From 36da6cb5847df2754e8f9223e0784da6013c572b Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 19 Apr 2007 22:26:09 +0000
Subject: r22390: Patchset sent to samba-technical to address the winbind loop
 when allocating a new id for a SID:

auth_util.patch		Revert create_local_token() to
			the 3.0.24 codebase

idmap_type.patch	Have the caller fillin the
			id_map.xid.type field when
			resolving a SID so that if we allocate
			a new id, we know what type to use

winbindd_api.patch	Remove the WINBINDD_SIDS_TO_XIDS calls
			from the public winbindd interface
			for the 3.0.25 release

idmap_rid.patch		Cleanup the idmap_rid backend to not
			call back into winbindd to resolve
			the SID in order to verify it's type.
(This used to be commit 3b24dae9e73b244540a68b631b428a4d0f57440b)
---
 source3/auth/auth_util.c | 48 ++++++++++--------------------------------------
 1 file changed, 10 insertions(+), 38 deletions(-)

(limited to 'source3/auth/auth_util.c')

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 0de3bf2325..336daa906d 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -637,9 +637,7 @@ static NTSTATUS log_nt_token(TALLOC_CTX *tmp_ctx, NT_USER_TOKEN *token)
 NTSTATUS create_local_token(auth_serversupplied_info *server_info)
 {
 	TALLOC_CTX *mem_ctx;
-	struct id_map *ids;
 	NTSTATUS status;
-	BOOL wb = True;
 	size_t i;
 	
 
@@ -686,46 +684,20 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
 	server_info->groups = NULL;
 
 	/* Start at index 1, where the groups start. */
-	ids = talloc_zero_array(mem_ctx, struct id_map, server_info->ptok->num_sids);
-	for (i = 0; i < server_info->ptok->num_sids-1; i++) {
-		ids[i].sid = &server_info->ptok->user_sids[i + 1]; /* store the sids */
-	}
-
-	if (!winbind_sids_to_unixids(ids, server_info->ptok->num_sids-1)) {
-		DEBUG(2, ("Query to map secondary SIDs failed!\n"));
-		if (!winbind_ping()) {
-			DEBUG(2, ("Winbindd is not running, will try to map SIDs one by one with legacy code\n"));
-			wb = False;
-		}
-	}
 
-	for (i = 0; i < server_info->ptok->num_sids-1; i++) {
-		gid_t agid;
+	for (i=1; i<server_info->ptok->num_sids; i++) {
+		gid_t gid;
+		DOM_SID *sid = &server_info->ptok->user_sids[i];
 
-		if (wb) {
-			if (ids[i].status != ID_MAPPED) {
-				DEBUG(10, ("Could not convert SID %s to gid, "
-					   "ignoring it\n", sid_string_static(ids[i].sid)));
-				continue;
-			}
-			if (ids[i].xid.type == ID_TYPE_UID) {
-				DEBUG(10, ("SID %s is a User ID (%u) not a Group ID, "
-					   "ignoring it\n", sid_string_static(ids[i].sid), ids[i].xid.id));
-				continue;
-			}
-			agid = (gid_t)ids[i].xid.id;
-		} else {
-			if (! sid_to_gid(ids[i].sid, &agid)) {
-				continue;
-			}
-		}
-		if (!add_gid_to_array_unique(server_info, agid, &server_info->groups,
-					&server_info->n_groups)) {
-			TALLOC_FREE(mem_ctx);
-			return NT_STATUS_NO_MEMORY;
+		if (!sid_to_gid(sid, &gid)) {
+			DEBUG(10, ("Could not convert SID %s to gid, "
+				   "ignoring it\n", sid_string_static(sid)));
+			continue;
 		}
+		add_gid_to_array_unique(server_info, gid, &server_info->groups,
+					&server_info->n_groups);
 	}
-
+	
 	debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok);
 
 	status = log_nt_token(mem_ctx, server_info->ptok);
-- 
cgit