2 Unix SMB/CIFS implementation.
6 Copyright (C) Tim Potter 2000
7 Copyright (C) Andrew Tridgell 2000
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Library General Public
11 License as published by the Free Software Foundation; either
12 version 2 of the License, or (at your option) any later version.
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Library General Public License for more details.
19 You should have received a copy of the GNU Library General Public
20 License along with this library; if not, write to the
21 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
22 Boston, MA 02111-1307, USA.
26 #include "nsswitch/nss.h"
28 NSS_STATUS winbindd_request(int req_type,
29 struct winbindd_request *request,
30 struct winbindd_response *response);
32 /* Call winbindd to convert a name to a sid */
34 BOOL winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
35 enum SID_NAME_USE *name_type)
37 struct winbindd_request request;
38 struct winbindd_response response;
41 if (!sid || !name_type)
44 /* Send off request */
47 ZERO_STRUCT(response);
49 fstrcpy(request.data.name.dom_name, dom_name);
50 fstrcpy(request.data.name.name, name);
52 if ((result = winbindd_request(WINBINDD_LOOKUPNAME, &request,
53 &response)) == NSS_STATUS_SUCCESS) {
54 string_to_sid(sid, response.data.sid.sid);
55 *name_type = (enum SID_NAME_USE)response.data.sid.type;
58 return result == NSS_STATUS_SUCCESS;
61 /* Call winbindd to convert sid to name */
63 BOOL winbind_lookup_sid(DOM_SID *sid,
64 fstring dom_name, fstring name,
65 enum SID_NAME_USE *name_type)
67 struct winbindd_request request;
68 struct winbindd_response response;
72 /* Initialise request */
75 ZERO_STRUCT(response);
77 sid_to_string(sid_str, sid);
78 fstrcpy(request.data.sid, sid_str);
82 result = winbindd_request(WINBINDD_LOOKUPSID, &request, &response);
86 if (result == NSS_STATUS_SUCCESS) {
87 fstrcpy(dom_name, response.data.name.dom_name);
88 fstrcpy(name, response.data.name.name);
89 *name_type = (enum SID_NAME_USE)response.data.name.type;
91 DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
92 sid_str, dom_name, name));
95 return (result == NSS_STATUS_SUCCESS);
98 /* Call winbindd to convert SID to uid */
100 BOOL winbind_sid_to_uid(uid_t *puid, DOM_SID *sid)
102 struct winbindd_request request;
103 struct winbindd_response response;
110 /* Initialise request */
112 ZERO_STRUCT(request);
113 ZERO_STRUCT(response);
115 sid_to_string(sid_str, sid);
116 fstrcpy(request.data.sid, sid_str);
120 result = winbindd_request(WINBINDD_SID_TO_UID, &request, &response);
122 /* Copy out result */
124 if (result == NSS_STATUS_SUCCESS) {
125 *puid = response.data.uid;
128 return (result == NSS_STATUS_SUCCESS);
131 /* Call winbindd to convert uid to sid */
133 BOOL winbind_uid_to_sid(DOM_SID *sid, uid_t uid)
135 struct winbindd_request request;
136 struct winbindd_response response;
142 /* Initialise request */
144 ZERO_STRUCT(request);
145 ZERO_STRUCT(response);
147 request.data.uid = uid;
151 result = winbindd_request(WINBINDD_UID_TO_SID, &request, &response);
153 /* Copy out result */
155 if (result == NSS_STATUS_SUCCESS) {
156 string_to_sid(sid, response.data.sid.sid);
158 sid_copy(sid, &global_sid_NULL);
161 return (result == NSS_STATUS_SUCCESS);
164 /* Call winbindd to convert SID to gid */
166 BOOL winbind_sid_to_gid(gid_t *pgid, DOM_SID *sid)
168 struct winbindd_request request;
169 struct winbindd_response response;
176 /* Initialise request */
178 ZERO_STRUCT(request);
179 ZERO_STRUCT(response);
181 sid_to_string(sid_str, sid);
182 fstrcpy(request.data.sid, sid_str);
186 result = winbindd_request(WINBINDD_SID_TO_GID, &request, &response);
188 /* Copy out result */
190 if (result == NSS_STATUS_SUCCESS) {
191 *pgid = response.data.gid;
194 return (result == NSS_STATUS_SUCCESS);
197 /* Call winbindd to convert gid to sid */
199 BOOL winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
201 struct winbindd_request request;
202 struct winbindd_response response;
208 /* Initialise request */
210 ZERO_STRUCT(request);
211 ZERO_STRUCT(response);
213 request.data.gid = gid;
217 result = winbindd_request(WINBINDD_GID_TO_SID, &request, &response);
219 /* Copy out result */
221 if (result == NSS_STATUS_SUCCESS) {
222 string_to_sid(sid, response.data.sid.sid);
224 sid_copy(sid, &global_sid_NULL);
227 return (result == NSS_STATUS_SUCCESS);
230 /* Fetch the list of groups a user is a member of from winbindd. This is
231 used by winbind_getgroups. */
233 static int wb_getgroups(const char *user, gid_t **groups)
235 struct winbindd_request request;
236 struct winbindd_response response;
241 fstrcpy(request.data.username, user);
243 ZERO_STRUCT(response);
245 result = winbindd_request(WINBINDD_GETGROUPS, &request, &response);
247 if (result == NSS_STATUS_SUCCESS) {
249 /* Return group list. Don't forget to free the group list
252 *groups = (gid_t *)response.extra_data;
253 return response.data.num_entries;
259 /* Return a list of groups the user is a member of. This function is
260 useful for large systems where inverting the group database would be too
261 time consuming. If size is zero, list is not modified and the total
262 number of groups for the user is returned. */
264 int winbind_getgroups(const char *user, int size, gid_t *list)
266 gid_t *groups = NULL;
270 * Don't do the lookup if the name has no separator _and_ we are not in
271 * 'winbind use default domain' mode.
274 if (!(strchr(user, *lp_winbind_separator()) || lp_winbind_use_default_domain()))
277 /* Fetch list of groups */
279 result = wb_getgroups(user, &groups);
286 errno = EINVAL; /* This is what getgroups() does */
290 /* Copy list of groups across */
292 for (i = 0; i < result; i++) {