diff options
author | Simo Sorce <idra@samba.org> | 2006-08-08 15:33:09 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:38:35 -0500 |
commit | 3bb5b158017d5bad82bfb4a9e29187549e665446 (patch) | |
tree | 3d1e2b2808d1f3a6ae0aafad63d3ee37a9060087 /source3/nsswitch/winbindd_sid.c | |
parent | 21da07ba1fdbef9d8fadfb9bf9fa23afc0a665d1 (diff) | |
download | samba-3bb5b158017d5bad82bfb4a9e29187549e665446.tar.gz samba-3bb5b158017d5bad82bfb4a9e29187549e665446.tar.bz2 samba-3bb5b158017d5bad82bfb4a9e29187549e665446.zip |
r17459: As by Jerry's word commit this without his review.
This patch add some missing async functions to
solve UID/GID -> SID requests not just out of the cache,
but down the remote idmap if necessary.
This patch solves the problem of servers not showing users/groups names
for allocated UID/GIDs when joined to a group of servers that share a
prepopulated idmap backend.
Also correctly resolve UID/GIDs to SIDs when looking ACLs from the
windows security tab on teh same situation.
Simo.
(This used to be commit b8578bfab6a04fcd65a2e65f507067459e326077)
Diffstat (limited to 'source3/nsswitch/winbindd_sid.c')
-rw-r--r-- | source3/nsswitch/winbindd_sid.c | 46 |
1 files changed, 42 insertions, 4 deletions
diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c index 4a9e17e4c7..7af6373167 100644 --- a/source3/nsswitch/winbindd_sid.c +++ b/source3/nsswitch/winbindd_sid.c @@ -297,11 +297,12 @@ static void uid2sid_lookupname_recv(void *private_data, BOOL success, enum SID_NAME_USE type); static void uid2sid_idmap_set_mapping_recv(void *private_data, BOOL success); +static void uid2sid_recv(void *private_data, BOOL success, const char *sid); + void winbindd_uid_to_sid(struct winbindd_cli_state *state) { DOM_SID sid; NTSTATUS status; - struct uid2sid_state *uid2sid_state; DEBUG(3, ("[%5lu]: uid to sid %lu\n", (unsigned long)state->pid, (unsigned long)state->request.data.uid)); @@ -322,6 +323,25 @@ void winbindd_uid_to_sid(struct winbindd_cli_state *state) return; } + winbindd_uid2sid_async(state->mem_ctx, state->request.data.uid, uid2sid_recv, state); +} + +static void uid2sid_recv(void *private_data, BOOL success, const char *sid) +{ + struct winbindd_cli_state *state = private_data; + struct uid2sid_state *uid2sid_state; + + if (success) { + DEBUG(10,("uid2sid: uid %lu has sid %s\n", + (unsigned long)(state->request.data.uid), sid)); + fstrcpy(state->response.data.sid.sid, sid); + state->response.data.sid.type = SID_NAME_USER; + request_ok(state); + return; + } + + /* preexisitng mapping not found go on */ + if (is_in_uid_range(state->request.data.uid)) { /* This is winbind's, so we should better have succeeded * above. */ @@ -337,9 +357,6 @@ void winbindd_uid_to_sid(struct winbindd_cli_state *state) return; } - /* The only chance that this is correct is that winbind trusted - * domains only = yes, and the user exists in nss and the domain. */ - uid2sid_state = TALLOC_ZERO_P(state->mem_ctx, struct uid2sid_state); if (uid2sid_state == NULL) { DEBUG(0, ("talloc failed\n")); @@ -424,6 +441,8 @@ static void gid2sid_lookupname_recv(void *private_data, BOOL success, enum SID_NAME_USE type); static void gid2sid_idmap_set_mapping_recv(void *private_data, BOOL success); +static void gid2sid_recv(void *private_data, BOOL success, const char *sid); + void winbindd_gid_to_sid(struct winbindd_cli_state *state) { DOM_SID sid; @@ -449,6 +468,25 @@ void winbindd_gid_to_sid(struct winbindd_cli_state *state) return; } + winbindd_gid2sid_async(state->mem_ctx, state->request.data.gid, gid2sid_recv, state); +} + +static void gid2sid_recv(void *private_data, BOOL success, const char *sid) +{ + struct winbindd_cli_state *state = private_data; + struct gid2sid_state *gid2sid_state; + + if (success) { + DEBUG(10,("gid2sid: gid %lu has sid %s\n", + (unsigned long)(state->request.data.gid), sid)); + fstrcpy(state->response.data.sid.sid, sid); + state->response.data.sid.type = SID_NAME_DOM_GRP; + request_ok(state); + return; + } + + /* preexisitng mapping not found go on */ + if (is_in_gid_range(state->request.data.gid)) { /* This is winbind's, so we should better have succeeded * above. */ |