summaryrefslogtreecommitdiffstats
path: root/source3
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2001-10-09 20:54:56 +0000
committerJeremy Allison <jra@samba.org>2001-10-09 20:54:56 +0000
commited94aa9d611aba4d82e717797565550a4a47270e (patch)
tree0bc55205b9138f2c2749e4adca6d6cdb93710b6b /source3
parentf55172c51c9bd27c72bf6d7af877926bac90a8f8 (diff)
downloadsamba-ed94aa9d611aba4d82e717797565550a4a47270e.tar.gz
samba-ed94aa9d611aba4d82e717797565550a4a47270e.tar.xz
samba-ed94aa9d611aba4d82e717797565550a4a47270e.zip
Fixes from John Trostel (modified somewhat by me) to ensure that all lookup_XX
functions correctly deal with the SID_NAME_TYPE. One fix for connection user lookup in LSA. Jeremy. (This used to be commit 29730027d8118ec7d207c89d0fd7fb24ac173fde)
Diffstat (limited to 'source3')
-rw-r--r--source3/passdb/passdb.c10
-rw-r--r--source3/rpc_server/srv_lsa_nt.c4
-rw-r--r--source3/smbd/uid.c30
3 files changed, 28 insertions, 16 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 9269a49e205..fa0dd244d25 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -477,6 +477,8 @@ BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use)
{
BOOL is_user = pdb_rid_is_user(rid);
+ *psid_name_use = SID_NAME_UNKNOWN;
+
DEBUG(5,("local_lookup_rid: looking up %s RID %u.\n", is_user ? "user" :
"group", (unsigned int)rid));
@@ -484,11 +486,13 @@ BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use)
if(rid == DOMAIN_USER_RID_ADMIN) {
pstring admin_users;
char *p = admin_users;
+ *psid_name_use = SID_NAME_USER;
if(!next_token(&p, name, NULL, sizeof(fstring)))
fstrcpy(name, "Administrator");
} else if (rid == DOMAIN_USER_RID_GUEST) {
pstring guest_users;
char *p = guest_users;
+ *psid_name_use = SID_NAME_USER;
if(!next_token(&p, name, NULL, sizeof(fstring)))
fstrcpy(name, "Guest");
} else {
@@ -567,6 +571,8 @@ BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid,
fstring user;
fstring domain;
+ *psid_name_use = SID_NAME_UNKNOWN;
+
/*
* domain and user may be quoted const strings, and map_username and
* friends can modify them. Make a modifiable copy. JRA.
@@ -670,6 +676,8 @@ BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type)
DEBUG(10,("local_sid_to_uid: SID %s -> uid (%u) (%s).\n", sid_to_string( str, psid),
(unsigned int)*puid, pass->pw_name ));
+ *name_type = SID_NAME_USER;
+
return True;
}
@@ -727,6 +735,8 @@ BOOL local_sid_to_gid(gid_t *pgid, DOM_SID *psid, enum SID_NAME_USE *name_type)
DEBUG(10,("local_sid_to_gid: SID %s -> gid (%u) (%s).\n", sid_to_string( str, psid),
(unsigned int)*pgid, grp->gr_name ));
+ *name_type = SID_NAME_ALIAS;
+
return True;
}
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 3282fbca9f3..ceca254a5d1 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -649,8 +649,8 @@ NTSTATUS _lsa_unk_get_connuser(pipes_struct *p, LSA_Q_UNK_GET_CONNUSER *q_u, LSA
fstrcpy(username, vuser->user.smb_name);
fstrcpy(domname, vuser->user.domain);
- ulen = strlen(username);
- dlen = strlen(domname);
+ ulen = strlen(username) + 1;
+ dlen = strlen(domname) + 1;
init_uni_hdr(&r_u->hdr_user_name, ulen);
r_u->ptr_user_name = 1;
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 6afaf1493e3..45ae31da2aa 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -277,7 +277,9 @@ BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type)
fstring sid;
char *sep = lp_winbind_separator();
- if (!winbind_lookup_name(name, psid, name_type)) {
+ *name_type = SID_NAME_UNKNOWN;
+
+ if (!winbind_lookup_name(name, psid, name_type) || (*name_type != SID_NAME_USER) ) {
BOOL ret;
DEBUG(10, ("lookup_name: winbind lookup for %s failed - trying local\n", name));
@@ -293,21 +295,19 @@ BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type)
switch (lp_server_role()) {
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
- if (strequal(domain, global_myworkgroup))
+ if (strequal(domain, global_myworkgroup)) {
fstrcpy(domain, global_myname);
+ ret = local_lookup_name(domain, username, psid, name_type);
+ }
/* No break is deliberate here. JRA. */
default:
if (strcasecmp(global_myname, domain) != 0) {
- DEBUG(5, ("domain %s is not local\n", domain));
- return False;
+ DEBUG(5, ("lookup_name: domain %s is not local\n", domain));
+ ret = local_lookup_name(global_myname, username, psid, name_type);
}
}
-
- ret = local_lookup_name(domain, username, psid,
- name_type);
} else {
- ret = local_lookup_name(global_myname, name, psid,
- name_type);
+ ret = local_lookup_name(global_myname, name, psid, name_type);
}
if (ret) {
@@ -322,9 +322,9 @@ BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type)
return ret;
}
- DEBUG(10,("lookup_name (winbindd): %s -> SID %s (type %u)\n",
- name, sid_to_string(sid, psid),
- (unsigned int)*name_type));
+ DEBUG(10,("lookup_name (winbindd): %s -> SID %s (type %u)\n",
+ name, sid_to_string(sid, psid),
+ (unsigned int)*name_type));
return True;
}
@@ -338,6 +338,8 @@ BOOL lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE
if (!name_type)
return False;
+ *name_type = SID_NAME_UNKNOWN;
+
/* Check if this is our own sid. This should perhaps be done by
winbind? For the moment handle it here. */
@@ -418,7 +420,7 @@ DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid)
*THE CANONICAL* convert SID to uid function.
Tries winbind first - then uses local lookup.
Returns True if this name is a user sid and the conversion
- was done correctly, False if not.
+ was done correctly, False if not. sidtype is set by this function.
*****************************************************************/
BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype)
@@ -432,7 +434,7 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype)
* First we must look up the name and decide if this is a user sid.
*/
- if (!winbind_lookup_sid(psid, dom_name, name, &name_type)) {
+ if ( (!winbind_lookup_sid(psid, dom_name, name, &name_type)) || (name_type != SID_NAME_USER) ) {
DEBUG(10,("sid_to_uid: winbind lookup for sid %s failed - trying local.\n",
sid_to_string(sid_str, psid) ));