Winbind client API
Copyright (C) Gerald (Jerry) Carter 2007
- Copyright (C) Kai Blin 2009
-
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
#include "replace.h"
#include "libwbclient.h"
+#include "../winbind_client.h"
+#include "lib/util/smb_strtox.h"
-struct wbc_sid_to_uid_state {
- struct winbindd_request req;
- uid_t uid;
-};
-
-static void wbcSidToUid_done(struct tevent_req *subreq);
-
-/**
- * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed
- *
- * @param mem_ctx talloc context to allocate the request from
- * @param ev tevent context to use for async operation
- * @param wb_ctx winbind context to use
- * @param *sid pointer to the domain SID to be resolved
- *
- * @return tevent_req on success, NULL on error
- */
-
-struct tevent_req *wbcSidToUid_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct wb_context *wb_ctx,
- const struct wbcDomainSid *sid)
+/* Convert a Windows SID to a Unix uid, allocating an uid if needed */
+_PUBLIC_
+wbcErr wbcCtxSidToUid(struct wbcContext *ctx, const struct wbcDomainSid *sid,
+ uid_t *puid)
{
- struct tevent_req *req, *subreq;
- struct wbc_sid_to_uid_state *state;
- char *sid_string;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- req = tevent_req_create(mem_ctx, &state, struct wbc_sid_to_uid_state);
- if (req == NULL) {
- return NULL;
- }
-
- ZERO_STRUCT(state->req);
-
- state->req.cmd = WINBINDD_SID_TO_UID;
- wbc_status = wbcSidToString(sid, &sid_string);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- return tevent_req_post(req, ev);
- }
- strncpy(state->req.data.sid, sid_string, sizeof(state->req.data.sid)-1);
- wbcFreeMemory(sid_string);
+ struct wbcUnixId xid;
+ wbcErr wbc_status;
- subreq = wb_trans_send(state, ev, wb_ctx, false, &state->req);
- if (tevent_req_nomem(subreq, req)) {
- return tevent_req_post(req, ev);
+ if (!sid || !puid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
}
- tevent_req_set_callback(subreq, wbcSidToUid_done, req);
- return req;
-}
-
-static void wbcSidToUid_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(
- subreq, struct tevent_req);
- struct wbc_sid_to_uid_state *state = tevent_req_data(
- req, struct wbc_sid_to_uid_state);
- struct winbindd_response *resp;
- wbcErr wbc_status;
-
- wbc_status = wb_trans_recv(subreq, state, &resp);
- TALLOC_FREE(subreq);
+ wbc_status = wbcCtxSidsToUnixIds(ctx, sid, 1, &xid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
- tevent_req_error(req, wbc_status);
- return;
+ goto done;
}
- state->uid = resp->data.uid;
- TALLOC_FREE(resp);
-
- tevent_req_done(req);
-}
-
-/**
- * @brief Receive a Unix uid mapped to a Windows SID
- *
- * @param req tevent_req containing the request
- * @param *puid pointer to hold the resolved uid_t value
- *
- * @return #wbcErr
- */
-
-wbcErr wbcSidToUid_recv(struct tevent_req *req, uid_t *puid)
-{
- struct wbc_sid_to_uid_state *state = tevent_req_data(
- req, struct wbc_sid_to_uid_state);
- wbcErr wbc_status;
- if (tevent_req_is_wbcerr(req, &wbc_status)) {
- tevent_req_received(req);
- return wbc_status;
+ if ((xid.type == WBC_ID_TYPE_UID) || (xid.type == WBC_ID_TYPE_BOTH)) {
+ *puid = xid.id.uid;
+ wbc_status = WBC_ERR_SUCCESS;
+ } else {
+ wbc_status = WBC_ERR_DOMAIN_NOT_FOUND;
}
- *puid = state->uid;
-
- tevent_req_received(req);
- return WBC_ERR_SUCCESS;
+ done:
+ return wbc_status;
}
-/* Convert a Windows SID to a Unix uid, allocating an uid if needed */
+_PUBLIC_
wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid)
{
- struct winbindd_request request;
- struct winbindd_response response;
- char *sid_string = NULL;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- if (!sid || !puid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
- wbcFreeMemory(sid_string);
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_SID_TO_UID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *puid = response.data.uid;
-
- wbc_status = WBC_ERR_SUCCESS;
-
- done:
- return wbc_status;
+ return wbcCtxSidToUid(NULL, sid, puid);
}
/* Convert a Windows SID to a Unix uid if there already is a mapping */
+_PUBLIC_
wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid,
uid_t *puid)
{
return WBC_ERR_NOT_IMPLEMENTED;
}
-struct wbc_uid_to_sid_state {
- struct winbindd_request req;
- struct wbcDomainSid *sid;
-};
-
-static void wbcUidToSid_done(struct tevent_req *subreq);
-
-/**
- * @brief Request a Windows SID for an Unix uid, allocating an SID if needed
- *
- * @param mem_ctx talloc context to allocate the request from
- * @param ev tevent context to use for async operation
- * @param wb_ctx winbind context to use
- * @param uid uid to be resolved to a SID
- *
- * @return tevent_req on success, NULL on error
- */
-
-struct tevent_req *wbcUidToSid_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct wb_context *wb_ctx,
- uid_t uid)
-{
- struct tevent_req *req, *subreq;
- struct wbc_uid_to_sid_state *state;
-
- req = tevent_req_create(mem_ctx, &state, struct wbc_uid_to_sid_state);
- if (req == NULL) {
- return NULL;
- }
-
- ZERO_STRUCT(state->req);
-
- state->req.cmd = WINBINDD_UID_TO_SID;
- state->req.data.uid = uid;
-
- subreq = wb_trans_send(state, ev, wb_ctx, false, &state->req);
- if (tevent_req_nomem(subreq, req)) {
- return tevent_req_post(req, ev);
- }
-
- tevent_req_set_callback(subreq, wbcUidToSid_done, req);
- return req;
-}
-
-static void wbcUidToSid_done(struct tevent_req *subreq)
+/* Convert a Unix uid to a Windows SID, allocating a SID if needed */
+_PUBLIC_
+wbcErr wbcCtxUidToSid(struct wbcContext *ctx, uid_t uid,
+ struct wbcDomainSid *psid)
{
- struct tevent_req *req = tevent_req_callback_data(
- subreq, struct tevent_req);
- struct wbc_uid_to_sid_state *state = tevent_req_data(
- req, struct wbc_uid_to_sid_state);
- struct winbindd_response *resp;
+ struct wbcUnixId xid;
+ struct wbcDomainSid sid;
+ struct wbcDomainSid null_sid = { 0 };
wbcErr wbc_status;
- wbc_status = wb_trans_recv(subreq, state, &resp);
- TALLOC_FREE(subreq);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- tevent_req_error(req, wbc_status);
- return;
- }
-
- state->sid = talloc(state, struct wbcDomainSid);
- if (state->sid == NULL) {
- TALLOC_FREE(resp);
- tevent_req_error(req, WBC_ERR_NO_MEMORY);
- return;
+ if (!psid) {
+ wbc_status = WBC_ERR_INVALID_PARAM;
+ BAIL_ON_WBC_ERROR(wbc_status);
}
- wbc_status = wbcStringToSid(resp->data.sid.sid, state->sid);
- TALLOC_FREE(resp);
+ xid = (struct wbcUnixId) { .type = WBC_ID_TYPE_UID, .id.uid = uid };
+ wbc_status = wbcCtxUnixIdsToSids(ctx, &xid, 1, &sid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
- tevent_req_error(req, wbc_status);
- return;
- }
-
- tevent_req_done(req);
-}
-
-/**
- * @brief Receive a Unix uid mapped to a Windows SID
- *
- * @param req tevent_req containing the request
- * @param *psid pointer to hold the resolved SID
- *
- * @return #wbcErr
- */
-
-wbcErr wbcUidToSid_recv(struct tevent_req *req, struct wbcDomainSid *psid)
-{
- struct wbc_uid_to_sid_state *state = tevent_req_data(
- req, struct wbc_uid_to_sid_state);
- wbcErr wbc_status;
-
- if (psid == NULL) {
- tevent_req_received(req);
- return WBC_ERR_INVALID_PARAM;
+ goto done;
}
- if (tevent_req_is_wbcerr(req, &wbc_status)) {
- tevent_req_received(req);
- return wbc_status;
+ if (memcmp(&sid, &null_sid, sizeof(sid)) != 0) {
+ *psid = sid;
+ } else {
+ wbc_status = WBC_ERR_DOMAIN_NOT_FOUND;
}
- memcpy(psid, state->sid, sizeof(struct wbcDomainSid));
-
- tevent_req_received(req);
- return WBC_ERR_SUCCESS;
+done:
+ return wbc_status;
}
-/* Convert a Unix uid to a Windows SID, allocating a SID if needed */
+_PUBLIC_
wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid)
{
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- struct winbindd_request request;
- struct winbindd_response response;
-
- if (!sid) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = uid;
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_UID_TO_SID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- wbc_status = wbcStringToSid(response.data.sid.sid, sid);
- BAIL_ON_WBC_ERROR(wbc_status);
-
-done:
- return wbc_status;
+ return wbcCtxUidToSid(NULL, uid, sid);
}
/* Convert a Unix uid to a Windows SID if there already is a mapping */
+_PUBLIC_
wbcErr wbcQueryUidToSid(uid_t uid,
struct wbcDomainSid *sid)
{
*
**/
-wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid)
+_PUBLIC_
+wbcErr wbcCtxSidToGid(struct wbcContext *ctx, const struct wbcDomainSid *sid,
+ gid_t *pgid)
{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
+ struct wbcUnixId xid;
+ wbcErr wbc_status;
if (!sid || !pgid) {
wbc_status = WBC_ERR_INVALID_PARAM;
BAIL_ON_WBC_ERROR(wbc_status);
}
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- strncpy(request.data.sid, sid_string, sizeof(request.data.sid)-1);
- wbcFreeMemory(sid_string);
-
- /* Make request */
-
- wbc_status = wbcRequestResponse(WINBINDD_SID_TO_GID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- *pgid = response.data.gid;
+ wbc_status = wbcCtxSidsToUnixIds(ctx, sid, 1, &xid);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ goto done;
+ }
- wbc_status = WBC_ERR_SUCCESS;
+ if ((xid.type == WBC_ID_TYPE_GID) || (xid.type == WBC_ID_TYPE_BOTH)) {
+ *pgid = xid.id.gid;
+ wbc_status = WBC_ERR_SUCCESS;
+ } else {
+ wbc_status = WBC_ERR_DOMAIN_NOT_FOUND;
+ }
done:
return wbc_status;
}
+_PUBLIC_
+wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid)
+{
+ return wbcCtxSidToGid(NULL, sid, pgid);
+}
+
/* Convert a Windows SID to a Unix gid if there already is a mapping */
+_PUBLIC_
wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid,
gid_t *pgid)
{
return WBC_ERR_NOT_IMPLEMENTED;
}
+
/* Convert a Unix gid to a Windows SID, allocating a SID if needed */
-wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid)
+_PUBLIC_
+wbcErr wbcCtxGidToSid(struct wbcContext *ctx, gid_t gid,
+ struct wbcDomainSid *psid)
{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+ struct wbcUnixId xid;
+ struct wbcDomainSid sid;
+ struct wbcDomainSid null_sid = { 0 };
+ wbcErr wbc_status;
- if (!sid) {
+ if (!psid) {
wbc_status = WBC_ERR_INVALID_PARAM;
BAIL_ON_WBC_ERROR(wbc_status);
}
- /* Initialize request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.gid = gid;
-
- /* Make request */
+ xid = (struct wbcUnixId) { .type = WBC_ID_TYPE_GID, .id.gid = gid };
- wbc_status = wbcRequestResponse(WINBINDD_GID_TO_SID,
- &request,
- &response);
- BAIL_ON_WBC_ERROR(wbc_status);
+ wbc_status = wbcCtxUnixIdsToSids(ctx, &xid, 1, &sid);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ goto done;
+ }
- wbc_status = wbcStringToSid(response.data.sid.sid, sid);
- BAIL_ON_WBC_ERROR(wbc_status);
+ if (memcmp(&sid, &null_sid, sizeof(sid)) != 0) {
+ *psid = sid;
+ } else {
+ wbc_status = WBC_ERR_DOMAIN_NOT_FOUND;
+ }
done:
return wbc_status;
}
+_PUBLIC_
+wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid)
+{
+ return wbcCtxGidToSid(NULL, gid, sid);
+}
+
/* Convert a Unix gid to a Windows SID if there already is a mapping */
+_PUBLIC_
wbcErr wbcQueryGidToSid(gid_t gid,
struct wbcDomainSid *sid)
{
}
/* Obtain a new uid from Winbind */
-wbcErr wbcAllocateUid(uid_t *puid)
+_PUBLIC_
+wbcErr wbcCtxAllocateUid(struct wbcContext *ctx, uid_t *puid)
{
struct winbindd_request request;
struct winbindd_response response;
/* Make request */
- wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_UID,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(ctx, WINBINDD_ALLOCATE_UID,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
/* Copy out result */
return wbc_status;
}
+_PUBLIC_
+wbcErr wbcAllocateUid(uid_t *puid)
+{
+ return wbcCtxAllocateUid(NULL, puid);
+}
+
/* Obtain a new gid from Winbind */
-wbcErr wbcAllocateGid(gid_t *pgid)
+_PUBLIC_
+wbcErr wbcCtxAllocateGid(struct wbcContext *ctx, gid_t *pgid)
{
struct winbindd_request request;
struct winbindd_response response;
/* Make request */
- wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_GID,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(ctx, WINBINDD_ALLOCATE_GID,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
/* Copy out result */
return wbc_status;
}
+_PUBLIC_
+wbcErr wbcAllocateGid(gid_t *pgid)
+{
+ return wbcCtxAllocateGid(NULL, pgid);
+}
+
/* we can't include smb.h here... */
#define _ID_TYPE_UID 1
#define _ID_TYPE_GID 2
-/* Set an user id mapping */
+/* Set an user id mapping - not implemented any more */
+_PUBLIC_
wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid)
{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
-
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
+ return WBC_ERR_NOT_IMPLEMENTED;
+}
- request.data.dual_idmapset.id = uid;
- request.data.dual_idmapset.type = _ID_TYPE_UID;
+/* Set a group id mapping - not implemented any more */
+_PUBLIC_
+wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid)
+{
+ return WBC_ERR_NOT_IMPLEMENTED;
+}
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
+/* Remove a user id mapping - not implemented any more */
+_PUBLIC_
+wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid)
+{
+ return WBC_ERR_NOT_IMPLEMENTED;
+}
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
+/* Remove a group id mapping - not implemented any more */
+_PUBLIC_
+wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid)
+{
+ return WBC_ERR_NOT_IMPLEMENTED;
+}
- wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
+/* Set the highwater mark for allocated uids - not implemented any more */
+_PUBLIC_
+wbcErr wbcSetUidHwm(uid_t uid_hwm)
+{
+ return WBC_ERR_NOT_IMPLEMENTED;
+}
- done:
- return wbc_status;
+/* Set the highwater mark for allocated gids - not implemented any more */
+_PUBLIC_
+wbcErr wbcSetGidHwm(gid_t gid_hwm)
+{
+ return WBC_ERR_NOT_IMPLEMENTED;
}
-/* Set a group id mapping */
-wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid)
+/* Convert a list of SIDs */
+_PUBLIC_
+wbcErr wbcCtxSidsToUnixIds(struct wbcContext *ctx,
+ const struct wbcDomainSid *sids,
+ uint32_t num_sids, struct wbcUnixId *ids)
{
struct winbindd_request request;
struct winbindd_response response;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
+ int buflen, extra_len;
+ uint32_t i;
+ char *sidlist, *p, *extra_data;
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
- }
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
+ buflen = num_sids * (WBC_SID_STRING_BUFLEN + 1) + 1;
- request.data.dual_idmapset.id = gid;
- request.data.dual_idmapset.type = _ID_TYPE_GID;
-
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
+ sidlist = (char *)malloc(buflen);
+ if (sidlist == NULL) {
+ return WBC_ERR_NO_MEMORY;
+ }
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
+ p = sidlist;
- wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
+ for (i=0; i<num_sids; i++) {
+ int remaining;
+ int len;
- done:
- return wbc_status;
-}
+ remaining = buflen - (p - sidlist);
-/* Remove a user id mapping */
-wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
+ len = wbcSidToStringBuf(&sids[i], p, remaining);
+ if (len > remaining) {
+ free(sidlist);
+ return WBC_ERR_UNKNOWN_FAILURE;
+ }
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
+ p += len;
+ *p++ = '\n';
}
-
- /* Initialise request */
+ *p++ = '\0';
ZERO_STRUCT(request);
ZERO_STRUCT(response);
- /* Make request */
+ request.extra_data.data = sidlist;
+ request.extra_len = p - sidlist;
- request.data.dual_idmapset.id = uid;
- request.data.dual_idmapset.type = _ID_TYPE_UID;
+ wbc_status = wbcRequestResponse(ctx, WINBINDD_SIDS_TO_XIDS,
+ &request, &response);
+ free(sidlist);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ return wbc_status;
+ }
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
+ extra_len = response.length - sizeof(struct winbindd_response);
+ extra_data = (char *)response.extra_data.data;
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
+ if ((extra_len <= 0) || (extra_data[extra_len-1] != '\0')) {
+ goto wbc_err_invalid;
+ }
- wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
+ p = extra_data;
+
+ for (i=0; i<num_sids; i++) {
+ struct wbcUnixId *id = &ids[i];
+ char *q;
+ int error = 0;
+
+ switch (p[0]) {
+ case 'U':
+ id->type = WBC_ID_TYPE_UID;
+ id->id.uid = smb_strtoul(p+1,
+ &q,
+ 10,
+ &error,
+ SMB_STR_STANDARD);
+ break;
+ case 'G':
+ id->type = WBC_ID_TYPE_GID;
+ id->id.gid = smb_strtoul(p+1,
+ &q,
+ 10,
+ &error,
+ SMB_STR_STANDARD);
+ break;
+ case 'B':
+ id->type = WBC_ID_TYPE_BOTH;
+ id->id.uid = smb_strtoul(p+1,
+ &q,
+ 10,
+ &error,
+ SMB_STR_STANDARD);
+ break;
+ default:
+ id->type = WBC_ID_TYPE_NOT_SPECIFIED;
+ q = strchr(p, '\n');
+ break;
+ };
+ if (q == NULL || q[0] != '\n' || error != 0) {
+ goto wbc_err_invalid;
+ }
+ p = q+1;
+ }
+ wbc_status = WBC_ERR_SUCCESS;
+ goto done;
- done:
+wbc_err_invalid:
+ wbc_status = WBC_ERR_INVALID_RESPONSE;
+done:
+ winbindd_free_response(&response);
return wbc_status;
}
-/* Remove a group id mapping */
-wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid)
+_PUBLIC_
+wbcErr wbcSidsToUnixIds(const struct wbcDomainSid *sids, uint32_t num_sids,
+ struct wbcUnixId *ids)
+{
+ return wbcCtxSidsToUnixIds(NULL, sids, num_sids, ids);
+}
+
+_PUBLIC_
+wbcErr wbcCtxUnixIdsToSids(struct wbcContext *ctx,
+ const struct wbcUnixId *ids, uint32_t num_ids,
+ struct wbcDomainSid *sids)
{
struct winbindd_request request;
struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- char *sid_string = NULL;
-
- if (!sid) {
- return WBC_ERR_INVALID_PARAM;
+ wbcErr wbc_status;
+ char *buf;
+ char *s;
+ const size_t sidlen = (1 /* U/G */ + 10 /* 2^32 */ + 1 /* \n */);
+ size_t ofs, buflen;
+ uint32_t i;
+
+ if (num_ids > SIZE_MAX / sidlen) {
+ return WBC_ERR_NO_MEMORY; /* overflow */
}
+ buflen = num_ids * sidlen;
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
+ buflen += 1; /* trailing \0 */
+ if (buflen < 1) {
+ return WBC_ERR_NO_MEMORY; /* overflow */
+ }
- request.data.dual_idmapset.id = gid;
- request.data.dual_idmapset.type = _ID_TYPE_GID;
+ buf = malloc(buflen);
+ if (buf == NULL) {
+ return WBC_ERR_NO_MEMORY;
+ }
- wbc_status = wbcSidToString(sid, &sid_string);
- BAIL_ON_WBC_ERROR(wbc_status);
+ ofs = 0;
+
+ for (i=0; i<num_ids; i++) {
+ const struct wbcUnixId *id = &ids[i];
+ int len;
+
+ switch (id->type) {
+ case WBC_ID_TYPE_UID:
+ len = snprintf(buf+ofs, buflen-ofs, "U%"PRIu32"\n",
+ (uint32_t)id->id.uid);
+ break;
+ case WBC_ID_TYPE_GID:
+ len = snprintf(buf+ofs, buflen-ofs, "G%"PRIu32"\n",
+ (uint32_t)id->id.gid);
+ break;
+ default:
+ free(buf);
+ return WBC_ERR_INVALID_PARAM;
+ }
+
+ if (len + ofs >= buflen) { /* >= for the terminating '\0' */
+ free(buf);
+ return WBC_ERR_UNKNOWN_FAILURE;
+ }
+ ofs += len;
+ }
- strncpy(request.data.dual_idmapset.sid, sid_string,
- sizeof(request.data.dual_idmapset.sid)-1);
- wbcFreeMemory(sid_string);
+ request = (struct winbindd_request) {
+ .extra_data.data = buf, .extra_len = ofs+1
+ };
+ response = (struct winbindd_response) {0};
- wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
+ wbc_status = wbcRequestResponse(ctx, WINBINDD_XIDS_TO_SIDS,
&request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
-}
-
-/* Set the highwater mark for allocated uids. */
-wbcErr wbcSetUidHwm(uid_t uid_hwm)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
+ free(buf);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ return wbc_status;
+ }
- /* Make request */
+ s = response.extra_data.data;
+ for (i=0; i<num_ids; i++) {
+ char *n = strchr(s, '\n');
- request.data.dual_idmapset.id = uid_hwm;
- request.data.dual_idmapset.type = _ID_TYPE_UID;
+ if (n == NULL) {
+ goto fail;
+ }
+ *n = '\0';
- wbc_status = wbcRequestResponse(WINBINDD_SET_HWM,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
+ wbc_status = wbcStringToSid(s, &sids[i]);
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ sids[i] = (struct wbcDomainSid) {0};
+ }
+ s = n+1;
+ }
- done:
+ wbc_status = WBC_ERR_SUCCESS;
+fail:
+ winbindd_free_response(&response);
return wbc_status;
}
-/* Set the highwater mark for allocated gids. */
-wbcErr wbcSetGidHwm(gid_t gid_hwm)
+_PUBLIC_
+wbcErr wbcUnixIdsToSids(const struct wbcUnixId *ids, uint32_t num_ids,
+ struct wbcDomainSid *sids)
{
- struct winbindd_request request;
- struct winbindd_response response;
- wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
-
- /* Initialise request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- /* Make request */
-
- request.data.dual_idmapset.id = gid_hwm;
- request.data.dual_idmapset.type = _ID_TYPE_GID;
-
- wbc_status = wbcRequestResponse(WINBINDD_SET_HWM,
- &request, &response);
- BAIL_ON_WBC_ERROR(wbc_status);
-
- done:
- return wbc_status;
+ return wbcCtxUnixIdsToSids(NULL, ids, num_ids, sids);
}
git.samba.org / samba.git / blobdiff