Parse gid from relative portion of on-premises SID

Author: pvaillant

src/azure.rs

@@ -121,11 +121,20 @@ fn extract_group_info(group: &Value) -> GraphInfoResult<GroupInfo> {
         .as_str()
         .ok_or(GraphInfoRetrievalError::BadJSONResponse)?
         .to_string();
-    // we punt the question of a GID
+    let mut sid_parts : Vec<&str> = group["onPremisesSecurityIdentifier"]
+        .as_str()
+        .ok_or(GraphInfoRetrievalError::BadJSONResponse)?
+        .split('-').collect();
+    let group_id = sid_parts.pop().unwrap().parse::<u32>()?;
+    // rid < 1000 should only be built-in groups
+    if group_id < 1000 {
+        return Err(GraphInfoRetrievalError::UnusableImmutableID);
+    }
 
     Ok(GroupInfo {
            groupname: group_name,
            object_id: object_id,
+           group_id: group_id,
        })
 }
 

src/lib.rs

@@ -66,6 +66,7 @@ pub struct UserInfo {
 pub struct GroupInfo {
     groupname: String,
     object_id: String,
+    group_id: u32
 }
 
 /// The initgroups_dyn function populates a list of GIDs to which the named user belongs.
@@ -238,7 +239,7 @@ pub extern "C" fn _nss_aad_getgrnam_r(name: *const c_char,
     };
 
     match fill_group_buf(result,
-                         config.group_ids[name],
+                         groupinfo.group_id as gid_t,
                          buffer,
                          buflen,
                          name,