From: Karolin Seeger <kseeger@samba.org>
Date: Mon, 16 Jun 2008 13:21:28 +0000 (+0200)
Subject: winbind cache: Don't create SN cache entries during name-to-sid queries.
X-Git-Tag: samba-4.0.0alpha6~801^2~1041
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=13eab02679a012b332beed28b0a4fc05cb9fd258;p=thirdparty%2Fsamba.git

winbind cache: Don't create SN cache entries during name-to-sid queries.

Clients can request name-to-sid queries for different combinations of
upper and lower case names. We don't want to create the reverse caching
entries for each combination used.

This avoids inconsistent answers on sid-to-name queries.

Please review!

Karolin
(This used to be commit b58e4f6b3d73294d8448c0dff4341183c52e5b7c)
---

diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 60403717c18..03512b97454 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -1451,13 +1451,13 @@ do_query:
 	if (domain->online &&
 	    (NT_STATUS_IS_OK(status) || NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED))) {
 		wcache_save_name_to_sid(domain, status, domain_name, name, sid, *type);
+	
+	/* Don't add SN cache entries for sid-to-name queries during this operation.
+	 * It leads to inconsistent answers during sid-to-name queries as the
+	 * client can ask for different combinations of lower case and upper case
+	 * names in these name-to-sid queries.
+	 */
 
-		/* Only save the reverse mapping if this was not a UPN */
-		if (!strchr(name, '@')) {
-			strupper_m(CONST_DISCARD(char *,domain_name));
-			strlower_m(CONST_DISCARD(char *,name));
-			wcache_save_sid_to_name(domain, status, sid, domain_name, name, *type);
-		}
 	}
 	
 	return status;