git.samba.org / metze / samba / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 671f534)
s3:passdb:pdb_ldap: pre-validate sid with sid_check_object_is_for_passdb()
authorMichael Adam <obnox@samba.org>
Mon, 3 Dec 2012 00:42:38 +0000 (01:42 +0100)
committerStefan Metzmacher <metze@samba.org>
Mon, 3 Dec 2012 07:48:30 +0000 (08:48 +0100)
instead of sid_check_sid_is_in_our_sam). This allows for builtin sids,
wellknown sids and "Unix User" and "Unix Group" domains.

This broadens up the check moved here in commit
02e25b2a43ae02205a3412f862a1482d24b70aa4.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source3/passdb/pdb_ldap.c patch | blob | history

diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index a5b8f0b18a1dd22be4d89b7a298616b02a0f931a..5bbfb2bc3aec931327cc5ef93c239b064dc692b9 100644 (file)
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -53,6 +53,7 @@
 #include "lib/winbind_util.h"
 #include "librpc/gen_ndr/idmap.h"
 #include "lib/param/loadparm.h"
+#include "lib/util_sid_passdb.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
@@ -4915,9 +4916,8 @@ static bool ldapsam_sid_to_id(struct pdb_methods *methods,
 
        TALLOC_CTX *mem_ctx;
 
-       if (!sid_check_is_in_our_sam(sid)) {
-               /* Not our SID */
-               return False;
+       if (!sid_check_object_is_for_passdb(sid)) {
+               return false;
        }
 
        mem_ctx = talloc_new(NULL);
Work in progress branches