Author: jpeach Date: 2007-03-20 00:13:42 +0000 (Tue, 20 Mar 2007) New Revision: 21881
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21881 Log: Make sure we are very specific when testing whether a backand can handle a particular SID. Make sure that the passdb backend will accept the same set range of local SIDs that the idmap system sends it. Simo, Jerry - this is a 3_0_25 candidate. Can you please review? Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_util.c branches/SAMBA_3_0/source/passdb/pdb_interface.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_util.c =================================================================== --- branches/SAMBA_3_0/source/nsswitch/winbindd_util.c 2007-03-19 22:45:35 UTC (rev 21880) +++ branches/SAMBA_3_0/source/nsswitch/winbindd_util.c 2007-03-20 00:13:42 UTC (rev 21881) @@ -599,12 +599,18 @@ struct winbindd_domain *find_domain_from_sid_noinit(const DOM_SID *sid) { struct winbindd_domain *domain; + uint32 discard; /* Search through list */ for (domain = domain_list(); domain != NULL; domain = domain->next) { - if (sid_compare_domain(sid, &domain->sid) == 0) + /* We need to use sid_peek_check_rid, because we want + * to make sure that the SIDs we send to the backends are + * as specific as possible. + */ + if (sid_peek_check_rid(&domain->sid, sid, &discard) == 0) { return domain; + } } /* Not found */ Modified: branches/SAMBA_3_0/source/passdb/pdb_interface.c =================================================================== --- branches/SAMBA_3_0/source/passdb/pdb_interface.c 2007-03-19 22:45:35 UTC (rev 21880) +++ branches/SAMBA_3_0/source/passdb/pdb_interface.c 2007-03-20 00:13:42 UTC (rev 21881) @@ -1305,7 +1305,8 @@ goto done; } - if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) { + if (sid_check_is_in_builtin(sid) || + sid_check_is_in_wellknown_domain(sid)) { /* Here we only have aliases */ GROUP_MAP map; if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
