Changeset 740 for vendor/current/source3/groupdb/mapping.c

Timestamp:

Nov 14, 2012, 12:59:34 PM (13 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: update vendor to 3.6.0

File:

• vendor/current/source3/groupdb/mapping.c (modified) (33 diffs)

vendor/current/source3/groupdb/mapping.c

@@ -22 +22 @@
 
 #include "includes.h"
+#include "system/passwd.h"
+#include "passdb.h"
 #include "groupdb/mapping.h"
+#include "../libcli/security/security.h"
+#include "lib/winbind_util.h"
+#include <tdb.h>
 
 static const struct mapping_backend *backend;
@@ -31 +36 @@
 static bool init_group_mapping(void)
 {
-        const char *backend_string;
-
         if (backend != NULL) {
                 /* already initialised */
@@ -38 +41 @@
         }
 
-        /*
-         * default to using the ldb backend. This parameter should
-         * disappear in future versions of Samba3.
-         *
-         * But it's needed for cluster setups, because it's
-         * not yet possible to distribute a ldb inside a cluster.
-         */
-        backend_string = lp_parm_const_string(-1, "groupdb", "backend", "ldb");
-
-        if (strcmp(backend_string, "ldb") == 0) {
-                backend = groupdb_ldb_init();
-        } else if (strcmp(backend_string, "tdb") == 0) {
-                backend = groupdb_tdb_init();
-        } else {
-                DEBUG(0,("Unknown groupdb backend '%s'\n", backend_string));
-                smb_panic("Unknown groupdb backend");
-        }
+        backend = groupdb_tdb_init();
 
         return backend != NULL;
@@ -70 +57 @@
                 return NT_STATUS_UNSUCCESSFUL;
         }
-        
+
         map.gid=gid;
         if (!string_to_sid(&map.sid, sid)) {
@@ -76 +63 @@
                 return NT_STATUS_UNSUCCESSFUL;
         }
-        
+
         map.sid_name_use=sid_name_use;
         fstrcpy(map.nt_name, nt_name);
@@ -84 +71 @@
 }
 
-static NTSTATUS alias_memberships(const DOM_SID *members, size_t num_members,
-                                  DOM_SID **sids, size_t *num)
+static NTSTATUS alias_memberships(const struct dom_sid *members, size_t num_members,
+                                  struct dom_sid **sids, size_t *num)
 {
         size_t i;
@@ -101 +88 @@
 
 struct aliasmem_closure {
-        const DOM_SID *alias;
-        DOM_SID **sids;
+        const struct dom_sid *alias;
+        struct dom_sid **sids;
         size_t *num;
 };
@@ -120 +107 @@
 /* get a domain group from it's SID */
 
-bool get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
+bool get_domain_group_from_sid(struct dom_sid sid, GROUP_MAP *map)
 {
         struct group *grp;
         bool ret;
-        
+
         if(!init_group_mapping()) {
                 DEBUG(0,("failed to initialize group mapping\n"));
@@ -133 +120 @@
 
         /* if the group is NOT in the database, it CAN NOT be a domain group */
-        
+
         become_root();
         ret = pdb_getgrsid(map, sid);
         unbecome_root();
-        
+
         /* special case check for rid 513 */
-        
+
         if ( !ret ) {
                 uint32 rid;
-                
+
                 sid_peek_rid( &sid, &rid );
-                
-                if ( rid == DOMAIN_GROUP_RID_USERS ) {
+
+                if ( rid == DOMAIN_RID_USERS ) {
                         fstrcpy( map->nt_name, "None" );
                         fstrcpy( map->comment, "Ordinary Users" );
@@ -151 +138 @@
                         map->sid_name_use = SID_NAME_DOM_GRP;
                         map->gid = (gid_t)-1;
-                        
                         return True;
                 }
-                
                 return False;
         }
 
-        DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n"));
+        DEBUG(10, ("get_domain_group_from_sid: SID found in passdb\n"));
 
         /* if it's not a domain group, continue */
@@ -166 +151 @@
 
         DEBUG(10, ("get_domain_group_from_sid: SID is a domain group\n"));
-        
+
         if (map->gid==-1) {
                 return False;
@@ -172 +157 @@
 
         DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n",(unsigned long)map->gid));
-        
+
         grp = getgrgid(map->gid);
         if ( !grp ) {
@@ -344 +329 @@
                         return -1;
                 }
-                add_script = talloc_string_sub(ctx,
-                                add_script, "%u", unix_user);
+                add_script = talloc_string_sub2(ctx,
+                                add_script, "%u", unix_user, true, false, true);
                 if (!add_script) {
                         return -1;
@@ -384 +369 @@
                         return -1;
                 }
-                del_script = talloc_string_sub(ctx,
-                                del_script, "%u", unix_user);
+                del_script = talloc_string_sub2(ctx,
+                                del_script, "%u", unix_user, true, false, true);
                 if (!del_script) {
                         return -1;
@@ -402 +387 @@
 
 NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
-                                 DOM_SID sid)
+                                 struct dom_sid sid)
 {
         if (!init_group_mapping()) {
@@ -457 +442 @@
 
 NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods,
-                                                   DOM_SID sid)
+                                                   struct dom_sid sid)
 {
         if (!init_group_mapping()) {
@@ -468 +453 @@
 
 NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods,
-                                           const DOM_SID *sid, enum lsa_SidType sid_name_use,
+                                           const struct dom_sid *sid, enum lsa_SidType sid_name_use,
                                            GROUP_MAP **pp_rmap, size_t *p_num_entries,
                                            bool unix_only)
@@ -483 +468 @@
                                   const char *name, uint32 *rid)
 {
-        DOM_SID sid;
+        struct dom_sid sid;
         enum lsa_SidType type;
         uint32 new_rid;
@@ -507 +492 @@
         }
 
+        if (!pdb_new_rid(&new_rid)) {
+                DEBUG(0, ("Could not allocate a RID.\n"));
+                return NT_STATUS_ACCESS_DENIED;
+        }
+
+        sid_compose(&sid, get_global_sam_sid(), new_rid);
+
         if (!winbind_allocate_gid(&gid)) {
-                DEBUG(3, ("Could not get a gid out of winbind\n"));
-                return NT_STATUS_ACCESS_DENIED;
-        }
-
-        if (!pdb_new_rid(&new_rid)) {
-                DEBUG(0, ("Could not allocate a RID -- wasted a gid :-(\n"));
+                DEBUG(3, ("Could not get a gid out of winbind - "
+                          "wasted a rid :-(\n"));
                 return NT_STATUS_ACCESS_DENIED;
         }
@@ -519 +507 @@
         DEBUG(10, ("Creating alias %s with gid %u and rid %u\n",
                    name, (unsigned int)gid, (unsigned int)new_rid));
-
-        sid_copy(&sid, get_global_sam_sid());
-        sid_append_rid(&sid, new_rid);
 
         map.gid = gid;
@@ -543 +528 @@
 
 NTSTATUS pdb_default_delete_alias(struct pdb_methods *methods,
-                                  const DOM_SID *sid)
+                                  const struct dom_sid *sid)
 {
         return pdb_delete_group_mapping_entry(*sid);
@@ -549 +534 @@
 
 NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods,
-                                   const DOM_SID *sid,
+                                   const struct dom_sid *sid,
                                    struct acct_info *info)
 {
@@ -572 +557 @@
 
 NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods,
-                                   const DOM_SID *sid,
+                                   const struct dom_sid *sid,
                                    struct acct_info *info)
 {
@@ -587 +572 @@
 
 NTSTATUS pdb_default_add_aliasmem(struct pdb_methods *methods,
-                                  const DOM_SID *alias, const DOM_SID *member)
+                                  const struct dom_sid *alias, const struct dom_sid *member)
 {
         if (!init_group_mapping()) {
@@ -597 +582 @@
 
 NTSTATUS pdb_default_del_aliasmem(struct pdb_methods *methods,
-                                  const DOM_SID *alias, const DOM_SID *member)
+                                  const struct dom_sid *alias, const struct dom_sid *member)
 {
         if (!init_group_mapping()) {
@@ -607 +592 @@
 
 NTSTATUS pdb_default_enum_aliasmem(struct pdb_methods *methods,
-                                   const DOM_SID *alias, TALLOC_CTX *mem_ctx,
-                                   DOM_SID **pp_members, size_t *p_num_members)
+                                   const struct dom_sid *alias, TALLOC_CTX *mem_ctx,
+                                   struct dom_sid **pp_members, size_t *p_num_members)
 {
         if (!init_group_mapping()) {
@@ -620 +605 @@
 NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
                                        TALLOC_CTX *mem_ctx,
-                                       const DOM_SID *domain_sid,
-                                       const DOM_SID *members,
+                                       const struct dom_sid *domain_sid,
+                                       const struct dom_sid *members,
                                        size_t num_members,
                                        uint32 **pp_alias_rids,
                                        size_t *p_num_alias_rids)
 {
-        DOM_SID *alias_sids;
+        struct dom_sid *alias_sids;
         size_t i, num_alias_sids;
         NTSTATUS result;
@@ -672 +657 @@
 
 NTSTATUS pdb_nop_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
-                                 DOM_SID sid)
+                                 struct dom_sid sid)
 {
         return NT_STATUS_UNSUCCESSFUL;
@@ -702 +687 @@
 
 NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods,
-                                                   DOM_SID sid)
+                                                   struct dom_sid sid)
 {
         return NT_STATUS_UNSUCCESSFUL;
@@ -718 +703 @@
  These need to be redirected through pdb_interface.c
 ****************************************************************************/
-bool pdb_get_dom_grp_info(const DOM_SID *sid, struct acct_info *info)
+bool pdb_get_dom_grp_info(const struct dom_sid *sid, struct acct_info *info)
 {
         GROUP_MAP map;
@@ -736 +721 @@
 }
 
-bool pdb_set_dom_grp_info(const DOM_SID *sid, const struct acct_info *info)
+bool pdb_set_dom_grp_info(const struct dom_sid *sid, const struct acct_info *info)
 {
         GROUP_MAP map;
@@ -755 +740 @@
 NTSTATUS pdb_create_builtin_alias(uint32 rid)
 {
-        DOM_SID sid;
+        struct dom_sid sid;
         enum lsa_SidType type;
         gid_t gid;
@@ -765 +750 @@
 
         DEBUG(10, ("Trying to create builtin alias %d\n", rid));
-        
+
         if ( !sid_compose( &sid, &global_sid_Builtin, rid ) ) {
                 return NT_STATUS_NO_SUCH_ALIAS;
         }
-        
+
         if ( (mem_ctx = talloc_new(NULL)) == NULL ) {
                 return NT_STATUS_NO_MEMORY;
         }
-        
+
         if ( !lookup_sid(mem_ctx, &sid, NULL, &name, &type) ) {
                 TALLOC_FREE( mem_ctx );
                 return NT_STATUS_NO_SUCH_ALIAS;
         }
-        
+
         /* validate RID so copy the name and move on */
-                
+
         fstrcpy( groupname, name );
         TALLOC_FREE( mem_ctx );