The branch, v3-2-test has been updated
via c0d9732cf4482b0db02c75f316ff2b41f3336425 (commit)
via 6c7c6c3f85a4bd171c62031b2b8e59d3f7054061 (commit)
via 373a00ae0d667d257fa93ab14c773e841f2c4f1a (commit)
via 723e877c241dd5a0c8addb89507c9eda75b88ea4 (commit)
via ba5373ed7f74d560a9de8620039b596b8938d1dc (commit)
via 8bb21b8b3802e7b093a3c4fb41b8550033388878 (commit)
from ef2913a66c3888d4813d8b778ddd63b2c7e48f3e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit c0d9732cf4482b0db02c75f316ff2b41f3336425
Author: Michael Adam <[EMAIL PROTECTED]>
Date: Fri Jan 25 01:40:42 2008 +0100
Fix lookup_sids to detect unix_groups and unix_users domain sids.
This fixes panics in wbcLookupRids when 1-2-22 was passed as a
domain sid.
Michael
commit 6c7c6c3f85a4bd171c62031b2b8e59d3f7054061
Author: Michael Adam <[EMAIL PROTECTED]>
Date: Fri Jan 25 01:40:01 2008 +0100
Add a debug message: show the sid lookup_sid() was called for.
Michael
commit 373a00ae0d667d257fa93ab14c773e841f2c4f1a
Author: Michael Adam <[EMAIL PROTECTED]>
Date: Fri Jan 25 01:21:56 2008 +0100
Add debug message: show which domain_child is being forked.
Michael
commit 723e877c241dd5a0c8addb89507c9eda75b88ea4
Author: Michael Adam <[EMAIL PROTECTED]>
Date: Thu Jan 24 23:44:05 2008 +0100
Add a debug message to lookup_rids() printing the domain SID.
This is to ease debugging. I sporadically get panics that are
apparently due to NULL domain sid passed to lookup_rids somewhere.
Michael
commit ba5373ed7f74d560a9de8620039b596b8938d1dc
Author: Michael Adam <[EMAIL PROTECTED]>
Date: Thu Jan 24 22:15:33 2008 +0100
Add a debug message winbindd_can_contact_domain()
explaining the reason for failure.
Michael
commit 8bb21b8b3802e7b093a3c4fb41b8550033388878
Author: Michael Adam <[EMAIL PROTECTED]>
Date: Thu Jan 24 22:47:49 2008 +0100
Fix assignment to request->data.init_conn.is_primary in
init_child_connection().
The present assignment
"request->data.init_conn.is_primary = domain->internal ? False : True"
simply feels wrong. This seems to be the thing right to do:
"request->data.init_conn.is_primary = domain->primary ? true : false".
The question is: Does this have any purpose at all?
data.init_conn.is_primary seems to be used nowhere
in the whole code at all.
Is it (still) needed?
Michael
-----------------------------------------------------------------------
Summary of changes:
source/passdb/lookup_sid.c | 15 +++++++++++++++
source/winbindd/winbindd_dual.c | 7 +++++++
source/winbindd/winbindd_util.c | 4 +++-
3 files changed, 25 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c
index 55dd654..9f66eb9 100644
--- a/source/passdb/lookup_sid.c
+++ b/source/passdb/lookup_sid.c
@@ -464,6 +464,9 @@ static bool lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID
*domain_sid,
{
int i;
+ DEBUG(10, ("lookup_rids called for domain sid '%s'\n",
+ sid_string_dbg(domain_sid)));
+
if (num_rids) {
*names = TALLOC_ARRAY(mem_ctx, const char *, num_rids);
*types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
@@ -596,6 +599,16 @@ static bool lookup_as_domain(const DOM_SID *sid,
TALLOC_CTX *mem_ctx,
return true;
}
+ if (sid_check_is_unix_users(sid)) {
+ *name = talloc_strdup(mem_ctx, unix_users_domain_name());
+ return true;
+ }
+
+ if (sid_check_is_unix_groups(sid)) {
+ *name = talloc_strdup(mem_ctx, unix_groups_domain_name());
+ return true;
+ }
+
if (sid->num_auths != 4) {
/* This can't be a domain */
return false;
@@ -922,6 +935,8 @@ bool lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
TALLOC_CTX *tmp_ctx;
bool ret = false;
+ DEBUG(10, ("lookup_sid called for SID '%s'\n", sid_string_dbg(sid)));
+
if (!(tmp_ctx = talloc_new(mem_ctx))) {
DEBUG(0, ("talloc_new failed\n"));
return false;
diff --git a/source/winbindd/winbindd_dual.c b/source/winbindd/winbindd_dual.c
index a9786d1..15ca564 100644
--- a/source/winbindd/winbindd_dual.c
+++ b/source/winbindd/winbindd_dual.c
@@ -959,6 +959,13 @@ static bool fork_domain_child(struct winbindd_child *child)
struct winbindd_cli_state state;
struct winbindd_domain *domain;
+ if (child->domain) {
+ DEBUG(10, ("fork_domain_child called for domain '%s'\n",
+ child->domain->name));
+ } else {
+ DEBUG(10, ("fork_domain_child called without domain.\n"));
+ }
+
if (socketpair(AF_UNIX, SOCK_STREAM, 0, fdpair) != 0) {
DEBUG(0, ("Could not open child pipe: %s\n",
strerror(errno)));
diff --git a/source/winbindd/winbindd_util.c b/source/winbindd/winbindd_util.c
index 0381053..3d9ede3 100644
--- a/source/winbindd/winbindd_util.c
+++ b/source/winbindd/winbindd_util.c
@@ -571,7 +571,7 @@ enum winbindd_result init_child_connection(struct
winbindd_domain *domain,
/* The primary domain has to find the DC name itself */
request->cmd = WINBINDD_INIT_CONNECTION;
fstrcpy(request->domain_name, domain->name);
- request->data.init_conn.is_primary = domain->internal ? False :
True;
+ request->data.init_conn.is_primary = domain->primary ? true :
false;
fstrcpy(request->data.init_conn.dcname, "");
async_request(mem_ctx, &domain->child, request, response,
init_child_recv, state);
@@ -1404,6 +1404,8 @@ bool winbindd_can_contact_domain( struct winbindd_domain
*domain )
if ( domain->active_directory &&
((domain->domain_flags&DS_DOMAIN_DIRECT_INBOUND) !=
DS_DOMAIN_DIRECT_INBOUND) )
{
+ DEBUG(10, ("Domain is an AD domain and we have no inbound "
+ "trust.\n"));
return False;
}
--
Samba Shared Repository
