chgpasswd.c: Added comments to #ifdefs

ipc.c: Caused samba password changing not to be done if UNIX password
       changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
(This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)

2 files changed, 79 insertions, 22 deletions

diff --git a/source3/lib/util.c b/source3/lib/util.c
index 1e4a6fc27f..503ee2bf81 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -4943,29 +4943,85 @@ char *tab_depth(int depth)
 }
 
 /*****************************************************************
- Convert a domain SID to an ascii string. (non-reentrant).
+ Convert a SID to an ascii string.
 *****************************************************************/
 
-/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
-char *dom_sid_to_string(DOM_SID *sid)
+char *sid_to_string(pstring sidstr_out, DOM_SID *sid)
 {
-  static pstring sidstr;
   char subauth[16];
   int i;
+  /* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
   uint32 ia = (sid->id_auth[5]) +
               (sid->id_auth[4] << 8 ) +
               (sid->id_auth[3] << 16) +
               (sid->id_auth[2] << 24);
 
-  slprintf(sidstr, sizeof(sidstr) - 1, "S-%d-%d", sid->sid_rev_num, ia);
+  slprintf(sidstr_out, sizeof(pstring) - 1, "S-%d-%d", sid->sid_rev_num, ia);
 
   for (i = 0; i < sid->num_auths; i++)
   {
     slprintf(subauth, sizeof(subauth)-1, "-%d", sid->sub_auths[i]);
-    pstrcat(sidstr, subauth);
+    pstrcat(sidstr_out, subauth);
   }
 
-  DEBUG(7,("dom_sid_to_string returning %s\n", sidstr));
-  return sidstr;
+  DEBUG(7,("sid_to_string returning %s\n", sidstr_out));
+  return sidstr_out;
 }
 
+/*****************************************************************
+ Convert a string to a SID. Returns True on success, False on fail.
+*****************************************************************/  
+   
+BOOL string_to_sid(DOM_SID *sidout, char *sidstr)
+{
+  pstring tok;
+  char *p = sidstr;
+  /* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
+  uint32 ia;
+
+  memset((char *)sidout, '\0', sizeof(DOM_SID));
+
+  if(StrnCaseCmp( sidstr, "S-", 2)) {
+    DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
+    return False;
+  }
+
+  p += 2;
+  if(!next_token(&p, tok, "-")) {
+    DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+    return False;
+  }
+
+  /* Get the revision number. */
+  sidout->sid_rev_num = atoi(tok);
+
+  if(!next_token(&p, tok, "-")) {
+    DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+    return False;
+  }
+
+  /* identauth in decimal should be <  2^32 */
+  ia = atoi(tok);
+
+  /* NOTE - the ia value is in big-endian format. */
+  sidout->id_auth[0] = 0;
+  sidout->id_auth[1] = 0;
+  sidout->id_auth[2] = (ia & 0xff000000) >> 24;
+  sidout->id_auth[3] = (ia & 0x00ff0000) >> 16;
+  sidout->id_auth[4] = (ia & 0x0000ff00) >> 8;
+  sidout->id_auth[5] = (ia & 0x000000ff);
+
+  sidout->num_auths = 0;
+
+  while(next_token(&p, tok, "-") && sidout->num_auths < MAXSUBAUTHS) {
+    /* 
+     * NOTE - the subauths are in native machine-endian format. They
+     * are converted to little-endian when linearized onto the wire.
+     */
+    sidout->sub_auths[sidout->num_auths++] = atoi(tok);
+  }
+
+  DEBUG(7,("string_to_sid: converted SID %s ok\n", sidstr));
+
+  return True;
+}
diff --git a/source3/lib/util_hnd.c b/source3/lib/util_hnd.c
index 1d1341d16e..91844ee8a2 100644
--- a/source3/lib/util_hnd.c
+++ b/source3/lib/util_hnd.c
@@ -206,22 +206,23 @@ BOOL set_lsa_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status)
 ****************************************************************************/
 BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
 {
-	int pnum = find_lsa_policy_by_hnd(hnd);
+  pstring sidstr;
+  int pnum = find_lsa_policy_by_hnd(hnd);
 
-	if (OPEN_POL(pnum))
-	{
-		DEBUG(3,("%s Setting policy sid=%s pnum=%x\n",
-		          timestring(), dom_sid_to_string(sid), pnum));
+  if (OPEN_POL(pnum))
+  {
+    DEBUG(3,("%s Setting policy sid=%s pnum=%x\n",
+          timestring(), sid_to_string(sidstr, sid), pnum));
 
-		memcpy(&(Policy[pnum].dev.samr.sid), sid, sizeof(*sid));
-		return True;
-	}
-	else
-	{
-		DEBUG(3,("%s Error setting policy sid=%s (pnum=%x)\n",
-		          timestring(), dom_sid_to_string(sid), pnum));
-		return False;
-	}
+    memcpy(&(Policy[pnum].dev.samr.sid), sid, sizeof(*sid));
+    return True;
+  }
+  else
+  {
+    DEBUG(3,("%s Error setting policy sid=%s (pnum=%x)\n",
+          timestring(), sid_to_string(sidstr, sid), pnum));
+    return False;
+  }
 }
 
 /****************************************************************************