diff options
| author | Christof Schmitt <cs@samba.org> | 2021-03-05 16:07:54 -0700 |
|---|---|---|
| committer | Volker Lendecke <vl@samba.org> | 2021-03-11 08:38:41 +0000 |
| commit | 0e789ba1802ca22e5a01abd6e93ef66cd45566a7 (patch) | |
| tree | fbe6795ba0ae85ef4b1c2d4f94eb8661905dd6f7 /source3/winbindd | |
| parent | 79dd4b133c37451c98fe7f7c45da881e89e91ffc (diff) | |
| download | samba-0e789ba1802ca22e5a01abd6e93ef66cd45566a7.tar.gz | |
idmap_nss: Do not return SID from unixids_to_sids on type mismatch
The call to winbind_lookup_name already wrote the result in the id_map
array. The later check for the type detected a mismatch, but that did
not remove the SID from the result struct.
Change this by first assigning the SID to a temporary variable and only
write it to the id_map array after the type checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14663
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Mar 11 08:38:41 UTC 2021 on sn-devel-184
Diffstat (limited to 'source3/winbindd')
| -rw-r--r-- | source3/winbindd/idmap_nss.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/source3/winbindd/idmap_nss.c b/source3/winbindd/idmap_nss.c index 9e1efefeb24..da50e2b4aa7 100644 --- a/source3/winbindd/idmap_nss.c +++ b/source3/winbindd/idmap_nss.c @@ -25,6 +25,7 @@ #include "nsswitch/winbind_client.h" #include "idmap.h" #include "lib/winbind_util.h" +#include "libcli/security/dom_sid.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_IDMAP @@ -55,6 +56,7 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma struct passwd *pw; struct group *gr; const char *name; + struct dom_sid sid; enum lsa_SidType type; bool ret; @@ -86,7 +88,7 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma the following call will not recurse so this is safe */ (void)winbind_on(); /* Lookup name from PDC using lsa_lookup_names() */ - ret = winbind_lookup_name(dom->name, name, ids[i]->sid, &type); + ret = winbind_lookup_name(dom->name, name, &sid, &type); (void)winbind_off(); if (!ret) { @@ -99,6 +101,7 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma switch (type) { case SID_NAME_USER: if (ids[i]->xid.type == ID_TYPE_UID) { + sid_copy(ids[i]->sid, &sid); ids[i]->status = ID_MAPPED; } break; @@ -107,6 +110,7 @@ static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_ma case SID_NAME_ALIAS: case SID_NAME_WKN_GRP: if (ids[i]->xid.type == ID_TYPE_GID) { + sid_copy(ids[i]->sid, &sid); ids[i]->status = ID_MAPPED; } break; |