lib: modules: Change XXX_init interface from XXX_init(void) to XXX_init(TALLOC_CTX *)

[metze/samba-autobuild/.git] / source3 / winbindd / winbindd_dual_srv.c
diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c

index 4d6c3d1ba9fe122f118874f0ba1ebfb620efd58e..02b1adb2117feeccfd22a1c4e427d7f5d40bf9e9 100644 (file)
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -62,8 +62,8 @@ NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct wbint_LookupSid *r)
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->sid_to_name(domain, p->mem_ctx, r->in.sid,
-                                             &dom_name, &name, &type);
+       status = wb_cache_sid_to_name(domain, p->mem_ctx, r->in.sid,
+                                     &dom_name, &name, &type);
         reset_cm_connection_on_error(domain, status);
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
@@ -111,9 +111,9 @@ NTSTATUS _wbint_LookupName(struct pipes_struct *p, struct wbint_LookupName *r)
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->name_to_sid(
-               domain, p->mem_ctx, r->in.domain, r->in.name, r->in.flags,
-               r->out.sid, r->out.type);
+       status = wb_cache_name_to_sid(domain, p->mem_ctx, r->in.domain,
+                                     r->in.name, r->in.flags,
+                                     r->out.sid, r->out.type);
         reset_cm_connection_on_error(domain, status);
         return status;
  }
@@ -127,9 +127,7 @@ NTSTATUS _wbint_Sids2UnixIDs(struct pipes_struct *p,
         struct wbint_TransID *ids;
         uint32_t num_ids;
  
-       struct id_map *id_maps = NULL;
         struct id_map **id_map_ptrs = NULL;
-       struct dom_sid *sids = NULL;
         struct idmap_domain *dom;
         NTSTATUS status = NT_STATUS_NO_MEMORY;
  
@@ -157,18 +155,10 @@ NTSTATUS _wbint_Sids2UnixIDs(struct pipes_struct *p,
                 return NT_STATUS_OK;
         }
  
-       id_maps = talloc_array(talloc_tos(), struct id_map, num_ids);
-       if (id_maps == NULL) {
-               goto nomem;
-       }
-       id_map_ptrs = talloc_array(talloc_tos(), struct id_map *, num_ids+1);
+       id_map_ptrs = id_map_ptrs_init(talloc_tos(), num_ids);
         if (id_map_ptrs == NULL) {
                 goto nomem;
         }
-       sids = talloc_array(talloc_tos(), struct dom_sid, num_ids);
-       if (sids == NULL) {
-               goto nomem;
-       }
  
         /*
          * Convert the input data into a list of id_map structs
@@ -177,18 +167,12 @@ NTSTATUS _wbint_Sids2UnixIDs(struct pipes_struct *p,
          */
  
         for (i=0; i<num_ids; i++) {
+               struct id_map *m = id_map_ptrs[i];
  
-               sid_compose(&sids[i], d->sid, ids[i].rid);
-
-               id_maps[i] = (struct id_map) {
-                       .sid = &sids[i],
-                       .xid.type = ids[i].type,
-                       .status = ID_UNKNOWN
-               };
-
-               id_map_ptrs[i] = &id_maps[i];
+               sid_compose(m->sid, d->sid, ids[i].rid);
+               m->status = ID_UNKNOWN;
+               m->xid = (struct unixid) { .type = ids[i].type };
         }
-       id_map_ptrs[num_ids] = NULL;
  
         status = dom->methods->sids_to_unixids(dom, id_map_ptrs);
  
@@ -203,9 +187,18 @@ NTSTATUS _wbint_Sids2UnixIDs(struct pipes_struct *p,
          */
  
         for (i=0; i<num_ids; i++) {
+               struct id_map *m = id_map_ptrs[i];
+
+               if (!idmap_unix_id_is_in_range(m->xid.id, dom)) {
+                       DBG_DEBUG("id %"PRIu32" is out of range "
+                                 "%"PRIu32"-%"PRIu32" for domain %s\n",
+                                 m->xid.id, dom->low_id, dom->high_id,
+                                 dom->name);
+                       m->status = ID_UNMAPPED;
+               }
  
-               if (id_maps[i].status == ID_MAPPED) {
-                       ids[i].xid = id_maps[i].xid;
+               if (m->status == ID_MAPPED) {
+                       ids[i].xid = m->xid;
                 } else {
                         ids[i].xid.id = UINT32_MAX;
                         ids[i].xid.type = ID_TYPE_NOT_SPECIFIED;
@@ -216,44 +209,40 @@ NTSTATUS _wbint_Sids2UnixIDs(struct pipes_struct *p,
  nomem:
         status = NT_STATUS_NO_MEMORY;
  done:
-       TALLOC_FREE(id_maps);
         TALLOC_FREE(id_map_ptrs);
-       TALLOC_FREE(sids);
         return status;
  }
  
-NTSTATUS _wbint_Gid2Sid(struct pipes_struct *p, struct wbint_Gid2Sid *r)
-{
-       return idmap_gid_to_sid(r->out.sid, r->in.gid);
-}
-
  NTSTATUS _wbint_UnixIDs2Sids(struct pipes_struct *p,
                              struct wbint_UnixIDs2Sids *r)
  {
+       struct id_map **maps;
+       NTSTATUS status;
         uint32_t i;
  
+       maps = id_map_ptrs_init(talloc_tos(), r->in.num_ids);
+       if (maps == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
         for (i=0; i<r->in.num_ids; i++) {
-               struct unixid *xid = &r->in.xids[i];
-               struct dom_sid *sid = &r->out.sids[i];
-               NTSTATUS status;
-
-               switch (xid->type) {
-                   case ID_TYPE_UID:
-                           status = idmap_uid_to_sid(sid, xid->id);
-                           break;
-                   case ID_TYPE_GID:
-                           status = idmap_gid_to_sid(sid, xid->id);
-                           break;
-                   default:
-                           status = NT_STATUS_NONE_MAPPED;
-                           break;
-               }
+               maps[i]->status = ID_UNKNOWN;
+               maps[i]->xid = r->in.xids[i];
+       }
  
-               if (!NT_STATUS_IS_OK(status)) {
-                       *sid = (struct dom_sid) {0};
-               }
+       status = idmap_backend_unixids_to_sids(maps, r->in.domain_name);
+       if (!NT_STATUS_IS_OK(status)) {
+               TALLOC_FREE(maps);
+               return status;
         }
  
+       for (i=0; i<r->in.num_ids; i++) {
+               r->out.xids[i] = maps[i]->xid;
+               sid_copy(&r->out.sids[i], maps[i]->sid);
+       }
+
+       TALLOC_FREE(maps);
+
         return NT_STATUS_OK;
  }
  
@@ -283,18 +272,17 @@ NTSTATUS _wbint_AllocateGid(struct pipes_struct *p, struct wbint_AllocateGid *r)
         return NT_STATUS_OK;
  }
  
-NTSTATUS _wbint_QueryUser(struct pipes_struct *p, struct wbint_QueryUser *r)
+NTSTATUS _wbint_GetNssInfo(struct pipes_struct *p, struct wbint_GetNssInfo *r)
  {
-       struct winbindd_domain *domain = wb_child_domain();
+       struct idmap_domain *domain;
         NTSTATUS status;
  
-       if (domain == NULL) {
+       domain = idmap_find_domain(r->in.info->domain_name);
+       if ((domain == NULL) || (domain->query_user == NULL)) {
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->query_user(domain, p->mem_ctx, r->in.sid,
-                                            r->out.info);
-       reset_cm_connection_on_error(domain, status);
+       status = domain->query_user(domain, r->in.info);
         return status;
  }
  
@@ -308,9 +296,11 @@ NTSTATUS _wbint_LookupUserAliases(struct pipes_struct *p,
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->lookup_useraliases(
-               domain, p->mem_ctx, r->in.sids->num_sids, r->in.sids->sids,
-               &r->out.rids->num_rids, &r->out.rids->rids);
+       status = wb_cache_lookup_useraliases(domain, p->mem_ctx,
+                                            r->in.sids->num_sids,
+                                            r->in.sids->sids,
+                                            &r->out.rids->num_rids,
+                                            &r->out.rids->rids);
         reset_cm_connection_on_error(domain, status);
         return status;
  }
@@ -325,9 +315,9 @@ NTSTATUS _wbint_LookupUserGroups(struct pipes_struct *p,
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->lookup_usergroups(
-               domain, p->mem_ctx, r->in.sid,
-               &r->out.sids->num_sids, &r->out.sids->sids);
+       status = wb_cache_lookup_usergroups(domain, p->mem_ctx, r->in.sid,
+                                           &r->out.sids->num_sids,
+                                           &r->out.sids->sids);
         reset_cm_connection_on_error(domain, status);
         return status;
  }
@@ -342,7 +332,7 @@ NTSTATUS _wbint_QuerySequenceNumber(struct pipes_struct *p,
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->sequence_number(domain, r->out.sequence);
+       status = wb_cache_sequence_number(domain, r->out.sequence);
         reset_cm_connection_on_error(domain, status);
         return status;
  }
@@ -361,9 +351,9 @@ NTSTATUS _wbint_LookupGroupMembers(struct pipes_struct *p,
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->lookup_groupmem(
-               domain, p->mem_ctx, r->in.sid, r->in.type,
-               &num_names, &sid_mem, &names, &name_types);
+       status = wb_cache_lookup_groupmem(domain, p->mem_ctx, r->in.sid,
+                                         r->in.type, &num_names, &sid_mem,
+                                         &names, &name_types);
         reset_cm_connection_on_error(domain, status);
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
@@ -386,23 +376,6 @@ NTSTATUS _wbint_LookupGroupMembers(struct pipes_struct *p,
         return NT_STATUS_OK;
  }
  
-NTSTATUS _wbint_QueryUserList(struct pipes_struct *p,
-                             struct wbint_QueryUserList *r)
-{
-       struct winbindd_domain *domain = wb_child_domain();
-       NTSTATUS status;
-
-       if (domain == NULL) {
-               return NT_STATUS_REQUEST_NOT_ACCEPTED;
-       }
-
-       status = domain->methods->query_user_list(
-               domain, p->mem_ctx, &r->out.users->num_userinfos,
-               &r->out.users->userinfos);
-       reset_cm_connection_on_error(domain, status);
-       return status;
-}
-
  NTSTATUS _wbint_QueryGroupList(struct pipes_struct *p,
                                struct wbint_QueryGroupList *r)
  {
@@ -442,18 +415,18 @@ NTSTATUS _wbint_QueryGroupList(struct pipes_struct *p,
         }
  
         if (include_local_groups) {
-               status = domain->methods->enum_local_groups(domain, talloc_tos(),
-                                                           &num_local_groups,
-                                                           &local_groups);
+               status = wb_cache_enum_local_groups(domain, talloc_tos(),
+                                                   &num_local_groups,
+                                                   &local_groups);
                 reset_cm_connection_on_error(domain, status);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
         }
  
-       status = domain->methods->enum_dom_groups(domain, talloc_tos(),
-                                                 &num_dom_groups,
-                                                 &dom_groups);
+       status = wb_cache_enum_dom_groups(domain, talloc_tos(),
+                                         &num_dom_groups,
+                                         &dom_groups);
         reset_cm_connection_on_error(domain, status);
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
@@ -510,6 +483,34 @@ NTSTATUS _wbint_QueryGroupList(struct pipes_struct *p,
         return NT_STATUS_OK;
  }
  
+NTSTATUS _wbint_QueryUserRidList(struct pipes_struct *p,
+                                struct wbint_QueryUserRidList *r)
+{
+       struct winbindd_domain *domain = wb_child_domain();
+       NTSTATUS status;
+
+       if (domain == NULL) {
+               return NT_STATUS_REQUEST_NOT_ACCEPTED;
+       }
+
+       /*
+        * Right now this is overkill. We should add a backend call
+        * just querying the rids.
+        */
+
+       status = wb_cache_query_user_list(domain, p->mem_ctx,
+                                         &r->out.rids->rids);
+       reset_cm_connection_on_error(domain, status);
+
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       r->out.rids->num_rids = talloc_array_length(r->out.rids->rids);
+
+       return NT_STATUS_OK;
+}
+
  NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r)
  {
         struct winbindd_domain *domain = wb_child_domain();
@@ -621,15 +622,15 @@ NTSTATUS _wbint_LookupRids(struct pipes_struct *p, struct wbint_LookupRids *r)
         enum lsa_SidType *types;
         struct wbint_Principal *result;
         NTSTATUS status;
-       int i;
+       uint32_t i;
  
         if (domain == NULL) {
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
         }
  
-       status = domain->methods->rids_to_names(
-               domain, talloc_tos(), r->in.domain_sid, r->in.rids->rids,
-               r->in.rids->num_rids, &domain_name, &names, &types);
+       status = wb_cache_rids_to_names(domain, talloc_tos(), r->in.domain_sid,
+                                       r->in.rids->rids, r->in.rids->num_rids,
+                                       &domain_name, &names, &types);
         reset_cm_connection_on_error(domain, status);
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
@@ -863,6 +864,8 @@ NTSTATUS _winbind_SamLogon(struct pipes_struct *p,
         struct winbindd_domain *domain;
         NTSTATUS status;
         DATA_BLOB lm_response, nt_response;
+       uint32_t flags;
+
         domain = wb_child_domain();
         if (domain == NULL) {
                 return NT_STATUS_REQUEST_NOT_ACCEPTED;
@@ -886,7 +889,9 @@ NTSTATUS _winbind_SamLogon(struct pipes_struct *p,
                                        r->in.logon.network->identity_info.domain_name.string,
                                        r->in.logon.network->identity_info.workstation.string,
                                        r->in.logon.network->challenge,
-                                      lm_response, nt_response, &r->out.validation.sam3);
+                                      lm_response, nt_response,
+                                      &r->out.authoritative, &flags,
+                                      &r->out.validation.sam3);
         return status;
  }
  
@@ -901,7 +906,7 @@ static WERROR _winbind_LogonControl_REDISCOVER(struct pipes_struct *p,
  
         info2 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_2);
         if (info2 == NULL) {
-               return WERR_NOMEM;
+               return WERR_NOT_ENOUGH_MEMORY;
         }
  
         if (domain->internal) {
@@ -941,12 +946,12 @@ check_return:
                 info2->trusted_dc_name = talloc_asprintf(info2, "\\\\%s",
                                                          domain->dcname);
                 if (info2->trusted_dc_name == NULL) {
-                       return WERR_NOMEM;
+                       return WERR_NOT_ENOUGH_MEMORY;
                 }
         } else {
                 info2->trusted_dc_name = talloc_strdup(info2, "");
                 if (info2->trusted_dc_name == NULL) {
-                       return WERR_NOMEM;
+                       return WERR_NOT_ENOUGH_MEMORY;
                 }
         }
         info2->tc_connection_status = check_result;
@@ -977,7 +982,7 @@ static WERROR _winbind_LogonControl_TC_QUERY(struct pipes_struct *p,
  
         info2 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_2);
         if (info2 == NULL) {
-               return WERR_NOMEM;
+               return WERR_NOT_ENOUGH_MEMORY;
         }
  
         if (domain->internal) {
@@ -1006,12 +1011,12 @@ check_return:
                 info2->trusted_dc_name = talloc_asprintf(info2, "\\\\%s",
                                                          domain->dcname);
                 if (info2->trusted_dc_name == NULL) {
-                       return WERR_NOMEM;
+                       return WERR_NOT_ENOUGH_MEMORY;
                 }
         } else {
                 info2->trusted_dc_name = talloc_strdup(info2, "");
                 if (info2->trusted_dc_name == NULL) {
-                       return WERR_NOMEM;
+                       return WERR_NOT_ENOUGH_MEMORY;
                 }
         }
         info2->tc_connection_status = check_result;
@@ -1067,7 +1072,7 @@ static WERROR _winbind_LogonControl_TC_VERIFY(struct pipes_struct *p,
         info2 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_2);
         if (info2 == NULL) {
                 TALLOC_FREE(frame);
-               return WERR_NOMEM;
+               return WERR_NOT_ENOUGH_MEMORY;
         }
  
         if (domain->internal) {
@@ -1324,13 +1329,13 @@ verify_return:
                                                          domain->dcname);
                 if (info2->trusted_dc_name == NULL) {
                         TALLOC_FREE(frame);
-                       return WERR_NOMEM;
+                       return WERR_NOT_ENOUGH_MEMORY;
                 }
         } else {
                 info2->trusted_dc_name = talloc_strdup(info2, "");
                 if (info2->trusted_dc_name == NULL) {
                         TALLOC_FREE(frame);
-                       return WERR_NOMEM;
+                       return WERR_NOT_ENOUGH_MEMORY;
                 }
         }
         info2->tc_connection_status = check_result;
@@ -1367,7 +1372,7 @@ static WERROR _winbind_LogonControl_CHANGE_PASSWORD(struct pipes_struct *p,
  
         info1 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_1);
         if (info1 == NULL) {
-               return WERR_NOMEM;
+               return WERR_NOT_ENOUGH_MEMORY;
         }
  
         if (domain->internal) {