summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2009-08-02 10:43:05 +0200
committerVolker Lendecke <vl@samba.org>2009-08-02 11:24:48 +0200
commit4f147388c0512fc291cc53764c017d7117154afc (patch)
treeb4a4ee3fba145c2c2710c4c782d653b245d96fdc
parent62fec968193e8a96ccffef216aba30ffb681d33a (diff)
downloadsamba-4f147388c0512fc291cc53764c017d7117154afc.tar.gz
samba-4f147388c0512fc291cc53764c017d7117154afc.tar.bz2
samba-4f147388c0512fc291cc53764c017d7117154afc.zip
Refactor 9b78af1f: Fix lookupname recursion
Pass a "flags" argument instead of the original winbind command down the name_to_sid chain. This way we are independent of the winbind commands and can take the decision at a much higher level
-rw-r--r--source3/winbindd/winbindd.h2
-rw-r--r--source3/winbindd/winbindd_ads.c6
-rw-r--r--source3/winbindd/winbindd_cache.c6
-rw-r--r--source3/winbindd/winbindd_passdb.c16
-rw-r--r--source3/winbindd/winbindd_reconnect.c11
-rw-r--r--source3/winbindd/winbindd_rpc.c2
-rw-r--r--source3/winbindd/winbindd_util.c11
7 files changed, 24 insertions, 30 deletions
diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index 732b9a3614..64fb8851df 100644
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -247,9 +247,9 @@ struct winbindd_methods {
/* convert one user or group name to a sid */
NTSTATUS (*name_to_sid)(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- enum winbindd_cmd orig_cmd,
const char *domain_name,
const char *name,
+ uint32_t flags,
DOM_SID *sid,
enum lsa_SidType *type);
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 08afb46674..137a88505c 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -404,14 +404,14 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
/* convert a single name to a sid in a domain - use rpc methods */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- enum winbindd_cmd orig_cmd,
const char *domain_name,
const char *name,
+ uint32_t flags,
DOM_SID *sid,
enum lsa_SidType *type)
{
- return reconnect_methods.name_to_sid(domain, mem_ctx, orig_cmd,
- domain_name, name,
+ return reconnect_methods.name_to_sid(domain, mem_ctx,
+ domain_name, name, flags,
sid, type);
}
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 6c14f9d76a..b8872a18d4 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -1608,9 +1608,9 @@ skip_save:
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- enum winbindd_cmd orig_cmd,
const char *domain_name,
const char *name,
+ uint32_t flags,
DOM_SID *sid,
enum lsa_SidType *type)
{
@@ -1657,8 +1657,8 @@ do_query:
DEBUG(10,("name_to_sid: [Cached] - doing backend query for name for domain %s\n",
domain->name ));
- status = domain->backend->name_to_sid(domain, mem_ctx, orig_cmd,
- domain_name, name, sid, type);
+ status = domain->backend->name_to_sid(domain, mem_ctx, domain_name,
+ name, flags, sid, type);
/* and save it */
refresh_sequence_number(domain, false);
diff --git a/source3/winbindd/winbindd_passdb.c b/source3/winbindd/winbindd_passdb.c
index b959bfc9ad..b6e572d197 100644
--- a/source3/winbindd/winbindd_passdb.c
+++ b/source3/winbindd/winbindd_passdb.c
@@ -88,25 +88,15 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- enum winbindd_cmd original_cmd,
const char *domain_name,
const char *name,
+ uint32_t flags,
DOM_SID *sid,
enum lsa_SidType *type)
{
const char *fullname;
- uint32 flags = LOOKUP_NAME_ALL;
-
- switch ( original_cmd ) {
- case WINBINDD_LOOKUPNAME:
- /* This call is ok */
- break;
- default:
- /* Avoid any NSS calls in the lookup_name by default */
- flags |= LOOKUP_NAME_NO_NSS;
- DEBUG(10,("winbindd_passdb: limiting name_to_sid() to explicit mappings\n"));
- break;
- }
+
+ flags |= LOOKUP_NAME_ALL;
if (domain_name && domain_name[0] && strchr_m(name, '\\') == NULL) {
fullname = talloc_asprintf(mem_ctx, "%s\\%s",
diff --git a/source3/winbindd/winbindd_reconnect.c b/source3/winbindd/winbindd_reconnect.c
index 25debccc5a..1d71a75458 100644
--- a/source3/winbindd/winbindd_reconnect.c
+++ b/source3/winbindd/winbindd_reconnect.c
@@ -83,21 +83,20 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- enum winbindd_cmd orig_cmd,
const char *domain_name,
const char *name,
+ uint32_t flags,
DOM_SID *sid,
enum lsa_SidType *type)
{
NTSTATUS result;
- result = msrpc_methods.name_to_sid(domain, mem_ctx, orig_cmd,
- domain_name, name,
- sid, type);
+ result = msrpc_methods.name_to_sid(domain, mem_ctx, domain_name, name,
+ flags, sid, type);
if (NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))
- result = msrpc_methods.name_to_sid(domain, mem_ctx, orig_cmd,
- domain_name, name,
+ result = msrpc_methods.name_to_sid(domain, mem_ctx,
+ domain_name, name, flags,
sid, type);
return result;
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index 50ccbae6b2..17ffffe5da 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -267,9 +267,9 @@ static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
/* convert a single name to a sid in a domain */
static NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- enum winbindd_cmd original_cmd,
const char *domain_name,
const char *name,
+ uint32_t flags,
DOM_SID *sid,
enum lsa_SidType *type)
{
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 99b4542f0b..c564ef9f51 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -886,9 +886,14 @@ bool winbindd_lookup_sid_by_name(TALLOC_CTX *mem_ctx,
{
NTSTATUS result;
- /* Lookup name */
- result = domain->methods->name_to_sid(domain, mem_ctx, orig_cmd,
- domain_name, name, sid, type);
+ /*
+ * For all but LOOKUPNAME we have to avoid nss calls to avoid
+ * recursion
+ */
+ result = domain->methods->name_to_sid(
+ domain, mem_ctx, domain_name, name,
+ orig_cmd == WINBINDD_LOOKUPNAME ? 0 : LOOKUP_NAME_NO_NSS,
+ sid, type);
/* Return sid and type if lookup successful */
if (!NT_STATUS_IS_OK(result)) {