diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-08-20 12:15:15 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-08-23 08:50:55 +1000 |
| commit | 6cf29b3e4f3880882eb7df45dbcfaf7bd2b8d9f4 (patch) | |
| tree | 04d4e97f0505568e2ec333e27dcd9e26c3467af4 /source4/dsdb/samdb | |
| parent | abcfc114978fd2d065f800bcfe53f63ab567c069 (diff) | |
| download | samba-6cf29b3e4f3880882eb7df45dbcfaf7bd2b8d9f4.tar.gz samba-6cf29b3e4f3880882eb7df45dbcfaf7bd2b8d9f4.tar.bz2 samba-6cf29b3e4f3880882eb7df45dbcfaf7bd2b8d9f4.zip | |
s4:security Change struct security_token->sids from struct dom_sid * to struct dom_sid
This makes the structure much more like NT_USER_TOKEN in the source3/
code. (The remaining changes are that privilages still need to be merged)
Andrew Bartlett
Diffstat (limited to 'source4/dsdb/samdb')
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/acl.c | 2 | ||||
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/operational.c | 2 | ||||
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/rootdse.c | 2 | ||||
| -rw-r--r-- | source4/dsdb/samdb/samdb.c | 47 | ||||
| -rw-r--r-- | source4/dsdb/samdb/samdb_privilege.c | 2 |
5 files changed, 26 insertions, 29 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index 55d252b100..826884f811 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -710,7 +710,7 @@ static int acl_check_self_membership(TALLOC_CTX *mem_ctx, } /* if we are adding/deleting ourselves, check for self membership */ ret = dsdb_find_dn_by_sid(ldb, mem_ctx, - acl_user_token(module)->sids[PRIMARY_USER_SID_INDEX], + &acl_user_token(module)->sids[PRIMARY_USER_SID_INDEX], &user_dn); if (ret != LDB_SUCCESS) { return ret; diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c index c1da400b8d..56fb272e2a 100644 --- a/source4/dsdb/samdb/ldb_modules/operational.c +++ b/source4/dsdb/samdb/ldb_modules/operational.c @@ -181,7 +181,7 @@ static int construct_token_groups(struct ldb_module *module, for (i = 1; i < session_info->security_token->num_sids; i++) { ret = samdb_msg_add_dom_sid(ldb, msg, msg, "tokenGroups", - session_info->security_token->sids[i]); + &session_info->security_token->sids[i]); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 3e5a94673f..0949b83b43 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -392,7 +392,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms for (i = 0; i < session_info->security_token->num_sids; i++) { if (samdb_msg_add_dom_sid(ldb, msg, msg, "tokenGroups", - session_info->security_token->sids[i]) != 0) { + &session_info->security_token->sids[i]) != 0) { goto failed; } } diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index 0a2d5c3c7c..ddcd0d2d12 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -159,17 +159,17 @@ NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, ptoken->privilege_mask = 0; - ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 6 /* over-allocate */); + ptoken->sids = talloc_array(ptoken, struct dom_sid, n_groupSIDs + 6 /* over-allocate */); NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); ptoken->num_sids = 1; - ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid *, ptoken->num_sids + 1); + ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid, ptoken->num_sids + 1); NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - ptoken->sids[PRIMARY_USER_SID_INDEX] = talloc_reference(ptoken, user_sid); + ptoken->sids[PRIMARY_USER_SID_INDEX] = *user_sid; if (!dom_sid_equal(user_sid, group_sid)) { - ptoken->sids[PRIMARY_GROUP_SID_INDEX] = talloc_reference(ptoken, group_sid); + ptoken->sids[PRIMARY_GROUP_SID_INDEX] = *group_sid; ptoken->num_sids++; } @@ -180,38 +180,37 @@ NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, */ if (session_info_flags & AUTH_SESSION_INFO_DEFAULT_GROUPS) { - ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid *, ptoken->num_sids + 1); + ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid, ptoken->num_sids + 2); NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - ptoken->sids[ptoken->num_sids] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[ptoken->num_sids]); + if (!dom_sid_parse(SID_WORLD, &ptoken->sids[ptoken->num_sids])) { + return NT_STATUS_INTERNAL_ERROR; + } ptoken->num_sids++; - ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid *, ptoken->num_sids + 1); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - - ptoken->sids[ptoken->num_sids] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[ptoken->num_sids]); + if (!dom_sid_parse(SID_NT_NETWORK, &ptoken->sids[ptoken->num_sids])) { + return NT_STATUS_INTERNAL_ERROR; + } ptoken->num_sids++; - - } if (session_info_flags & AUTH_SESSION_INFO_AUTHENTICATED) { - ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid *, ptoken->num_sids + 1); + ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid, ptoken->num_sids + 1); NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - ptoken->sids[ptoken->num_sids] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[ptoken->num_sids]); + if (!dom_sid_parse(SID_NT_AUTHENTICATED_USERS, &ptoken->sids[ptoken->num_sids])) { + return NT_STATUS_INTERNAL_ERROR; + } ptoken->num_sids++; } if (session_info_flags & AUTH_SESSION_INFO_ENTERPRISE_DC) { - ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid *, ptoken->num_sids + 1); + ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid, ptoken->num_sids + 1); NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - ptoken->sids[ptoken->num_sids] = dom_sid_parse_talloc(ptoken->sids, SID_NT_ENTERPRISE_DCS); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[ptoken->num_sids]); + if (!dom_sid_parse(SID_NT_ENTERPRISE_DCS, &ptoken->sids[ptoken->num_sids])) { + return NT_STATUS_INTERNAL_ERROR; + } ptoken->num_sids++; } @@ -220,19 +219,17 @@ NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, for (check_sid_idx = 1; check_sid_idx < ptoken->num_sids; check_sid_idx++) { - if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) { + if (dom_sid_equal(&ptoken->sids[check_sid_idx], groupSIDs[i])) { break; } } if (check_sid_idx == ptoken->num_sids) { - ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid *, ptoken->num_sids + 1); + ptoken->sids = talloc_realloc(ptoken, ptoken->sids, struct dom_sid, ptoken->num_sids + 1); NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - ptoken->sids[ptoken->num_sids] = talloc_reference(ptoken->sids, groupSIDs[i]); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[ptoken->num_sids]); + ptoken->sids[ptoken->num_sids] = *groupSIDs[i]; ptoken->num_sids++; - } } diff --git a/source4/dsdb/samdb/samdb_privilege.c b/source4/dsdb/samdb/samdb_privilege.c index 38e5a33831..fd74133e2f 100644 --- a/source4/dsdb/samdb/samdb_privilege.c +++ b/source4/dsdb/samdb/samdb_privilege.c @@ -119,7 +119,7 @@ NTSTATUS samdb_privilege_setup(struct tevent_context *ev_ctx, for (i=0;i<token->num_sids;i++) { status = samdb_privilege_setup_sid(pdb, mem_ctx, - token, token->sids[i]); + token, &token->sids[i]); if (!NT_STATUS_IS_OK(status)) { talloc_free(mem_ctx); return status; |