Ignore:
Timestamp:
Apr 25, 2007, 9:44:55 AM (14 years ago)
Author:
Paul Smedley
Message:

Code updated to Samba 3.0.25rc2 level

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/samba/source/nsswitch/idmap_rid.c

    r1 r30  
    3838 *****************************************************************************/
    3939
    40 static NTSTATUS idmap_rid_initialize(struct idmap_domain *dom, const char *compat_params)
     40static NTSTATUS idmap_rid_initialize(struct idmap_domain *dom)
    4141{
    4242        NTSTATUS ret;
     
    8787static NTSTATUS idmap_rid_id_to_sid(TALLOC_CTX *memctx, struct idmap_rid_context *ctx, struct id_map *map)
    8888{
    89         const char *domname, *name;
    90         enum lsa_SidType sid_type;
    91         BOOL ret;
    9289        struct winbindd_domain *domain;
    9390
     
    105102        sid_compose(map->sid, &domain->sid, map->xid.id - ctx->low_id + ctx->base_rid);
    106103
    107         /* by default calls to winbindd are disabled
    108            the following call will not recurse so this is safe */
    109         winbind_on();
    110         ret = winbind_lookup_sid(memctx, map->sid, &domname, &name, &sid_type);
    111         winbind_off();
    112 
    113         if (ret) {
    114                 switch (sid_type) {
    115                 case SID_NAME_USER:
    116                         if (map->xid.type != ID_TYPE_UID) {
    117                                 /* wrong type */
    118                                 map->status = ID_UNMAPPED;
    119                                 DEBUG(5, ("Resulting SID is of wrong ID type\n"));
    120                                 return NT_STATUS_NONE_MAPPED;
    121                         }
    122                         break;
    123                 case SID_NAME_DOM_GRP:
    124                 case SID_NAME_ALIAS:
    125                 case SID_NAME_WKN_GRP:
    126                         if (map->xid.type != ID_TYPE_GID) {
    127                                 /* wrong type */
    128                                 map->status = ID_UNMAPPED;
    129                                 DEBUG(5, ("Resulting SID is of wrong ID type\n"));
    130                                 return NT_STATUS_NONE_MAPPED;
    131                         }
    132                         break;
    133                 default:
    134                         /* invalid sid?? */
    135                         map->status = ID_UNKNOWN;
    136                         DEBUG(10, ("SID %s is UNKNOWN, skip mapping\n", sid_string_static(map->sid)));
    137                         return NT_STATUS_NONE_MAPPED;
    138                 }
    139         } else {
    140                 /* TODO: how do we known if the lookup was negative
    141                  * or something just failed? */
    142                 map->status = ID_UNMAPPED;
    143                 DEBUG(2, ("Failed: to resolve SID\n"));
    144                 return NT_STATUS_UNSUCCESSFUL;
    145         }
     104        /* We **really** should have some way of validating
     105           the SID exists and is the correct type here.  But
     106           that is a deficiency in the idmap_rid design. */
    146107
    147108        map->status = ID_MAPPED;
     
    156117static NTSTATUS idmap_rid_sid_to_id(TALLOC_CTX *memctx, struct idmap_rid_context *ctx, struct id_map *map)
    157118{
    158         const char *domname, *name;
    159         enum lsa_SidType sid_type;
    160119        uint32_t rid;
    161         BOOL ret;
    162120
    163121        sid_peek_rid(map->sid, &rid);
    164122        map->xid.id = rid - ctx->base_rid + ctx->low_id;
    165123
    166         /* by default calls to winbindd are disabled
    167            the following call will not recurse so this is safe */
    168         winbind_on();
    169         /* check if this is a valid SID and set the type */
    170         ret = winbind_lookup_sid(memctx, map->sid, &domname, &name, &sid_type);
    171         winbind_off();
    172 
    173         if (ret) {
    174                 switch (sid_type) {
    175                 case SID_NAME_USER:
    176                         map->xid.type = ID_TYPE_UID;
    177                         break;
    178                 case SID_NAME_DOM_GRP:
    179                 case SID_NAME_ALIAS:
    180                 case SID_NAME_WKN_GRP:
    181                         map->xid.type = ID_TYPE_GID;
    182                         break;
    183                 default:
    184                         /* invalid sid, let's just leave it unmapped */
    185                         DEBUG(10, ("SID %s is UNKNOWN, skip mapping\n", sid_string_static(map->sid)));
    186                         map->status = ID_UNKNOWN;
    187                         return NT_STATUS_NONE_MAPPED;
    188                 }
    189         } else {
    190                 /* TODO: how do we known if the lookup was negative
    191                  * or something just failed? */
    192                 map->status = ID_UNMAPPED;
    193                 DEBUG(2, ("Failed: to resolve SID\n"));
    194                 return NT_STATUS_UNSUCCESSFUL;
    195         }
    196 
    197124        /* apply filters before returning result */
     125
    198126        if ((map->xid.id < ctx->low_id) || (map->xid.id > ctx->high_id)) {
    199127                DEBUG(5, ("Requested id (%u) out of range (%u - %u). Filtered!\n",
     
    202130                return NT_STATUS_NONE_MAPPED;
    203131        }
     132
     133        /* We **really** should have some way of validating
     134           the SID exists and is the correct type here.  But
     135           that is a deficiency in the idmap_rid design. */
    204136
    205137        map->status = ID_MAPPED;
Note: See TracChangeset for help on using the changeset viewer.