2 Unix SMB/CIFS implementation.
6 Copyright (C) Tim Potter 2000
7 Copyright (C) Andrew Tridgell 2000
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Library General Public
11 License as published by the Free Software Foundation; either
12 version 2 of the License, or (at your option) any later version.
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Library General Public License for more details.
19 You should have received a copy of the GNU Library General Public
20 License along with this library; if not, write to the
21 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
22 Boston, MA 02111-1307, USA.
26 #include "nsswitch/nss.h"
29 #define DBGC_CLASS DBGC_WINBIND
31 extern DOM_SID global_sid_NULL; /* NULL sid */
33 NSS_STATUS winbindd_request(int req_type,
34 struct winbindd_request *request,
35 struct winbindd_response *response);
37 /* Call winbindd to convert a name to a sid */
39 BOOL winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
40 enum SID_NAME_USE *name_type)
42 struct winbindd_request request;
43 struct winbindd_response response;
46 if (!sid || !name_type)
49 /* Send off request */
52 ZERO_STRUCT(response);
54 fstrcpy(request.data.name.dom_name, dom_name);
55 fstrcpy(request.data.name.name, name);
57 if ((result = winbindd_request(WINBINDD_LOOKUPNAME, &request,
58 &response)) == NSS_STATUS_SUCCESS) {
59 string_to_sid(sid, response.data.sid.sid);
60 *name_type = (enum SID_NAME_USE)response.data.sid.type;
63 return result == NSS_STATUS_SUCCESS;
66 /* Call winbindd to convert sid to name */
68 BOOL winbind_lookup_sid(const DOM_SID *sid,
69 fstring dom_name, fstring name,
70 enum SID_NAME_USE *name_type)
72 struct winbindd_request request;
73 struct winbindd_response response;
77 /* Initialise request */
80 ZERO_STRUCT(response);
82 sid_to_string(sid_str, sid);
83 fstrcpy(request.data.sid, sid_str);
87 result = winbindd_request(WINBINDD_LOOKUPSID, &request, &response);
91 if (result == NSS_STATUS_SUCCESS) {
92 fstrcpy(dom_name, response.data.name.dom_name);
93 fstrcpy(name, response.data.name.name);
94 *name_type = (enum SID_NAME_USE)response.data.name.type;
96 DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
97 sid_str, dom_name, name));
100 return (result == NSS_STATUS_SUCCESS);
103 /* Call winbindd to convert SID to uid */
105 BOOL winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid)
107 struct winbindd_request request;
108 struct winbindd_response response;
115 /* Initialise request */
117 ZERO_STRUCT(request);
118 ZERO_STRUCT(response);
120 sid_to_string(sid_str, sid);
121 fstrcpy(request.data.sid, sid_str);
125 result = winbindd_request(WINBINDD_SID_TO_UID, &request, &response);
127 /* Copy out result */
129 if (result == NSS_STATUS_SUCCESS) {
130 *puid = response.data.uid;
133 return (result == NSS_STATUS_SUCCESS);
136 /* Call winbindd to convert uid to sid */
138 BOOL winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
140 struct winbindd_request request;
141 struct winbindd_response response;
147 /* Initialise request */
149 ZERO_STRUCT(request);
150 ZERO_STRUCT(response);
152 request.data.uid = uid;
156 result = winbindd_request(WINBINDD_UID_TO_SID, &request, &response);
158 /* Copy out result */
160 if (result == NSS_STATUS_SUCCESS) {
161 string_to_sid(sid, response.data.sid.sid);
163 sid_copy(sid, &global_sid_NULL);
166 return (result == NSS_STATUS_SUCCESS);
169 /* Call winbindd to convert SID to gid */
171 BOOL winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid)
173 struct winbindd_request request;
174 struct winbindd_response response;
181 /* Initialise request */
183 ZERO_STRUCT(request);
184 ZERO_STRUCT(response);
186 sid_to_string(sid_str, sid);
187 fstrcpy(request.data.sid, sid_str);
191 result = winbindd_request(WINBINDD_SID_TO_GID, &request, &response);
193 /* Copy out result */
195 if (result == NSS_STATUS_SUCCESS) {
196 *pgid = response.data.gid;
199 return (result == NSS_STATUS_SUCCESS);
202 /* Call winbindd to convert gid to sid */
204 BOOL winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
206 struct winbindd_request request;
207 struct winbindd_response response;
213 /* Initialise request */
215 ZERO_STRUCT(request);
216 ZERO_STRUCT(response);
218 request.data.gid = gid;
222 result = winbindd_request(WINBINDD_GID_TO_SID, &request, &response);
224 /* Copy out result */
226 if (result == NSS_STATUS_SUCCESS) {
227 string_to_sid(sid, response.data.sid.sid);
229 sid_copy(sid, &global_sid_NULL);
232 return (result == NSS_STATUS_SUCCESS);
235 /* Fetch the list of groups a user is a member of from winbindd. This is
236 used by winbind_getgroups. */
238 static int wb_getgroups(const char *user, gid_t **groups)
240 struct winbindd_request request;
241 struct winbindd_response response;
246 fstrcpy(request.data.username, user);
248 ZERO_STRUCT(response);
250 result = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
252 if (result == NSS_STATUS_SUCCESS) {
254 /* Return group list. Don't forget to free the group list
257 *groups = (gid_t *)response.extra_data;
258 return response.data.num_entries;
264 /* Return a list of groups the user is a member of. This function is
265 useful for large systems where inverting the group database would be too
266 time consuming. If size is zero, list is not modified and the total
267 number of groups for the user is returned. */
269 int winbind_getgroups(const char *user, int size, gid_t *list)
271 gid_t *groups = NULL;
275 * Don't do the lookup if the name has no separator _and_ we are not in
276 * 'winbind use default domain' mode.
279 if (!(strchr(user, *lp_winbind_separator()) || lp_winbind_use_default_domain()))
282 /* Fetch list of groups */
284 result = wb_getgroups(user, &groups);
291 errno = EINVAL; /* This is what getgroups() does */
295 /* Copy list of groups across */
297 for (i = 0; i < result; i++) {