From 3ea64e0ad86c35e5f0018ac60571e7a31a968543 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 10 Jan 2010 17:39:27 +0100 Subject: s3: Replace most calls to sid_append_rid() by sid_compose() --- source3/auth/auth_util.c | 10 ++++------ source3/groupdb/mapping.c | 3 +-- source3/libnet/libnet_samsync_passdb.c | 15 +++++---------- source3/libsmb/samlogon_cache.c | 6 ++---- source3/passdb/lookup_sid.c | 15 +++++---------- source3/passdb/passdb.c | 3 +-- source3/passdb/pdb_compat.c | 10 ++++------ source3/passdb/pdb_get_set.c | 7 +++---- source3/passdb/pdb_interface.c | 3 +-- source3/passdb/util_unixsids.c | 26 ++++++++++++++------------ source3/passdb/util_wellknown.c | 4 ++-- source3/printing/nt_printing.c | 4 ++-- source3/rpc_server/srv_lsa_nt.c | 3 +-- source3/rpc_server/srv_samr_nt.c | 8 ++++---- source3/utils/net_groupmap.c | 9 +++------ source3/utils/net_rpc.c | 7 +++---- source3/utils/pdbedit.c | 3 +-- source3/winbindd/idmap_hash/idmap_hash.c | 3 +-- source3/winbindd/idmap_tdb.c | 3 +-- source3/winbindd/winbindd_ads.c | 3 +-- source3/winbindd/winbindd_cache.c | 3 +-- source3/winbindd/winbindd_pam.c | 4 ++-- source3/winbindd/winbindd_rpc.c | 5 ++--- 23 files changed, 64 insertions(+), 93 deletions(-) diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 9db358d965..de552cf57e 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1274,8 +1274,7 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser return NT_STATUS_NO_MEMORY; } - sid_copy(&guest_sid, get_global_sam_sid()); - sid_append_rid(&guest_sid, DOMAIN_USER_RID_GUEST); + sid_compose(&guest_sid, get_global_sam_sid(), DOMAIN_USER_RID_GUEST); become_root(); ret = pdb_getsampwsid(sampass, &guest_sid); @@ -1645,13 +1644,12 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, matches. */ - sid_copy(&user_sid, info3->base.domain_sid); - if (!sid_append_rid(&user_sid, info3->base.rid)) { + if (!sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid)) { return NT_STATUS_INVALID_PARAMETER; } - sid_copy(&group_sid, info3->base.domain_sid); - if (!sid_append_rid(&group_sid, info3->base.primary_gid)) { + if (!sid_compose(&group_sid, info3->base.domain_sid, + info3->base.primary_gid)) { return NT_STATUS_INVALID_PARAMETER; } diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index 12d0bd365c..579486b874 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -519,8 +519,7 @@ NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, DEBUG(10, ("Creating alias %s with gid %u and rid %u\n", name, (unsigned int)gid, (unsigned int)new_rid)); - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, new_rid); + sid_compose(&sid, get_global_sam_sid(), new_rid); map.gid = gid; sid_copy(&map.sid, &sid); diff --git a/source3/libnet/libnet_samsync_passdb.c b/source3/libnet/libnet_samsync_passdb.c index 41a9b3d9f3..51f96dc398 100644 --- a/source3/libnet/libnet_samsync_passdb.c +++ b/source3/libnet/libnet_samsync_passdb.c @@ -318,8 +318,7 @@ static NTSTATUS fetch_account_info(TALLOC_CTX *mem_ctx, goto done; } - sid_copy(&user_sid, get_global_sam_sid()); - sid_append_rid(&user_sid, r->rid); + sid_compose(&user_sid, get_global_sam_sid(), r->rid); DEBUG(3, ("Attempting to find SID %s for user %s in the passdb\n", sid_to_fstring(sid_string, &user_sid), account)); @@ -395,8 +394,7 @@ static NTSTATUS fetch_group_info(TALLOC_CTX *mem_ctx, fstrcpy(comment, r->description.string); /* add the group to the mapping table */ - sid_copy(&group_sid, get_global_sam_sid()); - sid_append_rid(&group_sid, rid); + sid_compose(&group_sid, get_global_sam_sid(), rid); sid_to_fstring(sid_string, &group_sid); if (pdb_getgrsid(&map, group_sid)) { @@ -459,8 +457,7 @@ static NTSTATUS fetch_group_mem_info(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } - sid_copy(&group_sid, get_global_sam_sid()); - sid_append_rid(&group_sid, rid); + sid_compose(&group_sid, get_global_sam_sid(), rid); if (!get_domain_group_from_sid(group_sid, &map)) { DEBUG(0, ("Could not find global group %d\n", rid)); @@ -491,8 +488,7 @@ static NTSTATUS fetch_group_mem_info(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - sid_copy(&member_sid, get_global_sam_sid()); - sid_append_rid(&member_sid, r->rids[i]); + sid_compose(&member_sid, get_global_sam_sid(), r->rids[i]); if (!pdb_getsampwsid(member, &member_sid)) { DEBUG(1, ("Found bogus group member: %d (member_sid=%s group=%s)\n", @@ -587,8 +583,7 @@ static NTSTATUS fetch_alias_info(TALLOC_CTX *mem_ctx, fstrcpy(comment, r->description.string); /* Find out whether the group is already mapped */ - sid_copy(&alias_sid, dom_sid); - sid_append_rid(&alias_sid, rid); + sid_compose(&alias_sid, dom_sid, rid); sid_to_fstring(sid_string, &alias_sid); if (pdb_getgrsid(&map, alias_sid)) { diff --git a/source3/libsmb/samlogon_cache.c b/source3/libsmb/samlogon_cache.c index 12901826ee..7339acb4d7 100644 --- a/source3/libsmb/samlogon_cache.c +++ b/source3/libsmb/samlogon_cache.c @@ -113,8 +113,7 @@ void netsamlogon_clear_cached_user(struct netr_SamInfo3 *info3) NETSAMLOGON_TDB)); return; } - sid_copy(&user_sid, info3->base.domain_sid); - sid_append_rid(&user_sid, info3->base.rid); + sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid); /* Prepare key as DOMAIN-SID/USER-RID string */ slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, &user_sid)); @@ -151,8 +150,7 @@ bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3) return false; } - sid_copy(&user_sid, info3->base.domain_sid); - sid_append_rid(&user_sid, info3->base.rid); + sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid); /* Prepare key as DOMAIN-SID/USER-RID string */ slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, &user_sid)); diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index a197c51ac8..4421d89c3a 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -75,8 +75,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* It's our own domain, lookup the name in passdb */ if (lookup_global_sam_name(name, flags, &rid, &type)) { - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, rid); + sid_compose(&sid, get_global_sam_sid(), rid); goto ok; } TALLOC_FREE(tmp_ctx); @@ -96,8 +95,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* Explicit request for a name in BUILTIN */ if (lookup_builtin_name(name, &rid)) { - sid_copy(&sid, &global_sid_Builtin); - sid_append_rid(&sid, rid); + sid_compose(&sid, &global_sid_Builtin, rid); type = SID_NAME_ALIAS; goto ok; } @@ -215,8 +213,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, lookup_builtin_name(name, &rid)) { domain = talloc_strdup(tmp_ctx, builtin_domain_name()); - sid_copy(&sid, &global_sid_Builtin); - sid_append_rid(&sid, rid); + sid_compose(&sid, &global_sid_Builtin, rid); type = SID_NAME_ALIAS; goto ok; } @@ -230,8 +227,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, lookup_global_sam_name(name, flags, &rid, &type)) { domain = talloc_strdup(tmp_ctx, get_global_sam_name()); - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, rid); + sid_compose(&sid, get_global_sam_sid(), rid); goto ok; } @@ -544,8 +540,7 @@ static bool lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, if (sid_check_is_wellknown_domain(domain_sid, NULL)) { for (i=0; igroup_sid = gsid; @@ -552,8 +551,8 @@ bool pdb_set_group_sid(struct samu *sampass, const DOM_SID *g_sid, enum pdb_valu if ( sid_to_gid( g_sid, &gid ) ) { sid_copy(sampass->group_sid, g_sid); } else { - sid_copy( sampass->group_sid, get_global_sam_sid() ); - sid_append_rid( sampass->group_sid, DOMAIN_GROUP_RID_USERS ); + sid_compose(sampass->group_sid, get_global_sam_sid(), + DOMAIN_GROUP_RID_USERS); } DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n", diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index de46254dde..bd85ded138 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -1472,8 +1472,7 @@ static bool lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, DEBUG(5,("lookup_global_sam_rid: looking up RID %u.\n", (unsigned int)rid)); - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, rid); + sid_compose(&sid, get_global_sam_sid(), rid); /* see if the passdb can help us with the name of the user */ diff --git a/source3/passdb/util_unixsids.c b/source3/passdb/util_unixsids.c index ad51253058..afda253c70 100644 --- a/source3/passdb/util_unixsids.c +++ b/source3/passdb/util_unixsids.c @@ -37,14 +37,12 @@ bool sid_check_is_in_unix_users(const DOM_SID *sid) bool uid_to_unix_users_sid(uid_t uid, DOM_SID *sid) { - sid_copy(sid, &global_sid_Unix_Users); - return sid_append_rid(sid, (uint32_t)uid); + return sid_compose(sid, &global_sid_Unix_Users, uid); } bool gid_to_unix_groups_sid(gid_t gid, DOM_SID *sid) { - sid_copy(sid, &global_sid_Unix_Groups); - return sid_append_rid(sid, (uint32_t)gid); + return sid_compose(sid, &global_sid_Unix_Groups, gid); } const char *unix_users_domain_name(void) @@ -55,17 +53,20 @@ const char *unix_users_domain_name(void) bool lookup_unix_user_name(const char *name, DOM_SID *sid) { struct passwd *pwd; + bool ret; pwd = getpwnam_alloc(talloc_autofree_context(), name); if (pwd == NULL) { return False; } - sid_copy(sid, &global_sid_Unix_Users); - sid_append_rid(sid, (uint32_t)pwd->pw_uid); /* For 64-bit uid's we have enough - * space ... */ + /* + * For 64-bit uid's we have enough space in the whole SID, + * should they become necessary + */ + ret = sid_compose(sid, &global_sid_Unix_Users, pwd->pw_uid); TALLOC_FREE(pwd); - return True; + return ret; } bool sid_check_is_unix_groups(const DOM_SID *sid) @@ -98,8 +99,9 @@ bool lookup_unix_group_name(const char *name, DOM_SID *sid) return False; } - sid_copy(sid, &global_sid_Unix_Groups); - sid_append_rid(sid, (uint32_t)grp->gr_gid); /* For 64-bit uid's we have enough - * space ... */ - return True; + /* + * For 64-bit gid's we have enough space in the whole SID, + * should they become necessary + */ + return sid_compose(sid, &global_sid_Unix_Groups, grp->gr_gid); } diff --git a/source3/passdb/util_wellknown.c b/source3/passdb/util_wellknown.c index 2af68b7e7c..0c45faab46 100644 --- a/source3/passdb/util_wellknown.c +++ b/source3/passdb/util_wellknown.c @@ -160,8 +160,8 @@ bool lookup_wellknown_name(TALLOC_CTX *mem_ctx, const char *name, for (j=0; users[j].name != NULL; j++) { if ( strequal(users[j].name, name) ) { - sid_copy(sid, special_domains[i].sid); - sid_append_rid(sid, users[j].rid); + sid_compose(sid, special_domains[i].sid, + users[j].rid); *domain = talloc_strdup( mem_ctx, special_domains[i].name); return True; diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 1f306512af..7aef424961 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -5398,8 +5398,8 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) if ( IS_DC ) { DOM_SID domadmins_sid; - sid_copy(&domadmins_sid, get_global_sam_sid()); - sid_append_rid(&domadmins_sid, DOMAIN_GROUP_RID_ADMINS); + sid_compose(&domadmins_sid, get_global_sam_sid(), + DOMAIN_GROUP_RID_ADMINS); sa = PRINTER_ACE_FULL_CONTROL; init_sec_ace(&ace[i++], &domadmins_sid, diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index e903f0e974..857040ec8b 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -335,8 +335,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); /* Add Full Access for Domain Admins */ - sid_copy(&adm_sid, get_global_sam_sid()); - sid_append_rid(&adm_sid, DOMAIN_GROUP_RID_ADMINS); + sid_compose(&adm_sid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS); init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 6b40385744..9f6afa1c98 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -145,8 +145,8 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd /* Add Full Access for Domain Admins if we are a DC */ if ( IS_DC ) { - sid_copy( &domadmin_sid, get_global_sam_sid() ); - sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS ); + sid_compose(&domadmin_sid, get_global_sam_sid(), + DOMAIN_GROUP_RID_ADMINS); init_sec_ace(&ace[i++], &domadmin_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); } @@ -266,8 +266,8 @@ void map_max_allowed_access(const NT_USER_TOKEN *nt_token, /* Full access for DOMAIN\Domain Admins. */ if ( IS_DC ) { DOM_SID domadmin_sid; - sid_copy( &domadmin_sid, get_global_sam_sid() ); - sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS ); + sid_compose(&domadmin_sid, get_global_sam_sid(), + DOMAIN_GROUP_RID_ADMINS); if (is_sid_in_token(nt_token, &domadmin_sid)) { *pacc_requested |= GENERIC_ALL_ACCESS; return; diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 7180a953bb..e82c7b14f2 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -299,8 +299,7 @@ static int net_groupmap_add(struct net_context *c, int argc, const char **argv) /* append the rid to our own domain/machine SID if we don't have a full SID */ if ( !string_sid[0] ) { - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, rid); + sid_compose(&sid, get_global_sam_sid(), rid); sid_to_fstring(string_sid, &sid); } @@ -610,8 +609,7 @@ static int net_groupmap_set(struct net_context *c, int argc, const char **argv) } } - sid_copy(&map.sid, get_global_sam_sid()); - sid_append_rid(&map.sid, c->opt_rid); + sid_compose(&map.sid, get_global_sam_sid(), c->opt_rid); map.sid_name_use = SID_NAME_DOM_GRP; fstrcpy(map.nt_name, ntgroup); @@ -795,8 +793,7 @@ static bool print_alias_memberships(TALLOC_CTX *mem_ctx, for (i = 0; i < num_alias_rids; i++) { DOM_SID alias; - sid_copy(&alias, domain_sid); - sid_append_rid(&alias, alias_rids[i]); + sid_compose(&alias, domain_sid, alias_rids[i]); printf("%s\n", sid_string_tos(&alias)); } diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 7dc8c1dd2c..762af716f5 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -3889,8 +3889,8 @@ static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd, sid_array.sids[j].sid); } - sid_copy(&alias.sid, domain_sid); - sid_append_rid(&alias.sid, groups->entries[i].idx); + sid_compose(&alias.sid, domain_sid, + groups->entries[i].idx); push_alias(mem_ctx, &alias); } @@ -5450,8 +5450,7 @@ static NTSTATUS rpc_trustdom_del_internals(struct net_context *c, } /* append the rid to the domain sid */ - sid_copy(&trust_acct_sid, domain_sid); - if (!sid_append_rid(&trust_acct_sid, user_rids.ids[0])) { + if (!sid_compose(&trust_acct_sid, domain_sid, user_rids.ids[0])) { goto done; } diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 06eedef920..ac41dc0ad0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -68,8 +68,7 @@ static int get_sid_from_cli_string(DOM_SID *sid, const char *str_sid) "a complete SID or RID!\n"); return -1; } - sid_copy(sid, get_global_sam_sid()); - sid_append_rid(sid, rid); + sid_compose(sid, get_global_sam_sid(), rid); } return 0; diff --git a/source3/winbindd/idmap_hash/idmap_hash.c b/source3/winbindd/idmap_hash/idmap_hash.c index 7d4dd2b5ab..1227b2a052 100644 --- a/source3/winbindd/idmap_hash/idmap_hash.c +++ b/source3/winbindd/idmap_hash/idmap_hash.c @@ -193,8 +193,7 @@ static NTSTATUS unixids_to_sids(struct idmap_domain *dom, if (!hashed_domains[h_domain].sid) continue; - sid_copy(ids[i]->sid, hashed_domains[h_domain].sid); - sid_append_rid(ids[i]->sid, h_rid); + sid_compose(ids[i]->sid, hashed_domains[h_domain].sid, h_rid); ids[i]->status = ID_MAPPED; } diff --git a/source3/winbindd/idmap_tdb.c b/source3/winbindd/idmap_tdb.c index 189b088809..8bfe751a8b 100644 --- a/source3/winbindd/idmap_tdb.c +++ b/source3/winbindd/idmap_tdb.c @@ -97,8 +97,7 @@ static int convert_fn(struct db_record *rec, void *private_data) rid = atoi(p); - sid_copy(&sid, &domain->sid); - sid_append_rid(&sid, rid); + sid_compose(&sid, &domain->sid, rid); sid_to_fstring(keystr, &sid); key2 = string_term_tdb_data(keystr); diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index d15fb86d86..f647a3ffaf 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -880,8 +880,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, goto done; } - sid_copy(&primary_group, &domain->sid); - sid_append_rid(&primary_group, primary_group_rid); + sid_compose(&primary_group, &domain->sid, primary_group_rid); count = ads_pull_sids(ads, mem_ctx, msg, "tokenGroups", &sids); diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index 68972dd18d..b7b5e6d7ed 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -2986,8 +2986,7 @@ void wcache_invalidate_samlogon(struct winbindd_domain *domain, return; } - sid_copy(&sid, info3->base.domain_sid); - sid_append_rid(&sid, info3->base.rid); + sid_compose(&sid, info3->base.domain_sid, info3->base.rid); /* Clear U/SID cache entry */ fstr_sprintf(key_str, "U/%s", sid_to_fstring(sid_string, &sid)); diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 357b6463d5..4658231a5c 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -195,8 +195,8 @@ static NTSTATUS append_afs_token(TALLOC_CTX *mem_ctx, DOM_SID user_sid; fstring sidstr; - sid_copy(&user_sid, info3->base.domain_sid); - sid_append_rid(&user_sid, info3->base.rid); + sid_compose(&user_sid, info3->base.domain_sid, + info3->base.rid); sid_to_fstring(sidstr, &user_sid); afsname = talloc_string_sub(mem_ctx, afsname, "%s", sidstr); diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c index 2146953639..87494db2bb 100644 --- a/source3/winbindd/winbindd_rpc.c +++ b/source3/winbindd/winbindd_rpc.c @@ -612,9 +612,8 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, return NT_STATUS_NO_MEMORY; for (i=0;i<(*num_groups);i++) { - sid_copy(&((*user_grpsids)[i]), &domain->sid); - sid_append_rid(&((*user_grpsids)[i]), - rid_array->rids[i].rid); + sid_compose(&((*user_grpsids)[i]), &domain->sid, + rid_array->rids[i].rid); } return NT_STATUS_OK; -- cgit