This should also give us a slight performance boost as we do
not convert the whole SID to a string many times over.

Simo.

-- 
Simo Sorce * Red Hat, Inc. * New York
From f35d58981f46e5d4dba6688ee0334ca6cea90898 Mon Sep 17 00:00:00 2001
From: Simo Sorce <sso...@redhat.com>
Date: Mon, 24 Sep 2012 00:37:23 -0400
Subject: [PATCH] Simplify get_group_sids

---
 daemons/ipa-kdb/ipa_kdb_mspac.c | 45 ++++++++++-------------------------------
 1 file changed, 11 insertions(+), 34 deletions(-)

diff --git a/daemons/ipa-kdb/ipa_kdb_mspac.c b/daemons/ipa-kdb/ipa_kdb_mspac.c
index b5346fed1230d02a88c94ab913507112990a1651..fe16518f6d5e13c08df951834f7ce6ac54ac4a56 100644
--- a/daemons/ipa-kdb/ipa_kdb_mspac.c
+++ b/daemons/ipa-kdb/ipa_kdb_mspac.c
@@ -636,29 +636,6 @@ static bool is_cross_realm_krbtgt(krb5_const_principal princ)
     return true;
 }
 
-static char *gen_sid_string(TALLOC_CTX *memctx, struct dom_sid *dom_sid,
-                            uint32_t rid)
-{
-    char *str = NULL;
-    int ret;
-
-    ret = sid_append_rid(dom_sid, rid);
-    if (ret != 0) {
-        krb5_klog_syslog(LOG_ERR, "sid_append_rid failed");
-        return NULL;
-    }
-
-    str = dom_sid_string(memctx, dom_sid);
-    ret = sid_split_rid(dom_sid, NULL);
-    if (ret != 0) {
-        krb5_klog_syslog(LOG_ERR, "sid_split_rid failed");
-        talloc_free(str);
-        return NULL;
-    }
-
-    return str;
-}
-
 static int get_group_sids(TALLOC_CTX *memctx,
                           struct PAC_LOGON_INFO_CTR *logon_info,
                           char ***_group_sids)
@@ -666,12 +643,12 @@ static int get_group_sids(TALLOC_CTX *memctx,
     int ret;
     size_t c;
     size_t p = 0;
-    struct dom_sid *domain_sid = NULL;
     char **group_sids = NULL;
+    char *dom_sid;
 
-    domain_sid = dom_sid_dup(memctx, logon_info->info->info3.base.domain_sid);
-    if (domain_sid == NULL) {
-        krb5_klog_syslog(LOG_ERR, "dom_sid_dup failed");
+    dom_sid = dom_sid_string(memctx, logon_info->info->info3.base.domain_sid);
+    if (dom_sid == NULL) {
+        krb5_klog_syslog(LOG_ERR, "dom_sid_string failed");
         ret = ENOMEM;
         goto done;
     }
@@ -686,20 +663,20 @@ static int get_group_sids(TALLOC_CTX *memctx,
         goto done;
     }
 
-    group_sids[p] = gen_sid_string(memctx, domain_sid,
-                                  logon_info->info->info3.base.primary_gid);
+    group_sids[p] = talloc_asprintf(memctx, "%s-%lu", dom_sid,
+                                    logon_info->info->info3.base.primary_gid);
     if (group_sids[p] == NULL) {
-        krb5_klog_syslog(LOG_ERR, "gen_sid_string failed");
+        krb5_klog_syslog(LOG_ERR, "failed to convert pgid to string");
         ret = EINVAL;
         goto done;
     }
     p++;
 
     for (c = 0; c < logon_info->info->info3.base.groups.count; c++) {
-        group_sids[p] = gen_sid_string(memctx, domain_sid,
-                               logon_info->info->info3.base.groups.rids[c].rid);
+        group_sids[p] = talloc_asprintf(memctx, "%s-%lu", dom_sid,
+                            logon_info->info->info3.base.groups.rids[c].rid);
         if (group_sids[p] == NULL) {
-        krb5_klog_syslog(LOG_ERR, "gen_sid_string 2 failed");
+        krb5_klog_syslog(LOG_ERR, "failed to convert group sid to string");
             ret = EINVAL;
             goto done;
         }
@@ -722,7 +699,7 @@ static int get_group_sids(TALLOC_CTX *memctx,
 
     ret = 0;
 done:
-    talloc_free(domain_sid);
+    talloc_free(dom_sid);
     if (ret != 0) {
         talloc_free(group_sids);
     }
-- 
1.7.11.4

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to