Kill RID-only and domain+RID madness from winbind.

Now we deal with SIDs in almost all of winbind (a couple of limited exceptions
remain, but I'm looking into them - they use non-winbind structs ATM).

This has particular benifits in returning out-of-domain SIDs for group
membership (Need to look into this a bit more) as well as general code quality.

This also removes much of the complexity from the idmap interface, which now
only deals with mapping IDs, not with SID->domain translations.

Breifly tested, but needs more.  Fixes some valgrind-found bugs from my
previous commit.

Winbind cache chagned to using SID strings in some places, as I could not
follow exactly how to save and restore multiple packed sids properly.

Andrew Bartlett
(This used to be commit 9247cf08c40f016a924d600ac906cfc6a7016777)

1 files changed, 12 insertions, 16 deletions

diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h
index a498b76626..8bd8a83748 100644
--- a/source3/nsswitch/winbindd.h
+++ b/source3/nsswitch/winbindd.h
@@ -63,7 +63,8 @@ struct getent_state {
 struct getpwent_user {
 	fstring name;                        /* Account name */
 	fstring gecos;                       /* User information */
-	uint32 user_rid, group_rid;          /* NT user and group rids */
+	DOM_SID user_sid;                    /* NT user and primary group SIDs */
+	DOM_SID group_sid;
 };
 
 /* Server state structure */
@@ -81,8 +82,8 @@ extern struct winbindd_state server_state;  /* Server information */
 typedef struct {
 	char *acct_name;
 	char *full_name;
-	uint32 user_rid;
-	uint32 group_rid; /* primary group */
+	DOM_SID *user_sid;                    /* NT user and primary group SIDs */
+	DOM_SID *group_sid;
 } WINBIND_USERINFO;
 
 /* Structures to hold per domain information */
@@ -138,6 +139,7 @@ struct winbindd_methods {
 				    
 	/* convert one user or group name to a sid */
 	NTSTATUS (*name_to_sid)(struct winbindd_domain *domain,
+				TALLOC_CTX *mem_ctx,
 				const char *name,
 				DOM_SID *sid,
 				enum SID_NAME_USE *type);
@@ -149,10 +151,10 @@ struct winbindd_methods {
 				char **name,
 				enum SID_NAME_USE *type);
 
-	/* lookup user info for a given rid */
+	/* lookup user info for a given SID */
 	NTSTATUS (*query_user)(struct winbindd_domain *domain, 
 			       TALLOC_CTX *mem_ctx, 
-			       uint32 user_rid, 
+			       DOM_SID *user_sid,
 			       WINBIND_USERINFO *user_info);
 
 	/* lookup all groups that a user is a member of. The backend
@@ -160,14 +162,15 @@ struct winbindd_methods {
 	   function */
 	NTSTATUS (*lookup_usergroups)(struct winbindd_domain *domain,
 				      TALLOC_CTX *mem_ctx,
-				      uint32 user_rid, 
-				      uint32 *num_groups, uint32 **user_gids);
+				      DOM_SID *user_sid,
+				      uint32 *num_groups, DOM_SID ***user_gids);
 
 	/* find all members of the group with the specified group_rid */
 	NTSTATUS (*lookup_groupmem)(struct winbindd_domain *domain,
 				    TALLOC_CTX *mem_ctx,
-				    uint32 group_rid, uint32 *num_names, 
-				    uint32 **rid_mem, char ***names, 
+				    DOM_SID *group_sid,
+				    uint32 *num_names, 
+				    DOM_SID ***sid_mem, char ***names, 
 				    uint32 **name_types);
 
 	/* return the current global sequence number */
@@ -207,13 +210,6 @@ struct idmap_methods {
   BOOL (*get_uid_from_sid)(DOM_SID *sid, uid_t *uid);
   BOOL (*get_gid_from_sid)(DOM_SID *sid, gid_t *gid);
 
-  BOOL (*get_rid_from_uid)(uid_t uid, uint32 *user_rid, 
-                           struct winbindd_domain **domain);
-  BOOL (*get_rid_from_gid)(gid_t gid, uint32 *group_rid,
-                           struct winbindd_domain **domain);
-  BOOL (*get_uid_from_rid)(const char *dom_name, uint32 rid, uid_t *uid);
-  BOOL (*get_gid_from_rid)(const char *dom_name, uint32 rid, gid_t *gid);
-
   /* Called when backend is unloaded */
   BOOL (*close)(void);
   /* Called to dump backend status */