"for gid %d!\n", gids[i]));
continue;
}
- if (!add_sid_to_array_unique( result, &unix_group_sid,
- &result->sids, &result->num_sids )) {
+ status = add_sid_to_array_unique(result, &unix_group_sid,
+ &result->sids,
+ &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
result->sam_account = NULL; /* Don't free on error exit. */
TALLOC_FREE(result);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
}
"for gid %d!\n", gids[i]));
continue;
}
- if (!add_sid_to_array_unique(tmp_ctx, &unix_group_sid,
- &group_sids, &num_group_sids )) {
- result = NT_STATUS_NO_MEMORY;
+ result = add_sid_to_array_unique(tmp_ctx, &unix_group_sid,
+ &group_sids, &num_group_sids);
+ if (!NT_STATUS_IS_OK(result)) {
goto done;
}
}
return NT_STATUS_NO_SUCH_USER;
}
- if (!add_sid_to_array_unique(result, &u_sid,
- &result->sids,
- &result->num_sids)) {
+ status = add_sid_to_array_unique(result, &u_sid,
+ &result->sids,
+ &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(result);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
/* For now we throw away the gids and convert via sid_to_gid
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("pdb_enum_alias_memberships failed: %s\n",
nt_errstr(status)));
- TALLOC_FREE(tmp_ctx);
- return status;
+ goto done;
}
for (i=0; i<num_aliases; i++) {
DOM_SID alias_sid;
sid_compose(&alias_sid, domain_sid, aliases[i]);
- if (!add_sid_to_array_unique(token, &alias_sid,
- &token->user_sids,
- &token->num_sids)) {
+ status = add_sid_to_array_unique(token, &alias_sid,
+ &token->user_sids,
+ &token->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("add_sid_to_array failed\n"));
- TALLOC_FREE(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
+ goto done;
}
}
+done:
TALLOC_FREE(tmp_ctx);
return NT_STATUS_OK;
}
static NTSTATUS add_builtin_administrators( struct nt_user_token *token )
{
DOM_SID domadm;
+ NTSTATUS status;
/* nothing to do if we aren't in a domain */
/* Add Administrators if the user beloongs to Domain Admins */
if ( nt_token_check_sid( &domadm, token ) ) {
- if (!add_sid_to_array(token, &global_sid_Builtin_Administrators,
- &token->user_sids, &token->num_sids)) {
- return NT_STATUS_NO_MEMORY;
+ status = add_sid_to_array(token,
+ &global_sid_Builtin_Administrators,
+ &token->user_sids, &token->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
}
/* Add the user and primary group sid */
- if (!add_sid_to_array(result, user_sid,
- &result->user_sids, &result->num_sids)) {
+ status = add_sid_to_array(result, user_sid,
+ &result->user_sids, &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
/* For guest, num_groupsids may be zero. */
if (num_groupsids) {
- if (!add_sid_to_array(result, &groupsids[0],
- &result->user_sids, &result->num_sids)) {
+ status = add_sid_to_array(result, &groupsids[0],
+ &result->user_sids,
+ &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
}
/* Add in BUILTIN sids */
- if (!add_sid_to_array(result, &global_sid_World,
- &result->user_sids, &result->num_sids)) {
+ status = add_sid_to_array(result, &global_sid_World,
+ &result->user_sids, &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
- if (!add_sid_to_array(result, &global_sid_Network,
- &result->user_sids, &result->num_sids)) {
+ status = add_sid_to_array(result, &global_sid_Network,
+ &result->user_sids, &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
if (is_guest) {
- if (!add_sid_to_array(result, &global_sid_Builtin_Guests,
- &result->user_sids, &result->num_sids)) {
+ status = add_sid_to_array(result, &global_sid_Builtin_Guests,
+ &result->user_sids,
+ &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
} else {
- if (!add_sid_to_array(result, &global_sid_Authenticated_Users,
- &result->user_sids, &result->num_sids)) {
+ status = add_sid_to_array(result,
+ &global_sid_Authenticated_Users,
+ &result->user_sids,
+ &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
}
* first group sid as primary above. */
for (i=1; i<num_groupsids; i++) {
- if (!add_sid_to_array_unique(result, &groupsids[i],
- &result->user_sids, &result->num_sids)) {
+ status = add_sid_to_array_unique(result, &groupsids[i],
+ &result->user_sids,
+ &result->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
}
goto failed;
}
string_to_sid(&alias, (char *)el->values[0].data);
- if (!add_sid_to_array_unique(NULL, &alias, sids, num)) {
- status = NT_STATUS_NO_MEMORY;
+ status = add_sid_to_array_unique(NULL, &alias, sids, num);
+ if (!NT_STATUS_IS_OK(status)) {
goto failed;
}
}
NULL
};
int ret, i;
+ NTSTATUS status;
struct ldb_result *res=NULL;
struct ldb_dn *dn;
struct ldb_message_element *el;
for (i=0;i<el->num_values;i++) {
DOM_SID sid;
string_to_sid(&sid, (const char *)el->values[i].data);
- if (!add_sid_to_array_unique(NULL, &sid, sids, num)) {
- talloc_free(dn);
- return NT_STATUS_NO_MEMORY;
+ status = add_sid_to_array_unique(NULL, &sid, sids, num);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
}
}
- talloc_free(dn);
- return NT_STATUS_OK;
+done:
+ talloc_free(dn);
+ return status;
}
/*
if (!string_to_sid(&alias, string_sid))
continue;
- if (!add_sid_to_array_unique(NULL, &alias, sids, num)) {
- status = NT_STATUS_NO_MEMORY;
+ status= add_sid_to_array_unique(NULL, &alias, sids, num);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
}
if (!string_to_sid(&member, member_string))
continue;
- if (!add_sid_to_array(NULL, &member, closure->sids, closure->num)) {
+ if (!NT_STATUS_IS_OK(add_sid_to_array(NULL, &member,
+ closure->sids,
+ closure->num)))
+ {
/* talloc fail. */
break;
}
return 0;
}
- if (!add_sid_to_array( priv->mem_ctx, &sid, &priv->sids.list,
- &priv->sids.count )) {
+ if (!NT_STATUS_IS_OK(add_sid_to_array(priv->mem_ctx, &sid,
+ &priv->sids.list,
+ &priv->sids.count)))
+ {
return 0;
}
*/
NT_USER_TOKEN *registry_create_admin_token(TALLOC_CTX *mem_ctx)
{
+ NTSTATUS status;
NT_USER_TOKEN *token = NULL;
/* fake a user token: builtin administrators sid and the
* disk operators privilege is all we need to access the
* registry... */
- if (!(token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) {
+ token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN);
+ if (token == NULL) {
DEBUG(1, ("talloc failed\n"));
goto done;
}
token->privileges = se_disk_operators;
- if (!add_sid_to_array(token, &global_sid_Builtin_Administrators,
- &token->user_sids, &token->num_sids)) {
+ status = add_sid_to_array(token, &global_sid_Builtin_Administrators,
+ &token->user_sids, &token->num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Error adding builtin administrators sid "
"to fake token.\n"));
goto done;
Add SID to an array SIDs
********************************************************************/
-bool add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- DOM_SID **sids, size_t *num)
+NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
+ DOM_SID **sids, size_t *num)
{
*sids = TALLOC_REALLOC_ARRAY(mem_ctx, *sids, DOM_SID,
(*num)+1);
if (*sids == NULL) {
*num = 0;
- return False;
+ return NT_STATUS_NO_MEMORY;
}
sid_copy(&((*sids)[*num]), sid);
*num += 1;
- return True;
+ return NT_STATUS_OK;
}
Add SID to an array SIDs ensuring that it is not already there
********************************************************************/
-bool add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- DOM_SID **sids, size_t *num_sids)
+NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
+ DOM_SID **sids, size_t *num_sids)
{
size_t i;
for (i=0; i<(*num_sids); i++) {
if (sid_compare(sid, &(*sids)[i]) == 0)
- return True;
+ return NT_STATUS_OK;
}
return add_sid_to_array(mem_ctx, sid, sids, num_sids);
size_t *num_user_sids,
bool include_user_group_rid)
{
+ NTSTATUS status;
DOM_SID sid;
DOM_SID *sid_array = NULL;
size_t num_sids = 0;
if (include_user_group_rid) {
- if (!sid_compose(&sid, &(info3->dom_sid.sid),
- info3->user_rid)
- || !add_sid_to_array(mem_ctx, &sid,
- &sid_array, &num_sids)) {
- DEBUG(3,("could not add user SID from rid 0x%x\n",
- info3->user_rid));
+ if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->user_rid))
+ {
+ DEBUG(3, ("could not compose user SID from rid 0x%x\n",
+ info3->user_rid));
return NT_STATUS_INVALID_PARAMETER;
}
+ status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(3, ("could not append user SID from rid 0x%x\n",
+ info3->user_rid));
+ return status;
+ }
- if (!sid_compose(&sid, &(info3->dom_sid.sid),
- info3->group_rid)
- || !add_sid_to_array(mem_ctx, &sid,
- &sid_array, &num_sids)) {
- DEBUG(3,("could not append additional group rid 0x%x\n",
- info3->group_rid));
-
+ if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->group_rid))
+ {
+ DEBUG(3, ("could not compose group SID from rid 0x%x\n",
+ info3->group_rid));
return NT_STATUS_INVALID_PARAMETER;
}
+ status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(3, ("could not append group SID from rid 0x%x\n",
+ info3->group_rid));
+ return status;
+ }
}
for (i = 0; i < info3->num_groups2; i++) {
if (!sid_compose(&sid, &(info3->dom_sid.sid),
- info3->gids[i].g_rid)
- || !add_sid_to_array(mem_ctx, &sid,
- &sid_array, &num_sids)) {
- DEBUG(3,("could not append additional group rid 0x%x\n",
- info3->gids[i].g_rid));
+ info3->gids[i].g_rid))
+ {
+ DEBUG(3, ("could not compose SID from additional group "
+ "rid 0x%x\n", info3->gids[i].g_rid));
return NT_STATUS_INVALID_PARAMETER;
}
+ status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(3, ("could not append SID from additional group "
+ "rid 0x%x\n", info3->gids[i].g_rid));
+ return status;
+ }
}
/* Copy 'other' sids. We need to do sid filtering here to
*/
for (i = 0; i < info3->num_other_sids; i++) {
- if (!add_sid_to_array(mem_ctx, &info3->other_sids[i].sid,
- &sid_array, &num_sids)) {
+ status = add_sid_to_array(mem_ctx, &info3->other_sids[i].sid,
+ &sid_array, &num_sids);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("could not add SID to array: %s\n",
sid_string_dbg(&info3->other_sids[i].sid)));
- return NT_STATUS_NO_MEMORY;
+ return status;
}
}
token_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, 1);
ADS_ERROR_HAVE_NO_MEMORY(token_sids);
- if (!add_sid_to_array_unique(mem_ctx, &primary_group_sid, &token_sids,
- &num_token_sids)) {
- return ADS_ERROR(LDAP_NO_MEMORY);
+ status = ADS_ERROR_NT(add_sid_to_array_unique(mem_ctx,
+ &primary_group_sid,
+ &token_sids,
+ &num_token_sids));
+ if (!ADS_ERR_OK(status)) {
+ return status;
}
for (i = 0; i < num_ad_token_sids; i++) {
continue;
}
- if (!add_sid_to_array_unique(mem_ctx, &ad_token_sids[i],
- &token_sids, &num_token_sids)) {
- return ADS_ERROR(LDAP_NO_MEMORY);
+ status = ADS_ERROR_NT(add_sid_to_array_unique(mem_ctx,
+ &ad_token_sids[i],
+ &token_sids,
+ &num_token_sids));
+ if (!ADS_ERR_OK(status)) {
+ return status;
}
}
/* This sid will be replaced later */
- if (!add_sid_to_array_unique(mem_ctx, &global_sid_NULL, pp_sids, &num_sids)) {
- ret = NT_STATUS_NO_MEMORY;
+ ret = add_sid_to_array_unique(mem_ctx, &global_sid_NULL, pp_sids,
+ &num_sids);
+ if (!NT_STATUS_IS_OK(ret)) {
goto done;
}
ret = NT_STATUS_NO_MEMORY;
goto done;
}
- if (!add_sid_to_array_unique(mem_ctx, &sid, pp_sids,
- &num_sids)) {
- ret = NT_STATUS_NO_MEMORY;
+ ret = add_sid_to_array_unique(mem_ctx, &sid, pp_sids,
+ &num_sids);
+ if (!NT_STATUS_IS_OK(ret)) {
goto done;
}
}
for (i=0; i<count; i++) {
DOM_SID member;
+ NTSTATUS status;
if (!string_to_sid(&member, values[i]))
continue;
- if (!add_sid_to_array(NULL, &member, pp_members, &num_members)) {
+ status = add_sid_to_array(NULL, &member, pp_members,
+ &num_members);
+ if (!NT_STATUS_IS_OK(status)) {
ldap_value_free(values);
ldap_msgfree(result);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
}
printf("%s is not a legal SID\n", argv[i]);
return NT_STATUS_INVALID_PARAMETER;
}
- if (!add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids)) {
- return NT_STATUS_NO_MEMORY;
+ result = add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
}
}
num_groups = 0;
/* always add the primary group to the sid array */
- if (!add_sid_to_array(mem_ctx, primary_group, user_sids, &num_groups)) {
- status = NT_STATUS_NO_MEMORY;
+ status = add_sid_to_array(mem_ctx, primary_group, user_sids,
+ &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
if (sid_check_is_in_builtin(&group_sid)) {
continue;
}
-
- if (!add_sid_to_array(mem_ctx, &group_sid, user_sids,
- &num_groups)) {
- status = NT_STATUS_NO_MEMORY;
+
+ status = add_sid_to_array(mem_ctx, &group_sid,
+ user_sids, &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
}
num_groups = 0;
/* always add the primary group to the sid array */
- if (!add_sid_to_array(mem_ctx, primary_group, user_sids, &num_groups)) {
- status = NT_STATUS_NO_MEMORY;
+ status = add_sid_to_array(mem_ctx, primary_group, user_sids,
+ &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
if (sid_check_is_in_builtin(&group_sids[i])) {
continue;
}
-
- if (!add_sid_to_array(mem_ctx, &group_sids[i], user_sids,
- &num_groups)) {
- status = NT_STATUS_NO_MEMORY;
+
+ status = add_sid_to_array(mem_ctx, &group_sids[i], user_sids,
+ &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
*user_sids = NULL;
num_groups = 0;
- if (!add_sid_to_array(mem_ctx, &primary_group, user_sids, &num_groups)) {
- status = NT_STATUS_NO_MEMORY;
+ status = add_sid_to_array(mem_ctx, &primary_group, user_sids,
+ &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
if (sid_check_is_in_builtin(&sids[i])) {
continue;
}
-
- if (!add_sid_to_array_unique(mem_ctx, &sids[i],
- user_sids, &num_groups)) {
- status = NT_STATUS_NO_MEMORY;
+
+ status = add_sid_to_array_unique(mem_ctx, &sids[i],
+ user_sids, &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
}
DEBUG(0, ("Could not parse sid %s\n", p));
return False;
}
- if (!add_sid_to_array(mem_ctx, &sid, sids, num_sids)) {
+ if (!NT_STATUS_IS_OK(add_sid_to_array(mem_ctx, &sid, sids,
+ num_sids)))
+ {
return False;
}
p = q;
DEBUGADD(10, (" rid %d\n", alias_rids[i]));
sid_copy(&sid, &domain->sid);
sid_append_rid(&sid, alias_rids[i]);
- if (!add_sid_to_array(state->mem_ctx, &sid, &sids, &num_sids)) {
+ result = add_sid_to_array(state->mem_ctx, &sid, &sids,
+ &num_sids);
+ if (!NT_STATUS_IS_OK(result)) {
return WINBINDD_ERROR;
}
}
state->sids = NULL;
state->num_sids = 0;
- if (!add_sid_to_array(mem_ctx, &state->user_sid, &state->sids,
- &state->num_sids)) {
+ if (!NT_STATUS_IS_OK(add_sid_to_array(mem_ctx, &state->user_sid,
+ &state->sids, &state->num_sids)))
+ {
DEBUG(0, ("Out of memory\n"));
state->cont(state->private_data, False, NULL, 0);
return;
}
for (i=0; i<num_aliases; i++) {
- if (!add_sid_to_array(state->mem_ctx, &aliases[i],
- &state->sids, &state->num_sids)) {
+ if (!NT_STATUS_IS_OK(add_sid_to_array(state->mem_ctx,
+ &aliases[i],
+ &state->sids,
+ &state->num_sids)))
+ {
DEBUG(0, ("Out of memory\n"));
state->cont(state->private_data, False, NULL, 0);
return;
if ( name_types[j] == SID_NAME_DOM_GRP ||
name_types[j] == SID_NAME_ALIAS )
{
- bool ret;
-
- ret = add_sid_to_array_unique( ctx,
- &sid_mem[j],
- &new_groups,
- &new_groups_size );
- if ( !ret ) {
- status = NT_STATUS_NO_MEMORY;
+ status = add_sid_to_array_unique(ctx,
+ &sid_mem[j],
+ &new_groups,
+ &new_groups_size);
+ if (NT_STATUS_IS_OK(status)) {
goto out;
}
- continue;
+ continue;
}
}
return NT_STATUS_INVALID_PARAMETER;
}
- if (!add_sid_to_array(mem_ctx, &sid,
- &require_membership_of_sid,
- &num_require_membership_of_sid)) {
+ status = add_sid_to_array(mem_ctx, &sid,
+ &require_membership_of_sid,
+ &num_require_membership_of_sid);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("add_sid_to_array failed\n"));
TALLOC_FREE(frame);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
}
/* always add the primary group to the sid array */
sid_compose(&primary_group, &info3->dom_sid.sid, info3->user_rid);
- if (!add_sid_to_array(mem_ctx, &primary_group, user_sids, &num_groups)) {
+ status = add_sid_to_array(mem_ctx, &primary_group, user_sids,
+ &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(info3);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
for (i=0; i<info3->num_groups; i++) {
sid_copy(&group_sid, &info3->dom_sid.sid);
sid_append_rid(&group_sid, info3->gids[i].g_rid);
- if (!add_sid_to_array(mem_ctx, &group_sid, user_sids,
- &num_groups)) {
+ status = add_sid_to_array(mem_ctx, &group_sid, user_sids,
+ &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(info3);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
}
if (info3->other_sids_attrib[i] & SE_GROUP_RESOURCE)
continue;
- if (!add_sid_to_array(mem_ctx, &info3->other_sids[i].sid,
- user_sids, &num_groups))
- {
+ status = add_sid_to_array(mem_ctx, &info3->other_sids[i].sid,
+ user_sids, &num_groups);
+ if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(info3);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
}