From 0c5b4c8d8010aad1a941bd99256ba2998f1d9d9e Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Thu, 20 Feb 2014 13:14:31 +0100 Subject: [PATCH 1/2] s3:winbindd: fix _wbint_LookupSids() on error We need to make sure that r->out.domains remains valid, otherwise we're not able to marshall the response. Note that wbint_LookupSids() has [out,ref] lsa_RefDomainList *domains, while lsa_LookupSids() has [out,ref] lsa_RefDomainList **domains. Pair-Programmed-With: Stefan Metzmacher Bug: https://bugzilla.samba.org/show_bug.cgi?id=10458 Signed-off-by: Gregor Beck Signed-off-by: Stefan Metzmacher --- source3/winbindd/winbindd_dual_srv.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 851c2c7..f064467 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -74,6 +74,7 @@ NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct wbint_LookupSid *r) NTSTATUS _wbint_LookupSids(struct pipes_struct *p, struct wbint_LookupSids *r) { struct winbindd_domain *domain = wb_child_domain(); + struct lsa_RefDomainList *domains = r->out.domains; NTSTATUS status; if (domain == NULL) { @@ -87,7 +88,12 @@ NTSTATUS _wbint_LookupSids(struct pipes_struct *p, struct wbint_LookupSids *r) * done at the wbint RPC layer. */ status = rpc_lookup_sids(p->mem_ctx, domain, r->in.sids, - &r->out.domains, &r->out.names); + &domains, &r->out.names); + + if (domains != NULL) { + r->out.domains = domains; + } + reset_cm_connection_on_error(domain, status); return status; } -- 1.7.9.5 From a1cb4b9995e919601f737b7ae87a348179b8e693 Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Thu, 20 Feb 2014 11:25:53 +0100 Subject: [PATCH 2/2] s3:winbindd: avoid directly asking a trusted domain in wb_lookupsids*() As a domain member we should always use a DC of our own domain. It would be possible to pass all sids in one single dcerpc_wbint_LookupSids() call. For now we just fix bug. Pair-Programmed-With: Stefan Metzmacher Bug: https://bugzilla.samba.org/show_bug.cgi?id=10458 Signed-off-by: Gregor Beck Signed-off-by: Stefan Metzmacher --- source3/winbindd/wb_lookupsids.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c index e10d511..b474220 100644 --- a/source3/winbindd/wb_lookupsids.c +++ b/source3/winbindd/wb_lookupsids.c @@ -320,7 +320,7 @@ static struct wb_lookupsids_domain *wb_lookupsids_get_domain( } } - wb_domain = find_domain_from_sid_noinit(sid); + wb_domain = find_lookup_domain_from_sid(sid); if (wb_domain == NULL) { return NULL; } -- 1.7.9.5