From ed94aa9d611aba4d82e717797565550a4a47270e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 9 Oct 2001 20:54:56 +0000 Subject: Fixes from John Trostel (modified somewhat by me) to ensure that all lookup_XX functions correctly deal with the SID_NAME_TYPE. One fix for connection user lookup in LSA. Jeremy. (This used to be commit 29730027d8118ec7d207c89d0fd7fb24ac173fde) --- source3/passdb/passdb.c | 10 ++++++++++ source3/rpc_server/srv_lsa_nt.c | 4 ++-- source3/smbd/uid.c | 30 ++++++++++++++++-------------- 3 files changed, 28 insertions(+), 16 deletions(-) diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 9269a49e20..fa0dd244d2 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -477,6 +477,8 @@ BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use) { BOOL is_user = pdb_rid_is_user(rid); + *psid_name_use = SID_NAME_UNKNOWN; + DEBUG(5,("local_lookup_rid: looking up %s RID %u.\n", is_user ? "user" : "group", (unsigned int)rid)); @@ -484,11 +486,13 @@ BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use) if(rid == DOMAIN_USER_RID_ADMIN) { pstring admin_users; char *p = admin_users; + *psid_name_use = SID_NAME_USER; if(!next_token(&p, name, NULL, sizeof(fstring))) fstrcpy(name, "Administrator"); } else if (rid == DOMAIN_USER_RID_GUEST) { pstring guest_users; char *p = guest_users; + *psid_name_use = SID_NAME_USER; if(!next_token(&p, name, NULL, sizeof(fstring))) fstrcpy(name, "Guest"); } else { @@ -567,6 +571,8 @@ BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid, fstring user; fstring domain; + *psid_name_use = SID_NAME_UNKNOWN; + /* * domain and user may be quoted const strings, and map_username and * friends can modify them. Make a modifiable copy. JRA. @@ -670,6 +676,8 @@ BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type) DEBUG(10,("local_sid_to_uid: SID %s -> uid (%u) (%s).\n", sid_to_string( str, psid), (unsigned int)*puid, pass->pw_name )); + *name_type = SID_NAME_USER; + return True; } @@ -727,6 +735,8 @@ BOOL local_sid_to_gid(gid_t *pgid, DOM_SID *psid, enum SID_NAME_USE *name_type) DEBUG(10,("local_sid_to_gid: SID %s -> gid (%u) (%s).\n", sid_to_string( str, psid), (unsigned int)*pgid, grp->gr_name )); + *name_type = SID_NAME_ALIAS; + return True; } diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 3282fbca9f..ceca254a5d 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -649,8 +649,8 @@ NTSTATUS _lsa_unk_get_connuser(pipes_struct *p, LSA_Q_UNK_GET_CONNUSER *q_u, LSA fstrcpy(username, vuser->user.smb_name); fstrcpy(domname, vuser->user.domain); - ulen = strlen(username); - dlen = strlen(domname); + ulen = strlen(username) + 1; + dlen = strlen(domname) + 1; init_uni_hdr(&r_u->hdr_user_name, ulen); r_u->ptr_user_name = 1; diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 6afaf1493e..45ae31da2a 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -277,7 +277,9 @@ BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type) fstring sid; char *sep = lp_winbind_separator(); - if (!winbind_lookup_name(name, psid, name_type)) { + *name_type = SID_NAME_UNKNOWN; + + if (!winbind_lookup_name(name, psid, name_type) || (*name_type != SID_NAME_USER) ) { BOOL ret; DEBUG(10, ("lookup_name: winbind lookup for %s failed - trying local\n", name)); @@ -293,21 +295,19 @@ BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type) switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: - if (strequal(domain, global_myworkgroup)) + if (strequal(domain, global_myworkgroup)) { fstrcpy(domain, global_myname); + ret = local_lookup_name(domain, username, psid, name_type); + } /* No break is deliberate here. JRA. */ default: if (strcasecmp(global_myname, domain) != 0) { - DEBUG(5, ("domain %s is not local\n", domain)); - return False; + DEBUG(5, ("lookup_name: domain %s is not local\n", domain)); + ret = local_lookup_name(global_myname, username, psid, name_type); } } - - ret = local_lookup_name(domain, username, psid, - name_type); } else { - ret = local_lookup_name(global_myname, name, psid, - name_type); + ret = local_lookup_name(global_myname, name, psid, name_type); } if (ret) { @@ -322,9 +322,9 @@ BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type) return ret; } - DEBUG(10,("lookup_name (winbindd): %s -> SID %s (type %u)\n", - name, sid_to_string(sid, psid), - (unsigned int)*name_type)); + DEBUG(10,("lookup_name (winbindd): %s -> SID %s (type %u)\n", + name, sid_to_string(sid, psid), + (unsigned int)*name_type)); return True; } @@ -338,6 +338,8 @@ BOOL lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE if (!name_type) return False; + *name_type = SID_NAME_UNKNOWN; + /* Check if this is our own sid. This should perhaps be done by winbind? For the moment handle it here. */ @@ -418,7 +420,7 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) *THE CANONICAL* convert SID to uid function. Tries winbind first - then uses local lookup. Returns True if this name is a user sid and the conversion - was done correctly, False if not. + was done correctly, False if not. sidtype is set by this function. *****************************************************************/ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) @@ -432,7 +434,7 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype) * First we must look up the name and decide if this is a user sid. */ - if (!winbind_lookup_sid(psid, dom_name, name, &name_type)) { + if ( (!winbind_lookup_sid(psid, dom_name, name, &name_type)) || (name_type != SID_NAME_USER) ) { DEBUG(10,("sid_to_uid: winbind lookup for sid %s failed - trying local.\n", sid_to_string(sid_str, psid) )); -- cgit