svn commit: samba r21196 - in branches/SAMBA_3_0_25/source/auth: .
jerry at samba.org
jerry at samba.org
Tue Feb 6 21:39:24 GMT 2007
Author: jerry
Date: 2007-02-06 21:39:23 +0000 (Tue, 06 Feb 2007)
New Revision: 21196
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21196
Log:
* pick up a few sid mapping changes
Modified:
branches/SAMBA_3_0_25/source/auth/auth_util.c
Changeset:
Modified: branches/SAMBA_3_0_25/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_3_0_25/source/auth/auth_util.c 2007-02-06 21:11:44 UTC (rev 21195)
+++ branches/SAMBA_3_0_25/source/auth/auth_util.c 2007-02-06 21:39:23 UTC (rev 21196)
@@ -841,6 +841,8 @@
NTSTATUS status;
gid_t gid;
+ DEBUG(10, ("Create local NT token for %s\n", sid_string_static(user_sid)));
+
if (!(result = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) {
DEBUG(0, ("talloc failed\n"));
return NULL;
@@ -980,7 +982,9 @@
NTSTATUS create_local_token(auth_serversupplied_info *server_info)
{
TALLOC_CTX *mem_ctx;
+ struct id_map *ids;
NTSTATUS status;
+ BOOL wb = True;
size_t i;
@@ -1027,17 +1031,40 @@
server_info->groups = NULL;
/* Start at index 1, where the groups start. */
+ ids = talloc_zero_array(mem_ctx, struct id_map, server_info->ptok->num_sids);
+ for (i = 0; i < server_info->ptok->num_sids-1; i++) {
+ ids[i].sid = &server_info->ptok->user_sids[i + 1]; /* store the sids */
+ }
- for (i=1; i<server_info->ptok->num_sids; i++) {
- gid_t gid;
- DOM_SID *sid = &server_info->ptok->user_sids[i];
+ if (!winbind_sids_to_unixids(ids, server_info->ptok->num_sids-1)) {
+ DEBUG(2, ("Query to map secondary SIDs failed!\n"));
+ if (!winbind_ping()) {
+ DEBUG(2, ("Winbindd is not running, will try to map SIDs one by one with legacy code\n"));
+ wb = False;
+ }
+ }
- if (!sid_to_gid(sid, &gid)) {
+ for (i = 0; i < server_info->ptok->num_sids-1; i++) {
+ gid_t agid;
+
+ if (wb) {
+ if (ids[i].status != ID_MAPPED) {
DEBUG(10, ("Could not convert SID %s to gid, "
- "ignoring it\n", sid_string_static(sid)));
+ "ignoring it\n", sid_string_static(ids[i].sid)));
continue;
}
- if (!add_gid_to_array_unique(server_info, gid, &server_info->groups,
+ if (ids[i].xid.type == ID_TYPE_UID) {
+ DEBUG(10, ("SID %s is a User ID (%u) not a Group ID, "
+ "ignoring it\n", sid_string_static(ids[i].sid), ids[i].xid.id));
+ continue;
+ }
+ agid = (gid_t)ids[i].xid.id;
+ } else {
+ if (! sid_to_gid(ids[i].sid, &agid)) {
+ continue;
+ }
+ }
+ if (!add_gid_to_array_unique(server_info, agid, &server_info->groups,
&server_info->n_groups)) {
TALLOC_FREE(mem_ctx);
return NT_STATUS_NO_MEMORY;
@@ -2012,7 +2039,7 @@
Duplicate a SID token.
****************************************************************************/
-NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, NT_USER_TOKEN *ptoken)
+NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken)
{
NT_USER_TOKEN *token;
More information about the samba-cvs
mailing list