Fix default domains support using compat syntax.

Without this fix idmap_rid can't be used with the compatible syntax.
Includes fix to keep trusted domains working
(This used to be commit 8c770c367c71d118651964fef63e2fd0fa4a05a5)

diff --git a/source3/winbindd/idmap.c b/source3/winbindd/idmap.c
index 2c7acc185cc56b1cccd39a26b168350b0f505885..022a2291a37034fafc65801c15bea7a565b48962 100644 (file)
--- a/source3/winbindd/idmap.c
+++ b/source3/winbindd/idmap.c
@@ -251,12 +251,6 @@ NTSTATUS idmap_close(void)
        return NT_STATUS_OK;
 }
 
-/**********************************************************************
- Initialise idmap cache and a remote backend (if configured).
-**********************************************************************/
-
-static const char *idmap_default_domain[] = { "default domain", NULL };
-
 /****************************************************************************
  ****************************************************************************/
 
@@ -291,6 +285,7 @@ NTSTATUS idmap_init(void)
        char *compat_backend = NULL;
        char *compat_params = NULL;
        const char **dom_list = NULL;
+       const char *default_domain = NULL;
        char *alloc_backend = NULL;
        BOOL default_already_defined = False;
        BOOL pri_dom_is_in_list = False;
@@ -331,10 +326,6 @@ NTSTATUS idmap_init(void)
                        compat = 1;
 
                        compat_backend = talloc_strdup(idmap_ctx, *compat_list);
-                       if (compat_backend == NULL ) {
-                               ret = NT_STATUS_NO_MEMORY;
-                               goto done;
-                       }
 
                        /* strip any leading idmap_ prefix of */
                        if (strncmp(*compat_list, "idmap_", 6) == 0 ) {
@@ -349,6 +340,11 @@ NTSTATUS idmap_init(void)
                                                               *compat_list);
                        }
 
+                       if (compat_backend == NULL ) {
+                               ret = NT_STATUS_NO_MEMORY;
+                               goto done;
+                       }
+
                        /* separate the backend and module arguements */
                        if ((p = strchr(compat_backend, ':')) != NULL) {
                                *p = '\0';
@@ -365,7 +361,25 @@ NTSTATUS idmap_init(void)
        }
 
        if ( ! dom_list) {
-               dom_list = idmap_default_domain;
+               /* generate a list with our main domain */
+               char ** dl;
+
+               dl = talloc_array(idmap_ctx, char *, 2);
+               if (dl == NULL) {
+                       ret = NT_STATUS_NO_MEMORY;
+                       goto done;
+               }
+               dl[0] = talloc_strdup(dl, lp_workgroup());
+               if (dl[0] == NULL) {
+                       ret = NT_STATUS_NO_MEMORY;
+                       goto done;
+               }
+
+               /* terminate */
+               dl[1] = NULL;
+
+               dom_list = dl;
+               default_domain = dl[0];
        }
 
        /***************************
@@ -386,7 +400,8 @@ NTSTATUS idmap_init(void)
                        continue;
                }
 
-               if (strequal(dom_list[i], lp_workgroup())) {
+               if ((dom_list[i] != default_domain) &&
+                   strequal(dom_list[i], lp_workgroup())) {
                        pri_dom_is_in_list = True;
                }
                /* init domain */
@@ -407,10 +422,10 @@ NTSTATUS idmap_init(void)
                                                   "default", False);
 
                if (dom->default_domain ||
-                   strequal(dom_list[i], idmap_default_domain[0])) {
+                   (default_domain && strequal(dom_list[i], default_domain))) {
 
                        /* make sure this is set even when we match
-                        * idmap_default_domain[0] */
+                        * default_domain */
                        dom->default_domain = True;
 
                        if (default_already_defined) {