The Samba-Bugzilla – Attachment 7286 Details for
Bug 8739
auth_winbind drops universal groupmemberships for multi-hop trusted domains
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v3-6-test
tmp36.diff (text/plain), 4.00 KB, created by
Stefan Metzmacher
on 2012-02-02 13:58:28 UTC
(
hide
)
Description:
Patches for v3-6-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2012-02-02 13:58:28 UTC
Size:
4.00 KB
patch
obsolete
>From c377432ddfb2566e733f5476520432d9303980b7 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 1 Feb 2012 17:02:52 +0100 >Subject: [PATCH 1/2] s3:auth: fix potential gap creation in wbcsids_to_samr_RidWithAttributeArray() > >Pair-Programmed-With: Michael Adam <obnox@samba.org> > >metze >(cherry picked from commit adbab7710d1fc4ca31469982dae0ee51e6b19896) >--- > source3/auth/server_info.c | 9 +++++---- > 1 files changed, 5 insertions(+), 4 deletions(-) > >diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c >index dc5b15f..61c1dcc 100644 >--- a/source3/auth/server_info.c >+++ b/source3/auth/server_info.c >@@ -529,7 +529,7 @@ static NTSTATUS wbcsids_to_samr_RidWithAttributeArray( > const struct wbcSidWithAttr *sids, > size_t num_sids) > { >- unsigned int i; >+ unsigned int i, j = 0; > bool ok; > > groups->rids = talloc_array(mem_ctx, >@@ -542,15 +542,16 @@ static NTSTATUS wbcsids_to_samr_RidWithAttributeArray( > for (i = 0; i < num_sids; i++) { > ok = sid_peek_check_rid(domain_sid, > (const struct dom_sid *)&sids[i].sid, >- &groups->rids[i].rid); >+ &groups->rids[j].rid); > if (!ok) continue; > >- groups->rids[i].attributes = SE_GROUP_MANDATORY | >+ groups->rids[j].attributes = SE_GROUP_MANDATORY | > SE_GROUP_ENABLED_BY_DEFAULT | > SE_GROUP_ENABLED; >- groups->count++; >+ j++; > } > >+ groups->count = j; > return NT_STATUS_OK; > } > >-- >1.7.4.1 > > >From 317af1e39a66e006607fd3a45701ffeb686edd19 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 1 Feb 2012 17:04:17 +0100 >Subject: [PATCH 2/2] s3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3() (bug #8739) > >Originally, only the rid array was filled and foreign domain sids were omitted. > >Pair-Programmed-With: Michael Adam <obnox@samba.org> > >metze > >Autobuild-User: Stefan Metzmacher <metze@samba.org> >Autobuild-Date: Thu Feb 2 12:59:32 CET 2012 on sn-devel-104 >(cherry picked from commit dab7b0e7171edf5b11af154175711e2b972c000b) >--- > source3/auth/server_info.c | 53 ++++++++++++++++++++++++++++++++++++++++++++ > 1 files changed, 53 insertions(+), 0 deletions(-) > >diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c >index 61c1dcc..5b8ae1b 100644 >--- a/source3/auth/server_info.c >+++ b/source3/auth/server_info.c >@@ -555,6 +555,48 @@ static NTSTATUS wbcsids_to_samr_RidWithAttributeArray( > return NT_STATUS_OK; > } > >+static NTSTATUS wbcsids_to_netr_SidAttrArray( >+ const struct dom_sid *domain_sid, >+ const struct wbcSidWithAttr *sids, >+ size_t num_sids, >+ TALLOC_CTX *mem_ctx, >+ struct netr_SidAttr **_info3_sids, >+ uint32_t *info3_num_sids) >+{ >+ unsigned int i, j = 0; >+ struct netr_SidAttr *info3_sids; >+ >+ info3_sids = talloc_array(mem_ctx, struct netr_SidAttr, num_sids); >+ if (info3_sids == NULL) { >+ return NT_STATUS_NO_MEMORY; >+ } >+ >+ /* a wbcDomainSid is the same as a dom_sid */ >+ for (i = 0; i < num_sids; i++) { >+ const struct dom_sid *sid; >+ >+ sid = (const struct dom_sid *)&sids[i].sid; >+ >+ if (dom_sid_in_domain(domain_sid, sid)) { >+ continue; >+ } >+ >+ info3_sids[j].sid = dom_sid_dup(info3_sids, sid); >+ if (info3_sids[j].sid == NULL) { >+ talloc_free(info3_sids); >+ return NT_STATUS_NO_MEMORY; >+ } >+ info3_sids[j].attributes = SE_GROUP_MANDATORY | >+ SE_GROUP_ENABLED_BY_DEFAULT | >+ SE_GROUP_ENABLED; >+ j++; >+ } >+ >+ *info3_num_sids = j; >+ *_info3_sids = info3_sids; >+ return NT_STATUS_OK; >+} >+ > struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, > const struct wbcAuthUserInfo *info) > { >@@ -637,6 +679,17 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, > return NULL; > } > >+ status = wbcsids_to_netr_SidAttrArray(&domain_sid, >+ &info->sids[1], >+ info->num_sids - 1, >+ info3, >+ &info3->sids, >+ &info3->sidcount); >+ if (!NT_STATUS_IS_OK(status)) { >+ TALLOC_FREE(info3); >+ return NULL; >+ } >+ > info3->base.user_flags = info->user_flags; > memcpy(info3->base.key.key, info->user_session_key, 16); > >-- >1.7.4.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
obnox
:
review+
jra
:
review+
Actions:
View
Attachments on
bug 8739
: 7286