mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
auth3: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
Volker Lendecke
Andrew Bartlett
parent
59f29acb2c
commit
6af7d7ffda
@ -607,9 +607,10 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
|
||||
|
||||
if (ids[i].type != ID_TYPE_GID &&
|
||||
ids[i].type != ID_TYPE_BOTH) {
|
||||
struct dom_sid_buf buf;
|
||||
DEBUG(10, ("Could not convert SID %s to gid, "
|
||||
"ignoring it\n",
|
||||
sid_string_dbg(&t->sids[i])));
|
||||
dom_sid_str_buf(&t->sids[i], &buf)));
|
||||
continue;
|
||||
}
|
||||
if (!add_gid_to_array_unique(session_info->unix_token,
|
||||
@ -1084,10 +1085,11 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx,
|
||||
ids[i].type != ID_TYPE_BOTH) {
|
||||
struct security_token *nt_token =
|
||||
session_info->security_token;
|
||||
struct dom_sid_buf buf;
|
||||
|
||||
DEBUG(10, ("Could not convert SID %s to gid, "
|
||||
"ignoring it\n",
|
||||
sid_string_dbg(&nt_token->sids[i])));
|
||||
dom_sid_str_buf(&nt_token->sids[i], &buf)));
|
||||
continue;
|
||||
}
|
||||
|
||||
|
||||
@ -310,13 +310,14 @@ static NTSTATUS merge_resource_sids(const struct PAC_LOGON_INFO *logon_info,
|
||||
NTSTATUS status;
|
||||
struct dom_sid new_sid;
|
||||
uint32_t attributes = rg->groups.rids[i].attributes;
|
||||
struct dom_sid_buf buf;
|
||||
|
||||
sid_compose(&new_sid,
|
||||
rg->domain_sid,
|
||||
rg->groups.rids[i].rid);
|
||||
|
||||
DEBUG(10, ("Adding SID %s to extra SIDS\n",
|
||||
sid_string_dbg(&new_sid)));
|
||||
dom_sid_str_buf(&new_sid, &buf)));
|
||||
|
||||
status = append_netr_SidAttr(info3, &info3->sids,
|
||||
&info3->sidcount,
|
||||
@ -324,7 +325,7 @@ static NTSTATUS merge_resource_sids(const struct PAC_LOGON_INFO *logon_info,
|
||||
attributes);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1, ("failed to append SID %s to extra SIDS: %s\n",
|
||||
sid_string_dbg(&new_sid),
|
||||
dom_sid_str_buf(&new_sid, &buf),
|
||||
nt_errstr(status)));
|
||||
return status;
|
||||
}
|
||||
@ -431,6 +432,8 @@ static NTSTATUS SamInfo3_handle_sids(const char *username,
|
||||
struct dom_sid *domain_sid,
|
||||
struct extra_auth_info *extra)
|
||||
{
|
||||
struct dom_sid_buf buf;
|
||||
|
||||
if (sid_check_is_in_unix_users(user_sid)) {
|
||||
/* in info3 you can only set rids for the user and the
|
||||
* primary group, and the domain sid must be that of
|
||||
@ -445,7 +448,7 @@ static NTSTATUS SamInfo3_handle_sids(const char *username,
|
||||
|
||||
DEBUG(10, ("Unix User found. Rid marked as "
|
||||
"special and sid (%s) saved as extra sid\n",
|
||||
sid_string_dbg(user_sid)));
|
||||
dom_sid_str_buf(user_sid, &buf)));
|
||||
} else {
|
||||
sid_copy(domain_sid, user_sid);
|
||||
sid_split_rid(domain_sid, &info3->base.rid);
|
||||
@ -471,17 +474,18 @@ static NTSTATUS SamInfo3_handle_sids(const char *username,
|
||||
|
||||
DEBUG(10, ("Unix Group found. Rid marked as "
|
||||
"special and sid (%s) saved as extra sid\n",
|
||||
sid_string_dbg(group_sid)));
|
||||
dom_sid_str_buf(group_sid, &buf)));
|
||||
} else {
|
||||
bool ok = sid_peek_check_rid(domain_sid, group_sid,
|
||||
&info3->base.primary_gid);
|
||||
if (!ok) {
|
||||
struct dom_sid_buf buf2, buf3;
|
||||
DEBUG(1, ("The primary group domain sid(%s) does not "
|
||||
"match the domain sid(%s) for %s(%s)\n",
|
||||
sid_string_dbg(group_sid),
|
||||
sid_string_dbg(domain_sid),
|
||||
dom_sid_str_buf(group_sid, &buf),
|
||||
dom_sid_str_buf(domain_sid, &buf2),
|
||||
username,
|
||||
sid_string_dbg(user_sid)));
|
||||
dom_sid_str_buf(user_sid, &buf3)));
|
||||
return NT_STATUS_INVALID_SID;
|
||||
}
|
||||
}
|
||||
@ -751,12 +755,14 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
|
||||
ok = sid_peek_check_rid(&domain_sid, &group_sid,
|
||||
&info3->base.primary_gid);
|
||||
if (!ok) {
|
||||
struct dom_sid_buf buf1, buf2, buf3;
|
||||
|
||||
DEBUG(1, ("The primary group domain sid(%s) does not "
|
||||
"match the domain sid(%s) for %s(%s)\n",
|
||||
sid_string_dbg(&group_sid),
|
||||
sid_string_dbg(&domain_sid),
|
||||
dom_sid_str_buf(&group_sid, &buf1),
|
||||
dom_sid_str_buf(&domain_sid, &buf2),
|
||||
unix_username,
|
||||
sid_string_dbg(&user_sid)));
|
||||
dom_sid_str_buf(&user_sid, &buf3)));
|
||||
status = NT_STATUS_INVALID_SID;
|
||||
goto done;
|
||||
}
|
||||
|
||||
@ -430,9 +430,10 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
|
||||
int i;
|
||||
NTSTATUS status;
|
||||
uint32_t session_info_flags = 0;
|
||||
struct dom_sid_buf buf;
|
||||
|
||||
DEBUG(10, ("Create local NT token for %s\n",
|
||||
sid_string_dbg(user_sid)));
|
||||
dom_sid_str_buf(user_sid, &buf)));
|
||||
|
||||
if (!(result = talloc_zero(mem_ctx, struct security_token))) {
|
||||
DEBUG(0, ("talloc failed\n"));
|
||||
@ -554,8 +555,9 @@ static NTSTATUS add_local_groups(struct security_token *result,
|
||||
|
||||
pass = getpwuid_alloc(tmp_ctx, uid);
|
||||
if (pass == NULL) {
|
||||
struct dom_sid_buf buf;
|
||||
DEBUG(1, ("SID %s -> getpwuid(%u) failed\n",
|
||||
sid_string_dbg(&result->sids[0]),
|
||||
dom_sid_str_buf(&result->sids[0], &buf),
|
||||
(unsigned int)uid));
|
||||
}
|
||||
}
|
||||
@ -903,6 +905,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
|
||||
uint32_t i;
|
||||
uint32_t high, low;
|
||||
bool range_ok;
|
||||
struct dom_sid_buf buf;
|
||||
|
||||
if (sid_check_is_in_our_sam(user_sid)) {
|
||||
bool ret;
|
||||
@ -922,7 +925,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
|
||||
|
||||
if (!ret) {
|
||||
DEBUG(1, ("pdb_getsampwsid(%s) failed\n",
|
||||
sid_string_dbg(user_sid)));
|
||||
dom_sid_str_buf(user_sid, &buf)));
|
||||
DEBUGADD(1, ("Fall back to unix user\n"));
|
||||
goto unix_user;
|
||||
}
|
||||
@ -932,7 +935,8 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
|
||||
&pdb_num_group_sids);
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
DEBUG(1, ("enum_group_memberships failed for %s: "
|
||||
"%s\n", sid_string_dbg(user_sid),
|
||||
"%s\n",
|
||||
dom_sid_str_buf(user_sid, &buf),
|
||||
nt_errstr(result)));
|
||||
DEBUGADD(1, ("Fall back to unix uid lookup\n"));
|
||||
goto unix_user;
|
||||
@ -995,7 +999,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
|
||||
|
||||
if (!sid_to_uid(user_sid, uid)) {
|
||||
DEBUG(1, ("unix_user case, sid_to_uid for %s failed\n",
|
||||
sid_string_dbg(user_sid)));
|
||||
dom_sid_str_buf(user_sid, &buf)));
|
||||
result = NT_STATUS_NO_SUCH_USER;
|
||||
goto done;
|
||||
}
|
||||
@ -1050,7 +1054,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
|
||||
/* We must always assign the *uid. */
|
||||
if (!sid_to_uid(user_sid, uid)) {
|
||||
DEBUG(1, ("winbindd case, sid_to_uid for %s failed\n",
|
||||
sid_string_dbg(user_sid)));
|
||||
dom_sid_str_buf(user_sid, &buf)));
|
||||
result = NT_STATUS_NO_SUCH_USER;
|
||||
goto done;
|
||||
}
|
||||
@ -1075,7 +1079,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
|
||||
|
||||
if (!sid_to_gid(&group_sids[0], &gids[0])) {
|
||||
DEBUG(1, ("sid_to_gid(%s) failed\n",
|
||||
sid_string_dbg(&group_sids[0])));
|
||||
dom_sid_str_buf(&group_sids[0], &buf)));
|
||||
goto done;
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user