s3: Replace most calls to sid_append_rid() by sid_compose()
authorVolker Lendecke <vl@samba.org>
Sun, 10 Jan 2010 16:39:27 +0000 (17:39 +0100)
committerVolker Lendecke <vl@samba.org>
Sun, 10 Jan 2010 19:56:16 +0000 (20:56 +0100)
23 files changed:
source3/auth/auth_util.c
source3/groupdb/mapping.c
source3/libnet/libnet_samsync_passdb.c
source3/libsmb/samlogon_cache.c
source3/passdb/lookup_sid.c
source3/passdb/passdb.c
source3/passdb/pdb_compat.c
source3/passdb/pdb_get_set.c
source3/passdb/pdb_interface.c
source3/passdb/util_unixsids.c
source3/passdb/util_wellknown.c
source3/printing/nt_printing.c
source3/rpc_server/srv_lsa_nt.c
source3/rpc_server/srv_samr_nt.c
source3/utils/net_groupmap.c
source3/utils/net_rpc.c
source3/utils/pdbedit.c
source3/winbindd/idmap_hash/idmap_hash.c
source3/winbindd/idmap_tdb.c
source3/winbindd/winbindd_ads.c
source3/winbindd/winbindd_cache.c
source3/winbindd/winbindd_pam.c
source3/winbindd/winbindd_rpc.c

index 9db358d..de552cf 100644 (file)
@@ -1274,8 +1274,7 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser
                return NT_STATUS_NO_MEMORY;
        }
 
-       sid_copy(&guest_sid, get_global_sam_sid());
-       sid_append_rid(&guest_sid, DOMAIN_USER_RID_GUEST);
+       sid_compose(&guest_sid, get_global_sam_sid(), DOMAIN_USER_RID_GUEST);
 
        become_root();
        ret = pdb_getsampwsid(sampass, &guest_sid);
@@ -1645,13 +1644,12 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
           matches.
        */
 
-       sid_copy(&user_sid, info3->base.domain_sid);
-       if (!sid_append_rid(&user_sid, info3->base.rid)) {
+       if (!sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid)) {
                return NT_STATUS_INVALID_PARAMETER;
        }
        
-       sid_copy(&group_sid, info3->base.domain_sid);
-       if (!sid_append_rid(&group_sid, info3->base.primary_gid)) {
+       if (!sid_compose(&group_sid, info3->base.domain_sid,
+                        info3->base.primary_gid)) {
                return NT_STATUS_INVALID_PARAMETER;
        }
 
index 12d0bd3..579486b 100644 (file)
@@ -519,8 +519,7 @@ NTSTATUS pdb_default_create_alias(struct pdb_methods *methods,
        DEBUG(10, ("Creating alias %s with gid %u and rid %u\n",
                   name, (unsigned int)gid, (unsigned int)new_rid));
 
-       sid_copy(&sid, get_global_sam_sid());
-       sid_append_rid(&sid, new_rid);
+       sid_compose(&sid, get_global_sam_sid(), new_rid);
 
        map.gid = gid;
        sid_copy(&map.sid, &sid);
index 41a9b3d..51f96dc 100644 (file)
@@ -318,8 +318,7 @@ static NTSTATUS fetch_account_info(TALLOC_CTX *mem_ctx,
                goto done;
        }
 
-       sid_copy(&user_sid, get_global_sam_sid());
-       sid_append_rid(&user_sid, r->rid);
+       sid_compose(&user_sid, get_global_sam_sid(), r->rid);
 
        DEBUG(3, ("Attempting to find SID %s for user %s in the passdb\n",
                  sid_to_fstring(sid_string, &user_sid), account));
@@ -395,8 +394,7 @@ static NTSTATUS fetch_group_info(TALLOC_CTX *mem_ctx,
        fstrcpy(comment, r->description.string);
 
        /* add the group to the mapping table */
-       sid_copy(&group_sid, get_global_sam_sid());
-       sid_append_rid(&group_sid, rid);
+       sid_compose(&group_sid, get_global_sam_sid(), rid);
        sid_to_fstring(sid_string, &group_sid);
 
        if (pdb_getgrsid(&map, group_sid)) {
@@ -459,8 +457,7 @@ static NTSTATUS fetch_group_mem_info(TALLOC_CTX *mem_ctx,
                return NT_STATUS_OK;
        }
 
-       sid_copy(&group_sid, get_global_sam_sid());
-       sid_append_rid(&group_sid, rid);
+       sid_compose(&group_sid, get_global_sam_sid(), rid);
 
        if (!get_domain_group_from_sid(group_sid, &map)) {
                DEBUG(0, ("Could not find global group %d\n", rid));
@@ -491,8 +488,7 @@ static NTSTATUS fetch_group_mem_info(TALLOC_CTX *mem_ctx,
                        return NT_STATUS_NO_MEMORY;
                }
 
-               sid_copy(&member_sid, get_global_sam_sid());
-               sid_append_rid(&member_sid, r->rids[i]);
+               sid_compose(&member_sid, get_global_sam_sid(), r->rids[i]);
 
                if (!pdb_getsampwsid(member, &member_sid)) {
                        DEBUG(1, ("Found bogus group member: %d (member_sid=%s group=%s)\n",
@@ -587,8 +583,7 @@ static NTSTATUS fetch_alias_info(TALLOC_CTX *mem_ctx,
        fstrcpy(comment, r->description.string);
 
        /* Find out whether the group is already mapped */
-       sid_copy(&alias_sid, dom_sid);
-       sid_append_rid(&alias_sid, rid);
+       sid_compose(&alias_sid, dom_sid, rid);
        sid_to_fstring(sid_string, &alias_sid);
 
        if (pdb_getgrsid(&map, alias_sid)) {
index 1290182..7339acb 100644 (file)
@@ -113,8 +113,7 @@ void netsamlogon_clear_cached_user(struct netr_SamInfo3 *info3)
                        NETSAMLOGON_TDB));
                return;
        }
-       sid_copy(&user_sid, info3->base.domain_sid);
-       sid_append_rid(&user_sid, info3->base.rid);
+       sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid);
 
        /* Prepare key as DOMAIN-SID/USER-RID string */
        slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, &user_sid));
@@ -151,8 +150,7 @@ bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3)
                return false;
        }
 
-       sid_copy(&user_sid, info3->base.domain_sid);
-       sid_append_rid(&user_sid, info3->base.rid);
+       sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid);
 
        /* Prepare key as DOMAIN-SID/USER-RID string */
        slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, &user_sid));
index a197c51..4421d89 100644 (file)
@@ -75,8 +75,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
 
                /* It's our own domain, lookup the name in passdb */
                if (lookup_global_sam_name(name, flags, &rid, &type)) {
-                       sid_copy(&sid, get_global_sam_sid());
-                       sid_append_rid(&sid, rid);
+                       sid_compose(&sid, get_global_sam_sid(), rid);
                        goto ok;
                }
                TALLOC_FREE(tmp_ctx);
@@ -96,8 +95,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
 
                /* Explicit request for a name in BUILTIN */
                if (lookup_builtin_name(name, &rid)) {
-                       sid_copy(&sid, &global_sid_Builtin);
-                       sid_append_rid(&sid, rid);
+                       sid_compose(&sid, &global_sid_Builtin, rid);
                        type = SID_NAME_ALIAS;
                        goto ok;
                }
@@ -215,8 +213,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
            lookup_builtin_name(name, &rid))
        {
                domain = talloc_strdup(tmp_ctx, builtin_domain_name());
-               sid_copy(&sid, &global_sid_Builtin);
-               sid_append_rid(&sid, rid);
+               sid_compose(&sid, &global_sid_Builtin, rid);
                type = SID_NAME_ALIAS;
                goto ok;
        }
@@ -230,8 +227,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
            lookup_global_sam_name(name, flags, &rid, &type))
        {
                domain = talloc_strdup(tmp_ctx, get_global_sam_name());
-               sid_copy(&sid, get_global_sam_sid());
-               sid_append_rid(&sid, rid);
+               sid_compose(&sid, get_global_sam_sid(), rid);
                goto ok;
        }
 
@@ -544,8 +540,7 @@ static bool lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
        if (sid_check_is_wellknown_domain(domain_sid, NULL)) {
                for (i=0; i<num_rids; i++) {
                        DOM_SID sid;
-                       sid_copy(&sid, domain_sid);
-                       sid_append_rid(&sid, rids[i]);
+                       sid_compose(&sid, domain_sid, rids[i]);
                        if (lookup_wellknown_sid(mem_ctx, &sid,
                                                 domain_name, &(*names)[i])) {
                                if ((*names)[i] == NULL) {
index b2c3b94..3ced150 100644 (file)
@@ -216,8 +216,7 @@ static NTSTATUS samu_set_unix_internal(struct samu *user, const struct passwd *p
                        return NT_STATUS_ACCESS_DENIED;
                }
 
-               sid_copy( &user_sid, get_global_sam_sid() );
-               sid_append_rid( &user_sid, user_rid );
+               sid_compose(&user_sid, get_global_sam_sid(), user_rid);
 
                if ( !pdb_set_user_sid(user, &user_sid, PDB_SET) ) {
                        DEBUG(3, ("pdb_set_user_sid failed\n"));
index 9967eb5..b65be70 100644 (file)
@@ -60,10 +60,9 @@ bool pdb_set_user_sid_from_rid (struct samu *sampass, uint32 rid, enum pdb_value
                return False;
        }
 
-       sid_copy(&u_sid, global_sam_sid);
-
-       if (!sid_append_rid(&u_sid, rid))
+       if (!sid_compose(&u_sid, global_sam_sid, rid)) {
                return False;
+       }
 
        if (!pdb_set_user_sid(sampass, &u_sid, flag))
                return False;
@@ -87,10 +86,9 @@ bool pdb_set_group_sid_from_rid (struct samu *sampass, uint32 grid, enum pdb_val
                return False;
        }
 
-       sid_copy(&g_sid, global_sam_sid);
-       
-       if (!sid_append_rid(&g_sid, grid))
+       if (!sid_compose(&g_sid, global_sam_sid, grid)) {
                return False;
+       }
 
        if (!pdb_set_group_sid(sampass, &g_sid, flag))
                return False;
index 7fc9f92..d7fc02f 100644 (file)
@@ -239,8 +239,7 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass)
        /* Just set it to the 'Domain Users' RID of 512 which will 
           always resolve to a name */
 
-       sid_copy( gsid, get_global_sam_sid() );
-       sid_append_rid( gsid, DOMAIN_GROUP_RID_USERS );
+       sid_compose(gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
 
        sampass->group_sid = gsid;
 
@@ -552,8 +551,8 @@ bool pdb_set_group_sid(struct samu *sampass, const DOM_SID *g_sid, enum pdb_valu
        if ( sid_to_gid( g_sid, &gid ) ) {
                sid_copy(sampass->group_sid, g_sid);
        } else {
-               sid_copy( sampass->group_sid, get_global_sam_sid() );
-               sid_append_rid( sampass->group_sid, DOMAIN_GROUP_RID_USERS );
+               sid_compose(sampass->group_sid, get_global_sam_sid(),
+                           DOMAIN_GROUP_RID_USERS);
        }
 
        DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n", 
index de46254..bd85ded 100644 (file)
@@ -1472,8 +1472,7 @@ static bool lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
        DEBUG(5,("lookup_global_sam_rid: looking up RID %u.\n",
                 (unsigned int)rid));
 
-       sid_copy(&sid, get_global_sam_sid());
-       sid_append_rid(&sid, rid);
+       sid_compose(&sid, get_global_sam_sid(), rid);
 
        /* see if the passdb can help us with the name of the user */
 
index ad51253..afda253 100644 (file)
@@ -37,14 +37,12 @@ bool sid_check_is_in_unix_users(const DOM_SID *sid)
 
 bool uid_to_unix_users_sid(uid_t uid, DOM_SID *sid)
 {
-       sid_copy(sid, &global_sid_Unix_Users);
-       return sid_append_rid(sid, (uint32_t)uid);
+       return sid_compose(sid, &global_sid_Unix_Users, uid);
 }
 
 bool gid_to_unix_groups_sid(gid_t gid, DOM_SID *sid)
 {
-       sid_copy(sid, &global_sid_Unix_Groups);
-       return sid_append_rid(sid, (uint32_t)gid);
+       return sid_compose(sid, &global_sid_Unix_Groups, gid);
 }
 
 const char *unix_users_domain_name(void)
@@ -55,17 +53,20 @@ const char *unix_users_domain_name(void)
 bool lookup_unix_user_name(const char *name, DOM_SID *sid)
 {
        struct passwd *pwd;
+       bool ret;
 
        pwd = getpwnam_alloc(talloc_autofree_context(), name);
        if (pwd == NULL) {
                return False;
        }
 
-       sid_copy(sid, &global_sid_Unix_Users);
-       sid_append_rid(sid, (uint32_t)pwd->pw_uid); /* For 64-bit uid's we have enough
-                                         * space ... */
+       /*
+        * For 64-bit uid's we have enough space in the whole SID,
+        * should they become necessary
+        */
+       ret = sid_compose(sid, &global_sid_Unix_Users, pwd->pw_uid);
        TALLOC_FREE(pwd);
-       return True;
+       return ret;
 }
 
 bool sid_check_is_unix_groups(const DOM_SID *sid)
@@ -98,8 +99,9 @@ bool lookup_unix_group_name(const char *name, DOM_SID *sid)
                return False;
        }
 
-       sid_copy(sid, &global_sid_Unix_Groups);
-       sid_append_rid(sid, (uint32_t)grp->gr_gid); /* For 64-bit uid's we have enough
-                                          * space ... */
-       return True;
+       /*
+        * For 64-bit gid's we have enough space in the whole SID,
+        * should they become necessary
+        */
+       return sid_compose(sid, &global_sid_Unix_Groups, grp->gr_gid);
 }
index 2af68b7..0c45faa 100644 (file)
@@ -160,8 +160,8 @@ bool lookup_wellknown_name(TALLOC_CTX *mem_ctx, const char *name,
 
                for (j=0; users[j].name != NULL; j++) {
                        if ( strequal(users[j].name, name) ) {
-                               sid_copy(sid, special_domains[i].sid);
-                               sid_append_rid(sid, users[j].rid);
+                               sid_compose(sid, special_domains[i].sid,
+                                           users[j].rid);
                                *domain = talloc_strdup(
                                        mem_ctx, special_domains[i].name);
                                return True;
index 1f30651..7aef424 100644 (file)
@@ -5398,8 +5398,8 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx)
        if ( IS_DC ) {
                DOM_SID domadmins_sid;
 
-               sid_copy(&domadmins_sid, get_global_sam_sid());
-               sid_append_rid(&domadmins_sid, DOMAIN_GROUP_RID_ADMINS);
+               sid_compose(&domadmins_sid, get_global_sam_sid(),
+                           DOMAIN_GROUP_RID_ADMINS);
 
                sa = PRINTER_ACE_FULL_CONTROL;
                init_sec_ace(&ace[i++], &domadmins_sid,
index e903f0e..857040e 100644 (file)
@@ -335,8 +335,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s
                        SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
 
        /* Add Full Access for Domain Admins */
-       sid_copy(&adm_sid, get_global_sam_sid());
-       sid_append_rid(&adm_sid, DOMAIN_GROUP_RID_ADMINS);
+       sid_compose(&adm_sid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
        init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
                        map->generic_all, 0);
 
index 6b40385..9f6afa1 100644 (file)
@@ -145,8 +145,8 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
        /* Add Full Access for Domain Admins if we are a DC */
 
        if ( IS_DC ) {
-               sid_copy( &domadmin_sid, get_global_sam_sid() );
-               sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
+               sid_compose(&domadmin_sid, get_global_sam_sid(),
+                           DOMAIN_GROUP_RID_ADMINS);
                init_sec_ace(&ace[i++], &domadmin_sid,
                        SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
        }
@@ -266,8 +266,8 @@ void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
        /* Full access for DOMAIN\Domain Admins. */
        if ( IS_DC ) {
                DOM_SID domadmin_sid;
-               sid_copy( &domadmin_sid, get_global_sam_sid() );
-               sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
+               sid_compose(&domadmin_sid, get_global_sam_sid(),
+                           DOMAIN_GROUP_RID_ADMINS);
                if (is_sid_in_token(nt_token, &domadmin_sid)) {
                        *pacc_requested |= GENERIC_ALL_ACCESS;
                        return;
index 7180a95..e82c7b1 100644 (file)
@@ -299,8 +299,7 @@ static int net_groupmap_add(struct net_context *c, int argc, const char **argv)
 
        /* append the rid to our own domain/machine SID if we don't have a full SID */
        if ( !string_sid[0] ) {
-               sid_copy(&sid, get_global_sam_sid());
-               sid_append_rid(&sid, rid);
+               sid_compose(&sid, get_global_sam_sid(), rid);
                sid_to_fstring(string_sid, &sid);
        }
 
@@ -610,8 +609,7 @@ static int net_groupmap_set(struct net_context *c, int argc, const char **argv)
                        }
                }
 
-               sid_copy(&map.sid, get_global_sam_sid());
-               sid_append_rid(&map.sid, c->opt_rid);
+               sid_compose(&map.sid, get_global_sam_sid(), c->opt_rid);
 
                map.sid_name_use = SID_NAME_DOM_GRP;
                fstrcpy(map.nt_name, ntgroup);
@@ -795,8 +793,7 @@ static bool print_alias_memberships(TALLOC_CTX *mem_ctx,
 
        for (i = 0; i < num_alias_rids; i++) {
                DOM_SID alias;
-               sid_copy(&alias, domain_sid);
-               sid_append_rid(&alias, alias_rids[i]);
+               sid_compose(&alias, domain_sid, alias_rids[i]);
                printf("%s\n", sid_string_tos(&alias));
        }
 
index 7dc8c1d..762af71 100644 (file)
@@ -3889,8 +3889,8 @@ static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd,
                                                 sid_array.sids[j].sid);
                        }
 
-                       sid_copy(&alias.sid, domain_sid);
-                       sid_append_rid(&alias.sid, groups->entries[i].idx);
+                       sid_compose(&alias.sid, domain_sid,
+                                   groups->entries[i].idx);
 
                        push_alias(mem_ctx, &alias);
                }
@@ -5450,8 +5450,7 @@ static NTSTATUS rpc_trustdom_del_internals(struct net_context *c,
        }
 
        /* append the rid to the domain sid */
-       sid_copy(&trust_acct_sid, domain_sid);
-       if (!sid_append_rid(&trust_acct_sid, user_rids.ids[0])) {
+       if (!sid_compose(&trust_acct_sid, domain_sid, user_rids.ids[0])) {
                goto done;
        }
 
index 06eedef..ac41dc0 100644 (file)
@@ -68,8 +68,7 @@ static int get_sid_from_cli_string(DOM_SID *sid, const char *str_sid)
                                        "a complete SID or RID!\n");
                        return -1;
                }
-               sid_copy(sid, get_global_sam_sid());
-               sid_append_rid(sid, rid);
+               sid_compose(sid, get_global_sam_sid(), rid);
        }
 
        return 0;
index 7d4dd2b..1227b2a 100644 (file)
@@ -193,8 +193,7 @@ static NTSTATUS unixids_to_sids(struct idmap_domain *dom,
                if (!hashed_domains[h_domain].sid)
                        continue;
 
-               sid_copy(ids[i]->sid, hashed_domains[h_domain].sid);
-               sid_append_rid(ids[i]->sid, h_rid);
+               sid_compose(ids[i]->sid, hashed_domains[h_domain].sid, h_rid);
                ids[i]->status = ID_MAPPED;
        }
 
index 189b088..8bfe751 100644 (file)
@@ -97,8 +97,7 @@ static int convert_fn(struct db_record *rec, void *private_data)
 
        rid = atoi(p);
 
-       sid_copy(&sid, &domain->sid);
-       sid_append_rid(&sid, rid);
+       sid_compose(&sid, &domain->sid, rid);
 
        sid_to_fstring(keystr, &sid);
        key2 = string_term_tdb_data(keystr);
index d15fb86..f647a3f 100644 (file)
@@ -880,8 +880,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
                goto done;
        }
 
-       sid_copy(&primary_group, &domain->sid);
-       sid_append_rid(&primary_group, primary_group_rid);
+       sid_compose(&primary_group, &domain->sid, primary_group_rid);
 
        count = ads_pull_sids(ads, mem_ctx, msg, "tokenGroups", &sids);
 
index 68972dd..b7b5e6d 100644 (file)
@@ -2986,8 +2986,7 @@ void wcache_invalidate_samlogon(struct winbindd_domain *domain,
                 return;
         }
 
-       sid_copy(&sid, info3->base.domain_sid);
-       sid_append_rid(&sid, info3->base.rid);
+       sid_compose(&sid, info3->base.domain_sid, info3->base.rid);
 
        /* Clear U/SID cache entry */
        fstr_sprintf(key_str, "U/%s", sid_to_fstring(sid_string, &sid));
index 357b646..4658231 100644 (file)
@@ -195,8 +195,8 @@ static NTSTATUS append_afs_token(TALLOC_CTX *mem_ctx,
                DOM_SID user_sid;
                fstring sidstr;
 
-               sid_copy(&user_sid, info3->base.domain_sid);
-               sid_append_rid(&user_sid, info3->base.rid);
+               sid_compose(&user_sid, info3->base.domain_sid,
+                           info3->base.rid);
                sid_to_fstring(sidstr, &user_sid);
                afsname = talloc_string_sub(mem_ctx, afsname,
                                            "%s", sidstr);
index 2146953..87494db 100644 (file)
@@ -612,9 +612,8 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
                return NT_STATUS_NO_MEMORY;
 
        for (i=0;i<(*num_groups);i++) {
-               sid_copy(&((*user_grpsids)[i]), &domain->sid);
-               sid_append_rid(&((*user_grpsids)[i]),
-                               rid_array->rids[i].rid);
+               sid_compose(&((*user_grpsids)[i]), &domain->sid,
+                           rid_array->rids[i].rid);
        }
 
        return NT_STATUS_OK;