2 Unix SMB/CIFS implementation.
3 async lookupgroupmembers
4 Copyright (C) Volker Lendecke 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/cli_wbint.h"
23 #include "../librpc/gen_ndr/ndr_security.h"
24 #include "../libcli/security/security.h"
27 * We have 3 sets of routines here:
29 * wb_lookupgroupmem is the low-level one-group routine
31 * wb_groups_members walks a list of groups
33 * wb_group_members finally is the high-level routine expanding groups
38 * TODO: fill_grent_mem_domusers must be re-added
42 * Look up members of a single group. Essentially a wrapper around the
43 * lookup_groupmem winbindd_methods routine.
46 struct wb_lookupgroupmem_state {
48 struct wbint_Principals members;
51 static void wb_lookupgroupmem_done(struct tevent_req *subreq);
53 static struct tevent_req *wb_lookupgroupmem_send(TALLOC_CTX *mem_ctx,
54 struct tevent_context *ev,
55 const struct dom_sid *group_sid,
56 enum lsa_SidType type)
58 struct tevent_req *req, *subreq;
59 struct wb_lookupgroupmem_state *state;
60 struct winbindd_domain *domain;
62 req = tevent_req_create(mem_ctx, &state,
63 struct wb_lookupgroupmem_state);
67 sid_copy(&state->sid, group_sid);
69 domain = find_domain_from_sid_noinit(group_sid);
71 tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP);
72 return tevent_req_post(req, ev);
75 subreq = dcerpc_wbint_LookupGroupMembers_send(
76 state, ev, domain->child.binding_handle, &state->sid, type,
78 if (tevent_req_nomem(subreq, req)) {
79 return tevent_req_post(req, ev);
81 tevent_req_set_callback(subreq, wb_lookupgroupmem_done, req);
85 static void wb_lookupgroupmem_done(struct tevent_req *subreq)
87 struct tevent_req *req = tevent_req_callback_data(
88 subreq, struct tevent_req);
89 struct wb_lookupgroupmem_state *state = tevent_req_data(
90 req, struct wb_lookupgroupmem_state);
91 NTSTATUS status, result;
93 status = dcerpc_wbint_LookupGroupMembers_recv(subreq, state, &result);
95 if (any_nt_status_not_ok(status, result, &status)) {
96 tevent_req_nterror(req, status);
102 static NTSTATUS wb_lookupgroupmem_recv(struct tevent_req *req,
105 struct wbint_Principal **members)
107 struct wb_lookupgroupmem_state *state = tevent_req_data(
108 req, struct wb_lookupgroupmem_state);
111 if (tevent_req_is_nterror(req, &status)) {
115 *num_members = state->members.num_principals;
116 *members = talloc_move(mem_ctx, &state->members.principals);
121 * Same as wb_lookupgroupmem for a list of groups
124 struct wb_groups_members_state {
125 struct tevent_context *ev;
126 struct wbint_Principal *groups;
129 struct wbint_Principal *all_members;
132 static NTSTATUS wb_groups_members_next_subreq(
133 struct wb_groups_members_state *state,
134 TALLOC_CTX *mem_ctx, struct tevent_req **psubreq);
135 static void wb_groups_members_done(struct tevent_req *subreq);
137 static struct tevent_req *wb_groups_members_send(TALLOC_CTX *mem_ctx,
138 struct tevent_context *ev,
140 struct wbint_Principal *groups)
142 struct tevent_req *req, *subreq;
143 struct wb_groups_members_state *state;
146 req = tevent_req_create(mem_ctx, &state,
147 struct wb_groups_members_state);
152 state->groups = groups;
153 state->num_groups = num_groups;
154 state->next_group = 0;
155 state->all_members = NULL;
157 status = wb_groups_members_next_subreq(state, state, &subreq);
158 if (!NT_STATUS_IS_OK(status)) {
159 tevent_req_nterror(req, status);
160 return tevent_req_post(req, ev);
162 if (subreq == NULL) {
163 tevent_req_done(req);
164 return tevent_req_post(req, ev);
166 tevent_req_set_callback(subreq, wb_groups_members_done, req);
170 static NTSTATUS wb_groups_members_next_subreq(
171 struct wb_groups_members_state *state,
172 TALLOC_CTX *mem_ctx, struct tevent_req **psubreq)
174 struct tevent_req *subreq;
175 struct wbint_Principal *g;
177 if (state->next_group >= state->num_groups) {
182 g = &state->groups[state->next_group];
183 state->next_group += 1;
185 subreq = wb_lookupgroupmem_send(mem_ctx, state->ev, &g->sid, g->type);
186 if (subreq == NULL) {
187 return NT_STATUS_NO_MEMORY;
193 static void wb_groups_members_done(struct tevent_req *subreq)
195 struct tevent_req *req = tevent_req_callback_data(
196 subreq, struct tevent_req);
197 struct wb_groups_members_state *state = tevent_req_data(
198 req, struct wb_groups_members_state);
199 int i, num_all_members;
201 struct wbint_Principal *members = NULL;
204 status = wb_lookupgroupmem_recv(subreq, state, &num_members,
209 * In this error handling here we might have to be a bit more generous
210 * and just continue if an error occured.
213 if (!NT_STATUS_IS_OK(status)) {
214 tevent_req_nterror(req, status);
218 num_all_members = talloc_array_length(state->all_members);
220 state->all_members = talloc_realloc(
221 state, state->all_members, struct wbint_Principal,
222 num_all_members + num_members);
223 if ((num_all_members + num_members != 0)
224 && tevent_req_nomem(state->all_members, req)) {
227 for (i=0; i<num_members; i++) {
228 struct wbint_Principal *src, *dst;
230 dst = &state->all_members[num_all_members + i];
231 sid_copy(&dst->sid, &src->sid);
232 dst->name = talloc_move(state->all_members, &src->name);
233 dst->type = src->type;
235 TALLOC_FREE(members);
237 status = wb_groups_members_next_subreq(state, state, &subreq);
238 if (!NT_STATUS_IS_OK(status)) {
239 tevent_req_nterror(req, status);
242 if (subreq == NULL) {
243 tevent_req_done(req);
246 tevent_req_set_callback(subreq, wb_groups_members_done, req);
249 static NTSTATUS wb_groups_members_recv(struct tevent_req *req,
252 struct wbint_Principal **members)
254 struct wb_groups_members_state *state = tevent_req_data(
255 req, struct wb_groups_members_state);
258 if (tevent_req_is_nterror(req, &status)) {
261 *num_members = talloc_array_length(state->all_members);
262 *members = talloc_move(mem_ctx, &state->all_members);
268 * This is the routine expanding a list of groups up to a certain level. We
269 * collect the users in a talloc_dict: We have to add them without duplicates,
270 * and talloc_dict is an indexed (here indexed by SID) data structure.
273 struct wb_group_members_state {
274 struct tevent_context *ev;
276 struct talloc_dict *users;
277 struct wbint_Principal *groups;
280 static NTSTATUS wb_group_members_next_subreq(
281 struct wb_group_members_state *state,
282 TALLOC_CTX *mem_ctx, struct tevent_req **psubreq);
283 static void wb_group_members_done(struct tevent_req *subreq);
285 struct tevent_req *wb_group_members_send(TALLOC_CTX *mem_ctx,
286 struct tevent_context *ev,
287 const struct dom_sid *sid,
288 enum lsa_SidType type,
291 struct tevent_req *req, *subreq;
292 struct wb_group_members_state *state;
295 req = tevent_req_create(mem_ctx, &state,
296 struct wb_group_members_state);
301 state->depth = max_depth;
302 state->users = talloc_dict_init(state);
303 if (tevent_req_nomem(state->users, req)) {
304 return tevent_req_post(req, ev);
307 state->groups = talloc(state, struct wbint_Principal);
308 if (tevent_req_nomem(state->groups, req)) {
309 return tevent_req_post(req, ev);
311 state->groups->name = NULL;
312 sid_copy(&state->groups->sid, sid);
313 state->groups->type = type;
315 status = wb_group_members_next_subreq(state, state, &subreq);
316 if (!NT_STATUS_IS_OK(status)) {
317 tevent_req_nterror(req, status);
318 return tevent_req_post(req, ev);
320 if (subreq == NULL) {
321 tevent_req_done(req);
322 return tevent_req_post(req, ev);
324 tevent_req_set_callback(subreq, wb_group_members_done, req);
328 static NTSTATUS wb_group_members_next_subreq(
329 struct wb_group_members_state *state,
330 TALLOC_CTX *mem_ctx, struct tevent_req **psubreq)
332 struct tevent_req *subreq;
334 if ((talloc_array_length(state->groups) == 0)
335 || (state->depth <= 0)) {
341 subreq = wb_groups_members_send(
342 mem_ctx, state->ev, talloc_array_length(state->groups),
344 if (subreq == NULL) {
345 return NT_STATUS_NO_MEMORY;
351 static void wb_group_members_done(struct tevent_req *subreq)
353 struct tevent_req *req = tevent_req_callback_data(
354 subreq, struct tevent_req);
355 struct wb_group_members_state *state = tevent_req_data(
356 req, struct wb_group_members_state);
357 int i, num_groups, new_users, new_groups;
359 struct wbint_Principal *members = NULL;
362 status = wb_groups_members_recv(subreq, state, &num_members, &members);
364 if (!NT_STATUS_IS_OK(status)) {
365 tevent_req_nterror(req, status);
369 new_users = new_groups = 0;
370 for (i=0; i<num_members; i++) {
371 switch (members[i].type) {
372 case SID_NAME_DOM_GRP:
374 case SID_NAME_WKN_GRP:
378 /* Ignore everything else */
384 TALLOC_FREE(state->groups);
385 state->groups = talloc_array(state, struct wbint_Principal,
389 * Collect the users into state->users and the groups into
390 * state->groups for the next iteration.
393 for (i=0; i<num_members; i++) {
394 switch (members[i].type) {
396 case SID_NAME_COMPUTER: {
398 * Add a copy of members[i] to state->users
400 struct wbint_Principal *m;
404 m = talloc(talloc_tos(), struct wbint_Principal);
405 if (tevent_req_nomem(m, req)) {
408 sid_copy(&m->sid, &members[i].sid);
409 m->name = talloc_move(m, &members[i].name);
410 m->type = members[i].type;
412 sid = &members[i].sid;
413 key = data_blob_const(
414 sid, ndr_size_dom_sid(sid, 0));
416 if (!talloc_dict_set(state->users, key, &m)) {
417 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
422 case SID_NAME_DOM_GRP:
424 case SID_NAME_WKN_GRP: {
425 struct wbint_Principal *g;
427 * Save members[i] for the next round
429 g = &state->groups[num_groups];
430 sid_copy(&g->sid, &members[i].sid);
431 g->name = talloc_move(state->groups, &members[i].name);
432 g->type = members[i].type;
437 /* Ignore everything else */
442 status = wb_group_members_next_subreq(state, state, &subreq);
443 if (!NT_STATUS_IS_OK(status)) {
444 tevent_req_nterror(req, status);
447 if (subreq == NULL) {
448 tevent_req_done(req);
451 tevent_req_set_callback(subreq, wb_group_members_done, req);
454 NTSTATUS wb_group_members_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
455 struct talloc_dict **members)
457 struct wb_group_members_state *state = tevent_req_data(
458 req, struct wb_group_members_state);
461 if (tevent_req_is_nterror(req, &status)) {
464 *members = talloc_move(mem_ctx, &state->users);
git.samba.org / samba.git / blob