centry_free(centry);
}
-
-static void wcache_save_user(struct winbindd_domain *domain, NTSTATUS status,
- struct wbint_userinfo *info)
-{
- struct cache_entry *centry;
- fstring sid_string;
-
- if (is_null_sid(&info->user_sid)) {
- return;
- }
-
- centry = centry_start(domain, status);
- if (!centry)
- return;
- centry_put_string(centry, info->domain_name);
- centry_put_string(centry, info->acct_name);
- centry_put_string(centry, info->full_name);
- centry_put_string(centry, info->homedir);
- centry_put_string(centry, info->shell);
- centry_put_uint32(centry, info->uid);
- centry_put_uint32(centry, info->primary_gid);
- centry_put_string(centry, info->primary_group_name);
- centry_put_sid(centry, &info->user_sid);
- centry_put_sid(centry, &info->group_sid);
- centry_end(centry, "U/%s", sid_to_fstring(sid_string,
- &info->user_sid));
- DEBUG(10,("wcache_save_user: %s (acct_name %s)\n", sid_string, info->acct_name));
- centry_free(centry);
-}
-
static void wcache_save_lockout_policy(struct winbindd_domain *domain,
NTSTATUS status,
struct samr_DomInfo12 *lockout_policy)
/* Query display info. This is the basic user list fn */
NTSTATUS wb_cache_query_user_list(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- uint32_t *num_entries,
- struct wbint_userinfo **info)
+ uint32_t **prids)
{
struct winbind_cache *cache = get_cache(domain);
struct cache_entry *centry = NULL;
+ uint32_t num_rids = 0;
+ uint32_t *rids = NULL;
NTSTATUS status;
unsigned int i, retry;
bool old_status = domain->online;
+ *prids = NULL;
+
if (!cache->tdb)
goto do_query;
goto do_query;
do_fetch_cache:
- *num_entries = centry_uint32(centry);
+ num_rids = centry_uint32(centry);
- if (*num_entries == 0)
+ if (num_rids == 0) {
goto do_cached;
+ }
- (*info) = talloc_array(mem_ctx, struct wbint_userinfo, *num_entries);
- if (! (*info)) {
- smb_panic_fn("query_user_list out of memory");
+ rids = talloc_array(mem_ctx, uint32_t, num_rids);
+ if (rids == NULL) {
+ centry_free(centry);
+ return NT_STATUS_NO_MEMORY;
}
- for (i=0; i<(*num_entries); i++) {
- (*info)[i].domain_name = centry_string(centry, mem_ctx);
- (*info)[i].acct_name = centry_string(centry, mem_ctx);
- (*info)[i].full_name = centry_string(centry, mem_ctx);
- (*info)[i].homedir = centry_string(centry, mem_ctx);
- (*info)[i].shell = centry_string(centry, mem_ctx);
- (*info)[i].uid = centry_uint32(centry);
- (*info)[i].primary_gid = centry_uint32(centry);
- (*info)[i].primary_group_name = centry_string(centry, mem_ctx);
- centry_sid(centry, &(*info)[i].user_sid);
- centry_sid(centry, &(*info)[i].group_sid);
+
+ for (i=0; i<num_rids; i++) {
+ rids[i] = centry_uint32(centry);
}
do_cached:
return status;
do_query:
- *num_entries = 0;
- *info = NULL;
/* Return status value returned by seq number check */
DEBUG(10,("query_user_list: [Cached] - doing backend query for list for domain %s\n",
domain->name ));
- status = domain->backend->query_user_list(domain, mem_ctx, num_entries, info);
+ rids = NULL;
+ status = domain->backend->query_user_list(domain, mem_ctx,
+ &rids);
+ num_rids = talloc_array_length(rids);
+
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("query_user_list: returned 0x%08x, "
"retrying\n", NT_STATUS_V(status)));
set_domain_offline(domain);
}
/* store partial response. */
- if (*num_entries > 0) {
+ if (num_rids > 0) {
/*
* humm, what about the status used for cache?
* Should it be NT_STATUS_OK?
centry = centry_start(domain, status);
if (!centry)
goto skip_save;
- centry_put_uint32(centry, *num_entries);
- for (i=0; i<(*num_entries); i++) {
- centry_put_string(centry, (*info)[i].domain_name);
- centry_put_string(centry, (*info)[i].acct_name);
- centry_put_string(centry, (*info)[i].full_name);
- centry_put_string(centry, (*info)[i].homedir);
- centry_put_string(centry, (*info)[i].shell);
- centry_put_uint32(centry, (*info)[i].uid);
- centry_put_uint32(centry, (*info)[i].primary_gid);
- centry_put_string(centry, (*info)[i].primary_group_name);
- centry_put_sid(centry, &(*info)[i].user_sid);
- centry_put_sid(centry, &(*info)[i].group_sid);
- if (domain->backend && domain->backend->consistent) {
- /* when the backend is consistent we can pre-prime some mappings */
- wcache_save_name_to_sid(domain, NT_STATUS_OK,
- domain->name,
- (*info)[i].acct_name,
- &(*info)[i].user_sid,
- SID_NAME_USER);
- wcache_save_sid_to_name(domain, NT_STATUS_OK,
- &(*info)[i].user_sid,
- domain->name,
- (*info)[i].acct_name,
- SID_NAME_USER);
- wcache_save_user(domain, NT_STATUS_OK, &(*info)[i]);
- }
+ centry_put_uint32(centry, num_rids);
+ for (i=0; i<num_rids; i++) {
+ centry_put_uint32(centry, rids[i]);
}
centry_end(centry, "UL/%s", domain->name);
centry_free(centry);
+ *prids = rids;
+
skip_save:
return status;
}
return NT_STATUS_OK;
}
-NTSTATUS wcache_lookup_usergroups(struct winbindd_domain *domain,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *user_sid,
- uint32_t *pnum_sids,
- struct dom_sid **psids)
-{
- struct winbind_cache *cache = get_cache(domain);
- struct cache_entry *centry = NULL;
- NTSTATUS status;
- uint32_t i, num_sids;
- struct dom_sid *sids;
- fstring sid_string;
-
- if (cache->tdb == NULL) {
- return NT_STATUS_NOT_FOUND;
- }
-
- centry = wcache_fetch(cache, domain, "UG/%s",
- sid_to_fstring(sid_string, user_sid));
- if (centry == NULL) {
- return NT_STATUS_NOT_FOUND;
- }
-
- /* If we have an access denied cache entry and a cached info3 in the
- samlogon cache then do a query. This will force the rpc back end
- to return the info3 data. */
-
- if (NT_STATUS_EQUAL(domain->last_status, NT_STATUS_ACCESS_DENIED)
- && netsamlogon_cache_have(user_sid)) {
- DEBUG(10, ("lookup_usergroups: cached access denied and have "
- "cached info3\n"));
- domain->last_status = NT_STATUS_OK;
- centry_free(centry);
- return NT_STATUS_NOT_FOUND;
- }
-
- num_sids = centry_uint32(centry);
- sids = talloc_array(mem_ctx, struct dom_sid, num_sids);
- if (sids == NULL) {
- centry_free(centry);
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i=0; i<num_sids; i++) {
- centry_sid(centry, &sids[i]);
- }
-
- status = centry->status;
-
- DEBUG(10,("lookup_usergroups: [Cached] - cached info for domain %s "
- "status: %s\n", domain->name, nt_errstr(status)));
-
- centry_free(centry);
-
- *pnum_sids = num_sids;
- *psids = sids;
- return status;
-}
-
static char *wcache_make_sidlist(TALLOC_CTX *mem_ctx, uint32_t num_sids,
const struct dom_sid *sids)
{
DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
tdb_delete(cache->tdb, string_tdb_data(key_str));
- /* Clear UG/SID cache entry */
- fstr_sprintf(key_str, "UG/%s", sid_to_fstring(sid_string, sid));
- DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str));
- tdb_delete(cache->tdb, string_tdb_data(key_str));
-
/* Samba/winbindd never needs this. */
netsamlogon_clear_cached_user(sid);
}
num_entries = (int32_t)centry_uint32(centry);
for (i=0; i< num_entries; i++) {
- struct dom_sid sid;
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_uint32(centry);
(void)centry_uint32(centry);
- (void)centry_string(centry, mem_ctx);
- (void)centry_sid(centry, &sid);
- (void)centry_sid(centry, &sid);
}
centry_free(centry);
return 0;
}
-static int validate_ug(TALLOC_CTX *mem_ctx, const char *keystr, TDB_DATA dbuf,
- struct tdb_validation_status *state)
-{
- struct cache_entry *centry = create_centry_validate(keystr, dbuf, state);
- int32_t num_groups, i;
-
- if (!centry) {
- return 1;
- }
-
- num_groups = centry_uint32(centry);
-
- for (i=0; i< num_groups; i++) {
- struct dom_sid sid;
- centry_sid(centry, &sid);
- }
-
- centry_free(centry);
-
- if (!(state->success)) {
- return 1;
- }
- DEBUG(10,("validate_ug: %s ok\n", keystr));
- return 0;
-}
-
static int validate_ua(TALLOC_CTX *mem_ctx, const char *keystr, TDB_DATA dbuf,
struct tdb_validation_status *state)
{
return 0;
}
-static int validate_pwinfo(TALLOC_CTX *mem_ctx, const char *keystr,
- TDB_DATA dbuf, struct tdb_validation_status *state)
-{
- struct cache_entry *centry = create_centry_validate(keystr, dbuf, state);
-
- if (!centry) {
- return 1;
- }
-
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_string(centry, mem_ctx);
- (void)centry_uint32(centry);
-
- centry_free(centry);
-
- if (!(state->success)) {
- return 1;
- }
- DEBUG(10,("validate_pwinfo: %s ok\n", keystr));
- return 0;
-}
-
static int validate_nss_an(TALLOC_CTX *mem_ctx, const char *keystr,
TDB_DATA dbuf,
struct tdb_validation_status *state)
if (!(state->success)) {
return 1;
}
- DEBUG(10,("validate_pwinfo: %s ok\n", keystr));
+ DBG_DEBUG("%s ok\n", keystr);
return 0;
}
{"CRED/", validate_cred},
{"UL/", validate_ul},
{"GL/", validate_gl},
- {"UG/", validate_ug},
{"UA", validate_ua},
{"GM/", validate_gm},
{"DR/", validate_dr},
{"DE/", validate_de},
- {"NSS/PWINFO/", validate_pwinfo},
{"TRUSTDOMCACHE/", validate_trustdomcache},
{"NSS/NA/", validate_nss_na},
{"NSS/AN/", validate_nss_an},
return;
}
-
-/*********************************************************************
- ********************************************************************/
-
-static void wcache_save_user_pwinfo(struct winbindd_domain *domain,
- NTSTATUS status,
- const struct dom_sid *user_sid,
- const char *homedir,
- const char *shell,
- const char *gecos,
- uint32_t gid)
-{
- struct cache_entry *centry;
- fstring tmp;
-
- if ( (centry = centry_start(domain, status)) == NULL )
- return;
-
- centry_put_string( centry, homedir );
- centry_put_string( centry, shell );
- centry_put_string( centry, gecos );
- centry_put_uint32( centry, gid );
-
- centry_end(centry, "NSS/PWINFO/%s", sid_to_fstring(tmp, user_sid) );
-
- DEBUG(10,("wcache_save_user_pwinfo: %s\n", sid_string_dbg(user_sid) ));
-
- centry_free(centry);
-}
-
-#ifdef HAVE_ADS
-
-NTSTATUS nss_get_info_cached( struct winbindd_domain *domain,
- const struct dom_sid *user_sid,
- TALLOC_CTX *ctx,
- const char **homedir, const char **shell,
- const char **gecos, gid_t *p_gid)
-{
- struct winbind_cache *cache = get_cache(domain);
- struct cache_entry *centry = NULL;
- NTSTATUS nt_status;
- fstring tmp;
-
- if (!cache->tdb)
- goto do_query;
-
- centry = wcache_fetch(cache, domain, "NSS/PWINFO/%s",
- sid_to_fstring(tmp, user_sid));
-
- if (!centry)
- goto do_query;
-
- *homedir = centry_string( centry, ctx );
- *shell = centry_string( centry, ctx );
- *gecos = centry_string( centry, ctx );
- *p_gid = centry_uint32( centry );
-
- centry_free(centry);
-
- DEBUG(10,("nss_get_info_cached: [Cached] - user_sid %s\n",
- sid_string_dbg(user_sid)));
-
- return NT_STATUS_OK;
-
-do_query:
-
- nt_status = nss_get_info( domain->name, user_sid, ctx,
- homedir, shell, gecos, p_gid );
-
- DEBUG(10, ("nss_get_info returned %s\n", nt_errstr(nt_status)));
-
- if ( NT_STATUS_IS_OK(nt_status) ) {
- DEBUG(10, ("result:\n\thomedir = '%s'\n", *homedir));
- DEBUGADD(10, ("\tshell = '%s'\n", *shell));
- DEBUGADD(10, ("\tgecos = '%s'\n", *gecos));
- DEBUGADD(10, ("\tgid = '%u'\n", (unsigned int)*p_gid));
-
- wcache_save_user_pwinfo( domain, nt_status, user_sid,
- *homedir, *shell, *gecos, *p_gid );
- }
-
- if ( NT_STATUS_EQUAL( nt_status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND ) ) {
- DEBUG(5,("nss_get_info_cached: Setting domain %s offline\n",
- domain->name ));
- set_domain_offline( domain );
- }
-
- return nt_status;
-}
-
-#endif
-
static bool wcache_ndr_key(TALLOC_CTX *mem_ctx, const char *domain_name,
uint32_t opnum, const DATA_BLOB *req,
TDB_DATA *pkey)