svn commit: samba r20169 - in branches/SAMBA_3_0/source: auth passdb

idra at samba.org idra at samba.org
Thu Dec 14 15:30:57 GMT 2006 

Author: idra
Date: 2006-12-14 15:30:54 +0000 (Thu, 14 Dec 2006)
New Revision: 20169

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20169

Log:

Support for fallback to legacy mapping code was not completely tested.
Add necessary fixes.


Modified:
   branches/SAMBA_3_0/source/auth/auth_util.c
   branches/SAMBA_3_0/source/passdb/lookup_sid.c


Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_3_0/source/auth/auth_util.c	2006-12-14 10:03:21 UTC (rev 20168)
+++ branches/SAMBA_3_0/source/auth/auth_util.c	2006-12-14 15:30:54 UTC (rev 20169)
@@ -984,6 +984,7 @@
 	TALLOC_CTX *mem_ctx;
 	struct id_map *ids;
 	NTSTATUS status;
+	BOOL wb = True;
 	size_t i;
 	
 
@@ -1037,20 +1038,33 @@
 
 	if (!winbind_sids_to_unixids(ids, server_info->ptok->num_sids-1)) {
 		DEBUG(2, ("Query to map secondary SIDs failed!\n"));
+		if (!winbind_ping()) {
+			DEBUG(2, ("Winbindd is not running, will try to map SIDs one by one with legacy code\n"));
+			wb = False;
+		}
 	}
 
 	for (i = 0; i < server_info->ptok->num_sids-1; i++) {
-		if ( ! ids[i].mapped) {
-			DEBUG(10, ("Could not convert SID %s to gid, "
-				   "ignoring it\n", sid_string_static(ids[i].sid)));
-			continue;
+		gid_t agid;
+
+		if (wb) {
+			if ( ! ids[i].mapped) {
+				DEBUG(10, ("Could not convert SID %s to gid, "
+					   "ignoring it\n", sid_string_static(ids[i].sid)));
+				continue;
+			}
+			if (ids[i].xid.type == ID_TYPE_UID) {
+				DEBUG(10, ("SID %s is a User ID (%u) not a Group ID, "
+					   "ignoring it\n", sid_string_static(ids[i].sid), ids[i].xid.id));
+				continue;
+			}
+			agid = (gid_t)ids[i].xid.id;
+		} else {
+			if (! sid_to_gid(ids[i].sid, &agid)) {
+				continue;
+			}
 		}
-		if ( ! ids[i].xid.type == ID_TYPE_UID) {
-			DEBUG(10, ("SID %s is a User ID (%u) not a Group ID, "
-				   "ignoring it\n", sid_string_static(ids[i].sid), ids[i].xid.id));
-			continue;
-		}
-		if (!add_gid_to_array_unique(server_info, (gid_t)ids[i].xid.id, &server_info->groups,
+		if (!add_gid_to_array_unique(server_info, agid, &server_info->groups,
 					&server_info->n_groups)) {
 			TALLOC_FREE(mem_ctx);
 			return NT_STATUS_NO_MEMORY;

Modified: branches/SAMBA_3_0/source/passdb/lookup_sid.c
===================================================================
--- branches/SAMBA_3_0/source/passdb/lookup_sid.c	2006-12-14 10:03:21 UTC (rev 20168)
+++ branches/SAMBA_3_0/source/passdb/lookup_sid.c	2006-12-14 15:30:54 UTC (rev 20169)
@@ -1141,6 +1141,7 @@
 	DEBUG(10,("LEGACY: uid %u -> sid %s\n", (unsigned int)uid,
 		  sid_string_static(psid)));
 
+	store_uid_sid_cache(psid, uid);
 	return;
 }
 
@@ -1171,6 +1172,7 @@
 	DEBUG(10,("LEGACY: gid %u -> sid %s\n", (unsigned int)gid,
 		  sid_string_static(psid)));
 
+	store_gid_sid_cache(psid, gid);
 	return;
 }
 
@@ -1209,16 +1211,16 @@
 		}
 
 		/* This was ours, but it was not mapped.  Fail */
-
-		return False;
 	}
 
+	DEBUG(10,("LEGACY: mapping failed for sid %s\n", sid_string_static(psid)));
 	return False;
 
- done:
+done:
 	DEBUG(10,("LEGACY: sid %s -> uid %u\n", sid_string_static(psid),
 		(unsigned int)*puid ));
 
+	store_uid_sid_cache(psid, *puid);
 	return True;
 }
 
@@ -1252,6 +1254,7 @@
 			*pgid = map.gid;
 			goto done;
 		}
+		DEBUG(10,("LEGACY: mapping failed for sid %s\n", sid_string_static(psid)));
 		return False;
 	}
 
@@ -1265,7 +1268,7 @@
 		if (ret) {
 			if ((type != SID_NAME_DOM_GRP) &&
 			    (type != SID_NAME_ALIAS)) {
-				DEBUG(5, ("sid %s is a %s, expected a group\n",
+				DEBUG(5, ("LEGACY: sid %s is a %s, expected a group\n",
 					  sid_string_static(psid),
 					  sid_type_lookup(type)));
 				return False;
@@ -1273,16 +1276,19 @@
 			*pgid = id.gid;
 			goto done;
 		}
-
+	
 		/* This was ours, but it was not mapped.  Fail */
+	}
 
-		return False;
-	}
+	DEBUG(10,("LEGACY: mapping failed for sid %s\n", sid_string_static(psid)));
+	return False;
 	
  done:
 	DEBUG(10,("LEGACY: sid %s -> gid %u\n", sid_string_static(psid),
 		  (unsigned int)*pgid ));
 
+	store_gid_sid_cache(psid, *pgid);
+
 	return True;
 }
 
@@ -1299,7 +1305,7 @@
 
 	if (!winbind_uid_to_sid(psid, uid)) {
 		if (!winbind_ping()) {
-			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code"));
+			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n"));
 			return legacy_uid_to_sid(psid, uid);
 		}
 
@@ -1328,7 +1334,7 @@
 
 	if (!winbind_gid_to_sid(psid, gid)) {
 		if (!winbind_ping()) {
-			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code"));
+			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n"));
 			return legacy_gid_to_sid(psid, gid);
 		}
 
@@ -1361,7 +1367,7 @@
 
 	if (!winbind_sid_to_uid(puid, psid)) {
 		if (!winbind_ping()) {
-			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code"));
+			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n"));
 			return legacy_sid_to_uid(psid, puid);
 		}
 
@@ -1400,8 +1406,8 @@
 
 	if ( !winbind_sid_to_gid(pgid, psid) ) {
 		if (!winbind_ping()) {
-			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code"));
-			return legacy_sid_to_uid(psid, pgid);
+			DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n"));
+			return legacy_sid_to_gid(psid, pgid);
 		}
 
 		DEBUG(10,("winbind failed to find a gid for sid %s\n",

More information about the samba-cvs mailing list