diff options
| author | Simo Sorce <idra@samba.org> | 2006-12-12 14:52:13 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:16:25 -0500 |
| commit | 4225f9a4bd5eece4d57820bbabb7b882610aa7cc (patch) | |
| tree | e9dc08eba6d786b9ca17d784244cea7f3829d832 /source3/auth | |
| parent | 18f9156d96cba17adc199d0e8c4cf1d6c9ae1960 (diff) | |
| download | samba-4225f9a4bd5eece4d57820bbabb7b882610aa7cc.tar.gz samba-4225f9a4bd5eece4d57820bbabb7b882610aa7cc.tar.bz2 samba-4225f9a4bd5eece4d57820bbabb7b882610aa7cc.zip | |
r20116: Start merging in the work done to create the new idmap subsystem.
Simo.
(This used to be commit 50cd8bffeeed2cac755f75fc3d76fe41c451976b)
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_util.c | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 870dc9b5d0..709d77bb36 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -841,6 +841,8 @@ static struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, NTSTATUS status; gid_t gid; + DEBUG(10, ("Create local NT token for %s\n", sid_string_static(user_sid))); + if (!(result = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) { DEBUG(0, ("talloc failed\n")); return NULL; @@ -980,6 +982,7 @@ static struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, NTSTATUS create_local_token(auth_serversupplied_info *server_info) { TALLOC_CTX *mem_ctx; + struct id_map *ids; NTSTATUS status; size_t i; @@ -1027,23 +1030,33 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info) server_info->groups = NULL; /* Start at index 1, where the groups start. */ + ids = talloc_zero_array(mem_ctx, struct id_map, server_info->ptok->num_sids); + for (i = 0; i < server_info->ptok->num_sids-1; i++) { + ids[i].sid = &server_info->ptok->user_sids[i + 1]; /* store the sids */ + } - for (i=1; i<server_info->ptok->num_sids; i++) { - gid_t gid; - DOM_SID *sid = &server_info->ptok->user_sids[i]; + if (!winbind_sids_to_unixids(ids, server_info->ptok->num_sids-1)) { + DEBUG(2, ("Query to map secondary SIDs failed!\n")); + } - if (!sid_to_gid(sid, &gid)) { + for (i = 0; i < server_info->ptok->num_sids-1; i++) { + if ( ! ids[i].mapped) { DEBUG(10, ("Could not convert SID %s to gid, " - "ignoring it\n", sid_string_static(sid))); + "ignoring it\n", sid_string_static(ids[i].sid))); continue; } - if (!add_gid_to_array_unique(server_info, gid, &server_info->groups, + if ( ! ids[i].xid.type == ID_TYPE_UID) { + DEBUG(10, ("SID %s is a User ID (%u) not a Group ID, " + "ignoring it\n", sid_string_static(ids[i].sid), ids[i].xid.id)); + continue; + } + if (!add_gid_to_array_unique(server_info, (gid_t)ids[i].xid.id, &server_info->groups, &server_info->n_groups)) { TALLOC_FREE(mem_ctx); return NT_STATUS_NO_MEMORY; } } - + debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok); status = log_nt_token(mem_ctx, server_info->ptok); |