Attachment 6605 Details for Bug 7841 – git-am fix for 3.5.next

[patch] git-am fix for 3.5.next

0001-Try-and-fix-bug-7841-WINBINDD_LOOKUPRIDS-asks-the-wr.patch (text/plain), 3.53 KB, created by Jeremy Allison on 2011-06-21 23:02:37 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Jeremy Allison

Created: 2011-06-21 23:02:37 UTC

Size: 3.53 KB

patch

obsolete

>From 27ad4bf6f1b04897afc0e6e6448e1cfcd6320c4d Mon Sep 17 00:00:00 2001
>From: Jeremy Allison <jra@samba.org>
>Date: Tue, 21 Jun 2011 15:59:40 -0700
>Subject: [PATCH] Try and fix bug #7841 - WINBINDD_LOOKUPRIDS asks the wrong domain
>
>When looking up a domain for a RID query, we must always
>contact the relevent DC that is authoritative for the
>SID containing the RID. We can't just fallback to our
>primary DC as it only gets the RID on the query.
>
>Thanks to Volodymyr_Khomenko@dell.com for finding this.
>---
> source3/winbindd/winbindd_lookuprids.c |    2 +-
> source3/winbindd/winbindd_proto.h      |    1 +
> source3/winbindd/winbindd_util.c       |   27 ++++++++++++++++++++++++++-
> 3 files changed, 28 insertions(+), 2 deletions(-)
>
>diff --git a/source3/winbindd/winbindd_lookuprids.c b/source3/winbindd/winbindd_lookuprids.c
>index e1ac26c..c93eb43 100644
>--- a/source3/winbindd/winbindd_lookuprids.c
>+++ b/source3/winbindd/winbindd_lookuprids.c
>@@ -61,7 +61,7 @@ struct tevent_req *winbindd_lookuprids_send(TALLOC_CTX *mem_ctx,
> 		return tevent_req_post(req, ev);
> 	}
> 
>-	domain = find_lookup_domain_from_sid(&sid);
>+	domain = find_lookup_domain_from_rid(&sid);
> 	if (domain == NULL) {
> 		DEBUG(5, ("Domain for sid %s not found\n",
> 			  sid_string_dbg(&sid)));
>diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
>index 62fbc8e..10ec13c 100644
>--- a/source3/winbindd/winbindd_proto.h
>+++ b/source3/winbindd/winbindd_proto.h
>@@ -430,6 +430,7 @@ struct winbindd_domain *find_our_domain(void);
> struct winbindd_domain *find_root_domain(void);
> struct winbindd_domain *find_builtin_domain(void);
> struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid);
>+struct winbindd_domain *find_lookup_domain_from_rid(const struct dom_sid *sid);
> struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name);
> bool parse_domain_user(const char *domuser, fstring domain, fstring user);
> bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser,
>diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
>index 15a3575..8acb26b 100644
>--- a/source3/winbindd/winbindd_util.c
>+++ b/source3/winbindd/winbindd_util.c
>@@ -822,7 +822,7 @@ struct winbindd_domain *find_builtin_domain(void)
> 	return domain;
> }
> 
>-/* Find the appropriate domain to lookup a name or SID */
>+/* Find the appropriate domain to lookup a name given a SID */
> 
> struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
> {
>@@ -854,6 +854,31 @@ struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
> 	return find_our_domain();
> }
> 
>+/* Find the appropriate domain to lookup a RID given a SID. */
>+
>+struct winbindd_domain *find_lookup_domain_from_rid(const struct dom_sid *sid)
>+{
>+	/* RIDs in the S-1-22-{1,2} domain should be handled by our passdb */
>+
>+	if ( sid_check_is_in_unix_groups(sid) ||
>+	     sid_check_is_unix_groups(sid) ||
>+	     sid_check_is_in_unix_users(sid) ||
>+	     sid_check_is_unix_users(sid) )
>+	{
>+		return find_domain_from_sid(get_global_sam_sid());
>+	}
>+
>+	/* When looking up a domain for a RID query, we must always
>+	   contact the relevent DC that is authoritative for the
>+	   SID containing the RID. We can't just fallback to our
>+	   primary DC as it only gets the RID on the query. */
>+
>+	DEBUG(10, ("calling find_our_domain_from_sid\n"));
>+	return find_domain_from_sid(sid);
>+}
>+
>+/* Find the appropriate domain to lookup a SID given a name */
>+
> struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name)
> {
> 	if ( strequal(domain_name, unix_users_domain_name() ) ||
>-- 
>1.7.1
>

Actions: View

Attachments on bug 7841: 6109 | 6604 | 6605 | 6631 | 6632 | 6633 | 6664