source3/winbindd/winbindd_misc.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    Winbind daemon - miscellaneous other functions
   5
   6    Copyright (C) Tim Potter      2000
   7    Copyright (C) Andrew Bartlett 2002
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22
  23 #include "includes.h"
  24 #include "winbindd.h"
  25
  26 #undef DBGC_CLASS
  27 #define DBGC_CLASS DBGC_WINBIND
  28
  29 /* Constants and helper functions for determining domain trust types */
  30
  31 enum trust_type {
  32         EXTERNAL = 0,
  33         FOREST,
  34         IN_FOREST,
  35         NONE,
  36 };
  37
  38 const char *trust_type_strings[] = {"External",
  39                                     "Forest",
  40                                     "In Forest",
  41                                     "None"};
  42
  43 static enum trust_type get_trust_type(struct winbindd_tdc_domain *domain)
  44 {
  45         if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN)
  46                 return EXTERNAL;
  47         else if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)
  48                 return FOREST;
  49         else if (((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) == NETR_TRUST_FLAG_IN_FOREST) &&
  50             ((domain->trust_flags & NETR_TRUST_FLAG_PRIMARY) == 0x0))
  51                 return IN_FOREST;
  52         return NONE;
  53 }
  54
  55 static const char *get_trust_type_string(struct winbindd_tdc_domain *domain)
  56 {
  57         return trust_type_strings[get_trust_type(domain)];
  58 }
  59
  60 static bool trust_is_inbound(struct winbindd_tdc_domain *domain)
  61 {
  62         return (domain->trust_flags == 0x0) ||
  63             ((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) ==
  64             NETR_TRUST_FLAG_IN_FOREST) ||
  65             ((domain->trust_flags & NETR_TRUST_FLAG_INBOUND) ==
  66             NETR_TRUST_FLAG_INBOUND);
  67 }
  68
  69 static bool trust_is_outbound(struct winbindd_tdc_domain *domain)
  70 {
  71         return (domain->trust_flags == 0x0) ||
  72             ((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) ==
  73             NETR_TRUST_FLAG_IN_FOREST) ||
  74             ((domain->trust_flags & NETR_TRUST_FLAG_OUTBOUND) ==
  75             NETR_TRUST_FLAG_OUTBOUND);
  76 }
  77
  78 static bool trust_is_transitive(struct winbindd_tdc_domain *domain)
  79 {
  80         if ((domain->trust_attribs == NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE) ||
  81             (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) ||
  82             (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL))
  83                 return False;
  84         return True;
  85 }
  86
  87 void winbindd_list_trusted_domains(struct winbindd_cli_state *state)
  88 {
  89         struct winbindd_tdc_domain *dom_list = NULL;
  90         struct winbindd_tdc_domain *d = NULL;
  91         size_t num_domains = 0;
  92         int extra_data_len = 0;
  93         char *extra_data = NULL;
  94         int i = 0;
  95
  96         DEBUG(3, ("[%5lu]: list trusted domains\n",
  97                   (unsigned long)state->pid));
  98
  99         if( !wcache_tdc_fetch_list( &dom_list, &num_domains )) {
 100                 request_error(state);
 101                 goto done;
 102         }
 103
 104         extra_data = talloc_strdup(state->mem_ctx, "");
 105         if (extra_data == NULL) {
 106                 request_error(state);
 107                 goto done;
 108         }
 109
 110         for ( i = 0; i < num_domains; i++ ) {
 111                 struct winbindd_domain *domain;
 112                 bool is_online = true;
 113
 114                 d = &dom_list[i];
 115                 domain = find_domain_from_name_noinit(d->domain_name);
 116                 if (domain) {
 117                         is_online = domain->online;
 118                 }
 119                 extra_data = talloc_asprintf_append_buffer(
 120                         extra_data,
 121                         "%s\\%s\\%s\\%s\\%s\\%s\\%s\\%s\n",
 122                         d->domain_name,
 123                         d->dns_name ? d->dns_name : d->domain_name,
 124                         sid_string_talloc(state->mem_ctx, &d->sid),
 125                         get_trust_type_string(d),
 126                         trust_is_transitive(d) ? "Yes" : "No",
 127                         trust_is_inbound(d) ? "Yes" : "No",
 128                         trust_is_outbound(d) ? "Yes" : "No",
 129                         is_online ? "Online" : "Offline" );
 130         }
 131
 132         state->response->data.num_entries = num_domains;
 133
 134         extra_data_len = strlen(extra_data);
 135         if (extra_data_len > 0) {
 136
 137                 /* Strip the last \n */
 138                 extra_data[extra_data_len-1] = '\0';
 139
 140                 state->response->extra_data.data = extra_data;
 141                 state->response->length += extra_data_len;
 142         }
 143
 144         request_ok(state);
 145 done:
 146         TALLOC_FREE( dom_list );
 147 }
 148
 149 enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain,
 150                                                         struct winbindd_cli_state *state)
 151 {
 152         int i;
 153         int extra_data_len = 0;
 154         char *extra_data;
 155         NTSTATUS result;
 156         bool have_own_domain = False;
 157         struct netr_DomainTrustList trusts;
 158
 159         DEBUG(3, ("[%5lu]: list trusted domains\n",
 160                   (unsigned long)state->pid));
 161
 162         result = domain->methods->trusted_domains(domain, state->mem_ctx,
 163                                                   &trusts);
 164
 165         if (!NT_STATUS_IS_OK(result)) {
 166                 DEBUG(3, ("winbindd_dual_list_trusted_domains: trusted_domains returned %s\n",
 167                         nt_errstr(result) ));
 168                 return WINBINDD_ERROR;
 169         }
 170
 171         extra_data = talloc_strdup(state->mem_ctx, "");
 172
 173         for (i=0; i<trusts.count; i++) {
 174                 extra_data = talloc_asprintf_append_buffer(
 175                         extra_data, "%s\\%s\\%s\n",
 176                         trusts.array[i].netbios_name,
 177                         trusts.array[i].dns_name,
 178                         sid_string_talloc(state->mem_ctx,
 179                                           trusts.array[i].sid));
 180         }
 181
 182         /* add our primary domain */
 183
 184         for (i=0; i<trusts.count; i++) {
 185                 if (strequal(trusts.array[i].netbios_name, domain->name)) {
 186                         have_own_domain = True;
 187                         break;
 188                 }
 189         }
 190
 191         if (state->request->data.list_all_domains && !have_own_domain) {
 192                 extra_data = talloc_asprintf_append_buffer(
 193                         extra_data, "%s\\%s\\%s\n", domain->name,
 194                         domain->alt_name ? domain->alt_name : domain->name,
 195                         sid_string_talloc(state->mem_ctx, &domain->sid));
 196         }
 197
 198         extra_data_len = strlen(extra_data);
 199         if (extra_data_len > 0) {
 200
 201                 /* Strip the last \n */
 202                 extra_data[extra_data_len-1] = '\0';
 203
 204                 state->response->extra_data.data = extra_data;
 205                 state->response->length += extra_data_len+1;
 206         }
 207
 208         return WINBINDD_OK;
 209 }
 210
 211 struct domain_info_state {
 212         struct winbindd_domain *domain;
 213         struct winbindd_cli_state *cli;
 214         struct winbindd_request ping_request;
 215 };
 216
 217 static void domain_info_done(struct tevent_req *req);
 218
 219 void winbindd_domain_info(struct winbindd_cli_state *cli)
 220 {
 221         struct domain_info_state *state;
 222         struct winbindd_domain *domain;
 223         struct tevent_req *req;
 224
 225         DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)cli->pid,
 226                   cli->request->domain_name));
 227
 228         domain = find_domain_from_name_noinit(cli->request->domain_name);
 229
 230         if (domain == NULL) {
 231                 DEBUG(3, ("Did not find domain [%s]\n",
 232                           cli->request->domain_name));
 233                 request_error(cli);
 234                 return;
 235         }
 236
 237         if (domain->initialized) {
 238                 fstrcpy(cli->response->data.domain_info.name,
 239                         domain->name);
 240                 fstrcpy(cli->response->data.domain_info.alt_name,
 241                         domain->alt_name);
 242                 sid_to_fstring(cli->response->data.domain_info.sid,
 243                                &domain->sid);
 244                 cli->response->data.domain_info.native_mode =
 245                         domain->native_mode;
 246                 cli->response->data.domain_info.active_directory =
 247                         domain->active_directory;
 248                 cli->response->data.domain_info.primary =
 249                         domain->primary;
 250                 request_ok(cli);
 251                 return;
 252         }
 253
 254         state = talloc_zero(cli->mem_ctx, struct domain_info_state);
 255         if (state == NULL) {
 256                 DEBUG(0, ("talloc failed\n"));
 257                 request_error(cli);
 258                 return;
 259         }
 260
 261         state->cli = cli;
 262         state->domain = domain;
 263         state->ping_request.cmd = WINBINDD_PING;
 264
 265         /*
 266          * Send a ping down. This implicitly initializes the domain.
 267          */
 268
 269         req = wb_domain_request_send(state, winbind_event_context(),
 270                                      domain, &state->ping_request);
 271         if (req == NULL) {
 272                 DEBUG(3, ("wb_domain_request_send failed\n"));
 273                 request_error(cli);
 274                 return;
 275         }
 276         tevent_req_set_callback(req, domain_info_done, state);
 277 }
 278
 279 static void domain_info_done(struct tevent_req *req)
 280 {
 281         struct domain_info_state *state = tevent_req_callback_data(
 282                 req, struct domain_info_state);
 283         struct winbindd_response *response;
 284         int ret, err;
 285
 286         ret = wb_domain_request_recv(req, req, &response, &err);
 287         TALLOC_FREE(req);
 288         if (ret == -1) {
 289                 DEBUG(10, ("wb_domain_request failed: %s\n", strerror(errno)));
 290                 request_error(state->cli);
 291                 return;
 292         }
 293         if (!state->domain->initialized) {
 294                 DEBUG(5, ("wb_domain_request did not initialize domain %s\n",
 295                           state->domain->name));
 296                 request_error(state->cli);
 297                 return;
 298         }
 299
 300         fstrcpy(state->cli->response->data.domain_info.name,
 301                 state->domain->name);
 302         fstrcpy(state->cli->response->data.domain_info.alt_name,
 303                 state->domain->alt_name);
 304         sid_to_fstring(state->cli->response->data.domain_info.sid,
 305                        &state->domain->sid);
 306
 307         state->cli->response->data.domain_info.native_mode =
 308                 state->domain->native_mode;
 309         state->cli->response->data.domain_info.active_directory =
 310                 state->domain->active_directory;
 311         state->cli->response->data.domain_info.primary =
 312                 state->domain->primary;
 313
 314         request_ok(state->cli);
 315 }
 316
 317 void winbindd_dc_info(struct winbindd_cli_state *cli)
 318 {
 319         struct winbindd_domain *domain;
 320         char *dc_name, *dc_ip;
 321
 322         cli->request->domain_name[sizeof(cli->request->domain_name)-1] = '\0';
 323
 324         DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)cli->pid,
 325                   cli->request->domain_name));
 326
 327         if (cli->request->domain_name[0] != '\0') {
 328                 domain = find_domain_from_name_noinit(
 329                         cli->request->domain_name);
 330                 DEBUG(10, ("Could not find domain %s\n",
 331                            cli->request->domain_name));
 332                 if (domain == NULL) {
 333                         request_error(cli);
 334                         return;
 335                 }
 336         } else {
 337                 domain = find_our_domain();
 338         }
 339
 340         if (!fetch_current_dc_from_gencache(
 341                     talloc_tos(), domain->name, &dc_name, &dc_ip)) {
 342                 DEBUG(10, ("fetch_current_dc_from_gencache(%s) failed\n",
 343                            domain->name));
 344                 request_error(cli);
 345                 return;
 346         }
 347
 348         cli->response->data.num_entries = 1;
 349         cli->response->extra_data.data = talloc_asprintf(
 350                 cli->mem_ctx, "%s\n%s\n", dc_name, dc_ip);
 351
 352         TALLOC_FREE(dc_name);
 353         TALLOC_FREE(dc_ip);
 354
 355         if (cli->response->extra_data.data == NULL) {
 356                 request_error(cli);
 357                 return;
 358         }
 359
 360         /* must add one to length to copy the 0 for string termination */
 361         cli->response->length +=
 362                 strlen((char *)cli->response->extra_data.data) + 1;
 363
 364         request_ok(cli);
 365 }
 366
 367 /* List various tidbits of information */
 368
 369 void winbindd_info(struct winbindd_cli_state *state)
 370 {
 371
 372         DEBUG(3, ("[%5lu]: request misc info\n", (unsigned long)state->pid));
 373
 374         state->response->data.info.winbind_separator = *lp_winbind_separator();
 375         fstrcpy(state->response->data.info.samba_version, samba_version_string());
 376         request_ok(state);
 377 }
 378
 379 /* Tell the client the current interface version */
 380
 381 void winbindd_interface_version(struct winbindd_cli_state *state)
 382 {
 383         DEBUG(3, ("[%5lu]: request interface version\n",
 384                   (unsigned long)state->pid));
 385
 386         state->response->data.interface_version = WINBIND_INTERFACE_VERSION;
 387         request_ok(state);
 388 }
 389
 390 /* What domain are we a member of? */
 391
 392 void winbindd_domain_name(struct winbindd_cli_state *state)
 393 {
 394         DEBUG(3, ("[%5lu]: request domain name\n", (unsigned long)state->pid));
 395
 396         fstrcpy(state->response->data.domain_name, lp_workgroup());
 397         request_ok(state);
 398 }
 399
 400 /* What's my name again? */
 401
 402 void winbindd_netbios_name(struct winbindd_cli_state *state)
 403 {
 404         DEBUG(3, ("[%5lu]: request netbios name\n",
 405                   (unsigned long)state->pid));
 406
 407         fstrcpy(state->response->data.netbios_name, global_myname());
 408         request_ok(state);
 409 }
 410
 411 /* Where can I find the privileged pipe? */
 412
 413 void winbindd_priv_pipe_dir(struct winbindd_cli_state *state)
 414 {
 415         char *priv_dir;
 416         DEBUG(3, ("[%5lu]: request location of privileged pipe\n",
 417                   (unsigned long)state->pid));
 418
 419         priv_dir = get_winbind_priv_pipe_dir();
 420         state->response->extra_data.data = talloc_move(state->mem_ctx,
 421                                                       &priv_dir);
 422
 423         /* must add one to length to copy the 0 for string termination */
 424         state->response->length +=
 425                 strlen((char *)state->response->extra_data.data) + 1;
 426
 427         request_ok(state);
 428 }
 429