00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023 #include "includes.h"
00024 #include "winbindd.h"
00025
00026 #undef DBGC_CLASS
00027 #define DBGC_CLASS DBGC_WINBIND
00028
00029
00030
00031 static void lookupsid_recv(void *private_data, BOOL success,
00032 const char *dom_name, const char *name,
00033 enum lsa_SidType type);
00034
00035 void winbindd_lookupsid(struct winbindd_cli_state *state)
00036 {
00037 DOM_SID sid;
00038
00039
00040 state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
00041
00042 DEBUG(3, ("[%5lu]: lookupsid %s\n", (unsigned long)state->pid,
00043 state->request.data.sid));
00044
00045 if (!string_to_sid(&sid, state->request.data.sid)) {
00046 DEBUG(5, ("%s not a SID\n", state->request.data.sid));
00047 request_error(state);
00048 return;
00049 }
00050
00051 winbindd_lookupsid_async(state->mem_ctx, &sid, lookupsid_recv, state);
00052 }
00053
00054 static void lookupsid_recv(void *private_data, BOOL success,
00055 const char *dom_name, const char *name,
00056 enum lsa_SidType type)
00057 {
00058 struct winbindd_cli_state *state =
00059 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00060
00061 if (!success) {
00062 DEBUG(5, ("lookupsid returned an error\n"));
00063 request_error(state);
00064 return;
00065 }
00066
00067 fstrcpy(state->response.data.name.dom_name, dom_name);
00068 fstrcpy(state->response.data.name.name, name);
00069 state->response.data.name.type = type;
00070 request_ok(state);
00071 }
00072
00073
00074
00075
00076
00077 static void lookupname_recv(void *private_data, BOOL success,
00078 const DOM_SID *sid, enum lsa_SidType type);
00079
00080 void winbindd_lookupname(struct winbindd_cli_state *state)
00081 {
00082 char *name_domain, *name_user;
00083 char *p;
00084
00085
00086 state->request.data.name.dom_name[sizeof(state->request.data.name.dom_name)-1]='\0';
00087
00088
00089 state->request.data.name.name[sizeof(state->request.data.name.name)-1]='\0';
00090
00091
00092 p = strstr(state->request.data.name.name, lp_winbind_separator());
00093 if (p) {
00094 *p = 0;
00095 name_domain = state->request.data.name.name;
00096 name_user = p+1;
00097 } else {
00098 name_domain = state->request.data.name.dom_name;
00099 name_user = state->request.data.name.name;
00100 }
00101
00102 DEBUG(3, ("[%5lu]: lookupname %s%s%s\n", (unsigned long)state->pid,
00103 name_domain, lp_winbind_separator(), name_user));
00104
00105 winbindd_lookupname_async(state->mem_ctx, name_domain, name_user,
00106 lookupname_recv, state);
00107 }
00108
00109 static void lookupname_recv(void *private_data, BOOL success,
00110 const DOM_SID *sid, enum lsa_SidType type)
00111 {
00112 struct winbindd_cli_state *state =
00113 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00114
00115 if (!success) {
00116 DEBUG(5, ("lookupname returned an error\n"));
00117 request_error(state);
00118 return;
00119 }
00120
00121 sid_to_string(state->response.data.sid.sid, sid);
00122 state->response.data.sid.type = type;
00123 request_ok(state);
00124 return;
00125 }
00126
00127 void winbindd_lookuprids(struct winbindd_cli_state *state)
00128 {
00129 struct winbindd_domain *domain;
00130 DOM_SID domain_sid;
00131
00132
00133 state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
00134
00135 DEBUG(10, ("lookup_rids: %s\n", state->request.data.sid));
00136
00137 if (!string_to_sid(&domain_sid, state->request.data.sid)) {
00138 DEBUG(5, ("Could not convert %s to SID\n",
00139 state->request.data.sid));
00140 request_error(state);
00141 return;
00142 }
00143
00144 domain = find_lookup_domain_from_sid(&domain_sid);
00145 if (domain == NULL) {
00146 DEBUG(10, ("Could not find domain for name %s\n",
00147 state->request.domain_name));
00148 request_error(state);
00149 return;
00150 }
00151
00152 sendto_domain(state, domain);
00153 }
00154
00155 static struct winbindd_child static_idmap_child;
00156
00157 void init_idmap_child(void)
00158 {
00159 setup_domain_child(NULL, &static_idmap_child, "idmap");
00160 }
00161
00162 struct winbindd_child *idmap_child(void)
00163 {
00164 return &static_idmap_child;
00165 }
00166
00167
00168
00169
00170 static void sid2uid_recv(void *private_data, BOOL success, uid_t uid)
00171 {
00172 struct winbindd_cli_state *state =
00173 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00174
00175 if (!success) {
00176 DEBUG(5, ("Could not convert sid %s\n",
00177 state->request.data.sid));
00178 request_error(state);
00179 return;
00180 }
00181
00182 state->response.data.uid = uid;
00183 request_ok(state);
00184 }
00185
00186 static void sid2uid_lookupsid_recv( void *private_data, BOOL success,
00187 const char *domain_name,
00188 const char *name,
00189 enum lsa_SidType type)
00190 {
00191 struct winbindd_cli_state *state =
00192 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00193 DOM_SID sid;
00194
00195 if (!success) {
00196 DEBUG(5, ("sid2uid_lookupsid_recv Could not convert get sid type for %s\n",
00197 state->request.data.sid));
00198 request_error(state);
00199 return;
00200 }
00201
00202 if ( (type!=SID_NAME_USER) && (type!=SID_NAME_COMPUTER) ) {
00203 DEBUG(5,("sid2uid_lookupsid_recv: Sid %s is not a user or a computer.\n",
00204 state->request.data.sid));
00205 request_error(state);
00206 return;
00207 }
00208
00209 if (!string_to_sid(&sid, state->request.data.sid)) {
00210 DEBUG(1, ("sid2uid_lookupsid_recv: Could not get convert sid %s from string\n",
00211 state->request.data.sid));
00212 request_error(state);
00213 return;
00214 }
00215
00216
00217 winbindd_sid2uid_async(state->mem_ctx, &sid, sid2uid_recv, state);
00218 }
00219
00220 void winbindd_sid_to_uid(struct winbindd_cli_state *state)
00221 {
00222 DOM_SID sid;
00223
00224
00225 state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
00226
00227 DEBUG(3, ("[%5lu]: sid to uid %s\n", (unsigned long)state->pid,
00228 state->request.data.sid));
00229
00230 if (!string_to_sid(&sid, state->request.data.sid)) {
00231 DEBUG(1, ("Could not get convert sid %s from string\n",
00232 state->request.data.sid));
00233 request_error(state);
00234 return;
00235 }
00236
00237
00238
00239
00240
00241 winbindd_lookupsid_async( state->mem_ctx, &sid, sid2uid_lookupsid_recv, state );
00242 }
00243
00244
00245
00246
00247 static void sid2gid_recv(void *private_data, BOOL success, gid_t gid)
00248 {
00249 struct winbindd_cli_state *state =
00250 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00251
00252 if (!success) {
00253 DEBUG(5, ("Could not convert sid %s\n",
00254 state->request.data.sid));
00255 request_error(state);
00256 return;
00257 }
00258
00259 state->response.data.gid = gid;
00260 request_ok(state);
00261 }
00262
00263 static void sid2gid_lookupsid_recv( void *private_data, BOOL success,
00264 const char *domain_name,
00265 const char *name,
00266 enum lsa_SidType type)
00267 {
00268 struct winbindd_cli_state *state =
00269 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00270 DOM_SID sid;
00271
00272 if (!success) {
00273 DEBUG(5, ("sid2gid_lookupsid_recv: Could not convert get sid type for %s\n",
00274 state->request.data.sid));
00275 request_error(state);
00276 return;
00277 }
00278
00279 if ( (type!=SID_NAME_DOM_GRP) &&
00280 (type!=SID_NAME_ALIAS) &&
00281 (type!=SID_NAME_WKN_GRP) )
00282 {
00283 DEBUG(5,("sid2gid_lookupsid_recv: Sid %s is not a group.\n",
00284 state->request.data.sid));
00285 request_error(state);
00286 return;
00287 }
00288
00289 if (!string_to_sid(&sid, state->request.data.sid)) {
00290 DEBUG(1, ("sid2gid_lookupsid_recv: Could not get convert sid %s from string\n",
00291 state->request.data.sid));
00292 request_error(state);
00293 return;
00294 }
00295
00296
00297 winbindd_sid2gid_async(state->mem_ctx, &sid, sid2gid_recv, state);
00298 }
00299
00300 void winbindd_sid_to_gid(struct winbindd_cli_state *state)
00301 {
00302 DOM_SID sid;
00303
00304
00305 state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
00306
00307 DEBUG(3, ("[%5lu]: sid to gid %s\n", (unsigned long)state->pid,
00308 state->request.data.sid));
00309
00310 if (!string_to_sid(&sid, state->request.data.sid)) {
00311 DEBUG(1, ("Could not get convert sid %s from string\n",
00312 state->request.data.sid));
00313 request_error(state);
00314 return;
00315 }
00316
00317
00318
00319
00320
00321 winbindd_lookupsid_async( state->mem_ctx, &sid, sid2gid_lookupsid_recv, state );
00322 }
00323
00324 static void sids2xids_recv(void *private_data, BOOL success, void *data, int len)
00325 {
00326 struct winbindd_cli_state *state =
00327 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00328
00329 if (!success) {
00330 DEBUG(5, ("Could not convert sids to xids\n"));
00331 request_error(state);
00332 return;
00333 }
00334
00335 state->response.extra_data.data = data;
00336 state->response.length = sizeof(state->response) + len;
00337 request_ok(state);
00338 }
00339
00340 void winbindd_sids_to_unixids(struct winbindd_cli_state *state)
00341 {
00342 DEBUG(3, ("[%5lu]: sids to xids\n", (unsigned long)state->pid));
00343
00344 winbindd_sids2xids_async(state->mem_ctx,
00345 state->request.extra_data.data,
00346 state->request.extra_len,
00347 sids2xids_recv, state);
00348 }
00349
00350 static void set_mapping_recv(void *private_data, BOOL success)
00351 {
00352 struct winbindd_cli_state *state =
00353 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00354
00355 if (!success) {
00356 DEBUG(5, ("Could not set sid mapping\n"));
00357 request_error(state);
00358 return;
00359 }
00360
00361 request_ok(state);
00362 }
00363
00364 void winbindd_set_mapping(struct winbindd_cli_state *state)
00365 {
00366 struct id_map map;
00367 DOM_SID sid;
00368
00369 DEBUG(3, ("[%5lu]: set id map\n", (unsigned long)state->pid));
00370
00371 if ( ! state->privileged) {
00372 DEBUG(0, ("Only root is allowed to set mappings!\n"));
00373 request_error(state);
00374 return;
00375 }
00376
00377 if (!string_to_sid(&sid, state->request.data.dual_idmapset.sid)) {
00378 DEBUG(1, ("Could not get convert sid %s from string\n",
00379 state->request.data.sid));
00380 request_error(state);
00381 return;
00382 }
00383
00384 map.sid = &sid;
00385 map.xid.id = state->request.data.dual_idmapset.id;
00386 map.xid.type = state->request.data.dual_idmapset.type;
00387
00388 winbindd_set_mapping_async(state->mem_ctx, &map,
00389 set_mapping_recv, state);
00390 }
00391
00392 static void set_hwm_recv(void *private_data, BOOL success)
00393 {
00394 struct winbindd_cli_state *state =
00395 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00396
00397 if (!success) {
00398 DEBUG(5, ("Could not set sid mapping\n"));
00399 request_error(state);
00400 return;
00401 }
00402
00403 request_ok(state);
00404 }
00405
00406 void winbindd_set_hwm(struct winbindd_cli_state *state)
00407 {
00408 struct unixid xid;
00409
00410 DEBUG(3, ("[%5lu]: set hwm\n", (unsigned long)state->pid));
00411
00412 if ( ! state->privileged) {
00413 DEBUG(0, ("Only root is allowed to set mappings!\n"));
00414 request_error(state);
00415 return;
00416 }
00417
00418 xid.id = state->request.data.dual_idmapset.id;
00419 xid.type = state->request.data.dual_idmapset.type;
00420
00421 winbindd_set_hwm_async(state->mem_ctx, &xid, set_hwm_recv, state);
00422 }
00423
00424
00425
00426 static void uid2sid_recv(void *private_data, BOOL success, const char *sid)
00427 {
00428 struct winbindd_cli_state *state =
00429 (struct winbindd_cli_state *)private_data;
00430
00431 if (success) {
00432 DEBUG(10,("uid2sid: uid %lu has sid %s\n",
00433 (unsigned long)(state->request.data.uid), sid));
00434 fstrcpy(state->response.data.sid.sid, sid);
00435 state->response.data.sid.type = SID_NAME_USER;
00436 request_ok(state);
00437 return;
00438 }
00439
00440 request_error(state);
00441 return;
00442 }
00443
00444 void winbindd_uid_to_sid(struct winbindd_cli_state *state)
00445 {
00446 DEBUG(3, ("[%5lu]: uid to sid %lu\n", (unsigned long)state->pid,
00447 (unsigned long)state->request.data.uid));
00448
00449
00450 winbindd_uid2sid_async(state->mem_ctx, state->request.data.uid, uid2sid_recv, state);
00451 }
00452
00453
00454
00455 static void gid2sid_recv(void *private_data, BOOL success, const char *sid)
00456 {
00457 struct winbindd_cli_state *state =
00458 (struct winbindd_cli_state *)private_data;
00459
00460 if (success) {
00461 DEBUG(10,("gid2sid: gid %lu has sid %s\n",
00462 (unsigned long)(state->request.data.gid), sid));
00463 fstrcpy(state->response.data.sid.sid, sid);
00464 state->response.data.sid.type = SID_NAME_DOM_GRP;
00465 request_ok(state);
00466 return;
00467 }
00468
00469 request_error(state);
00470 return;
00471 }
00472
00473
00474 void winbindd_gid_to_sid(struct winbindd_cli_state *state)
00475 {
00476 DEBUG(3, ("[%5lu]: gid to sid %lu\n", (unsigned long)state->pid,
00477 (unsigned long)state->request.data.gid));
00478
00479
00480 winbindd_gid2sid_async(state->mem_ctx, state->request.data.gid, gid2sid_recv, state);
00481 }
00482
00483 void winbindd_allocate_uid(struct winbindd_cli_state *state)
00484 {
00485 if ( !state->privileged ) {
00486 DEBUG(2, ("winbindd_allocate_uid: non-privileged access "
00487 "denied!\n"));
00488 request_error(state);
00489 return;
00490 }
00491
00492 sendto_child(state, idmap_child());
00493 }
00494
00495 enum winbindd_result winbindd_dual_allocate_uid(struct winbindd_domain *domain,
00496 struct winbindd_cli_state *state)
00497 {
00498 struct unixid xid;
00499
00500 if (!NT_STATUS_IS_OK(idmap_allocate_uid(&xid))) {
00501 return WINBINDD_ERROR;
00502 }
00503 state->response.data.uid = xid.id;
00504 return WINBINDD_OK;
00505 }
00506
00507 void winbindd_allocate_gid(struct winbindd_cli_state *state)
00508 {
00509 if ( !state->privileged ) {
00510 DEBUG(2, ("winbindd_allocate_gid: non-privileged access "
00511 "denied!\n"));
00512 request_error(state);
00513 return;
00514 }
00515
00516 sendto_child(state, idmap_child());
00517 }
00518
00519 enum winbindd_result winbindd_dual_allocate_gid(struct winbindd_domain *domain,
00520 struct winbindd_cli_state *state)
00521 {
00522 struct unixid xid;
00523
00524 if (!NT_STATUS_IS_OK(idmap_allocate_gid(&xid))) {
00525 return WINBINDD_ERROR;
00526 }
00527 state->response.data.gid = xid.id;
00528 return WINBINDD_OK;
00529 }
00530
00531 static void dump_maps_recv(void *private_data, BOOL success)
00532 {
00533 struct winbindd_cli_state *state =
00534 talloc_get_type_abort(private_data, struct winbindd_cli_state);
00535
00536 if (!success) {
00537 DEBUG(5, ("Could not dump maps\n"));
00538 request_error(state);
00539 return;
00540 }
00541
00542 request_ok(state);
00543 }
00544
00545 void winbindd_dump_maps(struct winbindd_cli_state *state)
00546 {
00547 if ( ! state->privileged) {
00548 DEBUG(0, ("Only root is allowed to ask for an idmap dump!\n"));
00549 request_error(state);
00550 return;
00551 }
00552
00553 DEBUG(3, ("[%5lu]: dump maps\n", (unsigned long)state->pid));
00554
00555 winbindd_dump_maps_async(state->mem_ctx,
00556 state->request.extra_data.data,
00557 state->request.extra_len,
00558 dump_maps_recv, state);
00559 }
00560