mirror of
https://github.com/samba-team/samba.git
synced 2025-01-08 21:18:16 +03:00
s3-auth Change type of num_sids to uint32_t
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
parent
6a0176b07d
commit
4bf783d4d6
@ -627,7 +627,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
|
||||
struct dom_sid *ad_token_sids;
|
||||
size_t num_ad_token_sids = 0;
|
||||
struct dom_sid *token_sids;
|
||||
size_t num_token_sids = 0;
|
||||
uint32_t num_token_sids = 0;
|
||||
NT_USER_TOKEN *new_token = NULL;
|
||||
int i;
|
||||
|
||||
|
@ -725,7 +725,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
|
||||
gid_t *gids;
|
||||
struct dom_sid *group_sids;
|
||||
struct dom_sid unix_group_sid;
|
||||
size_t num_group_sids;
|
||||
uint32_t num_group_sids;
|
||||
size_t num_gids;
|
||||
size_t i;
|
||||
|
||||
@ -743,7 +743,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
|
||||
|
||||
if (sid_check_is_in_our_domain(&user_sid)) {
|
||||
bool ret;
|
||||
|
||||
size_t pdb_num_group_sids;
|
||||
/* This is a passdb user, so ask passdb */
|
||||
|
||||
struct samu *sam_acct = NULL;
|
||||
@ -766,7 +766,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
|
||||
|
||||
result = pdb_enum_group_memberships(tmp_ctx, sam_acct,
|
||||
&group_sids, &gids,
|
||||
&num_group_sids);
|
||||
&pdb_num_group_sids);
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
DEBUG(1, ("enum_group_memberships failed for %s (%s): "
|
||||
"%s\n", username, sid_string_dbg(&user_sid),
|
||||
@ -774,6 +774,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
|
||||
DEBUGADD(1, ("Fall back to unix user %s\n", username));
|
||||
goto unix_user;
|
||||
}
|
||||
num_group_sids = pdb_num_group_sids;
|
||||
|
||||
/* see the smb_panic() in pdb_default_enum_group_memberships */
|
||||
SMB_ASSERT(num_group_sids > 0);
|
||||
@ -812,7 +813,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
|
||||
*uid = sam_acct->unix_pw->pw_uid;
|
||||
|
||||
} else if (sid_check_is_in_unix_users(&user_sid)) {
|
||||
|
||||
size_t getgroups_num_group_sids;
|
||||
/* This is a unix user not in passdb. We need to ask nss
|
||||
* directly, without consulting passdb */
|
||||
|
||||
@ -843,11 +844,12 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
|
||||
}
|
||||
|
||||
if (!getgroups_unix_user(tmp_ctx, username, pass->pw_gid,
|
||||
&gids, &num_group_sids)) {
|
||||
&gids, &getgroups_num_group_sids)) {
|
||||
DEBUG(1, ("getgroups_unix_user for user %s failed\n",
|
||||
username));
|
||||
goto done;
|
||||
}
|
||||
num_group_sids = getgroups_num_group_sids;
|
||||
|
||||
if (num_group_sids) {
|
||||
group_sids = TALLOC_ARRAY(tmp_ctx, struct dom_sid, num_group_sids);
|
||||
|
@ -409,14 +409,17 @@ static NTSTATUS one_alias_membership(const struct dom_sid *member,
|
||||
|
||||
while (next_token_talloc(frame, &p, &string_sid, " ")) {
|
||||
struct dom_sid alias;
|
||||
uint32_t num_sids;
|
||||
|
||||
if (!string_to_sid(&alias, string_sid))
|
||||
continue;
|
||||
|
||||
status= add_sid_to_array_unique(NULL, &alias, sids, num);
|
||||
num_sids = *num;
|
||||
status= add_sid_to_array_unique(NULL, &alias, sids, &num_sids);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
goto done;
|
||||
}
|
||||
*num = num_sids;
|
||||
}
|
||||
|
||||
done:
|
||||
@ -443,7 +446,8 @@ static NTSTATUS alias_memberships(const struct dom_sid *members, size_t num_memb
|
||||
static bool is_aliasmem(const struct dom_sid *alias, const struct dom_sid *member)
|
||||
{
|
||||
struct dom_sid *sids;
|
||||
size_t i, num;
|
||||
size_t i;
|
||||
size_t num;
|
||||
|
||||
/* This feels the wrong way round, but the on-disk data structure
|
||||
* dictates it this way. */
|
||||
@ -567,6 +571,7 @@ static int collect_aliasmem(struct db_record *rec, void *priv)
|
||||
while (next_token_talloc(frame, &p, &alias_string, " ")) {
|
||||
struct dom_sid alias, member;
|
||||
const char *member_string;
|
||||
uint32_t num_sids;
|
||||
|
||||
if (!string_to_sid(&alias, alias_string))
|
||||
continue;
|
||||
@ -589,13 +594,15 @@ static int collect_aliasmem(struct db_record *rec, void *priv)
|
||||
if (!string_to_sid(&member, member_string))
|
||||
continue;
|
||||
|
||||
num_sids = *state->num;
|
||||
if (!NT_STATUS_IS_OK(add_sid_to_array(state->mem_ctx, &member,
|
||||
state->sids,
|
||||
state->num)))
|
||||
&num_sids)))
|
||||
{
|
||||
/* talloc fail. */
|
||||
break;
|
||||
}
|
||||
*state->num = num_sids;
|
||||
}
|
||||
|
||||
TALLOC_FREE(frame);
|
||||
|
@ -1361,9 +1361,9 @@ char *sid_binstring(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
|
||||
char *sid_binstring_hex(const struct dom_sid *sid);
|
||||
struct dom_sid *sid_dup_talloc(TALLOC_CTX *ctx, const struct dom_sid *src);
|
||||
NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
|
||||
struct dom_sid **sids, size_t *num);
|
||||
struct dom_sid **sids, uint32_t *num);
|
||||
NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
|
||||
struct dom_sid **sids, size_t *num_sids);
|
||||
struct dom_sid **sids, uint32_t *num_sids);
|
||||
void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t *num);
|
||||
bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
|
||||
uint32 rid, uint32 **pp_rids, size_t *p_num);
|
||||
@ -1372,7 +1372,7 @@ bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid);
|
||||
NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
|
||||
const struct netr_SamInfo3 *info3,
|
||||
struct dom_sid **user_sids,
|
||||
size_t *num_user_sids,
|
||||
uint32_t *num_user_sids,
|
||||
bool include_user_group_rid,
|
||||
bool skip_ressource_groups);
|
||||
|
||||
|
@ -232,7 +232,7 @@ extern const struct dom_sid global_sid_Unix_Groups;
|
||||
#define PRIMARY_GROUP_SID_INDEX 1
|
||||
|
||||
typedef struct nt_user_token {
|
||||
size_t num_sids;
|
||||
uint32_t num_sids;
|
||||
struct dom_sid *sids;
|
||||
uint64_t privilege_mask;
|
||||
} NT_USER_TOKEN;
|
||||
|
@ -986,8 +986,8 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx,
|
||||
|
||||
struct dom_sid *add_sids = NULL;
|
||||
struct dom_sid *del_sids = NULL;
|
||||
size_t num_add_sids = 0;
|
||||
size_t num_del_sids = 0;
|
||||
uint32_t num_add_sids = 0;
|
||||
uint32_t num_del_sids = 0;
|
||||
|
||||
if ((!add && !del && !set) || (add && del && set)) {
|
||||
return WERR_INVALID_PARAM;
|
||||
|
@ -27,7 +27,7 @@
|
||||
#define PRIVPREFIX "PRIV_"
|
||||
|
||||
typedef struct {
|
||||
size_t count;
|
||||
uint32_t count;
|
||||
struct dom_sid *list;
|
||||
} SID_LIST;
|
||||
|
||||
|
@ -578,7 +578,7 @@ struct dom_sid *sid_dup_talloc(TALLOC_CTX *ctx, const struct dom_sid *src)
|
||||
********************************************************************/
|
||||
|
||||
NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
|
||||
struct dom_sid **sids, size_t *num)
|
||||
struct dom_sid **sids, uint32_t *num)
|
||||
{
|
||||
*sids = TALLOC_REALLOC_ARRAY(mem_ctx, *sids, struct dom_sid,
|
||||
(*num)+1);
|
||||
@ -599,7 +599,7 @@ NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
|
||||
********************************************************************/
|
||||
|
||||
NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
|
||||
struct dom_sid **sids, size_t *num_sids)
|
||||
struct dom_sid **sids, uint32_t *num_sids)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
@ -682,14 +682,14 @@ bool is_sid_in_token(const NT_USER_TOKEN *token, const struct dom_sid *sid)
|
||||
NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
|
||||
const struct netr_SamInfo3 *info3,
|
||||
struct dom_sid **user_sids,
|
||||
size_t *num_user_sids,
|
||||
uint32_t *num_user_sids,
|
||||
bool include_user_group_rid,
|
||||
bool skip_ressource_groups)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct dom_sid sid;
|
||||
struct dom_sid *sid_array = NULL;
|
||||
size_t num_sids = 0;
|
||||
uint32_t num_sids = 0;
|
||||
int i;
|
||||
|
||||
if (include_user_group_rid) {
|
||||
|
@ -2913,7 +2913,8 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods,
|
||||
LDAPMessage *result = NULL;
|
||||
LDAPMessage *entry;
|
||||
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
|
||||
size_t num_sids, num_gids;
|
||||
uint32_t num_sids;
|
||||
size_t num_gids;
|
||||
char *gidstr;
|
||||
gid_t primary_gid = -1;
|
||||
|
||||
@ -3692,7 +3693,7 @@ static NTSTATUS ldapsam_enum_aliasmem(struct pdb_methods *methods,
|
||||
char **values = NULL;
|
||||
int i;
|
||||
char *filter = NULL;
|
||||
size_t num_members = 0;
|
||||
uint32_t num_members = 0;
|
||||
enum lsa_SidType type = SID_NAME_USE_NONE;
|
||||
fstring tmp;
|
||||
|
||||
|
@ -633,7 +633,7 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli,
|
||||
struct policy_handle connect_pol, domain_pol;
|
||||
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
|
||||
struct dom_sid *sids;
|
||||
size_t num_sids;
|
||||
uint32_t num_sids;
|
||||
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
|
||||
int i;
|
||||
struct lsa_SidArray sid_array;
|
||||
|
@ -614,7 +614,7 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *user_dn,
|
||||
struct dom_sid *primary_group,
|
||||
size_t *p_num_groups, struct dom_sid **user_sids)
|
||||
uint32_t *p_num_groups, struct dom_sid **user_sids)
|
||||
{
|
||||
ADS_STATUS rc;
|
||||
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
|
||||
@ -625,7 +625,7 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain,
|
||||
ADS_STRUCT *ads;
|
||||
const char *group_attrs[] = {"objectSid", NULL};
|
||||
char *escaped_dn;
|
||||
size_t num_groups = 0;
|
||||
uint32_t num_groups = 0;
|
||||
|
||||
DEBUG(3,("ads: lookup_usergroups_member\n"));
|
||||
|
||||
@ -721,14 +721,14 @@ static NTSTATUS lookup_usergroups_memberof(struct winbindd_domain *domain,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const char *user_dn,
|
||||
struct dom_sid *primary_group,
|
||||
size_t *p_num_groups,
|
||||
uint32_t *p_num_groups,
|
||||
struct dom_sid **user_sids)
|
||||
{
|
||||
ADS_STATUS rc;
|
||||
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
|
||||
ADS_STRUCT *ads;
|
||||
const char *attrs[] = {"memberOf", NULL};
|
||||
size_t num_groups = 0;
|
||||
uint32_t num_groups = 0;
|
||||
struct dom_sid *group_sids = NULL;
|
||||
int i;
|
||||
char **strings = NULL;
|
||||
@ -846,7 +846,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
|
||||
struct dom_sid primary_group;
|
||||
uint32 primary_group_rid;
|
||||
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
|
||||
size_t num_groups = 0;
|
||||
uint32_t num_groups = 0;
|
||||
|
||||
DEBUG(3,("ads: lookup_usergroups\n"));
|
||||
*p_num_groups = 0;
|
||||
@ -931,7 +931,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
|
||||
status = lookup_usergroups_memberof(domain, mem_ctx, user_dn,
|
||||
&primary_group,
|
||||
&num_groups, user_sids);
|
||||
*p_num_groups = (uint32)num_groups;
|
||||
*p_num_groups = num_groups;
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
goto done;
|
||||
}
|
||||
@ -942,7 +942,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
|
||||
status = lookup_usergroups_member(domain, mem_ctx, user_dn,
|
||||
&primary_group,
|
||||
&num_groups, user_sids);
|
||||
*p_num_groups = (uint32)num_groups;
|
||||
*p_num_groups = num_groups;
|
||||
goto done;
|
||||
}
|
||||
|
||||
|
@ -27,7 +27,7 @@
|
||||
#define DBGC_CLASS DBGC_WINBIND
|
||||
|
||||
bool print_sidlist(TALLOC_CTX *mem_ctx, const struct dom_sid *sids,
|
||||
size_t num_sids, char **result, ssize_t *len)
|
||||
uint32_t num_sids, char **result, ssize_t *len)
|
||||
{
|
||||
size_t i;
|
||||
size_t buflen = 0;
|
||||
@ -48,7 +48,7 @@ bool print_sidlist(TALLOC_CTX *mem_ctx, const struct dom_sid *sids,
|
||||
}
|
||||
|
||||
bool parse_sidlist(TALLOC_CTX *mem_ctx, const char *sidstr,
|
||||
struct dom_sid **sids, size_t *num_sids)
|
||||
struct dom_sid **sids, uint32_t *num_sids)
|
||||
{
|
||||
const char *p, *q;
|
||||
|
||||
|
@ -36,7 +36,7 @@ struct tevent_req *winbindd_getsidaliases_send(TALLOC_CTX *mem_ctx,
|
||||
struct tevent_req *req, *subreq;
|
||||
struct winbindd_getsidaliases_state *state;
|
||||
struct winbindd_domain *domain;
|
||||
size_t num_sids;
|
||||
uint32_t num_sids;
|
||||
struct dom_sid *sids;
|
||||
|
||||
req = tevent_req_create(mem_ctx, &state,
|
||||
|
@ -256,7 +256,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
|
||||
*/
|
||||
{
|
||||
struct dom_sid *require_membership_of_sid;
|
||||
size_t num_require_membership_of_sid;
|
||||
uint32_t num_require_membership_of_sid;
|
||||
char *req_sid;
|
||||
const char *p;
|
||||
struct dom_sid sid;
|
||||
|
@ -75,9 +75,9 @@ NTSTATUS winbindd_lookup_names(TALLOC_CTX *mem_ctx,
|
||||
/* The following definitions come from winbindd/winbindd_async.c */
|
||||
|
||||
bool print_sidlist(TALLOC_CTX *mem_ctx, const struct dom_sid *sids,
|
||||
size_t num_sids, char **result, ssize_t *len);
|
||||
uint32_t num_sids, char **result, ssize_t *len);
|
||||
bool parse_sidlist(TALLOC_CTX *mem_ctx, const char *sidstr,
|
||||
struct dom_sid **sids, size_t *num_sids);
|
||||
struct dom_sid **sids, uint32_t *num_sids);
|
||||
|
||||
/* The following definitions come from winbindd/winbindd_cache.c */
|
||||
|
||||
|
@ -1066,11 +1066,11 @@ int winbindd_num_clients(void)
|
||||
NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
const struct dom_sid *user_sid,
|
||||
uint32 *p_num_groups, struct dom_sid **user_sids)
|
||||
uint32_t *p_num_groups, struct dom_sid **user_sids)
|
||||
{
|
||||
struct netr_SamInfo3 *info3 = NULL;
|
||||
NTSTATUS status = NT_STATUS_NO_MEMORY;
|
||||
size_t num_groups = 0;
|
||||
uint32_t num_groups = 0;
|
||||
|
||||
DEBUG(3,(": lookup_usergroups_cached\n"));
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user