2001-05-07 05:03:40 +00:00
/*
2002-01-30 06:08:46 +00:00
Unix SMB / CIFS implementation .
2001-05-07 05:03:40 +00:00
Winbind daemon - sid related functions
Copyright ( C ) Tim Potter 2000
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
2003-11-12 01:51:10 +00:00
# include "includes.h"
2001-05-07 05:03:40 +00:00
# include "winbindd.h"
2002-07-15 10:35:28 +00:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_WINBIND
2001-05-07 05:03:40 +00:00
/* Convert a string */
2005-06-24 20:25:18 +00:00
static void lookupsid_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const char * dom_name , const char * name ,
enum SID_NAME_USE type ) ;
2005-06-20 13:42:29 +00:00
void winbindd_lookupsid ( struct winbindd_cli_state * state )
2001-05-07 05:03:40 +00:00
{
2004-04-07 12:43:44 +00:00
DOM_SID sid ;
2001-05-07 05:03:40 +00:00
2002-08-17 17:00:51 +00:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . sid ) - 1 ] = ' \0 ' ;
2003-07-22 04:31:20 +00:00
DEBUG ( 3 , ( " [%5lu]: lookupsid %s \n " , ( unsigned long ) state - > pid ,
2001-05-07 05:03:40 +00:00
state - > request . data . sid ) ) ;
2002-03-20 00:56:36 +00:00
if ( ! string_to_sid ( & sid , state - > request . data . sid ) ) {
DEBUG ( 5 , ( " %s not a SID \n " , state - > request . data . sid ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2002-03-20 00:56:36 +00:00
}
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
winbindd_lookupsid_async ( state - > mem_ctx , & sid , lookupsid_recv , state ) ;
}
2001-05-07 05:03:40 +00:00
2005-06-24 20:25:18 +00:00
static void lookupsid_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const char * dom_name , const char * name ,
enum SID_NAME_USE type )
{
struct winbindd_cli_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct winbindd_cli_state ) ;
2005-06-08 22:10:34 +00:00
if ( ! success ) {
DEBUG ( 5 , ( " lookupsid returned an error \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
2005-06-08 22:10:34 +00:00
return ;
2001-05-07 05:03:40 +00:00
}
2002-01-26 09:55:38 +00:00
fstrcpy ( state - > response . data . name . dom_name , dom_name ) ;
fstrcpy ( state - > response . data . name . name , name ) ;
2001-05-07 05:03:40 +00:00
state - > response . data . name . type = type ;
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
2001-05-07 05:03:40 +00:00
}
2003-01-15 17:39:47 +00:00
/**
* Look up the SID for a qualified name .
* */
2005-06-08 22:10:34 +00:00
2005-06-24 20:25:18 +00:00
static void lookupname_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const DOM_SID * sid , enum SID_NAME_USE type ) ;
2005-06-20 13:42:29 +00:00
void winbindd_lookupname ( struct winbindd_cli_state * state )
2001-05-07 05:03:40 +00:00
{
2002-01-26 09:55:38 +00:00
char * name_domain , * name_user ;
2003-11-19 08:11:14 +00:00
char * p ;
2002-03-22 05:43:08 +00:00
2002-08-17 17:00:51 +00:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . name . dom_name ) - 1 ] = ' \0 ' ;
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . name . name ) - 1 ] = ' \0 ' ;
2003-11-19 08:11:14 +00:00
/* cope with the name being a fully qualified name */
p = strstr ( state - > request . data . name . name , lp_winbind_separator ( ) ) ;
if ( p ) {
* p = 0 ;
name_domain = state - > request . data . name . name ;
name_user = p + 1 ;
} else {
name_domain = state - > request . data . name . dom_name ;
name_user = state - > request . data . name . name ;
}
2001-05-07 05:03:40 +00:00
2003-11-19 08:11:14 +00:00
DEBUG ( 3 , ( " [%5lu]: lookupname %s%s%s \n " , ( unsigned long ) state - > pid ,
name_domain , lp_winbind_separator ( ) , name_user ) ) ;
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
winbindd_lookupname_async ( state - > mem_ctx , name_domain , name_user ,
lookupname_recv , state ) ;
}
2001-05-07 05:03:40 +00:00
2005-06-24 20:25:18 +00:00
static void lookupname_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const DOM_SID * sid , enum SID_NAME_USE type )
{
struct winbindd_cli_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct winbindd_cli_state ) ;
2005-06-08 22:10:34 +00:00
if ( ! success ) {
DEBUG ( 5 , ( " lookupname returned an error \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
2005-06-08 22:10:34 +00:00
return ;
2001-05-07 05:03:40 +00:00
}
2005-06-08 22:10:34 +00:00
sid_to_string ( state - > response . data . sid . sid , sid ) ;
2001-05-07 05:03:40 +00:00
state - > response . data . sid . type = type ;
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
2005-06-08 22:10:34 +00:00
return ;
}
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
static struct winbindd_child static_idmap_child ;
void init_idmap_child ( void )
{
setup_domain_child ( NULL , & static_idmap_child , " idmap " ) ;
}
struct winbindd_child * idmap_child ( void )
{
return & static_idmap_child ;
2001-05-07 05:03:40 +00:00
}
/* Convert a sid to a uid. We assume we only have one rid attached to the
sid . */
2005-06-24 20:25:18 +00:00
static void sid2uid_recv ( void * private_data , BOOL success , uid_t uid ) ;
2005-06-08 22:10:34 +00:00
2005-06-20 13:42:29 +00:00
void winbindd_sid_to_uid ( struct winbindd_cli_state * state )
2001-05-07 05:03:40 +00:00
{
DOM_SID sid ;
2004-09-15 08:55:01 +00:00
NTSTATUS result ;
2001-05-07 05:03:40 +00:00
2002-08-17 17:00:51 +00:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . sid ) - 1 ] = ' \0 ' ;
2003-07-22 04:31:20 +00:00
DEBUG ( 3 , ( " [%5lu]: sid to uid %s \n " , ( unsigned long ) state - > pid ,
2001-05-07 05:03:40 +00:00
state - > request . data . sid ) ) ;
2005-06-08 22:10:34 +00:00
if ( idmap_proxyonly ( ) ) {
DEBUG ( 8 , ( " IDMAP proxy only \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2001-05-07 05:03:40 +00:00
}
2003-11-07 14:39:47 +00:00
2005-06-08 22:10:34 +00:00
if ( ! string_to_sid ( & sid , state - > request . data . sid ) ) {
DEBUG ( 1 , ( " Could not get convert sid %s from string \n " ,
state - > request . data . sid ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2003-11-07 14:39:47 +00:00
}
2005-06-08 22:10:34 +00:00
/* Query only the local tdb, everything else might possibly block */
2004-09-15 08:55:01 +00:00
result = idmap_sid_to_uid ( & sid , & ( state - > response . data . uid ) ,
2005-06-08 22:10:34 +00:00
ID_QUERY_ONLY | ID_CACHE_ONLY ) ;
2004-09-15 08:55:01 +00:00
2005-06-08 22:10:34 +00:00
if ( NT_STATUS_IS_OK ( result ) ) {
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
2004-09-15 08:55:01 +00:00
2005-06-08 22:10:34 +00:00
winbindd_sid2uid_async ( state - > mem_ctx , & sid , sid2uid_recv , state ) ;
}
2004-09-15 08:55:01 +00:00
2005-06-24 20:25:18 +00:00
static void sid2uid_recv ( void * private_data , BOOL success , uid_t uid )
2005-06-08 22:10:34 +00:00
{
struct winbindd_cli_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct winbindd_cli_state ) ;
2005-06-08 22:10:34 +00:00
if ( ! success ) {
DEBUG ( 5 , ( " Could not convert sid %s \n " ,
state - > request . data . sid ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
2005-06-08 22:10:34 +00:00
return ;
2001-05-07 05:03:40 +00:00
}
2005-06-08 22:10:34 +00:00
state - > response . data . uid = uid ;
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
2001-05-07 05:03:40 +00:00
}
/* Convert a sid to a gid. We assume we only have one rid attached to the
sid . */
2005-06-24 20:25:18 +00:00
static void sid2gid_recv ( void * private_data , BOOL success , gid_t gid ) ;
2005-06-08 22:10:34 +00:00
2005-06-20 13:42:29 +00:00
void winbindd_sid_to_gid ( struct winbindd_cli_state * state )
2001-05-07 05:03:40 +00:00
{
DOM_SID sid ;
2004-09-15 08:55:01 +00:00
NTSTATUS result ;
2001-05-07 05:03:40 +00:00
2002-08-17 17:00:51 +00:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . sid ) - 1 ] = ' \0 ' ;
2005-06-08 22:10:34 +00:00
DEBUG ( 3 , ( " [%5lu]: sid to gid %s \n " , ( unsigned long ) state - > pid ,
2001-05-07 05:03:40 +00:00
state - > request . data . sid ) ) ;
2005-06-08 22:10:34 +00:00
if ( idmap_proxyonly ( ) ) {
DEBUG ( 8 , ( " IDMAP proxy only \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2001-05-07 05:03:40 +00:00
}
2005-06-08 22:10:34 +00:00
if ( ! string_to_sid ( & sid , state - > request . data . sid ) ) {
DEBUG ( 1 , ( " Could not get convert sid %s from string \n " ,
state - > request . data . sid ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2003-11-07 14:39:47 +00:00
}
2005-06-08 22:10:34 +00:00
/* Query only the local tdb, everything else might possibly block */
2004-09-15 08:55:01 +00:00
result = idmap_sid_to_gid ( & sid , & ( state - > response . data . gid ) ,
2005-06-08 22:10:34 +00:00
ID_QUERY_ONLY | ID_CACHE_ONLY ) ;
2004-09-15 08:55:01 +00:00
2005-06-08 22:10:34 +00:00
if ( NT_STATUS_IS_OK ( result ) ) {
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
2004-09-15 08:55:01 +00:00
2005-06-08 22:10:34 +00:00
winbindd_sid2gid_async ( state - > mem_ctx , & sid , sid2gid_recv , state ) ;
}
2004-09-15 08:55:01 +00:00
2005-06-24 20:25:18 +00:00
static void sid2gid_recv ( void * private_data , BOOL success , gid_t gid )
2005-06-08 22:10:34 +00:00
{
struct winbindd_cli_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct winbindd_cli_state ) ;
2005-06-08 22:10:34 +00:00
if ( ! success ) {
DEBUG ( 5 , ( " Could not convert sid %s \n " ,
state - > request . data . sid ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
2005-06-08 22:10:34 +00:00
return ;
2001-05-07 05:03:40 +00:00
}
2004-09-15 08:55:01 +00:00
2005-06-08 22:10:34 +00:00
state - > response . data . gid = gid ;
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
2001-05-07 05:03:40 +00:00
}
/* Convert a uid to a sid */
2005-06-08 22:10:34 +00:00
struct uid2sid_state {
struct winbindd_cli_state * cli_state ;
uid_t uid ;
fstring name ;
DOM_SID sid ;
enum SID_NAME_USE type ;
} ;
2005-06-24 20:25:18 +00:00
static void uid2sid_uid2name_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const char * username ) ;
2005-06-24 20:25:18 +00:00
static void uid2sid_lookupname_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const DOM_SID * sid ,
enum SID_NAME_USE type ) ;
2005-06-24 20:25:18 +00:00
static void uid2sid_idmap_set_mapping_recv ( void * private_data , BOOL success ) ;
2005-06-08 22:10:34 +00:00
2005-06-20 13:42:29 +00:00
void winbindd_uid_to_sid ( struct winbindd_cli_state * state )
2001-05-07 05:03:40 +00:00
{
DOM_SID sid ;
2005-06-08 22:10:34 +00:00
NTSTATUS status ;
struct uid2sid_state * uid2sid_state ;
2001-05-07 05:03:40 +00:00
2003-07-22 06:52:39 +00:00
DEBUG ( 3 , ( " [%5lu]: uid to sid %lu \n " , ( unsigned long ) state - > pid ,
( unsigned long ) state - > request . data . uid ) ) ;
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
if ( idmap_proxyonly ( ) ) {
DEBUG ( 8 , ( " IDMAP proxy only \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2003-11-07 14:39:47 +00:00
}
2005-06-08 22:10:34 +00:00
status = idmap_uid_to_sid ( & sid , state - > request . data . uid ,
ID_QUERY_ONLY | ID_CACHE_ONLY ) ;
if ( NT_STATUS_IS_OK ( status ) ) {
sid_to_string ( state - > response . data . sid . sid , & sid ) ;
state - > response . data . sid . type = SID_NAME_USER ;
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
if ( is_in_uid_range ( state - > request . data . uid ) ) {
/* This is winbind's, so we should better have succeeded
* above . */
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2001-05-07 05:03:40 +00:00
}
2005-06-08 22:10:34 +00:00
/* The only chance that this is correct is that winbind trusted
* domains only = yes , and the user exists in nss and the domain . */
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
if ( ! lp_winbind_trusted_domains_only ( ) ) {
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
/* The only chance that this is correct is that winbind trusted
* domains only = yes , and the user exists in nss and the domain . */
uid2sid_state = TALLOC_ZERO_P ( state - > mem_ctx , struct uid2sid_state ) ;
if ( uid2sid_state = = NULL ) {
DEBUG ( 0 , ( " talloc failed \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
uid2sid_state - > cli_state = state ;
uid2sid_state - > uid = state - > request . data . uid ;
winbindd_uid2name_async ( state - > mem_ctx , state - > request . data . uid ,
uid2sid_uid2name_recv , uid2sid_state ) ;
}
2005-06-24 20:25:18 +00:00
static void uid2sid_uid2name_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const char * username )
{
struct uid2sid_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct uid2sid_state ) ;
2005-06-08 22:10:34 +00:00
DEBUG ( 10 , ( " uid2sid: uid %lu has name %s \n " ,
( unsigned long ) state - > uid , username ) ) ;
fstrcpy ( state - > name , username ) ;
if ( ! success ) {
2005-06-20 13:42:29 +00:00
request_error ( state - > cli_state ) ;
2005-06-08 22:10:34 +00:00
return ;
}
winbindd_lookupname_async ( state - > cli_state - > mem_ctx ,
find_our_domain ( ) - > name , username ,
uid2sid_lookupname_recv , state ) ;
}
2005-06-24 20:25:18 +00:00
static void uid2sid_lookupname_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const DOM_SID * sid , enum SID_NAME_USE type )
{
struct uid2sid_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct uid2sid_state ) ;
2005-06-08 22:10:34 +00:00
unid_t id ;
if ( ( ! success ) | | ( type ! = SID_NAME_USER ) ) {
2005-06-20 13:42:29 +00:00
request_error ( state - > cli_state ) ;
2005-06-08 22:10:34 +00:00
return ;
}
state - > sid = * sid ;
state - > type = type ;
id . uid = state - > uid ;
idmap_set_mapping_async ( state - > cli_state - > mem_ctx , sid , id , ID_USERID ,
uid2sid_idmap_set_mapping_recv , state ) ;
}
2005-06-24 20:25:18 +00:00
static void uid2sid_idmap_set_mapping_recv ( void * private_data , BOOL success )
2005-06-08 22:10:34 +00:00
{
struct uid2sid_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct uid2sid_state ) ;
2005-06-08 22:10:34 +00:00
/* don't fail if we can't store it */
sid_to_string ( state - > cli_state - > response . data . sid . sid , & state - > sid ) ;
state - > cli_state - > response . data . sid . type = state - > type ;
2005-06-20 13:42:29 +00:00
request_ok ( state - > cli_state ) ;
2001-05-07 05:03:40 +00:00
}
/* Convert a gid to a sid */
2005-06-08 22:10:34 +00:00
struct gid2sid_state {
struct winbindd_cli_state * cli_state ;
gid_t gid ;
fstring name ;
DOM_SID sid ;
enum SID_NAME_USE type ;
} ;
2005-06-24 20:25:18 +00:00
static void gid2sid_gid2name_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const char * groupname ) ;
2005-06-24 20:25:18 +00:00
static void gid2sid_lookupname_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const DOM_SID * sid ,
enum SID_NAME_USE type ) ;
2005-06-24 20:25:18 +00:00
static void gid2sid_idmap_set_mapping_recv ( void * private_data , BOOL success ) ;
2005-06-08 22:10:34 +00:00
2005-06-20 13:42:29 +00:00
void winbindd_gid_to_sid ( struct winbindd_cli_state * state )
2001-05-07 05:03:40 +00:00
{
DOM_SID sid ;
2005-06-08 22:10:34 +00:00
NTSTATUS status ;
struct gid2sid_state * gid2sid_state ;
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
DEBUG ( 3 , ( " [%5lu]: gid to sid %lu \n " , ( unsigned long ) state - > pid ,
2003-07-22 04:31:20 +00:00
( unsigned long ) state - > request . data . gid ) ) ;
2005-06-08 22:10:34 +00:00
if ( idmap_proxyonly ( ) ) {
DEBUG ( 8 , ( " IDMAP proxy only \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2003-11-07 14:39:47 +00:00
}
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
status = idmap_gid_to_sid ( & sid , state - > request . data . gid ,
ID_QUERY_ONLY | ID_CACHE_ONLY ) ;
if ( NT_STATUS_IS_OK ( status ) ) {
sid_to_string ( state - > response . data . sid . sid , & sid ) ;
state - > response . data . sid . type = SID_NAME_USER ;
2005-06-20 13:42:29 +00:00
request_ok ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
if ( is_in_gid_range ( state - > request . data . gid ) ) {
/* This is winbind's, so we should better have succeeded
* above . */
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2001-05-07 05:03:40 +00:00
}
2005-06-08 22:10:34 +00:00
/* The only chance that this is correct is that winbind trusted
* domains only = yes , and the user exists in nss and the domain . */
2001-05-07 05:03:40 +00:00
2005-06-08 22:10:34 +00:00
if ( ! lp_winbind_trusted_domains_only ( ) ) {
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
/* The only chance that this is correct is that winbind trusted
* domains only = yes , and the user exists in nss and the domain . */
gid2sid_state = TALLOC_ZERO_P ( state - > mem_ctx , struct gid2sid_state ) ;
if ( gid2sid_state = = NULL ) {
DEBUG ( 0 , ( " talloc failed \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
gid2sid_state - > cli_state = state ;
gid2sid_state - > gid = state - > request . data . gid ;
winbindd_gid2name_async ( state - > mem_ctx , state - > request . data . gid ,
gid2sid_gid2name_recv , gid2sid_state ) ;
}
2005-06-24 20:25:18 +00:00
static void gid2sid_gid2name_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const char * username )
{
struct gid2sid_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct gid2sid_state ) ;
2005-06-08 22:10:34 +00:00
DEBUG ( 10 , ( " gid2sid: gid %lu has name %s \n " ,
( unsigned long ) state - > gid , username ) ) ;
fstrcpy ( state - > name , username ) ;
if ( ! success ) {
2005-06-20 13:42:29 +00:00
request_error ( state - > cli_state ) ;
2005-06-08 22:10:34 +00:00
return ;
}
winbindd_lookupname_async ( state - > cli_state - > mem_ctx ,
find_our_domain ( ) - > name , username ,
gid2sid_lookupname_recv , state ) ;
}
2005-06-24 20:25:18 +00:00
static void gid2sid_lookupname_recv ( void * private_data , BOOL success ,
2005-06-08 22:10:34 +00:00
const DOM_SID * sid , enum SID_NAME_USE type )
{
struct gid2sid_state * state =
2005-06-24 20:25:18 +00:00
talloc_get_type_abort ( private_data , struct gid2sid_state ) ;
2005-06-08 22:10:34 +00:00
unid_t id ;
if ( ( ! success ) | |
( ( type ! = SID_NAME_DOM_GRP ) & & ( type ! = SID_NAME_ALIAS ) ) ) {
2005-06-20 13:42:29 +00:00
request_error ( state - > cli_state ) ;
2005-06-08 22:10:34 +00:00
return ;
}
state - > sid = * sid ;
state - > type = type ;
id . gid = state - > gid ;
idmap_set_mapping_async ( state - > cli_state - > mem_ctx , sid , id , ID_GROUPID ,
gid2sid_idmap_set_mapping_recv , state ) ;
}
2005-06-24 20:25:18 +00:00
static void gid2sid_idmap_set_mapping_recv ( void * private_data , BOOL success )
2005-06-08 22:10:34 +00:00
{
2005-06-24 20:25:18 +00:00
struct gid2sid_state * state = private_data ;
2005-06-08 22:10:34 +00:00
/* don't fail if we can't store it */
sid_to_string ( state - > cli_state - > response . data . sid . sid , & state - > sid ) ;
state - > cli_state - > response . data . sid . type = state - > type ;
2005-06-20 13:42:29 +00:00
request_ok ( state - > cli_state ) ;
2001-05-07 05:03:40 +00:00
}
2004-04-07 12:43:44 +00:00
2005-06-20 13:42:29 +00:00
void winbindd_allocate_rid ( struct winbindd_cli_state * state )
2004-04-07 12:43:44 +00:00
{
if ( ! state - > privileged ) {
DEBUG ( 2 , ( " winbindd_allocate_rid: non-privileged access "
" denied! \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2004-04-07 12:43:44 +00:00
}
2005-06-20 13:42:29 +00:00
sendto_child ( state , idmap_child ( ) ) ;
2005-06-08 22:10:34 +00:00
}
enum winbindd_result winbindd_dual_allocate_rid ( struct winbindd_domain * domain ,
struct winbindd_cli_state * state )
{
2004-04-07 12:43:44 +00:00
/* We tell idmap to always allocate a user RID. There might be a good
* reason to keep RID allocation for users to even and groups to
* odd . This needs discussion I think . For now only allocate user
* rids . */
if ( ! NT_STATUS_IS_OK ( idmap_allocate_rid ( & state - > response . data . rid ,
USER_RID_TYPE ) ) )
return WINBINDD_ERROR ;
return WINBINDD_OK ;
}
2005-06-08 22:10:34 +00:00
2005-06-20 13:42:29 +00:00
void winbindd_allocate_rid_and_gid ( struct winbindd_cli_state * state )
2005-06-08 22:10:34 +00:00
{
if ( ! state - > privileged ) {
DEBUG ( 2 , ( " winbindd_allocate_rid: non-privileged access "
" denied! \n " ) ) ;
2005-06-20 13:42:29 +00:00
request_error ( state ) ;
return ;
2005-06-08 22:10:34 +00:00
}
2005-06-20 13:42:29 +00:00
sendto_child ( state , idmap_child ( ) ) ;
2005-06-08 22:10:34 +00:00
}
enum winbindd_result winbindd_dual_allocate_rid_and_gid ( struct winbindd_domain * domain ,
struct winbindd_cli_state * state )
{
NTSTATUS result ;
DOM_SID sid ;
/* We tell idmap to always allocate a user RID. This is really
* historic and needs to be fixed . I * think * this has to do with the
* way winbind determines its free RID space . */
result = idmap_allocate_rid ( & state - > response . data . rid_and_gid . rid ,
USER_RID_TYPE ) ;
if ( ! NT_STATUS_IS_OK ( result ) )
return WINBINDD_ERROR ;
sid_copy ( & sid , get_global_sam_sid ( ) ) ;
sid_append_rid ( & sid , state - > response . data . rid_and_gid . rid ) ;
result = idmap_sid_to_gid ( & sid , & state - > response . data . rid_and_gid . gid ,
0 ) ;
if ( ! NT_STATUS_IS_OK ( result ) )
return WINBINDD_ERROR ;
return WINBINDD_OK ;
}
