summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/nsswitch/winbindd_util.c220
1 files changed, 115 insertions, 105 deletions
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index a40efe7437..4f50c80c10 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -190,65 +190,66 @@ void free_domain_info(void)
BOOL lookup_domain_sid(char *domain_name, struct winbindd_domain *domain)
{
- fstring level5_dom;
- uint32 enum_ctx = 0, num_doms = 0;
- char **domains = NULL;
- DOM_SID *sids = NULL;
- CLI_POLICY_HND *hnd;
- NTSTATUS result;
- BOOL rv = False;
- TALLOC_CTX *mem_ctx;
+ fstring level5_dom;
+ uint32 enum_ctx = 0, num_doms = 0;
+ char **domains = NULL;
+ DOM_SID *sids = NULL;
+ CLI_POLICY_HND *hnd;
+ NTSTATUS result;
+ BOOL rv = False;
+ TALLOC_CTX *mem_ctx;
- DEBUG(1, ("looking up sid for domain %s\n", domain_name));
+ DEBUG(1, ("looking up sid for domain %s\n", domain_name));
- if (!(mem_ctx = talloc_init()))
- return False;
+ if (!(mem_ctx = talloc_init()))
+ return False;
- if (!(hnd = cm_get_lsa_handle(domain_name)))
- goto done;
+ if (!(hnd = cm_get_lsa_handle(domain_name)))
+ goto done;
- /* Do a level 5 query info policy if we are looking up the SID for
- our own domain. */
+ /* Do a level 5 query info policy if we are looking up the SID for
+ our own domain. */
- if (strequal(domain_name, lp_workgroup())) {
+ if (strequal(domain_name, lp_workgroup())) {
- result = cli_lsa_query_info_policy(hnd->cli, mem_ctx,
- &hnd->pol, 0x05, level5_dom,
- &domain->sid);
+ result = cli_lsa_query_info_policy(hnd->cli, mem_ctx,
+ &hnd->pol, 0x05, level5_dom,
+ &domain->sid);
- rv = NT_STATUS_IS_OK(result);
- goto done;
- }
+ rv = NT_STATUS_IS_OK(result);
+ goto done;
+ }
- /* Use lsaenumdomains to get sid for this domain */
+ /* Use lsaenumdomains to get sid for this domain */
- result = cli_lsa_enum_trust_dom(hnd->cli, mem_ctx, &hnd->pol,
- &enum_ctx, &num_doms, &domains, &sids);
+ result = cli_lsa_enum_trust_dom(hnd->cli, mem_ctx, &hnd->pol,
+ &enum_ctx, &num_doms, &domains, &sids);
- /* Look for domain name */
+ /* Look for domain name */
- if (NT_STATUS_IS_OK(result) && domains && sids) {
- BOOL found = False;
- int i;
+ if (NT_STATUS_IS_OK(result) && domains && sids) {
+ BOOL found = False;
+ int i;
- for(i = 0; i < num_doms; i++) {
- if (strequal(domain_name, domains[i])) {
- sid_copy(&domain->sid, &sids[i]);
- found = True;
- break;
- }
- }
+ for(i = 0; i < num_doms; i++) {
+ if (strequal(domain_name, domains[i])) {
+ sid_copy(&domain->sid, &sids[i]);
+ found = True;
+ break;
+ }
+ }
- rv = found;
- goto done;
- }
+ rv = found;
+ goto done;
+ }
- rv = False; /* An error occured with a trusted domain */
+ rv = False; /* An error occured with a trusted domain */
done:
- talloc_destroy(mem_ctx);
- return rv;
+ talloc_destroy(mem_ctx);
+
+ return rv;
}
/* Store a SID in a domain indexed by name in the cache. */
@@ -305,10 +306,64 @@ static BOOL winbindd_lookup_sid_by_name_in_cache(fstring name, DOM_SID *sid, enu
return True;
}
+/* Store a name in a domain indexed by SID in the cache. */
+
+static void store_name_by_sid_in_cache(DOM_SID *sid, fstring name, enum SID_NAME_USE type)
+{
+ fstring sid_str;
+ uint32 rid;
+ DOM_SID domain_sid;
+ struct winbindd_name name_val;
+ struct winbindd_domain *domain;
+
+ /* Split sid into domain sid and user rid */
+ sid_copy(&domain_sid, sid);
+ sid_split_rid(&domain_sid, &rid);
+
+ if ((domain = find_domain_from_sid(&domain_sid)) == NULL)
+ return;
+
+ sid_to_string(sid_str, sid);
+ fstrcpy( name_val.name, name );
+ name_val.type = (int)type;
+
+ winbindd_store_name_cache_entry(domain, sid_str, &name_val);
+}
+
+/* Lookup a name in a domain indexed by SID in the cache. */
+
+static BOOL winbindd_lookup_name_by_sid_in_cache(DOM_SID *sid, fstring name, enum SID_NAME_USE *type)
+{
+ fstring sid_str;
+ uint32 rid;
+ DOM_SID domain_sid;
+ struct winbindd_name name_ret;
+ struct winbindd_domain *domain;
+
+ /* Split sid into domain sid and user rid */
+ sid_copy(&domain_sid, sid);
+ sid_split_rid(&domain_sid, &rid);
+
+ if ((domain = find_domain_from_sid(&domain_sid)) == NULL)
+ return False;
+
+ sid_to_string(sid_str, sid);
+
+ if (!winbindd_fetch_name_cache_entry(domain, sid_str, &name_ret))
+ return False;
+
+ fstrcpy( name, name_ret.name );
+ *type = (enum SID_NAME_USE)name_ret.type;
+
+ DEBUG(10,("winbindd_lookup_name_by_sid_in_cache: Cache hit for SID = %s, name %s\n",
+ sid_str, name ));
+
+ return True;
+}
+
/* Lookup a sid in a domain from a name */
-BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid,
- enum SID_NAME_USE *type)
+BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *type)
{
int num_sids = 0, num_names = 1;
DOM_SID *sids = NULL;
@@ -356,10 +411,16 @@ BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid,
if ((type != NULL) && (types != NULL))
*type = types[0];
+ /* Store the forward and reverse map of this lookup in the cache. */
store_sid_by_name_in_cache(name, &sids[0], types[0]);
+ store_name_by_sid_in_cache(&sids[0], name, types[0]);
+ } else {
+ /* JRA. Here's where we add the -ve cache store with a name type of SID_NAME_USE_NONE. */
+ DOM_SID nullsid;
+
+ ZERO_STRUCT(nullsid);
+ store_sid_by_name_in_cache(name, &nullsid, SID_NAME_USE_NONE);
}
- /* JRA. Here's where we add the -ve cache store with a name type of SID_NAME_USE_NONE. */
- /* We need to know the error returns that W2K gives on "no such user". */
rv = NT_STATUS_IS_OK(result);
@@ -369,65 +430,9 @@ BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid,
return rv;
}
-/* Store a name in a domain indexed by SID in the cache. */
-
-static void store_name_by_sid_in_cache(DOM_SID *sid, fstring name, enum SID_NAME_USE type)
-{
- fstring sid_str;
- uint32 rid;
- DOM_SID domain_sid;
- struct winbindd_name name_val;
- struct winbindd_domain *domain;
-
- /* Split sid into domain sid and user rid */
- sid_copy(&domain_sid, sid);
- sid_split_rid(&domain_sid, &rid);
-
- if ((domain = find_domain_from_sid(&domain_sid)) == NULL)
- return;
-
- sid_to_string(sid_str, sid);
- fstrcpy( name_val.name, name );
- name_val.type = (int)type;
-
- winbindd_store_name_cache_entry(domain, sid_str, &name_val);
-}
-
-/* Lookup a name in a domain indexed by SID in the cache. */
-
-static BOOL winbindd_lookup_name_by_sid_in_cache(DOM_SID *sid, fstring name, enum SID_NAME_USE *type)
-{
- fstring sid_str;
- uint32 rid;
- DOM_SID domain_sid;
- struct winbindd_name name_ret;
- struct winbindd_domain *domain;
-
- /* Split sid into domain sid and user rid */
- sid_copy(&domain_sid, sid);
- sid_split_rid(&domain_sid, &rid);
-
- if ((domain = find_domain_from_sid(&domain_sid)) == NULL)
- return False;
-
- sid_to_string(sid_str, sid);
-
- if (!winbindd_fetch_name_cache_entry(domain, sid_str, &name_ret))
- return False;
-
- fstrcpy( name, name_ret.name );
- *type = (enum SID_NAME_USE)name_ret.type;
-
- DEBUG(10,("winbindd_lookup_name_by_sid_in_cache: Cache hit for SID = %s, name %s\n",
- sid_str, name ));
-
- return True;
-}
-
/* Lookup a name in a domain from a sid */
-BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, fstring name,
- enum SID_NAME_USE *type)
+BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, fstring name, enum SID_NAME_USE *type)
{
int num_sids = 1, num_names = 0;
uint32 *types = NULL;
@@ -470,10 +475,15 @@ BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, fstring name,
if ((type != NULL) && (types != NULL))
*type = types[0];
+ store_sid_by_name_in_cache(names[0], sid, types[0]);
store_name_by_sid_in_cache(sid, names[0], types[0]);
+ } else {
+ /* JRA. Here's where we add the -ve cache store with a name type of SID_NAME_USE_NONE. */
+ fstring sidstr;
+
+ sid_to_string(sidstr, sid);
+ store_name_by_sid_in_cache(sidstr, "", SID_NAME_USE_NONE);
}
- /* JRA. Here's where we add the -ve cache store with a name type of SID_NAME_USE_NONE. */
- /* We need to know the error returns that W2K gives on "no such user". */
rv = NT_STATUS_IS_OK(result);