From d21e964ca00e54b7734f7ce25211d1fda558daa5 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 25 May 2009 11:29:14 +0200 Subject: [PATCH] s3:winbind:idmap_ldap: warn about duplicate XID->SID mappings (bug #6387) With the current infrastructure, we should not return error on duplicate mappings but just warn instead (because an error would trigger the attempt to create yet another mapping). Michael --- source/winbindd/idmap_ldap.c | 8 ++++++++ 1 files changed, 8 insertions(+), 0 deletions(-) diff --git a/source/winbindd/idmap_ldap.c b/source/winbindd/idmap_ldap.c index d4bf65b..503f31e 100644 --- a/source/winbindd/idmap_ldap.c +++ b/source/winbindd/idmap_ldap.c @@ -1064,6 +1064,14 @@ again: TALLOC_FREE(sidstr); continue; } + + if (map->status == ID_MAPPED) { + DEBUG(1, ("WARNING: duplicate %s mapping in LDAP. " + "overwriting mapping %u -> %s with %u -> %s\n", + (type == ID_TYPE_UID) ? "UID" : "GID", + id, sid_string_dbg(map->sid), id, sidstr)); + } + TALLOC_FREE(sidstr); /* mapped */ -- 1.6.0.4 From 2968406b6c2a9073210b532221eb3da57a0bb537 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 25 May 2009 11:54:43 +0200 Subject: [PATCH] s3:winbind:idmap_ldap: warn about duplicate SID->XID mappings (bug #6387) With the current infrastructure, we should not return error on duplicate mappings but just warn instead (because an error would trigger the attempt to create yet another mapping). Michael --- source/winbindd/idmap_ldap.c | 13 +++++++++++-- 1 files changed, 11 insertions(+), 2 deletions(-) diff --git a/source/winbindd/idmap_ldap.c b/source/winbindd/idmap_ldap.c index 503f31e..b51fd3a 100644 --- a/source/winbindd/idmap_ldap.c +++ b/source/winbindd/idmap_ldap.c @@ -1274,8 +1274,6 @@ again: continue; } - TALLOC_FREE(sidstr); - /* now try to see if it is a uid, if not try with a gid * (gid is more common, but in case both uidNumber and * gidNumber are returned the SID is mapped to the uid @@ -1293,6 +1291,7 @@ again: if ( ! tmp) { /* no ids ?? */ DEBUG(5, ("no uidNumber, " "nor gidNumber attributes found\n")); + TALLOC_FREE(sidstr); continue; } @@ -1303,11 +1302,21 @@ again: DEBUG(5, ("Requested id (%u) out of range (%u - %u). " "Filtered!\n", id, ctx->filter_low_id, ctx->filter_high_id)); + TALLOC_FREE(sidstr); TALLOC_FREE(tmp); continue; } TALLOC_FREE(tmp); + if (map->status == ID_MAPPED) { + DEBUG(1, ("WARNING: duplicate %s mapping in LDAP. " + "overwriting mapping %s -> %u with %s -> %u\n", + (type == ID_TYPE_UID) ? "UID" : "GID", + sidstr, map->xid.id, sidstr, id)); + } + + TALLOC_FREE(sidstr); + /* mapped */ map->xid.type = type; map->xid.id = id; -- 1.6.0.4