summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_util.c2
-rw-r--r--source3/include/smb.h8
-rw-r--r--source3/nsswitch/idmap.c53
-rw-r--r--source3/nsswitch/idmap_ad.c18
-rw-r--r--source3/nsswitch/idmap_cache.c40
-rw-r--r--source3/nsswitch/idmap_ldap.c15
-rw-r--r--source3/nsswitch/idmap_nss.c31
-rw-r--r--source3/nsswitch/idmap_passdb.c22
-rw-r--r--source3/nsswitch/idmap_rid.c21
-rw-r--r--source3/nsswitch/idmap_tdb.c13
-rw-r--r--source3/nsswitch/idmap_util.c12
-rw-r--r--source3/nsswitch/wb_client.c4
-rw-r--r--source3/nsswitch/winbindd_async.c2
13 files changed, 146 insertions, 95 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index c1f58cfecd..94551cb8a5 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1048,7 +1048,7 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
gid_t agid;
if (wb) {
- if ( ! ids[i].mapped) {
+ if (ids[i].status != ID_MAPPED) {
DEBUG(10, ("Could not convert SID %s to gid, "
"ignoring it\n", sid_string_static(ids[i].sid)));
continue;
diff --git a/source3/include/smb.h b/source3/include/smb.h
index c029e09120..c03fdd89e4 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -273,6 +273,12 @@ typedef struct dom_sid {
#define dom_sid2 dom_sid
#define dom_sid28 dom_sid
+enum id_mapping {
+ ID_UNKNOWN,
+ ID_MAPPED,
+ ID_UNMAPPED
+};
+
enum id_type {
ID_TYPE_UID,
ID_TYPE_GID
@@ -286,7 +292,7 @@ struct unixid {
struct id_map {
DOM_SID *sid;
struct unixid xid;
- BOOL mapped;
+ enum id_mapping status;
};
#include "librpc/ndr/misc.h"
diff --git a/source3/nsswitch/idmap.c b/source3/nsswitch/idmap.c
index bd81d1e83f..2bcff7b717 100644
--- a/source3/nsswitch/idmap.c
+++ b/source3/nsswitch/idmap.c
@@ -719,7 +719,7 @@ static NTSTATUS idmap_new_mapping(TALLOC_CTX *ctx, struct id_map *map)
/* by default calls to winbindd are disabled
the following call will not recurse so this is safe */
winbind_on();
- wbret =winbind_lookup_sid(ctx, map->sid, &domname, &name, &sid_type);
+ wbret = winbind_lookup_sid(ctx, map->sid, &domname, &name, &sid_type);
winbind_off();
/* check if this is a valid SID and then map it */
@@ -750,7 +750,7 @@ static NTSTATUS idmap_new_mapping(TALLOC_CTX *ctx, struct id_map *map)
}
/* ok, got a new id, let's set a mapping */
- map->mapped = True;
+ map->status = ID_MAPPED;
DEBUG(10, ("Setting mapping: %s <-> %s %lu\n",
sid_string_static(map->sid),
@@ -822,9 +822,9 @@ static NTSTATUS idmap_backends_unixids_to_sids(struct id_map **ids)
_ids = ids;
- /* make sure all maps are marked as false */
+ /* make sure all maps are marked as in UNKNOWN status */
for (i = 0; _ids[i]; i++) {
- _ids[i]->mapped = False;
+ _ids[i]->status = ID_UNKNOWN;
}
unmapped = NULL;
@@ -840,7 +840,7 @@ static NTSTATUS idmap_backends_unixids_to_sids(struct id_map **ids)
unmapped = NULL;
for (i = 0, u = 0; _ids[i]; i++) {
- if (_ids[i]->mapped == False) {
+ if (_ids[i]->status == ID_UNKNOWN || _ids[i]->status == ID_UNMAPPED) {
unmapped = talloc_realloc(ctx, unmapped, struct id_map *, u + 2);
IDMAP_CHECK_ALLOC(unmapped);
unmapped[u] = _ids[i];
@@ -864,14 +864,14 @@ static NTSTATUS idmap_backends_unixids_to_sids(struct id_map **ids)
switch (unmapped[i]->xid.type) {
case ID_TYPE_UID:
uid_to_unix_users_sid((uid_t)unmapped[i]->xid.id, unmapped[i]->sid);
- unmapped[i]->mapped = True;
+ unmapped[i]->status = ID_MAPPED;
break;
case ID_TYPE_GID:
gid_to_unix_groups_sid((gid_t)unmapped[i]->xid.id, unmapped[i]->sid);
- unmapped[i]->mapped = True;
+ unmapped[i]->status = ID_MAPPED;
break;
default: /* what?! */
- unmapped[i]->mapped = False;
+ unmapped[i]->status = ID_UNKNOWN;
break;
}
}
@@ -913,8 +913,8 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids)
for (i = 0; ids[i]; i++) {
int dom_num;
- /* make sure they are unmapped by default */
- ids[i]->mapped = False;
+ /* make sure they are unknown to start off */
+ ids[i]->status = ID_UNKNOWN;
for (dom_num = 0, dom = NULL; dom_num < num_domains; dom_num++) {
if (idmap_domains[dom_num]->default_domain) {
@@ -975,17 +975,18 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids)
/* let's see if we have any unmapped SID left and act accordingly */
for (i = 0; ids[i]; i++) {
- if ( ! ids[i]->mapped) { /* ok this is an unmapped one, see if we can map it */
+ if (ids[i]->status == ID_UNKNOWN || ids[i]->status == ID_UNMAPPED) {
+ /* ok this is an unmapped one, see if we can map it */
ret = idmap_new_mapping(ctx, ids[i]);
if (NT_STATUS_IS_OK(ret)) {
/* successfully mapped */
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
} else if (NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED)) {
/* could not map it */
- ids[i]->mapped = False;
- } else{
+ ids[i]->status = ID_UNMAPPED;
+ } else {
/* Something very bad happened down there */
- goto done;
+ ids[i]->status = ID_UNKNOWN;
}
}
}
@@ -1038,8 +1039,6 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids)
ret = idmap_cache_map_id(idmap_cache, ids[i]);
- /* TODO: handle NT_STATUS_SYNCHRONIZATION_REQUIRED for disconnected mode */
-
if ( ! NT_STATUS_IS_OK(ret)) {
if ( ! bids) {
@@ -1080,9 +1079,14 @@ NTSTATUS idmap_unixids_to_sids(struct id_map **ids)
/* update the cache */
for (i = 0; i < bi; i++) {
- if (bids[i]->mapped) {
+ if (bids[i]->status == ID_MAPPED) {
ret = idmap_cache_set(idmap_cache, bids[i]);
- } else {
+ } else if (bids[i]->status == ID_UNKNOWN) {
+ /* return an expired entry in the cache or an unknown */
+ /* this handles a previous NT_STATUS_SYNCHRONIZATION_REQUIRED
+ * for disconnected mode */
+ idmap_cache_map_id(idmap_cache, ids[i]);
+ } else { /* unmapped */
ret = idmap_cache_set_negative_id(idmap_cache, bids[i]);
}
IDMAP_CHECK_RET(ret);
@@ -1132,8 +1136,6 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids)
ret = idmap_cache_map_sid(idmap_cache, ids[i]);
- /* TODO: handle NT_STATUS_SYNCHRONIZATION_REQUIRED for disconnected mode */
-
if ( ! NT_STATUS_IS_OK(ret)) {
if ( ! bids) {
@@ -1174,8 +1176,13 @@ NTSTATUS idmap_sids_to_unixids(struct id_map **ids)
/* update the cache */
for (i = 0; bids[i]; i++) {
- if (bids[i]->mapped) {
+ if (bids[i]->status == ID_MAPPED) {
ret = idmap_cache_set(idmap_cache, bids[i]);
+ } else if (bids[i]->status == ID_UNKNOWN) {
+ /* return an expired entry in the cache or an unknown */
+ /* this handles a previous NT_STATUS_SYNCHRONIZATION_REQUIRED
+ * for disconnected mode */
+ idmap_cache_map_id(idmap_cache, ids[i]);
} else {
ret = idmap_cache_set_negative_sid(idmap_cache, bids[i]);
}
@@ -1199,7 +1206,7 @@ NTSTATUS idmap_set_mapping(const struct id_map *id)
}
/* sanity checks */
- if ((id->sid == NULL) || (! id->mapped)) {
+ if ((id->sid == NULL) || (id->status != ID_MAPPED)) {
DEBUG(1, ("NULL SID or unmapped entry\n"));
return NT_STATUS_INVALID_PARAMETER;
}
diff --git a/source3/nsswitch/idmap_ad.c b/source3/nsswitch/idmap_ad.c
index 6195684d96..252e2159aa 100644
--- a/source3/nsswitch/idmap_ad.c
+++ b/source3/nsswitch/idmap_ad.c
@@ -336,7 +336,7 @@ again:
default:
DEBUG(3, ("Unknown ID type\n"));
- ids[idx]->mapped = false;
+ ids[idx]->status = ID_UNKNOWN;
continue;
}
}
@@ -438,7 +438,7 @@ again:
sid_copy(map->sid, &sid);
/* mapped */
- map->mapped = True;
+ map->status = ID_MAPPED;
DEBUG(10, ("Mapped %s -> %lu (%d)\n",
sid_string_static(map->sid),
@@ -455,6 +455,12 @@ again:
}
ret = NT_STATUS_OK;
+
+ /* mark all unknwon ones as unmapped */
+ for (i = 0; ids[i]; i++) {
+ if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED;
+ }
+
done:
talloc_free(memctx);
return ret;
@@ -649,7 +655,7 @@ again:
/* mapped */
map->xid.type = type;
map->xid.id = id;
- map->mapped = True;
+ map->status = ID_MAPPED;
DEBUG(10, ("Mapped %s -> %lu (%d)\n",
sid_string_static(map->sid),
@@ -666,6 +672,12 @@ again:
}
ret = NT_STATUS_OK;
+
+ /* mark all unknwon ones as unmapped */
+ for (i = 0; ids[i]; i++) {
+ if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED;
+ }
+
done:
talloc_free(memctx);
return ret;
diff --git a/source3/nsswitch/idmap_cache.c b/source3/nsswitch/idmap_cache.c
index 535083fb2b..897dd9c4f5 100644
--- a/source3/nsswitch/idmap_cache.c
+++ b/source3/nsswitch/idmap_cache.c
@@ -304,7 +304,7 @@ NTSTATUS idmap_cache_fill_map(struct id_map *id, const char *value)
goto failed;
}
- id->mapped = True;
+ id->status = ID_MAPPED;
return NT_STATUS_OK;
}
@@ -331,13 +331,13 @@ NTSTATUS idmap_cache_fill_map(struct id_map *id, const char *value)
goto failed;
}
- id->mapped = True;
+ id->status = ID_MAPPED;
return NT_STATUS_OK;
failed:
DEBUG(1, ("invalid value: %s\n", value));
- id->mapped = False;
+ id->status = ID_UNKNOWN;
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@@ -354,11 +354,11 @@ BOOL idmap_cache_is_negative(const char *val)
* 3 cases are possible
*
* 1 map found
- * in this case id->mapped = True and NT_STATUS_OK is returned
+ * in this case id->status = ID_MAPPED and NT_STATUS_OK is returned
* 2 map not found
- * in this case id->mapped = False and NT_STATUS_NONE_MAPPED is returned
+ * in this case id->status = ID_UNKNOWN and NT_STATUS_NONE_MAPPED is returned
* 3 negative cache found
- * in this case id->mapped = False and NT_STATUS_OK is returned
+ * in this case id->status = ID_UNMAPPED and NT_STATUS_OK is returned
*
* As a special case if the cache is expired NT_STATUS_SYNCHRONIZATION_REQUIRED
* is returned instead of NT_STATUS_OK. In this case revalidation of the cache
@@ -374,7 +374,7 @@ NTSTATUS idmap_cache_map_sid(struct idmap_cache_ctx *cache, struct id_map *id)
char *endptr;
/* make sure it is marked as not mapped by default */
- id->mapped = False;
+ id->status = ID_UNKNOWN;
ret = idmap_cache_build_sidkey(cache, &sidkey, id);
if (!NT_STATUS_IS_OK(ret)) return ret;
@@ -415,21 +415,21 @@ NTSTATUS idmap_cache_map_sid(struct idmap_cache_ctx *cache, struct id_map *id)
goto done;
}
- /* here ret == NT_STATUS_OK and id->mapped = True */
+ /* here ret == NT_STATUS_OK and id->status = ID_MAPPED */
if (t <= time(NULL)) {
/* We're expired, set an error code for upper layer */
ret = NT_STATUS_SYNCHRONIZATION_REQUIRED;
}
} else {
- /* this is not mapped (id->mapped = False),
- * and that's right as it was a negative cache hit */
- ret = NT_STATUS_OK;
-
if (t <= time(NULL)) {
/* We're expired, delete the entry and return not mapped */
tdb_delete(cache->tdb, keybuf);
ret = NT_STATUS_NONE_MAPPED;
+ } else {
+ /* this is not mapped as it was a negative cache hit */
+ id->status = ID_UNMAPPED;
+ ret = NT_STATUS_OK;
}
}
@@ -444,11 +444,11 @@ done:
* 3 cases are possible
*
* 1 map found
- * in this case id->mapped = True and NT_STATUS_OK is returned
+ * in this case id->status = ID_MAPPED and NT_STATUS_OK is returned
* 2 map not found
- * in this case id->mapped = False and NT_STATUS_NONE_MAPPED is returned
+ * in this case id->status = ID_UNKNOWN and NT_STATUS_NONE_MAPPED is returned
* 3 negative cache found
- * in this case id->mapped = False and NT_STATUS_OK is returned
+ * in this case id->status = ID_UNMAPPED and NT_STATUS_OK is returned
*
* As a special case if the cache is expired NT_STATUS_SYNCHRONIZATION_REQUIRED
* is returned instead of NT_STATUS_OK. In this case revalidation of the cache
@@ -464,7 +464,7 @@ NTSTATUS idmap_cache_map_id(struct idmap_cache_ctx *cache, struct id_map *id)
char *endptr;
/* make sure it is marked as not mapped by default */
- id->mapped = False;
+ id->status = ID_UNKNOWN;
ret = idmap_cache_build_idkey(cache, &idkey, id);
if (!NT_STATUS_IS_OK(ret)) return ret;
@@ -512,14 +512,14 @@ NTSTATUS idmap_cache_map_id(struct idmap_cache_ctx *cache, struct id_map *id)
ret = NT_STATUS_SYNCHRONIZATION_REQUIRED;
}
} else {
- /* this is not mapped (id->mapped = False),
- * and that's right as it was a negative cache hit */
- ret = NT_STATUS_OK;
-
if (t <= time(NULL)) {
/* We're expired, delete the entry and return not mapped */
tdb_delete(cache->tdb, keybuf);
ret = NT_STATUS_NONE_MAPPED;
+ } else {
+ /* this is not mapped is it was a negative cache hit */
+ id->status = ID_UNMAPPED;
+ ret = NT_STATUS_OK;
}
}
done:
diff --git a/source3/nsswitch/idmap_ldap.c b/source3/nsswitch/idmap_ldap.c
index 672d0b7979..0ebff71297 100644
--- a/source3/nsswitch/idmap_ldap.c
+++ b/source3/nsswitch/idmap_ldap.c
@@ -974,7 +974,7 @@ again:
TALLOC_FREE(sidstr);
/* mapped */
- map->mapped = True;
+ map->status = ID_MAPPED;
DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_static(map->sid), (unsigned long)map->xid.id, map->xid.type));
}
@@ -991,6 +991,12 @@ again:
ret = NT_STATUS_OK;
+
+ /* mark all unknwon ones as unmapped */
+ for (i = 0; ids[i]; i++) {
+ if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED;
+ }
+
done:
talloc_free(memctx);
return ret;
@@ -1169,7 +1175,7 @@ again:
/* mapped */
map->xid.type = type;
map->xid.id = id;
- map->mapped = True;
+ map->status = ID_MAPPED;
DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_static(map->sid), (unsigned long)map->xid.id, map->xid.type));
}
@@ -1186,6 +1192,11 @@ again:
ret = NT_STATUS_OK;
+ /* mark all unknwon ones as unmapped */
+ for (i = 0; ids[i]; i++) {
+ if (ids[i]->status == ID_UNKNOWN) ids[i]->status = ID_UNMAPPED;
+ }
+
done:
talloc_free(memctx);
return ret;
diff --git a/source3/nsswitch/idmap_nss.c b/source3/nsswitch/idmap_nss.c
index 014a193c6a..3cd8a8e8ea 100644
--- a/source3/nsswitch/idmap_nss.c
+++ b/source3/nsswitch/idmap_nss.c
@@ -62,7 +62,7 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma
pw = getpwuid((uid_t)ids[i]->xid.id);
if (!pw) {
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNMAPPED;
continue;
}
name = pw->pw_name;
@@ -71,13 +71,13 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma
gr = getgrgid((gid_t)ids[i]->xid.id);
if (!gr) {
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNMAPPED;
continue;
}
name = gr->gr_name;
break;
default: /* ?? */
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNKNOWN;
continue;
}
@@ -89,17 +89,16 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma
winbind_off();
if (!ret) {
- ids[i]->mapped = False;
+ /* TODO: how do we know if the name is really not mapped,
+ * or something just failed ? */
+ ids[i]->status = ID_UNMAPPED;
continue;
}
- /* make sure it is marked as unmapped if types do not match */
- ids[i]->mapped = False;
-
switch (type) {
case SID_NAME_USER:
if (ids[i]->xid.type == ID_TYPE_UID) {
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
}
break;
@@ -107,11 +106,12 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma
case SID_NAME_ALIAS:
case SID_NAME_WKN_GRP:
if (ids[i]->xid.type == ID_TYPE_GID) {
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
}
break;
default:
+ ids[i]->status = ID_UNKNOWN;
break;
}
}
@@ -151,13 +151,12 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma
winbind_off();
if (!ret) {
- ids[i]->mapped = False;
+ /* TODO: how do we know if the name is really not mapped,
+ * or something just failed ? */
+ ids[i]->status = ID_UNMAPPED;
continue;
}
- /* make sure it is marked as unmapped if types do not match */
- ids[i]->mapped = False;
-
switch (type) {
case SID_NAME_USER:
@@ -167,7 +166,7 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma
if (pw) {
ids[i]->xid.id = pw->pw_uid;
ids[i]->xid.type = ID_TYPE_UID;
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
}
break;
@@ -179,12 +178,12 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma
if (gr) {
ids[i]->xid.id = gr->gr_gid;
ids[i]->xid.type = ID_TYPE_GID;
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
}
break;
default:
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNKNOWN;
break;
}
}
diff --git a/source3/nsswitch/idmap_passdb.c b/source3/nsswitch/idmap_passdb.c
index fdb14d6979..a5f8a084b3 100644
--- a/source3/nsswitch/idmap_passdb.c
+++ b/source3/nsswitch/idmap_passdb.c
@@ -43,15 +43,23 @@ static NTSTATUS idmap_pdb_unixids_to_sids(struct idmap_domain *dom, struct id_ma
int i;
for (i = 0; ids[i]; i++) {
+
+ /* unmapped by default */
+ ids[i]->status = ID_UNMAPPED;
+
switch (ids[i]->xid.type) {
case ID_TYPE_UID:
- ids[i]->mapped = pdb_uid_to_sid((uid_t)ids[i]->xid.id, ids[i]->sid);
+ if (pdb_uid_to_sid((uid_t)ids[i]->xid.id, ids[i]->sid)) {
+ ids[i]->status = ID_MAPPED;
+ }
break;
case ID_TYPE_GID:
- ids[i]->mapped = pdb_gid_to_sid((gid_t)ids[i]->xid.id, ids[i]->sid);
+ if (pdb_gid_to_sid((gid_t)ids[i]->xid.id, ids[i]->sid)) {
+ ids[i]->status = ID_MAPPED;
+ }
break;
default: /* ?? */
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNKNOWN;
}
}
@@ -75,7 +83,7 @@ static NTSTATUS idmap_pdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma
case SID_NAME_USER:
ids[i]->xid.id = id.uid;
ids[i]->xid.type = ID_TYPE_UID;
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
break;
case SID_NAME_DOM_GRP:
@@ -83,17 +91,17 @@ static NTSTATUS idmap_pdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma
case SID_NAME_WKN_GRP:
ids[i]->xid.id = id.gid;
ids[i]->xid.type = ID_TYPE_GID;
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
break;
default: /* ?? */
/* make sure it is marked as unmapped */
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNKNOWN;
break;
}
} else {
/* Query Failed */
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNMAPPED;
}
}
diff --git a/source3/nsswitch/idmap_rid.c b/source3/nsswitch/idmap_rid.c
index e74283e22e..5949aa4ba5 100644
--- a/source3/nsswitch/idmap_rid.c
+++ b/source3/nsswitch/idmap_rid.c
@@ -107,6 +107,7 @@ static NTSTATUS idmap_rid_id_to_sid(TALLOC_CTX *memctx, struct idmap_rid_context
case SID_NAME_USER:
if (map->xid.type != ID_TYPE_UID) {
/* wrong type */
+ map->status = ID_UNMAPPED;
DEBUG(5, ("Resulting SID is of wrong ID type\n"));
return NT_STATUS_NONE_MAPPED;
}
@@ -116,21 +117,26 @@ static NTSTATUS idmap_rid_id_to_sid(TALLOC_CTX *memctx, struct idmap_rid_context
case SID_NAME_WKN_GRP:
if (map->xid.type != ID_TYPE_GID) {
/* wrong type */
+ map->status = ID_UNMAPPED;
DEBUG(5, ("Resulting SID is of wrong ID type\n"));
return NT_STATUS_NONE_MAPPED;
}
break;
default:
- /* invalid sid, let's just leave it unmapped */
+ /* invalid sid?? */
+ map->status = ID_UNKNOWN;
DEBUG(10, ("SID %s is UNKNOWN, skip mapping\n", sid_string_static(map->sid)));
return NT_STATUS_NONE_MAPPED;
}
} else {
+ /* TODO: how do we known if the lookup was negative
+ * or something just failed? */
+ map->status = ID_UNMAPPED;
DEBUG(2, ("Failed: to resolve SID\n"));
return NT_STATUS_UNSUCCESSFUL;
}
- map->mapped = True;
+ map->status = ID_MAPPED;
return NT_STATUS_OK;
}
@@ -169,9 +175,13 @@ static NTSTATUS idmap_rid_sid_to_id(TALLOC_CTX *memctx, struct idmap_rid_context
default:
/* invalid sid, let's just leave it unmapped */
DEBUG(10, ("SID %s is UNKNOWN, skip mapping\n", sid_string_static(map->sid)));
+ map->status = ID_UNKNOWN;
return NT_STATUS_NONE_MAPPED;
}
} else {
+ /* TODO: how do we known if the lookup was negative
+ * or something just failed? */
+ map->status = ID_UNMAPPED;
DEBUG(2, ("Failed: to resolve SID\n"));
return NT_STATUS_UNSUCCESSFUL;
}
@@ -180,10 +190,11 @@ static NTSTATUS idmap_rid_sid_to_id(TALLOC_CTX *memctx, struct idmap_rid_context
if ((map->xid.id < ctx->low_id) || (map->xid.id > ctx->high_id)) {
DEBUG(5, ("Requested id (%u) out of range (%u - %u). Filtered!\n",
map->xid.id, ctx->low_id, ctx->high_id));
+ map->status = ID_UNMAPPED;
return NT_STATUS_NONE_MAPPED;
}
- map->mapped = True;
+ map->status = ID_MAPPED;
return NT_STATUS_OK;
}
@@ -208,8 +219,6 @@ static NTSTATUS idmap_rid_unixids_to_sids(struct idmap_domain *dom, struct id_ma
}
for (i = 0; ids[i]; i++) {
- /* make sure it is marked as unmapped before resolveing */
- ids[i]->mapped = False;
ret = idmap_rid_id_to_sid(ctx, ridctx, ids[i]);
@@ -244,8 +253,6 @@ static NTSTATUS idmap_rid_sids_to_unixids(struct idmap_domain *dom, struct id_ma
}
for (i = 0; ids[i]; i++) {
- /* make sure it is marked as unmapped before resolveing */
- ids[i]->mapped = False;
ret = idmap_rid_sid_to_id(ctx, ridctx, ids[i]);
diff --git a/source3/nsswitch/idmap_tdb.c b/source3/nsswitch/idmap_tdb.c
index 4a382d4d89..ef004daa3e 100644
--- a/source3/nsswitch/idmap_tdb.c
+++ b/source3/nsswitch/idmap_tdb.c
@@ -809,7 +809,7 @@ static NTSTATUS idmap_tdb_unixids_to_sids(struct idmap_domain *dom, struct id_ma
if (NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED)) {
/* make sure it is marked as unmapped */
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNMAPPED;
continue;
}
@@ -818,7 +818,7 @@ static NTSTATUS idmap_tdb_unixids_to_sids(struct idmap_domain *dom, struct id_ma
}
/* all ok, id is mapped */
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
}
ret = NT_STATUS_OK;
@@ -847,7 +847,7 @@ static NTSTATUS idmap_tdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma
if (NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED)) {
/* make sure it is marked as unmapped */
- ids[i]->mapped = False;
+ ids[i]->status = ID_UNMAPPED;
continue;
}
@@ -856,7 +856,7 @@ static NTSTATUS idmap_tdb_sids_to_unixids(struct idmap_domain *dom, struct id_ma
}
/* all ok, id is mapped */
- ids[i]->mapped = True;
+ ids[i]->status = ID_MAPPED;
}
ret = NT_STATUS_OK;
@@ -1132,18 +1132,19 @@ static int idmap_tdb_dump_one_entry(TDB_CONTEXT *tdb, TDB_DATA key, TDB_DATA val
/* Try a UID record. */
if (sscanf(value.dptr, "UID %u", &(maps[num_maps].xid.id)) == 1) {
maps[num_maps].xid.type = ID_TYPE_UID;
- maps[num_maps].mapped = True;
+ maps[num_maps].status = ID_MAPPED;
*data->num_maps = num_maps + 1;
/* Try a GID record. */
} else
if (sscanf(value.dptr, "GID %u", &(maps[num_maps].xid.id)) == 1) {
maps[num_maps].xid.type = ID_TYPE_GID;
- maps[num_maps].mapped = True;
+ maps[num_maps].status = ID_MAPPED;
*data->num_maps = num_maps + 1;
/* Unknown record type ! */
} else {
+ maps[num_maps].status = ID_UNKNOWN;
DEBUG(2, ("Found INVALID record %s -> %s\n", key.dptr, value.dptr));
/* do not increment num_maps */
}
diff --git a/source3/nsswitch/idmap_util.c b/source3/nsswitch/idmap_util.c
index 8199ebbbd8..540dafaa73 100644
--- a/source3/nsswitch/idmap_util.c
+++ b/source3/nsswitch/idmap_util.c
@@ -49,7 +49,7 @@ NTSTATUS idmap_uid_to_sid(DOM_SID *sid, uid_t uid)
return ret;
}
- if ( ! map.mapped) {
+ if (map.status != ID_MAPPED) {
DEBUG(10, ("uid [%lu] not mapped\n", (unsigned long)uid));
return NT_STATUS_NONE_MAPPED;
}
@@ -83,7 +83,7 @@ NTSTATUS idmap_gid_to_sid(DOM_SID *sid, gid_t gid)
return ret;
}
- if ( ! map.mapped) {
+ if (map.status != ID_MAPPED) {
DEBUG(10, ("gid [%lu] not mapped\n", (unsigned long)gid));
return NT_STATUS_NONE_MAPPED;
}
@@ -115,8 +115,8 @@ NTSTATUS idmap_sid_to_uid(DOM_SID *sid, uid_t *uid)
return ret;
}
- if (( ! map.mapped) || (map.xid.type != ID_TYPE_UID)) {
- DEBUG(10, ("sid [%s] not mapped to an uid [%u,%u,%u]\n", sid_string_static(sid), map.mapped, map.xid.type, map.xid.id));
+ if ((map.status != ID_MAPPED) || (map.xid.type != ID_TYPE_UID)) {
+ DEBUG(10, ("sid [%s] not mapped to an uid [%u,%u,%u]\n", sid_string_static(sid), map.status, map.xid.type, map.xid.id));
return NT_STATUS_NONE_MAPPED;
}
@@ -149,8 +149,8 @@ NTSTATUS idmap_sid_to_gid(DOM_SID *sid, gid_t *gid)
return ret;
}
- if (( ! map.mapped) || (map.xid.type != ID_TYPE_GID)) {
- DEBUG(10, ("sid [%s] not mapped to an gid [%u,%u,%u]\n", sid_string_static(sid), map.mapped, map.xid.type, map.xid.id));
+ if ((map.status != ID_MAPPED) || (map.xid.type != ID_TYPE_GID)) {
+ DEBUG(10, ("sid [%s] not mapped to an gid [%u,%u,%u]\n", sid_string_static(sid), map.status, map.xid.type, map.xid.id));
return NT_STATUS_NONE_MAPPED;
}
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index 53179de8f1..613bb1cc60 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -392,9 +392,9 @@ BOOL winbind_sids_to_unixids(struct id_map *ids, int num_ids)
for (i = 0; i < num_ids; i++) {
if (wid[i].type == -1) {
- ids[i].mapped = False;
+ ids[i].status = ID_UNMAPPED;
} else {
- ids[i].mapped = True;
+ ids[i].status = ID_MAPPED;
ids[i].xid.type = wid[i].type;
ids[i].xid.id = wid[i].id;
}
diff --git a/source3/nsswitch/winbindd_async.c b/source3/nsswitch/winbindd_async.c
index 7bedd5a0fd..d70d6a0806 100644
--- a/source3/nsswitch/winbindd_async.c
+++ b/source3/nsswitch/winbindd_async.c
@@ -303,7 +303,7 @@ enum winbindd_result winbindd_dual_sids2xids(struct winbindd_domain *domain,
}
for (i = 0; i < num; i++) {
- if (ids[i]->mapped) {
+ if (ids[i]->status == ID_MAPPED) {
xids[i].type = ids[i]->xid.type;
xids[i].id = ids[i]->xid.id;
} else {