From: Michael Adam Date: Thu, 12 Jul 2012 14:00:59 +0000 (+0200) Subject: s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam() X-Git-Url: http://git.samba.org/samba.git/?p=kai%2Fsamba.git;a=commitdiff_plain;h=1ee95e4cb14b0f9c7bbaba0c994f0a511822cff8 s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam() This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104 --- diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c index 4a88a6bb725..59295fd0f72 100644 --- a/source3/auth/token_util.c +++ b/source3/auth/token_util.c @@ -583,7 +583,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, goto done; } - if (sid_check_is_in_our_domain(&user_sid)) { + if (sid_check_is_in_our_sam(&user_sid)) { bool ret; uint32_t pdb_num_group_sids; /* This is a passdb user, so ask passdb */ diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 9b2f548e550..8e14cec3e81 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1081,7 +1081,7 @@ static void legacy_gid_to_sid(struct dom_sid *psid, gid_t gid) static bool legacy_sid_to_unixid(const struct dom_sid *psid, struct unixid *id) { GROUP_MAP *map; - if (sid_check_is_in_our_domain(psid)) { + if (sid_check_is_in_our_sam(psid)) { bool ret; become_root(); diff --git a/source3/passdb/machine_sid.c b/source3/passdb/machine_sid.c index f3a4402d47c..56edb171cb6 100644 --- a/source3/passdb/machine_sid.c +++ b/source3/passdb/machine_sid.c @@ -241,7 +241,7 @@ bool sid_check_is_our_sam(const struct dom_sid *sid) Check if the SID is our domain SID (S-1-5-21-x-y-z). *****************************************************************/ -bool sid_check_is_in_our_domain(const struct dom_sid *sid) +bool sid_check_is_in_our_sam(const struct dom_sid *sid) { struct dom_sid dom_sid; diff --git a/source3/passdb/machine_sid.h b/source3/passdb/machine_sid.h index 2feada716de..33dce251a9f 100644 --- a/source3/passdb/machine_sid.h +++ b/source3/passdb/machine_sid.h @@ -28,6 +28,6 @@ struct dom_sid *get_global_sam_sid(void); void reset_global_sam_sid(void) ; bool sid_check_is_our_sam(const struct dom_sid *sid); -bool sid_check_is_in_our_domain(const struct dom_sid *sid); +bool sid_check_is_in_our_sam(const struct dom_sid *sid); #endif /* _PASSDB_MACHINE_SID_H_ */ diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 71afb339fa6..379d85803f1 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -623,7 +623,7 @@ bool lookup_global_sam_name(const char *name, int flags, uint32_t *rid, TALLOC_FREE(sam_account); if (ret) { - if (!sid_check_is_in_our_domain(&user_sid)) { + if (!sid_check_is_in_our_sam(&user_sid)) { DEBUG(0, ("User %s with invalid SID %s in passdb\n", name, sid_string_dbg(&user_sid))); return False; @@ -654,7 +654,7 @@ bool lookup_global_sam_name(const char *name, int flags, uint32_t *rid, } /* BUILTIN groups are looked up elsewhere */ - if (!sid_check_is_in_our_domain(&map->sid)) { + if (!sid_check_is_in_our_sam(&map->sid)) { DEBUG(10, ("Found group %s (%s) not in our domain -- " "ignoring.", name, sid_string_dbg(&map->sid))); TALLOC_FREE(map); diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 30c13faebcb..fee1e002315 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -1607,7 +1607,7 @@ static NTSTATUS pdb_default_enum_group_members(struct pdb_methods *methods, uid_to_sid(&sid, uids[i]); - if (!sid_check_is_in_our_domain(&sid)) { + if (!sid_check_is_in_our_sam(&sid)) { DEBUG(5, ("Inconsistent SAM -- group member uid not " "in our domain\n")); continue; diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 23793bf7262..68ced934d36 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -2724,7 +2724,7 @@ static NTSTATUS ldapsam_enum_group_members(struct pdb_methods *methods, if (!string_to_sid(&sid, sidstr)) goto done; - if (!sid_check_is_in_our_domain(&sid)) { + if (!sid_check_is_in_our_sam(&sid)) { DEBUG(0, ("Inconsistent SAM -- group member uid not " "in our domain\n")); ret = NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -3075,7 +3075,7 @@ static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods, break; case SID_NAME_ALIAS: - if (!sid_check_is_in_our_domain(&map->sid) + if (!sid_check_is_in_our_sam(&map->sid) && !sid_check_is_in_builtin(&map->sid) ) { DEBUG(3, ("Refusing to map sid %s as an alias, not in our domain\n", @@ -3487,7 +3487,7 @@ static NTSTATUS ldapsam_modify_aliasmem(struct pdb_methods *methods, type = SID_NAME_ALIAS; } - if (sid_check_is_in_our_domain(alias)) { + if (sid_check_is_in_our_sam(alias)) { type = SID_NAME_ALIAS; } @@ -3610,7 +3610,7 @@ static NTSTATUS ldapsam_enum_aliasmem(struct pdb_methods *methods, type = SID_NAME_ALIAS; } - if (sid_check_is_in_our_domain(alias)) { + if (sid_check_is_in_our_sam(alias)) { type = SID_NAME_ALIAS; } diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c index 2363fd434b6..d7cebb45356 100644 --- a/source3/rpc_server/samr/srv_samr_nt.c +++ b/source3/rpc_server/samr/srv_samr_nt.c @@ -233,7 +233,7 @@ static DISP_INFO *get_samr_dispinfo_by_sid(const struct dom_sid *psid) return builtin_dispinfo; } - if (sid_check_is_our_sam(psid) || sid_check_is_in_our_domain(psid)) { + if (sid_check_is_our_sam(psid) || sid_check_is_in_our_sam(psid)) { /* * Necessary only once, but it does not really hurt. */ @@ -525,7 +525,7 @@ NTSTATUS _samr_GetUserPwInfo(struct pipes_struct *p, return status; } - if (!sid_check_is_in_our_domain(&uinfo->sid)) { + if (!sid_check_is_in_our_sam(&uinfo->sid)) { return NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -3010,7 +3010,7 @@ NTSTATUS _samr_QueryUserInfo(struct pipes_struct *p, sid_split_rid(&domain_sid, &rid); - if (!sid_check_is_in_our_domain(&uinfo->sid)) + if (!sid_check_is_in_our_sam(&uinfo->sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; DEBUG(5,("_samr_QueryUserInfo: sid:%s\n", @@ -3183,7 +3183,7 @@ NTSTATUS _samr_GetGroupsForUser(struct pipes_struct *p, return NT_STATUS_NO_MEMORY; } - if (!sid_check_is_in_our_domain(&uinfo->sid)) + if (!sid_check_is_in_our_sam(&uinfo->sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; if ( !(sam_pass = samu_new( p->mem_ctx )) ) { @@ -5455,7 +5455,7 @@ NTSTATUS _samr_QueryGroupMember(struct pipes_struct *p, DEBUG(10, ("sid is %s\n", sid_string_dbg(&ginfo->sid))); - if (!sid_check_is_in_our_domain(&ginfo->sid)) { + if (!sid_check_is_in_our_sam(&ginfo->sid)) { DEBUG(3, ("sid %s is not in our domain\n", sid_string_dbg(&ginfo->sid))); return NT_STATUS_NO_SUCH_GROUP; @@ -5666,7 +5666,7 @@ NTSTATUS _samr_DeleteUser(struct pipes_struct *p, return status; } - if (!sid_check_is_in_our_domain(&uinfo->sid)) + if (!sid_check_is_in_our_sam(&uinfo->sid)) return NT_STATUS_CANNOT_DELETE; /* check if the user exists before trying to delete */ @@ -5792,7 +5792,7 @@ NTSTATUS _samr_DeleteDomAlias(struct pipes_struct *p, return NT_STATUS_SPECIAL_ACCOUNT; } - if (!sid_check_is_in_our_domain(&ainfo->sid)) + if (!sid_check_is_in_our_sam(&ainfo->sid)) return NT_STATUS_NO_SUCH_ALIAS; DEBUG(10, ("lookup on Local SID\n")); diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index fe9c8c135ed..13716a2081a 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -764,7 +764,7 @@ static int net_groupmap_cleanup(struct net_context *c, int argc, const char **ar printf(_("Group %s is not mapped\n"), maps[i]->nt_name); - if (!sid_check_is_in_our_domain(&maps[i]->sid)) { + if (!sid_check_is_in_our_sam(&maps[i]->sid)) { printf(_("Deleting mapping for NT Group %s, sid %s\n"), maps[i]->nt_name, sid_string_tos(&maps[i]->sid)); diff --git a/source3/winbindd/idmap.c b/source3/winbindd/idmap.c index 6ae10115b78..b2362103d8e 100644 --- a/source3/winbindd/idmap.c +++ b/source3/winbindd/idmap.c @@ -510,7 +510,7 @@ NTSTATUS idmap_backends_sid_to_unixid(const char *domain, struct id_map *id) maps[1] = NULL; if (sid_check_is_in_builtin(id->sid) - || (sid_check_is_in_our_domain(id->sid))) + || (sid_check_is_in_our_sam(id->sid))) { NTSTATUS status; diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c index 4da2629d10d..2c4ebda3eb7 100644 --- a/source3/winbindd/wb_lookupsids.c +++ b/source3/winbindd/wb_lookupsids.c @@ -255,7 +255,7 @@ static bool wb_lookupsids_bulk(const struct dom_sid *sid) return false; } - if (sid_check_is_in_our_domain(sid)) { + if (sid_check_is_in_our_sam(sid)) { /* * Passdb lookup via lookuprids */ diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c index 10074d142e1..9f45126d5c5 100644 --- a/source3/winbindd/winbindd_samr.c +++ b/source3/winbindd/winbindd_samr.c @@ -313,7 +313,7 @@ static NTSTATUS sam_query_user(struct winbindd_domain *domain, ZERO_STRUCT(dom_pol); /* Paranoia check */ - if (!sid_check_is_in_our_domain(user_sid)) { + if (!sid_check_is_in_our_sam(user_sid)) { return NT_STATUS_NO_SUCH_USER; } @@ -684,7 +684,7 @@ static NTSTATUS sam_sid_to_name(struct winbindd_domain *domain, /* Paranoia check */ if (!sid_check_is_in_builtin(sid) && - !sid_check_is_in_our_domain(sid) && + !sid_check_is_in_our_sam(sid) && !sid_check_is_in_unix_users(sid) && !sid_check_is_unix_users(sid) && !sid_check_is_in_unix_groups(sid) && diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index af17e5f7b36..ffc9115ad36 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -85,7 +85,7 @@ static bool is_in_internal_domain(const struct dom_sid *sid) if (sid == NULL) return False; - return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid)); + return (sid_check_is_in_our_sam(sid) || sid_check_is_in_builtin(sid)); }