return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->sid_to_name(domain, p->mem_ctx, r->in.sid,
- &dom_name, &name, &type);
+ status = wb_cache_sid_to_name(domain, p->mem_ctx, r->in.sid,
+ &dom_name, &name, &type);
reset_cm_connection_on_error(domain, status);
if (!NT_STATUS_IS_OK(status)) {
return status;
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->name_to_sid(
- domain, p->mem_ctx, r->in.domain, r->in.name, r->in.flags,
- r->out.sid, r->out.type);
+ status = wb_cache_name_to_sid(domain, p->mem_ctx, r->in.domain,
+ r->in.name, r->in.flags,
+ r->out.sid, r->out.type);
reset_cm_connection_on_error(domain, status);
return status;
}
struct wbint_TransID *ids;
uint32_t num_ids;
- struct id_map *id_maps = NULL;
struct id_map **id_map_ptrs = NULL;
- struct dom_sid *sids = NULL;
struct idmap_domain *dom;
NTSTATUS status = NT_STATUS_NO_MEMORY;
return NT_STATUS_OK;
}
- id_maps = talloc_array(talloc_tos(), struct id_map, num_ids);
- if (id_maps == NULL) {
- goto nomem;
- }
- id_map_ptrs = talloc_array(talloc_tos(), struct id_map *, num_ids+1);
+ id_map_ptrs = id_map_ptrs_init(talloc_tos(), num_ids);
if (id_map_ptrs == NULL) {
goto nomem;
}
- sids = talloc_array(talloc_tos(), struct dom_sid, num_ids);
- if (sids == NULL) {
- goto nomem;
- }
/*
* Convert the input data into a list of id_map structs
*/
for (i=0; i<num_ids; i++) {
+ struct id_map *m = id_map_ptrs[i];
- sid_compose(&sids[i], d->sid, ids[i].rid);
-
- id_maps[i] = (struct id_map) {
- .sid = &sids[i],
- .xid.type = ids[i].type,
- .status = ID_UNKNOWN
- };
-
- id_map_ptrs[i] = &id_maps[i];
+ sid_compose(m->sid, d->sid, ids[i].rid);
+ m->status = ID_UNKNOWN;
+ m->xid = (struct unixid) { .type = ids[i].type };
}
- id_map_ptrs[num_ids] = NULL;
status = dom->methods->sids_to_unixids(dom, id_map_ptrs);
*/
for (i=0; i<num_ids; i++) {
+ struct id_map *m = id_map_ptrs[i];
+
+ if (!idmap_unix_id_is_in_range(m->xid.id, dom)) {
+ DBG_DEBUG("id %"PRIu32" is out of range "
+ "%"PRIu32"-%"PRIu32" for domain %s\n",
+ m->xid.id, dom->low_id, dom->high_id,
+ dom->name);
+ m->status = ID_UNMAPPED;
+ }
- if (id_maps[i].status == ID_MAPPED) {
- ids[i].xid = id_maps[i].xid;
+ if (m->status == ID_MAPPED) {
+ ids[i].xid = m->xid;
} else {
ids[i].xid.id = UINT32_MAX;
ids[i].xid.type = ID_TYPE_NOT_SPECIFIED;
nomem:
status = NT_STATUS_NO_MEMORY;
done:
- TALLOC_FREE(id_maps);
TALLOC_FREE(id_map_ptrs);
- TALLOC_FREE(sids);
return status;
}
-NTSTATUS _wbint_Gid2Sid(struct pipes_struct *p, struct wbint_Gid2Sid *r)
-{
- return idmap_gid_to_sid(r->out.sid, r->in.gid);
-}
-
NTSTATUS _wbint_UnixIDs2Sids(struct pipes_struct *p,
struct wbint_UnixIDs2Sids *r)
{
+ struct id_map **maps;
+ NTSTATUS status;
uint32_t i;
+ maps = id_map_ptrs_init(talloc_tos(), r->in.num_ids);
+ if (maps == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
for (i=0; i<r->in.num_ids; i++) {
- struct unixid *xid = &r->in.xids[i];
- struct dom_sid *sid = &r->out.sids[i];
- NTSTATUS status;
-
- switch (xid->type) {
- case ID_TYPE_UID:
- status = idmap_uid_to_sid(sid, xid->id);
- break;
- case ID_TYPE_GID:
- status = idmap_gid_to_sid(sid, xid->id);
- break;
- default:
- status = NT_STATUS_NONE_MAPPED;
- break;
- }
+ maps[i]->status = ID_UNKNOWN;
+ maps[i]->xid = r->in.xids[i];
+ }
- if (!NT_STATUS_IS_OK(status)) {
- *sid = (struct dom_sid) {0};
- }
+ status = idmap_backend_unixids_to_sids(maps, r->in.domain_name);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(maps);
+ return status;
}
+ for (i=0; i<r->in.num_ids; i++) {
+ r->out.xids[i] = maps[i]->xid;
+ sid_copy(&r->out.sids[i], maps[i]->sid);
+ }
+
+ TALLOC_FREE(maps);
+
return NT_STATUS_OK;
}
return NT_STATUS_OK;
}
-NTSTATUS _wbint_QueryUser(struct pipes_struct *p, struct wbint_QueryUser *r)
+NTSTATUS _wbint_GetNssInfo(struct pipes_struct *p, struct wbint_GetNssInfo *r)
{
- struct winbindd_domain *domain = wb_child_domain();
+ struct idmap_domain *domain;
NTSTATUS status;
- if (domain == NULL) {
+ domain = idmap_find_domain(r->in.info->domain_name);
+ if ((domain == NULL) || (domain->query_user == NULL)) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->query_user(domain, p->mem_ctx, r->in.sid,
- r->out.info);
- reset_cm_connection_on_error(domain, status);
+ status = domain->query_user(domain, r->in.info);
return status;
}
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->lookup_useraliases(
- domain, p->mem_ctx, r->in.sids->num_sids, r->in.sids->sids,
- &r->out.rids->num_rids, &r->out.rids->rids);
+ status = wb_cache_lookup_useraliases(domain, p->mem_ctx,
+ r->in.sids->num_sids,
+ r->in.sids->sids,
+ &r->out.rids->num_rids,
+ &r->out.rids->rids);
reset_cm_connection_on_error(domain, status);
return status;
}
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->lookup_usergroups(
- domain, p->mem_ctx, r->in.sid,
- &r->out.sids->num_sids, &r->out.sids->sids);
+ status = wb_cache_lookup_usergroups(domain, p->mem_ctx, r->in.sid,
+ &r->out.sids->num_sids,
+ &r->out.sids->sids);
reset_cm_connection_on_error(domain, status);
return status;
}
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->sequence_number(domain, r->out.sequence);
+ status = wb_cache_sequence_number(domain, r->out.sequence);
reset_cm_connection_on_error(domain, status);
return status;
}
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->lookup_groupmem(
- domain, p->mem_ctx, r->in.sid, r->in.type,
- &num_names, &sid_mem, &names, &name_types);
+ status = wb_cache_lookup_groupmem(domain, p->mem_ctx, r->in.sid,
+ r->in.type, &num_names, &sid_mem,
+ &names, &name_types);
reset_cm_connection_on_error(domain, status);
if (!NT_STATUS_IS_OK(status)) {
return status;
return NT_STATUS_OK;
}
-NTSTATUS _wbint_QueryUserList(struct pipes_struct *p,
- struct wbint_QueryUserList *r)
-{
- struct winbindd_domain *domain = wb_child_domain();
- NTSTATUS status;
-
- if (domain == NULL) {
- return NT_STATUS_REQUEST_NOT_ACCEPTED;
- }
-
- status = domain->methods->query_user_list(
- domain, p->mem_ctx, &r->out.users->num_userinfos,
- &r->out.users->userinfos);
- reset_cm_connection_on_error(domain, status);
- return status;
-}
-
NTSTATUS _wbint_QueryGroupList(struct pipes_struct *p,
struct wbint_QueryGroupList *r)
{
}
if (include_local_groups) {
- status = domain->methods->enum_local_groups(domain, talloc_tos(),
- &num_local_groups,
- &local_groups);
+ status = wb_cache_enum_local_groups(domain, talloc_tos(),
+ &num_local_groups,
+ &local_groups);
reset_cm_connection_on_error(domain, status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
- status = domain->methods->enum_dom_groups(domain, talloc_tos(),
- &num_dom_groups,
- &dom_groups);
+ status = wb_cache_enum_dom_groups(domain, talloc_tos(),
+ &num_dom_groups,
+ &dom_groups);
reset_cm_connection_on_error(domain, status);
if (!NT_STATUS_IS_OK(status)) {
return status;
return NT_STATUS_OK;
}
+NTSTATUS _wbint_QueryUserRidList(struct pipes_struct *p,
+ struct wbint_QueryUserRidList *r)
+{
+ struct winbindd_domain *domain = wb_child_domain();
+ NTSTATUS status;
+
+ if (domain == NULL) {
+ return NT_STATUS_REQUEST_NOT_ACCEPTED;
+ }
+
+ /*
+ * Right now this is overkill. We should add a backend call
+ * just querying the rids.
+ */
+
+ status = wb_cache_query_user_list(domain, p->mem_ctx,
+ &r->out.rids->rids);
+ reset_cm_connection_on_error(domain, status);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ r->out.rids->num_rids = talloc_array_length(r->out.rids->rids);
+
+ return NT_STATUS_OK;
+}
+
NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r)
{
struct winbindd_domain *domain = wb_child_domain();
enum lsa_SidType *types;
struct wbint_Principal *result;
NTSTATUS status;
- int i;
+ uint32_t i;
if (domain == NULL) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- status = domain->methods->rids_to_names(
- domain, talloc_tos(), r->in.domain_sid, r->in.rids->rids,
- r->in.rids->num_rids, &domain_name, &names, &types);
+ status = wb_cache_rids_to_names(domain, talloc_tos(), r->in.domain_sid,
+ r->in.rids->rids, r->in.rids->num_rids,
+ &domain_name, &names, &types);
reset_cm_connection_on_error(domain, status);
if (!NT_STATUS_IS_OK(status)) {
return status;
struct winbindd_domain *domain;
NTSTATUS status;
DATA_BLOB lm_response, nt_response;
+ uint32_t flags;
+
domain = wb_child_domain();
if (domain == NULL) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
r->in.logon.network->identity_info.domain_name.string,
r->in.logon.network->identity_info.workstation.string,
r->in.logon.network->challenge,
- lm_response, nt_response, &r->out.validation.sam3);
+ lm_response, nt_response,
+ &r->out.authoritative, &flags,
+ &r->out.validation.sam3);
return status;
}
info2 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_2);
if (info2 == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
if (domain->internal) {
info2->trusted_dc_name = talloc_asprintf(info2, "\\\\%s",
domain->dcname);
if (info2->trusted_dc_name == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
} else {
info2->trusted_dc_name = talloc_strdup(info2, "");
if (info2->trusted_dc_name == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
}
info2->tc_connection_status = check_result;
info2 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_2);
if (info2 == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
if (domain->internal) {
info2->trusted_dc_name = talloc_asprintf(info2, "\\\\%s",
domain->dcname);
if (info2->trusted_dc_name == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
} else {
info2->trusted_dc_name = talloc_strdup(info2, "");
if (info2->trusted_dc_name == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
}
info2->tc_connection_status = check_result;
info2 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_2);
if (info2 == NULL) {
TALLOC_FREE(frame);
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
if (domain->internal) {
domain->dcname);
if (info2->trusted_dc_name == NULL) {
TALLOC_FREE(frame);
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
} else {
info2->trusted_dc_name = talloc_strdup(info2, "");
if (info2->trusted_dc_name == NULL) {
TALLOC_FREE(frame);
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
}
info2->tc_connection_status = check_result;
info1 = talloc_zero(p->mem_ctx, struct netr_NETLOGON_INFO_1);
if (info1 == NULL) {
- return WERR_NOMEM;
+ return WERR_NOT_ENOUGH_MEMORY;
}
if (domain->internal) {