git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7929e78)
s3: Check for lp_winbind_trusted_domains_only in wb_gettoken()
authorVolker Lendecke <vl@samba.org>
Mon, 28 Dec 2009 22:35:25 +0000 (23:35 +0100)
committerVolker Lendecke <vl@samba.org>
Mon, 28 Dec 2009 22:35:30 +0000 (23:35 +0100)
This avoids one walk of the domain list

source3/winbindd/wb_gettoken.c patch | blob | history
source3/winbindd/winbindd_getgroups.c patch | blob | history

diff --git a/source3/winbindd/wb_gettoken.c b/source3/winbindd/wb_gettoken.c
index 26189e5a9782f6076a245be0dc93bda97a4d24ba..ca407b2117022a0a7b1667f0ab0f3d3d0315a435 100644 (file)
--- a/source3/winbindd/wb_gettoken.c
+++ b/source3/winbindd/wb_gettoken.c
@@ -60,6 +60,13 @@ struct tevent_req *wb_gettoken_send(TALLOC_CTX *mem_ctx,
                return tevent_req_post(req, ev);
        }
 
+       if (lp_winbind_trusted_domains_only() && domain->primary) {
+               DEBUG(7, ("wb_gettoken: My domain -- rejecting getgroups() "
+                         "for %s.\n", sid_string_tos(sid)));
+               tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
+               return tevent_req_post(req, ev);
+       }
+
        subreq = wb_lookupusergroups_send(state, ev, domain, &state->usersid);
        if (tevent_req_nomem(subreq, req)) {
                return tevent_req_post(req, ev);
diff --git a/source3/winbindd/winbindd_getgroups.c b/source3/winbindd/winbindd_getgroups.c
index 3bdf762c458e85a9ef004fb422b33f58971bb8b0..736eba698a251e2a3c7b531401503d132859112b 100644 (file)
--- a/source3/winbindd/winbindd_getgroups.c
+++ b/source3/winbindd/winbindd_getgroups.c
@@ -45,7 +45,6 @@ struct tevent_req *winbindd_getgroups_send(TALLOC_CTX *mem_ctx,
        struct tevent_req *req, *subreq;
        struct winbindd_getgroups_state *state;
        char *domuser, *mapped_user;
-       struct winbindd_domain *domain;
        NTSTATUS status;
 
        req = tevent_req_create(mem_ctx, &state,
@@ -76,29 +75,6 @@ struct tevent_req *winbindd_getgroups_send(TALLOC_CTX *mem_ctx,
                return tevent_req_post(req, ev);
        }
 
-       domain = find_domain_from_name_noinit(state->domname);
-       if (domain == NULL) {
-               /* Retry with DNS name */
-               char *p = strchr(domuser, '@');
-               if (p != NULL) {
-                       domain = find_domain_from_name_noinit(p+1);
-               }
-       }
-       if (domain == NULL) {
-               DEBUG(7, ("could not find domain entry for domain %s\n",
-                         state->domname));
-               tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
-               return tevent_req_post(req, ev);
-       }
-
-       if (lp_winbind_trusted_domains_only() && domain->primary) {
-               DEBUG(7,("winbindd_getgroups: My domain -- "
-                        "rejecting getgroups() for %s\\%s.\n",
-                        state->domname, state->username));
-               tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
-               return tevent_req_post(req, ev);
-       }
-
        subreq = wb_lookupname_send(state, ev, state->domname, state->username,
                                    LOOKUP_NAME_NO_NSS);
        if (tevent_req_nomem(subreq, req)) {
Samba Shared Repository