diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-06-13 14:06:08 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-06-13 14:06:08 +0000 |
| commit | bad738e6536e983064eee7647229354bc9028183 (patch) | |
| tree | a3f36ff7035d676e28d60c0249dfdbf37cac6317 /source3/nsswitch | |
| parent | 2154ebce84c6cf376e7183e8c5f7ad0e17aead97 (diff) | |
| download | samba-bad738e6536e983064eee7647229354bc9028183.tar.gz samba-bad738e6536e983064eee7647229354bc9028183.tar.bz2 samba-bad738e6536e983064eee7647229354bc9028183.zip | |
Latest patch from metze <metze@metzemix.de> to move most of samba across
to using SIDs instead of RIDs.
The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument.
The idea here is to prevent mistakes where the SID is implict, but isn't
the same one that we have in the struct.
Andrew Bartlett
(This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
Diffstat (limited to 'source3/nsswitch')
| -rw-r--r-- | source3/nsswitch/winbindd_ads.c | 10 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_cache.c | 3 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_group.c | 3 |
3 files changed, 9 insertions, 7 deletions
diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index 545ee411a4..28aeb39730 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -273,7 +273,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, continue; } - if (!sid_peek_rid(&sid, &rid)) { + if (!sid_peek_check_rid(&domain->sid, &sid, &rid)) { DEBUG(1,("No rid for %s !?\n", name)); continue; } @@ -356,7 +356,7 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, continue; } - if (!sid_peek_rid(&sid, &rid)) { + if (!sid_peek_check_rid(&domain->sid, &sid, &rid)) { DEBUG(1,("No rid for %s !?\n", name)); continue; } @@ -584,7 +584,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, goto done; } - if (!sid_peek_rid(&sid, &info->user_rid)) { + if (!sid_peek_check_rid(&domain->sid,&sid, &info->user_rid)) { DEBUG(1,("No rid for %d !?\n", user_rid)); goto done; } @@ -662,7 +662,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, for (i=1;i<count;i++) { uint32 rid; - if (!sid_peek_rid(&sids[i-1], &rid)) continue; + if (!sid_peek_check_rid(&domain->sid, &sids[i-1], &rid)) continue; (*user_gids)[*num_groups] = rid; (*num_groups)++; } @@ -737,7 +737,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, DEBUG(1,("No sid for %s !?\n", (*names)[*num_names])); continue; } - if (!sid_peek_rid(&sid, &rid)) { + if (!sid_peek_check_rid(&domain->sid, &sid, &rid)) { DEBUG(1,("No rid for %s !?\n", (*names)[*num_names])); continue; } diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c index dcb93fa3b5..d9ed63baf8 100644 --- a/source3/nsswitch/winbindd_cache.c +++ b/source3/nsswitch/winbindd_cache.c @@ -658,7 +658,8 @@ static NTSTATUS sid_to_name(struct winbindd_domain *domain, NTSTATUS status; uint32 rid = 0; - sid_peek_rid(sid, &rid); + if (!sid_peek_check_rid(&domain->sid, sid, &rid)) + return NT_STATUS_INVALID_PARAMETER; if (!cache->tdb) goto do_query; diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index 4ef57513bb..ab8e1cfd78 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -228,7 +228,8 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) } /* Fill in group structure */ - sid_peek_rid(&group_sid, &group_rid); + if (!sid_peek_check_rid(&domain->sid, &group_sid, &group_rid)) + return WINBINDD_ERROR; if (!winbindd_idmap_get_gid_from_sid(&group_sid, &gid)) { DEBUG(1, ("error converting unix gid to sid\n")); |