mirror of
https://github.com/samba-team/samba.git
synced 2025-01-05 09:18:06 +03:00
8ccf5f6669
The getgroupmembership call on FreeBSD is needed for "winbind expand groups=0" (the new default in 4.2) to work. Thanks to Timur I. Bakeyev for the enhancement patch. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10835 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org>
152 lines
5.2 KiB
C
152 lines
5.2 KiB
C
/*
|
|
Unix SMB/CIFS implementation.
|
|
|
|
AIX loadable authentication module, providing identification
|
|
routines against Samba winbind/Windows NT Domain
|
|
|
|
Copyright (C) Aaron Collins 2003
|
|
Copyright (C) Timur I. Bakeyev 2013
|
|
|
|
This library is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU Lesser General Public
|
|
License as published by the Free Software Foundation; either
|
|
version 3 of the License, or (at your option) any later version.
|
|
|
|
This library is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Library General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include "winbind_client.h"
|
|
|
|
/* Make sure that the module gets registered needed by freebsd 5.1 */
|
|
extern enum nss_status _nss_winbind_getgrent_r(struct group *, char *, size_t,
|
|
int *);
|
|
extern enum nss_status _nss_winbind_getgrnam_r(const char *, struct group *,
|
|
char *, size_t, int *);
|
|
extern enum nss_status _nss_winbind_getgrgid_r(gid_t gid, struct group *, char *,
|
|
size_t, int *);
|
|
extern enum nss_status _nss_winbind_setgrent(void);
|
|
extern enum nss_status _nss_winbind_endgrent(void);
|
|
extern enum nss_status _nss_winbind_initgroups_dyn(char *, gid_t, long int *,
|
|
long int *, gid_t **, long int , int *);
|
|
|
|
extern enum nss_status _nss_winbind_getpwent_r(struct passwd *, char *, size_t,
|
|
int *);
|
|
extern enum nss_status _nss_winbind_getpwnam_r(const char *, struct passwd *,
|
|
char *, size_t, int *);
|
|
extern enum nss_status _nss_winbind_getpwuid_r(gid_t gid, struct passwd *, char *,
|
|
size_t, int *);
|
|
extern enum nss_status _nss_winbind_setpwent(void);
|
|
extern enum nss_status _nss_winbind_endpwent(void);
|
|
ns_mtab *nss_module_register(const char *, unsigned int *, nss_module_unregister_fn *);
|
|
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_setgrent);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_endgrent);
|
|
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_setpwent);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
|
|
NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
|
|
|
|
NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership);
|
|
|
|
static ns_mtab methods[] = {
|
|
{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_winbind_getgrnam_r },
|
|
{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_winbind_getgrgid_r },
|
|
{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_winbind_getgrent_r },
|
|
{ NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_winbind_setgrent },
|
|
{ NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_winbind_endgrent },
|
|
{ NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL },
|
|
|
|
{ NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_winbind_getpwnam_r },
|
|
{ NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_winbind_getpwuid_r },
|
|
{ NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, _nss_winbind_getpwent_r },
|
|
{ NSDB_PASSWD, "setpwent", __nss_compat_setpwent, _nss_winbind_setpwent },
|
|
{ NSDB_PASSWD, "endpwent", __nss_compat_endpwent, _nss_winbind_endpwent },
|
|
|
|
};
|
|
|
|
/* Taken from libc */
|
|
static int
|
|
gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *grpcnt)
|
|
{
|
|
int ret, dupc;
|
|
|
|
/* skip duplicates */
|
|
for (dupc = 0; dupc < MIN(maxgrp, *grpcnt); dupc++) {
|
|
if (groups[dupc] == gid)
|
|
return 1;
|
|
}
|
|
|
|
ret = 1;
|
|
if (*grpcnt < maxgrp) /* add this gid */
|
|
groups[*grpcnt] = gid;
|
|
else
|
|
ret = 0;
|
|
|
|
(*grpcnt)++;
|
|
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
rv = _nsdispatch(NULL, dtab, NSDB_GROUP, "getgroupmembership",
|
|
defaultsrc, uname, agroup, groups, maxgrp, grpcnt);
|
|
*/
|
|
|
|
int
|
|
__freebsd_getgroupmembership(void *retval, void *mdata, va_list ap)
|
|
{
|
|
const char *uname = va_arg(ap, const char *);
|
|
gid_t group = va_arg(ap, gid_t);
|
|
gid_t *groups = va_arg(ap, gid_t *);
|
|
int maxgrp = va_arg(ap, int);
|
|
int *groupc = va_arg(ap, int *);
|
|
|
|
NSS_STATUS ret;
|
|
long int lcount, lsize;
|
|
int i, errnop;
|
|
gid_t *tmpgroups;
|
|
|
|
/* Can be realloc() inside _nss_winbind_initgroups_dyn() */
|
|
if ((tmpgroups=calloc(maxgrp, sizeof(gid_t))) == NULL) {
|
|
errno = ENOMEM;
|
|
return NS_TRYAGAIN;
|
|
}
|
|
|
|
lcount = 0;
|
|
lsize = maxgrp;
|
|
/* insert primary membership(possibly already there) */
|
|
gr_addgid(group, groups, maxgrp, groupc);
|
|
/* Don't limit number of groups, we want to know total size */
|
|
ret = _nss_winbind_initgroups_dyn(uname, group, &lcount, &lsize,
|
|
&tmpgroups, 0, &errnop);
|
|
if (ret == NSS_STATUS_SUCCESS) {
|
|
/* lcount potentially can be bigger than maxgrp, so would groupc */
|
|
for (i = 0; i < lcount; i++)
|
|
gr_addgid(tmpgroups[i], groups, maxgrp, groupc);
|
|
}
|
|
free(tmpgroups);
|
|
/* Let following nsswitch backend(s) add more groups(?) */
|
|
return NSS_STATUS_NOTFOUND;
|
|
}
|
|
|
|
ns_mtab *
|
|
nss_module_register(const char *source, unsigned int *mtabsize,
|
|
nss_module_unregister_fn *unreg)
|
|
{
|
|
*mtabsize = sizeof(methods)/sizeof(methods[0]);
|
|
*unreg = NULL;
|
|
return (methods);
|
|
}
|