From 99cf696150a1b8e24a9d87981b710b703045a2a5 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Fri, 28 Aug 2009 14:25:11 +0200
Subject: s3:winbind: Fix a bug found by RPC-SAMR

We need to enumerate passdb alias members

Thanks to gd for bugging me :-)
---
 source3/winbindd/winbindd.h           |  1 +
 source3/winbindd/winbindd_ads.c       |  4 +-
 source3/winbindd/winbindd_cache.c     |  7 +++-
 source3/winbindd/winbindd_dual_srv.c  |  2 +-
 source3/winbindd/winbindd_group.c     |  7 +++-
 source3/winbindd/winbindd_passdb.c    | 72 +++++++++++++++++------------------
 source3/winbindd/winbindd_reconnect.c |  9 +++--
 source3/winbindd/winbindd_rpc.c       |  4 +-
 8 files changed, 59 insertions(+), 47 deletions(-)

(limited to 'source3/winbindd')

diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index 44ac022720..773496e8ad 100644
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -286,6 +286,7 @@ struct winbindd_methods {
 	NTSTATUS (*lookup_groupmem)(struct winbindd_domain *domain,
 				    TALLOC_CTX *mem_ctx,
 				    const DOM_SID *group_sid,
+				    enum lsa_SidType type,
 				    uint32 *num_names, 
 				    DOM_SID **sid_mem, char ***names, 
 				    uint32 **name_types);
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index b5fe08093c..450d2ee3e5 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -968,7 +968,9 @@ static NTSTATUS lookup_useraliases(struct winbindd_domain *domain,
  */
 static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
 				TALLOC_CTX *mem_ctx,
-				const DOM_SID *group_sid, uint32 *num_names,
+				const DOM_SID *group_sid,
+				enum lsa_SidType type,
+				uint32 *num_names,
 				DOM_SID **sid_mem, char ***names,
 				uint32 **name_types)
 {
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index d1aeba9f39..8a879fd3d5 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -2378,7 +2378,9 @@ NTSTATUS wcache_lookup_groupmem(struct winbindd_domain *domain,
 
 static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
 				TALLOC_CTX *mem_ctx,
-				const DOM_SID *group_sid, uint32 *num_names,
+				const DOM_SID *group_sid,
+				enum lsa_SidType type,
+				uint32 *num_names,
 				DOM_SID **sid_mem, char ***names,
 				uint32 **name_types)
 {
@@ -2406,7 +2408,8 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
 	DEBUG(10,("lookup_groupmem: [Cached] - doing backend query for info for domain %s\n",
 		domain->name ));
 
-	status = domain->backend->lookup_groupmem(domain, mem_ctx, group_sid, num_names, 
+	status = domain->backend->lookup_groupmem(domain, mem_ctx, group_sid,
+						  type, num_names,
 						  sid_mem, names, name_types);
 
 	/* and save it */
diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c
index 01860ebf6f..f07931dbe7 100644
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -173,7 +173,7 @@ NTSTATUS _wbint_LookupGroupMembers(pipes_struct *p,
 	}
 
 	status = domain->methods->lookup_groupmem(
-		domain, p->mem_ctx, r->in.sid,
+		domain, p->mem_ctx, r->in.sid, r->in.type,
 		&num_names, &sid_mem, &names, &name_types);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c
index e914f0e753..21ab3f7ef9 100644
--- a/source3/winbindd/winbindd_group.c
+++ b/source3/winbindd/winbindd_group.c
@@ -118,7 +118,8 @@ static void add_expanded_sid(const DOM_SID *sid,
 	}
 
 	result = domain->methods->lookup_groupmem(domain, mem_ctx,
-						  sid, &num_names,
+						  sid, SID_NAME_DOM_GRP,
+						  &num_names,
 						  &sid_mem, &names,
 						  &types);
 
@@ -470,7 +471,9 @@ static NTSTATUS expand_groups( TALLOC_CTX *ctx,
 		/* Lookup the group membership */
 
 		lookup_status = d->methods->lookup_groupmem(d, tmp_ctx,
-						     &glist[i], &num_names,
+						     &glist[i],
+						     SID_NAME_DOM_GRP,
+						     &num_names,
 						     &sid_mem, &names,
 						     &name_types);
 		if (!NT_STATUS_IS_OK(lookup_status)) {
diff --git a/source3/winbindd/winbindd_passdb.c b/source3/winbindd/winbindd_passdb.c
index 5a2c31fe2f..c23f87dcd5 100644
--- a/source3/winbindd/winbindd_passdb.c
+++ b/source3/winbindd/winbindd_passdb.c
@@ -396,22 +396,6 @@ static NTSTATUS builtin_query_user(struct winbindd_domain *domain,
 	return NT_STATUS_NO_SUCH_USER;
 }
 
-static NTSTATUS builtin_lookup_groupmem(struct winbindd_domain *domain,
-				TALLOC_CTX *mem_ctx,
-				const DOM_SID *group_sid, uint32 *num_names,
-				DOM_SID **sid_mem, char ***names,
-				uint32 **name_types)
-{
-	DEBUG(10,("passdb: lookup_groupmem (builtin) %s sid=%s\n", domain->name,
-		  sid_string_dbg(group_sid)));
-
-	*num_names = 0;
-	*sid_mem = NULL;
-	*names = NULL;
-	*name_types = 0;
-	return NT_STATUS_NO_SUCH_GROUP;
-}
-
 /* get a list of trusted domains - builtin domain */
 static NTSTATUS builtin_trusted_domains(struct winbindd_domain *domain,
 				TALLOC_CTX *mem_ctx,
@@ -552,13 +536,14 @@ static NTSTATUS sam_query_user(struct winbindd_domain *domain,
 
 /* Lookup group membership given a rid.   */
 static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
-				TALLOC_CTX *mem_ctx,
-				const DOM_SID *group_sid, uint32 *num_names, 
-				DOM_SID **sid_mem, char ***names, 
-				uint32 **name_types)
+				    TALLOC_CTX *mem_ctx,
+				    const DOM_SID *group_sid,
+				    enum lsa_SidType type,
+				    uint32 *num_names,
+				    DOM_SID **sid_mem, char ***names,
+				    uint32 **name_types)
 {
 	size_t i, num_members, num_mapped;
-	uint32 *rids;
 	NTSTATUS result;
 	const DOM_SID **sids;
 	struct lsa_dom_info *lsa_domains;
@@ -568,7 +553,7 @@ static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
 	DEBUG(10,("passdb: lookup_groupmem (sam) %s sid=%s\n", domain->name,
 		  sid_string_dbg(group_sid)));
 
-	if (!sid_check_is_in_our_domain(group_sid)) {
+	if (sid_check_is_in_builtin(group_sid) && (type != SID_NAME_ALIAS)) {
 		/* There's no groups, only aliases in BUILTIN */
 		return NT_STATUS_NO_SUCH_GROUP;
 	}
@@ -577,11 +562,31 @@ static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	result = pdb_enum_group_members(tmp_ctx, group_sid, &rids,
-					&num_members);
-	if (!NT_STATUS_IS_OK(result)) {
-		TALLOC_FREE(tmp_ctx);
-		return result;
+	if (type == SID_NAME_DOM_GRP) {
+		uint32 *rids;
+
+		result = pdb_enum_group_members(tmp_ctx, group_sid, &rids,
+						&num_members);
+		if (!NT_STATUS_IS_OK(result)) {
+			TALLOC_FREE(tmp_ctx);
+			return result;
+		}
+		*sid_mem = talloc_array(mem_ctx, struct dom_sid, num_members);
+		if (*sid_mem == NULL) {
+			TALLOC_FREE(tmp_ctx);
+			return NT_STATUS_NO_MEMORY;
+		}
+		for (i=0; i<num_members; i++) {
+			sid_compose(&((*sid_mem)[i]), &domain->sid, rids[i]);
+		}
+		TALLOC_FREE(rids);
+	} else {
+		result = pdb_enum_aliasmem(group_sid, mem_ctx, sid_mem,
+					   &num_members);
+		if (!NT_STATUS_IS_OK(result)) {
+			TALLOC_FREE(tmp_ctx);
+			return result;
+		}
 	}
 
 	if (num_members == 0) {
@@ -593,13 +598,11 @@ static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
 		return NT_STATUS_OK;
 	}
 
-	*sid_mem = TALLOC_ARRAY(mem_ctx, DOM_SID, num_members);
 	*names = TALLOC_ARRAY(mem_ctx, char *, num_members);
 	*name_types = TALLOC_ARRAY(mem_ctx, uint32, num_members);
 	sids = TALLOC_ARRAY(tmp_ctx, const DOM_SID *, num_members);
 
-	if (((*sid_mem) == NULL) || ((*names) == NULL) ||
-	    ((*name_types) == NULL) || (sids == NULL)) {
+	if (((*names) == NULL) || ((*name_types) == NULL) || (sids == NULL)) {
 		TALLOC_FREE(tmp_ctx);
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -610,12 +613,7 @@ static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
 	 */
 
 	for (i=0; i<num_members; i++) {
-		DOM_SID *sid = &((*sid_mem)[i]);
-		if (!sid_compose(sid, &domain->sid, rids[i])) {
-			TALLOC_FREE(tmp_ctx);
-			return NT_STATUS_INTERNAL_ERROR;
-		}
-		sids[i] = sid;
+		sids[i] = &((*sid_mem)[i]);
 	}
 
 	result = lookup_sids(tmp_ctx, num_members, sids, 1,
@@ -718,7 +716,7 @@ struct winbindd_methods builtin_passdb_methods = {
 	builtin_query_user,
 	lookup_usergroups,
 	lookup_useraliases,
-	builtin_lookup_groupmem,
+	sam_lookup_groupmem,
 	sequence_number,
 	lockout_policy,
 	password_policy,
diff --git a/source3/winbindd/winbindd_reconnect.c b/source3/winbindd/winbindd_reconnect.c
index aa2f6670f6..3efd4a9428 100644
--- a/source3/winbindd/winbindd_reconnect.c
+++ b/source3/winbindd/winbindd_reconnect.c
@@ -210,20 +210,23 @@ static NTSTATUS lookup_useraliases(struct winbindd_domain *domain,
 /* Lookup group membership given a rid.   */
 static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
 				TALLOC_CTX *mem_ctx,
-				const DOM_SID *group_sid, uint32 *num_names, 
+				const DOM_SID *group_sid,
+				enum lsa_SidType type,
+				uint32 *num_names,
 				DOM_SID **sid_mem, char ***names, 
 				uint32 **name_types)
 {
 	NTSTATUS result;
 
 	result = msrpc_methods.lookup_groupmem(domain, mem_ctx,
-					       group_sid, num_names,
+					       group_sid, type, num_names,
 					       sid_mem, names,
 					       name_types);
 
 	if (NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))
 		result = msrpc_methods.lookup_groupmem(domain, mem_ctx,
-						       group_sid, num_names,
+						       group_sid, type,
+						       num_names,
 						       sid_mem, names,
 						       name_types);
 
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index 9d84612646..f664f22232 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -775,7 +775,9 @@ static NTSTATUS msrpc_lookup_useraliases(struct winbindd_domain *domain,
 /* Lookup group membership given a rid.   */
 static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
 				TALLOC_CTX *mem_ctx,
-				const DOM_SID *group_sid, uint32 *num_names, 
+				const DOM_SID *group_sid,
+				enum lsa_SidType type,
+				uint32 *num_names,
 				DOM_SID **sid_mem, char ***names, 
 				uint32 **name_types)
 {
-- 
cgit