]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ad242a2)
idmap_autorid: fix ID_REQUIRE_TYPE for more than one SID for an unknown domain
authorStefan Metzmacher <metze@samba.org>
Fri, 17 Feb 2023 15:51:42 +0000 (16:51 +0100)
committerStefan Metzmacher <metze@samba.org>
Fri, 10 Mar 2023 10:38:37 +0000 (10:38 +0000)
When we see a trusted domain SID for the first time,
idmap_autorid returns ID_REQUIRE_TYPE only for the first sid
and leaves the others with ID_TYPE_NOT_SPECIFIED.
It means the winbindd parent only retries the first sid.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15318

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
source3/winbindd/idmap_autorid.c patch | blob | blame | history

diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c
index c7d56a376845eccd41270d11978e1d01e812a987..bf5947a9b4335dd5816262a79f4dce55a581c37e 100644 (file)
--- a/source3/winbindd/idmap_autorid.c
+++ b/source3/winbindd/idmap_autorid.c
@@ -697,9 +697,10 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom,
 {
        struct idmap_tdb_common_context *commoncfg;
        NTSTATUS ret;
-       int i;
-       int num_tomap = 0;
-       int num_mapped = 0;
+       size_t i;
+       size_t num_tomap = 0;
+       size_t num_mapped = 0;
+       size_t num_required = 0;
 
        /* initialize the status to avoid surprise */
        for (i = 0; ids[i]; i++) {
@@ -713,6 +714,12 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom,
 
        for (i = 0; ids[i]; i++) {
                ret = idmap_autorid_sid_to_id(commoncfg, dom, ids[i]);
+               if (NT_STATUS_EQUAL(ret, NT_STATUS_SOME_NOT_MAPPED) &&
+                   ids[i]->status == ID_REQUIRE_TYPE)
+               {
+                       num_required++;
+                       continue;
+               }
                if ((!NT_STATUS_IS_OK(ret)) &&
                    (!NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED))) {
                        struct dom_sid_buf buf;
@@ -729,6 +736,8 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom,
 
        if (num_tomap == num_mapped) {
                return NT_STATUS_OK;
+       } else if (num_required > 0) {
+               return STATUS_SOME_UNMAPPED;
        } else if (num_mapped == 0) {
                return NT_STATUS_NONE_MAPPED;
        }
Mirror of https://github.com/samba-team/samba.git