2 Unix SMB/Netbios implementation.
4 Winbind cache backend functions
6 Copyright (C) Andrew Tridgell 2001
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 struct winbind_cache {
26 struct winbindd_methods *backend;
32 uint32 sequence_number;
37 static struct winbind_cache *wcache;
39 void wcache_flush_cache(void)
41 extern BOOL opt_nocache;
45 tdb_close(wcache->tdb);
48 if (opt_nocache) return;
50 wcache->tdb = tdb_open_log(lock_path("winbindd_cache.tdb"), 0,
51 TDB_NOLOCK, O_RDWR | O_CREAT | O_TRUNC, 0600);
54 DEBUG(0,("Failed to open winbindd_cache.tdb!\n"));
58 /* get the winbind_cache structure */
59 static struct winbind_cache *get_cache(struct winbindd_domain *domain)
61 extern struct winbindd_methods msrpc_methods;
62 struct winbind_cache *ret = wcache;
66 ret = smb_xmalloc(sizeof(*ret));
68 switch (lp_security()) {
71 extern struct winbindd_methods ads_methods;
72 ret->backend = &ads_methods;
77 ret->backend = &msrpc_methods;
87 free a centry structure
89 static void centry_free(struct cache_entry *centry)
92 SAFE_FREE(centry->data);
98 pull a uint32 from a cache entry
100 static uint32 centry_uint32(struct cache_entry *centry)
103 if (centry->len - centry->ofs < 4) {
104 DEBUG(0,("centry corruption? needed 4 bytes, have %d\n",
105 centry->len - centry->ofs));
106 smb_panic("centry_uint32");
108 ret = IVAL(centry->data, centry->ofs);
113 /* pull a string from a cache entry, using the supplied
116 static char *centry_string(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
121 len = centry_uint32(centry);
122 if (centry->len - centry->ofs < len) {
123 DEBUG(0,("centry corruption? needed %d bytes, have %d\n",
124 len, centry->len - centry->ofs));
125 smb_panic("centry_string");
128 ret = talloc(mem_ctx, len+1);
130 smb_panic("centry_string out of memory\n");
132 memcpy(ret,centry->data + centry->ofs, len);
138 /* the server is considered down if it can't give us a sequence number */
139 static BOOL wcache_server_down(struct winbindd_domain *domain)
141 if (!wcache->tdb) return False;
142 return (domain->sequence_number == DOM_SEQUENCE_NONE);
147 refresh the domain sequence number. If force is True
148 then always refresh it, no matter how recently we fetched it
150 static void refresh_sequence_number(struct winbindd_domain *domain, BOOL force)
154 /* see if we have to refetch the domain sequence number */
155 if (!force && (time(NULL) - domain->last_seq_check < lp_winbind_cache_time())) {
159 status = wcache->backend->sequence_number(domain, &domain->sequence_number);
161 if (!NT_STATUS_IS_OK(status)) {
162 domain->sequence_number = DOM_SEQUENCE_NONE;
165 domain->last_seq_check = time(NULL);
169 decide if a cache entry has expired
171 static BOOL centry_expired(struct winbindd_domain *domain, struct cache_entry *centry)
173 /* if the server is OK and our cache entry came from when it was down then
174 the entry is invalid */
175 if (domain->sequence_number != DOM_SEQUENCE_NONE &&
176 centry->sequence_number == DOM_SEQUENCE_NONE) {
180 /* if the server is down or the cache entry is not older than the
181 current sequence number then it is OK */
182 if (wcache_server_down(domain) ||
183 centry->sequence_number >= domain->sequence_number) {
192 fetch an entry from the cache, with a varargs key. auto-fetch the sequence
193 number and return status
195 static struct cache_entry *wcache_fetch(struct winbind_cache *cache,
196 struct winbindd_domain *domain,
197 const char *format, ...)
202 struct cache_entry *centry;
204 refresh_sequence_number(domain, False);
206 va_start(ap, format);
207 smb_xvasprintf(&kstr, format, ap);
210 data = tdb_fetch_by_string(wcache->tdb, kstr);
217 centry = smb_xmalloc(sizeof(*centry));
218 centry->data = data.dptr;
219 centry->len = data.dsize;
222 if (centry->len < 8) {
223 /* huh? corrupt cache? */
228 centry->status = NT_STATUS(centry_uint32(centry));
229 centry->sequence_number = centry_uint32(centry);
231 if (centry_expired(domain, centry)) {
240 make sure we have at least len bytes available in a centry
242 static void centry_expand(struct cache_entry *centry, uint32 len)
245 if (centry->len - centry->ofs >= len) return;
247 p = realloc(centry->data, centry->len);
249 DEBUG(0,("out of memory: needed %d bytes in centry_expand\n", centry->len));
250 smb_panic("out of memory in centry_expand");
256 push a uint32 into a centry
258 static void centry_put_uint32(struct cache_entry *centry, uint32 v)
260 centry_expand(centry, 4);
261 SIVAL(centry->data, centry->ofs, v);
266 push a string into a centry
268 static void centry_put_string(struct cache_entry *centry, const char *s)
271 centry_put_uint32(centry, len);
272 centry_expand(centry, len);
273 memcpy(centry->data + centry->ofs, s, len);
278 start a centry for output. When finished, call centry_end()
280 struct cache_entry *centry_start(struct winbindd_domain *domain, NTSTATUS status)
282 struct cache_entry *centry;
284 if (!wcache->tdb) return NULL;
286 centry = smb_xmalloc(sizeof(*centry));
288 refresh_sequence_number(domain, True);
290 centry->len = 8192; /* reasonable default */
291 centry->data = smb_xmalloc(centry->len);
293 centry->sequence_number = domain->sequence_number;
294 centry_put_uint32(centry, NT_STATUS_V(status));
295 centry_put_uint32(centry, centry->sequence_number);
300 finish a centry and write it to the tdb
302 static void centry_end(struct cache_entry *centry, const char *format, ...)
307 va_start(ap, format);
308 smb_xvasprintf(&kstr, format, ap);
311 tdb_store_by_string(wcache->tdb, kstr, centry->data, centry->ofs);
315 /* Query display info. This is the basic user list fn */
316 static NTSTATUS query_user_list(struct winbindd_domain *domain,
318 uint32 *start_ndx, uint32 *num_entries,
319 WINBIND_USERINFO **info)
321 struct winbind_cache *cache = get_cache(domain);
322 struct cache_entry *centry = NULL;
326 if (!cache->tdb) goto do_query;
328 centry = wcache_fetch(cache, domain, "USERLIST/%s/%d", domain->name, *start_ndx);
329 if (!centry) goto do_query;
331 *num_entries = centry_uint32(centry);
333 if (*num_entries == 0) goto do_cached;
335 (*info) = talloc(mem_ctx, sizeof(**info) * (*num_entries));
336 if (! (*info)) smb_panic("query_user_list out of memory");
337 for (i=0; i<(*num_entries); i++) {
338 (*info)[i].acct_name = centry_string(centry, mem_ctx);
339 (*info)[i].full_name = centry_string(centry, mem_ctx);
340 (*info)[i].user_rid = centry_uint32(centry);
341 (*info)[i].group_rid = centry_uint32(centry);
345 status = centry->status;
350 if (wcache_server_down(domain)) {
352 return NT_STATUS_SERVER_DISABLED;
355 status = cache->backend->query_user_list(domain, mem_ctx, start_ndx, num_entries, info);
358 centry = centry_start(domain, status);
359 if (!centry) goto skip_save;
360 centry_put_uint32(centry, *num_entries);
361 for (i=0; i<(*num_entries); i++) {
362 centry_put_string(centry, (*info)[i].acct_name);
363 centry_put_string(centry, (*info)[i].full_name);
364 centry_put_uint32(centry, (*info)[i].user_rid);
365 centry_put_uint32(centry, (*info)[i].group_rid);
367 centry_end(centry, "USERLIST/%s/%d", domain->name, *start_ndx);
374 /* list all domain groups */
375 static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
377 uint32 *start_ndx, uint32 *num_entries,
378 struct acct_info **info)
380 struct winbind_cache *cache = get_cache(domain);
381 struct cache_entry *centry = NULL;
385 if (!cache->tdb) goto do_query;
387 centry = wcache_fetch(cache, domain, "GROUPLIST/%s/%d", domain->name, *start_ndx);
388 if (!centry) goto do_query;
390 *num_entries = centry_uint32(centry);
392 if (*num_entries == 0) goto do_cached;
394 (*info) = talloc(mem_ctx, sizeof(**info) * (*num_entries));
395 if (! (*info)) smb_panic("enum_dom_groups out of memory");
396 for (i=0; i<(*num_entries); i++) {
397 fstrcpy((*info)[i].acct_name, centry_string(centry, mem_ctx));
398 fstrcpy((*info)[i].acct_desc, centry_string(centry, mem_ctx));
399 (*info)[i].rid = centry_uint32(centry);
403 status = centry->status;
408 if (wcache_server_down(domain)) {
410 return NT_STATUS_SERVER_DISABLED;
413 status = cache->backend->enum_dom_groups(domain, mem_ctx, start_ndx, num_entries, info);
416 centry = centry_start(domain, status);
417 if (!centry) goto skip_save;
418 centry_put_uint32(centry, *num_entries);
419 for (i=0; i<(*num_entries); i++) {
420 centry_put_string(centry, (*info)[i].acct_name);
421 centry_put_string(centry, (*info)[i].acct_desc);
422 centry_put_uint32(centry, (*info)[i].rid);
424 centry_end(centry, "GROUPLIST/%s/%d", domain->name, *start_ndx);
432 /* convert a single name to a sid in a domain */
433 static NTSTATUS name_to_sid(struct winbindd_domain *domain,
436 enum SID_NAME_USE *type)
438 struct winbind_cache *cache = get_cache(domain);
439 struct cache_entry *centry = NULL;
443 if (!cache->tdb) goto do_query;
445 centry = wcache_fetch(cache, domain, "NAMETOSID/%s/%s", domain->name, name);
446 if (!centry) goto do_query;
447 *type = centry_uint32(centry);
448 sid_parse(centry->data + centry->ofs, centry->len - centry->ofs, sid);
450 status = centry->status;
455 if (wcache_server_down(domain)) {
456 return NT_STATUS_SERVER_DISABLED;
458 status = cache->backend->name_to_sid(domain, name, sid, type);
461 centry = centry_start(domain, status);
462 if (!centry) goto skip_save;
464 centry_expand(centry, len);
465 centry_put_uint32(centry, *type);
466 sid_linearize(centry->data + centry->ofs, len, sid);
468 centry_end(centry, "NAMETOSID/%s/%s", domain->name, name);
475 /* convert a sid to a user or group name */
476 static NTSTATUS sid_to_name(struct winbindd_domain *domain,
480 enum SID_NAME_USE *type)
482 struct winbind_cache *cache = get_cache(domain);
483 struct cache_entry *centry = NULL;
487 if (!cache->tdb) goto do_query;
489 sidstr = ads_sid_binstring(sid);
491 centry = wcache_fetch(cache, domain, "SIDTONAME/%s/%s", domain->name, sidstr);
492 if (!centry) goto do_query;
493 if (NT_STATUS_IS_OK(centry->status)) {
494 *type = centry_uint32(centry);
495 *name = centry_string(centry, mem_ctx);
497 status = centry->status;
503 if (wcache_server_down(domain)) {
504 return NT_STATUS_SERVER_DISABLED;
506 status = cache->backend->sid_to_name(domain, mem_ctx, sid, name, type);
509 centry = centry_start(domain, status);
510 if (!centry) goto skip_save;
511 if (NT_STATUS_IS_OK(status)) {
512 centry_put_uint32(centry, *type);
513 centry_put_string(centry, *name);
515 centry_end(centry, "SIDTONAME/%s/%s", domain->name, sidstr);
524 /* Lookup user information from a rid */
525 static NTSTATUS query_user(struct winbindd_domain *domain,
528 WINBIND_USERINFO *info)
530 struct winbind_cache *cache = get_cache(domain);
531 struct cache_entry *centry = NULL;
534 if (!cache->tdb) goto do_query;
536 centry = wcache_fetch(cache, domain, "USER/%s/%x", domain->name, user_rid);
537 if (!centry) goto do_query;
539 info->acct_name = centry_string(centry, mem_ctx);
540 info->full_name = centry_string(centry, mem_ctx);
541 info->user_rid = centry_uint32(centry);
542 info->group_rid = centry_uint32(centry);
543 status = centry->status;
548 if (wcache_server_down(domain)) {
549 return NT_STATUS_SERVER_DISABLED;
551 status = cache->backend->query_user(domain, mem_ctx, user_rid, info);
554 centry = centry_start(domain, status);
555 if (!centry) goto skip_save;
556 centry_put_string(centry, info->acct_name);
557 centry_put_string(centry, info->full_name);
558 centry_put_uint32(centry, info->user_rid);
559 centry_put_uint32(centry, info->group_rid);
560 centry_end(centry, "USER/%s/%x", domain->name, user_rid);
568 /* Lookup groups a user is a member of. */
569 static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
572 uint32 *num_groups, uint32 **user_gids)
574 struct winbind_cache *cache = get_cache(domain);
575 struct cache_entry *centry = NULL;
579 if (!cache->tdb) goto do_query;
581 centry = wcache_fetch(cache, domain, "USERGROUPS/%s/%x", domain->name, user_rid);
582 if (!centry) goto do_query;
584 *num_groups = centry_uint32(centry);
586 if (*num_groups == 0) goto do_cached;
588 (*user_gids) = talloc(mem_ctx, sizeof(**user_gids) * (*num_groups));
589 if (! (*user_gids)) smb_panic("lookup_usergroups out of memory");
590 for (i=0; i<(*num_groups); i++) {
591 (*user_gids)[i] = centry_uint32(centry);
595 status = centry->status;
600 if (wcache_server_down(domain)) {
602 return NT_STATUS_SERVER_DISABLED;
604 status = cache->backend->lookup_usergroups(domain, mem_ctx, user_rid, num_groups, user_gids);
607 centry = centry_start(domain, status);
608 if (!centry) goto skip_save;
609 centry_put_uint32(centry, *num_groups);
610 for (i=0; i<(*num_groups); i++) {
611 centry_put_uint32(centry, (*user_gids)[i]);
613 centry_end(centry, "USERGROUPS/%s/%x", domain->name, user_rid);
621 static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
623 uint32 group_rid, uint32 *num_names,
624 uint32 **rid_mem, char ***names,
627 struct winbind_cache *cache = get_cache(domain);
628 struct cache_entry *centry = NULL;
632 if (!cache->tdb) goto do_query;
634 centry = wcache_fetch(cache, domain, "GROUPMEM/%s/%x", domain->name, group_rid);
635 if (!centry) goto do_query;
637 *num_names = centry_uint32(centry);
639 if (*num_names == 0) goto do_cached;
641 (*rid_mem) = talloc(mem_ctx, sizeof(**rid_mem) * (*num_names));
642 (*names) = talloc(mem_ctx, sizeof(**names) * (*num_names));
643 (*name_types) = talloc(mem_ctx, sizeof(**name_types) * (*num_names));
645 if (! (*rid_mem) || ! (*names) || ! (*name_types)) {
646 smb_panic("lookup_groupmem out of memory");
649 for (i=0; i<(*num_names); i++) {
650 (*rid_mem)[i] = centry_uint32(centry);
651 (*names)[i] = centry_string(centry, mem_ctx);
652 (*name_types)[i] = centry_uint32(centry);
656 status = centry->status;
661 if (wcache_server_down(domain)) {
663 return NT_STATUS_SERVER_DISABLED;
665 status = cache->backend->lookup_groupmem(domain, mem_ctx, group_rid, num_names,
666 rid_mem, names, name_types);
669 centry = centry_start(domain, status);
670 if (!centry) goto skip_save;
671 centry_put_uint32(centry, *num_names);
672 for (i=0; i<(*num_names); i++) {
673 centry_put_uint32(centry, (*rid_mem)[i]);
674 centry_put_string(centry, (*names)[i]);
675 centry_put_uint32(centry, (*name_types)[i]);
677 centry_end(centry, "GROUPMEM/%s/%x", domain->name, group_rid);
684 /* find the sequence number for a domain */
685 static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq)
687 refresh_sequence_number(domain, False);
689 *seq = domain->sequence_number;
694 /* the ADS backend methods are exposed via this structure */
695 struct winbindd_methods cache_methods = {