This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
restore_re_gid();
- if (sys_setgroups(ngrp_saved, gids_saved) != 0) {
+ if (sys_setgroups(gid, ngrp_saved, gids_saved) != 0) {
/* yikes! */
DEBUG(0,("ERROR: getgrouplist: failed to reset group list!\n"));
- smb_panic("getgrouplist: failed to reset group list!\n");
- free(gids_saved);
- return -1;
+ smb_panic("getgrouplist: failed to reset group list!");
}
free(gids_saved);
static int sys_getgrouplist(const char *user, gid_t gid, gid_t *groups, int *grpcnt)
{
int retval;
+ BOOL winbind_env;
DEBUG(10,("sys_getgrouplist: user [%s]\n", user));
-
+
/* This is only ever called for Unix users, remote memberships are
* always determined by the info3 coming back from auth3 or the
* PAC. */
-
- if ( !winbind_off() ) {
- DEBUG(0,("sys_getgroup_list: Insufficient environment space "
- "for %s\n", WINBINDD_DONT_ENV));
- } else {
- DEBUG(10,("sys_getgrouplist(): disabled winbindd for group "
- "lookup [user == %s]\n", user));
- }
+ winbind_env = winbind_env_set();
+ winbind_off();
#ifdef HAVE_GETGROUPLIST
retval = getgrouplist(user, gid, groups, grpcnt);
unbecome_root();
#endif
- /* allow winbindd lookups */
- winbind_on();
-
+ /* allow winbindd lookups, but only if they were not already disabled */
+ if (!winbind_env) {
+ winbind_on();
+ }
+
return retval;
}
gid_t *groups;
int i;
- max_grp = groups_max();
+ max_grp = MIN(32, groups_max());
temp_groups = SMB_MALLOC_ARRAY(gid_t, max_grp);
if (! temp_groups) {
return False;
}
if (sys_getgrouplist(user, primary_gid, temp_groups, &max_grp) == -1) {
- gid_t *groups_tmp;
-
- groups_tmp = SMB_REALLOC_ARRAY(temp_groups, gid_t, max_grp);
-
- if (!groups_tmp) {
- SAFE_FREE(temp_groups);
+ temp_groups = SMB_REALLOC_ARRAY(temp_groups, gid_t, max_grp);
+ if (!temp_groups) {
return False;
}
- temp_groups = groups_tmp;
if (sys_getgrouplist(user, primary_gid,
temp_groups, &max_grp) == -1) {
groups = NULL;
/* Add in primary group first */
- add_gid_to_array_unique(mem_ctx, primary_gid, &groups, &ngrp);
+ if (!add_gid_to_array_unique(mem_ctx, primary_gid, &groups, &ngrp)) {
+ SAFE_FREE(temp_groups);
+ return False;
+ }
- for (i=0; i<max_grp; i++)
- add_gid_to_array_unique(mem_ctx, temp_groups[i],
- &groups, &ngrp);
+ for (i=0; i<max_grp; i++) {
+ if (!add_gid_to_array_unique(mem_ctx, temp_groups[i],
+ &groups, &ngrp)) {
+ SAFE_FREE(temp_groups);
+ return False;
+ }
+ }
*p_ngroups = ngrp;
*ret_groups = groups;