Unix SMB/CIFS implementation.
uid/user handling
Copyright (C) Andrew Tridgell 1992-1998
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
+#include "system/passwd.h"
+#include "smbd/smbd.h"
+#include "smbd/globals.h"
+#include "../librpc/gen_ndr/netlogon.h"
+#include "libcli/security/security.h"
+#include "passdb/lookup_sid.h"
+#include "auth.h"
+#include "ntdomain.h"
/* what user is current? */
extern struct current_user current_user;
Become the guest user without changing the security context stack.
****************************************************************************/
-BOOL change_to_guest(void)
+bool change_to_guest(void)
{
- static struct passwd *pass=NULL;
+ struct passwd *pass;
+ pass = Get_Pwnam_alloc(talloc_tos(), lp_guestaccount());
if (!pass) {
- /* Don't need to free() this as its stored in a static */
- pass = getpwnam_alloc(lp_guestaccount());
- if (!pass)
- return(False);
+ return false;
}
-
+
#ifdef AIX
/* MWW: From AIX FAQ patch to WU-ftpd: call initgroups before
setting IDs */
initgroups(pass->pw_name, pass->pw_gid);
#endif
-
+
set_sec_ctx(pass->pw_uid, pass->pw_gid, 0, NULL, NULL);
-
+
current_user.conn = NULL;
current_user.vuid = UID_FIELD_INVALID;
-
- passwd_free(&pass);
- return True;
+ TALLOC_FREE(pass);
+
+ return true;
+}
+
+/****************************************************************************
+ talloc free the conn->session_info if not used in the vuid cache.
+****************************************************************************/
+
+static void free_conn_session_info_if_unused(connection_struct *conn)
+{
+ unsigned int i;
+
+ for (i = 0; i < VUID_CACHE_SIZE; i++) {
+ struct vuid_cache_entry *ent;
+ ent = &conn->vuid_cache.array[i];
+ if (ent->vuid != UID_FIELD_INVALID &&
+ conn->session_info == ent->session_info) {
+ return;
+ }
+ }
+ /* Not used, safe to free. */
+ TALLOC_FREE(conn->session_info);
}
/*******************************************************************
Check if a username is OK.
+
+ This sets up conn->session_info with a copy related to this vuser that
+ later code can then mess with.
********************************************************************/
-static BOOL check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
+static bool check_user_ok(connection_struct *conn,
+ uint16_t vuid,
+ const struct auth_serversupplied_info *session_info,
+ int snum)
{
- unsigned i;
- for (i=0;i<conn->vuid_cache.entries && i< VUID_CACHE_SIZE;i++)
- if (conn->vuid_cache.list[i] == vuser->vuid)
- return(True);
-
- if ((conn->force_user || conn->force_group)
- && (conn->vuid != vuser->vuid)) {
- return False;
+ bool valid_vuid = (vuid != UID_FIELD_INVALID);
+ unsigned int i;
+ bool readonly_share;
+ bool admin_user;
+
+ if (valid_vuid) {
+ struct vuid_cache_entry *ent;
+
+ for (i=0; i<VUID_CACHE_SIZE; i++) {
+ ent = &conn->vuid_cache.array[i];
+ if (ent->vuid == vuid) {
+ free_conn_session_info_if_unused(conn);
+ conn->session_info = ent->session_info;
+ conn->read_only = ent->read_only;
+ return(True);
+ }
+ }
}
-
- if (!user_ok(vuser->user.unix_name,snum, vuser->groups, vuser->n_groups))
+
+ if (!user_ok_token(session_info->unix_name,
+ session_info->info3->base.domain.string,
+ session_info->security_token, snum))
return(False);
- if (!share_access_check(conn, snum, vuser, conn->read_only ? FILE_READ_DATA : FILE_WRITE_DATA)) {
+ readonly_share = is_share_read_only_for_token(
+ session_info->unix_name,
+ session_info->info3->base.domain.string,
+ session_info->security_token,
+ conn);
+
+ if (!readonly_share &&
+ !share_access_check(session_info->security_token, lp_servicename(snum),
+ FILE_WRITE_DATA)) {
+ /* smb.conf allows r/w, but the security descriptor denies
+ * write. Fall back to looking at readonly. */
+ readonly_share = True;
+ DEBUG(5,("falling back to read-only access-evaluation due to "
+ "security descriptor\n"));
+ }
+
+ if (!share_access_check(session_info->security_token, lp_servicename(snum),
+ readonly_share ?
+ FILE_READ_DATA : FILE_WRITE_DATA)) {
return False;
}
- i = conn->vuid_cache.entries % VUID_CACHE_SIZE;
- conn->vuid_cache.list[i] = vuser->vuid;
+ admin_user = token_contains_name_in_list(
+ session_info->unix_name,
+ session_info->info3->base.domain.string,
+ NULL, session_info->security_token, lp_admin_users(snum));
- conn->vuid_cache.entries++;
+ if (valid_vuid) {
+ struct vuid_cache_entry *ent =
+ &conn->vuid_cache.array[conn->vuid_cache.next_entry];
+
+ conn->vuid_cache.next_entry =
+ (conn->vuid_cache.next_entry + 1) % VUID_CACHE_SIZE;
+
+ TALLOC_FREE(ent->session_info);
+
+ /*
+ * If force_user was set, all session_info's are based on the same
+ * username-based faked one.
+ */
+
+ ent->session_info = copy_serverinfo(
+ conn, conn->force_user ? conn->session_info : session_info);
+
+ if (ent->session_info == NULL) {
+ ent->vuid = UID_FIELD_INVALID;
+ return false;
+ }
+
+ ent->vuid = vuid;
+ ent->read_only = readonly_share;
+ free_conn_session_info_if_unused(conn);
+ conn->session_info = ent->session_info;
+ }
+
+ conn->read_only = readonly_share;
+ if (admin_user) {
+ DEBUG(2,("check_user_ok: user %s is an admin user. "
+ "Setting uid as %d\n",
+ conn->session_info->unix_name,
+ sec_initial_uid() ));
+ conn->session_info->utok.uid = sec_initial_uid();
+ }
return(True);
}
+/****************************************************************************
+ Clear a vuid out of the connection's vuid cache
+ This is only called on SMBulogoff.
+****************************************************************************/
+
+void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid)
+{
+ int i;
+
+ for (i=0; i<VUID_CACHE_SIZE; i++) {
+ struct vuid_cache_entry *ent;
+
+ ent = &conn->vuid_cache.array[i];
+
+ if (ent->vuid == vuid) {
+ ent->vuid = UID_FIELD_INVALID;
+ /*
+ * We need to keep conn->session_info around
+ * if it's equal to ent->session_info as a SMBulogoff
+ * is often followed by a SMBtdis (with an invalid
+ * vuid). The debug code (or regular code in
+ * vfs_full_audit) wants to refer to the
+ * conn->session_info pointer to print debug
+ * statements. Theoretically this is a bug,
+ * as once the vuid is gone the session_info
+ * on the conn struct isn't valid any more,
+ * but there's enough code that assumes
+ * conn->session_info is never null that
+ * it's easier to hold onto the old pointer
+ * until we get a new sessionsetupX.
+ * As everything is hung off the
+ * conn pointer as a talloc context we're not
+ * leaking memory here. See bug #6315. JRA.
+ */
+ if (conn->session_info == ent->session_info) {
+ ent->session_info = NULL;
+ } else {
+ TALLOC_FREE(ent->session_info);
+ }
+ ent->read_only = False;
+ }
+ }
+}
+
/****************************************************************************
Become the user of a connection number without changing the security context
- stack, but modify the currnet_user entries.
+ stack, but modify the current_user entries.
****************************************************************************/
-BOOL change_to_user(connection_struct *conn, uint16 vuid)
+static bool change_to_user_internal(connection_struct *conn,
+ const struct auth_serversupplied_info *session_info,
+ uint16_t vuid)
{
- user_struct *vuser = get_valid_user_struct(vuid);
int snum;
gid_t gid;
uid_t uid;
char group_c;
- BOOL must_free_token = False;
- NT_USER_TOKEN *token = NULL;
-
- if (!conn) {
- DEBUG(2,("change_to_user: Connection not open\n"));
- return(False);
- }
-
- /*
- * We need a separate check in security=share mode due to vuid
- * always being UID_FIELD_INVALID. If we don't do this then
- * in share mode security we are *always* changing uid's between
- * SMB's - this hurts performance - Badly.
- */
-
- if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
- (current_user.uid == conn->uid)) {
- DEBUG(4,("change_to_user: Skipping user change - already user\n"));
- return(True);
- } else if ((current_user.conn == conn) &&
- (vuser != 0) && (current_user.vuid == vuid) &&
- (current_user.uid == vuser->uid)) {
- DEBUG(4,("change_to_user: Skipping user change - already user\n"));
- return(True);
- }
+ int num_groups = 0;
+ gid_t *group_list = NULL;
+ bool ok;
snum = SNUM(conn);
- if (conn->force_user) /* security = share sets this too */ {
- uid = conn->uid;
- gid = conn->gid;
- current_user.groups = conn->groups;
- current_user.ngroups = conn->ngroups;
- token = conn->nt_user_token;
- } else if ((vuser) && check_user_ok(conn, vuser, snum)) {
- uid = vuser->uid;
- gid = vuser->gid;
- current_user.ngroups = vuser->n_groups;
- current_user.groups = vuser->groups;
- token = vuser->nt_user_token;
- } else {
- DEBUG(2,("change_to_user: Invalid vuid used %d or vuid not permitted access to share.\n",vuid));
- return False;
+ ok = check_user_ok(conn, vuid, session_info, snum);
+ if (!ok) {
+ DEBUG(2,("SMB user %s (unix user %s) "
+ "not permitted access to share %s.\n",
+ session_info->sanitized_username,
+ session_info->unix_name,
+ lp_servicename(snum)));
+ return false;
}
+ uid = conn->session_info->utok.uid;
+ gid = conn->session_info->utok.gid;
+ num_groups = conn->session_info->utok.ngroups;
+ group_list = conn->session_info->utok.groups;
+
/*
- * See if we should force group for this service.
- * If so this overrides any group set in the force
- * user code.
+ * See if we should force group for this service. If so this overrides
+ * any group set in the force user code.
*/
-
if((group_c = *lp_force_group(snum))) {
- BOOL is_guest = False;
- if(group_c == '+') {
+ SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
+
+ if (group_c == '+') {
+ int i;
/*
- * Only force group if the user is a member of
- * the service group. Check the group memberships for
- * this user (we already have this) to
- * see if we should force the group.
+ * Only force group if the user is a member of the
+ * service group. Check the group memberships for this
+ * user (we already have this) to see if we should force
+ * the group.
*/
-
- int i;
- for (i = 0; i < current_user.ngroups; i++) {
- if (current_user.groups[i] == conn->gid) {
- gid = conn->gid;
+ for (i = 0; i < num_groups; i++) {
+ if (group_list[i] == conn->force_group_gid) {
+ conn->session_info->utok.gid =
+ conn->force_group_gid;
+ gid = conn->force_group_gid;
+ gid_to_sid(&conn->session_info->security_token
+ ->sids[1], gid);
break;
}
}
} else {
- gid = conn->gid;
+ conn->session_info->utok.gid = conn->force_group_gid;
+ gid = conn->force_group_gid;
+ gid_to_sid(&conn->session_info->security_token->sids[1],
+ gid);
}
+ }
- /*
- * We've changed the group list in the token - we must
- * re-create it.
- */
+ /*Set current_user since we will immediately also call set_sec_ctx() */
+ current_user.ut.ngroups = num_groups;
+ current_user.ut.groups = group_list;
- if (vuser && vuser->guest)
- is_guest = True;
+ set_sec_ctx(uid,
+ gid,
+ current_user.ut.ngroups,
+ current_user.ut.groups,
+ conn->session_info->security_token);
- token = create_nt_token(uid, gid, current_user.ngroups, current_user.groups, is_guest);
- if (!token) {
- DEBUG(1, ("change_to_user: create_nt_token failed!\n"));
- return False;
- }
- must_free_token = True;
+ current_user.conn = conn;
+ current_user.vuid = vuid;
+
+ DEBUG(5, ("Impersonated user: uid=(%d,%d), gid=(%d,%d)\n",
+ (int)getuid(),
+ (int)geteuid(),
+ (int)getgid(),
+ (int)getegid()));
+
+ return true;
+}
+
+bool change_to_user(connection_struct *conn, uint16_t vuid)
+{
+ const struct auth_serversupplied_info *session_info = NULL;
+ user_struct *vuser;
+ int snum = SNUM(conn);
+
+ if (!conn) {
+ DEBUG(2,("Connection not open\n"));
+ return(False);
}
-
- set_sec_ctx(uid, gid, current_user.ngroups, current_user.groups, token);
+
+ vuser = get_valid_user_struct(conn->sconn, vuid);
/*
- * Free the new token (as set_sec_ctx copies it).
+ * We need a separate check in security=share mode due to vuid
+ * always being UID_FIELD_INVALID. If we don't do this then
+ * in share mode security we are *always* changing uid's between
+ * SMB's - this hurts performance - Badly.
*/
- if (must_free_token)
- delete_nt_token(&token);
+ if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
+ (current_user.ut.uid == conn->session_info->utok.uid)) {
+ DEBUG(4,("Skipping user change - already "
+ "user\n"));
+ return(True);
+ } else if ((current_user.conn == conn) &&
+ (vuser != NULL) && (current_user.vuid == vuid) &&
+ (current_user.ut.uid == vuser->session_info->utok.uid)) {
+ DEBUG(4,("Skipping user change - already "
+ "user\n"));
+ return(True);
+ }
+
+ session_info = vuser ? vuser->session_info : conn->session_info;
- current_user.conn = conn;
- current_user.vuid = vuid;
+ if (session_info == NULL) {
+ /* Invalid vuid sent - even with security = share. */
+ DEBUG(2,("Invalid vuid %d used on "
+ "share %s.\n", vuid, lp_servicename(snum) ));
+ return false;
+ }
- DEBUG(5,("change_to_user uid=(%d,%d) gid=(%d,%d)\n",
- (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid()));
-
- return(True);
+ /* security = share sets force_user. */
+ if (!conn->force_user && vuser == NULL) {
+ DEBUG(2,("Invalid vuid used %d in accessing "
+ "share %s.\n", vuid, lp_servicename(snum) ));
+ return False;
+ }
+
+ return change_to_user_internal(conn, session_info, vuid);
+}
+
+bool change_to_user_by_session(connection_struct *conn,
+ const struct auth_serversupplied_info *session_info)
+{
+ SMB_ASSERT(conn != NULL);
+ SMB_ASSERT(session_info != NULL);
+
+ if ((current_user.conn == conn) &&
+ (current_user.ut.uid == session_info->utok.uid)) {
+ DEBUG(7, ("Skipping user change - already user\n"));
+
+ return true;
+ }
+
+ return change_to_user_internal(conn, session_info, UID_FIELD_INVALID);
}
/****************************************************************************
but modify the current_user entries.
****************************************************************************/
-BOOL change_to_root_user(void)
+bool change_to_root_user(void)
{
set_root_sec_ctx();
user. Doesn't modify current_user.
****************************************************************************/
-BOOL become_authenticated_pipe_user(pipes_struct *p)
+bool become_authenticated_pipe_user(struct pipes_struct *p)
{
if (!push_sec_ctx())
return False;
- set_sec_ctx(p->pipe_user.uid, p->pipe_user.gid,
- p->pipe_user.ngroups, p->pipe_user.groups, p->pipe_user.nt_user_token);
+ set_sec_ctx(p->session_info->utok.uid, p->session_info->utok.gid,
+ p->session_info->utok.ngroups, p->session_info->utok.groups,
+ p->session_info->security_token);
return True;
}
current_user.
****************************************************************************/
-BOOL unbecome_authenticated_pipe_user(void)
+bool unbecome_authenticated_pipe_user(void)
{
return pop_sec_ctx();
}
Utility functions used by become_xxx/unbecome_xxx.
****************************************************************************/
-struct conn_ctx {
- connection_struct *conn;
- uint16 vuid;
-};
-
-/* A stack of current_user connection contexts. */
-
-static struct conn_ctx conn_ctx_stack[MAX_SEC_CTX_DEPTH];
-static int conn_ctx_stack_ndx;
-
static void push_conn_ctx(void)
{
struct conn_ctx *ctx_p;
-
+
/* Check we don't overflow our stack */
-
+
if (conn_ctx_stack_ndx == MAX_SEC_CTX_DEPTH) {
DEBUG(0, ("Connection context stack overflow!\n"));
smb_panic("Connection context stack overflow!\n");
}
-
+
/* Store previous user context */
ctx_p = &conn_ctx_stack[conn_ctx_stack_ndx];
-
+
ctx_p->conn = current_user.conn;
ctx_p->vuid = current_user.vuid;
-
- DEBUG(3, ("push_conn_ctx(%u) : conn_ctx_stack_ndx = %d\n",
+
+ DEBUG(4, ("push_conn_ctx(%u) : conn_ctx_stack_ndx = %d\n",
(unsigned int)ctx_p->vuid, conn_ctx_stack_ndx ));
conn_ctx_stack_ndx++;
static void pop_conn_ctx(void)
{
struct conn_ctx *ctx_p;
-
+
/* Check for stack underflow. */
if (conn_ctx_stack_ndx == 0) {
ctx_p->vuid = UID_FIELD_INVALID;
}
-void init_conn_ctx(void)
-{
- int i;
-
- /* Initialise connection context stack */
- for (i = 0; i < MAX_SEC_CTX_DEPTH; i++) {
- conn_ctx_stack[i].conn = NULL;
- conn_ctx_stack[i].vuid = UID_FIELD_INVALID;
- }
-}
-
/****************************************************************************
Temporarily become a root user. Must match with unbecome_root(). Saves and
restores the connection context.
void become_root(void)
{
- push_sec_ctx();
+ /*
+ * no good way to handle push_sec_ctx() failing without changing
+ * the prototype of become_root()
+ */
+ if (!push_sec_ctx()) {
+ smb_panic("become_root: push_sec_ctx failed");
+ }
push_conn_ctx();
set_root_sec_ctx();
}
Saves and restores the connection context.
****************************************************************************/
-BOOL become_user(connection_struct *conn, uint16 vuid)
+bool become_user(connection_struct *conn, uint16 vuid)
{
if (!push_sec_ctx())
return False;
return True;
}
-BOOL unbecome_user(void)
+bool unbecome_user(void)
{
pop_sec_ctx();
pop_conn_ctx();
return True;
}
-/*****************************************************************
- Convert the suplimentary SIDs returned in a netlogon into UNIX
- group gid_t's. Add to the total group array.
-*****************************************************************/
-
-void add_supplementary_nt_login_groups(int *n_groups, gid_t **pp_groups, NT_USER_TOKEN **pptok)
-{
- int total_groups;
- int current_n_groups = *n_groups;
- gid_t *final_groups = NULL;
- size_t i;
- NT_USER_TOKEN *ptok = *pptok;
- NT_USER_TOKEN *new_tok = NULL;
-
- if (!ptok || (ptok->num_sids == 0))
- return;
-
- new_tok = dup_nt_token(ptok);
- if (!new_tok) {
- DEBUG(0,("add_supplementary_nt_login_groups: Failed to malloc new token\n"));
- return;
- }
- /* Leave the allocated space but empty the number of SIDs. */
- new_tok->num_sids = 0;
-
- total_groups = current_n_groups + ptok->num_sids;
-
- final_groups = (gid_t *)malloc(total_groups * sizeof(gid_t));
- if (!final_groups) {
- DEBUG(0,("add_supplementary_nt_login_groups: Failed to malloc new groups.\n"));
- delete_nt_token(&new_tok);
- return;
- }
-
- memcpy(final_groups, *pp_groups, current_n_groups * sizeof(gid_t));
- for (i = 0; i < ptok->num_sids; i++) {
- gid_t new_grp;
-
- if (NT_STATUS_IS_OK(sid_to_gid(&ptok->user_sids[i], &new_grp))) {
- /*
- * Don't add the gid_t if it is already in the current group
- * list. Some UNIXen don't like the same group more than once.
- */
- int j;
-
- for (j = 0; j < current_n_groups; j++)
- if (final_groups[j] == new_grp)
- break;
-
- if ( j == current_n_groups) {
- /* Group not already present. */
- final_groups[current_n_groups++] = new_grp;
- }
- } else {
- /* SID didn't map. Copy to the new token to be saved. */
- sid_copy(&new_tok->user_sids[new_tok->num_sids++], &ptok->user_sids[i]);
- }
- }
-
- SAFE_FREE(*pp_groups);
- *pp_groups = final_groups;
- *n_groups = current_n_groups;
-
- /* Replace the old token with the truncated one. */
- delete_nt_token(&ptok);
- *pptok = new_tok;
-}
-
-/*****************************************************************
- *THE CANONICAL* convert name to SID function.
- Tries local lookup first - for local domains - then uses winbind.
-*****************************************************************/
-
-BOOL lookup_name(const char *domain, const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type)
-{
- fstring sid;
- BOOL local_lookup = False;
-
- *name_type = SID_NAME_UNKNOWN;
-
- /* If we are looking up a domain user, make sure it is
- for the local machine only */
-
- if (strequal(global_myname(), domain)) {
- local_lookup = True;
- } else if (lp_server_role() == ROLE_DOMAIN_PDC ||
- lp_server_role() == ROLE_DOMAIN_BDC) {
- if (strequal(domain, lp_workgroup())) {
- local_lookup = True;
- }
- }
-
- if (local_lookup) {
- if (local_lookup_name(name, psid, name_type)) {
- DEBUG(10,
- ("lookup_name: (local) [%s]\\[%s] -> SID %s (type %s: %u)\n",
- domain, name, sid_to_string(sid,psid),
- sid_type_lookup(*name_type), (unsigned int)*name_type));
- return True;
- }
- } else {
- /* Remote */
- if (winbind_lookup_name(domain, name, psid, name_type)) {
-
- DEBUG(10,("lookup_name (winbindd): [%s]\\[%s] -> SID %s (type %u)\n",
- domain, name, sid_to_string(sid, psid),
- (unsigned int)*name_type));
- return True;
- }
- }
-
- DEBUG(10, ("lookup_name: %s lookup for [%s]\\[%s] failed\n",
- local_lookup ? "local" : "winbind", domain, name));
-
- return False;
-}
-
-/*****************************************************************
- *THE CANONICAL* convert SID to name function.
- Tries local lookup first - for local sids, then tries winbind.
-*****************************************************************/
-
-BOOL lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE *name_type)
-{
- if (!name_type)
- return False;
-
- *name_type = SID_NAME_UNKNOWN;
-
- /* Check if this is our own sid. This should perhaps be done by
- winbind? For the moment handle it here. */
-
- if (sid->num_auths == 5) {
- DOM_SID tmp_sid;
- uint32 rid;
-
- sid_copy(&tmp_sid, sid);
- sid_split_rid(&tmp_sid, &rid);
-
- if (sid_equal(get_global_sam_sid(), &tmp_sid)) {
-
- return map_domain_sid_to_name(&tmp_sid, dom_name) &&
- local_lookup_sid(sid, name, name_type);
- }
- }
-
- if (!winbind_lookup_sid(sid, dom_name, name, name_type)) {
- fstring sid_str;
- DOM_SID tmp_sid;
- uint32 rid;
-
- DEBUG(10,("lookup_sid: winbind lookup for SID %s failed - trying local.\n", sid_to_string(sid_str, sid) ));
-
- sid_copy(&tmp_sid, sid);
- sid_split_rid(&tmp_sid, &rid);
- return map_domain_sid_to_name(&tmp_sid, dom_name) &&
- lookup_known_rid(&tmp_sid, rid, name, name_type);
- }
- return True;
-}
-
-
-/*****************************************************************
- Id mapping cache. This is to avoid Winbind mappings already
- seen by smbd to be queried too frequently, keeping winbindd
- busy, and blocking smbd while winbindd is busy with other
- stuff. Written by Michael Steffens <michael.steffens@hp.com>,
- modified to use linked lists by jra.
-*****************************************************************/
-
-#define MAX_UID_SID_CACHE_SIZE 100
-#define TURNOVER_UID_SID_CACHE_SIZE 10
-#define MAX_GID_SID_CACHE_SIZE 100
-#define TURNOVER_GID_SID_CACHE_SIZE 10
-
-static size_t n_uid_sid_cache = 0;
-static size_t n_gid_sid_cache = 0;
-
-static struct uid_sid_cache {
- struct uid_sid_cache *next, *prev;
- uid_t uid;
- DOM_SID sid;
- enum SID_NAME_USE sidtype;
-} *uid_sid_cache_head;
-
-static struct gid_sid_cache {
- struct gid_sid_cache *next, *prev;
- gid_t gid;
- DOM_SID sid;
- enum SID_NAME_USE sidtype;
-} *gid_sid_cache_head;
-
-/*****************************************************************
- Find a SID given a uid.
-*****************************************************************/
-
-static BOOL fetch_sid_from_uid_cache(DOM_SID *psid, uid_t uid)
-{
- struct uid_sid_cache *pc;
-
- for (pc = uid_sid_cache_head; pc; pc = pc->next) {
- if (pc->uid == uid) {
- fstring sid;
- *psid = pc->sid;
- DEBUG(3,("fetch sid from uid cache %u -> %s\n",
- (unsigned int)uid, sid_to_string(sid, psid)));
- DLIST_PROMOTE(uid_sid_cache_head, pc);
- return True;
- }
- }
- return False;
-}
-
-/*****************************************************************
- Find a uid given a SID.
-*****************************************************************/
-
-static BOOL fetch_uid_from_cache( uid_t *puid, const DOM_SID *psid )
-{
- struct uid_sid_cache *pc;
-
- for (pc = uid_sid_cache_head; pc; pc = pc->next) {
- if (sid_compare(&pc->sid, psid) == 0) {
- fstring sid;
- *puid = pc->uid;
- DEBUG(3,("fetch uid from cache %u -> %s\n",
- (unsigned int)*puid, sid_to_string(sid, psid)));
- DLIST_PROMOTE(uid_sid_cache_head, pc);
- return True;
- }
- }
- return False;
-}
-
-/*****************************************************************
- Store uid to SID mapping in cache.
-*****************************************************************/
-
-static void store_uid_sid_cache(const DOM_SID *psid, uid_t uid)
-{
- struct uid_sid_cache *pc;
-
- if (n_uid_sid_cache >= MAX_UID_SID_CACHE_SIZE && n_uid_sid_cache > TURNOVER_UID_SID_CACHE_SIZE) {
- /* Delete the last TURNOVER_UID_SID_CACHE_SIZE entries. */
- struct uid_sid_cache *pc_next;
- size_t i;
-
- for (i = 0, pc = uid_sid_cache_head; i < (n_uid_sid_cache - TURNOVER_UID_SID_CACHE_SIZE); i++, pc = pc->next)
- ;
- for(; pc; pc = pc_next) {
- pc_next = pc->next;
- DLIST_REMOVE(uid_sid_cache_head,pc);
- SAFE_FREE(pc);
- n_uid_sid_cache--;
- }
- }
-
- pc = (struct uid_sid_cache *)malloc(sizeof(struct uid_sid_cache));
- if (!pc)
- return;
- pc->uid = uid;
- sid_copy(&pc->sid, psid);
- DLIST_ADD(uid_sid_cache_head, pc);
- n_uid_sid_cache++;
-}
-
-/*****************************************************************
- Find a SID given a gid.
-*****************************************************************/
+/****************************************************************************
+ Return the current user we are running effectively as on this connection.
+ I'd like to make this return conn->session_info->utok.uid, but become_root()
+ doesn't alter this value.
+****************************************************************************/
-static BOOL fetch_sid_from_gid_cache(DOM_SID *psid, gid_t gid)
+uid_t get_current_uid(connection_struct *conn)
{
- struct gid_sid_cache *pc;
-
- for (pc = gid_sid_cache_head; pc; pc = pc->next) {
- if (pc->gid == gid) {
- fstring sid;
- *psid = pc->sid;
- DEBUG(3,("fetch sid from gid cache %u -> %s\n",
- (unsigned int)gid, sid_to_string(sid, psid)));
- DLIST_PROMOTE(gid_sid_cache_head, pc);
- return True;
- }
- }
- return False;
+ return current_user.ut.uid;
}
-/*****************************************************************
- Find a gid given a SID.
-*****************************************************************/
+/****************************************************************************
+ Return the current group we are running effectively as on this connection.
+ I'd like to make this return conn->session_info->utok.gid, but become_root()
+ doesn't alter this value.
+****************************************************************************/
-static BOOL fetch_gid_from_cache(gid_t *pgid, const DOM_SID *psid)
+gid_t get_current_gid(connection_struct *conn)
{
- struct gid_sid_cache *pc;
-
- for (pc = gid_sid_cache_head; pc; pc = pc->next) {
- if (sid_compare(&pc->sid, psid) == 0) {
- fstring sid;
- *pgid = pc->gid;
- DEBUG(3,("fetch uid from cache %u -> %s\n",
- (unsigned int)*pgid, sid_to_string(sid, psid)));
- DLIST_PROMOTE(gid_sid_cache_head, pc);
- return True;
- }
- }
- return False;
+ return current_user.ut.gid;
}
-/*****************************************************************
- Store gid to SID mapping in cache.
-*****************************************************************/
-
-static void store_gid_sid_cache(const DOM_SID *psid, gid_t gid)
-{
- struct gid_sid_cache *pc;
-
- if (n_gid_sid_cache >= MAX_GID_SID_CACHE_SIZE && n_gid_sid_cache > TURNOVER_GID_SID_CACHE_SIZE) {
- /* Delete the last TURNOVER_GID_SID_CACHE_SIZE entries. */
- struct gid_sid_cache *pc_next;
- size_t i;
-
- for (i = 0, pc = gid_sid_cache_head; i < (n_gid_sid_cache - TURNOVER_GID_SID_CACHE_SIZE); i++, pc = pc->next)
- ;
- for(; pc; pc = pc_next) {
- pc_next = pc->next;
- DLIST_REMOVE(gid_sid_cache_head,pc);
- SAFE_FREE(pc);
- n_gid_sid_cache--;
- }
- }
-
- pc = (struct gid_sid_cache *)malloc(sizeof(struct gid_sid_cache));
- if (!pc)
- return;
- pc->gid = gid;
- sid_copy(&pc->sid, psid);
- DLIST_ADD(gid_sid_cache_head, pc);
- n_gid_sid_cache++;
-}
-
-/*****************************************************************
- *THE CANONICAL* convert uid_t to SID function.
- check idmap if uid is in idmap range, otherwise falls back to
- the legacy algorithmic mapping.
- A special cache is used for uids that maps to Wellknown SIDs
- Returns SID pointer.
-*****************************************************************/
+/****************************************************************************
+ Return the UNIX token we are running effectively as on this connection.
+ I'd like to make this return &conn->session_info->utok, but become_root()
+ doesn't alter this value.
+****************************************************************************/
-NTSTATUS uid_to_sid(DOM_SID *psid, uid_t uid)
+const struct security_unix_token *get_current_utok(connection_struct *conn)
{
- uid_t low, high;
- fstring sid;
-
- ZERO_STRUCTP(psid);
-
- if (fetch_sid_from_uid_cache(psid, uid))
- return ( psid ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL );
-
- if (lp_idmap_uid(&low, &high) && uid >= low && uid <= high) {
- if (winbind_uid_to_sid(psid, uid)) {
-
- DEBUG(10,("uid_to_sid: winbindd %u -> %s\n",
- (unsigned int)uid, sid_to_string(sid, psid)));
-
- if (psid)
- store_uid_sid_cache(psid, uid);
- return ( psid ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL );
- }
- }
-
- if (!local_uid_to_sid(psid, uid)) {
- DEBUG(10,("uid_to_sid: local %u failed to map to sid\n", (unsigned int)uid ));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- DEBUG(10,("uid_to_sid: local %u -> %s\n", (unsigned int)uid, sid_to_string(sid, psid)));
-
- store_uid_sid_cache(psid, uid);
- return NT_STATUS_OK;
+ return ¤t_user.ut;
}
-/*****************************************************************
- *THE CANONICAL* convert gid_t to SID function.
- check idmap if gid is in idmap range, otherwise falls back to
- the legacy algorithmic mapping.
- Group mapping is used for gids that maps to Wellknown SIDs
- Returns SID pointer.
-*****************************************************************/
-
-NTSTATUS gid_to_sid(DOM_SID *psid, gid_t gid)
+const struct security_token *get_current_nttok(connection_struct *conn)
{
- gid_t low, high;
- fstring sid;
-
- ZERO_STRUCTP(psid);
-
- if (fetch_sid_from_gid_cache(psid, gid))
- return ( psid ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL );
-
- if (lp_idmap_gid(&low, &high) && gid >= low && gid <= high) {
- if (winbind_gid_to_sid(psid, gid)) {
-
- DEBUG(10,("gid_to_sid: winbindd %u -> %s\n",
- (unsigned int)gid, sid_to_string(sid, psid)));
-
- if (psid)
- store_gid_sid_cache(psid, gid);
- return ( psid ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL );
- }
- }
-
- if (!local_gid_to_sid(psid, gid)) {
- DEBUG(10,("gid_to_sid: local %u failed to map to sid\n", (unsigned int)gid ));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- DEBUG(10,("gid_to_sid: local %u -> %s\n", (unsigned int)gid, sid_to_string(sid, psid)));
-
- store_gid_sid_cache(psid, gid);
- return NT_STATUS_OK;
+ return current_user.nt_user_token;
}
-/*****************************************************************
- *THE CANONICAL* convert SID to uid function.
- if it is a foreign sid or it is in idmap rid range check idmap,
- otherwise falls back to the legacy algorithmic mapping.
- A special cache is used for uids that maps to Wellknown SIDs
- Returns True if this name is a user sid and the conversion
- was done correctly, False if not.
-*****************************************************************/
-
-NTSTATUS sid_to_uid(const DOM_SID *psid, uid_t *puid)
-{
- fstring dom_name, name, sid_str;
- enum SID_NAME_USE name_type;
- BOOL ret;
-
- if (fetch_uid_from_cache(puid, psid))
- return NT_STATUS_OK;
-
- /* if this is our DIS then go straight to a local lookup */
-
- if ( sid_compare_domain(get_global_sam_sid(), psid) == 0 ) {
- DEBUG(10,("sid_to_uid: my domain (%s) - trying local.\n",
- sid_string_static(psid) ));
-
- if ( (ret = local_sid_to_uid(puid, psid, &name_type)) == True )
- store_uid_sid_cache(psid, *puid);
-
- return (ret ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL);
- }
-
-
- /* look up the name and decide if this is a user sid */
-
- if ( (!winbind_lookup_sid(psid, dom_name, name, &name_type)) || (name_type != SID_NAME_USER) ) {
- DEBUG(10,("sid_to_uid: winbind lookup for sid %s failed - trying local.\n",
- sid_string_static(psid) ));
-
- if ( (ret = local_sid_to_uid(puid, psid, &name_type)) == True )
- store_uid_sid_cache(psid, *puid);
-
- return (ret ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL);
- }
-
- /*
- * Ensure this is a user sid.
- */
-
- if (name_type != SID_NAME_USER) {
- DEBUG(10,("sid_to_uid: winbind lookup succeeded but SID is not a uid (%u)\n",
- (unsigned int)name_type ));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* query only first */
-
- if ( !winbind_sid_to_uid_query(puid, psid) ) {
- DEBUG(10,("sid_to_uid: winbind query for sid %s failed.\n",
- sid_to_string(sid_str, psid) ));
-
- /* see if we have a local mapping */
-
- if ( local_sid_to_uid(puid, psid, &name_type) ) {
- store_uid_sid_cache(psid, *puid);
- return NT_STATUS_OK;
- }
-
- /* Call back to winbind to allocate a new uid */
-
- if ( !winbind_sid_to_uid(puid, psid) ) {
- DEBUG(10,("sid_to_uid: winbind failed to allocate a new uid for sid %s\n",
- sid_to_string(sid_str, psid) ));
- return NT_STATUS_UNSUCCESSFUL;
- }
- }
-
- DEBUG(10,("sid_to_uid: %s -> %u\n", sid_to_string(sid_str, psid),
- (unsigned int)*puid ));
-
- store_uid_sid_cache(psid, *puid);
-
- return NT_STATUS_OK;
-}
-/*****************************************************************
- *THE CANONICAL* convert SID to gid function.
- if it is a foreign sid or it is in idmap rid range check idmap,
- otherwise falls back to the legacy algorithmic mapping.
- Group mapping is used for gids that maps to Wellknown SIDs
- Returns True if this name is a user sid and the conversion
- was done correctly, False if not.
-*****************************************************************/
-
-NTSTATUS sid_to_gid(const DOM_SID *psid, gid_t *pgid)
+uint16_t get_current_vuid(connection_struct *conn)
{
- fstring dom_name, name, sid_str;
- enum SID_NAME_USE name_type;
- BOOL ret;
-
- if (fetch_gid_from_cache(pgid, psid))
- return NT_STATUS_OK;
-
- /*
- * First we must look up the name and decide if this is a group sid.
- */
-
- if (!winbind_lookup_sid(psid, dom_name, name, &name_type)) {
- DEBUG(10,("sid_to_gid: winbind lookup for sid %s failed - trying local.\n",
- sid_to_string(sid_str, psid) ));
-
- ret = local_sid_to_gid(pgid, psid, &name_type);
- if (ret)
- store_gid_sid_cache(psid, *pgid);
-
- return (ret ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL);
- }
-
- /*
- * Ensure this is a group sid.
- */
-
- if ((name_type != SID_NAME_DOM_GRP) && (name_type != SID_NAME_ALIAS) && (name_type != SID_NAME_WKN_GRP)) {
- DEBUG(10,("sid_to_gid: winbind lookup succeeded but SID is not a known group (%u)\n",
- (unsigned int)name_type ));
-
- ret = local_sid_to_gid(pgid, psid, &name_type);
- if (ret)
- store_gid_sid_cache(psid, *pgid);
- return (ret ? NT_STATUS_OK : NT_STATUS_INVALID_PARAMETER);
- }
-
- /* query only first */
-
- if ( !winbind_sid_to_gid_query(pgid, psid) ) {
- DEBUG(10,("sid_to_gid: winbind query for sid %s failed.\n",
- sid_to_string(sid_str, psid) ));
-
- /* see if we have a local mapping */
-
- if ( local_sid_to_gid(pgid, psid, &name_type) ) {
- store_gid_sid_cache(psid, *pgid);
- return NT_STATUS_OK;
- }
-
- /* Call back to winbind to allocate a new uid */
-
- if ( !winbind_sid_to_gid(pgid, psid) ) {
- DEBUG(10,("sid_to_uid: winbind failed to allocate a new gid for sid %s\n",
- sid_to_string(sid_str, psid) ));
- return NT_STATUS_UNSUCCESSFUL;
- }
- else
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- DEBUG(10,("sid_to_gid: %s -> %u\n", sid_to_string(sid_str, psid),
- (unsigned int)*pgid ));
-
- store_gid_sid_cache(psid, *pgid);
-
- return NT_STATUS_OK;
+ return current_user.vuid;
}