[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Tue Jan 29 15:47:02 MST 2013
The branch, master has been updated
via 394622e s3:winbindd: change getpwsid() to return a passwd struct for a group sid id-mapped with ID_TYPE_BOTH
via b7095e9 s3:winbindd: check the correct variable for talloc success in rpc_query_user()
via 40e3df7 s3:winbindd:getgrnam: also produce a group struct for a user with ID_TYPE_BOTH
via d2360fe s3:winbindd: create group structs for gids that are coming from a user sid id-mapped with ID_TYPE_BOTH
via 729e2c3 s3:winbindd: factor add_wbint_Principal_to_dict() out of wb_group_members_done()
via 3680cc4 s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent
via c0f47d4 s3:winbindd: rename winbindd_getgrnam_lookupsid_done to winbindd_getgrnam_lookupname_done
from bab61a2 s3:utils/net remove aclmapset command
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 394622ef8c916cf361f8596dba4664dc8d6bfc9e
Author: Michael Adam <obnox at samba.org>
Date: Tue Jan 22 18:08:25 2013 +0100
s3:winbindd: change getpwsid() to return a passwd struct for a group sid id-mapped with ID_TYPE_BOTH
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Jan 29 23:46:19 CET 2013 on sn-devel-104
commit b7095e9818bba8c43065cc1b1f29551203dc098b
Author: Michael Adam <obnox at samba.org>
Date: Tue Jan 22 17:39:44 2013 +0100
s3:winbindd: check the correct variable for talloc success in rpc_query_user()
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 40e3df7c37a15b28f170699ff9b8102416a9107f
Author: Michael Adam <obnox at samba.org>
Date: Fri Dec 7 00:55:18 2012 +0100
s3:winbindd:getgrnam: also produce a group struct for a user with ID_TYPE_BOTH
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d2360fe56c860fa20051f6373eb2fcc3e4def6b6
Author: Michael Adam <obnox at samba.org>
Date: Thu Dec 6 22:02:32 2012 +0100
s3:winbindd: create group structs for gids that are coming from a user sid id-mapped with ID_TYPE_BOTH
This "fake" group contains exctly one member, namely the user that the sid is
actually belonging to.
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 729e2c36301620ccc61b1d97205fb3f482efbe15
Author: Michael Adam <obnox at samba.org>
Date: Thu Dec 6 18:06:49 2012 +0100
s3:winbindd: factor add_wbint_Principal_to_dict() out of wb_group_members_done()
for later reuse
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 3680cc4a11ef5476457b580f8422d0ab82451173
Author: Michael Adam <obnox at samba.org>
Date: Fri Dec 7 16:13:19 2012 +0100
s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit c0f47d43ecf8b603dc7a05822933c5a9a1d23c7c
Author: Michael Adam <obnox at samba.org>
Date: Fri Dec 7 01:12:11 2012 +0100
s3:winbindd: rename winbindd_getgrnam_lookupsid_done to winbindd_getgrnam_lookupname_done
That's what it is.
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/winbindd/wb_fill_pwent.c | 2 +-
source3/winbindd/wb_getgrsid.c | 49 ++++++++++++++++++++++++++++
source3/winbindd/wb_getpwsid.c | 52 ++++++++++++++++++++++++-----
source3/winbindd/wb_group_members.c | 59 ++++++++++++++++++++++++----------
source3/winbindd/winbindd_getgrnam.c | 21 +++++++++---
source3/winbindd/winbindd_proto.h | 5 +++
source3/winbindd/winbindd_rpc.c | 2 +-
7 files changed, 157 insertions(+), 33 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c
index a6a9013..688afc6 100644
--- a/source3/winbindd/wb_fill_pwent.c
+++ b/source3/winbindd/wb_fill_pwent.c
@@ -120,7 +120,7 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq)
* We are filtering further down in sids2xids, but that filtering
* depends on the actual type of the sid handed in (as determined
* by lookupsids). Here we need to filter for the type of object
- * actually requested, in this case uid.
+ * actually requested, in this case gid.
*/
if (!(xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH)) {
tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
diff --git a/source3/winbindd/wb_getgrsid.c b/source3/winbindd/wb_getgrsid.c
index 2097539..fa376da 100644
--- a/source3/winbindd/wb_getgrsid.c
+++ b/source3/winbindd/wb_getgrsid.c
@@ -91,6 +91,11 @@ static void wb_getgrsid_lookupsid_done(struct tevent_req *subreq)
case SID_NAME_DOM_GRP:
case SID_NAME_ALIAS:
case SID_NAME_WKN_GRP:
+ /*
+ * also treat user-type SIDS (they might map to ID_TYPE_BOTH)
+ */
+ case SID_NAME_USER:
+ case SID_NAME_COMPUTER:
break;
default:
tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP);
@@ -132,6 +137,50 @@ static void wb_getgrsid_sid2gid_done(struct tevent_req *subreq)
state->gid = (gid_t)xid.id;
+ if (state->type == SID_NAME_USER || state->type == SID_NAME_COMPUTER) {
+ /*
+ * special treatment for a user sid that is
+ * mapped to ID_TYPE_BOTH:
+ * create a group with the sid/xid as only member
+ */
+ char *name;
+
+ if (xid.type != ID_TYPE_BOTH) {
+ tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP);
+ return;
+ }
+
+ state->members = talloc_dict_init(state);
+ if (tevent_req_nomem(state->members, req)) {
+ return;
+ }
+
+ name = fill_domain_username_talloc(talloc_tos(),
+ state->domname,
+ state->name,
+ true /* can_assume */);
+ if (tevent_req_nomem(name, req)) {
+ return;
+ }
+
+ status = add_wbint_Principal_to_dict(talloc_tos(),
+ &state->sid,
+ &name,
+ state->type,
+ state->members);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ tevent_req_done(req);
+ return;
+ }
+
+ /*
+ * the "regular" case of a group type sid.
+ */
+
subreq = wb_group_members_send(state, state->ev, &state->sid,
state->type, state->max_nesting);
if (tevent_req_nomem(subreq, req)) {
diff --git a/source3/winbindd/wb_getpwsid.c b/source3/winbindd/wb_getpwsid.c
index ef54ee5..df8b0f2 100644
--- a/source3/winbindd/wb_getpwsid.c
+++ b/source3/winbindd/wb_getpwsid.c
@@ -67,12 +67,10 @@ static void wb_getpwsid_queryuser_done(struct tevent_req *subreq)
status = wb_queryuser_recv(subreq, state, &state->userinfo);
TALLOC_FREE(subreq);
- if (tevent_req_nterror(req, status)) {
- return;
- }
-
- if ((state->userinfo->acct_name != NULL)
- && (state->userinfo->acct_name[0] != '\0')) {
+ if (NT_STATUS_IS_OK(status)
+ && (state->userinfo->acct_name != NULL)
+ && (state->userinfo->acct_name[0] != '\0'))
+ {
/*
* QueryUser got us a name, let's got directly to the
* fill_pwent step
@@ -87,10 +85,25 @@ static void wb_getpwsid_queryuser_done(struct tevent_req *subreq)
}
/*
- * QueryUser didn't get us a name, do it via LSA.
+ * Either query_user did not succeed, or it
+ * succeeded but did not return an acct_name.
+ * (TODO: Can this happen at all???)
+ * ==> Try lsa_lookupsids.
*/
- subreq = wb_lookupsid_send(state, state->ev,
- &state->userinfo->user_sid);
+ if (state->userinfo == NULL) {
+ state->userinfo = talloc_zero(state, struct wbint_userinfo);
+ if (tevent_req_nomem(state->userinfo, req)) {
+ return;
+ }
+
+ /* a successful query_user call would have filled these */
+ sid_copy(&state->userinfo->user_sid, &state->sid);
+ state->userinfo->homedir = NULL;
+ state->userinfo->shell = NULL;
+ state->userinfo->primary_gid = (gid_t)-1;
+ }
+
+ subreq = wb_lookupsid_send(state, state->ev, &state->sid);
if (tevent_req_nomem(subreq, req)) {
return;
}
@@ -113,6 +126,27 @@ static void wb_getpwsid_lookupsid_done(struct tevent_req *subreq)
if (tevent_req_nterror(req, status)) {
return;
}
+
+ switch (type) {
+ case SID_NAME_USER:
+ case SID_NAME_COMPUTER:
+ /*
+ * user case: we only need the account name from lookup_sids
+ */
+ break;
+ case SID_NAME_DOM_GRP:
+ case SID_NAME_ALIAS:
+ case SID_NAME_WKN_GRP:
+ /*
+ * also treat group-type SIDs (they might map to ID_TYPE_BOTH)
+ */
+ sid_copy(&state->userinfo->group_sid, &state->sid);
+ break;
+ default:
+ tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
+ return;
+ }
+
subreq = wb_fill_pwent_send(state, state->ev, state->userinfo,
state->pw);
if (tevent_req_nomem(subreq, req)) {
diff --git a/source3/winbindd/wb_group_members.c b/source3/winbindd/wb_group_members.c
index e4b4c0a..ecd07cf 100644
--- a/source3/winbindd/wb_group_members.c
+++ b/source3/winbindd/wb_group_members.c
@@ -349,6 +349,42 @@ static NTSTATUS wb_group_members_next_subreq(
return NT_STATUS_OK;
}
+
+/**
+ * compose a wbint_Principal and add it to talloc_dict
+ *
+ * NOTE: this has a side effect: *name needs to be talloc'd
+ * and it is talloc_move'd to mem_ctx.
+ */
+NTSTATUS add_wbint_Principal_to_dict(TALLOC_CTX *mem_ctx,
+ struct dom_sid *sid,
+ const char **name,
+ enum lsa_SidType type,
+ struct talloc_dict *dict)
+{
+ struct wbint_Principal *m;
+ DATA_BLOB key;
+ bool ok;
+
+ m = talloc(mem_ctx, struct wbint_Principal);
+ if (m == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ sid_copy(&m->sid, sid);
+ m->name = talloc_move(m, name);
+ m->type = type;
+
+ key = data_blob_const(&m->sid, sizeof(m->sid));
+
+ ok = talloc_dict_set(dict, key, &m);
+ if (!ok) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
static void wb_group_members_done(struct tevent_req *subreq)
{
struct tevent_req *req = tevent_req_callback_data(
@@ -397,26 +433,15 @@ static void wb_group_members_done(struct tevent_req *subreq)
/*
* Add a copy of members[i] to state->users
*/
- struct wbint_Principal *m;
- struct dom_sid *sid;
- DATA_BLOB key;
-
- m = talloc(talloc_tos(), struct wbint_Principal);
- if (tevent_req_nomem(m, req)) {
+ status = add_wbint_Principal_to_dict(talloc_tos(),
+ &members[i].sid,
+ &members[i].name,
+ members[i].type,
+ state->users);
+ if (tevent_req_nterror(req, status)) {
return;
}
- sid_copy(&m->sid, &members[i].sid);
- m->name = talloc_move(m, &members[i].name);
- m->type = members[i].type;
-
- sid = &members[i].sid;
- key = data_blob_const(
- sid, ndr_size_dom_sid(sid, 0));
- if (!talloc_dict_set(state->users, key, &m)) {
- tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
- return;
- }
break;
}
case SID_NAME_DOM_GRP:
diff --git a/source3/winbindd/winbindd_getgrnam.c b/source3/winbindd/winbindd_getgrnam.c
index 9460ff4..bc970cb 100644
--- a/source3/winbindd/winbindd_getgrnam.c
+++ b/source3/winbindd/winbindd_getgrnam.c
@@ -30,7 +30,7 @@ struct winbindd_getgrnam_state {
struct talloc_dict *members;
};
-static void winbindd_getgrnam_lookupsid_done(struct tevent_req *subreq);
+static void winbindd_getgrnam_lookupname_done(struct tevent_req *subreq);
static void winbindd_getgrnam_done(struct tevent_req *subreq);
struct tevent_req *winbindd_getgrnam_send(TALLOC_CTX *mem_ctx,
@@ -81,12 +81,12 @@ struct tevent_req *winbindd_getgrnam_send(TALLOC_CTX *mem_ctx,
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
- tevent_req_set_callback(subreq, winbindd_getgrnam_lookupsid_done,
+ tevent_req_set_callback(subreq, winbindd_getgrnam_lookupname_done,
req);
return req;
}
-static void winbindd_getgrnam_lookupsid_done(struct tevent_req *subreq)
+static void winbindd_getgrnam_lookupname_done(struct tevent_req *subreq)
{
struct tevent_req *req = tevent_req_callback_data(
subreq, struct tevent_req);
@@ -101,8 +101,19 @@ static void winbindd_getgrnam_lookupsid_done(struct tevent_req *subreq)
return;
}
- if ( (type != SID_NAME_DOM_GRP) && (type != SID_NAME_ALIAS) ) {
- DEBUG(5,("getgrnam_recv: not a group!\n"));
+ switch (type) {
+ case SID_NAME_DOM_GRP:
+ case SID_NAME_ALIAS:
+ case SID_NAME_WKN_GRP:
+ /*
+ * Also give user types a chance:
+ * These might be user sids mapped to the ID_TYPE_BOTH,
+ * and in that case we should construct a group struct.
+ */
+ case SID_NAME_USER:
+ case SID_NAME_COMPUTER:
+ break;
+ default:
tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP);
return;
}
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 33b0f01..00b7c32 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -643,6 +643,11 @@ struct tevent_req *wb_group_members_send(TALLOC_CTX *mem_ctx,
int max_depth);
NTSTATUS wb_group_members_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
struct talloc_dict **members);
+NTSTATUS add_wbint_Principal_to_dict(TALLOC_CTX *mem_ctx,
+ struct dom_sid *sid,
+ const char **name,
+ enum lsa_SidType type,
+ struct talloc_dict *dict);
struct tevent_req *wb_getgrsid_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index a96dbb1..44deeb0 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -526,7 +526,7 @@ NTSTATUS rpc_query_user(TALLOC_CTX *mem_ctx,
user_info->full_name = talloc_strdup(user_info,
info->info21.full_name.string);
if ((info->info21.full_name.string != NULL) &&
- (user_info->acct_name == NULL))
+ (user_info->full_name == NULL))
{
return NT_STATUS_NO_MEMORY;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list