mirror of
https://github.com/samba-team/samba.git
synced 2025-01-25 06:04:04 +03:00
s3: rename sid_check_is_domain() to sid_check_is_our_sam()
This does not check whether the given sid is the domain sid, but whether it is the sid of the local sam, which is different for a domain member server.
This commit is contained in:
parent
ac2644b776
commit
c43505b621
@ -497,7 +497,7 @@ static bool lookup_rids(TALLOC_CTX *mem_ctx, const struct dom_sid *domain_sid,
|
||||
*types = NULL;
|
||||
}
|
||||
|
||||
if (sid_check_is_domain(domain_sid)) {
|
||||
if (sid_check_is_our_sam(domain_sid)) {
|
||||
NTSTATUS result;
|
||||
|
||||
if (*domain_name == NULL) {
|
||||
@ -613,7 +613,7 @@ static bool lookup_as_domain(const struct dom_sid *sid, TALLOC_CTX *mem_ctx,
|
||||
const char *tmp;
|
||||
enum lsa_SidType type;
|
||||
|
||||
if (sid_check_is_domain(sid)) {
|
||||
if (sid_check_is_our_sam(sid)) {
|
||||
*name = talloc_strdup(mem_ctx, get_global_sam_name());
|
||||
return true;
|
||||
}
|
||||
@ -710,7 +710,7 @@ static bool check_dom_sid_to_level(const struct dom_sid *sid, int level)
|
||||
case 3:
|
||||
case 4:
|
||||
case 6:
|
||||
ret = sid_check_is_domain(sid);
|
||||
ret = sid_check_is_our_sam(sid);
|
||||
break;
|
||||
case 5:
|
||||
ret = false;
|
||||
|
@ -229,10 +229,10 @@ void reset_global_sam_sid(void)
|
||||
}
|
||||
|
||||
/*****************************************************************
|
||||
Check if the SID is our domain SID (S-1-5-21-x-y-z).
|
||||
Check if the SID is our sam SID (S-1-5-21-x-y-z).
|
||||
*****************************************************************/
|
||||
|
||||
bool sid_check_is_domain(const struct dom_sid *sid)
|
||||
bool sid_check_is_our_sam(const struct dom_sid *sid)
|
||||
{
|
||||
return dom_sid_equal(sid, get_global_sam_sid());
|
||||
}
|
||||
@ -247,5 +247,5 @@ bool sid_check_is_in_our_domain(const struct dom_sid *sid)
|
||||
|
||||
sid_copy(&dom_sid, sid);
|
||||
sid_split_rid(&dom_sid, NULL);
|
||||
return sid_check_is_domain(&dom_sid);
|
||||
return sid_check_is_our_sam(&dom_sid);
|
||||
}
|
||||
|
@ -27,7 +27,7 @@
|
||||
|
||||
struct dom_sid *get_global_sam_sid(void);
|
||||
void reset_global_sam_sid(void) ;
|
||||
bool sid_check_is_domain(const struct dom_sid *sid);
|
||||
bool sid_check_is_our_sam(const struct dom_sid *sid);
|
||||
bool sid_check_is_in_our_domain(const struct dom_sid *sid);
|
||||
|
||||
#endif /* _PASSDB_MACHINE_SID_H_ */
|
||||
|
@ -1805,7 +1805,7 @@ static NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
|
||||
}
|
||||
|
||||
/* Should not happen, but better check once too many */
|
||||
if (!sid_check_is_domain(domain_sid)) {
|
||||
if (!sid_check_is_our_sam(domain_sid)) {
|
||||
return NT_STATUS_INVALID_HANDLE;
|
||||
}
|
||||
|
||||
|
@ -3727,7 +3727,7 @@ static NTSTATUS ldapsam_alias_memberships(struct pdb_methods *methods,
|
||||
type = SID_NAME_ALIAS;
|
||||
}
|
||||
|
||||
if (sid_check_is_domain(domain_sid)) {
|
||||
if (sid_check_is_our_sam(domain_sid)) {
|
||||
type = SID_NAME_ALIAS;
|
||||
}
|
||||
|
||||
@ -4032,7 +4032,7 @@ static NTSTATUS ldapsam_lookup_rids(struct pdb_methods *methods,
|
||||
}
|
||||
|
||||
if (!sid_check_is_builtin(domain_sid) &&
|
||||
!sid_check_is_domain(domain_sid)) {
|
||||
!sid_check_is_our_sam(domain_sid)) {
|
||||
result = NT_STATUS_INVALID_PARAMETER;
|
||||
goto done;
|
||||
}
|
||||
|
@ -233,7 +233,7 @@ static DISP_INFO *get_samr_dispinfo_by_sid(const struct dom_sid *psid)
|
||||
return builtin_dispinfo;
|
||||
}
|
||||
|
||||
if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) {
|
||||
if (sid_check_is_our_sam(psid) || sid_check_is_in_our_domain(psid)) {
|
||||
/*
|
||||
* Necessary only once, but it does not really hurt.
|
||||
*/
|
||||
@ -484,7 +484,7 @@ NTSTATUS _samr_OpenDomain(struct pipes_struct *p,
|
||||
if ( !NT_STATUS_IS_OK(status) )
|
||||
return status;
|
||||
|
||||
if (!sid_check_is_domain(r->in.sid) &&
|
||||
if (!sid_check_is_our_sam(r->in.sid) &&
|
||||
!sid_check_is_builtin(r->in.sid)) {
|
||||
return NT_STATUS_NO_SUCH_DOMAIN;
|
||||
}
|
||||
@ -5326,7 +5326,7 @@ NTSTATUS _samr_GetAliasMembership(struct pipes_struct *p,
|
||||
return status;
|
||||
}
|
||||
|
||||
if (!sid_check_is_domain(&dinfo->sid) &&
|
||||
if (!sid_check_is_our_sam(&dinfo->sid) &&
|
||||
!sid_check_is_builtin(&dinfo->sid))
|
||||
return NT_STATUS_OBJECT_TYPE_MISMATCH;
|
||||
|
||||
@ -5837,7 +5837,7 @@ NTSTATUS _samr_CreateDomainGroup(struct pipes_struct *p,
|
||||
return status;
|
||||
}
|
||||
|
||||
if (!sid_check_is_domain(&dinfo->sid)) {
|
||||
if (!sid_check_is_our_sam(&dinfo->sid)) {
|
||||
return NT_STATUS_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
@ -5899,7 +5899,7 @@ NTSTATUS _samr_CreateDomAlias(struct pipes_struct *p,
|
||||
return result;
|
||||
}
|
||||
|
||||
if (!sid_check_is_domain(&dinfo->sid)) {
|
||||
if (!sid_check_is_our_sam(&dinfo->sid)) {
|
||||
return NT_STATUS_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
@ -6319,7 +6319,7 @@ NTSTATUS _samr_OpenGroup(struct pipes_struct *p,
|
||||
|
||||
/* this should not be hard-coded like this */
|
||||
|
||||
if (!sid_check_is_domain(&dinfo->sid)) {
|
||||
if (!sid_check_is_our_sam(&dinfo->sid)) {
|
||||
return NT_STATUS_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
|
@ -185,7 +185,7 @@ static bool wb_lookupsids_next(struct tevent_req *req,
|
||||
|
||||
d = &state->domains[state->domains_done];
|
||||
|
||||
if (sid_check_is_domain(&d->sid)) {
|
||||
if (sid_check_is_our_sam(&d->sid)) {
|
||||
state->rids.num_rids = d->sids.num_sids;
|
||||
state->rids.rids = talloc_array(state, uint32_t,
|
||||
state->rids.num_rids);
|
||||
|
@ -62,7 +62,7 @@ struct tevent_req *wb_next_grent_send(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
if ((state->gstate->domain != NULL)
|
||||
&& sid_check_is_domain(&state->gstate->domain->sid)) {
|
||||
&& sid_check_is_our_sam(&state->gstate->domain->sid)) {
|
||||
state->gstate->domain = state->gstate->domain->next;
|
||||
}
|
||||
|
||||
@ -125,7 +125,7 @@ static void wb_next_grent_fetch_done(struct tevent_req *subreq)
|
||||
state->gstate->domain = state->gstate->domain->next;
|
||||
|
||||
if ((state->gstate->domain != NULL)
|
||||
&& sid_check_is_domain(&state->gstate->domain->sid)) {
|
||||
&& sid_check_is_our_sam(&state->gstate->domain->sid)) {
|
||||
state->gstate->domain = state->gstate->domain->next;
|
||||
}
|
||||
|
||||
|
@ -40,7 +40,7 @@ static struct winbindd_domain *wb_next_find_domain(struct winbindd_domain *domai
|
||||
}
|
||||
|
||||
if ((domain != NULL)
|
||||
&& sid_check_is_domain(&domain->sid)) {
|
||||
&& sid_check_is_our_sam(&domain->sid)) {
|
||||
domain = domain->next;
|
||||
}
|
||||
return domain;
|
||||
@ -114,7 +114,7 @@ static void wb_next_pwent_fetch_done(struct tevent_req *subreq)
|
||||
state->gstate->domain = state->gstate->domain->next;
|
||||
|
||||
if ((state->gstate->domain != NULL)
|
||||
&& sid_check_is_domain(&state->gstate->domain->sid)) {
|
||||
&& sid_check_is_our_sam(&state->gstate->domain->sid)) {
|
||||
state->gstate->domain = state->gstate->domain->next;
|
||||
}
|
||||
|
||||
|
@ -124,7 +124,7 @@ static struct winbind_cache *get_cache(struct winbindd_domain *domain)
|
||||
}
|
||||
|
||||
if (strequal(domain->name, get_global_sam_name()) &&
|
||||
sid_check_is_domain(&domain->sid)) {
|
||||
sid_check_is_our_sam(&domain->sid)) {
|
||||
domain->backend = &sam_passdb_methods;
|
||||
domain->initialized = True;
|
||||
}
|
||||
@ -668,7 +668,7 @@ static struct cache_entry *wcache_fetch_raw(char *kstr)
|
||||
static bool is_my_own_sam_domain(struct winbindd_domain *domain)
|
||||
{
|
||||
if (strequal(domain->name, get_global_sam_name()) &&
|
||||
sid_check_is_domain(&domain->sid)) {
|
||||
sid_check_is_our_sam(&domain->sid)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -2159,7 +2159,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
|
||||
char *machine_account = NULL;
|
||||
char *domain_name = NULL;
|
||||
|
||||
if (sid_check_is_domain(&domain->sid)) {
|
||||
if (sid_check_is_our_sam(&domain->sid)) {
|
||||
return open_internal_samr_conn(mem_ctx, domain, cli, sam_handle);
|
||||
}
|
||||
|
||||
|
@ -761,7 +761,7 @@ static NTSTATUS sam_rids_to_names(struct winbindd_domain *domain,
|
||||
|
||||
/* Paranoia check */
|
||||
if (!sid_check_is_builtin(domain_sid) &&
|
||||
!sid_check_is_domain(domain_sid) &&
|
||||
!sid_check_is_our_sam(domain_sid) &&
|
||||
!sid_check_is_unix_users(domain_sid) &&
|
||||
!sid_check_is_unix_groups(domain_sid) &&
|
||||
!sid_check_is_in_wellknown_domain(domain_sid)) {
|
||||
|
@ -77,7 +77,7 @@ static bool is_internal_domain(const struct dom_sid *sid)
|
||||
if (sid == NULL)
|
||||
return False;
|
||||
|
||||
return (sid_check_is_domain(sid) || sid_check_is_builtin(sid));
|
||||
return (sid_check_is_our_sam(sid) || sid_check_is_builtin(sid));
|
||||
}
|
||||
|
||||
static bool is_in_internal_domain(const struct dom_sid *sid)
|
||||
|
Loading…
x
Reference in New Issue
Block a user