From 9422775efd23d1f89379e7c1189265e9d27084d6 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sun, 3 Nov 2002 12:54:12 +0000
Subject: Force algorithmic rid base to sane values and talk about it.

Volker
(This used to be commit ce5b2d991b42bbf6865ff75194f8ee4b46694841)
---
 source3/passdb/passdb.c  | 29 +++++++++++++++++++++++++----
 source3/utils/testparm.c |  8 ++++++++
 2 files changed, 33 insertions(+), 4 deletions(-)

(limited to 'source3')

diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 04786b59e5..adc5eb8478 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -500,9 +500,30 @@ BOOL pdb_gethexpwd(const char *p, unsigned char *pwd)
  Converts NT user RID to a UNIX uid.
  ********************************************************************/
 
+static int algorithmic_rid_base(void)
+{
+	static int rid_offset = 0;
+
+	if (rid_offset != 0)
+		return rid_offset;
+
+	rid_offset = lp_algorithmic_rid_base();
+
+	if (rid_offset < 1000) {
+		DEBUG(0, ("algorithmic rid base must be above 1000\n"));
+		rid_offset = 1000;
+	}
+	if (rid_offset & 1) {
+		DEBUG(0, ("algorithmic rid base must be even\n"));
+		rid_offset += 1;
+	}
+	return rid_offset;
+}
+
+
 uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid)
 {
-	int rid_offset = lp_algorithmic_rid_base();
+	int rid_offset = algorithmic_rid_base();
 	return (uid_t)(((user_rid & (~USER_RID_TYPE))- rid_offset)/RID_MULTIPLIER);
 }
 
@@ -513,7 +534,7 @@ uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid)
 
 uint32 fallback_pdb_uid_to_user_rid(uid_t uid)
 {
-	int rid_offset = lp_algorithmic_rid_base();
+	int rid_offset = algorithmic_rid_base();
 	return (((((uint32)uid)*RID_MULTIPLIER) + rid_offset) | USER_RID_TYPE);
 }
 
@@ -523,7 +544,7 @@ uint32 fallback_pdb_uid_to_user_rid(uid_t uid)
 
 gid_t pdb_group_rid_to_gid(uint32 group_rid)
 {
-	int rid_offset = lp_algorithmic_rid_base();
+	int rid_offset = algorithmic_rid_base();
 	return (gid_t)(((group_rid & (~GROUP_RID_TYPE))- rid_offset)/RID_MULTIPLIER);
 }
 
@@ -537,7 +558,7 @@ gid_t pdb_group_rid_to_gid(uint32 group_rid)
 
 uint32 pdb_gid_to_group_rid(gid_t gid)
 {
-	int rid_offset = lp_algorithmic_rid_base();
+	int rid_offset = algorithmic_rid_base();
 	return (((((uint32)gid)*RID_MULTIPLIER) + rid_offset) | GROUP_RID_TYPE);
 }
 
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index c81d6e72e4..f2636fdafb 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -168,6 +168,14 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_
 		printf("'winbind separator = +' might cause problems with group membership.\n");
 	}
 
+	if (lp_algorithmic_rid_base() < 1000) {
+		printf("'algorithmic rid base' must be equal or above 1000.\n");
+	}
+
+	if (lp_algorithmic_rid_base() & 1) {
+		printf("'algorithmic rid base' must be even.\n");
+	}
+
 	return ret;
 }   
 
-- 
cgit