Changeset 740 for vendor/current/source4/winbind/idmap.c
- Timestamp:
- Nov 14, 2012, 12:59:34 PM (12 years ago)
- File:
-
- 1 edited
-
vendor/current/source4/winbind/idmap.c (modified) (17 diffs)
Legend:
- Unmodified
- Added
- Removed
-
TabularUnified vendor/current/source4/winbind/idmap.c ¶
r414 r740 22 22 #include "includes.h" 23 23 #include "auth/auth.h" 24 #include "librpc/gen_ndr/lsa.h"25 #include "librpc/gen_ndr/samr.h"26 24 #include "librpc/gen_ndr/ndr_security.h" 27 #include "lib/ldb/include/ldb.h" 28 #include "lib/ldb/include/ldb_errors.h" 29 #include "lib/ldb_wrap.h" 25 #include <ldb.h> 26 #include "ldb_wrap.h" 30 27 #include "param/param.h" 31 28 #include "winbind/idmap.h" … … 101 98 enum ndr_err_code ndr_err; 102 99 103 ndr_err = ndr_push_struct_blob(&val, mem_ctx, 104 lp_iconv_convenience(idmap_ctx->lp_ctx), 105 sid, 100 ndr_err = ndr_push_struct_blob(&val, mem_ctx, sid, 106 101 (ndr_push_flags_fn_t)ndr_push_dom_sid); 107 102 … … 138 133 } 139 134 140 ndr_err = ndr_pull_struct_blob(val, sid, NULL,sid,135 ndr_err = ndr_pull_struct_blob(val, sid, sid, 141 136 (ndr_pull_flags_fn_t)ndr_pull_dom_sid); 142 137 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { … … 158 153 struct idmap_context *idmap_init(TALLOC_CTX *mem_ctx, 159 154 struct tevent_context *ev_ctx, 160 struct loadparm_context *lp_ctx)155 struct loadparm_context *lp_ctx) 161 156 { 162 157 struct idmap_context *idmap_ctx; … … 170 165 171 166 idmap_ctx->ldb_ctx = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx, 172 lp _idmap_url(lp_ctx),173 system_session( mem_ctx,lp_ctx),174 NULL, 0 , NULL);167 lpcfg_idmap_url(lp_ctx), 168 system_session(lp_ctx), 169 NULL, 0); 175 170 if (idmap_ctx->ldb_ctx == NULL) { 176 171 return NULL; … … 203 198 */ 204 199 205 NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx, TALLOC_CTX *mem_ctx, 206 const struct unixid *unixid, struct dom_sid **sid) 200 static NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx, 201 TALLOC_CTX *mem_ctx, 202 const struct unixid *unixid, 203 struct dom_sid **sid) 207 204 { 208 205 int ret; … … 222 219 break; 223 220 default: 224 DEBUG(1, ("unixid->type must be type gid or uid\n")); 221 DEBUG(1, ("unixid->type must be type gid or uid (got %u) for lookup with id %lu\n", 222 (unsigned)unixid->type, (unsigned long)unixid->id)); 225 223 status = NT_STATUS_NONE_MAPPED; 226 224 goto failed; … … 282 280 * If no mapping exists, a new mapping will be created. 283 281 * 284 * \todo Check if SIDs can be resolved if lp _idmap_trusted_only() == true282 * \todo Check if SIDs can be resolved if lpcfg_idmap_trusted_only() == true 285 283 * \todo Fix backwards compatibility for Samba3 286 284 * … … 288 286 * \param mem_ctx talloc context to use 289 287 * \param sid SID to map to an unixid struct 290 * \param unixid pointer to a unixid struct pointer288 * \param unixid pointer to a unixid struct 291 289 * \return NT_STATUS_OK on success, NT_STATUS_INVALID_SID if the sid is not from 292 290 * a trusted domain and idmap trusted only = true, NT_STATUS_NONE_MAPPED if the 293 291 * mapping failed. 294 292 */ 295 NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx, TALLOC_CTX *mem_ctx, 296 const struct dom_sid *sid, struct unixid **unixid) 293 static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx, 294 TALLOC_CTX *mem_ctx, 295 const struct dom_sid *sid, 296 struct unixid *unixid) 297 297 { 298 298 int ret; … … 312 312 DEBUG(6, ("This is a local unix uid, just calculate that.\n")); 313 313 status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid); 314 if (!NT_STATUS_IS_OK(status)) goto failed; 315 316 *unixid = talloc(mem_ctx, struct unixid); 317 if (*unixid == NULL) { 318 status = NT_STATUS_NO_MEMORY; 319 goto failed; 320 } 321 (*unixid)->id = rid; 322 (*unixid)->type = ID_TYPE_UID; 314 if (!NT_STATUS_IS_OK(status)) { 315 talloc_free(tmp_ctx); 316 return status; 317 } 318 319 unixid->id = rid; 320 unixid->type = ID_TYPE_UID; 323 321 324 322 talloc_free(tmp_ctx); … … 330 328 DEBUG(6, ("This is a local unix gid, just calculate that.\n")); 331 329 status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid); 332 if (!NT_STATUS_IS_OK(status)) goto failed; 333 334 *unixid = talloc(mem_ctx, struct unixid); 335 if (*unixid == NULL) { 336 status = NT_STATUS_NO_MEMORY; 337 goto failed; 338 } 339 (*unixid)->id = rid; 340 (*unixid)->type = ID_TYPE_GID; 330 if (!NT_STATUS_IS_OK(status)) { 331 talloc_free(tmp_ctx); 332 return status; 333 } 334 335 unixid->id = rid; 336 unixid->type = ID_TYPE_GID; 341 337 342 338 talloc_free(tmp_ctx); … … 349 345 if (ret != LDB_SUCCESS) { 350 346 DEBUG(1, ("Search failed: %s\n", ldb_errstring(ldb))); 351 status = NT_STATUS_NONE_MAPPED;352 goto failed;347 talloc_free(tmp_ctx); 348 return NT_STATUS_NONE_MAPPED; 353 349 } 354 350 … … 360 356 if (new_xid == (uint32_t) -1) { 361 357 DEBUG(1, ("Invalid xid mapping.\n")); 362 status = NT_STATUS_NONE_MAPPED;363 goto failed;358 talloc_free(tmp_ctx); 359 return NT_STATUS_NONE_MAPPED; 364 360 } 365 361 366 362 if (type == NULL) { 367 363 DEBUG(1, ("Invalid type for mapping entry.\n")); 368 status = NT_STATUS_NONE_MAPPED; 369 goto failed; 370 } 371 372 *unixid = talloc(mem_ctx, struct unixid); 373 if (*unixid == NULL) { 374 status = NT_STATUS_NO_MEMORY; 375 goto failed; 376 } 377 378 (*unixid)->id = new_xid; 364 talloc_free(tmp_ctx); 365 return NT_STATUS_NONE_MAPPED; 366 } 367 368 unixid->id = new_xid; 379 369 380 370 if (strcmp(type, "ID_TYPE_BOTH") == 0) { 381 (*unixid)->type = ID_TYPE_BOTH;371 unixid->type = ID_TYPE_BOTH; 382 372 } else if (strcmp(type, "ID_TYPE_UID") == 0) { 383 (*unixid)->type = ID_TYPE_UID;373 unixid->type = ID_TYPE_UID; 384 374 } else { 385 (*unixid)->type = ID_TYPE_GID;375 unixid->type = ID_TYPE_GID; 386 376 } 387 377 … … 415 405 } 416 406 417 /*FIXME: if lp _idmap_trusted_only() == true, check if SID can be407 /*FIXME: if lpcfg_idmap_trusted_only() == true, check if SID can be 418 408 * resolved here. */ 419 409 … … 606 596 } 607 597 608 *unixid = talloc(mem_ctx, struct unixid); 609 if (*unixid == NULL) { 610 status = NT_STATUS_NO_MEMORY; 611 goto failed; 612 } 613 614 (*unixid)->id = new_xid; 615 (*unixid)->type = ID_TYPE_BOTH; 598 unixid->id = new_xid; 599 unixid->type = ID_TYPE_BOTH; 616 600 talloc_free(tmp_ctx); 617 601 return NT_STATUS_OK; … … 637 621 638 622 NTSTATUS idmap_xids_to_sids(struct idmap_context *idmap_ctx, 639 TALLOC_CTX *mem_ctx, int count,640 struct id_map ping*id)623 TALLOC_CTX *mem_ctx, 624 struct id_map **id) 641 625 { 642 int i; 643 int error_count = 0; 644 645 for (i = 0; i < count; ++i) { 646 id[i].status = idmap_xid_to_sid(idmap_ctx, mem_ctx, 647 id[i].unixid, &id[i].sid); 648 if (NT_STATUS_EQUAL(id[i].status, NT_STATUS_RETRY)) { 649 id[i].status = idmap_xid_to_sid(idmap_ctx, mem_ctx, 650 id[i].unixid, 651 &id[i].sid); 652 } 653 if (!NT_STATUS_IS_OK(id[i].status)) { 654 DEBUG(1, ("idmapping xid_to_sid failed for id[%d]\n", i)); 626 unsigned int i, error_count = 0; 627 NTSTATUS status; 628 629 for (i = 0; id && id[i]; i++) { 630 status = idmap_xid_to_sid(idmap_ctx, mem_ctx, 631 &id[i]->xid, &id[i]->sid); 632 if (NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) { 633 status = idmap_xid_to_sid(idmap_ctx, mem_ctx, 634 &id[i]->xid, 635 &id[i]->sid); 636 } 637 if (!NT_STATUS_IS_OK(status)) { 638 DEBUG(1, ("idmapping xid_to_sid failed for id[%d]=%lu: %s\n", 639 i, (unsigned long)id[i]->xid.id, nt_errstr(status))); 655 640 error_count++; 656 } 657 } 658 659 if (error_count == count) { 641 id[i]->status = ID_UNMAPPED; 642 } else { 643 id[i]->status = ID_MAPPED; 644 } 645 } 646 647 if (error_count == i) { 660 648 /* Mapping did not work at all. */ 661 649 return NT_STATUS_NONE_MAPPED; … … 682 670 683 671 NTSTATUS idmap_sids_to_xids(struct idmap_context *idmap_ctx, 684 TALLOC_CTX *mem_ctx, int count,685 struct id_map ping*id)672 TALLOC_CTX *mem_ctx, 673 struct id_map **id) 686 674 { 687 int i; 688 int error_count = 0; 689 690 for (i = 0; i < count; ++i) { 691 id[i].status = idmap_sid_to_xid(idmap_ctx, mem_ctx, 692 id[i].sid, &id[i].unixid); 693 if (NT_STATUS_EQUAL(id[i].status, NT_STATUS_RETRY)) { 694 id[i].status = idmap_sid_to_xid(idmap_ctx, mem_ctx, 695 id[i].sid, 696 &id[i].unixid); 697 } 698 if (!NT_STATUS_IS_OK(id[i].status)) { 699 DEBUG(1, ("idmapping sid_to_xid failed for id[%d]\n", i)); 675 unsigned int i, error_count = 0; 676 NTSTATUS status; 677 678 for (i = 0; id && id[i]; i++) { 679 status = idmap_sid_to_xid(idmap_ctx, mem_ctx, 680 id[i]->sid, &id[i]->xid); 681 if (NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) { 682 status = idmap_sid_to_xid(idmap_ctx, mem_ctx, 683 id[i]->sid, 684 &id[i]->xid); 685 } 686 if (!NT_STATUS_IS_OK(status)) { 687 char *str = dom_sid_string(mem_ctx, id[i]->sid); 688 DEBUG(1, ("idmapping sid_to_xid failed for id[%d]=%s: %s\n", 689 i, str, nt_errstr(status))); 690 talloc_free(str); 700 691 error_count++; 701 } 702 } 703 704 if (error_count == count) { 692 id[i]->status = ID_UNMAPPED; 693 } else { 694 id[i]->status = ID_MAPPED; 695 } 696 } 697 698 if (error_count == i) { 705 699 /* Mapping did not work at all. */ 706 700 return NT_STATUS_NONE_MAPPED;
Note:
See TracChangeset
for help on using the changeset viewer.
