char *filter = NULL;
/* SIDs for the account and his primary group */
struct dom_sid *account_sid;
- const char *primary_group_string;
+ struct dom_sid_buf buf;
const char *primary_group_dn;
DATA_BLOB primary_group_blob;
/* SID structures for the expanded group memberships */
return status;
}
- primary_group_string = dom_sid_string(tmp_ctx, &sids[PRIMARY_GROUP_SID_INDEX]);
- if (primary_group_string == NULL) {
- TALLOC_FREE(user_info_dc);
- return NT_STATUS_NO_MEMORY;
- }
-
- primary_group_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", primary_group_string);
+ primary_group_dn = talloc_asprintf(
+ tmp_ctx,
+ "<SID=%s>",
+ dom_sid_str_buf(&sids[PRIMARY_GROUP_SID_INDEX], &buf));
if (primary_group_dn == NULL) {
TALLOC_FREE(user_info_dc);
return NT_STATUS_NO_MEMORY;
"(&(objectSid=%s)(objectClass=domain))",
ldap_encode_ndr_dom_sid(tmp_ctx, domain_sid));
if (!domain_dn) {
+ struct dom_sid_buf buf;
DEBUG(3, ("authsam_get_user_info_dc_principal: Failed to find domain with: SID %s\n",
- dom_sid_string(tmp_ctx, domain_sid)));
+ dom_sid_str_buf(domain_sid, &buf)));
return NT_STATUS_NO_SUCH_USER;
}
/* Search for each group in the token */
for (i = 0; i < num_sids; i++) {
- char *sid_string;
+ struct dom_sid_buf buf;
const char *sid_dn;
DATA_BLOB sid_blob;
- sid_string = dom_sid_string(tmp_ctx,
- &sids[i]);
- if (sid_string == NULL) {
- TALLOC_FREE(user_info_dc);
- return NT_STATUS_NO_MEMORY;
- }
-
- sid_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", sid_string);
- talloc_free(sid_string);
+ sid_dn = talloc_asprintf(
+ tmp_ctx,
+ "<SID=%s>",
+ dom_sid_str_buf(&sids[i], &buf));
if (sid_dn == NULL) {
TALLOC_FREE(user_info_dc);
return NT_STATUS_NO_MEMORY;
} else if (ids[0].xid.type == ID_TYPE_UID) {
(*sec)->uid = ids[0].xid.id;
} else {
- char *sid_str = dom_sid_string(mem_ctx, ids[0].sid);
+ struct dom_sid_buf buf;
DEBUG(0, ("Unable to convert first SID (%s) in user token to a UID. Conversion was returned as type %d, full token:\n",
- sid_str, (int)ids[0].xid.type));
+ dom_sid_str_buf(ids[0].sid, &buf),
+ (int)ids[0].xid.type));
security_token_debug(DBGC_AUTH, 0, token);
- talloc_free(sid_str);
return NT_STATUS_INVALID_SID;
}
(*sec)->groups[g] = ids[1].xid.id;
g++;
} else {
- char *sid_str = dom_sid_string(mem_ctx, ids[1].sid);
+ struct dom_sid_buf buf;
DEBUG(0, ("Unable to convert second SID (%s) in user token to a GID. Conversion was returned as type %d, full token:\n",
- sid_str, (int)ids[1].xid.type));
+ dom_sid_str_buf(ids[1].sid, &buf),
+ (int)ids[1].xid.type));
security_token_debug(DBGC_AUTH, 0, token);
- talloc_free(sid_str);
return NT_STATUS_INVALID_SID;
}
(*sec)->groups[g] = ids[s].xid.id;
g++;
} else {
- char *sid_str = dom_sid_string(mem_ctx, ids[s].sid);
+ struct dom_sid_buf buf;
DEBUG(0, ("Unable to convert SID (%s) at index %u in user token to a GID. Conversion was returned as type %d, full token:\n",
- sid_str, (unsigned int)s, (int)ids[s].xid.type));
+ dom_sid_str_buf(ids[s].sid, &buf),
+ (unsigned int)s, (int)ids[s].xid.type));
security_token_debug(DBGC_AUTH, 0, token);
- talloc_free(sid_str);
return NT_STATUS_INVALID_SID;
}
}