summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/nsswitch/winbindd_group.c42
1 files changed, 31 insertions, 11 deletions
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index 7b4529144e..0e6c98e5d3 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -942,16 +942,14 @@ static void add_gid_to_array_unique(gid_t gid, gid_t **gids, int *num)
*num += 1;
}
-static void add_gids_from_sid(DOM_SID *sid, gid_t **gids, int *num)
+static void add_local_gids_from_sid(DOM_SID *sid, gid_t **gids, int *num)
{
gid_t gid;
DOM_SID *aliases;
int j, num_aliases;
- DEBUG(10, ("Adding gids from SID: %s\n", sid_string_static(sid)));
-
- if (NT_STATUS_IS_OK(idmap_sid_to_gid(sid, &gid, 0)))
- add_gid_to_array_unique(gid, gids, num);
+ DEBUG(10, ("Adding local gids from SID: %s\n",
+ sid_string_static(sid)));
/* Don't expand aliases if not explicitly activated -- for now
-- jerry */
@@ -974,6 +972,27 @@ static void add_gids_from_sid(DOM_SID *sid, gid_t **gids, int *num)
SAFE_FREE(aliases);
}
+static void add_gids_from_user_sid(DOM_SID *sid, gid_t **gids, int *num)
+{
+ DEBUG(10, ("Adding gids from user SID: %s\n",
+ sid_string_static(sid)));
+
+ add_local_gids_from_sid(sid, gids, num);
+}
+
+static void add_gids_from_group_sid(DOM_SID *sid, gid_t **gids, int *num)
+{
+ gid_t gid;
+
+ DEBUG(10, ("Adding gids from group SID: %s\n",
+ sid_string_static(sid)));
+
+ if (NT_STATUS_IS_OK(idmap_sid_to_gid(sid, &gid, 0)))
+ add_gid_to_array_unique(gid, gids, num);
+
+ add_local_gids_from_sid(sid, gids, num);
+}
+
/* Get user supplementary groups. This is much quicker than trying to
invert the groups database. We merge the groups from the gids and
other_sids info3 fields as trusted domain, universal group
@@ -1039,7 +1058,7 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
goto done;
}
- add_gids_from_sid(&user_sid, &gid_list, &num_gids);
+ add_gids_from_user_sid(&user_sid, &gid_list, &num_gids);
/* Treat the info3 cache as authoritative as the
lookup_usergroups() function may return cached data. */
@@ -1083,8 +1102,8 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
continue;
}
- add_gids_from_sid(&info3->other_sids[i].sid,
- &gid_list, &num_gids);
+ add_gids_from_group_sid(&info3->other_sids[i].sid,
+ &gid_list, &num_gids);
if (gid_list == NULL)
goto done;
@@ -1097,7 +1116,8 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
sid_copy( &group_sid, &domain->sid );
sid_append_rid( &group_sid, info3->gids[i].g_rid );
- add_gids_from_sid(&group_sid, &gid_list, &num_gids);
+ add_gids_from_group_sid(&group_sid, &gid_list,
+ &num_gids);
if (gid_list == NULL)
goto done;
@@ -1116,8 +1136,8 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
goto done;
for (i = 0; i < num_groups; i++) {
- add_gids_from_sid(user_grpsids[i],
- &gid_list, &num_gids);
+ add_gids_from_group_sid(user_grpsids[i],
+ &gid_list, &num_gids);
if (gid_list == NULL)
goto done;
generated by cgit (git 2.34.1) at 2024-09-02 19:09:50 +0000