diff options
-rw-r--r-- | source3/include/proto.h | 4 | ||||
-rw-r--r-- | source3/winbindd/idmap.c | 94 | ||||
-rw-r--r-- | source3/winbindd/idmap_util.c | 34 | ||||
-rw-r--r-- | source3/winbindd/winbindd_idmap.c | 4 |
4 files changed, 98 insertions, 38 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 665a86d2c8..43420985a3 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -10486,8 +10486,8 @@ NTSTATUS idmap_allocate_uid(struct unixid *id); NTSTATUS idmap_allocate_gid(struct unixid *id); NTSTATUS idmap_set_uid_hwm(struct unixid *id); NTSTATUS idmap_set_gid_hwm(struct unixid *id); -NTSTATUS idmap_unixids_to_sids(struct id_map **ids, int n_ids); -NTSTATUS idmap_sids_to_unixids(struct id_map **ids, int n_ids); +NTSTATUS idmap_unixids_to_sids(struct id_map **ids); +NTSTATUS idmap_sids_to_unixids(struct id_map **ids); NTSTATUS idmap_set_mapping(const struct id_map *id); char *idmap_fetch_secret(const char *backend, bool alloc, const char *domain, const char *identity); diff --git a/source3/winbindd/idmap.c b/source3/winbindd/idmap.c index 504be22292..db17245b92 100644 --- a/source3/winbindd/idmap.c +++ b/source3/winbindd/idmap.c @@ -1177,8 +1177,7 @@ done: return ret; } -static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids, int - num_ids) +static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids) { struct id_map ***dom_ids; struct idmap_domain *dom; @@ -1206,7 +1205,7 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids, int /* partition the requests by domain */ - for (i = 0; i < num_ids; i++) { + for (i = 0; ids[i]; i++) { uint32 idx; if ((dom = find_idmap_domain_from_sid(ids[i]->sid)) == NULL) { @@ -1246,7 +1245,7 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids, int /* ok all the backends have been contacted at this point */ /* let's see if we have any unmapped SID left and act accordingly */ - for (i = 0; i < num_ids; i++) { + for (i = 0; ids[i]; i++) { /* NOTE: this will NOT touch ID_EXPIRED entries that the backend * was not able to confirm/deny (offline mode) */ if (ids[i]->status == ID_UNKNOWN || @@ -1279,7 +1278,7 @@ done: idmap interface functions **************************************************************************/ -NTSTATUS idmap_unixids_to_sids(struct id_map **ids, int n_ids) +NTSTATUS idmap_unixids_to_sids(struct id_map **ids) { TALLOC_CTX *ctx; NTSTATUS ret; @@ -1307,7 +1306,7 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids, int n_ids) bids = NULL; bi = 0; - for (i = 0; i < n_ids; i++) { + for (i = 0; ids[i]; i++) { bool found, mapped, expired; @@ -1332,12 +1331,38 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids, int n_ids) * Need to ask the backend */ - ADD_TO_ARRAY(ctx, struct id_map *, ids[i], &bids, &bn); - if (bids == NULL) { - DEBUG(1, ("Out of memory!\n")); - talloc_free(ctx); - return NT_STATUS_NO_MEMORY; + if ( ! bids) { + /* alloc space for ids to be resolved by + * backends (realloc ten by ten) */ + bids = TALLOC_ARRAY(ctx, struct id_map *, 10); + if ( ! bids) { + DEBUG(1, ("Out of memory!\n")); + talloc_free(ctx); + return NT_STATUS_NO_MEMORY; + } + bn = 10; } + + /* add this id to the ones to be retrieved + * from the backends */ + bids[bi] = ids[i]; + bi++; + + /* check if we need to allocate new space + * on the rids array */ + if (bi == bn) { + bn += 10; + bids = talloc_realloc(ctx, bids, + struct id_map *, bn); + if ( ! bids) { + DEBUG(1, ("Out of memory!\n")); + talloc_free(ctx); + return NT_STATUS_NO_MEMORY; + } + } + + /* make sure the last element is NULL */ + bids[bi] = NULL; } } @@ -1383,12 +1408,12 @@ done: return ret; } -NTSTATUS idmap_sids_to_unixids(struct id_map **ids, int n_ids) +NTSTATUS idmap_sids_to_unixids(struct id_map **ids) { TALLOC_CTX *ctx; NTSTATUS ret; struct id_map **bids; - int i; + int i, bi; int bn = 0; struct winbindd_domain *our_domain = find_our_domain(); @@ -1409,8 +1434,9 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids, int n_ids) /* no ids to be asked to the backends by default */ bids = NULL; + bi = 0; - for (i = 0; i < n_ids; i++) { + for (i = 0; ids[i]; i++) { bool found, mapped, expired; @@ -1435,12 +1461,38 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids, int n_ids) * Need to ask the backends */ - ADD_TO_ARRAY(ctx, struct id_map *, ids[i], &bids, &bn); - if (bids == NULL) { - DEBUG(1, ("Out of memory!\n")); - talloc_free(ctx); - return NT_STATUS_NO_MEMORY; + if ( ! bids) { + /* alloc space for ids to be resolved + by backends (realloc ten by ten) */ + bids = TALLOC_ARRAY(ctx, struct id_map *, 10); + if ( ! bids) { + DEBUG(1, ("Out of memory!\n")); + talloc_free(ctx); + return NT_STATUS_NO_MEMORY; + } + bn = 10; + } + + /* add this id to the ones to be retrieved + * from the backends */ + bids[bi] = ids[i]; + bi++; + + /* check if we need to allocate new space + * on the ids array */ + if (bi == bn) { + bn += 10; + bids = talloc_realloc(ctx, bids, + struct id_map *, bn); + if ( ! bids) { + DEBUG(1, ("Out of memory!\n")); + talloc_free(ctx); + return NT_STATUS_NO_MEMORY; + } } + + /* make sure the last element is NULL */ + bids[bi] = NULL; } } @@ -1453,11 +1505,11 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids, int n_ids) goto done; } - ret = idmap_backends_sids_to_unixids(bids, bn); + ret = idmap_backends_sids_to_unixids(bids); IDMAP_CHECK_RET(ret); /* update the cache */ - for (i = 0; i < bn; i++) { + for (i = 0; bids[i]; i++) { if (bids[i]->status == ID_MAPPED) { ret = idmap_cache_set(bids[i]); } else if (bids[i]->status == ID_EXPIRED) { diff --git a/source3/winbindd/idmap_util.c b/source3/winbindd/idmap_util.c index 9819fe15f0..78f4d13ec1 100644 --- a/source3/winbindd/idmap_util.c +++ b/source3/winbindd/idmap_util.c @@ -31,16 +31,18 @@ NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid) { NTSTATUS ret; struct id_map map; - struct id_map *maps; + struct id_map *maps[2]; DEBUG(10,("uid = [%lu]\n", (unsigned long)uid)); map.sid = sid; map.xid.type = ID_TYPE_UID; map.xid.id = uid; - maps = ↦ - ret = idmap_unixids_to_sids(&maps, 1); + maps[0] = ↦ + maps[1] = NULL; + + ret = idmap_unixids_to_sids(maps); if ( ! NT_STATUS_IS_OK(ret)) { DEBUG(10, ("error mapping uid [%lu]\n", (unsigned long)uid)); return ret; @@ -63,16 +65,18 @@ NTSTATUS idmap_gid_to_sid(DOM_SID *sid, gid_t gid) { NTSTATUS ret; struct id_map map; - struct id_map *maps; + struct id_map *maps[2]; DEBUG(10,("gid = [%lu]\n", (unsigned long)gid)); map.sid = sid; map.xid.type = ID_TYPE_GID; map.xid.id = gid; - maps = ↦ - ret = idmap_unixids_to_sids(&maps, 1); + maps[0] = ↦ + maps[1] = NULL; + + ret = idmap_unixids_to_sids(maps); if ( ! NT_STATUS_IS_OK(ret)) { DEBUG(10, ("error mapping gid [%lu]\n", (unsigned long)gid)); return ret; @@ -95,15 +99,17 @@ NTSTATUS idmap_sid_to_uid(DOM_SID *sid, uid_t *uid) { NTSTATUS ret; struct id_map map; - struct id_map *maps; + struct id_map *maps[2]; DEBUG(10,("idmap_sid_to_uid: sid = [%s]\n", sid_string_dbg(sid))); map.sid = sid; - map.xid.type = ID_TYPE_UID; - maps = ↦ + map.xid.type = ID_TYPE_UID; - ret = idmap_sids_to_unixids(&maps, 1); + maps[0] = ↦ + maps[1] = NULL; + + ret = idmap_sids_to_unixids(maps); if ( ! NT_STATUS_IS_OK(ret)) { DEBUG(10, ("error mapping sid [%s] to uid\n", sid_string_dbg(sid))); @@ -133,15 +139,17 @@ NTSTATUS idmap_sid_to_gid(DOM_SID *sid, gid_t *gid) { NTSTATUS ret; struct id_map map; - struct id_map *maps; + struct id_map *maps[2]; DEBUG(10,("idmap_sid_to_gid: sid = [%s]\n", sid_string_dbg(sid))); map.sid = sid; map.xid.type = ID_TYPE_GID; - maps = ↦ - ret = idmap_sids_to_unixids(&maps, 1); + maps[0] = ↦ + maps[1] = NULL; + + ret = idmap_sids_to_unixids(maps); if ( ! NT_STATUS_IS_OK(ret)) { DEBUG(10, ("error mapping sid [%s] to gid\n", sid_string_dbg(sid))); diff --git a/source3/winbindd/winbindd_idmap.c b/source3/winbindd/winbindd_idmap.c index 98f8548083..3c7aa2d0c2 100644 --- a/source3/winbindd/winbindd_idmap.c +++ b/source3/winbindd/winbindd_idmap.c @@ -224,7 +224,7 @@ enum winbindd_result winbindd_dual_sids2xids(struct winbindd_domain *domain, sids = (DOM_SID *)state->request.extra_data.data; num = state->request.extra_len / sizeof(DOM_SID); - ids = TALLOC_ARRAY(state->mem_ctx, struct id_map *, num); + ids = TALLOC_ZERO_ARRAY(state->mem_ctx, struct id_map *, num + 1); if ( ! ids) { DEBUG(0, ("Out of memory!\n")); return WINBINDD_ERROR; @@ -239,7 +239,7 @@ enum winbindd_result winbindd_dual_sids2xids(struct winbindd_domain *domain, ids[i]->sid = &sids[i]; } - result = idmap_sids_to_unixids(ids, num); + result = idmap_sids_to_unixids(ids); if (NT_STATUS_IS_OK(result)) { |