2 Unix SMB/CIFS implementation.
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/ndr_winbind_c.h"
24 struct wb_fill_pwent_state {
25 struct tevent_context *ev;
26 struct wbint_userinfo *info;
27 struct winbindd_pw *pw;
30 static bool fillup_pw_field(const char *lp_template,
39 static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq);
40 static void wb_fill_pwent_getgrsid_done(struct tevent_req *subreq);
42 struct tevent_req *wb_fill_pwent_send(TALLOC_CTX *mem_ctx,
43 struct tevent_context *ev,
44 struct wbint_userinfo *info,
45 struct winbindd_pw *pw)
47 struct tevent_req *req, *subreq;
48 struct wb_fill_pwent_state *state;
50 req = tevent_req_create(mem_ctx, &state, struct wb_fill_pwent_state);
58 subreq = wb_sids2xids_send(state, state->ev, &state->info->user_sid, 1);
59 if (tevent_req_nomem(subreq, req)) {
60 return tevent_req_post(req, ev);
62 tevent_req_set_callback(subreq, wb_fill_pwent_sid2uid_done, req);
66 static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq)
68 struct tevent_req *req = tevent_req_callback_data(
69 subreq, struct tevent_req);
70 struct wb_fill_pwent_state *state = tevent_req_data(
71 req, struct wb_fill_pwent_state);
73 struct unixid xids[1];
75 status = wb_sids2xids_recv(subreq, xids, ARRAY_SIZE(xids));
77 if (tevent_req_nterror(req, status)) {
82 * We are filtering further down in sids2xids, but that filtering
83 * depends on the actual type of the sid handed in (as determined
84 * by lookupsids). Here we need to filter for the type of object
85 * actually requested, in this case uid.
87 if (!(xids[0].type == ID_TYPE_UID || xids[0].type == ID_TYPE_BOTH)) {
88 tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
92 state->pw->pw_uid = (uid_t)xids[0].id;
94 subreq = wb_getgrsid_send(state, state->ev, &state->info->group_sid, 0);
95 if (tevent_req_nomem(subreq, req)) {
98 tevent_req_set_callback(subreq, wb_fill_pwent_getgrsid_done, req);
101 static void wb_fill_pwent_getgrsid_done(struct tevent_req *subreq)
103 struct tevent_req *req = tevent_req_callback_data(
104 subreq, struct tevent_req);
105 struct wb_fill_pwent_state *state = tevent_req_data(
106 req, struct wb_fill_pwent_state);
107 struct winbindd_domain *domain;
108 const char *dom_name;
109 const char *grp_name;
110 fstring user_name, output_username;
111 char *mapped_name = NULL;
112 struct talloc_dict *members;
113 TALLOC_CTX *tmp_ctx = talloc_stackframe();
117 /* xid handling is done in getgrsid() */
118 status = wb_getgrsid_recv(subreq,
125 if (tevent_req_nterror(req, status)) {
126 talloc_free(tmp_ctx);
130 domain = find_domain_from_sid_noinit(&state->info->user_sid);
131 if (domain == NULL) {
132 talloc_free(tmp_ctx);
133 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
136 dom_name = domain->name;
140 fstrcpy(user_name, state->info->acct_name);
141 if (!strlower_m(user_name)) {
142 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
145 status = normalize_name_map(state, domain, user_name, &mapped_name);
147 /* Basic removal of whitespace */
148 if (NT_STATUS_IS_OK(status)) {
149 fill_domain_username(output_username, dom_name, mapped_name,
152 /* Complete name replacement */
153 else if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_RENAMED)) {
154 fstrcpy(output_username, mapped_name);
156 /* No change at all */
158 fill_domain_username(output_username, dom_name, user_name,
162 strlcpy(state->pw->pw_name,
164 sizeof(state->pw->pw_name));
165 /* FIXME The full_name can be longer than 255 chars */
166 strlcpy(state->pw->pw_gecos,
167 state->info->full_name != NULL ? state->info->full_name : "",
168 sizeof(state->pw->pw_gecos));
170 /* Home directory and shell */
171 ok = fillup_pw_field(lp_template_homedir(),
177 state->info->homedir,
180 talloc_free(tmp_ctx);
181 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
185 ok = fillup_pw_field(lp_template_shell(),
192 state->pw->pw_shell);
193 talloc_free(tmp_ctx);
195 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
199 /* Password - set to "*" as we can't generate anything useful here.
200 Authentication can be done using the pam_winbind module. */
202 fstrcpy(state->pw->pw_passwd, "*");
203 tevent_req_done(req);
206 NTSTATUS wb_fill_pwent_recv(struct tevent_req *req)
208 return tevent_req_simple_recv_ntstatus(req);
211 static bool fillup_pw_field(const char *lp_template,
212 const char *username,
228 if ((in != NULL) && (in[0] != '\0') && (lp_security() == SEC_ADS)) {
230 * The backend has already filled in the required value. Use
231 * that instead of the template.
236 result = talloc_sub_specified(talloc_tos(), templ,
237 username, grpname, domname,
239 if (result == NULL) {
243 fstrcpy(out, result);