auth4: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

source4/auth/sam.c

@@ -350,7 +350,7 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
 	char *filter = NULL;
 	/* SIDs for the account and his primary group */
 	struct dom_sid *account_sid;
-	const char *primary_group_string;
+	struct dom_sid_buf buf;
 	const char *primary_group_dn;
 	DATA_BLOB primary_group_blob;
 	/* SID structures for the expanded group memberships */
@@ -404,13 +404,10 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
-	primary_group_string = dom_sid_string(tmp_ctx, &sids[PRIMARY_GROUP_SID_INDEX]);
-	if (primary_group_string == NULL) {
-		TALLOC_FREE(user_info_dc);
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	primary_group_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", primary_group_string);
+	primary_group_dn = talloc_asprintf(
+		tmp_ctx,
+		"<SID=%s>",
+		dom_sid_str_buf(&sids[PRIMARY_GROUP_SID_INDEX], &buf));
 	if (primary_group_dn == NULL) {
 		TALLOC_FREE(user_info_dc);
 		return NT_STATUS_NO_MEMORY;
@@ -755,8 +752,9 @@ NTSTATUS authsam_get_user_info_dc_principal(TALLOC_CTX *mem_ctx,
 					  "(&(objectSid=%s)(objectClass=domain))",
 					    ldap_encode_ndr_dom_sid(tmp_ctx, domain_sid));
 		if (!domain_dn) {
+			struct dom_sid_buf buf;
 			DEBUG(3, ("authsam_get_user_info_dc_principal: Failed to find domain with: SID %s\n",
-				  dom_sid_string(tmp_ctx, domain_sid)));
+				  dom_sid_str_buf(domain_sid, &buf)));
 			return NT_STATUS_NO_SUCH_USER;
 		}
 

source4/auth/session.c

@@ -178,19 +178,14 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
 
 		/* Search for each group in the token */
 		for (i = 0; i < num_sids; i++) {
-			char *sid_string;
+			struct dom_sid_buf buf;
 			const char *sid_dn;
 			DATA_BLOB sid_blob;
 
-			sid_string = dom_sid_string(tmp_ctx,
-						      &sids[i]);
-			if (sid_string == NULL) {
-				TALLOC_FREE(user_info_dc);
-				return NT_STATUS_NO_MEMORY;
-			}
-			
-			sid_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", sid_string);
-			talloc_free(sid_string);
+			sid_dn = talloc_asprintf(
+				tmp_ctx,
+				"<SID=%s>",
+				dom_sid_str_buf(&sids[i], &buf));
 			if (sid_dn == NULL) {
 				TALLOC_FREE(user_info_dc);
 				return NT_STATUS_NO_MEMORY;

source4/auth/unix_token.c

@@ -91,11 +91,11 @@ NTSTATUS security_token_to_unix_token(TALLOC_CTX *mem_ctx,
 	} else if (ids[0].xid.type == ID_TYPE_UID) {
 		(*sec)->uid = ids[0].xid.id;
 	} else {
-		char *sid_str = dom_sid_string(mem_ctx, ids[0].sid);
+		struct dom_sid_buf buf;
 		DEBUG(0, ("Unable to convert first SID (%s) in user token to a UID.  Conversion was returned as type %d, full token:\n",
-			  sid_str, (int)ids[0].xid.type));
+			  dom_sid_str_buf(ids[0].sid, &buf),
+			  (int)ids[0].xid.type));
 		security_token_debug(DBGC_AUTH, 0, token);
-		talloc_free(sid_str);
 		return NT_STATUS_INVALID_SID;
 	}
 
@@ -105,11 +105,11 @@ NTSTATUS security_token_to_unix_token(TALLOC_CTX *mem_ctx,
 		(*sec)->groups[g] = ids[1].xid.id;
 		g++;
 	} else {
-		char *sid_str = dom_sid_string(mem_ctx, ids[1].sid);
+		struct dom_sid_buf buf;
 		DEBUG(0, ("Unable to convert second SID (%s) in user token to a GID.  Conversion was returned as type %d, full token:\n",
-			  sid_str, (int)ids[1].xid.type));
+			  dom_sid_str_buf(ids[1].sid, &buf),
+			  (int)ids[1].xid.type));
 		security_token_debug(DBGC_AUTH, 0, token);
-		talloc_free(sid_str);
 		return NT_STATUS_INVALID_SID;
 	}
 
@@ -119,11 +119,11 @@ NTSTATUS security_token_to_unix_token(TALLOC_CTX *mem_ctx,
 			(*sec)->groups[g] = ids[s].xid.id;
 			g++;
 		} else {
-			char *sid_str = dom_sid_string(mem_ctx, ids[s].sid);
+			struct dom_sid_buf buf;
 			DEBUG(0, ("Unable to convert SID (%s) at index %u in user token to a GID.  Conversion was returned as type %d, full token:\n",
-				  sid_str, (unsigned int)s, (int)ids[s].xid.type));
+				  dom_sid_str_buf(ids[s].sid, &buf),
+				  (unsigned int)s, (int)ids[s].xid.type));
 			security_token_debug(DBGC_AUTH, 0, token);
-			talloc_free(sid_str);
 			return NT_STATUS_INVALID_SID;
 		}
 	}