2001-05-07 09:03:40 +04:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
2001-05-07 09:03:40 +04:00
Winbind daemon - sid related functions
Copyright ( C ) Tim Potter 2000
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
# include "winbindd.h"
2002-07-15 14:35:28 +04:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_WINBIND
2001-05-07 09:03:40 +04:00
/* Convert a string */
enum winbindd_result winbindd_lookupsid ( struct winbindd_cli_state * state )
{
extern DOM_SID global_sid_Builtin ;
enum SID_NAME_USE type ;
2001-05-14 07:58:49 +04:00
DOM_SID sid , tmp_sid ;
2001-05-07 09:03:40 +04:00
uint32 rid ;
fstring name ;
2002-01-20 04:24:59 +03:00
fstring dom_name ;
2001-05-07 09:03:40 +04:00
2002-08-17 21:00:51 +04:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . sid ) - 1 ] = ' \0 ' ;
2001-05-07 09:03:40 +04:00
DEBUG ( 3 , ( " [%5d]: lookupsid %s \n " , state - > pid ,
state - > request . data . sid ) ) ;
/* Lookup sid from PDC using lsa_lookup_sids() */
2002-03-20 03:56:36 +03:00
if ( ! string_to_sid ( & sid , state - > request . data . sid ) ) {
DEBUG ( 5 , ( " %s not a SID \n " , state - > request . data . sid ) ) ;
return WINBINDD_ERROR ;
}
2001-05-07 09:03:40 +04:00
/* Don't look up BUILTIN sids */
2001-05-14 07:58:49 +04:00
sid_copy ( & tmp_sid , & sid ) ;
sid_split_rid ( & tmp_sid , & rid ) ;
2001-05-07 09:03:40 +04:00
if ( sid_equal ( & tmp_sid , & global_sid_Builtin ) ) {
return WINBINDD_ERROR ;
}
/* Lookup the sid */
2002-01-20 04:24:59 +03:00
if ( ! winbindd_lookup_name_by_sid ( & sid , dom_name , name , & type ) ) {
2001-05-07 09:03:40 +04:00
return WINBINDD_ERROR ;
}
2002-01-26 12:55:38 +03:00
fstrcpy ( state - > response . data . name . dom_name , dom_name ) ;
fstrcpy ( state - > response . data . name . name , name ) ;
2001-05-07 09:03:40 +04:00
state - > response . data . name . type = type ;
return WINBINDD_OK ;
}
2003-01-15 20:39:47 +03:00
/**
* Look up the SID for a qualified name .
* */
2001-05-07 09:03:40 +04:00
enum winbindd_result winbindd_lookupname ( struct winbindd_cli_state * state )
{
enum SID_NAME_USE type ;
2002-01-26 12:55:38 +03:00
fstring sid_str ;
char * name_domain , * name_user ;
2001-05-07 09:03:40 +04:00
DOM_SID sid ;
2001-12-03 11:17:46 +03:00
struct winbindd_domain * domain ;
2002-03-22 08:43:08 +03:00
2002-08-17 21:00:51 +04:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . name . dom_name ) - 1 ] = ' \0 ' ;
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . name . name ) - 1 ] = ' \0 ' ;
2002-03-22 08:43:08 +03:00
DEBUG ( 3 , ( " [%5d]: lookupname %s%s%s \n " , state - > pid ,
state - > request . data . name . dom_name ,
lp_winbind_separator ( ) ,
state - > request . data . name . name ) ) ;
2001-05-07 09:03:40 +04:00
2002-01-26 12:55:38 +03:00
name_domain = state - > request . data . name . dom_name ;
name_user = state - > request . data . name . name ;
2001-05-07 09:03:40 +04:00
2001-12-03 11:17:46 +03:00
if ( ( domain = find_domain_from_name ( name_domain ) ) = = NULL ) {
DEBUG ( 0 , ( " could not find domain entry for domain %s \n " ,
name_domain ) ) ;
return WINBINDD_ERROR ;
}
2001-05-07 09:03:40 +04:00
2001-12-03 11:17:46 +03:00
/* Lookup name from PDC using lsa_lookup_names() */
2002-01-26 12:55:38 +03:00
if ( ! winbindd_lookup_sid_by_name ( domain , name_user , & sid , & type ) ) {
2001-05-07 09:03:40 +04:00
return WINBINDD_ERROR ;
}
sid_to_string ( sid_str , & sid ) ;
fstrcpy ( state - > response . data . sid . sid , sid_str ) ;
state - > response . data . sid . type = type ;
return WINBINDD_OK ;
}
/* Convert a sid to a uid. We assume we only have one rid attached to the
sid . */
enum winbindd_result winbindd_sid_to_uid ( struct winbindd_cli_state * state )
{
DOM_SID sid ;
2002-08-17 21:00:51 +04:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . sid ) - 1 ] = ' \0 ' ;
2001-05-07 09:03:40 +04:00
DEBUG ( 3 , ( " [%5d]: sid to uid %s \n " , state - > pid ,
state - > request . data . sid ) ) ;
/* Split sid into domain sid and user rid */
2002-02-28 02:51:25 +03:00
if ( ! string_to_sid ( & sid , state - > request . data . sid ) ) {
DEBUG ( 1 , ( " Could not get convert sid %s from string \n " ,
state - > request . data . sid ) ) ;
2001-05-07 09:03:40 +04:00
return WINBINDD_ERROR ;
}
/* Find uid for this sid and return it */
2002-02-28 02:51:25 +03:00
if ( ! winbindd_idmap_get_uid_from_sid ( & sid , & state - > response . data . uid ) ) {
2001-05-07 09:03:40 +04:00
DEBUG ( 1 , ( " Could not get uid for sid %s \n " ,
state - > request . data . sid ) ) ;
return WINBINDD_ERROR ;
}
return WINBINDD_OK ;
}
/* Convert a sid to a gid. We assume we only have one rid attached to the
sid . */
enum winbindd_result winbindd_sid_to_gid ( struct winbindd_cli_state * state )
{
DOM_SID sid ;
2002-08-17 21:00:51 +04:00
/* Ensure null termination */
state - > request . data . sid [ sizeof ( state - > request . data . sid ) - 1 ] = ' \0 ' ;
2001-05-07 09:03:40 +04:00
DEBUG ( 3 , ( " [%5d]: sid to gid %s \n " , state - > pid ,
state - > request . data . sid ) ) ;
2002-02-28 02:51:25 +03:00
if ( ! string_to_sid ( & sid , state - > request . data . sid ) ) {
DEBUG ( 1 , ( " Could not cvt string to sid %s \n " ,
state - > request . data . sid ) ) ;
2001-05-07 09:03:40 +04:00
return WINBINDD_ERROR ;
}
2002-02-28 02:51:25 +03:00
/* Find gid for this sid and return it */
if ( ! winbindd_idmap_get_gid_from_sid ( & sid , & state - > response . data . gid ) ) {
2001-05-07 09:03:40 +04:00
DEBUG ( 1 , ( " Could not get gid for sid %s \n " ,
state - > request . data . sid ) ) ;
return WINBINDD_ERROR ;
}
return WINBINDD_OK ;
}
/* Convert a uid to a sid */
enum winbindd_result winbindd_uid_to_sid ( struct winbindd_cli_state * state )
{
DOM_SID sid ;
/* Bug out if the uid isn't in the winbind range */
if ( ( state - > request . data . uid < server_state . uid_low ) | |
( state - > request . data . uid > server_state . uid_high ) ) {
return WINBINDD_ERROR ;
}
DEBUG ( 3 , ( " [%5d]: uid to sid %d \n " , state - > pid ,
state - > request . data . uid ) ) ;
/* Lookup rid for this uid */
2002-02-28 02:51:25 +03:00
if ( ! winbindd_idmap_get_sid_from_uid ( state - > request . data . uid , & sid ) ) {
2001-05-07 09:03:40 +04:00
DEBUG ( 1 , ( " Could not convert uid %d to rid \n " ,
state - > request . data . uid ) ) ;
return WINBINDD_ERROR ;
}
sid_to_string ( state - > response . data . sid . sid , & sid ) ;
state - > response . data . sid . type = SID_NAME_USER ;
return WINBINDD_OK ;
}
/* Convert a gid to a sid */
enum winbindd_result winbindd_gid_to_sid ( struct winbindd_cli_state * state )
{
DOM_SID sid ;
/* Bug out if the gid isn't in the winbind range */
if ( ( state - > request . data . gid < server_state . gid_low ) | |
( state - > request . data . gid > server_state . gid_high ) ) {
return WINBINDD_ERROR ;
}
DEBUG ( 3 , ( " [%5d]: gid to sid %d \n " , state - > pid ,
state - > request . data . gid ) ) ;
2002-02-28 02:51:25 +03:00
/* Lookup sid for this uid */
if ( ! winbindd_idmap_get_sid_from_gid ( state - > request . data . gid , & sid ) ) {
DEBUG ( 1 , ( " Could not convert gid %d to sid \n " ,
2001-05-07 09:03:40 +04:00
state - > request . data . gid ) ) ;
return WINBINDD_ERROR ;
}
/* Construct sid and return it */
sid_to_string ( state - > response . data . sid . sid , & sid ) ;
state - > response . data . sid . type = SID_NAME_DOM_GRP ;
return WINBINDD_OK ;
}
