))); result = NT_STATUS_NO_SUCH_USER; goto done; } @@ -1050,7 +1054,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx, /* We must always assign the *uid. */ if (!sid_to_uid(user_sid, uid)) { DEBUG(1, ("winbindd case, sid_to_uid for %s failed\n", - sid_string_dbg(user_sid))); + dom_sid_str_buf(user_sid, &buf))); result = NT_STATUS_NO_SUCH_USER; goto done; } @@ -1075,7 +1079,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx, if (!sid_to_gid(&group_sids[0], &gids[0])) { DEBUG(1, ("sid_to_gid(%s) failed\n", - sid_string_dbg(&group_sids[0]))); + dom_sid_str_buf(&group_sids[0], &buf))); goto done; } |