svn commit: samba r12133 - branches/SAMBA_3_0/source/nsswitch
branches/SAMBA_3_0/source/rpc_server trunk/source/nsswitch
trunk/source/rpc_server
vlendec at samba.org
vlendec at samba.org
Thu Dec 8 19:34:24 GMT 2005
Author: vlendec
Date: 2005-12-08 19:34:22 +0000 (Thu, 08 Dec 2005)
New Revision: 12133
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12133
Log:
Fix an uninitialized variable in new code in rpc_server/srv_samr_nt.c.
Fix winbind_lookup_name for the local domain, ie for aliases on a member
server.
Volker
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_util.c
branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
trunk/source/nsswitch/winbindd_util.c
trunk/source/rpc_server/srv_samr_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_util.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_util.c 2005-12-08 17:44:51 UTC (rev 12132)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_util.c 2005-12-08 19:34:22 UTC (rev 12133)
@@ -90,7 +90,15 @@
return (sid_check_is_domain(sid) || sid_check_is_builtin(sid));
}
+static BOOL is_in_internal_domain(const DOM_SID *sid)
+{
+ if (sid == NULL)
+ return False;
+ return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid));
+}
+
+
/* Add a trusted domain to our list of domains */
static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name,
struct winbindd_methods *methods,
@@ -648,12 +656,18 @@
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
- if (IS_DC || is_internal_domain(sid))
+ DEBUG(10, ("find_lookup_domain_from_sid(%s)\n",
+ sid_string_static(sid)));
+
+ if (IS_DC || is_internal_domain(sid) || is_in_internal_domain(sid)) {
+ DEBUG(10, ("calling find_domain_from_sid\n"));
return find_domain_from_sid(sid);
+ }
/* On a member server a query for SID or name can always go to our
* primary DC. */
+ DEBUG(10, ("calling find_our_domain\n"));
return find_our_domain();
}
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2005-12-08 17:44:51 UTC (rev 12132)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2005-12-08 19:34:22 UTC (rev 12133)
@@ -2243,6 +2243,8 @@
enum SID_NAME_USE type;
BOOL result;
+ DEBUG(10, ("Checking whether [%s] can be created\n", new_name));
+
become_root();
/* Lookup in our local databases (only LOOKUP_NAME_ISOLATED set)
* whether the name already exists */
@@ -2251,6 +2253,7 @@
unbecome_root();
if (!result) {
+ DEBUG(10, ("%s does not exist, can create it\n", new_name));
return NT_STATUS_OK;
}
@@ -4308,16 +4311,16 @@
if (!sid_equal(&dom_sid, get_global_sam_sid()))
return NT_STATUS_ACCESS_DENIED;
- r_u->status = can_create(p->mem_ctx, name);
- if (!NT_STATUS_IS_OK(r_u->status)) {
- return r_u->status;
- }
-
unistr2_to_ascii(name, &q_u->uni_acct_desc, sizeof(name)-1);
se_priv_copy( &se_rights, &se_add_users );
can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
+ result = can_create(p->mem_ctx, name);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+
/******** BEGIN SeAddUsers BLOCK *********/
if ( can_add_accounts )
Modified: trunk/source/nsswitch/winbindd_util.c
===================================================================
--- trunk/source/nsswitch/winbindd_util.c 2005-12-08 17:44:51 UTC (rev 12132)
+++ trunk/source/nsswitch/winbindd_util.c 2005-12-08 19:34:22 UTC (rev 12133)
@@ -90,7 +90,15 @@
return (sid_check_is_domain(sid) || sid_check_is_builtin(sid));
}
+static BOOL is_in_internal_domain(const DOM_SID *sid)
+{
+ if (sid == NULL)
+ return False;
+ return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid));
+}
+
+
/* Add a trusted domain to our list of domains */
static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name,
struct winbindd_methods *methods,
@@ -648,12 +656,18 @@
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
- if (IS_DC || is_internal_domain(sid))
+ DEBUG(10, ("find_lookup_domain_from_sid(%s)\n",
+ sid_string_static(sid)));
+
+ if (IS_DC || is_internal_domain(sid) || is_in_internal_domain(sid)) {
+ DEBUG(10, ("calling find_domain_from_sid\n"));
return find_domain_from_sid(sid);
+ }
/* On a member server a query for SID or name can always go to our
* primary DC. */
+ DEBUG(10, ("calling find_our_domain\n"));
return find_our_domain();
}
Modified: trunk/source/rpc_server/srv_samr_nt.c
===================================================================
--- trunk/source/rpc_server/srv_samr_nt.c 2005-12-08 17:44:51 UTC (rev 12132)
+++ trunk/source/rpc_server/srv_samr_nt.c 2005-12-08 19:34:22 UTC (rev 12133)
@@ -2243,6 +2243,8 @@
enum SID_NAME_USE type;
BOOL result;
+ DEBUG(10, ("Checking whether [%s] can be created\n", new_name));
+
become_root();
/* Lookup in our local databases (only LOOKUP_NAME_ISOLATED set)
* whether the name already exists */
@@ -2251,6 +2253,7 @@
unbecome_root();
if (!result) {
+ DEBUG(10, ("%s does not exist, can create it\n", new_name));
return NT_STATUS_OK;
}
@@ -4308,16 +4311,16 @@
if (!sid_equal(&dom_sid, get_global_sam_sid()))
return NT_STATUS_ACCESS_DENIED;
- r_u->status = can_create(p->mem_ctx, name);
- if (!NT_STATUS_IS_OK(r_u->status)) {
- return r_u->status;
- }
-
unistr2_to_ascii(name, &q_u->uni_acct_desc, sizeof(name)-1);
se_priv_copy( &se_rights, &se_add_users );
can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
+ result = can_create(p->mem_ctx, name);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+
/******** BEGIN SeAddUsers BLOCK *********/
if ( can_add_accounts )
More information about the samba-cvs
mailing list