int i;
d_printf("Alias rid %u: ", rid);
for (i=0;i<a->num_members;i++) {
- d_printf("%s ", sid_string_static(&a->sids[i].sid));
+ d_printf("%s ", sid_string_tos(&a->sids[i].sid));
}
d_printf("\n");
}
old_string = pdb_get_munged_dial(account);
mung.length = delta->hdr_parameters.uni_str_len;
mung.data = (uint8 *) delta->uni_parameters.buffer;
- newstr = (mung.length == 0) ? NULL : base64_encode_data_blob(mung);
+ newstr = (mung.length == 0) ? NULL :
+ base64_encode_data_blob(talloc_tos(), mung);
if (STRING_CHANGED_NC(old_string, newstr))
pdb_set_munged_dial(account, newstr, PDB_CHANGED);
- SAFE_FREE(newstr);
+ TALLOC_FREE(newstr);
}
/* User and group sid */
/* Logon Hours */
if (delta->buf_logon_hrs.buffer) {
- pstring oldstr, newstr;
+ char oldstr[44], newstr[44];
pdb_sethexhours(oldstr, pdb_get_hours(account));
pdb_sethexhours(newstr, delta->buf_logon_hrs.buffer);
if (!strequal(oldstr, newstr))
{
NTSTATUS nt_ret = NT_STATUS_UNSUCCESSFUL;
fstring account;
- pstring add_script;
+ char *add_script = NULL;
struct samu *sam_account=NULL;
GROUP_MAP map;
struct group *grp;
return NT_STATUS_NO_MEMORY;
}
- if (!(passwd = Get_Pwnam(account))) {
+ if (!(passwd = Get_Pwnam_alloc(sam_account, account))) {
/* Create appropriate user */
if (delta->acb_info & ACB_NORMAL) {
- pstrcpy(add_script, lp_adduser_script());
+ add_script = talloc_strdup(sam_account,
+ lp_adduser_script());
} else if ( (delta->acb_info & ACB_WSTRUST) ||
(delta->acb_info & ACB_SVRTRUST) ||
(delta->acb_info & ACB_DOMTRUST) ) {
- pstrcpy(add_script, lp_addmachine_script());
+ add_script = talloc_strdup(sam_account,
+ lp_addmachine_script());
} else {
DEBUG(1, ("Unknown user type: %s\n",
pdb_encode_acct_ctrl(delta->acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN)));
nt_ret = NT_STATUS_UNSUCCESSFUL;
goto done;
}
+ if (!add_script) {
+ nt_ret = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
if (*add_script) {
int add_ret;
- all_string_sub(add_script, "%u", account,
- sizeof(account));
+ add_script = talloc_all_string_sub(sam_account,
+ add_script,
+ "%u",
+ account);
+ if (!add_script) {
+ nt_ret = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
add_ret = smbrun(add_script,NULL);
DEBUG(add_ret ? 0 : 1,("fetch_account: Running the command `%s' "
"gave %d\n", add_script, add_ret));
smb_nscd_flush_user_cache();
}
}
-
+
/* try and find the possible unix account again */
- if ( !(passwd = Get_Pwnam(account)) ) {
+ if ( !(passwd = Get_Pwnam_alloc(sam_account, account)) ) {
d_fprintf(stderr, "Could not create posix account info for '%s'\n", account);
nt_ret = NT_STATUS_NO_SUCH_USER;
goto done;
}
}
-
+
sid_copy(&user_sid, get_global_sam_sid());
sid_append_rid(&user_sid, delta->user_rid);
- DEBUG(3, ("Attempting to find SID %s for user %s in the passdb\n", sid_to_string(sid_string, &user_sid), account));
+ DEBUG(3, ("Attempting to find SID %s for user %s in the passdb\n",
+ sid_to_fstring(sid_string, &user_sid), account));
if (!pdb_getsampwsid(sam_account, &user_sid)) {
sam_account_from_delta(sam_account, delta);
DEBUG(3, ("Attempting to add user SID %s for user %s in the passdb\n",
- sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account)));
+ sid_to_fstring(sid_string, &user_sid),
+ pdb_get_username(sam_account)));
if (!NT_STATUS_IS_OK(pdb_add_sam_account(sam_account))) {
DEBUG(1, ("SAM Account for %s failed to be added to the passdb!\n",
account));
} else {
sam_account_from_delta(sam_account, delta);
DEBUG(3, ("Attempting to update user SID %s for user %s in the passdb\n",
- sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account)));
+ sid_to_fstring(sid_string, &user_sid),
+ pdb_get_username(sam_account)));
if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_account))) {
DEBUG(1, ("SAM Account for %s failed to be updated in the passdb!\n",
account));
if (map.gid != passwd->pw_gid) {
if (!(grp = getgrgid(map.gid))) {
DEBUG(0, ("Could not find unix group %lu for user %s (group SID=%s)\n",
- (unsigned long)map.gid, pdb_get_username(sam_account), sid_string_static(&group_sid)));
+ (unsigned long)map.gid, pdb_get_username(sam_account), sid_string_tos(&group_sid)));
} else {
smb_set_primary_group(grp->gr_name, pdb_get_username(sam_account));
}
}
- }
+ }
if ( !passwd ) {
DEBUG(1, ("No unix user for this account (%s), cannot adjust mappings\n",
DOM_SID group_sid;
fstring sid_string;
GROUP_MAP map;
- BOOL insert = True;
+ bool insert = True;
unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name));
unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment));
/* add the group to the mapping table */
sid_copy(&group_sid, get_global_sam_sid());
sid_append_rid(&group_sid, rid);
- sid_to_string(sid_string, &group_sid);
+ sid_to_fstring(sid_string, &group_sid);
if (pdb_getgrsid(&map, group_sid)) {
if ( map.gid != -1 )
if (!pdb_getsampwsid(member, &member_sid)) {
DEBUG(1, ("Found bogus group member: %d (member_sid=%s group=%s)\n",
- delta->rids[i], sid_string_static(&member_sid), grp->gr_name));
+ delta->rids[i], sid_string_tos(&member_sid), grp->gr_name));
TALLOC_FREE(member);
continue;
}
unix_members = grp->gr_mem;
while (*unix_members) {
- BOOL is_nt_member = False;
+ bool is_nt_member = False;
for (i=0; i<delta->num_members; i++) {
if (nt_members[i] == NULL) {
/* This was a primary group */
}
for (i=0; i<delta->num_members; i++) {
- BOOL is_unix_member = False;
+ bool is_unix_member = False;
if (nt_members[i] == NULL) {
/* This was the primary group */
DOM_SID alias_sid;
fstring sid_string;
GROUP_MAP map;
- BOOL insert = True;
+ bool insert = True;
unistr2_to_ascii(name, &delta->uni_als_name, sizeof(name));
unistr2_to_ascii(comment, &delta->uni_als_desc, sizeof(comment));
/* Find out whether the group is already mapped */
sid_copy(&alias_sid, &dom_sid);
sid_append_rid(&alias_sid, rid);
- sid_to_string(sid_string, &alias_sid);
+ sid_to_fstring(sid_string, &alias_sid);
if (pdb_getgrsid(&map, alias_sid)) {
grp = getgrgid(map.gid);
{
time_t u_max_age, u_min_age, u_logout, u_lockoutreset, u_lockouttime;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- pstring domname;
+ char *domname;
u_max_age = uint64s_nt_time_to_unix_abs(&delta->max_pwd_age);
u_min_age = uint64s_nt_time_to_unix_abs(&delta->min_pwd_age);
u_lockoutreset = uint64s_nt_time_to_unix_abs(&delta->account_lockout.reset_count);
u_lockouttime = uint64s_nt_time_to_unix_abs(&delta->account_lockout.lockout_duration);
- unistr2_to_ascii(domname, &delta->uni_dom_name, sizeof(domname));
+ domname = unistr2_to_ascii_talloc(talloc_tos(), &delta->uni_dom_name);
+ if (!domname) {
+ return NT_STATUS_NO_MEMORY;
+ }
- /* we don't handle BUILTIN account policies */
+ /* we don't handle BUILTIN account policies */
if (!strequal(domname, get_global_sam_name())) {
printf("skipping SAM_DOMAIN_INFO delta for '%s' (is not my domain)\n", domname);
return NT_STATUS_OK;
/* Map the groups created by populate_ldap_for_ldif */
groupmap[0].rid = 512;
groupmap[0].gidNumber = 512;
- pstr_sprintf(groupmap[0].sambaSID, "%s-512", sid);
- pstr_sprintf(groupmap[0].group_dn, "cn=Domain Admins,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[0].sambaSID, sizeof(groupmap[0].sambaSID),
+ "%s-512", sid);
+ snprintf(groupmap[0].group_dn, sizeof(groupmap[0].group_dn),
+ "cn=Domain Admins,ou=%s,%s",
+ group_attr, suffix);
accountmap[0].rid = 512;
- pstr_sprintf(accountmap[0].cn, "%s", "Domain Admins");
+ snprintf(accountmap[0].cn, sizeof(accountmap[0].cn),
+ "%s", "Domain Admins");
groupmap[1].rid = 513;
groupmap[1].gidNumber = 513;
- pstr_sprintf(groupmap[1].sambaSID, "%s-513", sid);
- pstr_sprintf(groupmap[1].group_dn, "cn=Domain Users,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[1].sambaSID, sizeof(groupmap[1].sambaSID),
+ "%s-513", sid);
+ snprintf(groupmap[1].group_dn, sizeof(groupmap[1].group_dn),
+ "cn=Domain Users,ou=%s,%s",
+ group_attr, suffix);
accountmap[1].rid = 513;
- pstr_sprintf(accountmap[1].cn, "%s", "Domain Users");
+ snprintf(accountmap[1].cn, sizeof(accountmap[1].cn),
+ "%s", "Domain Users");
groupmap[2].rid = 514;
groupmap[2].gidNumber = 514;
- pstr_sprintf(groupmap[2].sambaSID, "%s-514", sid);
- pstr_sprintf(groupmap[2].group_dn, "cn=Domain Guests,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[2].sambaSID, sizeof(groupmap[2].sambaSID),
+ "%s-514", sid);
+ snprintf(groupmap[2].group_dn, sizeof(groupmap[2].group_dn),
+ "cn=Domain Guests,ou=%s,%s",
+ group_attr, suffix);
accountmap[2].rid = 514;
- pstr_sprintf(accountmap[2].cn, "%s", "Domain Guests");
+ snprintf(accountmap[2].cn, sizeof(accountmap[2].cn),
+ "%s", "Domain Guests");
groupmap[3].rid = 515;
groupmap[3].gidNumber = 515;
- pstr_sprintf(groupmap[3].sambaSID, "%s-515", sid);
- pstr_sprintf(groupmap[3].group_dn, "cn=Domain Computers,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[3].sambaSID, sizeof(groupmap[3].sambaSID),
+ "%s-515", sid);
+ snprintf(groupmap[3].group_dn, sizeof(groupmap[3].group_dn),
+ "cn=Domain Computers,ou=%s,%s",
+ group_attr, suffix);
accountmap[3].rid = 515;
- pstr_sprintf(accountmap[3].cn, "%s", "Domain Computers");
+ snprintf(accountmap[3].cn, sizeof(accountmap[3].cn),
+ "%s", "Domain Computers");
groupmap[4].rid = 544;
groupmap[4].gidNumber = 544;
- pstr_sprintf(groupmap[4].sambaSID, "%s-544", builtin_sid);
- pstr_sprintf(groupmap[4].group_dn, "cn=Administrators,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[4].sambaSID, sizeof(groupmap[4].sambaSID),
+ "%s-544", builtin_sid);
+ snprintf(groupmap[4].group_dn, sizeof(groupmap[4].group_dn),
+ "cn=Administrators,ou=%s,%s",
+ group_attr, suffix);
accountmap[4].rid = 515;
- pstr_sprintf(accountmap[4].cn, "%s", "Administrators");
+ snprintf(accountmap[4].cn, sizeof(accountmap[4].cn),
+ "%s", "Administrators");
groupmap[5].rid = 550;
groupmap[5].gidNumber = 550;
- pstr_sprintf(groupmap[5].sambaSID, "%s-550", builtin_sid);
- pstr_sprintf(groupmap[5].group_dn, "cn=Print Operators,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[5].sambaSID, sizeof(groupmap[5].sambaSID),
+ "%s-550", builtin_sid);
+ snprintf(groupmap[5].group_dn, sizeof(groupmap[5].group_dn),
+ "cn=Print Operators,ou=%s,%s",
+ group_attr, suffix);
accountmap[5].rid = 550;
- pstr_sprintf(accountmap[5].cn, "%s", "Print Operators");
+ snprintf(accountmap[5].cn, sizeof(accountmap[5].cn),
+ "%s", "Print Operators");
groupmap[6].rid = 551;
groupmap[6].gidNumber = 551;
- pstr_sprintf(groupmap[6].sambaSID, "%s-551", builtin_sid);
- pstr_sprintf(groupmap[6].group_dn, "cn=Backup Operators,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[6].sambaSID, sizeof(groupmap[6].sambaSID),
+ "%s-551", builtin_sid);
+ snprintf(groupmap[6].group_dn, sizeof(groupmap[6].group_dn),
+ "cn=Backup Operators,ou=%s,%s",
+ group_attr, suffix);
accountmap[6].rid = 551;
- pstr_sprintf(accountmap[6].cn, "%s", "Backup Operators");
+ snprintf(accountmap[6].cn, sizeof(accountmap[6].cn),
+ "%s", "Backup Operators");
groupmap[7].rid = 552;
groupmap[7].gidNumber = 552;
- pstr_sprintf(groupmap[7].sambaSID, "%s-552", builtin_sid);
- pstr_sprintf(groupmap[7].group_dn, "cn=Replicators,ou=%s,%s",
- group_attr, suffix);
+ snprintf(groupmap[7].sambaSID, sizeof(groupmap[7].sambaSID),
+ "%s-552", builtin_sid);
+ snprintf(groupmap[7].group_dn, sizeof(groupmap[7].group_dn),
+ "cn=Replicators,ou=%s,%s",
+ group_attr, suffix);
accountmap[7].rid = 551;
- pstr_sprintf(accountmap[7].cn, "%s", "Replicators");
+ snprintf(accountmap[7].cn, sizeof(accountmap[7].cn),
+ "%s", "Replicators");
SAFE_FREE(group_attr);
return NT_STATUS_OK;
}
va_list ap;
char *value, *p, *base64;
DATA_BLOB base64_blob;
- BOOL do_base64 = False;
+ bool do_base64 = False;
int res;
va_start(ap, fmt);
}
if (!do_base64) {
- BOOL only_whitespace = True;
+ bool only_whitespace = True;
for (p=value; *p; p++) {
/*
* I know that this not multibyte safe, but we break
base64_blob.data = (unsigned char *)value;
base64_blob.length = strlen(value);
- base64 = base64_encode_data_blob(base64_blob);
+ base64 = base64_encode_data_blob(value, base64_blob);
SMB_ASSERT(base64 != NULL);
res = fprintf(add_fd, "%s:: %s\n", attr_name, base64);
TALLOC_FREE(value);
- SAFE_FREE(base64);
return res;
}
char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');
/* Get the group name */
- unistr2_to_ascii(groupname,
- &(delta->group_info.uni_grp_name),
+ unistr2_to_ascii(groupname,
+ &delta->group_info.uni_grp_name,
sizeof(groupname));
/* Set up the group type (always 2 for group info) */
g_rid = delta->group_info.gid.g_rid;
groupmap->rid = g_rid;
groupmap->gidNumber = ldif_gid;
- pstr_sprintf(groupmap->sambaSID, "%s-%d", sid, g_rid);
- pstr_sprintf(groupmap->group_dn,
+ snprintf(groupmap->sambaSID, sizeof(groupmap->sambaSID),
+ "%s-%d", sid, g_rid);
+ snprintf(groupmap->group_dn, sizeof(groupmap->group_dn),
"cn=%s,ou=%s,%s", groupname, group_attr, suffix);
/* Write the data to the temporary add ldif file */
int i;
/* Get the username */
- unistr2_to_ascii(username,
+ unistr2_to_ascii(username,
&(delta->account_info.uni_acct_name),
sizeof(username));
/* Map the rid and username for group member info later */
accountmap->rid = rid;
- pstr_sprintf(accountmap->cn, "%s", username);
+ snprintf(accountmap->cn, sizeof(accountmap->cn), "%s", username);
/* Get the home directory */
if (delta->account_info.acb_info & ACB_NORMAL) {
unistr2_to_ascii(homedir, &(delta->account_info.uni_home_dir),
sizeof(homedir));
if (!*homedir) {
- pstr_sprintf(homedir, "/home/%s", username);
+ snprintf(homedir, sizeof(homedir), "/home/%s", username);
} else {
- pstr_sprintf(homedir, "/nobodyshomedir");
+ snprintf(homedir, sizeof(homedir), "/nobodyshomedir");
}
ou = lp_ldap_user_suffix();
} else {
ou = lp_ldap_machine_suffix();
- pstr_sprintf(homedir, "/machinehomedir");
+ snprintf(homedir, sizeof(homedir), "/machinehomedir");
}
/* Get the logon script */
return NT_STATUS_UNSUCCESSFUL;
}
gidNumber = groupmap[i].gidNumber;
- pstr_sprintf(sambaSID, groupmap[i].sambaSID);
+ snprintf(sambaSID, sizeof(sambaSID), groupmap[i].sambaSID);
/* Set up sambaAcctFlags */
flags = pdb_encode_acct_ctrl(delta->account_info.acb_info,
/* Map the group rid and gid */
g_rid = delta->group_info.gid.g_rid;
groupmap->gidNumber = ldif_gid;
- pstr_sprintf(groupmap->sambaSID, "%s-%d", sid, g_rid);
+ snprintf(groupmap->sambaSID, sizeof(groupmap->sambaSID),
+ "%s-%d", sid, g_rid);
/* Write the data to the temporary add ldif file */
fprintf(add_fd, "# %s, %s, %s\n", aliasname, group_attr,
static NTSTATUS fetch_groupmem_info_to_ldif(SAM_DELTA_CTR *delta,
SAM_DELTA_HDR *hdr_delta,
GROUPMAP *groupmap,
- ACCOUNTMAP *accountmap,
+ ACCOUNTMAP *accountmap,
FILE *mod_fd, int alloced)
{
fstring group_dn;
if (groupmap[j].rid == group_rid) break;
}
if (j == alloced){
- DEBUG(1, ("Could not find rid %d in groupmap array\n",
+ DEBUG(1, ("Could not find rid %d in groupmap array\n",
group_rid));
return NT_STATUS_UNSUCCESSFUL;
}
- pstr_sprintf(group_dn, "%s", groupmap[j].group_dn);
+ snprintf(group_dn, sizeof(group_dn), "%s", groupmap[j].group_dn);
fprintf(mod_fd, "dn: %s\n", group_dn);
/* Get the cn for each member */
}
/* Get the sid */
- sid_to_string(sid, &dom_sid);
+ sid_to_fstring(sid, &dom_sid);
/* Get the ldap suffix */
suffix = lp_ldap_suffix();
"workgroup=%s\n\n in your smb.conf?\n",
domain_name,
get_global_sam_name(),
- sid_to_string(my_dom_sid_str,
- get_global_sam_sid()),
- domain_name, sid_to_string(rem_dom_sid_str,
- domain_sid),
+ sid_to_fstring(my_dom_sid_str,
+ get_global_sam_sid()),
+ domain_name, sid_to_fstring(rem_dom_sid_str,
+ domain_sid),
domain_name);
return NT_STATUS_UNSUCCESSFUL;
}