1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s3-winbind: Use rpc_lookup_groupmem in samr.

This commit is contained in:
Andreas Schneider 2010-06-21 10:28:47 +02:00
parent 3c06d42bec
commit 62038010e0

View File

@ -421,35 +421,28 @@ static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
uint32_t **pname_types)
{
struct rpc_pipe_client *samr_pipe;
struct policy_handle dom_pol, group_pol;
uint32_t samr_access = SEC_FLAG_MAXIMUM_ALLOWED;
struct samr_RidTypeArray *rids = NULL;
uint32_t group_rid;
uint32_t *rid_mem = NULL;
struct policy_handle dom_pol;
uint32_t num_names = 0;
uint32_t total_names = 0;
struct dom_sid *sid_mem = NULL;
char **names = NULL;
uint32_t *name_types = NULL;
struct lsa_Strings tmp_names;
struct samr_Ids tmp_types;
uint32_t j, r;
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
DEBUG(3,("samr: lookup groupmem\n"));
DEBUG(3,("sam_lookup_groupmem\n"));
/* Paranoia check */
if (sid_check_is_in_builtin(group_sid) && (type != SID_NAME_ALIAS)) {
/* There's no groups, only aliases in BUILTIN */
return NT_STATUS_NO_SUCH_GROUP;
}
if (pnum_names) {
pnum_names = 0;
}
if (!sid_peek_check_rid(&domain->sid, group_sid, &group_rid)) {
return NT_STATUS_UNSUCCESSFUL;
}
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
return NT_STATUS_NO_MEMORY;
@ -457,99 +450,23 @@ static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
if (!NT_STATUS_IS_OK(status)) {
goto error;
goto done;
}
status = rpccli_samr_OpenGroup(samr_pipe,
tmp_ctx,
&dom_pol,
samr_access,
group_rid,
&group_pol);
if (!NT_STATUS_IS_OK(status)) {
goto error;
}
/*
* Step #1: Get a list of user rids that are the members of the group.
*/
status = rpccli_samr_QueryGroupMember(samr_pipe,
tmp_ctx,
&group_pol,
&rids);
rpccli_samr_Close(samr_pipe, tmp_ctx, &group_pol);
if (!NT_STATUS_IS_OK(status)) {
goto error;
}
if (rids == NULL || rids->count == 0) {
pnum_names = 0;
pnames = NULL;
pname_types = NULL;
psid_mem = NULL;
status = NT_STATUS_OK;
goto error;
}
num_names = rids->count;
rid_mem = rids->rids;
/*
* Step #2: Convert list of rids into list of usernames.
*/
#define MAX_LOOKUP_RIDS 900
if (num_names > 0) {
names = TALLOC_ZERO_ARRAY(tmp_ctx, char *, num_names);
name_types = TALLOC_ZERO_ARRAY(tmp_ctx, uint32_t, num_names);
sid_mem = TALLOC_ZERO_ARRAY(tmp_ctx, struct dom_sid, num_names);
if (names == NULL || name_types == NULL || sid_mem == NULL) {
status = NT_STATUS_NO_MEMORY;
goto error;
}
}
for (j = 0; j < num_names; j++) {
sid_compose(&sid_mem[j], &domain->sid, rid_mem[j]);
}
status = rpccli_samr_LookupRids(samr_pipe,
tmp_ctx,
&dom_pol,
num_names,
rid_mem,
&tmp_names,
&tmp_types);
if (!NT_STATUS_IS_OK(status)) {
if (!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
goto error;
}
}
/* Copy result into array. The talloc system will take
care of freeing the temporary arrays later on. */
if (tmp_names.count != tmp_types.count) {
status = NT_STATUS_UNSUCCESSFUL;
goto error;
}
for (r = 0; r < tmp_names.count; r++) {
if (tmp_types.ids[r] == SID_NAME_UNKNOWN) {
continue;
}
names[total_names] = fill_domain_username_talloc(names,
domain->name,
tmp_names.names[r].string,
true);
name_types[total_names] = tmp_types.ids[r];
total_names++;
}
status = rpc_lookup_groupmem(tmp_ctx,
samr_pipe,
&dom_pol,
domain->name,
&domain->sid,
group_sid,
type,
&num_names,
&sid_mem,
&names,
&name_types);
if (pnum_names) {
*pnum_names = total_names;
*pnum_names = num_names;
}
if (pnames) {
@ -564,7 +481,7 @@ static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
*psid_mem = talloc_move(mem_ctx, &sid_mem);
}
error:
done:
TALLOC_FREE(tmp_ctx);
return status;
}