From e92edf0db5b4f58666b7826448f242f2ceda3d26 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Mon, 25 Sep 2017 15:42:08 +0200 Subject: [PATCH] winbindd: idmap_rid: don't rely on the static domain list The domain list in the idmap child is inherited from the parent winbindd process and may not contain all domains in case enumerating trusted domains didn't finish before the first winbind request that triggers the idmap child fork comes along. The previous commits added the domain SID as an additional argument to the wbint_UnixIDs2Sids request, storing the domain SID in struct idmap_domain. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke (cherry picked from commit 108675c4cf4c3d5bd29468255743423a56bd1471) --- source3/winbindd/idmap_rid.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/source3/winbindd/idmap_rid.c b/source3/winbindd/idmap_rid.c index 10088b5a27a..6ebb4a191a8 100644 --- a/source3/winbindd/idmap_rid.c +++ b/source3/winbindd/idmap_rid.c @@ -54,7 +54,6 @@ static NTSTATUS idmap_rid_initialize(struct idmap_domain *dom) static NTSTATUS idmap_rid_id_to_sid(struct idmap_domain *dom, struct id_map *map) { - struct winbindd_domain *domain; struct idmap_rid_context *ctx; ctx = talloc_get_type(dom->private_data, struct idmap_rid_context); @@ -66,12 +65,13 @@ static NTSTATUS idmap_rid_id_to_sid(struct idmap_domain *dom, struct id_map *map return NT_STATUS_NONE_MAPPED; } - domain = find_domain_from_name_noinit(dom->name); - if (domain == NULL ) { + if (is_null_sid(&dom->dom_sid)) { + DBG_INFO("idmap domain '%s' without SID\n", dom->name); return NT_STATUS_NO_SUCH_DOMAIN; } - sid_compose(map->sid, &domain->sid, map->xid.id - dom->low_id + ctx->base_rid); + sid_compose(map->sid, &dom->dom_sid, + map->xid.id - dom->low_id + ctx->base_rid); map->status = ID_MAPPED; map->xid.type = ID_TYPE_BOTH; -- 2.11.4.GIT