From 276ff4df82313abcf09db2d373a4229a5b8db506 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Wed, 27 Feb 2002 23:51:25 +0000
Subject: this allows us to support foreign SIDs in winbindd and smbd

this means "xcopy /o" has a chance of working with ACLs that contain
ACEs that use SIDs that the Samba server has no knowledge of.

It's a bit hackish, Tim, can you look at my uid.c changes?
(This used to be commit fe2db3148587937aa7b674c1c99036d42a3776b3)
---
 source3/nsswitch/winbindd_sid.c | 66 ++++++++---------------------------------
 1 file changed, 13 insertions(+), 53 deletions(-)

(limited to 'source3/nsswitch/winbindd_sid.c')

diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c
index 8153b3a3a5..227ce439d5 100644
--- a/source3/nsswitch/winbindd_sid.c
+++ b/source3/nsswitch/winbindd_sid.c
@@ -103,31 +103,19 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state)
 enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state)
 {
 	DOM_SID sid;
-	uint32 user_rid;
-	struct winbindd_domain *domain;
 
 	DEBUG(3, ("[%5d]: sid to uid %s\n", state->pid,
 		  state->request.data.sid));
 
 	/* Split sid into domain sid and user rid */
-
-	string_to_sid(&sid, state->request.data.sid);
-	sid_split_rid(&sid, &user_rid);
-
-	/* Find domain this sid belongs to */
-
-	if ((domain = find_domain_from_sid(&sid)) == NULL) {
-		fstring sid_str;
-
-		sid_to_string(sid_str, &sid);
-		DEBUG(1, ("Could not find domain for sid %s\n", sid_str));
+	if (!string_to_sid(&sid, state->request.data.sid)) {
+		DEBUG(1, ("Could not get convert sid %s from string\n",
+			  state->request.data.sid));
 		return WINBINDD_ERROR;
 	}
 
 	/* Find uid for this sid and return it */
-
-	if (!winbindd_idmap_get_uid_from_rid(domain->name, user_rid,
-					     &state->response.data.uid)) {
+	if (!winbindd_idmap_get_uid_from_sid(&sid, &state->response.data.uid)) {
 		DEBUG(1, ("Could not get uid for sid %s\n",
 			  state->request.data.sid));
 		return WINBINDD_ERROR;
@@ -142,31 +130,18 @@ enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state)
 enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state)
 {
 	DOM_SID sid;
-	uint32 group_rid;
-	struct winbindd_domain *domain;
 
 	DEBUG(3, ("[%5d]: sid to gid %s\n", state->pid, 
 		  state->request.data.sid));
 
-	/* Split sid into domain sid and user rid */
-
-	string_to_sid(&sid, state->request.data.sid);
-	sid_split_rid(&sid, &group_rid);
-
-	/* Find domain this sid belongs to */
-
-	if ((domain = find_domain_from_sid(&sid)) == NULL) {
-		fstring sid_str;
-
-		sid_to_string(sid_str, &sid);
-		DEBUG(1, ("Could not find domain for sid %s\n", sid_str));
+	if (!string_to_sid(&sid, state->request.data.sid)) {
+		DEBUG(1, ("Could not cvt string to sid %s\n",
+			  state->request.data.sid));
 		return WINBINDD_ERROR;
 	}
 
-	/* Find uid for this sid and return it */
-
-	if (!winbindd_idmap_get_gid_from_rid(domain->name, group_rid,
-					     &state->response.data.gid)) {
+	/* Find gid for this sid and return it */
+	if (!winbindd_idmap_get_gid_from_sid(&sid, &state->response.data.gid)) {
 		DEBUG(1, ("Could not get gid for sid %s\n",
 			  state->request.data.sid));
 		return WINBINDD_ERROR;
@@ -179,8 +154,6 @@ enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state)
 
 enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
 {
-	struct winbindd_domain *domain;
-	uint32 user_rid;
 	DOM_SID sid;
 
 	/* Bug out if the uid isn't in the winbind range */
@@ -194,18 +167,12 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
 		  state->request.data.uid));
 
 	/* Lookup rid for this uid */
-
-	if (!winbindd_idmap_get_rid_from_uid(state->request.data.uid,
-					     &user_rid, &domain)) {
+	if (!winbindd_idmap_get_sid_from_uid(state->request.data.uid, &sid)) {
 		DEBUG(1, ("Could not convert uid %d to rid\n",
 			  state->request.data.uid));
 		return WINBINDD_ERROR;
 	}
 
-	/* Construct sid and return it */
-
-	sid_copy(&sid, &domain->sid);
-	sid_append_rid(&sid, user_rid);
 	sid_to_string(state->response.data.sid.sid, &sid);
 	state->response.data.sid.type = SID_NAME_USER;
 
@@ -216,8 +183,6 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
 
 enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state)
 {
-	struct winbindd_domain *domain;
-	uint32 group_rid;
 	DOM_SID sid;
 
 	/* Bug out if the gid isn't in the winbind range */
@@ -230,19 +195,14 @@ enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state)
 	DEBUG(3, ("[%5d]: gid to sid %d\n", state->pid,
 		  state->request.data.gid));
 
-	/* Lookup rid for this uid */
-
-	if (!winbindd_idmap_get_rid_from_gid(state->request.data.gid,
-					     &group_rid, &domain)) {
-		DEBUG(1, ("Could not convert gid %d to rid\n",
+	/* Lookup sid for this uid */
+	if (!winbindd_idmap_get_sid_from_gid(state->request.data.gid, &sid)) {
+		DEBUG(1, ("Could not convert gid %d to sid\n",
 			  state->request.data.gid));
 		return WINBINDD_ERROR;
 	}
 
 	/* Construct sid and return it */
-
-	sid_copy(&sid, &domain->sid);
-	sid_append_rid(&sid, group_rid);
 	sid_to_string(state->response.data.sid.sid, &sid);
 	state->response.data.sid.type = SID_NAME_DOM_GRP;
 
-- 
cgit