s3: Implement wbcGetpwsid
authorDan Sledz <dsledz@isilon.com>
Tue, 10 Feb 2009 19:06:44 +0000 (11:06 -0800)
committerSteven Danneman <steven.danneman@isilon.com>
Thu, 12 Feb 2009 03:39:15 +0000 (19:39 -0800)
* Adds the plumbing required to lookup users by sid into winbind, wbinfo
  and smbd helper lib (winbind_util.c).
* Removes some double declarations of winbind_util.c functions.
* Bumps the winbind protocol version to 21 and the minor version of
  wbclient to 3.

nsswitch/libwbclient/wbc_pwd.c
nsswitch/libwbclient/wbclient.h
nsswitch/wbinfo.c
nsswitch/winbind_struct_protocol.h
source3/include/proto.h
source3/lib/winbind_util.c
source3/winbindd/winbindd.c
source3/winbindd/winbindd_proto.h
source3/winbindd/winbindd_user.c

index cd94599..dacd949 100644 (file)
@@ -190,6 +190,45 @@ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd)
        return wbc_status;
 }
 
+/* Fill in a struct passwd* for a domain user based on sid */
+wbcErr wbcGetpwsid(struct wbcDomainSid *sid, struct passwd **pwd)
+{
+       wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+       struct winbindd_request request;
+       struct winbindd_response response;
+       char * sid_string = NULL;
+
+       if (!pwd) {
+               wbc_status = WBC_ERR_INVALID_PARAM;
+               BAIL_ON_WBC_ERROR(wbc_status);
+       }
+
+       wbc_status = wbcSidToString(sid, &sid_string);
+       BAIL_ON_WBC_ERROR(wbc_status);
+
+       /* Initialize request */
+
+       ZERO_STRUCT(request);
+       ZERO_STRUCT(response);
+
+       strncpy(request.data.sid, sid_string, sizeof(request.data.sid));
+
+       wbc_status = wbcRequestResponse(WINBINDD_GETPWSID,
+                                       &request,
+                                       &response);
+       BAIL_ON_WBC_ERROR(wbc_status);
+
+       *pwd = copy_passwd_entry(&response.data.pw);
+       BAIL_ON_PTR_ERROR(*pwd, wbc_status);
+
+ done:
+       if (sid_string) {
+               wbcFreeMemory(sid_string);
+       }
+
+       return wbc_status;
+}
+
 /* Fill in a struct passwd* for a domain user based on username */
 wbcErr wbcGetgrnam(const char *name, struct group **grp)
 {
index 990cc52..4663624 100644 (file)
@@ -60,9 +60,10 @@ const char *wbcErrorString(wbcErr error);
  *  0.1: Initial version
  *  0.2: Added wbcRemoveUidMapping()
  *       Added wbcRemoveGidMapping()
+ *  0.3: Added wbcGetpwsid()
  **/
 #define WBCLIENT_MAJOR_VERSION 0
-#define WBCLIENT_MINOR_VERSION 2
+#define WBCLIENT_MINOR_VERSION 3
 #define WBCLIENT_VENDOR_VERSION "Samba libwbclient"
 struct wbcLibraryDetails {
        uint16_t major_version;
@@ -836,6 +837,17 @@ wbcErr wbcGetpwnam(const char *name, struct passwd **pwd);
  **/
 wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd);
 
+/**
+ * @brief Fill in a struct passwd* for a domain user based
+ *   on sid
+ *
+ * @param sid       Sid to lookup
+ * @param **pwd     Pointer to resulting struct passwd* from the query.
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcGetpwsid(struct wbcDomainSid * sid, struct passwd **pwd);
+
 /**
  * @brief Fill in a struct passwd* for a domain user based
  *   on username
index ce53cad..372896c 100644 (file)
@@ -202,6 +202,31 @@ static bool wbinfo_get_uidinfo(int uid)
        return true;
 }
 
+static bool wbinfo_get_user_sidinfo(const char *sid_str)
+{
+       wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+       struct passwd *pwd = NULL;
+       struct wbcDomainSid sid;
+
+       wbc_status = wbcStringToSid(sid_str, &sid);
+       wbc_status = wbcGetpwsid(&sid, &pwd);
+       if (!WBC_ERROR_IS_OK(wbc_status)) {
+               return false;
+       }
+
+       d_printf("%s:%s:%d:%d:%s:%s:%s\n",
+                pwd->pw_name,
+                pwd->pw_passwd,
+                pwd->pw_uid,
+                pwd->pw_gid,
+                pwd->pw_gecos,
+                pwd->pw_dir,
+                pwd->pw_shell);
+
+       return true;
+}
+
+
 /* pull grent for a given group */
 static bool wbinfo_get_groupinfo(const char *group)
 {
@@ -1564,6 +1589,7 @@ enum {
        OPT_LIST_ALL_DOMAINS,
        OPT_LIST_OWN_DOMAIN,
        OPT_UID_INFO,
+       OPT_USER_SIDINFO,
        OPT_GROUP_INFO,
        OPT_GID_INFO,
        OPT_VERBOSE,
@@ -1622,6 +1648,7 @@ int main(int argc, char **argv, char **envp)
                { "user-info", 'i', POPT_ARG_STRING, &string_arg, 'i', "Get user info", "USER" },
                { "uid-info", 0, POPT_ARG_INT, &int_arg, OPT_UID_INFO, "Get user info from uid", "UID" },
                { "group-info", 0, POPT_ARG_STRING, &string_arg, OPT_GROUP_INFO, "Get group info", "GROUP" },
+               { "user-sidinfo", 0, POPT_ARG_STRING, &string_arg, OPT_USER_SIDINFO, "Get user info from sid", "SID" },
                { "gid-info", 0, POPT_ARG_INT, &int_arg, OPT_GID_INFO, "Get group info from gid", "GID" },
                { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" },
                { "user-domgroups", 0, POPT_ARG_STRING, &string_arg,
@@ -1860,6 +1887,13 @@ int main(int argc, char **argv, char **envp)
                                goto done;
                        }
                        break;
+               case OPT_USER_SIDINFO:
+                       if ( !wbinfo_get_user_sidinfo(string_arg)) {
+                               d_fprintf(stderr, "Could not get info for user sid %s\n",
+                                   string_arg);
+                               goto done;
+                       }
+                       break;
                case OPT_UID_INFO:
                        if ( !wbinfo_get_uidinfo(int_arg)) {
                                d_fprintf(stderr, "Could not get info for uid "
index 0b3e744..26e45f3 100644 (file)
 #define WINBINDD_DONT_ENV    "_NO_WINBINDD"
 #define WINBINDD_LOCATOR_KDC_ADDRESS "WINBINDD_LOCATOR_KDC_ADDRESS"
 
-/* Update this when you change the interface.  */
-
-#define WINBIND_INTERFACE_VERSION 20
+/* Update this when you change the interface.
+ * 21: added WINBINDD_GETPWSID
+ *     added WINBINDD_GETSIDALIASES
+ */
+#define WINBIND_INTERFACE_VERSION 21
 
 /* Have to deal with time_t being 4 or 8 bytes due to structure alignment.
    On a 64bit Linux box, we have to support a constant structure size
@@ -60,6 +62,7 @@ enum winbindd_cmd {
 
        WINBINDD_GETPWNAM,
        WINBINDD_GETPWUID,
+       WINBINDD_GETPWSID,
        WINBINDD_GETGRNAM,
        WINBINDD_GETGRGID,
        WINBINDD_GETGROUPS,
index 8f05c94..6ba1fa6 100644 (file)
@@ -1660,6 +1660,8 @@ bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid);
 bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid);
 bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid);
 bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid);
+struct passwd * winbind_getpwnam(const char * sname);
+struct passwd * winbind_getpwsid(const DOM_SID *sid);
 wbcErr wb_is_trusted_domain(const char *domain);
 bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
                         const DOM_SID *domain_sid,
@@ -1668,22 +1670,6 @@ bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
                         const char ***names, enum lsa_SidType **types);
 bool winbind_allocate_uid(uid_t *uid);
 bool winbind_allocate_gid(gid_t *gid);
-bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, 
-                         enum lsa_SidType *name_type);
-bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, 
-                       const char **domain, const char **name,
-                        enum lsa_SidType *name_type);
-bool winbind_ping(void);
-bool winbind_sid_to_uid(uid_t *puid, const DOM_SID *sid);
-bool winbind_uid_to_sid(DOM_SID *sid, uid_t uid);
-bool winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid);
-bool winbind_gid_to_sid(DOM_SID *sid, gid_t gid);
-wbcErr wb_is_trusted_domain(const char *domain);
-bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
-                        const DOM_SID *domain_sid,
-                        int num_rids, uint32 *rids,
-                        const char **domain_name,
-                        const char ***names, enum lsa_SidType **types);
 
 /* The following definitions come from lib/wins_srv.c  */
 
index 14356b0..686e70f 100644 (file)
 
 #include "nsswitch/libwbclient/wbclient.h"
 
+struct passwd * winbind_getpwnam(const char * name)
+{
+       wbcErr result;
+       struct passwd * tmp_pwd = NULL;
+       struct passwd * pwd = NULL;
+
+       result = wbcGetpwnam(name, &tmp_pwd);
+       if (result != WBC_ERR_SUCCESS)
+               return pwd;
+
+       pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
+
+       wbcFreeMemory(tmp_pwd);
+
+       return pwd;
+}
+
+struct passwd * winbind_getpwsid(const DOM_SID *sid)
+{
+       wbcErr result;
+       struct passwd * tmp_pwd = NULL;
+       struct passwd * pwd = NULL;
+       struct wbcDomainSid dom_sid;
+
+       memcpy(&dom_sid, sid, sizeof(dom_sid));
+
+       result = wbcGetpwsid(&dom_sid, &tmp_pwd);
+       if (result != WBC_ERR_SUCCESS)
+               return pwd;
+
+       pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
+
+       wbcFreeMemory(tmp_pwd);
+
+       return pwd;
+}
+
 /* Call winbindd to convert a name to a sid */
 
 bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, 
@@ -236,6 +273,16 @@ bool winbind_allocate_gid(gid_t *gid)
 
 #else      /* WITH_WINBIND */
 
+struct passwd * winbind_getpwnam(const char * name)
+{
+       return NULL;
+}
+
+struct passwd * winbind_getpwsid(const DOM_SID *sid)
+{
+       return NULL;
+}
+
 bool winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, 
                          enum lsa_SidType *name_type)
 {
index 5720bfc..218076c 100644 (file)
@@ -420,6 +420,7 @@ static struct winbindd_dispatch_table {
 
        { WINBINDD_GETPWNAM, winbindd_getpwnam, "GETPWNAM" },
        { WINBINDD_GETPWUID, winbindd_getpwuid, "GETPWUID" },
+       { WINBINDD_GETPWSID, winbindd_getpwsid, "GETPWSID" },
 
        { WINBINDD_SETPWENT, winbindd_setpwent, "SETPWENT" },
        { WINBINDD_ENDPWENT, winbindd_endpwent, "ENDPWENT" },
index c302dd1..58df8d8 100644 (file)
@@ -495,6 +495,7 @@ enum winbindd_result winbindd_dual_userinfo(struct winbindd_domain *domain,
                                            struct winbindd_cli_state *state);
 void winbindd_getpwnam(struct winbindd_cli_state *state);
 void winbindd_getpwuid(struct winbindd_cli_state *state);
+void winbindd_getpwsid(struct winbindd_cli_state *state);
 void winbindd_setpwent(struct winbindd_cli_state *state);
 void winbindd_endpwent(struct winbindd_cli_state *state);
 void winbindd_getpwent(struct winbindd_cli_state *state);
index a6740b1..50aea4e 100644 (file)
@@ -217,8 +217,8 @@ static void getpwsid_queryuser_recv(void *private_data, bool success,
 static void getpwsid_sid2uid_recv(void *private_data, bool success, uid_t uid);
 static void getpwsid_sid2gid_recv(void *private_data, bool success, gid_t gid);
 
-static void winbindd_getpwsid(struct winbindd_cli_state *state,
-                             const DOM_SID *sid)
+static void getpwsid_queryuser(struct winbindd_cli_state *state,
+                               const DOM_SID *sid)
 {
        struct getpwsid_state *s;
 
@@ -509,7 +509,7 @@ static void getpwnam_name2sid_recv(void *private_data, bool success,
                check_domain_trusted(domname, sid);
        }
 
-       winbindd_getpwsid(state, sid);
+       getpwsid_queryuser(state, sid);
 }
 
 static void getpwuid_recv(void *private_data, bool success, const char *sid)
@@ -535,7 +535,7 @@ static void getpwuid_recv(void *private_data, bool success, const char *sid)
                return;
        }
 
-       winbindd_getpwsid(state, &user_sid);
+       getpwsid_queryuser(state, &user_sid);
 }
 
 /* Return a password structure given a uid number */
@@ -553,6 +553,26 @@ void winbindd_getpwuid(struct winbindd_cli_state *state)
        winbindd_uid2sid_async(state->mem_ctx, uid, getpwuid_recv, state);
 }
 
+/* Return a password structure given a sid */
+void winbindd_getpwsid(struct winbindd_cli_state *state)
+{
+       DOM_SID sid;
+
+       /* Ensure null termination */
+       state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
+
+       DEBUG(3, ("[%5lu]: getpwsid %s\n", (unsigned long)state->pid,
+                 state->request.data.sid));
+
+       if (!string_to_sid(&sid, state->request.data.sid)) {
+               DEBUG(5, ("%s not a SID\n", state->request.data.sid));
+               request_error(state);
+               return;
+       }
+
+       getpwsid_queryuser(state, &sid);
+}
+
 /*
  * set/get/endpwent functions
  */