diff options
| author | Jeremy Allison <jra@samba.org> | 2008-08-14 21:52:11 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2008-08-14 21:52:11 -0700 |
| commit | 8bda4e059edba4807feeafa88cb90e16ca7a1d91 (patch) | |
| tree | d050fc4a4dc8fdc7839f2c2fa13904d4a40e3c12 | |
| parent | 9ab5cffcfa3320ec298e8759e96efa1670ebd770 (diff) | |
| download | samba-8bda4e059edba4807feeafa88cb90e16ca7a1d91.tar.gz samba-8bda4e059edba4807feeafa88cb90e16ca7a1d91.tar.bz2 samba-8bda4e059edba4807feeafa88cb90e16ca7a1d91.zip | |
Fix show-stopper for 3.2. Smbd depends on group SID
position zero being the primary group sid. Authenicating
via winbindd call returned a non-sorted sid list. This
fixes is for both a winbindd call and a pac list from
an info3 struct. Without this we mess up the
primary group associated with created files. Found by
Herb.
Jeremy.
(This used to be commit cb925dec85cfc4cfc194c3ff76dbeba2bd2178d7)
| -rw-r--r-- | source3/auth/auth_util.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 98884eaddb..9220df01c0 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -27,6 +27,34 @@ #define DBGC_CLASS DBGC_AUTH /**************************************************************************** + Ensure primary group SID is always at position 0 in a + auth_serversupplied_info struct. +****************************************************************************/ + +static void sort_sid_array_for_smbd(auth_serversupplied_info *result, + const DOM_SID *pgroup_sid) +{ + unsigned int i; + + if (!result->sids) { + return; + } + + if (sid_compare(&result->sids[0], pgroup_sid)==0) { + return; + } + + for (i = 1; i < result->num_sids; i++) { + if (sid_compare(pgroup_sid, + &result->sids[i]) == 0) { + sid_copy(&result->sids[i], &result->sids[0]); + sid_copy(&result->sids[0], pgroup_sid); + return; + } + } +} + +/**************************************************************************** Create a UNIX user on demand. ****************************************************************************/ @@ -1742,6 +1770,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, return nt_status; } + /* Ensure the primary group sid is at position 0. */ + sort_sid_array_for_smbd(result, &group_sid); + result->login_server = talloc_strdup(result, info3->base.logon_server.string); @@ -1987,6 +2018,9 @@ NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx, memcpy(&result->sids[i], &info->sids[i+2].sid, sizeof(result->sids[i])); } + /* Ensure the primary group sid is at position 0. */ + sort_sid_array_for_smbd(result, &group_sid); + /* ensure we are never given NULL session keys */ ZERO_STRUCT(zeros); |