Ignore:
Timestamp:
Apr 25, 2007, 9:44:55 AM (14 years ago)
Author:
Paul Smedley
Message:

Code updated to Samba 3.0.25rc2 level

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/samba/source/nsswitch/winbindd_sid.c

    r1 r30  
    184184}
    185185
     186static void sid2uid_lookupsid_recv( void *private_data, BOOL success,
     187                                    const char *domain_name,
     188                                    const char *name,
     189                                    enum lsa_SidType type)
     190{
     191        struct winbindd_cli_state *state =
     192                talloc_get_type_abort(private_data, struct winbindd_cli_state);
     193        DOM_SID sid;
     194
     195        if (!success) {
     196                DEBUG(5, ("sid2uid_lookupsid_recv Could not convert get sid type for %s\n",
     197                          state->request.data.sid));
     198                request_error(state);
     199                return;
     200        }
     201
     202        if ( (type!=SID_NAME_USER) && (type!=SID_NAME_COMPUTER) ) {
     203                DEBUG(5,("sid2uid_lookupsid_recv: Sid %s is not a user or a computer.\n",
     204                         state->request.data.sid));
     205                request_error(state);
     206                return;         
     207        }
     208
     209        if (!string_to_sid(&sid, state->request.data.sid)) {
     210                DEBUG(1, ("sid2uid_lookupsid_recv: Could not get convert sid %s from string\n",
     211                          state->request.data.sid));
     212                request_error(state);
     213                return;
     214        }
     215       
     216        /* always use the async interface (may block) */
     217        winbindd_sid2uid_async(state->mem_ctx, &sid, sid2uid_recv, state);
     218}
     219
    186220void winbindd_sid_to_uid(struct winbindd_cli_state *state)
    187221{
     
    201235        }
    202236
    203         /* always use the async interface (may block) */
    204         winbindd_sid2uid_async(state->mem_ctx, &sid, sid2uid_recv, state);
     237        /* Validate the SID as a user.  Hopefully this will hit cache.
     238           Needed to prevent DoS by exhausting the uid allocation
     239           range from random SIDs. */
     240
     241        winbindd_lookupsid_async( state->mem_ctx, &sid, sid2uid_lookupsid_recv, state );
    205242}
    206243
     
    224261}
    225262
     263static void sid2gid_lookupsid_recv( void *private_data, BOOL success,
     264                                    const char *domain_name,
     265                                    const char *name,
     266                                    enum lsa_SidType type)
     267{
     268        struct winbindd_cli_state *state =
     269                talloc_get_type_abort(private_data, struct winbindd_cli_state);
     270        DOM_SID sid;
     271
     272        if (!success) {
     273                DEBUG(5, ("sid2gid_lookupsid_recv: Could not convert get sid type for %s\n",
     274                          state->request.data.sid));
     275                request_error(state);
     276                return;
     277        }
     278
     279        if ( (type!=SID_NAME_DOM_GRP) &&
     280             (type!=SID_NAME_ALIAS) &&
     281             (type!=SID_NAME_WKN_GRP) )
     282        {
     283                DEBUG(5,("sid2gid_lookupsid_recv: Sid %s is not a group.\n",
     284                         state->request.data.sid));
     285                request_error(state);
     286                return;         
     287        }
     288
     289        if (!string_to_sid(&sid, state->request.data.sid)) {
     290                DEBUG(1, ("sid2gid_lookupsid_recv: Could not get convert sid %s from string\n",
     291                          state->request.data.sid));
     292                request_error(state);
     293                return;
     294        }
     295       
     296        /* always use the async interface (may block) */
     297        winbindd_sid2gid_async(state->mem_ctx, &sid, sid2gid_recv, state);
     298}
     299
    226300void winbindd_sid_to_gid(struct winbindd_cli_state *state)
    227301{
     
    241315        }
    242316
    243         /* always use the async interface (may block) */
    244         winbindd_sid2gid_async(state->mem_ctx, &sid, sid2gid_recv, state);
     317        /* Validate the SID as a group.  Hopefully this will hit cache.
     318           Needed to prevent DoS by exhausting the uid allocation
     319           range from random SIDs. */
     320
     321        winbindd_lookupsid_async( state->mem_ctx, &sid, sid2gid_lookupsid_recv, state );       
    245322}
    246323
Note: See TracChangeset for help on using the changeset viewer.