diff options
-rw-r--r-- | source3/include/proto.h | 1 | ||||
-rw-r--r-- | source3/winbindd/idmap_util.c | 19 |
2 files changed, 20 insertions, 0 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index f7d5e8f8f5..bc55eaff07 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6051,6 +6051,7 @@ NTSTATUS idmap_uid_to_sid(const char *domname, struct dom_sid *sid, uid_t uid); NTSTATUS idmap_gid_to_sid(const char *domname, struct dom_sid *sid, gid_t gid); NTSTATUS idmap_sid_to_uid(const char *dom_name, struct dom_sid *sid, uid_t *uid); NTSTATUS idmap_sid_to_gid(const char *domname, struct dom_sid *sid, gid_t *gid); +bool idmap_unix_id_is_in_range(uint32_t id, struct idmap_domain *dom); /* The following definitions come from winbindd/nss_info.c */ diff --git a/source3/winbindd/idmap_util.c b/source3/winbindd/idmap_util.c index 70c109a7a5..3afe9f8607 100644 --- a/source3/winbindd/idmap_util.c +++ b/source3/winbindd/idmap_util.c @@ -287,3 +287,22 @@ backend: } return NT_STATUS_OK; } + +/** + * check whether a given unix id is inside the filter range of an idmap domain + */ +bool idmap_unix_id_is_in_range(uint32_t id, struct idmap_domain *dom) +{ + if (id == 0) { + /* 0 is not an allowed unix id for id mapping */ + return false; + } + + if ((dom->low_id && (id < dom->low_id)) || + (dom->high_id && (id > dom->high_id))) + { + return false; + } + + return true; +} |