Merge from HEAD - extract user's list of SIDs from their NT_TOKEN and return

this as thier list of groups, rather than do a seperate lookup.  This NT_TOKEN
is originally initgroups() (or equiv) based.

We currently send all sids in our domain, perhaps this should be further
restricted, but this works for now.

Andrew Bartlett
(This used to be commit f5850928a011211f03e5b9ece37682fd9243e2ba)

diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index c65ea43e1e1d2861a3622fc7f922929a165295d5..c3d48a65270bffd19b56477d689276f292e16765 100644 (file)
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -688,16 +688,14 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
                
                pstrcpy(my_name, global_myname());
 
-               /*
-                * This is the point at which we get the group
-                * database - we should be getting the gid_t list
-                * from /etc/group and then turning the uids into
-                * rids and then into machine sids for this user.
-                * JRA.
-                */
-
-               gids = NULL;
-               get_domain_user_groups(p->mem_ctx, &num_gids, &gids, server_info->sam_account);
+               if (!NT_STATUS_IS_OK(status 
+                                    = nt_token_to_group_list(p->mem_ctx, 
+                                                             &domain_sid, 
+                                                             server_info->ptok, 
+                                                             &num_gids, 
+                                                             &gids))) {
+                       return status;
+               }
 
                init_net_user_info3(p->mem_ctx, usr_info, 
                                    user_rid,

diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 1b2ac34a6e3831687dc80c321fd6b4dfe46f2d9f..f33a576db97ee5d8ad7dce9050954f3aec88ed10 100644 (file)
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -350,6 +350,35 @@ BOOL get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids, SA
        return True;
 }
 
+/*******************************************************************
+ gets a domain user's groups from their already-calculated NT_USER_TOKEN
+ ********************************************************************/
+NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, 
+                               const NT_USER_TOKEN *nt_token,
+                               int *numgroups, DOM_GID **pgids) 
+{
+       DOM_GID *gids;
+       int i;
+
+       gids = (DOM_GID *)talloc(mem_ctx, sizeof(*gids) * nt_token->num_sids);
+
+       if (!gids) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       *numgroups=0;
+
+       for (i=PRIMARY_GROUP_SID_INDEX; i < nt_token->num_sids; i++) {
+               if (sid_compare_domain(domain_sid, &nt_token->user_sids[i])==0) {
+                       sid_peek_rid(&nt_token->user_sids[i], &(gids[*numgroups].g_rid));
+                       gids[*numgroups].attr=7;
+                       (*numgroups)++;
+               }
+       }
+       *pgids = gids; 
+       return NT_STATUS_OK;
+}
+
 /*******************************************************************
  Look up a local (domain) rid and return a name and type.
  ********************************************************************/