diff options
author | Jeremy Allison <jra@samba.org> | 2001-11-03 23:34:24 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2001-11-03 23:34:24 +0000 |
commit | f8e2baf39eb864481dd48f61404136b325cd73c2 (patch) | |
tree | 01e73e826f6f817e7ef9dd044cd1cc919eb152d1 /source3/smbd/uid.c | |
parent | 69a59c5bbceb4ea5a766cf8e9a42392369142e91 (diff) | |
download | samba-f8e2baf39eb864481dd48f61404136b325cd73c2.tar.gz samba-f8e2baf39eb864481dd48f61404136b325cd73c2.tar.xz samba-f8e2baf39eb864481dd48f61404136b325cd73c2.zip |
Added NT_USER_TOKEN into server_info to fix extra groups problem.
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
(This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
Diffstat (limited to 'source3/smbd/uid.c')
-rw-r--r-- | source3/smbd/uid.c | 71 |
1 files changed, 70 insertions, 1 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index ae287cca76b..b33c9ede17f 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -181,7 +181,7 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid) if (vuser && vuser->guest) is_guest = True; - token = create_nt_token(uid, gid, current_user.ngroups, current_user.groups, is_guest); + token = create_nt_token(uid, gid, current_user.ngroups, current_user.groups, is_guest, NULL); must_free_token = True; } @@ -368,6 +368,75 @@ BOOL unbecome_user(void) } /***************************************************************** + Convert the suplimentary SIDs returned in a netlogon into UNIX + group gid_t's. Add to the total group array. +*****************************************************************/ + +void add_supplementary_nt_login_groups(int *n_groups, gid_t **pp_groups, NT_USER_TOKEN **pptok) +{ + int total_groups; + int current_n_groups = *n_groups; + gid_t *final_groups = NULL; + size_t i; + NT_USER_TOKEN *ptok = *pptok; + NT_USER_TOKEN *new_tok = NULL; + + if (!ptok || (ptok->num_sids == 0)) + return; + + new_tok = dup_nt_token(ptok); + if (!new_tok) { + DEBUG(0,("add_supplementary_nt_login_groups: Failed to malloc new token\n")); + return; + } + /* Leave the allocated space but empty the number of SIDs. */ + new_tok->num_sids = 0; + + total_groups = current_n_groups + ptok->num_sids; + + final_groups = (gid_t *)malloc(total_groups * sizeof(gid_t)); + if (!final_groups) { + DEBUG(0,("add_supplementary_nt_login_groups: Failed to malloc new groups.\n")); + delete_nt_token(&new_tok); + return; + } + + memcpy(final_groups, *pp_groups, current_n_groups * sizeof(gid_t)); + for (i = 0; i < ptok->num_sids; i++) { + enum SID_NAME_USE sid_type; + gid_t new_grp; + + if (sid_to_gid(&ptok->user_sids[i], &new_grp, &sid_type)) { + /* + * Don't add the gid_t if it is already in the current group + * list. Some UNIXen don't like the same group more than once. + */ + int j; + + for (j = 0; j < current_n_groups; j++) + if (final_groups[j] == new_grp) + break; + + if ( j == current_n_groups) { + /* Group not already present. */ + final_groups[current_n_groups++] = new_grp; + } + } else { + /* SID didn't map. Copy to the new token to be saved. */ + sid_copy(&new_tok->user_sids[new_tok->num_sids++], &ptok->user_sids[i]); + } + } + + SAFE_FREE(*pp_groups); + *pp_groups = final_groups; + *n_groups = current_n_groups; + + /* Replace the old token with the truncated one. */ + delete_nt_token(&ptok); + *pptok = new_tok; +} + +/***************************************************************** *THE CANONICAL* convert name to SID function. Tries winbind first - then uses local lookup. *****************************************************************/ |