nsswitch/wb_client.c

説明を見る。
00001 /* 
00002    Unix SMB/CIFS implementation.
00003 
00004    winbind client code
00005 
00006    Copyright (C) Tim Potter 2000
00007    Copyright (C) Andrew Tridgell 2000
00008    
00009    This library is free software; you can redistribute it and/or
00010    modify it under the terms of the GNU Library General Public
00011    License as published by the Free Software Foundation; either
00012    version 2 of the License, or (at your option) any later version.
00013    
00014    This library is distributed in the hope that it will be useful,
00015    but WITHOUT ANY WARRANTY; without even the implied warranty of
00016    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00017    Library General Public License for more details.
00018    
00019    You should have received a copy of the GNU Library General Public
00020    License along with this library; if not, write to the
00021    Free Software Foundation, Inc., 59 Temple Place - Suite 330,
00022    Boston, MA  02111-1307, USA.   
00023 */
00024 
00025 #include "includes.h"
00026 #include "nsswitch/winbind_nss.h"
00027 
00028 #undef DBGC_CLASS
00029 #define DBGC_CLASS DBGC_WINBIND
00030 
00031 NSS_STATUS winbindd_request_response(int req_type,
00032                                  struct winbindd_request *request,
00033                                  struct winbindd_response *response);
00034 
00035 /* Call winbindd to convert a name to a sid */
00036 
00037 BOOL winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, 
00038                          enum lsa_SidType *name_type)
00039 {
00040         struct winbindd_request request;
00041         struct winbindd_response response;
00042         NSS_STATUS result;
00043         
00044         if (!sid || !name_type)
00045                 return False;
00046 
00047         /* Send off request */
00048 
00049         ZERO_STRUCT(request);
00050         ZERO_STRUCT(response);
00051 
00052         fstrcpy(request.data.name.dom_name, dom_name);
00053         fstrcpy(request.data.name.name, name);
00054 
00055         if ((result = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, 
00056                                        &response)) == NSS_STATUS_SUCCESS) {
00057                 if (!string_to_sid(sid, response.data.sid.sid))
00058                         return False;
00059                 *name_type = (enum lsa_SidType)response.data.sid.type;
00060         }
00061 
00062         return result == NSS_STATUS_SUCCESS;
00063 }
00064 
00065 /* Call winbindd to convert sid to name */
00066 
00067 BOOL winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, 
00068                         const char **domain, const char **name,
00069                         enum lsa_SidType *name_type)
00070 {
00071         struct winbindd_request request;
00072         struct winbindd_response response;
00073         NSS_STATUS result;
00074         
00075         /* Initialise request */
00076 
00077         ZERO_STRUCT(request);
00078         ZERO_STRUCT(response);
00079 
00080         fstrcpy(request.data.sid, sid_string_static(sid));
00081         
00082         /* Make request */
00083 
00084         result = winbindd_request_response(WINBINDD_LOOKUPSID, &request,
00085                                            &response);
00086 
00087         if (result != NSS_STATUS_SUCCESS) {
00088                 return False;
00089         }
00090 
00091         /* Copy out result */
00092 
00093         if (domain != NULL) {
00094                 *domain = talloc_strdup(mem_ctx, response.data.name.dom_name);
00095                 if (*domain == NULL) {
00096                         DEBUG(0, ("talloc failed\n"));
00097                         return False;
00098                 }
00099         }
00100         if (name != NULL) {
00101                 *name = talloc_strdup(mem_ctx, response.data.name.name);
00102                 if (*name == NULL) {
00103                         DEBUG(0, ("talloc failed\n"));
00104                         return False;
00105                 }
00106         }
00107 
00108         *name_type = (enum lsa_SidType)response.data.name.type;
00109 
00110         DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n", 
00111                    sid_string_static(sid), response.data.name.dom_name,
00112                    response.data.name.name));
00113         return True;
00114 }
00115 
00116 BOOL winbind_lookup_rids(TALLOC_CTX *mem_ctx,
00117                          const DOM_SID *domain_sid,
00118                          int num_rids, uint32 *rids,
00119                          const char **domain_name,
00120                          const char ***names, enum lsa_SidType **types)
00121 {
00122         size_t i, buflen;
00123         ssize_t len;
00124         char *ridlist;
00125         char *p;
00126         struct winbindd_request request;
00127         struct winbindd_response response;
00128         NSS_STATUS result;
00129 
00130         if (num_rids == 0) {
00131                 return False;
00132         }
00133 
00134         /* Initialise request */
00135 
00136         ZERO_STRUCT(request);
00137         ZERO_STRUCT(response);
00138 
00139         fstrcpy(request.data.sid, sid_string_static(domain_sid));
00140         
00141         len = 0;
00142         buflen = 0;
00143         ridlist = NULL;
00144 
00145         for (i=0; i<num_rids; i++) {
00146                 sprintf_append(mem_ctx, &ridlist, &len, &buflen,
00147                                "%ld\n", rids[i]);
00148         }
00149 
00150         if ((num_rids != 0) && (ridlist == NULL)) {
00151                 return False;
00152         }
00153 
00154         request.extra_data.data = ridlist;
00155         request.extra_len = strlen(ridlist)+1;
00156 
00157         result = winbindd_request_response(WINBINDD_LOOKUPRIDS,
00158                                            &request, &response);
00159 
00160         TALLOC_FREE(ridlist);
00161 
00162         if (result != NSS_STATUS_SUCCESS) {
00163                 return False;
00164         }
00165 
00166         *domain_name = talloc_strdup(mem_ctx, response.data.domain_name);
00167 
00168         if (num_rids) {
00169                 *names = TALLOC_ARRAY(mem_ctx, const char *, num_rids);
00170                 *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
00171 
00172                 if ((*names == NULL) || (*types == NULL)) {
00173                         goto fail;
00174                 }
00175         } else {
00176                 *names = NULL;
00177                 *types = NULL;
00178         }
00179 
00180         p = (char *)response.extra_data.data;
00181 
00182         for (i=0; i<num_rids; i++) {
00183                 char *q;
00184 
00185                 if (*p == '\0') {
00186                         DEBUG(10, ("Got invalid reply: %s\n",
00187                                    (char *)response.extra_data.data));
00188                         goto fail;
00189                 }
00190                         
00191                 (*types)[i] = (enum lsa_SidType)strtoul(p, &q, 10);
00192 
00193                 if (*q != ' ') {
00194                         DEBUG(10, ("Got invalid reply: %s\n",
00195                                    (char *)response.extra_data.data));
00196                         goto fail;
00197                 }
00198 
00199                 p = q+1;
00200 
00201                 q = strchr(p, '\n');
00202                 if (q == NULL) {
00203                         DEBUG(10, ("Got invalid reply: %s\n",
00204                                    (char *)response.extra_data.data));
00205                         goto fail;
00206                 }
00207 
00208                 *q = '\0';
00209 
00210                 (*names)[i] = talloc_strdup(*names, p);
00211 
00212                 p = q+1;
00213         }
00214 
00215         if (*p != '\0') {
00216                 DEBUG(10, ("Got invalid reply: %s\n",
00217                            (char *)response.extra_data.data));
00218                 goto fail;
00219         }
00220 
00221         SAFE_FREE(response.extra_data.data);
00222 
00223         return True;
00224 
00225  fail:
00226         TALLOC_FREE(*names);
00227         TALLOC_FREE(*types);
00228         return False;
00229 }
00230 
00231 /* Call winbindd to convert SID to uid */
00232 
00233 BOOL winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
00234 {
00235         struct winbindd_request request;
00236         struct winbindd_response response;
00237         int result;
00238         fstring sid_str;
00239 
00240         if (!puid)
00241                 return False;
00242 
00243         /* Initialise request */
00244 
00245         ZERO_STRUCT(request);
00246         ZERO_STRUCT(response);
00247 
00248         sid_to_string(sid_str, sid);
00249         fstrcpy(request.data.sid, sid_str);
00250         
00251         /* Make request */
00252 
00253         result = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
00254 
00255         /* Copy out result */
00256 
00257         if (result == NSS_STATUS_SUCCESS) {
00258                 *puid = response.data.uid;
00259         }
00260 
00261         return (result == NSS_STATUS_SUCCESS);
00262 }
00263 
00264 /* Call winbindd to convert uid to sid */
00265 
00266 BOOL winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
00267 {
00268         struct winbindd_request request;
00269         struct winbindd_response response;
00270         int result;
00271 
00272         if (!sid)
00273                 return False;
00274 
00275         /* Initialise request */
00276 
00277         ZERO_STRUCT(request);
00278         ZERO_STRUCT(response);
00279 
00280         request.data.uid = uid;
00281 
00282         /* Make request */
00283 
00284         result = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
00285 
00286         /* Copy out result */
00287 
00288         if (result == NSS_STATUS_SUCCESS) {
00289                 if (!string_to_sid(sid, response.data.sid.sid))
00290                         return False;
00291         } else {
00292                 sid_copy(sid, &global_sid_NULL);
00293         }
00294 
00295         return (result == NSS_STATUS_SUCCESS);
00296 }
00297 
00298 /* Call winbindd to convert SID to gid */
00299 
00300 BOOL winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
00301 {
00302         struct winbindd_request request;
00303         struct winbindd_response response;
00304         int result;
00305         fstring sid_str;
00306 
00307         if (!pgid)
00308                 return False;
00309 
00310         /* Initialise request */
00311 
00312         ZERO_STRUCT(request);
00313         ZERO_STRUCT(response);
00314 
00315         sid_to_string(sid_str, sid);
00316         fstrcpy(request.data.sid, sid_str);
00317         
00318         /* Make request */
00319 
00320         result = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
00321 
00322         /* Copy out result */
00323 
00324         if (result == NSS_STATUS_SUCCESS) {
00325                 *pgid = response.data.gid;
00326         }
00327 
00328         return (result == NSS_STATUS_SUCCESS);
00329 }
00330 
00331 /* Call winbindd to convert gid to sid */
00332 
00333 BOOL winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
00334 {
00335         struct winbindd_request request;
00336         struct winbindd_response response;
00337         int result;
00338 
00339         if (!sid)
00340                 return False;
00341 
00342         /* Initialise request */
00343 
00344         ZERO_STRUCT(request);
00345         ZERO_STRUCT(response);
00346 
00347         request.data.gid = gid;
00348 
00349         /* Make request */
00350 
00351         result = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
00352 
00353         /* Copy out result */
00354 
00355         if (result == NSS_STATUS_SUCCESS) {
00356                 if (!string_to_sid(sid, response.data.sid.sid))
00357                         return False;
00358         } else {
00359                 sid_copy(sid, &global_sid_NULL);
00360         }
00361 
00362         return (result == NSS_STATUS_SUCCESS);
00363 }
00364 
00365 /* Call winbindd to convert SID to uid */
00366 
00367 BOOL winbind_sids_to_unixids(struct id_map *ids, int num_ids)
00368 {
00369         struct winbindd_request request;
00370         struct winbindd_response response;
00371         int result;
00372         DOM_SID *sids;
00373         int i;
00374 
00375         /* Initialise request */
00376 
00377         ZERO_STRUCT(request);
00378         ZERO_STRUCT(response);
00379 
00380         request.extra_len = num_ids * sizeof(DOM_SID);
00381 
00382         sids = (DOM_SID *)SMB_MALLOC(request.extra_len);
00383         for (i = 0; i < num_ids; i++) {
00384                 sid_copy(&sids[i], ids[i].sid);
00385         }
00386 
00387         request.extra_data.data = (char *)sids;
00388         
00389         /* Make request */
00390 
00391         result = winbindd_request_response(WINBINDD_SIDS_TO_XIDS, &request, &response);
00392 
00393         /* Copy out result */
00394 
00395         if (result == NSS_STATUS_SUCCESS) {
00396                 struct unixid *wid = (struct unixid *)response.extra_data.data;
00397                 
00398                 for (i = 0; i < num_ids; i++) {
00399                         if (wid[i].type == -1) {
00400                                 ids[i].status = ID_UNMAPPED;
00401                         } else {
00402                                 ids[i].status = ID_MAPPED;
00403                                 ids[i].xid.type = wid[i].type;
00404                                 ids[i].xid.id = wid[i].id;
00405                         }
00406                 }
00407         }
00408 
00409         SAFE_FREE(request.extra_data.data);
00410         SAFE_FREE(response.extra_data.data);
00411 
00412         return (result == NSS_STATUS_SUCCESS);
00413 }
00414 
00415 BOOL winbind_idmap_dump_maps(TALLOC_CTX *memctx, const char *file)
00416 {
00417         struct winbindd_request request;
00418         struct winbindd_response response;
00419         int result;
00420 
00421         ZERO_STRUCT(request);
00422         ZERO_STRUCT(response);
00423 
00424         request.extra_data.data = SMB_STRDUP(file);
00425         request.extra_len = strlen(request.extra_data.data) + 1;
00426 
00427         result = winbindd_request_response(WINBINDD_DUMP_MAPS, &request, &response);
00428 
00429         SAFE_FREE(request.extra_data.data);
00430         return (result == NSS_STATUS_SUCCESS);
00431 }
00432 
00433 BOOL winbind_allocate_uid(uid_t *uid)
00434 {
00435         struct winbindd_request request;
00436         struct winbindd_response response;
00437         int result;
00438 
00439         /* Initialise request */
00440 
00441         ZERO_STRUCT(request);
00442         ZERO_STRUCT(response);
00443 
00444         /* Make request */
00445 
00446         result = winbindd_request_response(WINBINDD_ALLOCATE_UID,
00447                                            &request, &response);
00448 
00449         if (result != NSS_STATUS_SUCCESS)
00450                 return False;
00451 
00452         /* Copy out result */
00453         *uid = response.data.uid;
00454 
00455         return True;
00456 }
00457 
00458 BOOL winbind_allocate_gid(gid_t *gid)
00459 {
00460         struct winbindd_request request;
00461         struct winbindd_response response;
00462         int result;
00463 
00464         /* Initialise request */
00465 
00466         ZERO_STRUCT(request);
00467         ZERO_STRUCT(response);
00468 
00469         /* Make request */
00470 
00471         result = winbindd_request_response(WINBINDD_ALLOCATE_GID,
00472                                            &request, &response);
00473 
00474         if (result != NSS_STATUS_SUCCESS)
00475                 return False;
00476 
00477         /* Copy out result */
00478         *gid = response.data.gid;
00479 
00480         return True;
00481 }
00482 
00483 BOOL winbind_set_mapping(const struct id_map *map)
00484 {
00485         struct winbindd_request request;
00486         struct winbindd_response response;
00487         int result;
00488 
00489         /* Initialise request */
00490 
00491         ZERO_STRUCT(request);
00492         ZERO_STRUCT(response);
00493 
00494         /* Make request */
00495 
00496         request.data.dual_idmapset.id = map->xid.id;
00497         request.data.dual_idmapset.type = map->xid.type;
00498         sid_to_string(request.data.dual_idmapset.sid, map->sid);
00499 
00500         result = winbindd_request_response(WINBINDD_SET_MAPPING, &request, &response);
00501 
00502         return (result == NSS_STATUS_SUCCESS);
00503 }
00504 
00505 BOOL winbind_set_uid_hwm(unsigned long id)
00506 {
00507         struct winbindd_request request;
00508         struct winbindd_response response;
00509         int result;
00510 
00511         /* Initialise request */
00512 
00513         ZERO_STRUCT(request);
00514         ZERO_STRUCT(response);
00515 
00516         /* Make request */
00517 
00518         request.data.dual_idmapset.id = id;
00519         request.data.dual_idmapset.type = ID_TYPE_UID;
00520 
00521         result = winbindd_request_response(WINBINDD_SET_HWM, &request, &response);
00522 
00523         return (result == NSS_STATUS_SUCCESS);
00524 }
00525 
00526 BOOL winbind_set_gid_hwm(unsigned long id)
00527 {
00528         struct winbindd_request request;
00529         struct winbindd_response response;
00530         int result;
00531 
00532         /* Initialise request */
00533 
00534         ZERO_STRUCT(request);
00535         ZERO_STRUCT(response);
00536 
00537         /* Make request */
00538 
00539         request.data.dual_idmapset.id = id;
00540         request.data.dual_idmapset.type = ID_TYPE_GID;
00541 
00542         result = winbindd_request_response(WINBINDD_SET_HWM, &request, &response);
00543 
00544         return (result == NSS_STATUS_SUCCESS);
00545 }
00546 
00547 /**********************************************************************
00548  simple wrapper function to see if winbindd is alive
00549 **********************************************************************/
00550 
00551 BOOL winbind_ping( void )
00552 {
00553         NSS_STATUS result;
00554 
00555         result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
00556 
00557         return result == NSS_STATUS_SUCCESS;
00558 }
00559 
00560 /**********************************************************************
00561  Is a domain trusted?
00562 
00563  result == NSS_STATUS_UNAVAIL: winbind not around
00564  result == NSS_STATUS_NOTFOUND: winbind around, but domain missing
00565 
00566  Due to a bad API NSS_STATUS_NOTFOUND is returned both when winbind_off and
00567  when winbind return WINBINDD_ERROR. So the semantics of this routine depends
00568  on winbind_on. Grepping for winbind_off I just found 3 places where winbind
00569  is turned off, and this does not conflict (as far as I have seen) with the
00570  callers of is_trusted_domains.
00571 
00572  I *hate* global variables....
00573 
00574  Volker
00575 
00576 **********************************************************************/
00577 
00578 NSS_STATUS wb_is_trusted_domain(const char *domain)
00579 {
00580         struct winbindd_request request;
00581         struct winbindd_response response;
00582 
00583         /* Call winbindd */
00584 
00585         ZERO_STRUCT(request);
00586         ZERO_STRUCT(response);
00587 
00588         fstrcpy(request.domain_name, domain);
00589 
00590         return winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response);
00591 }
Sambaに対してSat Aug 29 21:23:09 2009に生成されました。  doxygen 1.4.7