00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025 #include "includes.h"
00026 #include "nsswitch/winbind_nss.h"
00027
00028 #undef DBGC_CLASS
00029 #define DBGC_CLASS DBGC_WINBIND
00030
00031 NSS_STATUS winbindd_request_response(int req_type,
00032 struct winbindd_request *request,
00033 struct winbindd_response *response);
00034
00035
00036
00037 BOOL winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
00038 enum lsa_SidType *name_type)
00039 {
00040 struct winbindd_request request;
00041 struct winbindd_response response;
00042 NSS_STATUS result;
00043
00044 if (!sid || !name_type)
00045 return False;
00046
00047
00048
00049 ZERO_STRUCT(request);
00050 ZERO_STRUCT(response);
00051
00052 fstrcpy(request.data.name.dom_name, dom_name);
00053 fstrcpy(request.data.name.name, name);
00054
00055 if ((result = winbindd_request_response(WINBINDD_LOOKUPNAME, &request,
00056 &response)) == NSS_STATUS_SUCCESS) {
00057 if (!string_to_sid(sid, response.data.sid.sid))
00058 return False;
00059 *name_type = (enum lsa_SidType)response.data.sid.type;
00060 }
00061
00062 return result == NSS_STATUS_SUCCESS;
00063 }
00064
00065
00066
00067 BOOL winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
00068 const char **domain, const char **name,
00069 enum lsa_SidType *name_type)
00070 {
00071 struct winbindd_request request;
00072 struct winbindd_response response;
00073 NSS_STATUS result;
00074
00075
00076
00077 ZERO_STRUCT(request);
00078 ZERO_STRUCT(response);
00079
00080 fstrcpy(request.data.sid, sid_string_static(sid));
00081
00082
00083
00084 result = winbindd_request_response(WINBINDD_LOOKUPSID, &request,
00085 &response);
00086
00087 if (result != NSS_STATUS_SUCCESS) {
00088 return False;
00089 }
00090
00091
00092
00093 if (domain != NULL) {
00094 *domain = talloc_strdup(mem_ctx, response.data.name.dom_name);
00095 if (*domain == NULL) {
00096 DEBUG(0, ("talloc failed\n"));
00097 return False;
00098 }
00099 }
00100 if (name != NULL) {
00101 *name = talloc_strdup(mem_ctx, response.data.name.name);
00102 if (*name == NULL) {
00103 DEBUG(0, ("talloc failed\n"));
00104 return False;
00105 }
00106 }
00107
00108 *name_type = (enum lsa_SidType)response.data.name.type;
00109
00110 DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
00111 sid_string_static(sid), response.data.name.dom_name,
00112 response.data.name.name));
00113 return True;
00114 }
00115
00116 BOOL winbind_lookup_rids(TALLOC_CTX *mem_ctx,
00117 const DOM_SID *domain_sid,
00118 int num_rids, uint32 *rids,
00119 const char **domain_name,
00120 const char ***names, enum lsa_SidType **types)
00121 {
00122 size_t i, buflen;
00123 ssize_t len;
00124 char *ridlist;
00125 char *p;
00126 struct winbindd_request request;
00127 struct winbindd_response response;
00128 NSS_STATUS result;
00129
00130 if (num_rids == 0) {
00131 return False;
00132 }
00133
00134
00135
00136 ZERO_STRUCT(request);
00137 ZERO_STRUCT(response);
00138
00139 fstrcpy(request.data.sid, sid_string_static(domain_sid));
00140
00141 len = 0;
00142 buflen = 0;
00143 ridlist = NULL;
00144
00145 for (i=0; i<num_rids; i++) {
00146 sprintf_append(mem_ctx, &ridlist, &len, &buflen,
00147 "%ld\n", rids[i]);
00148 }
00149
00150 if ((num_rids != 0) && (ridlist == NULL)) {
00151 return False;
00152 }
00153
00154 request.extra_data.data = ridlist;
00155 request.extra_len = strlen(ridlist)+1;
00156
00157 result = winbindd_request_response(WINBINDD_LOOKUPRIDS,
00158 &request, &response);
00159
00160 TALLOC_FREE(ridlist);
00161
00162 if (result != NSS_STATUS_SUCCESS) {
00163 return False;
00164 }
00165
00166 *domain_name = talloc_strdup(mem_ctx, response.data.domain_name);
00167
00168 if (num_rids) {
00169 *names = TALLOC_ARRAY(mem_ctx, const char *, num_rids);
00170 *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
00171
00172 if ((*names == NULL) || (*types == NULL)) {
00173 goto fail;
00174 }
00175 } else {
00176 *names = NULL;
00177 *types = NULL;
00178 }
00179
00180 p = (char *)response.extra_data.data;
00181
00182 for (i=0; i<num_rids; i++) {
00183 char *q;
00184
00185 if (*p == '\0') {
00186 DEBUG(10, ("Got invalid reply: %s\n",
00187 (char *)response.extra_data.data));
00188 goto fail;
00189 }
00190
00191 (*types)[i] = (enum lsa_SidType)strtoul(p, &q, 10);
00192
00193 if (*q != ' ') {
00194 DEBUG(10, ("Got invalid reply: %s\n",
00195 (char *)response.extra_data.data));
00196 goto fail;
00197 }
00198
00199 p = q+1;
00200
00201 q = strchr(p, '\n');
00202 if (q == NULL) {
00203 DEBUG(10, ("Got invalid reply: %s\n",
00204 (char *)response.extra_data.data));
00205 goto fail;
00206 }
00207
00208 *q = '\0';
00209
00210 (*names)[i] = talloc_strdup(*names, p);
00211
00212 p = q+1;
00213 }
00214
00215 if (*p != '\0') {
00216 DEBUG(10, ("Got invalid reply: %s\n",
00217 (char *)response.extra_data.data));
00218 goto fail;
00219 }
00220
00221 SAFE_FREE(response.extra_data.data);
00222
00223 return True;
00224
00225 fail:
00226 TALLOC_FREE(*names);
00227 TALLOC_FREE(*types);
00228 return False;
00229 }
00230
00231
00232
00233 BOOL winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
00234 {
00235 struct winbindd_request request;
00236 struct winbindd_response response;
00237 int result;
00238 fstring sid_str;
00239
00240 if (!puid)
00241 return False;
00242
00243
00244
00245 ZERO_STRUCT(request);
00246 ZERO_STRUCT(response);
00247
00248 sid_to_string(sid_str, sid);
00249 fstrcpy(request.data.sid, sid_str);
00250
00251
00252
00253 result = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response);
00254
00255
00256
00257 if (result == NSS_STATUS_SUCCESS) {
00258 *puid = response.data.uid;
00259 }
00260
00261 return (result == NSS_STATUS_SUCCESS);
00262 }
00263
00264
00265
00266 BOOL winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
00267 {
00268 struct winbindd_request request;
00269 struct winbindd_response response;
00270 int result;
00271
00272 if (!sid)
00273 return False;
00274
00275
00276
00277 ZERO_STRUCT(request);
00278 ZERO_STRUCT(response);
00279
00280 request.data.uid = uid;
00281
00282
00283
00284 result = winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response);
00285
00286
00287
00288 if (result == NSS_STATUS_SUCCESS) {
00289 if (!string_to_sid(sid, response.data.sid.sid))
00290 return False;
00291 } else {
00292 sid_copy(sid, &global_sid_NULL);
00293 }
00294
00295 return (result == NSS_STATUS_SUCCESS);
00296 }
00297
00298
00299
00300 BOOL winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
00301 {
00302 struct winbindd_request request;
00303 struct winbindd_response response;
00304 int result;
00305 fstring sid_str;
00306
00307 if (!pgid)
00308 return False;
00309
00310
00311
00312 ZERO_STRUCT(request);
00313 ZERO_STRUCT(response);
00314
00315 sid_to_string(sid_str, sid);
00316 fstrcpy(request.data.sid, sid_str);
00317
00318
00319
00320 result = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response);
00321
00322
00323
00324 if (result == NSS_STATUS_SUCCESS) {
00325 *pgid = response.data.gid;
00326 }
00327
00328 return (result == NSS_STATUS_SUCCESS);
00329 }
00330
00331
00332
00333 BOOL winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
00334 {
00335 struct winbindd_request request;
00336 struct winbindd_response response;
00337 int result;
00338
00339 if (!sid)
00340 return False;
00341
00342
00343
00344 ZERO_STRUCT(request);
00345 ZERO_STRUCT(response);
00346
00347 request.data.gid = gid;
00348
00349
00350
00351 result = winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response);
00352
00353
00354
00355 if (result == NSS_STATUS_SUCCESS) {
00356 if (!string_to_sid(sid, response.data.sid.sid))
00357 return False;
00358 } else {
00359 sid_copy(sid, &global_sid_NULL);
00360 }
00361
00362 return (result == NSS_STATUS_SUCCESS);
00363 }
00364
00365
00366
00367 BOOL winbind_sids_to_unixids(struct id_map *ids, int num_ids)
00368 {
00369 struct winbindd_request request;
00370 struct winbindd_response response;
00371 int result;
00372 DOM_SID *sids;
00373 int i;
00374
00375
00376
00377 ZERO_STRUCT(request);
00378 ZERO_STRUCT(response);
00379
00380 request.extra_len = num_ids * sizeof(DOM_SID);
00381
00382 sids = (DOM_SID *)SMB_MALLOC(request.extra_len);
00383 for (i = 0; i < num_ids; i++) {
00384 sid_copy(&sids[i], ids[i].sid);
00385 }
00386
00387 request.extra_data.data = (char *)sids;
00388
00389
00390
00391 result = winbindd_request_response(WINBINDD_SIDS_TO_XIDS, &request, &response);
00392
00393
00394
00395 if (result == NSS_STATUS_SUCCESS) {
00396 struct unixid *wid = (struct unixid *)response.extra_data.data;
00397
00398 for (i = 0; i < num_ids; i++) {
00399 if (wid[i].type == -1) {
00400 ids[i].status = ID_UNMAPPED;
00401 } else {
00402 ids[i].status = ID_MAPPED;
00403 ids[i].xid.type = wid[i].type;
00404 ids[i].xid.id = wid[i].id;
00405 }
00406 }
00407 }
00408
00409 SAFE_FREE(request.extra_data.data);
00410 SAFE_FREE(response.extra_data.data);
00411
00412 return (result == NSS_STATUS_SUCCESS);
00413 }
00414
00415 BOOL winbind_idmap_dump_maps(TALLOC_CTX *memctx, const char *file)
00416 {
00417 struct winbindd_request request;
00418 struct winbindd_response response;
00419 int result;
00420
00421 ZERO_STRUCT(request);
00422 ZERO_STRUCT(response);
00423
00424 request.extra_data.data = SMB_STRDUP(file);
00425 request.extra_len = strlen(request.extra_data.data) + 1;
00426
00427 result = winbindd_request_response(WINBINDD_DUMP_MAPS, &request, &response);
00428
00429 SAFE_FREE(request.extra_data.data);
00430 return (result == NSS_STATUS_SUCCESS);
00431 }
00432
00433 BOOL winbind_allocate_uid(uid_t *uid)
00434 {
00435 struct winbindd_request request;
00436 struct winbindd_response response;
00437 int result;
00438
00439
00440
00441 ZERO_STRUCT(request);
00442 ZERO_STRUCT(response);
00443
00444
00445
00446 result = winbindd_request_response(WINBINDD_ALLOCATE_UID,
00447 &request, &response);
00448
00449 if (result != NSS_STATUS_SUCCESS)
00450 return False;
00451
00452
00453 *uid = response.data.uid;
00454
00455 return True;
00456 }
00457
00458 BOOL winbind_allocate_gid(gid_t *gid)
00459 {
00460 struct winbindd_request request;
00461 struct winbindd_response response;
00462 int result;
00463
00464
00465
00466 ZERO_STRUCT(request);
00467 ZERO_STRUCT(response);
00468
00469
00470
00471 result = winbindd_request_response(WINBINDD_ALLOCATE_GID,
00472 &request, &response);
00473
00474 if (result != NSS_STATUS_SUCCESS)
00475 return False;
00476
00477
00478 *gid = response.data.gid;
00479
00480 return True;
00481 }
00482
00483 BOOL winbind_set_mapping(const struct id_map *map)
00484 {
00485 struct winbindd_request request;
00486 struct winbindd_response response;
00487 int result;
00488
00489
00490
00491 ZERO_STRUCT(request);
00492 ZERO_STRUCT(response);
00493
00494
00495
00496 request.data.dual_idmapset.id = map->xid.id;
00497 request.data.dual_idmapset.type = map->xid.type;
00498 sid_to_string(request.data.dual_idmapset.sid, map->sid);
00499
00500 result = winbindd_request_response(WINBINDD_SET_MAPPING, &request, &response);
00501
00502 return (result == NSS_STATUS_SUCCESS);
00503 }
00504
00505 BOOL winbind_set_uid_hwm(unsigned long id)
00506 {
00507 struct winbindd_request request;
00508 struct winbindd_response response;
00509 int result;
00510
00511
00512
00513 ZERO_STRUCT(request);
00514 ZERO_STRUCT(response);
00515
00516
00517
00518 request.data.dual_idmapset.id = id;
00519 request.data.dual_idmapset.type = ID_TYPE_UID;
00520
00521 result = winbindd_request_response(WINBINDD_SET_HWM, &request, &response);
00522
00523 return (result == NSS_STATUS_SUCCESS);
00524 }
00525
00526 BOOL winbind_set_gid_hwm(unsigned long id)
00527 {
00528 struct winbindd_request request;
00529 struct winbindd_response response;
00530 int result;
00531
00532
00533
00534 ZERO_STRUCT(request);
00535 ZERO_STRUCT(response);
00536
00537
00538
00539 request.data.dual_idmapset.id = id;
00540 request.data.dual_idmapset.type = ID_TYPE_GID;
00541
00542 result = winbindd_request_response(WINBINDD_SET_HWM, &request, &response);
00543
00544 return (result == NSS_STATUS_SUCCESS);
00545 }
00546
00547
00548
00549
00550
00551 BOOL winbind_ping( void )
00552 {
00553 NSS_STATUS result;
00554
00555 result = winbindd_request_response(WINBINDD_PING, NULL, NULL);
00556
00557 return result == NSS_STATUS_SUCCESS;
00558 }
00559
00560
00561
00562
00563
00564
00565
00566
00567
00568
00569
00570
00571
00572
00573
00574
00575
00576
00577
00578 NSS_STATUS wb_is_trusted_domain(const char *domain)
00579 {
00580 struct winbindd_request request;
00581 struct winbindd_response response;
00582
00583
00584
00585 ZERO_STRUCT(request);
00586 ZERO_STRUCT(response);
00587
00588 fstrcpy(request.domain_name, domain);
00589
00590 return winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response);
00591 }