s3-id_cache: Use better names for id cache management ops
[idra/samba.git] / source3 / smbd / msg_idmap.c
1 /*
2  * Samba Unix/Linux SMB client library
3  *
4  * Copyright (C) Gregor Beck 2011
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
18  */
19
20 #include "includes.h"
21 #include "smbd/globals.h"
22 #include "smbd/smbd.h"
23 #include "../libcli/security/dom_sid.h"
24 #include "idmap_cache.h"
25 #include "passdb/lookup_sid.h"
26 #include "auth.h"
27 #include "messages.h"
28 #include "lib/id_cache.h"
29
30 static bool uid_in_use(const struct user_struct* user, uid_t uid)
31 {
32         while (user) {
33                 if (user->session_info && (user->session_info->unix_token->uid == uid)) {
34                         return true;
35                 }
36                 user = user->next;
37         }
38         return false;
39 }
40
41 static bool gid_in_use(const struct user_struct* user, gid_t gid)
42 {
43         while (user) {
44                 if (user->session_info != NULL) {
45                         int i;
46                         struct security_unix_token *utok = user->session_info->unix_token;
47                         if (utok->gid == gid) {
48                                 return true;
49                         }
50                         for(i=0; i<utok->ngroups; i++) {
51                                 if (utok->groups[i] == gid) {
52                                         return true;
53                                 }
54                         }
55                 }
56                 user = user->next;
57         }
58         return false;
59 }
60
61 static bool sid_in_use(const struct user_struct* user, const struct dom_sid* psid)
62 {
63         uid_t uid;
64         gid_t gid;
65         if (sid_to_gid(psid, &gid)) {
66                 return gid_in_use(user, gid);
67         } else if (sid_to_uid(psid, &uid)) {
68                 return uid_in_use(user, uid);
69         }
70         return false;
71 }
72
73 static bool id_in_use(const struct user_struct* user,
74                       const struct id_cache_ref* id)
75 {
76         switch(id->type) {
77         case UID:
78                 return uid_in_use(user, id->id.uid);
79         case GID:
80                 return gid_in_use(user, id->id.gid);
81         case SID:
82                 return sid_in_use(user, &id->id.sid);
83         default:
84                 break;
85         }
86         return false;
87 }
88
89 static void id_cache_kill(struct messaging_context *msg_ctx,
90                                  void *private_data,
91                                  uint32_t msg_type,
92                                  struct server_id server_id,
93                                  DATA_BLOB* data)
94 {
95         const char *msg = (data && data->data) ? (const char *)data->data : "<NULL>";
96         struct user_struct *validated_users = smbd_server_conn->smb1.sessions.validated_users;
97         struct id_cache_ref id;
98
99         if (!id_cache_ref_parse(msg, &id)) {
100                 DEBUG(0, ("Invalid ?ID: %s\n", msg));
101                 return;
102         }
103
104         if (id_in_use(validated_users, &id)) {
105                 exit_server_cleanly(msg);
106         }
107 }
108
109 void id_cache_register_kill_msg(struct messaging_context *ctx)
110 {
111         messaging_register(ctx, NULL, ID_CACHE_KILL, id_cache_kill);
112 }