2 * Samba Unix/Linux SMB client library
4 * Copyright (C) Gregor Beck 2011
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * @brief Notify smbd about idmap changes
23 * @author Gregor Beck <gb@sernet.de>
29 #include "smbd/smbd.h"
32 #include "../libcli/security/dom_sid.h"
33 #include "../librpc/gen_ndr/messaging.h"
34 #include "../librpc/gen_ndr/ndr_security.h"
35 #include "idmap_cache.h"
36 #include "passdb/lookup_sid.h"
46 enum {UID, GID, SID} type;
49 static bool parse_id(const char* str, struct id* id)
55 if (sscanf(str, "%cID %lu%c", &c, &ul, &trash) == 2) {
68 } else if (string_to_sid(&sid, str)) {
76 static bool uid_in_use(const struct user_struct* user, uid_t uid)
79 if (user->session_info && (user->session_info->utok.uid == uid)) {
87 static bool gid_in_use(const struct user_struct* user, gid_t gid)
90 if (user->session_info != NULL) {
92 struct security_unix_token utok = user->session_info->utok;
93 if (utok.gid == gid) {
96 for(i=0; i<utok.ngroups; i++) {
97 if (utok.groups[i] == gid) {
107 static bool sid_in_use(const struct user_struct* user, const struct dom_sid* psid)
111 if (sid_to_gid(psid, &gid)) {
112 return gid_in_use(user, gid);
113 } else if (sid_to_uid(psid, &uid)) {
114 return uid_in_use(user, uid);
120 static bool id_in_use(const struct user_struct* user, const struct id* id)
124 return uid_in_use(user, id->id.uid);
126 return gid_in_use(user, id->id.gid);
128 return sid_in_use(user, &id->id.sid);
135 static void delete_from_cache(const struct id* id)
139 delete_uid_cache(id->id.uid);
140 idmap_cache_del_uid(id->id.uid);
143 delete_gid_cache(id->id.gid);
144 idmap_cache_del_gid(id->id.gid);
147 delete_sid_cache(&id->id.sid);
148 idmap_cache_del_sid(&id->id.sid);
156 static void message_idmap_flush(struct messaging_context *msg_ctx,
159 struct server_id server_id,
162 const char* msg = data ? (const char*)data->data : NULL;
164 if ((msg == NULL) || (msg[0] == '\0')) {
167 } else if (strncmp(msg, "GID", 3)) {
169 } else if (strncmp(msg, "UID", 3)) {
172 DEBUG(0, ("Invalid argument: %s\n", msg));
177 static void message_idmap_delete(struct messaging_context *msg_ctx,
180 struct server_id server_id,
183 const char* msg = (data && data->data) ? (const char*)data->data : "<NULL>";
184 bool do_kill = (msg_type == MSG_IDMAP_KILL);
185 struct user_struct* validated_users = smbd_server_conn->smb1.sessions.validated_users;
188 if (!parse_id(msg, &id)) {
189 DEBUG(0, ("Invalid ?ID: %s\n", msg));
193 if( do_kill && id_in_use(validated_users, &id) ) {
194 exit_server_cleanly(msg);
196 delete_from_cache(&id);
200 void msg_idmap_register_msgs(struct messaging_context *ctx)
202 messaging_register(ctx, NULL, MSG_IDMAP_FLUSH, message_idmap_flush);
203 messaging_register(ctx, NULL, MSG_IDMAP_DELETE, message_idmap_delete);
204 messaging_register(ctx, NULL, MSG_IDMAP_KILL, message_idmap_delete);