sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-22 05:57:43 +03:00
Code

s4:idmap Adjust code to new idmap structure names and layout.

Browse Source 
Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2010-05-24 10:16:34 +10:00
parent 974ed9cf2c
commit 285647664c
9 changed files with 75 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
source4/ntvfs/posix/pvfs_acl.c
View File

@ -169,18 +169,12 @@ static NTSTATUS pvfs_default_acl(struct pvfs_state *pvfs,
ids = talloc_zero_array(sd, struct id_map, 2);
NT_STATUS_HAVE_NO_MEMORY(ids);
ids[0].unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY(ids[0].unixid);
ids[0].unixid->id = name->st.st_uid;
ids[0].unixid->type = ID_TYPE_UID;
ids[0].xid.id = name->st.st_uid;
ids[0].xid.type = ID_TYPE_UID;
ids[0].sid = NULL;
ids[1].unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY(ids[1].unixid);
ids[1].unixid->id = name->st.st_gid;
ids[1].unixid->type = ID_TYPE_GID;
ids[1].xid.id = name->st.st_gid;
ids[1].xid.type = ID_TYPE_GID;
ids[1].sid = NULL;
ctx = wbc_xids_to_sids_send(pvfs->wbc_ctx, ids, 2, ids);
@ -314,7 +308,7 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs,
ids = talloc(req, struct id_map);
NT_STATUS_HAVE_NO_MEMORY(ids);
ids->unixid = NULL;
ZERO_STRUCT(ids->xid);
ids->sid = NULL;
ids->status = ID_UNKNOWN;
@ -336,9 +330,9 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs,
status = wbc_sids_to_xids_recv(ctx, &ids);
NT_STATUS_NOT_OK_RETURN(status);
if (ids->unixid->type == ID_TYPE_BOTH ||
ids->unixid->type == ID_TYPE_UID) {
new_uid = ids->unixid->id;
if (ids->xid.type == ID_TYPE_BOTH ||
ids->xid.type == ID_TYPE_UID) {
new_uid = ids->xid.id;
}
}
sd->owner_sid = new_sd->owner_sid;
@ -354,9 +348,9 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs,
status = wbc_sids_to_xids_recv(ctx, &ids);
NT_STATUS_NOT_OK_RETURN(status);
if (ids->unixid->type == ID_TYPE_BOTH ||
ids->unixid->type == ID_TYPE_GID) {
new_gid = ids->unixid->id;
if (ids->xid.type == ID_TYPE_BOTH ||
ids->xid.type == ID_TYPE_GID) {
new_gid = ids->xid.id;
}
}
@ -895,17 +889,13 @@ NTSTATUS pvfs_acl_inherited_sd(struct pvfs_state *pvfs,
ids = talloc_array(sd, struct id_map, 2);
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(ids, tmp_ctx);
ids[0].unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(ids[0].unixid, tmp_ctx);
ids[0].unixid->id = geteuid();
ids[0].unixid->type = ID_TYPE_UID;
ids[0].xid.id = geteuid();
ids[0].xid.type = ID_TYPE_UID;
ids[0].sid = NULL;
ids[0].status = ID_UNKNOWN;
ids[1].unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(ids[1].unixid, tmp_ctx);
ids[1].unixid->id = getegid();
ids[1].unixid->type = ID_TYPE_GID;
ids[1].xid.id = getegid();
ids[1].xid.type = ID_TYPE_GID;
ids[1].sid = NULL;
ids[1].status = ID_UNKNOWN;

26
source4/ntvfs/posix/pvfs_acl_nfs4.c
View File

@ -65,29 +65,23 @@ static NTSTATUS pvfs_acl_load_nfs4(struct pvfs_state *pvfs, struct pvfs_filename
ids = talloc_array(sd, struct id_map, num_ids);
NT_STATUS_HAVE_NO_MEMORY(ids);
ids[0].unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY(ids[0].unixid);
ids[0].unixid->id = name->st.st_uid;
ids[0].unixid->type = ID_TYPE_UID;
ids[0].xid.id = name->st.st_uid;
ids[0].xid.type = ID_TYPE_UID;
ids[0].sid = NULL;
ids[0].status = ID_UNKNOWN;
ids[1].unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY(ids[1].unixid);
ids[1].unixid->id = name->st.st_gid;
ids[1].unixid->type = ID_TYPE_GID;
ids[1].xid.id = name->st.st_gid;
ids[1].xid.type = ID_TYPE_GID;
ids[1].sid = NULL;
ids[1].status = ID_UNKNOWN;
for (i=0;i<acl->a_count;i++) {
struct nfs4ace *a = &acl->ace[i];
ids[i+2].unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY(ids[i+2].unixid);
ids[i+2].unixid->id = a->e_id;
ids[i+2].xid.id = a->e_id;
if (a->e_flags & ACE4_IDENTIFIER_GROUP) {
ids[i+2].unixid->type = ID_TYPE_GID;
ids[i+2].xid.type = ID_TYPE_GID;
} else {
ids[i+2].unixid->type = ID_TYPE_UID;
ids[i+2].xid.type = ID_TYPE_UID;
}
ids[i+2].sid = NULL;
ids[i+2].status = ID_UNKNOWN;
@ -154,7 +148,7 @@ static NTSTATUS pvfs_acl_save_nfs4(struct pvfs_state *pvfs, struct pvfs_filename
for (i=0;i<acl.a_count;i++) {
struct security_ace *ace = &sd->dacl->aces[i];
ids[i].unixid = NULL;
ZERO_STRUCT(ids[i].xid);
ids[i].sid = dom_sid_dup(ids, &ace->trustee);
if (ids[i].sid == NULL) {
talloc_free(tmp_ctx);
@ -180,10 +174,10 @@ static NTSTATUS pvfs_acl_save_nfs4(struct pvfs_state *pvfs, struct pvfs_filename
a->e_type = ace->type;
a->e_flags = ace->flags;
a->e_mask = ace->access_mask;
if (ids[i].unixid->type != ID_TYPE_UID) {
if (ids[i].xid.type != ID_TYPE_UID) {
a->e_flags |= ACE4_IDENTIFIER_GROUP;
}
a->e_id = ids[i].unixid->id;
a->e_id = ids[i].xid.id;
a->e_who = "";
}

24
source4/ntvfs/unixuid/vfs_unixuid.c
View File

@ -184,11 +184,11 @@ static NTSTATUS nt_token_to_unix_security(struct ntvfs_module_context *ntvfs,
ids = talloc_array(req, struct id_map, token->num_sids);
NT_STATUS_HAVE_NO_MEMORY(ids);
ids[0].unixid = NULL;
ZERO_STRUCT(ids[0].xid);
ids[0].sid = token->user_sid;
ids[0].status = ID_UNKNOWN;
ids[1].unixid = NULL;
ZERO_STRUCT(ids[1].xid);
ids[1].sid = token->group_sid;
ids[1].status = ID_UNKNOWN;
@ -197,7 +197,7 @@ static NTSTATUS nt_token_to_unix_security(struct ntvfs_module_context *ntvfs,
NT_STATUS_HAVE_NO_MEMORY((*sec)->groups);
for (i=0;i<(*sec)->ngroups;i++) {
ids[i+2].unixid = NULL;
ZERO_STRUCT(ids[i+2].xid);
ids[i+2].sid = token->sids[i+2];
ids[i+2].status = ID_UNKNOWN;
}
@ -208,24 +208,24 @@ static NTSTATUS nt_token_to_unix_security(struct ntvfs_module_context *ntvfs,
status = wbc_sids_to_xids_recv(ctx, &ids);
NT_STATUS_NOT_OK_RETURN(status);
if (ids[0].unixid->type == ID_TYPE_BOTH ||
ids[0].unixid->type == ID_TYPE_UID) {
(*sec)->uid = ids[0].unixid->id;
if (ids[0].xid.type == ID_TYPE_BOTH ||
ids[0].xid.type == ID_TYPE_UID) {
(*sec)->uid = ids[0].xid.id;
} else {
return NT_STATUS_INVALID_SID;
}
if (ids[1].unixid->type == ID_TYPE_BOTH ||
ids[1].unixid->type == ID_TYPE_GID) {
(*sec)->gid = ids[1].unixid->id;
if (ids[1].xid.type == ID_TYPE_BOTH ||
ids[1].xid.type == ID_TYPE_GID) {
(*sec)->gid = ids[1].xid.id;
} else {
return NT_STATUS_INVALID_SID;
}
for (i=0;i<(*sec)->ngroups;i++) {
if (ids[i+2].unixid->type == ID_TYPE_BOTH ||
ids[i+2].unixid->type == ID_TYPE_GID) {
(*sec)->groups[i] = ids[i+2].unixid->id;
if (ids[i+2].xid.type == ID_TYPE_BOTH ||
ids[i+2].xid.type == ID_TYPE_GID) {
(*sec)->groups[i] = ids[i+2].xid.id;
} else {
return NT_STATUS_INVALID_SID;
}

28
source4/rpc_server/unixinfo/dcesrv_unixinfo.c
View File

@ -59,16 +59,16 @@ static NTSTATUS dcesrv_unixinfo_SidToUid(struct dcesrv_call_state *dce_call,
ids->sid = &r->in.sid;
ids->status = ID_UNKNOWN;
ids->unixid = NULL;
ZERO_STRUCT(ids->xid);
ctx = wbc_sids_to_xids_send(wbc_ctx, ids, 1, ids);
NT_STATUS_HAVE_NO_MEMORY(ctx);
status = wbc_sids_to_xids_recv(ctx, &ids);
NT_STATUS_NOT_OK_RETURN(status);
if (ids->unixid->type == ID_TYPE_BOTH ||
ids->unixid->type == ID_TYPE_UID) {
*r->out.uid = ids->unixid->id;
if (ids->xid.type == ID_TYPE_BOTH ||
ids->xid.type == ID_TYPE_UID) {
*r->out.uid = ids->xid.id;
return NT_STATUS_OK;
} else {
return NT_STATUS_INVALID_SID;
@ -100,11 +100,9 @@ static NTSTATUS dcesrv_unixinfo_UidToSid(struct dcesrv_call_state *dce_call,
ids->sid = NULL;
ids->status = ID_UNKNOWN;
ids->unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY(ids->unixid);
ids->unixid->id = uid;
ids->unixid->type = ID_TYPE_UID;
ids->xid.id = uid;
ids->xid.type = ID_TYPE_UID;
ctx = wbc_xids_to_sids_send(wbc_ctx, ids, 1, ids);
NT_STATUS_HAVE_NO_MEMORY(ctx);
@ -134,16 +132,16 @@ static NTSTATUS dcesrv_unixinfo_SidToGid(struct dcesrv_call_state *dce_call,
ids->sid = &r->in.sid;
ids->status = ID_UNKNOWN;
ids->unixid = NULL;
ZERO_STRUCT(ids->xid);
ctx = wbc_sids_to_xids_send(wbc_ctx, ids, 1, ids);
NT_STATUS_HAVE_NO_MEMORY(ctx);
status = wbc_sids_to_xids_recv(ctx, &ids);
NT_STATUS_NOT_OK_RETURN(status);
if (ids->unixid->type == ID_TYPE_BOTH ||
ids->unixid->type == ID_TYPE_GID) {
*r->out.gid = ids->unixid->id;
if (ids->xid.type == ID_TYPE_BOTH ||
ids->xid.type == ID_TYPE_GID) {
*r->out.gid = ids->xid.id;
return NT_STATUS_OK;
} else {
return NT_STATUS_INVALID_SID;
@ -175,11 +173,9 @@ static NTSTATUS dcesrv_unixinfo_GidToSid(struct dcesrv_call_state *dce_call,
ids->sid = NULL;
ids->status = ID_UNKNOWN;
ids->unixid = talloc(ids, struct unixid);
NT_STATUS_HAVE_NO_MEMORY(ids->unixid);
ids->unixid->id = gid;
ids->unixid->type = ID_TYPE_GID;
ids->xid.id = gid;
ids->xid.type = ID_TYPE_GID;
ctx = wbc_xids_to_sids_send(wbc_ctx, ids, 1, ids);
NT_STATUS_HAVE_NO_MEMORY(ctx);

54
source4/winbind/idmap.c
View File

@ -284,7 +284,7 @@ failed:
* \param idmap_ctx idmap context to use
* \param mem_ctx talloc context to use
* \param sid SID to map to an unixid struct
* \param unixid pointer to a unixid struct pointer
* \param unixid pointer to a unixid struct
* \return NT_STATUS_OK on success, NT_STATUS_INVALID_SID if the sid is not from
* a trusted domain and idmap trusted only = true, NT_STATUS_NONE_MAPPED if the
* mapping failed.
@ -292,7 +292,7 @@ failed:
static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
TALLOC_CTX *mem_ctx,
const struct dom_sid *sid,
struct unixid **unixid)
struct unixid *unixid)
{
int ret;
NTSTATUS status = NT_STATUS_NONE_MAPPED;
@ -312,13 +312,8 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid);
if (!NT_STATUS_IS_OK(status)) goto failed;
*unixid = talloc(mem_ctx, struct unixid);
if (*unixid == NULL) {
status = NT_STATUS_NO_MEMORY;
goto failed;
}
(*unixid)->id = rid;
(*unixid)->type = ID_TYPE_UID;
unixid->id = rid;
unixid->type = ID_TYPE_UID;
talloc_free(tmp_ctx);
return NT_STATUS_OK;
@ -330,13 +325,8 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid);
if (!NT_STATUS_IS_OK(status)) goto failed;
*unixid = talloc(mem_ctx, struct unixid);
if (*unixid == NULL) {
status = NT_STATUS_NO_MEMORY;
goto failed;
}
(*unixid)->id = rid;
(*unixid)->type = ID_TYPE_GID;
unixid->id = rid;
unixid->type = ID_TYPE_GID;
talloc_free(tmp_ctx);
return NT_STATUS_OK;
@ -368,20 +358,14 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
goto failed;
}
*unixid = talloc(mem_ctx, struct unixid);
if (*unixid == NULL) {
status = NT_STATUS_NO_MEMORY;
goto failed;
}
(*unixid)->id = new_xid;
unixid->id = new_xid;
if (strcmp(type, "ID_TYPE_BOTH") == 0) {
(*unixid)->type = ID_TYPE_BOTH;
unixid->type = ID_TYPE_BOTH;
} else if (strcmp(type, "ID_TYPE_UID") == 0) {
(*unixid)->type = ID_TYPE_UID;
unixid->type = ID_TYPE_UID;
} else {
(*unixid)->type = ID_TYPE_GID;
unixid->type = ID_TYPE_GID;
}
talloc_free(tmp_ctx);
@ -604,14 +588,8 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
goto failed;
}
*unixid = talloc(mem_ctx, struct unixid);
if (*unixid == NULL) {
status = NT_STATUS_NO_MEMORY;
goto failed;
}
(*unixid)->id = new_xid;
(*unixid)->type = ID_TYPE_BOTH;
unixid->id = new_xid;
unixid->type = ID_TYPE_BOTH;
talloc_free(tmp_ctx);
return NT_STATUS_OK;
@ -644,10 +622,10 @@ NTSTATUS idmap_xids_to_sids(struct idmap_context *idmap_ctx,
for (i = 0; i < count; ++i) {
status = idmap_xid_to_sid(idmap_ctx, mem_ctx,
id[i].unixid, &id[i].sid);
&id[i].xid, &id[i].sid);
if (NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
status = idmap_xid_to_sid(idmap_ctx, mem_ctx,
id[i].unixid,
&id[i].xid,
&id[i].sid);
}
if (!NT_STATUS_IS_OK(status)) {
@ -693,11 +671,11 @@ NTSTATUS idmap_sids_to_xids(struct idmap_context *idmap_ctx,
for (i = 0; i < count; ++i) {
status = idmap_sid_to_xid(idmap_ctx, mem_ctx,
id[i].sid, &id[i].unixid);
id[i].sid, &id[i].xid);
if (NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
status = idmap_sid_to_xid(idmap_ctx, mem_ctx,
id[i].sid,
&id[i].unixid);
&id[i].xid);
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("idmapping sid_to_xid failed for id[%d]\n", i));

9
source4/winbind/wb_gid2sid.c
View File

@ -37,7 +37,6 @@ struct composite_context *wb_gid2sid_send(TALLOC_CTX *mem_ctx,
{
struct composite_context *result, *ctx;
struct gid2sid_state *state;
struct unixid *unixid;
struct id_map *ids;
DEBUG(5, ("wb_gid2sid_send called\n"));
@ -52,14 +51,10 @@ struct composite_context *wb_gid2sid_send(TALLOC_CTX *mem_ctx,
result->private_data = state;
state->service = service;
unixid = talloc(result, struct unixid);
if (composite_nomem(unixid, result)) return result;
unixid->id = gid;
unixid->type = ID_TYPE_GID;
ids = talloc(result, struct id_map);
if (composite_nomem(ids, result)) return result;
ids->unixid = unixid;
ids->xid.id = gid;
ids->xid.type = ID_TYPE_GID;
ids->sid = NULL;
ctx = wb_xids2sids_send(result, service, 1, ids);

6
source4/winbind/wb_sid2gid.c
View File

@ -80,9 +80,9 @@ static void sid2gid_recv_gid(struct composite_context *ctx)
return;
}
if (ids->unixid->type == ID_TYPE_BOTH ||
ids->unixid->type == ID_TYPE_GID) {
state->gid = ids->unixid->id;
if (ids->xid.type == ID_TYPE_BOTH ||
ids->xid.type == ID_TYPE_GID) {
state->gid = ids->xid.id;
composite_done(state->ctx);
} else {
composite_error(state->ctx, NT_STATUS_INVALID_SID);

6
source4/winbind/wb_sid2uid.c
View File

@ -80,9 +80,9 @@ static void sid2uid_recv_uid(struct composite_context *ctx)
return;
}
if (ids->unixid->type == ID_TYPE_BOTH ||
ids->unixid->type == ID_TYPE_UID) {
state->uid = ids->unixid->id;
if (ids->xid.type == ID_TYPE_BOTH ||
ids->xid.type == ID_TYPE_UID) {
state->uid = ids->xid.id;
composite_done(state->ctx);
} else {
composite_error(state->ctx, NT_STATUS_INVALID_SID);

9
source4/winbind/wb_uid2sid.c
View File

@ -37,7 +37,6 @@ struct composite_context *wb_uid2sid_send(TALLOC_CTX *mem_ctx,
{
struct composite_context *result, *ctx;
struct uid2sid_state *state;
struct unixid *unixid;
struct id_map *ids;
DEBUG(5, ("wb_uid2sid_send called\n"));
@ -52,15 +51,11 @@ struct composite_context *wb_uid2sid_send(TALLOC_CTX *mem_ctx,
result->private_data = state;
state->service = service;
unixid = talloc(result, struct unixid);
if (composite_nomem(unixid, result)) return result;
unixid->id = uid;
unixid->type = ID_TYPE_UID;
ids = talloc(result, struct id_map);
if (composite_nomem(ids, result)) return result;
ids->unixid = unixid;
ids->sid = NULL;
ids->xid.id = uid;
ids->xid.type = ID_TYPE_UID;
ctx = wb_xids2sids_send(result, service, 1, ids);
if (composite_nomem(ctx, result)) return result;