]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
rpc_server: Simplify open_np_file()
authorVolker Lendecke <vl@samba.org>
Tue, 17 Aug 2021 18:37:04 +0000 (20:37 +0200)
committerJeremy Allison <jra@samba.org>
Tue, 24 Aug 2021 17:32:28 +0000 (17:32 +0000)
No need to go via a string to create the SID describing the SMB3
encryption, we can directly use sid_append_rid().

This by the way fixes a bug: SID_MAX_SIZE is the maximum length of the
binary SID, not the maximum string length for a SID.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
source3/smbd/pipes.c

index 4338971d7fac5011effdd10a73887fba2e8caa03..76d5348d8d38e5dab7d119a3966204bee99500e6 100644 (file)
@@ -77,12 +77,9 @@ NTSTATUS open_np_file(struct smb_request *smb_req, const char *name,
                uint16_t dialect = xconn->smb2.server.dialect;
                uint16_t srv_smb_encrypt = DCERPC_SMB_ENCRYPTION_REQUIRED;
                uint16_t cipher = xconn->smb2.server.cipher;
-               char smb3_sid_str[SID_MAX_SIZE];
-               struct dom_sid smb3_dom_sid;
                struct dom_sid smb3_sid;
                uint32_t i;
                bool ok;
-               int rc;
 
                session_info = copy_session_info(fsp, conn->session_info);
                if (session_info == NULL) {
@@ -92,7 +89,7 @@ NTSTATUS open_np_file(struct smb_request *smb_req, const char *name,
                }
                security_token = session_info->security_token;
 
-               ok = dom_sid_parse(SID_SAMBA_SMB3, &smb3_dom_sid);
+               ok = dom_sid_parse(SID_SAMBA_SMB3, &smb3_sid);
                if (!ok) {
                        file_free(smb_req, fsp);
                        return NT_STATUS_BUFFER_TOO_SMALL;
@@ -107,7 +104,7 @@ NTSTATUS open_np_file(struct smb_request *smb_req, const char *name,
                        int cmp;
 
                        cmp = dom_sid_compare_domain(&security_token->sids[i],
-                                                    &smb3_dom_sid);
+                                                    &smb3_sid);
                        if (cmp == 0) {
                                DBG_ERR("ERROR: An SMB3 SID has already been "
                                        "detected in the security token!\n");
@@ -116,24 +113,14 @@ NTSTATUS open_np_file(struct smb_request *smb_req, const char *name,
                        }
                }
 
-               rc = snprintf(smb3_sid_str,
-                             sizeof(smb3_sid_str),
-                             "%s-%u-%u-%u",
-                             SID_SAMBA_SMB3,
-                             dialect,
-                             srv_smb_encrypt,
-                             cipher);
-               if (rc < 0) {
-                       DBG_ERR("Buffer too small\n");
-                       file_free(smb_req, fsp);
-                       return NT_STATUS_BUFFER_TOO_SMALL;
-               }
+               ok = sid_append_rid(&smb3_sid, dialect);
+               ok &= sid_append_rid(&smb3_sid, srv_smb_encrypt);
+               ok &= sid_append_rid(&smb3_sid, cipher);
 
-               ok = dom_sid_parse(smb3_sid_str, &smb3_sid);
                if (!ok) {
-                       DBG_ERR("Failed to parse SMB3 SID\n");
+                       DBG_ERR("sid too small\n");
                        file_free(smb_req, fsp);
-                       return NT_STATUS_INVALID_PARAMETER;
+                       return NT_STATUS_BUFFER_TOO_SMALL;
                }
 
                status = add_sid_to_array_unique(security_token,