diff options
| author | Jeremy Allison <jra@samba.org> | 2008-08-14 21:52:11 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2008-08-14 21:52:11 -0700 |
| commit | 8bda4e059edba4807feeafa88cb90e16ca7a1d91 (patch) | |
| tree | d050fc4a4dc8fdc7839f2c2fa13904d4a40e3c12 /source3/auth | |
| parent | 9ab5cffcfa3320ec298e8759e96efa1670ebd770 (diff) | |
| download | samba-8bda4e059edba4807feeafa88cb90e16ca7a1d91.tar.gz samba-8bda4e059edba4807feeafa88cb90e16ca7a1d91.tar.bz2 samba-8bda4e059edba4807feeafa88cb90e16ca7a1d91.zip | |
Fix show-stopper for 3.2. Smbd depends on group SID
position zero being the primary group sid. Authenicating
via winbindd call returned a non-sorted sid list. This
fixes is for both a winbindd call and a pac list from
an info3 struct. Without this we mess up the
primary group associated with created files. Found by
Herb.
Jeremy.
(This used to be commit cb925dec85cfc4cfc194c3ff76dbeba2bd2178d7)
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_util.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 98884eaddb..9220df01c0 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -27,6 +27,34 @@ #define DBGC_CLASS DBGC_AUTH /**************************************************************************** + Ensure primary group SID is always at position 0 in a + auth_serversupplied_info struct. +****************************************************************************/ + +static void sort_sid_array_for_smbd(auth_serversupplied_info *result, + const DOM_SID *pgroup_sid) +{ + unsigned int i; + + if (!result->sids) { + return; + } + + if (sid_compare(&result->sids[0], pgroup_sid)==0) { + return; + } + + for (i = 1; i < result->num_sids; i++) { + if (sid_compare(pgroup_sid, + &result->sids[i]) == 0) { + sid_copy(&result->sids[i], &result->sids[0]); + sid_copy(&result->sids[0], pgroup_sid); + return; + } + } +} + +/**************************************************************************** Create a UNIX user on demand. ****************************************************************************/ @@ -1742,6 +1770,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, return nt_status; } + /* Ensure the primary group sid is at position 0. */ + sort_sid_array_for_smbd(result, &group_sid); + result->login_server = talloc_strdup(result, info3->base.logon_server.string); @@ -1987,6 +2018,9 @@ NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx, memcpy(&result->sids[i], &info->sids[i+2].sid, sizeof(result->sids[i])); } + /* Ensure the primary group sid is at position 0. */ + sort_sid_array_for_smbd(result, &group_sid); + /* ensure we are never given NULL session keys */ ZERO_STRUCT(zeros); |