From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Mon, 11 Sep 2023 03:26:41 +0000 (+1200)
Subject: s4:auth: Use Anonymous and System SID constants
X-Git-Tag: tevent-0.16.0~381
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e6bb3a347f06720b1ad9322bf5d590ea360a1609;p=thirdparty%2Fsamba.git

s4:auth: Use Anonymous and System SID constants

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/auth/session.c b/source4/auth/session.c
index 9e893ec3e92..ba4541bd418 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -62,26 +62,12 @@ _PUBLIC_ NTSTATUS auth_generate_security_token(TALLOC_CTX *mem_ctx,
 	uint32_t num_sids = 0;
 	const char *filter = NULL;
 	struct auth_SidAttr *sids = NULL;
-	const struct dom_sid *anonymous_sid = NULL;
-	const struct dom_sid *system_sid = NULL;
 
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 	if (tmp_ctx == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	anonymous_sid = dom_sid_parse_talloc(tmp_ctx, SID_NT_ANONYMOUS);
-	if (anonymous_sid == NULL) {
-		TALLOC_FREE(tmp_ctx);
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	system_sid = dom_sid_parse_talloc(tmp_ctx, SID_NT_SYSTEM);
-	if (system_sid == NULL) {
-		TALLOC_FREE(tmp_ctx);
-		return NT_STATUS_NO_MEMORY;
-	}
-
 	sids = talloc_array(tmp_ctx, struct auth_SidAttr, user_info_dc->num_sids);
 	if (sids == NULL) {
 		TALLOC_FREE(tmp_ctx);
@@ -144,9 +130,9 @@ _PUBLIC_ NTSTATUS auth_generate_security_token(TALLOC_CTX *mem_ctx,
 	}
 
 
-	if (num_sids > PRIMARY_USER_SID_INDEX && dom_sid_equal(anonymous_sid, &sids[PRIMARY_USER_SID_INDEX].sid)) {
+	if (num_sids > PRIMARY_USER_SID_INDEX && dom_sid_equal(&global_sid_Anonymous, &sids[PRIMARY_USER_SID_INDEX].sid)) {
 		/* Don't expand nested groups of system, anonymous etc*/
-	} else if (num_sids > PRIMARY_USER_SID_INDEX && dom_sid_equal(system_sid, &sids[PRIMARY_USER_SID_INDEX].sid)) {
+	} else if (num_sids > PRIMARY_USER_SID_INDEX && dom_sid_equal(&global_sid_System, &sids[PRIMARY_USER_SID_INDEX].sid)) {
 		/* Don't expand nested groups of system, anonymous etc*/
 	} else if (sam_ctx != NULL) {
 		filter = talloc_asprintf(tmp_ctx, "(&(objectClass=group)(groupType:"LDB_OID_COMPARATOR_AND":=%u))",