2005-10-19 17:45:44 +04:00
/*
Unix SMB / CIFS implementation .
Command backend for wbinfo - - user - sids
Copyright ( C ) Volker Lendecke 2005
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 06:07:03 +04:00
the Free Software Foundation ; either version 3 of the License , or
2005-10-19 17:45:44 +04:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 06:07:03 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2005-10-19 17:45:44 +04:00
*/
# include "includes.h"
# include "libcli/composite/composite.h"
# include "winbind/wb_server.h"
# include "smbd/service_task.h"
2006-03-15 02:35:30 +03:00
# include "librpc/gen_ndr/ndr_samr_c.h"
2006-04-02 16:02:01 +04:00
# include "libcli/security/security.h"
2005-10-19 17:45:44 +04:00
2005-11-05 12:34:07 +03:00
/* Calculate the token in two steps: Go the user's originating domain, ask for
* the user ' s domain groups . Then with the resulting list of sids go to our
* own domain to expand the aliases aka domain local groups . */
2005-10-19 17:45:44 +04:00
struct cmd_usersids_state {
struct composite_context * ctx ;
struct wbsrv_service * service ;
struct dom_sid * user_sid ;
2010-03-09 19:54:12 +03:00
uint32_t num_domgroups ;
2005-10-19 17:45:44 +04:00
struct dom_sid * * domgroups ;
2005-11-05 12:34:07 +03:00
struct lsa_SidArray lsa_sids ;
struct samr_Ids rids ;
struct samr_GetAliasMembership r ;
2010-03-09 19:54:12 +03:00
uint32_t num_sids ;
2005-10-19 17:45:44 +04:00
struct dom_sid * * sids ;
} ;
2005-11-05 12:34:07 +03:00
static void usersids_recv_domgroups ( struct composite_context * ctx ) ;
static void usersids_recv_domain ( struct composite_context * ctx ) ;
2010-03-10 12:01:57 +03:00
static void usersids_recv_aliases ( struct tevent_req * subreq ) ;
2005-10-19 17:45:44 +04:00
2005-11-05 12:34:07 +03:00
struct composite_context * wb_cmd_usersids_send ( TALLOC_CTX * mem_ctx ,
struct wbsrv_service * service ,
2005-10-19 17:45:44 +04:00
const struct dom_sid * sid )
{
struct composite_context * result , * ctx ;
struct cmd_usersids_state * state ;
2007-04-30 20:52:30 +04:00
result = composite_create ( mem_ctx , service - > task - > event_ctx ) ;
2005-10-19 17:45:44 +04:00
if ( result = = NULL ) goto failed ;
state = talloc ( result , struct cmd_usersids_state ) ;
if ( state = = NULL ) goto failed ;
state - > ctx = result ;
result - > private_data = state ;
state - > service = service ;
state - > user_sid = dom_sid_dup ( state , sid ) ;
if ( state - > user_sid = = NULL ) goto failed ;
2005-11-05 12:34:07 +03:00
ctx = wb_cmd_userdomgroups_send ( state , service , sid ) ;
2005-10-19 17:45:44 +04:00
if ( ctx = = NULL ) goto failed ;
2005-11-05 12:34:07 +03:00
ctx - > async . fn = usersids_recv_domgroups ;
2005-10-19 17:45:44 +04:00
ctx - > async . private_data = state ;
return result ;
failed :
talloc_free ( result ) ;
return NULL ;
}
2005-11-05 12:34:07 +03:00
static void usersids_recv_domgroups ( struct composite_context * ctx )
2005-10-19 17:45:44 +04:00
{
struct cmd_usersids_state * state =
talloc_get_type ( ctx - > async . private_data ,
struct cmd_usersids_state ) ;
state - > ctx - > status = wb_cmd_userdomgroups_recv ( ctx , state ,
& state - > num_domgroups ,
& state - > domgroups ) ;
if ( ! composite_is_ok ( state - > ctx ) ) return ;
2005-11-05 12:34:07 +03:00
ctx = wb_sid2domain_send ( state , state - > service ,
state - > service - > primary_sid ) ;
composite_continue ( state - > ctx , ctx , usersids_recv_domain , state ) ;
}
static void usersids_recv_domain ( struct composite_context * ctx )
{
struct cmd_usersids_state * state =
talloc_get_type ( ctx - > async . private_data ,
struct cmd_usersids_state ) ;
2010-03-10 12:01:57 +03:00
struct tevent_req * subreq ;
2005-11-05 12:34:07 +03:00
struct wbsrv_domain * domain ;
2010-03-09 19:54:12 +03:00
uint32_t i ;
2005-11-05 12:34:07 +03:00
state - > ctx - > status = wb_sid2domain_recv ( ctx , & domain ) ;
if ( ! composite_is_ok ( state - > ctx ) ) return ;
state - > lsa_sids . num_sids = state - > num_domgroups + 1 ;
state - > lsa_sids . sids = talloc_array ( state , struct lsa_SidPtr ,
state - > lsa_sids . num_sids ) ;
if ( composite_nomem ( state - > lsa_sids . sids , state - > ctx ) ) return ;
2005-10-19 17:45:44 +04:00
2005-11-05 12:34:07 +03:00
state - > lsa_sids . sids [ 0 ] . sid = state - > user_sid ;
2005-10-19 17:45:44 +04:00
for ( i = 0 ; i < state - > num_domgroups ; i + + ) {
2005-11-05 12:34:07 +03:00
state - > lsa_sids . sids [ i + 1 ] . sid = state - > domgroups [ i ] ;
2005-10-19 17:45:44 +04:00
}
2005-11-05 12:34:07 +03:00
state - > rids . count = 0 ;
state - > rids . ids = NULL ;
2007-07-23 06:56:51 +04:00
state - > r . in . domain_handle = & domain - > libnet_ctx - > samr . handle ;
2005-11-05 12:34:07 +03:00
state - > r . in . sids = & state - > lsa_sids ;
state - > r . out . rids = & state - > rids ;
2010-03-10 12:01:57 +03:00
subreq = dcerpc_samr_GetAliasMembership_r_send ( state ,
state - > ctx - > event_ctx ,
domain - > libnet_ctx - > samr . pipe - > binding_handle ,
& state - > r ) ;
if ( composite_nomem ( subreq , state - > ctx ) ) return ;
tevent_req_set_callback ( subreq , usersids_recv_aliases , state ) ;
2005-10-19 17:45:44 +04:00
}
2010-03-10 12:01:57 +03:00
static void usersids_recv_aliases ( struct tevent_req * subreq )
2005-10-19 17:45:44 +04:00
{
struct cmd_usersids_state * state =
2010-03-10 12:01:57 +03:00
tevent_req_callback_data ( subreq ,
struct cmd_usersids_state ) ;
2010-03-09 19:54:12 +03:00
uint32_t i ;
2005-10-19 17:45:44 +04:00
2010-03-10 12:01:57 +03:00
state - > ctx - > status = dcerpc_samr_GetAliasMembership_r_recv ( subreq , state ) ;
TALLOC_FREE ( subreq ) ;
2005-11-05 12:34:07 +03:00
if ( ! composite_is_ok ( state - > ctx ) ) return ;
state - > ctx - > status = state - > r . out . result ;
2005-10-19 17:45:44 +04:00
if ( ! composite_is_ok ( state - > ctx ) ) return ;
2005-11-05 12:34:07 +03:00
state - > num_sids = 1 + state - > num_domgroups + state - > r . out . rids - > count ;
2005-10-19 17:45:44 +04:00
state - > sids = talloc_array ( state , struct dom_sid * , state - > num_sids ) ;
if ( composite_nomem ( state - > sids , state - > ctx ) ) return ;
state - > sids [ 0 ] = talloc_steal ( state - > sids , state - > user_sid ) ;
for ( i = 0 ; i < state - > num_domgroups ; i + + ) {
state - > sids [ 1 + i ] =
talloc_steal ( state - > sids , state - > domgroups [ i ] ) ;
}
2005-11-05 12:34:07 +03:00
for ( i = 0 ; i < state - > r . out . rids - > count ; i + + ) {
state - > sids [ 1 + state - > num_domgroups + i ] = dom_sid_add_rid (
state - > sids , state - > service - > primary_sid ,
state - > r . out . rids - > ids [ i ] ) ;
if ( composite_nomem ( state - > sids [ 1 + state - > num_domgroups + i ] ,
state - > ctx ) ) return ;
2005-10-19 17:45:44 +04:00
}
composite_done ( state - > ctx ) ;
}
NTSTATUS wb_cmd_usersids_recv ( struct composite_context * ctx ,
TALLOC_CTX * mem_ctx ,
2010-03-09 19:54:12 +03:00
uint32_t * num_sids , struct dom_sid * * * sids )
2005-10-19 17:45:44 +04:00
{
NTSTATUS status = composite_wait ( ctx ) ;
if ( NT_STATUS_IS_OK ( status ) ) {
struct cmd_usersids_state * state =
talloc_get_type ( ctx - > private_data ,
struct cmd_usersids_state ) ;
* num_sids = state - > num_sids ;
* sids = talloc_steal ( mem_ctx , state - > sids ) ;
}
talloc_free ( ctx ) ;
return status ;
}
2005-11-05 12:34:07 +03:00
NTSTATUS wb_cmd_usersids ( TALLOC_CTX * mem_ctx , struct wbsrv_service * service ,
const struct dom_sid * sid ,
2010-03-09 19:54:12 +03:00
uint32_t * num_sids , struct dom_sid * * * sids )
2005-10-19 17:45:44 +04:00
{
struct composite_context * c =
2005-11-05 12:34:07 +03:00
wb_cmd_usersids_send ( mem_ctx , service , sid ) ;
2005-10-19 17:45:44 +04:00
return wb_cmd_usersids_recv ( c , mem_ctx , num_sids , sids ) ;
}
