[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Wed Aug 17 06:00:04 MDT 2011


The branch, master has been updated
       via  3c0b882 s3: Next step to fix MIT trusts
       via  31ee78f s3: Increase a debug level in ads_find_dc
       via  28b237b Remove unused "sid_equal"
       via  8fd5e0f Replace calls to sid_equal with calls to dom_sid_equal
      from  102f39a s3-messaging: IDMAP_ messages belongs to the Winbind range

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 3c0b88275629749fba23f0a04cec1aa0a6362927
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Aug 17 12:05:26 2011 +0200

    s3: Next step to fix MIT trusts
    
    aa3f10c was not complete in the sense that it did not fully cover some
    conditions that led to invalid domains in the winbind parent
    
    Autobuild-User: Volker Lendecke <vlendec at samba.org>
    Autobuild-Date: Wed Aug 17 13:59:06 CEST 2011 on sn-devel-104

commit 31ee78fea9519da4fbe4fe89a35cec9fd6206c31
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Aug 17 11:58:57 2011 +0200

    s3: Increase a debug level in ads_find_dc
    
    This message can happen with AD trusts that winbind can not cope with. The
    message is not really clear and not worth spamming syslog always.

commit 28b237b2cc04d10275cea6890bda425b41cf62f7
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Aug 17 12:20:30 2011 +0200

    Remove unused "sid_equal"

commit 8fd5e0ff2e08288d499556b5b48dcc7a9a3fc85f
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Aug 17 12:18:14 2011 +0200

    Replace calls to sid_equal with calls to dom_sid_equal

-----------------------------------------------------------------------

Summary of changes:
 libcli/security/dom_sid.h         |    1 -
 libcli/security/util_sid.c        |   13 ++-----------
 source3/libads/ldap.c             |    3 ++-
 source3/modules/onefs_acl.c       |   10 +++++-----
 source3/torture/pdbtest.c         |    3 ++-
 source3/winbindd/wb_lookupsids.c  |    2 +-
 source3/winbindd/winbindd_cache.c |    2 +-
 source3/winbindd/winbindd_misc.c  |    4 ++++
 8 files changed, 17 insertions(+), 21 deletions(-)


Changeset truncated at 500 lines:

diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index 04571c2..5886ce3 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -89,7 +89,6 @@ void sid_copy(struct dom_sid *dst, const struct dom_sid *src);
 bool sid_blob_parse(DATA_BLOB in, struct dom_sid *sid);
 bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid);
 int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2);
-bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2);
 NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
 			  struct dom_sid **sids, uint32_t *num);
 NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c
index cf1f7f3..0f95fbb 100644
--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@@ -275,15 +275,6 @@ int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2)
 	return dom_sid_compare_auth(sid1, sid2);
 }
 
-/*****************************************************************
- Compare two sids.
-*****************************************************************/
-
-bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
-	return dom_sid_compare(sid1, sid2) == 0;
-}
-
 /********************************************************************
  Add SID to an array SIDs
 ********************************************************************/
@@ -337,7 +328,7 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids,
 		/* if we find the SID, then decrement the count
 		   and break out of the loop */
 
-		if ( sid_equal(sid, &sid_list[i]) ) {
+		if (dom_sid_equal(sid, &sid_list[i])) {
 			*num -= 1;
 			break;
 		}
@@ -377,5 +368,5 @@ bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
 bool is_null_sid(const struct dom_sid *sid)
 {
 	static const struct dom_sid null_sid = {0};
-	return sid_equal(sid, &null_sid);
+	return dom_sid_equal(sid, &null_sid);
 }
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 128c133..11e4261 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -354,7 +354,8 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
 	}
 
 	if ( !c_realm || !*c_realm ) {
-		DEBUG(0,("ads_find_dc: no realm or workgroup!  Don't know what to do\n"));
+		DEBUG(1, ("ads_find_dc: no realm or workgroup!  Don't know "
+			  "what to do\n"));
 		return NT_STATUS_INVALID_PARAMETER; /* rather need MISSING_PARAMETER ... */
 	}
 
diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c
index f78d1f0..749ddec 100644
--- a/source3/modules/onefs_acl.c
+++ b/source3/modules/onefs_acl.c
@@ -46,13 +46,13 @@ onefs_sid_to_identity(const struct dom_sid *sid, struct ifs_identity *id,
 	uid_t uid = 0;
 	gid_t gid = 0;
 
-	if (!sid || sid_equal(sid, &global_sid_NULL))
+	if (!sid || dom_sid_equal(sid, &global_sid_NULL))
 		type = IFS_ID_TYPE_NULL;
-	else if (sid_equal(sid, &global_sid_World))
+	else if (dom_sid_equal(sid, &global_sid_World))
 		type = IFS_ID_TYPE_EVERYONE;
-	else if (sid_equal(sid, &global_sid_Creator_Owner))
+	else if (dom_sid_equal(sid, &global_sid_Creator_Owner))
 		type = IFS_ID_TYPE_CREATOR_OWNER;
-	else if (sid_equal(sid, &global_sid_Creator_Group))
+	else if (dom_sid_equal(sid, &global_sid_Creator_Group))
 		type = IFS_ID_TYPE_CREATOR_GROUP;
 	else if (is_group) {
 		if (!sid_to_gid(sid, &gid))
@@ -156,7 +156,7 @@ sid_in_ignore_list(struct dom_sid * sid, int snum)
 
 	while (*sid_list) {
 		if (string_to_sid(&match, *sid_list))
-			if (sid_equal(sid, &match))
+			if (dom_sid_equal(sid, &match))
 				return true;
 		sid_list++;
 	}
diff --git a/source3/torture/pdbtest.c b/source3/torture/pdbtest.c
index 65f5188..2f4909a 100644
--- a/source3/torture/pdbtest.c
+++ b/source3/torture/pdbtest.c
@@ -438,7 +438,8 @@ int main(int argc, char **argv)
 
 	if (!strequal(td->domain_name, new_td->domain_name) ||
 	    !strequal(td->netbios_name, new_td->netbios_name) ||
-	    !sid_equal(&td->security_identifier, &new_td->security_identifier) ||
+	    !dom_sid_equal(&td->security_identifier,
+			   &new_td->security_identifier) ||
 	    td->trust_direction != new_td->trust_direction ||
 	    td->trust_type != new_td->trust_type ||
 	    td->trust_attributes != new_td->trust_attributes ||
diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c
index b4b7b9c..e896860 100644
--- a/source3/winbindd/wb_lookupsids.c
+++ b/source3/winbindd/wb_lookupsids.c
@@ -367,7 +367,7 @@ static bool wb_lookupsids_find_dom_idx(struct lsa_DomainInfo *domain,
 	struct lsa_DomainInfo *new_domain;
 
 	for (i=0; i<list->count; i++) {
-		if (sid_equal(domain->sid, list->domains[i].sid)) {
+		if (dom_sid_equal(domain->sid, list->domains[i].sid)) {
 			*idx = i;
 			return true;
 		}
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 58a8e71..ec5f9e7 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -4571,7 +4571,7 @@ struct winbindd_tdc_domain*
 	wcache_tdc_fetch_list(&dom_list, &num_domains);
 
 	for (i = 0; i<num_domains; i++) {
-		if (sid_equal(sid, &(dom_list[i].sid))) {
+		if (dom_sid_equal(sid, &(dom_list[i].sid))) {
 			DEBUG(10, ("wcache_tdc_fetch_domainbysid: "
 				   "Found domain %s for SID %s\n",
 				   dom_list[i].domain_name,
diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c
index d2259be..6f87302 100644
--- a/source3/winbindd/winbindd_misc.c
+++ b/source3/winbindd/winbindd_misc.c
@@ -22,6 +22,7 @@
 
 #include "includes.h"
 #include "winbindd.h"
+#include "libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_WINBIND
@@ -175,6 +176,9 @@ enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *
 		if (trusts.array[i].sid == NULL) {
 			continue;
 		}
+		if (dom_sid_equal(trusts.array[i].sid, &global_sid_NULL)) {
+			continue;
+		}
 
 		extra_data = talloc_asprintf_append_buffer(
 			extra_data, "%s\\%s\\%s\n",


-- 
Samba Shared Repository


More information about the samba-cvs mailing list