svn commit: samba r11924 - in branches/SAMBA_3_0/source: include rpc_server

Sun Nov 27 01:17:26 GMT 2005

Author: jra
Date: 2005-11-27 01:17:24 +0000 (Sun, 27 Nov 2005)
New Revision: 11924

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11924

Log:
Added Volkers's (C) to srv_samr_nt.c, removed separate "builtin"
search enumeration, fixed count of groups and users to return
zero if we're getting domain info on the builtin domain (need
to fix the enumgroup and enumuser calls also). Added count_sam_aliases
to return the correct alias count. Need to push the SID arg
down into the group mapping interface so we only return the
correct aliases. Upped passdb version numer for Volkers
changes. SAM-MYSQL guys - you will need to fix your backend
now. More tests needed.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/include/passdb.h
   branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c


Changeset:
Modified: branches/SAMBA_3_0/source/include/passdb.h
===================================================================

--- branches/SAMBA_3_0/source/include/passdb.h	2005-11-26 22:28:41 UTC (rev 11923)
+++ branches/SAMBA_3_0/source/include/passdb.h	2005-11-27 01:17:24 UTC (rev 11924)
@@ -265,9 +265,12 @@
  * This next constant specifies the version number of the PASSDB interface
  * this SAMBA will load. Increment this if *ANY* changes are made to the interface. 
  * Changed interface to fix int -> size_t problems. JRA.
+ * There's no point in allocating arrays in
+ * samr_lookup_rids twice. It was done in the srv_samr_nt.c code as well as in
+ * the pdb module. Remove the latter, this might happen more often. VL.
  */
 
-#define PASSDB_INTERFACE_VERSION 11
+#define PASSDB_INTERFACE_VERSION 12
 
 typedef struct pdb_context 
 {

Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c	2005-11-26 22:28:41 UTC (rev 11923)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c	2005-11-27 01:17:24 UTC (rev 11924)
@@ -5,11 +5,12 @@
  *  Copyright (C) Luke Kenneth Casson Leighton      1996-1997,
  *  Copyright (C) Paul Ashton                       1997,
  *  Copyright (C) Marc Jacobsen			    1999,
- *  Copyright (C) Jeremy Allison                    2001-2002,
+ *  Copyright (C) Jeremy Allison                    2001-2005,
  *  Copyright (C) Jean François Micouleau           1998-2001,
  *  Copyright (C) Jim McDonough <jmcd at us.ibm.com>   2002,
  *  Copyright (C) Gerald (Jerry) Carter             2003-2004,
  *  Copyright (C) Simo Sorce                        2003.
+ *  Copyright (C) Volker Lendecke		    2005.
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -46,15 +47,16 @@
 	struct disp_info *next, *prev;
 	TALLOC_CTX *mem_ctx;
 	DOM_SID sid; /* identify which domain this is. */
+	BOOL builtin_domain; /* Quick flag to check if this is the builtin domain. */
 	struct pdb_search *users; /* querydispinfo 1 and 4 */
 	struct pdb_search *machines; /* querydispinfo 2 */
 	struct pdb_search *groups; /* querydispinfo 3 and 5, enumgroups */
 	struct pdb_search *aliases; /* enumaliases */
-	struct pdb_search *builtins; /* enumaliases */
 
 	uint16 enum_acb_mask;
 	struct pdb_search *enum_users; /* enumusers with a mask */
 
+
 	smb_event_id_t di_cache_timeout_event; /* cache idle timeout handler. */
 } DISP_INFO;
 
@@ -66,6 +68,7 @@
 struct samr_info {
 	/* for use by the \PIPE\samr policy */
 	DOM_SID sid;
+	BOOL builtin_domain; /* Quick flag to check if this is the builtin domain. */
 	uint32 status; /* some sort of flag.  best to record it.  comes from opnum 0x39 */
 	uint32 acc_granted;
 	DISP_INFO *disp_info;
@@ -265,8 +268,12 @@
 		return NULL;
 
 	dpi->mem_ctx = mem_ctx;
+
 	if (psid) {
 		sid_copy( &dpi->sid, psid);
+		dpi->builtin_domain = sid_check_is_builtin(psid);
+	} else {
+		dpi->builtin_domain = False;
 	}
 
 	DLIST_ADD(disp_info_list, dpi);
@@ -298,8 +305,10 @@
 	DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_str));
 	if (psid) {
 		sid_copy( &info->sid, psid);
+		info->builtin_domain = sid_check_is_builtin(psid);
 	} else {
 		DEBUG(10,("get_samr_info_by_sid: created new info for NULL sid.\n"));
+		info->builtin_domain = False;
 	}
 	info->mem_ctx = mem_ctx;
 
@@ -346,11 +355,6 @@
 		pdb_search_destroy(disp_info->aliases);
 		disp_info->aliases = NULL;
 	}
-	if (disp_info->builtins) {
-		DEBUG(10,("free_samr_cache: deleting builtins cache\n"));
-		pdb_search_destroy(disp_info->builtins);
-		disp_info->builtins = NULL;
-	}
 	if (disp_info->enum_users) {
 		DEBUG(10,("free_samr_cache: deleting enum_users cache\n"));
 		pdb_search_destroy(disp_info->enum_users);
@@ -470,6 +474,12 @@
 static uint32 count_sam_users(struct disp_info *info, uint16 acct_flags)
 {
 	struct samr_displayentry *entry;
+
+	if (info->builtin_domain) {
+		/* No users in builtin. */
+		return 0;
+	}
+
 	if (info->users == NULL) {
 		info->users = pdb_search_users(acct_flags);
 		if (info->users == NULL) {
@@ -488,6 +498,12 @@
 static uint32 count_sam_groups(struct disp_info *info)
 {
 	struct samr_displayentry *entry;
+
+	if (info->builtin_domain) {
+		/* No groups in builtin. */
+		return 0;
+	}
+
 	if (info->groups == NULL) {
 		info->groups = pdb_search_groups();
 		if (info->groups == NULL) {
@@ -503,6 +519,25 @@
 	return info->groups->num_entries;
 }
 
+static uint32 count_sam_aliases(struct disp_info *info)
+{
+	struct samr_displayentry *entry;
+
+	if (info->aliases == NULL) {
+		info->aliases = pdb_search_aliases(&info->sid);
+		if (info->aliases == NULL) {
+			return 0;
+		}
+	}
+	/* Fetch the last possible entry, thus trigger an enumeration */
+	pdb_search_entries(info->aliases, 0xffffffff, 1, &entry);
+
+	/* Ensure we cache this enumeration. */
+	set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
+
+	return info->aliases->num_entries;
+}
+
 /*******************************************************************
  _samr_close_hnd
  ********************************************************************/
@@ -943,7 +978,6 @@
 {
 	struct samr_info *info;
 	struct samr_displayentry *aliases;
-	struct pdb_search **search = NULL;
 	uint32 num_aliases = 0;
 
 	/* find the policy handle.  open a policy on it. */
@@ -959,25 +993,17 @@
 	DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n",
 		 sid_string_static(&info->sid)));
 
-	if (sid_check_is_domain(&info->sid))
-		search = &info->disp_info->aliases;
-	if (sid_check_is_builtin(&info->sid))
-		search = &info->disp_info->builtins;
-
-	if (search == NULL) 
-		return NT_STATUS_INVALID_HANDLE;
-
 	become_root();
 
-	if (*search == NULL) {
-		*search = pdb_search_aliases(&info->sid);
-		if (*search == NULL) {
+	if (info->disp_info->aliases == NULL) {
+		info->disp_info->aliases = pdb_search_aliases(&info->sid);
+		if (info->disp_info->aliases == NULL) {
 			unbecome_root();
 			return NT_STATUS_ACCESS_DENIED;
 		}
 	}
 
-	num_aliases = pdb_search_entries(*search, q_u->start_idx,
+	num_aliases = pdb_search_entries(info->disp_info->aliases, q_u->start_idx,
 					 MAX_SAM_ENTRIES, &aliases);
 	unbecome_root();
 	
@@ -2096,9 +2122,9 @@
 
 			/* AS ROOT !!! */
 
-			num_users=count_sam_users(info->disp_info,
-						  ACB_NORMAL);
-			num_groups=count_sam_groups(info->disp_info);
+			num_users = count_sam_users(info->disp_info, ACB_NORMAL);
+			num_groups = count_sam_groups(info->disp_info);
+			num_aliases = count_sam_aliases(info->disp_info);
 
 			pdb_get_account_policy(AP_TIME_TO_LOGOUT, &account_policy_temp);
 			u_logout = account_policy_temp;
@@ -4692,9 +4718,9 @@
 			break;
 		case 0x02:
 			become_root();		
-			num_users = count_sam_users(info->disp_info,
-						    ACB_NORMAL);
+			num_users = count_sam_users(info->disp_info, ACB_NORMAL);
 			num_groups = count_sam_groups(info->disp_info);
+			num_aliases = count_sam_aliases(info->disp_info);
 			unbecome_root();
 
 			pdb_get_account_policy(AP_TIME_TO_LOGOUT, &account_policy_temp);

