From e6456df1489ec964445dfd6f009f9f75377b3d11 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 28 May 2010 13:18:13 -0400 Subject: s3:auth handle unix domain sids in samu When we generate a user out of thin air we may end up adding sids that are not part of the sam domain (unix domain sids). Handle the case and preserve these sids as extra sids. Signed-off-by: Andrew Bartlett --- source3/include/auth.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'source3/include/auth.h') diff --git a/source3/include/auth.h b/source3/include/auth.h index 52e5141379..2e22ca70c5 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -40,6 +40,11 @@ struct auth_usersupplied_info { }; +struct extra_auth_info { + struct dom_sid user_sid; + struct dom_sid pgid_sid; +}; + struct auth_serversupplied_info { bool guest; bool system; @@ -69,6 +74,13 @@ struct auth_serversupplied_info { struct netr_SamInfo3 *info3; + /* this structure is filled *only* in pathological cases where the user + * sid or the primary group sid are not sids of the domain. Normally + * this happens only for unix accounts that have unix domain sids. + * This is checked only when info3.rid and/or info3.primary_gid are set + * to the special invalid value of 0xFFFFFFFF */ + struct extra_auth_info extra; + void *pam_handle; /* -- cgit