diff options
Diffstat (limited to 'source3/winbindd')
-rw-r--r-- | source3/winbindd/wb_fill_pwent.c | 36 |
1 files changed, 32 insertions, 4 deletions
diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c index 62b1b4a189..a6a9013419 100644 --- a/source3/winbindd/wb_fill_pwent.c +++ b/source3/winbindd/wb_fill_pwent.c @@ -54,7 +54,7 @@ struct tevent_req *wb_fill_pwent_send(TALLOC_CTX *mem_ctx, state->info = info; state->pw = pw; - subreq = wb_sid2uid_send(state, state->ev, &state->info->user_sid); + subreq = wb_sids2xids_send(state, state->ev, &state->info->user_sid, 1); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } @@ -69,14 +69,28 @@ static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq) struct wb_fill_pwent_state *state = tevent_req_data( req, struct wb_fill_pwent_state); NTSTATUS status; + struct unixid xid; - status = wb_sid2uid_recv(subreq, &state->pw->pw_uid); + status = wb_sids2xids_recv(subreq, &xid); TALLOC_FREE(subreq); if (tevent_req_nterror(req, status)) { return; } - subreq = wb_sid2gid_send(state, state->ev, &state->info->group_sid); + /* + * We are filtering further down in sids2xids, but that filtering + * depends on the actual type of the sid handed in (as determined + * by lookupsids). Here we need to filter for the type of object + * actually requested, in this case uid. + */ + if (!(xid.type == ID_TYPE_UID || xid.type == ID_TYPE_BOTH)) { + tevent_req_nterror(req, NT_STATUS_NONE_MAPPED); + return; + } + + state->pw->pw_uid = (uid_t)xid.id; + + subreq = wb_sids2xids_send(state, state->ev, &state->info->group_sid, 1); if (tevent_req_nomem(subreq, req)) { return; } @@ -94,13 +108,27 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq) fstring user_name, output_username; char *mapped_name = NULL; NTSTATUS status; + struct unixid xid; - status = wb_sid2gid_recv(subreq, &state->pw->pw_gid); + status = wb_sids2xids_recv(subreq, &xid); TALLOC_FREE(subreq); if (tevent_req_nterror(req, status)) { return; } + /* + * We are filtering further down in sids2xids, but that filtering + * depends on the actual type of the sid handed in (as determined + * by lookupsids). Here we need to filter for the type of object + * actually requested, in this case uid. + */ + if (!(xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH)) { + tevent_req_nterror(req, NT_STATUS_NONE_MAPPED); + return; + } + + state->pw->pw_gid = (gid_t)xid.id; + domain = find_domain_from_sid_noinit(&state->info->user_sid); if (domain == NULL) { tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER); |