diff options
| author | Simo Sorce <idra@samba.org> | 2007-01-14 17:58:24 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:17:08 -0500 |
| commit | c50c8d0dc31b95a98e09b1cfdd2e54e4bac336f2 (patch) | |
| tree | 566e23e3e4956d2c01d48b779007fbbb4c7be21e | |
| parent | fb9a229643015fc6fea67bac9317f5d6a6283fc4 (diff) | |
| download | samba-c50c8d0dc31b95a98e09b1cfdd2e54e4bac336f2.tar.gz samba-c50c8d0dc31b95a98e09b1cfdd2e54e4bac336f2.tar.bz2 samba-c50c8d0dc31b95a98e09b1cfdd2e54e4bac336f2.zip | |
r20774: I thought I committed this before Xmas holidays ...
This change is needed to make it possible to not expire
caches in disconnected mode.
Jerry, please can you look at this and confirm it is ok?
Simo.
(This used to be commit 9e8715e4e15d9cede8f4aa9652642995392617e6)
| -rw-r--r-- | source3/auth/auth_util.c | 2 | ||||
| -rw-r--r-- | source3/include/smb.h | 8 | ||||
| -rw-r--r-- | source3/nsswitch/idmap.c | 53 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_ad.c | 18 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_cache.c | 40 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_ldap.c | 15 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_nss.c | 31 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_passdb.c | 22 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_rid.c | 21 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_tdb.c | 13 | ||||
| -rw-r--r-- | source3/nsswitch/idmap_util.c | 12 | ||||
| -rw-r--r-- | source3/nsswitch/wb_client.c | 4 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_async.c | 2 |
13 files changed, 146 insertions, 95 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index c1f58cfecd..94551cb8a5 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1048,7 +1048,7 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info) gid_t agid; if (wb) { - if ( ! ids[i].mapped) { + if (ids[i].status != ID_MAPPED) { DEBUG(10, ("Could not convert SID %s to gid, " "ignoring it\n", sid_string_static(ids[i].sid))); continue; diff --git a/source3/include/smb.h b/source3/include/smb.h index c029e09120..c03fdd89e4 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -273,6 +273,12 @@ typedef struct dom_sid { #define dom_sid2 dom_sid #define dom_sid28 dom_sid +enum id_mapping { + ID_UNKNOWN, + ID_MAPPED, + ID_UNMAPPED +}; + enum id_type { ID_TYPE_UID, ID_TYPE_GID @@ -286,7 +292,7 @@ struct unixid { struct id_map { DOM_SID *sid; struct unixid xid; - BOOL mapped; + enum id_mapping status; }; #include "librpc/ndr/misc.h" diff --git a/source3/nsswitch/idmap.c b/source3/nsswitch/idmap.c index bd81d1e83f..2bcff7b717 100644 --- a/source3/nsswitch/idmap.c +++ b/source3/nsswitch/idmap.c @@ -719,7 +719,7 @@ static NTSTATUS idmap_new_mapping(TALLOC_CTX *ctx, struct id_map *map) /* by default calls to winbindd are disabled the following call will not recurse so this is safe */ winbind_on(); - wbret =winbind_lookup_sid(ctx, map->sid, &domname, &name, &sid_type); + wbret = winbind_lookup_sid(ctx, map->sid, &domname, &name, &sid_type); winbind_off(); /* check if this is a valid SID and then map it */ @@ -750,7 +750,7 @@ static NTSTATUS idmap_new_mapping(TALLOC_CTX *ctx, struct id_map *map) } /* ok, got a new id, let's set a mapping */ - map->mapped = True; + map->status = ID_MAPPED; DEBUG(10, ("Setting mapping: %s <-> %s %lu\n", sid_string_static(map->sid), @@ -822,9 +822,9 @@ static NTSTATUS idmap_backends_unixids_to_sids(struct id_map **ids) _ids = ids; - /* make sure all maps are marked as false */ + /* make sure all maps are marked as in UNKNOWN status */ for (i = 0; _ids[i]; i++) { - _ids[i]->mapped = False; + _ids[i]->status = ID_UNKNOWN; } unmapped = NULL; @@ -840,7 +840,7 @@ static NTSTATUS idmap_backends_unixids_to_sids(struct id_map **ids) unmapped = NULL; for (i = 0, u = 0; _ids[i]; i++) { - if (_ids[i]->mapped == False) { + if (_ids[i]->status == ID_UNKNOWN || _ids[i]->status == ID_UNMAPPED) { unmapped = talloc_realloc(ctx, unmapped, struct id_map *, u + 2); IDMAP_CHECK_ALLOC(unmapped); unmapped[u] = _ids[i]; @@ -864,14 +864,14 @@ static NTSTATUS idmap_backends_unixids_to_sids(struct id_map **ids) switch (unmapped[i]->xid.type) { case ID_TYPE_UID: uid_to_unix_users_sid((uid_t)unmapped[i]->xid.id, unmapped[i]->sid); - unmapped[i]->mapped = True; + unmapped[i]->status = ID_MAPPED; break; case ID_TYPE_GID: gid_to_unix_groups_sid((gid_t)unmapped[i]->xid.id, unmapped[i]->sid); - unmapped[i]->mapped = True; + unmapped[i]->status = ID_MAPPED; break; default: /* what?! */ - unmapped[i]->mapped = False; + unmapped[i]->status = ID_UNKNOWN; break; } } @@ -913,8 +913,8 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids) for (i = 0; ids[i]; i++) { int dom_num; - /* make sure they are unmapped by default */ - ids[i]->mapped = False; + /* make sure they are unknown to start off */ + ids[i]->status = ID_UNKNOWN; for (dom_num = 0, dom = NULL; dom_num < num_domains; dom_num++) { if (idmap_domains[dom_num]->default_domain) { @@ -975,17 +975,18 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids) /* let's see if we have any unmapped SID left and act accordingly */ for (i = 0; ids[i]; i++) { - if ( ! ids[i]->mapped) { /* ok this is an unmapped one, see if we can map it */ + if (ids[i]->status == ID_UNKNOWN || ids[i]->status == ID_UNMAPPED) { + /* ok this is an unmapped one, see if we can map it */ ret = idmap_new_mapping(ctx, ids[i]); if (NT_STATUS_IS_OK(ret)) { /* successfully mapped */ - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; } else if (NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED)) { /* could not map it */ - ids[i]->mapped = False; - } else{ + ids[i]->status = ID_UNMAPPED; + } else { /* Something very bad happened down there */ - goto done; + ids[i]->status = ID_UNKNOWN; } } } @@ -1038,8 +1039,6 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids) ret = idmap_cache_map_id(idmap_cache, ids[i]); - /* TODO: handle NT_STATUS_SYNCHRONIZATION_REQUIRED for disconnected mode */ - if ( ! NT_STATUS_IS_OK(ret)) { if ( ! bids) { @@ -1080,9 +1079,14 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids) /* update the cache */ for (i = 0; i < bi; i++) { - if (bids[i]->mapped) { + if (bids[i]->status == ID_MAPPED) { ret = idmap_cache_set(idmap_cache, bids[i]); - } else { + } else if (bids[i]->status == ID_UNKNOWN) { + /* return an expired entry in the cache or an unknown */ + /* this handles a previous NT_STATUS_SYNCHRONIZATION_REQUIRED + * for disconnected mode */ + idmap_cache_map_id(idmap_cache, ids[i]); + } else { /* unmapped */ ret = idmap_cache_set_negative_id(idmap_cache, bids[i]); } IDMAP_CHECK_RET(ret); @@ -1132,8 +1136,6 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids) ret = idmap_cache_map_sid(idmap_cache, ids[i]); - /* TODO: handle NT_STATUS_SYNCHRONIZATION_REQUIRED for disconnected mode */ - if ( ! NT_STATUS_IS_OK(ret)) { if ( ! bids) { @@ -1174,8 +1176,13 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids) /* update the cache */ for (i = 0; bids[i]; i++) { - if (bids[i]->mapped) { + if (bids[i]->status == ID_MAPPED) { ret = idmap_cache_set(idmap_cache, bids[i]); + } else if (bids[i]->status == ID_UNKNOWN) { + /* return an expired entry in the cache or an unknown */ + /* this handles a previous NT_STATUS_SYNCHRONIZATION_REQUIRED + * for disconnected mode */ + idmap_cache_map_id(idmap_cache, ids[i]); } else { ret = idmap_cache_set_negative_sid(idmap_cache, bids[i]); } @@ -1199,7 +1206,7 @@ NTSTATUS idmap_set_mapping(const struct id_map *id) } /* sanity checks */ - if ((id->sid == NULL) || (! id->mapped)) { + if ((id->sid == NULL) || (id->status != ID_MAPPED)) { DEBUG(1, ("NULL SID or unmapped entry\n")); return NT_STATUS_INVALID_PARAMETER; } diff --git a/source3/nsswitch/idmap_ad.c b/source3/nsswitch/idmap_ad.c index 6195684d96..252e2159aa 100644 --- a/source3/nsswitch/idmap_ad.c +++ b/source3/nsswitch/idmap_ad.c @@ -336,7 +336,7 @@ again: default: DEBUG(3, ("Unknown ID type\n")); - ids[idx]->mapped = false; + ids[idx]->status = ID_UNKNOWN; continue; } } @@ -438,7 +438,7 @@ again: sid_copy(map->sid, &sid); /* mapped */ - map->mapped = True; + map->status = ID_MAPPED; DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_static(map->sid), @@ -455,6 +455,12 @@ again: } ret = NT_STATUS_OK; + + /* mark all unknwon ones as unmapped */ + for (i = 0; ids[i]; i++) { + if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED; + } + done: talloc_free(memctx); return ret; @@ -649,7 +655,7 @@ again: /* mapped */ map->xid.type = type; map->xid.id = id; - map->mapped = True; + map->status = ID_MAPPED; DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_static(map->sid), @@ -666,6 +672,12 @@ again: } ret = NT_STATUS_OK; + + /* mark all unknwon ones as unmapped */ + for (i = 0; ids[i]; i++) { + if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED; + } + done: talloc_free(memctx); return ret; diff --git a/source3/nsswitch/idmap_cache.c b/source3/nsswitch/idmap_cache.c index 535083fb2b..897dd9c4f5 100644 --- a/source3/nsswitch/idmap_cache.c +++ b/source3/nsswitch/idmap_cache.c @@ -304,7 +304,7 @@ NTSTATUS idmap_cache_fill_map(struct id_map *id, const char *value) goto failed; } - id->mapped = True; + id->status = ID_MAPPED; return NT_STATUS_OK; } @@ -331,13 +331,13 @@ NTSTATUS idmap_cache_fill_map(struct id_map *id, const char *value) goto failed; } - id->mapped = True; + id->status = ID_MAPPED; return NT_STATUS_OK; failed: DEBUG(1, ("invalid value: %s\n", value)); - id->mapped = False; + id->status = ID_UNKNOWN; return NT_STATUS_INTERNAL_DB_CORRUPTION; } @@ -354,11 +354,11 @@ BOOL idmap_cache_is_negative(const char *val) * 3 cases are possible * * 1 map found - * in this case id->mapped = True and NT_STATUS_OK is returned + * in this case id->status = ID_MAPPED and NT_STATUS_OK is returned * 2 map not found - * in this case id->mapped = False and NT_STATUS_NONE_MAPPED is returned + * in this case id->status = ID_UNKNOWN and NT_STATUS_NONE_MAPPED is returned * 3 negative cache found - * in this case id->mapped = False and NT_STATUS_OK is returned + * in this case id->status = ID_UNMAPPED and NT_STATUS_OK is returned * * As a special case if the cache is expired NT_STATUS_SYNCHRONIZATION_REQUIRED * is returned instead of NT_STATUS_OK. In this case revalidation of the cache @@ -374,7 +374,7 @@ NTSTATUS idmap_cache_map_sid(struct idmap_cache_ctx *cache, struct id_map *id) char *endptr; /* make sure it is marked as not mapped by default */ - id->mapped = False; + id->status = ID_UNKNOWN; ret = idmap_cache_build_sidkey(cache, &sidkey, id); if (!NT_STATUS_IS_OK(ret)) return ret; @@ -415,21 +415,21 @@ NTSTATUS idmap_cache_map_sid(struct idmap_cache_ctx *cache, struct id_map *id) goto done; } - /* here ret == NT_STATUS_OK and id->mapped = True */ + /* here ret == NT_STATUS_OK and id->status = ID_MAPPED */ if (t <= time(NULL)) { /* We're expired, set an error code for upper layer */ ret = NT_STATUS_SYNCHRONIZATION_REQUIRED; } } else { - /* this is not mapped (id->mapped = False), - * and that's right as it was a negative cache hit */ - ret = NT_STATUS_OK; - if (t <= time(NULL)) { /* We're expired, delete the entry and return not mapped */ tdb_delete(cache->tdb, keybuf); ret = NT_STATUS_NONE_MAPPED; + } else { + /* this is not mapped as it was a negative cache hit */ + id->status = ID_UNMAPPED; + ret = NT_STATUS_OK; } } @@ -444,11 +444,11 @@ done: * 3 cases are possible * * 1 map found - * in this case id->mapped = True and NT_STATUS_OK is returned + * in this case id->status = ID_MAPPED and NT_STATUS_OK is returned * 2 map not found - * in this case id->mapped = False and NT_STATUS_NONE_MAPPED is returned + * in this case id->status = ID_UNKNOWN and NT_STATUS_NONE_MAPPED is returned * 3 negative cache found - * in this case id->mapped = False and NT_STATUS_OK is returned + * in this case id->status = ID_UNMAPPED and NT_STATUS_OK is returned * * As a special case if the cache is expired NT_STATUS_SYNCHRONIZATION_REQUIRED * is returned instead of NT_STATUS_OK. In this case revalidation of the cache @@ -464,7 +464,7 @@ NTSTATUS idmap_cache_map_id(struct idmap_cache_ctx *cache, struct id_map *id) char *endptr; /* make sure it is marked as not mapped by default */ - id->mapped = False; + id->status = ID_UNKNOWN; ret = idmap_cache_build_idkey(cache, &idkey, id); if (!NT_STATUS_IS_OK(ret)) return ret; @@ -512,14 +512,14 @@ NTSTATUS idmap_cache_map_id(struct idmap_cache_ctx *cache, struct id_map *id) ret = NT_STATUS_SYNCHRONIZATION_REQUIRED; } } else { - /* this is not mapped (id->mapped = False), - * and that's right as it was a negative cache hit */ - ret = NT_STATUS_OK; - if (t <= time(NULL)) { /* We're expired, delete the entry and return not mapped */ tdb_delete(cache->tdb, keybuf); ret = NT_STATUS_NONE_MAPPED; + } else { + /* this is not mapped is it was a negative cache hit */ + id->status = ID_UNMAPPED; + ret = NT_STATUS_OK; } } done: diff --git a/source3/nsswitch/idmap_ldap.c b/source3/nsswitch/idmap_ldap.c index 672d0b7979..0ebff71297 100644 --- a/source3/nsswitch/idmap_ldap.c +++ b/source3/nsswitch/idmap_ldap.c @@ -974,7 +974,7 @@ again: TALLOC_FREE(sidstr); /* mapped */ - map->mapped = True; + map->status = ID_MAPPED; DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_static(map->sid), (unsigned long)map->xid.id, map->xid.type)); } @@ -991,6 +991,12 @@ again: ret = NT_STATUS_OK; + + /* mark all unknwon ones as unmapped */ + for (i = 0; ids[i]; i++) { + if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED; + } + done: talloc_free(memctx); return ret; @@ -1169,7 +1175,7 @@ again: /* mapped */ map->xid.type = type; map->xid.id = id; - map->mapped = True; + map->status = ID_MAPPED; DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_static(map->sid), (unsigned long)map->xid.id, map->xid.type)); } @@ -1186,6 +1192,11 @@ again: ret = NT_STATUS_OK; + /* mark all unknwon ones as unmapped */ + for (i = 0; ids[i]; i++) { + if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED; + } + done: talloc_free(memctx); return ret; diff --git a/source3/nsswitch/idmap_nss.c b/source3/nsswitch/idmap_nss.c index 014a193c6a..3cd8a8e8ea 100644 --- a/source3/nsswitch/idmap_nss.c +++ b/source3/nsswitch/idmap_nss.c @@ -62,7 +62,7 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma pw = getpwuid((uid_t)ids[i]->xid.id); if (!pw) { - ids[i]->mapped = False; + ids[i]->status = ID_UNMAPPED; continue; } name = pw->pw_name; @@ -71,13 +71,13 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma gr = getgrgid((gid_t)ids[i]->xid.id); if (!gr) { - ids[i]->mapped = False; + ids[i]->status = ID_UNMAPPED; continue; } name = gr->gr_name; break; default: /* ?? */ - ids[i]->mapped = False; + ids[i]->status = ID_UNKNOWN; continue; } @@ -89,17 +89,16 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma winbind_off(); if (!ret) { - ids[i]->mapped = False; + /* TODO: how do we know if the name is really not mapped, + * or something just failed ? */ + ids[i]->status = ID_UNMAPPED; continue; } - /* make sure it is marked as unmapped if types do not match */ - ids[i]->mapped = False; - switch (type) { case SID_NAME_USER: if (ids[i]->xid.type == ID_TYPE_UID) { - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; } break; @@ -107,11 +106,12 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma case SID_NAME_ALIAS: case SID_NAME_WKN_GRP: if (ids[i]->xid.type == ID_TYPE_GID) { - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; } break; default: + ids[i]->status = ID_UNKNOWN; break; } } @@ -151,13 +151,12 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma winbind_off(); if (!ret) { - ids[i]->mapped = False; + /* TODO: how do we know if the name is really not mapped, + * or something just failed ? */ + ids[i]->status = ID_UNMAPPED; continue; } - /* make sure it is marked as unmapped if types do not match */ - ids[i]->mapped = False; - switch (type) { case SID_NAME_USER: @@ -167,7 +166,7 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma if (pw) { ids[i]->xid.id = pw->pw_uid; ids[i]->xid.type = ID_TYPE_UID; - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; } break; @@ -179,12 +178,12 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma if (gr) { ids[i]->xid.id = gr->gr_gid; ids[i]->xid.type = ID_TYPE_GID; - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; } break; default: - ids[i]->mapped = False; + ids[i]->status = ID_UNKNOWN; break; } } diff --git a/source3/nsswitch/idmap_passdb.c b/source3/nsswitch/idmap_passdb.c index fdb14d6979..a5f8a084b3 100644 --- a/source3/nsswitch/idmap_passdb.c +++ b/source3/nsswitch/idmap_passdb.c @@ -43,15 +43,23 @@ static NTSTATUS idmap_pdb_unixids_to_sids(struct idmap_domain *dom, struct id_ma int i; for (i = 0; ids[i]; i++) { + + /* unmapped by default */ + ids[i]->status = ID_UNMAPPED; + switch (ids[i]->xid.type) { case ID_TYPE_UID: - ids[i]->mapped = pdb_uid_to_sid((uid_t)ids[i]->xid.id, ids[i]->sid); + if (pdb_uid_to_sid((uid_t)ids[i]->xid.id, ids[i]->sid)) { + ids[i]->status = ID_MAPPED; + } break; case ID_TYPE_GID: - ids[i]->mapped = pdb_gid_to_sid((gid_t)ids[i]->xid.id, ids[i]->sid); + if (pdb_gid_to_sid((gid_t)ids[i]->xid.id, ids[i]->sid)) { + ids[i]->status = ID_MAPPED; + } break; default: /* ?? */ - ids[i]->mapped = False; + ids[i]->status = ID_UNKNOWN; } } @@ -75,7 +83,7 @@ static NTSTATUS idmap_pdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma case SID_NAME_USER: ids[i]->xid.id = id.uid; ids[i]->xid.type = ID_TYPE_UID; - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; break; case SID_NAME_DOM_GRP: @@ -83,17 +91,17 @@ static NTSTATUS idmap_pdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma case SID_NAME_WKN_GRP: ids[i]->xid.id = id.gid; ids[i]->xid.type = ID_TYPE_GID; - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; break; default: /* ?? */ /* make sure it is marked as unmapped */ - ids[i]->mapped = False; + ids[i]->status = ID_UNKNOWN; break; } } else { /* Query Failed */ - ids[i]->mapped = False; + ids[i]->status = ID_UNMAPPED; } } diff --git a/source3/nsswitch/idmap_rid.c b/source3/nsswitch/idmap_rid.c index e74283e22e..5949aa4ba5 100644 --- a/source3/nsswitch/idmap_rid.c +++ b/source3/nsswitch/idmap_rid.c @@ -107,6 +107,7 @@ static NTSTATUS idmap_rid_id_to_sid(TALLOC_CTX *memctx, struct idmap_rid_context case SID_NAME_USER: if (map->xid.type != ID_TYPE_UID) { /* wrong type */ + map->status = ID_UNMAPPED; DEBUG(5, ("Resulting SID is of wrong ID type\n")); return NT_STATUS_NONE_MAPPED; } @@ -116,21 +117,26 @@ static NTSTATUS idmap_rid_id_to_sid(TALLOC_CTX *memctx, struct idmap_rid_context case SID_NAME_WKN_GRP: if (map->xid.type != ID_TYPE_GID) { /* wrong type */ + map->status = ID_UNMAPPED; DEBUG(5, ("Resulting SID is of wrong ID type\n")); return NT_STATUS_NONE_MAPPED; } break; default: - /* invalid sid, let's just leave it unmapped */ + /* invalid sid?? */ + map->status = ID_UNKNOWN; DEBUG(10, ("SID %s is UNKNOWN, skip mapping\n", sid_string_static(map->sid))); return NT_STATUS_NONE_MAPPED; } } else { + /* TODO: how do we known if the lookup was negative + * or something just failed? */ + map->status = ID_UNMAPPED; DEBUG(2, ("Failed: to resolve SID\n")); return NT_STATUS_UNSUCCESSFUL; } - map->mapped = True; + map->status = ID_MAPPED; return NT_STATUS_OK; } @@ -169,9 +175,13 @@ static NTSTATUS idmap_rid_sid_to_id(TALLOC_CTX *memctx, struct idmap_rid_context default: /* invalid sid, let's just leave it unmapped */ DEBUG(10, ("SID %s is UNKNOWN, skip mapping\n", sid_string_static(map->sid))); + map->status = ID_UNKNOWN; return NT_STATUS_NONE_MAPPED; } } else { + /* TODO: how do we known if the lookup was negative + * or something just failed? */ + map->status = ID_UNMAPPED; DEBUG(2, ("Failed: to resolve SID\n")); return NT_STATUS_UNSUCCESSFUL; } @@ -180,10 +190,11 @@ static NTSTATUS idmap_rid_sid_to_id(TALLOC_CTX *memctx, struct idmap_rid_context if ((map->xid.id < ctx->low_id) || (map->xid.id > ctx->high_id)) { DEBUG(5, ("Requested id (%u) out of range (%u - %u). Filtered!\n", map->xid.id, ctx->low_id, ctx->high_id)); + map->status = ID_UNMAPPED; return NT_STATUS_NONE_MAPPED; } - map->mapped = True; + map->status = ID_MAPPED; return NT_STATUS_OK; } @@ -208,8 +219,6 @@ static NTSTATUS idmap_rid_unixids_to_sids(struct idmap_domain *dom, struct id_ma } for (i = 0; ids[i]; i++) { - /* make sure it is marked as unmapped before resolveing */ - ids[i]->mapped = False; ret = idmap_rid_id_to_sid(ctx, ridctx, ids[i]); @@ -244,8 +253,6 @@ static NTSTATUS idmap_rid_sids_to_unixids(struct idmap_domain *dom, struct id_ma } for (i = 0; ids[i]; i++) { - /* make sure it is marked as unmapped before resolveing */ - ids[i]->mapped = False; ret = idmap_rid_sid_to_id(ctx, ridctx, ids[i]); diff --git a/source3/nsswitch/idmap_tdb.c b/source3/nsswitch/idmap_tdb.c index 4a382d4d89..ef004daa3e 100644 --- a/source3/nsswitch/idmap_tdb.c +++ b/source3/nsswitch/idmap_tdb.c @@ -809,7 +809,7 @@ static NTSTATUS idmap_tdb_unixids_to_sids(struct idmap_domain *dom, struct id_ma if (NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED)) { /* make sure it is marked as unmapped */ - ids[i]->mapped = False; + ids[i]->status = ID_UNMAPPED; continue; } @@ -818,7 +818,7 @@ static NTSTATUS idmap_tdb_unixids_to_sids(struct idmap_domain *dom, struct id_ma } /* all ok, id is mapped */ - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; } ret = NT_STATUS_OK; @@ -847,7 +847,7 @@ static NTSTATUS idmap_tdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma if (NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED)) { /* make sure it is marked as unmapped */ - ids[i]->mapped = False; + ids[i]->status = ID_UNMAPPED; continue; } @@ -856,7 +856,7 @@ static NTSTATUS idmap_tdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma } /* all ok, id is mapped */ - ids[i]->mapped = True; + ids[i]->status = ID_MAPPED; } ret = NT_STATUS_OK; @@ -1132,18 +1132,19 @@ static int idmap_tdb_dump_one_entry(TDB_CONTEXT *tdb, TDB_DATA key, TDB_DATA val /* Try a UID record. */ if (sscanf(value.dptr, "UID %u", &(maps[num_maps].xid.id)) == 1) { maps[num_maps].xid.type = ID_TYPE_UID; - maps[num_maps].mapped = True; + maps[num_maps].status = ID_MAPPED; *data->num_maps = num_maps + 1; /* Try a GID record. */ } else if (sscanf(value.dptr, "GID %u", &(maps[num_maps].xid.id)) == 1) { maps[num_maps].xid.type = ID_TYPE_GID; - maps[num_maps].mapped = True; + maps[num_maps].status = ID_MAPPED; *data->num_maps = num_maps + 1; /* Unknown record type ! */ } else { + maps[num_maps].status = ID_UNKNOWN; DEBUG(2, ("Found INVALID record %s -> %s\n", key.dptr, value.dptr)); /* do not increment num_maps */ } diff --git a/source3/nsswitch/idmap_util.c b/source3/nsswitch/idmap_util.c index 8199ebbbd8..540dafaa73 100644 --- a/source3/nsswitch/idmap_util.c +++ b/source3/nsswitch/idmap_util.c @@ -49,7 +49,7 @@ NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid) return ret; } - if ( ! map.mapped) { + if (map.status != ID_MAPPED) { DEBUG(10, ("uid [%lu] not mapped\n", (unsigned long)uid)); return NT_STATUS_NONE_MAPPED; } @@ -83,7 +83,7 @@ NTSTATUS idmap_gid_to_sid(DOM_SID *sid, gid_t gid) return ret; } - if ( ! map.mapped) { + if (map.status != ID_MAPPED) { DEBUG(10, ("gid [%lu] not mapped\n", (unsigned long)gid)); return NT_STATUS_NONE_MAPPED; } @@ -115,8 +115,8 @@ NTSTATUS idmap_sid_to_uid(DOM_SID *sid, uid_t *uid) return ret; } - if (( ! map.mapped) || (map.xid.type != ID_TYPE_UID)) { - DEBUG(10, ("sid [%s] not mapped to an uid [%u,%u,%u]\n", sid_string_static(sid), map.mapped, map.xid.type, map.xid.id)); + if ((map.status != ID_MAPPED) || (map.xid.type != ID_TYPE_UID)) { + DEBUG(10, ("sid [%s] not mapped to an uid [%u,%u,%u]\n", sid_string_static(sid), map.status, map.xid.type, map.xid.id)); return NT_STATUS_NONE_MAPPED; } @@ -149,8 +149,8 @@ NTSTATUS idmap_sid_to_gid(DOM_SID *sid, gid_t *gid) return ret; } - if (( ! map.mapped) || (map.xid.type != ID_TYPE_GID)) { - DEBUG(10, ("sid [%s] not mapped to an gid [%u,%u,%u]\n", sid_string_static(sid), map.mapped, map.xid.type, map.xid.id)); + if ((map.status != ID_MAPPED) || (map.xid.type != ID_TYPE_GID)) { + DEBUG(10, ("sid [%s] not mapped to an gid [%u,%u,%u]\n", sid_string_static(sid), map.status, map.xid.type, map.xid.id)); return NT_STATUS_NONE_MAPPED; } diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c index 53179de8f1..613bb1cc60 100644 --- a/source3/nsswitch/wb_client.c +++ b/source3/nsswitch/wb_client.c @@ -392,9 +392,9 @@ BOOL winbind_sids_to_unixids(struct id_map *ids, int num_ids) for (i = 0; i < num_ids; i++) { if (wid[i].type == -1) { - ids[i].mapped = False; + ids[i].status = ID_UNMAPPED; } else { - ids[i].mapped = True; + ids[i].status = ID_MAPPED; ids[i].xid.type = wid[i].type; ids[i].xid.id = wid[i].id; } diff --git a/source3/nsswitch/winbindd_async.c b/source3/nsswitch/winbindd_async.c index 7bedd5a0fd..d70d6a0806 100644 --- a/source3/nsswitch/winbindd_async.c +++ b/source3/nsswitch/winbindd_async.c @@ -303,7 +303,7 @@ enum winbindd_result winbindd_dual_sids2xids(struct winbindd_domain *domain, } for (i = 0; i < num; i++) { - if (ids[i]->mapped) { + if (ids[i]->status == ID_MAPPED) { xids[i].type = ids[i]->xid.type; xids[i].id = ids[i]->xid.id; } else { |