From 4225f9a4bd5eece4d57820bbabb7b882610aa7cc Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 12 Dec 2006 14:52:13 +0000 Subject: r20116: Start merging in the work done to create the new idmap subsystem. Simo. (This used to be commit 50cd8bffeeed2cac755f75fc3d76fe41c451976b) --- source3/auth/auth_util.c | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) (limited to 'source3/auth') diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 870dc9b5d0..709d77bb36 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -841,6 +841,8 @@ static struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, NTSTATUS status; gid_t gid; + DEBUG(10, ("Create local NT token for %s\n", sid_string_static(user_sid))); + if (!(result = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) { DEBUG(0, ("talloc failed\n")); return NULL; @@ -980,6 +982,7 @@ static struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, NTSTATUS create_local_token(auth_serversupplied_info *server_info) { TALLOC_CTX *mem_ctx; + struct id_map *ids; NTSTATUS status; size_t i; @@ -1027,23 +1030,33 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info) server_info->groups = NULL; /* Start at index 1, where the groups start. */ + ids = talloc_zero_array(mem_ctx, struct id_map, server_info->ptok->num_sids); + for (i = 0; i < server_info->ptok->num_sids-1; i++) { + ids[i].sid = &server_info->ptok->user_sids[i + 1]; /* store the sids */ + } - for (i=1; iptok->num_sids; i++) { - gid_t gid; - DOM_SID *sid = &server_info->ptok->user_sids[i]; + if (!winbind_sids_to_unixids(ids, server_info->ptok->num_sids-1)) { + DEBUG(2, ("Query to map secondary SIDs failed!\n")); + } - if (!sid_to_gid(sid, &gid)) { + for (i = 0; i < server_info->ptok->num_sids-1; i++) { + if ( ! ids[i].mapped) { DEBUG(10, ("Could not convert SID %s to gid, " - "ignoring it\n", sid_string_static(sid))); + "ignoring it\n", sid_string_static(ids[i].sid))); continue; } - if (!add_gid_to_array_unique(server_info, gid, &server_info->groups, + if ( ! ids[i].xid.type == ID_TYPE_UID) { + DEBUG(10, ("SID %s is a User ID (%u) not a Group ID, " + "ignoring it\n", sid_string_static(ids[i].sid), ids[i].xid.id)); + continue; + } + if (!add_gid_to_array_unique(server_info, (gid_t)ids[i].xid.id, &server_info->groups, &server_info->n_groups)) { TALLOC_FREE(mem_ctx); return NT_STATUS_NO_MEMORY; } } - + debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok); status = log_nt_token(mem_ctx, server_info->ptok); -- cgit