bool sid_peek_rid(const struct dom_sid *sid, uint32_t *rid);
bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid *sid, uint32_t *rid);
void sid_copy(struct dom_sid *dst, const struct dom_sid *src);
-bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid);
+struct sid_parse_ret { ssize_t len; };
+struct sid_parse_ret sid_parse(
+ const uint8_t *inbuf, size_t len, struct dom_sid *sid);
int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2);
NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
struct dom_sid **sids, uint32_t *num);
Parse a on-the-wire SID to a struct dom_sid.
*****************************************************************/
-bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid)
+struct sid_parse_ret sid_parse(
+ const uint8_t *inbuf, size_t len, struct dom_sid *sid)
{
DATA_BLOB in = data_blob_const(inbuf, len);
enum ndr_err_code ndr_err;
ndr_err = ndr_pull_struct_blob_all(
&in, NULL, sid, (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- return false;
+ return (struct sid_parse_ret) { .len = -1 };
}
- return true;
+ return (struct sid_parse_ret) { .len = ndr_size_dom_sid(sid, 0) };
}
/*****************************************************************
struct dom_sid *sid)
{
DATA_BLOB blob;
- bool ret;
+ struct sid_parse_ret ret;
if (!smbldap_talloc_single_blob(talloc_tos(), ld, msg, attrib,
&blob)) {
}
ret = sid_parse(blob.data, blob.length, sid);
TALLOC_FREE(blob.data);
- return ret;
+ return (ret.len != -1);
}
static int ldapmsg_destructor(LDAPMessage **result) {
struct dom_sid *sid)
{
DATA_BLOB val;
+ struct sid_parse_ret ret;
if (!tldap_get_single_valueblob(msg, attribute, &val)) {
return false;
}
- return sid_parse(val.data, val.length, sid);
+ ret = sid_parse(val.data, val.length, sid);
+ return (ret.len != -1);
}
bool tldap_pull_guid(struct tldap_message *msg, const char *attribute,
{
int i;
for (i=0; values[i]; i++) {
+ struct sid_parse_ret ret;
struct dom_sid sid;
struct dom_sid_buf tmp;
- if (!sid_parse((const uint8_t *)values[i]->bv_val,
- values[i]->bv_len, &sid)) {
+ ret = sid_parse((const uint8_t *)values[i]->bv_val,
+ values[i]->bv_len, &sid);
+ if (ret.len == -1) {
return;
}
printf("%s: %s\n", field, dom_sid_str_buf(&sid, &tmp));
LDAPMessage *msg, const char *field, struct dom_sid **sids)
{
struct berval **values;
- bool ret;
int count, i;
values = ldap_get_values_len(ads->ldap.ld, msg, field);
count = 0;
for (i=0; values[i]; i++) {
+ struct sid_parse_ret ret;
ret = sid_parse((const uint8_t *)values[i]->bv_val,
values[i]->bv_len, &(*sids)[count]);
- if (ret) {
+ if (ret.len != -1) {
struct dom_sid_buf buf;
DBG_DEBUG("pulling SID: %s\n",
dom_sid_str_buf(&(*sids)[count], &buf));
}
break;
case ADS_EXTENDED_DN_HEX_STRING: {
+ struct sid_parse_ret ret;
fstring buf;
size_t buf_len;
return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
- if (!sid_parse((const uint8_t *)buf, buf_len, sid)) {
+ ret = sid_parse((const uint8_t *)buf, buf_len, sid);
+ if (ret.len == -1) {
DEBUG(10,("failed to parse sid\n"));
return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
*
* but I have to check that --metze
*/
+ struct sid_parse_ret ret;
struct dom_sid sid;
struct dom_sid_buf buf;
uid_t uid;
/* unknown 4 bytes: this is not the length of the sid :-( */
/*unknown = IVAL(pdata,0);*/
- if (!sid_parse(_in_data + 4, sid_len, &sid)) {
+ ret = sid_parse(_in_data + 4, sid_len, &sid);
+ if (ret.len == -1) {
return NT_STATUS_INVALID_PARAMETER;
}
DEBUGADD(10, ("for SID: %s\n",
}
static bool run_local_binary_to_sid(int dummy) {
+ struct sid_parse_ret ret;
struct dom_sid *sid = talloc(NULL, struct dom_sid);
static const uint8_t good_binary_sid[] = {
0x1, /* revision number */
0x1, 0x1, 0x1, 0x1, /* auth[31] */
};
- if (!sid_parse(good_binary_sid, sizeof(good_binary_sid), sid)) {
+ ret = sid_parse(good_binary_sid, sizeof(good_binary_sid), sid);
+ if (ret.len == -1) {
return false;
}
- if (sid_parse(long_binary_sid2, sizeof(long_binary_sid2), sid)) {
+ ret = sid_parse(long_binary_sid2, sizeof(long_binary_sid2), sid);
+ if (ret.len != -1) {
return false;
}
- if (sid_parse(long_binary_sid, sizeof(long_binary_sid), sid)) {
+ ret = sid_parse(long_binary_sid, sizeof(long_binary_sid), sid);
+ if (ret.len != -1) {
return false;
}
return true;
struct dom_sid *samdb_result_dom_sid(TALLOC_CTX *mem_ctx, const struct ldb_message *msg,
const char *attr)
{
- bool ok;
+ struct sid_parse_ret ret;
const struct ldb_val *v;
struct dom_sid *sid;
v = ldb_msg_find_ldb_val(msg, attr);
if (sid == NULL) {
return NULL;
}
- ok = sid_parse(v->data, v->length, sid);
- if (!ok) {
+ ret = sid_parse(v->data, v->length, sid);
+ if (ret.len == -1) {
talloc_free(sid);
return NULL;
}
case LDB_REPLY_ENTRY:
{
struct dsdb_count_domain_context *context = NULL;
- bool ok, in_domain;
+ struct sid_parse_ret ret;
+ bool in_domain;
struct dom_sid sid;
const struct ldb_val *v;
break;
}
- ok = sid_parse(v->data, v->length, &sid);
- if (!ok) {
+ ret = sid_parse(v->data, v->length, &sid);
+ if (ret.len == -1) {
break;
}
for (i = 0; i < el->num_values; i++) {
struct dom_sid *sid = talloc(torture, struct dom_sid);
+ struct sid_parse_ret ret;
torture_assert(torture, sid != NULL, "talloc failed");
-
+
+ ret = sid_parse(el->values[i].data,
+ el->values[i].length, sid);
torture_assert(torture,
- sid_parse(el->values[i].data,
- el->values[i].length, sid),
+ ret.len != -1,
"sid parse failed");
torture_assert_str_equal(torture, dom_sid_string(sid, sid), dom_sid_string(sid, whoami->sid_list[i]), "SID from LDAP and SID from CIFS does not match!");
talloc_free(sid);
struct dom_sid *dom_sid = talloc(torture, struct dom_sid);
struct dom_sid *dc_sids = talloc_array(torture, struct dom_sid, el->num_values);
struct dom_sid *member_sids = talloc_array(torture, struct dom_sid, whoami->num_sids);
+ struct sid_parse_ret ret;
torture_assert(torture, user_sid != NULL, "talloc failed");
- torture_assert(torture, sid_parse(el->values[0].data,
- el->values[0].length,
- user_sid),
+ ret = sid_parse(el->values[0].data,
+ el->values[0].length,
+ user_sid);
+ torture_assert(torture,
+ ret.len != -1,
"sid parse failed");
torture_assert_ntstatus_equal(torture, dom_sid_split_rid(torture, user_sid, &dom_sid, NULL), NT_STATUS_OK, "failed to split domain SID from user SID");
for (i = 0; i < el->num_values; i++) {
struct dom_sid *sid = talloc(dc_sids, struct dom_sid);
torture_assert(torture, sid != NULL, "talloc failed");
-
+
+ ret = sid_parse(el->values[i].data,
+ el->values[i].length,
+ sid);
torture_assert(torture,
- sid_parse(el->values[i].data,
- el->values[i].length,
- sid),
+ ret.len != -1,
"sid parse failed");
if (dom_sid_in_domain(dom_sid, sid)) {
dc_sids[num_domain_sids_dc] = *sid;